path: root/src/common/wpa_common.h
diff options
authorJouni Malinen <jouni@codeaurora.org>2018-06-06 18:57:58 (GMT)
committerJouni Malinen <j@w1.fi>2018-06-06 20:59:46 (GMT)
commitc3e4f40cd65a30ee2977b5de02cee40c9928f407 (patch)
tree6438af8f1f77c7022b2c81f4e56463aec72505d9 /src/common/wpa_common.h
parentfe102801f626c8eb12465d268c8763baea6bcba6 (diff)
FT: Derive PMKR0Name/PMKR1Name using SHA-384 with AKM 00-0F-AC:13
The AKM 00-0F-AC:13 is supposed to use cryptographic algorithms consistently, but the current IEEE 802.11 standard is not doing so for the key names: PMKID (uses SHA-1), PMKR0Name/PMKR1Name (uses SHA-256). The PMKID case was already implemented with SHA-384 and this commit replaces use of SHA-256 with SHA-384 for PMKR0Name/PMKR1Name derivation to be consistent in SHA-384. While this is not compliant with the current IEEE 802.11 standard, this is clearly needed to meet CNSA Suite requirements. Matching change is being proposed in REVmd to get the IEEE 802.11 standard to meet the use case requirements. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Diffstat (limited to 'src/common/wpa_common.h')
1 files changed, 1 insertions, 1 deletions
diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
index 6d808d7..6261744 100644
--- a/src/common/wpa_common.h
+++ b/src/common/wpa_common.h
@@ -375,7 +375,7 @@ int wpa_derive_pmk_r0(const u8 *xxkey, size_t xxkey_len,
const u8 *s0kh_id, u8 *pmk_r0, u8 *pmk_r0_name,
int use_sha384);
int wpa_derive_pmk_r1_name(const u8 *pmk_r0_name, const u8 *r1kh_id,
- const u8 *s1kh_id, u8 *pmk_r1_name);
+ const u8 *s1kh_id, u8 *pmk_r1_name, int use_sha384);
int wpa_derive_pmk_r1(const u8 *pmk_r0, size_t pmk_r0_len,
const u8 *pmk_r0_name,
const u8 *r1kh_id, const u8 *s1kh_id,