iPXE
Data Structures | Macros | Enumerations | Functions | Variables
wpa.h File Reference

Common definitions for all types of WPA-protected networks. More...

#include <ipxe/ieee80211.h>
#include <ipxe/list.h>

Go to the source code of this file.

Data Structures

struct  eapol_key_pkt
 An EAPOL-Key packet. More...
 
struct  tkip_tk
 Structure of the Temporal Key for TKIP encryption. More...
 
union  wpa_tk
 Structure of a generic Temporal Key. More...
 
struct  wpa_ptk
 Structure of the Pairwise Transient Key. More...
 
struct  wpa_gtk
 Structure of the Group Transient Key. More...
 
struct  wpa_common_ctx
 Common context for WPA security handshaking. More...
 
struct  wpa_kie
 WPA handshake key integrity and encryption handler. More...
 
struct  wpa_kde_gtk_encap
 Payload structure of the GTK-encapsulating KDE. More...
 
struct  wpa_kde
 Any key descriptor element type. More...
 

Macros

#define EAPOL_KEY_TYPE_RSN   2
 EAPOL-Key type field for modern 802.11i/RSN WPA packets. More...
 
#define EAPOL_KEY_TYPE_WPA   254
 Old EAPOL-Key type field used by WPA1 hardware before 802.11i ratified. More...
 
#define EAPOL_KEY_INFO_VERSION   0x0007
 Key descriptor version, indicating WPA or WPA2. More...
 
#define EAPOL_KEY_INFO_TYPE   0x0008
 Key type bit, indicating pairwise or group. More...
 
#define EAPOL_KEY_INFO_INSTALL   0x0040
 Key install bit; set on message 3 except when legacy hacks are used. More...
 
#define EAPOL_KEY_INFO_KEY_ACK   0x0080
 Key ACK bit; set when a response is required, on all messages except #4. More...
 
#define EAPOL_KEY_INFO_KEY_MIC   0x0100
 Key MIC bit; set when the MIC field is valid, on messages 3 and 4. More...
 
#define EAPOL_KEY_INFO_SECURE   0x0200
 Secure bit; set when both sides have both keys, on messages 3 and 4. More...
 
#define EAPOL_KEY_INFO_ERROR   0x0400
 Error bit; set on a MIC failure for TKIP. More...
 
#define EAPOL_KEY_INFO_REQUEST   0x0800
 Request bit; set when authentication is initiated by the Peer (unusual) More...
 
#define EAPOL_KEY_INFO_KEY_ENC   0x1000
 Key Encrypted bit; set when the Key Data field is encrypted. More...
 
#define EAPOL_KEY_INFO_SMC_MESS   0x2000
 SMC Message bit; set when this frame is part of an IBSS SMK handshake. More...
 
#define EAPOL_KEY_VERSION_WPA   1
 Key descriptor version field value for WPA (TKIP) More...
 
#define EAPOL_KEY_VERSION_WPA2   2
 Key descriptor version field value for WPA2 (CCMP) More...
 
#define EAPOL_KEY_TYPE_PTK   0x0008
 Key type field value for a PTK (pairwise) key handshake. More...
 
#define EAPOL_KEY_TYPE_GTK   0x0000
 Key type field value for a GTK (group) key handshake. More...
 
#define WPA_NONCE_LEN   32
 Length of a nonce. More...
 
#define WPA_TKIP_KEY_LEN   16
 Length of a TKIP main key. More...
 
#define WPA_TKIP_MIC_KEY_LEN   8
 Length of a TKIP MIC key. More...
 
#define WPA_CCMP_KEY_LEN   16
 Length of a CCMP key. More...
 
#define WPA_KCK_LEN   16
 Length of an EAPOL Key Confirmation Key. More...
 
#define WPA_KEK_LEN   16
 Length of an EAPOL Key Encryption Key. More...
 
#define WPA_PMK_LEN   32
 Usual length of a Pairwise Master Key. More...
 
#define WPA_PMKID_LEN   16
 Length of a PMKID. More...
 
#define WPA_KIES   __table ( struct wpa_kie, "wpa_kies" )
 
#define __wpa_kie   __table_entry ( WPA_KIES, 01 )
 
#define WPA_GTK_KID   0x03
 Mask for Key ID in wpa_kde_gtk::id field. More...
 
#define WPA_GTK_TXBIT   0x04
 Mask for Tx bit in wpa_kde_gtk::id field. More...
 
#define WPA_KDE_GTK   _MKOUI ( 0x00, 0x0F, 0xAC, 0x01 )
 KDE type for an encapsulated Group Transient Key (requires encryption) More...
 
#define WPA_KDE_MAC   _MKOUI ( 0x00, 0x0F, 0xAC, 0x03 )
 KDE type for a MAC address. More...
 
#define WPA_KDE_PMKID   _MKOUI ( 0x00, 0x0F, 0xAC, 0x04 )
 KDE type for a PMKID. More...
 
#define WPA_KDE_NONCE   _MKOUI ( 0x00, 0x0F, 0xAC, 0x06 )
 KDE type for a nonce. More...
 
#define WPA_KDE_LIFETIME   _MKOUI ( 0x00, 0x0F, 0xAC, 0x07 )
 KDE type for a lifetime value. More...
 

Enumerations

enum  wpa_state {
  WPA_WAITING = 0, WPA_READY, WPA_WORKING, WPA_SUCCESS,
  WPA_FAILURE
}
 WPA handshaking state. More...
 
enum  wpa_keymask { WPA_PTK = 1, WPA_GTK = 2 }
 Bitfield indicating a selection of WPA transient keys. More...
 

Functions

 FILE_LICENCE (GPL2_OR_LATER)
 
struct eapol_key_pkt __attribute__ ((packed)) mic
 Michael MIC keys. More...
 
int wpa_make_rsn_ie (struct net80211_device *dev, union ieee80211_ie **ie)
 Construct RSN or WPA information element. More...
 
int wpa_start (struct net80211_device *dev, struct wpa_common_ctx *ctx, const void *pmk, size_t pmk_len)
 Set up generic WPA support to handle 4-Way Handshake. More...
 
void wpa_stop (struct net80211_device *dev)
 Disable handling of received WPA handshake frames. More...
 

Variables

u8 type
 One of the EAPOL_KEY_TYPE_* defines. More...
 
u16 info
 Bitfield of key characteristics, network byte order. More...
 
u16 keysize
 Length of encryption key to be used, network byte order. More...
 
u64 replay
 Monotonically increasing value for EAPOL-Key conversations. More...
 
u8 nonce [32]
 Nonce value. More...
 
u8 iv [16]
 Initialization vector. More...
 
u8 rsc [8]
 Receive sequence counter for GTK. More...
 
u8 _reserved [8]
 Reserved bytes. More...
 
u8 mic [16]
 Message integrity code over the entire EAPOL frame. More...
 
u16 datalen
 Length of the data field in bytes, network byte order. More...
 
u8 data [0]
 Key data. More...
 
enum wpa_state __attribute__
 
u8 rx [WPA_TKIP_MIC_KEY_LEN]
 MIC key for packets from the AP. More...
 
u8 tx [WPA_TKIP_MIC_KEY_LEN]
 MIC key for packets to the AP. More...
 
u8 key [WPA_TKIP_KEY_LEN]
 Main key: input to TKIP Phase 1 and Phase 2 key mixing functions. More...
 
u8 kck [WPA_KCK_LEN]
 EAPOL-Key Key Confirmation Key (KCK) More...
 
u8 kek [WPA_KEK_LEN]
 EAPOL-Key Key Encryption Key (KEK) More...
 
union wpa_tk tk
 Temporal key. More...
 
u8 id
 Key ID and TX bit. More...
 
u8 _rsvd
 Reserved byte. More...
 
struct wpa_gtk gtk
 Encapsulated group transient key. More...
 
u8 ie_type
 Information element type: always 0xDD (IEEE80211_IE_VENDOR) More...
 
u8 len
 Length, not including ie_type and length fields. More...
 
u32 oui_type
 OUI + type byte. More...
 
union {
   struct wpa_kde_gtk_encap   gtk_encap
 For GTK-type KDEs, encapsulated GTK. More...
 
   u8   mac [ETH_ALEN]
 For MAC-type KDEs, the MAC address. More...
 
   u8   pmkid [WPA_PMKID_LEN]
 For PMKID-type KDEs, the PMKID. More...
 
   u8   nonce [WPA_NONCE_LEN]
 For Nonce-type KDEs, the nonce. More...
 
   u32   lifetime
 For Lifetime-type KDEs, the lifetime in seconds. More...
 
}; 
 Payload data. More...
 

Detailed Description

Common definitions for all types of WPA-protected networks.

Definition in file wpa.h.

Macro Definition Documentation

◆ EAPOL_KEY_TYPE_RSN

#define EAPOL_KEY_TYPE_RSN   2

EAPOL-Key type field for modern 802.11i/RSN WPA packets.

Definition at line 35 of file wpa.h.

◆ EAPOL_KEY_TYPE_WPA

#define EAPOL_KEY_TYPE_WPA   254

Old EAPOL-Key type field used by WPA1 hardware before 802.11i ratified.

Definition at line 38 of file wpa.h.

◆ WPA_NONCE_LEN

#define WPA_NONCE_LEN   32

Length of a nonce.

Definition at line 204 of file wpa.h.

◆ WPA_TKIP_KEY_LEN

#define WPA_TKIP_KEY_LEN   16

Length of a TKIP main key.

Definition at line 207 of file wpa.h.

◆ WPA_TKIP_MIC_KEY_LEN

#define WPA_TKIP_MIC_KEY_LEN   8

Length of a TKIP MIC key.

Definition at line 210 of file wpa.h.

◆ WPA_CCMP_KEY_LEN

#define WPA_CCMP_KEY_LEN   16

Length of a CCMP key.

Definition at line 213 of file wpa.h.

◆ WPA_KCK_LEN

#define WPA_KCK_LEN   16

Length of an EAPOL Key Confirmation Key.

Definition at line 216 of file wpa.h.

◆ WPA_KEK_LEN

#define WPA_KEK_LEN   16

Length of an EAPOL Key Encryption Key.

Definition at line 219 of file wpa.h.

◆ WPA_PMK_LEN

#define WPA_PMK_LEN   32

Usual length of a Pairwise Master Key.

Definition at line 222 of file wpa.h.

◆ WPA_PMKID_LEN

#define WPA_PMKID_LEN   16

Length of a PMKID.

Definition at line 225 of file wpa.h.

◆ WPA_KIES

#define WPA_KIES   __table ( struct wpa_kie, "wpa_kies" )

Definition at line 407 of file wpa.h.

◆ __wpa_kie

#define __wpa_kie   __table_entry ( WPA_KIES, 01 )

Definition at line 408 of file wpa.h.

Enumeration Type Documentation

◆ wpa_state

enum wpa_state

WPA handshaking state.

Enumerator
WPA_WAITING 

Waiting for PMK to be set.

WPA_READY 

Ready for 4-Way Handshake.

WPA_WORKING 

Performing 4-Way Handshake.

WPA_SUCCESS 

4-Way Handshake succeeded

WPA_FAILURE 

4-Way Handshake failed

Definition at line 176 of file wpa.h.

176  {
177  /** Waiting for PMK to be set */
178  WPA_WAITING = 0,
179 
180  /** Ready for 4-Way Handshake */
181  WPA_READY,
182 
183  /** Performing 4-Way Handshake */
184  WPA_WORKING,
185 
186  /** 4-Way Handshake succeeded */
187  WPA_SUCCESS,
188 
189  /** 4-Way Handshake failed */
190  WPA_FAILURE,
191 };
WPA_WORKING
Performing 4-Way Handshake.
Definition: wpa.h:184
WPA_READY
Ready for 4-Way Handshake.
Definition: wpa.h:181
WPA_SUCCESS
4-Way Handshake succeeded
Definition: wpa.h:187
WPA_WAITING
Waiting for PMK to be set.
Definition: wpa.h:178
WPA_FAILURE
4-Way Handshake failed
Definition: wpa.h:190

◆ wpa_keymask

enum wpa_keymask

Bitfield indicating a selection of WPA transient keys.

Enumerator
WPA_PTK 

Pairwise transient key.

WPA_GTK 

Group transient key.

Definition at line 194 of file wpa.h.

194  {
195  /** Pairwise transient key */
196  WPA_PTK = 1,
197 
198  /** Group transient key */
199  WPA_GTK = 2,
200 };
WPA_PTK
Pairwise transient key.
Definition: wpa.h:196
WPA_GTK
Group transient key.
Definition: wpa.h:199

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER  )

◆ wpa_make_rsn_ie()

int wpa_make_rsn_ie ( struct net80211_device dev,
union ieee80211_ie **  ie_ret 
)

Construct RSN or WPA information element.

Parameters
dev802.11 device
Return values
ie_retRSN or WPA information element
rcReturn status code

This function allocates, fills, and returns a RSN or WPA information element suitable for including in an association request frame to the network identified by dev->associating. If it is impossible to construct an information element consistent with iPXE's capabilities that is compatible with that network, or if none should be sent because that network's beacon included no security information, returns an error indication and leaves ie_ret unchanged.

The returned IE will be of the same type (RSN or WPA) as was included in the beacon for the network it is destined for.

Definition at line 125 of file wpa.c.

126 {
127  u8 *rsn, *rsn_end;
128  int is_rsn;
129  u32 group_cipher;
130  enum net80211_crypto_alg gcrypt;
131  int ie_len;
132  u8 *iep;
133  struct ieee80211_ie_rsn *ie;
134  struct ieee80211_frame *hdr;
135  struct ieee80211_beacon *beacon;
136 
137  if ( ! dev->associating ) {
138  DBG ( "WPA: Can't make RSN IE for a non-associating device\n" );
139  return -EINVAL;
140  }
141 
142  hdr = dev->associating->beacon->data;
143  beacon = ( struct ieee80211_beacon * ) hdr->data;
144  rsn = sec80211_find_rsn ( beacon->info_element,
145  dev->associating->beacon->tail, &is_rsn,
146  &rsn_end );
147  if ( ! rsn ) {
148  DBG ( "WPA: Can't make RSN IE when we didn't get one\n" );
149  return -EINVAL;
150  }
151 
152  rsn += 2; /* skip version */
153  group_cipher = *( u32 * ) rsn;
154  gcrypt = sec80211_rsn_get_net80211_crypt ( group_cipher );
155 
156  if ( ! wpa_find_cryptosystem ( gcrypt ) ||
157  ! wpa_find_cryptosystem ( dev->associating->crypto ) ) {
158  DBG ( "WPA: No support for (GC:%d, PC:%d)\n",
159  gcrypt, dev->associating->crypto );
160  return -ENOTSUP;
161  }
162 
163  /* Everything looks good - make our IE. */
164 
165  /* WPA IEs need 4 more bytes for the OUI+type */
166  ie_len = ieee80211_rsn_size ( 1, 1, 0, is_rsn ) + ( 4 * ! is_rsn );
167  iep = malloc ( ie_len );
168  if ( ! iep )
169  return -ENOMEM;
170 
171  *ie_ret = ( union ieee80211_ie * ) iep;
172 
173  /* Store ID and length bytes. */
174  *iep++ = ( is_rsn ? IEEE80211_IE_RSN : IEEE80211_IE_VENDOR );
175  *iep++ = ie_len - 2;
176 
177  /* Store OUI+type for WPA IEs. */
178  if ( ! is_rsn ) {
179  *( u32 * ) iep = IEEE80211_WPA_OUI_VEN;
180  iep += 4;
181  }
182 
183  /* If this is a WPA IE, the id and len bytes in the
184  ieee80211_ie_rsn structure will not be valid, but by doing
185  the cast we can fill all the other fields much more
186  readily. */
187 
188  ie = ( struct ieee80211_ie_rsn * ) ( iep - 2 );
189  ie->version = IEEE80211_RSN_VERSION;
190  ie->group_cipher = group_cipher;
191  ie->pairwise_count = 1;
192  ie->pairwise_cipher[0] =
193  sec80211_rsn_get_crypto_desc ( dev->associating->crypto,
194  is_rsn );
195  ie->akm_count = 1;
196  ie->akm_list[0] =
197  sec80211_rsn_get_akm_desc ( dev->associating->handshaking,
198  is_rsn );
199  if ( is_rsn ) {
200  ie->rsn_capab = 0;
201  ie->pmkid_count = 0;
202  }
203 
204  return 0;
205 }
ieee80211_ie_rsn::akm_list
u32 akm_list[1]
List of authentication type IDs for supported types.
Definition: ieee80211.h:821
EINVAL
#define EINVAL
Invalid argument.
Definition: errno.h:429
net80211_wlan::crypto
enum net80211_crypto_alg crypto
Cryptographic algorithm used on the network.
Definition: net80211.h:1087
wpa_find_cryptosystem
static struct net80211_crypto * wpa_find_cryptosystem(enum net80211_crypto_alg crypt)
Find a cryptosystem handler structure from a crypto ID.
Definition: wpa.c:74
ieee80211_ie_rsn::version
u16 version
RSN information element version.
Definition: ieee80211.h:806
hdr
struct golan_inbox_hdr hdr
Message header.
Definition: CIB_PRM.h:28
ieee80211_ie_rsn::rsn_capab
u16 rsn_capab
Security capabilities field (RSN only)
Definition: ieee80211.h:824
net80211_wlan::handshaking
enum net80211_security_proto handshaking
Security handshaking method used on the network.
Definition: net80211.h:1084
ieee80211_frame
An 802.11 data or management frame without QoS or WDS header fields.
Definition: ieee80211.h:300
ENOTSUP
#define ENOTSUP
Operation not supported.
Definition: errno.h:590
ieee80211_ie_rsn::pmkid_count
u16 pmkid_count
Number of PMKIDs included (present only in association frames)
Definition: ieee80211.h:827
io_buffer::tail
void * tail
End of data.
Definition: iobuf.h:55
ENOMEM
#define ENOMEM
Not enough space.
Definition: errno.h:535
ieee80211_rsn_size
static size_t ieee80211_rsn_size(int npair, int nauth, int npmkid, int rsn_ie)
Calculate necessary size of RSN information element.
Definition: ieee80211.h:844
ieee80211_ie_rsn::group_cipher
u32 group_cipher
Cipher ID for the cipher used in multicast/broadcast frames.
Definition: ieee80211.h:809
IEEE80211_WPA_OUI_VEN
#define IEEE80211_WPA_OUI_VEN
Old vendor-type WPA IE OUI type + subtype.
Definition: ieee80211.h:869
ieee80211_beacon
#define ieee80211_beacon
Definition: ieee80211.h:1069
ieee80211_ie_rsn::akm_count
u16 akm_count
Number of authentication types supported.
Definition: ieee80211.h:818
IEEE80211_IE_VENDOR
#define IEEE80211_IE_VENDOR
Information element ID for Vendor Specific information element.
Definition: ieee80211.h:960
ieee80211_ie_rsn::pairwise_cipher
u32 pairwise_cipher[1]
List of cipher IDs for supported unicast frame ciphers.
Definition: ieee80211.h:815
IEEE80211_IE_RSN
#define IEEE80211_IE_RSN
Information element ID for Robust Security Network information element.
Definition: ieee80211.h:834
ieee80211_ie_rsn::pairwise_count
u16 pairwise_count
Number of unicast ciphers supported.
Definition: ieee80211.h:812
ieee80211_ie
Any 802.11 information element.
Definition: ieee80211.h:972
malloc
void * malloc(size_t size)
Allocate memory.
Definition: malloc.c:621
net80211_device::associating
struct net80211_wlan * associating
Network with which we are associating.
Definition: net80211.h:866
ieee80211_ie_rsn
802.11 Robust Security Network ("WPA") information element
Definition: ieee80211.h:798
sec80211_rsn_get_crypto_desc
u32 sec80211_rsn_get_crypto_desc(enum net80211_crypto_alg crypt, int rsnie)
Determine RSN descriptor for specified net80211 cryptosystem number.
Definition: sec80211.c:482
sec80211_rsn_get_akm_desc
u32 sec80211_rsn_get_akm_desc(enum net80211_security_proto secprot, int rsnie)
Determine RSN descriptor for specified net80211 handshaker number.
Definition: sec80211.c:497
net80211_crypto_alg
net80211_crypto_alg
An 802.11 data encryption algorithm.
Definition: net80211.h:129
io_buffer::data
void * data
Start of data.
Definition: iobuf.h:53
group_cipher
u32 group_cipher
Cipher ID for the cipher used in multicast/broadcast frames.
Definition: ieee80211.h:24
IEEE80211_RSN_VERSION
#define IEEE80211_RSN_VERSION
802.11 RSN IE: expected version number
Definition: ieee80211.h:873
sec80211_rsn_get_net80211_crypt
enum net80211_crypto_alg sec80211_rsn_get_net80211_crypt(u32 desc)
Determine net80211 cryptosystem number from RSN descriptor.
Definition: sec80211.c:509
DBG
#define DBG(...)
Print a debugging message.
Definition: compiler.h:498
net80211_wlan::beacon
struct io_buffer * beacon
The complete beacon or probe-response frame received.
Definition: net80211.h:1081
sec80211_find_rsn
u8 * sec80211_find_rsn(union ieee80211_ie *ie, void *ie_end, int *is_rsn, u8 **end)
Find the RSN or WPA information element in the provided beacon frame.
Definition: sec80211.c:284
u8
uint8_t u8
Definition: stdint.h:20
u32
uint32_t u32
Definition: stdint.h:24

References ieee80211_ie_rsn::akm_count, ieee80211_ie_rsn::akm_list, net80211_device::associating, net80211_wlan::beacon, net80211_wlan::crypto, io_buffer::data, DBG, EINVAL, ENOMEM, ENOTSUP, group_cipher, ieee80211_ie_rsn::group_cipher, net80211_wlan::handshaking, hdr, ieee80211_beacon, IEEE80211_IE_RSN, IEEE80211_IE_VENDOR, ieee80211_rsn_size(), IEEE80211_RSN_VERSION, IEEE80211_WPA_OUI_VEN, malloc(), ieee80211_ie_rsn::pairwise_cipher, ieee80211_ie_rsn::pairwise_count, ieee80211_ie_rsn::pmkid_count, ieee80211_ie_rsn::rsn_capab, sec80211_find_rsn(), sec80211_rsn_get_akm_desc(), sec80211_rsn_get_crypto_desc(), sec80211_rsn_get_net80211_crypt(), io_buffer::tail, ieee80211_ie_rsn::version, and wpa_find_cryptosystem().

Referenced by wpa_psk_init().

◆ wpa_start()

int wpa_start ( struct net80211_device dev,
struct wpa_common_ctx ctx,
const void *  pmk,
size_t  pmk_len 
)

Set up generic WPA support to handle 4-Way Handshake.

Parameters
dev802.11 device
ctxWPA common context
pmkPairwise Master Key to use for session
pmk_lenLength of PMK, almost always 32
Return values
rcReturn status code

Definition at line 217 of file wpa.c.

219 {
220  struct io_buffer *iob;
221  struct ieee80211_frame *hdr;
222  struct ieee80211_beacon *beacon;
223  u8 *ap_rsn_ie = NULL, *ap_rsn_ie_end;
224 
225  if ( ! dev->rsn_ie || ! dev->associating )
226  return -EINVAL;
227 
228  ctx->dev = dev;
229  memcpy ( ctx->pmk, pmk, ctx->pmk_len = pmk_len );
230  ctx->state = WPA_READY;
231  ctx->replay = ~0ULL;
232 
233  iob = dev->associating->beacon;
234  hdr = iob->data;
235  beacon = ( struct ieee80211_beacon * ) hdr->data;
236  ap_rsn_ie = sec80211_find_rsn ( beacon->info_element, iob->tail,
237  &ctx->ap_rsn_is_rsn, &ap_rsn_ie_end );
238  if ( ap_rsn_ie ) {
239  ctx->ap_rsn_ie = malloc ( ap_rsn_ie_end - ap_rsn_ie );
240  if ( ! ctx->ap_rsn_ie )
241  return -ENOMEM;
242  memcpy ( ctx->ap_rsn_ie, ap_rsn_ie, ap_rsn_ie_end - ap_rsn_ie );
243  ctx->ap_rsn_ie_len = ap_rsn_ie_end - ap_rsn_ie;
244  } else {
245  return -ENOENT;
246  }
247 
248  ctx->crypt = dev->associating->crypto;
249  ctx->gcrypt = NET80211_CRYPT_UNKNOWN;
250 
251  list_add_tail ( &ctx->list, &wpa_contexts );
252  return 0;
253 }
EINVAL
#define EINVAL
Invalid argument.
Definition: errno.h:429
net80211_wlan::crypto
enum net80211_crypto_alg crypto
Cryptographic algorithm used on the network.
Definition: net80211.h:1087
NET80211_CRYPT_UNKNOWN
Dummy value used when the cryptosystem can't be detected.
Definition: net80211.h:177
hdr
struct golan_inbox_hdr hdr
Message header.
Definition: CIB_PRM.h:28
ieee80211_frame
An 802.11 data or management frame without QoS or WDS header fields.
Definition: ieee80211.h:300
ENOENT
#define ENOENT
No such file or directory.
Definition: errno.h:515
net80211_device::rsn_ie
union ieee80211_ie * rsn_ie
RSN or WPA information element to include with association.
Definition: net80211.h:932
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
wpa_contexts
struct list_head wpa_contexts
List of WPA contexts in active use.
Definition: wpa.c:47
WPA_READY
Ready for 4-Way Handshake.
Definition: wpa.h:181
io_buffer::tail
void * tail
End of data.
Definition: iobuf.h:55
ENOMEM
#define ENOMEM
Not enough space.
Definition: errno.h:535
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
list_add_tail
#define list_add_tail(new, head)
Add a new entry to the tail of a list.
Definition: list.h:94
ieee80211_beacon
#define ieee80211_beacon
Definition: ieee80211.h:1069
malloc
void * malloc(size_t size)
Allocate memory.
Definition: malloc.c:621
net80211_device::associating
struct net80211_wlan * associating
Network with which we are associating.
Definition: net80211.h:866
io_buffer::data
void * data
Start of data.
Definition: iobuf.h:53
net80211_wlan::beacon
struct io_buffer * beacon
The complete beacon or probe-response frame received.
Definition: net80211.h:1081
sec80211_find_rsn
u8 * sec80211_find_rsn(union ieee80211_ie *ie, void *ie_end, int *is_rsn, u8 **end)
Find the RSN or WPA information element in the provided beacon frame.
Definition: sec80211.c:284
NULL
#define NULL
NULL pointer (VOID *)
Definition: Base.h:322
u8
uint8_t u8
Definition: stdint.h:20
io_buffer
A persistent I/O buffer.
Definition: iobuf.h:38

References net80211_device::associating, net80211_wlan::beacon, net80211_wlan::crypto, ctx, io_buffer::data, EINVAL, ENOENT, ENOMEM, hdr, ieee80211_beacon, list_add_tail, malloc(), memcpy(), NET80211_CRYPT_UNKNOWN, NULL, net80211_device::rsn_ie, sec80211_find_rsn(), io_buffer::tail, wpa_contexts, and WPA_READY.

Referenced by wpa_psk_start().

◆ wpa_stop()

void wpa_stop ( struct net80211_device dev)

Disable handling of received WPA handshake frames.

Parameters
dev802.11 device

Definition at line 261 of file wpa.c.

262 {
263  struct wpa_common_ctx *ctx, *tmp;
264 
265  list_for_each_entry_safe ( ctx, tmp, &wpa_contexts, list ) {
266  if ( ctx->dev == dev ) {
267  free ( ctx->ap_rsn_ie );
268  ctx->ap_rsn_ie = NULL;
269  list_del ( &ctx->list );
270  }
271  }
272 }
wpa_common_ctx::dev
struct net80211_device * dev
802.11 device we are authenticating for
Definition: wpa.h:294
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
wpa_contexts
struct list_head wpa_contexts
List of WPA contexts in active use.
Definition: wpa.c:47
tmp
unsigned long tmp
Definition: linux_pci.h:65
list_del
#define list_del(list)
Delete an entry from a list.
Definition: list.h:120
wpa_common_ctx
Common context for WPA security handshaking.
Definition: wpa.h:291
list_for_each_entry_safe
#define list_for_each_entry_safe(pos, tmp, head, member)
Iterate over entries in a list, safe against deletion of the current entry.
Definition: list.h:459
free
static void(* free)(struct refcnt *refcnt))
Definition: refcnt.h:55
wpa_common_ctx::list
struct list_head list
List entry.
Definition: wpa.h:362
NULL
#define NULL
NULL pointer (VOID *)
Definition: Base.h:322

References ctx, wpa_common_ctx::dev, free, wpa_common_ctx::list, list_del, list_for_each_entry_safe, NULL, tmp, and wpa_contexts.

Referenced by wpa_psk_stop().

Variable Documentation

◆ type

u8 type

One of the EAPOL_KEY_TYPE_* defines.

Definition at line 28 of file wpa.h.

◆ info

u16 info

Bitfield of key characteristics, network byte order.

Definition at line 31 of file wpa.h.

◆ keysize

u16 keysize

Length of encryption key to be used, network byte order.

This is 16 for CCMP, 32 for TKIP, and 5 or 13 for WEP.

Definition at line 37 of file wpa.h.

Referenced by ecdsa_alloc(), ecdsa_parse_signature(), ecdsa_prepend_signature(), ecdsa_sign_rs(), ecdsa_verify_rs(), elliptic_curve_okx(), elliptic_multiply_okx(), and tls_send_client_key_exchange_ecdhe().

◆ replay

u64 replay

Monotonically increasing value for EAPOL-Key conversations.

In another classic demonstration of overengineering, this 8-byte value will rarely be anything above 1. It's stored in network byte order.

Definition at line 45 of file wpa.h.

◆ nonce

u8 nonce[WPA_NONCE_LEN]

Nonce value.

For Nonce-type KDEs, the nonce.

This is the authenticator's ANonce in frame 1, the peer's SNonce in frame 2, and 0 in frames 3 and 4.

Definition at line 52 of file wpa.h.

Referenced by ccmp_cbc_mac(), ccmp_ctr_xor(), ccmp_decrypt(), ccmp_encrypt(), get_entropy_input_tmp(), make_next_nonce(), and ntlm_response().

◆ iv

u8 iv[16]

Initialization vector.

This contains the IV used with the Key Encryption Key, or 0 if the key is unencrypted or encrypted using an algorithm that does not require an IV.

Definition at line 60 of file wpa.h.

Referenced by cbc_setiv(), cipher_cost(), cipher_setiv(), gcm_setiv(), tkip_kie_decrypt(), tls_new_ciphertext(), tls_send_record(), wep_decrypt(), and wep_encrypt().

◆ rsc

u8 rsc[8]

Receive sequence counter for GTK.

This is used to synchronize the client's replay counter for ordinary data packets. The first six bytes contain PN0 through PN5 for CCMP mode, or TSC0 through TSC5 for TKIP mode. The last two bytes are zero.

Definition at line 69 of file wpa.h.

Referenced by ccmp_init(), sec80211_install(), tkip_init(), wpa_install_gtk(), and wpa_maybe_install_gtk().

◆ _reserved

u8 _reserved[8]

Reserved bytes.

Definition at line 72 of file wpa.h.

◆ mic

u8 mic[16]

Message integrity code over the entire EAPOL frame.

This is calculated using HMAC-MD5 when the key descriptor version field in info is 1, and HMAC-SHA1 ignoring the last 4 bytes of the hash when the version field in info is 2.

Definition at line 81 of file wpa.h.

Referenced by ccmp_cbc_mac(), ccmp_encrypt(), ccmp_kie_mic(), tkip_decrypt(), tkip_encrypt(), tkip_kie_mic(), and tkip_michael().

◆ datalen

u16 datalen

Length of the data field in bytes, network byte order.

Definition at line 84 of file wpa.h.

Referenced by ccmp_cbc_mac(), ccmp_decrypt(), ccmp_encrypt(), tkip_decrypt(), tkip_encrypt(), wep_decrypt(), and wep_encrypt().

◆ data

u8 data[0]

Key data.

This is formatted as a series of 802.11 information elements, with cryptographic data encapsulated using a "vendor-specific IE" code and an IEEE-specified OUI.

Definition at line 92 of file wpa.h.

◆ __attribute__

struct wpa_common_ctx __attribute__

◆ rx

u8 rx

MIC key for packets from the AP.

Definition at line 234 of file wpa.h.

Referenced by ar9003_hw_set_chain_masks(), ath_hw_cycle_counters_update(), atl_poll_rx(), atl_rx_ring_fill(), cgem_poll_rx(), cgem_refill_rx(), dwmac_poll_rx(), dwmac_refill_rx(), exanic_poll_rx(), gve_close(), gve_open(), gve_poll_rx(), gve_refill_rx(), gve_start(), gve_stop(), ice_context_rx(), intel_describe_rx(), intel_poll_rx(), intel_refill_rx(), intelxl_context_rx(), intelxl_refill_rx(), intelxlvf_admin_stats(), ipair_rx(), iscsi_socket_deliver(), myson_poll_rx(), myson_refill_rx(), natsemi_poll_rx(), natsemi_refill_rx(), rdc_poll_rx(), rdc_refill_rx(), realtek_legacy_poll_rx(), realtek_poll_rx(), realtek_refill_rx(), sky2_status_intr(), and smsc95xx_dump_statistics().

◆ tx

u8 tx

MIC key for packets to the AP.

Definition at line 237 of file wpa.h.

Referenced by ar9003_hw_set_chain_masks(), ath_hw_cycle_counters_update(), atl_poll_tx(), atl_transmit(), bnxt_service_cq(), cgem_poll_tx(), cgem_transmit(), dwmac_poll_tx(), dwmac_transmit(), exanic_open(), exanic_transmit(), gve_close(), gve_open(), gve_poll_tx(), gve_start(), gve_stop(), gve_transmit(), intel_describe_tx(), intel_describe_tx_adv(), intel_poll_tx(), intel_transmit(), intelxl_context_tx(), intelxl_transmit(), intelxlvf_admin_stats(), ipair_expired(), iscsi_tx_step(), myson_poll_tx(), myson_transmit(), natsemi_poll_tx(), natsemi_transmit(), phantom_transmit(), rdc_poll_tx(), rdc_transmit(), realtek_poll_tx(), realtek_transmit(), and smsc95xx_dump_statistics().

◆ key

u8 key[WPA_TKIP_KEY_LEN]

Main key: input to TKIP Phase 1 and Phase 2 key mixing functions.

Definition at line 28 of file wpa.h.

◆ kck

u8 kck[WPA_KCK_LEN]

EAPOL-Key Key Confirmation Key (KCK)

Definition at line 28 of file wpa.h.

Referenced by ccmp_kie_mic(), and tkip_kie_mic().

◆ kek

u8 kek[WPA_KEK_LEN]

EAPOL-Key Key Encryption Key (KEK)

Definition at line 31 of file wpa.h.

Referenced by aes_unwrap(), aes_wrap(), ccmp_kie_decrypt(), and tkip_kie_decrypt().

◆ tk

union wpa_tk tk

Temporal key.

Definition at line 34 of file wpa.h.

Referenced by tkip_mix_1(), and tkip_mix_2().

◆ id

u8 id

Key ID and TX bit.

Definition at line 28 of file wpa.h.

◆ _rsvd

u8 _rsvd

Reserved byte.

Definition at line 31 of file wpa.h.

◆ gtk

struct wpa_gtk gtk

Encapsulated group transient key.

Definition at line 34 of file wpa.h.

◆ ie_type

u8 ie_type

Information element type: always 0xDD (IEEE80211_IE_VENDOR)

Definition at line 28 of file wpa.h.

◆ len

u8 len

Length, not including ie_type and length fields.

Definition at line 31 of file wpa.h.

◆ oui_type

u32 oui_type

OUI + type byte.

Definition at line 34 of file wpa.h.

Referenced by rsn_pick_desc().

◆ gtk_encap

struct wpa_kde_gtk_encap gtk_encap

For GTK-type KDEs, encapsulated GTK.

Definition at line 39 of file wpa.h.

◆ mac

u8 mac[ETH_ALEN]

For MAC-type KDEs, the MAC address.

Definition at line 42 of file wpa.h.

◆ pmkid

u8 pmkid[WPA_PMKID_LEN]

For PMKID-type KDEs, the PMKID.

Definition at line 45 of file wpa.h.

◆ lifetime

u32 lifetime

For Lifetime-type KDEs, the lifetime in seconds.

This is in network byte order!

Definition at line 54 of file wpa.h.

Referenced by ndp_register_settings(), and tls_new_session_ticket().

◆ @671

union { ... }

Payload data.

Generated by   doxygen 1.8.15