diff options
| author | James Prestwood <prestwoj@gmail.com> | 2020-03-24 12:07:57 -0700 |
|---|---|---|
| committer | Denis Kenzior <denkenz@gmail.com> | 2020-03-20 23:50:55 -0500 |
| commit | 972762b1160b20d6a2ed9b73024037fd616e5ce4 (patch) | |
| tree | 347a54b22b927e8a069ada7d4876dde87df537f2 | |
| parent | 6e8b7652788ac51b9ef79431231b3650eeaa2449 (diff) | |
| download | iwd-972762b1160b20d6a2ed9b73024037fd616e5ce4.tar.gz | |
handshake: fix OWE PTK derivation
This bug has been in here since OWE was written, but a similar bug also
existed in hostapd which allowed the PTK derivation to be identical.
In January 2020 hostapd fixed this bug, which now makes IWD incompatible
when using group 20 or 21.
This patch fixes the bug for IWD, so now OWE should be compatible with
recent hostapd version. This will break compatibility with old hostapd
versions which still have this bug.
| -rw-r--r-- | src/handshake.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/src/handshake.c b/src/handshake.c index bb3764419..1cab48f11 100644 --- a/src/handshake.c +++ b/src/handshake.c @@ -410,14 +410,22 @@ bool handshake_state_derive_ptk(struct handshake_state *s) s->ptk_complete = false; - if (s->akm_suite & (IE_RSN_AKM_SUITE_FILS_SHA384 | + if (s->akm_suite & IE_RSN_AKM_SUITE_OWE) { + if (s->pmk_len == 32) + type = L_CHECKSUM_SHA256; + else if (s->pmk_len == 48) + type = L_CHECKSUM_SHA384; + else if (s->pmk_len == 64) + type = L_CHECKSUM_SHA512; + else + return false; + } else if (s->akm_suite & (IE_RSN_AKM_SUITE_FILS_SHA384 | IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384)) type = L_CHECKSUM_SHA384; else if (s->akm_suite & (IE_RSN_AKM_SUITE_8021X_SHA256 | IE_RSN_AKM_SUITE_PSK_SHA256 | IE_RSN_AKM_SUITE_SAE_SHA256 | IE_RSN_AKM_SUITE_FT_OVER_SAE_SHA256 | - IE_RSN_AKM_SUITE_OWE | IE_RSN_AKM_SUITE_FILS_SHA256 | IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256 | IE_RSN_AKM_SUITE_OSEN)) |