WPA: Extra defense against PTK reinstalls in 4-way handshake

Currently, reinstallations of the PTK are prevented by (1) assuring the same TPTK is only set once as the PTK, and (2) that one particular PTK is only installed once. This patch makes it more explicit that point (1) is required to prevent key reinstallations. At the same time, this patch hardens wpa_supplicant such that future changes do not accidentally break this property. Change-Id: Ib8d2a4dc2c6ccd634866f0b3b01ca3d73f73bcaa Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
LineageOS · Oct 16, 2017 · fbf7ecc · fbf7ecc
1 parent 5c64f90
commit fbf7ecc
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
@@ -1642,6 +1642,14 @@ static int wpa_supplicant_verify_eapol_key_mic(struct wpa_sm *sm,
 			sm->ptk_set = 1;
 			os_memcpy(&sm->ptk, &sm->tptk, sizeof(sm->ptk));
 			os_memset(&sm->tptk, 0, sizeof(sm->tptk));
+			/*
+			 * This assures the same TPTK in sm->tptk can never be
+			 * copied twice to sm->pkt as the new PTK. In
+			 * combination with the installed flag in the wpa_ptk
+			 * struct, this assures the same PTK is only installed
+			 * once.
+			 */
+			sm->renew_snonce = 1;
 		}
 	}