[PATCH v2 06/20] WPA: Extend the fils_pmk_to_ptk() function to also derive KDK

[Jouni Malinen]

On Wed, Dec 16, 2020 at 01:00:19PM +0200, Ilan Peer wrote:
> Extend the fils_pmk_to_ptk() to also derive Key Derivation
> Key (KDK) which can later be used for secure LTF measurements.

> diff --git a/src/common/wpa_common.c b/src/common/wpa_common.c
> @@ -682,9 +697,16 @@ int fils_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const u8 *spa, const u8 *aa,
>  	os_memcpy(ptk->tk, tmp + *ick_len + ptk->kek_len, ptk->tk_len);
>  	wpa_hexdump_key(MSG_DEBUG, "FILS: TK", ptk->tk, ptk->tk_len);
>  
> +	if (ptk->kdk_len) {
> +		os_memcpy(ptk->kdk, tmp + *ick_len + ptk->kek_len +
> +			  ptk->tk_len, ptk->kdk_len);
> +		wpa_hexdump_key(MSG_DEBUG, "FILS: KDK", ptk->kdk,
> +				ptk->kdk_len);
> +	}
> +
>  	if (fils_ft && fils_ft_len) {
> -		os_memcpy(fils_ft, tmp + *ick_len + ptk->kek_len + ptk->tk_len,
> -			  *fils_ft_len);
> +		os_memcpy(fils_ft, tmp + *ick_len + ptk->kek_len + ptk->tk_len +
> +			  ptk->kdk_len, *fils_ft_len);
>  		wpa_hexdump_key(MSG_DEBUG, "FILS: FILS-FT",
>  				fils_ft, *fils_ft_len);
>  	}

This is in incorrect order, i.e., FILS-FT, if derived, is before KDK in
FILS-Key-Data. I've fixed this in my review version, so no need to send
an updated patch.

-- 
Jouni Malinen                                            PGP id EFC895FA