Prevent reinstallation of an already in-use group key Track the current GTK and IGTK that is in use and when receiving a (possibly retransmitted) Group Message 1 or WNM-Sleep Mode Response, do not install the given key if it is already in use. This prevents an attacker from trying to trick the client into resetting or lowering the sequence counter associated to the group key. Change-Id: I5a315accb15ca5d2464acc3c370c66e07d57c7ea Merged-In: I5a315accb15ca5d2464acc3c370c66e07d57c7ea Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be> Signed-off-by: Glen Kuhne <kuh@google.com> Bug: 65245581 Test: WiFi integration tests Merged-In: I1273cf9ee58154b16512ef4284a8d2c5541d3c01

commit: 10bfd644d0adaf334c036f8cda91a73984dbb7b9 [log] [tgz]
author: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be> Wed Jul 12 16:03:24 2017 +0200
committer: Glen Kuhne <kuh@google.com> Mon Oct 16 09:50:25 2017 -0700
tree: 01d449b3a17cd20a603d24e4cec9b9e4ee5a6de4
parent: f7bcce468f1c1d8b2ba61744c305b29f46ce34e9 [diff] [blame]
diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
index a84cc9b..ebcfe94 100644
--- a/src/common/wpa_common.h
+++ b/src/common/wpa_common.h

@@ -213,6 +213,17 @@
 	size_t tk_len;
 };
 
+struct wpa_gtk {
+	u8 gtk[WPA_GTK_MAX_LEN];
+	size_t gtk_len;
+};
+
+#ifdef CONFIG_IEEE80211W
+struct wpa_igtk {
+	u8 igtk[WPA_IGTK_MAX_LEN];
+	size_t igtk_len;
+};
+#endif /* CONFIG_IEEE80211W */
 
 /* WPA IE version 1
  * 00-50-f2:1 (OUI:OUI type)
commit	10bfd644d0adaf334c036f8cda91a73984dbb7b9	[log] [tgz]
author	Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>	Wed Jul 12 16:03:24 2017 +0200
committer	Glen Kuhne <kuh@google.com>	Mon Oct 16 09:50:25 2017 -0700
tree	01d449b3a17cd20a603d24e4cec9b9e4ee5a6de4
parent	f7bcce468f1c1d8b2ba61744c305b29f46ce34e9 [diff] [blame]