diff mbox series

[1/3,v2] crypto: modify crypto_derive_pmkid to take the length/checksum type

Message ID 20230620172533.727504-2-prestwoj@gmail.com (mailing list archive)
State Accepted, archived
Headers show
Series PMKID changes | expand

Commit Message

James Prestwood June 20, 2023, 5:25 p.m. UTC 
The existing API was limited to SHA1 or SHA256 and assumed a key
length of 32 bytes. Since other AKMs plan to be added update
this to take the checksum/length directly for better flexibility.
---
 src/crypto.c    | 10 ++++------
 src/crypto.h    |  5 +++--
 src/eapol.c     |  4 ++--
 src/handshake.c |  9 ++++-----
 4 files changed, 13 insertions(+), 15 deletions(-)
diff mbox series

Patch

diff --git a/src/crypto.c b/src/crypto.c
index 840d9ee4..099b8695 100644
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -1116,9 +1116,10 @@  exit:
 }
 
 /* Defined in 802.11-2012, Section 11.6.1.3 Pairwise Key Hierarchy */
-bool crypto_derive_pmkid(const uint8_t *pmk,
+bool crypto_derive_pmkid(const uint8_t *pmk, size_t key_len,
 				const uint8_t *addr1, const uint8_t *addr2,
-				uint8_t *out_pmkid, bool use_sha256)
+				uint8_t *out_pmkid,
+				enum l_checksum_type checksum)
 {
 	uint8_t data[20];
 
@@ -1126,10 +1127,7 @@  bool crypto_derive_pmkid(const uint8_t *pmk,
 	memcpy(data + 8, addr2, 6);
 	memcpy(data + 14, addr1, 6);
 
-	if (use_sha256)
-		return hmac_sha256(pmk, 32, data, 20, out_pmkid, 16);
-	else
-		return hmac_sha1(pmk, 32, data, 20, out_pmkid, 16);
+	return hmac_common(checksum, pmk, key_len, data, 20, out_pmkid, 16);
 }
 
 enum l_checksum_type crypto_sae_hash_from_ecc_prime_len(enum crypto_sae type,
diff --git a/src/crypto.h b/src/crypto.h
index ed430abb..d2a96655 100644
--- a/src/crypto.h
+++ b/src/crypto.h
@@ -154,9 +154,10 @@  bool crypto_derive_ft_ptk(const uint8_t *pmk_r1, const uint8_t *pmk_r1_name,
 				bool sha384, uint8_t *out_ptk, size_t ptk_len,
 				uint8_t *out_ptk_name);
 
-bool crypto_derive_pmkid(const uint8_t *pmk,
+bool crypto_derive_pmkid(const uint8_t *pmk, size_t key_len,
 				const uint8_t *addr1, const uint8_t *addr2,
-				uint8_t *out_pmkid, bool use_sha256);
+				uint8_t *out_pmkid,
+				enum l_checksum_type checksum);
 
 enum crypto_sae {
 	CRYPTO_SAE_LOOPING,
diff --git a/src/eapol.c b/src/eapol.c
index 37f5eaaa..f290f40a 100644
--- a/src/eapol.c
+++ b/src/eapol.c
@@ -1112,8 +1112,8 @@  static void eapol_send_ptk_1_of_4(struct eapol_sm *sm)
 	memcpy(ek->key_nonce, sm->handshake->anonce, sizeof(ek->key_nonce));
 
 	/* Write the PMKID KDE into Key Data field unencrypted */
-	crypto_derive_pmkid(sm->handshake->pmk, sm->handshake->spa, aa,
-			pmkid, false);
+	crypto_derive_pmkid(sm->handshake->pmk, 32, sm->handshake->spa, aa,
+			pmkid, L_CHECKSUM_SHA1);
 
 	eapol_key_data_append(ek, sm->mic_len, HANDSHAKE_KDE_PMKID, pmkid, 16);
 
diff --git a/src/handshake.c b/src/handshake.c
index cd9b3082..ac5bda51 100644
--- a/src/handshake.c
+++ b/src/handshake.c
@@ -736,7 +736,7 @@  void handshake_state_set_pmkid(struct handshake_state *s, const uint8_t *pmkid)
 
 bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid)
 {
-	bool use_sha256;
+	enum l_checksum_type sha;
 
 	/* SAE exports pmkid */
 	if (s->have_pmkid) {
@@ -757,12 +757,11 @@  bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid)
 
 	if (s->akm_suite & (IE_RSN_AKM_SUITE_8021X_SHA256 |
 			IE_RSN_AKM_SUITE_PSK_SHA256))
-		use_sha256 = true;
+		sha = L_CHECKSUM_SHA256;
 	else
-		use_sha256 = false;
+		sha = L_CHECKSUM_SHA1;
 
-	return crypto_derive_pmkid(s->pmk, s->spa, s->aa, out_pmkid,
-					use_sha256);
+	return crypto_derive_pmkid(s->pmk, 32, s->spa, s->aa, out_pmkid, sha);
 }
 
 void handshake_state_set_gtk(struct handshake_state *s, const uint8_t *key,