diff mbox series

SAE: Notify WRONG Key when Confirm mismatch

Message ID CACYaJDTkZcZgzwpXPKMus7jzi-QpSTrMJV_3Wp8oXJGM2nthCw@mail.gmail.com
State Not Applicable
Headers show
Series SAE: Notify WRONG Key when Confirm mismatch | expand

Commit Message

Ouden.Biz Lin Sept. 1, 2020, 8:53 a.m. UTC
Hi there,

I have a question about the WRONG Key.
In WPA2-PSK case, that has the WRONG Key message to notify user.
But, In WPA3-SAE, no message to notify user.

I check the flow,
When I use the wrong key to connect AP.
AP will get the Confirm mismatch and send the Confirm with status (1) to STA.

So, I added some checks to send the "WRONG Key" as below.
Can somebody help to review and comment on it ?

Thank you very much.
Ouden


  wpa_s, WLAN_STATUS_UNSPECIFIED_FAILURE);
@@ -1279,6 +1283,10 @@ void sme_event_auth(struct wpa_supplicant
*wpa_s, union wpa_event_data *data)
     data->auth.status_code, data->auth.ies,
     data->auth.ies_len, 0, NULL);
  if (res < 0) {
+ if ((data->auth.auth_transaction) == 2)
+ && (data->auth.status_code) == 1)) {
+ wpas_auth_failed(wpa_s, "WRONG_KEY");
+ }
  wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
  wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);

Comments

Jouni Malinen Oct. 10, 2020, 5:44 p.m. UTC | #1
On Tue, Sep 01, 2020 at 04:53:02PM +0800, Ouden.Biz Lin wrote:
> I have a question about the WRONG Key.
> In WPA2-PSK case, that has the WRONG Key message to notify user.
> But, In WPA3-SAE, no message to notify user.
> 
> I check the flow,
> When I use the wrong key to connect AP.
> AP will get the Confirm mismatch and send the Confirm with status (1) to STA.

That may be implementation specific behavior. Status code 1 does not
indicate that the password is wrong. It should also be noted that the AP
may end up sending its Confirm message before the STA.

> So, I added some checks to send the "WRONG Key" as below.
> Can somebody help to review and comment on it ?

> diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
> @@ -1222,6 +1222,10 @@ void sme_external_auth_mgmt_rx(struct
> wpa_supplicant *wpa_s,
>   header->u.auth.variable,
>   len - auth_length, 1, header->sa);
>   if (res < 0) {
> + if ((le_to_host16(header->u.auth.auth_transaction) == 2)
> + && (le_to_host16(header->u.auth.status_code) == 1)) {
> + wpas_auth_failed(wpa_s, "WRONG_KEY");
> + }

This is not a robust way of determining that the password was wrong
since that is only one possible trigger for status code 1 (unspecified
failure). Furthermore, this would not trigger for all cases where the
password is wrong. SAE authentication does not provide any specific
indication for incorrect password.
diff mbox series

Patch

diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index dd5020179..b29d936fd 100644
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -1222,6 +1222,10 @@  void sme_external_auth_mgmt_rx(struct
wpa_supplicant *wpa_s,
  header->u.auth.variable,
  len - auth_length, 1, header->sa);
  if (res < 0) {
+ if ((le_to_host16(header->u.auth.auth_transaction) == 2)
+ && (le_to_host16(header->u.auth.status_code) == 1)) {
+ wpas_auth_failed(wpa_s, "WRONG_KEY");
+ }
  /* Notify failure to the driver */
  sme_send_external_auth_status(