Commit graph

69 commits

Author SHA1 Message Date
Jouni Malinen
25b52e5f83 FT: Extend FTE parsing for FT-SAE-EXT-KEY
Provide AKM, key length, and information about needed subelements to the
parser function so that the variable length MIC field cases can be
recognized for FT-SAE-EXT-KEY. Knowledge about R0KH-ID/R1KH-ID being
needed is required to be able to iterate over possible MIC field lengths
for the case where the AP does not yet know the correct key length at
the beginning of FT protocol.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 17:17:49 +03:00
Jouni Malinen
4f58afee9a FT: Extend MIC derivation for FT-SAE-EXT-KEY
Provide AKM to the helper function so that the new SHA256 and SHA512
options can be covered for FT-SAE-EXT-KEY.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-16 17:07:54 +03:00
Jouni Malinen
7f20a0a0bc wlantest: Key derivation for SAE-EXT-KEY
Extend wlantest capabilities to cover the new SAE-EXT-KEY AKM and
variable length MIC field and key lengths for it based on the used SAE
group.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-10-12 22:33:27 +03:00
Jouni Malinen
228420e2d9 wlantest: Find a STA entry based on MLO affiliated link addresses
Allow a single STA entry to be found for a non-AP MLD regardless of
which link MAC address was used to transmit/receive it.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-29 13:08:37 +03:00
Jouni Malinen
5d5c2cb2be wlantest: Recognize SAE case for moving from State 1 to 2
Update STA state tracking for SAE authentication as well as the previous
covered Open System algorithm.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-29 11:59:54 +03:00
Jouni Malinen
8c1231c05a wlantest: Print the TA of a Beacon frame for which there is no BIGTK
This makes the debug message more useful for determining whether an
expected BIGTK has been derived.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-29 00:03:27 +03:00
Jouni Malinen
dc8a756ce4 wlantest: Verify Beacon frame MME even after Probe Response reception
rx_mgmt_beacon() was skipping all steps after a Probe Response frame
from the AP had been processed. This is expected for the parts that were
updating the bss entry information, but the checks for beacon protection
should not be skipped in this manner.

Skip onlu the updating parts while checking that beacon protection is
used correctly to make this more useful.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-28 23:02:31 +03:00
Jouni Malinen
b20991da69 wlantest: MLD MAC Address in CCMP/GCMP AAD/nonce
Use the MLD MAC Address instead of link address in CCMP/GCMP AAD/nonce
construction when processing an individually addressed Data frame with
FromDS=1 or ToDS=1 between an AP MLD and non-AP MLD.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-05 23:08:43 +03:00
Jouni Malinen
0cc6f985d1 wlantest: Recognize additional not-Robust Action categories
Do not complain about unprotected Action frames for additional
categories that have been defined as not being Robust.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-05 22:06:31 +03:00
Jouni Malinen
ce7bdb54e5 wlantest: Extend Management frame decryption to support GCMP and CCMP-256
Data frame processing had already been extended to support additional
cipher suites, but Robust Management frame processing was still using a
hardcoded cipher suite (CCMP-128). Extend it to support GCMP-128,
GCMP-256, and CCMP-256 as well.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-08-29 21:46:09 +03:00
Jouni Malinen
136bbf15c3 wlantest: Add more details about protected FTM frames
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-07 13:11:34 +02:00
Jouni Malinen
b9fd8191a5 wlantest: Recognize the FTM bit in the CCMP Key ID octet
This previously reserved bit is now used in FTM to help select the
appropriate replay counter. Silence the warning about use of a reserved
bit for this. wlantest does not yet support the actual replay counter
processing for FTM.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-07 12:30:03 +02:00
Jouni Malinen
f56eec7c1a wlantest: Process Action No Ack frames like Action frames
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-07 12:00:12 +02:00
Jouni Malinen
56a04ae1a1 wlantest: Support TK list for Management frame decryption
Use the TKs from the PTK file (-T command line argument) to try to
decrypt encrypted Management frames if no BSS/STA key can be found based
on addresses.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-07 11:37:58 +02:00
Ilan Peer
d87f4aea11 FILS: Extend the fils_pmk_to_ptk() function to also derive KDK
Extend the fils_pmk_to_ptk() to also derive Key Derivation
Key (KDK) which can later be used for secure LTF measurements.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-01-25 18:36:40 +02:00
Ilan Peer
6e834db74e FT: Extend the wpa_pmk_r1_to_ptk() function to also derive KDK
Extend the wpa_pmk_r1_to_ptk() to also derive Key Derivation
Key (KDK), which can later be used for secure LTF measurements.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-01-25 18:36:40 +02:00
Jouni Malinen
b6a3bcffd7 wlantest: Validate FT elements in Reassociation Response frame
Verify that RSNE, MDE, and FTE have valid information in FT
Reassociation Response frames. In addition, decrypt GTK, IGTK, and BIGTK
from the frame.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-24 00:35:56 +03:00
Jouni Malinen
e10144c910 wlantest: Validate FT elements in Reassociation Request frame
Verify that RSNE, MDE, and FTE have valid information in FT
Reassociation Request frames.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-24 00:35:53 +03:00
Jouni Malinen
59d9994ac7 wlantest: Store PMK-R1 in STA entry
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-23 22:01:12 +03:00
Jouni Malinen
bfc4569f89 wlantest: Store PMK-R0 length explicitly
PMK-R0 is not of fixed length, so store its length explicitly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-23 21:45:20 +03:00
Jouni Malinen
7cd17a4b5e wlantest: Handle FT over-the-DS association state update cleanly
It is expected for the STA entry on the target AP to move directly from
State 1 to State 3 when performing FT over-the-DS (i.e., FT Action
Request/Response frame exchange through the old AP followed by
Reassociation Request/Response frame exchange with the target AP).

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-23 21:11:33 +03:00
Jouni Malinen
a8d2ca9e23 wlantest: Do not report PMF failure without BSS supporting PMF
Previously, missing CCMP protection on Robust Management frames was
reported based on the STA having indicated MFPC=1. That is not accurate
since the AP/BSS may have MFPC=0. Report this failure only if both the
AP and STA have indicated MFPC=1, i.e., when PMF has been negotiated for
the association.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-14 18:20:31 +02:00
Jouni Malinen
0e3e3a9ab5 wlantest: Update BSS IEs based on EAPOL-Key msg 3/4
If no Beacon or Probe Response frame has been seen in the capture, use
the IEs from EAPOL-Key msg 3/4 to set up BSS information.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-28 00:51:07 +02:00
Jouni Malinen
a8a277c169 wlantest: Get STA IEs based on EAPOL-Key msg 2/4 before PTK derivation
The previous implementation tried to update STA IE information based on
EAPOL-Key msg 2/4 to be able to handle captures that do not include the
(Re)Association Request frame. This was not sufficient (OSEN was not
included) and was done too late (the parsed information is needed for
PMK-to-PTK derivation).

Move the IE update step to happen before trying to derive the PTK if no
(Re)Association Request frame has been seen.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-28 00:35:23 +02:00
Jouni Malinen
faf6894f35 wlantest: BIGTK fetching and Beacon protection validation
Fetch the BIGTK from EAPOL-Key msg 3/4 and use it to validate MME in
Beacon frames when the AP uses Beacon protection.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-21 19:41:36 +02:00
Jouni Malinen
c38c62ff78 wlantest: Derive PMK-R1 and PTK for FT protocol cases
Track PMK-R0/PMK-R0-Name from the initial mobility domain association
and derive PMK-R1/PTK when the station uses FT protocol. This allows
frames from additional roaming cases to be decrypted.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-22 22:14:47 +03:00
Jouni Malinen
b3c43c3c24 wlantest: Allow duplicate frame processing after decryption failure
If a sniffer capture does not include FCS for each frame, but may
included frames with invalid FCS, it would be possible for wlantest to
try to decrypt the first received frame and fail (e.g., due to CCMP MIC
mismatch) because that particular frame was corrupted and then ignore
the following retry of that frame as a duplicate even if that retry has
different payload (e.g., if its reception did not show corruption).

Work around this by skipping duplicate frame detection immediately
following a decryption failure.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-12 22:27:34 +03:00
Jouni Malinen
9a33737a0b FT: FTE parsing for SHA384-based AKM
The MIC field is now a variable length field, so make the FTE parser
aware of the two different field lengths.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 19:29:53 +03:00
Jouni Malinen
4cada9dcc1 FILS: Add DHss into FILS-Key-Data derivation when using FILS SK+PFS
This part is missing from IEEE Std 802.11ai-2016, but the lack of DHss
here means there would not be proper PFS for the case where PMKSA
caching is used with FILS SK+PFS authentication. This was not really the
intent of the FILS design and that issue was fixed during REVmd work
with the changes proposed in
https://mentor.ieee.org/802.11/dcn/17/11-17-0906-04-000m-fils-fixes.docx
that add DHss into FILS-Key-Data (and PTK, in practice) derivation for
the PMKSA caching case so that a unique ICK, KEK, and TK are derived
even when using the same PMK.

Note: This is not backwards compatible, i.e., this breaks PMKSA caching
with FILS SK+PFS if only STA or AP side implementation is updated.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-13 22:17:58 +03:00
Jouni Malinen
c72df3c67c wlantest: FILS keys and (Re)Association Request/Response frames
Try to derive PTK when FILS shared key authentication is used without
PFS. The list of available PMKs is interpreted as rMSK for this purpose
and PMK and PTK is derived from that. If the resulting PTK (KEK) can be
used to decrypt the encrypted parts of (Re)Association Request/Response
frames, mark the PTK as derived so that encrypted frames during the
association can be decrypted. In addition, write a decrypted version of
the (Re)Association Request/Response frames into the output file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-05 19:05:16 +03:00
Jouni Malinen
3fb62bdae9 wlantest: Add support for FT-PSK initial association key derivation
This adds minimal support for deriving keys for FT-PSK to allow the
initial mobility domain association to be analyzed in more detail.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-06 20:47:25 +03:00
Jouni Malinen
b39a05913a Simplify Timeout Interval element parsing
Remove the length field from struct ieee802_11_elems since the only
allowed element length is five and that is checked by the parser.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 22:05:11 +03:00
Jouni Malinen
762a0bfb01 wlantest: Fix Beacon and Probe Response frame parser
These functions did not verify that the received frame is long enough to
contain the beginning of the variable length IE area. A truncated frame
could have caused a segmentation fault due to reading beyond the buffer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 11:44:19 +03:00
Jouni Malinen
98cd3d1c3b Preparations for variable length KCK and KEK
This modifies struct wpa_ptk to allow the length of KCK and KEK to be
stored. This is needed to allow longer keys to be used, e.g., with
Suite B 192-bit level.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-27 01:26:49 +02:00
Jouni Malinen
0e1aa64dba wlantest: Extend BIP validation to support GMAC-128 and GMAC-256
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-24 19:37:42 +02:00
Jouni Malinen
cb80fadaa7 wlantest: Extend BIP support to cover BIP-CMAC-256
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-24 19:37:42 +02:00
Ashok Kumar Ponnaiah
3a3cb8ee81 wlantest: Indicate if a TKIP/CCMP replay has Retry=1
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-03 15:41:35 +03:00
Jouni Malinen
ae98e1f5b2 wlantest: Add a BSS probe_response counter
This can be used to verify whether an AP replies to a Probe Request
frame.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 13:37:06 +02:00
Jouni Malinen
e4d99217f7 wlantest: Use add_note() to annotate frames
This adds debug information from wlantest into pcapng frame comments to
make the information more convenient to use, e.g., in Wireshark.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-05-26 22:14:00 +03:00
Jouni Malinen
0f3d578efc Remove the GPL notification from files contributed by Jouni Malinen
Remove the GPL notification text from the files that were
initially contributed by myself.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-11 19:39:36 +02:00
Jouni Malinen
62f05ce9c5 wlantest: Add STA counters for disconnect reason 6/7 RX
These can be useful in tests involving association state mismatch
between the AP and the STA (i.e., STA assumes it is still associated
but the AP does not have association state). In such a case, the AP
would be sending out unprotected Deauthentication or Disassociation
frames with reason code 6 or 7 depending on what frame is triggering
this.
2011-10-26 00:06:06 +03:00
Jouni Malinen
6908d459e2 wlantest: Verify that comeback assoc resp includes correct type
The Timeout Interval element needs to use Association Comeback time
for the case when (Re)Association Response frame uses Status Code 30.
Verify this before incrementing the (re)assocresp_comeback counters.
2011-09-20 20:13:18 +03:00
Jouni Malinen
719e7eb28d wlantest: Set direct links down on deauth/disassoc 2011-01-24 14:34:54 +02:00
Jouni Malinen
e7ba4e2c74 wlantest: Add counters for AP deauth/disassoc while asleep/awake
These can be used to check whether the STA is in power save mode
and because of that, is not seeing disconnection notifications.
2011-01-07 16:52:56 +02:00
Jouni Malinen
01b397dd94 wlantest: Add more details for replay debug messages
These make it easier to find the frame in question when looking at
the capture in Wireshark.
2011-01-07 14:17:08 +02:00
Jouni Malinen
fb8f5fc6fd wlantest: Count number of STA ACK'ed Deauth/Disassoc frames 2011-01-03 19:28:40 +02:00
Jouni Malinen
38484f69f9 wlantest: Update STA State based on broadcast Deauth/Disassoc 2010-11-23 14:37:21 +02:00
Jouni Malinen
107ad4e323 wlantest: Show broadcast Deauth/Disassoc info in debug 2010-11-23 13:16:23 +02:00
Jouni Malinen
f665867bd1 wlantest: Check STA State when validating need for CCMP for mgmt
If the STA is in State 1 or 2, Deauth/Disassoc frames are not
protected, so no need to complain about them being sent without CCMP.
2010-11-23 13:15:25 +02:00
Jouni Malinen
783a082ccc wlantest: Add per-BSS counters for BIP deauth/disassoc 2010-11-21 21:50:28 +02:00