path: root/wpa_supplicant
diff options
authorJouni Malinen <jouni.malinen@atheros.com>2009-04-01 09:04:36 (GMT)
committerJouni Malinen <j@w1.fi>2009-04-20 09:10:19 (GMT)
commit1d779732670112f852b6e028f62613d9ff0120a5 (patch)
tree14ab67c0de885da001d1b0a3d81742db1fb7c8e8 /wpa_supplicant
parente1a5cf26b158860578d2511e9c34d28ea9802de4 (diff)
Fix SHA-256-based KDF when using CCMP as the pairwise cipher
IEEE 802.11r KDF uses key length in the derivation and as such, the PTK length must be specified correctly. The previous version was deriving using 512-bit PTK regardless of the negotiated cipher suite; this works for TKIP, but not for CCMP. Update the code to use proper PTK length based on the pairwise cipher. This fixed PTK derivation for both IEEE 802.11r and IEEE 802.11w (when using AKMP that specifies SHA-256-based key derivation). The fixed version does not interoperate with the previous versions. [Bug 307] (cherry picked from commit c0a6190815ce37450fc348d4d09b2a0153478fc0) Conflicts: wpa_supplicant/ChangeLog
Diffstat (limited to 'wpa_supplicant')
1 files changed, 5 insertions, 0 deletions
diff --git a/wpa_supplicant/ChangeLog b/wpa_supplicant/ChangeLog
index 199a471..25d6335 100644
--- a/wpa_supplicant/ChangeLog
+++ b/wpa_supplicant/ChangeLog
@@ -1,5 +1,10 @@
ChangeLog for wpa_supplicant
+????-??-?? - v0.6.10
+ * fixed SHA-256 based key derivation function to match with the
+ standard when using CCMP (for IEEE 802.11r and IEEE 802.11w)
+ (note: this breaks interoperability with previous version) [Bug 307]
2009-03-23 - v0.6.9
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication