Debug print PMK-R0/R1 and PMKR0/R1Name in the helper functions
There is no need to have all callers debug print these separately. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
bfc4569f89
commit
d9532eb70f
5 changed files with 5 additions and 35 deletions
|
@ -2322,7 +2322,6 @@ int fils_auth_pmk_to_ptk(struct wpa_state_machine *sm, const u8 *pmk,
|
||||||
struct wpa_auth_config *conf = &wpa_auth->conf;
|
struct wpa_auth_config *conf = &wpa_auth->conf;
|
||||||
u8 pmk_r0[PMK_LEN_MAX], pmk_r0_name[WPA_PMK_NAME_LEN];
|
u8 pmk_r0[PMK_LEN_MAX], pmk_r0_name[WPA_PMK_NAME_LEN];
|
||||||
int use_sha384 = wpa_key_mgmt_sha384(sm->wpa_key_mgmt);
|
int use_sha384 = wpa_key_mgmt_sha384(sm->wpa_key_mgmt);
|
||||||
size_t pmk_r0_len = use_sha384 ? SHA384_MAC_LEN : PMK_LEN;
|
|
||||||
|
|
||||||
if (wpa_derive_pmk_r0(fils_ft, fils_ft_len,
|
if (wpa_derive_pmk_r0(fils_ft, fils_ft_len,
|
||||||
conf->ssid, conf->ssid_len,
|
conf->ssid, conf->ssid_len,
|
||||||
|
@ -2333,10 +2332,6 @@ int fils_auth_pmk_to_ptk(struct wpa_state_machine *sm, const u8 *pmk,
|
||||||
use_sha384) < 0)
|
use_sha384) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FILS+FT: PMK-R0",
|
|
||||||
pmk_r0, pmk_r0_len);
|
|
||||||
wpa_hexdump(MSG_DEBUG, "FILS+FT: PMKR0Name",
|
|
||||||
pmk_r0_name, WPA_PMK_NAME_LEN);
|
|
||||||
wpa_ft_store_pmk_fils(sm, pmk_r0, pmk_r0_name);
|
wpa_ft_store_pmk_fils(sm, pmk_r0, pmk_r0_name);
|
||||||
forced_memzero(fils_ft, sizeof(fils_ft));
|
forced_memzero(fils_ft, sizeof(fils_ft));
|
||||||
|
|
||||||
|
|
|
@ -2128,8 +2128,6 @@ int wpa_auth_derive_ptk_ft(struct wpa_state_machine *sm, struct wpa_ptk *ptk)
|
||||||
pmk_r0, pmk_r0_name,
|
pmk_r0, pmk_r0_name,
|
||||||
wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) < 0)
|
wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R0", pmk_r0, pmk_r0_len);
|
|
||||||
wpa_hexdump(MSG_DEBUG, "FT: PMKR0Name", pmk_r0_name, WPA_PMK_NAME_LEN);
|
|
||||||
if (!psk_local || !wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt))
|
if (!psk_local || !wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt))
|
||||||
wpa_ft_store_pmk_r0(sm->wpa_auth, sm->addr, pmk_r0, pmk_r0_len,
|
wpa_ft_store_pmk_r0(sm->wpa_auth, sm->addr, pmk_r0, pmk_r0_len,
|
||||||
pmk_r0_name,
|
pmk_r0_name,
|
||||||
|
@ -2140,9 +2138,6 @@ int wpa_auth_derive_ptk_ft(struct wpa_state_machine *sm, struct wpa_ptk *ptk)
|
||||||
if (wpa_derive_pmk_r1(pmk_r0, pmk_r0_len, pmk_r0_name, r1kh, sm->addr,
|
if (wpa_derive_pmk_r1(pmk_r0, pmk_r0_len, pmk_r0_name, r1kh, sm->addr,
|
||||||
pmk_r1, sm->pmk_r1_name) < 0)
|
pmk_r1, sm->pmk_r1_name) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", pmk_r1, pmk_r1_len);
|
|
||||||
wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name", sm->pmk_r1_name,
|
|
||||||
WPA_PMK_NAME_LEN);
|
|
||||||
if (!psk_local || !wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt))
|
if (!psk_local || !wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt))
|
||||||
wpa_ft_store_pmk_r1(sm->wpa_auth, sm->addr, pmk_r1, pmk_r1_len,
|
wpa_ft_store_pmk_r1(sm->wpa_auth, sm->addr, pmk_r1, pmk_r1_len,
|
||||||
sm->pmk_r1_name, sm->pairwise, &vlan,
|
sm->pmk_r1_name, sm->pairwise, &vlan,
|
||||||
|
@ -2961,8 +2956,6 @@ static int wpa_ft_local_derive_pmk_r1(struct wpa_authenticator *wpa_auth,
|
||||||
conf->r1_key_holder,
|
conf->r1_key_holder,
|
||||||
sm->addr, out_pmk_r1, pmk_r1_name) < 0)
|
sm->addr, out_pmk_r1, pmk_r1_name) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", out_pmk_r1, r0->pmk_r0_len);
|
|
||||||
wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name", pmk_r1_name, WPA_PMK_NAME_LEN);
|
|
||||||
|
|
||||||
os_get_reltime(&now);
|
os_get_reltime(&now);
|
||||||
if (r0->expiration)
|
if (r0->expiration)
|
||||||
|
@ -3091,8 +3084,6 @@ static int wpa_ft_process_auth_req(struct wpa_state_machine *sm,
|
||||||
sm->wpa_auth->conf.r1_key_holder, sm->addr,
|
sm->wpa_auth->conf.r1_key_holder, sm->addr,
|
||||||
pmk_r1_name, use_sha384) < 0)
|
pmk_r1_name, use_sha384) < 0)
|
||||||
return WLAN_STATUS_UNSPECIFIED_FAILURE;
|
return WLAN_STATUS_UNSPECIFIED_FAILURE;
|
||||||
wpa_hexdump(MSG_DEBUG, "FT: Derived requested PMKR1Name",
|
|
||||||
pmk_r1_name, WPA_PMK_NAME_LEN);
|
|
||||||
|
|
||||||
if (conf->ft_psk_generate_local &&
|
if (conf->ft_psk_generate_local &&
|
||||||
wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt)) {
|
wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt)) {
|
||||||
|
@ -3699,14 +3690,11 @@ static int wpa_ft_rrb_build_r0(const u8 *key, const size_t key_len,
|
||||||
{ .type = FT_RRB_LAST_EMPTY, .len = 0, .data = NULL },
|
{ .type = FT_RRB_LAST_EMPTY, .len = 0, .data = NULL },
|
||||||
};
|
};
|
||||||
|
|
||||||
|
wpa_printf(MSG_DEBUG, "FT: Derive PMK-R1 for peer AP");
|
||||||
if (wpa_derive_pmk_r1(pmk_r0->pmk_r0, pmk_r0->pmk_r0_len,
|
if (wpa_derive_pmk_r1(pmk_r0->pmk_r0, pmk_r0->pmk_r0_len,
|
||||||
pmk_r0->pmk_r0_name, r1kh_id,
|
pmk_r0->pmk_r0_name, r1kh_id,
|
||||||
s1kh_id, pmk_r1, pmk_r1_name) < 0)
|
s1kh_id, pmk_r1, pmk_r1_name) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1 (for peer AP)",
|
|
||||||
pmk_r1, pmk_r1_len);
|
|
||||||
wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name (for peer AP)",
|
|
||||||
pmk_r1_name, WPA_PMK_NAME_LEN);
|
|
||||||
WPA_PUT_LE16(f_pairwise, pmk_r0->pairwise);
|
WPA_PUT_LE16(f_pairwise, pmk_r0->pairwise);
|
||||||
|
|
||||||
os_get_reltime(&now);
|
os_get_reltime(&now);
|
||||||
|
|
|
@ -1633,7 +1633,8 @@ int wpa_derive_pmk_r0(const u8 *xxkey, size_t xxkey_len,
|
||||||
if (!use_sha384 && sha256_vector(2, addr, len, hash) < 0)
|
if (!use_sha384 && sha256_vector(2, addr, len, hash) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(pmk_r0_name, hash, WPA_PMK_NAME_LEN);
|
os_memcpy(pmk_r0_name, hash, WPA_PMK_NAME_LEN);
|
||||||
os_memset(r0_key_data, 0, sizeof(r0_key_data));
|
wpa_hexdump(MSG_DEBUG, "FT: PMKR0Name", pmk_r0_name, WPA_PMK_NAME_LEN);
|
||||||
|
forced_memzero(r0_key_data, sizeof(r0_key_data));
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1670,6 +1671,7 @@ int wpa_derive_pmk_r1_name(const u8 *pmk_r0_name, const u8 *r1kh_id,
|
||||||
if (!use_sha384 && sha256_vector(4, addr, len, hash) < 0)
|
if (!use_sha384 && sha256_vector(4, addr, len, hash) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(pmk_r1_name, hash, WPA_PMK_NAME_LEN);
|
os_memcpy(pmk_r1_name, hash, WPA_PMK_NAME_LEN);
|
||||||
|
wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name", pmk_r1_name, WPA_PMK_NAME_LEN);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1839,7 +1841,7 @@ int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, size_t pmk_r1_len,
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FT: TK", ptk->tk, ptk->tk_len);
|
wpa_hexdump_key(MSG_DEBUG, "FT: TK", ptk->tk, ptk->tk_len);
|
||||||
wpa_hexdump(MSG_DEBUG, "FT: PTKName", ptk_name, WPA_PMK_NAME_LEN);
|
wpa_hexdump(MSG_DEBUG, "FT: PTKName", ptk_name, WPA_PMK_NAME_LEN);
|
||||||
|
|
||||||
os_memset(tmp, 0, sizeof(tmp));
|
forced_memzero(tmp, sizeof(tmp));
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
@ -4430,10 +4430,6 @@ static int fils_ft_build_assoc_req_rsne(struct wpa_sm *sm, struct wpabuf *buf)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
sm->pmk_r0_len = use_sha384 ? SHA384_MAC_LEN : PMK_LEN;
|
sm->pmk_r0_len = use_sha384 ? SHA384_MAC_LEN : PMK_LEN;
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FILS+FT: PMK-R0",
|
|
||||||
sm->pmk_r0, sm->pmk_r0_len);
|
|
||||||
wpa_hexdump(MSG_DEBUG, "FILS+FT: PMKR0Name",
|
|
||||||
sm->pmk_r0_name, WPA_PMK_NAME_LEN);
|
|
||||||
wpa_printf(MSG_DEBUG, "FILS+FT: R1KH-ID: " MACSTR,
|
wpa_printf(MSG_DEBUG, "FILS+FT: R1KH-ID: " MACSTR,
|
||||||
MAC2STR(sm->r1kh_id));
|
MAC2STR(sm->r1kh_id));
|
||||||
pos = wpabuf_put(buf, WPA_PMK_NAME_LEN);
|
pos = wpabuf_put(buf, WPA_PMK_NAME_LEN);
|
||||||
|
@ -4442,8 +4438,6 @@ static int fils_ft_build_assoc_req_rsne(struct wpa_sm *sm, struct wpabuf *buf)
|
||||||
wpa_printf(MSG_WARNING, "FILS+FT: Could not derive PMKR1Name");
|
wpa_printf(MSG_WARNING, "FILS+FT: Could not derive PMKR1Name");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
wpa_hexdump(MSG_DEBUG, "FILS+FT: PMKR1Name", sm->pmk_r1_name,
|
|
||||||
WPA_PMK_NAME_LEN);
|
|
||||||
os_memcpy(pos, sm->pmk_r1_name, WPA_PMK_NAME_LEN);
|
os_memcpy(pos, sm->pmk_r1_name, WPA_PMK_NAME_LEN);
|
||||||
|
|
||||||
if (sm->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC) {
|
if (sm->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC) {
|
||||||
|
|
|
@ -50,17 +50,11 @@ int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr,
|
||||||
sm->r0kh_id, sm->r0kh_id_len, sm->own_addr,
|
sm->r0kh_id, sm->r0kh_id_len, sm->own_addr,
|
||||||
sm->pmk_r0, sm->pmk_r0_name, use_sha384) < 0)
|
sm->pmk_r0, sm->pmk_r0_name, use_sha384) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R0", sm->pmk_r0, sm->pmk_r0_len);
|
|
||||||
wpa_hexdump(MSG_DEBUG, "FT: PMKR0Name",
|
|
||||||
sm->pmk_r0_name, WPA_PMK_NAME_LEN);
|
|
||||||
sm->pmk_r1_len = sm->pmk_r0_len;
|
sm->pmk_r1_len = sm->pmk_r0_len;
|
||||||
if (wpa_derive_pmk_r1(sm->pmk_r0, sm->pmk_r0_len, sm->pmk_r0_name,
|
if (wpa_derive_pmk_r1(sm->pmk_r0, sm->pmk_r0_len, sm->pmk_r0_name,
|
||||||
sm->r1kh_id, sm->own_addr, sm->pmk_r1,
|
sm->r1kh_id, sm->own_addr, sm->pmk_r1,
|
||||||
sm->pmk_r1_name) < 0)
|
sm->pmk_r1_name) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", sm->pmk_r1, sm->pmk_r1_len);
|
|
||||||
wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name", sm->pmk_r1_name,
|
|
||||||
WPA_PMK_NAME_LEN);
|
|
||||||
return wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce, anonce,
|
return wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce, anonce,
|
||||||
sm->own_addr, sm->bssid, sm->pmk_r1_name, ptk,
|
sm->own_addr, sm->bssid, sm->pmk_r1_name, ptk,
|
||||||
ptk_name, sm->key_mgmt, sm->pairwise_cipher);
|
ptk_name, sm->key_mgmt, sm->pairwise_cipher);
|
||||||
|
@ -641,9 +635,6 @@ int wpa_ft_process_response(struct wpa_sm *sm, const u8 *ies, size_t ies_len,
|
||||||
sm->pmk_r1_name) < 0)
|
sm->pmk_r1_name) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
sm->pmk_r1_len = sm->pmk_r0_len;
|
sm->pmk_r1_len = sm->pmk_r0_len;
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", sm->pmk_r1, sm->pmk_r1_len);
|
|
||||||
wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name",
|
|
||||||
sm->pmk_r1_name, WPA_PMK_NAME_LEN);
|
|
||||||
|
|
||||||
bssid = target_ap;
|
bssid = target_ap;
|
||||||
if (wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce,
|
if (wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce,
|
||||||
|
|
Loading…
Reference in a new issue