hostapd: invalid MIC in msg 2/4 of 4-Way Handshake

Nazeer Khan Nazeer.Khan at nicta.com.au
Tue Mar 27 05:36:22 EDT 2007


Hi,

I am using hostapd/madwifi. I have made changes in driver_madwifi and
broken the hostapd code into two parts. The code_1 that interacts with
driver runs separately and the code_2 doing all the state machine things
run separately. Data is collected from driver using code_1 and send to
code_2 for processing. Similarly when code_2 wants to send any data to
STA, it sends it to code_1 and code_1 gives it to the driver. The data is
passed between code_1 and code_2 using UDP sockets.

I am using EAP-TLS. The station is successfully authenticated by RADIUS
server. But when code_2 enters "WPA_PTK entering state PTKSTART", it gives
error on the 2nd message of the 4 way handshake. Actually the MIC is
failing as clear from the debug message.

I wanted to ask why is this happening. I have verified that the data
code_2 is getting from code_1 is exactly the same which code_1 is getting
from the driver. I have put a hostapd_hexdump statement both in code_1 and
code_2 to verify that. I have not made any changes in the state machines
etc etc. Changes are in just "driver_madwifi.c".

One weired thing is that if i don't send data from code_1 to code_2, and
do the processing and all stuff in the same process, i don't get any MIC
error.

Can someone help me that why is MIC failing although the contents of the
MSG are not being changed.

This is not a single time it happened, it happens all the time. Also i
have tested it using both code_1 and code_2 running on the same machine
and on seperate machines too. But still same error.

Thank you

Nazeer


--------------------------------------------------------------------------
This email and any attachments may be confidential. They may contain legally
privileged information or copyright material. You should not read, copy,
use or disclose them without authorisation. If you are not an intended
recipient, please contact us at once by return email and then delete both
messages. We do not accept liability in connection with computer virus,
data corruption, delay, interruption, unauthorised access or unauthorised
amendment. This notice should not be removed.



More information about the HostAP mailing list