From da8e10cc5fec16bba3121fb4bf701311041ca3b7 Mon Sep 17 00:00:00 2001
From: Denis Kenzior <denkenz@gmail.com>
Date: Wed, 24 Dec 2014 15:04:22 -0600
Subject: [PATCH] eapol: Verify key_descriptor_version

---
 src/eapol.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/eapol.c b/src/eapol.c
index 0876449d..1e998431 100644
--- a/src/eapol.c
+++ b/src/eapol.c
@@ -55,6 +55,15 @@ bool eapol_verify(const uint8_t *data, size_t len)
 		return false;
 	}
 
+	switch (ek->key_descriptor_version) {
+	case EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4:
+	case EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES:
+	case EAPOL_KEY_DESCRIPTOR_VERSION_AES_128_CMAC_AES:
+		break;
+	default:
+		return false;
+	}
+
 	key_data_len = L_BE16_TO_CPU(ek->key_data_len);
 	if (len < sizeof(struct eapol_key) + key_data_len)
 		return false;