mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-12-02 04:08:26 -05:00
207976f053
In addition to the PTK length increasing, the length of the PMK was increased (from 256 to 384 bits) for the 00-0f-ac:12 AKM. This part was missing from the initial implementation and a fixed length (256-bit) PMK was used for all AKMs. Fix this by adding more complete support for variable length PMK and use 384 bits from MSK instead of 256 bits when using this AKM. This is not backwards compatible with the earlier implementations. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
68 lines
2.0 KiB
C
68 lines
2.0 KiB
C
/*
|
|
* hostapd - PMKSA cache for IEEE 802.11i RSN
|
|
* Copyright (c) 2004-2008, 2012, Jouni Malinen <j@w1.fi>
|
|
*
|
|
* This software may be distributed under the terms of the BSD license.
|
|
* See README for more details.
|
|
*/
|
|
|
|
#ifndef PMKSA_CACHE_H
|
|
#define PMKSA_CACHE_H
|
|
|
|
#include "radius/radius.h"
|
|
|
|
/**
|
|
* struct rsn_pmksa_cache_entry - PMKSA cache entry
|
|
*/
|
|
struct rsn_pmksa_cache_entry {
|
|
struct rsn_pmksa_cache_entry *next, *hnext;
|
|
u8 pmkid[PMKID_LEN];
|
|
u8 pmk[PMK_LEN_MAX];
|
|
size_t pmk_len;
|
|
os_time_t expiration;
|
|
int akmp; /* WPA_KEY_MGMT_* */
|
|
u8 spa[ETH_ALEN];
|
|
|
|
u8 *identity;
|
|
size_t identity_len;
|
|
struct wpabuf *cui;
|
|
struct radius_class_data radius_class;
|
|
u8 eap_type_authsrv;
|
|
int vlan_id;
|
|
int opportunistic;
|
|
|
|
u32 acct_multi_session_id_hi;
|
|
u32 acct_multi_session_id_lo;
|
|
};
|
|
|
|
struct rsn_pmksa_cache;
|
|
|
|
struct rsn_pmksa_cache *
|
|
pmksa_cache_auth_init(void (*free_cb)(struct rsn_pmksa_cache_entry *entry,
|
|
void *ctx), void *ctx);
|
|
void pmksa_cache_auth_deinit(struct rsn_pmksa_cache *pmksa);
|
|
struct rsn_pmksa_cache_entry *
|
|
pmksa_cache_auth_get(struct rsn_pmksa_cache *pmksa,
|
|
const u8 *spa, const u8 *pmkid);
|
|
struct rsn_pmksa_cache_entry * pmksa_cache_get_okc(
|
|
struct rsn_pmksa_cache *pmksa, const u8 *spa, const u8 *aa,
|
|
const u8 *pmkid);
|
|
struct rsn_pmksa_cache_entry *
|
|
pmksa_cache_auth_add(struct rsn_pmksa_cache *pmksa,
|
|
const u8 *pmk, size_t pmk_len,
|
|
const u8 *kck, size_t kck_len,
|
|
const u8 *aa, const u8 *spa, int session_timeout,
|
|
struct eapol_state_machine *eapol, int akmp);
|
|
struct rsn_pmksa_cache_entry *
|
|
pmksa_cache_add_okc(struct rsn_pmksa_cache *pmksa,
|
|
const struct rsn_pmksa_cache_entry *old_entry,
|
|
const u8 *aa, const u8 *pmkid);
|
|
void pmksa_cache_to_eapol_data(struct rsn_pmksa_cache_entry *entry,
|
|
struct eapol_state_machine *eapol);
|
|
void pmksa_cache_free_entry(struct rsn_pmksa_cache *pmksa,
|
|
struct rsn_pmksa_cache_entry *entry);
|
|
int pmksa_cache_auth_radius_das_disconnect(struct rsn_pmksa_cache *pmksa,
|
|
struct radius_das_attrs *attr);
|
|
|
|
#endif /* PMKSA_CACHE_H */
|