aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant/wpas_glue.c
diff options
context:
space:
mode:
authorJouni Malinen <jouni.malinen@atheros.com>2011-01-31 22:06:13 (GMT)
committerJouni Malinen <j@w1.fi>2011-01-31 22:06:13 (GMT)
commit09c395b4bb7af8d8565f07c2ac7d67427f9540ad (patch)
treeb93d200682e4455537547dff349e3ded9dfb430e /wpa_supplicant/wpas_glue.c
parent98ea94317701de9c5ac31c8b1205145d224d4219 (diff)
downloadhostap-09c395b4bb7af8d8565f07c2ac7d67427f9540ad.zip
hostap-09c395b4bb7af8d8565f07c2ac7d67427f9540ad.tar.gz
hostap-09c395b4bb7af8d8565f07c2ac7d67427f9540ad.tar.bz2
FT: Configure FT XXKey as PMK for driver-based 4-way handshake
When using FT-EAP, the second half of MSK is used as the starting point for PMK key hierarchy. Configure that instead of the first half of MSK when using FT with driver-based 4-way handshake and FT protocol.
Diffstat (limited to 'wpa_supplicant/wpas_glue.c')
-rw-r--r--wpa_supplicant/wpas_glue.c34
1 files changed, 26 insertions, 8 deletions
diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c
index d940748..5b7aebe 100644
--- a/wpa_supplicant/wpas_glue.c
+++ b/wpa_supplicant/wpas_glue.c
@@ -254,14 +254,29 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol, int success,
"handshake");
pmk_len = PMK_LEN;
- res = eapol_sm_get_key(eapol, pmk, PMK_LEN);
- if (res) {
- /*
- * EAP-LEAP is an exception from other EAP methods: it
- * uses only 16-byte PMK.
- */
- res = eapol_sm_get_key(eapol, pmk, 16);
- pmk_len = 16;
+ if (wpa_key_mgmt_ft(wpa_s->key_mgmt)) {
+#ifdef CONFIG_IEEE80211R
+ u8 buf[2 * PMK_LEN];
+ wpa_printf(MSG_DEBUG, "RSN: Use FT XXKey as PMK for "
+ "driver-based 4-way hs and FT");
+ res = eapol_sm_get_key(eapol, buf, 2 * PMK_LEN);
+ if (res == 0) {
+ os_memcpy(pmk, buf + PMK_LEN, PMK_LEN);
+ os_memset(buf, 0, sizeof(buf));
+ }
+#else /* CONFIG_IEEE80211R */
+ res = -1;
+#endif /* CONFIG_IEEE80211R */
+ } else {
+ res = eapol_sm_get_key(eapol, pmk, PMK_LEN);
+ if (res) {
+ /*
+ * EAP-LEAP is an exception from other EAP methods: it
+ * uses only 16-byte PMK.
+ */
+ res = eapol_sm_get_key(eapol, pmk, 16);
+ pmk_len = 16;
+ }
}
if (res) {
@@ -270,6 +285,9 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol, int success,
return;
}
+ wpa_hexdump_key(MSG_DEBUG, "RSN: Configure PMK for driver-based 4-way "
+ "handshake", pmk, pmk_len);
+
if (wpa_drv_set_key(wpa_s, WPA_ALG_PMK, NULL, 0, 0, NULL, 0, pmk,
pmk_len)) {
wpa_printf(MSG_DEBUG, "Failed to set PMK to the driver");