From 6fe3f0f7982ba9a853d48fb6b5ec475f0cfc50e7 Mon Sep 17 00:00:00 2001 From: vamsi krishna Date: Tue, 26 Mar 2019 20:19:02 +0530 Subject: [PATCH] FT-SAE: Use PMK as XXKey in AP when SAE PMKSA caching is used When connected using FT-SAE key mgmt, use PMK from PMKSA cache as XXKey for PMK-R0 and PMK-R1 derivations. This fixes an issue where FT key hierarchy could not be established due to missing (not yet configured) XXKey when using SAE PMKSA caching for the initial mobility domain association. Signed-off-by: Jouni Malinen --- src/ap/wpa_auth.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 078106877..616b20592 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -2060,6 +2060,10 @@ SM_STATE(WPA_PTK, INITPSK) wpa_printf(MSG_DEBUG, "SAE: PMK from PMKSA cache"); os_memcpy(sm->PMK, sm->pmksa->pmk, sm->pmksa->pmk_len); sm->pmk_len = sm->pmksa->pmk_len; +#ifdef CONFIG_IEEE80211R_AP + os_memcpy(sm->xxkey, sm->pmksa->pmk, sm->pmksa->pmk_len); + sm->xxkey_len = sm->pmksa->pmk_len; +#endif /* CONFIG_IEEE80211R_AP */ } #endif /* CONFIG_SAE */ sm->req_replay_counter_used = 0;