3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2025-01-11 02:02:33 +01:00

handshake: update key getters for FILS-FT

FILS-FT is a special case with respect to the PTK keys. The KCK getter
was updated to handle both FT-FILS AKMs, by returning the offset in
the PTK to the special KCK generated during FILS. A getter for the KCK
length was added, which handles the SHA384 variant. The PTK size was
also updated since FILS-FT can generate an additional 56 bytes of PTK
This commit is contained in:
James Prestwood 2019-05-10 13:19:29 -07:00 committed by Denis Kenzior
parent bc381bd8c3
commit 0e9ed03e60
2 changed files with 28 additions and 2 deletions

View File

@ -368,8 +368,13 @@ static bool handshake_get_key_sizes(struct handshake_state *s, size_t *ptk_size,
break; break;
} }
if (ptk_size) if (ptk_size) {
*ptk_size = kck + kek + tk; *ptk_size = kck + kek + tk;
if (s->akm_suite == IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256)
*ptk_size += 32;
else if (s->akm_suite == IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384)
*ptk_size += 56;
}
if (kck_size) if (kck_size)
*kck_size = kck; *kck_size = kck;
@ -469,9 +474,29 @@ size_t handshake_state_get_ptk_size(struct handshake_state *s)
const uint8_t *handshake_state_get_kck(struct handshake_state *s) const uint8_t *handshake_state_get_kck(struct handshake_state *s)
{ {
/*
* FILS itself does not derive a KCK, but FILS-FT derives additional
* key bytes at the end of the PTK, which contains a special KCK used
* for fast transition. Since the normal FILS protocol will never call
* this, we can assume that its only being called for FILS-FT and is
* requesting this special KCK.
*/
if (s->akm_suite & IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256)
return s->ptk + 48;
else if (s->akm_suite & IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384)
return s->ptk + 80;
return s->ptk; return s->ptk;
} }
size_t handshake_state_get_kck_len(struct handshake_state *s)
{
if (s->akm_suite & IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384)
return 24;
return 16;
}
size_t handshake_state_get_kek_len(struct handshake_state *s) size_t handshake_state_get_kek_len(struct handshake_state *s)
{ {
size_t kek_size; size_t kek_size;

View File

@ -91,7 +91,7 @@ struct handshake_state {
size_t pmk_len; size_t pmk_len;
uint8_t snonce[32]; uint8_t snonce[32];
uint8_t anonce[32]; uint8_t anonce[32];
uint8_t ptk[80]; uint8_t ptk[136];
uint8_t pmk_r0[32]; uint8_t pmk_r0[32];
uint8_t pmk_r0_name[16]; uint8_t pmk_r0_name[16];
uint8_t pmk_r1[32]; uint8_t pmk_r1[32];
@ -177,6 +177,7 @@ void handshake_state_set_anonce(struct handshake_state *s,
void handshake_state_set_pmkid(struct handshake_state *s, const uint8_t *pmkid); void handshake_state_set_pmkid(struct handshake_state *s, const uint8_t *pmkid);
bool handshake_state_derive_ptk(struct handshake_state *s); bool handshake_state_derive_ptk(struct handshake_state *s);
size_t handshake_state_get_ptk_size(struct handshake_state *s); size_t handshake_state_get_ptk_size(struct handshake_state *s);
size_t handshake_state_get_kck_len(struct handshake_state *s);
const uint8_t *handshake_state_get_kck(struct handshake_state *s); const uint8_t *handshake_state_get_kck(struct handshake_state *s);
size_t handshake_state_get_kek_len(struct handshake_state *s); size_t handshake_state_get_kek_len(struct handshake_state *s);
const uint8_t *handshake_state_get_kek(struct handshake_state *s); const uint8_t *handshake_state_get_kek(struct handshake_state *s);