Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

OWE: Set PMK length properly on supplicant side

sm->pmk_len was not set when deriving the PMK as part of OWE key
generation. This depending on wpa_sm_set_pmk_from_pmksa() call resetting
the value to the default. While this worked for many cases, this is not
correct and can have issues with network profile selection based on
association information. For example, the OWE transition mode cases
would hit an issue here.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen 7 years ago
parent
ea079153f4
commit
675112df1b
2 changed files with 7 additions and 0 deletions
Split View Show Diff Stats
  1. 1 0
      src/rsn_supp/wpa.c
  2. 6 0
      wpa_supplicant/wpa_supplicant.c

+ 1 - 0
src/rsn_supp/wpa.c
View File 

@@ -4291,6 +4291,7 @@ int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *resp_ies,
 
 	os_memset(prk, 0, SHA256_MAC_LEN);
 
 	if (res < 0)
 
 		return -1;
 
+	sm->pmk_len = PMK_LEN;
 
 
 	wpa_hexdump_key(MSG_DEBUG, "OWE: PMK", sm->pmk, PMK_LEN);
 
 	wpa_hexdump(MSG_DEBUG, "OWE: PMKID", pmkid, PMKID_LEN);

+ 6 - 0
wpa_supplicant/wpa_supplicant.c
View File 

@@ -1528,6 +1528,12 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
 
 				"No PSK available for association");
 
 			return -1;
 
 		}
 
+#ifdef CONFIG_OWE
 
+	} else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
 
+		/* OWE Diffie-Hellman exchange in (Re)Association
 
+		 * Request/Response frames set the PMK, so do not override it
 
+		 * here. */
 
+#endif /* CONFIG_OWE */
 
 	} else
 
 		wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);