FT-SAE: Use PMK as XXKey in AP when SAE PMKSA caching is used

When connected using FT-SAE key mgmt, use PMK from PMKSA cache as XXKey
for PMK-R0 and PMK-R1 derivations. This fixes an issue where FT key
hierarchy could not be established due to missing (not yet configured)
XXKey when using SAE PMKSA caching for the initial mobility domain
association.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
vamsi krishna 2019-03-26 20:19:02 +05:30 committed by Jouni Malinen
parent bcf1900058
commit 6fe3f0f798

View file

@ -2060,6 +2060,10 @@ SM_STATE(WPA_PTK, INITPSK)
wpa_printf(MSG_DEBUG, "SAE: PMK from PMKSA cache"); wpa_printf(MSG_DEBUG, "SAE: PMK from PMKSA cache");
os_memcpy(sm->PMK, sm->pmksa->pmk, sm->pmksa->pmk_len); os_memcpy(sm->PMK, sm->pmksa->pmk, sm->pmksa->pmk_len);
sm->pmk_len = sm->pmksa->pmk_len; sm->pmk_len = sm->pmksa->pmk_len;
#ifdef CONFIG_IEEE80211R_AP
os_memcpy(sm->xxkey, sm->pmksa->pmk, sm->pmksa->pmk_len);
sm->xxkey_len = sm->pmksa->pmk_len;
#endif /* CONFIG_IEEE80211R_AP */
} }
#endif /* CONFIG_SAE */ #endif /* CONFIG_SAE */
sm->req_replay_counter_used = 0; sm->req_replay_counter_used = 0;