diff --git a/src/eapol.c b/src/eapol.c
index 4e626a6f..b3e2f7d9 100644
--- a/src/eapol.c
+++ b/src/eapol.c
@@ -253,6 +253,53 @@ const struct eapol_key *eapol_verify_ptk_3_of_4(const uint8_t *frame,
 	return ek;
 }
 
+const struct eapol_key *eapol_verify_ptk_4_of_4(const uint8_t *frame,
+						size_t len)
+{
+	const struct eapol_key *ek;
+	uint16_t key_len;
+
+	ek = eapol_key_validate(frame, len);
+	if (!ek)
+		return NULL;
+
+	/* Verify according to 802.11, Section 11.6.6.5 */
+	if (!ek->key_type)
+		return NULL;
+
+	if (ek->smk_message)
+		return NULL;
+
+	if (ek->key_ack)
+		return NULL;
+
+	if (!ek->key_mic)
+		return NULL;
+
+	if (!ek->secure)
+		return NULL;
+
+	if (ek->error)
+		return NULL;
+
+	if (ek->request)
+		return NULL;
+
+	if (ek->encrypted_key_data)
+		return NULL;
+
+	key_len = L_BE16_TO_CPU(ek->key_length);
+	if (key_len != 0)
+		return NULL;
+
+	VERIFY_IS_ZERO(ek->key_nonce);
+	VERIFY_IS_ZERO(ek->eapol_key_iv);
+	VERIFY_IS_ZERO(ek->key_rsc);
+	VERIFY_IS_ZERO(ek->reserved);
+
+	return ek;
+}
+
 static struct eapol_key *eapol_create_common(
 				enum eapol_protocol_version protocol,
 				enum eapol_key_descriptor_version version,
diff --git a/src/eapol.h b/src/eapol.h
index ff993ded..e1764d14 100644
--- a/src/eapol.h
+++ b/src/eapol.h
@@ -104,6 +104,8 @@ const struct eapol_key *eapol_verify_ptk_2_of_4(const uint8_t *frame,
 						size_t len);
 const struct eapol_key *eapol_verify_ptk_3_of_4(const uint8_t *frame,
 						size_t len);
+const struct eapol_key *eapol_verify_ptk_4_of_4(const uint8_t *frame,
+						size_t len);
 
 struct eapol_key *eapol_create_ptk_2_of_4(
 				enum eapol_protocol_version protocol,