Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2025-01-19 03:14:05 -05:00
Code Issues Projects Releases Wiki Activity

mka: Determine KCK/ICK length from CAK length

Browse Source 
The ICK and KEK are derived from a CAK and the length of the CAK
determines the length of the KCK/ICK. Remove the separate ICK/KEK length
parameters from the algorithm agility table.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2018-12-26 16:23:29 +02:00
parent b452a76e54
commit 73111a63cc
2 changed files with 2 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/pae/ieee802_1x_kay.c
View File

@ -64,10 +64,7 @@ static struct mka_alg mka_alg_tbl[] = {
{
.parameter = MKA_ALGO_AGILITY_2009,
/* 128-bit CAK, KEK, ICK, ICV */
.cak_len = DEFAULT_ICV_LEN,
.kek_len = DEFAULT_ICV_LEN,
.ick_len = DEFAULT_ICV_LEN,
.icv_len = DEFAULT_ICV_LEN,
.cak_trfm = ieee802_1x_cak_128bits_aes_cmac,
@ -3531,7 +3528,7 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay,
goto fail;
/* to derive KEK from CAK and CKN */
participant->kek.len = mka_alg_tbl[kay->mka_algindex].kek_len;
participant->kek.len = participant->cak.len;
if (mka_alg_tbl[kay->mka_algindex].kek_trfm(participant->cak.key,
participant->cak.len,
participant->ckn.name,
@ -3545,7 +3542,7 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay,
participant->kek.key, participant->kek.len);
/* to derive ICK from CAK and CKN */
participant->ick.len = mka_alg_tbl[kay->mka_algindex].ick_len;
participant->ick.len = participant->cak.len;
if (mka_alg_tbl[kay->mka_algindex].ick_trfm(participant->cak.key,
participant->cak.len,
participant->ckn.name,

2
src/pae/ieee802_1x_kay_i.h
View File

@ -67,8 +67,6 @@ struct macsec_ciphersuite {
struct mka_alg {
u8 parameter[4];
size_t cak_len;
size_t kek_len;
size_t ick_len;
size_t icv_len;
int (*cak_trfm)(const u8 *msk, const u8 *mac1, const u8 *mac2, u8 *cak);