On Tue, Aug 06, 2019 at 01:33:15PM +0800, Ouden.Biz Lin wrote:
> Dear There,
Hi!
> 2) The maximum size of AMPE IE is 160 bytes, not 96 bytes, plus the
> two bytes of the IE header.
> The 64 bytes added are MGTK [variable] and IGTK [variable] at the
> 256 bits crypto.
>
> Please help to confirm that. Thank you.
AMPE max size is (discounting first 2 bytes):
pairwise suite (4) +
local nonce (32) +
peer nonce (32) +
*key replay counter (8) +
MGTK:
MGTK (16),
key rsc (8),
key expiration (4)
IGTK:
key id (2),
IPN (6),
IGTK (16)
*only for mesh group key inform frame, we don't use it currently
= 128
So, yes, the current code using 96 is already wrong, as it doesn't account
for IGTK size: it should be 120 today (because Key Replay Counter is unused).
Using 256-bit keys should add another 32 bytes on top of that so we could use
152 here. 160 is correct if we include Key Replay Counter.
> +#ifdef CONFIG_IEEE80211W
> + if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
> + if (ssid->group_mgmt_cipher &
> + WPA_CIPHER_BIP_GMAC_256)
The formatting here is rather hard to read, in my opinion.
Question, is there a check somewhere that peers are using the
same cipher suite for management protection? I looked for
it but didn't see it. Possibly matches_local() should be
comparing the RSNEs when processing peering open frames?
--
Bob Copeland %% https://bobcopeland.com/
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
