3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-29 13:59:24 +01:00

eapol: support PTK derivation with SHA256

Support PTK derivation in case the negotiated AKM requires SHA256. This
is needed to support SAE in AP mode.
This commit is contained in:
John Brandt 2024-05-05 17:30:34 -07:00 committed by Denis Kenzior
parent b9e4dfbd40
commit 3132e9f595

View File

@ -1560,6 +1560,7 @@ static void eapol_handle_ptk_2_of_4(struct eapol_sm *sm,
size_t ptk_size; size_t ptk_size;
const uint8_t *kck; const uint8_t *kck;
const uint8_t *aa = sm->handshake->aa; const uint8_t *aa = sm->handshake->aa;
enum l_checksum_type type;
l_debug("ifindex=%u", sm->handshake->ifindex); l_debug("ifindex=%u", sm->handshake->ifindex);
@ -1571,12 +1572,16 @@ static void eapol_handle_ptk_2_of_4(struct eapol_sm *sm,
ptk_size = handshake_state_get_ptk_size(sm->handshake); ptk_size = handshake_state_get_ptk_size(sm->handshake);
type = L_CHECKSUM_SHA1;
if (sm->handshake->akm_suite == IE_RSN_AKM_SUITE_SAE_SHA256)
type = L_CHECKSUM_SHA256;
if (!crypto_derive_pairwise_ptk(sm->handshake->pmk, if (!crypto_derive_pairwise_ptk(sm->handshake->pmk,
sm->handshake->pmk_len, sm->handshake->pmk_len,
sm->handshake->spa, aa, sm->handshake->spa, aa,
sm->handshake->anonce, ek->key_nonce, sm->handshake->anonce, ek->key_nonce,
sm->handshake->ptk, ptk_size, sm->handshake->ptk, ptk_size,
L_CHECKSUM_SHA1)) type))
return; return;
kck = handshake_state_get_kck(sm->handshake); kck = handshake_state_get_kck(sm->handshake);