Skip to content
Permalink
Browse files

Clear PMK length and check for this when deriving PTK

Instead of setting the default PMK length for the cleared PMK, set the
length to 0 and explicitly check for this when deriving PTK to avoid
unexpected key derivation with an all-zeroes key should it be possible
to somehow trigger PTK derivation to happen before PMK derivation.

Change-Id: Ib5e1e22b2713a8b0d50683a5bfdf9cfad2023eaf
Signed-off-by: Jouni Malinen <j@w1.fi>
  • Loading branch information...
jmalinen authored and invisiblek committed Oct 8, 2017
1 parent a630551 commit ac7891721bd6f9be777d9db74d4ff2768cfa49a2
Showing with 9 additions and 3 deletions.
  1. +5 −0 src/common/wpa_common.c
  2. +4 −3 src/rsn_supp/wpa.c
@@ -143,6 +143,11 @@ int wpa_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const char *label,
u8 tmp[WPA_KCK_MAX_LEN + WPA_KEK_MAX_LEN + WPA_TK_MAX_LEN];
size_t ptk_len;

if (pmk_len == 0) {
wpa_printf(MSG_ERROR, "WPA: No PMK set for PT derivation");
return -1;
}

if (os_memcmp(addr1, addr2, ETH_ALEN) < 0) {
os_memcpy(data, addr1, ETH_ALEN);
os_memcpy(data + ETH_ALEN, addr2, ETH_ALEN);
@@ -499,7 +499,8 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm,
/* Calculate PTK which will be stored as a temporary PTK until it has
* been verified when processing message 3/4. */
ptk = &sm->tptk;
wpa_derive_ptk(sm, src_addr, key, ptk);
if (wpa_derive_ptk(sm, src_addr, key, ptk) < 0)
goto failed;
if (sm->pairwise_cipher == WPA_CIPHER_TKIP) {
u8 buf[8];
/* Supplicant: swap tx/rx Mic keys */
@@ -2460,8 +2461,8 @@ void wpa_sm_set_pmk_from_pmksa(struct wpa_sm *sm)
os_memcpy(sm->pmk, sm->cur_pmksa->pmk, sm->pmk_len);
} else {
wpa_printf(MSG_DEBUG, "WPA: No current PMKSA - clear PMK");
sm->pmk_len = PMK_LEN;
os_memset(sm->pmk, 0, PMK_LEN);
sm->pmk_len = 0;
os_memset(sm->pmk, 0, PMK_LEN_MAX);
}
}

0 comments on commit ac78917

Please sign in to comment.
You can’t perform that action at this time.