From patchwork Sun Dec 15 09:33:58 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ilan Peer X-Patchwork-Id: 1209860 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="Ew5agYqa"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47bK4p3BL9z9sPJ for ; Sun, 15 Dec 2019 20:35:03 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:Message-Id:Date: Subject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Owner; bh=7FINKBEvcv256PYOypPSyg3RBLTx1VL6XEpQQdiHv14=; b=Ew5 agYqaSVO6H3pOPIwMvtVQj5OuC4UuTIK9YF0aG3ap+Uc5fRr5oqV7uFHtTi4pMm4v9ocHqdjHR7RV aEqMYT6iYUa6080DHnh1ipXtmX7biy0bctn5gswL2pxX0q1IGV4EwDDF4TT4tOjJVCl64sMITswfY 9OdOBHcjth/wf5QcqtWINvE/qpKd/EOQ094Y7I8wvTnn63s6IKEtYXIqAK0d+02IesUvyv9waFvd+ DhZB8MXsTNCXSLe7WBALNpgPOz1GmZciWz4pAtrUtkSOWFvGOop84WbI3nUUBsH3c4nZ63EJ+F9N6 T5fbHGi0lxiyCJfl3C6SJ54CzdHchTA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1igQIa-0004b5-Q9; Sun, 15 Dec 2019 09:34:48 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1igQIX-0004a5-5d for hostap@lists.infradead.org; Sun, 15 Dec 2019 09:34:46 +0000 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 15 Dec 2019 01:34:42 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,317,1571727600"; d="scan'208";a="216889242" Received: from jed01681.jer.intel.com ([10.12.190.127]) by orsmga006.jf.intel.com with ESMTP; 15 Dec 2019 01:34:41 -0800 From: Ilan Peer To: hostap@lists.infradead.org Subject: [PATCH 00/40] Support for Pre association Security Negotiation (PASN) Date: Sun, 15 Dec 2019 11:33:58 +0200 Message-Id: <20191215093438.10120-1-ilan.peer@intel.com> X-Mailer: git-send-email 2.17.1 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191215_013445_227548_261E1FAC X-CRM114-Status: GOOD ( 13.13 ) X-Spam-Score: -2.3 (--) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (-2.3 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ilan Peer MIME-Version: 1.0 Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org The following series of patches is an implementation of the Pre Association Security Negotiation (PASN) as defined in Draft 802.11az_D1.5. In short, PASN is a mechanism to establish security association and allow Management Frame Protection (MFP) prior to association. To support the PASN authentication flows while associated, the 3-way authentication handshake is performed from the wpa_supplicant, without the low level kernel driver being aware of the authentication exchange, using the send_mlme() API which was extended to also allow support for a wait option. In addition, some changes are introduced in nl80211 driver to allow sending/receiving authentication frames. To support processing of authentication frames in user space, the following change in mac80211 is also required: - https://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/backport-iwlwifi.git/commit/?id=2020ea4a16e35b28d50a77d883e2396995583f81 Since the PASN authentication relies on support for wrapped data and element fragmentation/defragmentation, the patch set includes changes that introduce support for the missing parts. As one of the primary goals of PASN is to establish a PTKSA between an non-AP station and an AP in an infrastructure networks, that can later be used for secure LTF measurement exchange, an implementation of a PTKSA is added to both wpa_supplicant and hostapd. Finally, note that since the specification definitions are incomplete, e.g., information element Ids etc. are missing, the implementation uses internally set values, that should be updated once the specification is complete. Andrei Otcheretianski (1): driver_nl80211: Register for SAE AUTH frames more strictly Ilan Peer (39): driver: Extend send_mlme() with wait option nl80211: Allow off-channel in send_mlme() nl80211: Allow Tx status for authentication frames nl80211: Always register for Rx authentication frames with PASN WPA: Extend the wpa_pmk_to_ptk() function to also derive HLTK FT: Extend the wpa_pmk_r1_to_ptk() function to also derive HLTK WPA: Extend the fils_pmk_to_ptk() function to also derive HLTK PASN: Add functions to compute PTK, MIC and hash crypto: Add a function to get the ECDH prime len WPA: Rename FILS wrapped data common: Add support for element defragmentation PASN: Add some specification definitions PASN: Add common authentication frame build/validation functions common: Add PASN parsing to ieee802_11_parse_extension() common: Allow WPA_CIPHER_GTK_NOT_USED in RSNE parsing WPA: Add a function to get PMKSA cache entry WPA: Add PTKSA cache implementation WPA: Add PTKSA cache to wpa_supplicant for PASN PASN: Add support for PASN processing to the wpa_supplicant ctrl_iface: Add support for PASN authentication AP: Add support for configuring PASN WPA_AUTH: Add PTKSA cache to hostapd AP: Add support for PASN processing to the SME tests: Add PASN test coverage PASN: Support PASN with SAE key derivation AP: Support PASN with SAE key derivation tests: Add PASN tests with SAE PASN: Support PASN with FILS key derivation AP: Support PASN with FILS key derivation tests: Add PASN with FILS tests AP: Rename SAE anti clogging variables and functions AP: Move anti clogging handling code AP: Add support for PASN comeback flow PASN: Add support for comeback flow to the wpa_supplicant tests: Add PASN test with comeback flow PASN: Support PASN with FT key derivation AP: Support PASN with FT key derivation tests: Add PASN tests with FT key derivation tests: Add module tests for PASN PTK derivation hostapd/Makefile | 10 + hostapd/config_file.c | 21 +- hostapd/ctrl_iface.c | 4 + hostapd/defconfig | 5 + hostapd/hostapd.conf | 8 + src/ap/ap_config.c | 6 +- src/ap/ap_config.h | 14 +- src/ap/ap_drv_ops.c | 4 +- src/ap/hostapd.h | 11 +- src/ap/ieee802_11.c | 1544 +++++++++++++++++--- src/ap/ieee802_1x.c | 3 +- src/ap/sta_info.c | 34 + src/ap/sta_info.h | 46 + src/ap/wpa_auth.c | 40 +- src/ap/wpa_auth.h | 17 + src/ap/wpa_auth_ft.c | 21 +- src/ap/wpa_auth_glue.c | 39 + src/ap/wpa_auth_ie.c | 7 + src/common/Makefile | 4 +- src/common/common_module_tests.c | 171 ++- src/common/defs.h | 3 + src/common/ieee802_11_common.c | 124 +- src/common/ieee802_11_common.h | 30 +- src/common/ieee802_11_defs.h | 8 +- src/common/ptksa_cache.c | 321 +++++ src/common/ptksa_cache.h | 84 ++ src/common/wpa_common.c | 748 +++++++++- src/common/wpa_common.h | 80 +- src/common/wpa_ctrl.h | 3 + src/crypto/crypto.h | 1 + src/crypto/crypto_openssl.c | 4 + src/crypto/crypto_wolfssl.c | 4 + src/drivers/driver.h | 4 +- src/drivers/driver_hostap.c | 11 +- src/drivers/driver_nl80211.c | 42 +- src/drivers/driver_nl80211_event.c | 39 +- src/rsn_supp/wpa.c | 52 +- src/rsn_supp/wpa.h | 36 + src/rsn_supp/wpa_ft.c | 105 +- src/rsn_supp/wpa_i.h | 30 + tests/hwsim/example-hostapd.config | 2 + tests/hwsim/example-wpa_supplicant.config | 2 + tests/hwsim/hostapd.py | 17 + tests/hwsim/test_pasn.py | 624 +++++++++ tests/hwsim/test_sae.py | 8 +- tests/hwsim/wpasupplicant.py | 20 + wlantest/rx_eapol.c | 4 +- wlantest/rx_mgmt.c | 6 +- wpa_supplicant/Makefile | 11 + wpa_supplicant/config.c | 5 + wpa_supplicant/config.h | 10 + wpa_supplicant/ctrl_iface.c | 109 ++ wpa_supplicant/defconfig | 3 + wpa_supplicant/driver_i.h | 4 +- wpa_supplicant/events.c | 19 + wpa_supplicant/p2p_supplicant.c | 2 +- wpa_supplicant/pasn_supplicant.c | 1555 +++++++++++++++++++++ wpa_supplicant/sme.c | 4 +- wpa_supplicant/wpa_cli.c | 36 + wpa_supplicant/wpa_supplicant.c | 11 + wpa_supplicant/wpa_supplicant_i.h | 78 ++ wpa_supplicant/wpas_glue.c | 34 +- 62 files changed, 6025 insertions(+), 277 deletions(-) create mode 100644 src/common/ptksa_cache.c create mode 100644 src/common/ptksa_cache.h create mode 100644 tests/hwsim/test_pasn.py create mode 100644 wpa_supplicant/pasn_supplicant.c