Use Secure=1 in PTK rekeying EAPOL-Key msg 1/4 and 2/4
IEEE Std 802.11-2020 is ambiguous on how the Secure bit is set in EAPOL-Key msg 1/4 and 2/4 in the case where 4-way handshake is use to rekey the PTK. 12.7.2 describes this with "set to 1 once the initial key exchange is complete" while 12.7.6 shows EAPOL-Key msg 1/4 and 2/4 using Secure=0 without any consideration on whether the handshake is for rekeying. TGme seems to be moving towards clarifying this to use Secure=1 based on there being a shared PTKSA between the Authenticator and the Supplicant. In other words, this would use Secure=1 in EAPOL-Key msg 1/4 and 2/4 in the case of rekeying. Change implementation to match that. This bit was already practically ignored on the reception side, so this should not have impact on actual functionality beyond this one bit changing its value in the frame. Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
parent
d2ce1b4d6c
commit
bc36991791
2 changed files with 7 additions and 2 deletions
|
@ -2192,6 +2192,7 @@ SM_STATE(WPA_PTK, PTKSTART)
|
||||||
{
|
{
|
||||||
u8 buf[2 + RSN_SELECTOR_LEN + PMKID_LEN], *pmkid = NULL;
|
u8 buf[2 + RSN_SELECTOR_LEN + PMKID_LEN], *pmkid = NULL;
|
||||||
size_t pmkid_len = 0;
|
size_t pmkid_len = 0;
|
||||||
|
u16 key_info;
|
||||||
|
|
||||||
SM_ENTRY_MA(WPA_PTK, PTKSTART, wpa_ptk);
|
SM_ENTRY_MA(WPA_PTK, PTKSTART, wpa_ptk);
|
||||||
sm->PTKRequest = false;
|
sm->PTKRequest = false;
|
||||||
|
@ -2295,8 +2296,10 @@ SM_STATE(WPA_PTK, PTKSTART)
|
||||||
}
|
}
|
||||||
if (!pmkid)
|
if (!pmkid)
|
||||||
pmkid_len = 0;
|
pmkid_len = 0;
|
||||||
wpa_send_eapol(sm->wpa_auth, sm,
|
key_info = WPA_KEY_INFO_ACK | WPA_KEY_INFO_KEY_TYPE;
|
||||||
WPA_KEY_INFO_ACK | WPA_KEY_INFO_KEY_TYPE, NULL,
|
if (sm->pairwise_set && sm->wpa != WPA_VERSION_WPA)
|
||||||
|
key_info |= WPA_KEY_INFO_SECURE;
|
||||||
|
wpa_send_eapol(sm->wpa_auth, sm, key_info, NULL,
|
||||||
sm->ANonce, pmkid, pmkid_len, 0, 0);
|
sm->ANonce, pmkid, pmkid_len, 0, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -552,6 +552,8 @@ int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst,
|
||||||
sm->proto == WPA_PROTO_OSEN) ?
|
sm->proto == WPA_PROTO_OSEN) ?
|
||||||
EAPOL_KEY_TYPE_RSN : EAPOL_KEY_TYPE_WPA;
|
EAPOL_KEY_TYPE_RSN : EAPOL_KEY_TYPE_WPA;
|
||||||
key_info = ver | WPA_KEY_INFO_KEY_TYPE;
|
key_info = ver | WPA_KEY_INFO_KEY_TYPE;
|
||||||
|
if (sm->ptk_set && sm->proto != WPA_PROTO_WPA)
|
||||||
|
key_info |= WPA_KEY_INFO_SECURE;
|
||||||
if (mic_len)
|
if (mic_len)
|
||||||
key_info |= WPA_KEY_INFO_MIC;
|
key_info |= WPA_KEY_INFO_MIC;
|
||||||
else
|
else
|
||||||
|
|
Loading…
Reference in a new issue