3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-29 13:59:24 +01:00

crypto: pass PMK length to crypto_derive_pairwise_ptk

Right now the PMK is hard coded to 32 bytes, which works for the vast
majority of cases. The only outlier is OWE which can generate a PMK
of 32, 48 or 64 bytes depending on the ECC group used. The PMK length
is already stored in the handshake, so now we can just pass that to
crypto_derive_pairwise_ptk
This commit is contained in:
James Prestwood 2019-01-17 12:25:31 -08:00 committed by Denis Kenzior
parent 6771a06463
commit 2c82d6b223
4 changed files with 5 additions and 4 deletions

View File

@ -560,13 +560,13 @@ static bool crypto_derive_ptk(const uint8_t *pmk, size_t pmk_len,
data, sizeof(data), out_ptk, ptk_len); data, sizeof(data), out_ptk, ptk_len);
} }
bool crypto_derive_pairwise_ptk(const uint8_t *pmk, bool crypto_derive_pairwise_ptk(const uint8_t *pmk, size_t pmk_len,
const uint8_t *addr1, const uint8_t *addr2, const uint8_t *addr1, const uint8_t *addr2,
const uint8_t *nonce1, const uint8_t *nonce2, const uint8_t *nonce1, const uint8_t *nonce2,
uint8_t *out_ptk, size_t ptk_len, uint8_t *out_ptk, size_t ptk_len,
bool use_sha256) bool use_sha256)
{ {
return crypto_derive_ptk(pmk, 32, "Pairwise key expansion", return crypto_derive_ptk(pmk, pmk_len, "Pairwise key expansion",
addr1, addr2, nonce1, nonce2, addr1, addr2, nonce1, nonce2,
out_ptk, ptk_len, out_ptk, ptk_len,
use_sha256); use_sha256);

View File

@ -95,7 +95,7 @@ bool hkdf_extract_sha256(const uint8_t *key, size_t key_len, uint8_t num_args,
bool hkdf_expand_sha256(const uint8_t *key, size_t key_len, const char *info, bool hkdf_expand_sha256(const uint8_t *key, size_t key_len, const char *info,
size_t info_len, void *out, size_t out_len); size_t info_len, void *out, size_t out_len);
bool crypto_derive_pairwise_ptk(const uint8_t *pmk, bool crypto_derive_pairwise_ptk(const uint8_t *pmk, size_t pmk_len,
const uint8_t *addr1, const uint8_t *addr2, const uint8_t *addr1, const uint8_t *addr2,
const uint8_t *nonce1, const uint8_t *nonce2, const uint8_t *nonce1, const uint8_t *nonce2,
uint8_t *out_ptk, size_t ptk_len, uint8_t *out_ptk, size_t ptk_len,

View File

@ -1262,6 +1262,7 @@ static void eapol_handle_ptk_2_of_4(struct eapol_sm *sm,
ptk_size = handshake_state_get_ptk_size(sm->handshake); ptk_size = handshake_state_get_ptk_size(sm->handshake);
if (!crypto_derive_pairwise_ptk(sm->handshake->pmk, if (!crypto_derive_pairwise_ptk(sm->handshake->pmk,
sm->handshake->pmk_len,
sm->handshake->spa, aa, sm->handshake->spa, aa,
sm->handshake->anonce, ek->key_nonce, sm->handshake->anonce, ek->key_nonce,
sm->handshake->ptk, ptk_size, false)) sm->handshake->ptk, ptk_size, false))

View File

@ -386,7 +386,7 @@ bool handshake_state_derive_ptk(struct handshake_state *s)
s->ptk, ptk_size, ptk_name)) s->ptk, ptk_size, ptk_name))
return false; return false;
} else } else
if (!crypto_derive_pairwise_ptk(s->pmk, s->spa, if (!crypto_derive_pairwise_ptk(s->pmk, s->pmk_len, s->spa,
s->aa, s->anonce, s->snonce, s->aa, s->anonce, s->snonce,
s->ptk, ptk_size, use_sha256)) s->ptk, ptk_size, use_sha256))
return false; return false;