FT: Include KDK in FT specific PTK derivation on the AP
FT AP was silently ignoring EAPOL-Key msg 2/4 due to Key MIC mismatch when the STA advertises support for Secure LTF and derives the KDK while the AP implementation did not derive KDK. Fix this to include KDK while deriving PTK for FT cases on the AP. Signed-off-by: Shiva Sankar Gajula <quic_sgajula@quicinc.com>
This commit is contained in:
parent
870a5bdc07
commit
3b1ad1334a
3 changed files with 5 additions and 4 deletions
|
@ -2394,7 +2394,8 @@ static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *snonce,
|
|||
sm->pairwise, kdk_len);
|
||||
} else {
|
||||
ret = wpa_auth_derive_ptk_ft(sm, ptk, pmk_r0, pmk_r1,
|
||||
pmk_r0_name, key_len);
|
||||
pmk_r0_name, key_len,
|
||||
kdk_len);
|
||||
}
|
||||
if (ret) {
|
||||
wpa_printf(MSG_ERROR, "FT: PTK derivation failed");
|
||||
|
|
|
@ -2111,7 +2111,7 @@ int wpa_ft_store_pmk_fils(struct wpa_state_machine *sm,
|
|||
|
||||
int wpa_auth_derive_ptk_ft(struct wpa_state_machine *sm, struct wpa_ptk *ptk,
|
||||
u8 *pmk_r0, u8 *pmk_r1, u8 *pmk_r0_name,
|
||||
size_t *key_len)
|
||||
size_t *key_len, size_t kdk_len)
|
||||
{
|
||||
size_t pmk_r0_len, pmk_r1_len;
|
||||
u8 ptk_name[WPA_PMK_NAME_LEN];
|
||||
|
@ -2158,7 +2158,7 @@ int wpa_auth_derive_ptk_ft(struct wpa_state_machine *sm, struct wpa_ptk *ptk,
|
|||
return wpa_pmk_r1_to_ptk(pmk_r1, pmk_r1_len, sm->SNonce, sm->ANonce,
|
||||
sm->addr, sm->wpa_auth->addr, sm->pmk_r1_name,
|
||||
ptk, ptk_name, sm->wpa_key_mgmt, sm->pairwise,
|
||||
0);
|
||||
kdk_len);
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -306,7 +306,7 @@ int wpa_write_ftie(struct wpa_auth_config *conf, int key_mgmt, size_t key_len,
|
|||
size_t subelem_len, int rsnxe_used);
|
||||
int wpa_auth_derive_ptk_ft(struct wpa_state_machine *sm, struct wpa_ptk *ptk,
|
||||
u8 *pmk_r0, u8 *pmk_r1, u8 *pmk_r0_name,
|
||||
size_t *key_len);
|
||||
size_t *key_len, size_t kdk_len);
|
||||
void wpa_auth_ft_store_keys(struct wpa_state_machine *sm, const u8 *pmk_r0,
|
||||
const u8 *pmk_r1, const u8 *pmk_r0_name,
|
||||
size_t key_len);
|
||||
|
|
Loading…
Reference in a new issue