From 2c82d6b223a7c802954edac194871c987bada539 Mon Sep 17 00:00:00 2001
From: James Prestwood <james.prestwood@linux.intel.com>
Date: Thu, 17 Jan 2019 12:25:31 -0800
Subject: [PATCH] crypto: pass PMK length to crypto_derive_pairwise_ptk

Right now the PMK is hard coded to 32 bytes, which works for the vast
majority of cases. The only outlier is OWE which can generate a PMK
of 32, 48 or 64 bytes depending on the ECC group used. The PMK length
is already stored in the handshake, so now we can just pass that to
crypto_derive_pairwise_ptk
---
 src/crypto.c    | 4 ++--
 src/crypto.h    | 2 +-
 src/eapol.c     | 1 +
 src/handshake.c | 2 +-
 4 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/crypto.c b/src/crypto.c
index 2e2e5362..34863753 100644
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -560,13 +560,13 @@ static bool crypto_derive_ptk(const uint8_t *pmk, size_t pmk_len,
 					data, sizeof(data), out_ptk, ptk_len);
 }
 
-bool crypto_derive_pairwise_ptk(const uint8_t *pmk,
+bool crypto_derive_pairwise_ptk(const uint8_t *pmk, size_t pmk_len,
 				const uint8_t *addr1, const uint8_t *addr2,
 				const uint8_t *nonce1, const uint8_t *nonce2,
 				uint8_t *out_ptk, size_t ptk_len,
 				bool use_sha256)
 {
-	return crypto_derive_ptk(pmk, 32, "Pairwise key expansion",
+	return crypto_derive_ptk(pmk, pmk_len, "Pairwise key expansion",
 					addr1, addr2, nonce1, nonce2,
 					out_ptk, ptk_len,
 					use_sha256);
diff --git a/src/crypto.h b/src/crypto.h
index 5e125dd0..4fcc381b 100644
--- a/src/crypto.h
+++ b/src/crypto.h
@@ -95,7 +95,7 @@ bool hkdf_extract_sha256(const uint8_t *key, size_t key_len, uint8_t num_args,
 bool hkdf_expand_sha256(const uint8_t *key, size_t key_len, const char *info,
 			size_t info_len, void *out, size_t out_len);
 
-bool crypto_derive_pairwise_ptk(const uint8_t *pmk,
+bool crypto_derive_pairwise_ptk(const uint8_t *pmk, size_t pmk_len,
 				const uint8_t *addr1, const uint8_t *addr2,
 				const uint8_t *nonce1, const uint8_t *nonce2,
 				uint8_t *out_ptk, size_t ptk_len,
diff --git a/src/eapol.c b/src/eapol.c
index 13074cf7..080b89cf 100644
--- a/src/eapol.c
+++ b/src/eapol.c
@@ -1262,6 +1262,7 @@ static void eapol_handle_ptk_2_of_4(struct eapol_sm *sm,
 	ptk_size = handshake_state_get_ptk_size(sm->handshake);
 
 	if (!crypto_derive_pairwise_ptk(sm->handshake->pmk,
+					sm->handshake->pmk_len,
 					sm->handshake->spa, aa,
 					sm->handshake->anonce, ek->key_nonce,
 					sm->handshake->ptk, ptk_size, false))
diff --git a/src/handshake.c b/src/handshake.c
index ac444685..16913160 100644
--- a/src/handshake.c
+++ b/src/handshake.c
@@ -386,7 +386,7 @@ bool handshake_state_derive_ptk(struct handshake_state *s)
 						s->ptk, ptk_size, ptk_name))
 			return false;
 	} else
-		if (!crypto_derive_pairwise_ptk(s->pmk, s->spa,
+		if (!crypto_derive_pairwise_ptk(s->pmk, s->pmk_len, s->spa,
 						s->aa, s->anonce, s->snonce,
 						s->ptk, ptk_size, use_sha256))
 			return false;