mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-18 02:44:03 -05:00
OWE: Use AKM 00-0F-AC:11 style parameters for EAPOL-Key frames
draft-harkins-owe-07.txt does not specify these parameters, so need to pick something sensible to use for the experimental implementation. The Suite B 128-bit level AKM 00-0F-AC:11 has reasonable parameters for the DH group 19 case (i.e., SHA256 hash), so use it for now. This can be updated if the OWE RFC becomes clearer on the appropriate parameters (KEK/KCK/MIC length, PRF/KDF algorithm, and key-wrap algorithm). Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
ef9627cbc7
commit
07a5fe823e
@ -1018,6 +1018,7 @@ void wpa_receive(struct wpa_authenticator *wpa_auth,
|
||||
|
||||
if (!wpa_use_aes_cmac(sm) &&
|
||||
!wpa_key_mgmt_fils(sm->wpa_key_mgmt) &&
|
||||
sm->wpa_key_mgmt != WPA_KEY_MGMT_OWE &&
|
||||
ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) {
|
||||
wpa_auth_logger(wpa_auth, sm->addr,
|
||||
LOGGER_WARNING,
|
||||
@ -1028,7 +1029,8 @@ void wpa_receive(struct wpa_authenticator *wpa_auth,
|
||||
}
|
||||
|
||||
if ((wpa_key_mgmt_suite_b(sm->wpa_key_mgmt) ||
|
||||
wpa_key_mgmt_fils(sm->wpa_key_mgmt)) &&
|
||||
wpa_key_mgmt_fils(sm->wpa_key_mgmt) ||
|
||||
sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE) &&
|
||||
ver != WPA_KEY_INFO_TYPE_AKM_DEFINED) {
|
||||
wpa_auth_logger(wpa_auth, sm->addr, LOGGER_WARNING,
|
||||
"did not use EAPOL-Key descriptor version 0 as required for AKM-defined cases");
|
||||
@ -1419,6 +1421,7 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth,
|
||||
if (force_version)
|
||||
version = force_version;
|
||||
else if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN ||
|
||||
sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE ||
|
||||
wpa_key_mgmt_suite_b(sm->wpa_key_mgmt) ||
|
||||
wpa_key_mgmt_fils(sm->wpa_key_mgmt))
|
||||
version = WPA_KEY_INFO_TYPE_AKM_DEFINED;
|
||||
@ -1444,6 +1447,7 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth,
|
||||
key_data_len = kde_len;
|
||||
|
||||
if ((version == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES ||
|
||||
sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE ||
|
||||
sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN ||
|
||||
wpa_key_mgmt_suite_b(sm->wpa_key_mgmt) ||
|
||||
version == WPA_KEY_INFO_TYPE_AES_128_CMAC) && encr) {
|
||||
@ -1546,6 +1550,7 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth,
|
||||
wpa_hexdump_key(MSG_DEBUG, "Plaintext EAPOL-Key Key Data",
|
||||
buf, key_data_len);
|
||||
if (version == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES ||
|
||||
sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE ||
|
||||
sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN ||
|
||||
wpa_key_mgmt_suite_b(sm->wpa_key_mgmt) ||
|
||||
version == WPA_KEY_INFO_TYPE_AES_128_CMAC) {
|
||||
|
@ -136,6 +136,15 @@ int wpa_eapol_key_mic(const u8 *key, size_t key_len, int akmp, int ver,
|
||||
os_memcpy(mic, hash, 24);
|
||||
break;
|
||||
#endif /* CONFIG_SUITEB192 */
|
||||
#ifdef CONFIG_OWE
|
||||
case WPA_KEY_MGMT_OWE:
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"WPA: EAPOL-Key MIC using HMAC-SHA256 (AKM-defined - OWE)");
|
||||
if (hmac_sha256(key, key_len, buf, len, hash))
|
||||
return -1;
|
||||
os_memcpy(mic, hash, MD5_MAC_LEN);
|
||||
break;
|
||||
#endif /* CONFIG_OWE */
|
||||
default:
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"WPA: EAPOL-Key MIC algorithm not known (AKM-defined - akmp=0x%x)",
|
||||
@ -218,7 +227,7 @@ int wpa_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const char *label,
|
||||
#else /* CONFIG_SUITEB192 || CONFIG_FILS */
|
||||
return -1;
|
||||
#endif /* CONFIG_SUITEB192 || CONFIG_FILS */
|
||||
} else if (wpa_key_mgmt_sha256(akmp)) {
|
||||
} else if (wpa_key_mgmt_sha256(akmp) || akmp == WPA_KEY_MGMT_OWE) {
|
||||
#ifdef CONFIG_IEEE80211W
|
||||
wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA256)");
|
||||
if (sha256_prf(pmk, pmk_len, label, data, sizeof(data),
|
||||
|
@ -1737,6 +1737,7 @@ static int wpa_supplicant_decrypt_key_data(struct wpa_sm *sm,
|
||||
#endif /* CONFIG_NO_RC4 */
|
||||
} else if (ver == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES ||
|
||||
ver == WPA_KEY_INFO_TYPE_AES_128_CMAC ||
|
||||
sm->key_mgmt == WPA_KEY_MGMT_OWE ||
|
||||
sm->key_mgmt == WPA_KEY_MGMT_OSEN ||
|
||||
wpa_key_mgmt_suite_b(sm->key_mgmt)) {
|
||||
u8 *buf;
|
||||
@ -2018,6 +2019,7 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr,
|
||||
ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES &&
|
||||
!wpa_key_mgmt_suite_b(sm->key_mgmt) &&
|
||||
!wpa_key_mgmt_fils(sm->key_mgmt) &&
|
||||
sm->key_mgmt != WPA_KEY_MGMT_OWE &&
|
||||
sm->key_mgmt != WPA_KEY_MGMT_OSEN) {
|
||||
wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
|
||||
"WPA: Unsupported EAPOL-Key descriptor version %d",
|
||||
@ -2034,7 +2036,8 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr,
|
||||
}
|
||||
|
||||
if ((wpa_key_mgmt_suite_b(sm->key_mgmt) ||
|
||||
wpa_key_mgmt_fils(sm->key_mgmt)) &&
|
||||
wpa_key_mgmt_fils(sm->key_mgmt) ||
|
||||
sm->key_mgmt == WPA_KEY_MGMT_OWE) &&
|
||||
ver != WPA_KEY_INFO_TYPE_AKM_DEFINED) {
|
||||
wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
|
||||
"RSN: Unsupported EAPOL-Key descriptor version %d (expected AKM defined = 0)",
|
||||
@ -2068,6 +2071,7 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr,
|
||||
if (sm->pairwise_cipher == WPA_CIPHER_CCMP &&
|
||||
!wpa_key_mgmt_suite_b(sm->key_mgmt) &&
|
||||
!wpa_key_mgmt_fils(sm->key_mgmt) &&
|
||||
sm->key_mgmt != WPA_KEY_MGMT_OWE &&
|
||||
ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) {
|
||||
wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
|
||||
"WPA: CCMP is used, but EAPOL-Key "
|
||||
|
Loading…
Reference in New Issue
Block a user