With introduction of newer key managments, there is a need to
update the PMK length plumbed for driver based 4-way handshake.
In order to support this, the current patch updates the PMK
length to SUITE_B_192 PMK length 48, if the key management
is of type sha384.
Signed-off-by: Vinayak Yadawad <vinayak.yadawad@xxxxxxxxxxxx>
---
wpa_supplicant/wpas_glue.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c
index d62914bc1..6e110dbdc 100644
--- a/wpa_supplicant/wpas_glue.c
+++ b/wpa_supplicant/wpas_glue.c
@@ -286,7 +286,7 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol,
{
struct wpa_supplicant *wpa_s = ctx;
int res, pmk_len;
- u8 pmk[PMK_LEN];
+ u8 pmk[PMK_LEN_MAX];
wpa_printf(MSG_DEBUG, "EAPOL authentication completed - result=%s",
result_str(result));
@@ -326,7 +326,11 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol,
wpa_printf(MSG_DEBUG, "Configure PMK for driver-based RSN 4-way "
"handshake");
- pmk_len = PMK_LEN;
+ if (wpa_key_mgmt_sha384(wpa_s->key_mgmt))
+ pmk_len = PMK_LEN_SUITE_B_192;
+ else
+ pmk_len = PMK_LEN;
+
if (wpa_key_mgmt_ft(wpa_s->key_mgmt)) {
#ifdef CONFIG_IEEE80211R
u8 buf[2 * PMK_LEN];
@@ -341,7 +345,7 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol,
res = -1;
#endif /* CONFIG_IEEE80211R */
} else {
- res = eapol_sm_get_key(eapol, pmk, PMK_LEN);
+ res = eapol_sm_get_key(eapol, pmk, pmk_len);
if (res) {
/*
* EAP-LEAP is an exception from other EAP methods: it
--
2.32.0
--
This electronic communication and the information and any files transmitted
with it, or attached to it, are confidential and are intended solely for
the use of the individual or entity to whom it is addressed and may contain
information that is confidential, legally privileged, protected by privacy
laws, or otherwise restricted from disclosure to anyone else. If you are
not the intended recipient or the person responsible for delivering the
e-mail to the intended recipient, you are hereby notified that any use,
copying, distributing, dissemination, forwarding, printing, or copying of
this e-mail is strictly prohibited. If you received this e-mail in error,
please return the e-mail to the sender, delete it from your computer, and
destroy any printed copy of it.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
