Merge pull request #243 from microsoft/implauthdat

Complete implementation for setting authentication data via WifiAccessPointEnable API
microsoft · Mar 28, 2024 · 3ef3a6e · 3ef3a6e
2 parents 4c1d720 + 48da522
commit 3ef3a6e
Show file tree

Hide file tree

Showing 8 changed files with 114 additions and 1 deletion.
diff --git a/.gitignore b/.gitignore
@@ -14,3 +14,6 @@ Testing/
 vcpkg_installed*/
 /vcpkg/
 /packaging/vcpkg/ports/netremote/portfile.cmake
+
+# Debug logs.
+*-LogNetRemote*.txt
diff --git a/src/common/wifi/core/CMakeLists.txt b/src/common/wifi/core/CMakeLists.txt
@@ -11,6 +11,7 @@ target_sources(wifi-core
         AccessPointController.cxx
         AccessPointOperationStatus.cxx
         AccessPointOperationStatusLogOnExit.cxx
+        Ieee80211.cxx
         Ieee80211AccessPointCapabilities.cxx
     PUBLIC
     FILE_SET HEADERS

diff --git a/src/common/wifi/core/Ieee80211.cxx b/src/common/wifi/core/Ieee80211.cxx
@@ -0,0 +1,14 @@
+
+#include <format>
+#include <string>
+
+#include <microsoft/net/wifi/Ieee80211.hxx>
+
+namespace Microsoft::Net::Wifi
+{
+std::string
+Ieee80211MacAddressToString(const Ieee80211MacAddress& macAddress)
+{
+    return std::format("{:02X}:{:02X}:{:02X}:{:02X}:{:02X}:{:02X}", macAddress[0], macAddress[1], macAddress[2], macAddress[3], macAddress[4], macAddress[5]);
+}
+} // namespace Microsoft::Net::Wifi
diff --git a/src/common/wifi/core/include/microsoft/net/wifi/Ieee80211.hxx b/src/common/wifi/core/include/microsoft/net/wifi/Ieee80211.hxx
@@ -414,6 +414,15 @@ static constexpr auto MacAddressNumOctets = 6;
  */
 using Ieee80211MacAddress = std::array<uint8_t, MacAddressNumOctets>;
 
+/**
+ * @brief Convert a MAC address to a string.
+ *
+ * @param macAddress The MAC address to convert.
+ * @return std::string
+ */
+std::string
+Ieee80211MacAddressToString(const Ieee80211MacAddress& macAddress);
+
 /**
  * @brief Information about a BSS.
  */

diff --git a/src/linux/wifi/core/AccessPointControllerLinux.cxx b/src/linux/wifi/core/AccessPointControllerLinux.cxx
@@ -276,7 +276,32 @@ AccessPointControllerLinux::SetAuthenticationData([[maybe_unused]] Ieee80211Auth
     AccessPointOperationStatus status{ GetInterfaceName() };
     const AccessPointOperationStatusLogOnExit logStatusOnExit(&status);
 
-    // TODO: implement this
+    // Ensure at least one set of authentication data is requested.
+    if (!authenticationData.Psk.has_value() && !authenticationData.Sae.has_value()) {
+        status.Code = AccessPointOperationStatusCode::InvalidParameter;
+        status.Details = "no authentication data specified";
+        return status;
+    }
+
+    if (authenticationData.Psk.has_value()) {
+        status.Code = AccessPointOperationStatusCode::OperationNotSupported;
+        status.Details = "PSK authentication data is not yet implemented";
+        return status;
+    }
+
+    if (authenticationData.Sae.has_value()) {
+        const auto& ieee80211AuthenticationDataSae = authenticationData.Sae.value();
+        std::vector<Wpa::SaePassword> wpaSaePasswords(std::size(ieee80211AuthenticationDataSae.Passwords));
+        std::ranges::transform(ieee80211AuthenticationDataSae.Passwords, std::begin(wpaSaePasswords), Ieee80211RsnaPasswordToWpaSaePassword);
+
+        try {
+            m_hostapd.SetSaePasswords(std::move(wpaSaePasswords), EnforceConfigurationChange::Now);
+        } catch (const HostapdException& ex) {
+            status.Code = AccessPointOperationStatusCode::InternalError;
+            status.Details = std::format("failed to set SAE passwords - {}", ex.what());
+            return status;
+        }
+    }
 
     status.Code = AccessPointOperationStatusCode::Succeeded;
 

diff --git a/src/linux/wifi/core/Ieee80211WpaAdapters.cxx b/src/linux/wifi/core/Ieee80211WpaAdapters.cxx
@@ -1,11 +1,14 @@
 
+#include <cstdint>
 #include <format>
 #include <string>
 #include <string_view>
+#include <vector>
 
 #include <Wpa/ProtocolHostapd.hxx>
 #include <magic_enum.hpp>
 #include <microsoft/net/wifi/Ieee80211.hxx>
+#include <microsoft/net/wifi/Ieee80211Authentication.hxx>
 #include <plog/Log.h>
 
 #include "Ieee80211WpaAdapters.hxx"
@@ -222,4 +225,27 @@ Ieee80211CipherSuitesToWpaCipherSuites(const std::unordered_map<Ieee80211Securit
 
     return wpaCipherSuites;
 }
+
+std::vector<uint8_t>
+Ieee80211SharedKeyToWpaCredential(const Ieee80211SharedKey& ieee80211SharedKey) noexcept
+{
+    return ieee80211SharedKey.Data;
+}
+
+SaePassword
+Ieee80211RsnaPasswordToWpaSaePassword(const Ieee80211RsnaPassword& ieee80211RsnaPassword) noexcept
+{
+    SaePassword wpaSaePassword{};
+
+    wpaSaePassword.Credential = Ieee80211SharedKeyToWpaCredential(ieee80211RsnaPassword.Credential);
+    if (ieee80211RsnaPassword.PasswordId.has_value()) {
+        wpaSaePassword.PasswordId = *ieee80211RsnaPassword.PasswordId;
+    }
+    if (ieee80211RsnaPassword.PeerMacAddress.has_value()) {
+        wpaSaePassword.PeerMacAddress = Ieee80211MacAddressToString(ieee80211RsnaPassword.PeerMacAddress.value());
+    }
+
+    return wpaSaePassword;
+}
+
 } // namespace Microsoft::Net::Wifi
diff --git a/src/linux/wifi/core/Ieee80211WpaAdapters.hxx b/src/linux/wifi/core/Ieee80211WpaAdapters.hxx
@@ -2,12 +2,15 @@
 #ifndef IEEE_80211_WPA_ADAPTERS_HXX
 #define IEEE_80211_WPA_ADAPTERS_HXX
 
+#include <cstdint>
 #include <string>
 #include <string_view>
 #include <unordered_map>
+#include <vector>
 
 #include <Wpa/ProtocolHostapd.hxx>
 #include <microsoft/net/wifi/Ieee80211.hxx>
+#include <microsoft/net/wifi/Ieee80211Authentication.hxx>
 
 namespace Microsoft::Net::Wifi
 {
@@ -82,6 +85,24 @@ Ieee80211CipherSuiteToWpaCipher(Ieee80211CipherSuite ieee80211CipherSuite) noexc
  */
 std::unordered_map<Wpa::WpaSecurityProtocol, std::vector<Wpa::WpaCipher>>
 Ieee80211CipherSuitesToWpaCipherSuites(const std::unordered_map<Ieee80211SecurityProtocol, std::vector<Ieee80211CipherSuite>>& ieee80211CipherSuiteConfigurations) noexcept;
+
+/**
+ * @brief Convert a Ieee80211SharedKey to a wpa credential.
+ *
+ * @param ieee80211SharedKey The Ieee80211SharedKey to convert.
+ * @return std::vector<uint8_t>
+ */
+std::vector<uint8_t>
+Ieee80211SharedKeyToWpaCredential(const Ieee80211SharedKey& ieee80211SharedKey) noexcept;
+
+/**
+ * @brief Convert a Ieee80211RsnaPassword to a WpaSaePassword.
+ *
+ * @param ieee80211RsnaPassword The Ieee80211RsnaPassword to convert.
+ * @return Wpa::SaePassword
+ */
+Wpa::SaePassword
+Ieee80211RsnaPasswordToWpaSaePassword(const Ieee80211RsnaPassword& ieee80211RsnaPassword) noexcept;
 } // namespace Microsoft::Net::Wifi
 
 #endif // IEEE_80211_WPA_ADAPTERS_HXX
diff --git a/tests/unit/TestNetRemoteServiceClient.cxx b/tests/unit/TestNetRemoteServiceClient.cxx
@@ -1,4 +1,7 @@
 
+#include <array>
+#include <cstdint>
+#include <initializer_list>
 #include <memory>
 #include <string>
 #include <string_view>
@@ -19,6 +22,7 @@
 #include <microsoft/net/wifi/AccessPointOperationStatus.hxx>
 #include <microsoft/net/wifi/Ieee80211.hxx>
 #include <microsoft/net/wifi/Ieee80211AccessPointCapabilities.hxx>
+#include <microsoft/net/wifi/Ieee80211Authentication.hxx>
 #include <microsoft/net/wifi/test/AccessPointManagerTest.hxx>
 #include <microsoft/net/wifi/test/AccessPointTest.hxx>
 
@@ -28,6 +32,10 @@ namespace Microsoft::Net::Remote::Test
 {
 constexpr auto AllPhyTypes = magic_enum::enum_values<Microsoft::Net::Wifi::Ieee80211PhyType>();
 constexpr auto AllBands = magic_enum::enum_values<Microsoft::Net::Wifi::Ieee80211FrequencyBand>();
+
+constexpr auto PasswordIdValid{ "someid" };
+constexpr std::initializer_list<uint8_t> AsciiPasswordData{ 0x70, 0x61, 0x73, 0x73, 0x77, 0x6F, 0x72, 0x64 };
+constexpr std::array<uint8_t, 6> MacAddressDefault{ 0x00, 0x11, 0x22, 0x33, 0x44, 0x55 };
 } // namespace Microsoft::Net::Remote::Test
 
 using Microsoft::Net::Remote::Test::RemoteServiceAddressHttp;
@@ -124,13 +132,19 @@ TEST_CASE("WifiAccessPointEnable API", "[basic][rpc][client][remote]")
         dot11CipherSuiteConfigurationWpa1.set_securityprotocol(Dot11SecurityProtocol::Dot11SecurityProtocolWpa);
         dot11CipherSuiteConfigurationWpa1.mutable_ciphersuites()->Add(Dot11CipherSuite::Dot11CipherSuiteCcmp256);
 
+        Dot11RsnaPassword dot11RsnaPassword{};
+        *dot11RsnaPassword.mutable_credential()->mutable_data() = { std::cbegin(AsciiPasswordData), std::cend(AsciiPasswordData) };
+        *dot11RsnaPassword.mutable_peermacaddress()->mutable_value() = { std::cbegin(MacAddressDefault), std::cend(MacAddressDefault) };
+        dot11RsnaPassword.set_passwordid(PasswordIdValid);
+
         Dot11AccessPointConfiguration apConfiguration{};
         apConfiguration.set_phytype(Dot11PhyType::Dot11PhyTypeA);
         apConfiguration.mutable_ssid()->set_name(SsidName);
         apConfiguration.mutable_pairwiseciphersuites()->Add(std::move(dot11CipherSuiteConfigurationWpa1));
         apConfiguration.mutable_authenticationalgorithms()->Add(Dot11AuthenticationAlgorithm::Dot11AuthenticationAlgorithmSharedKey);
         apConfiguration.mutable_frequencybands()->Add(Dot11FrequencyBand::Dot11FrequencyBand2_4GHz);
         apConfiguration.mutable_frequencybands()->Add(Dot11FrequencyBand::Dot11FrequencyBand5_0GHz);
+        apConfiguration.mutable_authenticationdata()->mutable_sae()->mutable_passwords()->Add(std::move(dot11RsnaPassword));
 
         WifiAccessPointEnableRequest request{};
         request.set_accesspointid(InterfaceName1);