Corrected EAPOL key reuse on supplicant bootstrap restart

Validates that there is PMK, PTK and a GTK entry.

Author: Mika Leppänen

source/6LoWPAN/ws/ws_pae_supp.c

@@ -469,9 +469,12 @@ static int8_t ws_pae_supp_nw_keys_valid_check(pae_supp_t *pae_supp, uint16_t pan
         return -1;
     }
 
-    /* Checks if keys matches to PAN ID, and call inserts function that will update the
-       network keys as needed */
-    if (pan_id == pae_supp->sec_keys_nw_info.key_pan_id) {
+    /* Checks if keys match to PAN ID and that needed keys exists (PMK, PTK and a GTK),
+       and calls inserts function that will update the network keys as needed */
+    if ((pan_id == pae_supp->sec_keys_nw_info.key_pan_id) &&
+            (sec_prot_keys_gtk_count(pae_supp->sec_keys_nw_info.gtks) > 0) &&
+            (sec_prot_keys_pmk_get(&pae_supp->entry.sec_keys) != NULL) &&
+            (sec_prot_keys_ptk_get(&pae_supp->entry.sec_keys) != NULL)) {
         tr_debug("Existing keys used, counter %i", pae_supp->nw_keys_used_cnt);
         if (pae_supp->nw_key_insert(pae_supp->interface_ptr, pae_supp->sec_keys_nw_info.gtks) >= 0) {
             tr_debug("Keys inserted");

source/Security/protocols/sec_prot_keys.c

@@ -765,4 +765,17 @@ int8_t sec_prot_keys_gtk_install_index_get(sec_prot_gtk_keys_t *gtks)
     return install_index;
 }
 
+uint8_t sec_prot_keys_gtk_count(sec_prot_gtk_keys_t *gtks)
+{
+    uint8_t count = 0;
+
+    for (uint8_t i = 0; i < GTK_NUM; i++) {
+        if (sec_prot_keys_gtk_is_set(gtks, i)) {
+            count++;
+        }
+    }
+
+    return count;
+}
+
 #endif /* HAVE_WS */

source/Security/protocols/sec_prot_keys.h

@@ -721,4 +721,14 @@ void sec_prot_keys_gtk_install_order_update(sec_prot_gtk_keys_t *gtks);
  */
 int8_t sec_prot_keys_gtk_install_index_get(sec_prot_gtk_keys_t *gtks);
 
+/**
+ * sec_prot_keys_gtk_count counts GTK keys
+ *
+ * \param gtks GTK keys
+ *
+ * \return count of keys, 0 for no keys
+ *
+ */
+uint8_t sec_prot_keys_gtk_count(sec_prot_gtk_keys_t *gtks);
+
 #endif /* SEC_PROT_KEYS_H_ */