FT: Add key management value FT-EAP-SHA384 for wpa_supplicant

This allows wpa_supplicant to be configuted to use the SHA384-based FT
AKM.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
index 8ec60629bb9e2749168da47f8056c5274109dba7..dd7f6036c89aa594ae94761e5bf37d32a8d72000 100644 (file)
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -1,6 +1,6 @@
 /*
  * WPA Supplicant / Configuration parser and common functions
- * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi>
  *
  * This software may be distributed under the terms of the BSD license.
  * See README for more details.
@@ -735,6 +735,10 @@ static int wpa_config_parse_key_mgmt(const struct parse_data *data,
                        val |= WPA_KEY_MGMT_FT_PSK;
                else if (os_strcmp(start, "FT-EAP") == 0)
                        val |= WPA_KEY_MGMT_FT_IEEE8021X;
+#ifdef CONFIG_SHA384
+               else if (os_strcmp(start, "FT-EAP-SHA384") == 0)
+                       val |= WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
+#endif /* CONFIG_SHA384 */
 #endif /* CONFIG_IEEE80211R */
 #ifdef CONFIG_IEEE80211W
                else if (os_strcmp(start, "WPA-PSK-SHA256") == 0)
@@ -892,6 +896,18 @@ static char * wpa_config_write_key_mgmt(const struct parse_data *data,
                }
                pos += ret;
        }
+
+#ifdef CONFIG_SHA384
+       if (ssid->key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) {
+               ret = os_snprintf(pos, end - pos, "%sFT-EAP-SHA384",
+                                 pos == buf ? "" : " ");
+               if (os_snprintf_error(end - pos, ret)) {
+                       end[-1] = '\0';
+                       return buf;
+               }
+               pos += ret;
+       }
+#endif /* CONFIG_SHA384 */
 #endif /* CONFIG_IEEE80211R */
 
 #ifdef CONFIG_IEEE80211W

diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf
index a235ea0bfa77294c1e627a12dcb984783e387dab..f4cf91d3a9cbb46671d14a9e1234b63d88e35060 100644 (file)
--- a/wpa_supplicant/wpa_supplicant.conf
+++ b/wpa_supplicant/wpa_supplicant.conf
@@ -877,6 +877,8 @@ fast_reauth=1
 #      instead)
 # FT-PSK = Fast BSS Transition (IEEE 802.11r) with pre-shared key
 # FT-EAP = Fast BSS Transition (IEEE 802.11r) with EAP authentication
+# FT-EAP-SHA384 = Fast BSS Transition (IEEE 802.11r) with EAP authentication
+#      and using SHA384
 # WPA-PSK-SHA256 = Like WPA-PSK but using stronger SHA256-based algorithms
 # WPA-EAP-SHA256 = Like WPA-EAP but using stronger SHA256-based algorithms
 # SAE = Simultaneous authentication of equals; pre-shared key/password -based