mka: Support 256-bit ICK derivation

Support derivation of a 256-bit ICK and use of a 256-bit CAK in ICK derivation. Signed-off-by: Jouni Malinen <j@w1.fi>
2024-11-25 00:38:24 -05:00 · 2018-12-26 12:39:21 +02:00 · 2018-12-26 12:39:21 +02:00 · 7c3d1cc040
commit 7c3d1cc040
parent 175ebc1f7a
4 changed files with 15 additions and 10 deletions
--- a/src/pae/ieee802_1x_kay.c
+++ b/src/pae/ieee802_1x_kay.c
@ -73,7 +73,7 @@ static struct mka_alg mka_alg_tbl[] = {
 		.cak_trfm = ieee802_1x_cak_128bits_aes_cmac,
 		.ckn_trfm = ieee802_1x_ckn_128bits_aes_cmac,
 		.kek_trfm = ieee802_1x_kek_aes_cmac,
-		.ick_trfm = ieee802_1x_ick_128bits_aes_cmac,
+		.ick_trfm = ieee802_1x_ick_aes_cmac,
 		.icv_hash = ieee802_1x_icv_128bits_aes_cmac,

 		.index = 1,
@ -3546,9 +3546,11 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay,
 	/* to derive ICK from CAK and CKN */
 	participant->ick.len = mka_alg_tbl[kay->mka_algindex].ick_len;
 	if (mka_alg_tbl[kay->mka_algindex].ick_trfm(participant->cak.key,
+						    participant->cak.len,
 						    participant->ckn.name,
 						    participant->ckn.len,
-						    participant->ick.key)) {
+						    participant->ick.key,
+						    participant->ick.len)) {
 		wpa_printf(MSG_ERROR, "KaY: Derived ICK failed");
 		goto fail;
 	}
--- a/src/pae/ieee802_1x_kay_i.h
+++ b/src/pae/ieee802_1x_kay_i.h
@ -77,7 +77,9 @@ struct mka_alg {
 	int (*kek_trfm)(const u8 *cak, size_t cak_bytes,
 			const u8 *ckn, size_t ckn_len,
 			u8 *kek, size_t kek_bytes);
-	int (*ick_trfm)(const u8 *cak, const u8 *ckn, size_t ckn_len, u8 *ick);
+	int (*ick_trfm)(const u8 *cak, size_t cak_bytes,
+			const u8 *ckn, size_t ckn_len,
+			u8 *ick, size_t ick_bytes);
 	int (*icv_hash)(const u8 *ick, const u8 *msg, size_t msg_len, u8 *icv);

 	int index; /* index for configuring */
--- a/src/pae/ieee802_1x_key.c
+++ b/src/pae/ieee802_1x_key.c
@ -151,13 +151,13 @@ int ieee802_1x_kek_aes_cmac(const u8 *cak, size_t cak_bytes, const u8 *ckn,


 /**
- * ieee802_1x_ick_128bits_aes_cmac
+ * ieee802_1x_ick_aes_cmac
 *
 * IEEE Std 802.1X-2010, 9.3.3
 * ICK = KDF(Key, Label, Keyid, ICKLength)
 */
-int ieee802_1x_ick_128bits_aes_cmac(const u8 *cak, const u8 *ckn,
-				    size_t ckn_bytes, u8 *ick)
+int ieee802_1x_ick_aes_cmac(const u8 *cak, size_t cak_bytes, const u8 *ckn,
+			    size_t ckn_bytes, u8 *ick, size_t ick_bytes)
 {
 	u8 context[16];

@ -165,8 +165,9 @@ int ieee802_1x_ick_128bits_aes_cmac(const u8 *cak, const u8 *ckn,
 	os_memset(context, 0, sizeof(context));
 	os_memcpy(context, ckn, (ckn_bytes < 16) ? ckn_bytes : 16);

-	return aes_kdf(cak, 128, "IEEE8021 ICK", context, sizeof(context) * 8,
-		       128, ick);
+	return aes_kdf(cak, 8 *cak_bytes, "IEEE8021 ICK",
+		       context, sizeof(context) * 8,
+		       8 * ick_bytes, ick);
 }


--- a/src/pae/ieee802_1x_key.h
+++ b/src/pae/ieee802_1x_key.h
@ -16,8 +16,8 @@ int ieee802_1x_ckn_128bits_aes_cmac(const u8 *msk, const u8 *mac1,
 				    size_t sid_bytes, u8 *ckn);
 int ieee802_1x_kek_aes_cmac(const u8 *cak, size_t cak_bytes, const u8 *ckn,
 			    size_t ckn_bytes, u8 *kek, size_t kek_bytes);
-int ieee802_1x_ick_128bits_aes_cmac(const u8 *cak, const u8 *ckn,
-				    size_t ckn_bytes, u8 *ick);
+int ieee802_1x_ick_aes_cmac(const u8 *cak, size_t cak_bytes, const u8 *ckn,
+			    size_t ckn_bytes, u8 *ick, size_t ick_bytes);
 int ieee802_1x_icv_128bits_aes_cmac(const u8 *ick, const u8 *msg,
 				    size_t msg_bytes, u8 *icv);
 int ieee802_1x_sak_aes_cmac(const u8 *cak, size_t cak_bytes, const u8 *ctx,