Reject PMK-to-PTK derivation with unsupported cipher

There should be no wpa_pmk_to_ptk() calls with the cipher argument
indicating a cipher that is not allowed as a pairwise cipher. However,
it looks like that was possible to happen with wlantest. Check for this
corner case explicitly to avoid generating confusing debug logs.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/common/wpa_common.c b/src/common/wpa_common.c
index 4bab6b9c159a17f5f80f6ff53bdbba84cfef3a8e..853594ad9b716bd3278a823bc76d108cbe6d38b6 100644 (file)
--- a/src/common/wpa_common.c
+++ b/src/common/wpa_common.c
@@ -273,6 +273,12 @@ int wpa_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const char *label,
        ptk->kck_len = wpa_kck_len(akmp, pmk_len);
        ptk->kek_len = wpa_kek_len(akmp, pmk_len);
        ptk->tk_len = wpa_cipher_key_len(cipher);
+       if (ptk->tk_len == 0) {
+               wpa_printf(MSG_ERROR,
+                          "WPA: Unsupported cipher (0x%x) used in PTK derivation",
+                          cipher);
+               return -1;
+       }
        ptk_len = ptk->kck_len + ptk->kek_len + ptk->tk_len;
 
        if (wpa_key_mgmt_sha384(akmp)) {