From f68cca43dac8fc0de270e620a828f989dd3e8962 Mon Sep 17 00:00:00 2001 From: James Prestwood Date: Tue, 7 Aug 2018 14:29:10 -0700 Subject: [PATCH] handshake: add setter for PMKID SAE generates the PMKID during the authentication process, rather than generating it on-the-fly using the PMK. For this reason SAE needs to be able to set the PMKID once its generated. A new flag was also added (has_pmkid) which signifies if the PMKID was set or if it should be generated. --- src/handshake.c | 12 ++++++++++++ src/handshake.h | 4 +++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/src/handshake.c b/src/handshake.c index 87cf93db..753eacd0 100644 --- a/src/handshake.c +++ b/src/handshake.c @@ -387,10 +387,22 @@ void handshake_state_override_pairwise_cipher(struct handshake_state *s, s->pairwise_cipher = pairwise; } +void handshake_state_set_pmkid(struct handshake_state *s, const uint8_t *pmkid) +{ + memcpy(s->pmkid, pmkid, 16); + s->have_pmkid = true; +} + bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid) { bool use_sha256; + /* SAE exports pmkid */ + if (s->have_pmkid) { + memcpy(out_pmkid, s->pmkid, 16); + return true; + } + if (!s->have_pmk) return false; diff --git a/src/handshake.h b/src/handshake.h index 9bfb636d..853bdf76 100644 --- a/src/handshake.h +++ b/src/handshake.h @@ -93,6 +93,7 @@ struct handshake_state { uint8_t pmk_r0_name[16]; uint8_t pmk_r1[32]; uint8_t pmk_r1_name[16]; + uint8_t pmkid[16]; struct l_settings *settings_8021x; bool have_snonce : 1; bool ptk_complete : 1; @@ -100,6 +101,7 @@ struct handshake_state { bool have_pmk : 1; bool mfp : 1; bool have_anonce : 1; + bool have_pmkid : 1; uint8_t ssid[32]; size_t ssid_len; char *passphrase; @@ -152,7 +154,7 @@ void handshake_state_new_snonce(struct handshake_state *s); void handshake_state_new_anonce(struct handshake_state *s); void handshake_state_set_anonce(struct handshake_state *s, const uint8_t *anonce); - +void handshake_state_set_pmkid(struct handshake_state *s, const uint8_t *pmkid); bool handshake_state_derive_ptk(struct handshake_state *s); const struct crypto_ptk *handshake_state_get_ptk(struct handshake_state *s); void handshake_state_install_ptk(struct handshake_state *s);