From: Jouni Malinen <jouni.malinen@oss.qualcomm.com>
Date: Wed, 17 Dec 2025 19:28:01 +0000 (+0200)
Subject: PASN: Store selected hash algorithm when deriving PTK from PMK
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=37dbef24c97598dba1b1b91967936037bf42a396;p=thirdparty%2Fhostap.git

PASN: Store selected hash algorithm when deriving PTK from PMK

This makes it more convenient to be able to select the appropriate hash
algorithm for operations using PTK.

Signed-off-by: Jouni Malinen <jouni.malinen@oss.qualcomm.com>
---

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 940e37335..515ff832d 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -2815,7 +2815,7 @@ static void pasn_fils_auth_resp(struct hostapd_data *hapd,
 			      wpabuf_len(pasn->secret),
 			      pasn_get_ptk(sta->pasn), pasn_get_akmp(sta->pasn),
 			      pasn_get_cipher(sta->pasn), sta->pasn->kdk_len,
-			      sta->pasn->kek_len);
+			      sta->pasn->kek_len, &sta->pasn->hash_alg);
 	if (ret) {
 		wpa_printf(MSG_DEBUG, "PASN: FILS: Failed to derive PTK");
 		goto fail;
diff --git a/src/common/common_module_tests.c b/src/common/common_module_tests.c
index edbdbfa1a..6b528eabd 100644
--- a/src/common/common_module_tests.c
+++ b/src/common/common_module_tests.c
@@ -649,12 +649,13 @@ static int pasn_test_pasn_auth(void)
 	};
 	struct wpa_ptk ptk;
 	int ret;
+	enum rsn_hash_alg hash_alg;
 
 	ret = pasn_pmk_to_ptk(pmk, sizeof(pmk),
 			      spa_addr, bssid,
 			      dhss, sizeof(dhss),
 			      &ptk, WPA_KEY_MGMT_PASN, WPA_CIPHER_CCMP,
-			      WPA_KDK_MAX_LEN, 0);
+			      WPA_KDK_MAX_LEN, 0, &hash_alg);
 
 	if (ret)
 		return ret;
diff --git a/src/common/wpa_common.c b/src/common/wpa_common.c
index ee8084c42..d62512b23 100644
--- a/src/common/wpa_common.c
+++ b/src/common/wpa_common.c
@@ -1546,13 +1546,14 @@ bool pasn_use_sha384(int akmp, int cipher)
  * @cipher: Negotiated pairwise cipher
  * @kdk_len: the length in octets that should be derived for HTLK. Can be zero.
  * @kek_len: The length in octets that should be derived for KEK. Can be zero.
+ * @alg: Output variable for indicating the selected hash algorithm
  * Returns: 0 on success, -1 on failure
  */
 int pasn_pmk_to_ptk(const u8 *pmk, size_t pmk_len,
 		    const u8 *spa, const u8 *bssid,
 		    const u8 *dhss, size_t dhss_len,
 		    struct wpa_ptk *ptk, int akmp, int cipher,
-		    size_t kdk_len, size_t kek_len)
+		    size_t kdk_len, size_t kek_len, enum rsn_hash_alg *alg)
 {
 	u8 tmp[WPA_KCK_MAX_LEN + WPA_KEK_MAX_LEN + WPA_TK_MAX_LEN +
 	       WPA_KDK_MAX_LEN];
@@ -1606,6 +1607,9 @@ int pasn_pmk_to_ptk(const u8 *pmk, size_t pmk_len,
 	if (ptk_len > sizeof(tmp))
 		goto err;
 
+	*alg = pasn_use_sha384(akmp, cipher) ? RSN_HASH_SHA384 :
+		RSN_HASH_SHA256;
+
 	if (pasn_use_sha384(akmp, cipher)) {
 		wpa_printf(MSG_DEBUG, "PASN: PTK derivation using SHA384");
 
diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
index 0296bd36e..dbcaef93e 100644
--- a/src/common/wpa_common.h
+++ b/src/common/wpa_common.h
@@ -28,6 +28,12 @@
 
 #define OWE_DH_GROUP 19
 
+enum rsn_hash_alg {
+	RSN_HASH_SHA256,
+	RSN_HASH_SHA384,
+	RSN_HASH_SHA512,
+};
+
 #ifdef CONFIG_NO_TKIP
 #define WPA_ALLOWED_PAIRWISE_CIPHERS \
 (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP | WPA_CIPHER_NONE | \
@@ -774,7 +780,7 @@ int pasn_pmk_to_ptk(const u8 *pmk, size_t pmk_len,
 		    const u8 *spa, const u8 *bssid,
 		    const u8 *dhss, size_t dhss_len,
 		    struct wpa_ptk *ptk, int akmp, int cipher,
-		    size_t kdk_len, size_t kek_len);
+		    size_t kdk_len, size_t kek_len, enum rsn_hash_alg *alg);
 
 u8 pasn_mic_len(int akmp, int cipher);
 
diff --git a/src/pasn/pasn_common.h b/src/pasn/pasn_common.h
index ef28a0525..f6520630e 100644
--- a/src/pasn/pasn_common.h
+++ b/src/pasn/pasn_common.h
@@ -84,6 +84,7 @@ struct pasn_data {
 	size_t pmk_len;
 	u8 pmk[PMK_LEN_MAX];
 	bool using_pmksa;
+	enum rsn_hash_alg hash_alg;
 
 	u8 hash[SHA384_MAC_LEN];
 
diff --git a/src/pasn/pasn_initiator.c b/src/pasn/pasn_initiator.c
index 2de1a7314..d16ad62cd 100644
--- a/src/pasn/pasn_initiator.c
+++ b/src/pasn/pasn_initiator.c
@@ -1316,7 +1316,7 @@ int wpa_pasn_auth_rx(struct pasn_data *pasn, const u8 *data, size_t len,
 			      pasn->own_addr, pasn->peer_addr,
 			      wpabuf_head(secret), wpabuf_len(secret),
 			      &pasn->ptk, pasn->akmp, pasn->cipher,
-			      pasn->kdk_len, pasn->kek_len);
+			      pasn->kdk_len, pasn->kek_len, &pasn->hash_alg);
 	if (ret) {
 		wpa_printf(MSG_DEBUG, "PASN: Failed to derive PTK");
 		goto fail;
diff --git a/src/pasn/pasn_responder.c b/src/pasn/pasn_responder.c
index 17960e922..aafbedf77 100644
--- a/src/pasn/pasn_responder.c
+++ b/src/pasn/pasn_responder.c
@@ -412,7 +412,8 @@ pasn_derive_keys(struct pasn_data *pasn,
 	ret = pasn_pmk_to_ptk(pmk, pmk_len, peer_addr, own_addr,
 			      wpabuf_head(secret), wpabuf_len(secret),
 			      &pasn->ptk, pasn->akmp,
-			      pasn->cipher, pasn->kdk_len, pasn->kek_len);
+			      pasn->cipher, pasn->kdk_len, pasn->kek_len,
+			      &pasn->hash_alg);
 	if (ret) {
 		wpa_printf(MSG_DEBUG, "PASN: Failed to derive PTK");
 		return -1;