dpp-util: allow for mutual authentication in i/r_auth
When using mutual authentication an additional value needs to be hashed when deriving i/r_auth values. A NULL value indicates no mutual authentication (zero length iovec is passed to hash).
This commit is contained in:
James Prestwood
Denis Kenzior
parent
0c9df85f5e
commit
808f8eea34
|
|
@ -551,12 +551,14 @@ static bool dpp_hkdf(enum l_checksum_type sha, const void *salt,
|
|||
bool dpp_derive_r_auth(const void *i_nonce, const void *r_nonce,
|
||||
size_t nonce_len, struct l_ecc_point *i_proto,
|
||||
struct l_ecc_point *r_proto,
|
||||
struct l_ecc_point *i_boot,
|
||||
struct l_ecc_point *r_boot,
|
||||
void *r_auth)
|
||||
{
|
||||
uint64_t pix[L_ECC_MAX_DIGITS];
|
||||
uint64_t prx[L_ECC_MAX_DIGITS];
|
||||
uint64_t brx[L_ECC_MAX_DIGITS];
|
||||
uint64_t bix[L_ECC_MAX_DIGITS];
|
||||
size_t keys_len;
|
||||
uint8_t zero = 0;
|
||||
enum l_checksum_type type;
|
||||
|
|
@ -565,24 +567,30 @@ bool dpp_derive_r_auth(const void *i_nonce, const void *r_nonce,
|
|||
l_ecc_point_get_x(r_proto, prx, sizeof(prx));
|
||||
l_ecc_point_get_x(r_boot, brx, sizeof(brx));
|
||||
|
||||
if (i_boot)
|
||||
l_ecc_point_get_x(i_boot, bix, sizeof(bix));
|
||||
|
||||
type = dpp_sha_from_key_len(keys_len);
|
||||
|
||||
/*
|
||||
* R-auth = H(I-nonce | R-nonce | PI.x | PR.x | [ BI.x | ] BR.x | 0)
|
||||
*/
|
||||
return dpp_hash(type, r_auth, 6, i_nonce, nonce_len, r_nonce, nonce_len,
|
||||
pix, keys_len, prx, keys_len, brx, keys_len,
|
||||
return dpp_hash(type, r_auth, 7, i_nonce, nonce_len, r_nonce, nonce_len,
|
||||
pix, keys_len, prx, keys_len,
|
||||
bix, i_boot ? keys_len : 0, brx, keys_len,
|
||||
&zero, (size_t) 1);
|
||||
}
|
||||
|
||||
bool dpp_derive_i_auth(const void *r_nonce, const void *i_nonce,
|
||||
size_t nonce_len, struct l_ecc_point *r_proto,
|
||||
struct l_ecc_point *i_proto,
|
||||
struct l_ecc_point *r_boot, void *i_auth)
|
||||
struct l_ecc_point *r_boot,
|
||||
struct l_ecc_point *i_boot, void *i_auth)
|
||||
{
|
||||
uint64_t prx[L_ECC_MAX_DIGITS];
|
||||
uint64_t pix[L_ECC_MAX_DIGITS];
|
||||
uint64_t brx[L_ECC_MAX_DIGITS];
|
||||
uint64_t bix[L_ECC_MAX_DIGITS];
|
||||
size_t keys_len;
|
||||
uint8_t one = 1;
|
||||
enum l_checksum_type type;
|
||||
|
|
@ -591,13 +599,17 @@ bool dpp_derive_i_auth(const void *r_nonce, const void *i_nonce,
|
|||
l_ecc_point_get_x(i_proto, pix, sizeof(pix));
|
||||
l_ecc_point_get_x(r_boot, brx, sizeof(brx));
|
||||
|
||||
if (i_boot)
|
||||
l_ecc_point_get_x(i_boot, bix, sizeof(bix));
|
||||
|
||||
type = dpp_sha_from_key_len(keys_len);
|
||||
|
||||
/*
|
||||
* I-auth = H(R-nonce | I-nonce | PR.x | PI.x | BR.x | [ BI.x | ] 1)
|
||||
*/
|
||||
return dpp_hash(type, i_auth, 6, r_nonce, nonce_len, i_nonce, nonce_len,
|
||||
return dpp_hash(type, i_auth, 7, r_nonce, nonce_len, i_nonce, nonce_len,
|
||||
prx, keys_len, pix, keys_len, brx, keys_len,
|
||||
bix, i_boot ? keys_len : 0,
|
||||
&one, (size_t) 1);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -160,12 +160,14 @@ bool dpp_hash(enum l_checksum_type type, uint8_t *out, unsigned int num, ...);
|
|||
bool dpp_derive_r_auth(const void *i_nonce, const void *r_nonce,
|
||||
size_t nonce_len, struct l_ecc_point *i_proto,
|
||||
struct l_ecc_point *r_proto,
|
||||
struct l_ecc_point *i_boot,
|
||||
struct l_ecc_point *r_boot,
|
||||
void *r_auth);
|
||||
bool dpp_derive_i_auth(const void *r_nonce, const void *i_nonce,
|
||||
size_t nonce_len, struct l_ecc_point *r_proto,
|
||||
struct l_ecc_point *i_proto,
|
||||
struct l_ecc_point *r_boot, void *i_auth);
|
||||
struct l_ecc_point *r_boot,
|
||||
struct l_ecc_point *i_boot, void *i_auth);
|
||||
struct l_ecc_scalar *dpp_derive_k1(const struct l_ecc_point *i_proto_public,
|
||||
const struct l_ecc_scalar *boot_private,
|
||||
void *k1);
|
||||
|
|
|
|||
|
|
@ -1336,7 +1336,7 @@ static void authenticate_confirm(struct dpp_sm *dpp, const uint8_t *from,
|
|||
|
||||
dpp_derive_i_auth(dpp->r_nonce, dpp->i_nonce, dpp->nonce_len,
|
||||
dpp->own_proto_public, dpp->peer_proto_public,
|
||||
dpp->boot_public, i_auth_check);
|
||||
dpp->boot_public, NULL, i_auth_check);
|
||||
|
||||
if (memcmp(i_auth, i_auth_check, i_auth_len)) {
|
||||
l_error("I-Auth did not verify");
|
||||
|
|
@ -1812,7 +1812,7 @@ static void authenticate_request(struct dpp_sm *dpp, const uint8_t *from,
|
|||
|
||||
if (!dpp_derive_r_auth(dpp->i_nonce, dpp->r_nonce, dpp->nonce_len,
|
||||
dpp->peer_proto_public, dpp->own_proto_public,
|
||||
dpp->boot_public, dpp->auth_tag))
|
||||
NULL, dpp->boot_public, dpp->auth_tag))
|
||||
goto auth_request_failed;
|
||||
|
||||
memcpy(dpp->peer_addr, from, 6);
|
||||
|
|
@ -2016,7 +2016,7 @@ static void authenticate_response(struct dpp_sm *dpp, const uint8_t *from,
|
|||
}
|
||||
|
||||
if (!dpp_derive_r_auth(i_nonce, r_nonce, dpp->nonce_len,
|
||||
dpp->own_proto_public, r_proto_key,
|
||||
dpp->own_proto_public, r_proto_key, NULL,
|
||||
dpp->peer_boot_public, r_auth_derived)) {
|
||||
l_debug("Failed to derive r_auth");
|
||||
return;
|
||||
|
|
@ -2029,7 +2029,7 @@ static void authenticate_response(struct dpp_sm *dpp, const uint8_t *from,
|
|||
|
||||
if (!dpp_derive_i_auth(r_nonce, i_nonce, dpp->nonce_len,
|
||||
r_proto_key, dpp->own_proto_public,
|
||||
dpp->peer_boot_public, dpp->auth_tag)) {
|
||||
dpp->peer_boot_public, NULL, dpp->auth_tag)) {
|
||||
l_debug("Could not derive I-Auth");
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue