Verify that EAPOL-Key MIC generation succeeds
This can now fail, e.g., if trying to use TKIP in FIPS mode.
This commit is contained in:
Jouni Malinen
parent
7a215dfc2b
commit
04b6b3ed51
2 changed files with 10 additions and 5 deletions
|
|
@ -50,10 +50,10 @@ int wpa_eapol_key_mic(const u8 *key, int ver, const u8 *buf, size_t len,
|
|||
|
||||
switch (ver) {
|
||||
case WPA_KEY_INFO_TYPE_HMAC_MD5_RC4:
|
||||
hmac_md5(key, 16, buf, len, mic);
|
||||
break;
|
||||
return hmac_md5(key, 16, buf, len, mic);
|
||||
case WPA_KEY_INFO_TYPE_HMAC_SHA1_AES:
|
||||
hmac_sha1(key, 16, buf, len, hash);
|
||||
if (hmac_sha1(key, 16, buf, len, hash))
|
||||
return -1;
|
||||
os_memcpy(mic, hash, MD5_MAC_LEN);
|
||||
break;
|
||||
#if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W)
|
||||
|
|
|
|||
|
|
@ -119,11 +119,16 @@ void wpa_eapol_key_send(struct wpa_sm *sm, const u8 *kck,
|
|||
MAC2STR(dest));
|
||||
}
|
||||
}
|
||||
if (key_mic)
|
||||
wpa_eapol_key_mic(kck, ver, msg, msg_len, key_mic);
|
||||
if (key_mic &&
|
||||
wpa_eapol_key_mic(kck, ver, msg, msg_len, key_mic)) {
|
||||
wpa_printf(MSG_ERROR, "WPA: Failed to generate EAPOL-Key "
|
||||
"version %d MIC", ver);
|
||||
goto out;
|
||||
}
|
||||
wpa_hexdump(MSG_MSGDUMP, "WPA: TX EAPOL-Key", msg, msg_len);
|
||||
wpa_sm_ether_send(sm, dest, proto, msg, msg_len);
|
||||
eapol_sm_notify_tx_eapol_key(sm->eapol);
|
||||
out:
|
||||
os_free(msg);
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue