FILS: Use AEAD cipher to protect EAPOL-Key frames (STA)
This modifies wpa_eapol_key_send() to use AEAD cipher (AES-SIV for FILS AKMs) to provide both integrity protection for the EAPOL-Key frame and encryption for the Key Data field. It should be noted that this starts encrypting the Key Data field in EAPOL-Key message 2/4 while it remains unencrypted (but integrity protected) in non-FILS cases. Similarly, the empty Key Data field in EAPOL-Key message 4/4 gets encrypted for AEAD cases. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen
Jouni Malinen
parent
1049af7e03
commit
2022f1d08d
3 changed files with 88 additions and 10 deletions
|
|
@ -275,6 +275,7 @@ ifdef CONFIG_FILS
|
|||
CFLAGS += -DCONFIG_FILS
|
||||
NEED_CRC32=y
|
||||
NEED_SHA384=y
|
||||
NEED_AES_SIV=y
|
||||
endif
|
||||
|
||||
ifdef CONFIG_WNM
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue