FT: Extend the wpa_pmk_r1_to_ptk() function to also derive KDK
Extend the wpa_pmk_r1_to_ptk() to also derive Key Derivation Key (KDK), which can later be used for secure LTF measurements. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
This commit is contained in:
Ilan Peer
Jouni Malinen
parent
46c232eb76
commit
6e834db74e
7 changed files with 36 additions and 12 deletions
|
|
@ -2272,7 +2272,9 @@ static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *snonce,
|
||||||
sm->pmk_r1_name,
|
sm->pmk_r1_name,
|
||||||
ptk, ptk_name,
|
ptk, ptk_name,
|
||||||
sm->wpa_key_mgmt,
|
sm->wpa_key_mgmt,
|
||||||
sm->pairwise);
|
sm->pairwise,
|
||||||
|
sm->wpa_auth->conf.kdk ?
|
||||||
|
WPA_KDK_MAX_LEN : 0);
|
||||||
}
|
}
|
||||||
return wpa_auth_derive_ptk_ft(sm, ptk);
|
return wpa_auth_derive_ptk_ft(sm, ptk);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -2147,7 +2147,8 @@ int wpa_auth_derive_ptk_ft(struct wpa_state_machine *sm, struct wpa_ptk *ptk)
|
||||||
|
|
||||||
return wpa_pmk_r1_to_ptk(pmk_r1, pmk_r1_len, sm->SNonce, sm->ANonce,
|
return wpa_pmk_r1_to_ptk(pmk_r1, pmk_r1_len, sm->SNonce, sm->ANonce,
|
||||||
sm->addr, sm->wpa_auth->addr, sm->pmk_r1_name,
|
sm->addr, sm->wpa_auth->addr, sm->pmk_r1_name,
|
||||||
ptk, ptk_name, sm->wpa_key_mgmt, sm->pairwise);
|
ptk, ptk_name, sm->wpa_key_mgmt, sm->pairwise,
|
||||||
|
0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -3198,7 +3199,9 @@ pmk_r1_derived:
|
||||||
if (wpa_pmk_r1_to_ptk(pmk_r1, pmk_r1_len, sm->SNonce, sm->ANonce,
|
if (wpa_pmk_r1_to_ptk(pmk_r1, pmk_r1_len, sm->SNonce, sm->ANonce,
|
||||||
sm->addr, sm->wpa_auth->addr, pmk_r1_name,
|
sm->addr, sm->wpa_auth->addr, pmk_r1_name,
|
||||||
&sm->PTK, ptk_name, sm->wpa_key_mgmt,
|
&sm->PTK, ptk_name, sm->wpa_key_mgmt,
|
||||||
pairwise) < 0)
|
pairwise,
|
||||||
|
sm->wpa_auth->conf.kdk ?
|
||||||
|
WPA_KDK_MAX_LEN : 0) < 0)
|
||||||
return WLAN_STATUS_UNSPECIFIED_FAILURE;
|
return WLAN_STATUS_UNSPECIFIED_FAILURE;
|
||||||
|
|
||||||
sm->pairwise = pairwise;
|
sm->pairwise = pairwise;
|
||||||
|
|
|
||||||
|
|
@ -1750,16 +1750,25 @@ int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, size_t pmk_r1_len,
|
||||||
const u8 *snonce, const u8 *anonce,
|
const u8 *snonce, const u8 *anonce,
|
||||||
const u8 *sta_addr, const u8 *bssid,
|
const u8 *sta_addr, const u8 *bssid,
|
||||||
const u8 *pmk_r1_name,
|
const u8 *pmk_r1_name,
|
||||||
struct wpa_ptk *ptk, u8 *ptk_name, int akmp, int cipher)
|
struct wpa_ptk *ptk, u8 *ptk_name, int akmp, int cipher,
|
||||||
|
size_t kdk_len)
|
||||||
{
|
{
|
||||||
u8 buf[2 * WPA_NONCE_LEN + 2 * ETH_ALEN];
|
u8 buf[2 * WPA_NONCE_LEN + 2 * ETH_ALEN];
|
||||||
u8 *pos, hash[32];
|
u8 *pos, hash[32];
|
||||||
const u8 *addr[6];
|
const u8 *addr[6];
|
||||||
size_t len[6];
|
size_t len[6];
|
||||||
u8 tmp[2 * WPA_KCK_MAX_LEN + 2 * WPA_KEK_MAX_LEN + WPA_TK_MAX_LEN];
|
u8 tmp[2 * WPA_KCK_MAX_LEN + 2 * WPA_KEK_MAX_LEN + WPA_TK_MAX_LEN +
|
||||||
|
WPA_KDK_MAX_LEN];
|
||||||
size_t ptk_len, offset;
|
size_t ptk_len, offset;
|
||||||
int use_sha384 = wpa_key_mgmt_sha384(akmp);
|
int use_sha384 = wpa_key_mgmt_sha384(akmp);
|
||||||
|
|
||||||
|
if (kdk_len > WPA_KDK_MAX_LEN) {
|
||||||
|
wpa_printf(MSG_ERROR,
|
||||||
|
"FT: KDK len=%zu exceeds max supported len",
|
||||||
|
kdk_len);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* PTK = KDF-PTKLen(PMK-R1, "FT-PTK", SNonce || ANonce ||
|
* PTK = KDF-PTKLen(PMK-R1, "FT-PTK", SNonce || ANonce ||
|
||||||
* BSSID || STA-ADDR)
|
* BSSID || STA-ADDR)
|
||||||
|
|
@ -1786,8 +1795,9 @@ int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, size_t pmk_r1_len,
|
||||||
ptk->kek_len = wpa_kek_len(akmp, PMK_LEN);
|
ptk->kek_len = wpa_kek_len(akmp, PMK_LEN);
|
||||||
ptk->kek2_len = wpa_kek2_len(akmp);
|
ptk->kek2_len = wpa_kek2_len(akmp);
|
||||||
ptk->tk_len = wpa_cipher_key_len(cipher);
|
ptk->tk_len = wpa_cipher_key_len(cipher);
|
||||||
|
ptk->kdk_len = kdk_len;
|
||||||
ptk_len = ptk->kck_len + ptk->kek_len + ptk->tk_len +
|
ptk_len = ptk->kck_len + ptk->kek_len + ptk->tk_len +
|
||||||
ptk->kck2_len + ptk->kek2_len;
|
ptk->kck2_len + ptk->kek2_len + ptk->kdk_len;
|
||||||
|
|
||||||
#ifdef CONFIG_SHA384
|
#ifdef CONFIG_SHA384
|
||||||
if (use_sha384) {
|
if (use_sha384) {
|
||||||
|
|
@ -1846,6 +1856,8 @@ int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, size_t pmk_r1_len,
|
||||||
os_memcpy(ptk->kck2, tmp + offset, ptk->kck2_len);
|
os_memcpy(ptk->kck2, tmp + offset, ptk->kck2_len);
|
||||||
offset += ptk->kck2_len;
|
offset += ptk->kck2_len;
|
||||||
os_memcpy(ptk->kek2, tmp + offset, ptk->kek2_len);
|
os_memcpy(ptk->kek2, tmp + offset, ptk->kek2_len);
|
||||||
|
offset += ptk->kek2_len;
|
||||||
|
os_memcpy(ptk->kdk, tmp + offset, ptk->kdk_len);
|
||||||
|
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FT: KCK", ptk->kck, ptk->kck_len);
|
wpa_hexdump_key(MSG_DEBUG, "FT: KCK", ptk->kck, ptk->kck_len);
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FT: KEK", ptk->kek, ptk->kek_len);
|
wpa_hexdump_key(MSG_DEBUG, "FT: KEK", ptk->kek, ptk->kek_len);
|
||||||
|
|
@ -1855,6 +1867,9 @@ int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, size_t pmk_r1_len,
|
||||||
if (ptk->kek2_len)
|
if (ptk->kek2_len)
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FT: KEK2",
|
wpa_hexdump_key(MSG_DEBUG, "FT: KEK2",
|
||||||
ptk->kek2, ptk->kek2_len);
|
ptk->kek2, ptk->kek2_len);
|
||||||
|
if (ptk->kdk_len)
|
||||||
|
wpa_hexdump_key(MSG_DEBUG, "FT: KDK", ptk->kdk, ptk->kdk_len);
|
||||||
|
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FT: TK", ptk->tk, ptk->tk_len);
|
wpa_hexdump_key(MSG_DEBUG, "FT: TK", ptk->tk, ptk->tk_len);
|
||||||
wpa_hexdump(MSG_DEBUG, "FT: PTKName", ptk_name, WPA_PMK_NAME_LEN);
|
wpa_hexdump(MSG_DEBUG, "FT: PTKName", ptk_name, WPA_PMK_NAME_LEN);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -427,7 +427,8 @@ int wpa_derive_pmk_r1(const u8 *pmk_r0, size_t pmk_r0_len,
|
||||||
int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, size_t pmk_r1_len, const u8 *snonce,
|
int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, size_t pmk_r1_len, const u8 *snonce,
|
||||||
const u8 *anonce, const u8 *sta_addr, const u8 *bssid,
|
const u8 *anonce, const u8 *sta_addr, const u8 *bssid,
|
||||||
const u8 *pmk_r1_name,
|
const u8 *pmk_r1_name,
|
||||||
struct wpa_ptk *ptk, u8 *ptk_name, int akmp, int cipher);
|
struct wpa_ptk *ptk, u8 *ptk_name, int akmp, int cipher,
|
||||||
|
size_t kdk_len);
|
||||||
#endif /* CONFIG_IEEE80211R */
|
#endif /* CONFIG_IEEE80211R */
|
||||||
|
|
||||||
struct wpa_ie_data {
|
struct wpa_ie_data {
|
||||||
|
|
|
||||||
|
|
@ -58,7 +58,8 @@ int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr,
|
||||||
return -1;
|
return -1;
|
||||||
return wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce, anonce,
|
return wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce, anonce,
|
||||||
sm->own_addr, sm->bssid, sm->pmk_r1_name, ptk,
|
sm->own_addr, sm->bssid, sm->pmk_r1_name, ptk,
|
||||||
ptk_name, sm->key_mgmt, sm->pairwise_cipher);
|
ptk_name, sm->key_mgmt, sm->pairwise_cipher,
|
||||||
|
sm->kdk ? WPA_KDK_MAX_LEN : 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -649,7 +650,8 @@ int wpa_ft_process_response(struct wpa_sm *sm, const u8 *ies, size_t ies_len,
|
||||||
if (wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce,
|
if (wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce,
|
||||||
anonce, sm->own_addr, bssid,
|
anonce, sm->own_addr, bssid,
|
||||||
sm->pmk_r1_name, &sm->ptk, ptk_name, sm->key_mgmt,
|
sm->pmk_r1_name, &sm->ptk, ptk_name, sm->key_mgmt,
|
||||||
sm->pairwise_cipher) < 0)
|
sm->pairwise_cipher,
|
||||||
|
sm->kdk ? WPA_KDK_MAX_LEN : 0) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
if (wpa_key_mgmt_fils(sm->key_mgmt)) {
|
if (wpa_key_mgmt_fils(sm->key_mgmt)) {
|
||||||
|
|
|
||||||
|
|
@ -120,7 +120,7 @@ static int try_pmk(struct wlantest *wt, struct wlantest_bss *bss,
|
||||||
sta->snonce, sta->anonce, sta->addr,
|
sta->snonce, sta->anonce, sta->addr,
|
||||||
bss->bssid, sta->pmk_r1_name,
|
bss->bssid, sta->pmk_r1_name,
|
||||||
&ptk, ptk_name, sta->key_mgmt,
|
&ptk, ptk_name, sta->key_mgmt,
|
||||||
sta->pairwise_cipher) < 0 ||
|
sta->pairwise_cipher, 0) < 0 ||
|
||||||
check_mic(ptk.kck, ptk.kck_len, sta->key_mgmt, ver, data,
|
check_mic(ptk.kck, ptk.kck_len, sta->key_mgmt, ver, data,
|
||||||
len) < 0)
|
len) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
|
||||||
|
|
@ -290,7 +290,7 @@ static void process_ft_auth(struct wlantest *wt, struct wlantest_bss *bss,
|
||||||
wpa_pmk_r1_to_ptk(sta->pmk_r1, sta->pmk_r1_len, parse.fte_snonce,
|
wpa_pmk_r1_to_ptk(sta->pmk_r1, sta->pmk_r1_len, parse.fte_snonce,
|
||||||
parse.fte_anonce, sta->addr, bss->bssid,
|
parse.fte_anonce, sta->addr, bss->bssid,
|
||||||
sta->pmk_r1_name, &ptk, ptk_name, sta->key_mgmt,
|
sta->pmk_r1_name, &ptk, ptk_name, sta->key_mgmt,
|
||||||
sta->pairwise_cipher) < 0)
|
sta->pairwise_cipher, 0) < 0)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
add_note(wt, MSG_DEBUG, "Derived new PTK");
|
add_note(wt, MSG_DEBUG, "Derived new PTK");
|
||||||
|
|
@ -1779,7 +1779,8 @@ static void rx_mgmt_action_ft_response(struct wlantest *wt,
|
||||||
wpa_pmk_r1_to_ptk(sta->pmk_r1, sta->pmk_r1_len, parse.fte_snonce,
|
wpa_pmk_r1_to_ptk(sta->pmk_r1, sta->pmk_r1_len, parse.fte_snonce,
|
||||||
parse.fte_anonce, new_sta->addr, bss->bssid,
|
parse.fte_anonce, new_sta->addr, bss->bssid,
|
||||||
sta->pmk_r1_name, &ptk, ptk_name,
|
sta->pmk_r1_name, &ptk, ptk_name,
|
||||||
new_sta->key_mgmt, new_sta->pairwise_cipher) < 0)
|
new_sta->key_mgmt, new_sta->pairwise_cipher,
|
||||||
|
0) < 0)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
add_note(wt, MSG_DEBUG, "Derived new PTK");
|
add_note(wt, MSG_DEBUG, "Derived new PTK");
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue