Requesting support for hash mode to support FT PSK additional to 22000 mode

[Rozin14]

In certain situations dumptools are forced only to capture handshakes with FT using PSK (802.11r). Theres no hash mode to convert these captures. So requesting to add hash mode supporting this.

A txt file explaining this attached. (Explained by a known hash dev)
message (1).txt

[ZerBea]

The formulas to recover the PSK:
PBKDF2 (the same as on WPA1, WPA2 and WPA2 key version 3):
PMK[256] = PBKDF2(PSK, SSID, SSID-length, 4096).

get PMK-R0:

PMK-R0 = R0-Key-Data = KDF-256(XXKey, "FT-R0", SSIDlength || SSID || MDID || R0KHlength || R0KH-ID || S0KH-ID)
sha256_prf(PMK, PMK_len, "FT-R0", buf, pos - buf, r0_key_data, r0_key_data_len)
PMKID-R0 = HMAC-SHA1-128(PMK-R0, "PMK Name" | MAC_AP | MAC_STA)
PTK = PRF(PMK-R0, "pairwise key expansion", MAC1 || MAC2 || Nonce1 || Nonce2)

get PMK-R1:

PMK-R1 = KDF-256(PMK-R0, "FT-R1", R1KH-ID || S1KH-ID)
sha256_prf(pmk_r0, pmk_r0_len, "FT-R1", buf, pos - buf, pmk_r1, pmk_r0_len);
PMKID-R1 = HMAC-SHA1-128(PMK-R1, "PMK Name" | MAC_AP | MAC_STA) 

An example (containing all calculated session keys)

ESSID: test-ft-psk (746573742d66742d70736b)
MAC_AP: 020000000000
MAC_CLIENT: 020000000100
PMKID: 3378f874c1930b599405d3de4b6e05cc
ANONCE: eb131d608a197829340c645c3bf30df2c0c8e818e9e31c560af630664a21a009
MIC: dd411684bd6e123bce3a606b2be06de2 (same calculation as of WPA2 key version 3)
EAPOL:  010300fa02010b00000000000000000001b44919486bacb36befb4ab90c14e639bc5027cca16d62a1525c2424e6ac7d2fe000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009b30260100000fac040100000fac040100000fac04000001003378f874c1930b599405d3de4b6e05cc3603010201376c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000106020000000000031077697265736861726b2d66742d70736b
MD-ID: 0x0201
R0KH-ID: 77697265736861726b2d66742d70736b
R1KH-ID: 020000000000

PSK: 12345678

calculated:
PMK: f91fea0712af6e92192a51f92acc483e8184f528220fc02308b4102cf79373b2
PTK: 58f564fd078c3cc8ceb8c8be8e51d30d
GTK: a2e4ae32e73603f12ecbce89992de9df
KCK: 258f13dded80136e5d4db91f46aafedf
KEK: 625df4e4b455e1b10f928d721ebc011b

We need to add three additional fields to a FT-PSK hash line:

MD-ID = 2 bytes
R0KH-ID = variable length up to 48 bytes
R1KH-ID = variable length up to 48 bytes

A PMKID hash line could look like this:

WPA*03*PMKID*MAC_AP*MAC_CLIENT*ESSID***MESSAGEPAIR*MD-ID*R0KH-ID*R1KH-ID
WPA*03*3378f874c1930b599405d3de4b6e05cc*020000000000*020000000100*746573742d66742d70736b***01*0201*020000000000*77697265736861726b2d66742d70736b

An EAPOL hash line could look like this:

WPA*04*MIC*MAC_AP*MAC_CLIENT*ESSID*NONCE_AP*EAPOL_CLIENT*MESSAGEPAIR*MD-ID*R0KH-ID*R1KH-ID
WPA*02*dd411684bd6e123bce3a606b2be06de2*020000000000*020000000100*746573742d66742d70736b*eb131d608a197829340c645c3bf30df2c0c8e818e9e31c560af630664a21a009*010300fa02010b00000000000000000001b44919486bacb36befb4ab90c14e639bc5027cca16d62a1525c2424e6ac7d2fe000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009b30260100000fac040100000fac040100000fac04000001003378f874c1930b599405d3de4b6e05cc3603010201376c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000106020000000000031077697265736861726b2d66742d70736b*02*0201*020000000000*77697265736861726b2d66742d70736b

BTW:
Your attachment (message.1.txt) is exactly that what I reported to discord (via user freeroute), but now supplemented by an (reproducible) example

[ZerBea]

RxKH-ID field can be up to 48 bytes:
https://mentor.ieee.org/802.11/dcn/07/11-07-0126-01-000r-variable-length-r0kh-id.doc

[ZerBea]

Calculation of the MIC is similar to WPA2 key version 3 (AES-128-CMAC)

More information is here:
https://www.cwnp.com/uploads/802-11_rsn_ft.pdf