mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-28 18:28:23 -05:00
WPS: Remove derivation of management keys
MgmtAuthKey and MgmtEncKey were not used for anything and are unlikely to ever be used, so better remove the code to reduce binary size.
This commit is contained in:
parent
00785aba71
commit
d806a5588e
@ -129,56 +129,6 @@ int wps_derive_keys(struct wps_data *wps)
|
||||
}
|
||||
|
||||
|
||||
int wps_derive_mgmt_keys(struct wps_data *wps)
|
||||
{
|
||||
u8 nonces[2 * WPS_NONCE_LEN];
|
||||
u8 keys[WPS_MGMTAUTHKEY_LEN + WPS_MGMTENCKEY_LEN];
|
||||
u8 hash[SHA256_MAC_LEN];
|
||||
const u8 *addr[2];
|
||||
size_t len[2];
|
||||
const char *auth_label = "WFA-WLAN-Management-MgmtAuthKey";
|
||||
const char *enc_label = "WFA-WLAN-Management-MgmtEncKey";
|
||||
|
||||
/* MgmtAuthKey || MgmtEncKey =
|
||||
* kdf(EMSK, N1 || N2 || "WFA-WLAN-Management-Keys", 384) */
|
||||
os_memcpy(nonces, wps->nonce_e, WPS_NONCE_LEN);
|
||||
os_memcpy(nonces + WPS_NONCE_LEN, wps->nonce_r, WPS_NONCE_LEN);
|
||||
wps_kdf(wps->emsk, nonces, sizeof(nonces), "WFA-WLAN-Management-Keys",
|
||||
keys, sizeof(keys));
|
||||
os_memcpy(wps->mgmt_auth_key, keys, WPS_MGMTAUTHKEY_LEN);
|
||||
os_memcpy(wps->mgmt_enc_key, keys + WPS_MGMTAUTHKEY_LEN,
|
||||
WPS_MGMTENCKEY_LEN);
|
||||
|
||||
addr[0] = nonces;
|
||||
len[0] = sizeof(nonces);
|
||||
|
||||
/* MgmtEncKeyID = first 128 bits of
|
||||
* SHA-256(N1 || N2 || "WFA-WLAN-Management-MgmtAuthKey") */
|
||||
addr[1] = (const u8 *) auth_label;
|
||||
len[1] = os_strlen(auth_label);
|
||||
sha256_vector(2, addr, len, hash);
|
||||
os_memcpy(wps->mgmt_auth_key_id, hash, WPS_MGMT_KEY_ID_LEN);
|
||||
|
||||
/* MgmtEncKeyID = first 128 bits of
|
||||
* SHA-256(N1 || N2 || "WFA-WLAN-Management-MgmtEncKey") */
|
||||
addr[1] = (const u8 *) enc_label;
|
||||
len[1] = os_strlen(enc_label);
|
||||
sha256_vector(2, addr, len, hash);
|
||||
os_memcpy(wps->mgmt_enc_key_id, hash, WPS_MGMT_KEY_ID_LEN);
|
||||
|
||||
wpa_hexdump_key(MSG_DEBUG, "WPS: MgmtAuthKey",
|
||||
wps->mgmt_auth_key, WPS_MGMTAUTHKEY_LEN);
|
||||
wpa_hexdump(MSG_DEBUG, "WPS: MgmtAuthKeyID",
|
||||
wps->mgmt_auth_key_id, WPS_MGMT_KEY_ID_LEN);
|
||||
wpa_hexdump_key(MSG_DEBUG, "WPS: MgmtEncKey",
|
||||
wps->mgmt_enc_key, WPS_MGMTENCKEY_LEN);
|
||||
wpa_hexdump(MSG_DEBUG, "WPS: MgmtEncKeyID",
|
||||
wps->mgmt_enc_key_id, WPS_MGMT_KEY_ID_LEN);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
void wps_derive_psk(struct wps_data *wps, const u8 *dev_passwd,
|
||||
size_t dev_passwd_len)
|
||||
{
|
||||
|
@ -555,10 +555,6 @@ static int wps_process_pubkey(struct wps_data *wps, const u8 *pk,
|
||||
if (wps_derive_keys(wps) < 0)
|
||||
return -1;
|
||||
|
||||
if (wps->request_type == WPS_REQ_WLAN_MANAGER_REGISTRAR &&
|
||||
wps_derive_mgmt_keys(wps) < 0)
|
||||
return -1;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -62,10 +62,6 @@ struct wps_data {
|
||||
u8 authkey[WPS_AUTHKEY_LEN];
|
||||
u8 keywrapkey[WPS_KEYWRAPKEY_LEN];
|
||||
u8 emsk[WPS_EMSK_LEN];
|
||||
u8 mgmt_auth_key[WPS_MGMTAUTHKEY_LEN];
|
||||
u8 mgmt_auth_key_id[WPS_MGMT_KEY_ID_LEN];
|
||||
u8 mgmt_enc_key[WPS_MGMTENCKEY_LEN];
|
||||
u8 mgmt_enc_key_id[WPS_MGMT_KEY_ID_LEN];
|
||||
|
||||
struct wpabuf *last_msg;
|
||||
|
||||
@ -189,7 +185,6 @@ struct wps_parse_attr {
|
||||
void wps_kdf(const u8 *key, const u8 *label_prefix, size_t label_prefix_len,
|
||||
const char *label, u8 *res, size_t res_len);
|
||||
int wps_derive_keys(struct wps_data *wps);
|
||||
int wps_derive_mgmt_keys(struct wps_data *wps);
|
||||
void wps_derive_psk(struct wps_data *wps, const u8 *dev_passwd,
|
||||
size_t dev_passwd_len);
|
||||
struct wpabuf * wps_decrypt_encr_settings(struct wps_data *wps, const u8 *encr,
|
||||
|
Loading…
Reference in New Issue
Block a user