FT: XXKey derivation for SHA384-based AKM
XXKey is the first 384 bits of MSK when using the SHA384-based FT AKM. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
a3e18dbb6a
commit
9f12271b2a
2 changed files with 17 additions and 5 deletions
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* IEEE 802.11 RSN / WPA Authenticator
|
||||
* Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi>
|
||||
* Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi>
|
||||
*
|
||||
* This software may be distributed under the terms of the BSD license.
|
||||
* See README for more details.
|
||||
|
@ -1949,9 +1949,14 @@ SM_STATE(WPA_PTK, INITPMK)
|
|||
sm->pmk_len = pmk_len;
|
||||
#ifdef CONFIG_IEEE80211R_AP
|
||||
if (len >= 2 * PMK_LEN) {
|
||||
if (wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) {
|
||||
os_memcpy(sm->xxkey, msk, SHA384_MAC_LEN);
|
||||
sm->xxkey_len = SHA384_MAC_LEN;
|
||||
} else {
|
||||
os_memcpy(sm->xxkey, msk + PMK_LEN, PMK_LEN);
|
||||
sm->xxkey_len = PMK_LEN;
|
||||
}
|
||||
}
|
||||
#endif /* CONFIG_IEEE80211R_AP */
|
||||
} else {
|
||||
wpa_printf(MSG_DEBUG, "WPA: Could not get PMK, get_msk: %p",
|
||||
|
|
|
@ -323,8 +323,15 @@ static int wpa_supplicant_get_pmk(struct wpa_sm *sm,
|
|||
u8 buf[2 * PMK_LEN];
|
||||
if (eapol_sm_get_key(sm->eapol, buf, 2 * PMK_LEN) == 0)
|
||||
{
|
||||
os_memcpy(sm->xxkey, buf + PMK_LEN, PMK_LEN);
|
||||
if (wpa_key_mgmt_sha384(sm->key_mgmt)) {
|
||||
os_memcpy(sm->xxkey, buf,
|
||||
SHA384_MAC_LEN);
|
||||
sm->xxkey_len = SHA384_MAC_LEN;
|
||||
} else {
|
||||
os_memcpy(sm->xxkey, buf + PMK_LEN,
|
||||
PMK_LEN);
|
||||
sm->xxkey_len = PMK_LEN;
|
||||
}
|
||||
os_memset(buf, 0, sizeof(buf));
|
||||
}
|
||||
#endif /* CONFIG_IEEE80211R */
|
||||
|
|
Loading…
Reference in a new issue