iPXE
Functions | Variables
wpa.c File Reference

Handler for the aspects of WPA handshaking that are independent of 802.1X/PSK or TKIP/CCMP; this mostly involves the 4-Way Handshake. More...

#include <ipxe/net80211.h>
#include <ipxe/sec80211.h>
#include <ipxe/wpa.h>
#include <ipxe/eapol.h>
#include <ipxe/crypto.h>
#include <ipxe/arc4.h>
#include <ipxe/crc32.h>
#include <ipxe/sha1.h>
#include <ipxe/hmac.h>
#include <ipxe/list.h>
#include <ipxe/ethernet.h>
#include <ipxe/rbg.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <byteswap.h>

Go to the source code of this file.

Functions

 FILE_LICENCE (GPL2_OR_LATER)
 
static int wpa_fail (struct wpa_common_ctx *ctx, int rc)
 Return an error code and deauthenticate. More...
 
static struct net80211_cryptowpa_find_cryptosystem (enum net80211_crypto_alg crypt)
 Find a cryptosystem handler structure from a crypto ID. More...
 
struct wpa_kiewpa_find_kie (int version)
 Find WPA key integrity and encryption handler from key version field. More...
 
int wpa_make_rsn_ie (struct net80211_device *dev, union ieee80211_ie **ie_ret)
 Construct RSN or WPA information element. More...
 
int wpa_start (struct net80211_device *dev, struct wpa_common_ctx *ctx, const void *pmk, size_t pmk_len)
 Set up generic WPA support to handle 4-Way Handshake. More...
 
void wpa_stop (struct net80211_device *dev)
 Disable handling of received WPA handshake frames. More...
 
static void wpa_derive_ptk (struct wpa_common_ctx *ctx)
 Derive pairwise transient key. More...
 
static int wpa_install_ptk (struct wpa_common_ctx *ctx, int len)
 Install pairwise transient key. More...
 
static int wpa_install_gtk (struct wpa_common_ctx *ctx, int len, const void *rsc)
 Install group transient key. More...
 
static int wpa_maybe_install_gtk (struct wpa_common_ctx *ctx, union ieee80211_ie *ie, void *ie_end, const void *rsc)
 Search for group transient key, and install it if found. More...
 
static struct io_bufferwpa_alloc_frame (int kdlen)
 Allocate I/O buffer for construction of outgoing EAPOL-Key frame. More...
 
static int wpa_send_eapol (struct io_buffer *iob, struct wpa_common_ctx *ctx, struct wpa_kie *kie)
 Send EAPOL-Key packet. More...
 
static int wpa_send_2_of_4 (struct wpa_common_ctx *ctx, struct eapol_key_pkt *pkt, int is_rsn, struct wpa_kie *kie)
 Send second frame in 4-Way Handshake. More...
 
static int wpa_handle_1_of_4 (struct wpa_common_ctx *ctx, struct eapol_key_pkt *pkt, int is_rsn, struct wpa_kie *kie)
 Handle receipt of first frame in 4-Way Handshake. More...
 
static int wpa_send_final (struct wpa_common_ctx *ctx, struct eapol_key_pkt *pkt, int is_rsn, struct wpa_kie *kie)
 Send fourth frame in 4-Way Handshake, or second in Group Key Handshake. More...
 
static int wpa_handle_3_of_4 (struct wpa_common_ctx *ctx, struct eapol_key_pkt *pkt, int is_rsn, struct wpa_kie *kie)
 Handle receipt of third frame in 4-Way Handshake. More...
 
static int wpa_handle_1_of_2 (struct wpa_common_ctx *ctx, struct eapol_key_pkt *pkt, int is_rsn, struct wpa_kie *kie)
 Handle receipt of first frame in Group Key Handshake. More...
 
static int eapol_key_rx (struct eapol_supplicant *supplicant, struct io_buffer *iob, const void *ll_source)
 Handle receipt of EAPOL-Key frame for WPA. More...
 
 REQUIRING_SYMBOL (eapol_key_handler)
 
 REQUIRE_OBJECT (eapol)
 

Variables

struct list_head wpa_contexts = LIST_HEAD_INIT ( wpa_contexts )
 List of WPA contexts in active use. More...
 
struct eapol_handler eapol_key_handler __eapol_handler
 

Detailed Description

Handler for the aspects of WPA handshaking that are independent of 802.1X/PSK or TKIP/CCMP; this mostly involves the 4-Way Handshake.

Definition in file wpa.c.

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER  )

◆ wpa_fail()

static int wpa_fail ( struct wpa_common_ctx ctx,
int  rc 
)
static

Return an error code and deauthenticate.

Parameters
ctxWPA common context
rcReturn status code
Return values
rcThe passed return status code

Definition at line 56 of file wpa.c.

57 {
58  net80211_deauthenticate ( ctx->dev, rc );
59  return rc;
60 }
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
net80211_deauthenticate
void net80211_deauthenticate(struct net80211_device *dev, int rc)
Deauthenticate from current network and try again.
Definition: net80211.c:2390
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28

References ctx, net80211_deauthenticate(), and rc.

Referenced by eapol_key_rx(), wpa_handle_1_of_2(), and wpa_handle_3_of_4().

◆ wpa_find_cryptosystem()

static struct net80211_crypto* wpa_find_cryptosystem ( enum net80211_crypto_alg  crypt)
static

Find a cryptosystem handler structure from a crypto ID.

Parameters
cryptCryptosystem ID
Return values
cryptoCryptosystem handler structure

If support for crypt is not compiled in to iPXE, or if crypt is NET80211_CRYPT_UNKNOWN, returns NULL.

Definition at line 73 of file wpa.c.

74 {
75  struct net80211_crypto *crypto;
76 
77  for_each_table_entry ( crypto, NET80211_CRYPTOS ) {
78  if ( crypto->algorithm == crypt )
79  return crypto;
80  }
81 
82  return NULL;
83 }
net80211_crypto::algorithm
enum net80211_crypto_alg algorithm
The cryptographic algorithm implemented.
Definition: net80211.h:692
NET80211_CRYPTOS
#define NET80211_CRYPTOS
Definition: net80211.h:769
for_each_table_entry
#define for_each_table_entry(pointer, table)
Iterate through all entries within a linker table.
Definition: tables.h:385
net80211_crypto
Interface to an 802.11 cryptosystem.
Definition: net80211.h:689
NULL
#define NULL
NULL pointer (VOID *)
Definition: Base.h:321

References net80211_crypto::algorithm, for_each_table_entry, NET80211_CRYPTOS, and NULL.

Referenced by wpa_make_rsn_ie().

◆ wpa_find_kie()

struct wpa_kie* wpa_find_kie ( int  version)

Find WPA key integrity and encryption handler from key version field.

Parameters
verVersion bits of EAPOL-Key info field
Return values
kieKey integrity and encryption handler

Definition at line 92 of file wpa.c.

93 {
94  struct wpa_kie *kie;
95 
96  for_each_table_entry ( kie, WPA_KIES ) {
97  if ( kie->version == version )
98  return kie;
99  }
100 
101  return NULL;
102 }
wpa_kie
WPA handshake key integrity and encryption handler.
Definition: wpa.h:371
wpa_kie::version
int version
Value of version bits in EAPOL-Key info field for which to use.
Definition: wpa.h:376
WPA_KIES
#define WPA_KIES
Definition: wpa.h:407
for_each_table_entry
#define for_each_table_entry(pointer, table)
Iterate through all entries within a linker table.
Definition: tables.h:385
version
u32 version
Driver version.
Definition: ath9k_hw.c:1983
NULL
#define NULL
NULL pointer (VOID *)
Definition: Base.h:321

References for_each_table_entry, NULL, wpa_kie::version, version, and WPA_KIES.

Referenced by eapol_key_rx().

◆ wpa_make_rsn_ie()

int wpa_make_rsn_ie ( struct net80211_device dev,
union ieee80211_ie **  ie_ret 
)

Construct RSN or WPA information element.

Parameters
dev802.11 device
Return values
ie_retRSN or WPA information element
rcReturn status code

This function allocates, fills, and returns a RSN or WPA information element suitable for including in an association request frame to the network identified by dev->associating. If it is impossible to construct an information element consistent with iPXE's capabilities that is compatible with that network, or if none should be sent because that network's beacon included no security information, returns an error indication and leaves ie_ret unchanged.

The returned IE will be of the same type (RSN or WPA) as was included in the beacon for the network it is destined for.

Definition at line 124 of file wpa.c.

125 {
126  u8 *rsn, *rsn_end;
127  int is_rsn;
128  u32 group_cipher;
129  enum net80211_crypto_alg gcrypt;
130  int ie_len;
131  u8 *iep;
132  struct ieee80211_ie_rsn *ie;
133  struct ieee80211_frame *hdr;
134  struct ieee80211_beacon *beacon;
135 
136  if ( ! dev->associating ) {
137  DBG ( "WPA: Can't make RSN IE for a non-associating device\n" );
138  return -EINVAL;
139  }
140 
141  hdr = dev->associating->beacon->data;
142  beacon = ( struct ieee80211_beacon * ) hdr->data;
143  rsn = sec80211_find_rsn ( beacon->info_element,
144  dev->associating->beacon->tail, &is_rsn,
145  &rsn_end );
146  if ( ! rsn ) {
147  DBG ( "WPA: Can't make RSN IE when we didn't get one\n" );
148  return -EINVAL;
149  }
150 
151  rsn += 2; /* skip version */
152  group_cipher = *( u32 * ) rsn;
153  gcrypt = sec80211_rsn_get_net80211_crypt ( group_cipher );
154 
155  if ( ! wpa_find_cryptosystem ( gcrypt ) ||
156  ! wpa_find_cryptosystem ( dev->associating->crypto ) ) {
157  DBG ( "WPA: No support for (GC:%d, PC:%d)\n",
158  gcrypt, dev->associating->crypto );
159  return -ENOTSUP;
160  }
161 
162  /* Everything looks good - make our IE. */
163 
164  /* WPA IEs need 4 more bytes for the OUI+type */
165  ie_len = ieee80211_rsn_size ( 1, 1, 0, is_rsn ) + ( 4 * ! is_rsn );
166  iep = malloc ( ie_len );
167  if ( ! iep )
168  return -ENOMEM;
169 
170  *ie_ret = ( union ieee80211_ie * ) iep;
171 
172  /* Store ID and length bytes. */
173  *iep++ = ( is_rsn ? IEEE80211_IE_RSN : IEEE80211_IE_VENDOR );
174  *iep++ = ie_len - 2;
175 
176  /* Store OUI+type for WPA IEs. */
177  if ( ! is_rsn ) {
178  *( u32 * ) iep = IEEE80211_WPA_OUI_VEN;
179  iep += 4;
180  }
181 
182  /* If this is a WPA IE, the id and len bytes in the
183  ieee80211_ie_rsn structure will not be valid, but by doing
184  the cast we can fill all the other fields much more
185  readily. */
186 
187  ie = ( struct ieee80211_ie_rsn * ) ( iep - 2 );
188  ie->version = IEEE80211_RSN_VERSION;
189  ie->group_cipher = group_cipher;
190  ie->pairwise_count = 1;
191  ie->pairwise_cipher[0] =
192  sec80211_rsn_get_crypto_desc ( dev->associating->crypto,
193  is_rsn );
194  ie->akm_count = 1;
195  ie->akm_list[0] =
196  sec80211_rsn_get_akm_desc ( dev->associating->handshaking,
197  is_rsn );
198  if ( is_rsn ) {
199  ie->rsn_capab = 0;
200  ie->pmkid_count = 0;
201  }
202 
203  return 0;
204 }
ieee80211_ie_rsn::akm_list
u32 akm_list[1]
List of authentication type IDs for supported types.
Definition: ieee80211.h:821
EINVAL
#define EINVAL
Invalid argument.
Definition: errno.h:428
net80211_wlan::crypto
enum net80211_crypto_alg crypto
Cryptographic algorithm used on the network.
Definition: net80211.h:1087
wpa_find_cryptosystem
static struct net80211_crypto * wpa_find_cryptosystem(enum net80211_crypto_alg crypt)
Find a cryptosystem handler structure from a crypto ID.
Definition: wpa.c:73
ieee80211_ie_rsn::version
u16 version
RSN information element version.
Definition: ieee80211.h:806
hdr
struct golan_inbox_hdr hdr
Message header.
Definition: CIB_PRM.h:28
ieee80211_ie_rsn::rsn_capab
u16 rsn_capab
Security capabilities field (RSN only)
Definition: ieee80211.h:824
net80211_wlan::handshaking
enum net80211_security_proto handshaking
Security handshaking method used on the network.
Definition: net80211.h:1084
ieee80211_frame
An 802.11 data or management frame without QoS or WDS header fields.
Definition: ieee80211.h:300
ENOTSUP
#define ENOTSUP
Operation not supported.
Definition: errno.h:589
ieee80211_ie_rsn::pmkid_count
u16 pmkid_count
Number of PMKIDs included (present only in association frames)
Definition: ieee80211.h:827
io_buffer::tail
void * tail
End of data.
Definition: iobuf.h:50
ENOMEM
#define ENOMEM
Not enough space.
Definition: errno.h:534
ieee80211_rsn_size
static size_t ieee80211_rsn_size(int npair, int nauth, int npmkid, int rsn_ie)
Calculate necessary size of RSN information element.
Definition: ieee80211.h:844
ieee80211_ie_rsn::group_cipher
u32 group_cipher
Cipher ID for the cipher used in multicast/broadcast frames.
Definition: ieee80211.h:809
IEEE80211_WPA_OUI_VEN
#define IEEE80211_WPA_OUI_VEN
Old vendor-type WPA IE OUI type + subtype.
Definition: ieee80211.h:869
ieee80211_beacon
#define ieee80211_beacon
Definition: ieee80211.h:1069
ieee80211_ie_rsn::akm_count
u16 akm_count
Number of authentication types supported.
Definition: ieee80211.h:818
IEEE80211_IE_VENDOR
#define IEEE80211_IE_VENDOR
Information element ID for Vendor Specific information element.
Definition: ieee80211.h:960
ieee80211_ie_rsn::pairwise_cipher
u32 pairwise_cipher[1]
List of cipher IDs for supported unicast frame ciphers.
Definition: ieee80211.h:815
IEEE80211_IE_RSN
#define IEEE80211_IE_RSN
Information element ID for Robust Security Network information element.
Definition: ieee80211.h:834
ieee80211_ie_rsn::pairwise_count
u16 pairwise_count
Number of unicast ciphers supported.
Definition: ieee80211.h:812
ieee80211_ie
Any 802.11 information element.
Definition: ieee80211.h:972
malloc
void * malloc(size_t size)
Allocate memory.
Definition: malloc.c:583
net80211_device::associating
struct net80211_wlan * associating
Network with which we are associating.
Definition: net80211.h:866
ieee80211_ie_rsn
802.11 Robust Security Network ("WPA") information element
Definition: ieee80211.h:798
sec80211_rsn_get_crypto_desc
u32 sec80211_rsn_get_crypto_desc(enum net80211_crypto_alg crypt, int rsnie)
Determine RSN descriptor for specified net80211 cryptosystem number.
Definition: sec80211.c:481
sec80211_rsn_get_akm_desc
u32 sec80211_rsn_get_akm_desc(enum net80211_security_proto secprot, int rsnie)
Determine RSN descriptor for specified net80211 handshaker number.
Definition: sec80211.c:496
net80211_crypto_alg
net80211_crypto_alg
An 802.11 data encryption algorithm.
Definition: net80211.h:129
io_buffer::data
void * data
Start of data.
Definition: iobuf.h:48
group_cipher
u32 group_cipher
Cipher ID for the cipher used in multicast/broadcast frames.
Definition: ieee80211.h:24
IEEE80211_RSN_VERSION
#define IEEE80211_RSN_VERSION
802.11 RSN IE: expected version number
Definition: ieee80211.h:873
sec80211_rsn_get_net80211_crypt
enum net80211_crypto_alg sec80211_rsn_get_net80211_crypt(u32 desc)
Determine net80211 cryptosystem number from RSN descriptor.
Definition: sec80211.c:508
DBG
#define DBG(...)
Print a debugging message.
Definition: compiler.h:498
net80211_wlan::beacon
struct io_buffer * beacon
The complete beacon or probe-response frame received.
Definition: net80211.h:1081
sec80211_find_rsn
u8 * sec80211_find_rsn(union ieee80211_ie *ie, void *ie_end, int *is_rsn, u8 **end)
Find the RSN or WPA information element in the provided beacon frame.
Definition: sec80211.c:283
u8
uint8_t u8
Definition: stdint.h:19
u32
uint32_t u32
Definition: stdint.h:23

References ieee80211_ie_rsn::akm_count, ieee80211_ie_rsn::akm_list, net80211_device::associating, net80211_wlan::beacon, net80211_wlan::crypto, io_buffer::data, DBG, EINVAL, ENOMEM, ENOTSUP, group_cipher, ieee80211_ie_rsn::group_cipher, net80211_wlan::handshaking, hdr, ieee80211_beacon, IEEE80211_IE_RSN, IEEE80211_IE_VENDOR, ieee80211_rsn_size(), IEEE80211_RSN_VERSION, IEEE80211_WPA_OUI_VEN, malloc(), ieee80211_ie_rsn::pairwise_cipher, ieee80211_ie_rsn::pairwise_count, ieee80211_ie_rsn::pmkid_count, ieee80211_ie_rsn::rsn_capab, sec80211_find_rsn(), sec80211_rsn_get_akm_desc(), sec80211_rsn_get_crypto_desc(), sec80211_rsn_get_net80211_crypt(), io_buffer::tail, ieee80211_ie_rsn::version, and wpa_find_cryptosystem().

Referenced by wpa_psk_init().

◆ wpa_start()

int wpa_start ( struct net80211_device dev,
struct wpa_common_ctx ctx,
const void *  pmk,
size_t  pmk_len 
)

Set up generic WPA support to handle 4-Way Handshake.

Parameters
dev802.11 device
ctxWPA common context
pmkPairwise Master Key to use for session
pmk_lenLength of PMK, almost always 32
Return values
rcReturn status code

Definition at line 216 of file wpa.c.

218 {
219  struct io_buffer *iob;
220  struct ieee80211_frame *hdr;
221  struct ieee80211_beacon *beacon;
222  u8 *ap_rsn_ie = NULL, *ap_rsn_ie_end;
223 
224  if ( ! dev->rsn_ie || ! dev->associating )
225  return -EINVAL;
226 
227  ctx->dev = dev;
228  memcpy ( ctx->pmk, pmk, ctx->pmk_len = pmk_len );
229  ctx->state = WPA_READY;
230  ctx->replay = ~0ULL;
231 
232  iob = dev->associating->beacon;
233  hdr = iob->data;
234  beacon = ( struct ieee80211_beacon * ) hdr->data;
235  ap_rsn_ie = sec80211_find_rsn ( beacon->info_element, iob->tail,
236  &ctx->ap_rsn_is_rsn, &ap_rsn_ie_end );
237  if ( ap_rsn_ie ) {
238  ctx->ap_rsn_ie = malloc ( ap_rsn_ie_end - ap_rsn_ie );
239  if ( ! ctx->ap_rsn_ie )
240  return -ENOMEM;
241  memcpy ( ctx->ap_rsn_ie, ap_rsn_ie, ap_rsn_ie_end - ap_rsn_ie );
242  ctx->ap_rsn_ie_len = ap_rsn_ie_end - ap_rsn_ie;
243  } else {
244  return -ENOENT;
245  }
246 
247  ctx->crypt = dev->associating->crypto;
248  ctx->gcrypt = NET80211_CRYPT_UNKNOWN;
249 
250  list_add_tail ( &ctx->list, &wpa_contexts );
251  return 0;
252 }
EINVAL
#define EINVAL
Invalid argument.
Definition: errno.h:428
net80211_wlan::crypto
enum net80211_crypto_alg crypto
Cryptographic algorithm used on the network.
Definition: net80211.h:1087
NET80211_CRYPT_UNKNOWN
Dummy value used when the cryptosystem can't be detected.
Definition: net80211.h:177
hdr
struct golan_inbox_hdr hdr
Message header.
Definition: CIB_PRM.h:28
ieee80211_frame
An 802.11 data or management frame without QoS or WDS header fields.
Definition: ieee80211.h:300
ENOENT
#define ENOENT
No such file or directory.
Definition: errno.h:514
net80211_device::rsn_ie
union ieee80211_ie * rsn_ie
RSN or WPA information element to include with association.
Definition: net80211.h:932
wpa_contexts
struct list_head wpa_contexts
List of WPA contexts in active use.
Definition: wpa.c:46
WPA_READY
Ready for 4-Way Handshake.
Definition: wpa.h:181
io_buffer::tail
void * tail
End of data.
Definition: iobuf.h:50
ENOMEM
#define ENOMEM
Not enough space.
Definition: errno.h:534
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
list_add_tail
#define list_add_tail(new, head)
Add a new entry to the tail of a list.
Definition: list.h:93
ieee80211_beacon
#define ieee80211_beacon
Definition: ieee80211.h:1069
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
malloc
void * malloc(size_t size)
Allocate memory.
Definition: malloc.c:583
net80211_device::associating
struct net80211_wlan * associating
Network with which we are associating.
Definition: net80211.h:866
io_buffer::data
void * data
Start of data.
Definition: iobuf.h:48
net80211_wlan::beacon
struct io_buffer * beacon
The complete beacon or probe-response frame received.
Definition: net80211.h:1081
sec80211_find_rsn
u8 * sec80211_find_rsn(union ieee80211_ie *ie, void *ie_end, int *is_rsn, u8 **end)
Find the RSN or WPA information element in the provided beacon frame.
Definition: sec80211.c:283
NULL
#define NULL
NULL pointer (VOID *)
Definition: Base.h:321
u8
uint8_t u8
Definition: stdint.h:19
io_buffer
A persistent I/O buffer.
Definition: iobuf.h:33

References net80211_device::associating, net80211_wlan::beacon, net80211_wlan::crypto, ctx, io_buffer::data, EINVAL, ENOENT, ENOMEM, hdr, ieee80211_beacon, list_add_tail, malloc(), memcpy(), NET80211_CRYPT_UNKNOWN, NULL, net80211_device::rsn_ie, sec80211_find_rsn(), io_buffer::tail, wpa_contexts, and WPA_READY.

Referenced by wpa_psk_start().

◆ wpa_stop()

void wpa_stop ( struct net80211_device dev)

Disable handling of received WPA handshake frames.

Parameters
dev802.11 device

Definition at line 260 of file wpa.c.

261 {
262  struct wpa_common_ctx *ctx, *tmp;
263 
264  list_for_each_entry_safe ( ctx, tmp, &wpa_contexts, list ) {
265  if ( ctx->dev == dev ) {
266  free ( ctx->ap_rsn_ie );
267  ctx->ap_rsn_ie = NULL;
268  list_del ( &ctx->list );
269  }
270  }
271 }
wpa_common_ctx::dev
struct net80211_device * dev
802.11 device we are authenticating for
Definition: wpa.h:294
wpa_contexts
struct list_head wpa_contexts
List of WPA contexts in active use.
Definition: wpa.c:46
tmp
unsigned long tmp
Definition: linux_pci.h:53
list_del
#define list_del(list)
Delete an entry from a list.
Definition: list.h:119
wpa_common_ctx
Common context for WPA security handshaking.
Definition: wpa.h:291
list_for_each_entry_safe
#define list_for_each_entry_safe(pos, tmp, head, member)
Iterate over entries in a list, safe against deletion of the current entry.
Definition: list.h:458
free
static void(* free)(struct refcnt *refcnt))
Definition: refcnt.h:54
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
wpa_common_ctx::list
struct list_head list
List entry.
Definition: wpa.h:362
NULL
#define NULL
NULL pointer (VOID *)
Definition: Base.h:321

References ctx, wpa_common_ctx::dev, free, wpa_common_ctx::list, list_del, list_for_each_entry_safe, NULL, tmp, and wpa_contexts.

Referenced by wpa_psk_stop().

◆ wpa_derive_ptk()

static void wpa_derive_ptk ( struct wpa_common_ctx ctx)
static

Derive pairwise transient key.

Parameters
ctxWPA common context

Definition at line 279 of file wpa.c.

280 {
281  struct {
282  u8 mac1[ETH_ALEN];
283  u8 mac2[ETH_ALEN];
284  u8 nonce1[WPA_NONCE_LEN];
285  u8 nonce2[WPA_NONCE_LEN];
286  } __attribute__ (( packed )) ptk_data;
287 
288  /* The addresses and nonces are stored in numerical order (!) */
289 
290  if ( memcmp ( ctx->dev->netdev->ll_addr, ctx->dev->bssid,
291  ETH_ALEN ) < 0 ) {
292  memcpy ( ptk_data.mac1, ctx->dev->netdev->ll_addr, ETH_ALEN );
293  memcpy ( ptk_data.mac2, ctx->dev->bssid, ETH_ALEN );
294  } else {
295  memcpy ( ptk_data.mac1, ctx->dev->bssid, ETH_ALEN );
296  memcpy ( ptk_data.mac2, ctx->dev->netdev->ll_addr, ETH_ALEN );
297  }
298 
299  if ( memcmp ( ctx->Anonce, ctx->Snonce, WPA_NONCE_LEN ) < 0 ) {
300  memcpy ( ptk_data.nonce1, ctx->Anonce, WPA_NONCE_LEN );
301  memcpy ( ptk_data.nonce2, ctx->Snonce, WPA_NONCE_LEN );
302  } else {
303  memcpy ( ptk_data.nonce1, ctx->Snonce, WPA_NONCE_LEN );
304  memcpy ( ptk_data.nonce2, ctx->Anonce, WPA_NONCE_LEN );
305  }
306 
307  DBGC2 ( ctx, "WPA %p A1 %s", ctx, eth_ntoa ( ptk_data.mac1 ) );
308  DBGC2 ( ctx, ", A2 %s\n", eth_ntoa ( ptk_data.mac2 ) );
309 
310  DBGC2 ( ctx, "WPA %p Nonce1, Nonce2:\n", ctx );
311  DBGC2_HD ( ctx, ptk_data.nonce1, WPA_NONCE_LEN );
312  DBGC2_HD ( ctx, ptk_data.nonce2, WPA_NONCE_LEN );
313 
314  prf_sha1 ( ctx->pmk, ctx->pmk_len,
315  "Pairwise key expansion",
316  &ptk_data, sizeof ( ptk_data ),
317  &ctx->ptk, sizeof ( ctx->ptk ) );
318 
319  DBGC2 ( ctx, "WPA %p PTK:\n", ctx );
320  DBGC2_HD ( ctx, &ctx->ptk, sizeof ( ctx->ptk ) );
321 }
__attribute__
#define __attribute__(x)
Definition: compiler.h:10
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
WPA_NONCE_LEN
#define WPA_NONCE_LEN
Length of a nonce.
Definition: wpa.h:204
DBGC2_HD
#define DBGC2_HD(...)
Definition: compiler.h:524
eth_ntoa
const char * eth_ntoa(const void *ll_addr)
Transcribe Ethernet address.
Definition: ethernet.c:175
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
ETH_ALEN
#define ETH_ALEN
Definition: if_ether.h:8
prf_sha1
void prf_sha1(const void *key, size_t key_len, const char *label, const void *data, size_t data_len, void *prf, size_t prf_len)
SHA1 pseudorandom function for creating derived keys.
Definition: sha1extra.c:44
DBGC2
#define DBGC2(...)
Definition: compiler.h:522
memcmp
int memcmp(const void *first, const void *second, size_t len)
Compare memory regions.
Definition: string.c:114
u8
uint8_t u8
Definition: stdint.h:19

References __attribute__, ctx, DBGC2, DBGC2_HD, ETH_ALEN, eth_ntoa(), memcmp(), memcpy(), prf_sha1(), and WPA_NONCE_LEN.

Referenced by wpa_handle_1_of_4().

◆ wpa_install_ptk()

static int wpa_install_ptk ( struct wpa_common_ctx ctx,
int  len 
)
inlinestatic

Install pairwise transient key.

Parameters
ctxWPA common context
lenKey length (16 for CCMP, 32 for TKIP)
Return values
rcReturn status code

Definition at line 331 of file wpa.c.

332 {
333  DBGC ( ctx, "WPA %p: installing %d-byte pairwise transient key\n",
334  ctx, len );
335  DBGC2_HD ( ctx, &ctx->ptk.tk, len );
336 
337  return sec80211_install ( &ctx->dev->crypto, ctx->crypt,
338  &ctx->ptk.tk, len, NULL );
339 }
DBGC
#define DBGC(...)
Definition: compiler.h:505
sec80211_install
int sec80211_install(struct net80211_crypto **which, enum net80211_crypto_alg crypt, const void *key, int len, const void *rsc)
Install 802.11 cryptosystem.
Definition: sec80211.c:113
DBGC2_HD
#define DBGC2_HD(...)
Definition: compiler.h:524
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
len
uint32_t len
Length.
Definition: ena.h:14
NULL
#define NULL
NULL pointer (VOID *)
Definition: Base.h:321

References ctx, DBGC, DBGC2_HD, len, NULL, and sec80211_install().

Referenced by wpa_handle_3_of_4().

◆ wpa_install_gtk()

static int wpa_install_gtk ( struct wpa_common_ctx ctx,
int  len,
const void *  rsc 
)
inlinestatic

Install group transient key.

Parameters
ctxWPA common context
lenKey length (16 for CCMP, 32 for TKIP)
rscReceive sequence counter field in EAPOL-Key packet
Return values
rcReturn status code

Definition at line 349 of file wpa.c.

351 {
352  DBGC ( ctx, "WPA %p: installing %d-byte group transient key\n",
353  ctx, len );
354  DBGC2_HD ( ctx, &ctx->gtk.tk, len );
355 
356  return sec80211_install ( &ctx->dev->gcrypto, ctx->gcrypt,
357  &ctx->gtk.tk, len, rsc );
358 }
DBGC
#define DBGC(...)
Definition: compiler.h:505
rsc
u8 rsc[8]
Receive sequence counter for GTK.
Definition: wpa.h:69
sec80211_install
int sec80211_install(struct net80211_crypto **which, enum net80211_crypto_alg crypt, const void *key, int len, const void *rsc)
Install 802.11 cryptosystem.
Definition: sec80211.c:113
DBGC2_HD
#define DBGC2_HD(...)
Definition: compiler.h:524
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
len
uint32_t len
Length.
Definition: ena.h:14

References ctx, DBGC, DBGC2_HD, len, rsc, and sec80211_install().

Referenced by wpa_handle_1_of_2(), and wpa_maybe_install_gtk().

◆ wpa_maybe_install_gtk()

static int wpa_maybe_install_gtk ( struct wpa_common_ctx ctx,
union ieee80211_ie ie,
void *  ie_end,
const void *  rsc 
)
static

Search for group transient key, and install it if found.

Parameters
ctxWPA common context
iePointer to first IE in key data field
ie_endPointer to first byte not in key data field
rscReceive sequence counter field in EAPOL-Key packet
Return values
rcReturn status code

Definition at line 369 of file wpa.c.

372 {
373  struct wpa_kde *kde;
374 
375  if ( ! ieee80211_ie_bound ( ie, ie_end ) )
376  return -ENOENT;
377 
378  while ( ie ) {
379  if ( ie->id == IEEE80211_IE_VENDOR &&
380  ie->vendor.oui == WPA_KDE_GTK )
381  break;
382 
383  ie = ieee80211_next_ie ( ie, ie_end );
384  }
385 
386  if ( ! ie )
387  return -ENOENT;
388 
389  if ( ie->len - 6u > sizeof ( ctx->gtk.tk ) ) {
390  DBGC ( ctx, "WPA %p: GTK KDE is too long (%d bytes, max %zd)\n",
391  ctx, ie->len - 4, sizeof ( ctx->gtk.tk ) );
392  return -EINVAL;
393  }
394 
395  /* XXX We ignore key ID for now. */
396  kde = ( struct wpa_kde * ) ie;
397  memcpy ( &ctx->gtk.tk, &kde->gtk_encap.gtk, kde->len - 6 );
398 
399  return wpa_install_gtk ( ctx, kde->len - 6, rsc );
400 }
EINVAL
#define EINVAL
Invalid argument.
Definition: errno.h:428
ieee80211_next_ie
static union ieee80211_ie * ieee80211_next_ie(union ieee80211_ie *ie, void *end)
Advance to next 802.11 information element.
Definition: ieee80211.h:1028
ieee80211_ie_vendor::oui
u32 oui
OUI and vendor-specific type byte.
Definition: ieee80211.h:955
DBGC
#define DBGC(...)
Definition: compiler.h:505
ENOENT
#define ENOENT
No such file or directory.
Definition: errno.h:514
wpa_kde_gtk_encap::gtk
struct wpa_gtk gtk
Encapsulated group transient key.
Definition: wpa.h:431
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
ieee80211_ie::id
u8 id
Information element ID.
Definition: ieee80211.h:976
WPA_KDE_GTK
#define WPA_KDE_GTK
KDE type for an encapsulated Group Transient Key (requires encryption)
Definition: wpa.h:442
rsc
u8 rsc[8]
Receive sequence counter for GTK.
Definition: wpa.h:69
IEEE80211_IE_VENDOR
#define IEEE80211_IE_VENDOR
Information element ID for Vendor Specific information element.
Definition: ieee80211.h:960
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
ieee80211_ie::vendor
struct ieee80211_ie_vendor vendor
Vendor-specific.
Definition: ieee80211.h:1003
ieee80211_ie_bound
static int ieee80211_ie_bound(union ieee80211_ie *ie, void *end)
Check that 802.11 information element is bounded by buffer.
Definition: ieee80211.h:1012
wpa_kde::gtk_encap
struct wpa_kde_gtk_encap gtk_encap
For GTK-type KDEs, encapsulated GTK.
Definition: wpa.h:478
ieee80211_ie::len
u8 len
Information element data length.
Definition: ieee80211.h:977
wpa_kde::len
u8 len
Length, not including ie_type and length fields.
Definition: wpa.h:470
u
union @17 u
wpa_kde
Any key descriptor element type.
Definition: wpa.h:464
wpa_install_gtk
static int wpa_install_gtk(struct wpa_common_ctx *ctx, int len, const void *rsc)
Install group transient key.
Definition: wpa.c:349

References ctx, DBGC, EINVAL, ENOENT, wpa_kde_gtk_encap::gtk, wpa_kde::gtk_encap, ieee80211_ie::id, ieee80211_ie_bound(), IEEE80211_IE_VENDOR, ieee80211_next_ie(), wpa_kde::len, ieee80211_ie::len, memcpy(), ieee80211_ie_vendor::oui, rsc, u, ieee80211_ie::vendor, wpa_install_gtk(), and WPA_KDE_GTK.

Referenced by wpa_handle_1_of_2(), and wpa_handle_3_of_4().

◆ wpa_alloc_frame()

static struct io_buffer* wpa_alloc_frame ( int  kdlen)
static

Allocate I/O buffer for construction of outgoing EAPOL-Key frame.

Parameters
kdlenMaximum number of bytes in the Key Data field
Return values
iobNewly allocated I/O buffer

The returned buffer will have space reserved for the link-layer and EAPOL headers, and will have iob->tail pointing to the start of the Key Data field. Thus, it is necessary to use iob_put() in filling the Key Data.

Definition at line 414 of file wpa.c.

415 {
416  struct io_buffer *ret = alloc_iob ( sizeof ( struct eapol_key_pkt ) +
417  kdlen +
418  sizeof ( struct eapol_header ) +
419  MAX_LL_HEADER_LEN );
420  if ( ! ret )
421  return NULL;
422 
423  iob_reserve ( ret, MAX_LL_HEADER_LEN + sizeof ( struct eapol_header ) );
424  memset ( iob_put ( ret, sizeof ( struct eapol_key_pkt ) ), 0,
425  sizeof ( struct eapol_key_pkt ) );
426 
427  return ret;
428 }
eapol_key_pkt
An EAPOL-Key packet.
Definition: wpa.h:104
iob_put
#define iob_put(iobuf, len)
Definition: iobuf.h:120
alloc_iob
struct io_buffer * alloc_iob(size_t len)
Allocate I/O buffer.
Definition: iobuf.c:129
eapol_header
EAPoL header.
Definition: eapol.h:18
MAX_LL_HEADER_LEN
#define MAX_LL_HEADER_LEN
Maximum length of a link-layer header.
Definition: netdevice.h:45
iob_reserve
#define iob_reserve(iobuf, len)
Definition: iobuf.h:67
NULL
#define NULL
NULL pointer (VOID *)
Definition: Base.h:321
memset
void * memset(void *dest, int character, size_t len) __nonnull
io_buffer
A persistent I/O buffer.
Definition: iobuf.h:33

References alloc_iob(), iob_put, iob_reserve, MAX_LL_HEADER_LEN, memset(), and NULL.

Referenced by wpa_send_2_of_4(), and wpa_send_final().

◆ wpa_send_eapol()

static int wpa_send_eapol ( struct io_buffer iob,
struct wpa_common_ctx ctx,
struct wpa_kie kie 
)
static

Send EAPOL-Key packet.

Parameters
iobI/O buffer, with sufficient headroom for headers
dev802.11 device
kieKey integrity and encryption handler
is_rsnIf TRUE, handshake uses new RSN format
Return values
rcReturn status code

If a KIE is specified, the MIC will be filled in before transmission.

Definition at line 442 of file wpa.c.

444 {
445  struct eapol_key_pkt *pkt = iob->data;
446  struct eapol_header *eapol = iob_push ( iob, sizeof ( *eapol ) );
447 
448  pkt->info = htons ( pkt->info );
449  pkt->keysize = htons ( pkt->keysize );
450  pkt->datalen = htons ( pkt->datalen );
451  pkt->replay = cpu_to_be64 ( pkt->replay );
452  eapol->version = EAPOL_VERSION_2001;
453  eapol->type = EAPOL_TYPE_KEY;
454  eapol->len = htons ( iob->tail - iob->data - sizeof ( *eapol ) );
455 
456  memset ( pkt->mic, 0, sizeof ( pkt->mic ) );
457  if ( kie )
458  kie->mic ( &ctx->ptk.kck, eapol, sizeof ( *eapol ) +
459  sizeof ( *pkt ) + ntohs ( pkt->datalen ),
460  pkt->mic );
461 
462  return net_tx ( iob, ctx->dev->netdev, &eapol_protocol,
463  ctx->dev->bssid, ctx->dev->netdev->ll_addr );
464 }
eapol_header::len
uint16_t len
Payload length.
Definition: eapol.h:24
eapol_key_pkt
An EAPOL-Key packet.
Definition: wpa.h:104
iob_push
#define iob_push(iobuf, len)
Definition: iobuf.h:84
ntohs
#define ntohs(value)
Definition: byteswap.h:136
eapol_key_pkt::keysize
u16 keysize
Length of encryption key to be used, network byte order.
Definition: wpa.h:116
eapol_key_pkt::mic
u8 mic[16]
Message integrity code over the entire EAPOL frame.
Definition: wpa.h:160
io_buffer::tail
void * tail
End of data.
Definition: iobuf.h:50
eapol_header
EAPoL header.
Definition: eapol.h:18
EAPOL_TYPE_KEY
#define EAPOL_TYPE_KEY
EAPoL key.
Definition: eapol.h:37
eapol_key_pkt::info
u16 info
Bitfield of key characteristics, network byte order.
Definition: wpa.h:110
EAPOL_VERSION_2001
#define EAPOL_VERSION_2001
802.1X-2001
Definition: eapol.h:28
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
wpa_kie::mic
void(* mic)(const void *kck, const void *msg, size_t len, void *mic)
Calculate MIC over message.
Definition: wpa.h:388
eapol_key_pkt::datalen
u16 datalen
Length of the data field in bytes, network byte order.
Definition: wpa.h:163
eapol_header::type
uint8_t type
Type.
Definition: eapol.h:22
net_tx
int net_tx(struct io_buffer *iobuf, struct net_device *netdev, struct net_protocol *net_protocol, const void *ll_dest, const void *ll_source)
Transmit network-layer packet.
Definition: netdevice.c:1073
io_buffer::data
void * data
Start of data.
Definition: iobuf.h:48
eapol_header::version
uint8_t version
Version.
Definition: eapol.h:20
cpu_to_be64
#define cpu_to_be64(value)
Definition: byteswap.h:111
eapol_key_pkt::replay
u64 replay
Monotonically increasing value for EAPOL-Key conversations.
Definition: wpa.h:124
htons
#define htons(value)
Definition: byteswap.h:135
memset
void * memset(void *dest, int character, size_t len) __nonnull

References cpu_to_be64, ctx, io_buffer::data, eapol_key_pkt::datalen, EAPOL_TYPE_KEY, EAPOL_VERSION_2001, htons, eapol_key_pkt::info, iob_push, eapol_key_pkt::keysize, eapol_header::len, memset(), eapol_key_pkt::mic, wpa_kie::mic, net_tx(), ntohs, eapol_key_pkt::replay, io_buffer::tail, eapol_header::type, and eapol_header::version.

Referenced by wpa_send_2_of_4(), and wpa_send_final().

◆ wpa_send_2_of_4()

static int wpa_send_2_of_4 ( struct wpa_common_ctx ctx,
struct eapol_key_pkt pkt,
int  is_rsn,
struct wpa_kie kie 
)
static

Send second frame in 4-Way Handshake.

Parameters
ctxWPA common context
pktFirst frame, to which this is a reply
is_rsnIf TRUE, handshake uses new RSN format
kieKey integrity and encryption handler
Return values
rcReturn status code

Definition at line 476 of file wpa.c.

479 {
480  struct io_buffer *iob = wpa_alloc_frame ( ctx->dev->rsn_ie->len + 2 );
481  struct eapol_key_pkt *npkt;
482 
483  if ( ! iob )
484  return -ENOMEM;
485 
486  npkt = iob->data;
487  memcpy ( npkt, pkt, sizeof ( *pkt ) );
488  npkt->info &= ~EAPOL_KEY_INFO_KEY_ACK;
489  npkt->info |= EAPOL_KEY_INFO_KEY_MIC;
490  if ( is_rsn )
491  npkt->keysize = 0;
492  memcpy ( npkt->nonce, ctx->Snonce, sizeof ( npkt->nonce ) );
493  npkt->datalen = ctx->dev->rsn_ie->len + 2;
494  memcpy ( iob_put ( iob, npkt->datalen ), ctx->dev->rsn_ie,
495  npkt->datalen );
496 
497  DBGC ( ctx, "WPA %p: sending 2/4\n", ctx );
498 
499  return wpa_send_eapol ( iob, ctx, kie );
500 }
eapol_key_pkt
An EAPOL-Key packet.
Definition: wpa.h:104
wpa_send_eapol
static int wpa_send_eapol(struct io_buffer *iob, struct wpa_common_ctx *ctx, struct wpa_kie *kie)
Send EAPOL-Key packet.
Definition: wpa.c:442
iob_put
#define iob_put(iobuf, len)
Definition: iobuf.h:120
DBGC
#define DBGC(...)
Definition: compiler.h:505
eapol_key_pkt::nonce
u8 nonce[32]
Nonce value.
Definition: wpa.h:131
eapol_key_pkt::keysize
u16 keysize
Length of encryption key to be used, network byte order.
Definition: wpa.h:116
ENOMEM
#define ENOMEM
Not enough space.
Definition: errno.h:534
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
EAPOL_KEY_INFO_KEY_ACK
#define EAPOL_KEY_INFO_KEY_ACK
Key ACK bit; set when a response is required, on all messages except #4.
Definition: wpa.h:56
eapol_key_pkt::info
u16 info
Bitfield of key characteristics, network byte order.
Definition: wpa.h:110
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
eapol_key_pkt::datalen
u16 datalen
Length of the data field in bytes, network byte order.
Definition: wpa.h:163
io_buffer::data
void * data
Start of data.
Definition: iobuf.h:48
EAPOL_KEY_INFO_KEY_MIC
#define EAPOL_KEY_INFO_KEY_MIC
Key MIC bit; set when the MIC field is valid, on messages 3 and 4.
Definition: wpa.h:59
wpa_alloc_frame
static struct io_buffer * wpa_alloc_frame(int kdlen)
Allocate I/O buffer for construction of outgoing EAPOL-Key frame.
Definition: wpa.c:414
io_buffer
A persistent I/O buffer.
Definition: iobuf.h:33

References ctx, io_buffer::data, eapol_key_pkt::datalen, DBGC, EAPOL_KEY_INFO_KEY_ACK, EAPOL_KEY_INFO_KEY_MIC, ENOMEM, eapol_key_pkt::info, iob_put, eapol_key_pkt::keysize, memcpy(), eapol_key_pkt::nonce, wpa_alloc_frame(), and wpa_send_eapol().

Referenced by wpa_handle_1_of_4().

◆ wpa_handle_1_of_4()

static int wpa_handle_1_of_4 ( struct wpa_common_ctx ctx,
struct eapol_key_pkt pkt,
int  is_rsn,
struct wpa_kie kie 
)
static

Handle receipt of first frame in 4-Way Handshake.

Parameters
ctxWPA common context
pktEAPOL-Key packet
is_rsnIf TRUE, frame uses new RSN format
kieKey integrity and encryption handler
Return values
rcReturn status code

Definition at line 512 of file wpa.c.

515 {
516  if ( ctx->state == WPA_WAITING )
517  return -EINVAL;
518 
519  ctx->state = WPA_WORKING;
520  memcpy ( ctx->Anonce, pkt->nonce, sizeof ( ctx->Anonce ) );
521  if ( ! ctx->have_Snonce ) {
522  rbg_generate ( NULL, 0, 0, ctx->Snonce,
523  sizeof ( ctx->Snonce ) );
524  ctx->have_Snonce = 1;
525  }
526 
527  DBGC ( ctx, "WPA %p: received 1/4, looks OK\n", ctx );
528 
529  wpa_derive_ptk ( ctx );
530 
531  return wpa_send_2_of_4 ( ctx, pkt, is_rsn, kie );
532 }
EINVAL
#define EINVAL
Invalid argument.
Definition: errno.h:428
WPA_WORKING
Performing 4-Way Handshake.
Definition: wpa.h:184
rbg_generate
static int rbg_generate(const void *additional, size_t additional_len, int prediction_resist, void *data, size_t len)
Generate bits using RBG.
Definition: rbg.h:36
DBGC
#define DBGC(...)
Definition: compiler.h:505
eapol_key_pkt::nonce
u8 nonce[32]
Nonce value.
Definition: wpa.h:131
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
wpa_derive_ptk
static void wpa_derive_ptk(struct wpa_common_ctx *ctx)
Derive pairwise transient key.
Definition: wpa.c:279
wpa_send_2_of_4
static int wpa_send_2_of_4(struct wpa_common_ctx *ctx, struct eapol_key_pkt *pkt, int is_rsn, struct wpa_kie *kie)
Send second frame in 4-Way Handshake.
Definition: wpa.c:476
WPA_WAITING
Waiting for PMK to be set.
Definition: wpa.h:178
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
NULL
#define NULL
NULL pointer (VOID *)
Definition: Base.h:321

References ctx, DBGC, EINVAL, memcpy(), eapol_key_pkt::nonce, NULL, rbg_generate(), wpa_derive_ptk(), wpa_send_2_of_4(), WPA_WAITING, and WPA_WORKING.

Referenced by eapol_key_rx().

◆ wpa_send_final()

static int wpa_send_final ( struct wpa_common_ctx ctx,
struct eapol_key_pkt pkt,
int  is_rsn,
struct wpa_kie kie 
)
static

Send fourth frame in 4-Way Handshake, or second in Group Key Handshake.

Parameters
ctxWPA common context
pktEAPOL-Key packet for frame to which we're replying
is_rsnIf TRUE, frame uses new RSN format
kieKey integrity and encryption handler
Return values
rcReturn status code

Definition at line 544 of file wpa.c.

547 {
548  struct io_buffer *iob = wpa_alloc_frame ( 0 );
549  struct eapol_key_pkt *npkt;
550 
551  if ( ! iob )
552  return -ENOMEM;
553 
554  npkt = iob->data;
555  memcpy ( npkt, pkt, sizeof ( *pkt ) );
556  npkt->info &= ~( EAPOL_KEY_INFO_KEY_ACK | EAPOL_KEY_INFO_INSTALL |
557  EAPOL_KEY_INFO_KEY_ENC );
558  if ( is_rsn )
559  npkt->keysize = 0;
560  memset ( npkt->nonce, 0, sizeof ( npkt->nonce ) );
561  memset ( npkt->iv, 0, sizeof ( npkt->iv ) );
562  npkt->datalen = 0;
563 
564  if ( npkt->info & EAPOL_KEY_INFO_TYPE )
565  DBGC ( ctx, "WPA %p: sending 4/4\n", ctx );
566  else
567  DBGC ( ctx, "WPA %p: sending 2/2\n", ctx );
568 
569  return wpa_send_eapol ( iob, ctx, kie );
570 
571 }
eapol_key_pkt
An EAPOL-Key packet.
Definition: wpa.h:104
wpa_send_eapol
static int wpa_send_eapol(struct io_buffer *iob, struct wpa_common_ctx *ctx, struct wpa_kie *kie)
Send EAPOL-Key packet.
Definition: wpa.c:442
EAPOL_KEY_INFO_KEY_ENC
#define EAPOL_KEY_INFO_KEY_ENC
Key Encrypted bit; set when the Key Data field is encrypted.
Definition: wpa.h:71
DBGC
#define DBGC(...)
Definition: compiler.h:505
eapol_key_pkt::nonce
u8 nonce[32]
Nonce value.
Definition: wpa.h:131
eapol_key_pkt::keysize
u16 keysize
Length of encryption key to be used, network byte order.
Definition: wpa.h:116
ENOMEM
#define ENOMEM
Not enough space.
Definition: errno.h:534
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
EAPOL_KEY_INFO_KEY_ACK
#define EAPOL_KEY_INFO_KEY_ACK
Key ACK bit; set when a response is required, on all messages except #4.
Definition: wpa.h:56
eapol_key_pkt::info
u16 info
Bitfield of key characteristics, network byte order.
Definition: wpa.h:110
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
eapol_key_pkt::datalen
u16 datalen
Length of the data field in bytes, network byte order.
Definition: wpa.h:163
io_buffer::data
void * data
Start of data.
Definition: iobuf.h:48
eapol_key_pkt::iv
u8 iv[16]
Initialization vector.
Definition: wpa.h:139
EAPOL_KEY_INFO_INSTALL
#define EAPOL_KEY_INFO_INSTALL
Key install bit; set on message 3 except when legacy hacks are used.
Definition: wpa.h:53
wpa_alloc_frame
static struct io_buffer * wpa_alloc_frame(int kdlen)
Allocate I/O buffer for construction of outgoing EAPOL-Key frame.
Definition: wpa.c:414
memset
void * memset(void *dest, int character, size_t len) __nonnull
io_buffer
A persistent I/O buffer.
Definition: iobuf.h:33
EAPOL_KEY_INFO_TYPE
#define EAPOL_KEY_INFO_TYPE
Key type bit, indicating pairwise or group.
Definition: wpa.h:50

References ctx, io_buffer::data, eapol_key_pkt::datalen, DBGC, EAPOL_KEY_INFO_INSTALL, EAPOL_KEY_INFO_KEY_ACK, EAPOL_KEY_INFO_KEY_ENC, EAPOL_KEY_INFO_TYPE, ENOMEM, eapol_key_pkt::info, eapol_key_pkt::iv, eapol_key_pkt::keysize, memcpy(), memset(), eapol_key_pkt::nonce, wpa_alloc_frame(), and wpa_send_eapol().

Referenced by wpa_handle_1_of_2(), and wpa_handle_3_of_4().

◆ wpa_handle_3_of_4()

static int wpa_handle_3_of_4 ( struct wpa_common_ctx ctx,
struct eapol_key_pkt pkt,
int  is_rsn,
struct wpa_kie kie 
)
static

Handle receipt of third frame in 4-Way Handshake.

Parameters
ctxWPA common context
pktEAPOL-Key packet
is_rsnIf TRUE, frame uses new RSN format
kieKey integrity and encryption handler
Return values
rcReturn status code

Definition at line 583 of file wpa.c.

586 {
587  int rc;
588  u8 *this_rsn, *this_rsn_end;
589  u8 *new_rsn, *new_rsn_end;
590  int this_is_rsn, new_is_rsn;
591 
592  if ( ctx->state == WPA_WAITING )
593  return -EINVAL;
594 
595  ctx->state = WPA_WORKING;
596 
597  /* Check nonce */
598  if ( memcmp ( ctx->Anonce, pkt->nonce, WPA_NONCE_LEN ) != 0 ) {
599  DBGC ( ctx, "WPA %p ALERT: nonce mismatch in 3/4\n", ctx );
600  return wpa_fail ( ctx, -EACCES );
601  }
602 
603  /* Check RSN IE */
604  this_rsn = sec80211_find_rsn ( ( union ieee80211_ie * ) pkt->data,
605  pkt->data + pkt->datalen,
606  &this_is_rsn, &this_rsn_end );
607  if ( this_rsn )
608  new_rsn = sec80211_find_rsn ( ( union ieee80211_ie * )
609  this_rsn_end,
610  pkt->data + pkt->datalen,
611  &new_is_rsn, &new_rsn_end );
612  else
613  new_rsn = NULL;
614 
615  if ( ! ctx->ap_rsn_ie || ! this_rsn ||
616  ctx->ap_rsn_ie_len != ( this_rsn_end - this_rsn ) ||
617  ctx->ap_rsn_is_rsn != this_is_rsn ||
618  memcmp ( ctx->ap_rsn_ie, this_rsn, ctx->ap_rsn_ie_len ) != 0 ) {
619  DBGC ( ctx, "WPA %p ALERT: RSN mismatch in 3/4\n", ctx );
620  DBGC2 ( ctx, "WPA %p RSNs (in 3/4, in beacon):\n", ctx );
621  DBGC2_HD ( ctx, this_rsn, this_rsn_end - this_rsn );
622  DBGC2_HD ( ctx, ctx->ap_rsn_ie, ctx->ap_rsn_ie_len );
623  return wpa_fail ( ctx, -EACCES );
624  }
625 
626  /* Don't switch if they just supplied both styles of IE
627  simultaneously; we need two RSN IEs or two WPA IEs to
628  switch ciphers. They'll be immediately consecutive because
629  of ordering guarantees. */
630  if ( new_rsn && this_is_rsn == new_is_rsn ) {
631  struct net80211_wlan *assoc = ctx->dev->associating;
632  DBGC ( ctx, "WPA %p: accommodating bait-and-switch tactics\n",
633  ctx );
634  DBGC2 ( ctx, "WPA %p RSNs (in 3/4+beacon, new in 3/4):\n",
635  ctx );
636  DBGC2_HD ( ctx, this_rsn, this_rsn_end - this_rsn );
637  DBGC2_HD ( ctx, new_rsn, new_rsn_end - new_rsn );
638 
639  if ( ( rc = sec80211_detect_ie ( new_is_rsn, new_rsn,
640  new_rsn_end,
641  &assoc->handshaking,
642  &assoc->crypto ) ) != 0 )
643  DBGC ( ctx, "WPA %p: bait-and-switch invalid, staying "
644  "with original request\n", ctx );
645  } else {
646  new_rsn = this_rsn;
647  new_is_rsn = this_is_rsn;
648  new_rsn_end = this_rsn_end;
649  }
650 
651  /* Grab group cryptosystem ID */
652  ctx->gcrypt = sec80211_rsn_get_net80211_crypt ( *( u32 * )
653  ( new_rsn + 2 ) );
654 
655  /* Check for a GTK, if info field is encrypted */
656  if ( pkt->info & EAPOL_KEY_INFO_KEY_ENC ) {
657  rc = wpa_maybe_install_gtk ( ctx,
658  ( union ieee80211_ie * ) pkt->data,
659  pkt->data + pkt->datalen,
660  pkt->rsc );
661  if ( rc < 0 ) {
662  DBGC ( ctx, "WPA %p did not install GTK in 3/4: %s\n",
663  ctx, strerror ( rc ) );
664  if ( rc != -ENOENT )
665  return wpa_fail ( ctx, rc );
666  }
667  }
668 
669  DBGC ( ctx, "WPA %p: received 3/4, looks OK\n", ctx );
670 
671  /* Send final message */
672  rc = wpa_send_final ( ctx, pkt, is_rsn, kie );
673  if ( rc < 0 )
674  return wpa_fail ( ctx, rc );
675 
676  /* Install PTK */
677  rc = wpa_install_ptk ( ctx, pkt->keysize );
678  if ( rc < 0 ) {
679  DBGC ( ctx, "WPA %p failed to install PTK: %s\n", ctx,
680  strerror ( rc ) );
681  return wpa_fail ( ctx, rc );
682  }
683 
684  /* Mark us as needing a new Snonce if we rekey */
685  ctx->have_Snonce = 0;
686 
687  /* Done! */
688  ctx->state = WPA_SUCCESS;
689  return 0;
690 }
EINVAL
#define EINVAL
Invalid argument.
Definition: errno.h:428
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
WPA_WORKING
Performing 4-Way Handshake.
Definition: wpa.h:184
net80211_wlan
Structure representing a probed network.
Definition: net80211.h:1056
net80211_wlan::crypto
enum net80211_crypto_alg crypto
Cryptographic algorithm used on the network.
Definition: net80211.h:1087
EAPOL_KEY_INFO_KEY_ENC
#define EAPOL_KEY_INFO_KEY_ENC
Key Encrypted bit; set when the Key Data field is encrypted.
Definition: wpa.h:71
net80211_wlan::handshaking
enum net80211_security_proto handshaking
Security handshaking method used on the network.
Definition: net80211.h:1084
DBGC
#define DBGC(...)
Definition: compiler.h:505
wpa_install_ptk
static int wpa_install_ptk(struct wpa_common_ctx *ctx, int len)
Install pairwise transient key.
Definition: wpa.c:331
ENOENT
#define ENOENT
No such file or directory.
Definition: errno.h:514
EACCES
#define EACCES
Permission denied.
Definition: errno.h:298
eapol_key_pkt::nonce
u8 nonce[32]
Nonce value.
Definition: wpa.h:131
eapol_key_pkt::keysize
u16 keysize
Length of encryption key to be used, network byte order.
Definition: wpa.h:116
wpa_fail
static int wpa_fail(struct wpa_common_ctx *ctx, int rc)
Return an error code and deauthenticate.
Definition: wpa.c:56
eapol_key_pkt::rsc
u8 rsc[8]
Receive sequence counter for GTK.
Definition: wpa.h:148
WPA_SUCCESS
4-Way Handshake succeeded
Definition: wpa.h:187
WPA_NONCE_LEN
#define WPA_NONCE_LEN
Length of a nonce.
Definition: wpa.h:204
eapol_key_pkt::info
u16 info
Bitfield of key characteristics, network byte order.
Definition: wpa.h:110
strerror
char * strerror(int errno)
Retrieve string representation of error number.
Definition: strerror.c:78
DBGC2_HD
#define DBGC2_HD(...)
Definition: compiler.h:524
WPA_WAITING
Waiting for PMK to be set.
Definition: wpa.h:178
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
eapol_key_pkt::datalen
u16 datalen
Length of the data field in bytes, network byte order.
Definition: wpa.h:163
wpa_maybe_install_gtk
static int wpa_maybe_install_gtk(struct wpa_common_ctx *ctx, union ieee80211_ie *ie, void *ie_end, const void *rsc)
Search for group transient key, and install it if found.
Definition: wpa.c:369
ieee80211_ie
Any 802.11 information element.
Definition: ieee80211.h:972
sec80211_detect_ie
int sec80211_detect_ie(int is_rsn, u8 *start, u8 *end, enum net80211_security_proto *secprot, enum net80211_crypto_alg *crypt)
Detect crypto and AKM types from RSN information element.
Definition: sec80211.c:340
eapol_key_pkt::data
u8 data[0]
Key data.
Definition: wpa.h:171
DBGC2
#define DBGC2(...)
Definition: compiler.h:522
sec80211_rsn_get_net80211_crypt
enum net80211_crypto_alg sec80211_rsn_get_net80211_crypt(u32 desc)
Determine net80211 cryptosystem number from RSN descriptor.
Definition: sec80211.c:508
memcmp
int memcmp(const void *first, const void *second, size_t len)
Compare memory regions.
Definition: string.c:114
sec80211_find_rsn
u8 * sec80211_find_rsn(union ieee80211_ie *ie, void *ie_end, int *is_rsn, u8 **end)
Find the RSN or WPA information element in the provided beacon frame.
Definition: sec80211.c:283
NULL
#define NULL
NULL pointer (VOID *)
Definition: Base.h:321
u8
uint8_t u8
Definition: stdint.h:19
u32
uint32_t u32
Definition: stdint.h:23
wpa_send_final
static int wpa_send_final(struct wpa_common_ctx *ctx, struct eapol_key_pkt *pkt, int is_rsn, struct wpa_kie *kie)
Send fourth frame in 4-Way Handshake, or second in Group Key Handshake.
Definition: wpa.c:544

References net80211_wlan::crypto, ctx, eapol_key_pkt::data, eapol_key_pkt::datalen, DBGC, DBGC2, DBGC2_HD, EACCES, EAPOL_KEY_INFO_KEY_ENC, EINVAL, ENOENT, net80211_wlan::handshaking, eapol_key_pkt::info, eapol_key_pkt::keysize, memcmp(), eapol_key_pkt::nonce, NULL, rc, eapol_key_pkt::rsc, sec80211_detect_ie(), sec80211_find_rsn(), sec80211_rsn_get_net80211_crypt(), strerror(), wpa_fail(), wpa_install_ptk(), wpa_maybe_install_gtk(), WPA_NONCE_LEN, wpa_send_final(), WPA_SUCCESS, WPA_WAITING, and WPA_WORKING.

Referenced by eapol_key_rx().

◆ wpa_handle_1_of_2()

static int wpa_handle_1_of_2 ( struct wpa_common_ctx ctx,
struct eapol_key_pkt pkt,
int  is_rsn,
struct wpa_kie kie 
)
static

Handle receipt of first frame in Group Key Handshake.

Parameters
ctxWPA common context
pktEAPOL-Key packet
is_rsnIf TRUE, frame uses new RSN format
kieKey integrity and encryption handler
Return values
rcReturn status code

Definition at line 702 of file wpa.c.

705 {
706  int rc;
707 
708  /*
709  * WPA and RSN do this completely differently.
710  *
711  * The idea of encoding the GTK (or PMKID, or various other
712  * things) into a KDE that looks like an information element
713  * is an RSN innovation; old WPA code never encapsulates
714  * things like that. If it looks like an info element, it
715  * really is (for the WPA IE check in frames 2/4 and 3/4). The
716  * "key data encrypted" bit in the info field is also specific
717  * to RSN.
718  *
719  * So from an old WPA host, 3/4 does not contain an
720  * encapsulated GTK. The first frame of the GK handshake
721  * contains it, encrypted, but without a KDE wrapper, and with
722  * the key ID field (which iPXE doesn't use) shoved away in
723  * the reserved bits in the info field, and the TxRx bit
724  * stealing the Install bit's spot.
725  */
726 
727  if ( is_rsn && ( pkt->info & EAPOL_KEY_INFO_KEY_ENC ) ) {
728  rc = wpa_maybe_install_gtk ( ctx,
729  ( union ieee80211_ie * ) pkt->data,
730  pkt->data + pkt->datalen,
731  pkt->rsc );
732  if ( rc < 0 ) {
733  DBGC ( ctx, "WPA %p: failed to install GTK in 1/2: "
734  "%s\n", ctx, strerror ( rc ) );
735  return wpa_fail ( ctx, rc );
736  }
737  } else {
738  rc = kie->decrypt ( &ctx->ptk.kek, pkt->iv, pkt->data,
739  &pkt->datalen );
740  if ( rc < 0 ) {
741  DBGC ( ctx, "WPA %p: failed to decrypt GTK: %s\n",
742  ctx, strerror ( rc ) );
743  return rc; /* non-fatal */
744  }
745  if ( pkt->datalen > sizeof ( ctx->gtk.tk ) ) {
746  DBGC ( ctx, "WPA %p: too much GTK data (%d > %zd)\n",
747  ctx, pkt->datalen, sizeof ( ctx->gtk.tk ) );
748  return wpa_fail ( ctx, -EINVAL );
749  }
750 
751  memcpy ( &ctx->gtk.tk, pkt->data, pkt->datalen );
752  wpa_install_gtk ( ctx, pkt->datalen, pkt->rsc );
753  }
754 
755  DBGC ( ctx, "WPA %p: received 1/2, looks OK\n", ctx );
756 
757  return wpa_send_final ( ctx, pkt, is_rsn, kie );
758 }
EINVAL
#define EINVAL
Invalid argument.
Definition: errno.h:428
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
EAPOL_KEY_INFO_KEY_ENC
#define EAPOL_KEY_INFO_KEY_ENC
Key Encrypted bit; set when the Key Data field is encrypted.
Definition: wpa.h:71
DBGC
#define DBGC(...)
Definition: compiler.h:505
wpa_fail
static int wpa_fail(struct wpa_common_ctx *ctx, int rc)
Return an error code and deauthenticate.
Definition: wpa.c:56
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
eapol_key_pkt::rsc
u8 rsc[8]
Receive sequence counter for GTK.
Definition: wpa.h:148
eapol_key_pkt::info
u16 info
Bitfield of key characteristics, network byte order.
Definition: wpa.h:110
wpa_kie::decrypt
int(* decrypt)(const void *kek, const void *iv, void *msg, u16 *len)
Decrypt key data.
Definition: wpa.h:403
strerror
char * strerror(int errno)
Retrieve string representation of error number.
Definition: strerror.c:78
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
eapol_key_pkt::datalen
u16 datalen
Length of the data field in bytes, network byte order.
Definition: wpa.h:163
wpa_maybe_install_gtk
static int wpa_maybe_install_gtk(struct wpa_common_ctx *ctx, union ieee80211_ie *ie, void *ie_end, const void *rsc)
Search for group transient key, and install it if found.
Definition: wpa.c:369
ieee80211_ie
Any 802.11 information element.
Definition: ieee80211.h:972
eapol_key_pkt::data
u8 data[0]
Key data.
Definition: wpa.h:171
eapol_key_pkt::iv
u8 iv[16]
Initialization vector.
Definition: wpa.h:139
wpa_install_gtk
static int wpa_install_gtk(struct wpa_common_ctx *ctx, int len, const void *rsc)
Install group transient key.
Definition: wpa.c:349
wpa_send_final
static int wpa_send_final(struct wpa_common_ctx *ctx, struct eapol_key_pkt *pkt, int is_rsn, struct wpa_kie *kie)
Send fourth frame in 4-Way Handshake, or second in Group Key Handshake.
Definition: wpa.c:544

References ctx, eapol_key_pkt::data, eapol_key_pkt::datalen, DBGC, wpa_kie::decrypt, EAPOL_KEY_INFO_KEY_ENC, EINVAL, eapol_key_pkt::info, eapol_key_pkt::iv, memcpy(), rc, eapol_key_pkt::rsc, strerror(), wpa_fail(), wpa_install_gtk(), wpa_maybe_install_gtk(), and wpa_send_final().

Referenced by eapol_key_rx().

◆ eapol_key_rx()

static int eapol_key_rx ( struct eapol_supplicant supplicant,
struct io_buffer iob,
const void *  ll_source 
)
static

Handle receipt of EAPOL-Key frame for WPA.

Parameters
supplicantEAPoL supplicant
iobI/O buffer
ll_sourceSource link-layer address

Definition at line 768 of file wpa.c.

770 {
771  struct net_device *netdev = supplicant->eap.netdev;
772  struct net80211_device *dev = net80211_get ( netdev );
773  struct eapol_header *eapol;
774  struct eapol_key_pkt *pkt;
775  int is_rsn, found_ctx;
776  struct wpa_common_ctx *ctx;
777  int rc = 0;
778  struct wpa_kie *kie;
779  u8 their_mic[16], our_mic[16];
780 
781  eapol = iob->data;
782  pkt = ( ( ( void * ) eapol ) + sizeof ( *eapol ) );
783 
784  if ( pkt->type != EAPOL_KEY_TYPE_WPA &&
785  pkt->type != EAPOL_KEY_TYPE_RSN ) {
786  DBG ( "EAPOL-Key: packet not of 802.11 type\n" );
787  rc = -EINVAL;
788  goto drop;
789  }
790 
791  is_rsn = ( pkt->type == EAPOL_KEY_TYPE_RSN );
792 
793  if ( ! dev ) {
794  DBG ( "EAPOL-Key: packet not from 802.11\n" );
795  rc = -EINVAL;
796  goto drop;
797  }
798 
799  if ( memcmp ( dev->bssid, ll_source, ETH_ALEN ) != 0 ) {
800  DBG ( "EAPOL-Key: packet not from associated AP\n" );
801  rc = -EINVAL;
802  goto drop;
803  }
804 
805  if ( ! ( ntohs ( pkt->info ) & EAPOL_KEY_INFO_KEY_ACK ) ) {
806  DBG ( "EAPOL-Key: packet sent in wrong direction\n" );
807  rc = -EINVAL;
808  goto drop;
809  }
810 
811  found_ctx = 0;
812  list_for_each_entry ( ctx, &wpa_contexts, list ) {
813  if ( ctx->dev == dev ) {
814  found_ctx = 1;
815  break;
816  }
817  }
818 
819  if ( ! found_ctx ) {
820  DBG ( "EAPOL-Key: no WPA context to handle packet for %p\n",
821  dev );
822  rc = -ENOENT;
823  goto drop;
824  }
825 
826  if ( ( void * ) ( pkt + 1 ) + ntohs ( pkt->datalen ) > iob->tail ) {
827  DBGC ( ctx, "WPA %p: packet truncated (has %zd extra bytes, "
828  "states %d)\n", ctx, iob->tail - ( void * ) ( pkt + 1 ),
829  ntohs ( pkt->datalen ) );
830  rc = -EINVAL;
831  goto drop;
832  }
833 
834  /* Get a handle on key integrity/encryption handler */
835  kie = wpa_find_kie ( ntohs ( pkt->info ) & EAPOL_KEY_INFO_VERSION );
836  if ( ! kie ) {
837  DBGC ( ctx, "WPA %p: no support for packet version %d\n", ctx,
838  ntohs ( pkt->info ) & EAPOL_KEY_INFO_VERSION );
839  rc = wpa_fail ( ctx, -ENOTSUP );
840  goto drop;
841  }
842 
843  /* Check MIC */
844  if ( ntohs ( pkt->info ) & EAPOL_KEY_INFO_KEY_MIC ) {
845  memcpy ( their_mic, pkt->mic, sizeof ( pkt->mic ) );
846  memset ( pkt->mic, 0, sizeof ( pkt->mic ) );
847  kie->mic ( &ctx->ptk.kck, eapol,
848  sizeof ( *eapol ) + sizeof ( *pkt ) +
849  ntohs ( pkt->datalen ), our_mic );
850  DBGC2 ( ctx, "WPA %p MIC comparison (theirs, ours):\n", ctx );
851  DBGC2_HD ( ctx, their_mic, 16 );
852  DBGC2_HD ( ctx, our_mic, 16 );
853  if ( memcmp ( their_mic, our_mic, sizeof ( pkt->mic ) ) != 0 ) {
854  DBGC ( ctx, "WPA %p: EAPOL MIC failure\n", ctx );
855  goto drop;
856  }
857  }
858 
859  /* Fix byte order to local */
860  pkt->info = ntohs ( pkt->info );
861  pkt->keysize = ntohs ( pkt->keysize );
862  pkt->datalen = ntohs ( pkt->datalen );
863  pkt->replay = be64_to_cpu ( pkt->replay );
864 
865  /* Check replay counter */
866  if ( ctx->replay != ~0ULL && ctx->replay >= pkt->replay ) {
867  DBGC ( ctx, "WPA %p ALERT: Replay detected! "
868  "(%08x:%08x >= %08x:%08x)\n", ctx,
869  ( u32 ) ( ctx->replay >> 32 ), ( u32 ) ctx->replay,
870  ( u32 ) ( pkt->replay >> 32 ), ( u32 ) pkt->replay );
871  rc = 0; /* ignore without error */
872  goto drop;
873  }
874  ctx->replay = pkt->replay;
875 
876  /* Decrypt key data */
877  if ( pkt->info & EAPOL_KEY_INFO_KEY_ENC ) {
878  rc = kie->decrypt ( &ctx->ptk.kek, pkt->iv, pkt->data,
879  &pkt->datalen );
880  if ( rc < 0 ) {
881  DBGC ( ctx, "WPA %p: failed to decrypt packet: %s\n",
882  ctx, strerror ( rc ) );
883  goto drop;
884  }
885  }
886 
887  /* Hand it off to appropriate handler */
888  switch ( pkt->info & ( EAPOL_KEY_INFO_TYPE |
889  EAPOL_KEY_INFO_KEY_MIC ) ) {
890  case EAPOL_KEY_TYPE_PTK:
891  rc = wpa_handle_1_of_4 ( ctx, pkt, is_rsn, kie );
892  break;
893 
894  case EAPOL_KEY_TYPE_PTK | EAPOL_KEY_INFO_KEY_MIC:
895  rc = wpa_handle_3_of_4 ( ctx, pkt, is_rsn, kie );
896  break;
897 
898  case EAPOL_KEY_TYPE_GTK | EAPOL_KEY_INFO_KEY_MIC:
899  rc = wpa_handle_1_of_2 ( ctx, pkt, is_rsn, kie );
900  break;
901 
902  default:
903  DBGC ( ctx, "WPA %p: Invalid combination of key flags %04x\n",
904  ctx, pkt->info );
905  rc = -EINVAL;
906  break;
907  }
908 
909  drop:
910  free_iob ( iob );
911  return rc;
912 }
wpa_handle_3_of_4
static int wpa_handle_3_of_4(struct wpa_common_ctx *ctx, struct eapol_key_pkt *pkt, int is_rsn, struct wpa_kie *kie)
Handle receipt of third frame in 4-Way Handshake.
Definition: wpa.c:583
EINVAL
#define EINVAL
Invalid argument.
Definition: errno.h:428
eapol_key_pkt::type
u8 type
One of the EAPOL_KEY_TYPE_* defines.
Definition: wpa.h:107
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
eapol_key_pkt
An EAPOL-Key packet.
Definition: wpa.h:104
EAPOL_KEY_INFO_KEY_ENC
#define EAPOL_KEY_INFO_KEY_ENC
Key Encrypted bit; set when the Key Data field is encrypted.
Definition: wpa.h:71
free_iob
void free_iob(struct io_buffer *iobuf)
Free I/O buffer.
Definition: iobuf.c:146
wpa_kie
WPA handshake key integrity and encryption handler.
Definition: wpa.h:371
DBGC
#define DBGC(...)
Definition: compiler.h:505
ENOENT
#define ENOENT
No such file or directory.
Definition: errno.h:514
ntohs
#define ntohs(value)
Definition: byteswap.h:136
eapol_key_pkt::keysize
u16 keysize
Length of encryption key to be used, network byte order.
Definition: wpa.h:116
wpa_contexts
struct list_head wpa_contexts
List of WPA contexts in active use.
Definition: wpa.c:46
wpa_handle_1_of_4
static int wpa_handle_1_of_4(struct wpa_common_ctx *ctx, struct eapol_key_pkt *pkt, int is_rsn, struct wpa_kie *kie)
Handle receipt of first frame in 4-Way Handshake.
Definition: wpa.c:512
ENOTSUP
#define ENOTSUP
Operation not supported.
Definition: errno.h:589
EAPOL_KEY_TYPE_WPA
#define EAPOL_KEY_TYPE_WPA
Old EAPOL-Key type field used by WPA1 hardware before 802.11i ratified.
Definition: wpa.h:38
wpa_fail
static int wpa_fail(struct wpa_common_ctx *ctx, int rc)
Return an error code and deauthenticate.
Definition: wpa.c:56
eapol_key_pkt::mic
u8 mic[16]
Message integrity code over the entire EAPOL frame.
Definition: wpa.h:160
io_buffer::tail
void * tail
End of data.
Definition: iobuf.h:50
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
EAPOL_KEY_TYPE_GTK
#define EAPOL_KEY_TYPE_GTK
Key type field value for a GTK (group) key handshake.
Definition: wpa.h:87
eapol_header
EAPoL header.
Definition: eapol.h:18
EAPOL_KEY_INFO_VERSION
#define EAPOL_KEY_INFO_VERSION
Key descriptor version, indicating WPA or WPA2.
Definition: wpa.h:47
EAPOL_KEY_INFO_KEY_ACK
#define EAPOL_KEY_INFO_KEY_ACK
Key ACK bit; set when a response is required, on all messages except #4.
Definition: wpa.h:56
list_for_each_entry
#define list_for_each_entry(pos, head, member)
Iterate over entries in a list.
Definition: list.h:431
wpa_find_kie
struct wpa_kie * wpa_find_kie(int version)
Find WPA key integrity and encryption handler from key version field.
Definition: wpa.c:92
eapol_supplicant::eap
struct eap_supplicant eap
EAP supplicant.
Definition: eapol.h:42
netdev
static struct net_device * netdev
Definition: gdbudp.c:52
wpa_common_ctx
Common context for WPA security handshaking.
Definition: wpa.h:291
eapol_key_pkt::info
u16 info
Bitfield of key characteristics, network byte order.
Definition: wpa.h:110
wpa_kie::decrypt
int(* decrypt)(const void *kek, const void *iv, void *msg, u16 *len)
Decrypt key data.
Definition: wpa.h:403
EAPOL_KEY_TYPE_RSN
#define EAPOL_KEY_TYPE_RSN
EAPOL-Key type field for modern 802.11i/RSN WPA packets.
Definition: wpa.h:35
strerror
char * strerror(int errno)
Retrieve string representation of error number.
Definition: strerror.c:78
be64_to_cpu
#define be64_to_cpu(value)
Definition: byteswap.h:117
DBGC2_HD
#define DBGC2_HD(...)
Definition: compiler.h:524
net80211_device
Structure encapsulating the complete state of an 802.11 device.
Definition: net80211.h:786
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
wpa_kie::mic
void(* mic)(const void *kck, const void *msg, size_t len, void *mic)
Calculate MIC over message.
Definition: wpa.h:388
net_device
A network device.
Definition: netdevice.h:352
wpa_handle_1_of_2
static int wpa_handle_1_of_2(struct wpa_common_ctx *ctx, struct eapol_key_pkt *pkt, int is_rsn, struct wpa_kie *kie)
Handle receipt of first frame in Group Key Handshake.
Definition: wpa.c:702
eapol_key_pkt::datalen
u16 datalen
Length of the data field in bytes, network byte order.
Definition: wpa.h:163
ETH_ALEN
#define ETH_ALEN
Definition: if_ether.h:8
net80211_get
struct net80211_device * net80211_get(struct net_device *netdev)
Get 802.11 device from wrapping network device.
Definition: net80211.c:624
eapol_key_pkt::data
u8 data[0]
Key data.
Definition: wpa.h:171
DBGC2
#define DBGC2(...)
Definition: compiler.h:522
io_buffer::data
void * data
Start of data.
Definition: iobuf.h:48
eapol_key_pkt::iv
u8 iv[16]
Initialization vector.
Definition: wpa.h:139
EAPOL_KEY_INFO_KEY_MIC
#define EAPOL_KEY_INFO_KEY_MIC
Key MIC bit; set when the MIC field is valid, on messages 3 and 4.
Definition: wpa.h:59
eap_supplicant::netdev
struct net_device * netdev
Network device.
Definition: eap.h:140
net80211_device::bssid
u8 bssid[ETH_ALEN]
MAC address of the access point most recently associated.
Definition: net80211.h:954
EAPOL_KEY_TYPE_PTK
#define EAPOL_KEY_TYPE_PTK
Key type field value for a PTK (pairwise) key handshake.
Definition: wpa.h:84
DBG
#define DBG(...)
Print a debugging message.
Definition: compiler.h:498
memcmp
int memcmp(const void *first, const void *second, size_t len)
Compare memory regions.
Definition: string.c:114
eapol_key_pkt::replay
u64 replay
Monotonically increasing value for EAPOL-Key conversations.
Definition: wpa.h:124
u8
uint8_t u8
Definition: stdint.h:19
u32
uint32_t u32
Definition: stdint.h:23
memset
void * memset(void *dest, int character, size_t len) __nonnull
EAPOL_KEY_INFO_TYPE
#define EAPOL_KEY_INFO_TYPE
Key type bit, indicating pairwise or group.
Definition: wpa.h:50

References be64_to_cpu, net80211_device::bssid, ctx, io_buffer::data, eapol_key_pkt::data, eapol_key_pkt::datalen, DBG, DBGC, DBGC2, DBGC2_HD, wpa_kie::decrypt, eapol_supplicant::eap, EAPOL_KEY_INFO_KEY_ACK, EAPOL_KEY_INFO_KEY_ENC, EAPOL_KEY_INFO_KEY_MIC, EAPOL_KEY_INFO_TYPE, EAPOL_KEY_INFO_VERSION, EAPOL_KEY_TYPE_GTK, EAPOL_KEY_TYPE_PTK, EAPOL_KEY_TYPE_RSN, EAPOL_KEY_TYPE_WPA, EINVAL, ENOENT, ENOTSUP, ETH_ALEN, free_iob(), eapol_key_pkt::info, eapol_key_pkt::iv, eapol_key_pkt::keysize, list_for_each_entry, memcmp(), memcpy(), memset(), eapol_key_pkt::mic, wpa_kie::mic, net80211_get(), netdev, eap_supplicant::netdev, ntohs, rc, eapol_key_pkt::replay, strerror(), io_buffer::tail, eapol_key_pkt::type, wpa_contexts, wpa_fail(), wpa_find_kie(), wpa_handle_1_of_2(), wpa_handle_1_of_4(), and wpa_handle_3_of_4().

◆ REQUIRING_SYMBOL()

REQUIRING_SYMBOL ( eapol_key_handler  )

◆ REQUIRE_OBJECT()

REQUIRE_OBJECT ( eapol  )

Variable Documentation

◆ wpa_contexts

struct list_head wpa_contexts = LIST_HEAD_INIT ( wpa_contexts )

List of WPA contexts in active use.

Definition at line 46 of file wpa.c.

Referenced by eapol_key_rx(), wpa_start(), and wpa_stop().

◆ __eapol_handler

struct eapol_handler eapol_key_handler __eapol_handler
Initial value:
= {
.type = EAPOL_TYPE_KEY,
.rx = eapol_key_rx,
}
eapol_key_rx
static int eapol_key_rx(struct eapol_supplicant *supplicant, struct io_buffer *iob, const void *ll_source)
Handle receipt of EAPOL-Key frame for WPA.
Definition: wpa.c:768
EAPOL_TYPE_KEY
#define EAPOL_TYPE_KEY
EAPoL key.
Definition: eapol.h:37

Definition at line 914 of file wpa.c.

Generated by   doxygen 1.8.15