From 028e755d420e723877d6cfcdb5621b6f2fb99215 Mon Sep 17 00:00:00 2001
From: James Prestwood <james.prestwood@linux.intel.com>
Date: Thu, 25 Apr 2019 12:52:49 -0700
Subject: [PATCH] handshake: allow SHA384 PTK derivation (for FILS)

For FILS rekeys, we still derive the PTK using the 4-way handshake.
And for FILS-SHA384 we need the SHA384 KDF variant when deriving.

This change adds both FILS-SHA256 and FILS-SHA384 to the checks
for determining the SHA variant.
---
 src/handshake.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/handshake.c b/src/handshake.c
index 07203aef..19adbfd9 100644
--- a/src/handshake.c
+++ b/src/handshake.c
@@ -388,11 +388,14 @@ bool handshake_state_derive_ptk(struct handshake_state *s)
 
 	s->ptk_complete = false;
 
-	if (s->akm_suite & (IE_RSN_AKM_SUITE_8021X_SHA256 |
+	if (s->akm_suite & IE_RSN_AKM_SUITE_FILS_SHA384)
+		type = L_CHECKSUM_SHA384;
+	else if (s->akm_suite & (IE_RSN_AKM_SUITE_8021X_SHA256 |
 			IE_RSN_AKM_SUITE_PSK_SHA256 |
 			IE_RSN_AKM_SUITE_SAE_SHA256 |
 			IE_RSN_AKM_SUITE_FT_OVER_SAE_SHA256 |
-			IE_RSN_AKM_SUITE_OWE))
+			IE_RSN_AKM_SUITE_OWE |
+			IE_RSN_AKM_SUITE_FILS_SHA256))
 		type = L_CHECKSUM_SHA256;
 	else
 		type = L_CHECKSUM_SHA1;