| Message ID | 20230619225746.462791-1-prestwoj@gmail.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | [1/6] handshake: add force_sha1 flag to handshake_state_get_pmkid() | expand |
| Context | Check | Description |
|---|---|---|
| tedd_an/pre-ci_am | fail | error: patch failed: src/eapol.c:1236 error: src/eapol.c: patch does not apply error: patch failed: src/handshake.c:734 error: src/handshake.c: patch does not apply error: patch failed: src/handshake.h:269 error: src/handshake.h: patch does not apply error: patch failed: src/station.c:2236 error: src/station.c: patch does not apply hint: Use 'git am --show-current-patch' to see the failed patch |
Hi James, On 6/19/23 17:57, James Prestwood wrote: > To prepare adding FT_OVER_8021X to the SHA256 list for PMKID > derivation, add a flag to force SHA1 to be used with > preauthentication. The spec dictates that preauth must use SHA1 > but this isn't consistent with PMKID derivation in all other > cases for the FT_OVER_8021X AKM. Can we port some of the long-form explanations from discussion we had during the previous iteration of this patchset. I think some pointers to relevant sections in the specification would be nice here. > --- > src/eapol.c | 2 +- > src/handshake.c | 7 ++++--- > src/handshake.h | 3 ++- > src/station.c | 2 +- > 4 files changed, 8 insertions(+), 6 deletions(-) > <snip> > @@ -734,7 +734,8 @@ void handshake_state_set_pmkid(struct handshake_state *s, const uint8_t *pmkid) > s->have_pmkid = true; > } > > -bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid) > +bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid, > + bool force_sha1) I think it would look much better if we pass in the checksum type here instead. That way eapol can simply hard-code the value to SHA1, and other callers can invoke a helper to convert the AKM into a checksum type. Could also simplify crypto_derive_pmkid as well. Regards. -Denis
diff --git a/src/eapol.c b/src/eapol.c index 37f5eaaa..354b8fe7 100644 --- a/src/eapol.c +++ b/src/eapol.c @@ -1236,7 +1236,7 @@ static void eapol_handle_ptk_1_of_4(struct eapol_sm *sm, } else if (pmkid) { uint8_t own_pmkid[16]; - if (!handshake_state_get_pmkid(sm->handshake, own_pmkid)) + if (!handshake_state_get_pmkid(sm->handshake, own_pmkid, false)) goto error_unspecified; if (l_secure_memcmp(pmkid, own_pmkid, 16)) { diff --git a/src/handshake.c b/src/handshake.c index cd9b3082..7f749632 100644 --- a/src/handshake.c +++ b/src/handshake.c @@ -734,7 +734,8 @@ void handshake_state_set_pmkid(struct handshake_state *s, const uint8_t *pmkid) s->have_pmkid = true; } -bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid) +bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid, + bool force_sha1) { bool use_sha256; @@ -755,8 +756,8 @@ bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid) * calculation." */ - if (s->akm_suite & (IE_RSN_AKM_SUITE_8021X_SHA256 | - IE_RSN_AKM_SUITE_PSK_SHA256)) + if (!force_sha1 && (s->akm_suite & (IE_RSN_AKM_SUITE_8021X_SHA256 | + IE_RSN_AKM_SUITE_PSK_SHA256))) use_sha256 = true; else use_sha256 = false; diff --git a/src/handshake.h b/src/handshake.h index 863ffac7..d9505593 100644 --- a/src/handshake.h +++ b/src/handshake.h @@ -269,7 +269,8 @@ void handshake_state_install_igtk(struct handshake_state *s, void handshake_state_override_pairwise_cipher(struct handshake_state *s, enum ie_rsn_cipher_suite pairwise); -bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid); +bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid, + bool force_sha1); bool handshake_decode_fte_key(struct handshake_state *s, const uint8_t *wrapped, size_t key_len, uint8_t *key_out); diff --git a/src/station.c b/src/station.c index f830ab7a..2e819460 100644 --- a/src/station.c +++ b/src/station.c @@ -2236,7 +2236,7 @@ static void station_preauthenticate_cb(struct netdev *netdev, new_hs->supplicant_ie[1] + 2, &rsn_info); - handshake_state_get_pmkid(new_hs, pmkid); + handshake_state_get_pmkid(new_hs, pmkid, true); rsn_info.num_pmkids = 1; rsn_info.pmkids = pmkid;