[PATCH v3 11/36] PR: APIs to add and clear Device Identity Key, password and PMK

Peddolla Harshavardhan Reddy <peddolla@xxxxxxxxxxxxxxxx> · Thu, 28 Aug 2025 21:12:46 +0530

Add changes to add and clear the Device Identity Key (DIK),
password, and PMK. These attributes are associated with the DIK
and are stored in a list that is linked to the global Proximity
Ranging context.

Signed-off-by: Peddolla Harshavardhan Reddy <peddolla@xxxxxxxxxxxxxxxx>
---
 src/common/proximity_ranging.c | 75 ++++++++++++++++++++++++++++++++++
 src/common/proximity_ranging.h | 31 ++++++++++++++
 wpa_supplicant/pr_supplicant.c | 23 +++++++++++
 wpa_supplicant/pr_supplicant.h | 14 +++++++
 4 files changed, 143 insertions(+)

diff --git a/src/common/proximity_ranging.c b/src/common/proximity_ranging.c
index 02c1f82ea..ebbacb798 100644
--- a/src/common/proximity_ranging.c
+++ b/src/common/proximity_ranging.c
@@ -88,6 +88,7 @@ struct pr_data * pr_init(const struct pr_config *cfg)
 		pr->cfg->dev_name = NULL;
 
 	dl_list_init(&pr->devices);
+	dl_list_init(&pr->dev_iks);
 
 	return pr;
 }
@@ -96,6 +97,7 @@ struct pr_data * pr_init(const struct pr_config *cfg)
 void pr_deinit(struct pr_data *pr)
 {
 	struct pr_device *dev, *prev;
+	struct pr_dev_ik *dev_ik, *prev_dev_ik;
 
 	if (!pr)
 		return;
@@ -106,12 +108,85 @@ void pr_deinit(struct pr_data *pr)
 		dl_list_del(&dev->list);
 		pr_device_free(pr, dev);
 	}
+	dl_list_for_each_safe(dev_ik, prev_dev_ik, &pr->dev_iks,
+			      struct pr_dev_ik, list) {
+		dl_list_del(&dev_ik->list);
+		os_free(dev_ik);
+	}
 
 	os_free(pr);
 	wpa_printf(MSG_DEBUG, "PR: Deinit done");
 }
 
 
+void pr_clear_dev_iks(struct pr_data *pr)
+{
+	struct pr_device *dev;
+	struct pr_dev_ik *dev_ik, *prev_dev_ik;
+
+	pr->cfg->dik_len = 0;
+	pr->cfg->global_password_valid = false;
+	os_memset(pr->cfg->dik_data, 0, DEVICE_IDENTITY_KEY_LEN);
+	os_memset(pr->cfg->global_password, 0,
+		  sizeof(pr->cfg->global_password));
+
+	dl_list_for_each(dev, &pr->devices, struct pr_device, list) {
+		dev->password_valid = false;
+		os_memset(dev->password, 0, sizeof(dev->password));
+	}
+
+	dl_list_for_each_safe(dev_ik, prev_dev_ik, &pr->dev_iks,
+			      struct pr_dev_ik, list) {
+		dl_list_del(&dev_ik->list);
+		os_free(dev_ik);
+	}
+}
+
+
+void pr_add_dev_ik(struct pr_data *pr, const u8 *dik, const char *password,
+		   const u8 *pmk, bool own)
+{
+	struct pr_dev_ik *dev_ik;
+
+	if (own) {
+		os_memcpy(pr->cfg->dik_data, dik, DEVICE_IDENTITY_KEY_LEN);
+		pr->cfg->dik_len = DEVICE_IDENTITY_KEY_LEN;
+		if (password) {
+			os_strlcpy(pr->cfg->global_password, password,
+				   sizeof(pr->cfg->global_password));
+			pr->cfg->global_password_valid = true;
+		}
+		return;
+	}
+
+	dl_list_for_each(dev_ik, &pr->dev_iks, struct pr_dev_ik, list) {
+		if (!os_memcmp(dik, dev_ik->dik, DEVICE_IDENTITY_KEY_LEN)) {
+			dl_list_del(&dev_ik->list);
+			os_free(dev_ik);
+			break;
+		}
+	}
+
+	dev_ik = os_zalloc(sizeof(*dev_ik));
+	if (!dev_ik)
+		return;
+
+	dl_list_add(&pr->dev_iks, &dev_ik->list);
+	os_memcpy(dev_ik->dik, dik, DEVICE_IDENTITY_KEY_LEN);
+	if (password) {
+		os_strlcpy(dev_ik->password, password,
+			   sizeof(dev_ik->password));
+		dev_ik->password_valid = true;
+	}
+	if (pmk) {
+		os_memcpy(dev_ik->pmk, pmk, WPA_PASN_PMK_LEN);
+		dev_ik->pmk_valid = true;
+	}
+
+	wpa_printf(MSG_DEBUG, "PR: New Device Identity add to list");
+}
+
+
 static struct wpabuf * pr_encaps_ie(const struct wpabuf *subelems, u32 ie_type)
 {
 	struct wpabuf *ie = NULL;
diff --git a/src/common/proximity_ranging.h b/src/common/proximity_ranging.h
index f3e400553..2160689e0 100644
--- a/src/common/proximity_ranging.h
+++ b/src/common/proximity_ranging.h
@@ -219,6 +219,15 @@ enum pr_attr_id {
 #define PR_ISTA_SUPPORT BIT(0)
 #define PR_RSTA_SUPPORT BIT(1)
 
+struct pr_dev_ik {
+	struct dl_list list;
+	u8 dik[DEVICE_IDENTITY_KEY_LEN];
+	char password[100];
+	bool password_valid;
+	u8 pmk[WPA_PASN_PMK_LEN];
+	bool pmk_valid;
+};
+
 /**
  * struct pr_device_info - Proximity ranging peer information
  */
@@ -231,6 +240,18 @@ struct pr_device {
 	 * pr_device_addr - PR Device Address of the peer
 	 */
 	u8 pr_device_addr[ETH_ALEN];
+
+	/* Password to be used in PASN-SAE by the Seeker
+	 * This is updated with valid password if DIRA matches for the peer
+	 */
+	char password[100];
+	bool password_valid;
+
+	/* PMK to be used in PASN-PMK by the Seeker
+	 * This is updated with valid PMK if DIRA matches for the peer
+	 */
+	u8 pmk[PMK_LEN_MAX];
+	bool pmk_valid;
 };
 
 
@@ -300,6 +321,11 @@ struct pr_config {
 	/* DevIK expiration */
 	int expiration;
 
+	/* Global Password to be used in PASN-SAE for Advertiser */
+	char global_password[100];
+
+	bool global_password_valid;
+
 	/**
 	 * cb_ctx - Context to use with callback functions
 	 */
@@ -316,6 +342,8 @@ struct pr_data {
 	struct pr_config *cfg;
 
 	struct dl_list devices;
+
+	struct dl_list dev_iks;
 };
 
 
@@ -335,6 +363,9 @@ struct pr_dira {
 
 struct pr_data * pr_init(const struct pr_config *cfg);
 void pr_deinit(struct pr_data *pr);
+void pr_clear_dev_iks(struct pr_data *pr);
+void pr_add_dev_ik(struct pr_data *pr, const u8 *dik, const char *password,
+		   const u8 *pmk, bool own);
 struct wpabuf * pr_prepare_usd_elems(struct pr_data *pr, const char *country);
 void pr_process_usd_elems(struct pr_data *pr, const u8 *ies, u16 ies_len,
 			  const u8 *peer_addr, unsigned int freq);
diff --git a/wpa_supplicant/pr_supplicant.c b/wpa_supplicant/pr_supplicant.c
index b45af7ad2..cee514729 100644
--- a/wpa_supplicant/pr_supplicant.c
+++ b/wpa_supplicant/pr_supplicant.c
@@ -357,3 +357,26 @@ void wpas_pr_deinit(struct wpa_supplicant *wpa_s)
 		wpa_s->global->pr_init_wpa_s = NULL;
 	}
 }
+
+
+void wpas_pr_clear_dev_iks(struct wpa_supplicant *wpa_s)
+{
+	struct pr_data *pr = wpa_s->global->pr;
+
+	if (!pr)
+		return;
+
+	pr_clear_dev_iks(pr);
+}
+
+
+void wpas_pr_set_dev_ik(struct wpa_supplicant *wpa_s, const u8 *dik,
+			const char *password, const u8 *pmk, bool own)
+{
+	struct pr_data *pr = wpa_s->global->pr;
+
+	if (!pr || !dik)
+		return;
+
+	pr_add_dev_ik(pr, dik, password, pmk, own);
+}
diff --git a/wpa_supplicant/pr_supplicant.h b/wpa_supplicant/pr_supplicant.h
index 6abe59331..e263c17bb 100644
--- a/wpa_supplicant/pr_supplicant.h
+++ b/wpa_supplicant/pr_supplicant.h
@@ -15,6 +15,9 @@
 
 int wpas_pr_init(struct wpa_global *global, struct wpa_supplicant *wpa_s);
 void wpas_pr_deinit(struct wpa_supplicant *wpa_s);
+void wpas_pr_clear_dev_iks(struct wpa_supplicant *wpa_s);
+void wpas_pr_set_dev_ik(struct wpa_supplicant *wpa_s, const u8 *dik,
+			const char *password, const u8 *pmk, bool own);
 struct wpabuf * wpas_pr_usd_elems(struct wpa_supplicant *wpa_s);
 void wpas_pr_process_usd_elems(struct wpa_supplicant *wpa_s, const u8 *buf,
 			       u16 buf_len, const u8 *peer_addr,
@@ -30,6 +33,17 @@ static inline void wpas_pr_deinit(struct wpa_supplicant *wpa_s)
 {
 }
 
+
+static inline void wpas_pr_clear_dev_iks(struct wpa_supplicant *wpa_s)
+{
+}
+
+static inline void wpas_pr_set_dev_ik(struct wpa_supplicant *wpa_s,
+				      const u8 *dik, const char *password,
+				      const u8 *pmk, bool own)
+{
+}
+
 static inline struct wpabuf * wpas_pr_usd_elems(struct wpa_supplicant *wpa_s)
 {
 	return NULL;
-- 
2.34.1


_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap






