Commit e479ab65 authored by Jouni Malinen's avatar Jouni Malinen Committed by Johannes Berg

mac80211: Fix FILS AEAD protection in Association Request frame

Incorrect num_elem parameter value (1 vs. 5) was used in the
aes_siv_encrypt() call. This resulted in only the first one of the five
AAD vectors to SIV getting included in calculation. This does not
protect all the contents correctly and would not interoperate with a
standard compliant implementation.

Fix this by using the correct number. A matching fix is needed in the AP
side (hostapd) to get FILS authentication working properly.

Fixes: 39404fee ("mac80211: FILS AEAD protection for station mode association frames")
Reported-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: default avatarJouni Malinen <jouni@qca.qualcomm.com>
Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
parent 7892032c
...@@ -272,7 +272,7 @@ int fils_encrypt_assoc_req(struct sk_buff *skb, ...@@ -272,7 +272,7 @@ int fils_encrypt_assoc_req(struct sk_buff *skb,
crypt_len = skb->data + skb->len - encr; crypt_len = skb->data + skb->len - encr;
skb_put(skb, AES_BLOCK_SIZE); skb_put(skb, AES_BLOCK_SIZE);
return aes_siv_encrypt(assoc_data->fils_kek, assoc_data->fils_kek_len, return aes_siv_encrypt(assoc_data->fils_kek, assoc_data->fils_kek_len,
encr, crypt_len, 1, addr, len, encr); encr, crypt_len, 5, addr, len, encr);
} }
int fils_decrypt_assoc_resp(struct ieee80211_sub_if_data *sdata, int fils_decrypt_assoc_resp(struct ieee80211_sub_if_data *sdata,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment