mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-19 03:14:05 -05:00
FT/RRB: Add more debug prints for RRB message encryption/decryptiom
This is needed to make it easier to understand what could be going wrong in RRB communication. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
43f68853ab
commit
555c93e2d8
@ -74,7 +74,11 @@ static int wpa_ft_rrb_decrypt(const u8 *key, const size_t key_len,
|
|||||||
const u8 *ad[3] = { src_addr, auth, &type };
|
const u8 *ad[3] = { src_addr, auth, &type };
|
||||||
size_t ad_len[3] = { ETH_ALEN, auth_len, sizeof(type) };
|
size_t ad_len[3] = { ETH_ALEN, auth_len, sizeof(type) };
|
||||||
|
|
||||||
|
wpa_printf(MSG_DEBUG, "FT(RRB): src_addr=" MACSTR " type=%u",
|
||||||
|
MAC2STR(src_addr), type);
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FT(RRB): decrypt using key", key, key_len);
|
wpa_hexdump_key(MSG_DEBUG, "FT(RRB): decrypt using key", key, key_len);
|
||||||
|
wpa_hexdump(MSG_DEBUG, "FT(RRB): encrypted TLVs", enc, enc_len);
|
||||||
|
wpa_hexdump(MSG_DEBUG, "FT(RRB): authenticated TLVs", auth, auth_len);
|
||||||
|
|
||||||
if (!key) { /* skip decryption */
|
if (!key) { /* skip decryption */
|
||||||
*plain = os_memdup(enc, enc_len);
|
*plain = os_memdup(enc, enc_len);
|
||||||
@ -463,9 +467,12 @@ static int wpa_ft_rrb_encrypt(const u8 *key, const size_t key_len,
|
|||||||
const u8 *ad[3] = { src_addr, auth, &type };
|
const u8 *ad[3] = { src_addr, auth, &type };
|
||||||
size_t ad_len[3] = { ETH_ALEN, auth_len, sizeof(type) };
|
size_t ad_len[3] = { ETH_ALEN, auth_len, sizeof(type) };
|
||||||
|
|
||||||
|
wpa_printf(MSG_DEBUG, "FT(RRB): src_addr=" MACSTR " type=%u",
|
||||||
|
MAC2STR(src_addr), type);
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FT(RRB): plaintext message",
|
wpa_hexdump_key(MSG_DEBUG, "FT(RRB): plaintext message",
|
||||||
plain, plain_len);
|
plain, plain_len);
|
||||||
wpa_hexdump_key(MSG_DEBUG, "FT(RRB): encrypt using key", key, key_len);
|
wpa_hexdump_key(MSG_DEBUG, "FT(RRB): encrypt using key", key, key_len);
|
||||||
|
wpa_hexdump(MSG_DEBUG, "FT(RRB): authenticated TLVs", auth, auth_len);
|
||||||
|
|
||||||
if (!key) {
|
if (!key) {
|
||||||
/* encryption not needed, return plaintext as packet */
|
/* encryption not needed, return plaintext as packet */
|
||||||
@ -475,6 +482,8 @@ static int wpa_ft_rrb_encrypt(const u8 *key, const size_t key_len,
|
|||||||
wpa_printf(MSG_ERROR, "FT: Failed to encrypt RRB-OUI message");
|
wpa_printf(MSG_ERROR, "FT: Failed to encrypt RRB-OUI message");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
wpa_hexdump(MSG_DEBUG, "FT(RRB): encrypted TLVs",
|
||||||
|
enc, plain_len + AES_BLOCK_SIZE);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -529,6 +538,7 @@ static int wpa_ft_rrb_build(const u8 *key, const size_t key_len,
|
|||||||
if (wpa_ft_rrb_encrypt(key, key_len, plain, plain_len, auth,
|
if (wpa_ft_rrb_encrypt(key, key_len, plain, plain_len, auth,
|
||||||
auth_len, src_addr, type, pos) < 0)
|
auth_len, src_addr, type, pos) < 0)
|
||||||
goto out;
|
goto out;
|
||||||
|
wpa_hexdump(MSG_MSGDUMP, "FT: RRB frame payload", *packet, *packet_len);
|
||||||
|
|
||||||
ret = 0;
|
ret = 0;
|
||||||
|
|
||||||
@ -596,8 +606,8 @@ static int wpa_ft_rrb_oui_send(struct wpa_authenticator *wpa_auth,
|
|||||||
{
|
{
|
||||||
if (!wpa_auth->cb->send_oui)
|
if (!wpa_auth->cb->send_oui)
|
||||||
return -1;
|
return -1;
|
||||||
wpa_printf(MSG_DEBUG, "FT: RRB-OUI type %u send to " MACSTR,
|
wpa_printf(MSG_DEBUG, "FT: RRB-OUI type %u send to " MACSTR " (len=%u)",
|
||||||
oui_suffix, MAC2STR(dst));
|
oui_suffix, MAC2STR(dst), (unsigned int) data_len);
|
||||||
return wpa_auth->cb->send_oui(wpa_auth->cb_ctx, dst, oui_suffix, data,
|
return wpa_auth->cb->send_oui(wpa_auth->cb_ctx, dst, oui_suffix, data,
|
||||||
data_len);
|
data_len);
|
||||||
}
|
}
|
||||||
@ -907,6 +917,8 @@ wpa_ft_rrb_seq_req(struct wpa_authenticator *wpa_auth,
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
wpa_printf(MSG_DEBUG, "FT: Send out sequence number request to " MACSTR,
|
||||||
|
MAC2STR(src_addr));
|
||||||
item = os_zalloc(sizeof(*item));
|
item = os_zalloc(sizeof(*item));
|
||||||
if (!item)
|
if (!item)
|
||||||
goto err;
|
goto err;
|
||||||
@ -4387,6 +4399,7 @@ void wpa_ft_rrb_oui_rx(struct wpa_authenticator *wpa_auth, const u8 *src_addr,
|
|||||||
wpa_printf(MSG_DEBUG, "FT: RRB-OUI received frame from remote AP "
|
wpa_printf(MSG_DEBUG, "FT: RRB-OUI received frame from remote AP "
|
||||||
MACSTR, MAC2STR(src_addr));
|
MACSTR, MAC2STR(src_addr));
|
||||||
wpa_printf(MSG_DEBUG, "FT: RRB-OUI frame - oui_suffix=%d", oui_suffix);
|
wpa_printf(MSG_DEBUG, "FT: RRB-OUI frame - oui_suffix=%d", oui_suffix);
|
||||||
|
wpa_hexdump(MSG_MSGDUMP, "FT: RRB frame payload", data, data_len);
|
||||||
|
|
||||||
if (is_multicast_ether_addr(src_addr)) {
|
if (is_multicast_ether_addr(src_addr)) {
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
@ -4415,8 +4428,10 @@ void wpa_ft_rrb_oui_rx(struct wpa_authenticator *wpa_auth, const u8 *src_addr,
|
|||||||
}
|
}
|
||||||
|
|
||||||
auth = data + sizeof(u16);
|
auth = data + sizeof(u16);
|
||||||
|
wpa_hexdump(MSG_MSGDUMP, "FT: Authenticated payload", auth, alen);
|
||||||
enc = data + sizeof(u16) + alen;
|
enc = data + sizeof(u16) + alen;
|
||||||
elen = data_len - sizeof(u16) - alen;
|
elen = data_len - sizeof(u16) - alen;
|
||||||
|
wpa_hexdump(MSG_MSGDUMP, "FT: Encrypted payload", enc, elen);
|
||||||
|
|
||||||
switch (oui_suffix) {
|
switch (oui_suffix) {
|
||||||
case FT_PACKET_R0KH_R1KH_PULL:
|
case FT_PACKET_R0KH_R1KH_PULL:
|
||||||
|
Loading…
Reference in New Issue
Block a user