> -----Original Message-----
> From: Jouni Malinen <j@xxxxx>
> Sent: Monday, January 18, 2021 19:14
> To: Peer, Ilan <ilan.peer@xxxxxxxxx>
> Cc: hostap@xxxxxxxxxxxxxxxxxxx
> Subject: Re: [PATCH v2 06/20] WPA: Extend the fils_pmk_to_ptk() function
> to also derive KDK
>
> On Wed, Dec 16, 2020 at 01:00:19PM +0200, Ilan Peer wrote:
> > Extend the fils_pmk_to_ptk() to also derive Key Derivation Key (KDK)
> > which can later be used for secure LTF measurements.
>
> > diff --git a/src/common/wpa_common.c b/src/common/wpa_common.c
> @@
> > -682,9 +697,16 @@ int fils_pmk_to_ptk(const u8 *pmk, size_t pmk_len,
> const u8 *spa, const u8 *aa,
> > os_memcpy(ptk->tk, tmp + *ick_len + ptk->kek_len, ptk->tk_len);
> > wpa_hexdump_key(MSG_DEBUG, "FILS: TK", ptk->tk, ptk->tk_len);
> >
> > + if (ptk->kdk_len) {
> > + os_memcpy(ptk->kdk, tmp + *ick_len + ptk->kek_len +
> > + ptk->tk_len, ptk->kdk_len);
> > + wpa_hexdump_key(MSG_DEBUG, "FILS: KDK", ptk->kdk,
> > + ptk->kdk_len);
> > + }
> > +
> > if (fils_ft && fils_ft_len) {
> > - os_memcpy(fils_ft, tmp + *ick_len + ptk->kek_len + ptk-
> >tk_len,
> > - *fils_ft_len);
> > + os_memcpy(fils_ft, tmp + *ick_len + ptk->kek_len + ptk-
> >tk_len +
> > + ptk->kdk_len, *fils_ft_len);
> > wpa_hexdump_key(MSG_DEBUG, "FILS: FILS-FT",
> > fils_ft, *fils_ft_len);
> > }
>
> This is in incorrect order, i.e., FILS-FT, if derived, is before KDK in FILS-Key-
> Data. I've fixed this in my review version, so no need to send an updated
> patch.
Sure.
Thanks,
Ilan.
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
