diff --git a/src/handshake.c b/src/handshake.c
index 85968ade..14b9322e 100644
--- a/src/handshake.c
+++ b/src/handshake.c
@@ -445,6 +445,21 @@ bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid)
 					use_sha256);
 }
 
+void handshake_state_set_gtk(struct handshake_state *s, const uint8_t *key,
+				unsigned int key_index, const uint8_t *rsc)
+{
+	enum crypto_cipher cipher =
+		ie_rsn_cipher_suite_to_cipher(s->group_cipher);
+	int key_len = crypto_cipher_key_len(cipher);
+
+	if (!key_len)
+		return;
+
+	memcpy(s->gtk, key, key_len);
+	s->gtk_index = key_index;
+	memcpy(s->gtk_rsc, rsc, 6);
+}
+
 /*
  * This function performs a match of the RSN/WPA IE obtained from the scan
  * results vs the RSN/WPA IE obtained as part of the 4-way handshake.  If they
diff --git a/src/handshake.h b/src/handshake.h
index e7d4b213..6ad6889d 100644
--- a/src/handshake.h
+++ b/src/handshake.h
@@ -109,6 +109,9 @@ struct handshake_state {
 	uint8_t r0khid[48];
 	size_t r0khid_len;
 	uint8_t r1khid[6];
+	uint8_t gtk[32];
+	uint8_t gtk_rsc[6];
+	unsigned int gtk_index;
 	void *user_data;
 
 	void (*free)(struct handshake_state *s);
@@ -179,6 +182,9 @@ bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid);
 bool handshake_decode_fte_key(struct handshake_state *s, const uint8_t *wrapped,
 				size_t key_len, uint8_t *key_out);
 
+void handshake_state_set_gtk(struct handshake_state *s, const uint8_t *key,
+				unsigned int key_index, const uint8_t *rsc);
+
 bool handshake_util_ap_ie_matches(const uint8_t *msg_ie,
 					const uint8_t *scan_ie, bool is_wpa);