DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

MLD STA: Use AP MLD address to derive pairwise keys

Browse source 
Use AP MLD address to derive pairwise keys for MLO connection. Current
changes are handling only PTK derivation during EAPOL-Key 4-way
handshake and FILS authentication, i.e., FT protocol case needs to be
addressed separately.

Signed-off-by: Rohan Dutta <quic_drohan@quicinc.com>
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
This commit is contained in:
Rohan Dutta 2022-11-03 13:38:47 +05:30 committed by Jouni Malinen
parent e784372564
commit 052bf8a51b
3 changed files with 12 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
src/rsn_supp/wpa.c
View file

@ -641,7 +641,7 @@ static int wpa_derive_ptk(struct wpa_sm *sm, const unsigned char *src_addr,
kdk_len = 0;
ret = wpa_pmk_to_ptk(sm->pmk, sm->pmk_len, "Pairwise key expansion",
sm->own_addr, sm->bssid, sm->snonce,
sm->own_addr, wpa_sm_get_auth_addr(sm), sm->snonce,
key->key_nonce, ptk, akmp,
sm->pairwise_cipher, z, z_len,
kdk_len);
@ -4279,6 +4279,12 @@ unsigned int wpa_sm_get_key_mgmt(struct wpa_sm *sm)
}
const u8 * wpa_sm_get_auth_addr(struct wpa_sm *sm)
{
return sm->mlo.valid_links ? sm->mlo.ap_mld_addr : sm->bssid;
}
#ifdef CONFIG_FILS
struct wpabuf * fils_build_auth(struct wpa_sm *sm, int dh_group, const u8 *md)
@ -4662,7 +4668,8 @@ int fils_process_auth(struct wpa_sm *sm, const u8 *bssid, const u8 *data,
else
kdk_len = 0;
if (fils_pmk_to_ptk(sm->pmk, sm->pmk_len, sm->own_addr, sm->bssid,
if (fils_pmk_to_ptk(sm->pmk, sm->pmk_len, sm->own_addr,
wpa_sm_get_auth_addr(sm),
sm->fils_nonce, sm->fils_anonce,
dh_ss ? wpabuf_head(dh_ss) : NULL,
dh_ss ? wpabuf_len(dh_ss) : 0,

1
src/rsn_supp/wpa.h
View file

@ -593,5 +593,6 @@ struct rsn_pmksa_cache * wpa_sm_get_pmksa_cache(struct wpa_sm *sm);
void wpa_sm_set_cur_pmksa(struct wpa_sm *sm,
struct rsn_pmksa_cache_entry *entry);
const u8 * wpa_sm_get_auth_addr(struct wpa_sm *sm);
#endif /* WPA_H */

3
src/rsn_supp/wpa_ft.c
View file

@ -81,7 +81,7 @@ int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr,
kdk_len = 0;
ret = wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce,
anonce, sm->own_addr, sm->bssid,
anonce, sm->own_addr, wpa_sm_get_auth_addr(sm),
sm->pmk_r1_name, ptk, ptk_name, sm->key_mgmt,
sm->pairwise_cipher, kdk_len);
if (ret) {
@ -695,6 +695,7 @@ int wpa_ft_process_response(struct wpa_sm *sm, const u8 *ies, size_t ies_len,
else
kdk_len = 0;
/* TODO: AP MLD address for MLO */
if (wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce,
parse.fte_anonce, sm->own_addr, bssid,
sm->pmk_r1_name, &sm->ptk, ptk_name, sm->key_mgmt,