aboutsummaryrefslogtreecommitdiffstats
path: root/wlantest
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2011-12-22 14:39:17 (GMT)
committerJouni Malinen <j@w1.fi>2011-12-22 14:39:17 (GMT)
commit3c56f0e2757edef2bfcadf928e2aba1270779870 (patch)
tree4161038d279e187403e60a2bdb9aa95b80c6a482 /wlantest
parent3b655312d4c06252990fd9ba38584acf6cabc051 (diff)
downloadhostap-3c56f0e2757edef2bfcadf928e2aba1270779870.zip
hostap-3c56f0e2757edef2bfcadf928e2aba1270779870.tar.gz
hostap-3c56f0e2757edef2bfcadf928e2aba1270779870.tar.bz2
wlantest: Fix EAPOL-Key Key Data decryption for rekey case
KEK from TPTK needs to be used instead of from PTK when processing rekeying case similarly to what was already done with KCK. Signed-hostap: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'wlantest')
-rw-r--r--wlantest/rx_eapol.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/wlantest/rx_eapol.c b/wlantest/rx_eapol.c
index 5a87326..e98dbe2 100644
--- a/wlantest/rx_eapol.c
+++ b/wlantest/rx_eapol.c
@@ -417,7 +417,7 @@ static void rx_data_eapol_key_3_of_4(struct wlantest *wt, const u8 *dst,
struct wlantest_sta *sta;
const struct ieee802_1x_hdr *eapol;
const struct wpa_eapol_key *hdr;
- const u8 *key_data, *kck;
+ const u8 *key_data, *kck, *kek;
int recalc = 0;
u16 key_info, ver;
u8 *decrypted_buf = NULL;
@@ -454,10 +454,12 @@ static void rx_data_eapol_key_3_of_4(struct wlantest *wt, const u8 *dst,
return;
}
+ kek = sta->ptk.kek;
kck = sta->ptk.kck;
if (sta->tptk_set) {
wpa_printf(MSG_DEBUG, "Use TPTK for validation EAPOL-Key MIC");
kck = sta->tptk.kck;
+ kek = sta->tptk.kek;
}
if (check_mic(kck, key_info & WPA_KEY_INFO_TYPE_MASK, data, len) < 0) {
wpa_printf(MSG_INFO, "Mismatch in EAPOL-Key 3/4 MIC");
@@ -474,7 +476,7 @@ static void rx_data_eapol_key_3_of_4(struct wlantest *wt, const u8 *dst,
decrypted_len = WPA_GET_BE16(hdr->key_data_length);
} else {
ver = key_info & WPA_KEY_INFO_TYPE_MASK;
- decrypted_buf = decrypt_eapol_key_data(sta->ptk.kek, ver, hdr,
+ decrypted_buf = decrypt_eapol_key_data(kek, ver, hdr,
&decrypted_len);
if (decrypted_buf == NULL) {
wpa_printf(MSG_INFO, "Failed to decrypt EAPOL-Key Key "