]> git.ipfire.org Git - thirdparty/hostap.git/blob - wlantest/rx_eapol.c
projects / thirdparty / hostap.git / blob
? search:


1af48ec8f320ecbb5d60d890679a50d10229078b
[thirdparty/hostap.git] / wlantest / rx_eapol.c
1 /*
2 * Received Data frame processing for EAPOL messages
3 * Copyright (c) 2010-2015, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10
11 #include "utils/common.h"
12 #include "crypto/aes_wrap.h"
13 #include "crypto/crypto.h"
14 #include "common/defs.h"
15 #include "common/ieee802_11_defs.h"
16 #include "common/ieee802_11_common.h"
17 #include "common/eapol_common.h"
18 #include "common/wpa_common.h"
19 #include "rsn_supp/wpa_ie.h"
20 #include "wlantest.h"
21
22
23 static int is_zero(const u8 *buf, size_t len)
24 {
25 size_t i;
26 for (i = 0; i < len; i++) {
27 if (buf[i])
28 return 0;
29 }
30 return 1;
31 }
32
33
34 static int check_mic(const u8 *kck, size_t kck_len, int akmp, int ver,
35 const u8 *data, size_t len)
36 {
37 u8 *buf;
38 int ret = -1;
39 struct ieee802_1x_hdr *hdr;
40 struct wpa_eapol_key *key;
41 u8 rx_mic[WPA_EAPOL_KEY_MIC_MAX_LEN];
42 size_t mic_len = wpa_mic_len(akmp, PMK_LEN);
43
44 buf = os_memdup(data, len);
45 if (buf == NULL)
46 return -1;
47 hdr = (struct ieee802_1x_hdr *) buf;
48 key = (struct wpa_eapol_key *) (hdr + 1);
49
50 os_memcpy(rx_mic, key + 1, mic_len);
51 os_memset(key + 1, 0, mic_len);
52
53 if (wpa_eapol_key_mic(kck, kck_len, akmp, ver, buf, len,
54 (u8 *) (key + 1)) == 0 &&
55 os_memcmp(rx_mic, key + 1, mic_len) == 0)
56 ret = 0;
57
58 os_free(buf);
59
60 return ret;
61 }
62
63
64 static void rx_data_eapol_key_1_of_4(struct wlantest *wt, const u8 *dst,
65 const u8 *src, const u8 *data, size_t len)
66 {
67 struct wlantest_bss *bss;
68 struct wlantest_sta *sta;
69 const struct ieee802_1x_hdr *eapol;
70 const struct wpa_eapol_key *hdr;
71
72 wpa_printf(MSG_DEBUG, "EAPOL-Key 1/4 " MACSTR " -> " MACSTR,
73 MAC2STR(src), MAC2STR(dst));
74 bss = bss_get(wt, src);
75 if (bss == NULL)
76 return;
77 sta = sta_get(bss, dst);
78 if (sta == NULL)
79 return;
80
81 eapol = (const struct ieee802_1x_hdr *) data;
82 hdr = (const struct wpa_eapol_key *) (eapol + 1);
83 if (is_zero(hdr->key_nonce, WPA_NONCE_LEN)) {
84 add_note(wt, MSG_INFO, "EAPOL-Key 1/4 from " MACSTR
85 " used zero nonce", MAC2STR(src));
86 }
87 if (!is_zero(hdr->key_rsc, 8)) {
88 add_note(wt, MSG_INFO, "EAPOL-Key 1/4 from " MACSTR
89 " used non-zero Key RSC", MAC2STR(src));
90 }
91 os_memcpy(sta->anonce, hdr->key_nonce, WPA_NONCE_LEN);
92 }
93
94
95 static int try_pmk(struct wlantest *wt, struct wlantest_bss *bss,
96 struct wlantest_sta *sta, u16 ver,
97 const u8 *data, size_t len,
98 struct wlantest_pmk *pmk)
99 {
100 struct wpa_ptk ptk;
101
102 if (wpa_key_mgmt_ft(sta->key_mgmt)) {
103 u8 pmk_r0[PMK_LEN];
104 u8 pmk_r0_name[WPA_PMK_NAME_LEN];
105 u8 pmk_r1[PMK_LEN];
106 u8 pmk_r1_name[WPA_PMK_NAME_LEN];
107 u8 ptk_name[WPA_PMK_NAME_LEN];
108
109 wpa_derive_pmk_r0(pmk->pmk, PMK_LEN,
110 bss->ssid, bss->ssid_len, bss->mdid,
111 bss->r0kh_id, bss->r0kh_id_len,
112 sta->addr, pmk_r0, pmk_r0_name, 0);
113 wpa_hexdump(MSG_DEBUG, "FT: PMK-R0", pmk_r0, PMK_LEN);
114 wpa_hexdump(MSG_DEBUG, "FT: PMKR0Name", pmk_r0_name,
115 WPA_PMK_NAME_LEN);
116 wpa_derive_pmk_r1(pmk_r0, PMK_LEN, pmk_r0_name, bss->r1kh_id,
117 sta->addr, pmk_r1, pmk_r1_name);
118 wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", pmk_r1, PMK_LEN);
119 wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name", pmk_r1_name,
120 WPA_PMK_NAME_LEN);
121 if (wpa_pmk_r1_to_ptk(pmk_r1, PMK_LEN, sta->snonce, sta->anonce,
122 sta->addr,
123 bss->bssid, pmk_r1_name, &ptk, ptk_name,
124 sta->key_mgmt,
125 sta->pairwise_cipher) < 0 ||
126 check_mic(ptk.kck, ptk.kck_len, sta->key_mgmt, ver, data,
127 len) < 0)
128 return -1;
129 } else if (wpa_pmk_to_ptk(pmk->pmk, PMK_LEN,
130 "Pairwise key expansion",
131 bss->bssid, sta->addr, sta->anonce,
132 sta->snonce, &ptk, sta->key_mgmt,
133 sta->pairwise_cipher, NULL, 0) < 0 ||
134 check_mic(ptk.kck, ptk.kck_len, sta->key_mgmt, ver, data,
135 len) < 0) {
136 return -1;
137 }
138
139 wpa_printf(MSG_INFO, "Derived PTK for STA " MACSTR " BSSID " MACSTR,
140 MAC2STR(sta->addr), MAC2STR(bss->bssid));
141 sta->counters[WLANTEST_STA_COUNTER_PTK_LEARNED]++;
142 if (sta->ptk_set) {
143 /*
144 * Rekeying - use new PTK for EAPOL-Key frames, but continue
145 * using the old PTK for frame decryption.
146 */
147 add_note(wt, MSG_DEBUG, "Derived PTK during rekeying");
148 os_memcpy(&sta->tptk, &ptk, sizeof(ptk));
149 wpa_hexdump(MSG_DEBUG, "TPTK:KCK",
150 sta->tptk.kck, sta->tptk.kck_len);
151 wpa_hexdump(MSG_DEBUG, "TPTK:KEK",
152 sta->tptk.kek, sta->tptk.kek_len);
153 wpa_hexdump(MSG_DEBUG, "TPTK:TK",
154 sta->tptk.tk, sta->tptk.tk_len);
155 sta->tptk_set = 1;
156 return 0;
157 }
158 add_note(wt, MSG_DEBUG, "Derived new PTK");
159 os_memcpy(&sta->ptk, &ptk, sizeof(ptk));
160 wpa_hexdump(MSG_DEBUG, "PTK:KCK", sta->ptk.kck, sta->ptk.kck_len);
161 wpa_hexdump(MSG_DEBUG, "PTK:KEK", sta->ptk.kek, sta->ptk.kek_len);
162 wpa_hexdump(MSG_DEBUG, "PTK:TK", sta->ptk.tk, sta->ptk.tk_len);
163 sta->ptk_set = 1;
164 os_memset(sta->rsc_tods, 0, sizeof(sta->rsc_tods));
165 os_memset(sta->rsc_fromds, 0, sizeof(sta->rsc_fromds));
166 return 0;
167 }
168
169
170 static void derive_ptk(struct wlantest *wt, struct wlantest_bss *bss,
171 struct wlantest_sta *sta, u16 ver,
172 const u8 *data, size_t len)
173 {
174 struct wlantest_pmk *pmk;
175
176 wpa_printf(MSG_DEBUG, "Trying to derive PTK for " MACSTR " (ver %u)",
177 MAC2STR(sta->addr), ver);
178 dl_list_for_each(pmk, &bss->pmk, struct wlantest_pmk, list) {
179 wpa_printf(MSG_DEBUG, "Try per-BSS PMK");
180 if (try_pmk(wt, bss, sta, ver, data, len, pmk) == 0)
181 return;
182 }
183
184 dl_list_for_each(pmk, &wt->pmk, struct wlantest_pmk, list) {
185 wpa_printf(MSG_DEBUG, "Try global PMK");
186 if (try_pmk(wt, bss, sta, ver, data, len, pmk) == 0)
187 return;
188 }
189
190 if (!sta->ptk_set) {
191 struct wlantest_ptk *ptk;
192 int prev_level = wpa_debug_level;
193
194 wpa_debug_level = MSG_WARNING;
195 dl_list_for_each(ptk, &wt->ptk, struct wlantest_ptk, list) {
196 if (check_mic(ptk->ptk.kck, ptk->ptk.kck_len,
197 sta->key_mgmt, ver, data, len) < 0)
198 continue;
199 wpa_printf(MSG_INFO, "Pre-set PTK matches for STA "
200 MACSTR " BSSID " MACSTR,
201 MAC2STR(sta->addr), MAC2STR(bss->bssid));
202 add_note(wt, MSG_DEBUG, "Using pre-set PTK");
203 ptk->ptk_len = 32 +
204 wpa_cipher_key_len(sta->pairwise_cipher);
205 os_memcpy(&sta->ptk, &ptk->ptk, sizeof(ptk->ptk));
206 wpa_hexdump(MSG_DEBUG, "PTK:KCK",
207 sta->ptk.kck, sta->ptk.kck_len);
208 wpa_hexdump(MSG_DEBUG, "PTK:KEK",
209 sta->ptk.kek, sta->ptk.kek_len);
210 wpa_hexdump(MSG_DEBUG, "PTK:TK",
211 sta->ptk.tk, sta->ptk.tk_len);
212 sta->ptk_set = 1;
213 os_memset(sta->rsc_tods, 0, sizeof(sta->rsc_tods));
214 os_memset(sta->rsc_fromds, 0, sizeof(sta->rsc_fromds));
215 }
216 wpa_debug_level = prev_level;
217 }
218
219 add_note(wt, MSG_DEBUG, "No matching PMK found to derive PTK");
220 }
221
222
223 static void rx_data_eapol_key_2_of_4(struct wlantest *wt, const u8 *dst,
224 const u8 *src, const u8 *data, size_t len)
225 {
226 struct wlantest_bss *bss;
227 struct wlantest_sta *sta;
228 const struct ieee802_1x_hdr *eapol;
229 const struct wpa_eapol_key *hdr;
230 const u8 *key_data, *kck, *mic;
231 size_t kck_len, mic_len;
232 u16 key_info, key_data_len;
233 struct wpa_eapol_ie_parse ie;
234
235 wpa_printf(MSG_DEBUG, "EAPOL-Key 2/4 " MACSTR " -> " MACSTR,
236 MAC2STR(src), MAC2STR(dst));
237 bss = bss_get(wt, dst);
238 if (bss == NULL)
239 return;
240 sta = sta_get(bss, src);
241 if (sta == NULL)
242 return;
243
244 eapol = (const struct ieee802_1x_hdr *) data;
245 hdr = (const struct wpa_eapol_key *) (eapol + 1);
246 mic_len = wpa_mic_len(sta->key_mgmt, PMK_LEN);
247 mic = (const u8 *) (hdr + 1);
248 if (is_zero(hdr->key_nonce, WPA_NONCE_LEN)) {
249 add_note(wt, MSG_INFO, "EAPOL-Key 2/4 from " MACSTR
250 " used zero nonce", MAC2STR(src));
251 }
252 if (!is_zero(hdr->key_rsc, 8)) {
253 add_note(wt, MSG_INFO, "EAPOL-Key 2/4 from " MACSTR
254 " used non-zero Key RSC", MAC2STR(src));
255 }
256 os_memcpy(sta->snonce, hdr->key_nonce, WPA_NONCE_LEN);
257 key_info = WPA_GET_BE16(hdr->key_info);
258 key_data_len = WPA_GET_BE16(mic + mic_len);
259 derive_ptk(wt, bss, sta, key_info & WPA_KEY_INFO_TYPE_MASK, data, len);
260
261 if (!sta->ptk_set && !sta->tptk_set) {
262 add_note(wt, MSG_DEBUG,
263 "No PTK known to process EAPOL-Key 2/4");
264 return;
265 }
266
267 kck = sta->ptk.kck;
268 kck_len = sta->ptk.kck_len;
269 if (sta->tptk_set) {
270 add_note(wt, MSG_DEBUG,
271 "Use TPTK for validation EAPOL-Key MIC");
272 kck = sta->tptk.kck;
273 kck_len = sta->tptk.kck_len;
274 }
275 if (check_mic(kck, kck_len, sta->key_mgmt,
276 key_info & WPA_KEY_INFO_TYPE_MASK, data, len) < 0) {
277 add_note(wt, MSG_INFO, "Mismatch in EAPOL-Key 2/4 MIC");
278 return;
279 }
280 add_note(wt, MSG_DEBUG, "Valid MIC found in EAPOL-Key 2/4");
281
282 key_data = mic + mic_len + 2;
283
284 if (wpa_supplicant_parse_ies(key_data, key_data_len, &ie) < 0) {
285 add_note(wt, MSG_INFO, "Failed to parse EAPOL-Key Key Data");
286 return;
287 }
288
289 if (ie.wpa_ie) {
290 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - WPA IE",
291 ie.wpa_ie, ie.wpa_ie_len);
292 if (os_memcmp(ie.wpa_ie, sta->rsnie, ie.wpa_ie_len) != 0) {
293 struct ieee802_11_elems elems;
294 add_note(wt, MSG_INFO,
295 "Mismatch in WPA IE between EAPOL-Key 2/4 "
296 "and (Re)Association Request from " MACSTR,
297 MAC2STR(sta->addr));
298 wpa_hexdump(MSG_INFO, "WPA IE in EAPOL-Key",
299 ie.wpa_ie, ie.wpa_ie_len);
300 wpa_hexdump(MSG_INFO, "WPA IE in (Re)Association "
301 "Request",
302 sta->rsnie,
303 sta->rsnie[0] ? 2 + sta->rsnie[1] : 0);
304 /*
305 * The sniffer may have missed (Re)Association
306 * Request, so try to survive with the information from
307 * EAPOL-Key.
308 */
309 os_memset(&elems, 0, sizeof(elems));
310 elems.wpa_ie = ie.wpa_ie + 2;
311 elems.wpa_ie_len = ie.wpa_ie_len - 2;
312 wpa_printf(MSG_DEBUG, "Update STA data based on WPA "
313 "IE in EAPOL-Key 2/4");
314 sta_update_assoc(sta, &elems);
315 }
316 }
317
318 if (ie.rsn_ie) {
319 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - RSN IE",
320 ie.rsn_ie, ie.rsn_ie_len);
321 if (os_memcmp(ie.rsn_ie, sta->rsnie, ie.rsn_ie_len) != 0) {
322 struct ieee802_11_elems elems;
323 add_note(wt, MSG_INFO,
324 "Mismatch in RSN IE between EAPOL-Key 2/4 "
325 "and (Re)Association Request from " MACSTR,
326 MAC2STR(sta->addr));
327 wpa_hexdump(MSG_INFO, "RSN IE in EAPOL-Key",
328 ie.rsn_ie, ie.rsn_ie_len);
329 wpa_hexdump(MSG_INFO, "RSN IE in (Re)Association "
330 "Request",
331 sta->rsnie,
332 sta->rsnie[0] ? 2 + sta->rsnie[1] : 0);
333 /*
334 * The sniffer may have missed (Re)Association
335 * Request, so try to survive with the information from
336 * EAPOL-Key.
337 */
338 os_memset(&elems, 0, sizeof(elems));
339 elems.rsn_ie = ie.rsn_ie + 2;
340 elems.rsn_ie_len = ie.rsn_ie_len - 2;
341 wpa_printf(MSG_DEBUG, "Update STA data based on RSN "
342 "IE in EAPOL-Key 2/4");
343 sta_update_assoc(sta, &elems);
344 }
345 }
346 }
347
348
349 static u8 * decrypt_eapol_key_data_rc4(struct wlantest *wt, const u8 *kek,
350 const struct wpa_eapol_key *hdr,
351 const u8 *keydata, u16 keydatalen,
352 size_t *len)
353 {
354 u8 ek[32], *buf;
355
356 buf = os_memdup(keydata, keydatalen);
357 if (buf == NULL)
358 return NULL;
359
360 os_memcpy(ek, hdr->key_iv, 16);
361 os_memcpy(ek + 16, kek, 16);
362 if (rc4_skip(ek, 32, 256, buf, keydatalen)) {
363 add_note(wt, MSG_INFO, "RC4 failed");
364 os_free(buf);
365 return NULL;
366 }
367
368 *len = keydatalen;
369 return buf;
370 }
371
372
373 static u8 * decrypt_eapol_key_data_aes(struct wlantest *wt, const u8 *kek,
374 const struct wpa_eapol_key *hdr,
375 const u8 *keydata, u16 keydatalen,
376 size_t *len)
377 {
378 u8 *buf;
379
380 if (keydatalen % 8) {
381 add_note(wt, MSG_INFO, "Unsupported AES-WRAP len %d",
382 keydatalen);
383 return NULL;
384 }
385 keydatalen -= 8; /* AES-WRAP adds 8 bytes */
386 buf = os_malloc(keydatalen);
387 if (buf == NULL)
388 return NULL;
389 if (aes_unwrap(kek, 16, keydatalen / 8, keydata, buf)) {
390 os_free(buf);
391 add_note(wt, MSG_INFO,
392 "AES unwrap failed - could not decrypt EAPOL-Key "
393 "key data");
394 return NULL;
395 }
396
397 *len = keydatalen;
398 return buf;
399 }
400
401
402 static u8 * decrypt_eapol_key_data(struct wlantest *wt, int akmp, const u8 *kek,
403 size_t kek_len, u16 ver,
404 const struct wpa_eapol_key *hdr,
405 size_t *len)
406 {
407 size_t mic_len;
408 u16 keydatalen;
409 const u8 *mic, *keydata;
410
411 if (kek_len != 16)
412 return NULL;
413
414 mic = (const u8 *) (hdr + 1);
415 mic_len = wpa_mic_len(akmp, PMK_LEN);
416 keydata = mic + mic_len + 2;
417 keydatalen = WPA_GET_BE16(mic + mic_len);
418
419 switch (ver) {
420 case WPA_KEY_INFO_TYPE_HMAC_MD5_RC4:
421 return decrypt_eapol_key_data_rc4(wt, kek, hdr, keydata,
422 keydatalen, len);
423 case WPA_KEY_INFO_TYPE_HMAC_SHA1_AES:
424 case WPA_KEY_INFO_TYPE_AES_128_CMAC:
425 return decrypt_eapol_key_data_aes(wt, kek, hdr, keydata,
426 keydatalen, len);
427 case WPA_KEY_INFO_TYPE_AKM_DEFINED:
428 /* For now, assume this is OSEN */
429 return decrypt_eapol_key_data_aes(wt, kek, hdr, keydata,
430 keydatalen, len);
431 default:
432 add_note(wt, MSG_INFO,
433 "Unsupported EAPOL-Key Key Descriptor Version %u",
434 ver);
435 return NULL;
436 }
437 }
438
439
440 static void learn_kde_keys(struct wlantest *wt, struct wlantest_bss *bss,
441 struct wlantest_sta *sta,
442 const u8 *buf, size_t len, const u8 *rsc)
443 {
444 struct wpa_eapol_ie_parse ie;
445
446 if (wpa_supplicant_parse_ies(buf, len, &ie) < 0) {
447 add_note(wt, MSG_INFO, "Failed to parse EAPOL-Key Key Data");
448 return;
449 }
450
451 if (ie.wpa_ie) {
452 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - WPA IE",
453 ie.wpa_ie, ie.wpa_ie_len);
454 }
455
456 if (ie.rsn_ie) {
457 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - RSN IE",
458 ie.rsn_ie, ie.rsn_ie_len);
459 }
460
461 if (ie.gtk) {
462 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - GTK KDE",
463 ie.gtk, ie.gtk_len);
464 if (ie.gtk_len >= 2 && ie.gtk_len <= 2 + 32) {
465 int id;
466 id = ie.gtk[0] & 0x03;
467 add_note(wt, MSG_DEBUG, "GTK KeyID=%u tx=%u",
468 id, !!(ie.gtk[0] & 0x04));
469 if ((ie.gtk[0] & 0xf8) || ie.gtk[1]) {
470 add_note(wt, MSG_INFO,
471 "GTK KDE: Reserved field set: "
472 "%02x %02x", ie.gtk[0], ie.gtk[1]);
473 }
474 wpa_hexdump(MSG_DEBUG, "GTK", ie.gtk + 2,
475 ie.gtk_len - 2);
476 bss->gtk_len[id] = ie.gtk_len - 2;
477 sta->gtk_len = ie.gtk_len - 2;
478 os_memcpy(bss->gtk[id], ie.gtk + 2, ie.gtk_len - 2);
479 os_memcpy(sta->gtk, ie.gtk + 2, ie.gtk_len - 2);
480 bss->rsc[id][0] = rsc[5];
481 bss->rsc[id][1] = rsc[4];
482 bss->rsc[id][2] = rsc[3];
483 bss->rsc[id][3] = rsc[2];
484 bss->rsc[id][4] = rsc[1];
485 bss->rsc[id][5] = rsc[0];
486 bss->gtk_idx = id;
487 sta->gtk_idx = id;
488 wpa_hexdump(MSG_DEBUG, "RSC", bss->rsc[id], 6);
489 } else {
490 add_note(wt, MSG_INFO, "Invalid GTK KDE length %u",
491 (unsigned) ie.gtk_len);
492 }
493 }
494
495 if (ie.igtk) {
496 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - IGTK KDE",
497 ie.igtk, ie.igtk_len);
498 if (ie.igtk_len == 24) {
499 u16 id;
500 id = WPA_GET_LE16(ie.igtk);
501 if (id > 5) {
502 add_note(wt, MSG_INFO,
503 "Unexpected IGTK KeyID %u", id);
504 } else {
505 const u8 *ipn;
506 add_note(wt, MSG_DEBUG, "IGTK KeyID %u", id);
507 wpa_hexdump(MSG_DEBUG, "IPN", ie.igtk + 2, 6);
508 wpa_hexdump(MSG_DEBUG, "IGTK", ie.igtk + 8,
509 16);
510 os_memcpy(bss->igtk[id], ie.igtk + 8, 16);
511 bss->igtk_len[id] = 16;
512 ipn = ie.igtk + 2;
513 bss->ipn[id][0] = ipn[5];
514 bss->ipn[id][1] = ipn[4];
515 bss->ipn[id][2] = ipn[3];
516 bss->ipn[id][3] = ipn[2];
517 bss->ipn[id][4] = ipn[1];
518 bss->ipn[id][5] = ipn[0];
519 bss->igtk_idx = id;
520 }
521 } else if (ie.igtk_len == 40) {
522 u16 id;
523 id = WPA_GET_LE16(ie.igtk);
524 if (id > 5) {
525 add_note(wt, MSG_INFO,
526 "Unexpected IGTK KeyID %u", id);
527 } else {
528 const u8 *ipn;
529 add_note(wt, MSG_DEBUG, "IGTK KeyID %u", id);
530 wpa_hexdump(MSG_DEBUG, "IPN", ie.igtk + 2, 6);
531 wpa_hexdump(MSG_DEBUG, "IGTK", ie.igtk + 8,
532 32);
533 os_memcpy(bss->igtk[id], ie.igtk + 8, 32);
534 bss->igtk_len[id] = 32;
535 ipn = ie.igtk + 2;
536 bss->ipn[id][0] = ipn[5];
537 bss->ipn[id][1] = ipn[4];
538 bss->ipn[id][2] = ipn[3];
539 bss->ipn[id][3] = ipn[2];
540 bss->ipn[id][4] = ipn[1];
541 bss->ipn[id][5] = ipn[0];
542 bss->igtk_idx = id;
543 }
544 } else {
545 add_note(wt, MSG_INFO, "Invalid IGTK KDE length %u",
546 (unsigned) ie.igtk_len);
547 }
548 }
549 }
550
551
552 static void rx_data_eapol_key_3_of_4(struct wlantest *wt, const u8 *dst,
553 const u8 *src, const u8 *data, size_t len)
554 {
555 struct wlantest_bss *bss;
556 struct wlantest_sta *sta;
557 const struct ieee802_1x_hdr *eapol;
558 const struct wpa_eapol_key *hdr;
559 const u8 *key_data, *kck, *kek, *mic;
560 size_t kck_len, kek_len, mic_len;
561 int recalc = 0;
562 u16 key_info, ver;
563 u8 *decrypted_buf = NULL;
564 const u8 *decrypted;
565 size_t decrypted_len = 0;
566 struct wpa_eapol_ie_parse ie;
567
568 wpa_printf(MSG_DEBUG, "EAPOL-Key 3/4 " MACSTR " -> " MACSTR,
569 MAC2STR(src), MAC2STR(dst));
570 bss = bss_get(wt, src);
571 if (bss == NULL)
572 return;
573 sta = sta_get(bss, dst);
574 if (sta == NULL)
575 return;
576 mic_len = wpa_mic_len(sta->key_mgmt, PMK_LEN);
577
578 eapol = (const struct ieee802_1x_hdr *) data;
579 hdr = (const struct wpa_eapol_key *) (eapol + 1);
580 mic = (const u8 *) (hdr + 1);
581 key_info = WPA_GET_BE16(hdr->key_info);
582
583 if (os_memcmp(sta->anonce, hdr->key_nonce, WPA_NONCE_LEN) != 0) {
584 add_note(wt, MSG_INFO,
585 "EAPOL-Key ANonce mismatch between 1/4 and 3/4");
586 recalc = 1;
587 }
588 os_memcpy(sta->anonce, hdr->key_nonce, WPA_NONCE_LEN);
589 if (recalc) {
590 derive_ptk(wt, bss, sta, key_info & WPA_KEY_INFO_TYPE_MASK,
591 data, len);
592 }
593
594 if (!sta->ptk_set && !sta->tptk_set) {
595 add_note(wt, MSG_DEBUG,
596 "No PTK known to process EAPOL-Key 3/4");
597 return;
598 }
599
600 kek = sta->ptk.kek;
601 kek_len = sta->ptk.kek_len;
602 kck = sta->ptk.kck;
603 kck_len = sta->ptk.kck_len;
604 if (sta->tptk_set) {
605 add_note(wt, MSG_DEBUG,
606 "Use TPTK for validation EAPOL-Key MIC");
607 kck = sta->tptk.kck;
608 kck_len = sta->tptk.kck_len;
609 kek = sta->tptk.kek;
610 kek_len = sta->tptk.kek_len;
611 }
612 if (check_mic(kck, kck_len, sta->key_mgmt,
613 key_info & WPA_KEY_INFO_TYPE_MASK, data, len) < 0) {
614 add_note(wt, MSG_INFO, "Mismatch in EAPOL-Key 3/4 MIC");
615 return;
616 }
617 add_note(wt, MSG_DEBUG, "Valid MIC found in EAPOL-Key 3/4");
618
619 key_data = mic + mic_len + 2;
620 if (!(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) {
621 if (sta->proto & WPA_PROTO_RSN)
622 add_note(wt, MSG_INFO,
623 "EAPOL-Key 3/4 without EncrKeyData bit");
624 decrypted = key_data;
625 decrypted_len = WPA_GET_BE16(mic + mic_len);
626 } else {
627 ver = key_info & WPA_KEY_INFO_TYPE_MASK;
628 decrypted_buf = decrypt_eapol_key_data(wt, sta->key_mgmt,
629 kek, kek_len, ver,
630 hdr, &decrypted_len);
631 if (decrypted_buf == NULL) {
632 add_note(wt, MSG_INFO,
633 "Failed to decrypt EAPOL-Key Key Data");
634 return;
635 }
636 decrypted = decrypted_buf;
637 wpa_hexdump(MSG_DEBUG, "Decrypted EAPOL-Key Key Data",
638 decrypted, decrypted_len);
639 }
640 if ((wt->write_pcap_dumper || wt->pcapng) && decrypted != key_data) {
641 /* Fill in a dummy Data frame header */
642 u8 buf[24 + 8 + sizeof(*eapol) + sizeof(*hdr) + 64];
643 struct ieee80211_hdr *h;
644 struct wpa_eapol_key *k;
645 const u8 *p;
646 u8 *pos;
647 size_t plain_len;
648
649 plain_len = decrypted_len;
650 p = decrypted;
651 while (p + 1 < decrypted + decrypted_len) {
652 if (p[0] == 0xdd && p[1] == 0x00) {
653 /* Remove padding */
654 plain_len = p - decrypted;
655 p = NULL;
656 break;
657 }
658 p += 2 + p[1];
659 }
660 if (p && p > decrypted && *p == 0xdd &&
661 p + 1 == decrypted + decrypted_len) {
662 /* Remove padding */
663 p--;
664 plain_len = p - decrypted;
665 }
666
667 os_memset(buf, 0, sizeof(buf));
668 h = (struct ieee80211_hdr *) buf;
669 h->frame_control = host_to_le16(0x0208);
670 os_memcpy(h->addr1, dst, ETH_ALEN);
671 os_memcpy(h->addr2, src, ETH_ALEN);
672 os_memcpy(h->addr3, src, ETH_ALEN);
673 pos = (u8 *) (h + 1);
674 os_memcpy(pos, "\xaa\xaa\x03\x00\x00\x00\x88\x8e", 8);
675 pos += 8;
676 os_memcpy(pos, eapol, sizeof(*eapol));
677 pos += sizeof(*eapol);
678 os_memcpy(pos, hdr, sizeof(*hdr) + mic_len);
679 k = (struct wpa_eapol_key *) pos;
680 pos += sizeof(struct wpa_eapol_key) + mic_len;
681 WPA_PUT_BE16(k->key_info,
682 key_info & ~WPA_KEY_INFO_ENCR_KEY_DATA);
683 WPA_PUT_BE16(pos, plain_len);
684 write_pcap_decrypted(wt, buf, 24 + 8 + sizeof(*eapol) +
685 sizeof(*hdr) + mic_len + 2,
686 decrypted, plain_len);
687 }
688
689 if (wpa_supplicant_parse_ies(decrypted, decrypted_len, &ie) < 0) {
690 add_note(wt, MSG_INFO, "Failed to parse EAPOL-Key Key Data");
691 os_free(decrypted_buf);
692 return;
693 }
694
695 if ((ie.wpa_ie &&
696 os_memcmp(ie.wpa_ie, bss->wpaie, ie.wpa_ie_len) != 0) ||
697 (ie.wpa_ie == NULL && bss->wpaie[0])) {
698 add_note(wt, MSG_INFO,
699 "Mismatch in WPA IE between EAPOL-Key 3/4 and "
700 "Beacon/Probe Response from " MACSTR,
701 MAC2STR(bss->bssid));
702 wpa_hexdump(MSG_INFO, "WPA IE in EAPOL-Key",
703 ie.wpa_ie, ie.wpa_ie_len);
704 wpa_hexdump(MSG_INFO, "WPA IE in Beacon/Probe "
705 "Response",
706 bss->wpaie,
707 bss->wpaie[0] ? 2 + bss->wpaie[1] : 0);
708 }
709
710 if ((ie.rsn_ie &&
711 os_memcmp(ie.rsn_ie, bss->rsnie, ie.rsn_ie_len) != 0) ||
712 (ie.rsn_ie == NULL && bss->rsnie[0])) {
713 add_note(wt, MSG_INFO, "Mismatch in RSN IE between EAPOL-Key "
714 "3/4 and Beacon/Probe Response from " MACSTR,
715 MAC2STR(bss->bssid));
716 wpa_hexdump(MSG_INFO, "RSN IE in EAPOL-Key",
717 ie.rsn_ie, ie.rsn_ie_len);
718 wpa_hexdump(MSG_INFO, "RSN IE in Beacon/Probe Response",
719 bss->rsnie,
720 bss->rsnie[0] ? 2 + bss->rsnie[1] : 0);
721 }
722
723 learn_kde_keys(wt, bss, sta, decrypted, decrypted_len, hdr->key_rsc);
724 os_free(decrypted_buf);
725 }
726
727
728 static void rx_data_eapol_key_4_of_4(struct wlantest *wt, const u8 *dst,
729 const u8 *src, const u8 *data, size_t len)
730 {
731 struct wlantest_bss *bss;
732 struct wlantest_sta *sta;
733 const struct ieee802_1x_hdr *eapol;
734 const struct wpa_eapol_key *hdr;
735 u16 key_info;
736 const u8 *kck;
737 size_t kck_len;
738
739 wpa_printf(MSG_DEBUG, "EAPOL-Key 4/4 " MACSTR " -> " MACSTR,
740 MAC2STR(src), MAC2STR(dst));
741 bss = bss_get(wt, dst);
742 if (bss == NULL)
743 return;
744 sta = sta_get(bss, src);
745 if (sta == NULL)
746 return;
747
748 eapol = (const struct ieee802_1x_hdr *) data;
749 hdr = (const struct wpa_eapol_key *) (eapol + 1);
750 if (!is_zero(hdr->key_rsc, 8)) {
751 add_note(wt, MSG_INFO, "EAPOL-Key 4/4 from " MACSTR " used "
752 "non-zero Key RSC", MAC2STR(src));
753 }
754 key_info = WPA_GET_BE16(hdr->key_info);
755
756 if (!sta->ptk_set && !sta->tptk_set) {
757 add_note(wt, MSG_DEBUG,
758 "No PTK known to process EAPOL-Key 4/4");
759 return;
760 }
761
762 kck = sta->ptk.kck;
763 kck_len = sta->ptk.kck_len;
764 if (sta->tptk_set) {
765 add_note(wt, MSG_DEBUG,
766 "Use TPTK for validation EAPOL-Key MIC");
767 kck = sta->tptk.kck;
768 kck_len = sta->tptk.kck_len;
769 }
770 if (check_mic(kck, kck_len, sta->key_mgmt,
771 key_info & WPA_KEY_INFO_TYPE_MASK, data, len) < 0) {
772 add_note(wt, MSG_INFO, "Mismatch in EAPOL-Key 4/4 MIC");
773 return;
774 }
775 add_note(wt, MSG_DEBUG, "Valid MIC found in EAPOL-Key 4/4");
776 if (sta->tptk_set) {
777 add_note(wt, MSG_DEBUG, "Update PTK (rekeying)");
778 os_memcpy(&sta->ptk, &sta->tptk, sizeof(sta->ptk));
779 sta->ptk_set = 1;
780 sta->tptk_set = 0;
781 os_memset(sta->rsc_tods, 0, sizeof(sta->rsc_tods));
782 os_memset(sta->rsc_fromds, 0, sizeof(sta->rsc_fromds));
783 }
784 }
785
786
787 static void rx_data_eapol_key_1_of_2(struct wlantest *wt, const u8 *dst,
788 const u8 *src, const u8 *data, size_t len)
789 {
790 struct wlantest_bss *bss;
791 struct wlantest_sta *sta;
792 const struct ieee802_1x_hdr *eapol;
793 const struct wpa_eapol_key *hdr;
794 u16 key_info, ver;
795 u8 *decrypted;
796 size_t decrypted_len = 0;
797 size_t mic_len;
798
799 wpa_printf(MSG_DEBUG, "EAPOL-Key 1/2 " MACSTR " -> " MACSTR,
800 MAC2STR(src), MAC2STR(dst));
801 bss = bss_get(wt, src);
802 if (bss == NULL)
803 return;
804 sta = sta_get(bss, dst);
805 if (sta == NULL)
806 return;
807 mic_len = wpa_mic_len(sta->key_mgmt, PMK_LEN);
808
809 eapol = (const struct ieee802_1x_hdr *) data;
810 hdr = (const struct wpa_eapol_key *) (eapol + 1);
811 key_info = WPA_GET_BE16(hdr->key_info);
812
813 if (!sta->ptk_set) {
814 add_note(wt, MSG_DEBUG,
815 "No PTK known to process EAPOL-Key 1/2");
816 return;
817 }
818
819 if (sta->ptk_set &&
820 check_mic(sta->ptk.kck, sta->ptk.kck_len, sta->key_mgmt,
821 key_info & WPA_KEY_INFO_TYPE_MASK,
822 data, len) < 0) {
823 add_note(wt, MSG_INFO, "Mismatch in EAPOL-Key 1/2 MIC");
824 return;
825 }
826 add_note(wt, MSG_DEBUG, "Valid MIC found in EAPOL-Key 1/2");
827
828 if (sta->proto & WPA_PROTO_RSN &&
829 !(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) {
830 add_note(wt, MSG_INFO, "EAPOL-Key 1/2 without EncrKeyData bit");
831 return;
832 }
833 ver = key_info & WPA_KEY_INFO_TYPE_MASK;
834 decrypted = decrypt_eapol_key_data(wt, sta->key_mgmt,
835 sta->ptk.kek, sta->ptk.kek_len,
836 ver, hdr, &decrypted_len);
837 if (decrypted == NULL) {
838 add_note(wt, MSG_INFO, "Failed to decrypt EAPOL-Key Key Data");
839 return;
840 }
841 wpa_hexdump(MSG_DEBUG, "Decrypted EAPOL-Key Key Data",
842 decrypted, decrypted_len);
843 if (wt->write_pcap_dumper || wt->pcapng) {
844 /* Fill in a dummy Data frame header */
845 u8 buf[24 + 8 + sizeof(*eapol) + sizeof(*hdr) + 64];
846 struct ieee80211_hdr *h;
847 struct wpa_eapol_key *k;
848 u8 *pos;
849 size_t plain_len;
850
851 plain_len = decrypted_len;
852 pos = decrypted;
853 while (pos + 1 < decrypted + decrypted_len) {
854 if (pos[0] == 0xdd && pos[1] == 0x00) {
855 /* Remove padding */
856 plain_len = pos - decrypted;
857 break;
858 }
859 pos += 2 + pos[1];
860 }
861
862 os_memset(buf, 0, sizeof(buf));
863 h = (struct ieee80211_hdr *) buf;
864 h->frame_control = host_to_le16(0x0208);
865 os_memcpy(h->addr1, dst, ETH_ALEN);
866 os_memcpy(h->addr2, src, ETH_ALEN);
867 os_memcpy(h->addr3, src, ETH_ALEN);
868 pos = (u8 *) (h + 1);
869 os_memcpy(pos, "\xaa\xaa\x03\x00\x00\x00\x88\x8e", 8);
870 pos += 8;
871 os_memcpy(pos, eapol, sizeof(*eapol));
872 pos += sizeof(*eapol);
873 os_memcpy(pos, hdr, sizeof(*hdr) + mic_len);
874 k = (struct wpa_eapol_key *) pos;
875 pos += sizeof(struct wpa_eapol_key) + mic_len;
876 WPA_PUT_BE16(k->key_info,
877 key_info & ~WPA_KEY_INFO_ENCR_KEY_DATA);
878 WPA_PUT_BE16(pos, plain_len);
879 write_pcap_decrypted(wt, buf, 24 + 8 + sizeof(*eapol) +
880 sizeof(*hdr) + mic_len + 2,
881 decrypted, plain_len);
882 }
883 if (sta->proto & WPA_PROTO_RSN)
884 learn_kde_keys(wt, bss, sta, decrypted, decrypted_len,
885 hdr->key_rsc);
886 else {
887 int klen = bss->group_cipher == WPA_CIPHER_TKIP ? 32 : 16;
888 if (decrypted_len == klen) {
889 const u8 *rsc = hdr->key_rsc;
890 int id;
891 id = (key_info & WPA_KEY_INFO_KEY_INDEX_MASK) >>
892 WPA_KEY_INFO_KEY_INDEX_SHIFT;
893 add_note(wt, MSG_DEBUG, "GTK key index %d", id);
894 wpa_hexdump(MSG_DEBUG, "GTK", decrypted,
895 decrypted_len);
896 bss->gtk_len[id] = decrypted_len;
897 os_memcpy(bss->gtk[id], decrypted, decrypted_len);
898 bss->rsc[id][0] = rsc[5];
899 bss->rsc[id][1] = rsc[4];
900 bss->rsc[id][2] = rsc[3];
901 bss->rsc[id][3] = rsc[2];
902 bss->rsc[id][4] = rsc[1];
903 bss->rsc[id][5] = rsc[0];
904 wpa_hexdump(MSG_DEBUG, "RSC", bss->rsc[id], 6);
905 } else {
906 add_note(wt, MSG_INFO, "Unexpected WPA Key Data length "
907 "in Group Key msg 1/2 from " MACSTR,
908 MAC2STR(src));
909 }
910 }
911 os_free(decrypted);
912 }
913
914
915 static void rx_data_eapol_key_2_of_2(struct wlantest *wt, const u8 *dst,
916 const u8 *src, const u8 *data, size_t len)
917 {
918 struct wlantest_bss *bss;
919 struct wlantest_sta *sta;
920 const struct ieee802_1x_hdr *eapol;
921 const struct wpa_eapol_key *hdr;
922 u16 key_info;
923
924 wpa_printf(MSG_DEBUG, "EAPOL-Key 2/2 " MACSTR " -> " MACSTR,
925 MAC2STR(src), MAC2STR(dst));
926 bss = bss_get(wt, dst);
927 if (bss == NULL)
928 return;
929 sta = sta_get(bss, src);
930 if (sta == NULL)
931 return;
932
933 eapol = (const struct ieee802_1x_hdr *) data;
934 hdr = (const struct wpa_eapol_key *) (eapol + 1);
935 if (!is_zero(hdr->key_rsc, 8)) {
936 add_note(wt, MSG_INFO, "EAPOL-Key 2/2 from " MACSTR " used "
937 "non-zero Key RSC", MAC2STR(src));
938 }
939 key_info = WPA_GET_BE16(hdr->key_info);
940
941 if (!sta->ptk_set) {
942 add_note(wt, MSG_DEBUG,
943 "No PTK known to process EAPOL-Key 2/2");
944 return;
945 }
946
947 if (sta->ptk_set &&
948 check_mic(sta->ptk.kck, sta->ptk.kck_len, sta->key_mgmt,
949 key_info & WPA_KEY_INFO_TYPE_MASK,
950 data, len) < 0) {
951 add_note(wt, MSG_INFO, "Mismatch in EAPOL-Key 2/2 MIC");
952 return;
953 }
954 add_note(wt, MSG_DEBUG, "Valid MIC found in EAPOL-Key 2/2");
955 }
956
957
958 static void rx_data_eapol_key(struct wlantest *wt, const u8 *bssid,
959 const u8 *sta_addr, const u8 *dst,
960 const u8 *src, const u8 *data, size_t len,
961 int prot)
962 {
963 const struct ieee802_1x_hdr *eapol;
964 const struct wpa_eapol_key *hdr;
965 const u8 *key_data;
966 u16 key_info, key_length, ver, key_data_length;
967 size_t mic_len = 16;
968 const u8 *mic;
969 struct wlantest_bss *bss;
970 struct wlantest_sta *sta;
971
972 bss = bss_get(wt, bssid);
973 if (bss) {
974 sta = sta_get(bss, sta_addr);
975 if (sta)
976 mic_len = wpa_mic_len(sta->key_mgmt, PMK_LEN);
977 }
978
979 eapol = (const struct ieee802_1x_hdr *) data;
980 hdr = (const struct wpa_eapol_key *) (eapol + 1);
981
982 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key",
983 (const u8 *) hdr, len - sizeof(*eapol));
984 if (len < sizeof(*hdr) + mic_len + 2) {
985 add_note(wt, MSG_INFO, "Too short EAPOL-Key frame from " MACSTR,
986 MAC2STR(src));
987 return;
988 }
989 mic = (const u8 *) (hdr + 1);
990
991 if (hdr->type == EAPOL_KEY_TYPE_RC4) {
992 /* TODO: EAPOL-Key RC4 for WEP */
993 wpa_printf(MSG_INFO, "EAPOL-Key Descriptor Type RC4 from "
994 MACSTR, MAC2STR(src));
995 return;
996 }
997
998 if (hdr->type != EAPOL_KEY_TYPE_RSN &&
999 hdr->type != EAPOL_KEY_TYPE_WPA) {
1000 wpa_printf(MSG_INFO, "Unsupported EAPOL-Key Descriptor Type "
1001 "%u from " MACSTR, hdr->type, MAC2STR(src));
1002 return;
1003 }
1004
1005 key_info = WPA_GET_BE16(hdr->key_info);
1006 key_length = WPA_GET_BE16(hdr->key_length);
1007 key_data_length = WPA_GET_BE16(mic + mic_len);
1008 key_data = mic + mic_len + 2;
1009 if (key_data + key_data_length > data + len) {
1010 add_note(wt, MSG_INFO, "Truncated EAPOL-Key from " MACSTR,
1011 MAC2STR(src));
1012 return;
1013 }
1014 if (key_data + key_data_length < data + len) {
1015 wpa_hexdump(MSG_DEBUG, "Extra data after EAPOL-Key Key Data "
1016 "field", key_data + key_data_length,
1017 data + len - key_data - key_data_length);
1018 }
1019
1020
1021 ver = key_info & WPA_KEY_INFO_TYPE_MASK;
1022 wpa_printf(MSG_DEBUG, "EAPOL-Key ver=%u %c idx=%u%s%s%s%s%s%s%s%s "
1023 "datalen=%u",
1024 ver, key_info & WPA_KEY_INFO_KEY_TYPE ? 'P' : 'G',
1025 (key_info & WPA_KEY_INFO_KEY_INDEX_MASK) >>
1026 WPA_KEY_INFO_KEY_INDEX_SHIFT,
1027 (key_info & WPA_KEY_INFO_INSTALL) ? " Install" : "",
1028 (key_info & WPA_KEY_INFO_ACK) ? " ACK" : "",
1029 (key_info & WPA_KEY_INFO_MIC) ? " MIC" : "",
1030 (key_info & WPA_KEY_INFO_SECURE) ? " Secure" : "",
1031 (key_info & WPA_KEY_INFO_ERROR) ? " Error" : "",
1032 (key_info & WPA_KEY_INFO_REQUEST) ? " Request" : "",
1033 (key_info & WPA_KEY_INFO_ENCR_KEY_DATA) ? " Encr" : "",
1034 (key_info & WPA_KEY_INFO_SMK_MESSAGE) ? " SMK" : "",
1035 key_data_length);
1036
1037 if (ver != WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 &&
1038 ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES &&
1039 ver != WPA_KEY_INFO_TYPE_AES_128_CMAC &&
1040 ver != WPA_KEY_INFO_TYPE_AKM_DEFINED) {
1041 wpa_printf(MSG_INFO, "Unsupported EAPOL-Key Key Descriptor "
1042 "Version %u from " MACSTR, ver, MAC2STR(src));
1043 return;
1044 }
1045
1046 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Replay Counter",
1047 hdr->replay_counter, WPA_REPLAY_COUNTER_LEN);
1048 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Nonce",
1049 hdr->key_nonce, WPA_NONCE_LEN);
1050 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key IV",
1051 hdr->key_iv, 16);
1052 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key RSC",
1053 hdr->key_rsc, WPA_KEY_RSC_LEN);
1054 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key MIC",
1055 mic, mic_len);
1056 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data",
1057 key_data, key_data_length);
1058
1059 if (hdr->type == EAPOL_KEY_TYPE_RSN &&
1060 (key_info & (WPA_KEY_INFO_KEY_INDEX_MASK | BIT(14) | BIT(15))) !=
1061 0) {
1062 wpa_printf(MSG_INFO, "RSN EAPOL-Key with non-zero reserved "
1063 "Key Info bits 0x%x from " MACSTR,
1064 key_info, MAC2STR(src));
1065 }
1066
1067 if (hdr->type == EAPOL_KEY_TYPE_WPA &&
1068 (key_info & (WPA_KEY_INFO_ENCR_KEY_DATA |
1069 WPA_KEY_INFO_SMK_MESSAGE |BIT(14) | BIT(15))) != 0) {
1070 wpa_printf(MSG_INFO, "WPA EAPOL-Key with non-zero reserved "
1071 "Key Info bits 0x%x from " MACSTR,
1072 key_info, MAC2STR(src));
1073 }
1074
1075 if (key_length > 32) {
1076 wpa_printf(MSG_INFO, "EAPOL-Key with invalid Key Length %d "
1077 "from " MACSTR, key_length, MAC2STR(src));
1078 }
1079
1080 if (ver != WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 &&
1081 !is_zero(hdr->key_iv, 16)) {
1082 wpa_printf(MSG_INFO, "EAPOL-Key with non-zero Key IV "
1083 "(reserved with ver=%d) field from " MACSTR,
1084 ver, MAC2STR(src));
1085 wpa_hexdump(MSG_INFO, "EAPOL-Key Key IV (reserved)",
1086 hdr->key_iv, 16);
1087 }
1088
1089 if (!is_zero(hdr->key_id, 8)) {
1090 wpa_printf(MSG_INFO, "EAPOL-Key with non-zero Key ID "
1091 "(reserved) field from " MACSTR, MAC2STR(src));
1092 wpa_hexdump(MSG_INFO, "EAPOL-Key Key ID (reserved)",
1093 hdr->key_id, 8);
1094 }
1095
1096 if (hdr->key_rsc[6] || hdr->key_rsc[7]) {
1097 wpa_printf(MSG_INFO, "EAPOL-Key with non-zero Key RSC octets "
1098 "(last two are unused)" MACSTR, MAC2STR(src));
1099 }
1100
1101 if (key_info & (WPA_KEY_INFO_ERROR | WPA_KEY_INFO_REQUEST))
1102 return;
1103
1104 if (key_info & WPA_KEY_INFO_SMK_MESSAGE)
1105 return;
1106
1107 if (key_info & WPA_KEY_INFO_KEY_TYPE) {
1108 /* 4-Way Handshake */
1109 switch (key_info & (WPA_KEY_INFO_SECURE |
1110 WPA_KEY_INFO_MIC |
1111 WPA_KEY_INFO_ACK |
1112 WPA_KEY_INFO_INSTALL)) {
1113 case WPA_KEY_INFO_ACK:
1114 rx_data_eapol_key_1_of_4(wt, dst, src, data, len);
1115 break;
1116 case WPA_KEY_INFO_MIC:
1117 if (key_data_length == 0)
1118 rx_data_eapol_key_4_of_4(wt, dst, src, data,
1119 len);
1120 else
1121 rx_data_eapol_key_2_of_4(wt, dst, src, data,
1122 len);
1123 break;
1124 case WPA_KEY_INFO_MIC | WPA_KEY_INFO_ACK |
1125 WPA_KEY_INFO_INSTALL:
1126 /* WPA does not include Secure bit in 3/4 */
1127 rx_data_eapol_key_3_of_4(wt, dst, src, data, len);
1128 break;
1129 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC |
1130 WPA_KEY_INFO_ACK | WPA_KEY_INFO_INSTALL:
1131 case WPA_KEY_INFO_SECURE |
1132 WPA_KEY_INFO_ACK | WPA_KEY_INFO_INSTALL:
1133 rx_data_eapol_key_3_of_4(wt, dst, src, data, len);
1134 break;
1135 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC:
1136 case WPA_KEY_INFO_SECURE:
1137 if (key_data_length == 0)
1138 rx_data_eapol_key_4_of_4(wt, dst, src, data,
1139 len);
1140 else
1141 rx_data_eapol_key_2_of_4(wt, dst, src, data,
1142 len);
1143 break;
1144 default:
1145 wpa_printf(MSG_DEBUG, "Unsupported EAPOL-Key frame");
1146 break;
1147 }
1148 } else {
1149 /* Group Key Handshake */
1150 switch (key_info & (WPA_KEY_INFO_SECURE |
1151 WPA_KEY_INFO_MIC |
1152 WPA_KEY_INFO_ACK)) {
1153 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC |
1154 WPA_KEY_INFO_ACK:
1155 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_ACK:
1156 rx_data_eapol_key_1_of_2(wt, dst, src, data, len);
1157 break;
1158 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC:
1159 case WPA_KEY_INFO_SECURE:
1160 rx_data_eapol_key_2_of_2(wt, dst, src, data, len);
1161 break;
1162 default:
1163 wpa_printf(MSG_DEBUG, "Unsupported EAPOL-Key frame");
1164 break;
1165 }
1166 }
1167 }
1168
1169
1170 void rx_data_eapol(struct wlantest *wt, const u8 *bssid, const u8 *sta_addr,
1171 const u8 *dst, const u8 *src,
1172 const u8 *data, size_t len, int prot)
1173 {
1174 const struct ieee802_1x_hdr *hdr;
1175 u16 length;
1176 const u8 *p;
1177
1178 wpa_hexdump(MSG_EXCESSIVE, "EAPOL", data, len);
1179 if (len < sizeof(*hdr)) {
1180 wpa_printf(MSG_INFO, "Too short EAPOL frame from " MACSTR,
1181 MAC2STR(src));
1182 return;
1183 }
1184
1185 hdr = (const struct ieee802_1x_hdr *) data;
1186 length = be_to_host16(hdr->length);
1187 wpa_printf(MSG_DEBUG, "RX EAPOL: " MACSTR " -> " MACSTR "%s ver=%u "
1188 "type=%u len=%u",
1189 MAC2STR(src), MAC2STR(dst), prot ? " Prot" : "",
1190 hdr->version, hdr->type, length);
1191 if (hdr->version < 1 || hdr->version > 3) {
1192 wpa_printf(MSG_INFO, "Unexpected EAPOL version %u from "
1193 MACSTR, hdr->version, MAC2STR(src));
1194 }
1195 if (sizeof(*hdr) + length > len) {
1196 wpa_printf(MSG_INFO, "Truncated EAPOL frame from " MACSTR,
1197 MAC2STR(src));
1198 return;
1199 }
1200
1201 if (sizeof(*hdr) + length < len) {
1202 wpa_printf(MSG_INFO, "EAPOL frame with %d extra bytes",
1203 (int) (len - sizeof(*hdr) - length));
1204 }
1205 p = (const u8 *) (hdr + 1);
1206
1207 switch (hdr->type) {
1208 case IEEE802_1X_TYPE_EAP_PACKET:
1209 wpa_hexdump(MSG_MSGDUMP, "EAPOL - EAP packet", p, length);
1210 break;
1211 case IEEE802_1X_TYPE_EAPOL_START:
1212 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Start", p, length);
1213 break;
1214 case IEEE802_1X_TYPE_EAPOL_LOGOFF:
1215 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Logoff", p, length);
1216 break;
1217 case IEEE802_1X_TYPE_EAPOL_KEY:
1218 rx_data_eapol_key(wt, bssid, sta_addr, dst, src, data,
1219 sizeof(*hdr) + length, prot);
1220 break;
1221 case IEEE802_1X_TYPE_EAPOL_ENCAPSULATED_ASF_ALERT:
1222 wpa_hexdump(MSG_MSGDUMP, "EAPOL - Encapsulated ASF alert",
1223 p, length);
1224 break;
1225 default:
1226 wpa_hexdump(MSG_MSGDUMP, "Unknown EAPOL payload", p, length);
1227 break;
1228 }
1229 }
Unnamed repository; edit this file 'description' to name the repository.