]> git.ipfire.org Git - thirdparty/hostap.git/blob - wlantest/rx_data.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
wlantest: Dump decrypted Key Data from Group Handshake msg 1/2
[thirdparty/hostap.git] / wlantest / rx_data.c
1 /*
2 * Received Data frame processing
3 * Copyright (c) 2010, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 */
14
15 #include "utils/includes.h"
16
17 #include "utils/common.h"
18 #include "crypto/aes_wrap.h"
19 #include "crypto/crypto.h"
20 #include "common/ieee802_11_defs.h"
21 #include "common/eapol_common.h"
22 #include "common/wpa_common.h"
23 #include "rsn_supp/wpa_ie.h"
24 #include "wlantest.h"
25
26
27 static const char * data_stype(u16 stype)
28 {
29 switch (stype) {
30 case WLAN_FC_STYPE_DATA:
31 return "DATA";
32 case WLAN_FC_STYPE_DATA_CFACK:
33 return "DATA-CFACK";
34 case WLAN_FC_STYPE_DATA_CFPOLL:
35 return "DATA-CFPOLL";
36 case WLAN_FC_STYPE_DATA_CFACKPOLL:
37 return "DATA-CFACKPOLL";
38 case WLAN_FC_STYPE_NULLFUNC:
39 return "NULLFUNC";
40 case WLAN_FC_STYPE_CFACK:
41 return "CFACK";
42 case WLAN_FC_STYPE_CFPOLL:
43 return "CFPOLL";
44 case WLAN_FC_STYPE_CFACKPOLL:
45 return "CFACKPOLL";
46 case WLAN_FC_STYPE_QOS_DATA:
47 return "QOSDATA";
48 case WLAN_FC_STYPE_QOS_DATA_CFACK:
49 return "QOSDATA-CFACK";
50 case WLAN_FC_STYPE_QOS_DATA_CFPOLL:
51 return "QOSDATA-CFPOLL";
52 case WLAN_FC_STYPE_QOS_DATA_CFACKPOLL:
53 return "QOSDATA-CFACKPOLL";
54 case WLAN_FC_STYPE_QOS_NULL:
55 return "QOS-NULL";
56 case WLAN_FC_STYPE_QOS_CFPOLL:
57 return "QOS-CFPOLL";
58 case WLAN_FC_STYPE_QOS_CFACKPOLL:
59 return "QOS-CFACKPOLL";
60 }
61 return "??";
62 }
63
64
65 static int check_mic(const u8 *kck, int ver, const u8 *data, size_t len)
66 {
67 u8 *buf;
68 int ret = -1;
69 struct ieee802_1x_hdr *hdr;
70 struct wpa_eapol_key *key;
71 u8 rx_mic[16];
72
73 buf = os_malloc(len);
74 if (buf == NULL)
75 return -1;
76 os_memcpy(buf, data, len);
77 hdr = (struct ieee802_1x_hdr *) buf;
78 key = (struct wpa_eapol_key *) (hdr + 1);
79
80 os_memcpy(rx_mic, key->key_mic, 16);
81 os_memset(key->key_mic, 0, 16);
82
83 if (wpa_eapol_key_mic(kck, ver, buf, len, key->key_mic) == 0 &&
84 os_memcmp(rx_mic, key->key_mic, 16) == 0)
85 ret = 0;
86
87 os_free(buf);
88
89 return ret;
90 }
91
92
93 static void rx_data_eapol_key_1_of_4(struct wlantest *wt, const u8 *dst,
94 const u8 *src, const u8 *data, size_t len)
95 {
96 struct wlantest_bss *bss;
97 struct wlantest_sta *sta;
98 const struct ieee802_1x_hdr *eapol;
99 const struct wpa_eapol_key *hdr;
100
101 wpa_printf(MSG_DEBUG, "EAPOL-Key 1/4 " MACSTR " -> " MACSTR,
102 MAC2STR(src), MAC2STR(dst));
103 bss = bss_get(wt, src);
104 if (bss == NULL)
105 return;
106 sta = sta_get(bss, dst);
107 if (sta == NULL)
108 return;
109
110 eapol = (const struct ieee802_1x_hdr *) data;
111 hdr = (const struct wpa_eapol_key *) (eapol + 1);
112 os_memcpy(sta->anonce, hdr->key_nonce, WPA_NONCE_LEN);
113 }
114
115
116 static int try_pmk(struct wlantest_bss *bss, struct wlantest_sta *sta,
117 u16 ver, const u8 *data, size_t len,
118 struct wlantest_pmk *pmk)
119 {
120 struct wpa_ptk ptk;
121 size_t ptk_len = 48; /* FIX: 64 for TKIP */
122 wpa_pmk_to_ptk(pmk->pmk, sizeof(pmk->pmk),
123 "Pairwise key expansion",
124 bss->bssid, sta->addr, sta->anonce, sta->snonce,
125 (u8 *) &ptk, ptk_len,
126 0 /* FIX: SHA256 based on AKM */);
127 if (check_mic(ptk.kck, ver, data, len) < 0)
128 return -1;
129
130 wpa_printf(MSG_INFO, "Derived PTK for STA " MACSTR " BSSID " MACSTR,
131 MAC2STR(sta->addr), MAC2STR(bss->bssid));
132 os_memcpy(&sta->ptk, &ptk, sizeof(ptk));
133 wpa_hexdump(MSG_DEBUG, "PTK:KCK", sta->ptk.kck, 16);
134 wpa_hexdump(MSG_DEBUG, "PTK:KEK", sta->ptk.kek, 16);
135 wpa_hexdump(MSG_DEBUG, "PTK:TK1", sta->ptk.tk1, 16);
136 if (ptk_len > 48)
137 wpa_hexdump(MSG_DEBUG, "PTK:TK2", sta->ptk.u.tk2, 16);
138 sta->ptk_set = 1;
139 os_memset(sta->rsc_tods, 0, sizeof(sta->rsc_tods));
140 os_memset(sta->rsc_fromds, 0, sizeof(sta->rsc_fromds));
141 return 0;
142 }
143
144
145 static void derive_ptk(struct wlantest *wt, struct wlantest_bss *bss,
146 struct wlantest_sta *sta, u16 ver,
147 const u8 *data, size_t len)
148 {
149 struct wlantest_pmk *pmk;
150
151 dl_list_for_each(pmk, &bss->pmk, struct wlantest_pmk, list) {
152 if (try_pmk(bss, sta, ver, data, len, pmk) == 0)
153 return;
154 }
155
156 dl_list_for_each(pmk, &wt->pmk, struct wlantest_pmk, list) {
157 if (try_pmk(bss, sta, ver, data, len, pmk) == 0)
158 return;
159 }
160 }
161
162
163 static void rx_data_eapol_key_2_of_4(struct wlantest *wt, const u8 *dst,
164 const u8 *src, const u8 *data, size_t len)
165 {
166 struct wlantest_bss *bss;
167 struct wlantest_sta *sta;
168 const struct ieee802_1x_hdr *eapol;
169 const struct wpa_eapol_key *hdr;
170 const u8 *key_data;
171 u16 key_info, key_data_len;
172 struct wpa_eapol_ie_parse ie;
173
174 wpa_printf(MSG_DEBUG, "EAPOL-Key 2/4 " MACSTR " -> " MACSTR,
175 MAC2STR(src), MAC2STR(dst));
176 bss = bss_get(wt, dst);
177 if (bss == NULL)
178 return;
179 sta = sta_get(bss, src);
180 if (sta == NULL)
181 return;
182
183 eapol = (const struct ieee802_1x_hdr *) data;
184 hdr = (const struct wpa_eapol_key *) (eapol + 1);
185 os_memcpy(sta->snonce, hdr->key_nonce, WPA_NONCE_LEN);
186 key_info = WPA_GET_BE16(hdr->key_info);
187 key_data_len = WPA_GET_BE16(hdr->key_data_length);
188 derive_ptk(wt, bss, sta, key_info & WPA_KEY_INFO_TYPE_MASK, data, len);
189
190 if (!sta->ptk_set) {
191 wpa_printf(MSG_DEBUG, "No PTK known to process EAPOL-Key 2/4");
192 return;
193 }
194
195 if (check_mic(sta->ptk.kck, key_info & WPA_KEY_INFO_TYPE_MASK,
196 data, len) < 0) {
197 wpa_printf(MSG_INFO, "Mismatch in EAPOL-Key 2/4 MIC");
198 return;
199 }
200 wpa_printf(MSG_DEBUG, "Valid MIC found in EAPOL-Key 2/4");
201
202 key_data = (const u8 *) (hdr + 1);
203
204 if (wpa_supplicant_parse_ies(key_data, key_data_len, &ie) < 0) {
205 wpa_printf(MSG_INFO, "Failed to parse EAPOL-Key Key Data");
206 return;
207 }
208
209 if (ie.wpa_ie) {
210 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - WPA IE",
211 ie.wpa_ie, ie.wpa_ie_len);
212 }
213
214 if (ie.rsn_ie) {
215 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - RSN IE",
216 ie.rsn_ie, ie.rsn_ie_len);
217 }
218 }
219
220
221 static u8 * decrypt_eapol_key_data_rc4(const u8 *kek,
222 const struct wpa_eapol_key *hdr,
223 size_t *len)
224 {
225 u8 ek[32], *buf;
226 u16 keydatalen = WPA_GET_BE16(hdr->key_data_length);
227
228 buf = os_malloc(keydatalen);
229 if (buf == NULL)
230 return NULL;
231
232 os_memcpy(ek, hdr->key_iv, 16);
233 os_memcpy(ek + 16, kek, 16);
234 os_memcpy(buf, hdr + 1, keydatalen);
235 if (rc4_skip(ek, 32, 256, buf, keydatalen)) {
236 wpa_printf(MSG_INFO, "RC4 failed");
237 os_free(buf);
238 return NULL;
239 }
240
241 *len = keydatalen;
242 return buf;
243 }
244
245
246 static u8 * decrypt_eapol_key_data_aes(const u8 *kek,
247 const struct wpa_eapol_key *hdr,
248 size_t *len)
249 {
250 u8 *buf;
251 u16 keydatalen = WPA_GET_BE16(hdr->key_data_length);
252
253 if (keydatalen % 8) {
254 wpa_printf(MSG_INFO, "Unsupported AES-WRAP len %d",
255 keydatalen);
256 return NULL;
257 }
258 keydatalen -= 8; /* AES-WRAP adds 8 bytes */
259 buf = os_malloc(keydatalen);
260 if (buf == NULL)
261 return NULL;
262 if (aes_unwrap(kek, keydatalen / 8, (u8 *) (hdr + 1), buf)) {
263 os_free(buf);
264 wpa_printf(MSG_INFO, "AES unwrap failed - "
265 "could not decrypt EAPOL-Key key data");
266 return NULL;
267 }
268
269 *len = keydatalen;
270 return buf;
271 }
272
273
274 static u8 * decrypt_eapol_key_data(const u8 *kek, u16 ver,
275 const struct wpa_eapol_key *hdr,
276 size_t *len)
277 {
278 switch (ver) {
279 case WPA_KEY_INFO_TYPE_HMAC_MD5_RC4:
280 return decrypt_eapol_key_data_rc4(kek, hdr, len);
281 case WPA_KEY_INFO_TYPE_HMAC_SHA1_AES:
282 case WPA_KEY_INFO_TYPE_AES_128_CMAC:
283 return decrypt_eapol_key_data_aes(kek, hdr, len);
284 default:
285 wpa_printf(MSG_INFO, "Unsupported EAPOL-Key Key Descriptor "
286 "Version %u", ver);
287 return NULL;
288 }
289 }
290
291
292 static void learn_kde_keys(struct wlantest_bss *bss, u8 *buf, size_t len,
293 const u8 *rsc)
294 {
295 struct wpa_eapol_ie_parse ie;
296
297 if (wpa_supplicant_parse_ies(buf, len, &ie) < 0) {
298 wpa_printf(MSG_INFO, "Failed to parse EAPOL-Key Key Data");
299 return;
300 }
301
302 if (ie.wpa_ie) {
303 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - WPA IE",
304 ie.wpa_ie, ie.wpa_ie_len);
305 }
306
307 if (ie.rsn_ie) {
308 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - RSN IE",
309 ie.rsn_ie, ie.rsn_ie_len);
310 }
311
312 if (ie.gtk) {
313 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - GTK KDE",
314 ie.gtk, ie.gtk_len);
315 if (ie.gtk_len >= 2 && ie.gtk_len <= 2 + 32) {
316 int id;
317 id = ie.gtk[0] & 0x03;
318 wpa_printf(MSG_DEBUG, "GTK KeyID=%u tx=%u",
319 id, !!(ie.gtk[0] & 0x04));
320 if ((ie.gtk[0] & 0xf8) || ie.gtk[1])
321 wpa_printf(MSG_INFO, "GTK KDE: Reserved field "
322 "set: %02x %02x",
323 ie.gtk[0], ie.gtk[1]);
324 wpa_hexdump(MSG_DEBUG, "GTK", ie.gtk + 2,
325 ie.gtk_len - 2);
326 bss->gtk_len[id] = ie.gtk_len - 2;
327 os_memcpy(bss->gtk[id], ie.gtk + 2, ie.gtk_len - 2);
328 bss->rsc[id][0] = rsc[5];
329 bss->rsc[id][1] = rsc[4];
330 bss->rsc[id][2] = rsc[3];
331 bss->rsc[id][3] = rsc[2];
332 bss->rsc[id][4] = rsc[1];
333 bss->rsc[id][5] = rsc[0];
334 wpa_hexdump(MSG_DEBUG, "RSC", bss->rsc[id], 6);
335 } else {
336 wpa_printf(MSG_INFO, "Invalid GTK KDE length %u",
337 (unsigned) ie.gtk_len);
338 }
339 }
340
341 if (ie.igtk) {
342 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - IGTK KDE",
343 ie.igtk, ie.igtk_len);
344 if (ie.igtk_len == 24) {
345 u16 id;
346 id = WPA_GET_LE16(ie.igtk);
347 if (id > 5) {
348 wpa_printf(MSG_INFO, "Unexpected IGTK KeyID "
349 "%u", id);
350 } else {
351 wpa_printf(MSG_DEBUG, "IGTK KeyID %u", id);
352 wpa_hexdump(MSG_DEBUG, "IPN", ie.igtk + 2, 6);
353 wpa_hexdump(MSG_DEBUG, "IGTK", ie.igtk + 8,
354 16);
355 os_memcpy(bss->igtk[id], ie.igtk + 8, 16);
356 bss->igtk_set[id] = 1;
357 }
358 } else {
359 wpa_printf(MSG_INFO, "Invalid IGTK KDE length %u",
360 (unsigned) ie.igtk_len);
361 }
362 }
363 }
364
365
366 static void rx_data_eapol_key_3_of_4(struct wlantest *wt, const u8 *dst,
367 const u8 *src, const u8 *data, size_t len)
368 {
369 struct wlantest_bss *bss;
370 struct wlantest_sta *sta;
371 const struct ieee802_1x_hdr *eapol;
372 const struct wpa_eapol_key *hdr;
373 const u8 *key_data;
374 int recalc = 0;
375 u16 key_info, ver;
376 u8 *decrypted;
377 size_t decrypted_len = 0;
378
379 wpa_printf(MSG_DEBUG, "EAPOL-Key 3/4 " MACSTR " -> " MACSTR,
380 MAC2STR(src), MAC2STR(dst));
381 bss = bss_get(wt, src);
382 if (bss == NULL)
383 return;
384 sta = sta_get(bss, dst);
385 if (sta == NULL)
386 return;
387
388 eapol = (const struct ieee802_1x_hdr *) data;
389 hdr = (const struct wpa_eapol_key *) (eapol + 1);
390 key_info = WPA_GET_BE16(hdr->key_info);
391
392 if (os_memcmp(sta->anonce, hdr->key_nonce, WPA_NONCE_LEN) != 0) {
393 wpa_printf(MSG_INFO, "EAPOL-Key ANonce mismatch between 1/4 "
394 "and 3/4");
395 recalc = 1;
396 }
397 os_memcpy(sta->anonce, hdr->key_nonce, WPA_NONCE_LEN);
398 if (recalc) {
399 derive_ptk(wt, bss, sta, key_info & WPA_KEY_INFO_TYPE_MASK,
400 data, len);
401 }
402
403 if (!sta->ptk_set) {
404 wpa_printf(MSG_DEBUG, "No PTK known to process EAPOL-Key 3/4");
405 return;
406 }
407
408 if (check_mic(sta->ptk.kck, key_info & WPA_KEY_INFO_TYPE_MASK,
409 data, len) < 0) {
410 wpa_printf(MSG_INFO, "Mismatch in EAPOL-Key 3/4 MIC");
411 return;
412 }
413 wpa_printf(MSG_DEBUG, "Valid MIC found in EAPOL-Key 3/4");
414
415 key_data = (const u8 *) (hdr + 1);
416 /* TODO: handle WPA without EncrKeyData bit */
417 if (!(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) {
418 wpa_printf(MSG_INFO, "EAPOL-Key 3/4 without EncrKeyData bit");
419 return;
420 }
421 ver = key_info & WPA_KEY_INFO_TYPE_MASK;
422 decrypted = decrypt_eapol_key_data(sta->ptk.kek, ver, hdr,
423 &decrypted_len);
424 if (decrypted == NULL) {
425 wpa_printf(MSG_INFO, "Failed to decrypt EAPOL-Key Key Data");
426 return;
427 }
428 wpa_hexdump(MSG_DEBUG, "Decrypted EAPOL-Key Key Data",
429 decrypted, decrypted_len);
430 if (wt->write_pcap_dumper) {
431 /* Fill in a dummy Data frame header */
432 u8 buf[24 + 8 + sizeof(*eapol) + sizeof(*hdr)];
433 struct ieee80211_hdr *h;
434 struct wpa_eapol_key *k;
435 u8 *pos;
436 size_t plain_len;
437
438 plain_len = decrypted_len;
439 pos = decrypted;
440 while (pos + 1 < decrypted + decrypted_len) {
441 if (pos[0] == 0xdd && pos[1] == 0x00) {
442 /* Remove padding */
443 plain_len = pos - decrypted;
444 break;
445 }
446 pos += 2 + pos[1];
447 }
448
449 os_memset(buf, 0, sizeof(buf));
450 h = (struct ieee80211_hdr *) buf;
451 h->frame_control = host_to_le16(0x0208);
452 os_memcpy(h->addr1, dst, ETH_ALEN);
453 os_memcpy(h->addr2, src, ETH_ALEN);
454 os_memcpy(h->addr3, src, ETH_ALEN);
455 pos = (u8 *) (h + 1);
456 os_memcpy(pos, "\xaa\xaa\x03\x00\x00\x00\x88\x8e", 8);
457 pos += 8;
458 os_memcpy(pos, eapol, sizeof(*eapol));
459 pos += sizeof(*eapol);
460 os_memcpy(pos, hdr, sizeof(*hdr));
461 k = (struct wpa_eapol_key *) pos;
462 WPA_PUT_BE16(k->key_info,
463 key_info & ~WPA_KEY_INFO_ENCR_KEY_DATA);
464 WPA_PUT_BE16(k->key_data_length, plain_len);
465 write_pcap_decrypted(wt, buf, sizeof(buf),
466 decrypted, plain_len);
467 }
468 learn_kde_keys(bss, decrypted, decrypted_len, hdr->key_rsc);
469 os_free(decrypted);
470 }
471
472
473 static void rx_data_eapol_key_4_of_4(struct wlantest *wt, const u8 *dst,
474 const u8 *src, const u8 *data, size_t len)
475 {
476 struct wlantest_bss *bss;
477 struct wlantest_sta *sta;
478 const struct ieee802_1x_hdr *eapol;
479 const struct wpa_eapol_key *hdr;
480 u16 key_info;
481
482 wpa_printf(MSG_DEBUG, "EAPOL-Key 4/4 " MACSTR " -> " MACSTR,
483 MAC2STR(src), MAC2STR(dst));
484 bss = bss_get(wt, dst);
485 if (bss == NULL)
486 return;
487 sta = sta_get(bss, src);
488 if (sta == NULL)
489 return;
490
491 eapol = (const struct ieee802_1x_hdr *) data;
492 hdr = (const struct wpa_eapol_key *) (eapol + 1);
493 key_info = WPA_GET_BE16(hdr->key_info);
494
495 if (!sta->ptk_set) {
496 wpa_printf(MSG_DEBUG, "No PTK known to process EAPOL-Key 4/4");
497 return;
498 }
499
500 if (sta->ptk_set &&
501 check_mic(sta->ptk.kck, key_info & WPA_KEY_INFO_TYPE_MASK,
502 data, len) < 0) {
503 wpa_printf(MSG_INFO, "Mismatch in EAPOL-Key 4/4 MIC");
504 return;
505 }
506 wpa_printf(MSG_DEBUG, "Valid MIC found in EAPOL-Key 4/4");
507 }
508
509
510 static void rx_data_eapol_key_1_of_2(struct wlantest *wt, const u8 *dst,
511 const u8 *src, const u8 *data, size_t len)
512 {
513 struct wlantest_bss *bss;
514 struct wlantest_sta *sta;
515 const struct ieee802_1x_hdr *eapol;
516 const struct wpa_eapol_key *hdr;
517 const u8 *key_data;
518 u16 key_info, ver;
519 u8 *decrypted;
520 size_t decrypted_len = 0;
521
522 wpa_printf(MSG_DEBUG, "EAPOL-Key 1/2 " MACSTR " -> " MACSTR,
523 MAC2STR(src), MAC2STR(dst));
524 bss = bss_get(wt, src);
525 if (bss == NULL)
526 return;
527 sta = sta_get(bss, dst);
528 if (sta == NULL)
529 return;
530
531 eapol = (const struct ieee802_1x_hdr *) data;
532 hdr = (const struct wpa_eapol_key *) (eapol + 1);
533 key_info = WPA_GET_BE16(hdr->key_info);
534
535 if (!sta->ptk_set) {
536 wpa_printf(MSG_DEBUG, "No PTK known to process EAPOL-Key 1/2");
537 return;
538 }
539
540 if (sta->ptk_set &&
541 check_mic(sta->ptk.kck, key_info & WPA_KEY_INFO_TYPE_MASK,
542 data, len) < 0) {
543 wpa_printf(MSG_INFO, "Mismatch in EAPOL-Key 1/2 MIC");
544 return;
545 }
546 wpa_printf(MSG_DEBUG, "Valid MIC found in EAPOL-Key 1/2");
547
548 key_data = (const u8 *) (hdr + 1);
549 /* TODO: handle WPA without EncrKeyData bit */
550 if (!(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) {
551 wpa_printf(MSG_INFO, "EAPOL-Key 1/2 without EncrKeyData bit");
552 return;
553 }
554 ver = key_info & WPA_KEY_INFO_TYPE_MASK;
555 decrypted = decrypt_eapol_key_data(sta->ptk.kek, ver, hdr,
556 &decrypted_len);
557 if (decrypted == NULL) {
558 wpa_printf(MSG_INFO, "Failed to decrypt EAPOL-Key Key Data");
559 return;
560 }
561 wpa_hexdump(MSG_DEBUG, "Decrypted EAPOL-Key Key Data",
562 decrypted, decrypted_len);
563 if (wt->write_pcap_dumper) {
564 /* Fill in a dummy Data frame header */
565 u8 buf[24 + 8 + sizeof(*eapol) + sizeof(*hdr)];
566 struct ieee80211_hdr *h;
567 struct wpa_eapol_key *k;
568 u8 *pos;
569 size_t plain_len;
570
571 plain_len = decrypted_len;
572 pos = decrypted;
573 while (pos + 1 < decrypted + decrypted_len) {
574 if (pos[0] == 0xdd && pos[1] == 0x00) {
575 /* Remove padding */
576 plain_len = pos - decrypted;
577 break;
578 }
579 pos += 2 + pos[1];
580 }
581
582 os_memset(buf, 0, sizeof(buf));
583 h = (struct ieee80211_hdr *) buf;
584 h->frame_control = host_to_le16(0x0208);
585 os_memcpy(h->addr1, dst, ETH_ALEN);
586 os_memcpy(h->addr2, src, ETH_ALEN);
587 os_memcpy(h->addr3, src, ETH_ALEN);
588 pos = (u8 *) (h + 1);
589 os_memcpy(pos, "\xaa\xaa\x03\x00\x00\x00\x88\x8e", 8);
590 pos += 8;
591 os_memcpy(pos, eapol, sizeof(*eapol));
592 pos += sizeof(*eapol);
593 os_memcpy(pos, hdr, sizeof(*hdr));
594 k = (struct wpa_eapol_key *) pos;
595 WPA_PUT_BE16(k->key_info,
596 key_info & ~WPA_KEY_INFO_ENCR_KEY_DATA);
597 WPA_PUT_BE16(k->key_data_length, plain_len);
598 write_pcap_decrypted(wt, buf, sizeof(buf),
599 decrypted, plain_len);
600 }
601 learn_kde_keys(bss, decrypted, decrypted_len, hdr->key_rsc);
602 os_free(decrypted);
603 }
604
605
606 static void rx_data_eapol_key_2_of_2(struct wlantest *wt, const u8 *dst,
607 const u8 *src, const u8 *data, size_t len)
608 {
609 struct wlantest_bss *bss;
610 struct wlantest_sta *sta;
611 const struct ieee802_1x_hdr *eapol;
612 const struct wpa_eapol_key *hdr;
613 u16 key_info;
614
615 wpa_printf(MSG_DEBUG, "EAPOL-Key 2/2 " MACSTR " -> " MACSTR,
616 MAC2STR(src), MAC2STR(dst));
617 bss = bss_get(wt, dst);
618 if (bss == NULL)
619 return;
620 sta = sta_get(bss, src);
621 if (sta == NULL)
622 return;
623
624 eapol = (const struct ieee802_1x_hdr *) data;
625 hdr = (const struct wpa_eapol_key *) (eapol + 1);
626 key_info = WPA_GET_BE16(hdr->key_info);
627
628 if (!sta->ptk_set) {
629 wpa_printf(MSG_DEBUG, "No PTK known to process EAPOL-Key 2/2");
630 return;
631 }
632
633 if (sta->ptk_set &&
634 check_mic(sta->ptk.kck, key_info & WPA_KEY_INFO_TYPE_MASK,
635 data, len) < 0) {
636 wpa_printf(MSG_INFO, "Mismatch in EAPOL-Key 2/2 MIC");
637 return;
638 }
639 wpa_printf(MSG_DEBUG, "Valid MIC found in EAPOL-Key 2/2");
640 }
641
642
643 static void rx_data_eapol_key(struct wlantest *wt, const u8 *dst,
644 const u8 *src, const u8 *data, size_t len,
645 int prot)
646 {
647 const struct ieee802_1x_hdr *eapol;
648 const struct wpa_eapol_key *hdr;
649 const u8 *key_data;
650 u16 key_info, key_length, ver, key_data_length;
651
652 eapol = (const struct ieee802_1x_hdr *) data;
653 hdr = (const struct wpa_eapol_key *) (eapol + 1);
654
655 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key",
656 (const u8 *) hdr, len - sizeof(*eapol));
657 if (len < sizeof(*hdr)) {
658 wpa_printf(MSG_INFO, "Too short EAPOL-Key frame from " MACSTR,
659 MAC2STR(src));
660 return;
661 }
662
663 if (hdr->type == EAPOL_KEY_TYPE_RC4) {
664 /* TODO: EAPOL-Key RC4 for WEP */
665 return;
666 }
667
668 if (hdr->type != EAPOL_KEY_TYPE_RSN &&
669 hdr->type != EAPOL_KEY_TYPE_WPA) {
670 wpa_printf(MSG_DEBUG, "Unsupported EAPOL-Key type %u",
671 hdr->type);
672 return;
673 }
674
675 key_info = WPA_GET_BE16(hdr->key_info);
676 key_length = WPA_GET_BE16(hdr->key_length);
677 key_data_length = WPA_GET_BE16(hdr->key_data_length);
678 key_data = (const u8 *) (hdr + 1);
679 if (key_data + key_data_length > data + len) {
680 wpa_printf(MSG_INFO, "Truncated EAPOL-Key from " MACSTR,
681 MAC2STR(src));
682 return;
683 }
684 if (key_data + key_data_length < data + len) {
685 wpa_hexdump(MSG_DEBUG, "Extra data after EAPOL-Key Key Data "
686 "field", key_data + key_data_length,
687 data + len - key_data - key_data_length);
688 }
689
690
691 ver = key_info & WPA_KEY_INFO_TYPE_MASK;
692 wpa_printf(MSG_DEBUG, "EAPOL-Key ver=%u %c idx=%u%s%s%s%s%s%s%s%s "
693 "datalen=%u",
694 ver, key_info & WPA_KEY_INFO_KEY_TYPE ? 'P' : 'G',
695 (key_info & WPA_KEY_INFO_KEY_INDEX_MASK) >>
696 WPA_KEY_INFO_KEY_INDEX_SHIFT,
697 (key_info & WPA_KEY_INFO_INSTALL) ? " Install" : "",
698 (key_info & WPA_KEY_INFO_ACK) ? " ACK" : "",
699 (key_info & WPA_KEY_INFO_MIC) ? " MIC" : "",
700 (key_info & WPA_KEY_INFO_SECURE) ? " Secure" : "",
701 (key_info & WPA_KEY_INFO_ERROR) ? " Error" : "",
702 (key_info & WPA_KEY_INFO_REQUEST) ? " Request" : "",
703 (key_info & WPA_KEY_INFO_ENCR_KEY_DATA) ? " Encr" : "",
704 (key_info & WPA_KEY_INFO_SMK_MESSAGE) ? " SMK" : "",
705 key_data_length);
706
707 if (ver != WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 &&
708 ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES &&
709 ver != WPA_KEY_INFO_TYPE_AES_128_CMAC) {
710 wpa_printf(MSG_DEBUG, "Unsupported EAPOL-Key Key Descriptor "
711 "Version %u", ver);
712 return;
713 }
714
715 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Replay Counter",
716 hdr->replay_counter, WPA_REPLAY_COUNTER_LEN);
717 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Nonce",
718 hdr->key_nonce, WPA_NONCE_LEN);
719 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key IV",
720 hdr->key_iv, 16);
721 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key RSC",
722 hdr->key_rsc, WPA_KEY_RSC_LEN);
723 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key MIC",
724 hdr->key_mic, 16);
725 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data",
726 key_data, key_data_length);
727
728 if (key_info & (WPA_KEY_INFO_ERROR | WPA_KEY_INFO_REQUEST))
729 return;
730
731 if (key_info & WPA_KEY_INFO_SMK_MESSAGE)
732 return;
733
734 if (key_info & WPA_KEY_INFO_KEY_TYPE) {
735 /* 4-Way Handshake */
736 switch (key_info & (WPA_KEY_INFO_SECURE |
737 WPA_KEY_INFO_MIC |
738 WPA_KEY_INFO_ACK |
739 WPA_KEY_INFO_INSTALL)) {
740 case WPA_KEY_INFO_ACK:
741 rx_data_eapol_key_1_of_4(wt, dst, src, data, len);
742 break;
743 case WPA_KEY_INFO_MIC:
744 rx_data_eapol_key_2_of_4(wt, dst, src, data, len);
745 break;
746 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC |
747 WPA_KEY_INFO_ACK | WPA_KEY_INFO_INSTALL:
748 rx_data_eapol_key_3_of_4(wt, dst, src, data, len);
749 break;
750 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC:
751 rx_data_eapol_key_4_of_4(wt, dst, src, data, len);
752 break;
753 default:
754 wpa_printf(MSG_DEBUG, "Unsupported EAPOL-Key frame");
755 break;
756 }
757 } else {
758 /* Group Key Handshake */
759 switch (key_info & (WPA_KEY_INFO_SECURE |
760 WPA_KEY_INFO_MIC |
761 WPA_KEY_INFO_ACK)) {
762 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC |
763 WPA_KEY_INFO_ACK:
764 rx_data_eapol_key_1_of_2(wt, dst, src, data, len);
765 break;
766 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC:
767 rx_data_eapol_key_2_of_2(wt, dst, src, data, len);
768 break;
769 default:
770 wpa_printf(MSG_DEBUG, "Unsupported EAPOL-Key frame");
771 break;
772 }
773 }
774 }
775
776
777 static void rx_data_eapol(struct wlantest *wt, const u8 *dst, const u8 *src,
778 const u8 *data, size_t len, int prot)
779 {
780 const struct ieee802_1x_hdr *hdr;
781 u16 length;
782 const u8 *p;
783
784 wpa_hexdump(MSG_EXCESSIVE, "EAPOL", data, len);
785 if (len < sizeof(*hdr)) {
786 wpa_printf(MSG_INFO, "Too short EAPOL frame from " MACSTR,
787 MAC2STR(src));
788 return;
789 }
790
791 hdr = (const struct ieee802_1x_hdr *) data;
792 length = be_to_host16(hdr->length);
793 wpa_printf(MSG_DEBUG, "RX EAPOL: " MACSTR " -> " MACSTR "%s ver=%u "
794 "type=%u len=%u",
795 MAC2STR(src), MAC2STR(dst), prot ? " Prot" : "",
796 hdr->version, hdr->type, length);
797 if (sizeof(*hdr) + length > len) {
798 wpa_printf(MSG_INFO, "Truncated EAPOL frame from " MACSTR,
799 MAC2STR(src));
800 return;
801 }
802
803 if (sizeof(*hdr) + length < len) {
804 wpa_printf(MSG_INFO, "EAPOL frame with %d extra bytes",
805 (int) (len - sizeof(*hdr) - length));
806 }
807 p = (const u8 *) (hdr + 1);
808
809 switch (hdr->type) {
810 case IEEE802_1X_TYPE_EAP_PACKET:
811 wpa_hexdump(MSG_MSGDUMP, "EAPOL - EAP packet", p, length);
812 break;
813 case IEEE802_1X_TYPE_EAPOL_START:
814 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Start", p, length);
815 break;
816 case IEEE802_1X_TYPE_EAPOL_LOGOFF:
817 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Logoff", p, length);
818 break;
819 case IEEE802_1X_TYPE_EAPOL_KEY:
820 rx_data_eapol_key(wt, dst, src, data, sizeof(*hdr) + length,
821 prot);
822 break;
823 case IEEE802_1X_TYPE_EAPOL_ENCAPSULATED_ASF_ALERT:
824 wpa_hexdump(MSG_MSGDUMP, "EAPOL - Encapsulated ASF alert",
825 p, length);
826 break;
827 default:
828 wpa_hexdump(MSG_MSGDUMP, "Unknown EAPOL payload", p, length);
829 break;
830 }
831 }
832
833
834 static void rx_data_eth(struct wlantest *wt, const u8 *dst, const u8 *src,
835 u16 ethertype, const u8 *data, size_t len, int prot)
836 {
837 if (ethertype == ETH_P_PAE)
838 rx_data_eapol(wt, dst, src, data, len, prot);
839 }
840
841
842 static void rx_data_process(struct wlantest *wt, const u8 *dst, const u8 *src,
843 const u8 *data, size_t len, int prot)
844 {
845 if (len == 0)
846 return;
847
848 if (len >= 8 && os_memcmp(data, "\xaa\xaa\x03\x00\x00\x00", 6) == 0) {
849 rx_data_eth(wt, dst, src, WPA_GET_BE16(data + 6),
850 data + 8, len - 8, prot);
851 return;
852 }
853
854 wpa_hexdump(MSG_DEBUG, "Unrecognized LLC", data, len > 8 ? 8 : len);
855 }
856
857
858 static void rx_data_bss_prot_group(struct wlantest *wt,
859 const struct ieee80211_hdr *hdr,
860 const u8 *qos, const u8 *dst, const u8 *src,
861 const u8 *data, size_t len)
862 {
863 struct wlantest_bss *bss;
864 int keyid;
865 u8 *decrypted;
866 size_t dlen;
867 u8 pn[6];
868
869 bss = bss_get(wt, hdr->addr2);
870 if (bss == NULL)
871 return;
872 if (len < 4) {
873 wpa_printf(MSG_INFO, "Too short group addressed data frame");
874 return;
875 }
876
877 keyid = data[3] >> 6;
878 if (bss->gtk_len[keyid] == 0) {
879 wpa_printf(MSG_MSGDUMP, "No GTK known to decrypt the frame "
880 "(A2=" MACSTR " KeyID=%d)",
881 MAC2STR(hdr->addr2), keyid);
882 return;
883 }
884
885 ccmp_get_pn(pn, data);
886 if (os_memcmp(pn, bss->rsc[keyid], 6) <= 0) {
887 wpa_printf(MSG_INFO, "CCMP/TKIP replay detected: SA=" MACSTR,
888 MAC2STR(hdr->addr2));
889 wpa_hexdump(MSG_INFO, "RX PN", pn, 6);
890 wpa_hexdump(MSG_INFO, "RSC", bss->rsc[keyid], 6);
891 }
892
893 /* TODO: TKIP */
894
895 decrypted = ccmp_decrypt(bss->gtk[keyid], hdr, data, len, &dlen);
896 if (decrypted) {
897 rx_data_process(wt, dst, src, decrypted, dlen, 1);
898 os_memcpy(bss->rsc[keyid], pn, 6);
899 write_pcap_decrypted(wt, (const u8 *) hdr, 24 + (qos ? 2 : 0),
900 decrypted, dlen);
901 }
902 os_free(decrypted);
903 }
904
905
906 static void rx_data_bss_prot(struct wlantest *wt,
907 const struct ieee80211_hdr *hdr, const u8 *qos,
908 const u8 *dst, const u8 *src, const u8 *data,
909 size_t len)
910 {
911 struct wlantest_bss *bss;
912 struct wlantest_sta *sta;
913 int keyid;
914 u16 fc = le_to_host16(hdr->frame_control);
915 u8 *decrypted;
916 size_t dlen;
917 int tid;
918 u8 pn[6], *rsc;
919
920 if (hdr->addr1[0] & 0x01) {
921 rx_data_bss_prot_group(wt, hdr, qos, dst, src, data, len);
922 return;
923 }
924
925 if (fc & WLAN_FC_TODS) {
926 bss = bss_get(wt, hdr->addr1);
927 if (bss == NULL)
928 return;
929 sta = sta_get(bss, hdr->addr2);
930 } else {
931 bss = bss_get(wt, hdr->addr2);
932 if (bss == NULL)
933 return;
934 sta = sta_get(bss, hdr->addr1);
935 }
936 if (sta == NULL || !sta->ptk_set) {
937 wpa_printf(MSG_MSGDUMP, "No PTK known to decrypt the frame");
938 return;
939 }
940
941 if (len < 4) {
942 wpa_printf(MSG_INFO, "Too short encrypted data frame");
943 return;
944 }
945
946 keyid = data[3] >> 6;
947 if (keyid != 0) {
948 wpa_printf(MSG_INFO, "Unexpected non-zero KeyID %d in "
949 "individually addressed Data frame from " MACSTR,
950 keyid, MAC2STR(hdr->addr2));
951 }
952
953 if (qos)
954 tid = qos[0] & 0x0f;
955 else
956 tid = 0;
957 if (fc & WLAN_FC_TODS)
958 rsc = sta->rsc_tods[tid];
959 else
960 rsc = sta->rsc_fromds[tid];
961
962
963 ccmp_get_pn(pn, data);
964 if (os_memcmp(pn, rsc, 6) <= 0) {
965 wpa_printf(MSG_INFO, "CCMP/TKIP replay detected: SA=" MACSTR,
966 MAC2STR(hdr->addr2));
967 wpa_hexdump(MSG_INFO, "RX PN", pn, 6);
968 wpa_hexdump(MSG_INFO, "RSC", rsc, 6);
969 }
970
971 /* TODO: TKIP */
972
973 decrypted = ccmp_decrypt(sta->ptk.tk1, hdr, data, len, &dlen);
974 if (decrypted) {
975 rx_data_process(wt, dst, src, decrypted, dlen, 1);
976 os_memcpy(rsc, pn, 6);
977 write_pcap_decrypted(wt, (const u8 *) hdr, 24 + (qos ? 2 : 0),
978 decrypted, dlen);
979 }
980 os_free(decrypted);
981 }
982
983
984 static void rx_data_bss(struct wlantest *wt, const struct ieee80211_hdr *hdr,
985 const u8 *qos, const u8 *dst, const u8 *src,
986 const u8 *data, size_t len)
987 {
988 u16 fc = le_to_host16(hdr->frame_control);
989 int prot = !!(fc & WLAN_FC_ISWEP);
990
991 if (qos) {
992 u8 ack = (qos[0] & 0x60) >> 5;
993 wpa_printf(MSG_MSGDUMP, "BSS DATA: " MACSTR " -> " MACSTR
994 " len=%u%s tid=%u%s%s",
995 MAC2STR(src), MAC2STR(dst), (unsigned int) len,
996 prot ? " Prot" : "", qos[0] & 0x0f,
997 (qos[0] & 0x10) ? " EOSP" : "",
998 ack == 0 ? "" :
999 (ack == 1 ? " NoAck" :
1000 (ack == 2 ? " NoExpAck" : " BA")));
1001 } else {
1002 wpa_printf(MSG_MSGDUMP, "BSS DATA: " MACSTR " -> " MACSTR
1003 " len=%u%s",
1004 MAC2STR(src), MAC2STR(dst), (unsigned int) len,
1005 prot ? " Prot" : "");
1006 }
1007
1008 if (prot)
1009 rx_data_bss_prot(wt, hdr, qos, dst, src, data, len);
1010 else
1011 rx_data_process(wt, dst, src, data, len, 0);
1012 }
1013
1014
1015 void rx_data(struct wlantest *wt, const u8 *data, size_t len)
1016 {
1017 const struct ieee80211_hdr *hdr;
1018 u16 fc, stype;
1019 size_t hdrlen;
1020 const u8 *qos = NULL;
1021
1022 if (len < 24)
1023 return;
1024
1025 hdr = (const struct ieee80211_hdr *) data;
1026 fc = le_to_host16(hdr->frame_control);
1027 stype = WLAN_FC_GET_STYPE(fc);
1028 hdrlen = 24;
1029 if ((fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) ==
1030 (WLAN_FC_TODS | WLAN_FC_FROMDS))
1031 hdrlen += ETH_ALEN;
1032 if (stype & 0x08) {
1033 qos = data + hdrlen;
1034 hdrlen += 2;
1035 }
1036 if (len < hdrlen)
1037 return;
1038 wt->rx_data++;
1039
1040 switch (fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) {
1041 case 0:
1042 wpa_printf(MSG_EXCESSIVE, "DATA %s%s%s IBSS DA=" MACSTR " SA="
1043 MACSTR " BSSID=" MACSTR,
1044 data_stype(WLAN_FC_GET_STYPE(fc)),
1045 fc & WLAN_FC_PWRMGT ? " PwrMgt" : "",
1046 fc & WLAN_FC_ISWEP ? " Prot" : "",
1047 MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
1048 MAC2STR(hdr->addr3));
1049 break;
1050 case WLAN_FC_FROMDS:
1051 wpa_printf(MSG_EXCESSIVE, "DATA %s%s%s FromDS DA=" MACSTR
1052 " BSSID=" MACSTR " SA=" MACSTR,
1053 data_stype(WLAN_FC_GET_STYPE(fc)),
1054 fc & WLAN_FC_PWRMGT ? " PwrMgt" : "",
1055 fc & WLAN_FC_ISWEP ? " Prot" : "",
1056 MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
1057 MAC2STR(hdr->addr3));
1058 rx_data_bss(wt, hdr, qos, hdr->addr1, hdr->addr2,
1059 data + hdrlen, len - hdrlen);
1060 break;
1061 case WLAN_FC_TODS:
1062 wpa_printf(MSG_EXCESSIVE, "DATA %s%s%s ToDS BSSID=" MACSTR
1063 " SA=" MACSTR " DA=" MACSTR,
1064 data_stype(WLAN_FC_GET_STYPE(fc)),
1065 fc & WLAN_FC_PWRMGT ? " PwrMgt" : "",
1066 fc & WLAN_FC_ISWEP ? " Prot" : "",
1067 MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
1068 MAC2STR(hdr->addr3));
1069 rx_data_bss(wt, hdr, qos, hdr->addr3, hdr->addr2,
1070 data + hdrlen, len - hdrlen);
1071 break;
1072 case WLAN_FC_TODS | WLAN_FC_FROMDS:
1073 wpa_printf(MSG_EXCESSIVE, "DATA %s%s%s WDS RA=" MACSTR " TA="
1074 MACSTR " DA=" MACSTR " SA=" MACSTR,
1075 data_stype(WLAN_FC_GET_STYPE(fc)),
1076 fc & WLAN_FC_PWRMGT ? " PwrMgt" : "",
1077 fc & WLAN_FC_ISWEP ? " Prot" : "",
1078 MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
1079 MAC2STR(hdr->addr3),
1080 MAC2STR((const u8 *) (hdr + 1)));
1081 break;
1082 }
1083 }
Unnamed repository; edit this file 'description' to name the repository.