GET

Patch Detail

get:
Show a patch.

patch:
Update a patch.

put:
Update a patch.

GET /api/1.2/patches/2226381/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 2226381,
    "url": "http://patchwork.ozlabs.org/api/1.2/patches/2226381/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/hostap/patch/20260422122424.43776-35-andrei.otcheretianski@intel.com/",
    "project": {
        "id": 22,
        "url": "http://patchwork.ozlabs.org/api/1.2/projects/22/?format=api",
        "name": "HostAP Development",
        "link_name": "hostap",
        "list_id": "hostap.lists.infradead.org",
        "list_email": "hostap@lists.infradead.org",
        "web_url": "",
        "scm_url": "",
        "webscm_url": "",
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<20260422122424.43776-35-andrei.otcheretianski@intel.com>",
    "list_archive_url": null,
    "date": "2026-04-22T12:23:25",
    "name": "[34/92] NAN: Add function for decrypting the Key Data field",
    "commit_ref": null,
    "pull_url": null,
    "state": "new",
    "archived": false,
    "hash": "3e0d08c3bcfbed15ecec00dac6f1df5edcad0c7f",
    "submitter": {
        "id": 62065,
        "url": "http://patchwork.ozlabs.org/api/1.2/people/62065/?format=api",
        "name": "Andrei Otcheretianski",
        "email": "andrei.otcheretianski@intel.com"
    },
    "delegate": null,
    "mbox": "http://patchwork.ozlabs.org/project/hostap/patch/20260422122424.43776-35-andrei.otcheretianski@intel.com/mbox/",
    "series": [
        {
            "id": 501001,
            "url": "http://patchwork.ozlabs.org/api/1.2/series/501001/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/hostap/list/?series=501001",
            "date": "2026-04-22T12:23:05",
            "name": "Add NAN PASN pairing support",
            "version": 1,
            "mbox": "http://patchwork.ozlabs.org/series/501001/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/2226381/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/2226381/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "\n <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>",
        "X-Original-To": "incoming@patchwork.ozlabs.org",
        "Delivered-To": "patchwork-incoming@legolas.ozlabs.org",
        "Authentication-Results": [
            "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n secure) header.d=lists.infradead.org header.i=@lists.infradead.org\n header.a=rsa-sha256 header.s=bombadil.20210309 header.b=tNNcWQ7L;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256\n header.s=Intel header.b=eMa4Ii6M;\n\tdkim-atps=neutral",
            "legolas.ozlabs.org;\n spf=none (no SPF record) smtp.mailfrom=lists.infradead.org\n (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org;\n envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;\n receiver=patchwork.ozlabs.org)"
        ],
        "Received": [
            "from bombadil.infradead.org (bombadil.infradead.org\n [IPv6:2607:7c80:54:3::133])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g0z4n3bHXz1yCv\n\tfor <incoming@patchwork.ozlabs.org>; Wed, 22 Apr 2026 22:27:21 +1000 (AEST)",
            "from localhost ([::1] helo=bombadil.infradead.org)\n\tby bombadil.infradead.org with esmtp (Exim 4.98.2 #2 (Red Hat Linux))\n\tid 1wFWfC-0000000A53L-1WzT;\n\tWed, 22 Apr 2026 12:26:42 +0000",
            "from mgamail.intel.com ([192.198.163.17])\n\tby bombadil.infradead.org with esmtps (Exim 4.98.2 #2 (Red Hat Linux))\n\tid 1wFWe5-0000000A34C-3UQT\n\tfor hostap@lists.infradead.org;\n\tWed, 22 Apr 2026 12:25:39 +0000",
            "from orviesa010.jf.intel.com ([10.64.159.150])\n  by fmvoesa111.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;\n 22 Apr 2026 05:25:30 -0700",
            "from iapp347.iil.intel.com (HELO 87c02287900a.iil.intel.com)\n ([10.167.28.6])\n  by orviesa010-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;\n 22 Apr 2026 05:25:29 -0700"
        ],
        "DKIM-Signature": [
            "v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;\n\td=lists.infradead.org; s=bombadil.20210309; h=Sender:\n\tContent-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:\n\tList-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:\n\tMessage-ID:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description:\n\tResent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:\n\tList-Owner; bh=VcL7CcGvoeNbfxPl7ufpHezIanvqgDzDJ1zmZInEvSs=; b=tNNcWQ7LSlI5Jy\n\tdHCSd9E9/xH/KN6ZDLrRMaXO9umtdH1r/N1oD1FWGh+SNTzDlZMNbDHx9OTnOQYyGwBXWjA4P94Xy\n\txqYX01ipXIPqkn8FPo9csSDZe9oreoeTPnDKgXnC9A/llxm5qIeRC0FfVYropzLS5o58W9zQTYIWO\n\tO+GChAHdyHgBxgJxVuRWT3aR0JJBznbogCKayyk73V/yXa7O7fjs7PoSwyQSyEUOARJxWwB0gCPbx\n\tiJ3mZ4CTiHOe+VvlBLPaYTZorx8oqvh7oWrZ2Wmh7m69toqZNppJ2dToBlAPGWWOY1rl0qmmuopyz\n\tuLihgxbPXft0sD4IAN8g==;",
            "v=1; a=rsa-sha256; c=relaxed/simple;\n  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;\n  t=1776860733; x=1808396733;\n  h=from:to:cc:subject:date:message-id:in-reply-to:\n   references:mime-version:content-transfer-encoding;\n  bh=kMaNYf5tYhNkTDXSI4WYlCqNXRwBSE7crgTF0OnYtIo=;\n  b=eMa4Ii6M1d+4s4mjuyYRQOwzpCe3vdtRW/WY+MC5l9OOn6WuQeeAb5Bk\n   IH8dY9HQy3arlEVZF0m8R/Q3OrvFWfkrDrptusTOeEL0Y6QmMSxlbTvrj\n   ZwkpqsHlhmFzJJpZKoSMobUJfh0sicg67hJEQ0gkBjmOBorBIxmyOnhT+\n   rnsvZL2o3kvWQ9nak1uGnb8tAngnC4eNlp2zBhs1/AlK/3Ds59tF6sU8c\n   5k/E+aNyIeyrsEP6NY8wPKRtWAQhtRYo8s2RQkWomjVAGTOGsZfH7Z35J\n   pXze+TP0ZFlJeFYzUJKblgHEnNU52V87H+WK0XKhlb8H0D18/yENUOKof\n   w==;"
        ],
        "X-CSE-ConnectionGUID": [
            "/nxmJBHdTUekJJAtAJQn2w==",
            "+7MaDZ3IQgefKWSM4+O2XA=="
        ],
        "X-CSE-MsgGUID": [
            "GzPBESs+R+eGOrvghaaZ5A==",
            "uaeuAHFVTo2Mzk1ixOI/UQ=="
        ],
        "X-IronPort-AV": [
            "E=McAfee;i=\"6800,10657,11764\"; a=\"77687312\"",
            "E=Sophos;i=\"6.23,192,1770624000\";\n   d=\"scan'208\";a=\"77687312\"",
            "E=Sophos;i=\"6.23,192,1770624000\";\n   d=\"scan'208\";a=\"231444990\""
        ],
        "X-ExtLoop1": "1",
        "From": "Andrei Otcheretianski <andrei.otcheretianski@intel.com>",
        "To": "hostap@lists.infradead.org",
        "Cc": "vamsin@qti.qualcomm.com,\n\tmaheshkkv@google.com,\n\tAvraham Stern <avraham.stern@intel.com>",
        "Subject": "[PATCH 34/92] NAN: Add function for decrypting the Key Data field",
        "Date": "Wed, 22 Apr 2026 15:23:25 +0300",
        "Message-ID": "<20260422122424.43776-35-andrei.otcheretianski@intel.com>",
        "X-Mailer": "git-send-email 2.53.0",
        "In-Reply-To": "<20260422122424.43776-1-andrei.otcheretianski@intel.com>",
        "References": "<20260422122424.43776-1-andrei.otcheretianski@intel.com>",
        "MIME-Version": "1.0",
        "X-CRM114-Version": "20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 ",
        "X-CRM114-CacheID": "sfid-20260422_052534_096127_7478F9F9 ",
        "X-CRM114-Status": "GOOD (  12.74  )",
        "X-Spam-Score": "-4.4 (----)",
        "X-Spam-Report": "Spam detection software,\n running on the system \"bombadil.infradead.org\",\n has NOT identified this incoming email as spam.  The original\n message has been attached to this so you can view it or label\n similar future email.  If you have any questions, see\n the administrator of that system for details.\n Content preview:  From: Avraham Stern <avraham.stern@intel.com> The Key Data\n    field in the NAN Shared Key Descriptor attribute sent in a followup SDF\n after\n    NAN pairing is encrypted with the KEK. Add a function for decrypting this\n    field.\n Content analysis details:   (-4.4 points, 5.0 required)\n  pts rule name              description\n ---- ----------------------\n --------------------------------------------------\n -2.3 RCVD_IN_DNSWL_MED      RBL: Sender listed at https://www.dnswl.org/,\n                             medium trust\n                             [192.198.163.17 listed in list.dnswl.org]\n  0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record\n -0.0 SPF_PASS               SPF: sender matches SPF record\n -0.1 DKIM_VALID             Message has at least one valid DKIM or DK\n signature\n -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from\n author's\n                             domain\n -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from\n                             envelope-from domain\n  0.1 DKIM_SIGNED            Message has a DKIM or DK signature,\n not necessarily valid\n -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%\n                             [score: 0.0000]\n -0.0 DKIMWL_WL_HIGH         DKIMwl.org - High trust sender",
        "X-BeenThere": "hostap@lists.infradead.org",
        "X-Mailman-Version": "2.1.34",
        "Precedence": "list",
        "List-Id": "<hostap.lists.infradead.org>",
        "List-Unsubscribe": "<http://lists.infradead.org/mailman/options/hostap>,\n <mailto:hostap-request@lists.infradead.org?subject=unsubscribe>",
        "List-Archive": "<http://lists.infradead.org/pipermail/hostap/>",
        "List-Post": "<mailto:hostap@lists.infradead.org>",
        "List-Help": "<mailto:hostap-request@lists.infradead.org?subject=help>",
        "List-Subscribe": "<http://lists.infradead.org/mailman/listinfo/hostap>,\n <mailto:hostap-request@lists.infradead.org?subject=subscribe>",
        "Content-Type": "text/plain; charset=\"us-ascii\"",
        "Content-Transfer-Encoding": "7bit",
        "Sender": "\"Hostap\" <hostap-bounces@lists.infradead.org>",
        "Errors-To": "hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org"
    },
    "content": "From: Avraham Stern <avraham.stern@intel.com>\n\nThe Key Data field in the NAN Shared Key Descriptor attribute sent\nin a followup SDF after NAN pairing is encrypted with the KEK. Add\na function for decrypting this field.\n\nSigned-off-by: Avraham Stern <avraham.stern@intel.com>\n---\n src/nan/nan_crypto.c | 69 ++++++++++++++++++++++++++++++++++++++++++++\n src/nan/nan_i.h      |  4 +++\n 2 files changed, 73 insertions(+)",
    "diff": "diff --git a/src/nan/nan_crypto.c b/src/nan/nan_crypto.c\nindex 256ff23840..31702f5e9e 100644\n--- a/src/nan/nan_crypto.c\n+++ b/src/nan/nan_crypto.c\n@@ -603,3 +603,72 @@ fail:\n \tos_free(padded_key_data);\n \treturn encrypted_key_data;\n }\n+\n+\n+/*\n+ * nan_crypto_decrypt_key_data - Decrypt NAN key data using AES-UNWRAP\n+ *\n+ * @kek: Key Encryption Key\n+ * @kek_len: KEK length in bytes\n+ * @encrypted_data: Encrypted key data to decrypt\n+ * @encrypted_len: Length of encrypted data in bytes\n+ * Returns: wpabuf containing decrypted data or %NULL on failure\n+ *\n+ * This function decrypts NAN key data that was encrypted using AES-WRAP.\n+ * The encrypted data must be at least 16 bytes and a multiple of 8 bytes\n+ * (AES-WRAP requirement). The caller is responsible for freeing the returned\n+ * wpabuf using wpabuf_free().\n+ */\n+struct wpabuf *nan_crypto_decrypt_key_data(const u8 *kek, size_t kek_len,\n+\t\t\t\t\t   const u8 *encrypted_data,\n+\t\t\t\t\t   size_t encrypted_len)\n+{\n+\tstruct wpabuf *decrypted;\n+\tsize_t plain_len;\n+\tu8 *buf;\n+\n+\tif (!encrypted_data || !encrypted_len) {\n+\t\twpa_printf(MSG_ERROR, \"NAN: Invalid encrypted key data\");\n+\t\treturn NULL;\n+\t}\n+\n+\twpa_hexdump_key(MSG_DEBUG, \"NAN: Encrypted key data\",\n+\t\t\tencrypted_data, encrypted_len);\n+\n+\tif (!kek || !kek_len) {\n+\t\twpa_printf(MSG_ERROR,\n+\t\t\t   \"NAN: No KEK available for key data decryption\");\n+\t\treturn NULL;\n+\t}\n+\n+\twpa_hexdump_key(MSG_DEBUG, \"NAN: KEK for decryption\", kek, kek_len);\n+\n+\t/* AES-WRAP adds 8 bytes overhead */\n+\tif (encrypted_len < 16 || encrypted_len % 8 != 0) {\n+\t\twpa_printf(MSG_ERROR,\n+\t\t\t   \"NAN: Invalid encrypted key data length %zu\",\n+\t\t\t   encrypted_len);\n+\t\treturn NULL;\n+\t}\n+\n+\tplain_len = encrypted_len - 8;\n+\tdecrypted = wpabuf_alloc(plain_len);\n+\tif (!decrypted) {\n+\t\twpa_printf(MSG_ERROR,\n+\t\t\t   \"NAN: Failed to allocate decryption buffer\");\n+\t\treturn NULL;\n+\t}\n+\n+\tbuf = wpabuf_put(decrypted, plain_len);\n+\tif (aes_unwrap(kek, kek_len, plain_len / 8, encrypted_data, buf)) {\n+\t\twpa_printf(MSG_ERROR,\n+\t\t\t   \"NAN: AES unwrap failed - could not decrypt key data\");\n+\t\twpabuf_free(decrypted);\n+\t\treturn NULL;\n+\t}\n+\n+\twpa_hexdump_key(MSG_DEBUG, \"NAN: Decrypted key data\",\n+\t\t\twpabuf_head(decrypted), wpabuf_len(decrypted));\n+\n+\treturn decrypted;\n+}\ndiff --git a/src/nan/nan_i.h b/src/nan/nan_i.h\nindex edfe28358a..6762e3e83c 100644\n--- a/src/nan/nan_i.h\n+++ b/src/nan/nan_i.h\n@@ -729,6 +729,10 @@ int nan_crypto_derive_kek(const u8 *kdk, size_t kdk_len,\n \t\t\t  struct wpa_ptk *ptk);\n struct wpabuf *nan_crypto_encrypt_key_data(const struct wpabuf *key_data,\n \t\t\t\t\t   const u8 *kek, size_t kek_len);\n+struct wpabuf *nan_crypto_decrypt_key_data(const u8 *kek, size_t kek_len,\n+\t\t\t\t\t   const u8 *encrypted_data,\n+\t\t\t\t\t   size_t encrypted_len);\n+\n \n void nan_sec_reset(struct nan_data *nan, struct nan_ndp_sec *ndp_sec);\n int nan_sec_rx(struct nan_data *nan, struct nan_peer *peer,\n",
    "prefixes": [
        "34/92"
    ]
}