From: Jouni Malinen <quic_jouni@quicinc.com>
Date: Thu, 10 Aug 2023 18:17:40 +0000 (+0300)
Subject: Fix writing of BIGTK in FT protocol
X-Git-Tag: hostap_2_11~1059
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bf9cbb462fd9ecc028052dd7a7d572cea26e4447;p=thirdparty%2Fhostap.git

Fix writing of BIGTK in FT protocol

A copy-paste issue in wpa_ft_bigtk_subelem() ended up encoding the IGTK
value instead of the BIGTK when providing the current BIGTK to the STA
during FT protocol. Fix this to use the correct key to avoid issues when
beacon protection is used with FT.

Fixes: 16889aff408e ("Add BIGTK KDE and subelement similarly to IGTK")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
---

diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c
index 8b91b822c..8cd0cd231 100644
--- a/src/ap/wpa_auth_ft.c
+++ b/src/ap/wpa_auth_ft.c
@@ -2398,7 +2398,7 @@ static u8 * wpa_ft_bigtk_subelem(struct wpa_state_machine *sm, size_t *len)
 	wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_bigtk, pos);
 	pos += 6;
 	*pos++ = bigtk_len;
-	bigtk = gsm->IGTK[gsm->GN_bigtk - 6];
+	bigtk = gsm->BIGTK[gsm->GN_bigtk - 6];
 	if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) {
 		/*
 		 * Provide unique random BIGTK to each OSEN STA to prevent use