From 0f76d8249c17da6b5166091697496aac9ef8ef85 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sat, 18 Jun 2016 14:21:48 +0300 Subject: [PATCH] mesh: Fix MTK derivation to use AKM suite selector mesh_rsn_derive_mtk() was hardcoded to use GCMP (even though CCMP was hardcoded elsewhere) cipher suite selector instead of the selected AKM suite selector. This resulted in incorrect MTK getting derived. Fix this by used the SAE AKM suite selector in the input to the KDF. Signed-off-by: Jouni Malinen --- wpa_supplicant/mesh_rsn.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c index c82c5396b..047fa0267 100644 --- a/wpa_supplicant/mesh_rsn.c +++ b/wpa_supplicant/mesh_rsn.c @@ -425,8 +425,8 @@ int mesh_rsn_derive_mtk(struct wpa_supplicant *wpa_s, struct sta_info *sta) os_memcpy(ptr + lid_len, &max_lid, lid_len); ptr += 2 * lid_len; - /* SAE */ - RSN_SELECTOR_PUT(ptr, wpa_cipher_to_suite(0, WPA_CIPHER_GCMP)); + /* Selected AKM Suite: SAE */ + RSN_SELECTOR_PUT(ptr, RSN_AUTH_KEY_MGMT_SAE); ptr += 4; if (os_memcmp(myaddr, peer, ETH_ALEN) < 0) {