mka: ICV calculation using 256-bit ICK

Add support for using AES-CMAC with 256-bit key (ICK) to calculate ICV.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2018-12-26 16:18:00 +02:00
parent 7c3d1cc040
commit b452a76e54
4 changed files with 24 additions and 13 deletions

View file

@ -74,7 +74,7 @@ static struct mka_alg mka_alg_tbl[] = {
.ckn_trfm = ieee802_1x_ckn_128bits_aes_cmac,
.kek_trfm = ieee802_1x_kek_aes_cmac,
.ick_trfm = ieee802_1x_ick_aes_cmac,
.icv_hash = ieee802_1x_icv_128bits_aes_cmac,
.icv_hash = ieee802_1x_icv_aes_cmac,
.index = 1,
},
@ -1782,8 +1782,9 @@ ieee802_1x_mka_encode_icv_body(struct ieee802_1x_mka_participant *participant,
}
if (mka_alg_tbl[participant->kay->mka_algindex].icv_hash(
participant->ick.key, wpabuf_head(buf), buf->used, cmac)) {
wpa_printf(MSG_ERROR, "KaY, omac1_aes_128 failed");
participant->ick.key, participant->ick.len,
wpabuf_head(buf), wpabuf_len(buf), cmac)) {
wpa_printf(MSG_ERROR, "KaY: failed to calculate ICV");
return -1;
}
@ -3029,9 +3030,9 @@ static int ieee802_1x_kay_mkpdu_sanity_check(struct ieee802_1x_kay *kay,
* packet body length.
*/
if (mka_alg_tbl[kay->mka_algindex].icv_hash(
participant->ick.key,
participant->ick.key, participant->ick.len,
buf, len - mka_alg_tbl[kay->mka_algindex].icv_len, icv)) {
wpa_printf(MSG_ERROR, "KaY: omac1_aes_128 failed");
wpa_printf(MSG_ERROR, "KaY: failed to calculate ICV");
return -1;
}

View file

@ -80,7 +80,8 @@ struct mka_alg {
int (*ick_trfm)(const u8 *cak, size_t cak_bytes,
const u8 *ckn, size_t ckn_len,
u8 *ick, size_t ick_bytes);
int (*icv_hash)(const u8 *ick, const u8 *msg, size_t msg_len, u8 *icv);
int (*icv_hash)(const u8 *ick, size_t ick_bytes,
const u8 *msg, size_t msg_len, u8 *icv);
int index; /* index for configuring */
};

View file

@ -172,16 +172,25 @@ int ieee802_1x_ick_aes_cmac(const u8 *cak, size_t cak_bytes, const u8 *ckn,
/**
* ieee802_1x_icv_128bits_aes_cmac
* ieee802_1x_icv_aes_cmac
*
* IEEE Std 802.1X-2010, 9.4.1
* ICV = AES-CMAC(ICK, M, 128)
*/
int ieee802_1x_icv_128bits_aes_cmac(const u8 *ick, const u8 *msg,
size_t msg_bytes, u8 *icv)
int ieee802_1x_icv_aes_cmac(const u8 *ick, size_t ick_bytes, const u8 *msg,
size_t msg_bytes, u8 *icv)
{
if (omac1_aes_128(ick, msg, msg_bytes, icv)) {
wpa_printf(MSG_ERROR, "MKA: omac1_aes_128 failed");
int res;
if (ick_bytes == 16)
res = omac1_aes_128(ick, msg, msg_bytes, icv);
else if (ick_bytes == 32)
res = omac1_aes_256(ick, msg, msg_bytes, icv);
else
return -1;
if (res) {
wpa_printf(MSG_ERROR,
"MKA: AES-CMAC failed for ICV calculation");
return -1;
}
return 0;

View file

@ -18,8 +18,8 @@ int ieee802_1x_kek_aes_cmac(const u8 *cak, size_t cak_bytes, const u8 *ckn,
size_t ckn_bytes, u8 *kek, size_t kek_bytes);
int ieee802_1x_ick_aes_cmac(const u8 *cak, size_t cak_bytes, const u8 *ckn,
size_t ckn_bytes, u8 *ick, size_t ick_bytes);
int ieee802_1x_icv_128bits_aes_cmac(const u8 *ick, const u8 *msg,
size_t msg_bytes, u8 *icv);
int ieee802_1x_icv_aes_cmac(const u8 *ick, size_t ick_bytes, const u8 *msg,
size_t msg_bytes, u8 *icv);
int ieee802_1x_sak_aes_cmac(const u8 *cak, size_t cak_bytes, const u8 *ctx,
size_t ctx_bytes, u8 *sak, size_t sak_bytes);