aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2016-06-18 11:35:35 (GMT)
committerJouni Malinen <j@w1.fi>2016-06-19 17:18:09 (GMT)
commitb02f4d058cbf113646d5fcd22d9a23c113f0319a (patch)
treeaae70f5bf2ecc79f4618b75f479ee8e27390e7a6
parent846201dff7611d69be48ec37722b60242a8edace (diff)
downloadhostap-b02f4d058cbf113646d5fcd22d9a23c113f0319a.zip
hostap-b02f4d058cbf113646d5fcd22d9a23c113f0319a.tar.gz
hostap-b02f4d058cbf113646d5fcd22d9a23c113f0319a.tar.bz2
mesh: Add variable length MTK support
This is needed as a part in enabling support for different pairwise ciphers in mesh. Signed-off-by: Jouni Malinen <j@w1.fi>
-rw-r--r--src/ap/sta_info.h3
-rw-r--r--wpa_supplicant/mesh_mpm.c5
-rw-r--r--wpa_supplicant/mesh_rsn.c3
3 files changed, 7 insertions, 4 deletions
diff --git a/src/ap/sta_info.h b/src/ap/sta_info.h
index 10bdfe1..6b520bc 100644
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
@@ -85,7 +85,8 @@ struct sta_info {
u8 my_nonce[WPA_NONCE_LEN];
u8 peer_nonce[WPA_NONCE_LEN];
u8 aek[32]; /* SHA256 digest length */
- u8 mtk[16];
+ u8 mtk[WPA_TK_MAX_LEN];
+ size_t mtk_len;
u8 mgtk[16];
u8 sae_auth_retry;
#endif /* CONFIG_MESH */
diff --git a/wpa_supplicant/mesh_mpm.c b/wpa_supplicant/mesh_mpm.c
index a0b7174..84c5b6b 100644
--- a/wpa_supplicant/mesh_mpm.c
+++ b/wpa_supplicant/mesh_mpm.c
@@ -793,8 +793,10 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s,
MAC2STR(sta->addr));
if (conf->security & MESH_CONF_SEC_AMPE) {
+ wpa_hexdump_key(MSG_DEBUG, "mesh: MTK", sta->mtk, sta->mtk_len);
+ /* TODO: support for other ciphers */
wpa_drv_set_key(wpa_s, WPA_ALG_CCMP, sta->addr, 0, 0,
- seq, sizeof(seq), sta->mtk, sizeof(sta->mtk));
+ seq, sizeof(seq), sta->mtk, sta->mtk_len);
wpa_drv_set_key(wpa_s, WPA_ALG_CCMP, sta->addr, 1, 0,
seq, sizeof(seq),
sta->mgtk, sizeof(sta->mgtk));
@@ -802,7 +804,6 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s,
seq, sizeof(seq),
sta->mgtk, sizeof(sta->mgtk));
- wpa_hexdump_key(MSG_DEBUG, "mtk:", sta->mtk, sizeof(sta->mtk));
wpa_hexdump_key(MSG_DEBUG, "mgtk:",
sta->mgtk, sizeof(sta->mgtk));
}
diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c
index 3ce933a..d7a8115 100644
--- a/wpa_supplicant/mesh_rsn.c
+++ b/wpa_supplicant/mesh_rsn.c
@@ -445,9 +445,10 @@ int mesh_rsn_derive_mtk(struct wpa_supplicant *wpa_s, struct sta_info *sta)
ptr += ETH_ALEN;
os_memcpy(ptr, max, ETH_ALEN);
+ sta->mtk_len = wpa_cipher_key_len(WPA_CIPHER_CCMP);
sha256_prf(sta->sae->pmk, SAE_PMK_LEN,
"Temporal Key Derivation", context, sizeof(context),
- sta->mtk, sizeof(sta->mtk));
+ sta->mtk, sta->mtk_len);
return 0;
}