/*
* WPA Supplicant - WPA state machine and EAPOL-Key processing
- * Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2003-2010, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
#include "includes.h"
#include "common.h"
-#include "rc4.h"
-#include "aes_wrap.h"
+#include "crypto/aes_wrap.h"
+#include "crypto/crypto.h"
+#include "common/ieee802_11_defs.h"
+#include "eapol_supp/eapol_supp_sm.h"
#include "wpa.h"
#include "eloop.h"
-#include "eapol_supp/eapol_supp_sm.h"
#include "preauth.h"
#include "pmksa_cache.h"
#include "wpa_i.h"
#include "wpa_ie.h"
#include "peerkey.h"
-#include "ieee802_11_defs.h"
-
-
-/**
- * wpa_cipher_txt - Convert cipher suite to a text string
- * @cipher: Cipher suite (WPA_CIPHER_* enum)
- * Returns: Pointer to a text string of the cipher suite name
- */
-static const char * wpa_cipher_txt(int cipher)
-{
- switch (cipher) {
- case WPA_CIPHER_NONE:
- return "NONE";
- case WPA_CIPHER_WEP40:
- return "WEP-40";
- case WPA_CIPHER_WEP104:
- return "WEP-104";
- case WPA_CIPHER_TKIP:
- return "TKIP";
- case WPA_CIPHER_CCMP:
- return "CCMP";
- default:
- return "UNKNOWN";
- }
-}
-
-
-/**
- * wpa_key_mgmt_txt - Convert key management suite to a text string
- * @key_mgmt: Key management suite (WPA_KEY_MGMT_* enum)
- * @proto: WPA/WPA2 version (WPA_PROTO_*)
- * Returns: Pointer to a text string of the key management suite name
- */
-static const char * wpa_key_mgmt_txt(int key_mgmt, int proto)
-{
- switch (key_mgmt) {
- case WPA_KEY_MGMT_IEEE8021X:
- return proto == WPA_PROTO_RSN ?
- "WPA2/IEEE 802.1X/EAP" : "WPA/IEEE 802.1X/EAP";
- case WPA_KEY_MGMT_PSK:
- return proto == WPA_PROTO_RSN ?
- "WPA2-PSK" : "WPA-PSK";
- case WPA_KEY_MGMT_NONE:
- return "NONE";
- case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
- return "IEEE 802.1X (no WPA)";
-#ifdef CONFIG_IEEE80211R
- case WPA_KEY_MGMT_FT_IEEE8021X:
- return "FT-EAP";
- case WPA_KEY_MGMT_FT_PSK:
- return "FT-PSK";
-#endif /* CONFIG_IEEE80211R */
- default:
- return "UNKNOWN";
- }
-}
/**
MAC2STR(dest));
}
}
- if (key_mic)
- wpa_eapol_key_mic(kck, ver, msg, msg_len, key_mic);
+ if (key_mic &&
+ wpa_eapol_key_mic(kck, ver, msg, msg_len, key_mic)) {
+ wpa_printf(MSG_ERROR, "WPA: Failed to generate EAPOL-Key "
+ "version %d MIC", ver);
+ goto out;
+ }
wpa_hexdump(MSG_MSGDUMP, "WPA: TX EAPOL-Key", msg, msg_len);
wpa_sm_ether_send(sm, dest, proto, msg, msg_len);
eapol_sm_notify_tx_eapol_key(sm->eapol);
+out:
os_free(msg);
}
* @sm: Pointer to WPA state machine data from wpa_sm_init()
* @error: Indicate whether this is an Michael MIC error report
* @pairwise: 1 = error report for pairwise packet, 0 = for group packet
- * Returns: Pointer to the current network structure or %NULL on failure
*
* Send an EAPOL-Key Request to the current authenticator. This function is
* used to request rekeying and it is usually called when a local Michael MIC
int key_info, ver;
u8 bssid[ETH_ALEN], *rbuf;
- if (sm->key_mgmt == WPA_KEY_MGMT_FT_IEEE8021X ||
- sm->key_mgmt == WPA_KEY_MGMT_FT_PSK)
+ if (wpa_key_mgmt_ft(sm->key_mgmt) || wpa_key_mgmt_sha256(sm->key_mgmt))
ver = WPA_KEY_INFO_TYPE_AES_128_CMAC;
else if (sm->pairwise_cipher == WPA_CIPHER_CCMP)
ver = WPA_KEY_INFO_TYPE_HMAC_SHA1_AES;
#ifdef CONFIG_IEEE80211R
sm->xxkey_len = 0;
#endif /* CONFIG_IEEE80211R */
- } else if ((sm->key_mgmt == WPA_KEY_MGMT_IEEE8021X ||
- sm->key_mgmt == WPA_KEY_MGMT_FT_IEEE8021X) && sm->eapol) {
+ } else if (wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt) && sm->eapol) {
int res, pmk_len;
pmk_len = PMK_LEN;
res = eapol_sm_get_key(sm->eapol, sm->pmk, PMK_LEN);
wpa_hexdump_key(MSG_DEBUG, "WPA: PMK from EAPOL state "
"machines", sm->pmk, pmk_len);
sm->pmk_len = pmk_len;
- pmksa_cache_add(sm->pmksa, sm->pmk, pmk_len, src_addr,
- sm->own_addr, sm->network_ctx);
+ if (sm->proto == WPA_PROTO_RSN) {
+ pmksa_cache_add(sm->pmksa, sm->pmk, pmk_len,
+ src_addr, sm->own_addr,
+ sm->network_ctx, sm->key_mgmt);
+ }
if (!sm->cur_pmksa && pmkid &&
pmksa_cache_get(sm->pmksa, src_addr, pmkid)) {
wpa_printf(MSG_DEBUG, "RSN: the new PMK "
abort_cached = 0;
}
} else {
- wpa_msg(sm->ctx->ctx, MSG_WARNING,
+ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
"WPA: Failed to get master session key from "
"EAPOL state machines");
- wpa_msg(sm->ctx->ctx, MSG_WARNING,
+ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
"WPA: Key handshake aborted");
if (sm->cur_pmksa) {
wpa_printf(MSG_DEBUG, "RSN: Cancelled PMKSA "
"caching attempt");
sm->cur_pmksa = NULL;
abort_cached = 1;
- } else {
+ } else if (!abort_cached) {
return -1;
}
}
}
- if (abort_cached && (sm->key_mgmt == WPA_KEY_MGMT_IEEE8021X ||
- sm->key_mgmt == WPA_KEY_MGMT_FT_IEEE8021X)) {
+ if (abort_cached && wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt)) {
/* Send EAPOL-Start to trigger full EAP authentication. */
u8 *buf;
size_t buflen;
size_t rlen;
struct wpa_eapol_key *reply;
u8 *rbuf;
+ u8 *rsn_ie_buf = NULL;
if (wpa_ie == NULL) {
wpa_printf(MSG_WARNING, "WPA: No wpa_ie set - cannot "
return -1;
}
+#ifdef CONFIG_IEEE80211R
+ if (wpa_key_mgmt_ft(sm->key_mgmt)) {
+ int res;
+
+ /*
+ * Add PMKR1Name into RSN IE (PMKID-List) and add MDIE and
+ * FTIE from (Re)Association Response.
+ */
+ rsn_ie_buf = os_malloc(wpa_ie_len + 2 + 2 + PMKID_LEN +
+ sm->assoc_resp_ies_len);
+ if (rsn_ie_buf == NULL)
+ return -1;
+ os_memcpy(rsn_ie_buf, wpa_ie, wpa_ie_len);
+ res = wpa_insert_pmkid(rsn_ie_buf, wpa_ie_len,
+ sm->pmk_r1_name);
+ if (res < 0) {
+ os_free(rsn_ie_buf);
+ return -1;
+ }
+ wpa_ie_len += res;
+
+ if (sm->assoc_resp_ies) {
+ os_memcpy(rsn_ie_buf + wpa_ie_len, sm->assoc_resp_ies,
+ sm->assoc_resp_ies_len);
+ wpa_ie_len += sm->assoc_resp_ies_len;
+ }
+
+ wpa_ie = rsn_ie_buf;
+ }
+#endif /* CONFIG_IEEE80211R */
+
wpa_hexdump(MSG_DEBUG, "WPA: WPA IE for msg 2/4", wpa_ie, wpa_ie_len);
rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY,
NULL, sizeof(*reply) + wpa_ie_len,
&rlen, (void *) &reply);
- if (rbuf == NULL)
+ if (rbuf == NULL) {
+ os_free(rsn_ie_buf);
return -1;
+ }
reply->type = sm->proto == WPA_PROTO_RSN ?
EAPOL_KEY_TYPE_RSN : EAPOL_KEY_TYPE_WPA;
WPA_PUT_BE16(reply->key_data_length, wpa_ie_len);
os_memcpy(reply + 1, wpa_ie, wpa_ie_len);
+ os_free(rsn_ie_buf);
os_memcpy(reply->key_nonce, nonce, WPA_NONCE_LEN);
const struct wpa_eapol_key *key,
struct wpa_ptk *ptk)
{
+ size_t ptk_len = sm->pairwise_cipher == WPA_CIPHER_CCMP ? 48 : 64;
#ifdef CONFIG_IEEE80211R
- if (sm->key_mgmt == WPA_KEY_MGMT_FT_IEEE8021X ||
- sm->key_mgmt == WPA_KEY_MGMT_FT_PSK)
- return wpa_derive_ptk_ft(sm, src_addr, key, ptk);
+ if (wpa_key_mgmt_ft(sm->key_mgmt))
+ return wpa_derive_ptk_ft(sm, src_addr, key, ptk, ptk_len);
#endif /* CONFIG_IEEE80211R */
wpa_pmk_to_ptk(sm->pmk, sm->pmk_len, "Pairwise key expansion",
sm->own_addr, sm->bssid, sm->snonce, key->key_nonce,
- (u8 *) ptk, sizeof(*ptk));
+ (u8 *) ptk, ptk_len,
+ wpa_key_mgmt_sha256(sm->key_mgmt));
return 0;
}
#endif /* CONFIG_NO_WPA2 */
if (wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid))
- return;
+ goto failed;
if (sm->renew_snonce) {
if (os_get_random(sm->snonce, WPA_NONCE_LEN)) {
- wpa_msg(sm->ctx->ctx, MSG_WARNING,
+ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
"WPA: Failed to get random data for SNonce");
- return;
+ goto failed;
}
sm->renew_snonce = 0;
wpa_hexdump(MSG_DEBUG, "WPA: Renewed SNonce",
if (wpa_supplicant_send_2_of_4(sm, sm->bssid, key, ver, sm->snonce,
sm->assoc_wpa_ie, sm->assoc_wpa_ie_len,
ptk))
- return;
+ goto failed;
os_memcpy(sm->anonce, key->key_nonce, WPA_NONCE_LEN);
+ return;
+
+failed:
+ wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED);
}
static void wpa_supplicant_key_neg_complete(struct wpa_sm *sm,
const u8 *addr, int secure)
{
- wpa_msg(sm->ctx->ctx, MSG_INFO, "WPA: Key negotiation completed with "
+ wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
+ "WPA: Key negotiation completed with "
MACSTR " [PTK=%s GTK=%s]", MAC2STR(addr),
wpa_cipher_txt(sm->pairwise_cipher),
wpa_cipher_txt(sm->group_cipher));
sm, addr, MLME_SETPROTECTION_PROTECT_TYPE_RX_TX,
MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
eapol_sm_notify_portValid(sm->eapol, TRUE);
- if (sm->key_mgmt == WPA_KEY_MGMT_PSK ||
- sm->key_mgmt == WPA_KEY_MGMT_FT_PSK)
+ if (wpa_key_mgmt_wpa_psk(sm->key_mgmt))
eapol_sm_notify_eap_success(sm->eapol, TRUE);
/*
* Start preauthentication after a short wait to avoid a
}
#ifdef CONFIG_IEEE80211R
- if (sm->key_mgmt == WPA_KEY_MGMT_FT_IEEE8021X ||
- sm->key_mgmt == WPA_KEY_MGMT_FT_PSK) {
+ if (wpa_key_mgmt_ft(sm->key_mgmt)) {
/* Prepare for the next transition */
- wpa_ft_prepare_auth_request(sm);
+ wpa_ft_prepare_auth_request(sm, NULL);
}
#endif /* CONFIG_IEEE80211R */
}
+static void wpa_sm_rekey_ptk(void *eloop_ctx, void *timeout_ctx)
+{
+ struct wpa_sm *sm = eloop_ctx;
+ wpa_printf(MSG_DEBUG, "WPA: Request PTK rekeying");
+ wpa_sm_key_request(sm, 0, 1);
+}
+
+
static int wpa_supplicant_install_ptk(struct wpa_sm *sm,
const struct wpa_eapol_key *key)
{
int keylen, rsclen;
- wpa_alg alg;
+ enum wpa_alg alg;
const u8 *key_rsc;
u8 null_rsc[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
if (wpa_sm_set_key(sm, alg, sm->bssid, 0, 1, key_rsc, rsclen,
(u8 *) sm->ptk.tk1, keylen) < 0) {
wpa_printf(MSG_WARNING, "WPA: Failed to set PTK to the "
- "driver.");
+ "driver (alg=%d keylen=%d bssid=" MACSTR ")",
+ alg, keylen, MAC2STR(sm->bssid));
return -1;
}
+
+ if (sm->wpa_ptk_rekey) {
+ eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL);
+ eloop_register_timeout(sm->wpa_ptk_rekey, 0, wpa_sm_rekey_ptk,
+ sm, NULL);
+ }
+
return 0;
}
static int wpa_supplicant_check_group_cipher(int group_cipher,
int keylen, int maxkeylen,
- int *key_rsc_len, wpa_alg *alg)
+ int *key_rsc_len,
+ enum wpa_alg *alg)
{
int ret = 0;
struct wpa_gtk_data {
- wpa_alg alg;
+ enum wpa_alg alg;
int tx, key_rsc_len, keyidx;
u8 gtk[32];
int gtk_len;
gd->keyidx, gd->tx, key_rsc, gd->key_rsc_len,
_gtk, gd->gtk_len) < 0) {
wpa_printf(MSG_WARNING, "WPA: Failed to set GTK to "
- "the driver.");
+ "the driver (alg=%d keylen=%d keyidx=%d)",
+ gd->alg, gd->gtk_len, gd->keyidx);
return -1;
}
const u8 *wpa_ie, size_t wpa_ie_len,
const u8 *rsn_ie, size_t rsn_ie_len)
{
- wpa_msg(sm->ctx->ctx, MSG_WARNING, "WPA: %s (src=" MACSTR ")",
+ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: %s (src=" MACSTR ")",
reason, MAC2STR(src_addr));
if (sm->ap_wpa_ie) {
}
+#ifdef CONFIG_IEEE80211R
+
+static int ft_validate_mdie(struct wpa_sm *sm,
+ const unsigned char *src_addr,
+ struct wpa_eapol_ie_parse *ie,
+ const u8 *assoc_resp_mdie)
+{
+ struct rsn_mdie *mdie;
+
+ mdie = (struct rsn_mdie *) (ie->mdie + 2);
+ if (ie->mdie == NULL || ie->mdie_len < 2 + sizeof(*mdie) ||
+ os_memcmp(mdie->mobility_domain, sm->mobility_domain,
+ MOBILITY_DOMAIN_ID_LEN) != 0) {
+ wpa_printf(MSG_DEBUG, "FT: MDIE in msg 3/4 did not "
+ "match with the current mobility domain");
+ return -1;
+ }
+
+ if (assoc_resp_mdie &&
+ (assoc_resp_mdie[1] != ie->mdie[1] ||
+ os_memcmp(assoc_resp_mdie, ie->mdie, 2 + ie->mdie[1]) != 0)) {
+ wpa_printf(MSG_DEBUG, "FT: MDIE mismatch");
+ wpa_hexdump(MSG_DEBUG, "FT: MDIE in EAPOL-Key msg 3/4",
+ ie->mdie, 2 + ie->mdie[1]);
+ wpa_hexdump(MSG_DEBUG, "FT: MDIE in (Re)Association Response",
+ assoc_resp_mdie, 2 + assoc_resp_mdie[1]);
+ return -1;
+ }
+
+ return 0;
+}
+
+
+static int ft_validate_ftie(struct wpa_sm *sm,
+ const unsigned char *src_addr,
+ struct wpa_eapol_ie_parse *ie,
+ const u8 *assoc_resp_ftie)
+{
+ if (ie->ftie == NULL) {
+ wpa_printf(MSG_DEBUG, "FT: No FTIE in EAPOL-Key msg 3/4");
+ return -1;
+ }
+
+ if (assoc_resp_ftie == NULL)
+ return 0;
+
+ if (assoc_resp_ftie[1] != ie->ftie[1] ||
+ os_memcmp(assoc_resp_ftie, ie->ftie, 2 + ie->ftie[1]) != 0) {
+ wpa_printf(MSG_DEBUG, "FT: FTIE mismatch");
+ wpa_hexdump(MSG_DEBUG, "FT: FTIE in EAPOL-Key msg 3/4",
+ ie->ftie, 2 + ie->ftie[1]);
+ wpa_hexdump(MSG_DEBUG, "FT: FTIE in (Re)Association Response",
+ assoc_resp_ftie, 2 + assoc_resp_ftie[1]);
+ return -1;
+ }
+
+ return 0;
+}
+
+
+static int ft_validate_rsnie(struct wpa_sm *sm,
+ const unsigned char *src_addr,
+ struct wpa_eapol_ie_parse *ie)
+{
+ struct wpa_ie_data rsn;
+
+ if (!ie->rsn_ie)
+ return 0;
+
+ /*
+ * Verify that PMKR1Name from EAPOL-Key message 3/4
+ * matches with the value we derived.
+ */
+ if (wpa_parse_wpa_ie_rsn(ie->rsn_ie, ie->rsn_ie_len, &rsn) < 0 ||
+ rsn.num_pmkid != 1 || rsn.pmkid == NULL) {
+ wpa_printf(MSG_DEBUG, "FT: No PMKR1Name in "
+ "FT 4-way handshake message 3/4");
+ return -1;
+ }
+
+ if (os_memcmp(rsn.pmkid, sm->pmk_r1_name, WPA_PMK_NAME_LEN) != 0) {
+ wpa_printf(MSG_DEBUG, "FT: PMKR1Name mismatch in "
+ "FT 4-way handshake message 3/4");
+ wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name from Authenticator",
+ rsn.pmkid, WPA_PMK_NAME_LEN);
+ wpa_hexdump(MSG_DEBUG, "FT: Derived PMKR1Name",
+ sm->pmk_r1_name, WPA_PMK_NAME_LEN);
+ return -1;
+ }
+
+ return 0;
+}
+
+
+static int wpa_supplicant_validate_ie_ft(struct wpa_sm *sm,
+ const unsigned char *src_addr,
+ struct wpa_eapol_ie_parse *ie)
+{
+ const u8 *pos, *end, *mdie = NULL, *ftie = NULL;
+
+ if (sm->assoc_resp_ies) {
+ pos = sm->assoc_resp_ies;
+ end = pos + sm->assoc_resp_ies_len;
+ while (pos + 2 < end) {
+ if (pos + 2 + pos[1] > end)
+ break;
+ switch (*pos) {
+ case WLAN_EID_MOBILITY_DOMAIN:
+ mdie = pos;
+ break;
+ case WLAN_EID_FAST_BSS_TRANSITION:
+ ftie = pos;
+ break;
+ }
+ pos += 2 + pos[1];
+ }
+ }
+
+ if (ft_validate_mdie(sm, src_addr, ie, mdie) < 0 ||
+ ft_validate_ftie(sm, src_addr, ie, ftie) < 0 ||
+ ft_validate_rsnie(sm, src_addr, ie) < 0)
+ return -1;
+
+ return 0;
+}
+
+#endif /* CONFIG_IEEE80211R */
+
+
static int wpa_supplicant_validate_ie(struct wpa_sm *sm,
const unsigned char *src_addr,
struct wpa_eapol_ie_parse *ie)
(ie->wpa_ie_len != sm->ap_wpa_ie_len ||
os_memcmp(ie->wpa_ie, sm->ap_wpa_ie, ie->wpa_ie_len) != 0)) ||
(ie->rsn_ie && sm->ap_rsn_ie &&
- (ie->rsn_ie_len != sm->ap_rsn_ie_len ||
- os_memcmp(ie->rsn_ie, sm->ap_rsn_ie, ie->rsn_ie_len) != 0))) {
+ wpa_compare_rsn_ie(wpa_key_mgmt_ft(sm->key_mgmt),
+ sm->ap_rsn_ie, sm->ap_rsn_ie_len,
+ ie->rsn_ie, ie->rsn_ie_len))) {
wpa_report_ie_mismatch(sm, "IE in 3/4 msg does not match "
"with IE in Beacon/ProbeResp",
src_addr, ie->wpa_ie, ie->wpa_ie_len,
}
#ifdef CONFIG_IEEE80211R
- if (sm->key_mgmt == WPA_KEY_MGMT_FT_IEEE8021X ||
- sm->key_mgmt == WPA_KEY_MGMT_FT_PSK) {
- struct rsn_mdie *mdie;
- /* TODO: verify that full MDIE matches with the one from scan
- * results, not only mobility domain */
- mdie = (struct rsn_mdie *) (ie->mdie + 2);
- if (ie->mdie == NULL || ie->mdie_len < 2 + sizeof(*mdie) ||
- os_memcmp(mdie->mobility_domain, sm->mobility_domain,
- MOBILITY_DOMAIN_ID_LEN) != 0) {
- wpa_printf(MSG_DEBUG, "FT: MDIE in msg 3/4 did not "
- "match with the current mobility domain");
- return -1;
- }
- }
+ if (wpa_key_mgmt_ft(sm->key_mgmt) &&
+ wpa_supplicant_validate_ie_ft(sm, src_addr, ie) < 0)
+ return -1;
#endif /* CONFIG_IEEE80211R */
return 0;
wpa_supplicant_parse_ies(pos, len, &ie);
if (ie.gtk && !(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) {
wpa_printf(MSG_WARNING, "WPA: GTK IE in unencrypted key data");
- return;
+ goto failed;
}
#ifdef CONFIG_IEEE80211W
if (ie.igtk && !(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) {
wpa_printf(MSG_WARNING, "WPA: IGTK KDE in unencrypted key "
"data");
- return;
+ goto failed;
}
if (ie.igtk && ie.igtk_len != sizeof(struct wpa_igtk_kde)) {
wpa_printf(MSG_WARNING, "WPA: Invalid IGTK KDE length %lu",
(unsigned long) ie.igtk_len);
- return;
+ goto failed;
}
#endif /* CONFIG_IEEE80211W */
if (wpa_supplicant_validate_ie(sm, sm->bssid, &ie) < 0)
- return;
+ goto failed;
if (os_memcmp(sm->anonce, key->key_nonce, WPA_NONCE_LEN) != 0) {
wpa_printf(MSG_WARNING, "WPA: ANonce from message 1 of 4-Way "
"Handshake differs from 3 of 4-Way Handshake - drop"
" packet (src=" MACSTR ")", MAC2STR(sm->bssid));
- return;
+ goto failed;
}
keylen = WPA_GET_BE16(key->key_length);
wpa_printf(MSG_WARNING, "WPA: Invalid CCMP key length "
"%d (src=" MACSTR ")",
keylen, MAC2STR(sm->bssid));
- return;
+ goto failed;
}
break;
case WPA_CIPHER_TKIP:
wpa_printf(MSG_WARNING, "WPA: Invalid TKIP key length "
"%d (src=" MACSTR ")",
keylen, MAC2STR(sm->bssid));
- return;
+ goto failed;
}
break;
}
if (wpa_supplicant_send_4_of_4(sm, sm->bssid, key, ver, key_info,
- NULL, 0, &sm->ptk))
- return;
+ NULL, 0, &sm->ptk)) {
+ goto failed;
+ }
/* SNonce was successfully used in msg 3/4, so mark it to be renewed
* for the next 4-Way Handshake. If msg 3 is received again, the old
sm->renew_snonce = 1;
if (key_info & WPA_KEY_INFO_INSTALL) {
- wpa_supplicant_install_ptk(sm, key);
+ if (wpa_supplicant_install_ptk(sm, key))
+ goto failed;
}
if (key_info & WPA_KEY_INFO_SECURE) {
wpa_supplicant_pairwise_gtk(sm, key,
ie.gtk, ie.gtk_len, key_info) < 0) {
wpa_printf(MSG_INFO, "RSN: Failed to configure GTK");
+ goto failed;
}
- if (ieee80211w_set_keys(sm, &ie) < 0)
+ if (ieee80211w_set_keys(sm, &ie) < 0) {
wpa_printf(MSG_INFO, "RSN: Failed to configure IGTK");
+ goto failed;
+ }
+
+ return;
+
+failed:
+ wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED);
}
return -1;
}
os_memcpy(gd->gtk, key + 1, keydatalen);
- rc4_skip(ek, 32, 256, gd->gtk, keydatalen);
+ if (rc4_skip(ek, 32, 256, gd->gtk, keydatalen)) {
+ wpa_printf(MSG_ERROR, "WPA: RC4 failed");
+ return -1;
+ }
} else if (ver == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) {
if (keydatalen % 8) {
wpa_printf(MSG_WARNING, "WPA: Unsupported AES-WRAP "
wpa_sm_set_state(sm, WPA_GROUP_HANDSHAKE);
if (ret)
- return;
+ goto failed;
if (wpa_supplicant_install_gtk(sm, &gd, key->key_rsc) ||
wpa_supplicant_send_2_of_2(sm, key, ver, key_info))
- return;
+ goto failed;
if (rekey) {
- wpa_msg(sm->ctx->ctx, MSG_INFO, "WPA: Group rekeying "
+ wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: Group rekeying "
"completed with " MACSTR " [GTK=%s]",
MAC2STR(sm->bssid), wpa_cipher_txt(sm->group_cipher));
wpa_sm_cancel_auth_timeout(sm);
key_info &
WPA_KEY_INFO_SECURE);
}
+ return;
+
+failed:
+ wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED);
}
u8 ek[32];
os_memcpy(ek, key->key_iv, 16);
os_memcpy(ek + 16, sm->ptk.kek, 16);
- rc4_skip(ek, 32, 256, (u8 *) (key + 1), keydatalen);
+ if (rc4_skip(ek, 32, 256, (u8 *) (key + 1), keydatalen)) {
+ wpa_printf(MSG_ERROR, "WPA: RC4 failed");
+ return -1;
+ }
} else if (ver == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES ||
ver == WPA_KEY_INFO_TYPE_AES_128_CMAC) {
u8 *buf;
key_info = WPA_GET_BE16(key->key_info);
ver = key_info & WPA_KEY_INFO_TYPE_MASK;
if (ver != WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 &&
-#ifdef CONFIG_IEEE80211R
+#if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W)
ver != WPA_KEY_INFO_TYPE_AES_128_CMAC &&
-#endif /* CONFIG_IEEE80211R */
+#endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W */
ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) {
wpa_printf(MSG_INFO, "WPA: Unsupported EAPOL-Key descriptor "
"version %d.", ver);
}
#ifdef CONFIG_IEEE80211R
- if (sm->key_mgmt == WPA_KEY_MGMT_FT_IEEE8021X ||
- sm->key_mgmt == WPA_KEY_MGMT_FT_PSK) {
+ if (wpa_key_mgmt_ft(sm->key_mgmt)) {
/* IEEE 802.11r uses a new key_info type (AES-128-CMAC). */
if (ver != WPA_KEY_INFO_TYPE_AES_128_CMAC) {
wpa_printf(MSG_INFO, "FT: AP did not use "
}
} else
#endif /* CONFIG_IEEE80211R */
+#ifdef CONFIG_IEEE80211W
+ if (wpa_key_mgmt_sha256(sm->key_mgmt)) {
+ if (ver != WPA_KEY_INFO_TYPE_AES_128_CMAC) {
+ wpa_printf(MSG_INFO, "WPA: AP did not use the "
+ "negotiated AES-128-CMAC.");
+ goto out;
+ }
+ } else
+#endif /* CONFIG_IEEE80211W */
if (sm->pairwise_cipher == WPA_CIPHER_CCMP &&
ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) {
wpa_printf(MSG_INFO, "WPA: CCMP is used, but EAPOL-Key "
extra_len = data_len - sizeof(*hdr) - sizeof(*key);
if (WPA_GET_BE16(key->key_data_length) > extra_len) {
- wpa_msg(sm->ctx->ctx, MSG_INFO, "WPA: Invalid EAPOL-Key "
+ wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: Invalid EAPOL-Key "
"frame - key_data overflow (%d > %lu)",
WPA_GET_BE16(key->key_data_length),
(unsigned long) extra_len);
case WPA_KEY_MGMT_FT_PSK:
return RSN_AUTH_KEY_MGMT_FT_PSK;
#endif /* CONFIG_IEEE80211R */
+#ifdef CONFIG_IEEE80211W
+ case WPA_KEY_MGMT_IEEE8021X_SHA256:
+ return RSN_AUTH_KEY_MGMT_802_1X_SHA256;
+ case WPA_KEY_MGMT_PSK_SHA256:
+ return RSN_AUTH_KEY_MGMT_PSK_SHA256;
+#endif /* CONFIG_IEEE80211W */
case WPA_KEY_MGMT_WPA_NONE:
return WPA_AUTH_KEY_MGMT_NONE;
default:
} else
pmkid_txt[0] = '\0';
- if ((sm->key_mgmt == WPA_KEY_MGMT_PSK ||
- sm->key_mgmt == WPA_KEY_MGMT_IEEE8021X ||
- sm->key_mgmt == WPA_KEY_MGMT_FT_PSK ||
- sm->key_mgmt == WPA_KEY_MGMT_FT_IEEE8021X) &&
+ if ((wpa_key_mgmt_wpa_psk(sm->key_mgmt) ||
+ wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt)) &&
sm->proto == WPA_PROTO_RSN)
rsna = 1;
else
sm = os_zalloc(sizeof(*sm));
if (sm == NULL)
return NULL;
+ dl_list_init(&sm->pmksa_candidates);
sm->renew_snonce = 1;
sm->ctx = ctx;
return;
pmksa_cache_deinit(sm->pmksa);
eloop_cancel_timeout(wpa_sm_start_preauth, sm, NULL);
+ eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL);
os_free(sm->assoc_wpa_ie);
os_free(sm->ap_wpa_ie);
os_free(sm->ap_rsn_ie);
os_free(sm->ctx);
peerkey_deinit(sm);
+#ifdef CONFIG_IEEE80211R
+ os_free(sm->assoc_resp_ies);
+#endif /* CONFIG_IEEE80211R */
os_free(sm);
}
#ifdef CONFIG_IEEE80211R
if (wpa_ft_is_completed(sm)) {
+ /*
+ * Clear portValid to kick EAPOL state machine to re-enter
+ * AUTHENTICATED state to get the EAPOL port Authorized.
+ */
+ eapol_sm_notify_portValid(sm->eapol, FALSE);
wpa_supplicant_key_neg_complete(sm, sm->bssid, 1);
/* Prepare for the next transition */
- wpa_ft_prepare_auth_request(sm);
+ wpa_ft_prepare_auth_request(sm, NULL);
clear_ptk = 0;
}
sm->ssid_len = config->ssid_len;
} else
sm->ssid_len = 0;
+ sm->wpa_ptk_rekey = config->wpa_ptk_rekey;
} else {
sm->network_ctx = NULL;
sm->peerkey_enabled = 0;
sm->eap_workaround = 0;
sm->eap_conf_ctx = NULL;
sm->ssid_len = 0;
+ sm->wpa_ptk_rekey = 0;
}
if (config == NULL || config->network_ctx != sm->network_ctx)
pmksa_cache_notify_reconfig(sm->pmksa);
case WPA_PARAM_RSN_ENABLED:
sm->rsn_enabled = value;
break;
+ case WPA_PARAM_MFP:
+ sm->mfp = value;
+ break;
default:
break;
}
return -2;
return 0;
}
+
+
+int wpa_sm_pmksa_cache_list(struct wpa_sm *sm, char *buf, size_t len)
+{
+#ifndef CONFIG_NO_WPA2
+ return pmksa_cache_list(sm->pmksa, buf, len);
+#else /* CONFIG_NO_WPA2 */
+ return -1;
+#endif /* CONFIG_NO_WPA2 */
+}
+
+
+void wpa_sm_drop_sa(struct wpa_sm *sm)
+{
+ wpa_printf(MSG_DEBUG, "WPA: Clear old PMK and PTK");
+ sm->ptk_set = 0;
+ sm->tptk_set = 0;
+ os_memset(sm->pmk, 0, sizeof(sm->pmk));
+ os_memset(&sm->ptk, 0, sizeof(sm->ptk));
+ os_memset(&sm->tptk, 0, sizeof(sm->tptk));
+}
projects / libeap.git / blobdiff