From patchwork Sun Sep 15 10:38:14 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tomas Paukrt <tomaspaukrt@email.cz>
X-Patchwork-Id: 1988448
Return-Path: 
 <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=pass (2048-bit key;
 secure) header.d=lists.infradead.org header.i=@lists.infradead.org
 header.a=rsa-sha256 header.s=bombadil.20210309 header.b=R/X/oKgH;
	dkim=fail reason="signature verification failed" (2048-bit key;
 secure) header.d=email.cz header.i=@email.cz header.a=rsa-sha256
 header.s=szn20221014 header.b=pE9CmHCM;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=none (no SPF record) smtp.mailfrom=lists.infradead.org
 (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org;
 envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;
 receiver=patchwork.ozlabs.org)
Received: from bombadil.infradead.org (bombadil.infradead.org
 [IPv6:2607:7c80:54:3::133])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4XBxwX1gwRz1xsN
	for <incoming@patchwork.ozlabs.org>; Mon, 23 Sep 2024 19:07:56 +1000 (AEST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20210309; h=Sender:
	Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:Mime-Version:Message-Id:Date:Subject:To
	:From:Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:
	Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:
	List-Owner; bh=S04NzHsHhaLFviDIoYZc6ku6cQO1O9F2dZG/BEbzAEA=; b=R/X/oKgH/2AnvM
	Ml+cV2T30H2qCJJJ/oumFugfsAnZ8XJAjTFQDHeiaxLJJXXLxVaVoxTDj5Oov79+oHMJ3/lxABv2U
	7VRK9BDeDK4mPktTdHhz4fSVYiaZgeL49EoSZP8M14C8TgWDOaaOc91qya5FbGnFylfsZX1jf/orq
	d7S/sBR9G7Q2psXT5AKgRrkExrp0xyRRte/7wexxEb4GNhuOvITybkOY3I/49Yq8quahkSDrVkWuT
	qV6vWzhtMDt5iS7403nqKeoUc5qUEMv7IlcxbkE2MiVNp0I18qQWWd7kOQGfVLeD3P9YHSdhiRK/2
	dFvd8HvvSC6EooIDLPjQ==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux))
	id 1ssf2Z-0000000GlQK-1YlD;
	Mon, 23 Sep 2024 09:07:31 +0000
Received: from mxe-2-579.seznam.cz ([2a02:598:64:8a00::1000:579])
	by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux))
	id 1spme8-00000001yPL-2yRF
	for hostap@lists.infradead.org;
	Sun, 15 Sep 2024 10:38:27 +0000
Received: from email.seznam.cz
	by smtpc-mxe-85b5fdc4c4-wxp2g
	(smtpc-mxe-85b5fdc4c4-wxp2g [2a02:598:64:8a00::1000:579])
	id 19dd400ae729f2a01953ce12;
	Sun, 15 Sep 2024 12:38:18 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=email.cz;
	s=szn20221014; t=1726396698;
	bh=sKOdnvhjs8PO7biTFZwGPlAK5NDyRmpzd2N2tfES35c=;
	h=Received:From:To:Subject:Date:Message-Id:Mime-Version:X-Mailer:
	 Content-Type:Content-Transfer-Encoding;
	b=pE9CmHCMALnSZ1KOazaxG++Hs0iVuea4mtEykgx2mVHG1l364RPimEiYVKsgSOEWp
	 9W81SNfB4kilnHfo6kkwTlE1fG6QxpJaFPAeiMUymVq+BP9t6E/lDqJz2zKtBALS8Y
	 Bt+ssmoyyAk9eBncp9v1/1MupYlaVigP2Ld3XAkpvkPiK2DcgFwXG6gtyshGCmwQPW
	 P+TeYOAktXebLnxcCSzXUqk7xinLOv+YTtbO8OfQSsaQWVY2sTZIgs2BW15ADcabP5
	 qi+p+EoWOkPL6yVd0ncskccq8jxjvPCoHYVckQFEwqQhszCXp9T6eUHkc4jCXtiKnH
	 91SV5bhNBBDAw==
Received: from 184-143.ktuo.cz (184-143.ktuo.cz [82.144.143.184])
	by email.seznam.cz (szn-ebox-5.0.189) with HTTP;
	Sun, 15 Sep 2024 12:38:14 +0200 (CEST)
From: "Tomas Paukrt" <tomaspaukrt@email.cz>
To: <hostap@lists.infradead.org>
Subject: =?utf-8?q?=5BPATCH=5D_Include_HMAC-SHA384/512_KDF_for_SAE_if_SHA384?=
	=?utf-8?q?/512_is_included?=
Date: Sun, 15 Sep 2024 12:38:14 +0200 (CEST)
Message-Id: <2Mh.ZcZX.2xYhMLCP}}Q.1cvhaM@seznam.cz>
Mime-Version: 1.0 (szn-mime-2.1.61)
X-Mailer: szn-ebox-5.0.189
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20240915_033825_511415_575456AB 
X-CRM114-Status: UNSURE (   4.08  )
X-CRM114-Notice: Please train this message.
X-Spam-Score: -2.1 (--)
X-Spam-Report: Spam detection software,
 running on the system "bombadil.infradead.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview:  It was possible to miss the HMAC functions if some other
 build
    configuration parameters ended up setting NEED_SHA384/512=y.
 Signed-off-by:
    Tomas Paukrt --- hostapd/Android.mk | 11 +++++++++++ hostapd/Makefile | 11
    +++++++++++ 2 files changed, 22 insertions(+)
 Content analysis details:   (-2.1 points, 5.0 required)
  pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 -0.0 SPF_PASS               SPF: sender matches SPF record
  0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
  0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily valid
 -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
                             envelope-from domain
 -0.1 DKIM_VALID             Message has at least one valid DKIM or DK
 signature
 -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
 author's
                             domain
 -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
                             [score: 0.0000]
  0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail
 provider
                             [tomaspaukrt(at)email.cz]
X-Mailman-Approved-At: Mon, 23 Sep 2024 02:07:30 -0700
X-BeenThere: hostap@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <hostap.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/hostap>,
 <mailto:hostap-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/hostap/>
List-Post: <mailto:hostap@lists.infradead.org>
List-Help: <mailto:hostap-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/hostap>,
 <mailto:hostap-request@lists.infradead.org?subject=subscribe>
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

It was possible to miss the HMAC functions if some other build
configuration parameters ended up setting NEED_SHA384/512=y.

Signed-off-by: Tomas Paukrt <tomaspaukrt@email.cz>
---
 hostapd/Android.mk | 11 +++++++++++
 hostapd/Makefile   | 11 +++++++++++
 2 files changed, 22 insertions(+)

diff --git a/hostapd/Android.mk b/hostapd/Android.mk
index 573564d..e6c2fbf 100644
--- a/hostapd/Android.mk
+++ b/hostapd/Android.mk
@@ -936,6 +936,17 @@ endif
 endif
 endif
 
+ifdef CONFIG_SAE
+ifdef NEED_SHA384
+# Need to add HMAC-SHA384 KDF as well, if SHA384 was enabled.
+NEED_HMAC_SHA384_KDF=y
+endif
+ifdef NEED_SHA512
+# Need to add HMAC-SHA512 KDF as well, if SHA512 was enabled.
+NEED_HMAC_SHA512_KDF=y
+endif
+endif
+
 L_CFLAGS += -DCONFIG_SHA256
 ifneq ($(CONFIG_TLS), openssl)
 ifneq ($(CONFIG_TLS), gnutls)
diff --git a/hostapd/Makefile b/hostapd/Makefile
index ca44392..fa0d366 100644
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -1065,6 +1065,17 @@ endif
 endif
 endif
 
+ifdef CONFIG_SAE
+ifdef NEED_SHA384
+# Need to add HMAC-SHA384 KDF as well, if SHA384 was enabled.
+NEED_HMAC_SHA384_KDF=y
+endif
+ifdef NEED_SHA512
+# Need to add HMAC-SHA512 KDF as well, if SHA512 was enabled.
+NEED_HMAC_SHA512_KDF=y
+endif
+endif
+
 CFLAGS += -DCONFIG_SHA256
 ifneq ($(CONFIG_TLS), openssl)
 ifneq ($(CONFIG_TLS), linux)