Disabled initial EAPOL-Key retry on GTK lifetime mismatch

If supplicant notices that GTK has been removed by authenticator (i.e. removed from GTK hash), before the expected expiry determined by GTK lifetime, it initiates two way handshake to check the GTK status. Since everything is up to date, it is not required that authenticator reacts to initial EAPOL-Key message. Changed retry logic so that for lifetime mismatch, supplicant sends EAPOL-Key message only once and does not retry it.
artokin · Mar 25, 2019 · 420c5be · 420c5be
1 parent 25ae74e
commit 420c5be
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 10 deletions.
diff --git a/source/6LoWPAN/ws/ws_pae_supp.c b/source/6LoWPAN/ws/ws_pae_supp.c
@@ -274,8 +274,8 @@ int8_t ws_pae_supp_gtk_hash_update(protocol_interface_info_entry_t *interface_pt
     }
 
     // Check GTK hashes and initiate EAPOL procedure if mismatch is detected */
-    if (sec_prot_keys_gtks_hash_update(&pae_supp->gtks, gtkhash)) {
-
+    gtk_mismatch_e mismatch = sec_prot_keys_gtks_hash_update(&pae_supp->gtks, gtkhash);
+    if (mismatch > GTK_NO_MISMATCH) {
         tr_info("GTK hash update %s %s %s %s",
                 trace_array(&gtkhash[0], 8),
                 trace_array(&gtkhash[8], 8),
@@ -284,10 +284,16 @@ int8_t ws_pae_supp_gtk_hash_update(protocol_interface_info_entry_t *interface_pt
 
         // Mismatch, initiate EAPOL
         if (!pae_supp->auth_trickle_running) {
+            uint8_t timer_expirations = 3;
+            // For GTK lifetime mismatch send only once
+            if (mismatch == GTK_LIFETIME_MISMATCH) {
+                timer_expirations = 1;
+            }
+
             pae_supp->auth_trickle_params.Imin = pae_supp->timer_settings->gtk_request_imin;
             pae_supp->auth_trickle_params.Imax = pae_supp->timer_settings->gtk_request_imax;
             pae_supp->auth_trickle_params.k = 0;
-            pae_supp->auth_trickle_params.TimerExpirations = 3;
+            pae_supp->auth_trickle_params.TimerExpirations = timer_expirations;
 
             // Starts trickle
             trickle_start(&pae_supp->auth_trickle_timer, &pae_supp->auth_trickle_params);

diff --git a/source/Security/protocols/sec_prot_keys.c b/source/Security/protocols/sec_prot_keys.c
@@ -552,11 +552,11 @@ void sec_prot_keys_gtks_hash_generate(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhas
     }
 }
 
-bool sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhash)
+gtk_mismatch_e sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhash)
 {
     uint8_t *gtk_hash_ptr = gtkhash;
 
-    bool mismatch = false;
+    gtk_mismatch_e mismatch = GTK_NO_MISMATCH;
 
     for (uint8_t i = 0; i < GTK_NUM; i++, gtk_hash_ptr += 8) {
         // If hash is not set, stop using the key
@@ -565,7 +565,9 @@ bool sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhash)
                 uint32_t lifetime = sec_prot_keys_gtk_lifetime_get(gtks, i);
                 if (lifetime > GTK_EXPIRE_MISMATCH_TIME) {
                     tr_info("GTK mismatch %i expired time, lifetime: %"PRIu32"", i, lifetime);
-                    mismatch = true;
+                    if (mismatch < GTK_LIFETIME_MISMATCH) {
+                        mismatch = GTK_LIFETIME_MISMATCH;
+                    }
                 }
                 sec_prot_keys_gtk_clear(gtks, i);
             }
@@ -576,7 +578,9 @@ bool sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhash)
             if (!gtk) {
                 // Hash set but GTK is not known, set mismatch
                 tr_info("GTK mismatch: %i", i);
-                mismatch = true;
+                if (mismatch < GTK_HASH_MISMATCH) {
+                    mismatch = GTK_HASH_MISMATCH;
+                }
                 continue;
             }
 
@@ -588,7 +592,9 @@ bool sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhash)
             } else {
                 // Hash does not match, set mismatch and delete key
                 tr_info("GTK mismatch: %i", i);
-                mismatch = true;
+                if (mismatch < GTK_HASH_MISMATCH) {
+                    mismatch = GTK_HASH_MISMATCH;
+                }
                 sec_prot_keys_gtk_clear(gtks, i);
             }
         }

diff --git a/source/Security/protocols/sec_prot_keys.h b/source/Security/protocols/sec_prot_keys.h
@@ -91,6 +91,16 @@ typedef struct {
     bool                   ptk_mismatch: 1;           /**< Remote PTK mismatch reported */
 } sec_prot_keys_t;
 
+/*
+ * GTK mismatch types, list is ordered according to priority of mismatch i.e. if there
+ * are both hash and lifetime mismatch, hash has greater priority
+ */
+typedef enum {
+    GTK_NO_MISMATCH = 0,
+    GTK_LIFETIME_MISMATCH,
+    GTK_HASH_MISMATCH,
+} gtk_mismatch_e;
+
 /**
  * sec_prot_keys_create allocates memory for security keys
  *
@@ -607,10 +617,10 @@ void sec_prot_keys_gtks_hash_generate(sec_prot_gtk_keys_t *gtks, uint8_t *gtk_ha
  * \param gtks GTK keys
  * \param gtk_hash GTK hash
  *
- * \return GTK mismatch detected or or no mismatch
+ * \return GTK mismatch type or no mismatch
  *
  */
-bool sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtk_hash);
+gtk_mismatch_e sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhash);
 
 /**
  * sec_prot_keys_gtk_hash_empty checks if GTK hash field is empty