Provisionning protocol —— PDUs

Provisionning PDUs

配置PDUs是供应者和设备之间相互交流的数据格式,它在通用供应层进行传输。
配置PDU的第一个字节是类型控制,定义PUD参数的格式。
格式定义如下:

控制域 大小(bits) 描述
固定值 2 0b00
类型 6 定义PDU类型
参数 有效值 参数信息

PDU格式
PUD类型:

类型 名称 描述
0x00 配置邀请 邀请设备加入mesh网络
0x01 配置能力 指示设备的相应能力
0x02 配置开始 基于设备的能力,供应者选择合适的方法开始整个过程
0x03 配置公共密钥 包含设备或者供应者的公工密钥
0x04 配置输入完成 指示用户完成输入
0x05 配置确认 供应者或设备回复一个确认值
0x06 配置随机 设备或供应者的配置随机值
0x07 配置数据 包含每个元素的单播地址,网络密钥,网络密钥索引,标志和IV索引
0x08 配置完成 指示配置过程完成
0x09 配置失败 指示配置过程失败
其他值 RFU 保留

Provisioning Invite(0x00)

供应者发送该PDU邀请设备加入网络,开始配置过程。参数的格式定义如下:

  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
Table of contents 1 INTRODUCTION .......................................................................................................................................................... 8 1.1 Scope ............................................................................................................................................................ 8 1.2 References.................................................................................................................................................... 8 1.3 Definitions and acronyms............................................................................................................................ 10 1.3.1 Shall/should/may/might word usage .............................................................................................. 10 1.3.2 Conventions ................................................................................................................................... 10 1.3.3 Abbreviations and acronyms.......................................................................................................... 11 1.3.4 Definitions ...................................................................................................................................... 12 1.3.5 Symbols ......................................................................................................................................... 13 1.4 Architecture ................................................................................................................................................. 14 1.5 Device roles ................................................................................................................................................ 14 1.5.1 Authentication roles........................................................................................................................ 14 1.5.2 Configurator delegation.................................................................................................................. 15 1.6 Security considerations............................................................................................................................... 15 1.6.1 Overview ........................................................................................................................................ 15 1.6.2 Threat profile .................................................................................................................................. 15 1.6.3 Trust model .................................................................................................................................... 18 2 DPP PROTOCOL USAGE.......................................................................................................................................... 20 2.1 Overview ..................................................................................................................................................... 20 2.2 Infrastructure setup and connectivity .......................................................................................................... 20 2.2.1 AP configuration............................................................................................................................. 20 2.2.2 STA configuration........................................................................................................................... 20 2.2.3 Infrastructure connectivity .............................................................................................................. 20 2.2.4 Message flows for infrastructure connectivity ................................................................................ 20 2.3 Wi-Fi Direct ................................................................................................................................................. 23 2.3.1 Establishing a P2P group using DPP............................................................................................. 24 2.3.2 P2P Group operation ..................................................................................................................... 26 3 SECURITY.................................................................................................................................................................. 27 3.1 Properties.................................................................................................................................................... 27 3.2 Public key cryptography.............................................................................................................................. 27 3.2.1 Supported public key cryptosystem ............................................................................................... 27 3.2.2 Notation.......................................................................................................................................... 27 3.2.3 Cryptographic suites ...................................................................................................................... 28 3.2.4 Point representation....................................................................................................................... 28 4 DATA STRUCTURES................................................................................................................................................. 29 4.1 Public keys .................................................................................................................................................. 29 4.2 Connectors.................................................................................................................................................. 29 4.3 DPP Configuration object............................................................................................................................ 30 4.3.1 Wi-Fi Technology ........................................................................................................................... 30 4.3.2 DPP Discovery ............................................................................................................................... 30 4.3.3 DPP Credential .............................................................................................................................. 30 5 BOOTSTRAPPING OF TRUST.................................................................................................................................. 32 5.1 Overview ..................................................................................................................................................... 32 5.2 Bootstrapping information ........................................................................................................................... 32 5.2.1 Bootstrapping information format................................................................................................... 32 5.3 Scanning a QR code................................................................................................................................... 33 5.4 NFC............................................................................................................................................................. 34 5.4.1 Overview ........................................................................................................................................ 34 5.4.2 NFC Connection Handover............................................................................................................ 35 5.4.3 DPP bootstrapping via NFC URI record ........................................................................................ 37 5.5 Bluetooth ..................................................................................................................................................... 38 5.5.1 Overview ........................................................................................................................................ 38 5.5.2 Responder procedures .................................................................................................................. 40 5.5.3 Initiator procedures ........................................................................................................................ 40 Device Provisioning Protocol Specification v1.0 © 2018 Wi-Fi Alliance. All Rights Reserved. Used with the permission of Wi-Fi Alliance under the terms as stated in this document. Page 4 of 124 5.6 PKEX: Proof of knowledge of a shared code, key, phrase, or word...........................................................41 5.6.1 PKEX preliminaries ........................................................................................................................ 41 5.6.2 PKEX exchange phase .................................................................................................................. 42 5.6.3 PKEX commit-reveal phase ........................................................................................................... 43 6 DPP AUTHENTICATION............................................................................................................................................ 45 6.1 Overview ..................................................................................................................................................... 45 6.2 DPP Authentication protocol ....................................................................................................................... 45 6.2.1 DPP capabilities negotiation .......................................................................................................... 46 6.2.2 DPP authentication request ........................................................................................................... 47 6.2.3 DPP authentication response ........................................................................................................ 47 6.2.4 DPP authentication confirm ........................................................................................................... 49 6.3 DPP Configuration protocol ........................................................................................................................ 50 6.3.1 Overview ........................................................................................................................................ 50 6.3.2 DPP configuration request ............................................................................................................. 50 6.3.3 DPP configuration response .......................................................................................................... 51 6.3.4 DPP Configuration Attributes object .............................................................................................. 51 6.3.5 Connector....................................................................................................................................... 52 6.3.6 DPP Configuration object............................................................................................................... 53 6.4 Network introduction protocol ..................................................................................................................... 55 6.4.1 Introduction .................................................................................................................................... 55 6.4.2 Connector group comparison......................................................................................................... 56 6.5 Network access protocols ........................................................................................................................... 56 7 STATE MACHINES .................................................................................................................................................... 57 7.1 Initiator state machine................................................................................................................................. 57 7.1.1 States ............................................................................................................................................. 57 7.1.2 Events and output .......................................................................................................................... 57 7.1.3 Variables ........................................................................................................................................ 57 7.1.4 Parent process behavior ................................................................................................................ 57 7.1.5 State machine behavior ................................................................................................................. 57 7.2 Responder state machine ........................................................................................................................... 59 7.2.1 States ............................................................................................................................................. 59 7.2.2 Events and output .......................................................................................................................... 59 7.2.3 Variables ........................................................................................................................................ 59 7.2.4 State machine behavior ................................................................................................................. 60 7.3 Configurator state machine......................................................................................................................... 62 7.3.1 States ............................................................................................................................................. 62 7.3.2 Events and output .......................................................................................................................... 62 7.3.3 Variables ........................................................................................................................................ 62 7.3.4 Parent process behavior ................................................................................................................ 62 7.3.5 State machine behavior ................................................................................................................. 62 7.4 Enrollee state machine................................................................................................................................ 64 7.4.1 States ............................................................................................................................................. 64 7.4.2 Events and output .......................................................................................................................... 64 7.4.3 Variables ........................................................................................................................................ 64 7.4.4 State machine behavior ................................................................................................................. 64 7.5 Detailed protocol description....................................................................................................................... 66 7.5.1 DPP bootstrapping......................................................................................................................... 66 7.5.2 DPP authentication exchange........................................................................................................ 66 7.5.3 DPP configuration exchange ......................................................................................................... 68 7.5.4 DPP network introduction exchange.............................................................................................. 69 7.5.5 Network access.............................................................................................................................. 70 8 DPP ATTRIBUTE, FRAME, AND ELEMENT FORMATS .......................................................................................... 71 8.1 DPP attributes ............................................................................................................................................. 71 8.1.1 DPP attribute body field definitions................................................................................................ 72 8.2 DPP frames................................................................................................................................................. 74 8.2.1 DPP Public Action frames.............................................................................................................. 74 8.2.2 DPP Generic Advertisement Service (GAS) frames...................................................................... 78 Device Provisioning Protocol Specification v1.0 © 2018 Wi-Fi Alliance. All Rights Reserved. Used with the permission of Wi-Fi Alliance under the terms as stated in this document. Page 5 of 124 8.3 DPP status and error codes........................................................................................................................ 81 8.4 Network Introduction protocol elements...................................................................................................... 82 8.4.1 Overview ........................................................................................................................................ 82 8.4.2 Network Introduction protocol AKM suite....................................................................................... 82 9 DPP CONFIGURATION BACKUP AND RESTORE.................................................................................................. 83 9.1 Overview ..................................................................................................................................................... 83 9.2 DPP AsymmetricKeyPackage..................................................................................................................... 83 9.3 DPPEnvelopedData .................................................................................................................................... 84 9.3.1 DPPAsymmetricKeyPackage encryption....................................................................................... 86 9.3.2 DPPEnvelopedData decryption ..................................................................................................... 86 9.4 DPP configuration backup .......................................................................................................................... 86 9.5 DPP configuration restore........................................................................................................................... 86 9.6 Enabling multiple Configurators in DPP...................................................................................................... 87 APPENDIX A (INFORMATIVE) TEST VECTORS ............................................................................................................ 88 A.1 Test vectors for DPP Authentication using P-256 for mutual authentication..............................................88 A.2 Test vectors for DPP Authentication using P-256 for Responder-only authentication ...............................91 A.3 Test vectors for DPP Authentication using P-384 for mutual authentication..............................................94 A.4 Test vectors for DPP Authentication using P-521 for mutual authentication..............................................98 A.5 Test vectors for DPP Authentication using Brainpool P-256r1 for mutual authentication ........................103 A.6 Test vectors for DPP Authentication using Brainpool P-384r1 using mutual authentication....................106 A.7 A.7 Test vectors for DPP Authentication using Brainpool P-512r1 for mutual authentication ..................110 APPENDIX B ROLE-SPECIFIC ELEMENTS FOR PKEX............................................................................................... 115 B.1 Role-specific elements for NIST p256 ...................................................................................................... 115 B.2 Role-specific elements for NIST p384 ...................................................................................................... 115 B.3 Role-specific elements for NIST p521 ...................................................................................................... 116 B.4 Role-specific elements for Brainpool p256r1 ............................................................................................ 117 B.5 Role-specific elements for Brainpool p384r1 ............................................................................................ 117 B.6 Role-specific elements for Brainpool p512r1 ............................................................................................ 118 APPENDIX C PKEX TEST VECTOR FOR NIST P256................................................................................................... 119 C.1 Initial state of Initiator and Responder ...................................................................................................... 119 C.2 Initiator generates PKEX Exchange Request frame................................................................................. 119 C.3 Responder processes PKEX Exchange Request frame........................................................................... 120 C.4 Responder generates PKEX Exchange Response frame ........................................................................ 120 C.5 Initiator processess PKEX Exchange Response frame............................................................................ 121 C.6 Initiator generates PKEX Commit/Reveal request.................................................................................... 121 C.7 Responder processes PKEX Commit/Reveal Request frame.................................................................. 122 C.8 Responder generates PKEX Commit/Reveal Response frame................................................................ 123 C.9 Initiator processes PKEX Commit/Reveal Response frame..................................................................... 124
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值