FT: Extend the wpa_pmk_r1_to_ptk() function to also derive KDK

Extend the wpa_pmk_r1_to_ptk() to also derive Key Derivation
Key (KDK), which can later be used for secure LTF measurements.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index ebf35cf30fe586f96c043c7d657690ed932e224d..65da18cbe9e087ad1d9bd83346fe775be9e67c15 100644 (file)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -2272,7 +2272,9 @@ static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *snonce,
                                                 sm->pmk_r1_name,
                                                 ptk, ptk_name,
                                                 sm->wpa_key_mgmt,
-                                                sm->pairwise);
+                                                sm->pairwise,
+                                                sm->wpa_auth->conf.kdk ?
+                                                WPA_KDK_MAX_LEN : 0);
                }
                return wpa_auth_derive_ptk_ft(sm, ptk);
        }

diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c
index 5aa363eca94877dc02e0f2f6688204b579604f3f..9a1922e64ad761b2611d95aeec9b1b3565bb95f3 100644 (file)
--- a/src/ap/wpa_auth_ft.c
+++ b/src/ap/wpa_auth_ft.c
@@ -2147,7 +2147,8 @@ int wpa_auth_derive_ptk_ft(struct wpa_state_machine *sm, struct wpa_ptk *ptk)
 
        return wpa_pmk_r1_to_ptk(pmk_r1, pmk_r1_len, sm->SNonce, sm->ANonce,
                                 sm->addr, sm->wpa_auth->addr, sm->pmk_r1_name,
-                                ptk, ptk_name, sm->wpa_key_mgmt, sm->pairwise);
+                                ptk, ptk_name, sm->wpa_key_mgmt, sm->pairwise,
+                                0);
 }
 
 
@@ -3198,7 +3199,9 @@ pmk_r1_derived:
        if (wpa_pmk_r1_to_ptk(pmk_r1, pmk_r1_len, sm->SNonce, sm->ANonce,
                              sm->addr, sm->wpa_auth->addr, pmk_r1_name,
                              &sm->PTK, ptk_name, sm->wpa_key_mgmt,
-                             pairwise) < 0)
+                             pairwise,
+                             sm->wpa_auth->conf.kdk ?
+                             WPA_KDK_MAX_LEN : 0) < 0)
                return WLAN_STATUS_UNSPECIFIED_FAILURE;
 
        sm->pairwise = pairwise;

diff --git a/src/common/wpa_common.c b/src/common/wpa_common.c
index 750a3c8c43fac19e099add9acfa61415a812166f..877e4b5b3465d04439214de8921468b31e0d075e 100644 (file)
--- a/src/common/wpa_common.c
+++ b/src/common/wpa_common.c
@@ -1750,16 +1750,25 @@ int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, size_t pmk_r1_len,
                      const u8 *snonce, const u8 *anonce,
                      const u8 *sta_addr, const u8 *bssid,
                      const u8 *pmk_r1_name,
-                     struct wpa_ptk *ptk, u8 *ptk_name, int akmp, int cipher)
+                     struct wpa_ptk *ptk, u8 *ptk_name, int akmp, int cipher,
+                     size_t kdk_len)
 {
        u8 buf[2 * WPA_NONCE_LEN + 2 * ETH_ALEN];
        u8 *pos, hash[32];
        const u8 *addr[6];
        size_t len[6];
-       u8 tmp[2 * WPA_KCK_MAX_LEN + 2 * WPA_KEK_MAX_LEN + WPA_TK_MAX_LEN];
+       u8 tmp[2 * WPA_KCK_MAX_LEN + 2 * WPA_KEK_MAX_LEN + WPA_TK_MAX_LEN +
+              WPA_KDK_MAX_LEN];
        size_t ptk_len, offset;
        int use_sha384 = wpa_key_mgmt_sha384(akmp);
 
+       if (kdk_len > WPA_KDK_MAX_LEN) {
+               wpa_printf(MSG_ERROR,
+                          "FT: KDK len=%zu exceeds max supported len",
+                          kdk_len);
+               return -1;
+       }
+
        /*
         * PTK = KDF-PTKLen(PMK-R1, "FT-PTK", SNonce || ANonce ||
         *                  BSSID || STA-ADDR)
@@ -1786,8 +1795,9 @@ int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, size_t pmk_r1_len,
        ptk->kek_len = wpa_kek_len(akmp, PMK_LEN);
        ptk->kek2_len = wpa_kek2_len(akmp);
        ptk->tk_len = wpa_cipher_key_len(cipher);
+       ptk->kdk_len = kdk_len;
        ptk_len = ptk->kck_len + ptk->kek_len + ptk->tk_len +
-               ptk->kck2_len + ptk->kek2_len;
+               ptk->kck2_len + ptk->kek2_len + ptk->kdk_len;
 
 #ifdef CONFIG_SHA384
        if (use_sha384) {
@@ -1846,6 +1856,8 @@ int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, size_t pmk_r1_len,
        os_memcpy(ptk->kck2, tmp + offset, ptk->kck2_len);
        offset += ptk->kck2_len;
        os_memcpy(ptk->kek2, tmp + offset, ptk->kek2_len);
+       offset += ptk->kek2_len;
+       os_memcpy(ptk->kdk, tmp + offset, ptk->kdk_len);
 
        wpa_hexdump_key(MSG_DEBUG, "FT: KCK", ptk->kck, ptk->kck_len);
        wpa_hexdump_key(MSG_DEBUG, "FT: KEK", ptk->kek, ptk->kek_len);
@@ -1855,6 +1867,9 @@ int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, size_t pmk_r1_len,
        if (ptk->kek2_len)
                wpa_hexdump_key(MSG_DEBUG, "FT: KEK2",
                                ptk->kek2, ptk->kek2_len);
+       if (ptk->kdk_len)
+               wpa_hexdump_key(MSG_DEBUG, "FT: KDK", ptk->kdk, ptk->kdk_len);
+
        wpa_hexdump_key(MSG_DEBUG, "FT: TK", ptk->tk, ptk->tk_len);
        wpa_hexdump(MSG_DEBUG, "FT: PTKName", ptk_name, WPA_PMK_NAME_LEN);
 

diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
index 44b803e65370603159978ca97d00f9c04608e492..193f1d7320a523fbf1df7659a74d56f5b62fc868 100644 (file)
--- a/src/common/wpa_common.h
+++ b/src/common/wpa_common.h
@@ -427,7 +427,8 @@ int wpa_derive_pmk_r1(const u8 *pmk_r0, size_t pmk_r0_len,
 int wpa_pmk_r1_to_ptk(const u8 *pmk_r1, size_t pmk_r1_len, const u8 *snonce,
                      const u8 *anonce, const u8 *sta_addr, const u8 *bssid,
                      const u8 *pmk_r1_name,
-                     struct wpa_ptk *ptk, u8 *ptk_name, int akmp, int cipher);
+                     struct wpa_ptk *ptk, u8 *ptk_name, int akmp, int cipher,
+                     size_t kdk_len);
 #endif /* CONFIG_IEEE80211R */
 
 struct wpa_ie_data {

diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c
index bf73376b68d9e90d3ac133e8134359085d5203f7..6ca9cb7ce704a5183fcdc8ac92d89cf51ebc18e7 100644 (file)
--- a/src/rsn_supp/wpa_ft.c
+++ b/src/rsn_supp/wpa_ft.c
@@ -58,7 +58,8 @@ int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr,
                return -1;
        return wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce, anonce,
                                 sm->own_addr, sm->bssid, sm->pmk_r1_name, ptk,
-                                ptk_name, sm->key_mgmt, sm->pairwise_cipher);
+                                ptk_name, sm->key_mgmt, sm->pairwise_cipher,
+                                sm->kdk ? WPA_KDK_MAX_LEN : 0);
 }
 
 
@@ -649,7 +650,8 @@ int wpa_ft_process_response(struct wpa_sm *sm, const u8 *ies, size_t ies_len,
        if (wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce,
                              anonce, sm->own_addr, bssid,
                              sm->pmk_r1_name, &sm->ptk, ptk_name, sm->key_mgmt,
-                             sm->pairwise_cipher) < 0)
+                             sm->pairwise_cipher,
+                             sm->kdk ? WPA_KDK_MAX_LEN : 0) < 0)
                return -1;
 
        if (wpa_key_mgmt_fils(sm->key_mgmt)) {

diff --git a/wlantest/rx_eapol.c b/wlantest/rx_eapol.c
index cdc1fff0c38ecaf14924bfea56fafcbadd80fba5..eaf97c3e81b7b2a193a0399dd4a02a9f2d6005bc 100644 (file)
--- a/wlantest/rx_eapol.c
+++ b/wlantest/rx_eapol.c
@@ -120,7 +120,7 @@ static int try_pmk(struct wlantest *wt, struct wlantest_bss *bss,
                                      sta->snonce, sta->anonce, sta->addr,
                                      bss->bssid, sta->pmk_r1_name,
                                      &ptk, ptk_name, sta->key_mgmt,
-                                     sta->pairwise_cipher) < 0 ||
+                                     sta->pairwise_cipher, 0) < 0 ||
                    check_mic(ptk.kck, ptk.kck_len, sta->key_mgmt, ver, data,
                              len) < 0)
                        return -1;

diff --git a/wlantest/rx_mgmt.c b/wlantest/rx_mgmt.c
index 0bc7eb2b2d93862b5c2daf98ca536123ab60c43b..f7041b8cb99c4472033cabb43c3c32078f4169bf 100644 (file)
--- a/wlantest/rx_mgmt.c
+++ b/wlantest/rx_mgmt.c
@@ -290,7 +290,7 @@ static void process_ft_auth(struct wlantest *wt, struct wlantest_bss *bss,
            wpa_pmk_r1_to_ptk(sta->pmk_r1, sta->pmk_r1_len, parse.fte_snonce,
                              parse.fte_anonce, sta->addr, bss->bssid,
                              sta->pmk_r1_name, &ptk, ptk_name, sta->key_mgmt,
-                             sta->pairwise_cipher) < 0)
+                             sta->pairwise_cipher, 0) < 0)
                return;
 
        add_note(wt, MSG_DEBUG, "Derived new PTK");
@@ -1779,7 +1779,8 @@ static void rx_mgmt_action_ft_response(struct wlantest *wt,
            wpa_pmk_r1_to_ptk(sta->pmk_r1, sta->pmk_r1_len, parse.fte_snonce,
                              parse.fte_anonce, new_sta->addr, bss->bssid,
                              sta->pmk_r1_name, &ptk, ptk_name,
-                             new_sta->key_mgmt, new_sta->pairwise_cipher) < 0)
+                             new_sta->key_mgmt, new_sta->pairwise_cipher,
+                             0) < 0)
                return;
 
        add_note(wt, MSG_DEBUG, "Derived new PTK");