mesh: Add variable length MTK support

This is needed as a part in enabling support for different pairwise
ciphers in mesh.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/ap/sta_info.h b/src/ap/sta_info.h
index 10bdfe188ceec7c3c72845f178f1882e8a918340..6b520bc2a6f6bf57846d26ee683c08d25393b816 100644 (file)
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
@@ -85,7 +85,8 @@ struct sta_info {
        u8 my_nonce[WPA_NONCE_LEN];
        u8 peer_nonce[WPA_NONCE_LEN];
        u8 aek[32];     /* SHA256 digest length */
-       u8 mtk[16];
+       u8 mtk[WPA_TK_MAX_LEN];
+       size_t mtk_len;
        u8 mgtk[16];
        u8 sae_auth_retry;
 #endif /* CONFIG_MESH */

diff --git a/wpa_supplicant/mesh_mpm.c b/wpa_supplicant/mesh_mpm.c
index a0b71748a3d5fc7ca2187f6b658f67a61dcec655..84c5b6b36da625c7e9f6c6578c6e4a97458af3f8 100644 (file)
--- a/wpa_supplicant/mesh_mpm.c
+++ b/wpa_supplicant/mesh_mpm.c
@@ -793,8 +793,10 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s,
                MAC2STR(sta->addr));
 
        if (conf->security & MESH_CONF_SEC_AMPE) {
+               wpa_hexdump_key(MSG_DEBUG, "mesh: MTK", sta->mtk, sta->mtk_len);
+               /* TODO: support for other ciphers */
                wpa_drv_set_key(wpa_s, WPA_ALG_CCMP, sta->addr, 0, 0,
-                               seq, sizeof(seq), sta->mtk, sizeof(sta->mtk));
+                               seq, sizeof(seq), sta->mtk, sta->mtk_len);
                wpa_drv_set_key(wpa_s, WPA_ALG_CCMP, sta->addr, 1, 0,
                                seq, sizeof(seq),
                                sta->mgtk, sizeof(sta->mgtk));
@@ -802,7 +804,6 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s,
                                seq, sizeof(seq),
                                sta->mgtk, sizeof(sta->mgtk));
 
-               wpa_hexdump_key(MSG_DEBUG, "mtk:", sta->mtk, sizeof(sta->mtk));
                wpa_hexdump_key(MSG_DEBUG, "mgtk:",
                                sta->mgtk, sizeof(sta->mgtk));
        }

diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c
index 3ce933affa7e5a7a2b1f3064f302920849e6b4bc..d7a811548741255c9bc49c12b476dd6b1881f32a 100644 (file)
--- a/wpa_supplicant/mesh_rsn.c
+++ b/wpa_supplicant/mesh_rsn.c
@@ -445,9 +445,10 @@ int mesh_rsn_derive_mtk(struct wpa_supplicant *wpa_s, struct sta_info *sta)
        ptr += ETH_ALEN;
        os_memcpy(ptr, max, ETH_ALEN);
 
+       sta->mtk_len = wpa_cipher_key_len(WPA_CIPHER_CCMP);
        sha256_prf(sta->sae->pmk, SAE_PMK_LEN,
                   "Temporal Key Derivation", context, sizeof(context),
-                  sta->mtk, sizeof(sta->mtk));
+                  sta->mtk, sta->mtk_len);
        return 0;
 }