diff options
author | Jouni Malinen <jouni@qca.qualcomm.com> | 2017-09-13 18:36:05 (GMT) |
---|---|---|
committer | Jouni Malinen <j@w1.fi> | 2017-09-13 19:17:58 (GMT) |
commit | 4cada9dcc17091448c391491d2c2c8d7f2aa1dc1 (patch) | |
tree | 66aa48f1ba1bc37f7b9476236d47e98dd05c98f8 /src/common/wpa_common.h | |
parent | 41b819148570270bf23b478095f885c8986ec6f7 (diff) | |
download | hostap-4cada9dcc17091448c391491d2c2c8d7f2aa1dc1.zip hostap-4cada9dcc17091448c391491d2c2c8d7f2aa1dc1.tar.gz hostap-4cada9dcc17091448c391491d2c2c8d7f2aa1dc1.tar.bz2 |
FILS: Add DHss into FILS-Key-Data derivation when using FILS SK+PFS
This part is missing from IEEE Std 802.11ai-2016, but the lack of DHss
here means there would not be proper PFS for the case where PMKSA
caching is used with FILS SK+PFS authentication. This was not really the
intent of the FILS design and that issue was fixed during REVmd work
with the changes proposed in
https://mentor.ieee.org/802.11/dcn/17/11-17-0906-04-000m-fils-fixes.docx
that add DHss into FILS-Key-Data (and PTK, in practice) derivation for
the PMKSA caching case so that a unique ICK, KEK, and TK are derived
even when using the same PMK.
Note: This is not backwards compatible, i.e., this breaks PMKSA caching
with FILS SK+PFS if only STA or AP side implementation is updated.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'src/common/wpa_common.h')
-rw-r--r-- | src/common/wpa_common.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h index b4d6c13..2f11d2f 100644 --- a/src/common/wpa_common.h +++ b/src/common/wpa_common.h @@ -347,7 +347,8 @@ int fils_rmsk_to_pmk(int akmp, const u8 *rmsk, size_t rmsk_len, int fils_pmkid_erp(int akmp, const u8 *reauth, size_t reauth_len, u8 *pmkid); int fils_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const u8 *spa, const u8 *aa, - const u8 *snonce, const u8 *anonce, struct wpa_ptk *ptk, + const u8 *snonce, const u8 *anonce, const u8 *dhss, + size_t dhss_len, struct wpa_ptk *ptk, u8 *ick, size_t *ick_len, int akmp, int cipher, u8 *fils_ft, size_t *fils_ft_len); int fils_key_auth_sk(const u8 *ick, size_t ick_len, const u8 *snonce, |