mirror of
https://git.kernel.org/pub/scm/network/wireless/iwd.git
synced 2025-01-11 02:02:33 +01:00
handshake: update key getters for FILS-FT
FILS-FT is a special case with respect to the PTK keys. The KCK getter was updated to handle both FT-FILS AKMs, by returning the offset in the PTK to the special KCK generated during FILS. A getter for the KCK length was added, which handles the SHA384 variant. The PTK size was also updated since FILS-FT can generate an additional 56 bytes of PTK
This commit is contained in:
parent
bc381bd8c3
commit
0e9ed03e60
@ -368,8 +368,13 @@ static bool handshake_get_key_sizes(struct handshake_state *s, size_t *ptk_size,
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ptk_size)
|
if (ptk_size) {
|
||||||
*ptk_size = kck + kek + tk;
|
*ptk_size = kck + kek + tk;
|
||||||
|
if (s->akm_suite == IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256)
|
||||||
|
*ptk_size += 32;
|
||||||
|
else if (s->akm_suite == IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384)
|
||||||
|
*ptk_size += 56;
|
||||||
|
}
|
||||||
|
|
||||||
if (kck_size)
|
if (kck_size)
|
||||||
*kck_size = kck;
|
*kck_size = kck;
|
||||||
@ -469,9 +474,29 @@ size_t handshake_state_get_ptk_size(struct handshake_state *s)
|
|||||||
|
|
||||||
const uint8_t *handshake_state_get_kck(struct handshake_state *s)
|
const uint8_t *handshake_state_get_kck(struct handshake_state *s)
|
||||||
{
|
{
|
||||||
|
/*
|
||||||
|
* FILS itself does not derive a KCK, but FILS-FT derives additional
|
||||||
|
* key bytes at the end of the PTK, which contains a special KCK used
|
||||||
|
* for fast transition. Since the normal FILS protocol will never call
|
||||||
|
* this, we can assume that its only being called for FILS-FT and is
|
||||||
|
* requesting this special KCK.
|
||||||
|
*/
|
||||||
|
if (s->akm_suite & IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256)
|
||||||
|
return s->ptk + 48;
|
||||||
|
else if (s->akm_suite & IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384)
|
||||||
|
return s->ptk + 80;
|
||||||
|
|
||||||
return s->ptk;
|
return s->ptk;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
size_t handshake_state_get_kck_len(struct handshake_state *s)
|
||||||
|
{
|
||||||
|
if (s->akm_suite & IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384)
|
||||||
|
return 24;
|
||||||
|
|
||||||
|
return 16;
|
||||||
|
}
|
||||||
|
|
||||||
size_t handshake_state_get_kek_len(struct handshake_state *s)
|
size_t handshake_state_get_kek_len(struct handshake_state *s)
|
||||||
{
|
{
|
||||||
size_t kek_size;
|
size_t kek_size;
|
||||||
|
@ -91,7 +91,7 @@ struct handshake_state {
|
|||||||
size_t pmk_len;
|
size_t pmk_len;
|
||||||
uint8_t snonce[32];
|
uint8_t snonce[32];
|
||||||
uint8_t anonce[32];
|
uint8_t anonce[32];
|
||||||
uint8_t ptk[80];
|
uint8_t ptk[136];
|
||||||
uint8_t pmk_r0[32];
|
uint8_t pmk_r0[32];
|
||||||
uint8_t pmk_r0_name[16];
|
uint8_t pmk_r0_name[16];
|
||||||
uint8_t pmk_r1[32];
|
uint8_t pmk_r1[32];
|
||||||
@ -177,6 +177,7 @@ void handshake_state_set_anonce(struct handshake_state *s,
|
|||||||
void handshake_state_set_pmkid(struct handshake_state *s, const uint8_t *pmkid);
|
void handshake_state_set_pmkid(struct handshake_state *s, const uint8_t *pmkid);
|
||||||
bool handshake_state_derive_ptk(struct handshake_state *s);
|
bool handshake_state_derive_ptk(struct handshake_state *s);
|
||||||
size_t handshake_state_get_ptk_size(struct handshake_state *s);
|
size_t handshake_state_get_ptk_size(struct handshake_state *s);
|
||||||
|
size_t handshake_state_get_kck_len(struct handshake_state *s);
|
||||||
const uint8_t *handshake_state_get_kck(struct handshake_state *s);
|
const uint8_t *handshake_state_get_kck(struct handshake_state *s);
|
||||||
size_t handshake_state_get_kek_len(struct handshake_state *s);
|
size_t handshake_state_get_kek_len(struct handshake_state *s);
|
||||||
const uint8_t *handshake_state_get_kek(struct handshake_state *s);
|
const uint8_t *handshake_state_get_kek(struct handshake_state *s);
|
||||||
|
Loading…
Reference in New Issue
Block a user