hostap/src/rsn_supp
Mathy Vanhoef 3e34cfdff6 WPA: Ignore unauthenticated encrypted EAPOL-Key data
Ignore unauthenticated encrypted EAPOL-Key data in supplicant
processing. When using WPA2, these are frames that have the Encrypted
flag set, but not the MIC flag.

When using WPA2, EAPOL-Key frames that had the Encrypted flag set but
not the MIC flag, had their data field decrypted without first verifying
the MIC. In case the data field was encrypted using RC4 (i.e., when
negotiating TKIP as the pairwise cipher), this meant that
unauthenticated but decrypted data would then be processed. An adversary
could abuse this as a decryption oracle to recover sensitive information
in the data field of EAPOL-Key messages (e.g., the group key).
(CVE-2018-14526)

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-08-08 16:51:35 +03:00
..
Makefile Remove all PeerKey functionality 2017-10-16 02:03:47 +03:00
pmksa_cache.c SAE: Only allow SAE AKMP for PMKSA caching attempts 2018-04-09 19:34:44 +03:00
pmksa_cache.h Fix wpa_supplicant build with CONFIG_NO_WPA 2018-04-13 11:43:57 +03:00
preauth.c SAE: Only allow SAE AKMP for PMKSA caching attempts 2018-04-09 19:34:44 +03:00
preauth.h Fix wpa_supplicant build with IEEE8021X_EAPOL=y and CONFIG_NO_WPA=y 2016-01-15 20:04:41 +02:00
tdls.c TDLS: Add testing capability to send TPK M2 twice 2017-11-21 00:48:52 +02:00
wpa.c WPA: Ignore unauthenticated encrypted EAPOL-Key data 2018-08-08 16:51:35 +03:00
wpa.h FT: Add MDE to assoc request IEs in connect params 2018-04-20 00:32:49 +03:00
wpa_ft.c FT: Support BIP-CMAC-256, BIP-GMAC-128, BIP-GMAC-256 in STA case 2018-06-05 21:50:36 +03:00
wpa_i.h FT: Support variable length keys 2018-06-05 19:29:52 +03:00
wpa_ie.c FT: SHA384-based AKM in RSNE processing 2018-06-05 01:11:41 +03:00
wpa_ie.h Remove all PeerKey functionality 2017-10-16 02:03:47 +03:00