wlantest: Fix CCMP-256 cipher

TK was incorrectly truncated in a way that resulted in CCMP (128-bit
key) encryption being used in practice.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2013-04-05 22:18:25 +03:00 committed by Jouni Malinen
parent 75fa7d19a4
commit f2f66ad7e8

View file

@ -199,7 +199,7 @@ u8 * ccmp_256_decrypt(const u8 *tk, const struct ieee80211_hdr *hdr,
wpa_hexdump(MSG_EXCESSIVE, "CCMP-256 AAD", aad, aad_len); wpa_hexdump(MSG_EXCESSIVE, "CCMP-256 AAD", aad, aad_len);
wpa_hexdump(MSG_EXCESSIVE, "CCMP-256 nonce", nonce, 13); wpa_hexdump(MSG_EXCESSIVE, "CCMP-256 nonce", nonce, 13);
if (aes_ccm_ad(tk, 16, nonce, 16, data + 8, mlen, aad, aad_len, if (aes_ccm_ad(tk, 32, nonce, 16, data + 8, mlen, aad, aad_len,
data + 8 + mlen, plain) < 0) { data + 8 + mlen, plain) < 0) {
u16 seq_ctrl = le_to_host16(hdr->seq_ctrl); u16 seq_ctrl = le_to_host16(hdr->seq_ctrl);
wpa_printf(MSG_INFO, "Invalid CCMP-256 MIC in frame: A1=" MACSTR wpa_printf(MSG_INFO, "Invalid CCMP-256 MIC in frame: A1=" MACSTR
@ -252,7 +252,7 @@ u8 * ccmp_256_encrypt(const u8 *tk, u8 *frame, size_t len, size_t hdrlen,
wpa_hexdump(MSG_EXCESSIVE, "CCMP-256 AAD", aad, aad_len); wpa_hexdump(MSG_EXCESSIVE, "CCMP-256 AAD", aad, aad_len);
wpa_hexdump(MSG_EXCESSIVE, "CCMP-256 nonce", nonce, 13); wpa_hexdump(MSG_EXCESSIVE, "CCMP-256 nonce", nonce, 13);
if (aes_ccm_ae(tk, 16, nonce, 16, frame + hdrlen, plen, aad, aad_len, if (aes_ccm_ae(tk, 32, nonce, 16, frame + hdrlen, plen, aad, aad_len,
pos, pos + plen) < 0) { pos, pos + plen) < 0) {
os_free(crypt); os_free(crypt);
return NULL; return NULL;