From d806a5588e8f6d8bb8141cdd3d890fdf8bff3cd1 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sat, 14 Nov 2009 14:18:15 +0200 Subject: [PATCH] WPS: Remove derivation of management keys MgmtAuthKey and MgmtEncKey were not used for anything and are unlikely to ever be used, so better remove the code to reduce binary size. --- src/wps/wps_common.c | 50 ------------------------------------------ src/wps/wps_enrollee.c | 4 ---- src/wps/wps_i.h | 5 ----- 3 files changed, 59 deletions(-) diff --git a/src/wps/wps_common.c b/src/wps/wps_common.c index b96af799d..400d9111e 100644 --- a/src/wps/wps_common.c +++ b/src/wps/wps_common.c @@ -129,56 +129,6 @@ int wps_derive_keys(struct wps_data *wps) } -int wps_derive_mgmt_keys(struct wps_data *wps) -{ - u8 nonces[2 * WPS_NONCE_LEN]; - u8 keys[WPS_MGMTAUTHKEY_LEN + WPS_MGMTENCKEY_LEN]; - u8 hash[SHA256_MAC_LEN]; - const u8 *addr[2]; - size_t len[2]; - const char *auth_label = "WFA-WLAN-Management-MgmtAuthKey"; - const char *enc_label = "WFA-WLAN-Management-MgmtEncKey"; - - /* MgmtAuthKey || MgmtEncKey = - * kdf(EMSK, N1 || N2 || "WFA-WLAN-Management-Keys", 384) */ - os_memcpy(nonces, wps->nonce_e, WPS_NONCE_LEN); - os_memcpy(nonces + WPS_NONCE_LEN, wps->nonce_r, WPS_NONCE_LEN); - wps_kdf(wps->emsk, nonces, sizeof(nonces), "WFA-WLAN-Management-Keys", - keys, sizeof(keys)); - os_memcpy(wps->mgmt_auth_key, keys, WPS_MGMTAUTHKEY_LEN); - os_memcpy(wps->mgmt_enc_key, keys + WPS_MGMTAUTHKEY_LEN, - WPS_MGMTENCKEY_LEN); - - addr[0] = nonces; - len[0] = sizeof(nonces); - - /* MgmtEncKeyID = first 128 bits of - * SHA-256(N1 || N2 || "WFA-WLAN-Management-MgmtAuthKey") */ - addr[1] = (const u8 *) auth_label; - len[1] = os_strlen(auth_label); - sha256_vector(2, addr, len, hash); - os_memcpy(wps->mgmt_auth_key_id, hash, WPS_MGMT_KEY_ID_LEN); - - /* MgmtEncKeyID = first 128 bits of - * SHA-256(N1 || N2 || "WFA-WLAN-Management-MgmtEncKey") */ - addr[1] = (const u8 *) enc_label; - len[1] = os_strlen(enc_label); - sha256_vector(2, addr, len, hash); - os_memcpy(wps->mgmt_enc_key_id, hash, WPS_MGMT_KEY_ID_LEN); - - wpa_hexdump_key(MSG_DEBUG, "WPS: MgmtAuthKey", - wps->mgmt_auth_key, WPS_MGMTAUTHKEY_LEN); - wpa_hexdump(MSG_DEBUG, "WPS: MgmtAuthKeyID", - wps->mgmt_auth_key_id, WPS_MGMT_KEY_ID_LEN); - wpa_hexdump_key(MSG_DEBUG, "WPS: MgmtEncKey", - wps->mgmt_enc_key, WPS_MGMTENCKEY_LEN); - wpa_hexdump(MSG_DEBUG, "WPS: MgmtEncKeyID", - wps->mgmt_enc_key_id, WPS_MGMT_KEY_ID_LEN); - - return 0; -} - - void wps_derive_psk(struct wps_data *wps, const u8 *dev_passwd, size_t dev_passwd_len) { diff --git a/src/wps/wps_enrollee.c b/src/wps/wps_enrollee.c index 89d229e51..9b479a631 100644 --- a/src/wps/wps_enrollee.c +++ b/src/wps/wps_enrollee.c @@ -555,10 +555,6 @@ static int wps_process_pubkey(struct wps_data *wps, const u8 *pk, if (wps_derive_keys(wps) < 0) return -1; - if (wps->request_type == WPS_REQ_WLAN_MANAGER_REGISTRAR && - wps_derive_mgmt_keys(wps) < 0) - return -1; - return 0; } diff --git a/src/wps/wps_i.h b/src/wps/wps_i.h index 66e49dc5b..2d8c7b7e4 100644 --- a/src/wps/wps_i.h +++ b/src/wps/wps_i.h @@ -62,10 +62,6 @@ struct wps_data { u8 authkey[WPS_AUTHKEY_LEN]; u8 keywrapkey[WPS_KEYWRAPKEY_LEN]; u8 emsk[WPS_EMSK_LEN]; - u8 mgmt_auth_key[WPS_MGMTAUTHKEY_LEN]; - u8 mgmt_auth_key_id[WPS_MGMT_KEY_ID_LEN]; - u8 mgmt_enc_key[WPS_MGMTENCKEY_LEN]; - u8 mgmt_enc_key_id[WPS_MGMT_KEY_ID_LEN]; struct wpabuf *last_msg; @@ -189,7 +185,6 @@ struct wps_parse_attr { void wps_kdf(const u8 *key, const u8 *label_prefix, size_t label_prefix_len, const char *label, u8 *res, size_t res_len); int wps_derive_keys(struct wps_data *wps); -int wps_derive_mgmt_keys(struct wps_data *wps); void wps_derive_psk(struct wps_data *wps, const u8 *dev_passwd, size_t dev_passwd_len); struct wpabuf * wps_decrypt_encr_settings(struct wps_data *wps, const u8 *encr,