Lines Matching refs:pkex
29 static struct wpabuf * dpp_pkex_build_exchange_req(struct dpp_pkex *pkex) in dpp_pkex_build_exchange_req() argument
37 const struct dpp_curve_params *curve = pkex->own_bi->curve; in dpp_pkex_build_exchange_req()
42 Qi = dpp_pkex_derive_Qi(curve, pkex->own_mac, pkex->code, in dpp_pkex_build_exchange_req()
43 pkex->identifier, &ec); in dpp_pkex_build_exchange_req()
54 pkex->x = dpp_set_keypair(&tmp_curve, in dpp_pkex_build_exchange_req()
58 pkex->x = dpp_gen_keypair(curve); in dpp_pkex_build_exchange_req()
61 pkex->x = dpp_gen_keypair(curve); in dpp_pkex_build_exchange_req()
63 if (!pkex->x) in dpp_pkex_build_exchange_req()
67 X = crypto_ec_key_get_public_key(pkex->x); in dpp_pkex_build_exchange_req()
79 if (pkex->identifier) in dpp_pkex_build_exchange_req()
80 attr_len += 4 + os_strlen(pkex->identifier); in dpp_pkex_build_exchange_req()
103 if (pkex->identifier) { in dpp_pkex_build_exchange_req()
105 wpabuf_put_le16(msg, os_strlen(pkex->identifier)); in dpp_pkex_build_exchange_req()
106 wpabuf_put_str(msg, pkex->identifier); in dpp_pkex_build_exchange_req()
134 os_memcpy(pkex->Mx, Mx, curve->prime_len); in dpp_pkex_build_exchange_req()
149 static void dpp_pkex_fail(struct dpp_pkex *pkex, const char *txt) in dpp_pkex_fail() argument
151 wpa_msg(pkex->msg_ctx, MSG_INFO, DPP_EVENT_FAIL "%s", txt); in dpp_pkex_fail()
160 struct dpp_pkex *pkex; in dpp_pkex_init() local
170 pkex = os_zalloc(sizeof(*pkex)); in dpp_pkex_init()
171 if (!pkex) in dpp_pkex_init()
173 pkex->msg_ctx = msg_ctx; in dpp_pkex_init()
174 pkex->initiator = 1; in dpp_pkex_init()
175 pkex->own_bi = bi; in dpp_pkex_init()
176 os_memcpy(pkex->own_mac, own_mac, ETH_ALEN); in dpp_pkex_init()
178 pkex->identifier = os_strdup(identifier); in dpp_pkex_init()
179 if (!pkex->identifier) in dpp_pkex_init()
182 pkex->code = os_strdup(code); in dpp_pkex_init()
183 if (!pkex->code) in dpp_pkex_init()
185 pkex->exchange_req = dpp_pkex_build_exchange_req(pkex); in dpp_pkex_init()
186 if (!pkex->exchange_req) in dpp_pkex_init()
188 return pkex; in dpp_pkex_init()
190 dpp_pkex_free(pkex); in dpp_pkex_init()
196 dpp_pkex_build_exchange_resp(struct dpp_pkex *pkex, in dpp_pkex_build_exchange_resp() argument
202 const struct dpp_curve_params *curve = pkex->own_bi->curve; in dpp_pkex_build_exchange_resp()
206 if (pkex->identifier) in dpp_pkex_build_exchange_resp()
207 attr_len += 4 + os_strlen(pkex->identifier); in dpp_pkex_build_exchange_resp()
233 if (pkex->identifier) { in dpp_pkex_build_exchange_resp()
235 wpabuf_put_le16(msg, os_strlen(pkex->identifier)); in dpp_pkex_build_exchange_resp()
236 wpabuf_put_str(msg, pkex->identifier); in dpp_pkex_build_exchange_resp()
264 os_memcpy(pkex->Nx, Nx, curve->prime_len); in dpp_pkex_build_exchange_resp()
319 struct dpp_pkex *pkex = NULL; in dpp_pkex_rx_exchange_req() local
366 pkex = os_zalloc(sizeof(*pkex)); in dpp_pkex_rx_exchange_req()
367 if (!pkex) in dpp_pkex_rx_exchange_req()
369 pkex->own_bi = bi; in dpp_pkex_rx_exchange_req()
370 pkex->failed = 1; in dpp_pkex_rx_exchange_req()
371 pkex->exchange_resp = dpp_pkex_build_exchange_resp( in dpp_pkex_rx_exchange_req()
372 pkex, DPP_STATUS_BAD_GROUP, NULL, NULL); in dpp_pkex_rx_exchange_req()
373 if (!pkex->exchange_resp) in dpp_pkex_rx_exchange_req()
375 return pkex; in dpp_pkex_rx_exchange_req()
411 pkex = os_zalloc(sizeof(*pkex)); in dpp_pkex_rx_exchange_req()
412 if (!pkex) in dpp_pkex_rx_exchange_req()
414 pkex->t = bi->pkex_t; in dpp_pkex_rx_exchange_req()
415 pkex->msg_ctx = msg_ctx; in dpp_pkex_rx_exchange_req()
416 pkex->own_bi = bi; in dpp_pkex_rx_exchange_req()
417 os_memcpy(pkex->own_mac, own_mac, ETH_ALEN); in dpp_pkex_rx_exchange_req()
418 os_memcpy(pkex->peer_mac, peer_mac, ETH_ALEN); in dpp_pkex_rx_exchange_req()
420 pkex->identifier = os_strdup(identifier); in dpp_pkex_rx_exchange_req()
421 if (!pkex->identifier) in dpp_pkex_rx_exchange_req()
424 pkex->code = os_strdup(code); in dpp_pkex_rx_exchange_req()
425 if (!pkex->code) in dpp_pkex_rx_exchange_req()
428 os_memcpy(pkex->Mx, attr_key, attr_key_len / 2); in dpp_pkex_rx_exchange_req()
436 pkex->x = crypto_ec_key_set_pub(curve->ike_group, x_coord, in dpp_pkex_rx_exchange_req()
438 if (!pkex->x) in dpp_pkex_rx_exchange_req()
453 pkex->y = dpp_set_keypair(&tmp_curve, in dpp_pkex_rx_exchange_req()
457 pkex->y = dpp_gen_keypair(curve); in dpp_pkex_rx_exchange_req()
460 pkex->y = dpp_gen_keypair(curve); in dpp_pkex_rx_exchange_req()
462 if (!pkex->y) in dpp_pkex_rx_exchange_req()
466 Y = crypto_ec_key_get_public_key(pkex->y); in dpp_pkex_rx_exchange_req()
478 pkex->exchange_resp = dpp_pkex_build_exchange_resp(pkex, DPP_STATUS_OK, in dpp_pkex_rx_exchange_req()
480 if (!pkex->exchange_resp) in dpp_pkex_rx_exchange_req()
484 if (dpp_ecdh(pkex->y, pkex->x, Kx, &Kx_len) < 0) in dpp_pkex_rx_exchange_req()
492 res = dpp_pkex_derive_z(pkex->peer_mac, pkex->own_mac, in dpp_pkex_rx_exchange_req()
493 pkex->Mx, curve->prime_len, in dpp_pkex_rx_exchange_req()
494 pkex->Nx, curve->prime_len, pkex->code, in dpp_pkex_rx_exchange_req()
495 Kx, Kx_len, pkex->z, curve->hash_len); in dpp_pkex_rx_exchange_req()
500 pkex->exchange_done = 1; in dpp_pkex_rx_exchange_req()
511 return pkex; in dpp_pkex_rx_exchange_req()
514 dpp_pkex_free(pkex); in dpp_pkex_rx_exchange_req()
515 pkex = NULL; in dpp_pkex_rx_exchange_req()
521 dpp_pkex_build_commit_reveal_req(struct dpp_pkex *pkex, in dpp_pkex_build_commit_reveal_req() argument
524 const struct dpp_curve_params *curve = pkex->own_bi->curve; in dpp_pkex_build_commit_reveal_req()
607 if (aes_siv_encrypt(pkex->z, curve->hash_len, in dpp_pkex_build_commit_reveal_req()
633 struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex, in dpp_pkex_rx_exchange_resp() argument
641 const struct dpp_curve_params *curve = pkex->own_bi->curve; in dpp_pkex_rx_exchange_resp()
651 if (pkex->failed || pkex->t >= PKEX_COUNTER_T_LIMIT || !pkex->initiator) in dpp_pkex_rx_exchange_resp()
658 pkex->failed = 1; in dpp_pkex_rx_exchange_resp()
669 os_memcpy(pkex->peer_mac, peer_mac, ETH_ALEN); in dpp_pkex_rx_exchange_resp()
674 dpp_pkex_fail(pkex, "No DPP Status attribute"); in dpp_pkex_rx_exchange_resp()
684 wpa_msg(pkex->msg_ctx, MSG_INFO, DPP_EVENT_FAIL in dpp_pkex_rx_exchange_resp()
692 dpp_pkex_fail(pkex, "PKEX failed (peer indicated failure)"); in dpp_pkex_rx_exchange_resp()
700 pkex->identifier)) { in dpp_pkex_rx_exchange_resp()
701 dpp_pkex_fail(pkex, "PKEX code identifier mismatch"); in dpp_pkex_rx_exchange_resp()
709 dpp_pkex_fail(pkex, "Missing Encrypted Key attribute"); in dpp_pkex_rx_exchange_resp()
714 Qr = dpp_pkex_derive_Qr(curve, pkex->peer_mac, pkex->code, in dpp_pkex_rx_exchange_resp()
715 pkex->identifier, &ec); in dpp_pkex_rx_exchange_resp()
729 dpp_pkex_fail(pkex, "Invalid Encrypted Key value"); in dpp_pkex_rx_exchange_resp()
730 pkex->t++; in dpp_pkex_rx_exchange_resp()
736 pkex->exchange_done = 1; in dpp_pkex_rx_exchange_resp()
744 pkex->y = crypto_ec_key_set_pub(curve->ike_group, x_coord, y_coord, in dpp_pkex_rx_exchange_resp()
746 if (!pkex->y) in dpp_pkex_rx_exchange_resp()
748 if (dpp_ecdh(pkex->own_bi->pubkey, pkex->y, Jx, &Jx_len) < 0) in dpp_pkex_rx_exchange_resp()
755 A_pub = crypto_ec_key_get_pubkey_point(pkex->own_bi->pubkey, 0); in dpp_pkex_rx_exchange_resp()
756 Y_pub = crypto_ec_key_get_pubkey_point(pkex->y, 0); in dpp_pkex_rx_exchange_resp()
757 X_pub = crypto_ec_key_get_pubkey_point(pkex->x, 0); in dpp_pkex_rx_exchange_resp()
760 addr[0] = pkex->own_mac; in dpp_pkex_rx_exchange_resp()
773 if (dpp_ecdh(pkex->x, pkex->y, Kx, &Kx_len) < 0) in dpp_pkex_rx_exchange_resp()
781 res = dpp_pkex_derive_z(pkex->own_mac, pkex->peer_mac, in dpp_pkex_rx_exchange_resp()
782 pkex->Mx, curve->prime_len, in dpp_pkex_rx_exchange_resp()
784 pkex->code, Kx, Kx_len, in dpp_pkex_rx_exchange_resp()
785 pkex->z, curve->hash_len); in dpp_pkex_rx_exchange_resp()
790 msg = dpp_pkex_build_commit_reveal_req(pkex, A_pub, u); in dpp_pkex_rx_exchange_resp()
812 dpp_pkex_build_commit_reveal_resp(struct dpp_pkex *pkex, in dpp_pkex_build_commit_reveal_resp() argument
815 const struct dpp_curve_params *curve = pkex->own_bi->curve; in dpp_pkex_build_commit_reveal_resp()
898 if (aes_siv_encrypt(pkex->z, curve->hash_len, in dpp_pkex_build_commit_reveal_resp()
924 struct wpabuf * dpp_pkex_rx_commit_reveal_req(struct dpp_pkex *pkex, in dpp_pkex_rx_commit_reveal_req() argument
928 const struct dpp_curve_params *curve = pkex->own_bi->curve; in dpp_pkex_rx_commit_reveal_req()
947 pkex->failed = 1; in dpp_pkex_rx_commit_reveal_req()
952 if (!pkex->exchange_done || pkex->failed || in dpp_pkex_rx_commit_reveal_req()
953 pkex->t >= PKEX_COUNTER_T_LIMIT || pkex->initiator) in dpp_pkex_rx_commit_reveal_req()
959 dpp_pkex_fail(pkex, in dpp_pkex_rx_commit_reveal_req()
979 if (aes_siv_decrypt(pkex->z, curve->hash_len, in dpp_pkex_rx_commit_reveal_req()
982 dpp_pkex_fail(pkex, in dpp_pkex_rx_commit_reveal_req()
984 pkex->failed = 1; in dpp_pkex_rx_commit_reveal_req()
985 pkex->t++; in dpp_pkex_rx_commit_reveal_req()
992 dpp_pkex_fail(pkex, "Invalid attribute in unwrapped data"); in dpp_pkex_rx_commit_reveal_req()
999 dpp_pkex_fail(pkex, "No valid peer bootstrapping key found"); in dpp_pkex_rx_commit_reveal_req()
1002 pkex->peer_bootstrap_key = dpp_set_pubkey_point(pkex->x, b_key, in dpp_pkex_rx_commit_reveal_req()
1004 if (!pkex->peer_bootstrap_key) { in dpp_pkex_rx_commit_reveal_req()
1005 dpp_pkex_fail(pkex, "Peer bootstrapping key is invalid"); in dpp_pkex_rx_commit_reveal_req()
1009 pkex->peer_bootstrap_key); in dpp_pkex_rx_commit_reveal_req()
1012 if (dpp_ecdh(pkex->y, pkex->peer_bootstrap_key, Jx, &Jx_len) < 0) in dpp_pkex_rx_commit_reveal_req()
1019 A_pub = crypto_ec_key_get_pubkey_point(pkex->peer_bootstrap_key, 0); in dpp_pkex_rx_commit_reveal_req()
1020 Y_pub = crypto_ec_key_get_pubkey_point(pkex->y, 0); in dpp_pkex_rx_commit_reveal_req()
1021 X_pub = crypto_ec_key_get_pubkey_point(pkex->x, 0); in dpp_pkex_rx_commit_reveal_req()
1024 addr[0] = pkex->peer_mac; in dpp_pkex_rx_commit_reveal_req()
1039 dpp_pkex_fail(pkex, "No valid u (I-Auth tag) found"); in dpp_pkex_rx_commit_reveal_req()
1043 pkex->t++; in dpp_pkex_rx_commit_reveal_req()
1049 if (dpp_ecdh(pkex->own_bi->pubkey, pkex->x, Lx, &Lx_len) < 0) in dpp_pkex_rx_commit_reveal_req()
1056 B_pub = crypto_ec_key_get_pubkey_point(pkex->own_bi->pubkey, 0); in dpp_pkex_rx_commit_reveal_req()
1059 addr[0] = pkex->own_mac; in dpp_pkex_rx_commit_reveal_req()
1071 msg = dpp_pkex_build_commit_reveal_resp(pkex, B_pub, v); in dpp_pkex_rx_commit_reveal_req()
1089 int dpp_pkex_rx_commit_reveal_resp(struct dpp_pkex *pkex, const u8 *hdr, in dpp_pkex_rx_commit_reveal_resp() argument
1092 const struct dpp_curve_params *curve = pkex->own_bi->curve; in dpp_pkex_rx_commit_reveal_resp()
1110 pkex->failed = 1; in dpp_pkex_rx_commit_reveal_resp()
1115 if (!pkex->exchange_done || pkex->failed || in dpp_pkex_rx_commit_reveal_resp()
1116 pkex->t >= PKEX_COUNTER_T_LIMIT || !pkex->initiator) in dpp_pkex_rx_commit_reveal_resp()
1122 dpp_pkex_fail(pkex, in dpp_pkex_rx_commit_reveal_resp()
1142 if (aes_siv_decrypt(pkex->z, curve->hash_len, in dpp_pkex_rx_commit_reveal_resp()
1145 dpp_pkex_fail(pkex, in dpp_pkex_rx_commit_reveal_resp()
1147 pkex->t++; in dpp_pkex_rx_commit_reveal_resp()
1154 dpp_pkex_fail(pkex, "Invalid attribute in unwrapped data"); in dpp_pkex_rx_commit_reveal_resp()
1161 dpp_pkex_fail(pkex, "No valid peer bootstrapping key found"); in dpp_pkex_rx_commit_reveal_resp()
1164 pkex->peer_bootstrap_key = dpp_set_pubkey_point(pkex->x, b_key, in dpp_pkex_rx_commit_reveal_resp()
1166 if (!pkex->peer_bootstrap_key) { in dpp_pkex_rx_commit_reveal_resp()
1167 dpp_pkex_fail(pkex, "Peer bootstrapping key is invalid"); in dpp_pkex_rx_commit_reveal_resp()
1171 pkex->peer_bootstrap_key); in dpp_pkex_rx_commit_reveal_resp()
1174 if (dpp_ecdh(pkex->x, pkex->peer_bootstrap_key, Lx, &Lx_len) < 0) in dpp_pkex_rx_commit_reveal_resp()
1181 B_pub = crypto_ec_key_get_pubkey_point(pkex->peer_bootstrap_key, 0); in dpp_pkex_rx_commit_reveal_resp()
1182 X_pub = crypto_ec_key_get_pubkey_point(pkex->x, 0); in dpp_pkex_rx_commit_reveal_resp()
1183 Y_pub = crypto_ec_key_get_pubkey_point(pkex->y, 0); in dpp_pkex_rx_commit_reveal_resp()
1186 addr[0] = pkex->peer_mac; in dpp_pkex_rx_commit_reveal_resp()
1201 dpp_pkex_fail(pkex, "No valid v (R-Auth tag) found"); in dpp_pkex_rx_commit_reveal_resp()
1205 pkex->t++; in dpp_pkex_rx_commit_reveal_resp()
1223 dpp_pkex_finish(struct dpp_global *dpp, struct dpp_pkex *pkex, const u8 *peer, in dpp_pkex_finish() argument
1236 bi->curve = pkex->own_bi->curve; in dpp_pkex_finish()
1237 bi->pubkey = pkex->peer_bootstrap_key; in dpp_pkex_finish()
1238 pkex->peer_bootstrap_key = NULL; in dpp_pkex_finish()
1243 dpp_pkex_free(pkex); in dpp_pkex_finish()
1249 void dpp_pkex_free(struct dpp_pkex *pkex) in dpp_pkex_free() argument
1251 if (!pkex) in dpp_pkex_free()
1254 os_free(pkex->identifier); in dpp_pkex_free()
1255 os_free(pkex->code); in dpp_pkex_free()
1256 crypto_ec_key_deinit(pkex->x); in dpp_pkex_free()
1257 crypto_ec_key_deinit(pkex->y); in dpp_pkex_free()
1258 crypto_ec_key_deinit(pkex->peer_bootstrap_key); in dpp_pkex_free()
1259 wpabuf_free(pkex->exchange_req); in dpp_pkex_free()
1260 wpabuf_free(pkex->exchange_resp); in dpp_pkex_free()
1261 os_free(pkex); in dpp_pkex_free()