[PATCH 16/92] wpa_supplicant: Add PMKSA cache to NAN data

Andrei Otcheretianski andrei.otcheretianski at intel.com
Wed Apr 22 05:23:07 PDT 2026 

From: Avraham Stern <avraham.stern at intel.com>

NAN pairing uses the PASN module which requires a PMKSA cache for
initiator and responder roles. Add the PMKSA cache to the NAN data.

Signed-off-by: Avraham Stern <avraham.stern at intel.com>
---
 src/nan/nan.c   | 16 ++++++++++++++++
 src/nan/nan_i.h |  5 +++++
 2 files changed, 21 insertions(+)

diff --git a/src/nan/nan.c b/src/nan/nan.c
index 3da56f4854..6bf9d5a21d 100644
--- a/src/nan/nan.c
+++ b/src/nan/nan.c
@@ -12,6 +12,7 @@
 #include "common/ieee802_11_common.h"
 #include "nan.h"
 #include "nan_i.h"
+#include "pasn/pasn_common.h"
 
 #define NAN_MAX_PEERS 32
 #define NAN_MAX_NAF_LEN 1024
@@ -48,6 +49,17 @@ struct nan_data * nan_init(const struct nan_config *cfg)
 		return NULL;
 	}
 
+#ifdef CONFIG_PASN
+	nan->initiator_pmksa = pasn_initiator_pmksa_cache_init();
+	nan->responder_pmksa = pasn_responder_pmksa_cache_init();
+	if (!nan->initiator_pmksa || !nan->responder_pmksa) {
+		wpa_printf(MSG_DEBUG,
+			   "NAN: Failed to initialize PASN PMKSA cache");
+		nan_deinit(nan);
+		return NULL;
+	}
+#endif /* CONFIG_PASN */
+
 	dl_list_init(&nan->peer_list);
 
 	wpa_printf(MSG_DEBUG, "NAN: Initialized");
@@ -164,6 +176,10 @@ void nan_deinit(struct nan_data *nan)
 {
 	wpa_printf(MSG_DEBUG, "NAN: Deinit");
 	nan_peer_clear_all(nan);
+#ifdef CONFIG_PASN
+	pasn_initiator_pmksa_cache_deinit(nan->initiator_pmksa);
+	pasn_responder_pmksa_cache_deinit(nan->responder_pmksa);
+#endif /* CONFIG_PASN */
 	os_free(nan->cfg);
 	os_free(nan);
 }
diff --git a/src/nan/nan_i.h b/src/nan/nan_i.h
index d917b48ffb..14eee57949 100644
--- a/src/nan/nan_i.h
+++ b/src/nan/nan_i.h
@@ -484,6 +484,8 @@ struct nan_peer {
  * @cluster_id: Current cluster ID
  * @nira_nonce: Nonce for NAN Identity Resolution attribute (NIRA)
  * @nira_tag: Tag for NAN Identity Resolution attribute (NIRA)
+ * @initiator_pmksa: PMKSA cache for PASN-PMK authentication as an initiator
+ * @responder_pmksa: PMKSA cache for PASN-PMK authentication as a responder
  */
 struct nan_data {
 	struct nan_config *cfg;
@@ -497,6 +499,9 @@ struct nan_data {
 
 	u8 nira_nonce[NAN_NIRA_NONCE_LEN];
 	u8 nira_tag[NAN_NIRA_TAG_LEN];
+
+	struct rsn_pmksa_cache *initiator_pmksa;
+	struct rsn_pmksa_cache *responder_pmksa;
 };
 
 struct nan_attrs_entry {
-- 
2.53.0

More information about the Hostap mailing list