Add PASN comeback cookie for secure ranging Flag: com.android.wifi.flags.secure_ranging Bug: 364722301 Test: atest com.android.server.wifi Change-Id: Id061c399d11a278de34879134b3fe8e7fd41b4bd

commit: 8cb1c86e1dd6d46930c210494172705108a5f0a8 [log] [tgz]
author: maheshkkv <maheshkkv@google.com> Wed Nov 13 11:53:13 2024 -0800
committer: Mahesh KKV <maheshkkv@google.com> Thu Nov 14 19:17:00 2024 +0000
tree: 128b10368a6aff3c2cb538a26465c5289a50eda1
parent: 2733768bc40167b9eea6815e177b5f78a2b0abe8 [diff]
diff --git a/wifi/aidl/aidl_api/android.hardware.wifi/current/android/hardware/wifi/RttResult.aidl b/wifi/aidl/aidl_api/android.hardware.wifi/current/android/hardware/wifi/RttResult.aidl
index 87257be..9d62431 100644
--- a/wifi/aidl/aidl_api/android.hardware.wifi/current/android/hardware/wifi/RttResult.aidl
+++ b/wifi/aidl/aidl_api/android.hardware.wifi/current/android/hardware/wifi/RttResult.aidl

@@ -71,4 +71,6 @@
   long baseAkm;
   long cipherSuite;
   int secureHeLtfProtocolVersion;
+  long pasnComebackAfterMillis;
+  @nullable byte[] pasnComebackCookie;
 }

diff --git a/wifi/aidl/aidl_api/android.hardware.wifi/current/android/hardware/wifi/RttSecureConfig.aidl b/wifi/aidl/aidl_api/android.hardware.wifi/current/android/hardware/wifi/RttSecureConfig.aidl
index c2d7866..64e81de 100644
--- a/wifi/aidl/aidl_api/android.hardware.wifi/current/android/hardware/wifi/RttSecureConfig.aidl
+++ b/wifi/aidl/aidl_api/android.hardware.wifi/current/android/hardware/wifi/RttSecureConfig.aidl

@@ -37,4 +37,5 @@
   android.hardware.wifi.PasnConfig pasnConfig;
   boolean enableSecureHeLtf;
   boolean enableRangingFrameProtection;
+  byte[] pasnComebackCookie;
 }

diff --git a/wifi/aidl/android/hardware/wifi/RttResult.aidl b/wifi/aidl/android/hardware/wifi/RttResult.aidl
index dd41868..16b823d 100644
--- a/wifi/aidl/android/hardware/wifi/RttResult.aidl
+++ b/wifi/aidl/android/hardware/wifi/RttResult.aidl

@@ -234,4 +234,19 @@
      * Secure HE-LTF protocol version used.
      */
     int secureHeLtfProtocolVersion;
+    /**
+     * When an AP receives a large volume of initial PASN Authentication frames, it can use the
+     * comeback after field in the PASN Parameters element to indicate a deferral time and
+     * optionally provide a comeback cookie which is an opaque sequence of octets. This field is
+     * set to 0 to indicate that the subsequent ranging request can be retried with the
+     * |pasnComebackCookie|.
+     */
+    long pasnComebackAfterMillis;
+    /**
+     * Comeback cookie is an opaque sequence of octects sent by the AP when PASN authentication
+     * needs to be deferred. The same cookie needs to be passed in |RttSecureConfig| when the
+     * station has to range with the AP after |RttResult.pasnComebackAfterMillis|. Maximum size of
+     * cookie is 255 bytes. Refer IEEE Std 802.11az‐2022, section 9.4.2.303 PASN Parameters element.
+     */
+    @nullable byte[] pasnComebackCookie;
 }

diff --git a/wifi/aidl/android/hardware/wifi/RttSecureConfig.aidl b/wifi/aidl/android/hardware/wifi/RttSecureConfig.aidl
index c10e6b5..d1394ab 100644
--- a/wifi/aidl/android/hardware/wifi/RttSecureConfig.aidl
+++ b/wifi/aidl/android/hardware/wifi/RttSecureConfig.aidl

@@ -35,4 +35,8 @@
      * Enable Ranging frame protection.
      */
     boolean enableRangingFrameProtection;
+    /**
+     * Comeback cookie is an opaque sequence of octets retrieved from |RttResult|.
+     */
+    byte[] pasnComebackCookie;
 }

diff --git a/wifi/legacy_headers/include/hardware_legacy/rtt.h b/wifi/legacy_headers/include/hardware_legacy/rtt.h
index 93ea145..3fa4e95 100644
--- a/wifi/legacy_headers/include/hardware_legacy/rtt.h
+++ b/wifi/legacy_headers/include/hardware_legacy/rtt.h

@@ -100,6 +100,7 @@
 
 #define RTT_SECURITY_MAX_PASSPHRASE_LEN 63
 #define PMKID_LEN 16
+#define RTT_MAX_COOKIE_LEN 255
 
 typedef struct {
     wifi_rtt_akm base_akm;  // Base Authentication and Key Management (AKM) protocol used for PASN
@@ -111,7 +112,9 @@
     u32 pmkid_len;
     u8 pmkid[PMKID_LEN];  // PMKID corresponding to the cached PMK from the base AKM. PMKID can be
                           // null if no cached PMK is present.
-
+    u8 comeback_cookie_len;  // Comeback cookie length. If the length is 0, it indicates there is no
+                             // cookie.
+    u8 comeback_cookie[RTT_MAX_COOKIE_LEN];  // Comeback cookie indicated over wifi_rtt_result_v4.
 } wifi_rtt_pasn_config;
 
 typedef struct {
@@ -261,6 +264,11 @@
     wifi_rtt_akm base_akm;
     wifi_rtt_cipher_suite cipher_suite;
     int secure_he_ltf_protocol_version;
+    u16 pasn_comeback_after_millis;  // The time in milliseconds after which the non-AP STA is
+                                     // requested to retry the PASN authentication.
+    u8 pasn_comeback_cookie_len;  // Comeback cookie length. If the length is 0, it indicates there
+                                  // is no cookie.
+    u8 pasn_comeback_cookie[RTT_MAX_COOKIE_LEN];  // Comeback cookie octets.
 } wifi_rtt_result_v4;
 
 /* RTT result callbacks */
commit	8cb1c86e1dd6d46930c210494172705108a5f0a8	[log] [tgz]
author	maheshkkv <maheshkkv@google.com>	Wed Nov 13 11:53:13 2024 -0800
committer	Mahesh KKV <maheshkkv@google.com>	Thu Nov 14 19:17:00 2024 +0000
tree	128b10368a6aff3c2cb538a26465c5289a50eda1
parent	2733768bc40167b9eea6815e177b5f78a2b0abe8 [diff]