diff --git a/src/eapol.c b/src/eapol.c
index e76d0152..a1e4baac 100644
--- a/src/eapol.c
+++ b/src/eapol.c
@@ -1144,9 +1144,13 @@ static void eapol_handle_ptk_3_of_4(uint32_t ifindex,
 	if (install_tk)
 		install_tk(sm->ifindex, sm->aa, ptk->tk, rsne, sm->user_data);
 
-	if (gtk && install_gtk)
+	if (gtk && install_gtk) {
+		uint32_t cipher =
+			ie_rsn_cipher_suite_to_cipher(sm->group_cipher);
+
 		install_gtk(sm->ifindex, gtk_key_index, gtk, gtk_len,
-				ek->key_rsc, 6, rsne, sm->user_data);
+				ek->key_rsc, 6, cipher, sm->user_data);
+	}
 
 fail:
 	l_free(step4);
@@ -1211,9 +1215,13 @@ static void eapol_handle_gtk_1_of_2(uint32_t ifindex,
 	memcpy(step2->key_mic_data, mic, sizeof(mic));
 	tx_packet(ifindex, sm->aa, sm->spa, step2, user_data);
 
-	if (install_gtk)
+	if (install_gtk) {
+		uint32_t cipher =
+			ie_rsn_cipher_suite_to_cipher(sm->group_cipher);
+
 		install_gtk(sm->ifindex, gtk_key_index, gtk, gtk_len,
-				ek->key_rsc, 6, sm->ap_ie, sm->user_data);
+				ek->key_rsc, 6, cipher, sm->user_data);
+	}
 
 done:
 	l_free(step2);
diff --git a/src/eapol.h b/src/eapol.h
index 62f0a1d9..6d71a7de 100644
--- a/src/eapol.h
+++ b/src/eapol.h
@@ -105,7 +105,7 @@ typedef void (*eapol_install_tk_func_t)(uint32_t ifindex, const uint8_t *aa,
 typedef void (*eapol_install_gtk_func_t)(uint32_t ifindex, uint8_t key_index,
 					const uint8_t *gtk, uint8_t gtk_len,
 					const uint8_t *rsc, uint8_t rsc_len,
-					const uint8_t *rsn, void *user_data);
+					uint32_t cipher, void *user_data);
 typedef void (*eapol_deauthenticate_func_t)(uint32_t ifindex, const uint8_t *aa,
 						const uint8_t *spa,
 						uint16_t reason_code,
diff --git a/src/wiphy.c b/src/wiphy.c
index c142efbd..f53f876e 100644
--- a/src/wiphy.c
+++ b/src/wiphy.c
@@ -1143,36 +1143,18 @@ static unsigned int mlme_new_group_key(struct netdev *netdev,
 static void wiphy_set_gtk(uint32_t ifindex, uint8_t key_index,
 				const uint8_t *gtk, uint8_t gtk_len,
 				const uint8_t *rsc, uint8_t rsc_len,
-				const uint8_t *rsn, void *user_data)
+				uint32_t cipher, void *user_data)
 {
 	struct netdev *netdev = user_data;
-	struct ie_rsn_info info;
-	enum crypto_cipher cipher;
-	int result;
 	uint8_t gtk_buf[32];
 
 	l_debug("");
 
-	if (rsn[0] == IE_TYPE_RSN)
-		result = ie_parse_rsne_from_data(rsn, rsn[1] + 2, &info);
-	else if (rsn[0] == IE_TYPE_VENDOR_SPECIFIC)
-		result = ie_parse_wpa_from_data(rsn, rsn[1] + 2, &info);
-	else
-		result = -1;
-
-	if (result) {
-		l_error("Can't parse the RSN");
-		setting_keys_failed(netdev, MPDU_REASON_CODE_INVALID_IE);
-		return;
-	}
-
-	switch (info.group_cipher) {
-	case IE_RSN_CIPHER_SUITE_CCMP:
-		cipher = CRYPTO_CIPHER_CCMP;
+	switch (cipher) {
+	case CRYPTO_CIPHER_CCMP:
 		memcpy(gtk_buf, gtk, 16);
 		break;
-	case IE_RSN_CIPHER_SUITE_TKIP:
-		cipher = CRYPTO_CIPHER_TKIP;
+	case CRYPTO_CIPHER_TKIP:
 		/*
 		 * Swap the TX and RX MIC key portions for supplicant.
 		 * WPA_80211_v3_1_090922 doc's 3.3.4:
@@ -1191,7 +1173,7 @@ static void wiphy_set_gtk(uint32_t ifindex, uint8_t key_index,
 		memcpy(gtk_buf + 24, gtk + 16, 8);
 		break;
 	default:
-		l_error("Unexpected cipher suite: %d", info.group_cipher);
+		l_error("Unexpected cipher: %x", cipher);
 		setting_keys_failed(netdev,
 					MPDU_REASON_CODE_INVALID_GROUP_CIPHER);
 		return;