FT: Extend PMKR1Name derivation for FT-SAE-EXT-KEY

Provide key length instead of SHA384/SHA256 selection to the helper
function so that the new SHA512 option can be covered for
FT-SAE-EXT-KEY.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
Jouni Malinen 2022-10-16 16:38:27 +03:00 committed by Jouni Malinen
parent 9fd2455642
commit dcd46edf5f
5 changed files with 33 additions and 13 deletions

View file

@ -2475,7 +2475,7 @@ int fils_auth_pmk_to_ptk(struct wpa_state_machine *sm, const u8 *pmk,
res = wpa_derive_pmk_r1_name(pmk_r0_name, conf->r1_key_holder, res = wpa_derive_pmk_r1_name(pmk_r0_name, conf->r1_key_holder,
sm->addr, sm->pmk_r1_name, sm->addr, sm->pmk_r1_name,
use_sha384); fils_ft_len);
forced_memzero(pmk_r0, PMK_LEN_MAX); forced_memzero(pmk_r0, PMK_LEN_MAX);
if (res < 0) if (res < 0)
return -1; return -1;

View file

@ -3205,7 +3205,7 @@ static int wpa_ft_process_auth_req(struct wpa_state_machine *sm,
parse.rsn_pmkid, WPA_PMK_NAME_LEN); parse.rsn_pmkid, WPA_PMK_NAME_LEN);
if (wpa_derive_pmk_r1_name(parse.rsn_pmkid, if (wpa_derive_pmk_r1_name(parse.rsn_pmkid,
sm->wpa_auth->conf.r1_key_holder, sm->addr, sm->wpa_auth->conf.r1_key_holder, sm->addr,
pmk_r1_name, use_sha384) < 0) pmk_r1_name, pmk_r1_len) < 0)
return WLAN_STATUS_UNSPECIFIED_FAILURE; return WLAN_STATUS_UNSPECIFIED_FAILURE;
if (conf->ft_psk_generate_local && if (conf->ft_psk_generate_local &&

View file

@ -2084,11 +2084,14 @@ int wpa_derive_pmk_r0(const u8 *xxkey, size_t xxkey_len,
* IEEE Std 802.11r-2008 - 8.5.1.5.4 * IEEE Std 802.11r-2008 - 8.5.1.5.4
*/ */
int wpa_derive_pmk_r1_name(const u8 *pmk_r0_name, const u8 *r1kh_id, int wpa_derive_pmk_r1_name(const u8 *pmk_r0_name, const u8 *r1kh_id,
const u8 *s1kh_id, u8 *pmk_r1_name, int use_sha384) const u8 *s1kh_id, u8 *pmk_r1_name,
size_t pmk_r1_len)
{ {
u8 hash[48]; u8 hash[64];
const u8 *addr[4]; const u8 *addr[4];
size_t len[4]; size_t len[4];
int res;
const char *title;
/* /*
* PMKR1Name = Truncate-128(Hash("FT-R1N" || PMKR0Name || * PMKR1Name = Truncate-128(Hash("FT-R1N" || PMKR0Name ||
@ -2103,14 +2106,31 @@ int wpa_derive_pmk_r1_name(const u8 *pmk_r0_name, const u8 *r1kh_id,
addr[3] = s1kh_id; addr[3] = s1kh_id;
len[3] = ETH_ALEN; len[3] = ETH_ALEN;
res = -1;
#ifdef CONFIG_SHA512
if (pmk_r1_len == SHA512_MAC_LEN) {
title = "FT: PMKR1Name (using SHA512)";
res = sha512_vector(4, addr, len, hash);
}
#endif /* CONFIG_SHA512 */
#ifdef CONFIG_SHA384 #ifdef CONFIG_SHA384
if (use_sha384 && sha384_vector(4, addr, len, hash) < 0) if (pmk_r1_len == SHA384_MAC_LEN) {
return -1; title = "FT: PMKR1Name (using SHA384)";
res = sha384_vector(4, addr, len, hash);
}
#endif /* CONFIG_SHA384 */ #endif /* CONFIG_SHA384 */
if (!use_sha384 && sha256_vector(4, addr, len, hash) < 0) if (pmk_r1_len == SHA256_MAC_LEN) {
return -1; title = "FT: PMKR1Name (using SHA256)";
res = sha256_vector(4, addr, len, hash);
}
if (res < 0) {
wpa_printf(MSG_DEBUG,
"FT: Failed to derive PMKR1Name (PMK-R1 len %zu)",
pmk_r1_len);
return res;
}
os_memcpy(pmk_r1_name, hash, WPA_PMK_NAME_LEN); os_memcpy(pmk_r1_name, hash, WPA_PMK_NAME_LEN);
wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name", pmk_r1_name, WPA_PMK_NAME_LEN); wpa_hexdump(MSG_DEBUG, title, pmk_r1_name, WPA_PMK_NAME_LEN);
return 0; return 0;
} }
@ -2158,8 +2178,7 @@ int wpa_derive_pmk_r1(const u8 *pmk_r0, size_t pmk_r0_len,
wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", pmk_r1, pmk_r0_len); wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", pmk_r1, pmk_r0_len);
return wpa_derive_pmk_r1_name(pmk_r0_name, r1kh_id, s1kh_id, return wpa_derive_pmk_r1_name(pmk_r0_name, r1kh_id, s1kh_id,
pmk_r1_name, pmk_r1_name, pmk_r0_len);
pmk_r0_len == SHA384_MAC_LEN);
} }

View file

@ -477,7 +477,8 @@ int wpa_derive_pmk_r0(const u8 *xxkey, size_t xxkey_len,
const u8 *s0kh_id, u8 *pmk_r0, u8 *pmk_r0_name, const u8 *s0kh_id, u8 *pmk_r0, u8 *pmk_r0_name,
int use_sha384); int use_sha384);
int wpa_derive_pmk_r1_name(const u8 *pmk_r0_name, const u8 *r1kh_id, int wpa_derive_pmk_r1_name(const u8 *pmk_r0_name, const u8 *r1kh_id,
const u8 *s1kh_id, u8 *pmk_r1_name, int use_sha384); const u8 *s1kh_id, u8 *pmk_r1_name,
size_t pmk_r1_len);
int wpa_derive_pmk_r1(const u8 *pmk_r0, size_t pmk_r0_len, int wpa_derive_pmk_r1(const u8 *pmk_r0, size_t pmk_r0_len,
const u8 *pmk_r0_name, const u8 *pmk_r0_name,
const u8 *r1kh_id, const u8 *s1kh_id, const u8 *r1kh_id, const u8 *s1kh_id,

View file

@ -4618,7 +4618,7 @@ static int fils_ft_build_assoc_req_rsne(struct wpa_sm *sm, struct wpabuf *buf)
MAC2STR(sm->r1kh_id)); MAC2STR(sm->r1kh_id));
pos = wpabuf_put(buf, WPA_PMK_NAME_LEN); pos = wpabuf_put(buf, WPA_PMK_NAME_LEN);
if (wpa_derive_pmk_r1_name(sm->pmk_r0_name, sm->r1kh_id, sm->own_addr, if (wpa_derive_pmk_r1_name(sm->pmk_r0_name, sm->r1kh_id, sm->own_addr,
sm->pmk_r1_name, use_sha384) < 0) { sm->pmk_r1_name, sm->fils_ft_len) < 0) {
wpa_printf(MSG_WARNING, "FILS+FT: Could not derive PMKR1Name"); wpa_printf(MSG_WARNING, "FILS+FT: Could not derive PMKR1Name");
return -1; return -1;
} }