]> git.ipfire.org Git - thirdparty/hostap.git/blob - wlantest/rx_eapol.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
wlantest: Fix pcapng writer to include decrypted EAPOL-Key Key Data
[thirdparty/hostap.git] / wlantest / rx_eapol.c
1 /*
2 * Received Data frame processing for EAPOL messages
3 * Copyright (c) 2010-2015, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10
11 #include "utils/common.h"
12 #include "crypto/aes_wrap.h"
13 #include "crypto/crypto.h"
14 #include "common/defs.h"
15 #include "common/ieee802_11_defs.h"
16 #include "common/ieee802_11_common.h"
17 #include "common/eapol_common.h"
18 #include "common/wpa_common.h"
19 #include "rsn_supp/wpa_ie.h"
20 #include "wlantest.h"
21
22
23 static int is_zero(const u8 *buf, size_t len)
24 {
25 size_t i;
26 for (i = 0; i < len; i++) {
27 if (buf[i])
28 return 0;
29 }
30 return 1;
31 }
32
33
34 static int check_mic(const u8 *kck, size_t kck_len, int akmp, int ver,
35 const u8 *data, size_t len)
36 {
37 u8 *buf;
38 int ret = -1;
39 struct ieee802_1x_hdr *hdr;
40 struct wpa_eapol_key *key;
41 u8 rx_mic[WPA_EAPOL_KEY_MIC_MAX_LEN];
42 size_t mic_len = wpa_mic_len(akmp);
43
44 buf = os_memdup(data, len);
45 if (buf == NULL)
46 return -1;
47 hdr = (struct ieee802_1x_hdr *) buf;
48 key = (struct wpa_eapol_key *) (hdr + 1);
49
50 os_memcpy(rx_mic, key + 1, mic_len);
51 os_memset(key + 1, 0, mic_len);
52
53 if (wpa_eapol_key_mic(kck, kck_len, akmp, ver, buf, len,
54 (u8 *) (key + 1)) == 0 &&
55 os_memcmp(rx_mic, key + 1, mic_len) == 0)
56 ret = 0;
57
58 os_free(buf);
59
60 return ret;
61 }
62
63
64 static void rx_data_eapol_key_1_of_4(struct wlantest *wt, const u8 *dst,
65 const u8 *src, const u8 *data, size_t len)
66 {
67 struct wlantest_bss *bss;
68 struct wlantest_sta *sta;
69 const struct ieee802_1x_hdr *eapol;
70 const struct wpa_eapol_key *hdr;
71
72 wpa_printf(MSG_DEBUG, "EAPOL-Key 1/4 " MACSTR " -> " MACSTR,
73 MAC2STR(src), MAC2STR(dst));
74 bss = bss_get(wt, src);
75 if (bss == NULL)
76 return;
77 sta = sta_get(bss, dst);
78 if (sta == NULL)
79 return;
80
81 eapol = (const struct ieee802_1x_hdr *) data;
82 hdr = (const struct wpa_eapol_key *) (eapol + 1);
83 if (is_zero(hdr->key_nonce, WPA_NONCE_LEN)) {
84 add_note(wt, MSG_INFO, "EAPOL-Key 1/4 from " MACSTR
85 " used zero nonce", MAC2STR(src));
86 }
87 if (!is_zero(hdr->key_rsc, 8)) {
88 add_note(wt, MSG_INFO, "EAPOL-Key 1/4 from " MACSTR
89 " used non-zero Key RSC", MAC2STR(src));
90 }
91 os_memcpy(sta->anonce, hdr->key_nonce, WPA_NONCE_LEN);
92 }
93
94
95 static int try_pmk(struct wlantest *wt, struct wlantest_bss *bss,
96 struct wlantest_sta *sta, u16 ver,
97 const u8 *data, size_t len,
98 struct wlantest_pmk *pmk)
99 {
100 struct wpa_ptk ptk;
101
102 if (wpa_key_mgmt_ft(sta->key_mgmt)) {
103 u8 pmk_r0[PMK_LEN];
104 u8 pmk_r0_name[WPA_PMK_NAME_LEN];
105 u8 pmk_r1[PMK_LEN];
106 u8 pmk_r1_name[WPA_PMK_NAME_LEN];
107 u8 ptk_name[WPA_PMK_NAME_LEN];
108
109 wpa_derive_pmk_r0(pmk->pmk, sizeof(pmk->pmk),
110 bss->ssid, bss->ssid_len, bss->mdid,
111 bss->r0kh_id, bss->r0kh_id_len,
112 sta->addr, pmk_r0, pmk_r0_name);
113 wpa_hexdump(MSG_DEBUG, "FT: PMK-R0", pmk_r0, PMK_LEN);
114 wpa_hexdump(MSG_DEBUG, "FT: PMKR0Name", pmk_r0_name,
115 WPA_PMK_NAME_LEN);
116 wpa_derive_pmk_r1(pmk_r0, pmk_r0_name, bss->r1kh_id,
117 sta->addr, pmk_r1, pmk_r1_name);
118 wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", pmk_r1, PMK_LEN);
119 wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name", pmk_r1_name,
120 WPA_PMK_NAME_LEN);
121 if (wpa_pmk_r1_to_ptk(pmk_r1, sta->snonce, sta->anonce,
122 sta->addr,
123 bss->bssid, pmk_r1_name, &ptk, ptk_name,
124 sta->key_mgmt,
125 sta->pairwise_cipher) < 0 ||
126 check_mic(ptk.kck, ptk.kck_len, sta->key_mgmt, ver, data,
127 len) < 0)
128 return -1;
129 } else if (wpa_pmk_to_ptk(pmk->pmk, sizeof(pmk->pmk),
130 "Pairwise key expansion",
131 bss->bssid, sta->addr, sta->anonce,
132 sta->snonce, &ptk, sta->key_mgmt,
133 sta->pairwise_cipher) < 0 ||
134 check_mic(ptk.kck, ptk.kck_len, sta->key_mgmt, ver, data,
135 len) < 0) {
136 return -1;
137 }
138
139 sta->tk_len = wpa_cipher_key_len(sta->pairwise_cipher);
140 wpa_printf(MSG_INFO, "Derived PTK for STA " MACSTR " BSSID " MACSTR,
141 MAC2STR(sta->addr), MAC2STR(bss->bssid));
142 sta->counters[WLANTEST_STA_COUNTER_PTK_LEARNED]++;
143 if (sta->ptk_set) {
144 /*
145 * Rekeying - use new PTK for EAPOL-Key frames, but continue
146 * using the old PTK for frame decryption.
147 */
148 add_note(wt, MSG_DEBUG, "Derived PTK during rekeying");
149 os_memcpy(&sta->tptk, &ptk, sizeof(ptk));
150 wpa_hexdump(MSG_DEBUG, "TPTK:KCK",
151 sta->tptk.kck, sta->tptk.kck_len);
152 wpa_hexdump(MSG_DEBUG, "TPTK:KEK",
153 sta->tptk.kek, sta->tptk.kek_len);
154 wpa_hexdump(MSG_DEBUG, "TPTK:TK",
155 sta->tptk.tk, sta->tptk.tk_len);
156 sta->tptk_set = 1;
157 return 0;
158 }
159 add_note(wt, MSG_DEBUG, "Derived new PTK");
160 os_memcpy(&sta->ptk, &ptk, sizeof(ptk));
161 wpa_hexdump(MSG_DEBUG, "PTK:KCK", sta->ptk.kck, sta->ptk.kck_len);
162 wpa_hexdump(MSG_DEBUG, "PTK:KEK", sta->ptk.kek, sta->ptk.kek_len);
163 wpa_hexdump(MSG_DEBUG, "PTK:TK", sta->ptk.tk, sta->ptk.tk_len);
164 sta->ptk_set = 1;
165 os_memset(sta->rsc_tods, 0, sizeof(sta->rsc_tods));
166 os_memset(sta->rsc_fromds, 0, sizeof(sta->rsc_fromds));
167 return 0;
168 }
169
170
171 static void derive_ptk(struct wlantest *wt, struct wlantest_bss *bss,
172 struct wlantest_sta *sta, u16 ver,
173 const u8 *data, size_t len)
174 {
175 struct wlantest_pmk *pmk;
176
177 wpa_printf(MSG_DEBUG, "Trying to derive PTK for " MACSTR " (ver %u)",
178 MAC2STR(sta->addr), ver);
179 dl_list_for_each(pmk, &bss->pmk, struct wlantest_pmk, list) {
180 wpa_printf(MSG_DEBUG, "Try per-BSS PMK");
181 if (try_pmk(wt, bss, sta, ver, data, len, pmk) == 0)
182 return;
183 }
184
185 dl_list_for_each(pmk, &wt->pmk, struct wlantest_pmk, list) {
186 wpa_printf(MSG_DEBUG, "Try global PMK");
187 if (try_pmk(wt, bss, sta, ver, data, len, pmk) == 0)
188 return;
189 }
190
191 if (!sta->ptk_set) {
192 struct wlantest_ptk *ptk;
193 int prev_level = wpa_debug_level;
194
195 wpa_debug_level = MSG_WARNING;
196 dl_list_for_each(ptk, &wt->ptk, struct wlantest_ptk, list) {
197 if (check_mic(ptk->ptk.kck, ptk->ptk.kck_len,
198 sta->key_mgmt, ver, data, len) < 0)
199 continue;
200 wpa_printf(MSG_INFO, "Pre-set PTK matches for STA "
201 MACSTR " BSSID " MACSTR,
202 MAC2STR(sta->addr), MAC2STR(bss->bssid));
203 add_note(wt, MSG_DEBUG, "Using pre-set PTK");
204 ptk->ptk_len = 32 +
205 wpa_cipher_key_len(sta->pairwise_cipher);
206 os_memcpy(&sta->ptk, &ptk->ptk, sizeof(ptk->ptk));
207 wpa_hexdump(MSG_DEBUG, "PTK:KCK",
208 sta->ptk.kck, sta->ptk.kck_len);
209 wpa_hexdump(MSG_DEBUG, "PTK:KEK",
210 sta->ptk.kek, sta->ptk.kek_len);
211 wpa_hexdump(MSG_DEBUG, "PTK:TK",
212 sta->ptk.tk, sta->ptk.tk_len);
213 sta->ptk_set = 1;
214 os_memset(sta->rsc_tods, 0, sizeof(sta->rsc_tods));
215 os_memset(sta->rsc_fromds, 0, sizeof(sta->rsc_fromds));
216 }
217 wpa_debug_level = prev_level;
218 }
219
220 add_note(wt, MSG_DEBUG, "No matching PMK found to derive PTK");
221 }
222
223
224 static void rx_data_eapol_key_2_of_4(struct wlantest *wt, const u8 *dst,
225 const u8 *src, const u8 *data, size_t len)
226 {
227 struct wlantest_bss *bss;
228 struct wlantest_sta *sta;
229 const struct ieee802_1x_hdr *eapol;
230 const struct wpa_eapol_key *hdr;
231 const u8 *key_data, *kck, *mic;
232 size_t kck_len, mic_len;
233 u16 key_info, key_data_len;
234 struct wpa_eapol_ie_parse ie;
235
236 wpa_printf(MSG_DEBUG, "EAPOL-Key 2/4 " MACSTR " -> " MACSTR,
237 MAC2STR(src), MAC2STR(dst));
238 bss = bss_get(wt, dst);
239 if (bss == NULL)
240 return;
241 sta = sta_get(bss, src);
242 if (sta == NULL)
243 return;
244
245 eapol = (const struct ieee802_1x_hdr *) data;
246 hdr = (const struct wpa_eapol_key *) (eapol + 1);
247 mic_len = wpa_mic_len(sta->key_mgmt);
248 mic = (const u8 *) (hdr + 1);
249 if (is_zero(hdr->key_nonce, WPA_NONCE_LEN)) {
250 add_note(wt, MSG_INFO, "EAPOL-Key 2/4 from " MACSTR
251 " used zero nonce", MAC2STR(src));
252 }
253 if (!is_zero(hdr->key_rsc, 8)) {
254 add_note(wt, MSG_INFO, "EAPOL-Key 2/4 from " MACSTR
255 " used non-zero Key RSC", MAC2STR(src));
256 }
257 os_memcpy(sta->snonce, hdr->key_nonce, WPA_NONCE_LEN);
258 key_info = WPA_GET_BE16(hdr->key_info);
259 key_data_len = WPA_GET_BE16(mic + mic_len);
260 derive_ptk(wt, bss, sta, key_info & WPA_KEY_INFO_TYPE_MASK, data, len);
261
262 if (!sta->ptk_set && !sta->tptk_set) {
263 add_note(wt, MSG_DEBUG,
264 "No PTK known to process EAPOL-Key 2/4");
265 return;
266 }
267
268 kck = sta->ptk.kck;
269 kck_len = sta->ptk.kck_len;
270 if (sta->tptk_set) {
271 add_note(wt, MSG_DEBUG,
272 "Use TPTK for validation EAPOL-Key MIC");
273 kck = sta->tptk.kck;
274 kck_len = sta->tptk.kck_len;
275 }
276 if (check_mic(kck, kck_len, sta->key_mgmt,
277 key_info & WPA_KEY_INFO_TYPE_MASK, data, len) < 0) {
278 add_note(wt, MSG_INFO, "Mismatch in EAPOL-Key 2/4 MIC");
279 return;
280 }
281 add_note(wt, MSG_DEBUG, "Valid MIC found in EAPOL-Key 2/4");
282
283 key_data = mic + mic_len + 2;
284
285 if (wpa_supplicant_parse_ies(key_data, key_data_len, &ie) < 0) {
286 add_note(wt, MSG_INFO, "Failed to parse EAPOL-Key Key Data");
287 return;
288 }
289
290 if (ie.wpa_ie) {
291 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - WPA IE",
292 ie.wpa_ie, ie.wpa_ie_len);
293 if (os_memcmp(ie.wpa_ie, sta->rsnie, ie.wpa_ie_len) != 0) {
294 struct ieee802_11_elems elems;
295 add_note(wt, MSG_INFO,
296 "Mismatch in WPA IE between EAPOL-Key 2/4 "
297 "and (Re)Association Request from " MACSTR,
298 MAC2STR(sta->addr));
299 wpa_hexdump(MSG_INFO, "WPA IE in EAPOL-Key",
300 ie.wpa_ie, ie.wpa_ie_len);
301 wpa_hexdump(MSG_INFO, "WPA IE in (Re)Association "
302 "Request",
303 sta->rsnie,
304 sta->rsnie[0] ? 2 + sta->rsnie[1] : 0);
305 /*
306 * The sniffer may have missed (Re)Association
307 * Request, so try to survive with the information from
308 * EAPOL-Key.
309 */
310 os_memset(&elems, 0, sizeof(elems));
311 elems.wpa_ie = ie.wpa_ie + 2;
312 elems.wpa_ie_len = ie.wpa_ie_len - 2;
313 wpa_printf(MSG_DEBUG, "Update STA data based on WPA "
314 "IE in EAPOL-Key 2/4");
315 sta_update_assoc(sta, &elems);
316 }
317 }
318
319 if (ie.rsn_ie) {
320 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - RSN IE",
321 ie.rsn_ie, ie.rsn_ie_len);
322 if (os_memcmp(ie.rsn_ie, sta->rsnie, ie.rsn_ie_len) != 0) {
323 struct ieee802_11_elems elems;
324 add_note(wt, MSG_INFO,
325 "Mismatch in RSN IE between EAPOL-Key 2/4 "
326 "and (Re)Association Request from " MACSTR,
327 MAC2STR(sta->addr));
328 wpa_hexdump(MSG_INFO, "RSN IE in EAPOL-Key",
329 ie.rsn_ie, ie.rsn_ie_len);
330 wpa_hexdump(MSG_INFO, "RSN IE in (Re)Association "
331 "Request",
332 sta->rsnie,
333 sta->rsnie[0] ? 2 + sta->rsnie[1] : 0);
334 /*
335 * The sniffer may have missed (Re)Association
336 * Request, so try to survive with the information from
337 * EAPOL-Key.
338 */
339 os_memset(&elems, 0, sizeof(elems));
340 elems.rsn_ie = ie.rsn_ie + 2;
341 elems.rsn_ie_len = ie.rsn_ie_len - 2;
342 wpa_printf(MSG_DEBUG, "Update STA data based on RSN "
343 "IE in EAPOL-Key 2/4");
344 sta_update_assoc(sta, &elems);
345 }
346 }
347 }
348
349
350 static u8 * decrypt_eapol_key_data_rc4(struct wlantest *wt, const u8 *kek,
351 const struct wpa_eapol_key *hdr,
352 const u8 *keydata, u16 keydatalen,
353 size_t *len)
354 {
355 u8 ek[32], *buf;
356
357 buf = os_memdup(keydata, keydatalen);
358 if (buf == NULL)
359 return NULL;
360
361 os_memcpy(ek, hdr->key_iv, 16);
362 os_memcpy(ek + 16, kek, 16);
363 if (rc4_skip(ek, 32, 256, buf, keydatalen)) {
364 add_note(wt, MSG_INFO, "RC4 failed");
365 os_free(buf);
366 return NULL;
367 }
368
369 *len = keydatalen;
370 return buf;
371 }
372
373
374 static u8 * decrypt_eapol_key_data_aes(struct wlantest *wt, const u8 *kek,
375 const struct wpa_eapol_key *hdr,
376 const u8 *keydata, u16 keydatalen,
377 size_t *len)
378 {
379 u8 *buf;
380
381 if (keydatalen % 8) {
382 add_note(wt, MSG_INFO, "Unsupported AES-WRAP len %d",
383 keydatalen);
384 return NULL;
385 }
386 keydatalen -= 8; /* AES-WRAP adds 8 bytes */
387 buf = os_malloc(keydatalen);
388 if (buf == NULL)
389 return NULL;
390 if (aes_unwrap(kek, 16, keydatalen / 8, keydata, buf)) {
391 os_free(buf);
392 add_note(wt, MSG_INFO,
393 "AES unwrap failed - could not decrypt EAPOL-Key "
394 "key data");
395 return NULL;
396 }
397
398 *len = keydatalen;
399 return buf;
400 }
401
402
403 static u8 * decrypt_eapol_key_data(struct wlantest *wt, int akmp, const u8 *kek,
404 size_t kek_len, u16 ver,
405 const struct wpa_eapol_key *hdr,
406 size_t *len)
407 {
408 size_t mic_len;
409 u16 keydatalen;
410 const u8 *mic, *keydata;
411
412 if (kek_len != 16)
413 return NULL;
414
415 mic = (const u8 *) (hdr + 1);
416 mic_len = wpa_mic_len(akmp);
417 keydata = mic + mic_len + 2;
418 keydatalen = WPA_GET_BE16(mic + mic_len);
419
420 switch (ver) {
421 case WPA_KEY_INFO_TYPE_HMAC_MD5_RC4:
422 return decrypt_eapol_key_data_rc4(wt, kek, hdr, keydata,
423 keydatalen, len);
424 case WPA_KEY_INFO_TYPE_HMAC_SHA1_AES:
425 case WPA_KEY_INFO_TYPE_AES_128_CMAC:
426 return decrypt_eapol_key_data_aes(wt, kek, hdr, keydata,
427 keydatalen, len);
428 case WPA_KEY_INFO_TYPE_AKM_DEFINED:
429 /* For now, assume this is OSEN */
430 return decrypt_eapol_key_data_aes(wt, kek, hdr, keydata,
431 keydatalen, len);
432 default:
433 add_note(wt, MSG_INFO,
434 "Unsupported EAPOL-Key Key Descriptor Version %u",
435 ver);
436 return NULL;
437 }
438 }
439
440
441 static void learn_kde_keys(struct wlantest *wt, struct wlantest_bss *bss,
442 struct wlantest_sta *sta,
443 const u8 *buf, size_t len, const u8 *rsc)
444 {
445 struct wpa_eapol_ie_parse ie;
446
447 if (wpa_supplicant_parse_ies(buf, len, &ie) < 0) {
448 add_note(wt, MSG_INFO, "Failed to parse EAPOL-Key Key Data");
449 return;
450 }
451
452 if (ie.wpa_ie) {
453 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - WPA IE",
454 ie.wpa_ie, ie.wpa_ie_len);
455 }
456
457 if (ie.rsn_ie) {
458 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - RSN IE",
459 ie.rsn_ie, ie.rsn_ie_len);
460 }
461
462 if (ie.gtk) {
463 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - GTK KDE",
464 ie.gtk, ie.gtk_len);
465 if (ie.gtk_len >= 2 && ie.gtk_len <= 2 + 32) {
466 int id;
467 id = ie.gtk[0] & 0x03;
468 add_note(wt, MSG_DEBUG, "GTK KeyID=%u tx=%u",
469 id, !!(ie.gtk[0] & 0x04));
470 if ((ie.gtk[0] & 0xf8) || ie.gtk[1]) {
471 add_note(wt, MSG_INFO,
472 "GTK KDE: Reserved field set: "
473 "%02x %02x", ie.gtk[0], ie.gtk[1]);
474 }
475 wpa_hexdump(MSG_DEBUG, "GTK", ie.gtk + 2,
476 ie.gtk_len - 2);
477 bss->gtk_len[id] = ie.gtk_len - 2;
478 sta->gtk_len = ie.gtk_len - 2;
479 os_memcpy(bss->gtk[id], ie.gtk + 2, ie.gtk_len - 2);
480 os_memcpy(sta->gtk, ie.gtk + 2, ie.gtk_len - 2);
481 bss->rsc[id][0] = rsc[5];
482 bss->rsc[id][1] = rsc[4];
483 bss->rsc[id][2] = rsc[3];
484 bss->rsc[id][3] = rsc[2];
485 bss->rsc[id][4] = rsc[1];
486 bss->rsc[id][5] = rsc[0];
487 bss->gtk_idx = id;
488 sta->gtk_idx = id;
489 wpa_hexdump(MSG_DEBUG, "RSC", bss->rsc[id], 6);
490 } else {
491 add_note(wt, MSG_INFO, "Invalid GTK KDE length %u",
492 (unsigned) ie.gtk_len);
493 }
494 }
495
496 if (ie.igtk) {
497 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - IGTK KDE",
498 ie.igtk, ie.igtk_len);
499 if (ie.igtk_len == 24) {
500 u16 id;
501 id = WPA_GET_LE16(ie.igtk);
502 if (id > 5) {
503 add_note(wt, MSG_INFO,
504 "Unexpected IGTK KeyID %u", id);
505 } else {
506 const u8 *ipn;
507 add_note(wt, MSG_DEBUG, "IGTK KeyID %u", id);
508 wpa_hexdump(MSG_DEBUG, "IPN", ie.igtk + 2, 6);
509 wpa_hexdump(MSG_DEBUG, "IGTK", ie.igtk + 8,
510 16);
511 os_memcpy(bss->igtk[id], ie.igtk + 8, 16);
512 bss->igtk_len[id] = 16;
513 ipn = ie.igtk + 2;
514 bss->ipn[id][0] = ipn[5];
515 bss->ipn[id][1] = ipn[4];
516 bss->ipn[id][2] = ipn[3];
517 bss->ipn[id][3] = ipn[2];
518 bss->ipn[id][4] = ipn[1];
519 bss->ipn[id][5] = ipn[0];
520 bss->igtk_idx = id;
521 }
522 } else if (ie.igtk_len == 40) {
523 u16 id;
524 id = WPA_GET_LE16(ie.igtk);
525 if (id > 5) {
526 add_note(wt, MSG_INFO,
527 "Unexpected IGTK KeyID %u", id);
528 } else {
529 const u8 *ipn;
530 add_note(wt, MSG_DEBUG, "IGTK KeyID %u", id);
531 wpa_hexdump(MSG_DEBUG, "IPN", ie.igtk + 2, 6);
532 wpa_hexdump(MSG_DEBUG, "IGTK", ie.igtk + 8,
533 32);
534 os_memcpy(bss->igtk[id], ie.igtk + 8, 32);
535 bss->igtk_len[id] = 32;
536 ipn = ie.igtk + 2;
537 bss->ipn[id][0] = ipn[5];
538 bss->ipn[id][1] = ipn[4];
539 bss->ipn[id][2] = ipn[3];
540 bss->ipn[id][3] = ipn[2];
541 bss->ipn[id][4] = ipn[1];
542 bss->ipn[id][5] = ipn[0];
543 bss->igtk_idx = id;
544 }
545 } else {
546 add_note(wt, MSG_INFO, "Invalid IGTK KDE length %u",
547 (unsigned) ie.igtk_len);
548 }
549 }
550 }
551
552
553 static void rx_data_eapol_key_3_of_4(struct wlantest *wt, const u8 *dst,
554 const u8 *src, const u8 *data, size_t len)
555 {
556 struct wlantest_bss *bss;
557 struct wlantest_sta *sta;
558 const struct ieee802_1x_hdr *eapol;
559 const struct wpa_eapol_key *hdr;
560 const u8 *key_data, *kck, *kek, *mic;
561 size_t kck_len, kek_len, mic_len;
562 int recalc = 0;
563 u16 key_info, ver;
564 u8 *decrypted_buf = NULL;
565 const u8 *decrypted;
566 size_t decrypted_len = 0;
567 struct wpa_eapol_ie_parse ie;
568
569 wpa_printf(MSG_DEBUG, "EAPOL-Key 3/4 " MACSTR " -> " MACSTR,
570 MAC2STR(src), MAC2STR(dst));
571 bss = bss_get(wt, src);
572 if (bss == NULL)
573 return;
574 sta = sta_get(bss, dst);
575 if (sta == NULL)
576 return;
577 mic_len = wpa_mic_len(sta->key_mgmt);
578
579 eapol = (const struct ieee802_1x_hdr *) data;
580 hdr = (const struct wpa_eapol_key *) (eapol + 1);
581 mic = (const u8 *) (hdr + 1);
582 key_info = WPA_GET_BE16(hdr->key_info);
583
584 if (os_memcmp(sta->anonce, hdr->key_nonce, WPA_NONCE_LEN) != 0) {
585 add_note(wt, MSG_INFO,
586 "EAPOL-Key ANonce mismatch between 1/4 and 3/4");
587 recalc = 1;
588 }
589 os_memcpy(sta->anonce, hdr->key_nonce, WPA_NONCE_LEN);
590 if (recalc) {
591 derive_ptk(wt, bss, sta, key_info & WPA_KEY_INFO_TYPE_MASK,
592 data, len);
593 }
594
595 if (!sta->ptk_set && !sta->tptk_set) {
596 add_note(wt, MSG_DEBUG,
597 "No PTK known to process EAPOL-Key 3/4");
598 return;
599 }
600
601 kek = sta->ptk.kek;
602 kek_len = sta->ptk.kek_len;
603 kck = sta->ptk.kck;
604 kck_len = sta->ptk.kck_len;
605 if (sta->tptk_set) {
606 add_note(wt, MSG_DEBUG,
607 "Use TPTK for validation EAPOL-Key MIC");
608 kck = sta->tptk.kck;
609 kck_len = sta->tptk.kck_len;
610 kek = sta->tptk.kek;
611 kek_len = sta->tptk.kek_len;
612 }
613 if (check_mic(kck, kck_len, sta->key_mgmt,
614 key_info & WPA_KEY_INFO_TYPE_MASK, data, len) < 0) {
615 add_note(wt, MSG_INFO, "Mismatch in EAPOL-Key 3/4 MIC");
616 return;
617 }
618 add_note(wt, MSG_DEBUG, "Valid MIC found in EAPOL-Key 3/4");
619
620 key_data = mic + mic_len + 2;
621 if (!(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) {
622 if (sta->proto & WPA_PROTO_RSN)
623 add_note(wt, MSG_INFO,
624 "EAPOL-Key 3/4 without EncrKeyData bit");
625 decrypted = key_data;
626 decrypted_len = WPA_GET_BE16(mic + mic_len);
627 } else {
628 ver = key_info & WPA_KEY_INFO_TYPE_MASK;
629 decrypted_buf = decrypt_eapol_key_data(wt, sta->key_mgmt,
630 kek, kek_len, ver,
631 hdr, &decrypted_len);
632 if (decrypted_buf == NULL) {
633 add_note(wt, MSG_INFO,
634 "Failed to decrypt EAPOL-Key Key Data");
635 return;
636 }
637 decrypted = decrypted_buf;
638 wpa_hexdump(MSG_DEBUG, "Decrypted EAPOL-Key Key Data",
639 decrypted, decrypted_len);
640 }
641 if ((wt->write_pcap_dumper || wt->pcapng) && decrypted != key_data) {
642 /* Fill in a dummy Data frame header */
643 u8 buf[24 + 8 + sizeof(*eapol) + sizeof(*hdr) + 64];
644 struct ieee80211_hdr *h;
645 struct wpa_eapol_key *k;
646 const u8 *p;
647 u8 *pos;
648 size_t plain_len;
649
650 plain_len = decrypted_len;
651 p = decrypted;
652 while (p + 1 < decrypted + decrypted_len) {
653 if (p[0] == 0xdd && p[1] == 0x00) {
654 /* Remove padding */
655 plain_len = p - decrypted;
656 p = NULL;
657 break;
658 }
659 p += 2 + p[1];
660 }
661 if (p && p > decrypted && *p == 0xdd &&
662 p + 1 == decrypted + decrypted_len) {
663 /* Remove padding */
664 p--;
665 plain_len = p - decrypted;
666 }
667
668 os_memset(buf, 0, sizeof(buf));
669 h = (struct ieee80211_hdr *) buf;
670 h->frame_control = host_to_le16(0x0208);
671 os_memcpy(h->addr1, dst, ETH_ALEN);
672 os_memcpy(h->addr2, src, ETH_ALEN);
673 os_memcpy(h->addr3, src, ETH_ALEN);
674 pos = (u8 *) (h + 1);
675 os_memcpy(pos, "\xaa\xaa\x03\x00\x00\x00\x88\x8e", 8);
676 pos += 8;
677 os_memcpy(pos, eapol, sizeof(*eapol));
678 pos += sizeof(*eapol);
679 os_memcpy(pos, hdr, sizeof(*hdr) + mic_len);
680 k = (struct wpa_eapol_key *) pos;
681 pos += sizeof(struct wpa_eapol_key) + mic_len;
682 WPA_PUT_BE16(k->key_info,
683 key_info & ~WPA_KEY_INFO_ENCR_KEY_DATA);
684 WPA_PUT_BE16(pos, plain_len);
685 write_pcap_decrypted(wt, buf, 24 + 8 + sizeof(*eapol) +
686 sizeof(*hdr) + mic_len + 2,
687 decrypted, plain_len);
688 }
689
690 if (wpa_supplicant_parse_ies(decrypted, decrypted_len, &ie) < 0) {
691 add_note(wt, MSG_INFO, "Failed to parse EAPOL-Key Key Data");
692 os_free(decrypted_buf);
693 return;
694 }
695
696 if ((ie.wpa_ie &&
697 os_memcmp(ie.wpa_ie, bss->wpaie, ie.wpa_ie_len) != 0) ||
698 (ie.wpa_ie == NULL && bss->wpaie[0])) {
699 add_note(wt, MSG_INFO,
700 "Mismatch in WPA IE between EAPOL-Key 3/4 and "
701 "Beacon/Probe Response from " MACSTR,
702 MAC2STR(bss->bssid));
703 wpa_hexdump(MSG_INFO, "WPA IE in EAPOL-Key",
704 ie.wpa_ie, ie.wpa_ie_len);
705 wpa_hexdump(MSG_INFO, "WPA IE in Beacon/Probe "
706 "Response",
707 bss->wpaie,
708 bss->wpaie[0] ? 2 + bss->wpaie[1] : 0);
709 }
710
711 if ((ie.rsn_ie &&
712 os_memcmp(ie.rsn_ie, bss->rsnie, ie.rsn_ie_len) != 0) ||
713 (ie.rsn_ie == NULL && bss->rsnie[0])) {
714 add_note(wt, MSG_INFO, "Mismatch in RSN IE between EAPOL-Key "
715 "3/4 and Beacon/Probe Response from " MACSTR,
716 MAC2STR(bss->bssid));
717 wpa_hexdump(MSG_INFO, "RSN IE in EAPOL-Key",
718 ie.rsn_ie, ie.rsn_ie_len);
719 wpa_hexdump(MSG_INFO, "RSN IE in Beacon/Probe Response",
720 bss->rsnie,
721 bss->rsnie[0] ? 2 + bss->rsnie[1] : 0);
722 }
723
724 learn_kde_keys(wt, bss, sta, decrypted, decrypted_len, hdr->key_rsc);
725 os_free(decrypted_buf);
726 }
727
728
729 static void rx_data_eapol_key_4_of_4(struct wlantest *wt, const u8 *dst,
730 const u8 *src, const u8 *data, size_t len)
731 {
732 struct wlantest_bss *bss;
733 struct wlantest_sta *sta;
734 const struct ieee802_1x_hdr *eapol;
735 const struct wpa_eapol_key *hdr;
736 u16 key_info;
737 const u8 *kck;
738 size_t kck_len;
739
740 wpa_printf(MSG_DEBUG, "EAPOL-Key 4/4 " MACSTR " -> " MACSTR,
741 MAC2STR(src), MAC2STR(dst));
742 bss = bss_get(wt, dst);
743 if (bss == NULL)
744 return;
745 sta = sta_get(bss, src);
746 if (sta == NULL)
747 return;
748
749 eapol = (const struct ieee802_1x_hdr *) data;
750 hdr = (const struct wpa_eapol_key *) (eapol + 1);
751 if (!is_zero(hdr->key_rsc, 8)) {
752 add_note(wt, MSG_INFO, "EAPOL-Key 4/4 from " MACSTR " used "
753 "non-zero Key RSC", MAC2STR(src));
754 }
755 key_info = WPA_GET_BE16(hdr->key_info);
756
757 if (!sta->ptk_set && !sta->tptk_set) {
758 add_note(wt, MSG_DEBUG,
759 "No PTK known to process EAPOL-Key 4/4");
760 return;
761 }
762
763 kck = sta->ptk.kck;
764 kck_len = sta->ptk.kck_len;
765 if (sta->tptk_set) {
766 add_note(wt, MSG_DEBUG,
767 "Use TPTK for validation EAPOL-Key MIC");
768 kck = sta->tptk.kck;
769 kck_len = sta->tptk.kck_len;
770 }
771 if (check_mic(kck, kck_len, sta->key_mgmt,
772 key_info & WPA_KEY_INFO_TYPE_MASK, data, len) < 0) {
773 add_note(wt, MSG_INFO, "Mismatch in EAPOL-Key 4/4 MIC");
774 return;
775 }
776 add_note(wt, MSG_DEBUG, "Valid MIC found in EAPOL-Key 4/4");
777 if (sta->tptk_set) {
778 add_note(wt, MSG_DEBUG, "Update PTK (rekeying)");
779 os_memcpy(&sta->ptk, &sta->tptk, sizeof(sta->ptk));
780 sta->ptk_set = 1;
781 sta->tptk_set = 0;
782 os_memset(sta->rsc_tods, 0, sizeof(sta->rsc_tods));
783 os_memset(sta->rsc_fromds, 0, sizeof(sta->rsc_fromds));
784 }
785 }
786
787
788 static void rx_data_eapol_key_1_of_2(struct wlantest *wt, const u8 *dst,
789 const u8 *src, const u8 *data, size_t len)
790 {
791 struct wlantest_bss *bss;
792 struct wlantest_sta *sta;
793 const struct ieee802_1x_hdr *eapol;
794 const struct wpa_eapol_key *hdr;
795 u16 key_info, ver;
796 u8 *decrypted;
797 size_t decrypted_len = 0;
798 size_t mic_len;
799
800 wpa_printf(MSG_DEBUG, "EAPOL-Key 1/2 " MACSTR " -> " MACSTR,
801 MAC2STR(src), MAC2STR(dst));
802 bss = bss_get(wt, src);
803 if (bss == NULL)
804 return;
805 sta = sta_get(bss, dst);
806 if (sta == NULL)
807 return;
808 mic_len = wpa_mic_len(sta->key_mgmt);
809
810 eapol = (const struct ieee802_1x_hdr *) data;
811 hdr = (const struct wpa_eapol_key *) (eapol + 1);
812 key_info = WPA_GET_BE16(hdr->key_info);
813
814 if (!sta->ptk_set) {
815 add_note(wt, MSG_DEBUG,
816 "No PTK known to process EAPOL-Key 1/2");
817 return;
818 }
819
820 if (sta->ptk_set &&
821 check_mic(sta->ptk.kck, sta->ptk.kck_len, sta->key_mgmt,
822 key_info & WPA_KEY_INFO_TYPE_MASK,
823 data, len) < 0) {
824 add_note(wt, MSG_INFO, "Mismatch in EAPOL-Key 1/2 MIC");
825 return;
826 }
827 add_note(wt, MSG_DEBUG, "Valid MIC found in EAPOL-Key 1/2");
828
829 if (sta->proto & WPA_PROTO_RSN &&
830 !(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) {
831 add_note(wt, MSG_INFO, "EAPOL-Key 1/2 without EncrKeyData bit");
832 return;
833 }
834 ver = key_info & WPA_KEY_INFO_TYPE_MASK;
835 decrypted = decrypt_eapol_key_data(wt, sta->key_mgmt,
836 sta->ptk.kek, sta->ptk.kek_len,
837 ver, hdr, &decrypted_len);
838 if (decrypted == NULL) {
839 add_note(wt, MSG_INFO, "Failed to decrypt EAPOL-Key Key Data");
840 return;
841 }
842 wpa_hexdump(MSG_DEBUG, "Decrypted EAPOL-Key Key Data",
843 decrypted, decrypted_len);
844 if (wt->write_pcap_dumper || wt->pcapng) {
845 /* Fill in a dummy Data frame header */
846 u8 buf[24 + 8 + sizeof(*eapol) + sizeof(*hdr) + 64];
847 struct ieee80211_hdr *h;
848 struct wpa_eapol_key *k;
849 u8 *pos;
850 size_t plain_len;
851
852 plain_len = decrypted_len;
853 pos = decrypted;
854 while (pos + 1 < decrypted + decrypted_len) {
855 if (pos[0] == 0xdd && pos[1] == 0x00) {
856 /* Remove padding */
857 plain_len = pos - decrypted;
858 break;
859 }
860 pos += 2 + pos[1];
861 }
862
863 os_memset(buf, 0, sizeof(buf));
864 h = (struct ieee80211_hdr *) buf;
865 h->frame_control = host_to_le16(0x0208);
866 os_memcpy(h->addr1, dst, ETH_ALEN);
867 os_memcpy(h->addr2, src, ETH_ALEN);
868 os_memcpy(h->addr3, src, ETH_ALEN);
869 pos = (u8 *) (h + 1);
870 os_memcpy(pos, "\xaa\xaa\x03\x00\x00\x00\x88\x8e", 8);
871 pos += 8;
872 os_memcpy(pos, eapol, sizeof(*eapol));
873 pos += sizeof(*eapol);
874 os_memcpy(pos, hdr, sizeof(*hdr) + mic_len);
875 k = (struct wpa_eapol_key *) pos;
876 pos += sizeof(struct wpa_eapol_key) + mic_len;
877 WPA_PUT_BE16(k->key_info,
878 key_info & ~WPA_KEY_INFO_ENCR_KEY_DATA);
879 WPA_PUT_BE16(pos, plain_len);
880 write_pcap_decrypted(wt, buf, 24 + 8 + sizeof(*eapol) +
881 sizeof(*hdr) + mic_len + 2,
882 decrypted, plain_len);
883 }
884 if (sta->proto & WPA_PROTO_RSN)
885 learn_kde_keys(wt, bss, sta, decrypted, decrypted_len,
886 hdr->key_rsc);
887 else {
888 int klen = bss->group_cipher == WPA_CIPHER_TKIP ? 32 : 16;
889 if (decrypted_len == klen) {
890 const u8 *rsc = hdr->key_rsc;
891 int id;
892 id = (key_info & WPA_KEY_INFO_KEY_INDEX_MASK) >>
893 WPA_KEY_INFO_KEY_INDEX_SHIFT;
894 add_note(wt, MSG_DEBUG, "GTK key index %d", id);
895 wpa_hexdump(MSG_DEBUG, "GTK", decrypted,
896 decrypted_len);
897 bss->gtk_len[id] = decrypted_len;
898 os_memcpy(bss->gtk[id], decrypted, decrypted_len);
899 bss->rsc[id][0] = rsc[5];
900 bss->rsc[id][1] = rsc[4];
901 bss->rsc[id][2] = rsc[3];
902 bss->rsc[id][3] = rsc[2];
903 bss->rsc[id][4] = rsc[1];
904 bss->rsc[id][5] = rsc[0];
905 wpa_hexdump(MSG_DEBUG, "RSC", bss->rsc[id], 6);
906 } else {
907 add_note(wt, MSG_INFO, "Unexpected WPA Key Data length "
908 "in Group Key msg 1/2 from " MACSTR,
909 MAC2STR(src));
910 }
911 }
912 os_free(decrypted);
913 }
914
915
916 static void rx_data_eapol_key_2_of_2(struct wlantest *wt, const u8 *dst,
917 const u8 *src, const u8 *data, size_t len)
918 {
919 struct wlantest_bss *bss;
920 struct wlantest_sta *sta;
921 const struct ieee802_1x_hdr *eapol;
922 const struct wpa_eapol_key *hdr;
923 u16 key_info;
924
925 wpa_printf(MSG_DEBUG, "EAPOL-Key 2/2 " MACSTR " -> " MACSTR,
926 MAC2STR(src), MAC2STR(dst));
927 bss = bss_get(wt, dst);
928 if (bss == NULL)
929 return;
930 sta = sta_get(bss, src);
931 if (sta == NULL)
932 return;
933
934 eapol = (const struct ieee802_1x_hdr *) data;
935 hdr = (const struct wpa_eapol_key *) (eapol + 1);
936 if (!is_zero(hdr->key_rsc, 8)) {
937 add_note(wt, MSG_INFO, "EAPOL-Key 2/2 from " MACSTR " used "
938 "non-zero Key RSC", MAC2STR(src));
939 }
940 key_info = WPA_GET_BE16(hdr->key_info);
941
942 if (!sta->ptk_set) {
943 add_note(wt, MSG_DEBUG,
944 "No PTK known to process EAPOL-Key 2/2");
945 return;
946 }
947
948 if (sta->ptk_set &&
949 check_mic(sta->ptk.kck, sta->ptk.kck_len, sta->key_mgmt,
950 key_info & WPA_KEY_INFO_TYPE_MASK,
951 data, len) < 0) {
952 add_note(wt, MSG_INFO, "Mismatch in EAPOL-Key 2/2 MIC");
953 return;
954 }
955 add_note(wt, MSG_DEBUG, "Valid MIC found in EAPOL-Key 2/2");
956 }
957
958
959 static void rx_data_eapol_key(struct wlantest *wt, const u8 *bssid,
960 const u8 *sta_addr, const u8 *dst,
961 const u8 *src, const u8 *data, size_t len,
962 int prot)
963 {
964 const struct ieee802_1x_hdr *eapol;
965 const struct wpa_eapol_key *hdr;
966 const u8 *key_data;
967 u16 key_info, key_length, ver, key_data_length;
968 size_t mic_len = 16;
969 const u8 *mic;
970 struct wlantest_bss *bss;
971 struct wlantest_sta *sta;
972
973 bss = bss_get(wt, bssid);
974 if (bss) {
975 sta = sta_get(bss, sta_addr);
976 if (sta)
977 mic_len = wpa_mic_len(sta->key_mgmt);
978 }
979
980 eapol = (const struct ieee802_1x_hdr *) data;
981 hdr = (const struct wpa_eapol_key *) (eapol + 1);
982
983 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key",
984 (const u8 *) hdr, len - sizeof(*eapol));
985 if (len < sizeof(*hdr) + mic_len + 2) {
986 add_note(wt, MSG_INFO, "Too short EAPOL-Key frame from " MACSTR,
987 MAC2STR(src));
988 return;
989 }
990 mic = (const u8 *) (hdr + 1);
991
992 if (hdr->type == EAPOL_KEY_TYPE_RC4) {
993 /* TODO: EAPOL-Key RC4 for WEP */
994 wpa_printf(MSG_INFO, "EAPOL-Key Descriptor Type RC4 from "
995 MACSTR, MAC2STR(src));
996 return;
997 }
998
999 if (hdr->type != EAPOL_KEY_TYPE_RSN &&
1000 hdr->type != EAPOL_KEY_TYPE_WPA) {
1001 wpa_printf(MSG_INFO, "Unsupported EAPOL-Key Descriptor Type "
1002 "%u from " MACSTR, hdr->type, MAC2STR(src));
1003 return;
1004 }
1005
1006 key_info = WPA_GET_BE16(hdr->key_info);
1007 key_length = WPA_GET_BE16(hdr->key_length);
1008 key_data_length = WPA_GET_BE16(mic + mic_len);
1009 key_data = mic + mic_len + 2;
1010 if (key_data + key_data_length > data + len) {
1011 add_note(wt, MSG_INFO, "Truncated EAPOL-Key from " MACSTR,
1012 MAC2STR(src));
1013 return;
1014 }
1015 if (key_data + key_data_length < data + len) {
1016 wpa_hexdump(MSG_DEBUG, "Extra data after EAPOL-Key Key Data "
1017 "field", key_data + key_data_length,
1018 data + len - key_data - key_data_length);
1019 }
1020
1021
1022 ver = key_info & WPA_KEY_INFO_TYPE_MASK;
1023 wpa_printf(MSG_DEBUG, "EAPOL-Key ver=%u %c idx=%u%s%s%s%s%s%s%s%s "
1024 "datalen=%u",
1025 ver, key_info & WPA_KEY_INFO_KEY_TYPE ? 'P' : 'G',
1026 (key_info & WPA_KEY_INFO_KEY_INDEX_MASK) >>
1027 WPA_KEY_INFO_KEY_INDEX_SHIFT,
1028 (key_info & WPA_KEY_INFO_INSTALL) ? " Install" : "",
1029 (key_info & WPA_KEY_INFO_ACK) ? " ACK" : "",
1030 (key_info & WPA_KEY_INFO_MIC) ? " MIC" : "",
1031 (key_info & WPA_KEY_INFO_SECURE) ? " Secure" : "",
1032 (key_info & WPA_KEY_INFO_ERROR) ? " Error" : "",
1033 (key_info & WPA_KEY_INFO_REQUEST) ? " Request" : "",
1034 (key_info & WPA_KEY_INFO_ENCR_KEY_DATA) ? " Encr" : "",
1035 (key_info & WPA_KEY_INFO_SMK_MESSAGE) ? " SMK" : "",
1036 key_data_length);
1037
1038 if (ver != WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 &&
1039 ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES &&
1040 ver != WPA_KEY_INFO_TYPE_AES_128_CMAC &&
1041 ver != WPA_KEY_INFO_TYPE_AKM_DEFINED) {
1042 wpa_printf(MSG_INFO, "Unsupported EAPOL-Key Key Descriptor "
1043 "Version %u from " MACSTR, ver, MAC2STR(src));
1044 return;
1045 }
1046
1047 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Replay Counter",
1048 hdr->replay_counter, WPA_REPLAY_COUNTER_LEN);
1049 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Nonce",
1050 hdr->key_nonce, WPA_NONCE_LEN);
1051 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key IV",
1052 hdr->key_iv, 16);
1053 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key RSC",
1054 hdr->key_rsc, WPA_KEY_RSC_LEN);
1055 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key MIC",
1056 mic, mic_len);
1057 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data",
1058 key_data, key_data_length);
1059
1060 if (hdr->type == EAPOL_KEY_TYPE_RSN &&
1061 (key_info & (WPA_KEY_INFO_KEY_INDEX_MASK | BIT(14) | BIT(15))) !=
1062 0) {
1063 wpa_printf(MSG_INFO, "RSN EAPOL-Key with non-zero reserved "
1064 "Key Info bits 0x%x from " MACSTR,
1065 key_info, MAC2STR(src));
1066 }
1067
1068 if (hdr->type == EAPOL_KEY_TYPE_WPA &&
1069 (key_info & (WPA_KEY_INFO_ENCR_KEY_DATA |
1070 WPA_KEY_INFO_SMK_MESSAGE |BIT(14) | BIT(15))) != 0) {
1071 wpa_printf(MSG_INFO, "WPA EAPOL-Key with non-zero reserved "
1072 "Key Info bits 0x%x from " MACSTR,
1073 key_info, MAC2STR(src));
1074 }
1075
1076 if (key_length > 32) {
1077 wpa_printf(MSG_INFO, "EAPOL-Key with invalid Key Length %d "
1078 "from " MACSTR, key_length, MAC2STR(src));
1079 }
1080
1081 if (ver != WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 &&
1082 !is_zero(hdr->key_iv, 16)) {
1083 wpa_printf(MSG_INFO, "EAPOL-Key with non-zero Key IV "
1084 "(reserved with ver=%d) field from " MACSTR,
1085 ver, MAC2STR(src));
1086 wpa_hexdump(MSG_INFO, "EAPOL-Key Key IV (reserved)",
1087 hdr->key_iv, 16);
1088 }
1089
1090 if (!is_zero(hdr->key_id, 8)) {
1091 wpa_printf(MSG_INFO, "EAPOL-Key with non-zero Key ID "
1092 "(reserved) field from " MACSTR, MAC2STR(src));
1093 wpa_hexdump(MSG_INFO, "EAPOL-Key Key ID (reserved)",
1094 hdr->key_id, 8);
1095 }
1096
1097 if (hdr->key_rsc[6] || hdr->key_rsc[7]) {
1098 wpa_printf(MSG_INFO, "EAPOL-Key with non-zero Key RSC octets "
1099 "(last two are unused)" MACSTR, MAC2STR(src));
1100 }
1101
1102 if (key_info & (WPA_KEY_INFO_ERROR | WPA_KEY_INFO_REQUEST))
1103 return;
1104
1105 if (key_info & WPA_KEY_INFO_SMK_MESSAGE)
1106 return;
1107
1108 if (key_info & WPA_KEY_INFO_KEY_TYPE) {
1109 /* 4-Way Handshake */
1110 switch (key_info & (WPA_KEY_INFO_SECURE |
1111 WPA_KEY_INFO_MIC |
1112 WPA_KEY_INFO_ACK |
1113 WPA_KEY_INFO_INSTALL)) {
1114 case WPA_KEY_INFO_ACK:
1115 rx_data_eapol_key_1_of_4(wt, dst, src, data, len);
1116 break;
1117 case WPA_KEY_INFO_MIC:
1118 if (key_data_length == 0)
1119 rx_data_eapol_key_4_of_4(wt, dst, src, data,
1120 len);
1121 else
1122 rx_data_eapol_key_2_of_4(wt, dst, src, data,
1123 len);
1124 break;
1125 case WPA_KEY_INFO_MIC | WPA_KEY_INFO_ACK |
1126 WPA_KEY_INFO_INSTALL:
1127 /* WPA does not include Secure bit in 3/4 */
1128 rx_data_eapol_key_3_of_4(wt, dst, src, data, len);
1129 break;
1130 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC |
1131 WPA_KEY_INFO_ACK | WPA_KEY_INFO_INSTALL:
1132 case WPA_KEY_INFO_SECURE |
1133 WPA_KEY_INFO_ACK | WPA_KEY_INFO_INSTALL:
1134 rx_data_eapol_key_3_of_4(wt, dst, src, data, len);
1135 break;
1136 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC:
1137 case WPA_KEY_INFO_SECURE:
1138 if (key_data_length == 0)
1139 rx_data_eapol_key_4_of_4(wt, dst, src, data,
1140 len);
1141 else
1142 rx_data_eapol_key_2_of_4(wt, dst, src, data,
1143 len);
1144 break;
1145 default:
1146 wpa_printf(MSG_DEBUG, "Unsupported EAPOL-Key frame");
1147 break;
1148 }
1149 } else {
1150 /* Group Key Handshake */
1151 switch (key_info & (WPA_KEY_INFO_SECURE |
1152 WPA_KEY_INFO_MIC |
1153 WPA_KEY_INFO_ACK)) {
1154 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC |
1155 WPA_KEY_INFO_ACK:
1156 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_ACK:
1157 rx_data_eapol_key_1_of_2(wt, dst, src, data, len);
1158 break;
1159 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC:
1160 case WPA_KEY_INFO_SECURE:
1161 rx_data_eapol_key_2_of_2(wt, dst, src, data, len);
1162 break;
1163 default:
1164 wpa_printf(MSG_DEBUG, "Unsupported EAPOL-Key frame");
1165 break;
1166 }
1167 }
1168 }
1169
1170
1171 void rx_data_eapol(struct wlantest *wt, const u8 *bssid, const u8 *sta_addr,
1172 const u8 *dst, const u8 *src,
1173 const u8 *data, size_t len, int prot)
1174 {
1175 const struct ieee802_1x_hdr *hdr;
1176 u16 length;
1177 const u8 *p;
1178
1179 wpa_hexdump(MSG_EXCESSIVE, "EAPOL", data, len);
1180 if (len < sizeof(*hdr)) {
1181 wpa_printf(MSG_INFO, "Too short EAPOL frame from " MACSTR,
1182 MAC2STR(src));
1183 return;
1184 }
1185
1186 hdr = (const struct ieee802_1x_hdr *) data;
1187 length = be_to_host16(hdr->length);
1188 wpa_printf(MSG_DEBUG, "RX EAPOL: " MACSTR " -> " MACSTR "%s ver=%u "
1189 "type=%u len=%u",
1190 MAC2STR(src), MAC2STR(dst), prot ? " Prot" : "",
1191 hdr->version, hdr->type, length);
1192 if (hdr->version < 1 || hdr->version > 3) {
1193 wpa_printf(MSG_INFO, "Unexpected EAPOL version %u from "
1194 MACSTR, hdr->version, MAC2STR(src));
1195 }
1196 if (sizeof(*hdr) + length > len) {
1197 wpa_printf(MSG_INFO, "Truncated EAPOL frame from " MACSTR,
1198 MAC2STR(src));
1199 return;
1200 }
1201
1202 if (sizeof(*hdr) + length < len) {
1203 wpa_printf(MSG_INFO, "EAPOL frame with %d extra bytes",
1204 (int) (len - sizeof(*hdr) - length));
1205 }
1206 p = (const u8 *) (hdr + 1);
1207
1208 switch (hdr->type) {
1209 case IEEE802_1X_TYPE_EAP_PACKET:
1210 wpa_hexdump(MSG_MSGDUMP, "EAPOL - EAP packet", p, length);
1211 break;
1212 case IEEE802_1X_TYPE_EAPOL_START:
1213 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Start", p, length);
1214 break;
1215 case IEEE802_1X_TYPE_EAPOL_LOGOFF:
1216 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Logoff", p, length);
1217 break;
1218 case IEEE802_1X_TYPE_EAPOL_KEY:
1219 rx_data_eapol_key(wt, bssid, sta_addr, dst, src, data,
1220 sizeof(*hdr) + length, prot);
1221 break;
1222 case IEEE802_1X_TYPE_EAPOL_ENCAPSULATED_ASF_ALERT:
1223 wpa_hexdump(MSG_MSGDUMP, "EAPOL - Encapsulated ASF alert",
1224 p, length);
1225 break;
1226 default:
1227 wpa_hexdump(MSG_MSGDUMP, "Unknown EAPOL payload", p, length);
1228 break;
1229 }
1230 }
Unnamed repository; edit this file 'description' to name the repository.