FILS: Update EAPOL-Key RX rules for FILS (AP)
Key Descriptor Version 0 is used with FILS and Key Info MIC field is set to 0 with AEAD ciphers. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
352caf006a
commit
b986648389
1 changed files with 12 additions and 1 deletions
|
@ -989,6 +989,7 @@ void wpa_receive(struct wpa_authenticator *wpa_auth,
|
|||
if (wpa_use_aes_cmac(sm) &&
|
||||
sm->wpa_key_mgmt != WPA_KEY_MGMT_OSEN &&
|
||||
!wpa_key_mgmt_suite_b(sm->wpa_key_mgmt) &&
|
||||
!wpa_key_mgmt_fils(sm->wpa_key_mgmt) &&
|
||||
ver != WPA_KEY_INFO_TYPE_AES_128_CMAC) {
|
||||
wpa_auth_logger(wpa_auth, sm->addr,
|
||||
LOGGER_WARNING,
|
||||
|
@ -1243,12 +1244,22 @@ continue_processing:
|
|||
return;
|
||||
}
|
||||
|
||||
if (!(key_info & WPA_KEY_INFO_MIC)) {
|
||||
if (!wpa_key_mgmt_fils(sm->wpa_key_mgmt) &&
|
||||
!(key_info & WPA_KEY_INFO_MIC)) {
|
||||
wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
|
||||
"received invalid EAPOL-Key: Key MIC not set");
|
||||
return;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_FILS
|
||||
if (wpa_key_mgmt_fils(sm->wpa_key_mgmt) &&
|
||||
(key_info & WPA_KEY_INFO_MIC)) {
|
||||
wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
|
||||
"received invalid EAPOL-Key: Key MIC set");
|
||||
return;
|
||||
}
|
||||
#endif /* CONFIG_FILS */
|
||||
|
||||
sm->MICVerified = FALSE;
|
||||
if (sm->PTK_valid && !sm->update_snonce) {
|
||||
if (wpa_verify_key_mic(sm->wpa_key_mgmt, &sm->PTK, data,
|
||||
|
|
Loading…
Reference in a new issue