iPXE
Data Structures | Macros | Enumerations | Functions | Variables
wpa.h File Reference

Common definitions for all types of WPA-protected networks. More...

#include <ipxe/ieee80211.h>
#include <ipxe/list.h>

Go to the source code of this file.

Data Structures

struct  eapol_key_pkt
 An EAPOL-Key packet. More...
struct  tkip_tk
 Structure of the Temporal Key for TKIP encryption. More...
union  wpa_tk
 Structure of a generic Temporal Key. More...
struct  wpa_ptk
 Structure of the Pairwise Transient Key. More...
struct  wpa_gtk
 Structure of the Group Transient Key. More...
struct  wpa_common_ctx
 Common context for WPA security handshaking. More...
struct  wpa_kie
 WPA handshake key integrity and encryption handler. More...
struct  wpa_kde_gtk_encap
 Payload structure of the GTK-encapsulating KDE. More...
struct  wpa_kde
 Any key descriptor element type. More...

Macros

#define EAPOL_KEY_TYPE_RSN   2
 EAPOL-Key type field for modern 802.11i/RSN WPA packets.
#define EAPOL_KEY_TYPE_WPA   254
 Old EAPOL-Key type field used by WPA1 hardware before 802.11i ratified.
#define EAPOL_KEY_INFO_VERSION   0x0007
 Key descriptor version, indicating WPA or WPA2.
#define EAPOL_KEY_INFO_TYPE   0x0008
 Key type bit, indicating pairwise or group.
#define EAPOL_KEY_INFO_INSTALL   0x0040
 Key install bit; set on message 3 except when legacy hacks are used.
#define EAPOL_KEY_INFO_KEY_ACK   0x0080
 Key ACK bit; set when a response is required, on all messages except #4.
#define EAPOL_KEY_INFO_KEY_MIC   0x0100
 Key MIC bit; set when the MIC field is valid, on messages 3 and 4.
#define EAPOL_KEY_INFO_SECURE   0x0200
 Secure bit; set when both sides have both keys, on messages 3 and 4.
#define EAPOL_KEY_INFO_ERROR   0x0400
 Error bit; set on a MIC failure for TKIP.
#define EAPOL_KEY_INFO_REQUEST   0x0800
 Request bit; set when authentication is initiated by the Peer (unusual)
#define EAPOL_KEY_INFO_KEY_ENC   0x1000
 Key Encrypted bit; set when the Key Data field is encrypted.
#define EAPOL_KEY_INFO_SMC_MESS   0x2000
 SMC Message bit; set when this frame is part of an IBSS SMK handshake.
#define EAPOL_KEY_VERSION_WPA   1
 Key descriptor version field value for WPA (TKIP)
#define EAPOL_KEY_VERSION_WPA2   2
 Key descriptor version field value for WPA2 (CCMP)
#define EAPOL_KEY_TYPE_PTK   0x0008
 Key type field value for a PTK (pairwise) key handshake.
#define EAPOL_KEY_TYPE_GTK   0x0000
 Key type field value for a GTK (group) key handshake.
#define WPA_NONCE_LEN   32
 Length of a nonce.
#define WPA_TKIP_KEY_LEN   16
 Length of a TKIP main key.
#define WPA_TKIP_MIC_KEY_LEN   8
 Length of a TKIP MIC key.
#define WPA_CCMP_KEY_LEN   16
 Length of a CCMP key.
#define WPA_KCK_LEN   16
 Length of an EAPOL Key Confirmation Key.
#define WPA_KEK_LEN   16
 Length of an EAPOL Key Encryption Key.
#define WPA_PMK_LEN   32
 Usual length of a Pairwise Master Key.
#define WPA_PMKID_LEN   16
 Length of a PMKID.
#define WPA_KIES   __table ( struct wpa_kie, "wpa_kies" )
#define __wpa_kie   __table_entry ( WPA_KIES, 01 )
#define WPA_GTK_KID   0x03
 Mask for Key ID in wpa_kde_gtk::id field.
#define WPA_GTK_TXBIT   0x04
 Mask for Tx bit in wpa_kde_gtk::id field.
#define WPA_KDE_GTK   _MKOUI ( 0x00, 0x0F, 0xAC, 0x01 )
 KDE type for an encapsulated Group Transient Key (requires encryption)
#define WPA_KDE_MAC   _MKOUI ( 0x00, 0x0F, 0xAC, 0x03 )
 KDE type for a MAC address.
#define WPA_KDE_PMKID   _MKOUI ( 0x00, 0x0F, 0xAC, 0x04 )
 KDE type for a PMKID.
#define WPA_KDE_NONCE   _MKOUI ( 0x00, 0x0F, 0xAC, 0x06 )
 KDE type for a nonce.
#define WPA_KDE_LIFETIME   _MKOUI ( 0x00, 0x0F, 0xAC, 0x07 )
 KDE type for a lifetime value.

Enumerations

enum  wpa_state {
  WPA_WAITING = 0 , WPA_READY , WPA_WORKING , WPA_SUCCESS ,
  WPA_FAILURE
}
 WPA handshaking state. More...
enum  wpa_keymask { WPA_PTK = 1 , WPA_GTK = 2 }
 Bitfield indicating a selection of WPA transient keys. More...

Functions

 FILE_LICENCE (GPL2_OR_LATER)
struct eapol_key_pkt __attribute__ ((packed)) mic
 Michael MIC keys.
int wpa_make_rsn_ie (struct net80211_device *dev, union ieee80211_ie **ie)
 Construct RSN or WPA information element.
int wpa_start (struct net80211_device *dev, struct wpa_common_ctx *ctx, const void *pmk, size_t pmk_len)
 Set up generic WPA support to handle 4-Way Handshake.
void wpa_stop (struct net80211_device *dev)
 Disable handling of received WPA handshake frames.

Variables

u8 type
 One of the EAPOL_KEY_TYPE_* defines.
u16 info
 Bitfield of key characteristics, network byte order.
u16 keysize
 Length of encryption key to be used, network byte order.
u64 replay
 Monotonically increasing value for EAPOL-Key conversations.
u8 nonce [32]
 Nonce value.
u8 iv [16]
 Initialization vector.
u8 rsc [8]
 Receive sequence counter for GTK.
u8 _reserved [8]
 Reserved bytes.
u8 mic [16]
 Message integrity code over the entire EAPOL frame.
u16 datalen
 Length of the data field in bytes, network byte order.
u8 data [0]
 Key data.
enum wpa_state __attribute__
u8 rx [WPA_TKIP_MIC_KEY_LEN]
 MIC key for packets from the AP.
u8 tx [WPA_TKIP_MIC_KEY_LEN]
 MIC key for packets to the AP.
u8 key [WPA_TKIP_KEY_LEN]
 Main key: input to TKIP Phase 1 and Phase 2 key mixing functions.
u8 kck [WPA_KCK_LEN]
 EAPOL-Key Key Confirmation Key (KCK)
u8 kek [WPA_KEK_LEN]
 EAPOL-Key Key Encryption Key (KEK)
union wpa_tk tk
 Temporal key.
u8 id
 Key ID and TX bit.
u8 _rsvd
 Reserved byte.
struct wpa_gtk gtk
 Encapsulated group transient key.
u8 ie_type
 Information element type: always 0xDD (IEEE80211_IE_VENDOR)
u8 len
 Length, not including ie_type and length fields.
u32 oui_type
 OUI + type byte.
union { 
   struct wpa_kde_gtk_encap   gtk_encap 
 For GTK-type KDEs, encapsulated GTK. More...
   u8   mac [ETH_ALEN
 For MAC-type KDEs, the MAC address. More...
   u8   pmkid [WPA_PMKID_LEN
 For PMKID-type KDEs, the PMKID. More...
   u8   nonce [WPA_NONCE_LEN
 For Nonce-type KDEs, the nonce. More...
   u32   lifetime 
 For Lifetime-type KDEs, the lifetime in seconds. More...
}; 
 Payload data.

Detailed Description

Common definitions for all types of WPA-protected networks.

Definition in file wpa.h.

Macro Definition Documentation

◆ EAPOL_KEY_TYPE_RSN

#define EAPOL_KEY_TYPE_RSN   2

EAPOL-Key type field for modern 802.11i/RSN WPA packets.

Definition at line 35 of file wpa.h.

Referenced by eapol_key_rx().

◆ EAPOL_KEY_TYPE_WPA

#define EAPOL_KEY_TYPE_WPA   254

Old EAPOL-Key type field used by WPA1 hardware before 802.11i ratified.

Definition at line 38 of file wpa.h.

Referenced by eapol_key_rx().

◆ WPA_NONCE_LEN

#define WPA_NONCE_LEN   32

Length of a nonce.

Definition at line 204 of file wpa.h.

Referenced by wpa_derive_ptk(), and wpa_handle_3_of_4().

◆ WPA_TKIP_KEY_LEN

#define WPA_TKIP_KEY_LEN   16

Length of a TKIP main key.

Definition at line 207 of file wpa.h.

Referenced by tkip_tk::__attribute__().

◆ WPA_TKIP_MIC_KEY_LEN

#define WPA_TKIP_MIC_KEY_LEN   8

Length of a TKIP MIC key.

Definition at line 210 of file wpa.h.

◆ WPA_CCMP_KEY_LEN

#define WPA_CCMP_KEY_LEN   16

Length of a CCMP key.

Definition at line 213 of file wpa.h.

◆ WPA_KCK_LEN

#define WPA_KCK_LEN   16

Length of an EAPOL Key Confirmation Key.

Definition at line 216 of file wpa.h.

◆ WPA_KEK_LEN

#define WPA_KEK_LEN   16

Length of an EAPOL Key Encryption Key.

Definition at line 219 of file wpa.h.

◆ WPA_PMK_LEN

#define WPA_PMK_LEN   32

Usual length of a Pairwise Master Key.

Definition at line 222 of file wpa.h.

Referenced by wpa_psk_start().

◆ WPA_PMKID_LEN

#define WPA_PMKID_LEN   16

Length of a PMKID.

Definition at line 225 of file wpa.h.

◆ WPA_KIES

#define WPA_KIES   __table ( struct wpa_kie, "wpa_kies" )

Definition at line 407 of file wpa.h.

Referenced by wpa_find_kie().

◆ __wpa_kie

#define __wpa_kie   __table_entry ( WPA_KIES, 01 )

Definition at line 408 of file wpa.h.

Enumeration Type Documentation

◆ wpa_state

enum wpa_state

WPA handshaking state.

Enumerator
WPA_WAITING 

Waiting for PMK to be set.

WPA_READY 

Ready for 4-Way Handshake.

WPA_WORKING 

Performing 4-Way Handshake.

WPA_SUCCESS 

4-Way Handshake succeeded

WPA_FAILURE 

4-Way Handshake failed

Definition at line 176 of file wpa.h.

176 {
177 /** Waiting for PMK to be set */
178 WPA_WAITING = 0,
179
180 /** Ready for 4-Way Handshake */
181 WPA_READY,
182
183 /** Performing 4-Way Handshake */
184 WPA_WORKING,
185
186 /** 4-Way Handshake succeeded */
187 WPA_SUCCESS,
188
189 /** 4-Way Handshake failed */
190 WPA_FAILURE,
191};
WPA_FAILURE
@ WPA_FAILURE
4-Way Handshake failed
Definition wpa.h:190
WPA_WAITING
@ WPA_WAITING
Waiting for PMK to be set.
Definition wpa.h:178
WPA_WORKING
@ WPA_WORKING
Performing 4-Way Handshake.
Definition wpa.h:184
WPA_SUCCESS
@ WPA_SUCCESS
4-Way Handshake succeeded
Definition wpa.h:187
WPA_READY
@ WPA_READY
Ready for 4-Way Handshake.
Definition wpa.h:181

◆ wpa_keymask

enum wpa_keymask

Bitfield indicating a selection of WPA transient keys.

Enumerator
WPA_PTK 

Pairwise transient key.

WPA_GTK 

Group transient key.

Definition at line 194 of file wpa.h.

194 {
195 /** Pairwise transient key */
196 WPA_PTK = 1,
197
198 /** Group transient key */
199 WPA_GTK = 2,
200};
WPA_GTK
@ WPA_GTK
Group transient key.
Definition wpa.h:199
WPA_PTK
@ WPA_PTK
Pairwise transient key.
Definition wpa.h:196

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER )

◆ wpa_make_rsn_ie()

int wpa_make_rsn_ie ( struct net80211_device * dev,
union ieee80211_ie ** ie_ret )

Construct RSN or WPA information element.

Parameters
dev802.11 device
Return values
ie_retRSN or WPA information element
rcReturn status code

This function allocates, fills, and returns a RSN or WPA information element suitable for including in an association request frame to the network identified by dev->associating. If it is impossible to construct an information element consistent with iPXE's capabilities that is compatible with that network, or if none should be sent because that network's beacon included no security information, returns an error indication and leaves ie_ret unchanged.

The returned IE will be of the same type (RSN or WPA) as was included in the beacon for the network it is destined for.

Definition at line 125 of file wpa.c.

126{
127 u8 *rsn, *rsn_end;
128 int is_rsn;
129 u32 group_cipher;
130 enum net80211_crypto_alg gcrypt;
131 int ie_len;
132 u8 *iep;
133 struct ieee80211_ie_rsn *ie;
134 struct ieee80211_frame *hdr;
135 struct ieee80211_beacon *beacon;
136
137 if ( ! dev->associating ) {
138 DBG ( "WPA: Can't make RSN IE for a non-associating device\n" );
139 return -EINVAL;
140 }
141
142 hdr = dev->associating->beacon->data;
143 beacon = ( struct ieee80211_beacon * ) hdr->data;
144 rsn = sec80211_find_rsn ( beacon->info_element,
145 dev->associating->beacon->tail, &is_rsn,
146 &rsn_end );
147 if ( ! rsn ) {
148 DBG ( "WPA: Can't make RSN IE when we didn't get one\n" );
149 return -EINVAL;
150 }
151
152 rsn += 2; /* skip version */
153 group_cipher = *( u32 * ) rsn;
154 gcrypt = sec80211_rsn_get_net80211_crypt ( group_cipher );
155
156 if ( ! wpa_find_cryptosystem ( gcrypt ) ||
157 ! wpa_find_cryptosystem ( dev->associating->crypto ) ) {
158 DBG ( "WPA: No support for (GC:%d, PC:%d)\n",
159 gcrypt, dev->associating->crypto );
160 return -ENOTSUP;
161 }
162
163 /* Everything looks good - make our IE. */
164
165 /* WPA IEs need 4 more bytes for the OUI+type */
166 ie_len = ieee80211_rsn_size ( 1, 1, 0, is_rsn ) + ( 4 * ! is_rsn );
167 iep = malloc ( ie_len );
168 if ( ! iep )
169 return -ENOMEM;
170
171 *ie_ret = ( union ieee80211_ie * ) iep;
172
173 /* Store ID and length bytes. */
174 *iep++ = ( is_rsn ? IEEE80211_IE_RSN : IEEE80211_IE_VENDOR );
175 *iep++ = ie_len - 2;
176
177 /* Store OUI+type for WPA IEs. */
178 if ( ! is_rsn ) {
179 *( u32 * ) iep = IEEE80211_WPA_OUI_VEN;
180 iep += 4;
181 }
182
183 /* If this is a WPA IE, the id and len bytes in the
184 ieee80211_ie_rsn structure will not be valid, but by doing
185 the cast we can fill all the other fields much more
186 readily. */
187
188 ie = ( struct ieee80211_ie_rsn * ) ( iep - 2 );
189 ie->version = IEEE80211_RSN_VERSION;
190 ie->group_cipher = group_cipher;
191 ie->pairwise_count = 1;
192 ie->pairwise_cipher[0] =
193 sec80211_rsn_get_crypto_desc ( dev->associating->crypto,
194 is_rsn );
195 ie->akm_count = 1;
196 ie->akm_list[0] =
197 sec80211_rsn_get_akm_desc ( dev->associating->handshaking,
198 is_rsn );
199 if ( is_rsn ) {
200 ie->rsn_capab = 0;
201 ie->pmkid_count = 0;
202 }
203
204 return 0;
205}
hdr
struct golan_inbox_hdr hdr
Message header.
Definition CIB_PRM.h:0
DBG
#define DBG(...)
Print a debugging message.
Definition compiler.h:498
ieee80211_rsn_size
static size_t ieee80211_rsn_size(int npair, int nauth, int npmkid, int rsn_ie)
Calculate necessary size of RSN information element.
Definition ieee80211.h:844
IEEE80211_WPA_OUI_VEN
#define IEEE80211_WPA_OUI_VEN
Old vendor-type WPA IE OUI type + subtype.
Definition ieee80211.h:869
IEEE80211_IE_VENDOR
#define IEEE80211_IE_VENDOR
Information element ID for Vendor Specific information element.
Definition ieee80211.h:960
IEEE80211_RSN_VERSION
#define IEEE80211_RSN_VERSION
802.11 RSN IE: expected version number
Definition ieee80211.h:873
IEEE80211_IE_RSN
#define IEEE80211_IE_RSN
Information element ID for Robust Security Network information element.
Definition ieee80211.h:834
ieee80211_beacon
#define ieee80211_beacon
Definition ieee80211.h:1069
EINVAL
#define EINVAL
Invalid argument.
Definition errno.h:429
ENOMEM
#define ENOMEM
Not enough space.
Definition errno.h:535
ENOTSUP
#define ENOTSUP
Operation not supported.
Definition errno.h:590
group_cipher
u32 group_cipher
Cipher ID for the cipher used in multicast/broadcast frames.
Definition ieee80211.h:10
u8
#define u8
Definition igbvf_osdep.h:40
malloc
void * malloc(size_t size)
Allocate memory.
Definition malloc.c:621
net80211_crypto_alg
net80211_crypto_alg
An 802.11 data encryption algorithm.
Definition net80211.h:129
sec80211_find_rsn
u8 * sec80211_find_rsn(union ieee80211_ie *ie, void *ie_end, int *is_rsn, u8 **end)
Find the RSN or WPA information element in the provided beacon frame.
Definition sec80211.c:284
sec80211_rsn_get_net80211_crypt
enum net80211_crypto_alg sec80211_rsn_get_net80211_crypt(u32 desc)
Determine net80211 cryptosystem number from RSN descriptor.
Definition sec80211.c:509
sec80211_rsn_get_crypto_desc
u32 sec80211_rsn_get_crypto_desc(enum net80211_crypto_alg crypt, int rsnie)
Determine RSN descriptor for specified net80211 cryptosystem number.
Definition sec80211.c:482
sec80211_rsn_get_akm_desc
u32 sec80211_rsn_get_akm_desc(enum net80211_security_proto secprot, int rsnie)
Determine RSN descriptor for specified net80211 handshaker number.
Definition sec80211.c:497
ieee80211_frame
An 802.11 data or management frame without QoS or WDS header fields.
Definition ieee80211.h:301
ieee80211_ie_rsn
802.11 Robust Security Network ("WPA") information element
Definition ieee80211.h:798
ieee80211_ie_rsn::akm_count
u16 akm_count
Number of authentication types supported.
Definition ieee80211.h:818
ieee80211_ie_rsn::pairwise_count
u16 pairwise_count
Number of unicast ciphers supported.
Definition ieee80211.h:812
ieee80211_ie_rsn::akm_list
u32 akm_list[1]
List of authentication type IDs for supported types.
Definition ieee80211.h:821
ieee80211_ie_rsn::pairwise_cipher
u32 pairwise_cipher[1]
List of cipher IDs for supported unicast frame ciphers.
Definition ieee80211.h:815
ieee80211_ie_rsn::rsn_capab
u16 rsn_capab
Security capabilities field (RSN only)
Definition ieee80211.h:824
ieee80211_ie_rsn::group_cipher
u32 group_cipher
Cipher ID for the cipher used in multicast/broadcast frames.
Definition ieee80211.h:809
ieee80211_ie_rsn::pmkid_count
u16 pmkid_count
Number of PMKIDs included (present only in association frames)
Definition ieee80211.h:827
ieee80211_ie_rsn::version
u16 version
RSN information element version.
Definition ieee80211.h:806
io_buffer::data
void * data
Start of data.
Definition iobuf.h:53
io_buffer::tail
void * tail
End of data.
Definition iobuf.h:55
net80211_device::associating
struct net80211_wlan * associating
Network with which we are associating.
Definition net80211.h:866
net80211_wlan::beacon
struct io_buffer * beacon
The complete beacon or probe-response frame received.
Definition net80211.h:1081
net80211_wlan::crypto
enum net80211_crypto_alg crypto
Cryptographic algorithm used on the network.
Definition net80211.h:1087
net80211_wlan::handshaking
enum net80211_security_proto handshaking
Security handshaking method used on the network.
Definition net80211.h:1084
ieee80211_ie
Any 802.11 information element.
Definition ieee80211.h:973
u32
#define u32
Definition vga.h:21
wpa_find_cryptosystem
static struct net80211_crypto * wpa_find_cryptosystem(enum net80211_crypto_alg crypt)
Find a cryptosystem handler structure from a crypto ID.
Definition wpa.c:74

References ieee80211_ie_rsn::akm_count, ieee80211_ie_rsn::akm_list, net80211_device::associating, net80211_wlan::beacon, net80211_wlan::crypto, io_buffer::data, DBG, EINVAL, ENOMEM, ENOTSUP, group_cipher, ieee80211_ie_rsn::group_cipher, net80211_wlan::handshaking, hdr, ieee80211_beacon, IEEE80211_IE_RSN, IEEE80211_IE_VENDOR, ieee80211_rsn_size(), IEEE80211_RSN_VERSION, IEEE80211_WPA_OUI_VEN, malloc(), ieee80211_ie_rsn::pairwise_cipher, ieee80211_ie_rsn::pairwise_count, ieee80211_ie_rsn::pmkid_count, ieee80211_ie_rsn::rsn_capab, sec80211_find_rsn(), sec80211_rsn_get_akm_desc(), sec80211_rsn_get_crypto_desc(), sec80211_rsn_get_net80211_crypt(), io_buffer::tail, u32, u8, ieee80211_ie_rsn::version, and wpa_find_cryptosystem().

Referenced by wpa_psk_init().

◆ wpa_start()

int wpa_start ( struct net80211_device * dev,
struct wpa_common_ctx * ctx,
const void * pmk,
size_t pmk_len )

Set up generic WPA support to handle 4-Way Handshake.

Parameters
dev802.11 device
ctxWPA common context
pmkPairwise Master Key to use for session
pmk_lenLength of PMK, almost always 32
Return values
rcReturn status code

Definition at line 217 of file wpa.c.

219{
220 struct io_buffer *iob;
221 struct ieee80211_frame *hdr;
222 struct ieee80211_beacon *beacon;
223 u8 *ap_rsn_ie = NULL, *ap_rsn_ie_end;
224
225 if ( ! dev->rsn_ie || ! dev->associating )
226 return -EINVAL;
227
228 ctx->dev = dev;
229 memcpy ( ctx->pmk, pmk, ctx->pmk_len = pmk_len );
230 ctx->state = WPA_READY;
231 ctx->replay = ~0ULL;
232
233 iob = dev->associating->beacon;
234 hdr = iob->data;
235 beacon = ( struct ieee80211_beacon * ) hdr->data;
236 ap_rsn_ie = sec80211_find_rsn ( beacon->info_element, iob->tail,
237 &ctx->ap_rsn_is_rsn, &ap_rsn_ie_end );
238 if ( ap_rsn_ie ) {
239 ctx->ap_rsn_ie = malloc ( ap_rsn_ie_end - ap_rsn_ie );
240 if ( ! ctx->ap_rsn_ie )
241 return -ENOMEM;
242 memcpy ( ctx->ap_rsn_ie, ap_rsn_ie, ap_rsn_ie_end - ap_rsn_ie );
243 ctx->ap_rsn_ie_len = ap_rsn_ie_end - ap_rsn_ie;
244 } else {
245 return -ENOENT;
246 }
247
248 ctx->crypt = dev->associating->crypto;
249 ctx->gcrypt = NET80211_CRYPT_UNKNOWN;
250
251 list_add_tail ( &ctx->list, &wpa_contexts );
252 return 0;
253}
NULL
#define NULL
NULL pointer (VOID *)
Definition Base.h:322
ctx
struct golan_eq_context ctx
Definition CIB_PRM.h:0
ENOENT
#define ENOENT
No such file or directory.
Definition errno.h:515
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
list_add_tail
#define list_add_tail(new, head)
Add a new entry to the tail of a list.
Definition list.h:94
NET80211_CRYPT_UNKNOWN
@ NET80211_CRYPT_UNKNOWN
Dummy value used when the cryptosystem can't be detected.
Definition net80211.h:177
io_buffer
A persistent I/O buffer.
Definition iobuf.h:38
net80211_device::rsn_ie
union ieee80211_ie * rsn_ie
RSN or WPA information element to include with association.
Definition net80211.h:932
wpa_contexts
struct list_head wpa_contexts
List of WPA contexts in active use.
Definition wpa.c:47

References net80211_device::associating, net80211_wlan::beacon, net80211_wlan::crypto, ctx, io_buffer::data, EINVAL, ENOENT, ENOMEM, hdr, ieee80211_beacon, list_add_tail, malloc(), memcpy(), NET80211_CRYPT_UNKNOWN, NULL, net80211_device::rsn_ie, sec80211_find_rsn(), io_buffer::tail, u8, wpa_contexts, and WPA_READY.

Referenced by wpa_psk_start().

◆ wpa_stop()

void wpa_stop ( struct net80211_device * dev)

Disable handling of received WPA handshake frames.

Parameters
dev802.11 device

Definition at line 261 of file wpa.c.

262{
263 struct wpa_common_ctx *ctx, *tmp;
264
265 list_for_each_entry_safe ( ctx, tmp, &wpa_contexts, list ) {
266 if ( ctx->dev == dev ) {
267 free ( ctx->ap_rsn_ie );
268 ctx->ap_rsn_ie = NULL;
269 list_del ( &ctx->list );
270 }
271 }
272}
tmp
unsigned long tmp
Definition linux_pci.h:65
list_for_each_entry_safe
#define list_for_each_entry_safe(pos, tmp, head, member)
Iterate over entries in a list, safe against deletion of the current entry.
Definition list.h:459
list_del
#define list_del(list)
Delete an entry from a list.
Definition list.h:120
free
static void(* free)(struct refcnt *refcnt))
Definition refcnt.h:55
wpa_common_ctx
Common context for WPA security handshaking.
Definition wpa.h:292
wpa_common_ctx::list
struct list_head list
List entry.
Definition wpa.h:362
wpa_common_ctx::dev
struct net80211_device * dev
802.11 device we are authenticating for
Definition wpa.h:294

References ctx, wpa_common_ctx::dev, free, wpa_common_ctx::list, list_del, list_for_each_entry_safe, NULL, tmp, and wpa_contexts.

Referenced by wpa_psk_stop().

Variable Documentation

◆ type

u8 type

One of the EAPOL_KEY_TYPE_* defines.

Definition at line 1 of file wpa.h.

◆ info

u16 info

Bitfield of key characteristics, network byte order.

Definition at line 4 of file wpa.h.

◆ keysize

u16 keysize

Length of encryption key to be used, network byte order.

This is 16 for CCMP, 32 for TKIP, and 5 or 13 for WEP.

Definition at line 10 of file wpa.h.

Referenced by ecdsa_alloc(), ecdsa_parse_signature(), ecdsa_prepend_signature(), ecdsa_sign_rs(), ecdsa_verify_rs(), elliptic_curve_okx(), elliptic_multiply_okx(), and tls_send_client_key_exchange_ecdhe().

◆ replay

u64 replay

Monotonically increasing value for EAPOL-Key conversations.

In another classic demonstration of overengineering, this 8-byte value will rarely be anything above 1. It's stored in network byte order.

Definition at line 18 of file wpa.h.

◆ nonce

u8 nonce[WPA_NONCE_LEN]

Nonce value.

For Nonce-type KDEs, the nonce.

This is the authenticator's ANonce in frame 1, the peer's SNonce in frame 2, and 0 in frames 3 and 4.

Definition at line 25 of file wpa.h.

Referenced by ccmp_cbc_mac(), ccmp_ctr_xor(), ccmp_decrypt(), ccmp_encrypt(), get_entropy_input_tmp(), make_next_nonce(), and ntlm_response().

◆ iv

u8 iv[16]

Initialization vector.

This contains the IV used with the Key Encryption Key, or 0 if the key is unencrypted or encrypted using an algorithm that does not require an IV.

Definition at line 33 of file wpa.h.

Referenced by cbc_setiv(), ccmp_kie_decrypt(), cipher_cost(), cipher_null_setiv(), cipher_null_setiv(), cipher_setiv(), gcm_setiv(), tkip_kie_decrypt(), tls_new_ciphertext(), tls_send_record(), wep_decrypt(), and wep_encrypt().

◆ rsc

u8 rsc[8]

Receive sequence counter for GTK.

This is used to synchronize the client's replay counter for ordinary data packets. The first six bytes contain PN0 through PN5 for CCMP mode, or TSC0 through TSC5 for TKIP mode. The last two bytes are zero.

Definition at line 42 of file wpa.h.

Referenced by ccmp_init(), FILE_LICENCE(), sec80211_install(), tkip_init(), wep_init(), wpa_install_gtk(), and wpa_maybe_install_gtk().

◆ _reserved

u8 _reserved[8]

Reserved bytes.

Definition at line 45 of file wpa.h.

◆ mic

u8 mic[16]

Message integrity code over the entire EAPOL frame.

This is calculated using HMAC-MD5 when the key descriptor version field in info is 1, and HMAC-SHA1 ignoring the last 4 bytes of the hash when the version field in info is 2.

Definition at line 54 of file wpa.h.

Referenced by ccmp_cbc_mac(), ccmp_encrypt(), ccmp_kie_mic(), tkip_decrypt(), tkip_encrypt(), tkip_kie_mic(), and tkip_michael().

◆ datalen

u16 datalen

Length of the data field in bytes, network byte order.

Definition at line 57 of file wpa.h.

Referenced by ccmp_cbc_mac(), ccmp_decrypt(), ccmp_encrypt(), tkip_decrypt(), tkip_encrypt(), wep_decrypt(), and wep_encrypt().

◆ data

u8 data[0]

Key data.

This is formatted as a series of 802.11 information elements, with cryptographic data encapsulated using a "vendor-specific IE" code and an IEEE-specified OUI.

Definition at line 65 of file wpa.h.

◆ rx

u8 rx

MIC key for packets from the AP.

Definition at line 1 of file wpa.h.

Referenced by ar9003_hw_set_chain_masks(), ath_hw_cycle_counters_update(), atl_poll_rx(), atl_rx_ring_fill(), cgem_poll_rx(), cgem_refill_rx(), dwmac_poll_rx(), dwmac_refill_rx(), exanic_poll_rx(), FILE_LICENCE(), gve_close(), gve_open(), gve_poll_rx(), gve_refill_rx(), gve_start(), gve_stop(), ice_context_rx(), intel_describe_rx(), intel_poll_rx(), intel_refill_rx(), intelxl_context_rx(), intelxl_refill_rx(), intelxlvf_admin_stats(), ipair_rx(), iscsi_socket_deliver(), myson_poll_rx(), myson_refill_rx(), natsemi_poll_rx(), natsemi_refill_rx(), rdc_poll_rx(), rdc_refill_rx(), realtek_legacy_poll_rx(), realtek_poll_rx(), realtek_refill_rx(), sky2_status_intr(), and smsc95xx_dump_statistics().

◆ tx

u8 tx

MIC key for packets to the AP.

Definition at line 4 of file wpa.h.

Referenced by ar9003_hw_set_chain_masks(), ath_hw_cycle_counters_update(), atl_poll_tx(), atl_transmit(), bnxt_service_cq(), cgem_poll_tx(), cgem_transmit(), dwmac_poll_tx(), dwmac_transmit(), exanic_open(), exanic_transmit(), gve_close(), gve_open(), gve_poll_tx(), gve_start(), gve_stop(), gve_transmit(), intel_describe_tx(), intel_describe_tx_adv(), intel_poll_tx(), intel_transmit(), intelxl_context_tx(), intelxl_transmit(), intelxlvf_admin_stats(), ipair_expired(), iscsi_tx_step(), myson_poll_tx(), myson_transmit(), natsemi_poll_tx(), natsemi_transmit(), phantom_transmit(), rdc_poll_tx(), rdc_transmit(), realtek_poll_tx(), realtek_transmit(), and smsc95xx_dump_statistics().

◆ key

u8 key[WPA_TKIP_KEY_LEN]

Main key: input to TKIP Phase 1 and Phase 2 key mixing functions.

Definition at line 1 of file wpa.h.

◆ kck

u8 kck[WPA_KCK_LEN]

EAPOL-Key Key Confirmation Key (KCK)

Definition at line 1 of file wpa.h.

Referenced by ccmp_kie_mic(), and tkip_kie_mic().

◆ kek

u8 kek[WPA_KEK_LEN]

EAPOL-Key Key Encryption Key (KEK)

Definition at line 4 of file wpa.h.

Referenced by aes_unwrap(), aes_wrap(), ccmp_kie_decrypt(), and tkip_kie_decrypt().

◆ tk

union wpa_tk tk

Temporal key.

Definition at line 7 of file wpa.h.

Referenced by tkip_mix_1(), and tkip_mix_2().

◆ id

u8 id

Key ID and TX bit.

Definition at line 1 of file wpa.h.

◆ _rsvd

u8 _rsvd

Reserved byte.

Definition at line 4 of file wpa.h.

◆ gtk

struct wpa_gtk gtk

Encapsulated group transient key.

Definition at line 7 of file wpa.h.

◆ ie_type

u8 ie_type

Information element type: always 0xDD (IEEE80211_IE_VENDOR)

Definition at line 1 of file wpa.h.

◆ len

u8 len

Length, not including ie_type and length fields.

Definition at line 4 of file wpa.h.

◆ oui_type

u32 oui_type

OUI + type byte.

Definition at line 7 of file wpa.h.

Referenced by rsn_pick_desc().

◆ gtk_encap

struct wpa_kde_gtk_encap gtk_encap

For GTK-type KDEs, encapsulated GTK.

Definition at line 12 of file wpa.h.

◆ mac

u8 mac[ETH_ALEN]

For MAC-type KDEs, the MAC address.

Definition at line 15 of file wpa.h.

◆ pmkid

u8 pmkid[WPA_PMKID_LEN]

For PMKID-type KDEs, the PMKID.

Definition at line 18 of file wpa.h.

◆ lifetime

u32 lifetime

For Lifetime-type KDEs, the lifetime in seconds.

This is in network byte order!

Definition at line 27 of file wpa.h.

Referenced by ndp_register_settings(), and tls_new_session_ticket().

◆ [union]

union { ... }

Payload data.

Generated by doxygen 1.14.0