FT: XXKey derivation for SHA384-based AKM

author Jouni Malinen <j@w1.fi>

Mon, 4 Jun 2018 12:16:54 +0000 (15:16 +0300)

committer Jouni Malinen <j@w1.fi>

Tue, 5 Jun 2018 16:29:52 +0000 (19:29 +0300)
author Jouni Malinen <j@w1.fi>
Mon, 4 Jun 2018 12:16:54 +0000 (15:16 +0300)
committer Jouni Malinen <j@w1.fi>
Tue, 5 Jun 2018 16:29:52 +0000 (19:29 +0300)
diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c

index 0cf57b8d75423ff23d14da952d36c73b928dd287..ff00b2813c2c0ed26197e83623a7ec9921a70dd6 100644 (file)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -1,6 +1,6 @@
  /*
   * IEEE 802.11 RSN / WPA Authenticator
- * Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi>
   *
   * This software may be distributed under the terms of the BSD license.
   * See README for more details.
@@ -1949,8 +1949,13 @@ SM_STATE(WPA_PTK, INITPMK)
                 sm->pmk_len = pmk_len;
  #ifdef CONFIG_IEEE80211R_AP
                 if (len >= 2 * PMK_LEN) {
-                       os_memcpy(sm->xxkey, msk + PMK_LEN, PMK_LEN);
-                       sm->xxkey_len = PMK_LEN;
+                       if (wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) {
+                               os_memcpy(sm->xxkey, msk, SHA384_MAC_LEN);
+                               sm->xxkey_len = SHA384_MAC_LEN;
+                       } else {
+                               os_memcpy(sm->xxkey, msk + PMK_LEN, PMK_LEN);
+                               sm->xxkey_len = PMK_LEN;
+                       }
                 }
  #endif /* CONFIG_IEEE80211R_AP */
         } else {
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c

index da597e90fa9664ae3ee1240b66777daa223cc80e..226cafaf6d9a065ac17200cc8adc2ff8393d713f 100644 (file)
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -323,8 +323,15 @@ static int wpa_supplicant_get_pmk(struct wpa_sm *sm,
                         u8 buf[2 * PMK_LEN];
                         if (eapol_sm_get_key(sm->eapol, buf, 2 * PMK_LEN) == 0)
                         {
-                               os_memcpy(sm->xxkey, buf + PMK_LEN, PMK_LEN);
-                               sm->xxkey_len = PMK_LEN;
+                               if (wpa_key_mgmt_sha384(sm->key_mgmt)) {
+                                       os_memcpy(sm->xxkey, buf,
+                                                 SHA384_MAC_LEN);
+                                       sm->xxkey_len = SHA384_MAC_LEN;
+                               } else {
+                                       os_memcpy(sm->xxkey, buf + PMK_LEN,
+                                                 PMK_LEN);
+                                       sm->xxkey_len = PMK_LEN;
+                               }
                                 os_memset(buf, 0, sizeof(buf));
                         }
  #endif /* CONFIG_IEEE80211R */
author	Jouni Malinen <j@w1.fi>
	Mon, 4 Jun 2018 12:16:54 +0000 (15:16 +0300)
committer	Jouni Malinen <j@w1.fi>
	Tue, 5 Jun 2018 16:29:52 +0000 (19:29 +0300)
src/ap/wpa_auth.c		patch \| blob \| blame \| history
src/rsn_supp/wpa.c		patch \| blob \| blame \| history