Kernel
/
iwd
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git
3
0
Fork 0
Code Releases Activity

crypto: modify crypto_derive_pmkid to take the length/checksum type 

The existing API was limited to SHA1 or SHA256 and assumed a key
length of 32 bytes. Since other AKMs plan to be added update
this to take the checksum/length directly for better flexibility.
This commit is contained in:
James Prestwood 2023-06-20 10:25:31 -07:00 committed by Denis Kenzior
parent d09b106998
commit ae76fa876f
4 changed files with 13 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/crypto.c
View File

@ -1116,9 +1116,10 @@ exit:
} }
/* Defined in 802.11-2012, Section 11.6.1.3 Pairwise Key Hierarchy */ /* Defined in 802.11-2012, Section 11.6.1.3 Pairwise Key Hierarchy */
bool crypto_derive_pmkid(const uint8_t *pmk, bool crypto_derive_pmkid(const uint8_t *pmk, size_t key_len,
const uint8_t *addr1, const uint8_t *addr2, const uint8_t *addr1, const uint8_t *addr2,
uint8_t *out_pmkid, bool use_sha256) uint8_t *out_pmkid,
enum l_checksum_type checksum)
{ {
uint8_t data[20]; uint8_t data[20];
@ -1126,10 +1127,7 @@ bool crypto_derive_pmkid(const uint8_t *pmk,
memcpy(data + 8, addr2, 6); memcpy(data + 8, addr2, 6);
memcpy(data + 14, addr1, 6); memcpy(data + 14, addr1, 6);
if (use_sha256) return hmac_common(checksum, pmk, key_len, data, 20, out_pmkid, 16);
return hmac_sha256(pmk, 32, data, 20, out_pmkid, 16);
else
return hmac_sha1(pmk, 32, data, 20, out_pmkid, 16);
} }
enum l_checksum_type crypto_sae_hash_from_ecc_prime_len(enum crypto_sae type, enum l_checksum_type crypto_sae_hash_from_ecc_prime_len(enum crypto_sae type,

5
src/crypto.h
View File

@ -154,9 +154,10 @@ bool crypto_derive_ft_ptk(const uint8_t *pmk_r1, const uint8_t *pmk_r1_name,
bool sha384, uint8_t *out_ptk, size_t ptk_len, bool sha384, uint8_t *out_ptk, size_t ptk_len,
uint8_t *out_ptk_name); uint8_t *out_ptk_name);
bool crypto_derive_pmkid(const uint8_t *pmk, bool crypto_derive_pmkid(const uint8_t *pmk, size_t key_len,
const uint8_t *addr1, const uint8_t *addr2, const uint8_t *addr1, const uint8_t *addr2,
uint8_t *out_pmkid, bool use_sha256); uint8_t *out_pmkid,
enum l_checksum_type checksum);
enum crypto_sae { enum crypto_sae {
CRYPTO_SAE_LOOPING, CRYPTO_SAE_LOOPING,

4
src/eapol.c
View File

@ -1112,8 +1112,8 @@ static void eapol_send_ptk_1_of_4(struct eapol_sm *sm)
memcpy(ek->key_nonce, sm->handshake->anonce, sizeof(ek->key_nonce)); memcpy(ek->key_nonce, sm->handshake->anonce, sizeof(ek->key_nonce));
/* Write the PMKID KDE into Key Data field unencrypted */ /* Write the PMKID KDE into Key Data field unencrypted */
crypto_derive_pmkid(sm->handshake->pmk, sm->handshake->spa, aa, crypto_derive_pmkid(sm->handshake->pmk, 32, sm->handshake->spa, aa,
pmkid, false); pmkid, L_CHECKSUM_SHA1);
eapol_key_data_append(ek, sm->mic_len, HANDSHAKE_KDE_PMKID, pmkid, 16); eapol_key_data_append(ek, sm->mic_len, HANDSHAKE_KDE_PMKID, pmkid, 16);

9
src/handshake.c
View File

@ -736,7 +736,7 @@ void handshake_state_set_pmkid(struct handshake_state *s, const uint8_t *pmkid)
bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid) bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid)
{ {
bool use_sha256; enum l_checksum_type sha;
/* SAE exports pmkid */ /* SAE exports pmkid */
if (s->have_pmkid) { if (s->have_pmkid) {
@ -757,12 +757,11 @@ bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid)
if (s->akm_suite & (IE_RSN_AKM_SUITE_8021X_SHA256 | if (s->akm_suite & (IE_RSN_AKM_SUITE_8021X_SHA256 |
IE_RSN_AKM_SUITE_PSK_SHA256)) IE_RSN_AKM_SUITE_PSK_SHA256))
use_sha256 = true; sha = L_CHECKSUM_SHA256;
else else
use_sha256 = false; sha = L_CHECKSUM_SHA1;
return crypto_derive_pmkid(s->pmk, s->spa, s->aa, out_pmkid, return crypto_derive_pmkid(s->pmk, 32, s->spa, s->aa, out_pmkid, sha);
use_sha256);
} }
void handshake_state_set_gtk(struct handshake_state *s, const uint8_t *key, void handshake_state_set_gtk(struct handshake_state *s, const uint8_t *key,