[PATCH v4 04/13] MLD STA: Use AP MLD address to derive pairwise keys

Veerendranath Jakkam quic_vjakkam at quicinc.com
Thu Nov 3 01:08:47 PDT 2022 

From: Rohan Dutta <quic_drohan at quicinc.com>

Use AP MLD address to derive pairwise keys for MLO connection. Current
changes are handling only ptk derivation during EAPOL Four-Way
handshake.

Signed-off-by: Rohan Dutta <quic_drohan at quicinc.com>
Signed-off-by: Veerendranath Jakkam <quic_vjakkam at quicinc.com>
---
 src/rsn_supp/wpa.c    | 8 +++++++-
 src/rsn_supp/wpa.h    | 1 +
 src/rsn_supp/wpa_ft.c | 2 +-
 3 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 51d1a5974..675a66f6f 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -641,7 +641,7 @@ static int wpa_derive_ptk(struct wpa_sm *sm, const unsigned char *src_addr,
 		kdk_len = 0;
 
 	ret = wpa_pmk_to_ptk(sm->pmk, sm->pmk_len, "Pairwise key expansion",
-			     sm->own_addr, sm->bssid, sm->snonce,
+			     sm->own_addr, wpa_sm_get_auth_addr(sm), sm->snonce,
 			     key->key_nonce, ptk, akmp,
 			     sm->pairwise_cipher, z, z_len,
 			     kdk_len);
@@ -4275,6 +4275,12 @@ unsigned int wpa_sm_get_key_mgmt(struct wpa_sm *sm)
 }
 
 
+const u8 * wpa_sm_get_auth_addr(struct wpa_sm *sm)
+{
+	return sm->mlo.valid_links ? sm->mlo.ap_mld_addr : sm->bssid;
+}
+
+
 #ifdef CONFIG_FILS
 
 struct wpabuf * fils_build_auth(struct wpa_sm *sm, int dh_group, const u8 *md)
diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h
index 216573131..13d030c37 100644
--- a/src/rsn_supp/wpa.h
+++ b/src/rsn_supp/wpa.h
@@ -577,5 +577,6 @@ void wpa_sm_set_dpp_z(struct wpa_sm *sm, const struct wpabuf *z);
 void wpa_pasn_pmksa_cache_add(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len,
 			      const u8 *pmkid, const u8 *bssid, int key_mgmt);
 void wpa_pasn_sm_set_caps(struct wpa_sm *sm, unsigned int flags2);
+const u8 * wpa_sm_get_auth_addr(struct wpa_sm *sm);
 
 #endif /* WPA_H */
diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c
index 952c4ebde..e74396895 100644
--- a/src/rsn_supp/wpa_ft.c
+++ b/src/rsn_supp/wpa_ft.c
@@ -81,7 +81,7 @@ int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr,
 		kdk_len = 0;
 
 	ret = wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->snonce,
-				anonce, sm->own_addr, sm->bssid,
+				anonce, sm->own_addr, wpa_sm_get_auth_addr(sm),
 				sm->pmk_r1_name, ptk, ptk_name, sm->key_mgmt,
 				sm->pairwise_cipher, kdk_len);
 	if (ret) {
-- 
2.25.1

More information about the Hostap mailing list