Do not send GNonce in EAPOL-Key group message 1/2

While the IEEE Std 802.11-2016 is still indicating that GNonce would be exchanged in EAPOL-Key messages (see, e.g., Figure 12-52 showing the Send EAPOL-Key operation in the REKEYNEGOTIATING state or the sample group key handshake in Figure 12-47), there are also examples of describing this field as having value zero (e.g., 12.7.7.2 Group key handshake message 1). GNonce is used only with the Authenticator and the Supplicant does not have any use for it, so it is better not to expose that internal value. Hardcode the Key Nonce field to 0 in EAPOL-Key group message 1/2. Signed-off-by: Jouni Malinen <j@w1.fi>
7 years ago · b0fb2be77a
parent 3bbc470502
commit b0fb2be77a
1 changed files with 1 additions and 1 deletions
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@ -3104,7 +3104,7 @@ SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING)
 		       (wpa_mic_len(sm->wpa_key_mgmt) ? WPA_KEY_INFO_MIC : 0) |
 		       WPA_KEY_INFO_ACK |
 		       (!sm->Pair ? WPA_KEY_INFO_INSTALL : 0),
-		       rsc, gsm->GNonce, kde, kde_len, gsm->GN, 1);
+		       rsc, NULL, kde, kde_len, gsm->GN, 1);

 	os_free(kde_buf);
 }