From patchwork Sat Oct 1 08:21:19 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Veerendranath Jakkam X-Patchwork-Id: 1685164 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=aJyEXlP2; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=gBssxTPL; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Mfg9n69zjz1yql for ; Sat, 1 Oct 2022 18:24:13 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=EmIbRVAcm9TN4LabgL9HZ5+NloRxc/LI1ByyRjZm3JI=; b=aJyEXlP28XvJZq B+IhCmJzf6ocuHtByAsiVJTuNOz78ZaJZbAyI8ptVHK3mzWkm7Dbb70BeYcnA9yiL3+0ltGMFKSir JB2qkjNs/MJoiRgswYc1JVgapcPCJBZqMlK0RD3+12dGOxy7kdoAiEkP5DyapA/otwl7LC0BAfRiG BvSDUcSfz+iwGZ0K0DMbzAZYhGltmTAN9C8mufb293Ck6uwgLRRKZQMq/eJMTH3nS1kVS4M8yz+st prN6D6UC0VGZIjWxoLUzAex7lO4Ob/RANtbWcyoo/eDej6Ic4BZXJx0z8Ss6PgYf3hwAnntBk8vOR s71Ppnf3UkbwZrcPmDdg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1oeXmT-00Djyx-9e; Sat, 01 Oct 2022 08:23:29 +0000 Received: from mx0b-0031df01.pphosted.com ([205.220.180.131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1oeXl4-00DjWP-Vc for hostap@lists.infradead.org; Sat, 01 Oct 2022 08:22:04 +0000 Received: from pps.filterd (m0279868.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 291761LF007794 for ; Sat, 1 Oct 2022 08:22:02 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=qcppdkim1; bh=CEsF4v3alsa/sYeXSj8nNmbTAMlfRsmJ2hNtC+TSvyw=; b=gBssxTPLp3zCmtrTDvQdCcPGgjggk0CS3XO+KhbYQo69YxaT11VOC6p0Fe4hq/o4kecd TvsEW6stpuJHMjEaWTLTAjzG4mypB651ty2enqpFAtOass1VLZBPvQSMhYVnJBmGDOrc /CppRal9sSB/hvZfcjFugrxJds/NdRsHxHMmqrTlENLdvwo8C1TdoY3RzLtnxsP6uKCy RTkSWR0+tRRwJzcgbmyJhFvy4UAaIk6gH5YmrapLHUV20BF6jqaQZOTIzC6CmaeJuL94 U7+5DHL0YHZUW7u80wHsXP43oP89e98MYJwnTGAXbefyI7ZoQF0RSGSqm+4FW/s79zWd CQ== Received: from nalasppmta04.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3jxcvtrcu0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sat, 01 Oct 2022 08:22:02 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA04.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 2918M1Lr017520 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sat, 1 Oct 2022 08:22:01 GMT Received: from hu-vjakkam-hyd.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Sat, 1 Oct 2022 01:21:59 -0700 From: Veerendranath Jakkam To: CC: Subject: [PATCH v2 07/17] MLD STA: Use AP MLD address to derive pairwise keys Date: Sat, 1 Oct 2022 13:51:19 +0530 Message-ID: <1664612489-29288-8-git-send-email-quic_vjakkam@quicinc.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1664612489-29288-1-git-send-email-quic_vjakkam@quicinc.com> References: <1664612489-29288-1-git-send-email-quic_vjakkam@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01a.na.qualcomm.com (10.52.223.231) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-GUID: z4YoBOiSNDhxoYxBpri3WjncE_WQ66oH X-Proofpoint-ORIG-GUID: z4YoBOiSNDhxoYxBpri3WjncE_WQ66oH X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-10-01_06,2022-09-29_03,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 bulkscore=0 phishscore=0 impostorscore=0 lowpriorityscore=0 suspectscore=0 clxscore=1015 spamscore=0 mlxlogscore=933 adultscore=0 priorityscore=1501 mlxscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210010051 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221001_012203_152981_2339E9BA X-CRM114-Status: GOOD ( 17.55 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Rohan Dutta Use AP MLD address to derive pairwise keys for MLO connection. Current changes are handling only ptk derivation during EAPOL Four-Way handshake. Signed-off-by: Rohan Dutta Signed-off-by: Veerendranath Jakkam --- src/rsn_supp/wpa.c | 8 +++++++- src/rsn_supp/wpa.h | 1 + src/rsn_supp/wpa_ft.c | [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [205.220.180.131 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Rohan Dutta Use AP MLD address to derive pairwise keys for MLO connection. Current changes are handling only ptk derivation during EAPOL Four-Way handshake. Signed-off-by: Rohan Dutta Signed-off-by: Veerendranath Jakkam --- src/rsn_supp/wpa.c | 8 +++++++- src/rsn_supp/wpa.h | 1 + src/rsn_supp/wpa_ft.c | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 38eb6fe..5d6bc3c 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -620,7 +620,7 @@ static int wpa_derive_ptk(struct wpa_sm *sm, const unsigned char *src_addr, kdk_len = 0; ret = wpa_pmk_to_ptk(sm->pmk, sm->pmk_len, "Pairwise key expansion", - sm->own_addr, sm->bssid, sm->snonce, + sm->own_addr, wpa_sm_get_auth_addr(sm), sm->snonce, key->key_nonce, ptk, akmp, sm->pairwise_cipher, z, z_len, kdk_len); @@ -4253,6 +4253,12 @@ unsigned int wpa_sm_get_key_mgmt(struct wpa_sm *sm) } +const u8 * wpa_sm_get_auth_addr(struct wpa_sm *sm) +{ + return sm->mlo.setup_links ? sm->mlo.ap_mld_addr : sm->bssid; +} + + #ifdef CONFIG_FILS struct wpabuf * fils_build_auth(struct wpa_sm *sm, int dh_group, const u8 *md) diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h index ad0c411..e499e7a 100644 --- a/src/rsn_supp/wpa.h +++ b/src/rsn_supp/wpa.h @@ -576,5 +576,6 @@ void wpa_sm_set_dpp_z(struct wpa_sm *sm, const struct wpabuf *z); void wpa_pasn_pmksa_cache_add(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len, const u8 *pmkid, const u8 *bssid, int key_mgmt); void wpa_pasn_sm_set_caps(struct wpa_sm *sm, unsigned int flags2); +const u8 * wpa_sm_get_auth_addr(struct wpa_sm *sm); #endif /* WPA_H */ diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c index c681a99..1363151 100644 --- a/src/rsn_supp/wpa_ft.c +++ b/src/rsn_supp/wpa_ft.c @@ -77,7 +77,7 @@ int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr, kdk_len = 0; ret = wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce, - anonce, sm->own_addr, sm->bssid, + anonce, sm->own_addr, wpa_sm_get_auth_addr(sm), sm->pmk_r1_name, ptk, ptk_name, sm->key_mgmt, sm->pairwise_cipher, kdk_len); if (ret) {