common: Allow WPA_CIPHER_GTK_NOT_USED as a valid group management cipher

PASN authentication requires that group management cipher suite
would be set to 00-0F-AC:7 in the RSNE, so consider it as a valid
group management cipher and adjust the code accordingly.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
This commit is contained in:
Ilan Peer 2020-12-16 13:00:16 +02:00 committed by Jouni Malinen
parent 2447212214
commit 019507e10e
2 changed files with 5 additions and 2 deletions

View file

@ -1216,7 +1216,8 @@ int wpa_cipher_valid_group(int cipher)
int wpa_cipher_valid_mgmt_group(int cipher)
{
return cipher == WPA_CIPHER_AES_128_CMAC ||
return cipher == WPA_CIPHER_GTK_NOT_USED ||
cipher == WPA_CIPHER_AES_128_CMAC ||
cipher == WPA_CIPHER_BIP_GMAC_128 ||
cipher == WPA_CIPHER_BIP_GMAC_256 ||
cipher == WPA_CIPHER_BIP_CMAC_256;

View file

@ -1306,7 +1306,8 @@ static int ieee80211w_set_keys(struct wpa_sm *sm,
{
size_t len;
if (!wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher))
if (!wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher) ||
sm->mgmt_group_cipher == WPA_CIPHER_GTK_NOT_USED)
return 0;
if (ie->igtk) {
@ -1665,6 +1666,7 @@ static void wpa_supplicant_process_3_of_4(struct wpa_sm *sm,
}
if (ie.igtk &&
sm->mgmt_group_cipher != WPA_CIPHER_GTK_NOT_USED &&
wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher) &&
ie.igtk_len != WPA_IGTK_KDE_PREFIX_LEN +
(unsigned int) wpa_cipher_key_len(sm->mgmt_group_cipher)) {