From b488a12948751f57871f09baa345e59b23959a41 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sun, 8 Oct 2017 13:18:02 +0300 Subject: [PATCH] Clear PMK length and check for this when deriving PTK Instead of setting the default PMK length for the cleared PMK, set the length to 0 and explicitly check for this when deriving PTK to avoid unexpected key derivation with an all-zeroes key should it be possible to somehow trigger PTK derivation to happen before PMK derivation. Signed-off-by: Jouni Malinen --- src/common/wpa_common.c | 5 +++++ src/rsn_supp/wpa.c | 7 ++++--- 2 files changed, 9 insertions(+), 3 deletions(-) --- a/src/common/wpa_common.c +++ b/src/common/wpa_common.c @@ -225,6 +225,11 @@ int wpa_pmk_to_ptk(const u8 *pmk, size_t u8 tmp[WPA_KCK_MAX_LEN + WPA_KEK_MAX_LEN + WPA_TK_MAX_LEN]; size_t ptk_len; + if (pmk_len == 0) { + wpa_printf(MSG_ERROR, "WPA: No PMK set for PT derivation"); + return -1; + } + if (os_memcmp(addr1, addr2, ETH_ALEN) < 0) { os_memcpy(data, addr1, ETH_ALEN); os_memcpy(data + ETH_ALEN, addr2, ETH_ALEN); --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -584,7 +584,8 @@ static void wpa_supplicant_process_1_of_ /* Calculate PTK which will be stored as a temporary PTK until it has * been verified when processing message 3/4. */ ptk = &sm->tptk; - wpa_derive_ptk(sm, src_addr, key, ptk); + if (wpa_derive_ptk(sm, src_addr, key, ptk) < 0) + goto failed; if (sm->pairwise_cipher == WPA_CIPHER_TKIP) { u8 buf[8]; /* Supplicant: swap tx/rx Mic keys */ @@ -2705,8 +2706,8 @@ void wpa_sm_set_pmk_from_pmksa(struct wp sm->pmk_len = sm->cur_pmksa->pmk_len; os_memcpy(sm->pmk, sm->cur_pmksa->pmk, sm->pmk_len); } else { - sm->pmk_len = PMK_LEN; - os_memset(sm->pmk, 0, PMK_LEN); + sm->pmk_len = 0; + os_memset(sm->pmk, 0, PMK_LEN_MAX); } }