iPXE
Data Structures | Macros | Enumerations | Functions | Variables
wpa.h File Reference

Common definitions for all types of WPA-protected networks. More...

#include <ipxe/ieee80211.h>
#include <ipxe/list.h>

Go to the source code of this file.

Data Structures

struct  eapol_key_pkt
 An EAPOL-Key packet. More...
 
struct  tkip_tk
 Structure of the Temporal Key for TKIP encryption. More...
 
union  wpa_tk
 Structure of a generic Temporal Key. More...
 
struct  wpa_ptk
 Structure of the Pairwise Transient Key. More...
 
struct  wpa_gtk
 Structure of the Group Transient Key. More...
 
struct  wpa_common_ctx
 Common context for WPA security handshaking. More...
 
struct  wpa_kie
 WPA handshake key integrity and encryption handler. More...
 
struct  wpa_kde_gtk_encap
 Payload structure of the GTK-encapsulating KDE. More...
 
struct  wpa_kde
 Any key descriptor element type. More...
 

Macros

#define EAPOL_KEY_TYPE_RSN   2
 EAPOL-Key type field for modern 802.11i/RSN WPA packets. More...
 
#define EAPOL_KEY_TYPE_WPA   254
 Old EAPOL-Key type field used by WPA1 hardware before 802.11i ratified. More...
 
#define EAPOL_KEY_INFO_VERSION   0x0007
 Key descriptor version, indicating WPA or WPA2. More...
 
#define EAPOL_KEY_INFO_TYPE   0x0008
 Key type bit, indicating pairwise or group. More...
 
#define EAPOL_KEY_INFO_INSTALL   0x0040
 Key install bit; set on message 3 except when legacy hacks are used. More...
 
#define EAPOL_KEY_INFO_KEY_ACK   0x0080
 Key ACK bit; set when a response is required, on all messages except #4. More...
 
#define EAPOL_KEY_INFO_KEY_MIC   0x0100
 Key MIC bit; set when the MIC field is valid, on messages 3 and 4. More...
 
#define EAPOL_KEY_INFO_SECURE   0x0200
 Secure bit; set when both sides have both keys, on messages 3 and 4. More...
 
#define EAPOL_KEY_INFO_ERROR   0x0400
 Error bit; set on a MIC failure for TKIP. More...
 
#define EAPOL_KEY_INFO_REQUEST   0x0800
 Request bit; set when authentication is initiated by the Peer (unusual) More...
 
#define EAPOL_KEY_INFO_KEY_ENC   0x1000
 Key Encrypted bit; set when the Key Data field is encrypted. More...
 
#define EAPOL_KEY_INFO_SMC_MESS   0x2000
 SMC Message bit; set when this frame is part of an IBSS SMK handshake. More...
 
#define EAPOL_KEY_VERSION_WPA   1
 Key descriptor version field value for WPA (TKIP) More...
 
#define EAPOL_KEY_VERSION_WPA2   2
 Key descriptor version field value for WPA2 (CCMP) More...
 
#define EAPOL_KEY_TYPE_PTK   0x0008
 Key type field value for a PTK (pairwise) key handshake. More...
 
#define EAPOL_KEY_TYPE_GTK   0x0000
 Key type field value for a GTK (group) key handshake. More...
 
#define WPA_NONCE_LEN   32
 Length of a nonce. More...
 
#define WPA_TKIP_KEY_LEN   16
 Length of a TKIP main key. More...
 
#define WPA_TKIP_MIC_KEY_LEN   8
 Length of a TKIP MIC key. More...
 
#define WPA_CCMP_KEY_LEN   16
 Length of a CCMP key. More...
 
#define WPA_KCK_LEN   16
 Length of an EAPOL Key Confirmation Key. More...
 
#define WPA_KEK_LEN   16
 Length of an EAPOL Key Encryption Key. More...
 
#define WPA_PMK_LEN   32
 Usual length of a Pairwise Master Key. More...
 
#define WPA_PMKID_LEN   16
 Length of a PMKID. More...
 
#define WPA_KIES   __table ( struct wpa_kie, "wpa_kies" )
 
#define __wpa_kie   __table_entry ( WPA_KIES, 01 )
 
#define WPA_GTK_KID   0x03
 Mask for Key ID in wpa_kde_gtk::id field. More...
 
#define WPA_GTK_TXBIT   0x04
 Mask for Tx bit in wpa_kde_gtk::id field. More...
 
#define WPA_KDE_GTK   _MKOUI ( 0x00, 0x0F, 0xAC, 0x01 )
 KDE type for an encapsulated Group Transient Key (requires encryption) More...
 
#define WPA_KDE_MAC   _MKOUI ( 0x00, 0x0F, 0xAC, 0x03 )
 KDE type for a MAC address. More...
 
#define WPA_KDE_PMKID   _MKOUI ( 0x00, 0x0F, 0xAC, 0x04 )
 KDE type for a PMKID. More...
 
#define WPA_KDE_NONCE   _MKOUI ( 0x00, 0x0F, 0xAC, 0x06 )
 KDE type for a nonce. More...
 
#define WPA_KDE_LIFETIME   _MKOUI ( 0x00, 0x0F, 0xAC, 0x07 )
 KDE type for a lifetime value. More...
 

Enumerations

enum  wpa_state {
  WPA_WAITING = 0, WPA_READY, WPA_WORKING, WPA_SUCCESS,
  WPA_FAILURE
}
 WPA handshaking state. More...
 
enum  wpa_keymask { WPA_PTK = 1, WPA_GTK = 2 }
 Bitfield indicating a selection of WPA transient keys. More...
 

Functions

 FILE_LICENCE (GPL2_OR_LATER)
 
struct eapol_key_pkt __attribute__ ((packed)) mic
 Michael MIC keys. More...
 
int wpa_make_rsn_ie (struct net80211_device *dev, union ieee80211_ie **ie)
 Construct RSN or WPA information element. More...
 
int wpa_start (struct net80211_device *dev, struct wpa_common_ctx *ctx, const void *pmk, size_t pmk_len)
 Set up generic WPA support to handle 4-Way Handshake. More...
 
void wpa_stop (struct net80211_device *dev)
 Disable handling of received WPA handshake frames. More...
 

Variables

u8 type
 One of the EAPOL_KEY_TYPE_* defines. More...
 
u16 info
 Bitfield of key characteristics, network byte order. More...
 
u16 keysize
 Length of encryption key to be used, network byte order. More...
 
u64 replay
 Monotonically increasing value for EAPOL-Key conversations. More...
 
u8 nonce [32]
 Nonce value. More...
 
u8 iv [16]
 Initialization vector. More...
 
u8 rsc [8]
 Receive sequence counter for GTK. More...
 
u8 _reserved [8]
 Reserved bytes. More...
 
u8 mic [16]
 Message integrity code over the entire EAPOL frame. More...
 
u16 datalen
 Length of the data field in bytes, network byte order. More...
 
u8 data [0]
 Key data. More...
 
enum wpa_state __attribute__
 
u8 rx [WPA_TKIP_MIC_KEY_LEN]
 MIC key for packets from the AP. More...
 
u8 tx [WPA_TKIP_MIC_KEY_LEN]
 MIC key for packets to the AP. More...
 
u8 key [WPA_TKIP_KEY_LEN]
 Main key: input to TKIP Phase 1 and Phase 2 key mixing functions. More...
 
u8 kck [WPA_KCK_LEN]
 EAPOL-Key Key Confirmation Key (KCK) More...
 
u8 kek [WPA_KEK_LEN]
 EAPOL-Key Key Encryption Key (KEK) More...
 
union wpa_tk tk
 Temporal key. More...
 
u8 id
 Key ID and TX bit. More...
 
u8 _rsvd
 Reserved byte. More...
 
struct wpa_gtk gtk
 Encapsulated group transient key. More...
 
u8 ie_type
 Information element type: always 0xDD (IEEE80211_IE_VENDOR) More...
 
u8 len
 Length, not including ie_type and length fields. More...
 
u32 oui_type
 OUI + type byte. More...
 
union {
   struct wpa_kde_gtk_encap   gtk_encap
 For GTK-type KDEs, encapsulated GTK. More...
 
   u8   mac [ETH_ALEN]
 For MAC-type KDEs, the MAC address. More...
 
   u8   pmkid [WPA_PMKID_LEN]
 For PMKID-type KDEs, the PMKID. More...
 
   u8   nonce [WPA_NONCE_LEN]
 For Nonce-type KDEs, the nonce. More...
 
   u32   lifetime
 For Lifetime-type KDEs, the lifetime in seconds. More...
 
}; 
 Payload data. More...
 

Detailed Description

Common definitions for all types of WPA-protected networks.

Definition in file wpa.h.

Macro Definition Documentation

◆ EAPOL_KEY_TYPE_RSN

#define EAPOL_KEY_TYPE_RSN   2

EAPOL-Key type field for modern 802.11i/RSN WPA packets.

Definition at line 35 of file wpa.h.

◆ EAPOL_KEY_TYPE_WPA

#define EAPOL_KEY_TYPE_WPA   254

Old EAPOL-Key type field used by WPA1 hardware before 802.11i ratified.

Definition at line 38 of file wpa.h.

◆ WPA_NONCE_LEN

#define WPA_NONCE_LEN   32

Length of a nonce.

Definition at line 204 of file wpa.h.

◆ WPA_TKIP_KEY_LEN

#define WPA_TKIP_KEY_LEN   16

Length of a TKIP main key.

Definition at line 207 of file wpa.h.

◆ WPA_TKIP_MIC_KEY_LEN

#define WPA_TKIP_MIC_KEY_LEN   8

Length of a TKIP MIC key.

Definition at line 210 of file wpa.h.

◆ WPA_CCMP_KEY_LEN

#define WPA_CCMP_KEY_LEN   16

Length of a CCMP key.

Definition at line 213 of file wpa.h.

◆ WPA_KCK_LEN

#define WPA_KCK_LEN   16

Length of an EAPOL Key Confirmation Key.

Definition at line 216 of file wpa.h.

◆ WPA_KEK_LEN

#define WPA_KEK_LEN   16

Length of an EAPOL Key Encryption Key.

Definition at line 219 of file wpa.h.

◆ WPA_PMK_LEN

#define WPA_PMK_LEN   32

Usual length of a Pairwise Master Key.

Definition at line 222 of file wpa.h.

◆ WPA_PMKID_LEN

#define WPA_PMKID_LEN   16

Length of a PMKID.

Definition at line 225 of file wpa.h.

◆ WPA_KIES

#define WPA_KIES   __table ( struct wpa_kie, "wpa_kies" )

Definition at line 407 of file wpa.h.

◆ __wpa_kie

#define __wpa_kie   __table_entry ( WPA_KIES, 01 )

Definition at line 408 of file wpa.h.

Enumeration Type Documentation

◆ wpa_state

enum wpa_state

WPA handshaking state.

Enumerator
WPA_WAITING 

Waiting for PMK to be set.

WPA_READY 

Ready for 4-Way Handshake.

WPA_WORKING 

Performing 4-Way Handshake.

WPA_SUCCESS 

4-Way Handshake succeeded

WPA_FAILURE 

4-Way Handshake failed

Definition at line 176 of file wpa.h.

176  {
177  /** Waiting for PMK to be set */
178  WPA_WAITING = 0,
179 
180  /** Ready for 4-Way Handshake */
181  WPA_READY,
182 
183  /** Performing 4-Way Handshake */
184  WPA_WORKING,
185 
186  /** 4-Way Handshake succeeded */
187  WPA_SUCCESS,
188 
189  /** 4-Way Handshake failed */
190  WPA_FAILURE,
191 };
Performing 4-Way Handshake.
Definition: wpa.h:184
Ready for 4-Way Handshake.
Definition: wpa.h:181
4-Way Handshake succeeded
Definition: wpa.h:187
Waiting for PMK to be set.
Definition: wpa.h:178
4-Way Handshake failed
Definition: wpa.h:190

◆ wpa_keymask

Bitfield indicating a selection of WPA transient keys.

Enumerator
WPA_PTK 

Pairwise transient key.

WPA_GTK 

Group transient key.

Definition at line 194 of file wpa.h.

194  {
195  /** Pairwise transient key */
196  WPA_PTK = 1,
197 
198  /** Group transient key */
199  WPA_GTK = 2,
200 };
Pairwise transient key.
Definition: wpa.h:196
Group transient key.
Definition: wpa.h:199

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER  )

◆ wpa_make_rsn_ie()

int wpa_make_rsn_ie ( struct net80211_device dev,
union ieee80211_ie **  ie_ret 
)

Construct RSN or WPA information element.

Parameters
dev802.11 device
Return values
ie_retRSN or WPA information element
rcReturn status code

This function allocates, fills, and returns a RSN or WPA information element suitable for including in an association request frame to the network identified by dev->associating. If it is impossible to construct an information element consistent with iPXE's capabilities that is compatible with that network, or if none should be sent because that network's beacon included no security information, returns an error indication and leaves ie_ret unchanged.

The returned IE will be of the same type (RSN or WPA) as was included in the beacon for the network it is destined for.

Definition at line 124 of file wpa.c.

125 {
126  u8 *rsn, *rsn_end;
127  int is_rsn;
129  enum net80211_crypto_alg gcrypt;
130  int ie_len;
131  u8 *iep;
132  struct ieee80211_ie_rsn *ie;
133  struct ieee80211_frame *hdr;
134  struct ieee80211_beacon *beacon;
135 
136  if ( ! dev->associating ) {
137  DBG ( "WPA: Can't make RSN IE for a non-associating device\n" );
138  return -EINVAL;
139  }
140 
141  hdr = dev->associating->beacon->data;
142  beacon = ( struct ieee80211_beacon * ) hdr->data;
143  rsn = sec80211_find_rsn ( beacon->info_element,
144  dev->associating->beacon->tail, &is_rsn,
145  &rsn_end );
146  if ( ! rsn ) {
147  DBG ( "WPA: Can't make RSN IE when we didn't get one\n" );
148  return -EINVAL;
149  }
150 
151  rsn += 2; /* skip version */
152  group_cipher = *( u32 * ) rsn;
154 
155  if ( ! wpa_find_cryptosystem ( gcrypt ) ||
157  DBG ( "WPA: No support for (GC:%d, PC:%d)\n",
158  gcrypt, dev->associating->crypto );
159  return -ENOTSUP;
160  }
161 
162  /* Everything looks good - make our IE. */
163 
164  /* WPA IEs need 4 more bytes for the OUI+type */
165  ie_len = ieee80211_rsn_size ( 1, 1, 0, is_rsn ) + ( 4 * ! is_rsn );
166  iep = malloc ( ie_len );
167  if ( ! iep )
168  return -ENOMEM;
169 
170  *ie_ret = ( union ieee80211_ie * ) iep;
171 
172  /* Store ID and length bytes. */
173  *iep++ = ( is_rsn ? IEEE80211_IE_RSN : IEEE80211_IE_VENDOR );
174  *iep++ = ie_len - 2;
175 
176  /* Store OUI+type for WPA IEs. */
177  if ( ! is_rsn ) {
178  *( u32 * ) iep = IEEE80211_WPA_OUI_VEN;
179  iep += 4;
180  }
181 
182  /* If this is a WPA IE, the id and len bytes in the
183  ieee80211_ie_rsn structure will not be valid, but by doing
184  the cast we can fill all the other fields much more
185  readily. */
186 
187  ie = ( struct ieee80211_ie_rsn * ) ( iep - 2 );
190  ie->pairwise_count = 1;
191  ie->pairwise_cipher[0] =
193  is_rsn );
194  ie->akm_count = 1;
195  ie->akm_list[0] =
197  is_rsn );
198  if ( is_rsn ) {
199  ie->rsn_capab = 0;
200  ie->pmkid_count = 0;
201  }
202 
203  return 0;
204 }
u32 akm_list[1]
List of authentication type IDs for supported types.
Definition: ieee80211.h:821
#define EINVAL
Invalid argument.
Definition: errno.h:428
enum net80211_crypto_alg crypto
Cryptographic algorithm used on the network.
Definition: net80211.h:1087
static struct net80211_crypto * wpa_find_cryptosystem(enum net80211_crypto_alg crypt)
Find a cryptosystem handler structure from a crypto ID.
Definition: wpa.c:73
u16 version
RSN information element version.
Definition: ieee80211.h:806
u16 rsn_capab
Security capabilities field (RSN only)
Definition: ieee80211.h:824
enum net80211_security_proto handshaking
Security handshaking method used on the network.
Definition: net80211.h:1084
An 802.11 data or management frame without QoS or WDS header fields.
Definition: ieee80211.h:300
#define ENOTSUP
Operation not supported.
Definition: errno.h:589
u16 pmkid_count
Number of PMKIDs included (present only in association frames)
Definition: ieee80211.h:827
void * tail
End of data.
Definition: iobuf.h:46
#define ENOMEM
Not enough space.
Definition: errno.h:534
static size_t ieee80211_rsn_size(int npair, int nauth, int npmkid, int rsn_ie)
Calculate necessary size of RSN information element.
Definition: ieee80211.h:844
u32 group_cipher
Cipher ID for the cipher used in multicast/broadcast frames.
Definition: ieee80211.h:809
#define IEEE80211_WPA_OUI_VEN
Old vendor-type WPA IE OUI type + subtype.
Definition: ieee80211.h:869
#define ieee80211_beacon
Definition: ieee80211.h:1069
u16 akm_count
Number of authentication types supported.
Definition: ieee80211.h:818
#define IEEE80211_IE_VENDOR
Information element ID for Vendor Specific information element.
Definition: ieee80211.h:960
u32 pairwise_cipher[1]
List of cipher IDs for supported unicast frame ciphers.
Definition: ieee80211.h:815
#define IEEE80211_IE_RSN
Information element ID for Robust Security Network information element.
Definition: ieee80211.h:834
u16 pairwise_count
Number of unicast ciphers supported.
Definition: ieee80211.h:812
Any 802.11 information element.
Definition: ieee80211.h:972
void * malloc(size_t size)
Allocate memory.
Definition: malloc.c:583
struct net80211_wlan * associating
Network with which we are associating.
Definition: net80211.h:866
uint32_t hdr
Message header.
Definition: intelvf.h:12
802.11 Robust Security Network ("WPA") information element
Definition: ieee80211.h:798
u32 sec80211_rsn_get_crypto_desc(enum net80211_crypto_alg crypt, int rsnie)
Determine RSN descriptor for specified net80211 cryptosystem number.
Definition: sec80211.c:481
u32 sec80211_rsn_get_akm_desc(enum net80211_security_proto secprot, int rsnie)
Determine RSN descriptor for specified net80211 handshaker number.
Definition: sec80211.c:496
net80211_crypto_alg
An 802.11 data encryption algorithm.
Definition: net80211.h:129
void * data
Start of data.
Definition: iobuf.h:44
u32 group_cipher
Cipher ID for the cipher used in multicast/broadcast frames.
Definition: ieee80211.h:24
#define IEEE80211_RSN_VERSION
802.11 RSN IE: expected version number
Definition: ieee80211.h:873
enum net80211_crypto_alg sec80211_rsn_get_net80211_crypt(u32 desc)
Determine net80211 cryptosystem number from RSN descriptor.
Definition: sec80211.c:508
#define DBG(...)
Print a debugging message.
Definition: compiler.h:498
struct io_buffer * beacon
The complete beacon or probe-response frame received.
Definition: net80211.h:1081
u8 * sec80211_find_rsn(union ieee80211_ie *ie, void *ie_end, int *is_rsn, u8 **end)
Find the RSN or WPA information element in the provided beacon frame.
Definition: sec80211.c:283
uint8_t u8
Definition: stdint.h:19
uint32_t u32
Definition: stdint.h:23

References ieee80211_ie_rsn::akm_count, ieee80211_ie_rsn::akm_list, net80211_device::associating, net80211_wlan::beacon, net80211_wlan::crypto, io_buffer::data, DBG, EINVAL, ENOMEM, ENOTSUP, group_cipher, ieee80211_ie_rsn::group_cipher, net80211_wlan::handshaking, hdr, ieee80211_beacon, IEEE80211_IE_RSN, IEEE80211_IE_VENDOR, ieee80211_rsn_size(), IEEE80211_RSN_VERSION, IEEE80211_WPA_OUI_VEN, malloc(), ieee80211_ie_rsn::pairwise_cipher, ieee80211_ie_rsn::pairwise_count, ieee80211_ie_rsn::pmkid_count, ieee80211_ie_rsn::rsn_capab, sec80211_find_rsn(), sec80211_rsn_get_akm_desc(), sec80211_rsn_get_crypto_desc(), sec80211_rsn_get_net80211_crypt(), io_buffer::tail, ieee80211_ie_rsn::version, and wpa_find_cryptosystem().

Referenced by wpa_psk_init().

◆ wpa_start()

int wpa_start ( struct net80211_device dev,
struct wpa_common_ctx ctx,
const void *  pmk,
size_t  pmk_len 
)

Set up generic WPA support to handle 4-Way Handshake.

Parameters
dev802.11 device
ctxWPA common context
pmkPairwise Master Key to use for session
pmk_lenLength of PMK, almost always 32
Return values
rcReturn status code

Definition at line 216 of file wpa.c.

218 {
219  struct io_buffer *iob;
220  struct ieee80211_frame *hdr;
221  struct ieee80211_beacon *beacon;
222  u8 *ap_rsn_ie = NULL, *ap_rsn_ie_end;
223 
224  if ( ! dev->rsn_ie || ! dev->associating )
225  return -EINVAL;
226 
227  ctx->dev = dev;
228  memcpy ( ctx->pmk, pmk, ctx->pmk_len = pmk_len );
229  ctx->state = WPA_READY;
230  ctx->replay = ~0ULL;
231 
232  iob = dev->associating->beacon;
233  hdr = iob->data;
234  beacon = ( struct ieee80211_beacon * ) hdr->data;
235  ap_rsn_ie = sec80211_find_rsn ( beacon->info_element, iob->tail,
236  &ctx->ap_rsn_is_rsn, &ap_rsn_ie_end );
237  if ( ap_rsn_ie ) {
238  ctx->ap_rsn_ie = malloc ( ap_rsn_ie_end - ap_rsn_ie );
239  if ( ! ctx->ap_rsn_ie )
240  return -ENOMEM;
241  memcpy ( ctx->ap_rsn_ie, ap_rsn_ie, ap_rsn_ie_end - ap_rsn_ie );
242  ctx->ap_rsn_ie_len = ap_rsn_ie_end - ap_rsn_ie;
243  } else {
244  return -ENOENT;
245  }
246 
247  ctx->crypt = dev->associating->crypto;
248  ctx->gcrypt = NET80211_CRYPT_UNKNOWN;
249 
250  list_add_tail ( &ctx->list, &wpa_contexts );
251  return 0;
252 }
#define EINVAL
Invalid argument.
Definition: errno.h:428
enum net80211_crypto_alg crypto
Cryptographic algorithm used on the network.
Definition: net80211.h:1087
Dummy value used when the cryptosystem can't be detected.
Definition: net80211.h:177
An 802.11 data or management frame without QoS or WDS header fields.
Definition: ieee80211.h:300
#define ENOENT
No such file or directory.
Definition: errno.h:514
union ieee80211_ie * rsn_ie
RSN or WPA information element to include with association.
Definition: net80211.h:932
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
struct list_head wpa_contexts
List of WPA contexts in active use.
Definition: wpa.c:46
Ready for 4-Way Handshake.
Definition: wpa.h:181
void * tail
End of data.
Definition: iobuf.h:46
#define ENOMEM
Not enough space.
Definition: errno.h:534
void * memcpy(void *dest, const void *src, size_t len) __nonnull
#define list_add_tail(new, head)
Add a new entry to the tail of a list.
Definition: list.h:93
#define ieee80211_beacon
Definition: ieee80211.h:1069
void * malloc(size_t size)
Allocate memory.
Definition: malloc.c:583
struct net80211_wlan * associating
Network with which we are associating.
Definition: net80211.h:866
uint32_t hdr
Message header.
Definition: intelvf.h:12
void * data
Start of data.
Definition: iobuf.h:44
struct io_buffer * beacon
The complete beacon or probe-response frame received.
Definition: net80211.h:1081
u8 * sec80211_find_rsn(union ieee80211_ie *ie, void *ie_end, int *is_rsn, u8 **end)
Find the RSN or WPA information element in the provided beacon frame.
Definition: sec80211.c:283
#define NULL
NULL pointer (VOID *)
Definition: Base.h:362
uint8_t u8
Definition: stdint.h:19
A persistent I/O buffer.
Definition: iobuf.h:32

References net80211_device::associating, net80211_wlan::beacon, net80211_wlan::crypto, ctx, io_buffer::data, EINVAL, ENOENT, ENOMEM, hdr, ieee80211_beacon, list_add_tail, malloc(), memcpy(), NET80211_CRYPT_UNKNOWN, NULL, net80211_device::rsn_ie, sec80211_find_rsn(), io_buffer::tail, wpa_contexts, and WPA_READY.

Referenced by wpa_psk_start().

◆ wpa_stop()

void wpa_stop ( struct net80211_device dev)

Disable handling of received WPA handshake frames.

Parameters
dev802.11 device

Definition at line 260 of file wpa.c.

261 {
262  struct wpa_common_ctx *ctx, *tmp;
263 
265  if ( ctx->dev == dev ) {
266  free ( ctx->ap_rsn_ie );
267  ctx->ap_rsn_ie = NULL;
268  list_del ( &ctx->list );
269  }
270  }
271 }
struct net80211_device * dev
802.11 device we are authenticating for
Definition: wpa.h:294
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
struct list_head wpa_contexts
List of WPA contexts in active use.
Definition: wpa.c:46
#define list_del(list)
Delete an entry from a list.
Definition: list.h:119
Common context for WPA security handshaking.
Definition: wpa.h:291
#define list_for_each_entry_safe(pos, tmp, head, member)
Iterate over entries in a list, safe against deletion of the current entry.
Definition: list.h:447
static void(* free)(struct refcnt *refcnt))
Definition: refcnt.h:54
uint8_t * tmp
Definition: entropy.h:156
struct list_head list
List entry.
Definition: wpa.h:362
#define NULL
NULL pointer (VOID *)
Definition: Base.h:362

References ctx, wpa_common_ctx::dev, free, wpa_common_ctx::list, list_del, list_for_each_entry_safe, NULL, tmp, and wpa_contexts.

Referenced by wpa_psk_stop().

Variable Documentation

◆ type

u8 type

One of the EAPOL_KEY_TYPE_* defines.

Definition at line 28 of file wpa.h.

◆ info

u16 info

Bitfield of key characteristics, network byte order.

Definition at line 31 of file wpa.h.

◆ keysize

u16 keysize

Length of encryption key to be used, network byte order.

This is 16 for CCMP, 32 for TKIP, and 5 or 13 for WEP.

Definition at line 37 of file wpa.h.

◆ replay

u64 replay

Monotonically increasing value for EAPOL-Key conversations.

In another classic demonstration of overengineering, this 8-byte value will rarely be anything above 1. It's stored in network byte order.

Definition at line 45 of file wpa.h.

◆ nonce

u8 nonce[WPA_NONCE_LEN]

Nonce value.

For Nonce-type KDEs, the nonce.

This is the authenticator's ANonce in frame 1, the peer's SNonce in frame 2, and 0 in frames 3 and 4.

Definition at line 52 of file wpa.h.

◆ iv

u8 iv[16]

Initialization vector.

This contains the IV used with the Key Encryption Key, or 0 if the key is unencrypted or encrypted using an algorithm that does not require an IV.

Definition at line 60 of file wpa.h.

Referenced by cbc_setiv(), cipher_cost(), cipher_setiv(), tkip_kie_decrypt(), tls_assemble_block(), wep_decrypt(), and wep_encrypt().

◆ rsc

u8 rsc[8]

Receive sequence counter for GTK.

This is used to synchronize the client's replay counter for ordinary data packets. The first six bytes contain PN0 through PN5 for CCMP mode, or TSC0 through TSC5 for TKIP mode. The last two bytes are zero.

Definition at line 69 of file wpa.h.

Referenced by ccmp_init(), sec80211_install(), tkip_init(), wpa_install_gtk(), and wpa_maybe_install_gtk().

◆ _reserved

u8 _reserved[8]

Reserved bytes.

Definition at line 72 of file wpa.h.

◆ mic

u8 mic[16]

Message integrity code over the entire EAPOL frame.

This is calculated using HMAC-MD5 when the key descriptor version field in info is 1, and HMAC-SHA1 ignoring the last 4 bytes of the hash when the version field in info is 2.

Definition at line 81 of file wpa.h.

Referenced by ccmp_cbc_mac(), ccmp_encrypt(), ccmp_kie_mic(), tkip_decrypt(), tkip_encrypt(), tkip_kie_mic(), and tkip_michael().

◆ datalen

u16 datalen

Length of the data field in bytes, network byte order.

Definition at line 84 of file wpa.h.

Referenced by ccmp_cbc_mac(), ccmp_decrypt(), ccmp_encrypt(), tkip_decrypt(), tkip_encrypt(), wep_decrypt(), and wep_encrypt().

◆ data

u8 data[0]

Key data.

This is formatted as a series of 802.11 information elements, with cryptographic data encapsulated using a "vendor-specific IE" code and an IEEE-specified OUI.

Definition at line 92 of file wpa.h.

◆ __attribute__

◆ rx

MIC key for packets from the AP.

Definition at line 234 of file wpa.h.

◆ tx

MIC key for packets to the AP.

Definition at line 237 of file wpa.h.

◆ key

Main key: input to TKIP Phase 1 and Phase 2 key mixing functions.

Definition at line 28 of file wpa.h.

◆ kck

EAPOL-Key Key Confirmation Key (KCK)

Definition at line 28 of file wpa.h.

Referenced by ccmp_kie_mic(), and tkip_kie_mic().

◆ kek

EAPOL-Key Key Encryption Key (KEK)

Definition at line 31 of file wpa.h.

Referenced by aes_unwrap(), aes_wrap(), ccmp_kie_decrypt(), and tkip_kie_decrypt().

◆ tk

union wpa_tk tk

Temporal key.

Definition at line 34 of file wpa.h.

Referenced by tkip_mix_1(), and tkip_mix_2().

◆ id

u8 id

Key ID and TX bit.

Definition at line 28 of file wpa.h.

◆ _rsvd

u8 _rsvd

Reserved byte.

Definition at line 31 of file wpa.h.

◆ gtk

struct wpa_gtk gtk

Encapsulated group transient key.

Definition at line 34 of file wpa.h.

◆ ie_type

u8 ie_type

Information element type: always 0xDD (IEEE80211_IE_VENDOR)

Definition at line 28 of file wpa.h.

◆ len

u8 len

Length, not including ie_type and length fields.

Definition at line 31 of file wpa.h.

◆ oui_type

u32 oui_type

OUI + type byte.

Definition at line 34 of file wpa.h.

Referenced by rsn_pick_desc().

◆ gtk_encap

struct wpa_kde_gtk_encap gtk_encap

For GTK-type KDEs, encapsulated GTK.

Definition at line 39 of file wpa.h.

◆ mac

u8 mac[ETH_ALEN]

For MAC-type KDEs, the MAC address.

Definition at line 42 of file wpa.h.

◆ pmkid

u8 pmkid[WPA_PMKID_LEN]

For PMKID-type KDEs, the PMKID.

Definition at line 45 of file wpa.h.

◆ lifetime

u32 lifetime

For Lifetime-type KDEs, the lifetime in seconds.

This is in network byte order!

Definition at line 54 of file wpa.h.

Referenced by ndp_register_settings(), and tls_new_session_ticket().

◆ @569

union { ... }

Payload data.