From ad769b718b6e08eae0e2d4ceb13c963201aed41b Mon Sep 17 00:00:00 2001 From: James Prestwood Date: Mon, 10 Apr 2023 15:01:32 -0700 Subject: [PATCH] handshake: remove hardcoded kek_len for FTE decode The KEK length should be obtained with the getter to ensure the AKM is taken into account --- src/handshake.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/handshake.c b/src/handshake.c index 734e997c..cd9b3082 100644 --- a/src/handshake.c +++ b/src/handshake.c @@ -1004,7 +1004,7 @@ bool handshake_decode_fte_key(struct handshake_state *s, const uint8_t *wrapped, size_t key_len, uint8_t *key_out) { const uint8_t *kek; - size_t kek_len = 16; + size_t kek_len = handshake_state_get_kek_len(s); size_t padded_len = key_len < 16 ? 16 : align_len(key_len, 8); if (s->akm_suite & (IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256 |