Print the algorithms used for EAPOL-Key professing in log
This makes it easier to debug crypto algorithm selection for 4-way handshake related functions. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen
parent
ef23838590
commit
ef9627cbc7
3 changed files with 61 additions and 15 deletions
|
|
@ -1549,6 +1549,9 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth,
|
|||
sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN ||
|
||||
wpa_key_mgmt_suite_b(sm->wpa_key_mgmt) ||
|
||||
version == WPA_KEY_INFO_TYPE_AES_128_CMAC) {
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"WPA: Encrypt Key Data using AES-WRAP (KEK length %u)",
|
||||
(unsigned int) sm->PTK.kek_len);
|
||||
if (aes_wrap(sm->PTK.kek, sm->PTK.kek_len,
|
||||
(key_data_len - 8) / 8, buf, key_data)) {
|
||||
os_free(hdr);
|
||||
|
|
@ -1559,6 +1562,9 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth,
|
|||
#ifndef CONFIG_NO_RC4
|
||||
} else if (sm->PTK.kek_len == 16) {
|
||||
u8 ek[32];
|
||||
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"WPA: Encrypt Key Data using RC4");
|
||||
os_memcpy(key->key_iv,
|
||||
sm->group->Counter + WPA_NONCE_LEN - 16, 16);
|
||||
inc_byte_array(sm->group->Counter, WPA_NONCE_LEN);
|
||||
|
|
|
|||
|
|
@ -96,25 +96,32 @@ int wpa_eapol_key_mic(const u8 *key, size_t key_len, int akmp, int ver,
|
|||
switch (ver) {
|
||||
#ifndef CONFIG_FIPS
|
||||
case WPA_KEY_INFO_TYPE_HMAC_MD5_RC4:
|
||||
wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key MIC using HMAC-MD5");
|
||||
return hmac_md5(key, key_len, buf, len, mic);
|
||||
#endif /* CONFIG_FIPS */
|
||||
case WPA_KEY_INFO_TYPE_HMAC_SHA1_AES:
|
||||
wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key MIC using HMAC-SHA1");
|
||||
if (hmac_sha1(key, key_len, buf, len, hash))
|
||||
return -1;
|
||||
os_memcpy(mic, hash, MD5_MAC_LEN);
|
||||
break;
|
||||
#if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W)
|
||||
case WPA_KEY_INFO_TYPE_AES_128_CMAC:
|
||||
wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key MIC using AES-CMAC");
|
||||
return omac1_aes_128(key, buf, len, mic);
|
||||
#endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W */
|
||||
case WPA_KEY_INFO_TYPE_AKM_DEFINED:
|
||||
switch (akmp) {
|
||||
#ifdef CONFIG_HS20
|
||||
case WPA_KEY_MGMT_OSEN:
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"WPA: EAPOL-Key MIC using AES-CMAC (AKM-defined - OSEN)");
|
||||
return omac1_aes_128(key, buf, len, mic);
|
||||
#endif /* CONFIG_HS20 */
|
||||
#ifdef CONFIG_SUITEB
|
||||
case WPA_KEY_MGMT_IEEE8021X_SUITE_B:
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"WPA: EAPOL-Key MIC using HMAC-SHA256 (AKM-defined - Suite B)");
|
||||
if (hmac_sha256(key, key_len, buf, len, hash))
|
||||
return -1;
|
||||
os_memcpy(mic, hash, MD5_MAC_LEN);
|
||||
|
|
@ -122,16 +129,24 @@ int wpa_eapol_key_mic(const u8 *key, size_t key_len, int akmp, int ver,
|
|||
#endif /* CONFIG_SUITEB */
|
||||
#ifdef CONFIG_SUITEB192
|
||||
case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192:
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"WPA: EAPOL-Key MIC using HMAC-SHA384 (AKM-defined - Suite B 192-bit)");
|
||||
if (hmac_sha384(key, key_len, buf, len, hash))
|
||||
return -1;
|
||||
os_memcpy(mic, hash, 24);
|
||||
break;
|
||||
#endif /* CONFIG_SUITEB192 */
|
||||
default:
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"WPA: EAPOL-Key MIC algorithm not known (AKM-defined - akmp=0x%x)",
|
||||
akmp);
|
||||
return -1;
|
||||
}
|
||||
break;
|
||||
default:
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"WPA: EAPOL-Key MIC algorithm not known (ver=%d)",
|
||||
ver);
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
|
@ -194,19 +209,30 @@ int wpa_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const char *label,
|
|||
ptk->tk_len = wpa_cipher_key_len(cipher);
|
||||
ptk_len = ptk->kck_len + ptk->kek_len + ptk->tk_len;
|
||||
|
||||
if (wpa_key_mgmt_sha384(akmp)) {
|
||||
#if defined(CONFIG_SUITEB192) || defined(CONFIG_FILS)
|
||||
if (wpa_key_mgmt_sha384(akmp))
|
||||
sha384_prf(pmk, pmk_len, label, data, sizeof(data),
|
||||
tmp, ptk_len);
|
||||
else
|
||||
wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA384)");
|
||||
if (sha384_prf(pmk, pmk_len, label, data, sizeof(data),
|
||||
tmp, ptk_len) < 0)
|
||||
return -1;
|
||||
#else /* CONFIG_SUITEB192 || CONFIG_FILS */
|
||||
return -1;
|
||||
#endif /* CONFIG_SUITEB192 || CONFIG_FILS */
|
||||
} else if (wpa_key_mgmt_sha256(akmp)) {
|
||||
#ifdef CONFIG_IEEE80211W
|
||||
if (wpa_key_mgmt_sha256(akmp))
|
||||
sha256_prf(pmk, pmk_len, label, data, sizeof(data),
|
||||
tmp, ptk_len);
|
||||
else
|
||||
wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA256)");
|
||||
if (sha256_prf(pmk, pmk_len, label, data, sizeof(data),
|
||||
tmp, ptk_len) < 0)
|
||||
return -1;
|
||||
#else /* CONFIG_IEEE80211W */
|
||||
return -1;
|
||||
#endif /* CONFIG_IEEE80211W */
|
||||
sha1_prf(pmk, pmk_len, label, data, sizeof(data), tmp, ptk_len);
|
||||
} else {
|
||||
wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA1)");
|
||||
if (sha1_prf(pmk, pmk_len, label, data, sizeof(data), tmp,
|
||||
ptk_len) < 0)
|
||||
return -1;
|
||||
}
|
||||
|
||||
wpa_printf(MSG_DEBUG, "WPA: PTK derivation - A1=" MACSTR " A2=" MACSTR,
|
||||
MAC2STR(addr1), MAC2STR(addr2));
|
||||
|
|
@ -337,12 +363,17 @@ int fils_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const u8 *spa, const u8 *aa,
|
|||
return -1;
|
||||
key_data_len = *ick_len + ptk->kek_len + ptk->tk_len;
|
||||
|
||||
if (wpa_key_mgmt_sha384(akmp))
|
||||
sha384_prf(pmk, pmk_len, label, data, sizeof(data),
|
||||
tmp, key_data_len);
|
||||
else if (sha256_prf(pmk, pmk_len, label, data, sizeof(data),
|
||||
tmp, key_data_len) < 0)
|
||||
return -1;
|
||||
if (wpa_key_mgmt_sha384(akmp)) {
|
||||
wpa_printf(MSG_DEBUG, "FILS: PTK derivation using PRF(SHA384)");
|
||||
if (sha384_prf(pmk, pmk_len, label, data, sizeof(data),
|
||||
tmp, key_data_len) < 0)
|
||||
return -1;
|
||||
} else {
|
||||
wpa_printf(MSG_DEBUG, "FILS: PTK derivation using PRF(SHA256)");
|
||||
if (sha256_prf(pmk, pmk_len, label, data, sizeof(data),
|
||||
tmp, key_data_len) < 0)
|
||||
return -1;
|
||||
}
|
||||
|
||||
wpa_printf(MSG_DEBUG, "FILS: PTK derivation - SPA=" MACSTR
|
||||
" AA=" MACSTR, MAC2STR(spa), MAC2STR(aa));
|
||||
|
|
|
|||
|
|
@ -51,6 +51,9 @@ int wpa_eapol_key_send(struct wpa_sm *sm, struct wpa_ptk *ptk,
|
|||
int ret = -1;
|
||||
size_t mic_len = wpa_mic_len(sm->key_mgmt);
|
||||
|
||||
wpa_printf(MSG_DEBUG, "WPA: Send EAPOL-Key frame to " MACSTR
|
||||
" ver=%d mic_len=%d key_mgmt=0x%x",
|
||||
MAC2STR(dest), ver, (int) mic_len, sm->key_mgmt);
|
||||
if (is_zero_ether_addr(dest) && is_zero_ether_addr(sm->bssid)) {
|
||||
/*
|
||||
* Association event was not yet received; try to fetch
|
||||
|
|
@ -1720,6 +1723,8 @@ static int wpa_supplicant_decrypt_key_data(struct wpa_sm *sm,
|
|||
return -1;
|
||||
#else /* CONFIG_NO_RC4 */
|
||||
u8 ek[32];
|
||||
|
||||
wpa_printf(MSG_DEBUG, "WPA: Decrypt Key Data using RC4");
|
||||
os_memcpy(ek, key->key_iv, 16);
|
||||
os_memcpy(ek + 16, sm->ptk.kek, sm->ptk.kek_len);
|
||||
if (rc4_skip(ek, 32, 256, key_data, *key_data_len)) {
|
||||
|
|
@ -1735,6 +1740,10 @@ static int wpa_supplicant_decrypt_key_data(struct wpa_sm *sm,
|
|||
sm->key_mgmt == WPA_KEY_MGMT_OSEN ||
|
||||
wpa_key_mgmt_suite_b(sm->key_mgmt)) {
|
||||
u8 *buf;
|
||||
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"WPA: Decrypt Key Data using AES-UNWRAP (KEK length %u)",
|
||||
(unsigned int) sm->ptk.kek_len);
|
||||
if (*key_data_len < 8 || *key_data_len % 8) {
|
||||
wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
|
||||
"WPA: Unsupported AES-WRAP len %u",
|
||||
|
|
|
|||
Loading…
Reference in a new issue