mesh: Support variable length TX MGTK

This is an initial step in supporting multiple cipher suites.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c
index d7a8115..021b7d2 100644 (file)
--- a/wpa_supplicant/mesh_rsn.c
+++ b/wpa_supplicant/mesh_rsn.c
@@ -173,7 +173,8 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr,
        }
 
        /* TODO: support rekeying */
-       if (random_get_bytes(rsn->mgtk, 16) < 0)
+       rsn->mgtk_len = wpa_cipher_key_len(WPA_CIPHER_CCMP);
+       if (random_get_bytes(rsn->mgtk, rsn->mgtk_len) < 0)
                return -1;
 
        /* group mgmt */
@@ -181,8 +182,10 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr,
                        seq, sizeof(seq), rsn->mgtk, sizeof(rsn->mgtk));
 
        /* group privacy / data frames */
+       wpa_hexdump_key(MSG_DEBUG, "mesh: Own TX MGTK",
+                       rsn->mgtk, rsn->mgtk_len);
        wpa_drv_set_key(rsn->wpa_s, WPA_ALG_CCMP, NULL, 1, 1,
-                       seq, sizeof(seq), rsn->mgtk, sizeof(rsn->mgtk));
+                       seq, sizeof(seq), rsn->mgtk, rsn->mgtk_len);
 
        return 0;
 }
@@ -191,6 +194,7 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr,
 static void mesh_rsn_deinit(struct mesh_rsn *rsn)
 {
        os_memset(rsn->mgtk, 0, sizeof(rsn->mgtk));
+       rsn->mgtk_len = 0;
        if (rsn->auth)
                wpa_deinit(rsn->auth);
 }

diff --git a/wpa_supplicant/mesh_rsn.h b/wpa_supplicant/mesh_rsn.h
index 89601d4..4d9425b 100644 (file)
--- a/wpa_supplicant/mesh_rsn.h
+++ b/wpa_supplicant/mesh_rsn.h
@@ -12,7 +12,8 @@
 struct mesh_rsn {
        struct wpa_supplicant *wpa_s;
        struct wpa_authenticator *auth;
-       u8 mgtk[16];
+       u8 mgtk[WPA_TK_MAX_LEN];
+       size_t mgtk_len;
 #ifdef CONFIG_SAE
        struct wpabuf *sae_token;
        int sae_group_index;