3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-22 13:02:44 +01:00

eapol: add support for FT-8021X-SHA384

The SHA384 variant was not being checked for in any of the
MIC calculations/verifications or for EAPoL decryption.
This commit is contained in:
James Prestwood 2023-04-10 15:01:30 -07:00 committed by Denis Kenzior
parent a952cc6a47
commit 590e8f4f13

View File

@ -110,6 +110,9 @@ bool eapol_calculate_mic(enum ie_rsn_akm_suite akm, const uint8_t *kck,
case IE_RSN_AKM_SUITE_OSEN:
return cmac_aes(kck, 16, frame, frame_len,
mic, mic_len);
case IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384:
return hmac_sha384(kck, 24, frame, frame_len,
mic, mic_len);
case IE_RSN_AKM_SUITE_OWE:
switch (mic_len) {
case 16:
@ -164,6 +167,10 @@ bool eapol_verify_mic(enum ie_rsn_akm_suite akm, const uint8_t *kck,
case IE_RSN_AKM_SUITE_OSEN:
checksum = l_checksum_new_cmac_aes(kck, 16);
break;
case IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384:
checksum = l_checksum_new_hmac(L_CHECKSUM_SHA384,
kck, 24);
break;
case IE_RSN_AKM_SUITE_OWE:
switch (mic_len) {
case 16:
@ -270,6 +277,7 @@ uint8_t *eapol_decrypt_key_data(enum ie_rsn_akm_suite akm, const uint8_t *kek,
case IE_RSN_AKM_SUITE_FT_OVER_SAE_SHA256:
case IE_RSN_AKM_SUITE_OWE:
case IE_RSN_AKM_SUITE_OSEN:
case IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384:
if (key_data_len < 24 || key_data_len % 8)
return NULL;
@ -315,6 +323,7 @@ uint8_t *eapol_decrypt_key_data(enum ie_rsn_akm_suite akm, const uint8_t *kek,
case EAPOL_KEY_DESCRIPTOR_VERSION_AKM_DEFINED:
switch (akm) {
case IE_RSN_AKM_SUITE_OWE:
case IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384:
switch (mic_len) {
case 16:
kek_len = 16;