path: root/src/common/wpa_common.h
diff options
authorJouni Malinen <jouni@qca.qualcomm.com>2017-09-13 18:36:05 (GMT)
committerJouni Malinen <j@w1.fi>2017-09-13 19:17:58 (GMT)
commit4cada9dcc17091448c391491d2c2c8d7f2aa1dc1 (patch)
tree66aa48f1ba1bc37f7b9476236d47e98dd05c98f8 /src/common/wpa_common.h
parent41b819148570270bf23b478095f885c8986ec6f7 (diff)
FILS: Add DHss into FILS-Key-Data derivation when using FILS SK+PFS
This part is missing from IEEE Std 802.11ai-2016, but the lack of DHss here means there would not be proper PFS for the case where PMKSA caching is used with FILS SK+PFS authentication. This was not really the intent of the FILS design and that issue was fixed during REVmd work with the changes proposed in https://mentor.ieee.org/802.11/dcn/17/11-17-0906-04-000m-fils-fixes.docx that add DHss into FILS-Key-Data (and PTK, in practice) derivation for the PMKSA caching case so that a unique ICK, KEK, and TK are derived even when using the same PMK. Note: This is not backwards compatible, i.e., this breaks PMKSA caching with FILS SK+PFS if only STA or AP side implementation is updated. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'src/common/wpa_common.h')
1 files changed, 2 insertions, 1 deletions
diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
index b4d6c13..2f11d2f 100644
--- a/src/common/wpa_common.h
+++ b/src/common/wpa_common.h
@@ -347,7 +347,8 @@ int fils_rmsk_to_pmk(int akmp, const u8 *rmsk, size_t rmsk_len,
int fils_pmkid_erp(int akmp, const u8 *reauth, size_t reauth_len,
u8 *pmkid);
int fils_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const u8 *spa, const u8 *aa,
- const u8 *snonce, const u8 *anonce, struct wpa_ptk *ptk,
+ const u8 *snonce, const u8 *anonce, const u8 *dhss,
+ size_t dhss_len, struct wpa_ptk *ptk,
u8 *ick, size_t *ick_len, int akmp, int cipher,
u8 *fils_ft, size_t *fils_ft_len);
int fils_key_auth_sk(const u8 *ick, size_t ick_len, const u8 *snonce,