From patchwork Tue Jun 21 10:13:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vinayak Yadawad X-Patchwork-Id: 1646012 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ZG8E2P5o; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=broadcom.com header.i=@broadcom.com header.a=rsa-sha256 header.s=google header.b=D7k48DRW; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4LS2SS6vF1z9sG2 for ; Tue, 21 Jun 2022 20:14:48 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: MIME-Version:Message-Id:Date:Subject:Cc:To:From:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Owner; bh=m2Q5/giC4eLZW0eTnMxmnXXHqj7Z2xKT0eD4ppTuXIM=; b=ZG8 E2P5ooi+2KbMhPe+KIX3cBdSCU35//+PegxIReEER10N1wGELgKAtGNhxazUlOYXjlxg/yxwFwx9w C9sJUTLqlwsV0yVbONW3Hq/sADYbgbwHd6qLTTbkA2C6FB0XjyE8+G+5vSATtqCd07NT/vd+YD51Y kabtHyZDRvl4byRPn3X0J91gseuoT5m4edJIpFTjXB1ri7zSSTW6/PmL72+eb9gBR6h+qN6QQ/r2O AgIOw+ddqbWGdmaRPG9UflUl6rIudIAziq/7i+HrQXPfNuOc0XYRtfbtMRtVFutv/1VTduErE4CRt NZcz+2OEjWf+sUW0pzMV5uA+zAIO11w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1o3at0-004oNf-Hp; Tue, 21 Jun 2022 10:13:30 +0000 Received: from mail-pj1-x1034.google.com ([2607:f8b0:4864:20::1034]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1o3asx-004oMT-9o for hostap@lists.infradead.org; Tue, 21 Jun 2022 10:13:29 +0000 Received: by mail-pj1-x1034.google.com with SMTP id b12-20020a17090a6acc00b001ec2b181c98so11602828pjm.4 for ; Tue, 21 Jun 2022 03:13:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:to:cc:subject:date:message-id:mime-version; bh=ZGBpHx3AehZ4qCW2xgnmwRGJOorvBFFMgh7eaaCLg9U=; b=D7k48DRWOT1GDwQdVfhT9/3WHAVjCdjOpMImbZdIGKa/bS2vKSKNJrUu93K/EM2ibt I1CxCAeCcoOEoKHHnJrZM0ciaMCHgJWu5gQTNfwmatxPFkYnUC04nciq6vWBqhgThtkV Ss5MbIuvA9dnt3ORDATJOBIAiIpjaInaSjBi0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version; bh=ZGBpHx3AehZ4qCW2xgnmwRGJOorvBFFMgh7eaaCLg9U=; b=3CHE3QdsicUksKIGwbybQyuafYV0OMiNN3n1pMTSjBCbyWIbS8/cQwzNPPuupNqURB OQSQnbtkSU8uiiZzNZ/ZErxgNk1BiPy67Drs0UIrAKwZ5lvfmzeSGiyERhhLRlgs/nP5 EiM+ckY8+3DGAY+qCFUJ2msgcUmQOP//ib10XhkOaJeq/J26XYMTluowFMVVwcCOV4sr 4VQVGr+LXhgAh1HUkKQPQ4cyk7l4n47uSQhcE0d7VJpGvDvWZbx2KaSMrp3SRG2ifJit /EzE3+XtUPqkmpc47l9pfYTDGKs5YTf3Yg25U3o9amR9RMaqMSgu0CjdHYxFo402feZz mCdw== X-Gm-Message-State: AJIora8y0PNKYki8XpVKj/9BjM7VsldBrcZmWYnMVJNIHCyiVz/BjX1h ovLpRmhpZWPLrVPWF0mMliAg2zJ9TDRt9Pce37ggQzB1xKELGLmdszhmsPHjgZFlY1xNZ+w9CHq 7BcVBuUS2EmlEb55hTNCuz3AUFxMqa4qxLNobtTMzGPZITe0puCiDhVDgyta6Gn3eTlPWoFQT3Y IWjYxcflxlbtI= X-Google-Smtp-Source: AGRyM1vnrjgQhxkaSBmyE9qXpQkuXL8+Twamuaxs2sarhEXqHrlnieaePqGoqVYOSwzwutMXeRyqtA== X-Received: by 2002:a17:902:be12:b0:167:6cbd:f113 with SMTP id r18-20020a170902be1200b001676cbdf113mr28422270pls.69.1655806403406; Tue, 21 Jun 2022 03:13:23 -0700 (PDT) Received: from ibnvda0196.ibn.broadcom.net ([192.19.252.250]) by smtp.gmail.com with ESMTPSA id f23-20020a17090a9b1700b001eaec8cea55sm9702066pjp.57.2022.06.21.03.13.21 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 21 Jun 2022 03:13:22 -0700 (PDT) From: Vinayak Yadawad To: hostap@lists.infradead.org Cc: jithu.jance@broadcom.com, Vinayak Yadawad Subject: [PATCH 1/1] EAPOL: Update PMK length in EAPOL callback to support newer key management Date: Tue, 21 Jun 2022 15:43:14 +0530 Message-Id: X-Mailer: git-send-email 2.32.0 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220621_031327_653600_7823F965 X-CRM114-Status: GOOD ( 17.76 ) X-Spam-Score: -0.4 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: With introduction of newer key managments, there is a need to update the PMK length plumbed for driver based 4-way handshake. In order to support this, the current patch updates the PMK length to SUIT [...] Content analysis details: (-0.4 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:1034 listed in] [list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org With introduction of newer key managments, there is a need to update the PMK length plumbed for driver based 4-way handshake. In order to support this, the current patch updates the PMK length to SUITE_B_192 PMK length 48, if the key management is of type sha384. Signed-off-by: Vinayak Yadawad --- wpa_supplicant/wpas_glue.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c index d62914bc1..6e110dbdc 100644 --- a/wpa_supplicant/wpas_glue.c +++ b/wpa_supplicant/wpas_glue.c @@ -286,7 +286,7 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol, { struct wpa_supplicant *wpa_s = ctx; int res, pmk_len; - u8 pmk[PMK_LEN]; + u8 pmk[PMK_LEN_MAX]; wpa_printf(MSG_DEBUG, "EAPOL authentication completed - result=%s", result_str(result)); @@ -326,7 +326,11 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol, wpa_printf(MSG_DEBUG, "Configure PMK for driver-based RSN 4-way " "handshake"); - pmk_len = PMK_LEN; + if (wpa_key_mgmt_sha384(wpa_s->key_mgmt)) + pmk_len = PMK_LEN_SUITE_B_192; + else + pmk_len = PMK_LEN; + if (wpa_key_mgmt_ft(wpa_s->key_mgmt)) { #ifdef CONFIG_IEEE80211R u8 buf[2 * PMK_LEN]; @@ -341,7 +345,7 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol, res = -1; #endif /* CONFIG_IEEE80211R */ } else { - res = eapol_sm_get_key(eapol, pmk, PMK_LEN); + res = eapol_sm_get_key(eapol, pmk, pmk_len); if (res) { /* * EAP-LEAP is an exception from other EAP methods: it