Mark RSN msg 1/2 key data debug dump as key material

This debug print can include GTK and IGTK, so use wpa_hexdump_key()
instead of wpa_hexdump() for it to avoid undesired exposure of keys in
debug log.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index a95c794acd855a22f61a77b72f3387a20abeb82c..1349873385dfcadcaa33bd3e475af8c0b51690ef 100644 (file)
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -1393,7 +1393,8 @@ static int wpa_supplicant_process_1_of_2_rsn(struct wpa_sm *sm,
        int maxkeylen;
        struct wpa_eapol_ie_parse ie;
 
-       wpa_hexdump(MSG_DEBUG, "RSN: msg 1/2 key data", keydata, keydatalen);
+       wpa_hexdump_key(MSG_DEBUG, "RSN: msg 1/2 key data",
+                       keydata, keydatalen);
        if (wpa_supplicant_parse_ies(keydata, keydatalen, &ie) < 0)
                return -1;
        if (ie.gtk && !(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) {