240 static void dpp_auth_fail(struct dpp_authentication *auth, const char *txt)  in dpp_auth_fail()  argument
242 	wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_FAIL "%s", txt);  in dpp_auth_fail()
889 static int dpp_derive_ke(struct dpp_authentication *auth, u8 *ke,  in dpp_derive_ke()  argument
901 	if (!auth->Mx_len || !auth->Nx_len) {  in dpp_derive_ke()
910 	nonce_len = auth->curve->nonce_len;  in dpp_derive_ke()
911 	os_memcpy(nonces, auth->i_nonce, nonce_len);  in dpp_derive_ke()
912 	os_memcpy(&nonces[nonce_len], auth->r_nonce, nonce_len);  in dpp_derive_ke()
913 	addr[num_elem] = auth->Mx;  in dpp_derive_ke()
914 	len[num_elem] = auth->Mx_len;  in dpp_derive_ke()
916 	addr[num_elem] = auth->Nx;  in dpp_derive_ke()
917 	len[num_elem] = auth->Nx_len;  in dpp_derive_ke()
919 	if (auth->peer_bi && auth->own_bi) {  in dpp_derive_ke()
920 		if (!auth->Lx_len) {  in dpp_derive_ke()
925 		addr[num_elem] = auth->Lx;  in dpp_derive_ke()
926 		len[num_elem] = auth->secret_len;  in dpp_derive_ke()
982 static struct wpabuf * dpp_auth_build_req(struct dpp_authentication *auth,  in dpp_auth_build_req()  argument
1058 		os_memcpy(pos, auth->i_nonce, nonce_len - 1);  in dpp_auth_build_req()
1069 	os_memcpy(pos, auth->i_nonce, nonce_len);  in dpp_auth_build_req()
1085 	auth->i_capab = auth->allowed_roles;  in dpp_auth_build_req()
1086 	*pos++ = auth->i_capab;  in dpp_auth_build_req()
1109 	if (aes_siv_encrypt(auth->k1, auth->curve->hash_len, clear, siv_len,  in dpp_auth_build_req()
1137 static struct wpabuf * dpp_auth_build_resp(struct dpp_authentication *auth,  in dpp_auth_build_resp()  argument
1157 	auth->waiting_auth_conf = 1;  in dpp_auth_build_resp()
1158 	auth->auth_resp_tries = 0;  in dpp_auth_build_resp()
1240 	auth->r_capab = auth->configurator ? DPP_CAPAB_CONFIGURATOR :  in dpp_auth_build_resp()
1242 	*pos++ = auth->r_capab;  in dpp_auth_build_resp()
1250 		if ((auth->i_capab & DPP_CAPAB_ROLE_MASK) ==  in dpp_auth_build_resp()
1254 			pos[-1] = auth->configurator ? DPP_CAPAB_ENROLLEE :  in dpp_auth_build_resp()
1282 	if (aes_siv_encrypt(siv_key, auth->curve->hash_len, clear, siv_len,  in dpp_auth_build_resp()
1366 static int dpp_channel_intersect(struct dpp_authentication *auth,  in dpp_channel_intersect()  argument
1370 	struct dpp_bootstrap_info *peer_bi = auth->peer_bi;  in dpp_channel_intersect()
1375 		if (freq_included(auth->freq, auth->num_freq, freq))  in dpp_channel_intersect()
1378 			auth->freq[auth->num_freq++] = freq;  in dpp_channel_intersect()
1380 	if (!auth->num_freq) {  in dpp_channel_intersect()
1385 	auth->curr_freq = auth->freq[0];  in dpp_channel_intersect()
1390 static int dpp_channel_local_list(struct dpp_authentication *auth,  in dpp_channel_local_list()  argument
1400 		auth->freq[0] = 2412;  in dpp_channel_local_list()
1401 		auth->freq[1] = 2437;  in dpp_channel_local_list()
1402 		auth->freq[2] = 2462;  in dpp_channel_local_list()
1403 		auth->num_freq = 3;  in dpp_channel_local_list()
1415 			if (freq_included(auth->freq, auth->num_freq, freq))  in dpp_channel_local_list()
1417 			auth->freq[auth->num_freq++] = freq;  in dpp_channel_local_list()
1418 			if (auth->num_freq == DPP_BOOTSTRAP_MAX_FREQ) {  in dpp_channel_local_list()
1425 	auth->freq[0] = 2412;  in dpp_channel_local_list()
1426 	auth->freq[1] = 2437;  in dpp_channel_local_list()
1427 	auth->freq[2] = 2462;  in dpp_channel_local_list()
1428 	auth->num_freq = 3;  in dpp_channel_local_list()
1430 	return auth->num_freq == 0 ? -1 : 0;  in dpp_channel_local_list()
1434 static int dpp_prepare_channel_list(struct dpp_authentication *auth,  in dpp_prepare_channel_list()  argument
1442 	if (auth->peer_bi->num_freq > 0)  in dpp_prepare_channel_list()
1443 		res = dpp_channel_intersect(auth, own_modes, num_modes);  in dpp_prepare_channel_list()
1445 		res = dpp_channel_local_list(auth, own_modes, num_modes);  in dpp_prepare_channel_list()
1451 	freq_to_start(auth->freq, auth->num_freq, 2462);  in dpp_prepare_channel_list()
1452 	freq_to_start(auth->freq, auth->num_freq, 2412);  in dpp_prepare_channel_list()
1453 	freq_to_start(auth->freq, auth->num_freq, 2437);  in dpp_prepare_channel_list()
1455 	auth->freq_idx = 0;  in dpp_prepare_channel_list()
1456 	auth->curr_freq = auth->freq[0];  in dpp_prepare_channel_list()
1460 	for (i = 0; i < auth->num_freq; i++) {  in dpp_prepare_channel_list()
1461 		res = os_snprintf(pos, end - pos, " %u", auth->freq[i]);  in dpp_prepare_channel_list()
1474 static int dpp_autogen_bootstrap_key(struct dpp_authentication *auth)  in dpp_autogen_bootstrap_key()  argument
1480 	if (auth->own_bi)  in dpp_autogen_bootstrap_key()
1487 	pk = dpp_keygen(bi, auth->peer_bi->curve->name, NULL, 0);  in dpp_autogen_bootstrap_key()
1501 	auth->tmp_own_bi = auth->own_bi = bi;  in dpp_autogen_bootstrap_key()
1521 	struct dpp_authentication *auth;  in dpp_auth_init()  local
1530 	auth = os_zalloc(sizeof(*auth));  in dpp_auth_init()
1531 	if (!auth)  in dpp_auth_init()
1533 	auth->msg_ctx = msg_ctx;  in dpp_auth_init()
1534 	auth->initiator = 1;  in dpp_auth_init()
1535 	auth->waiting_auth_resp = 1;  in dpp_auth_init()
1536 	auth->allowed_roles = dpp_allowed_roles;  in dpp_auth_init()
1537 	auth->configurator = !!(dpp_allowed_roles & DPP_CAPAB_CONFIGURATOR);  in dpp_auth_init()
1538 	auth->peer_bi = peer_bi;  in dpp_auth_init()
1539 	auth->own_bi = own_bi;  in dpp_auth_init()
1540 	auth->curve = peer_bi->curve;  in dpp_auth_init()
1542 	if (dpp_autogen_bootstrap_key(auth) < 0 ||  in dpp_auth_init()
1543 	    dpp_prepare_channel_list(auth, own_modes, num_modes) < 0)  in dpp_auth_init()
1550 		os_memcpy(auth->i_nonce, dpp_nonce_override, nonce_len);  in dpp_auth_init()
1552 		nonce_len = auth->curve->nonce_len;  in dpp_auth_init()
1553 		if (random_get_bytes(auth->i_nonce, nonce_len)) {  in dpp_auth_init()
1560 	nonce_len = auth->curve->nonce_len;  in dpp_auth_init()
1561 	if (random_get_bytes(auth->i_nonce, nonce_len)) {  in dpp_auth_init()
1566 	wpa_hexdump(MSG_DEBUG, "DPP: I-nonce", auth->i_nonce, nonce_len);  in dpp_auth_init()
1574 		auth->own_protocol_key = dpp_set_keypair(  in dpp_auth_init()
1578 		auth->own_protocol_key = dpp_gen_keypair(auth->curve);  in dpp_auth_init()
1581 	auth->own_protocol_key = dpp_gen_keypair(auth->curve);  in dpp_auth_init()
1583 	if (!auth->own_protocol_key)  in dpp_auth_init()
1586 	pi = dpp_get_pubkey_point(auth->own_protocol_key, 0);  in dpp_auth_init()
1591 	if (dpp_ecdh(auth->own_protocol_key, auth->peer_bi->pubkey,  in dpp_auth_init()
1592 		     auth->Mx, &secret_len) < 0)  in dpp_auth_init()
1594 	auth->secret_len = secret_len;  in dpp_auth_init()
1597 			auth->Mx, auth->secret_len);  in dpp_auth_init()
1598 	auth->Mx_len = auth->secret_len;  in dpp_auth_init()
1600 	if (dpp_derive_k1(auth->Mx, auth->secret_len, auth->k1,  in dpp_auth_init()
1601 			  auth->curve->hash_len) < 0)  in dpp_auth_init()
1604 	r_pubkey_hash = auth->peer_bi->pubkey_hash;  in dpp_auth_init()
1605 	i_pubkey_hash = auth->own_bi->pubkey_hash;  in dpp_auth_init()
1633 		pi = wpabuf_alloc(2 * auth->curve->prime_len);  in dpp_auth_init()
1634 		if (!pi || dpp_test_gen_invalid_key(pi, auth->curve) < 0)  in dpp_auth_init()
1639 	auth->req_msg = dpp_auth_build_req(auth, pi, nonce_len, r_pubkey_hash,  in dpp_auth_init()
1641 	if (!auth->req_msg)  in dpp_auth_init()
1646 	return auth;  in dpp_auth_init()
1648 	dpp_auth_deinit(auth);  in dpp_auth_init()
1649 	auth = NULL;  in dpp_auth_init()
1654 static struct wpabuf * dpp_build_conf_req_attr(struct dpp_authentication *auth,  in dpp_build_conf_req_attr()  argument
1665 	nonce_len = auth->curve->nonce_len;  in dpp_build_conf_req_attr()
1666 	if (random_get_bytes(auth->e_nonce, nonce_len)) {  in dpp_build_conf_req_attr()
1670 	wpa_hexdump(MSG_DEBUG, "DPP: E-nonce", auth->e_nonce, nonce_len);  in dpp_build_conf_req_attr()
1695 		wpabuf_put_data(clear, auth->e_nonce, nonce_len - 1);  in dpp_build_conf_req_attr()
1707 	wpabuf_put_data(clear, auth->e_nonce, nonce_len);  in dpp_build_conf_req_attr()
1732 	if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,  in dpp_build_conf_req_attr()
1781 struct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth,  in dpp_build_conf_req()  argument
1786 	conf_req = dpp_build_conf_req_attr(auth, json);  in dpp_build_conf_req()
1808 struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth,  in dpp_build_conf_req_helper()  argument
1861 	buf = dpp_build_conf_req(auth, wpabuf_head(json));  in dpp_build_conf_req_helper()
1868 static void dpp_auth_success(struct dpp_authentication *auth)  in dpp_auth_success()  argument
1872 	os_memset(auth->Mx, 0, sizeof(auth->Mx));  in dpp_auth_success()
1873 	auth->Mx_len = 0;  in dpp_auth_success()
1874 	os_memset(auth->Nx, 0, sizeof(auth->Nx));  in dpp_auth_success()
1875 	auth->Nx_len = 0;  in dpp_auth_success()
1876 	os_memset(auth->Lx, 0, sizeof(auth->Lx));  in dpp_auth_success()
1877 	auth->Lx_len = 0;  in dpp_auth_success()
1878 	os_memset(auth->k1, 0, sizeof(auth->k1));  in dpp_auth_success()
1879 	os_memset(auth->k2, 0, sizeof(auth->k2));  in dpp_auth_success()
1881 	auth->auth_success = 1;  in dpp_auth_success()
1885 static int dpp_gen_r_auth(struct dpp_authentication *auth, u8 *r_auth)  in dpp_gen_r_auth()  argument
1896 	nonce_len = auth->curve->nonce_len;  in dpp_gen_r_auth()
1898 	if (auth->initiator) {  in dpp_gen_r_auth()
1899 		pix = dpp_get_pubkey_point(auth->own_protocol_key, 0);  in dpp_gen_r_auth()
1900 		prx = dpp_get_pubkey_point(auth->peer_protocol_key, 0);  in dpp_gen_r_auth()
1901 		if (auth->own_bi)  in dpp_gen_r_auth()
1902 			bix = dpp_get_pubkey_point(auth->own_bi->pubkey, 0);  in dpp_gen_r_auth()
1905 		brx = dpp_get_pubkey_point(auth->peer_bi->pubkey, 0);  in dpp_gen_r_auth()
1907 		pix = dpp_get_pubkey_point(auth->peer_protocol_key, 0);  in dpp_gen_r_auth()
1908 		prx = dpp_get_pubkey_point(auth->own_protocol_key, 0);  in dpp_gen_r_auth()
1909 		if (auth->peer_bi)  in dpp_gen_r_auth()
1910 			bix = dpp_get_pubkey_point(auth->peer_bi->pubkey, 0);  in dpp_gen_r_auth()
1913 		brx = dpp_get_pubkey_point(auth->own_bi->pubkey, 0);  in dpp_gen_r_auth()
1918 	addr[num_elem] = auth->i_nonce;  in dpp_gen_r_auth()
1922 	addr[num_elem] = auth->r_nonce;  in dpp_gen_r_auth()
1951 	res = dpp_hash_vector(auth->curve, num_elem, addr, len, r_auth);  in dpp_gen_r_auth()
1954 			    auth->curve->hash_len);  in dpp_gen_r_auth()
1963 static int dpp_gen_i_auth(struct dpp_authentication *auth, u8 *i_auth)  in dpp_gen_i_auth()  argument
1974 	nonce_len = auth->curve->nonce_len;  in dpp_gen_i_auth()
1976 	if (auth->initiator) {  in dpp_gen_i_auth()
1977 		pix = dpp_get_pubkey_point(auth->own_protocol_key, 0);  in dpp_gen_i_auth()
1978 		prx = dpp_get_pubkey_point(auth->peer_protocol_key, 0);  in dpp_gen_i_auth()
1979 		if (auth->own_bi)  in dpp_gen_i_auth()
1980 			bix = dpp_get_pubkey_point(auth->own_bi->pubkey, 0);  in dpp_gen_i_auth()
1983 		if (!auth->peer_bi)  in dpp_gen_i_auth()
1985 		brx = dpp_get_pubkey_point(auth->peer_bi->pubkey, 0);  in dpp_gen_i_auth()
1987 		pix = dpp_get_pubkey_point(auth->peer_protocol_key, 0);  in dpp_gen_i_auth()
1988 		prx = dpp_get_pubkey_point(auth->own_protocol_key, 0);  in dpp_gen_i_auth()
1989 		if (auth->peer_bi)  in dpp_gen_i_auth()
1990 			bix = dpp_get_pubkey_point(auth->peer_bi->pubkey, 0);  in dpp_gen_i_auth()
1993 		if (!auth->own_bi)  in dpp_gen_i_auth()
1995 		brx = dpp_get_pubkey_point(auth->own_bi->pubkey, 0);  in dpp_gen_i_auth()
2000 	addr[num_elem] = auth->r_nonce;  in dpp_gen_i_auth()
2004 	addr[num_elem] = auth->i_nonce;  in dpp_gen_i_auth()
2033 	res = dpp_hash_vector(auth->curve, num_elem, addr, len, i_auth);  in dpp_gen_i_auth()
2036 			    auth->curve->hash_len);  in dpp_gen_i_auth()
2046 static int dpp_auth_derive_l_responder(struct dpp_authentication *auth)  in dpp_auth_derive_l_responder()  argument
2063 	BI_point = crypto_ec_get_public_key(auth->peer_bi->pubkey);  in dpp_auth_derive_l_responder()
2064 	group = crypto_ec_get_group_from_key(auth->peer_bi->pubkey);  in dpp_auth_derive_l_responder()
2065 	bR_bn = crypto_ec_get_private_key(auth->own_bi->pubkey);  in dpp_auth_derive_l_responder()
2066 	pR_bn = crypto_ec_get_private_key(auth->own_protocol_key);  in dpp_auth_derive_l_responder()
2082 	if (dpp_bn2bin_pad(lx, auth->Lx, auth->secret_len) < 0)  in dpp_auth_derive_l_responder()
2084 	wpa_hexdump_key(MSG_DEBUG, "DPP: L.x", auth->Lx, auth->secret_len);  in dpp_auth_derive_l_responder()
2085 	auth->Lx_len = auth->secret_len;  in dpp_auth_derive_l_responder()
2096 static int dpp_auth_derive_l_initiator(struct dpp_authentication *auth)  in dpp_auth_derive_l_initiator()  argument
2110 	BR_point = crypto_ec_get_public_key(auth->peer_bi->pubkey);  in dpp_auth_derive_l_initiator()
2111 	PR_point = crypto_ec_get_public_key(auth->peer_protocol_key);  in dpp_auth_derive_l_initiator()
2113 	group = crypto_ec_get_group_from_key(auth->own_bi->pubkey);  in dpp_auth_derive_l_initiator()
2114 	bI_bn = crypto_ec_get_private_key(auth->own_bi->pubkey);  in dpp_auth_derive_l_initiator()
2128 	if (dpp_bn2bin_pad(lx, auth->Lx, auth->secret_len) < 0)  in dpp_auth_derive_l_initiator()
2130 	wpa_hexdump_key(MSG_DEBUG, "DPP: L.x", auth->Lx, auth->secret_len);  in dpp_auth_derive_l_initiator()
2131 	auth->Lx_len = auth->secret_len;  in dpp_auth_derive_l_initiator()
2143 static int dpp_auth_build_resp_ok(struct dpp_authentication *auth)  in dpp_auth_build_resp_ok()  argument
2159 	if (!auth->own_bi)  in dpp_auth_build_resp_ok()
2166 		os_memcpy(auth->r_nonce, dpp_nonce_override, nonce_len);  in dpp_auth_build_resp_ok()
2168 		nonce_len = auth->curve->nonce_len;  in dpp_auth_build_resp_ok()
2169 		if (random_get_bytes(auth->r_nonce, nonce_len)) {  in dpp_auth_build_resp_ok()
2176 	nonce_len = auth->curve->nonce_len;  in dpp_auth_build_resp_ok()
2177 	if (random_get_bytes(auth->r_nonce, nonce_len)) {  in dpp_auth_build_resp_ok()
2182 	wpa_hexdump(MSG_DEBUG, "DPP: R-nonce", auth->r_nonce, nonce_len);  in dpp_auth_build_resp_ok()
2184 	crypto_ec_free_key(auth->own_protocol_key);  in dpp_auth_build_resp_ok()
2191 		auth->own_protocol_key = dpp_set_keypair(  in dpp_auth_build_resp_ok()
2195 		auth->own_protocol_key = dpp_gen_keypair(auth->curve);  in dpp_auth_build_resp_ok()
2198 	auth->own_protocol_key = dpp_gen_keypair(auth->curve);  in dpp_auth_build_resp_ok()
2200 	if (!auth->own_protocol_key)  in dpp_auth_build_resp_ok()
2203 	pr = dpp_get_pubkey_point(auth->own_protocol_key, 0);  in dpp_auth_build_resp_ok()
2208 	if (dpp_ecdh(auth->own_protocol_key, auth->peer_protocol_key,  in dpp_auth_build_resp_ok()
2209 		     auth->Nx, &secret_len) < 0)  in dpp_auth_build_resp_ok()
2213 			auth->Nx, auth->secret_len);  in dpp_auth_build_resp_ok()
2214 	auth->Nx_len = auth->secret_len;  in dpp_auth_build_resp_ok()
2216 	if (dpp_derive_k2(auth->Nx, auth->secret_len, auth->k2,  in dpp_auth_build_resp_ok()
2217 			  auth->curve->hash_len) < 0)  in dpp_auth_build_resp_ok()
2220 	if (auth->own_bi && auth->peer_bi) {  in dpp_auth_build_resp_ok()
2222 		if (dpp_auth_derive_l_responder(auth) < 0)  in dpp_auth_build_resp_ok()
2226 	if (dpp_derive_ke(auth, auth->ke, auth->curve->hash_len) < 0)  in dpp_auth_build_resp_ok()
2231 	WPA_PUT_LE16(&r_auth[2], auth->curve->hash_len);  in dpp_auth_build_resp_ok()
2232 	if (dpp_gen_r_auth(auth, r_auth + 4) < 0)  in dpp_auth_build_resp_ok()
2237 		r_auth[4 + auth->curve->hash_len / 2] ^= 0x01;  in dpp_auth_build_resp_ok()
2240 	if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,  in dpp_auth_build_resp_ok()
2241 			    r_auth, 4 + auth->curve->hash_len,  in dpp_auth_build_resp_ok()
2244 	wrapped_r_auth_len = 4 + auth->curve->hash_len + AES_BLOCK_SIZE;  in dpp_auth_build_resp_ok()
2249 	r_pubkey_hash = auth->own_bi->pubkey_hash;  in dpp_auth_build_resp_ok()
2250 	if (auth->peer_bi)  in dpp_auth_build_resp_ok()
2251 		i_pubkey_hash = auth->peer_bi->pubkey_hash;  in dpp_auth_build_resp_ok()
2255 	i_nonce = auth->i_nonce;  in dpp_auth_build_resp_ok()
2256 	r_nonce = auth->r_nonce;  in dpp_auth_build_resp_ok()
2289 		pr = wpabuf_alloc(2 * auth->curve->prime_len);  in dpp_auth_build_resp_ok()
2290 		if (!pr || dpp_test_gen_invalid_key(pr, auth->curve) < 0)  in dpp_auth_build_resp_ok()
2311 	msg = dpp_auth_build_resp(auth, status, pr, nonce_len,  in dpp_auth_build_resp_ok()
2315 				  auth->k2);  in dpp_auth_build_resp_ok()
2318 	wpabuf_free(auth->resp_msg);  in dpp_auth_build_resp_ok()
2319 	auth->resp_msg = msg;  in dpp_auth_build_resp_ok()
2327 static int dpp_auth_build_resp_status(struct dpp_authentication *auth,  in dpp_auth_build_resp_status()  argument
2336 	if (!auth->own_bi)  in dpp_auth_build_resp_status()
2340 	r_pubkey_hash = auth->own_bi->pubkey_hash;  in dpp_auth_build_resp_status()
2341 	if (auth->peer_bi)  in dpp_auth_build_resp_status()
2342 		i_pubkey_hash = auth->peer_bi->pubkey_hash;  in dpp_auth_build_resp_status()
2346 	i_nonce = auth->i_nonce;  in dpp_auth_build_resp_status()
2381 	msg = dpp_auth_build_resp(auth, status, NULL, auth->curve->nonce_len,  in dpp_auth_build_resp_status()
2383 				  NULL, i_nonce, NULL, 0, auth->k1);  in dpp_auth_build_resp_status()
2386 	wpabuf_free(auth->resp_msg);  in dpp_auth_build_resp_status()
2387 	auth->resp_msg = msg;  in dpp_auth_build_resp_status()
2415 	struct dpp_authentication *auth = NULL;  in dpp_auth_req_rx()  local
2436 	auth = os_zalloc(sizeof(*auth));  in dpp_auth_req_rx()
2437 	if (!auth)  in dpp_auth_req_rx()
2439 	auth->msg_ctx = msg_ctx;  in dpp_auth_req_rx()
2440 	auth->peer_bi = peer_bi;  in dpp_auth_req_rx()
2441 	auth->own_bi = own_bi;  in dpp_auth_req_rx()
2442 	auth->curve = own_bi->curve;  in dpp_auth_req_rx()
2443 	auth->curr_chan = curr_chan;  in dpp_auth_req_rx()
2445 	auth->peer_version = 1; /* default to the first version */  in dpp_auth_req_rx()
2454 			dpp_auth_fail(auth, "Too short Channel attribute");  in dpp_auth_req_rx()
2463 			dpp_auth_fail(auth,  in dpp_auth_req_rx()
2468 		if (auth->curr_freq != (unsigned int) neg_freq) {  in dpp_auth_req_rx()
2472 			auth->curr_freq = neg_freq;  in dpp_auth_req_rx()
2475 		auth->curr_chan = *channel;  in dpp_auth_req_rx()
2482 		dpp_auth_fail(auth,  in dpp_auth_req_rx()
2492 		dpp_auth_fail(auth, "Invalid Initiator Protocol Key");  in dpp_auth_req_rx()
2497 	if (dpp_ecdh(own_bi->pubkey, pi, auth->Mx, &secret_len) < 0)  in dpp_auth_req_rx()
2499 	auth->secret_len = secret_len;  in dpp_auth_req_rx()
2502 			auth->Mx, auth->secret_len);  in dpp_auth_req_rx()
2503 	auth->Mx_len = auth->secret_len;  in dpp_auth_req_rx()
2505 	if (dpp_derive_k1(auth->Mx, auth->secret_len, auth->k1,  in dpp_auth_req_rx()
2506 			  auth->curve->hash_len) < 0)  in dpp_auth_req_rx()
2521 	if (aes_siv_decrypt(auth->k1, auth->curve->hash_len,  in dpp_auth_req_rx()
2524 		dpp_auth_fail(auth, "AES-SIV decryption failed");  in dpp_auth_req_rx()
2531 		dpp_auth_fail(auth, "Invalid attribute in unwrapped data");  in dpp_auth_req_rx()
2537 	if (!i_nonce || i_nonce_len != auth->curve->nonce_len) {  in dpp_auth_req_rx()
2538 		dpp_auth_fail(auth, "Missing or invalid I-nonce");  in dpp_auth_req_rx()
2542 	os_memcpy(auth->i_nonce, i_nonce, i_nonce_len);  in dpp_auth_req_rx()
2548 		dpp_auth_fail(auth, "Missing or invalid I-capabilities");  in dpp_auth_req_rx()
2551 	auth->i_capab = i_capab[0];  in dpp_auth_req_rx()
2552 	wpa_printf(MSG_DEBUG, "DPP: I-capabilities: 0x%02x", auth->i_capab);  in dpp_auth_req_rx()
2557 	switch (auth->i_capab & DPP_CAPAB_ROLE_MASK) {  in dpp_auth_req_rx()
2565 		auth->configurator = 1;  in dpp_auth_req_rx()
2574 		auth->configurator = 0;  in dpp_auth_req_rx()
2579 			auth->configurator = 0;  in dpp_auth_req_rx()
2582 			auth->configurator = 1;  in dpp_auth_req_rx()
2594 	auth->peer_protocol_key = pi;  in dpp_auth_req_rx()
2601 		if (dpp_auth_build_resp_status(auth,  in dpp_auth_req_rx()
2608 			auth->response_pending = 1;  in dpp_auth_req_rx()
2609 			os_memcpy(auth->waiting_pubkey_hash,  in dpp_auth_req_rx()
2617 		wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_SCAN_PEER_QR_CODE  in dpp_auth_req_rx()
2619 		return auth;  in dpp_auth_req_rx()
2621 	if (dpp_auth_build_resp_ok(auth) < 0)  in dpp_auth_req_rx()
2624 	return auth;  in dpp_auth_req_rx()
2627 	wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_NOT_COMPATIBLE  in dpp_auth_req_rx()
2628 		"i-capab=0x%02x", auth->i_capab);  in dpp_auth_req_rx()
2630 		auth->configurator = 1;  in dpp_auth_req_rx()
2632 		auth->configurator = 0;  in dpp_auth_req_rx()
2633 	auth->peer_protocol_key = pi;  in dpp_auth_req_rx()
2635 	if (dpp_auth_build_resp_status(auth, DPP_STATUS_NOT_COMPATIBLE) < 0)  in dpp_auth_req_rx()
2638 	auth->remove_on_tx_status = 1;  in dpp_auth_req_rx()
2639 	return auth;  in dpp_auth_req_rx()
2643 	dpp_auth_deinit(auth);  in dpp_auth_req_rx()
2648 int dpp_notify_new_qr_code(struct dpp_authentication *auth,  in dpp_notify_new_qr_code()  argument
2651 	if (!auth || !auth->response_pending ||  in dpp_notify_new_qr_code()
2652 	    os_memcmp(auth->waiting_pubkey_hash, peer_bi->pubkey_hash,  in dpp_notify_new_qr_code()
2658 		   MACSTR, MAC2STR(auth->peer_mac_addr));  in dpp_notify_new_qr_code()
2659 	auth->peer_bi = peer_bi;  in dpp_notify_new_qr_code()
2661 	if (dpp_auth_build_resp_ok(auth) < 0)  in dpp_notify_new_qr_code()
2668 static struct wpabuf * dpp_auth_build_conf(struct dpp_authentication *auth,  in dpp_auth_build_conf()  argument
2688 	i_auth_len = 4 + auth->curve->hash_len;  in dpp_auth_build_conf()
2689 	r_nonce_len = 4 + auth->curve->nonce_len;  in dpp_auth_build_conf()
2703 	r_pubkey_hash = auth->peer_bi->pubkey_hash;  in dpp_auth_build_conf()
2704 	if (auth->own_bi)  in dpp_auth_build_conf()
2705 		i_pubkey_hash = auth->own_bi->pubkey_hash;  in dpp_auth_build_conf()
2789 		WPA_PUT_LE16(&i_auth[2], auth->curve->hash_len);  in dpp_auth_build_conf()
2790 		if (dpp_gen_i_auth(auth, i_auth + 4) < 0)  in dpp_auth_build_conf()
2796 			i_auth[4 + auth->curve->hash_len / 2] ^= 0x01;  in dpp_auth_build_conf()
2800 		if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,  in dpp_auth_build_conf()
2813 		WPA_PUT_LE16(&r_nonce[2], auth->curve->nonce_len);  in dpp_auth_build_conf()
2814 		os_memcpy(r_nonce + 4, auth->r_nonce, auth->curve->nonce_len);  in dpp_auth_build_conf()
2816 		if (aes_siv_encrypt(auth->k2, auth->curve->hash_len,  in dpp_auth_build_conf()
2836 		dpp_auth_success(auth);  in dpp_auth_build_conf()
2847 dpp_auth_resp_rx_status(struct dpp_authentication *auth, const u8 *hdr,  in dpp_auth_resp_rx_status()  argument
2869 		dpp_auth_fail(auth, "Responder reported failure");  in dpp_auth_resp_rx_status()
2885 	if (aes_siv_decrypt(auth->k1, auth->curve->hash_len,  in dpp_auth_resp_rx_status()
2888 		dpp_auth_fail(auth, "AES-SIV decryption failed");  in dpp_auth_resp_rx_status()
2895 		dpp_auth_fail(auth, "Invalid attribute in unwrapped data");  in dpp_auth_resp_rx_status()
2901 	if (!i_nonce || i_nonce_len != auth->curve->nonce_len) {  in dpp_auth_resp_rx_status()
2902 		dpp_auth_fail(auth, "Missing or invalid I-nonce");  in dpp_auth_resp_rx_status()
2906 	if (os_memcmp(auth->i_nonce, i_nonce, i_nonce_len) != 0) {  in dpp_auth_resp_rx_status()
2907 		dpp_auth_fail(auth, "I-nonce mismatch");  in dpp_auth_resp_rx_status()
2915 		dpp_auth_fail(auth, "Missing or invalid R-capabilities");  in dpp_auth_resp_rx_status()
2918 	auth->r_capab = r_capab[0];  in dpp_auth_resp_rx_status()
2919 	wpa_printf(MSG_DEBUG, "DPP: R-capabilities: 0x%02x", auth->r_capab);  in dpp_auth_resp_rx_status()
2921 		wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_NOT_COMPATIBLE  in dpp_auth_resp_rx_status()
2922 			"r-capab=0x%02x", auth->r_capab);  in dpp_auth_resp_rx_status()
2924 		u8 role = auth->r_capab & DPP_CAPAB_ROLE_MASK;  in dpp_auth_resp_rx_status()
2926 		if ((auth->configurator && role != DPP_CAPAB_ENROLLEE) ||  in dpp_auth_resp_rx_status()
2927 		    (!auth->configurator && role != DPP_CAPAB_CONFIGURATOR)) {  in dpp_auth_resp_rx_status()
2928 			wpa_msg(auth->msg_ctx, MSG_INFO,  in dpp_auth_resp_rx_status()
2934 			wpa_msg(auth->msg_ctx, MSG_INFO,  in dpp_auth_resp_rx_status()
2936 				auth->tmp_own_bi ? auth->tmp_own_bi->uri : "");  in dpp_auth_resp_rx_status()
2945 dpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr,  in dpp_auth_resp_rx()  argument
2970 	if (!auth->initiator || !auth->peer_bi) {  in dpp_auth_resp_rx()
2971 		dpp_auth_fail(auth, "Unexpected Authentication Response");  in dpp_auth_resp_rx()
2975 	auth->waiting_auth_resp = 0;  in dpp_auth_resp_rx()
2980 		dpp_auth_fail(auth,  in dpp_auth_resp_rx()
2993 		dpp_auth_fail(auth,  in dpp_auth_resp_rx()
2999 	if (os_memcmp(r_bootstrap, auth->peer_bi->pubkey_hash,  in dpp_auth_resp_rx()
3001 		dpp_auth_fail(auth,  in dpp_auth_resp_rx()
3005 			    auth->peer_bi->pubkey_hash, SHA256_MAC_LEN);  in dpp_auth_resp_rx()
3014 			dpp_auth_fail(auth,  in dpp_auth_resp_rx()
3021 		if (!auth->own_bi ||  in dpp_auth_resp_rx()
3022 		    os_memcmp(i_bootstrap, auth->own_bi->pubkey_hash,  in dpp_auth_resp_rx()
3024 			dpp_auth_fail(auth,  in dpp_auth_resp_rx()
3028 	} else if (auth->own_bi && auth->own_bi->type == DPP_BOOTSTRAP_PKEX) {  in dpp_auth_resp_rx()
3030 		dpp_auth_fail(auth,  in dpp_auth_resp_rx()
3035 	auth->peer_version = 1; /* default to the first version */  in dpp_auth_resp_rx()
3040 		dpp_auth_fail(auth,  in dpp_auth_resp_rx()
3045 	auth->auth_resp_status = status[0];  in dpp_auth_resp_rx()
3047 		dpp_auth_resp_rx_status(auth, hdr, attr_start,  in dpp_auth_resp_rx()
3053 	if (!i_bootstrap && auth->own_bi) {  in dpp_auth_resp_rx()
3056 		auth->own_bi = NULL;  in dpp_auth_resp_rx()
3059 	wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_AUTH_DIRECTION "mutual=%d",  in dpp_auth_resp_rx()
3060 		auth->own_bi != NULL);  in dpp_auth_resp_rx()
3065 		dpp_auth_fail(auth,  in dpp_auth_resp_rx()
3073 	pr = dpp_set_pubkey_point(auth->own_protocol_key, r_proto, r_proto_len);  in dpp_auth_resp_rx()
3075 		dpp_auth_fail(auth, "Invalid Responder Protocol Key");  in dpp_auth_resp_rx()
3080 	if (dpp_ecdh(auth->own_protocol_key, pr, auth->Nx, &secret_len) < 0) {  in dpp_auth_resp_rx()
3081 		dpp_auth_fail(auth, "Failed to derive ECDH shared secret");  in dpp_auth_resp_rx()
3084 	crypto_ec_free_key(auth->peer_protocol_key);  in dpp_auth_resp_rx()
3085 	auth->peer_protocol_key = pr;  in dpp_auth_resp_rx()
3089 			auth->Nx, auth->secret_len);  in dpp_auth_resp_rx()
3090 	auth->Nx_len = auth->secret_len;  in dpp_auth_resp_rx()
3092 	if (dpp_derive_k2(auth->Nx, auth->secret_len, auth->k2,  in dpp_auth_resp_rx()
3093 			  auth->curve->hash_len) < 0)  in dpp_auth_resp_rx()
3108 	if (aes_siv_decrypt(auth->k2, auth->curve->hash_len,  in dpp_auth_resp_rx()
3111 		dpp_auth_fail(auth, "AES-SIV decryption failed");  in dpp_auth_resp_rx()
3118 		dpp_auth_fail(auth, "Invalid attribute in unwrapped data");  in dpp_auth_resp_rx()
3124 	if (!r_nonce || r_nonce_len != auth->curve->nonce_len) {  in dpp_auth_resp_rx()
3125 		dpp_auth_fail(auth, "DPP: Missing or invalid R-nonce");  in dpp_auth_resp_rx()
3129 	os_memcpy(auth->r_nonce, r_nonce, r_nonce_len);  in dpp_auth_resp_rx()
3133 	if (!i_nonce || i_nonce_len != auth->curve->nonce_len) {  in dpp_auth_resp_rx()
3134 		dpp_auth_fail(auth, "Missing or invalid I-nonce");  in dpp_auth_resp_rx()
3138 	if (os_memcmp(auth->i_nonce, i_nonce, i_nonce_len) != 0) {  in dpp_auth_resp_rx()
3139 		dpp_auth_fail(auth, "I-nonce mismatch");  in dpp_auth_resp_rx()
3143 	if (auth->own_bi) {  in dpp_auth_resp_rx()
3145 		if (dpp_auth_derive_l_initiator(auth) < 0)  in dpp_auth_resp_rx()
3153 		dpp_auth_fail(auth, "Missing or invalid R-capabilities");  in dpp_auth_resp_rx()
3156 	auth->r_capab = r_capab[0];  in dpp_auth_resp_rx()
3157 	wpa_printf(MSG_DEBUG, "DPP: R-capabilities: 0x%02x", auth->r_capab);  in dpp_auth_resp_rx()
3158 	role = auth->r_capab & DPP_CAPAB_ROLE_MASK;  in dpp_auth_resp_rx()
3159 	if ((auth->allowed_roles ==  in dpp_auth_resp_rx()
3164 		auth->configurator = role == DPP_CAPAB_ENROLLEE;  in dpp_auth_resp_rx()
3166 			   auth->configurator ? "Configurator" : "Enrollee");  in dpp_auth_resp_rx()
3167 	} else if ((auth->configurator && role != DPP_CAPAB_ENROLLEE) ||  in dpp_auth_resp_rx()
3168 		   (!auth->configurator && role != DPP_CAPAB_CONFIGURATOR)) {  in dpp_auth_resp_rx()
3170 		wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_FAIL  in dpp_auth_resp_rx()
3177 		auth->remove_on_tx_status = 1;  in dpp_auth_resp_rx()
3178 		return dpp_auth_build_conf(auth, DPP_STATUS_NOT_COMPATIBLE);  in dpp_auth_resp_rx()
3184 		dpp_auth_fail(auth,  in dpp_auth_resp_rx()
3192 	if (dpp_derive_ke(auth, auth->ke, auth->curve->hash_len) < 0)  in dpp_auth_resp_rx()
3199 	if (aes_siv_decrypt(auth->ke, auth->curve->hash_len,  in dpp_auth_resp_rx()
3202 		dpp_auth_fail(auth, "AES-SIV decryption failed");  in dpp_auth_resp_rx()
3209 		dpp_auth_fail(auth,  in dpp_auth_resp_rx()
3216 	if (!r_auth || r_auth_len != auth->curve->hash_len) {  in dpp_auth_resp_rx()
3217 		dpp_auth_fail(auth,  in dpp_auth_resp_rx()
3224 	if (dpp_gen_r_auth(auth, r_auth2) < 0)  in dpp_auth_resp_rx()
3229 		dpp_auth_fail(auth, "Mismatching Responder Authenticating Tag");  in dpp_auth_resp_rx()
3232 		auth->remove_on_tx_status = 1;  in dpp_auth_resp_rx()
3233 		return dpp_auth_build_conf(auth, DPP_STATUS_AUTH_FAILURE);  in dpp_auth_resp_rx()
3243 		if (dpp_auth_build_resp_ok(auth) < 0)  in dpp_auth_resp_rx()
3245 		return wpabuf_dup(auth->resp_msg);  in dpp_auth_resp_rx()
3249 	return dpp_auth_build_conf(auth, DPP_STATUS_OK);  in dpp_auth_resp_rx()
3259 static int dpp_auth_conf_rx_failure(struct dpp_authentication *auth,  in dpp_auth_conf_rx_failure()  argument
3287 		dpp_auth_fail(auth, "Authentication failed");  in dpp_auth_conf_rx_failure()
3290 	if (aes_siv_decrypt(auth->k2, auth->curve->hash_len,  in dpp_auth_conf_rx_failure()
3293 		dpp_auth_fail(auth, "AES-SIV decryption failed");  in dpp_auth_conf_rx_failure()
3300 		dpp_auth_fail(auth, "Invalid attribute in unwrapped data");  in dpp_auth_conf_rx_failure()
3306 	if (!r_nonce || r_nonce_len != auth->curve->nonce_len) {  in dpp_auth_conf_rx_failure()
3307 		dpp_auth_fail(auth, "DPP: Missing or invalid R-nonce");  in dpp_auth_conf_rx_failure()
3310 	if (os_memcmp(r_nonce, auth->r_nonce, r_nonce_len) != 0) {  in dpp_auth_conf_rx_failure()
3314 			    auth->r_nonce, r_nonce_len);  in dpp_auth_conf_rx_failure()
3315 		dpp_auth_fail(auth, "R-nonce mismatch");  in dpp_auth_conf_rx_failure()
3320 		dpp_auth_fail(auth, "Peer reported incompatible R-capab role");  in dpp_auth_conf_rx_failure()
3322 		dpp_auth_fail(auth, "Peer reported authentication failure)");  in dpp_auth_conf_rx_failure()
3330 int dpp_auth_conf_rx(struct dpp_authentication *auth, const u8 *hdr,  in dpp_auth_conf_rx()  argument
3350 	if (auth->initiator || !auth->own_bi) {  in dpp_auth_conf_rx()
3351 		dpp_auth_fail(auth, "Unexpected Authentication Confirm");  in dpp_auth_conf_rx()
3355 	auth->waiting_auth_conf = 0;  in dpp_auth_conf_rx()
3360 		dpp_auth_fail(auth,  in dpp_auth_conf_rx()
3373 		dpp_auth_fail(auth,  in dpp_auth_conf_rx()
3379 	if (os_memcmp(r_bootstrap, auth->own_bi->pubkey_hash,  in dpp_auth_conf_rx()
3383 			    auth->peer_bi->pubkey_hash, SHA256_MAC_LEN);  in dpp_auth_conf_rx()
3384 		dpp_auth_fail(auth,  in dpp_auth_conf_rx()
3394 			dpp_auth_fail(auth,  in dpp_auth_conf_rx()
3401 		if (!auth->peer_bi ||  in dpp_auth_conf_rx()
3402 		    os_memcmp(i_bootstrap, auth->peer_bi->pubkey_hash,  in dpp_auth_conf_rx()
3404 			dpp_auth_fail(auth,  in dpp_auth_conf_rx()
3408 	} else if (auth->peer_bi) {  in dpp_auth_conf_rx()
3411 		dpp_auth_fail(auth,  in dpp_auth_conf_rx()
3419 		dpp_auth_fail(auth,  in dpp_auth_conf_rx()
3426 		return dpp_auth_conf_rx_failure(auth, hdr, attr_start,  in dpp_auth_conf_rx()
3431 		dpp_auth_fail(auth, "Authentication failed");  in dpp_auth_conf_rx()
3447 	if (aes_siv_decrypt(auth->ke, auth->curve->hash_len,  in dpp_auth_conf_rx()
3450 		dpp_auth_fail(auth, "AES-SIV decryption failed");  in dpp_auth_conf_rx()
3457 		dpp_auth_fail(auth, "Invalid attribute in unwrapped data");  in dpp_auth_conf_rx()
3463 	if (!i_auth || i_auth_len != auth->curve->hash_len) {  in dpp_auth_conf_rx()
3464 		dpp_auth_fail(auth,  in dpp_auth_conf_rx()
3471 	if (dpp_gen_i_auth(auth, i_auth2) < 0)  in dpp_auth_conf_rx()
3476 		dpp_auth_fail(auth, "Mismatching Initiator Authenticating Tag");  in dpp_auth_conf_rx()
3481 	dpp_auth_success(auth);  in dpp_auth_conf_rx()
3592 static int dpp_configuration_parse_helper(struct dpp_authentication *auth,  in dpp_configuration_parse_helper()  argument
3702 		auth->conf_sta = conf_sta;  in dpp_configuration_parse_helper()
3703 		auth->conf_ap = conf_ap;  in dpp_configuration_parse_helper()
3705 		auth->conf2_sta = conf_sta;  in dpp_configuration_parse_helper()
3706 		auth->conf2_ap = conf_ap;  in dpp_configuration_parse_helper()
3719 static int dpp_configuration_parse(struct dpp_authentication *auth,  in dpp_configuration_parse()  argument
3729 		return dpp_configuration_parse_helper(auth, cmd, 0);  in dpp_configuration_parse()
3737 	res = dpp_configuration_parse_helper(auth, cmd, 0);  in dpp_configuration_parse()
3741 	res = dpp_configuration_parse_helper(auth, cmd + len, 1);  in dpp_configuration_parse()
3746 	dpp_configuration_free(auth->conf_sta);  in dpp_configuration_parse()
3747 	dpp_configuration_free(auth->conf2_sta);  in dpp_configuration_parse()
3748 	dpp_configuration_free(auth->conf_ap);  in dpp_configuration_parse()
3749 	dpp_configuration_free(auth->conf2_ap);  in dpp_configuration_parse()
3772 			 struct dpp_authentication *auth,  in dpp_set_configurator()  argument
3785 		auth->conf = dpp_configurator_get_id(dpp, atoi(pos));  in dpp_set_configurator()
3786 		if (!auth->conf) {  in dpp_set_configurator()
3796 		auth->send_conn_status = atoi(pos);  in dpp_set_configurator()
3802 		auth->akm_use_selector = atoi(pos);  in dpp_set_configurator()
3805 	if (dpp_configuration_parse(auth, cmd) < 0) {  in dpp_set_configurator()
3814 void dpp_auth_deinit(struct dpp_authentication *auth)  in dpp_auth_deinit()  argument
3818 	if (!auth)  in dpp_auth_deinit()
3820 	dpp_configuration_free(auth->conf_ap);  in dpp_auth_deinit()
3821 	dpp_configuration_free(auth->conf2_ap);  in dpp_auth_deinit()
3822 	dpp_configuration_free(auth->conf_sta);  in dpp_auth_deinit()
3823 	dpp_configuration_free(auth->conf2_sta);  in dpp_auth_deinit()
3824 	crypto_ec_free_key(auth->own_protocol_key);  in dpp_auth_deinit()
3825 	crypto_ec_free_key(auth->peer_protocol_key);  in dpp_auth_deinit()
3826 	wpabuf_free(auth->req_msg);  in dpp_auth_deinit()
3827 	wpabuf_free(auth->resp_msg);  in dpp_auth_deinit()
3828 	wpabuf_free(auth->conf_req);  in dpp_auth_deinit()
3829 	for (i = 0; i < auth->num_conf_obj; i++) {  in dpp_auth_deinit()
3830 		struct dpp_config_obj *conf = &auth->conf_obj[i];  in dpp_auth_deinit()
3835 	wpabuf_free(auth->net_access_key);  in dpp_auth_deinit()
3836 	dpp_bootstrap_info_free(auth->tmp_own_bi);  in dpp_auth_deinit()
3838 	os_free(auth->config_obj_override);  in dpp_auth_deinit()
3839 	os_free(auth->discovery_override);  in dpp_auth_deinit()
3840 	os_free(auth->groups_override);  in dpp_auth_deinit()
3842 	bin_clear_free(auth, sizeof(*auth));  in dpp_auth_deinit()
3847 dpp_build_conf_start(struct dpp_authentication *auth,  in dpp_build_conf_start()  argument
3853 	if (auth->discovery_override)  in dpp_build_conf_start()
3854 		tailroom += os_strlen(auth->discovery_override);  in dpp_build_conf_start()
3864 	if (auth->discovery_override) {  in dpp_build_conf_start()
3866 			   auth->discovery_override);  in dpp_build_conf_start()
3868 		wpabuf_put_str(buf, auth->discovery_override);  in dpp_build_conf_start()
3874 	if (((!conf->ssid_charset || auth->peer_version < 2) &&  in dpp_build_conf_start()
3877 	    ((conf->ssid_charset && auth->peer_version >= 2) &&  in dpp_build_conf_start()
3985 dpp_build_conf_obj_dpp(struct dpp_authentication *auth,  in dpp_build_conf_obj_dpp()  argument
4004 	if (!auth->conf) {  in dpp_build_conf_obj_dpp()
4009 	curve = auth->conf->curve;  in dpp_build_conf_obj_dpp()
4011 	if (dpp_akm_ver2(akm) && auth->peer_version < 2) {  in dpp_build_conf_obj_dpp()
4018 	if (auth->groups_override)  in dpp_build_conf_obj_dpp()
4019 		extra_len += os_strlen(auth->groups_override);  in dpp_build_conf_obj_dpp()
4026 	dppcon = wpabuf_alloc(extra_len + 2 * auth->curve->prime_len * 4 / 3);  in dpp_build_conf_obj_dpp()
4030 	if (auth->groups_override) {  in dpp_build_conf_obj_dpp()
4032 		if (auth->groups_override) {  in dpp_build_conf_obj_dpp()
4035 				   auth->groups_override);  in dpp_build_conf_obj_dpp()
4037 			wpabuf_put_str(dppcon, auth->groups_override);  in dpp_build_conf_obj_dpp()
4056 	if (dpp_build_jwk(dppcon, "netAccessKey", auth->peer_protocol_key, NULL,  in dpp_build_conf_obj_dpp()
4057 			  auth->curve) < 0) {  in dpp_build_conf_obj_dpp()
4087 	json_add_string(jws_prot_hdr, "kid", auth->conf->kid);  in dpp_build_conf_obj_dpp()
4109 	if (crypto_ecdsa_get_sign(hash, r, s, auth->conf->csign, curve->hash_len) < 0)  in dpp_build_conf_obj_dpp()
4128 	tailroom += 2 * curve->prime_len * 4 / 3 + os_strlen(auth->conf->kid);  in dpp_build_conf_obj_dpp()
4132 	buf = dpp_build_conf_start(auth, conf, tailroom);  in dpp_build_conf_obj_dpp()
4136 	if (auth->akm_use_selector && dpp_akm_ver2(akm))  in dpp_build_conf_obj_dpp()
4155 	if (dpp_build_jwk(buf, "csign", auth->conf->csign, auth->conf->kid,  in dpp_build_conf_obj_dpp()
4190 dpp_build_conf_obj_legacy(struct dpp_authentication *auth,  in dpp_build_conf_obj_legacy()  argument
4196 	buf = dpp_build_conf_start(auth, conf, 1000);  in dpp_build_conf_obj_legacy()
4200 	if (auth->akm_use_selector && dpp_akm_ver2(conf->akm))  in dpp_build_conf_obj_legacy()
4219 dpp_build_conf_obj(struct dpp_authentication *auth, enum dpp_netrole netrole,  in dpp_build_conf_obj()  argument
4225 	if (auth->config_obj_override) {  in dpp_build_conf_obj()
4229 		return wpabuf_alloc_copy(auth->config_obj_override,  in dpp_build_conf_obj()
4230 					 os_strlen(auth->config_obj_override));  in dpp_build_conf_obj()
4236 			conf = auth->conf_sta;  in dpp_build_conf_obj()
4238 			conf = auth->conf_ap;  in dpp_build_conf_obj()
4241 			conf = auth->conf2_sta;  in dpp_build_conf_obj()
4243 			conf = auth->conf2_ap;  in dpp_build_conf_obj()
4254 		return dpp_build_conf_obj_dpp(auth, conf);  in dpp_build_conf_obj()
4255 	return dpp_build_conf_obj_legacy(auth, conf);  in dpp_build_conf_obj()
4260 dpp_build_conf_resp(struct dpp_authentication *auth, const u8 *e_nonce,  in dpp_build_conf_resp()  argument
4271 	conf = dpp_build_conf_obj(auth, netrole, 0);  in dpp_build_conf_resp()
4275 		conf2 = dpp_build_conf_obj(auth, netrole, 1);  in dpp_build_conf_resp()
4278 	auth->conf_resp_status = status;  in dpp_build_conf_resp()
4286 	if (auth->peer_version >= 2 && auth->send_conn_status &&  in dpp_build_conf_resp()
4336 	if (auth->peer_version >= 2 && conf2) {  in dpp_build_conf_resp()
4345 	if (auth->peer_version >= 2 && auth->send_conn_status &&  in dpp_build_conf_resp()
4380 	if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,  in dpp_build_conf_resp()
4411 dpp_conf_req_rx(struct dpp_authentication *auth, const u8 *attr_start,  in dpp_conf_req_rx()  argument
4431 		dpp_auth_fail(auth, "Invalid attribute in config request");  in dpp_conf_req_rx()
4438 		dpp_auth_fail(auth,  in dpp_conf_req_rx()
4449 	if (aes_siv_decrypt(auth->ke, auth->curve->hash_len,  in dpp_conf_req_rx()
4452 		dpp_auth_fail(auth, "AES-SIV decryption failed");  in dpp_conf_req_rx()
4459 		dpp_auth_fail(auth, "Invalid attribute in unwrapped data");  in dpp_conf_req_rx()
4466 	if (!e_nonce || e_nonce_len != auth->curve->nonce_len) {  in dpp_conf_req_rx()
4467 		dpp_auth_fail(auth,  in dpp_conf_req_rx()
4472 	os_memcpy(auth->e_nonce, e_nonce, e_nonce_len);  in dpp_conf_req_rx()
4478 		dpp_auth_fail(auth,  in dpp_conf_req_rx()
4487 		dpp_auth_fail(auth, "Could not parse Config Attributes");  in dpp_conf_req_rx()
4493 		dpp_auth_fail(auth, "No Config Attributes - name");  in dpp_conf_req_rx()
4500 		dpp_auth_fail(auth, "No Config Attributes - wi-fi_tech");  in dpp_conf_req_rx()
4507 		dpp_auth_fail(auth, "Unsupported wi-fi_tech");  in dpp_conf_req_rx()
4513 		dpp_auth_fail(auth, "No Config Attributes - netRole");  in dpp_conf_req_rx()
4526 		dpp_auth_fail(auth, "Unsupported netRole");  in dpp_conf_req_rx()
4550 	resp = dpp_build_conf_resp(auth, e_nonce, e_nonce_len, netrole);  in dpp_conf_req_rx()
4832 static int dpp_parse_connector(struct dpp_authentication *auth,  in dpp_parse_connector()  argument
4888 				    &auth->net_access_key_expiry)) {  in dpp_parse_connector()
4906 	if (crypto_key_compare(key, auth->own_protocol_key) != 1) {  in dpp_parse_connector()
4910 		if (auth->ignore_netaccesskey_mismatch) {  in dpp_parse_connector()
4973 static void dpp_copy_netaccesskey(struct dpp_authentication *auth,  in dpp_copy_netaccesskey()  argument
4979 	if (crypto_ec_get_priv_key_der(auth->own_protocol_key, &der, &der_len) < 0)  in dpp_copy_netaccesskey()
4981 	wpabuf_free(auth->net_access_key);  in dpp_copy_netaccesskey()
4982 	auth->net_access_key = wpabuf_alloc_copy(der, der_len);  in dpp_copy_netaccesskey()
5109 static int dpp_parse_cred_dpp(struct dpp_authentication *auth,  in dpp_parse_cred_dpp()  argument
5164 	if (dpp_parse_connector(auth, conf,  in dpp_parse_cred_dpp()
5174 	dpp_copy_netaccesskey(auth, conf);  in dpp_parse_cred_dpp()
5279 static int dpp_parse_conf_obj(struct dpp_authentication *auth,  in dpp_parse_conf_obj()  argument
5291 		dpp_auth_fail(auth, "JSON root is not an object");  in dpp_parse_conf_obj()
5297 		dpp_auth_fail(auth, "No wi-fi_tech string value found");  in dpp_parse_conf_obj()
5303 		dpp_auth_fail(auth, "Unsupported wi-fi_tech value");  in dpp_parse_conf_obj()
5309 		dpp_auth_fail(auth, "No discovery object in JSON");  in dpp_parse_conf_obj()
5318 			dpp_auth_fail(auth, "Too long discovery::ssid64 value");  in dpp_parse_conf_obj()
5324 			dpp_auth_fail(auth,  in dpp_parse_conf_obj()
5331 			dpp_auth_fail(auth,  in dpp_parse_conf_obj()
5337 	if (auth->num_conf_obj == DPP_MAX_CONF_OBJ) {  in dpp_parse_conf_obj()
5343 	conf = &auth->conf_obj[auth->num_conf_obj++];  in dpp_parse_conf_obj()
5362 		dpp_auth_fail(auth, "No cred object in JSON");  in dpp_parse_conf_obj()
5368 		dpp_auth_fail(auth, "No cred::akm string value found");  in dpp_parse_conf_obj()
5377 		if (dpp_parse_cred_dpp(auth, conf, cred) < 0)  in dpp_parse_conf_obj()
5382 		dpp_auth_fail(auth, "Unsupported akm");  in dpp_parse_conf_obj()
5395 int dpp_conf_resp_rx(struct dpp_authentication *auth,  in dpp_conf_resp_rx()  argument
5406 	auth->conf_resp_status = 255;  in dpp_conf_resp_rx()
5409 		dpp_auth_fail(auth, "Invalid attribute in config response");  in dpp_conf_resp_rx()
5417 		dpp_auth_fail(auth,  in dpp_conf_resp_rx()
5433 	if (aes_siv_decrypt(auth->ke, auth->curve->hash_len,  in dpp_conf_resp_rx()
5436 		dpp_auth_fail(auth, "AES-SIV decryption failed");  in dpp_conf_resp_rx()
5443 		dpp_auth_fail(auth, "Invalid attribute in unwrapped data");  in dpp_conf_resp_rx()
5450 	if (!e_nonce || e_nonce_len != auth->curve->nonce_len) {  in dpp_conf_resp_rx()
5451 		dpp_auth_fail(auth,  in dpp_conf_resp_rx()
5456 	if (os_memcmp(e_nonce, auth->e_nonce, e_nonce_len) != 0) {  in dpp_conf_resp_rx()
5457 		dpp_auth_fail(auth, "Enrollee Nonce mismatch");  in dpp_conf_resp_rx()
5464 		dpp_auth_fail(auth,  in dpp_conf_resp_rx()
5468 	auth->conf_resp_status = status[0];  in dpp_conf_resp_rx()
5471 		dpp_auth_fail(auth, "Configurator rejected configuration");  in dpp_conf_resp_rx()
5478 		dpp_auth_fail(auth,  in dpp_conf_resp_rx()
5485 		if (dpp_parse_conf_obj(auth, conf_obj, conf_obj_len) < 0)  in dpp_conf_resp_rx()
5591 int dpp_configurator_own_config(struct dpp_authentication *auth,  in dpp_configurator_own_config()  argument
5597 	if (!auth->conf) {  in dpp_configurator_own_config()
5603 		auth->curve = &dpp_curves[0];  in dpp_configurator_own_config()
5605 		auth->curve = dpp_get_curve_name(curve);  in dpp_configurator_own_config()
5606 		if (!auth->curve) {  in dpp_configurator_own_config()
5614 		   auth->curve->name);  in dpp_configurator_own_config()
5616 	auth->own_protocol_key = dpp_gen_keypair(auth->curve);  in dpp_configurator_own_config()
5617 	if (!auth->own_protocol_key)  in dpp_configurator_own_config()
5619 	dpp_copy_netaccesskey(auth, &auth->conf_obj[0]);  in dpp_configurator_own_config()
5620 	auth->peer_protocol_key = auth->own_protocol_key;  in dpp_configurator_own_config()
5621 	dpp_copy_csign(&auth->conf_obj[0], auth->conf->csign);  in dpp_configurator_own_config()
5623 	conf_obj = dpp_build_conf_obj(auth, ap, 0);  in dpp_configurator_own_config()
5625 		wpabuf_free(auth->conf_obj[0].c_sign_key);  in dpp_configurator_own_config()
5626 		auth->conf_obj[0].c_sign_key = NULL;  in dpp_configurator_own_config()
5629 	ret = dpp_parse_conf_obj(auth, wpabuf_head(conf_obj),  in dpp_configurator_own_config()
5633 	auth->peer_protocol_key = NULL;  in dpp_configurator_own_config()