Fix writing of BIGTK in FT protocol

A copy-paste issue in wpa_ft_bigtk_subelem() ended up encoding the IGTK
value instead of the BIGTK when providing the current BIGTK to the STA
during FT protocol. Fix this to use the correct key to avoid issues when
beacon protection is used with FT.

Fixes: 16889aff40 ("Add BIGTK KDE and subelement similarly to IGTK")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
Jouni Malinen 2023-08-10 21:17:40 +03:00 committed by Jouni Malinen
parent 084745ffc5
commit bf9cbb462f

View file

@ -2398,7 +2398,7 @@ static u8 * wpa_ft_bigtk_subelem(struct wpa_state_machine *sm, size_t *len)
wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_bigtk, pos); wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_bigtk, pos);
pos += 6; pos += 6;
*pos++ = bigtk_len; *pos++ = bigtk_len;
bigtk = gsm->IGTK[gsm->GN_bigtk - 6]; bigtk = gsm->BIGTK[gsm->GN_bigtk - 6];
if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) {
/* /*
* Provide unique random BIGTK to each OSEN STA to prevent use * Provide unique random BIGTK to each OSEN STA to prevent use