GTKs are removed only when fresh GTK hash is received

Mika Leppänen · Mika Leppänen · commit ed9eb0503f43 · 2021-06-29T13:35:56.000+03:00
On some timing cases after bootstrap, nodes could remove GTK keys based
on previous GTK hash received (hash had been updated by BR but indication
had not reached all nodes yet). This is now corrected so that GTKs are
removed only when fresh GTK hash is received.
diff --git a/source/6LoWPAN/ws/ws_pae_controller.c b/source/6LoWPAN/ws/ws_pae_controller.c
@@ -51,7 +51,7 @@ typedef void ws_pae_timer(uint16_t ticks);
 typedef int8_t ws_pae_br_addr_write(protocol_interface_info_entry_t *interface_ptr, const uint8_t *eui_64);
 typedef int8_t ws_pae_br_addr_read(protocol_interface_info_entry_t *interface_ptr, uint8_t *eui_64);
 typedef void ws_pae_gtks_updated(protocol_interface_info_entry_t *interface_ptr);
-typedef int8_t ws_pae_gtk_hash_update(protocol_interface_info_entry_t *interface_ptr, uint8_t *gtkhash);
+typedef int8_t ws_pae_gtk_hash_update(protocol_interface_info_entry_t *interface_ptr, uint8_t *gtkhash, bool del_gtk_on_mismatch);
 typedef int8_t ws_pae_nw_key_index_update(protocol_interface_info_entry_t *interface_ptr, uint8_t index);
 typedef int8_t ws_pae_nw_info_set(protocol_interface_info_entry_t *interface_ptr, uint16_t pan_id, char *network_name, bool updated);
 
@@ -196,7 +196,7 @@ int8_t ws_pae_controller_bootstrap_done(protocol_interface_info_entry_t *interfa
 
     /* Trigger GTK hash update to supplicant, so it can check whether keys have been updated
        during bootstrap. Does nothing if GTKs are up to date. */
-    ws_pae_supp_gtk_hash_update(interface_ptr, controller->gtkhash);
+    ws_pae_supp_gtk_hash_update(interface_ptr, controller->gtkhash, false);
 #endif
 
     return 0;
@@ -1662,7 +1662,7 @@ int8_t ws_pae_controller_gtk_hash_update(protocol_interface_info_entry_t *interf
     memcpy(controller->gtkhash, gtkhash, 32);
 
     if (controller->pae_gtk_hash_update) {
-        return controller->pae_gtk_hash_update(interface_ptr, controller->gtkhash);
+        return controller->pae_gtk_hash_update(interface_ptr, controller->gtkhash, true);
     }
 
     return 0;
diff --git a/source/6LoWPAN/ws/ws_pae_supp.c b/source/6LoWPAN/ws/ws_pae_supp.c
@@ -294,7 +294,7 @@ static int8_t ws_pae_supp_gtk_hash_mismatch_check(pae_supp_t *pae_supp)
     }
 
     // Check GTK hashes and initiate EAPOL procedure if mismatch is detected */
-    gtk_mismatch_e mismatch = sec_prot_keys_gtks_hash_update(pae_supp->sec_keys_nw_info->gtks, gtkhash);
+    gtk_mismatch_e mismatch = sec_prot_keys_gtks_hash_update(pae_supp->sec_keys_nw_info->gtks, gtkhash, false);
     if (mismatch != GTK_NO_MISMATCH) {
         return -1;
     }
@@ -303,15 +303,15 @@ static int8_t ws_pae_supp_gtk_hash_mismatch_check(pae_supp_t *pae_supp)
     return 0;
 }
 
-int8_t ws_pae_supp_gtk_hash_update(protocol_interface_info_entry_t *interface_ptr, uint8_t *gtkhash)
+int8_t ws_pae_supp_gtk_hash_update(protocol_interface_info_entry_t *interface_ptr, uint8_t *gtkhash, bool del_gtk_on_mismatch)
 {
     pae_supp_t *pae_supp = ws_pae_supp_get(interface_ptr);
     if (!pae_supp) {
         return -1;
     }
 
     // Check GTK hashes and initiate EAPOL procedure if mismatch is detected */
-    gtk_mismatch_e mismatch = sec_prot_keys_gtks_hash_update(pae_supp->sec_keys_nw_info->gtks, gtkhash);
+    gtk_mismatch_e mismatch = sec_prot_keys_gtks_hash_update(pae_supp->sec_keys_nw_info->gtks, gtkhash, del_gtk_on_mismatch);
     if (mismatch > GTK_NO_MISMATCH) {
         tr_info("GTK hash update %s %s %s %s",
                 trace_array(&gtkhash[0], 8),
diff --git a/source/6LoWPAN/ws/ws_pae_supp.h b/source/6LoWPAN/ws/ws_pae_supp.h
@@ -130,12 +130,13 @@ int8_t ws_pae_supp_nw_key_valid(protocol_interface_info_entry_t *interface_ptr,
  *
  * \param interface_ptr interface
  * \param gtkhash GTK hash, 32 bytes
+ * \param del_gtk_on_mismatch Delete GTK in case of mismatch
  *
  * \return < 0 failure
  * \return >= 0 success
  *
  */
-int8_t ws_pae_supp_gtk_hash_update(protocol_interface_info_entry_t *interface_ptr, uint8_t *gtkhash);
+int8_t ws_pae_supp_gtk_hash_update(protocol_interface_info_entry_t *interface_ptr, uint8_t *gtkhash, bool del_gtk_on_mismatch);
 
 /**
  * ws_pae_supp_nw_key_index_update key index been updated (on PAN configuration)
diff --git a/source/Security/protocols/sec_prot_keys.c b/source/Security/protocols/sec_prot_keys.c
@@ -716,7 +716,7 @@ int8_t sec_prot_keys_gtk_valid_check(uint8_t *gtk)
     return 0;
 }
 
-gtk_mismatch_e sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhash)
+gtk_mismatch_e sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhash, bool del_gtk_on_mismatch)
 {
     uint8_t *gtk_hash_ptr = gtkhash;
 
@@ -729,11 +729,15 @@ gtk_mismatch_e sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t
                 uint32_t lifetime = sec_prot_keys_gtk_lifetime_get(gtks, i);
                 if (lifetime > GTK_EXPIRE_MISMATCH_TIME) {
                     tr_info("GTK mismatch %i expired time, lifetime: %"PRIu32"", i, lifetime);
-                    if (mismatch < GTK_LIFETIME_MISMATCH) {
+                    // Only indicate mismatch in case fresh hash is received
+                    if (mismatch < GTK_LIFETIME_MISMATCH && del_gtk_on_mismatch) {
                         mismatch = GTK_LIFETIME_MISMATCH;
                     }
                 }
-                sec_prot_keys_gtk_clear(gtks, i);
+                // Only delete in case fresh hash is received
+                if (del_gtk_on_mismatch) {
+                    sec_prot_keys_gtk_clear(gtks, i);
+                }
             }
         } else {
             // Check is hash matches to existing key
@@ -759,7 +763,10 @@ gtk_mismatch_e sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t
                 if (mismatch < GTK_HASH_MISMATCH) {
                     mismatch = GTK_HASH_MISMATCH;
                 }
-                sec_prot_keys_gtk_clear(gtks, i);
+                // Only delete in case fresh hash is received
+                if (del_gtk_on_mismatch) {
+                    sec_prot_keys_gtk_clear(gtks, i);
+                }
             }
         }
     }
diff --git a/source/Security/protocols/sec_prot_keys.h b/source/Security/protocols/sec_prot_keys.h
@@ -806,11 +806,12 @@ int8_t sec_prot_keys_gtk_valid_check(uint8_t *gtk);
  *
  * \param gtks GTK keys
  * \param gtk_hash GTK hash
+ * \param del_gtk_on_mismatch Delete GTK in case of mismatch
  *
  * \return GTK mismatch type or no mismatch
  *
  */
-gtk_mismatch_e sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhash);
+gtk_mismatch_e sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t *gtkhash, bool del_gtk_on_mismatch);
 
 /**
  * sec_prot_keys_gtk_hash_empty checks if GTK hash field is empty

Original file line number	Diff line number	Diff line change
`@@ -294,7 +294,7 @@ static int8_t ws_pae_supp_gtk_hash_mismatch_check(pae_supp_t *pae_supp)`
`294`	`294`	`}`
`295`	`295`
`296`	`296`	`// Check GTK hashes and initiate EAPOL procedure if mismatch is detected */`
`297`		`- gtk_mismatch_e mismatch = sec_prot_keys_gtks_hash_update(pae_supp->sec_keys_nw_info->gtks, gtkhash);`
	`297`	`+ gtk_mismatch_e mismatch = sec_prot_keys_gtks_hash_update(pae_supp->sec_keys_nw_info->gtks, gtkhash, false);`
`298`	`298`	`if (mismatch != GTK_NO_MISMATCH) {`
`299`	`299`	`return -1;`
`300`	`300`	`}`
`@@ -303,15 +303,15 @@ static int8_t ws_pae_supp_gtk_hash_mismatch_check(pae_supp_t *pae_supp)`
`303`	`303`	`return 0;`
`304`	`304`	`}`
`305`	`305`
`306`		`-int8_t ws_pae_supp_gtk_hash_update(protocol_interface_info_entry_t interface_ptr, uint8_t gtkhash)`
	`306`	`+int8_t ws_pae_supp_gtk_hash_update(protocol_interface_info_entry_t interface_ptr, uint8_t gtkhash, bool del_gtk_on_mismatch)`
`307`	`307`	`{`
`308`	`308`	`pae_supp_t *pae_supp = ws_pae_supp_get(interface_ptr);`
`309`	`309`	`if (!pae_supp) {`
`310`	`310`	`return -1;`
`311`	`311`	`}`
`312`	`312`
`313`	`313`	`// Check GTK hashes and initiate EAPOL procedure if mismatch is detected */`
`314`		`- gtk_mismatch_e mismatch = sec_prot_keys_gtks_hash_update(pae_supp->sec_keys_nw_info->gtks, gtkhash);`
	`314`	`+ gtk_mismatch_e mismatch = sec_prot_keys_gtks_hash_update(pae_supp->sec_keys_nw_info->gtks, gtkhash, del_gtk_on_mismatch);`
`315`	`315`	`if (mismatch > GTK_NO_MISMATCH) {`
`316`	`316`	`tr_info("GTK hash update %s %s %s %s",`
`317`	`317`	`trace_array(&gtkhash[0], 8),`
Original file line number	Diff line number	Diff line change
`@@ -130,12 +130,13 @@ int8_t ws_pae_supp_nw_key_valid(protocol_interface_info_entry_t *interface_ptr,`
`130`	`130`	`*`
`131`	`131`	`* \param interface_ptr interface`
`132`	`132`	`* \param gtkhash GTK hash, 32 bytes`
	`133`	`+ * \param del_gtk_on_mismatch Delete GTK in case of mismatch`
`133`	`134`	`*`
`134`	`135`	`* \return < 0 failure`
`135`	`136`	`* \return >= 0 success`
`136`	`137`	`*`
`137`	`138`	`*/`
`138`		`-int8_t ws_pae_supp_gtk_hash_update(protocol_interface_info_entry_t interface_ptr, uint8_t gtkhash);`
	`139`	`+int8_t ws_pae_supp_gtk_hash_update(protocol_interface_info_entry_t interface_ptr, uint8_t gtkhash, bool del_gtk_on_mismatch);`
`139`	`140`
`140`	`141`	`/**`
`141`	`142`	`* ws_pae_supp_nw_key_index_update key index been updated (on PAN configuration)`
Original file line number	Diff line number	Diff line change
`@@ -716,7 +716,7 @@ int8_t sec_prot_keys_gtk_valid_check(uint8_t *gtk)`
`716`	`716`	`return 0;`
`717`	`717`	`}`
`718`	`718`
`719`		`-gtk_mismatch_e sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t gtks, uint8_t gtkhash)`
	`719`	`+gtk_mismatch_e sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t gtks, uint8_t gtkhash, bool del_gtk_on_mismatch)`
`720`	`720`	`{`
`721`	`721`	`uint8_t *gtk_hash_ptr = gtkhash;`
`722`	`722`
`@@ -729,11 +729,15 @@ gtk_mismatch_e sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t`
`729`	`729`	`uint32_t lifetime = sec_prot_keys_gtk_lifetime_get(gtks, i);`
`730`	`730`	`if (lifetime > GTK_EXPIRE_MISMATCH_TIME) {`
`731`	`731`	`tr_info("GTK mismatch %i expired time, lifetime: %"PRIu32"", i, lifetime);`
`732`		`- if (mismatch < GTK_LIFETIME_MISMATCH) {`
	`732`	`+ // Only indicate mismatch in case fresh hash is received`
	`733`	`+ if (mismatch < GTK_LIFETIME_MISMATCH && del_gtk_on_mismatch) {`
`733`	`734`	`mismatch = GTK_LIFETIME_MISMATCH;`
`734`	`735`	`}`
`735`	`736`	`}`
`736`		`- sec_prot_keys_gtk_clear(gtks, i);`
	`737`	`+ // Only delete in case fresh hash is received`
	`738`	`+ if (del_gtk_on_mismatch) {`
	`739`	`+ sec_prot_keys_gtk_clear(gtks, i);`
	`740`	`+ }`
`737`	`741`	`}`
`738`	`742`	`} else {`
`739`	`743`	`// Check is hash matches to existing key`
`@@ -759,7 +763,10 @@ gtk_mismatch_e sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t *gtks, uint8_t`
`759`	`763`	`if (mismatch < GTK_HASH_MISMATCH) {`
`760`	`764`	`mismatch = GTK_HASH_MISMATCH;`
`761`	`765`	`}`
`762`		`- sec_prot_keys_gtk_clear(gtks, i);`
	`766`	`+ // Only delete in case fresh hash is received`
	`767`	`+ if (del_gtk_on_mismatch) {`
	`768`	`+ sec_prot_keys_gtk_clear(gtks, i);`
	`769`	`+ }`
`763`	`770`	`}`
`764`	`771`	`}`
`765`	`772`	`}`
Original file line number	Diff line number	Diff line change
`@@ -806,11 +806,12 @@ int8_t sec_prot_keys_gtk_valid_check(uint8_t *gtk);`
`806`	`806`	`*`
`807`	`807`	`* \param gtks GTK keys`
`808`	`808`	`* \param gtk_hash GTK hash`
	`809`	`+ * \param del_gtk_on_mismatch Delete GTK in case of mismatch`
`809`	`810`	`*`
`810`	`811`	`* \return GTK mismatch type or no mismatch`
`811`	`812`	`*`
`812`	`813`	`*/`
`813`		`-gtk_mismatch_e sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t gtks, uint8_t gtkhash);`
	`814`	`+gtk_mismatch_e sec_prot_keys_gtks_hash_update(sec_prot_gtk_keys_t gtks, uint8_t gtkhash, bool del_gtk_on_mismatch);`
`814`	`815`
`815`	`816`	`/**`
`816`	`817`	`* sec_prot_keys_gtk_hash_empty checks if GTK hash field is empty`