path: root/wlantest
diff options
authorJouni Malinen <jouni@qca.qualcomm.com>2017-09-13 18:36:05 (GMT)
committerJouni Malinen <j@w1.fi>2017-09-13 19:17:58 (GMT)
commit4cada9dcc17091448c391491d2c2c8d7f2aa1dc1 (patch)
tree66aa48f1ba1bc37f7b9476236d47e98dd05c98f8 /wlantest
parent41b819148570270bf23b478095f885c8986ec6f7 (diff)
FILS: Add DHss into FILS-Key-Data derivation when using FILS SK+PFS
This part is missing from IEEE Std 802.11ai-2016, but the lack of DHss here means there would not be proper PFS for the case where PMKSA caching is used with FILS SK+PFS authentication. This was not really the intent of the FILS design and that issue was fixed during REVmd work with the changes proposed in https://mentor.ieee.org/802.11/dcn/17/11-17-0906-04-000m-fils-fixes.docx that add DHss into FILS-Key-Data (and PTK, in practice) derivation for the PMKSA caching case so that a unique ICK, KEK, and TK are derived even when using the same PMK. Note: This is not backwards compatible, i.e., this breaks PMKSA caching with FILS SK+PFS if only STA or AP side implementation is updated. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'wlantest')
1 files changed, 2 insertions, 1 deletions
diff --git a/wlantest/rx_mgmt.c b/wlantest/rx_mgmt.c
index b15f561..08ebd88 100644
--- a/wlantest/rx_mgmt.c
+++ b/wlantest/rx_mgmt.c
@@ -351,7 +351,8 @@ static int try_rmsk(struct wlantest *wt, struct wlantest_bss *bss,
return -1;
if (fils_pmk_to_ptk(pmk_buf, pmk_len, sta->addr, bss->bssid,
- sta->snonce, sta->anonce, &ptk, ick, &ick_len,
+ sta->snonce, sta->anonce, NULL, 0,
+ &ptk, ick, &ick_len,
sta->key_mgmt, sta->pairwise_cipher,
NULL, NULL) < 0)
return -1;