From b54c9ff9ce9b15abcaa48bf0f01a9c1b3bb1d98d Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Fri, 24 May 2013 16:03:54 +0300 Subject: [PATCH] FT: Fix TKIP group key configuration in FT protocol The Michael MIC TX and RX keys needs to be swapped in the FT case just like in all other TKIP key configuration cases. This fixes issues where TKIP as group cipher resulted in Michael MIC failures being detected for each received group-addressed frame after FT protocol use. Signed-hostap: Jouni Malinen --- src/rsn_supp/wpa_ft.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c index 6b7fa91be..3a40c96f2 100644 --- a/src/rsn_supp/wpa_ft.c +++ b/src/rsn_supp/wpa_ft.c @@ -596,6 +596,13 @@ static int wpa_ft_process_gtk_subelem(struct wpa_sm *sm, const u8 *gtk_elem, } wpa_hexdump_key(MSG_DEBUG, "FT: GTK from Reassoc Resp", gtk, keylen); + if (sm->group_cipher == WPA_CIPHER_TKIP) { + /* Swap Tx/Rx keys for Michael MIC */ + u8 tmp[8]; + os_memcpy(tmp, gtk + 16, 8); + os_memcpy(gtk + 16, gtk + 24, 8); + os_memcpy(gtk + 24, tmp, 8); + } if (wpa_sm_set_key(sm, alg, broadcast_ether_addr, keyidx, 0, gtk_elem + 3, rsc_len, gtk, keylen) < 0) { wpa_printf(MSG_WARNING, "WPA: Failed to set GTK to the "