Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2025-01-18 02:44:03 -05:00
Code Issues Projects Releases Wiki Activity

SAE: Fix PMKSA caching behavior in AP mode

Browse Source 
Add PMKID into EAPOL-Key 1/4 when using SAE and fix the PMK-from-PMKSA
selection in some cases where PSK (from passphrase) could have been
used.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2017-09-02 01:02:15 +03:00 committed by Jouni Malinen
parent a6f238f217
commit e61fea6b46
2 changed files with 24 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/ap/wpa_auth.c
View File

@ -852,7 +852,8 @@ static int wpa_try_alt_snonce(struct wpa_state_machine *sm, u8 *data,
os_memset(&PTK, 0, sizeof(PTK)); os_memset(&PTK, 0, sizeof(PTK));
for (;;) { for (;;) {
if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) { if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) &&
!wpa_key_mgmt_sae(sm->wpa_key_mgmt)) {
pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr,
sm->p2p_dev_addr, pmk); sm->p2p_dev_addr, pmk);
if (pmk == NULL) if (pmk == NULL)
@ -2028,6 +2029,13 @@ SM_STATE(WPA_PTK, INITPSK)
sm->xxkey_len = PMK_LEN; sm->xxkey_len = PMK_LEN;
#endif /* CONFIG_IEEE80211R_AP */ #endif /* CONFIG_IEEE80211R_AP */
} }
#ifdef CONFIG_SAE
if (wpa_auth_uses_sae(sm) && sm->pmksa) {
wpa_printf(MSG_DEBUG, "SAE: PMK from PMKSA cache");
os_memcpy(sm->PMK, sm->pmksa->pmk, sm->pmksa->pmk_len);
sm->pmk_len = sm->pmksa->pmk_len;
}
#endif /* CONFIG_SAE */
sm->req_replay_counter_used = 0; sm->req_replay_counter_used = 0;
} }
@ -2056,7 +2064,8 @@ SM_STATE(WPA_PTK, PTKSTART)
* one possible PSK for this STA. * one possible PSK for this STA.
*/ */
if (sm->wpa == WPA_VERSION_WPA2 && if (sm->wpa == WPA_VERSION_WPA2 &&
wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt) && (wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt) ||
wpa_key_mgmt_sae(sm->wpa_key_mgmt)) &&
sm->wpa_key_mgmt != WPA_KEY_MGMT_OSEN) { sm->wpa_key_mgmt != WPA_KEY_MGMT_OSEN) {
pmkid = buf; pmkid = buf;
pmkid_len = 2 + RSN_SELECTOR_LEN + PMKID_LEN; pmkid_len = 2 + RSN_SELECTOR_LEN + PMKID_LEN;
@ -2627,7 +2636,8 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING)
* WPA-PSK: iterate through possible PSKs and select the one matching * WPA-PSK: iterate through possible PSKs and select the one matching
* the packet */ * the packet */
for (;;) { for (;;) {
if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) { if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) &&
!wpa_key_mgmt_sae(sm->wpa_key_mgmt)) {
pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr,
sm->p2p_dev_addr, pmk); sm->p2p_dev_addr, pmk);
if (pmk == NULL) if (pmk == NULL)
@ -3156,9 +3166,13 @@ SM_STEP(WPA_PTK)
break; break;
case WPA_PTK_INITPSK: case WPA_PTK_INITPSK:
if (wpa_auth_get_psk(sm->wpa_auth, sm->addr, sm->p2p_dev_addr, if (wpa_auth_get_psk(sm->wpa_auth, sm->addr, sm->p2p_dev_addr,
NULL)) NULL)) {
SM_ENTER(WPA_PTK, PTKSTART); SM_ENTER(WPA_PTK, PTKSTART);
else { #ifdef CONFIG_SAE
} else if (wpa_auth_uses_sae(sm) && sm->pmksa) {
SM_ENTER(WPA_PTK, PTKSTART);
#endif /* CONFIG_SAE */
} else {
wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO, wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO,
"no PSK configured for the STA"); "no PSK configured for the STA");
wpa_auth->dot11RSNA4WayHandshakeFailures++; wpa_auth->dot11RSNA4WayHandshakeFailures++;

5
src/ap/wpa_auth_glue.c
View File

@ -250,6 +250,11 @@ static const u8 * hostapd_wpa_auth_get_psk(void *ctx, const u8 *addr,
return NULL; return NULL;
return sta->sae->pmk; return sta->sae->pmk;
} }
if (sta && wpa_auth_uses_sae(sta->wpa_sm)) {
wpa_printf(MSG_DEBUG,
"No PSK for STA trying to use SAE with PMKSA caching");
return NULL;
}
#endif /* CONFIG_SAE */ #endif /* CONFIG_SAE */
#ifdef CONFIG_OWE #ifdef CONFIG_OWE