From b02f4d058cbf113646d5fcd22d9a23c113f0319a Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sat, 18 Jun 2016 14:35:35 +0300 Subject: [PATCH] mesh: Add variable length MTK support This is needed as a part in enabling support for different pairwise ciphers in mesh. Signed-off-by: Jouni Malinen --- src/ap/sta_info.h | 3 ++- wpa_supplicant/mesh_mpm.c | 5 +++-- wpa_supplicant/mesh_rsn.c | 3 ++- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/src/ap/sta_info.h b/src/ap/sta_info.h index 10bdfe188..6b520bc2a 100644 --- a/src/ap/sta_info.h +++ b/src/ap/sta_info.h @@ -85,7 +85,8 @@ struct sta_info { u8 my_nonce[WPA_NONCE_LEN]; u8 peer_nonce[WPA_NONCE_LEN]; u8 aek[32]; /* SHA256 digest length */ - u8 mtk[16]; + u8 mtk[WPA_TK_MAX_LEN]; + size_t mtk_len; u8 mgtk[16]; u8 sae_auth_retry; #endif /* CONFIG_MESH */ diff --git a/wpa_supplicant/mesh_mpm.c b/wpa_supplicant/mesh_mpm.c index a0b71748a..84c5b6b36 100644 --- a/wpa_supplicant/mesh_mpm.c +++ b/wpa_supplicant/mesh_mpm.c @@ -793,8 +793,10 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, MAC2STR(sta->addr)); if (conf->security & MESH_CONF_SEC_AMPE) { + wpa_hexdump_key(MSG_DEBUG, "mesh: MTK", sta->mtk, sta->mtk_len); + /* TODO: support for other ciphers */ wpa_drv_set_key(wpa_s, WPA_ALG_CCMP, sta->addr, 0, 0, - seq, sizeof(seq), sta->mtk, sizeof(sta->mtk)); + seq, sizeof(seq), sta->mtk, sta->mtk_len); wpa_drv_set_key(wpa_s, WPA_ALG_CCMP, sta->addr, 1, 0, seq, sizeof(seq), sta->mgtk, sizeof(sta->mgtk)); @@ -802,7 +804,6 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, seq, sizeof(seq), sta->mgtk, sizeof(sta->mgtk)); - wpa_hexdump_key(MSG_DEBUG, "mtk:", sta->mtk, sizeof(sta->mtk)); wpa_hexdump_key(MSG_DEBUG, "mgtk:", sta->mgtk, sizeof(sta->mgtk)); } diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c index 3ce933aff..d7a811548 100644 --- a/wpa_supplicant/mesh_rsn.c +++ b/wpa_supplicant/mesh_rsn.c @@ -445,9 +445,10 @@ int mesh_rsn_derive_mtk(struct wpa_supplicant *wpa_s, struct sta_info *sta) ptr += ETH_ALEN; os_memcpy(ptr, max, ETH_ALEN); + sta->mtk_len = wpa_cipher_key_len(WPA_CIPHER_CCMP); sha256_prf(sta->sae->pmk, SAE_PMK_LEN, "Temporal Key Derivation", context, sizeof(context), - sta->mtk, sizeof(sta->mtk)); + sta->mtk, sta->mtk_len); return 0; }