aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2009-11-14 12:18:15 (GMT)
committerJouni Malinen <j@w1.fi>2009-11-22 19:28:50 (GMT)
commitb6fd1b09565cc316a7708f35da746c4b27ee42c2 (patch)
treee37ba1d2442f3b77ee7a80c365e1039d11077ba5
parent1d44ad2ae8cdca20f5d04789ff480a13451405e5 (diff)
downloadhostap-06-b6fd1b09565cc316a7708f35da746c4b27ee42c2.zip
hostap-06-b6fd1b09565cc316a7708f35da746c4b27ee42c2.tar.gz
hostap-06-b6fd1b09565cc316a7708f35da746c4b27ee42c2.tar.bz2
WPS: Remove derivation of management keys
MgmtAuthKey and MgmtEncKey were not used for anything and are unlikely to ever be used, so better remove the code to reduce binary size. (cherry picked from commit d806a5588e8f6d8bb8141cdd3d890fdf8bff3cd1)
-rw-r--r--src/wps/wps_common.c50
-rw-r--r--src/wps/wps_enrollee.c4
-rw-r--r--src/wps/wps_i.h5
3 files changed, 0 insertions, 59 deletions
diff --git a/src/wps/wps_common.c b/src/wps/wps_common.c
index 48af303..ca760f0 100644
--- a/src/wps/wps_common.c
+++ b/src/wps/wps_common.c
@@ -128,56 +128,6 @@ int wps_derive_keys(struct wps_data *wps)
}
-int wps_derive_mgmt_keys(struct wps_data *wps)
-{
- u8 nonces[2 * WPS_NONCE_LEN];
- u8 keys[WPS_MGMTAUTHKEY_LEN + WPS_MGMTENCKEY_LEN];
- u8 hash[SHA256_MAC_LEN];
- const u8 *addr[2];
- size_t len[2];
- const char *auth_label = "WFA-WLAN-Management-MgmtAuthKey";
- const char *enc_label = "WFA-WLAN-Management-MgmtEncKey";
-
- /* MgmtAuthKey || MgmtEncKey =
- * kdf(EMSK, N1 || N2 || "WFA-WLAN-Management-Keys", 384) */
- os_memcpy(nonces, wps->nonce_e, WPS_NONCE_LEN);
- os_memcpy(nonces + WPS_NONCE_LEN, wps->nonce_r, WPS_NONCE_LEN);
- wps_kdf(wps->emsk, nonces, sizeof(nonces), "WFA-WLAN-Management-Keys",
- keys, sizeof(keys));
- os_memcpy(wps->mgmt_auth_key, keys, WPS_MGMTAUTHKEY_LEN);
- os_memcpy(wps->mgmt_enc_key, keys + WPS_MGMTAUTHKEY_LEN,
- WPS_MGMTENCKEY_LEN);
-
- addr[0] = nonces;
- len[0] = sizeof(nonces);
-
- /* MgmtEncKeyID = first 128 bits of
- * SHA-256(N1 || N2 || "WFA-WLAN-Management-MgmtAuthKey") */
- addr[1] = (const u8 *) auth_label;
- len[1] = os_strlen(auth_label);
- sha256_vector(2, addr, len, hash);
- os_memcpy(wps->mgmt_auth_key_id, hash, WPS_MGMT_KEY_ID_LEN);
-
- /* MgmtEncKeyID = first 128 bits of
- * SHA-256(N1 || N2 || "WFA-WLAN-Management-MgmtEncKey") */
- addr[1] = (const u8 *) enc_label;
- len[1] = os_strlen(enc_label);
- sha256_vector(2, addr, len, hash);
- os_memcpy(wps->mgmt_enc_key_id, hash, WPS_MGMT_KEY_ID_LEN);
-
- wpa_hexdump_key(MSG_DEBUG, "WPS: MgmtAuthKey",
- wps->mgmt_auth_key, WPS_MGMTAUTHKEY_LEN);
- wpa_hexdump(MSG_DEBUG, "WPS: MgmtAuthKeyID",
- wps->mgmt_auth_key_id, WPS_MGMT_KEY_ID_LEN);
- wpa_hexdump_key(MSG_DEBUG, "WPS: MgmtEncKey",
- wps->mgmt_enc_key, WPS_MGMTENCKEY_LEN);
- wpa_hexdump(MSG_DEBUG, "WPS: MgmtEncKeyID",
- wps->mgmt_enc_key_id, WPS_MGMT_KEY_ID_LEN);
-
- return 0;
-}
-
-
void wps_derive_psk(struct wps_data *wps, const u8 *dev_passwd,
size_t dev_passwd_len)
{
diff --git a/src/wps/wps_enrollee.c b/src/wps/wps_enrollee.c
index 617b7a8..6fa8791 100644
--- a/src/wps/wps_enrollee.c
+++ b/src/wps/wps_enrollee.c
@@ -521,10 +521,6 @@ static int wps_process_pubkey(struct wps_data *wps, const u8 *pk,
if (wps_derive_keys(wps) < 0)
return -1;
- if (wps->request_type == WPS_REQ_WLAN_MANAGER_REGISTRAR &&
- wps_derive_mgmt_keys(wps) < 0)
- return -1;
-
return 0;
}
diff --git a/src/wps/wps_i.h b/src/wps/wps_i.h
index 631d22f..95762ea 100644
--- a/src/wps/wps_i.h
+++ b/src/wps/wps_i.h
@@ -62,10 +62,6 @@ struct wps_data {
u8 authkey[WPS_AUTHKEY_LEN];
u8 keywrapkey[WPS_KEYWRAPKEY_LEN];
u8 emsk[WPS_EMSK_LEN];
- u8 mgmt_auth_key[WPS_MGMTAUTHKEY_LEN];
- u8 mgmt_auth_key_id[WPS_MGMT_KEY_ID_LEN];
- u8 mgmt_enc_key[WPS_MGMTENCKEY_LEN];
- u8 mgmt_enc_key_id[WPS_MGMT_KEY_ID_LEN];
struct wpabuf *last_msg;
@@ -183,7 +179,6 @@ struct wps_parse_attr {
void wps_kdf(const u8 *key, const u8 *label_prefix, size_t label_prefix_len,
const char *label, u8 *res, size_t res_len);
int wps_derive_keys(struct wps_data *wps);
-int wps_derive_mgmt_keys(struct wps_data *wps);
void wps_derive_psk(struct wps_data *wps, const u8 *dev_passwd,
size_t dev_passwd_len);
struct wpabuf * wps_decrypt_encr_settings(struct wps_data *wps, const u8 *encr,