[1/5] PASN: Derive KDK only when required

Message ID	20210408090624.9490-1-ilan.peer@intel.com
State	Accepted
Headers	show Return-Path: <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org> IronPort-SDR: bw64JT+XCBe2k42zCiBtaC8mIP3aWkup9ffhH4JZr3HOMXDv57CTRCZZl3uB/wZkrWTe6BmfMF R9QuifxynxyQ== IronPort-SDR: F7O4NAb4uCREIEeRLwPgGm6mJbPLz0vjnsOn1s67olnxD9+xml3iUoevvPatrW0m6OcSy4YxOr nxS1jLYxYVug== From: Ilan Peer <ilan.peer@intel.com> To: hostap@lists.infradead.org Cc: Ilan Peer <ilan.peer@intel.com> Subject: [PATCH 1/5] PASN: Derive KDK only when required Date: Thu, 8 Apr 2021 12:06:20 +0300 Message-Id: <20210408090624.9490-1-ilan.peer@intel.com> preview: When a PTK derivation is done as part of PASN authentication flow, a KDK derivation should be done iff higher layer protocol is supported by both parties. Fix the code accordingly, so KDK would be derived iff both sides support Secure LTF. Content analysis details: (-2.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.24 listed in list.dnswl.org] 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [134.134.136.24 listed in wl.mailspike.net] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "Hostap" <hostap-bounces@lists.infradead.org> Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org
Series	[1/5] PASN: Derive KDK only when required \| expand [1/5] PASN: Derive KDK only when required [2/5] tests: Add coverage for PASN authentication with KDK derivation [3/5] tests: Use the correct SSID in PASN SAE tests [4/5] tests: Update PASN tests with SAE to use sae_pwe=2 [5/5] PASN: Change PASN flows to use SAE H2E only

Message ID

20210408090624.9490-1-ilan.peer@intel.com

State

Accepted

Headers

IronPort-SDR: 
 bw64JT+XCBe2k42zCiBtaC8mIP3aWkup9ffhH4JZr3HOMXDv57CTRCZZl3uB/wZkrWTe6BmfMF
 R9QuifxynxyQ==
IronPort-SDR: 
 F7O4NAb4uCREIEeRLwPgGm6mJbPLz0vjnsOn1s67olnxD9+xml3iUoevvPatrW0m6OcSy4YxOr
 nxS1jLYxYVug==
From: Ilan Peer <ilan.peer@intel.com>
To: hostap@lists.infradead.org
Cc: Ilan Peer <ilan.peer@intel.com>
Subject: [PATCH 1/5] PASN: Derive KDK only when required
Date: Thu,  8 Apr 2021 12:06:20 +0300
Message-Id: <20210408090624.9490-1-ilan.peer@intel.com>
Precedence: list
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

Series

[1/5] PASN: Derive KDK only when required | expand

Commit Message

Peer, Ilan April 8, 2021, 9:06 a.m. UTC

When a PTK derivation is done as part of PASN authentication
flow, a KDK derivation should be done iff higher layer protocol
is supported by both parties.

Fix the code accordingly, so KDK would be derived iff both sides
support Secure LTF.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
---
 src/ap/ieee802_11.c               | 15 +++++++++++++--
 src/ap/sta_info.h                 |  1 +
 wpa_supplicant/pasn_supplicant.c  | 15 ++++++++++++++-
 wpa_supplicant/wpa_supplicant_i.h |  1 +
 4 files changed, 29 insertions(+), 3 deletions(-)

Comments

Jouni Malinen April 10, 2021, 12:39 p.m. UTC | #1

Thanks, all five applied.

Peer, Ilan April 11, 2021, 10:57 a.m. UTC | #2

Thanks 😊

> -----Original Message-----
> From: Jouni Malinen <j@w1.fi>
> Sent: Saturday, April 10, 2021 15:40
> To: Peer, Ilan <ilan.peer@intel.com>
> Cc: hostap@lists.infradead.org
> Subject: Re: [PATCH 1/5] PASN: Derive KDK only when required
> 
> Thanks, all five applied.
> 
> --
> Jouni Malinen                                            PGP id EFC895FA

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 877d03e3aa..e4dd2b4b3f 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -2646,7 +2646,7 @@  static void pasn_fils_auth_resp(struct hostapd_data *hapd,
 			      wpabuf_head(pasn->secret),
 			      wpabuf_len(pasn->secret),
 			      &sta->pasn->ptk, sta->pasn->akmp,
-			      sta->pasn->cipher, WPA_KDK_MAX_LEN);
+			      sta->pasn->cipher, sta->pasn->kdk_len);
 	if (ret) {
 		wpa_printf(MSG_DEBUG, "PASN: FILS: Failed to derive PTK");
 		goto fail;
@@ -2883,7 +2883,7 @@  pasn_derive_keys(struct hostapd_data *hapd, struct sta_info *sta,
 	ret = pasn_pmk_to_ptk(pmk, pmk_len, sta->addr, hapd->own_addr,
 			      wpabuf_head(secret), wpabuf_len(secret),
 			      &sta->pasn->ptk, sta->pasn->akmp,
-			      sta->pasn->cipher, WPA_KDK_MAX_LEN);
+			      sta->pasn->cipher, sta->pasn->kdk_len);
 	if (ret) {
 		wpa_printf(MSG_DEBUG, "PASN: Failed to derive PTK");
 		return -1;
@@ -3151,6 +3151,17 @@  static void handle_auth_pasn_1(struct hostapd_data *hapd, struct sta_info *sta,
 	sta->pasn->akmp = rsn_data.key_mgmt;
 	sta->pasn->cipher = rsn_data.pairwise_cipher;
 
+	if (hapd->conf->force_kdk_derivation ||
+	    ((hapd->iface->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF) &&
+	     elems.rsnxe && elems.rsnxe_len >= 2 &&
+	     (WPA_GET_LE16(elems.rsnxe) & BIT(WLAN_RSNX_CAPAB_SECURE_LTF)))) {
+		sta->pasn->kdk_len = WPA_KDK_MAX_LEN;
+	} else {
+		sta->pasn->kdk_len = 0;
+	}
+
+	wpa_printf(MSG_DEBUG, "PASN: kdk_len=%zu", sta->pasn->kdk_len);
+
 	if (!elems.pasn_params || !elems.pasn_params_len) {
 		wpa_printf(MSG_DEBUG,
 			   "PASN: No PASN Parameters element found");
diff --git a/src/ap/sta_info.h b/src/ap/sta_info.h
index efa48e7e3d..27e72f9a01 100644
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
@@ -88,6 +88,7 @@  struct pasn_data {
 	u16 group;
 	u8 trans_seq;
 	u8 wrapped_data_format;
+	size_t kdk_len;
 
 	u8 hash[SHA384_MAC_LEN];
 	struct wpa_ptk ptk;
diff --git a/wpa_supplicant/pasn_supplicant.c b/wpa_supplicant/pasn_supplicant.c
index 53ba21c5a8..c0db686dfe 100644
--- a/wpa_supplicant/pasn_supplicant.c
+++ b/wpa_supplicant/pasn_supplicant.c
@@ -1052,6 +1052,19 @@  static int wpas_pasn_start(struct wpa_supplicant *wpa_s, const u8 *bssid,
 	pasn->cipher = cipher;
 	pasn->group = group;
 	pasn->freq = freq;
+
+	if (wpa_s->conf->force_kdk_derivation ||
+	    (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF &&
+	     beacon_rsnxe && beacon_rsnxe_len >= 4 &&
+	     (WPA_GET_LE16(beacon_rsnxe + 2) &
+	      BIT(WLAN_RSNX_CAPAB_SECURE_LTF)))) {
+		pasn->kdk_len = WPA_KDK_MAX_LEN;
+	} else {
+		pasn->kdk_len = 0;
+	}
+
+	wpa_printf(MSG_DEBUG, "PASN: kdk_len=%zu", pasn->kdk_len);
+
 	os_memcpy(pasn->bssid, bssid, ETH_ALEN);
 
 	wpa_printf(MSG_DEBUG,
@@ -1480,7 +1493,7 @@  int wpas_pasn_auth_rx(struct wpa_supplicant *wpa_s,
 			      wpa_s->own_addr, pasn->bssid,
 			      wpabuf_head(secret), wpabuf_len(secret),
 			      &pasn->ptk, pasn->akmp, pasn->cipher,
-			      WPA_KDK_MAX_LEN);
+			      pasn->kdk_len);
 	if (ret) {
 		wpa_printf(MSG_DEBUG, "PASN: Failed to derive PTK");
 		goto fail;
diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h
index 8813ddb710..49007cfc2e 100644
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -539,6 +539,7 @@  struct wpas_pasn {
 	int cipher;
 	u16 group;
 	int freq;
+	size_t kdk_len;
 
 	u8 trans_seq;
 	u8 status;

[1/5] PASN: Derive KDK only when required

Commit Message

Comments

Patch