From 1f2f3f1c4a1a500e23886b1832b35140d692a8bd Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Tue, 28 Jun 2016 22:45:41 +0300 Subject: [PATCH] mesh: Indicate OPN_RJCT event if AES-SIV decrypt fails REVmc/D6.0 14.5.5.2.2 (Processing Mesh Peering Open frames for AMPE) mandates the OPN_RJCT event to be invoked if AES-SIV decryption for received Mesh Peering Open frame fails. This allows a Mesh Peering Close frame to be sent in such a case. Signed-off-by: Jouni Malinen --- wpa_supplicant/mesh_mpm.c | 24 +++++++++++++++++------- wpa_supplicant/mesh_rsn.c | 2 +- 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/wpa_supplicant/mesh_mpm.c b/wpa_supplicant/mesh_mpm.c index f445b6c..8afdc16 100644 --- a/wpa_supplicant/mesh_mpm.c +++ b/wpa_supplicant/mesh_mpm.c @@ -1144,13 +1144,23 @@ void mesh_mpm_action_rx(struct wpa_supplicant *wpa_s, if (!sta->my_lid) mesh_mpm_init_link(wpa_s, sta); - if ((mconf->security & MESH_CONF_SEC_AMPE) && - mesh_rsn_process_ampe(wpa_s, sta, &elems, - &mgmt->u.action.category, - peer_mgmt_ie.chosen_pmk, - ies, ie_len)) { - wpa_printf(MSG_DEBUG, "MPM: RSN process rejected frame"); - return; + if (mconf->security & MESH_CONF_SEC_AMPE) { + int res; + + res = mesh_rsn_process_ampe(wpa_s, sta, &elems, + &mgmt->u.action.category, + peer_mgmt_ie.chosen_pmk, + ies, ie_len); + if (res) { + wpa_printf(MSG_DEBUG, + "MPM: RSN process rejected frame (res=%d)", + res); + if (action_field == PLINK_OPEN && res == -2) { + /* AES-SIV decryption failed */ + mesh_mpm_fsm(wpa_s, sta, OPN_RJCT); + } + return; + } } if (sta->plink_state == PLINK_BLOCKED) { diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c index cc600e2..27ab8cb 100644 --- a/wpa_supplicant/mesh_rsn.c +++ b/wpa_supplicant/mesh_rsn.c @@ -653,7 +653,7 @@ int mesh_rsn_process_ampe(struct wpa_supplicant *wpa_s, struct sta_info *sta, if (aes_siv_decrypt(sta->aek, crypt, crypt_len, 3, aad, aad_len, ampe_buf)) { wpa_printf(MSG_ERROR, "Mesh RSN: frame verification failed!"); - ret = -1; + ret = -2; goto free; } -- 2.1.4