Clear pmk_len more consistently for extra protection

This gives more protection against unexpected behavior if RSN supplicant
code ends up trying to use sm->pmk[] with a stale value. Couple of the
code paths did not clear sm->pmk_len explicitly in cases where the old
PMK is being removed, so cover those cases as well to make sure these
will result in PMK-to-PTK derivation failures rather than use of
incorrect PMK value if such a code path could be reached somehow.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/common/wpa_common.c b/src/common/wpa_common.c
index 71f2968d5580d7dcb9ab1d2f1547fc44cd5380d4..53153b060eaab59cfc2b69ed056f7dc8391e210f 100644 (file)
--- a/src/common/wpa_common.c
+++ b/src/common/wpa_common.c
@@ -486,6 +486,8 @@ int fils_rmsk_to_pmk(int akmp, const u8 *rmsk, size_t rmsk_len,
                                         addr, len, pmk);
        if (res == 0)
                wpa_hexdump_key(MSG_DEBUG, "FILS: PMK", pmk, *pmk_len);
+       else
+               *pmk_len = 0;
        return res;
 }
 

diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 0e1ab900a9caa2f69799a01e3645653c0d1a949c..f84d7d01c0c03cfb6cb480d1f40234fdec68469a 100644 (file)
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -2416,6 +2416,7 @@ static void wpa_sm_pmksa_free_cb(struct rsn_pmksa_cache_entry *entry,
        }
 
        if (deauth) {
+               sm->pmk_len = 0;
                os_memset(sm->pmk, 0, sizeof(sm->pmk));
                wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED);
        }
@@ -3138,6 +3139,7 @@ void wpa_sm_drop_sa(struct wpa_sm *sm)
        wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Clear old PMK and PTK");
        sm->ptk_set = 0;
        sm->tptk_set = 0;
+       sm->pmk_len = 0;
        os_memset(sm->pmk, 0, sizeof(sm->pmk));
        os_memset(&sm->ptk, 0, sizeof(sm->ptk));
        os_memset(&sm->tptk, 0, sizeof(sm->tptk));
@@ -4369,8 +4371,10 @@ int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *bssid,
                res = hmac_sha512_kdf(prk, hash_len, NULL, (const u8 *) info,
                                      os_strlen(info), sm->pmk, hash_len);
        os_memset(prk, 0, SHA512_MAC_LEN);
-       if (res < 0)
+       if (res < 0) {
+               sm->pmk_len = 0;
                return -1;
+       }
        sm->pmk_len = hash_len;
 
        wpa_hexdump_key(MSG_DEBUG, "OWE: PMK", sm->pmk, sm->pmk_len);