From 3b9c5176d13ff3977c4866611c89a7ee162de67c Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Tue, 11 Mar 2014 15:00:09 +0200 Subject: [PATCH] Fix PTK derivation for CCMP-256 and GCMP-256 Incorrect PTK length was used in PMK-to-PTK derivation and the Michael MIC TX/RX key swapping code was incorrectly executed for these ciphers on supplicant side. Signed-off-by: Jouni Malinen --- src/ap/wpa_auth.c | 2 +- src/rsn_supp/wpa.c | 12 +++++++----- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index cc64ff181..7d89edf45 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -1813,7 +1813,7 @@ SM_STATE(WPA_PTK, PTKSTART) static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *pmk, struct wpa_ptk *ptk) { - size_t ptk_len = sm->pairwise != WPA_CIPHER_TKIP ? 48 : 64; + size_t ptk_len = wpa_cipher_key_len(sm->pairwise) + 32; #ifdef CONFIG_IEEE80211R if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) return wpa_auth_derive_ptk_ft(sm, pmk, ptk, ptk_len); diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index ba50263dd..de86cdf65 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -362,7 +362,7 @@ static int wpa_derive_ptk(struct wpa_sm *sm, const unsigned char *src_addr, const struct wpa_eapol_key *key, struct wpa_ptk *ptk) { - size_t ptk_len = sm->pairwise_cipher != WPA_CIPHER_TKIP ? 48 : 64; + size_t ptk_len = wpa_cipher_key_len(sm->pairwise_cipher) + 32; #ifdef CONFIG_IEEE80211R if (wpa_key_mgmt_ft(sm->key_mgmt)) return wpa_derive_ptk_ft(sm, src_addr, key, ptk, ptk_len); @@ -437,10 +437,12 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, * been verified when processing message 3/4. */ ptk = &sm->tptk; wpa_derive_ptk(sm, src_addr, key, ptk); - /* Supplicant: swap tx/rx Mic keys */ - os_memcpy(buf, ptk->u.auth.tx_mic_key, 8); - os_memcpy(ptk->u.auth.tx_mic_key, ptk->u.auth.rx_mic_key, 8); - os_memcpy(ptk->u.auth.rx_mic_key, buf, 8); + if (sm->pairwise_cipher == WPA_CIPHER_TKIP) { + /* Supplicant: swap tx/rx Mic keys */ + os_memcpy(buf, ptk->u.auth.tx_mic_key, 8); + os_memcpy(ptk->u.auth.tx_mic_key, ptk->u.auth.rx_mic_key, 8); + os_memcpy(ptk->u.auth.rx_mic_key, buf, 8); + } sm->tptk_set = 1; kde = sm->assoc_wpa_ie;