wlantest: Support variable length PMK
This is needed to be able to handle key derivation for FILS authentication. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen
Jouni Malinen
parent
4675ba1d67
commit
6c29d95a90
5 changed files with 37 additions and 24 deletions
|
|
@ -93,7 +93,7 @@ int bss_add_pmk_from_passphrase(struct wlantest_bss *bss,
|
||||||
if (pmk == NULL)
|
if (pmk == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
if (pbkdf2_sha1(passphrase, bss->ssid, bss->ssid_len, 4096,
|
if (pbkdf2_sha1(passphrase, bss->ssid, bss->ssid_len, 4096,
|
||||||
pmk->pmk, sizeof(pmk->pmk)) < 0) {
|
pmk->pmk, PMK_LEN) < 0) {
|
||||||
os_free(pmk);
|
os_free(pmk);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
@ -101,7 +101,7 @@ int bss_add_pmk_from_passphrase(struct wlantest_bss *bss,
|
||||||
wpa_printf(MSG_INFO, "Add possible PMK for BSSID " MACSTR
|
wpa_printf(MSG_INFO, "Add possible PMK for BSSID " MACSTR
|
||||||
" based on passphrase '%s'",
|
" based on passphrase '%s'",
|
||||||
MAC2STR(bss->bssid), passphrase);
|
MAC2STR(bss->bssid), passphrase);
|
||||||
wpa_hexdump(MSG_DEBUG, "Possible PMK", pmk->pmk, sizeof(pmk->pmk));
|
wpa_hexdump(MSG_DEBUG, "Possible PMK", pmk->pmk, PMK_LEN);
|
||||||
dl_list_add(&bss->pmk, &pmk->list);
|
dl_list_add(&bss->pmk, &pmk->list);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
|
|
||||||
|
|
@ -106,7 +106,7 @@ static int try_pmk(struct wlantest *wt, struct wlantest_bss *bss,
|
||||||
u8 pmk_r1_name[WPA_PMK_NAME_LEN];
|
u8 pmk_r1_name[WPA_PMK_NAME_LEN];
|
||||||
u8 ptk_name[WPA_PMK_NAME_LEN];
|
u8 ptk_name[WPA_PMK_NAME_LEN];
|
||||||
|
|
||||||
wpa_derive_pmk_r0(pmk->pmk, sizeof(pmk->pmk),
|
wpa_derive_pmk_r0(pmk->pmk, PMK_LEN,
|
||||||
bss->ssid, bss->ssid_len, bss->mdid,
|
bss->ssid, bss->ssid_len, bss->mdid,
|
||||||
bss->r0kh_id, bss->r0kh_id_len,
|
bss->r0kh_id, bss->r0kh_id_len,
|
||||||
sta->addr, pmk_r0, pmk_r0_name);
|
sta->addr, pmk_r0, pmk_r0_name);
|
||||||
|
|
@ -126,7 +126,7 @@ static int try_pmk(struct wlantest *wt, struct wlantest_bss *bss,
|
||||||
check_mic(ptk.kck, ptk.kck_len, sta->key_mgmt, ver, data,
|
check_mic(ptk.kck, ptk.kck_len, sta->key_mgmt, ver, data,
|
||||||
len) < 0)
|
len) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
} else if (wpa_pmk_to_ptk(pmk->pmk, sizeof(pmk->pmk),
|
} else if (wpa_pmk_to_ptk(pmk->pmk, PMK_LEN,
|
||||||
"Pairwise key expansion",
|
"Pairwise key expansion",
|
||||||
bss->bssid, sta->addr, sta->anonce,
|
bss->bssid, sta->addr, sta->anonce,
|
||||||
sta->snonce, &ptk, sta->key_mgmt,
|
sta->snonce, &ptk, sta->key_mgmt,
|
||||||
|
|
|
||||||
|
|
@ -87,16 +87,17 @@ static void process_radius_access_request(struct wlantest *wt, u32 dst,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static void wlantest_add_pmk(struct wlantest *wt, const u8 *pmk)
|
static void wlantest_add_pmk(struct wlantest *wt, const u8 *pmk, size_t pmk_len)
|
||||||
{
|
{
|
||||||
struct wlantest_pmk *p;
|
struct wlantest_pmk *p;
|
||||||
|
|
||||||
p = os_zalloc(sizeof(*p));
|
p = os_zalloc(sizeof(*p));
|
||||||
if (p == NULL)
|
if (p == NULL)
|
||||||
return;
|
return;
|
||||||
os_memcpy(p->pmk, pmk, 32);
|
os_memcpy(p->pmk, pmk, pmk_len);
|
||||||
|
p->pmk_len = pmk_len;
|
||||||
dl_list_add(&wt->pmk, &p->list);
|
dl_list_add(&wt->pmk, &p->list);
|
||||||
wpa_hexdump(MSG_INFO, "Add PMK", pmk, 32);
|
wpa_hexdump(MSG_INFO, "Add PMK", pmk, pmk_len);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -127,20 +128,25 @@ static void process_radius_access_accept(struct wlantest *wt, u32 dst, u32 src,
|
||||||
(u8 *) s->secret,
|
(u8 *) s->secret,
|
||||||
os_strlen(s->secret));
|
os_strlen(s->secret));
|
||||||
if (keys && keys->send && keys->recv) {
|
if (keys && keys->send && keys->recv) {
|
||||||
u8 pmk[32];
|
u8 pmk[PMK_LEN_MAX];
|
||||||
|
size_t pmk_len, len2;
|
||||||
|
|
||||||
wpa_hexdump_key(MSG_DEBUG, "MS-MPPE-Send-Key",
|
wpa_hexdump_key(MSG_DEBUG, "MS-MPPE-Send-Key",
|
||||||
keys->send, keys->send_len);
|
keys->send, keys->send_len);
|
||||||
wpa_hexdump_key(MSG_DEBUG, "MS-MPPE-Recv-Key",
|
wpa_hexdump_key(MSG_DEBUG, "MS-MPPE-Recv-Key",
|
||||||
keys->recv, keys->recv_len);
|
keys->recv, keys->recv_len);
|
||||||
os_memcpy(pmk, keys->recv,
|
pmk_len = keys->recv_len;
|
||||||
keys->recv_len > 32 ? 32 : keys->recv_len);
|
if (pmk_len > PMK_LEN_MAX)
|
||||||
if (keys->recv_len < 32) {
|
pmk_len = PMK_LEN_MAX;
|
||||||
os_memcpy(pmk + keys->recv_len,
|
os_memcpy(pmk, keys->recv, pmk_len);
|
||||||
keys->send,
|
if (pmk_len < PMK_LEN_MAX) {
|
||||||
keys->recv_len + keys->send_len > 32
|
len2 = keys->send_len;
|
||||||
? 32 : 32 - keys->recv_len);
|
if (pmk_len + len2 > PMK_LEN_MAX)
|
||||||
|
len2 = PMK_LEN_MAX - pmk_len;
|
||||||
|
os_memcpy(pmk + pmk_len, keys->send, len2);
|
||||||
|
pmk_len += len2;
|
||||||
}
|
}
|
||||||
wlantest_add_pmk(wt, pmk);
|
wlantest_add_pmk(wt, pmk, pmk_len);
|
||||||
found = 1;
|
found = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -146,7 +146,8 @@ static void add_secret(struct wlantest *wt, const char *secret)
|
||||||
static int add_pmk_file(struct wlantest *wt, const char *pmk_file)
|
static int add_pmk_file(struct wlantest *wt, const char *pmk_file)
|
||||||
{
|
{
|
||||||
FILE *f;
|
FILE *f;
|
||||||
u8 pmk[32];
|
u8 pmk[PMK_LEN_MAX];
|
||||||
|
size_t pmk_len;
|
||||||
char buf[300], *pos;
|
char buf[300], *pos;
|
||||||
struct wlantest_pmk *p;
|
struct wlantest_pmk *p;
|
||||||
|
|
||||||
|
|
@ -163,25 +164,30 @@ static int add_pmk_file(struct wlantest *wt, const char *pmk_file)
|
||||||
*pos = '\0';
|
*pos = '\0';
|
||||||
if (pos - buf < 2 * 32)
|
if (pos - buf < 2 * 32)
|
||||||
continue;
|
continue;
|
||||||
if (hexstr2bin(buf, pmk, 32) < 0)
|
pmk_len = (pos - buf) / 2;
|
||||||
|
if (pmk_len > PMK_LEN_MAX)
|
||||||
|
pmk_len = PMK_LEN_MAX;
|
||||||
|
if (hexstr2bin(buf, pmk, pmk_len) < 0)
|
||||||
continue;
|
continue;
|
||||||
p = os_zalloc(sizeof(*p));
|
p = os_zalloc(sizeof(*p));
|
||||||
if (p == NULL)
|
if (p == NULL)
|
||||||
break;
|
break;
|
||||||
os_memcpy(p->pmk, pmk, 32);
|
os_memcpy(p->pmk, pmk, pmk_len);
|
||||||
|
p->pmk_len = pmk_len;
|
||||||
dl_list_add(&wt->pmk, &p->list);
|
dl_list_add(&wt->pmk, &p->list);
|
||||||
wpa_hexdump(MSG_DEBUG, "Added PMK from file", pmk, 32);
|
wpa_hexdump(MSG_DEBUG, "Added PMK from file", pmk, pmk_len);
|
||||||
|
|
||||||
/* For FT, the send half of MSK is used */
|
/* For FT, the send half of MSK is used */
|
||||||
if (hexstr2bin(&buf[64], pmk, 32) < 0)
|
if (hexstr2bin(&buf[2 * PMK_LEN], pmk, PMK_LEN) < 0)
|
||||||
continue;
|
continue;
|
||||||
p = os_zalloc(sizeof(*p));
|
p = os_zalloc(sizeof(*p));
|
||||||
if (p == NULL)
|
if (p == NULL)
|
||||||
break;
|
break;
|
||||||
os_memcpy(p->pmk, pmk, 32);
|
os_memcpy(p->pmk, pmk, PMK_LEN);
|
||||||
|
p->pmk_len = PMK_LEN;
|
||||||
dl_list_add(&wt->pmk, &p->list);
|
dl_list_add(&wt->pmk, &p->list);
|
||||||
wpa_hexdump(MSG_DEBUG, "Added PMK from file (2nd half of MSK)",
|
wpa_hexdump(MSG_DEBUG, "Added PMK from file (2nd half of MSK)",
|
||||||
pmk, 32);
|
pmk, PMK_LEN);
|
||||||
}
|
}
|
||||||
|
|
||||||
fclose(f);
|
fclose(f);
|
||||||
|
|
|
||||||
|
|
@ -35,7 +35,8 @@ struct wlantest_passphrase {
|
||||||
|
|
||||||
struct wlantest_pmk {
|
struct wlantest_pmk {
|
||||||
struct dl_list list;
|
struct dl_list list;
|
||||||
u8 pmk[32];
|
u8 pmk[PMK_LEN_MAX];
|
||||||
|
size_t pmk_len;
|
||||||
};
|
};
|
||||||
|
|
||||||
struct wlantest_ptk {
|
struct wlantest_ptk {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue