]> git.ipfire.org Git - thirdparty/hostap.git/commit - src/ap/wpa_auth.c
projects / thirdparty / hostap.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2022f1d) | patch
FILS: Use AEAD cipher to check received EAPOL-Key frames (AP)
authorJouni Malinen <jouni@qca.qualcomm.com>
Thu, 3 Sep 2015 12:59:44 +0000 (15:59 +0300)
committerJouni Malinen <j@w1.fi>
Mon, 10 Oct 2016 18:11:47 +0000 (21:11 +0300)
commit3b5b7aa8fb1ea0cd83cfdb246dc47d17734a5bc6
tree258e655f229f01c1022a855abcb38bd7e6e7a40atree | snapshot
parent2022f1d08d54ef706b4dc1afca4cc13e4599a577commit | diff
FILS: Use AEAD cipher to check received EAPOL-Key frames (AP)

This changes 4-way handshake authenticator processing to decrypt the
EAPOL-Key frames using an AEAD cipher (AES-SIV with FILS AKMs) before
processing the Key Data field. This replaces Key MIC validation for the
cases where AEAD cipher is used. This needs to move the EAPOL-Key msg
2/4 RSN element processing to happen only after the PTK has been derived
and validated. That is done for all AKMs to avoid extra complexity with
having to maintain two code paths for this.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
hostapd/Android.mk diff | blob | blame | history
hostapd/Makefile diff | blob | blame | history
src/ap/wpa_auth.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.