wlantest: Implement TKIP replay detection
This commit is contained in:
parent
6c9c513783
commit
4dac84539e
3 changed files with 20 additions and 3 deletions
|
@ -979,8 +979,10 @@ static void rx_data_bss_prot_group(struct wlantest *wt,
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* TODO: different replay protection for TKIP */
|
if (bss->group_cipher == WPA_CIPHER_TKIP)
|
||||||
ccmp_get_pn(pn, data);
|
tkip_get_pn(pn, data);
|
||||||
|
else
|
||||||
|
ccmp_get_pn(pn, data);
|
||||||
if (os_memcmp(pn, bss->rsc[keyid], 6) <= 0) {
|
if (os_memcmp(pn, bss->rsc[keyid], 6) <= 0) {
|
||||||
wpa_printf(MSG_INFO, "CCMP/TKIP replay detected: SA=" MACSTR,
|
wpa_printf(MSG_INFO, "CCMP/TKIP replay detected: SA=" MACSTR,
|
||||||
MAC2STR(hdr->addr2));
|
MAC2STR(hdr->addr2));
|
||||||
|
@ -1061,7 +1063,10 @@ static void rx_data_bss_prot(struct wlantest *wt,
|
||||||
rsc = sta->rsc_fromds[tid];
|
rsc = sta->rsc_fromds[tid];
|
||||||
|
|
||||||
|
|
||||||
ccmp_get_pn(pn, data);
|
if (sta->pairwise_cipher == WPA_CIPHER_TKIP)
|
||||||
|
tkip_get_pn(pn, data);
|
||||||
|
else
|
||||||
|
ccmp_get_pn(pn, data);
|
||||||
if (os_memcmp(pn, rsc, 6) <= 0) {
|
if (os_memcmp(pn, rsc, 6) <= 0) {
|
||||||
wpa_printf(MSG_INFO, "CCMP/TKIP replay detected: SA=" MACSTR,
|
wpa_printf(MSG_INFO, "CCMP/TKIP replay detected: SA=" MACSTR,
|
||||||
MAC2STR(hdr->addr2));
|
MAC2STR(hdr->addr2));
|
||||||
|
|
|
@ -392,3 +392,14 @@ u8 * tkip_decrypt(const u8 *tk, const struct ieee80211_hdr *hdr,
|
||||||
*decrypted_len = plain_len - 8;
|
*decrypted_len = plain_len - 8;
|
||||||
return plain;
|
return plain;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
void tkip_get_pn(u8 *pn, const u8 *data)
|
||||||
|
{
|
||||||
|
pn[0] = data[7]; /* PN5 */
|
||||||
|
pn[1] = data[6]; /* PN4 */
|
||||||
|
pn[2] = data[5]; /* PN3 */
|
||||||
|
pn[3] = data[4]; /* PN2 */
|
||||||
|
pn[4] = data[0]; /* PN1 */
|
||||||
|
pn[5] = data[2]; /* PN0 */
|
||||||
|
}
|
||||||
|
|
|
@ -155,5 +155,6 @@ void ccmp_get_pn(u8 *pn, const u8 *data);
|
||||||
|
|
||||||
u8 * tkip_decrypt(const u8 *tk, const struct ieee80211_hdr *hdr,
|
u8 * tkip_decrypt(const u8 *tk, const struct ieee80211_hdr *hdr,
|
||||||
const u8 *data, size_t data_len, size_t *decrypted_len);
|
const u8 *data, size_t data_len, size_t *decrypted_len);
|
||||||
|
void tkip_get_pn(u8 *pn, const u8 *data);
|
||||||
|
|
||||||
#endif /* WLANTEST_H */
|
#endif /* WLANTEST_H */
|
||||||
|
|
Loading…
Reference in a new issue