Disabled initial EAPOL-Key retry on GTK lifetime mismatch

If supplicant notices that GTK has been removed by authenticator (i.e.
removed from GTK hash), before the expected expiry determined by GTK
lifetime, it initiates two way handshake to check the GTK status.
Since everything is up to date, it is not required that authenticator
reacts to initial EAPOL-Key message. Changed retry logic so that for
lifetime mismatch, supplicant sends EAPOL-Key message only once and
does not retry it.

Author: Mika Leppänen

source/6LoWPAN/ws/ws_pae_supp.c

@@ -274,8 +274,8 @@ int8_t ws_pae_supp_gtk_hash_update(protocol_interface_info_entry_t *interface_pt
     }
 
     // Check GTK hashes and initiate EAPOL procedure if mismatch is detected */
-    if (sec_prot_keys_gtks_hash_update(&pae_supp->gtks, gtkhash)) {
-
+    gtk_mismatch_e mismatch = sec_prot_keys_gtks_hash_update(&pae_supp->gtks, gtkhash);
+    if (mismatch > GTK_NO_MISMATCH) {
         tr_info("GTK hash update %s %s %s %s",
                 trace_array(&gtkhash[0], 8),
                 trace_array(&gtkhash[8], 8),
@@ -284,10 +284,16 @@ int8_t ws_pae_supp_gtk_hash_update(protocol_interface_info_entry_t *interface_pt
 
         // Mismatch, initiate EAPOL
         if (!pae_supp->auth_trickle_running) {
+            uint8_t timer_expirations = 3;
+            // For GTK lifetime mismatch send only once
+            if (mismatch == GTK_LIFETIME_MISMATCH) {
+                timer_expirations = 1;
+            }
+
             pae_supp->auth_trickle_params.Imin = pae_supp->timer_settings->gtk_request_imin;
             pae_supp->auth_trickle_params.Imax = pae_supp->timer_settings->gtk_request_imax;
             pae_supp->auth_trickle_params.k = 0;
-            pae_supp->auth_trickle_params.TimerExpirations = 3;
+            pae_supp->auth_trickle_params.TimerExpirations = timer_expirations;
 
             // Starts trickle
             trickle_start(&pae_supp->auth_trickle_timer, &pae_supp->auth_trickle_params);

source/Security/protocols/sec_prot_keys.c

@@ -552,11 +552,11 @@ void sec_prot_keys_gtks_hash_generate(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhas
     }
 }
 
-bool sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhash)
+gtk_mismatch_e sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhash)
 {
     uint8_t *gtk_hash_ptr = gtkhash;
 
-    bool mismatch = false;
+    gtk_mismatch_e mismatch = GTK_NO_MISMATCH;
 
     for (uint8_t i = 0; i < GTK_NUM; i++, gtk_hash_ptr += 8) {
         // If hash is not set, stop using the key
@@ -565,7 +565,9 @@ bool sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhash)
                 uint32_t lifetime = sec_prot_keys_gtk_lifetime_get(gtks, i);
                 if (lifetime > GTK_EXPIRE_MISMATCH_TIME) {
                     tr_info("GTK mismatch %i expired time, lifetime: %"PRIu32"", i, lifetime);
-                    mismatch = true;
+                    if (mismatch < GTK_LIFETIME_MISMATCH) {
+                        mismatch = GTK_LIFETIME_MISMATCH;
+                    }
                 }
                 sec_prot_keys_gtk_clear(gtks, i);
             }
@@ -576,7 +578,9 @@ bool sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhash)
             if (!gtk) {
                 // Hash set but GTK is not known, set mismatch
                 tr_info("GTK mismatch: %i", i);
-                mismatch = true;
+                if (mismatch < GTK_HASH_MISMATCH) {
+                    mismatch = GTK_HASH_MISMATCH;
+                }
                 continue;
             }
 
@@ -588,7 +592,9 @@ bool sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhash)
             } else {
                 // Hash does not match, set mismatch and delete key
                 tr_info("GTK mismatch: %i", i);
-                mismatch = true;
+                if (mismatch < GTK_HASH_MISMATCH) {
+                    mismatch = GTK_HASH_MISMATCH;
+                }
                 sec_prot_keys_gtk_clear(gtks, i);
             }
         }

source/Security/protocols/sec_prot_keys.h

@@ -91,6 +91,16 @@ typedef struct {
     bool                   ptk_mismatch: 1;           /**< Remote PTK mismatch reported */
 } sec_prot_keys_t;
 
+/*
+ * GTK mismatch types, list is ordered according to priority of mismatch i.e. if there
+ * are both hash and lifetime mismatch, hash has greater priority
+ */
+typedef enum {
+    GTK_NO_MISMATCH = 0,
+    GTK_LIFETIME_MISMATCH,
+    GTK_HASH_MISMATCH,
+} gtk_mismatch_e;
+
 /**
  * sec_prot_keys_create allocates memory for security keys
  *
@@ -607,10 +617,10 @@ void sec_prot_keys_gtks_hash_generate(sec_prot_gtk_keys_t *gtks, uint8_t *gtk_ha
  * \param gtks GTK keys
  * \param gtk_hash GTK hash
  *
- * \return GTK mismatch detected or or no mismatch
+ * \return GTK mismatch type or no mismatch
  *
  */
-bool sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtk_hash);
+gtk_mismatch_e sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhash);
 
 /**
  * sec_prot_keys_gtk_hash_empty checks if GTK hash field is empty