wlantest: MLD MAC Address in CCMP/GCMP AAD/nonce

author Jouni Malinen <quic_jouni@quicinc.com>

Mon, 5 Sep 2022 20:08:43 +0000 (23:08 +0300)

committer Jouni Malinen <j@w1.fi>

Mon, 5 Sep 2022 20:08:43 +0000 (23:08 +0300)
author Jouni Malinen <quic_jouni@quicinc.com>
Mon, 5 Sep 2022 20:08:43 +0000 (23:08 +0300)
committer Jouni Malinen <j@w1.fi>
Mon, 5 Sep 2022 20:08:43 +0000 (23:08 +0300)
diff --git a/wlantest/ccmp.c b/wlantest/ccmp.c

index 5d393d43dd24652f8abef7ac1acbaee97c09a142..265de18df94fbcd6a3cd1202269d2bf4da16a1f3 100644 (file)
--- a/wlantest/ccmp.c
+++ b/wlantest/ccmp.c
@@ -16,7 +16,8 @@
  
  
  static void ccmp_aad_nonce(const struct ieee80211_hdr *hdr, const u8 *data,
-                          u8 *aad, size_t *aad_len, u8 *nonce)
+                          const u8 *a1, const u8 *a2, u8 *aad, size_t *aad_len,
+                          u8 *nonce)
  {
         u16 fc, stype, seq;
         int qos = 0, addr4 = 0;
@@ -49,6 +50,10 @@ static void ccmp_aad_nonce(const struct ieee80211_hdr *hdr, const u8 *data,
         WPA_PUT_LE16(aad, fc);
         pos = aad + 2;
         os_memcpy(pos, hdr->addr1, 3 * ETH_ALEN);
+       if (a1)
+               os_memcpy(pos, a1, ETH_ALEN);
+       if (a2)
+               os_memcpy(pos + ETH_ALEN, a2, ETH_ALEN);
         pos += 3 * ETH_ALEN;
         seq = le_to_host16(hdr->seq_ctrl);
         seq &= ~0xfff0; /* Mask Seq#; do not modify Frag# */
@@ -67,7 +72,10 @@ static void ccmp_aad_nonce(const struct ieee80211_hdr *hdr, const u8 *data,
  
         *aad_len = pos - aad;
  
-       os_memcpy(nonce + 1, hdr->addr2, ETH_ALEN);
+       if (a2)
+               os_memcpy(nonce + 1, a2, ETH_ALEN);
+       else
+               os_memcpy(nonce + 1, hdr->addr2, ETH_ALEN);
         nonce[7] = data[7]; /* PN5 */
         nonce[8] = data[6]; /* PN4 */
         nonce[9] = data[5]; /* PN3 */
@@ -136,7 +144,8 @@ static void ccmp_aad_nonce_pv1(const u8 *hdr, const u8 *a1, const u8 *a2,
  
  
  u8 * ccmp_decrypt(const u8 *tk, const struct ieee80211_hdr *hdr,
-                 const u8 *data, size_t data_len, size_t *decrypted_len)
+                 const u8 *a1, const u8 *a2, const u8 *data, size_t data_len,
+                 size_t *decrypted_len)
  {
         u8 aad[30], nonce[13];
         size_t aad_len;
@@ -153,7 +162,7 @@ u8 * ccmp_decrypt(const u8 *tk, const struct ieee80211_hdr *hdr,
         mlen = data_len - 8 - 8;
  
         os_memset(aad, 0, sizeof(aad));
-       ccmp_aad_nonce(hdr, data, aad, &aad_len, nonce);
+       ccmp_aad_nonce(hdr, data, a1, a2, aad, &aad_len, nonce);
         wpa_hexdump(MSG_EXCESSIVE, "CCMP AAD", aad, aad_len);
         wpa_hexdump(MSG_EXCESSIVE, "CCMP nonce", nonce, 13);
  
@@ -187,8 +196,9 @@ void ccmp_get_pn(u8 *pn, const u8 *data)
  }
  
  
-u8 * ccmp_encrypt(const u8 *tk, u8 *frame, size_t len, size_t hdrlen, u8 *qos,
-                 u8 *pn, int keyid, size_t *encrypted_len)
+u8 * ccmp_encrypt(const u8 *tk, u8 *frame, size_t len, size_t hdrlen,
+                 const u8 *qos, const u8 *a1, const u8 *a2, const u8 *pn,
+                 int keyid, size_t *encrypted_len)
  {
         u8 aad[30], nonce[13];
         size_t aad_len, plen;
@@ -217,7 +227,7 @@ u8 * ccmp_encrypt(const u8 *tk, u8 *frame, size_t len, size_t hdrlen, u8 *qos,
         *pos++ = pn[0]; /* PN5 */
  
         os_memset(aad, 0, sizeof(aad));
-       ccmp_aad_nonce(hdr, crypt + hdrlen, aad, &aad_len, nonce);
+       ccmp_aad_nonce(hdr, crypt + hdrlen, a1, a2, aad, &aad_len, nonce);
         wpa_hexdump(MSG_EXCESSIVE, "CCMP AAD", aad, aad_len);
         wpa_hexdump(MSG_EXCESSIVE, "CCMP nonce", nonce, 13);
  
@@ -278,6 +288,7 @@ u8 * ccmp_encrypt_pv1(const u8 *tk, const u8 *a1, const u8 *a2, const u8 *a3,
  
  
  u8 * ccmp_256_decrypt(const u8 *tk, const struct ieee80211_hdr *hdr,
+                     const u8 *a1, const u8 *a2,
                       const u8 *data, size_t data_len, size_t *decrypted_len)
  {
         u8 aad[30], nonce[13];
@@ -295,7 +306,7 @@ u8 * ccmp_256_decrypt(const u8 *tk, const struct ieee80211_hdr *hdr,
         mlen = data_len - 8 - 16;
  
         os_memset(aad, 0, sizeof(aad));
-       ccmp_aad_nonce(hdr, data, aad, &aad_len, nonce);
+       ccmp_aad_nonce(hdr, data, a1, a2, aad, &aad_len, nonce);
         wpa_hexdump(MSG_EXCESSIVE, "CCMP-256 AAD", aad, aad_len);
         wpa_hexdump(MSG_EXCESSIVE, "CCMP-256 nonce", nonce, 13);
  
@@ -319,7 +330,8 @@ u8 * ccmp_256_decrypt(const u8 *tk, const struct ieee80211_hdr *hdr,
  
  
  u8 * ccmp_256_encrypt(const u8 *tk, u8 *frame, size_t len, size_t hdrlen,
-                     u8 *qos, u8 *pn, int keyid, size_t *encrypted_len)
+                     const u8 *qos, const u8 *a1, const u8 *a2, const u8 *pn,
+                     int keyid, size_t *encrypted_len)
  {
         u8 aad[30], nonce[13];
         size_t aad_len, plen;
@@ -348,7 +360,7 @@ u8 * ccmp_256_encrypt(const u8 *tk, u8 *frame, size_t len, size_t hdrlen,
         *pos++ = pn[0]; /* PN5 */
  
         os_memset(aad, 0, sizeof(aad));
-       ccmp_aad_nonce(hdr, crypt + hdrlen, aad, &aad_len, nonce);
+       ccmp_aad_nonce(hdr, crypt + hdrlen, a1, a2, aad, &aad_len, nonce);
         wpa_hexdump(MSG_EXCESSIVE, "CCMP-256 AAD", aad, aad_len);
         wpa_hexdump(MSG_EXCESSIVE, "CCMP-256 nonce", nonce, 13);
  
diff --git a/wlantest/gcmp.c b/wlantest/gcmp.c

index f9f95b23db314e949b87239e830423a898b1d2f3..da723dd82e8f1522581d8c38d8e9374fd70e1e49 100644 (file)
--- a/wlantest/gcmp.c
+++ b/wlantest/gcmp.c
@@ -16,7 +16,8 @@
  
  
  static void gcmp_aad_nonce(const struct ieee80211_hdr *hdr, const u8 *data,
-                          u8 *aad, size_t *aad_len, u8 *nonce)
+                          const u8 *a1, const u8 *a2, u8 *aad, size_t *aad_len,
+                          u8 *nonce)
  {
         u16 fc, stype, seq;
         int qos = 0, addr4 = 0;
@@ -44,6 +45,10 @@ static void gcmp_aad_nonce(const struct ieee80211_hdr *hdr, const u8 *data,
         WPA_PUT_LE16(aad, fc);
         pos = aad + 2;
         os_memcpy(pos, hdr->addr1, 3 * ETH_ALEN);
+       if (a1)
+               os_memcpy(pos, a1, ETH_ALEN);
+       if (a2)
+               os_memcpy(pos + ETH_ALEN, a2, ETH_ALEN);
         pos += 3 * ETH_ALEN;
         seq = le_to_host16(hdr->seq_ctrl);
         seq &= ~0xfff0; /* Mask Seq#; do not modify Frag# */
@@ -62,7 +67,10 @@ static void gcmp_aad_nonce(const struct ieee80211_hdr *hdr, const u8 *data,
  
         *aad_len = pos - aad;
  
-       os_memcpy(nonce, hdr->addr2, ETH_ALEN);
+       if (a2)
+               os_memcpy(nonce, a2, ETH_ALEN);
+       else
+               os_memcpy(nonce, hdr->addr2, ETH_ALEN);
         nonce[6] = data[7]; /* PN5 */
         nonce[7] = data[6]; /* PN4 */
         nonce[8] = data[5]; /* PN3 */
@@ -73,7 +81,8 @@ static void gcmp_aad_nonce(const struct ieee80211_hdr *hdr, const u8 *data,
  
  
  u8 * gcmp_decrypt(const u8 *tk, size_t tk_len, const struct ieee80211_hdr *hdr,
-                 const u8 *data, size_t data_len, size_t *decrypted_len)
+                 const u8 *a1, const u8 *a2, const u8 *data, size_t data_len,
+                 size_t *decrypted_len)
  {
         u8 aad[30], nonce[12], *plain;
         size_t aad_len, mlen;
@@ -90,7 +99,7 @@ u8 * gcmp_decrypt(const u8 *tk, size_t tk_len, const struct ieee80211_hdr *hdr,
         mlen = data_len - 8 - 16;
  
         os_memset(aad, 0, sizeof(aad));
-       gcmp_aad_nonce(hdr, data, aad, &aad_len, nonce);
+       gcmp_aad_nonce(hdr, data, a1, a2, aad, &aad_len, nonce);
         wpa_hexdump(MSG_EXCESSIVE, "GCMP AAD", aad, aad_len);
         wpa_hexdump(MSG_EXCESSIVE, "GCMP nonce", nonce, sizeof(nonce));
  
@@ -113,7 +122,7 @@ u8 * gcmp_decrypt(const u8 *tk, size_t tk_len, const struct ieee80211_hdr *hdr,
  
  
  u8 * gcmp_encrypt(const u8 *tk, size_t tk_len, const u8 *frame, size_t len,
-                 size_t hdrlen, const u8 *qos,
+                 size_t hdrlen, const u8 *qos, const u8 *a1, const u8 *a2,
                   const u8 *pn, int keyid, size_t *encrypted_len)
  {
         u8 aad[30], nonce[12], *crypt, *pos;
@@ -141,7 +150,7 @@ u8 * gcmp_encrypt(const u8 *tk, size_t tk_len, const u8 *frame, size_t len,
         *pos++ = pn[0]; /* PN5 */
  
         os_memset(aad, 0, sizeof(aad));
-       gcmp_aad_nonce(hdr, crypt + hdrlen, aad, &aad_len, nonce);
+       gcmp_aad_nonce(hdr, crypt + hdrlen, a1, a2, aad, &aad_len, nonce);
         wpa_hexdump(MSG_EXCESSIVE, "GCMP AAD", aad, aad_len);
         wpa_hexdump(MSG_EXCESSIVE, "GCMP nonce", nonce, sizeof(nonce));
  
diff --git a/wlantest/inject.c b/wlantest/inject.c

index b177bcfd930121d0ac01ff4a14a6915e77b11515..bc6078cf7f9f2c25193639e2e121249aad6c5af3 100644 (file)
--- a/wlantest/inject.c
+++ b/wlantest/inject.c
@@ -143,7 +143,7 @@ static int wlantest_inject_prot_bc(struct wlantest *wt,
         else
                 crypt = ccmp_encrypt(incorrect_key ? stub :
                                      bss->gtk[bss->gtk_idx],
-                                    frame, len, hdrlen, NULL, pn,
+                                    frame, len, hdrlen, NULL, NULL, NULL, pn,
                                      bss->gtk_idx, &crypt_len);
  
         if (crypt == NULL)
@@ -246,7 +246,7 @@ static int wlantest_inject_prot(struct wlantest *wt, struct wlantest_bss *bss,
         os_memset(stub, 0x11, sizeof(stub));
         if (tk)
                 crypt = ccmp_encrypt(incorrect_key ? stub : tk,
-                                    frame, len, hdrlen, qos, pn, 0,
+                                    frame, len, hdrlen, qos, NULL, NULL, pn, 0,
                                      &crypt_len);
         else if (sta->pairwise_cipher == WPA_CIPHER_TKIP)
                 crypt = tkip_encrypt(incorrect_key ? stub : sta->ptk.tk,
@@ -254,7 +254,7 @@ static int wlantest_inject_prot(struct wlantest *wt, struct wlantest_bss *bss,
                                      &crypt_len);
         else
                 crypt = ccmp_encrypt(incorrect_key ? stub : sta->ptk.tk,
-                                    frame, len, hdrlen, qos, pn, 0,
+                                    frame, len, hdrlen, qos, NULL, NULL, pn, 0,
                                      &crypt_len);
  
         if (crypt == NULL) {
diff --git a/wlantest/rx_data.c b/wlantest/rx_data.c

index 14220f2736eee005ffbf053d83878ceb7b9df2fc..fc3dee49c0fe568f5b9c68b124fff923bd30f568 100644 (file)
--- a/wlantest/rx_data.c
+++ b/wlantest/rx_data.c
@@ -152,6 +152,7 @@ static void rx_data_process(struct wlantest *wt, struct wlantest_bss *bss,
  
  static u8 * try_ptk(struct wlantest *wt, int pairwise_cipher,
                     struct wpa_ptk *ptk, const struct ieee80211_hdr *hdr,
+                   const u8 *a1, const u8 *a2,
                     const u8 *data, size_t data_len, size_t *decrypted_len)
  {
         u8 *decrypted;
@@ -160,17 +161,17 @@ static u8 * try_ptk(struct wlantest *wt, int pairwise_cipher,
         decrypted = NULL;
         if ((pairwise_cipher == WPA_CIPHER_CCMP ||
              pairwise_cipher == 0) && tk_len == 16) {
-               decrypted = ccmp_decrypt(ptk->tk, hdr, data,
+               decrypted = ccmp_decrypt(ptk->tk, hdr, a1, a2, data,
                                          data_len, decrypted_len);
         } else if ((pairwise_cipher == WPA_CIPHER_CCMP_256 ||
                     pairwise_cipher == 0) && tk_len == 32) {
-               decrypted = ccmp_256_decrypt(ptk->tk, hdr, data,
+               decrypted = ccmp_256_decrypt(ptk->tk, hdr, a1, a2, data,
                                              data_len, decrypted_len);
         } else if ((pairwise_cipher == WPA_CIPHER_GCMP ||
                     pairwise_cipher == WPA_CIPHER_GCMP_256 ||
                     pairwise_cipher == 0) &&
                    (tk_len == 16 || tk_len == 32)) {
-               decrypted = gcmp_decrypt(ptk->tk, tk_len, hdr,
+               decrypted = gcmp_decrypt(ptk->tk, tk_len, hdr, a1, a2,
                                          data, data_len, decrypted_len);
         } else if ((pairwise_cipher == WPA_CIPHER_TKIP ||
                     pairwise_cipher == 0) && tk_len == 32) {
@@ -190,7 +191,8 @@ static u8 * try_ptk(struct wlantest *wt, int pairwise_cipher,
  
  
  static u8 * try_all_ptk(struct wlantest *wt, int pairwise_cipher,
-                       const struct ieee80211_hdr *hdr, int keyid,
+                       const struct ieee80211_hdr *hdr,
+                       const u8 *a1, const u8 *a2, int keyid,
                         const u8 *data, size_t data_len, size_t *decrypted_len)
  {
         struct wlantest_ptk *ptk;
@@ -199,7 +201,7 @@ static u8 * try_all_ptk(struct wlantest *wt, int pairwise_cipher,
  
         wpa_debug_level = MSG_WARNING;
         dl_list_for_each(ptk, &wt->ptk, struct wlantest_ptk, list) {
-               decrypted = try_ptk(wt, pairwise_cipher, &ptk->ptk, hdr,
+               decrypted = try_ptk(wt, pairwise_cipher, &ptk->ptk, hdr, a1, a2,
                                     data, data_len, decrypted_len);
                 if (decrypted) {
                         wpa_debug_level = prev_level;
@@ -288,8 +290,8 @@ static void rx_data_bss_prot_group(struct wlantest *wt,
         if (bss->gtk_len[keyid] == 0 &&
             (bss->group_cipher != WPA_CIPHER_WEP40 ||
              dl_list_empty(&wt->wep))) {
-               decrypted = try_all_ptk(wt, bss->group_cipher, hdr, keyid,
-                                       data, len, &dlen);
+               decrypted = try_all_ptk(wt, bss->group_cipher, hdr, NULL, NULL,
+                                       keyid, data, len, &dlen);
                 if (decrypted)
                         goto process;
                 add_note(wt, MSG_MSGDUMP,
@@ -337,15 +339,15 @@ skip_replay_det:
         } else if (bss->group_cipher == WPA_CIPHER_WEP40) {
                 decrypted = wep_decrypt(wt, hdr, data, len, &dlen);
         } else if (bss->group_cipher == WPA_CIPHER_CCMP) {
-               decrypted = ccmp_decrypt(bss->gtk[keyid], hdr, data, len,
-                                        &dlen);
+               decrypted = ccmp_decrypt(bss->gtk[keyid], hdr, NULL, NULL,
+                                        data, len, &dlen);
         } else if (bss->group_cipher == WPA_CIPHER_CCMP_256) {
-               decrypted = ccmp_256_decrypt(bss->gtk[keyid], hdr, data, len,
-                                            &dlen);
+               decrypted = ccmp_256_decrypt(bss->gtk[keyid], hdr, NULL, NULL,
+                                            data, len, &dlen);
         } else if (bss->group_cipher == WPA_CIPHER_GCMP ||
                    bss->group_cipher == WPA_CIPHER_GCMP_256) {
                 decrypted = gcmp_decrypt(bss->gtk[keyid], bss->gtk_len[keyid],
-                                        hdr, data, len, &dlen);
+                                        hdr, NULL, NULL, data, len, &dlen);
         }
  
         if (decrypted) {
@@ -378,14 +380,29 @@ static u8 * try_ptk_decrypt(struct wlantest *wt, struct wlantest_sta *sta,
                             const u8 *tk, size_t tk_len, size_t *dlen)
  {
         u8 *decrypted = NULL;
+       u16 fc = le_to_host16(hdr->frame_control);
+       const u8 *a1 = NULL, *a2 = NULL;
+
+       if ((fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) &&
+           !is_zero_ether_addr(sta->mld_mac_addr) &&
+           !is_zero_ether_addr(sta->bss->mld_mac_addr)) {
+               if (os_memcmp(hdr->addr1, sta->addr, ETH_ALEN) == 0) {
+                       a1 = sta->mld_mac_addr;
+                       a2 = sta->bss->mld_mac_addr;
+               } else {
+                       a1 = sta->bss->mld_mac_addr;
+                       a2 = sta->mld_mac_addr;
+               }
+       }
  
         if (sta->pairwise_cipher == WPA_CIPHER_CCMP_256)
-               decrypted = ccmp_256_decrypt(tk, hdr, data, len, dlen);
+               decrypted = ccmp_256_decrypt(tk, hdr, a1, a2, data, len, dlen);
         else if (sta->pairwise_cipher == WPA_CIPHER_GCMP ||
                  sta->pairwise_cipher == WPA_CIPHER_GCMP_256)
-               decrypted = gcmp_decrypt(tk, tk_len, hdr, data, len, dlen);
+               decrypted = gcmp_decrypt(tk, tk_len, hdr, a1, a2,
+                                        data, len, dlen);
         else
-               decrypted = ccmp_decrypt(tk, hdr, data, len, dlen);
+               decrypted = ccmp_decrypt(tk, hdr, a1, a2, data, len, dlen);
         write_decrypted_note(wt, decrypted, tk, tk_len, keyid);
  
         return decrypted;
@@ -412,6 +429,7 @@ static void rx_data_bss_prot(struct wlantest *wt,
         int replay = 0;
         int only_zero_tk = 0;
         u16 seq_ctrl = le_to_host16(hdr->seq_ctrl);
+       const u8 *a1 = NULL, *a2 = NULL;
  
         if (hdr->addr1[0] & 0x01) {
                 rx_data_bss_prot_group(wt, hdr, hdrlen, qos, dst, src,
@@ -607,18 +625,32 @@ static void rx_data_bss_prot(struct wlantest *wt,
         }
  
  skip_replay_det:
+       if ((fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) &&
+           !is_zero_ether_addr(sta->mld_mac_addr) &&
+           !is_zero_ether_addr(bss->mld_mac_addr)) {
+               if (os_memcmp(hdr->addr1, sta->addr, ETH_ALEN) == 0) {
+                       a1 = sta->mld_mac_addr;
+                       a2 = bss->mld_mac_addr;
+               } else {
+                       a1 = bss->mld_mac_addr;
+                       a2 = sta->mld_mac_addr;
+               }
+       }
+
         if (tk) {
                 if (sta->pairwise_cipher == WPA_CIPHER_CCMP_256) {
-                       decrypted = ccmp_256_decrypt(tk, hdr, data, len, &dlen);
+                       decrypted = ccmp_256_decrypt(tk, hdr, a1, a2, data, len,
+                                                    &dlen);
                         write_decrypted_note(wt, decrypted, tk, 32, keyid);
                 } else if (sta->pairwise_cipher == WPA_CIPHER_GCMP ||
                            sta->pairwise_cipher == WPA_CIPHER_GCMP_256) {
-                       decrypted = gcmp_decrypt(tk, sta->ptk.tk_len, hdr, data,
-                                                len, &dlen);
+                       decrypted = gcmp_decrypt(tk, sta->ptk.tk_len, hdr,
+                                                a1, a2, data, len, &dlen);
                         write_decrypted_note(wt, decrypted, tk, sta->ptk.tk_len,
                                              keyid);
                 } else {
-                       decrypted = ccmp_decrypt(tk, hdr, data, len, &dlen);
+                       decrypted = ccmp_decrypt(tk, hdr, a1, a2, data, len,
+                                                &dlen);
                         write_decrypted_note(wt, decrypted, tk, 16, keyid);
                 }
         } else if (sta->pairwise_cipher == WPA_CIPHER_TKIP) {
@@ -638,13 +670,13 @@ skip_replay_det:
                                             sta->ptk.tk, sta->ptk.tk_len,
                                             &dlen);
         } else {
-               decrypted = try_all_ptk(wt, sta->pairwise_cipher, hdr, keyid,
-                                       data, len, &dlen);
+               decrypted = try_all_ptk(wt, sta->pairwise_cipher, hdr, a1, a2,
+                                       keyid, data, len, &dlen);
                 ptk_iter_done = 1;
         }
         if (!decrypted && !ptk_iter_done) {
-               decrypted = try_all_ptk(wt, sta->pairwise_cipher, hdr, keyid,
-                                       data, len, &dlen);
+               decrypted = try_all_ptk(wt, sta->pairwise_cipher, hdr, a1, a2,
+                                       keyid, data, len, &dlen);
                 if (decrypted) {
                         add_note(wt, MSG_DEBUG, "Current PTK did not work, but found a match from all known PTKs");
                 }
@@ -658,7 +690,7 @@ check_zero_tk:
                 zero_ptk.tk_len = wpa_cipher_key_len(sta->pairwise_cipher);
                 wpa_debug_level = MSG_ERROR;
                 decrypted = try_ptk(wt, sta->pairwise_cipher, &zero_ptk, hdr,
-                                   data, len, &dlen);
+                                   a1, a2, data, len, &dlen);
                 wpa_debug_level = old_debug_level;
                 if (decrypted) {
                         add_note(wt, MSG_DEBUG,
diff --git a/wlantest/rx_mgmt.c b/wlantest/rx_mgmt.c

index 50c25072620863a71bde2429c261748465c865b7..1d0aef6abc9e487aaed5c94f9e299efa1b0fce77 100644 (file)
--- a/wlantest/rx_mgmt.c
+++ b/wlantest/rx_mgmt.c
@@ -2274,17 +2274,17 @@ static u8 * try_tk(struct wpa_ptk *ptk, size_t ptk_len,
  
         hdr = (const struct ieee80211_hdr *) data;
         if (ptk_len == 16) {
-               decrypted = ccmp_decrypt(ptk->tk, hdr, data + 24, len - 24,
-                                        dlen);
+               decrypted = ccmp_decrypt(ptk->tk, hdr, NULL, NULL,
+                                        data + 24, len - 24, dlen);
                 if (!decrypted)
-                       decrypted = gcmp_decrypt(ptk->tk, 16, hdr, data + 24,
-                                                len - 24, dlen);
+                       decrypted = gcmp_decrypt(ptk->tk, 16, hdr, NULL, NULL,
+                                                data + 24, len - 24, dlen);
         } else if (ptk_len == 32) {
-               decrypted = ccmp_256_decrypt(ptk->tk, hdr, data + 24, len - 24,
-                                            dlen);
+               decrypted = ccmp_256_decrypt(ptk->tk, hdr, NULL, NULL,
+                                            data + 24, len - 24, dlen);
                 if (!decrypted)
-                       decrypted = gcmp_decrypt(ptk->tk, 32, hdr, data + 24,
-                                                len - 24, dlen);
+                       decrypted = gcmp_decrypt(ptk->tk, 32, hdr, NULL, NULL,
+                                                data + 24, len - 24, dlen);
         } else {
                 decrypted = NULL;
         }
@@ -2407,18 +2407,19 @@ static u8 * mgmt_decrypt(struct wlantest *wt, const u8 *data, size_t len,
         }
  
         if (sta->pairwise_cipher == WPA_CIPHER_CCMP_256) {
-               decrypted = ccmp_256_decrypt(sta->ptk.tk, hdr, data + 24,
-                                            len - 24, dlen);
+               decrypted = ccmp_256_decrypt(sta->ptk.tk, hdr, NULL, NULL,
+                                            data + 24, len - 24, dlen);
                 write_decrypted_note(wt, decrypted, sta->ptk.tk, 32, keyid);
         } else if (sta->pairwise_cipher == WPA_CIPHER_GCMP ||
                    sta->pairwise_cipher == WPA_CIPHER_GCMP_256) {
                 decrypted = gcmp_decrypt(sta->ptk.tk, sta->ptk.tk_len, hdr,
+                                        NULL, NULL,
                                          data + 24, len - 24, dlen);
                 write_decrypted_note(wt, decrypted, sta->ptk.tk,
                                      sta->ptk.tk_len, keyid);
         } else {
-               decrypted = ccmp_decrypt(sta->ptk.tk, hdr, data + 24, len - 24,
-                                        dlen);
+               decrypted = ccmp_decrypt(sta->ptk.tk, hdr, NULL, NULL,
+                                        data + 24, len - 24, dlen);
                 write_decrypted_note(wt, decrypted, sta->ptk.tk, 16, keyid);
         }
         if (decrypted) {
diff --git a/wlantest/test_vectors.c b/wlantest/test_vectors.c

index 7f39c426433b8310a2807196403109f9a850b9fc..800d3655705f1a32f5f365b25ebfbecede9c5835 100644 (file)
--- a/wlantest/test_vectors.c
+++ b/wlantest/test_vectors.c
@@ -107,7 +107,8 @@ static void test_vector_ccmp(void)
         wpa_hexdump(MSG_INFO, "802.11 Header", frame, 24);
         wpa_hexdump(MSG_INFO, "Plaintext Data", frame + 24, sizeof(frame) - 24);
  
-       enc = ccmp_encrypt(tk, frame, sizeof(frame), 24, NULL, pn, 0, &enc_len);
+       enc = ccmp_encrypt(tk, frame, sizeof(frame), 24, NULL, NULL, NULL, pn,
+                          0, &enc_len);
         if (enc == NULL) {
                 wpa_printf(MSG_ERROR, "Failed to encrypt CCMP frame");
                 return;
@@ -119,7 +120,7 @@ static void test_vector_ccmp(void)
  
         wpa_debug_level = MSG_INFO;
         plain = ccmp_decrypt(tk, (const struct ieee80211_hdr *) enc,
-                            enc + 24, enc_len - 24, &plain_len);
+                            enc + 24, NULL, NULL, enc_len - 24, &plain_len);
         wpa_debug_level = MSG_EXCESSIVE;
         os_free(enc);
  
@@ -401,7 +402,8 @@ static void test_vector_ccmp_mgmt(void)
         wpa_hexdump(MSG_INFO, "802.11 Header", frame, 24);
         wpa_hexdump(MSG_INFO, "Plaintext Data", frame + 24, sizeof(frame) - 24);
  
-       enc = ccmp_encrypt(tk, frame, sizeof(frame), 24, NULL, pn, 0, &enc_len);
+       enc = ccmp_encrypt(tk, frame, sizeof(frame), 24, NULL, NULL, NULL, pn,
+                          0, &enc_len);
         if (enc == NULL) {
                 wpa_printf(MSG_ERROR, "Failed to encrypt CCMP frame");
                 return;
@@ -411,7 +413,7 @@ static void test_vector_ccmp_mgmt(void)
  
         wpa_debug_level = MSG_INFO;
         plain = ccmp_decrypt(tk, (const struct ieee80211_hdr *) enc,
-                            enc + 24, enc_len - 24, &plain_len);
+                            enc + 24, NULL, NULL, enc_len - 24, &plain_len);
         wpa_debug_level = MSG_EXCESSIVE;
         os_free(enc);
  
@@ -580,6 +582,7 @@ static int run_gcmp(int idx, const struct gcmp_test *vector)
                            vector->hdr_len,
                            vector->hdr_len == 26 ?
                            vector->frame + vector->hdr_len - 2 : NULL,
+                          NULL, NULL,
                            vector->pn, 0, &enc_len);
         if (enc == NULL) {
                 wpa_printf(MSG_ERROR, "Failed to encrypt GCMP frame");
@@ -603,7 +606,7 @@ static int run_gcmp(int idx, const struct gcmp_test *vector)
  
         wpa_debug_level = MSG_INFO;
         plain = gcmp_decrypt(vector->tk, sizeof(vector->tk),
-                            (const struct ieee80211_hdr *) enc,
+                            (const struct ieee80211_hdr *) enc, NULL, NULL,
                              enc + vector->hdr_len,
                              enc_len - vector->hdr_len, &plain_len);
         wpa_debug_level = MSG_EXCESSIVE;
@@ -689,7 +692,7 @@ static int test_vector_gcmp_256(void)
         wpa_hexdump(MSG_INFO, "Plaintext Data", frame + 26, sizeof(frame) - 26);
  
         enc = gcmp_encrypt(tk, sizeof(tk), frame, sizeof(frame), 26, frame + 24,
-                          pn, 0, &enc_len);
+                          NULL, NULL, pn, 0, &enc_len);
         if (enc == NULL) {
                 wpa_printf(MSG_ERROR, "Failed to encrypt GCMP frame");
                 return 1;
@@ -705,7 +708,7 @@ static int test_vector_gcmp_256(void)
  
         wpa_debug_level = MSG_INFO;
         plain = gcmp_decrypt(tk, sizeof(tk), (const struct ieee80211_hdr *) enc,
-                            enc + 26, enc_len - 26, &plain_len);
+                            NULL, NULL, enc + 26, enc_len - 26, &plain_len);
         wpa_debug_level = MSG_EXCESSIVE;
         os_free(enc);
  
@@ -766,8 +769,8 @@ static int test_vector_ccmp_256(void)
         wpa_hexdump(MSG_INFO, "802.11 Header", frame, 24);
         wpa_hexdump(MSG_INFO, "Plaintext Data", frame + 24, sizeof(frame) - 24);
  
-       enc = ccmp_256_encrypt(tk, frame, sizeof(frame), 24, NULL, pn, 0,
-                              &enc_len);
+       enc = ccmp_256_encrypt(tk, frame, sizeof(frame), 24, NULL, NULL, NULL,
+                              pn, 0, &enc_len);
         if (enc == NULL) {
                 wpa_printf(MSG_ERROR, "Failed to encrypt CCMP frame");
                 return 1;
@@ -783,7 +786,8 @@ static int test_vector_ccmp_256(void)
  
         wpa_debug_level = MSG_INFO;
         plain = ccmp_256_decrypt(tk, (const struct ieee80211_hdr *) enc,
-                                enc + 24, enc_len - 24, &plain_len);
+                                enc + 24, NULL, NULL, enc_len - 24,
+                                &plain_len);
         wpa_debug_level = MSG_EXCESSIVE;
         os_free(enc);
  
diff --git a/wlantest/wlantest.h b/wlantest/wlantest.h

index 88f1e140f6e053f31d9ced3bf613ceda6916f8d1..9731e7e6bb15dd47605946c692a36c9c4ac58478 100644 (file)
--- a/wlantest/wlantest.h
+++ b/wlantest/wlantest.h
@@ -303,18 +303,22 @@ void sta_update_assoc(struct wlantest_sta *sta,
                       struct ieee802_11_elems *elems);
  
  u8 * ccmp_decrypt(const u8 *tk, const struct ieee80211_hdr *hdr,
-                 const u8 *data, size_t data_len, size_t *decrypted_len);
-u8 * ccmp_encrypt(const u8 *tk, u8 *frame, size_t len, size_t hdrlen, u8 *qos,
-                 u8 *pn, int keyid, size_t *encrypted_len);
+                 const u8 *a1, const u8 *a2, const u8 *data, size_t data_len,
+                 size_t *decrypted_len);
+u8 * ccmp_encrypt(const u8 *tk, u8 *frame, size_t len, size_t hdrlen,
+                 const u8 *qos, const u8 *a1, const u8 *a2, const u8 *pn,
+                 int keyid, size_t *encrypted_len);
  u8 * ccmp_encrypt_pv1(const u8 *tk, const u8 *a1, const u8 *a2, const u8 *a3,
                       const u8 *frame, size_t len,
                       size_t hdrlen, const u8 *pn, int keyid,
                       size_t *encrypted_len);
  void ccmp_get_pn(u8 *pn, const u8 *data);
  u8 * ccmp_256_decrypt(const u8 *tk, const struct ieee80211_hdr *hdr,
+                     const u8 *a1, const u8 *a2,
                       const u8 *data, size_t data_len, size_t *decrypted_len);
  u8 * ccmp_256_encrypt(const u8 *tk, u8 *frame, size_t len, size_t hdrlen,
-                     u8 *qos, u8 *pn, int keyid, size_t *encrypted_len);
+                     const u8 *qos, const u8 *a1, const u8 *a2, const u8 *pn,
+                     int keyid, size_t *encrypted_len);
  
  enum michael_mic_result {
         MICHAEL_MIC_OK,
@@ -337,9 +341,10 @@ u8 * bip_gmac_protect(const u8 *igtk, size_t igtk_len, u8 *frame, size_t len,
                       u8 *ipn, int keyid, size_t *prot_len);
  
  u8 * gcmp_decrypt(const u8 *tk, size_t tk_len, const struct ieee80211_hdr *hdr,
-                 const u8 *data, size_t data_len, size_t *decrypted_len);
+                 const u8 *a1, const u8 *a2, const u8 *data, size_t data_len,
+                 size_t *decrypted_len);
  u8 * gcmp_encrypt(const u8 *tk, size_t tk_len, const u8 *frame, size_t len,
-                 size_t hdrlen, const u8 *qos,
+                 size_t hdrlen, const u8 *qos, const u8 *a1, const u8 *a2,
                   const u8 *pn, int keyid, size_t *encrypted_len);
  
  int ctrl_init(struct wlantest *wt);
author	Jouni Malinen <quic_jouni@quicinc.com>
	Mon, 5 Sep 2022 20:08:43 +0000 (23:08 +0300)
committer	Jouni Malinen <j@w1.fi>
	Mon, 5 Sep 2022 20:08:43 +0000 (23:08 +0300)
wlantest/ccmp.c		patch \| blob \| blame \| history
wlantest/gcmp.c		patch \| blob \| blame \| history
wlantest/inject.c		patch \| blob \| blame \| history
wlantest/rx_data.c		patch \| blob \| blame \| history
wlantest/rx_mgmt.c		patch \| blob \| blame \| history
wlantest/test_vectors.c		patch \| blob \| blame \| history
wlantest/wlantest.h		patch \| blob \| blame \| history