mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 00:38:24 -05:00
2100a768bf
Previous version could have allowed a broken client to complete WPA (or WPA2) authentication even if the selected proto was not enabled in hostapd configuration.
865 lines
23 KiB
C
865 lines
23 KiB
C
/*
|
|
* hostapd - WPA/RSN IE and KDE definitions
|
|
* Copyright (c) 2004-2008, Jouni Malinen <j@w1.fi>
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License version 2 as
|
|
* published by the Free Software Foundation.
|
|
*
|
|
* Alternatively, this software may be distributed under the terms of BSD
|
|
* license.
|
|
*
|
|
* See README and COPYING for more details.
|
|
*/
|
|
|
|
#include "includes.h"
|
|
|
|
#include "common.h"
|
|
#include "config.h"
|
|
#include "ieee802_11.h"
|
|
#include "eapol_sm.h"
|
|
#include "wpa.h"
|
|
#include "pmksa_cache.h"
|
|
#include "wpa_auth_ie.h"
|
|
#include "wpa_auth_i.h"
|
|
|
|
|
|
static int wpa_write_wpa_ie(struct wpa_auth_config *conf, u8 *buf, size_t len)
|
|
{
|
|
struct wpa_ie_hdr *hdr;
|
|
int num_suites;
|
|
u8 *pos, *count;
|
|
|
|
hdr = (struct wpa_ie_hdr *) buf;
|
|
hdr->elem_id = WLAN_EID_VENDOR_SPECIFIC;
|
|
RSN_SELECTOR_PUT(hdr->oui, WPA_OUI_TYPE);
|
|
WPA_PUT_LE16(hdr->version, WPA_VERSION);
|
|
pos = (u8 *) (hdr + 1);
|
|
|
|
if (conf->wpa_group == WPA_CIPHER_CCMP) {
|
|
RSN_SELECTOR_PUT(pos, WPA_CIPHER_SUITE_CCMP);
|
|
} else if (conf->wpa_group == WPA_CIPHER_TKIP) {
|
|
RSN_SELECTOR_PUT(pos, WPA_CIPHER_SUITE_TKIP);
|
|
} else if (conf->wpa_group == WPA_CIPHER_WEP104) {
|
|
RSN_SELECTOR_PUT(pos, WPA_CIPHER_SUITE_WEP104);
|
|
} else if (conf->wpa_group == WPA_CIPHER_WEP40) {
|
|
RSN_SELECTOR_PUT(pos, WPA_CIPHER_SUITE_WEP40);
|
|
} else {
|
|
wpa_printf(MSG_DEBUG, "Invalid group cipher (%d).",
|
|
conf->wpa_group);
|
|
return -1;
|
|
}
|
|
pos += WPA_SELECTOR_LEN;
|
|
|
|
num_suites = 0;
|
|
count = pos;
|
|
pos += 2;
|
|
|
|
if (conf->wpa_pairwise & WPA_CIPHER_CCMP) {
|
|
RSN_SELECTOR_PUT(pos, WPA_CIPHER_SUITE_CCMP);
|
|
pos += WPA_SELECTOR_LEN;
|
|
num_suites++;
|
|
}
|
|
if (conf->wpa_pairwise & WPA_CIPHER_TKIP) {
|
|
RSN_SELECTOR_PUT(pos, WPA_CIPHER_SUITE_TKIP);
|
|
pos += WPA_SELECTOR_LEN;
|
|
num_suites++;
|
|
}
|
|
if (conf->wpa_pairwise & WPA_CIPHER_NONE) {
|
|
RSN_SELECTOR_PUT(pos, WPA_CIPHER_SUITE_NONE);
|
|
pos += WPA_SELECTOR_LEN;
|
|
num_suites++;
|
|
}
|
|
|
|
if (num_suites == 0) {
|
|
wpa_printf(MSG_DEBUG, "Invalid pairwise cipher (%d).",
|
|
conf->wpa_pairwise);
|
|
return -1;
|
|
}
|
|
WPA_PUT_LE16(count, num_suites);
|
|
|
|
num_suites = 0;
|
|
count = pos;
|
|
pos += 2;
|
|
|
|
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
|
|
RSN_SELECTOR_PUT(pos, WPA_AUTH_KEY_MGMT_UNSPEC_802_1X);
|
|
pos += WPA_SELECTOR_LEN;
|
|
num_suites++;
|
|
}
|
|
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
|
|
RSN_SELECTOR_PUT(pos, WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X);
|
|
pos += WPA_SELECTOR_LEN;
|
|
num_suites++;
|
|
}
|
|
|
|
if (num_suites == 0) {
|
|
wpa_printf(MSG_DEBUG, "Invalid key management type (%d).",
|
|
conf->wpa_key_mgmt);
|
|
return -1;
|
|
}
|
|
WPA_PUT_LE16(count, num_suites);
|
|
|
|
/* WPA Capabilities; use defaults, so no need to include it */
|
|
|
|
hdr->len = (pos - buf) - 2;
|
|
|
|
return pos - buf;
|
|
}
|
|
|
|
|
|
int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
|
|
const u8 *pmkid)
|
|
{
|
|
struct rsn_ie_hdr *hdr;
|
|
int num_suites;
|
|
u8 *pos, *count;
|
|
u16 capab;
|
|
|
|
hdr = (struct rsn_ie_hdr *) buf;
|
|
hdr->elem_id = WLAN_EID_RSN;
|
|
WPA_PUT_LE16(hdr->version, RSN_VERSION);
|
|
pos = (u8 *) (hdr + 1);
|
|
|
|
if (conf->wpa_group == WPA_CIPHER_CCMP) {
|
|
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_CCMP);
|
|
} else if (conf->wpa_group == WPA_CIPHER_TKIP) {
|
|
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_TKIP);
|
|
} else if (conf->wpa_group == WPA_CIPHER_WEP104) {
|
|
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_WEP104);
|
|
} else if (conf->wpa_group == WPA_CIPHER_WEP40) {
|
|
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_WEP40);
|
|
} else {
|
|
wpa_printf(MSG_DEBUG, "Invalid group cipher (%d).",
|
|
conf->wpa_group);
|
|
return -1;
|
|
}
|
|
pos += RSN_SELECTOR_LEN;
|
|
|
|
num_suites = 0;
|
|
count = pos;
|
|
pos += 2;
|
|
|
|
if (conf->rsn_pairwise & WPA_CIPHER_CCMP) {
|
|
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_CCMP);
|
|
pos += RSN_SELECTOR_LEN;
|
|
num_suites++;
|
|
}
|
|
if (conf->rsn_pairwise & WPA_CIPHER_TKIP) {
|
|
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_TKIP);
|
|
pos += RSN_SELECTOR_LEN;
|
|
num_suites++;
|
|
}
|
|
if (conf->rsn_pairwise & WPA_CIPHER_NONE) {
|
|
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_NONE);
|
|
pos += RSN_SELECTOR_LEN;
|
|
num_suites++;
|
|
}
|
|
|
|
if (num_suites == 0) {
|
|
wpa_printf(MSG_DEBUG, "Invalid pairwise cipher (%d).",
|
|
conf->rsn_pairwise);
|
|
return -1;
|
|
}
|
|
WPA_PUT_LE16(count, num_suites);
|
|
|
|
num_suites = 0;
|
|
count = pos;
|
|
pos += 2;
|
|
|
|
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
|
|
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_UNSPEC_802_1X);
|
|
pos += RSN_SELECTOR_LEN;
|
|
num_suites++;
|
|
}
|
|
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
|
|
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X);
|
|
pos += RSN_SELECTOR_LEN;
|
|
num_suites++;
|
|
}
|
|
#ifdef CONFIG_IEEE80211R
|
|
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
|
|
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_802_1X);
|
|
pos += RSN_SELECTOR_LEN;
|
|
num_suites++;
|
|
}
|
|
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) {
|
|
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_PSK);
|
|
pos += RSN_SELECTOR_LEN;
|
|
num_suites++;
|
|
}
|
|
#endif /* CONFIG_IEEE80211R */
|
|
#ifdef CONFIG_IEEE80211W
|
|
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
|
|
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SHA256);
|
|
pos += RSN_SELECTOR_LEN;
|
|
num_suites++;
|
|
}
|
|
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
|
|
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_SHA256);
|
|
pos += RSN_SELECTOR_LEN;
|
|
num_suites++;
|
|
}
|
|
#endif /* CONFIG_IEEE80211W */
|
|
|
|
if (num_suites == 0) {
|
|
wpa_printf(MSG_DEBUG, "Invalid key management type (%d).",
|
|
conf->wpa_key_mgmt);
|
|
return -1;
|
|
}
|
|
WPA_PUT_LE16(count, num_suites);
|
|
|
|
/* RSN Capabilities */
|
|
capab = 0;
|
|
if (conf->rsn_preauth)
|
|
capab |= WPA_CAPABILITY_PREAUTH;
|
|
if (conf->peerkey)
|
|
capab |= WPA_CAPABILITY_PEERKEY_ENABLED;
|
|
if (conf->wme_enabled) {
|
|
/* 4 PTKSA replay counters when using WME */
|
|
capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
|
|
}
|
|
#ifdef CONFIG_IEEE80211W
|
|
if (conf->ieee80211w != WPA_NO_IEEE80211W) {
|
|
capab |= WPA_CAPABILITY_MFPC;
|
|
if (conf->ieee80211w == IEEE80211W_REQUIRED)
|
|
capab |= WPA_CAPABILITY_MFPR;
|
|
}
|
|
#endif /* CONFIG_IEEE80211W */
|
|
WPA_PUT_LE16(pos, capab);
|
|
pos += 2;
|
|
|
|
if (pmkid) {
|
|
if (pos + 2 + PMKID_LEN > buf + len)
|
|
return -1;
|
|
/* PMKID Count */
|
|
WPA_PUT_LE16(pos, 1);
|
|
pos += 2;
|
|
os_memcpy(pos, pmkid, PMKID_LEN);
|
|
pos += PMKID_LEN;
|
|
}
|
|
|
|
#ifdef CONFIG_IEEE80211W
|
|
if (conf->ieee80211w != WPA_NO_IEEE80211W) {
|
|
if (pos + 2 + 4 > buf + len)
|
|
return -1;
|
|
if (pmkid == NULL) {
|
|
/* PMKID Count */
|
|
WPA_PUT_LE16(pos, 0);
|
|
pos += 2;
|
|
}
|
|
|
|
/* Management Group Cipher Suite */
|
|
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC);
|
|
pos += RSN_SELECTOR_LEN;
|
|
}
|
|
#endif /* CONFIG_IEEE80211W */
|
|
|
|
hdr->len = (pos - buf) - 2;
|
|
|
|
return pos - buf;
|
|
}
|
|
|
|
|
|
int wpa_auth_gen_wpa_ie(struct wpa_authenticator *wpa_auth)
|
|
{
|
|
u8 *pos, buf[128];
|
|
int res;
|
|
|
|
pos = buf;
|
|
|
|
if (wpa_auth->conf.wpa & WPA_PROTO_RSN) {
|
|
res = wpa_write_rsn_ie(&wpa_auth->conf,
|
|
pos, buf + sizeof(buf) - pos, NULL);
|
|
if (res < 0)
|
|
return res;
|
|
pos += res;
|
|
}
|
|
#ifdef CONFIG_IEEE80211R
|
|
if (wpa_auth->conf.wpa_key_mgmt &
|
|
(WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_FT_PSK)) {
|
|
res = wpa_write_mdie(&wpa_auth->conf, pos,
|
|
buf + sizeof(buf) - pos);
|
|
if (res < 0)
|
|
return res;
|
|
pos += res;
|
|
}
|
|
#endif /* CONFIG_IEEE80211R */
|
|
if (wpa_auth->conf.wpa & WPA_PROTO_WPA) {
|
|
res = wpa_write_wpa_ie(&wpa_auth->conf,
|
|
pos, buf + sizeof(buf) - pos);
|
|
if (res < 0)
|
|
return res;
|
|
pos += res;
|
|
}
|
|
|
|
os_free(wpa_auth->wpa_ie);
|
|
wpa_auth->wpa_ie = os_malloc(pos - buf);
|
|
if (wpa_auth->wpa_ie == NULL)
|
|
return -1;
|
|
os_memcpy(wpa_auth->wpa_ie, buf, pos - buf);
|
|
wpa_auth->wpa_ie_len = pos - buf;
|
|
|
|
return 0;
|
|
}
|
|
|
|
|
|
u8 * wpa_add_kde(u8 *pos, u32 kde, const u8 *data, size_t data_len,
|
|
const u8 *data2, size_t data2_len)
|
|
{
|
|
*pos++ = WLAN_EID_VENDOR_SPECIFIC;
|
|
*pos++ = RSN_SELECTOR_LEN + data_len + data2_len;
|
|
RSN_SELECTOR_PUT(pos, kde);
|
|
pos += RSN_SELECTOR_LEN;
|
|
os_memcpy(pos, data, data_len);
|
|
pos += data_len;
|
|
if (data2) {
|
|
os_memcpy(pos, data2, data2_len);
|
|
pos += data2_len;
|
|
}
|
|
return pos;
|
|
}
|
|
|
|
|
|
static int wpa_selector_to_bitfield(const u8 *s)
|
|
{
|
|
if (RSN_SELECTOR_GET(s) == WPA_CIPHER_SUITE_NONE)
|
|
return WPA_CIPHER_NONE;
|
|
if (RSN_SELECTOR_GET(s) == WPA_CIPHER_SUITE_WEP40)
|
|
return WPA_CIPHER_WEP40;
|
|
if (RSN_SELECTOR_GET(s) == WPA_CIPHER_SUITE_TKIP)
|
|
return WPA_CIPHER_TKIP;
|
|
if (RSN_SELECTOR_GET(s) == WPA_CIPHER_SUITE_CCMP)
|
|
return WPA_CIPHER_CCMP;
|
|
if (RSN_SELECTOR_GET(s) == WPA_CIPHER_SUITE_WEP104)
|
|
return WPA_CIPHER_WEP104;
|
|
return 0;
|
|
}
|
|
|
|
|
|
static int wpa_key_mgmt_to_bitfield(const u8 *s)
|
|
{
|
|
if (RSN_SELECTOR_GET(s) == WPA_AUTH_KEY_MGMT_UNSPEC_802_1X)
|
|
return WPA_KEY_MGMT_IEEE8021X;
|
|
if (RSN_SELECTOR_GET(s) == WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X)
|
|
return WPA_KEY_MGMT_PSK;
|
|
if (RSN_SELECTOR_GET(s) == WPA_AUTH_KEY_MGMT_NONE)
|
|
return WPA_KEY_MGMT_WPA_NONE;
|
|
return 0;
|
|
}
|
|
|
|
|
|
static int wpa_parse_wpa_ie_wpa(const u8 *wpa_ie, size_t wpa_ie_len,
|
|
struct wpa_ie_data *data)
|
|
{
|
|
const struct wpa_ie_hdr *hdr;
|
|
const u8 *pos;
|
|
int left;
|
|
int i, count;
|
|
|
|
os_memset(data, 0, sizeof(*data));
|
|
data->pairwise_cipher = WPA_CIPHER_TKIP;
|
|
data->group_cipher = WPA_CIPHER_TKIP;
|
|
data->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
|
|
data->mgmt_group_cipher = 0;
|
|
|
|
if (wpa_ie_len < sizeof(struct wpa_ie_hdr))
|
|
return -1;
|
|
|
|
hdr = (const struct wpa_ie_hdr *) wpa_ie;
|
|
|
|
if (hdr->elem_id != WLAN_EID_VENDOR_SPECIFIC ||
|
|
hdr->len != wpa_ie_len - 2 ||
|
|
RSN_SELECTOR_GET(hdr->oui) != WPA_OUI_TYPE ||
|
|
WPA_GET_LE16(hdr->version) != WPA_VERSION) {
|
|
return -2;
|
|
}
|
|
|
|
pos = (const u8 *) (hdr + 1);
|
|
left = wpa_ie_len - sizeof(*hdr);
|
|
|
|
if (left >= WPA_SELECTOR_LEN) {
|
|
data->group_cipher = wpa_selector_to_bitfield(pos);
|
|
pos += WPA_SELECTOR_LEN;
|
|
left -= WPA_SELECTOR_LEN;
|
|
} else if (left > 0)
|
|
return -3;
|
|
|
|
if (left >= 2) {
|
|
data->pairwise_cipher = 0;
|
|
count = WPA_GET_LE16(pos);
|
|
pos += 2;
|
|
left -= 2;
|
|
if (count == 0 || left < count * WPA_SELECTOR_LEN)
|
|
return -4;
|
|
for (i = 0; i < count; i++) {
|
|
data->pairwise_cipher |= wpa_selector_to_bitfield(pos);
|
|
pos += WPA_SELECTOR_LEN;
|
|
left -= WPA_SELECTOR_LEN;
|
|
}
|
|
} else if (left == 1)
|
|
return -5;
|
|
|
|
if (left >= 2) {
|
|
data->key_mgmt = 0;
|
|
count = WPA_GET_LE16(pos);
|
|
pos += 2;
|
|
left -= 2;
|
|
if (count == 0 || left < count * WPA_SELECTOR_LEN)
|
|
return -6;
|
|
for (i = 0; i < count; i++) {
|
|
data->key_mgmt |= wpa_key_mgmt_to_bitfield(pos);
|
|
pos += WPA_SELECTOR_LEN;
|
|
left -= WPA_SELECTOR_LEN;
|
|
}
|
|
} else if (left == 1)
|
|
return -7;
|
|
|
|
if (left >= 2) {
|
|
data->capabilities = WPA_GET_LE16(pos);
|
|
pos += 2;
|
|
left -= 2;
|
|
}
|
|
|
|
if (left > 0) {
|
|
return -8;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
|
|
struct wpa_auth_okc_iter_data {
|
|
struct rsn_pmksa_cache_entry *pmksa;
|
|
const u8 *aa;
|
|
const u8 *spa;
|
|
const u8 *pmkid;
|
|
};
|
|
|
|
|
|
static int wpa_auth_okc_iter(struct wpa_authenticator *a, void *ctx)
|
|
{
|
|
struct wpa_auth_okc_iter_data *data = ctx;
|
|
data->pmksa = pmksa_cache_get_okc(a->pmksa, data->aa, data->spa,
|
|
data->pmkid);
|
|
if (data->pmksa)
|
|
return 1;
|
|
return 0;
|
|
}
|
|
|
|
|
|
int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
|
|
struct wpa_state_machine *sm,
|
|
const u8 *wpa_ie, size_t wpa_ie_len,
|
|
const u8 *mdie, size_t mdie_len)
|
|
{
|
|
struct wpa_ie_data data;
|
|
int ciphers, key_mgmt, res, version;
|
|
u32 selector;
|
|
size_t i;
|
|
const u8 *pmkid = NULL;
|
|
|
|
if (wpa_auth == NULL || sm == NULL)
|
|
return WPA_NOT_ENABLED;
|
|
|
|
if (wpa_ie == NULL || wpa_ie_len < 1)
|
|
return WPA_INVALID_IE;
|
|
|
|
if (wpa_ie[0] == WLAN_EID_RSN)
|
|
version = WPA_PROTO_RSN;
|
|
else
|
|
version = WPA_PROTO_WPA;
|
|
|
|
if (!(wpa_auth->conf.wpa & version)) {
|
|
wpa_printf(MSG_DEBUG, "Invalid WPA proto (%d) from " MACSTR,
|
|
version, MAC2STR(sm->addr));
|
|
return WPA_INVALID_PROTO;
|
|
}
|
|
|
|
if (version == WPA_PROTO_RSN) {
|
|
res = wpa_parse_wpa_ie_rsn(wpa_ie, wpa_ie_len, &data);
|
|
|
|
selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
|
|
if (0) {
|
|
}
|
|
#ifdef CONFIG_IEEE80211R
|
|
else if (data.key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
|
|
selector = RSN_AUTH_KEY_MGMT_FT_802_1X;
|
|
else if (data.key_mgmt & WPA_KEY_MGMT_FT_PSK)
|
|
selector = RSN_AUTH_KEY_MGMT_FT_PSK;
|
|
#endif /* CONFIG_IEEE80211R */
|
|
#ifdef CONFIG_IEEE80211W
|
|
else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
|
|
selector = RSN_AUTH_KEY_MGMT_802_1X_SHA256;
|
|
else if (data.key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
|
|
selector = RSN_AUTH_KEY_MGMT_PSK_SHA256;
|
|
#endif /* CONFIG_IEEE80211W */
|
|
else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
|
|
selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
|
|
else if (data.key_mgmt & WPA_KEY_MGMT_PSK)
|
|
selector = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X;
|
|
wpa_auth->dot11RSNAAuthenticationSuiteSelected = selector;
|
|
|
|
selector = RSN_CIPHER_SUITE_CCMP;
|
|
if (data.pairwise_cipher & WPA_CIPHER_CCMP)
|
|
selector = RSN_CIPHER_SUITE_CCMP;
|
|
else if (data.pairwise_cipher & WPA_CIPHER_TKIP)
|
|
selector = RSN_CIPHER_SUITE_TKIP;
|
|
else if (data.pairwise_cipher & WPA_CIPHER_WEP104)
|
|
selector = RSN_CIPHER_SUITE_WEP104;
|
|
else if (data.pairwise_cipher & WPA_CIPHER_WEP40)
|
|
selector = RSN_CIPHER_SUITE_WEP40;
|
|
else if (data.pairwise_cipher & WPA_CIPHER_NONE)
|
|
selector = RSN_CIPHER_SUITE_NONE;
|
|
wpa_auth->dot11RSNAPairwiseCipherSelected = selector;
|
|
|
|
selector = RSN_CIPHER_SUITE_CCMP;
|
|
if (data.group_cipher & WPA_CIPHER_CCMP)
|
|
selector = RSN_CIPHER_SUITE_CCMP;
|
|
else if (data.group_cipher & WPA_CIPHER_TKIP)
|
|
selector = RSN_CIPHER_SUITE_TKIP;
|
|
else if (data.group_cipher & WPA_CIPHER_WEP104)
|
|
selector = RSN_CIPHER_SUITE_WEP104;
|
|
else if (data.group_cipher & WPA_CIPHER_WEP40)
|
|
selector = RSN_CIPHER_SUITE_WEP40;
|
|
else if (data.group_cipher & WPA_CIPHER_NONE)
|
|
selector = RSN_CIPHER_SUITE_NONE;
|
|
wpa_auth->dot11RSNAGroupCipherSelected = selector;
|
|
} else {
|
|
res = wpa_parse_wpa_ie_wpa(wpa_ie, wpa_ie_len, &data);
|
|
|
|
selector = WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
|
|
if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
|
|
selector = WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
|
|
else if (data.key_mgmt & WPA_KEY_MGMT_PSK)
|
|
selector = WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X;
|
|
wpa_auth->dot11RSNAAuthenticationSuiteSelected = selector;
|
|
|
|
selector = WPA_CIPHER_SUITE_TKIP;
|
|
if (data.pairwise_cipher & WPA_CIPHER_CCMP)
|
|
selector = WPA_CIPHER_SUITE_CCMP;
|
|
else if (data.pairwise_cipher & WPA_CIPHER_TKIP)
|
|
selector = WPA_CIPHER_SUITE_TKIP;
|
|
else if (data.pairwise_cipher & WPA_CIPHER_WEP104)
|
|
selector = WPA_CIPHER_SUITE_WEP104;
|
|
else if (data.pairwise_cipher & WPA_CIPHER_WEP40)
|
|
selector = WPA_CIPHER_SUITE_WEP40;
|
|
else if (data.pairwise_cipher & WPA_CIPHER_NONE)
|
|
selector = WPA_CIPHER_SUITE_NONE;
|
|
wpa_auth->dot11RSNAPairwiseCipherSelected = selector;
|
|
|
|
selector = WPA_CIPHER_SUITE_TKIP;
|
|
if (data.group_cipher & WPA_CIPHER_CCMP)
|
|
selector = WPA_CIPHER_SUITE_CCMP;
|
|
else if (data.group_cipher & WPA_CIPHER_TKIP)
|
|
selector = WPA_CIPHER_SUITE_TKIP;
|
|
else if (data.group_cipher & WPA_CIPHER_WEP104)
|
|
selector = WPA_CIPHER_SUITE_WEP104;
|
|
else if (data.group_cipher & WPA_CIPHER_WEP40)
|
|
selector = WPA_CIPHER_SUITE_WEP40;
|
|
else if (data.group_cipher & WPA_CIPHER_NONE)
|
|
selector = WPA_CIPHER_SUITE_NONE;
|
|
wpa_auth->dot11RSNAGroupCipherSelected = selector;
|
|
}
|
|
if (res) {
|
|
wpa_printf(MSG_DEBUG, "Failed to parse WPA/RSN IE from "
|
|
MACSTR " (res=%d)", MAC2STR(sm->addr), res);
|
|
wpa_hexdump(MSG_DEBUG, "WPA/RSN IE", wpa_ie, wpa_ie_len);
|
|
return WPA_INVALID_IE;
|
|
}
|
|
|
|
if (data.group_cipher != wpa_auth->conf.wpa_group) {
|
|
wpa_printf(MSG_DEBUG, "Invalid WPA group cipher (0x%x) from "
|
|
MACSTR, data.group_cipher, MAC2STR(sm->addr));
|
|
return WPA_INVALID_GROUP;
|
|
}
|
|
|
|
key_mgmt = data.key_mgmt & wpa_auth->conf.wpa_key_mgmt;
|
|
if (!key_mgmt) {
|
|
wpa_printf(MSG_DEBUG, "Invalid WPA key mgmt (0x%x) from "
|
|
MACSTR, data.key_mgmt, MAC2STR(sm->addr));
|
|
return WPA_INVALID_AKMP;
|
|
}
|
|
if (0) {
|
|
}
|
|
#ifdef CONFIG_IEEE80211R
|
|
else if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
|
|
sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
|
|
else if (key_mgmt & WPA_KEY_MGMT_FT_PSK)
|
|
sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_PSK;
|
|
#endif /* CONFIG_IEEE80211R */
|
|
#ifdef CONFIG_IEEE80211W
|
|
else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
|
|
sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
|
|
else if (key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
|
|
sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
|
|
#endif /* CONFIG_IEEE80211W */
|
|
else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X)
|
|
sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X;
|
|
else
|
|
sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK;
|
|
|
|
if (version == WPA_PROTO_RSN)
|
|
ciphers = data.pairwise_cipher & wpa_auth->conf.rsn_pairwise;
|
|
else
|
|
ciphers = data.pairwise_cipher & wpa_auth->conf.wpa_pairwise;
|
|
if (!ciphers) {
|
|
wpa_printf(MSG_DEBUG, "Invalid %s pairwise cipher (0x%x) "
|
|
"from " MACSTR,
|
|
version == WPA_PROTO_RSN ? "RSN" : "WPA",
|
|
data.pairwise_cipher, MAC2STR(sm->addr));
|
|
return WPA_INVALID_PAIRWISE;
|
|
}
|
|
|
|
#ifdef CONFIG_IEEE80211W
|
|
if (wpa_auth->conf.ieee80211w == WPA_IEEE80211W_REQUIRED) {
|
|
if (!(data.capabilities & WPA_CAPABILITY_MFPC)) {
|
|
wpa_printf(MSG_DEBUG, "Management frame protection "
|
|
"required, but client did not enable it");
|
|
return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
|
|
}
|
|
|
|
if (ciphers & WPA_CIPHER_TKIP) {
|
|
wpa_printf(MSG_DEBUG, "Management frame protection "
|
|
"cannot use TKIP");
|
|
return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
|
|
}
|
|
|
|
if (data.mgmt_group_cipher != WPA_CIPHER_AES_128_CMAC) {
|
|
wpa_printf(MSG_DEBUG, "Unsupported management group "
|
|
"cipher %d", data.mgmt_group_cipher);
|
|
return WPA_INVALID_MGMT_GROUP_CIPHER;
|
|
}
|
|
}
|
|
|
|
if (wpa_auth->conf.ieee80211w == WPA_NO_IEEE80211W ||
|
|
!(data.capabilities & WPA_CAPABILITY_MFPC))
|
|
sm->mgmt_frame_prot = 0;
|
|
else
|
|
sm->mgmt_frame_prot = 1;
|
|
#endif /* CONFIG_IEEE80211W */
|
|
|
|
#ifdef CONFIG_IEEE80211R
|
|
if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
|
|
if (mdie == NULL || mdie_len < MOBILITY_DOMAIN_ID_LEN + 1) {
|
|
wpa_printf(MSG_DEBUG, "RSN: Trying to use FT, but "
|
|
"MDIE not included");
|
|
return WPA_INVALID_MDIE;
|
|
}
|
|
if (os_memcmp(mdie, wpa_auth->conf.mobility_domain,
|
|
MOBILITY_DOMAIN_ID_LEN) != 0) {
|
|
wpa_hexdump(MSG_DEBUG, "RSN: Attempted to use unknown "
|
|
"MDIE", mdie, MOBILITY_DOMAIN_ID_LEN);
|
|
return WPA_INVALID_MDIE;
|
|
}
|
|
}
|
|
#endif /* CONFIG_IEEE80211R */
|
|
|
|
if (ciphers & WPA_CIPHER_CCMP)
|
|
sm->pairwise = WPA_CIPHER_CCMP;
|
|
else
|
|
sm->pairwise = WPA_CIPHER_TKIP;
|
|
|
|
/* TODO: clear WPA/WPA2 state if STA changes from one to another */
|
|
if (wpa_ie[0] == WLAN_EID_RSN)
|
|
sm->wpa = WPA_VERSION_WPA2;
|
|
else
|
|
sm->wpa = WPA_VERSION_WPA;
|
|
|
|
sm->pmksa = NULL;
|
|
for (i = 0; i < data.num_pmkid; i++) {
|
|
wpa_hexdump(MSG_DEBUG, "RSN IE: STA PMKID",
|
|
&data.pmkid[i * PMKID_LEN], PMKID_LEN);
|
|
sm->pmksa = pmksa_cache_get(wpa_auth->pmksa, sm->addr,
|
|
&data.pmkid[i * PMKID_LEN]);
|
|
if (sm->pmksa) {
|
|
pmkid = sm->pmksa->pmkid;
|
|
break;
|
|
}
|
|
}
|
|
for (i = 0; sm->pmksa == NULL && wpa_auth->conf.okc &&
|
|
i < data.num_pmkid; i++) {
|
|
struct wpa_auth_okc_iter_data idata;
|
|
idata.pmksa = NULL;
|
|
idata.aa = wpa_auth->addr;
|
|
idata.spa = sm->addr;
|
|
idata.pmkid = &data.pmkid[i * PMKID_LEN];
|
|
wpa_auth_for_each_auth(wpa_auth, wpa_auth_okc_iter, &idata);
|
|
if (idata.pmksa) {
|
|
wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
|
|
"OKC match for PMKID");
|
|
sm->pmksa = pmksa_cache_add_okc(wpa_auth->pmksa,
|
|
idata.pmksa,
|
|
wpa_auth->addr,
|
|
idata.pmkid);
|
|
pmkid = idata.pmkid;
|
|
break;
|
|
}
|
|
}
|
|
if (sm->pmksa) {
|
|
wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
|
|
"PMKID found from PMKSA cache "
|
|
"eap_type=%d vlan_id=%d",
|
|
sm->pmksa->eap_type_authsrv,
|
|
sm->pmksa->vlan_id);
|
|
os_memcpy(wpa_auth->dot11RSNAPMKIDUsed, pmkid, PMKID_LEN);
|
|
}
|
|
|
|
if (sm->wpa_ie == NULL || sm->wpa_ie_len < wpa_ie_len) {
|
|
os_free(sm->wpa_ie);
|
|
sm->wpa_ie = os_malloc(wpa_ie_len);
|
|
if (sm->wpa_ie == NULL)
|
|
return WPA_ALLOC_FAIL;
|
|
}
|
|
os_memcpy(sm->wpa_ie, wpa_ie, wpa_ie_len);
|
|
sm->wpa_ie_len = wpa_ie_len;
|
|
|
|
return WPA_IE_OK;
|
|
}
|
|
|
|
|
|
/**
|
|
* wpa_parse_generic - Parse EAPOL-Key Key Data Generic IEs
|
|
* @pos: Pointer to the IE header
|
|
* @end: Pointer to the end of the Key Data buffer
|
|
* @ie: Pointer to parsed IE data
|
|
* Returns: 0 on success, 1 if end mark is found, -1 on failure
|
|
*/
|
|
static int wpa_parse_generic(const u8 *pos, const u8 *end,
|
|
struct wpa_eapol_ie_parse *ie)
|
|
{
|
|
if (pos[1] == 0)
|
|
return 1;
|
|
|
|
if (pos[1] >= 6 &&
|
|
RSN_SELECTOR_GET(pos + 2) == WPA_OUI_TYPE &&
|
|
pos[2 + WPA_SELECTOR_LEN] == 1 &&
|
|
pos[2 + WPA_SELECTOR_LEN + 1] == 0) {
|
|
ie->wpa_ie = pos;
|
|
ie->wpa_ie_len = pos[1] + 2;
|
|
return 0;
|
|
}
|
|
|
|
if (pos + 1 + RSN_SELECTOR_LEN < end &&
|
|
pos[1] >= RSN_SELECTOR_LEN + PMKID_LEN &&
|
|
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_PMKID) {
|
|
ie->pmkid = pos + 2 + RSN_SELECTOR_LEN;
|
|
return 0;
|
|
}
|
|
|
|
if (pos[1] > RSN_SELECTOR_LEN + 2 &&
|
|
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_GROUPKEY) {
|
|
ie->gtk = pos + 2 + RSN_SELECTOR_LEN;
|
|
ie->gtk_len = pos[1] - RSN_SELECTOR_LEN;
|
|
return 0;
|
|
}
|
|
|
|
if (pos[1] > RSN_SELECTOR_LEN + 2 &&
|
|
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_MAC_ADDR) {
|
|
ie->mac_addr = pos + 2 + RSN_SELECTOR_LEN;
|
|
ie->mac_addr_len = pos[1] - RSN_SELECTOR_LEN;
|
|
return 0;
|
|
}
|
|
|
|
#ifdef CONFIG_PEERKEY
|
|
if (pos[1] > RSN_SELECTOR_LEN + 2 &&
|
|
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_SMK) {
|
|
ie->smk = pos + 2 + RSN_SELECTOR_LEN;
|
|
ie->smk_len = pos[1] - RSN_SELECTOR_LEN;
|
|
return 0;
|
|
}
|
|
|
|
if (pos[1] > RSN_SELECTOR_LEN + 2 &&
|
|
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_NONCE) {
|
|
ie->nonce = pos + 2 + RSN_SELECTOR_LEN;
|
|
ie->nonce_len = pos[1] - RSN_SELECTOR_LEN;
|
|
return 0;
|
|
}
|
|
|
|
if (pos[1] > RSN_SELECTOR_LEN + 2 &&
|
|
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_LIFETIME) {
|
|
ie->lifetime = pos + 2 + RSN_SELECTOR_LEN;
|
|
ie->lifetime_len = pos[1] - RSN_SELECTOR_LEN;
|
|
return 0;
|
|
}
|
|
|
|
if (pos[1] > RSN_SELECTOR_LEN + 2 &&
|
|
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_ERROR) {
|
|
ie->error = pos + 2 + RSN_SELECTOR_LEN;
|
|
ie->error_len = pos[1] - RSN_SELECTOR_LEN;
|
|
return 0;
|
|
}
|
|
#endif /* CONFIG_PEERKEY */
|
|
|
|
#ifdef CONFIG_IEEE80211W
|
|
if (pos[1] > RSN_SELECTOR_LEN + 2 &&
|
|
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_IGTK) {
|
|
ie->igtk = pos + 2 + RSN_SELECTOR_LEN;
|
|
ie->igtk_len = pos[1] - RSN_SELECTOR_LEN;
|
|
return 0;
|
|
}
|
|
#endif /* CONFIG_IEEE80211W */
|
|
|
|
return 0;
|
|
}
|
|
|
|
|
|
/**
|
|
* wpa_parse_kde_ies - Parse EAPOL-Key Key Data IEs
|
|
* @buf: Pointer to the Key Data buffer
|
|
* @len: Key Data Length
|
|
* @ie: Pointer to parsed IE data
|
|
* Returns: 0 on success, -1 on failure
|
|
*/
|
|
int wpa_parse_kde_ies(const u8 *buf, size_t len, struct wpa_eapol_ie_parse *ie)
|
|
{
|
|
const u8 *pos, *end;
|
|
int ret = 0;
|
|
|
|
os_memset(ie, 0, sizeof(*ie));
|
|
for (pos = buf, end = pos + len; pos + 1 < end; pos += 2 + pos[1]) {
|
|
if (pos[0] == 0xdd &&
|
|
((pos == buf + len - 1) || pos[1] == 0)) {
|
|
/* Ignore padding */
|
|
break;
|
|
}
|
|
if (pos + 2 + pos[1] > end) {
|
|
wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key Key Data "
|
|
"underflow (ie=%d len=%d pos=%d)",
|
|
pos[0], pos[1], (int) (pos - buf));
|
|
wpa_hexdump_key(MSG_DEBUG, "WPA: Key Data",
|
|
buf, len);
|
|
ret = -1;
|
|
break;
|
|
}
|
|
if (*pos == WLAN_EID_RSN) {
|
|
ie->rsn_ie = pos;
|
|
ie->rsn_ie_len = pos[1] + 2;
|
|
#ifdef CONFIG_IEEE80211R
|
|
} else if (*pos == WLAN_EID_MOBILITY_DOMAIN) {
|
|
ie->mdie = pos;
|
|
ie->mdie_len = pos[1] + 2;
|
|
#endif /* CONFIG_IEEE80211R */
|
|
} else if (*pos == WLAN_EID_VENDOR_SPECIFIC) {
|
|
ret = wpa_parse_generic(pos, end, ie);
|
|
if (ret < 0)
|
|
break;
|
|
if (ret > 0) {
|
|
ret = 0;
|
|
break;
|
|
}
|
|
} else {
|
|
wpa_hexdump(MSG_DEBUG, "WPA: Unrecognized EAPOL-Key "
|
|
"Key Data IE", pos, 2 + pos[1]);
|
|
}
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
|
|
|
|
int wpa_auth_uses_mfp(struct wpa_state_machine *sm)
|
|
{
|
|
return sm ? sm->mgmt_frame_prot : 0;
|
|
}
|