From: vamsi krishna <vamsin@codeaurora.org>
Date: Tue, 26 Mar 2019 14:49:02 +0000 (+0530)
Subject: FT-SAE: Use PMK as XXKey in AP when SAE PMKSA caching is used
X-Git-Tag: hostap_2_8~156
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6fe3f0f7982ba9a853d48fb6b5ec475f0cfc50e7;p=thirdparty%2Fhostap.git

FT-SAE: Use PMK as XXKey in AP when SAE PMKSA caching is used

When connected using FT-SAE key mgmt, use PMK from PMKSA cache as XXKey
for PMK-R0 and PMK-R1 derivations. This fixes an issue where FT key
hierarchy could not be established due to missing (not yet configured)
XXKey when using SAE PMKSA caching for the initial mobility domain
association.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
---

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 078106877..616b20592 100644
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -2060,6 +2060,10 @@ SM_STATE(WPA_PTK, INITPSK)
 		wpa_printf(MSG_DEBUG, "SAE: PMK from PMKSA cache");
 		os_memcpy(sm->PMK, sm->pmksa->pmk, sm->pmksa->pmk_len);
 		sm->pmk_len = sm->pmksa->pmk_len;
+#ifdef CONFIG_IEEE80211R_AP
+		os_memcpy(sm->xxkey, sm->pmksa->pmk, sm->pmksa->pmk_len);
+		sm->xxkey_len = sm->pmksa->pmk_len;
+#endif /* CONFIG_IEEE80211R_AP */
 	}
 #endif /* CONFIG_SAE */
 	sm->req_replay_counter_used = 0;