[PATCH] sae: enable HMAC_SHA384_KDF and HMAC_SHA512_KDF unconditionally
yegorslists at googlemail.com
yegorslists at googlemail.com
Sat Jan 29 23:41:39 PST 2022
From: Yegor Yefremov <yegorslists at googlemail.com>
Enabling at least HMAC_SHA384_KDF will avoid linking failure
when only CONFIG_EAP_TEAP is enabled. Though CONFIG_EAP_TEAP
configures NEED_SHA384, it doesn't select HMAC_SHA384_KDF and
hence, sae cannot resolve hmac_sha384_kdf() routine.
Signed-off-by: Yegor Yefremov <yegorslists at googlemail.com>
---
src/common/sae.c | 4 ----
wpa_supplicant/Makefile | 2 ++
2 files changed, 2 insertions(+), 4 deletions(-)
diff --git a/src/common/sae.c b/src/common/sae.c
index c0f154e91..05e7724f1 100644
--- a/src/common/sae.c
+++ b/src/common/sae.c
@@ -560,18 +560,14 @@ static int hkdf_expand(size_t hash_len, const u8 *prk, size_t prk_len,
return hmac_sha256_kdf(prk, prk_len, NULL,
(const u8 *) info, info_len,
okm, okm_len);
-#ifdef CONFIG_SHA384
if (hash_len == 48)
return hmac_sha384_kdf(prk, prk_len, NULL,
(const u8 *) info, info_len,
okm, okm_len);
-#endif /* CONFIG_SHA384 */
-#ifdef CONFIG_SHA512
if (hash_len == 64)
return hmac_sha512_kdf(prk, prk_len, NULL,
(const u8 *) info, info_len,
okm, okm_len);
-#endif /* CONFIG_SHA512 */
return -1;
}
diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile
index cb66defac..6ed7c3bc0 100644
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -264,6 +264,8 @@ endif
NEED_ECC=y
NEED_DH_GROUPS=y
NEED_HMAC_SHA256_KDF=y
+NEED_HMAC_SHA384_KDF=y
+NEED_HMAC_SHA512_KDF=y
NEED_DRAGONFLY=y
ifdef CONFIG_TESTING_OPTIONS
NEED_DH_GROUPS_ALL=y
--
2.17.0
More information about the Hostap
mailing list