aboutsummaryrefslogtreecommitdiffstats
path: root/src/ap/wpa_auth_ft.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2010-04-07 20:57:39 (GMT)
committerJouni Malinen <j@w1.fi>2010-04-07 20:57:39 (GMT)
commit39eb4d08771531333e5647711b288809b1ba4f6d (patch)
tree70a4bd314bd52e82ece1fb8bd281ee090701c4f1 /src/ap/wpa_auth_ft.c
parent26e23750b950cb6e460a058668e9c59a194d1d76 (diff)
downloadhostap-39eb4d08771531333e5647711b288809b1ba4f6d.zip
hostap-39eb4d08771531333e5647711b288809b1ba4f6d.tar.gz
hostap-39eb4d08771531333e5647711b288809b1ba4f6d.tar.bz2
FT: Fix GTK subelement format in FTIE
The Key Info field was changed from 1-octet field to 2-octet field in 802.11r/D7.0, but that had not been updated in the implementation.
Diffstat (limited to 'src/ap/wpa_auth_ft.c')
-rw-r--r--src/ap/wpa_auth_ft.c15
1 files changed, 8 insertions, 7 deletions
diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c
index 5d085c6..499efb1 100644
--- a/src/ap/wpa_auth_ft.c
+++ b/src/ap/wpa_auth_ft.c
@@ -438,20 +438,21 @@ static u8 * wpa_ft_gtk_subelem(struct wpa_state_machine *sm, size_t *len)
key = gsm->GTK[gsm->GN - 1];
/*
- * Sub-elem ID[1] | Length[1] | Key Info[1] | Key Length[1] | RSC[8] |
+ * Sub-elem ID[1] | Length[1] | Key Info[2] | Key Length[1] | RSC[8] |
* Key[5..32].
*/
- subelem_len = 12 + key_len + 8;
+ subelem_len = 13 + key_len + 8;
subelem = os_zalloc(subelem_len);
if (subelem == NULL)
return NULL;
subelem[0] = FTIE_SUBELEM_GTK;
- subelem[1] = 10 + key_len + 8;
- subelem[2] = gsm->GN & 0x03; /* Key ID in B0-B1 of Key Info */
- subelem[3] = gsm->GTK_len;
- wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, subelem + 4);
- if (aes_wrap(sm->PTK.kek, key_len / 8, key, subelem + 12)) {
+ subelem[1] = 11 + key_len + 8;
+ /* Key ID in B0-B1 of Key Info */
+ WPA_PUT_LE16(&subelem[2], gsm->GN & 0x03);
+ subelem[4] = gsm->GTK_len;
+ wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, subelem + 5);
+ if (aes_wrap(sm->PTK.kek, key_len / 8, key, subelem + 13)) {
os_free(subelem);
return NULL;
}