Commit graph

149 commits

Author SHA1 Message Date
Jouni Malinen
f2f66ad7e8 wlantest: Fix CCMP-256 cipher
TK was incorrectly truncated in a way that resulted in CCMP (128-bit
key) encryption being used in practice.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-05 22:18:25 +03:00
Jouni Malinen
ce26864e79 wlantest: Get rid of compiler warning
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-29 21:24:10 +02:00
Jouni Malinen
8cb9bc19fb wlantest: Add wlantest_cli command add_wep
This can be used to configure a known WEP key for decrypting WEP frames.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-29 19:12:35 +02:00
Jouni Malinen
0321bcdfa8 wlantest: Add radiotap header when re-writing DLT_IEEE802_11 file
When using DLT_IEEE802_11 datalink type in a pcap file, wlantest will now
add a radiotap header to the re-written pcap file to make sure all frames
in the output file will include the radiotap header.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-01-17 16:31:19 +02:00
Jouni Malinen
2531517600 wlantest: Add -F option for assuming FCS is included
When using DLT_IEEE802_11 datalink type in a pcap file, wlantest can now
be instructed to assume there is an FCS included in the frame by adding
the new -F command line argument. This will make wlantest validate the
FCS and strip it from the frame before processing.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-01-17 12:55:30 +02:00
Jouni Malinen
44f6d554ee wlantest: Process TX status frames as RX frames too
This is needed to allow capture files from the mac80211 cooked monitor
mode interface to be processed properly. Without this, the locally
generated frames may not get processed.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 12:35:07 +02:00
Jouni Malinen
e88f0901eb wlantest: Add BIP-GMAC-128/256 test vectors
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-09 19:04:53 +03:00
Jouni Malinen
7d19d3e9db wlantest: Add CCMP-256 test vector
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-09 18:38:18 +03:00
Jouni Malinen
4bf3910574 Move AES-CCM implementation into src/crypto
This is a generic AES CCM implementation that can be used for other
purposes than just implementing CCMP, so it fits better in a separate
file in src/crypto.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-09 18:07:19 +03:00
Jouni Malinen
05d6054cec wlantest: Move generic AES-CCM into separate functions
This part of the implementation is not specific to CCMP and could be
used for other purposes, too.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-09 18:03:31 +03:00
Jouni Malinen
f173295600 wlantest: Add GCMP-256 test vector
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-09 14:01:22 +03:00
Jouni Malinen
d140db6adf Add support for using 192-bit and 256-bit keys with AES-GCM
This adds 192-bit and 256-bit key support to the internal AES
implementation and extends the AES-GCM functions to accept key length to
enable longer AES key use.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-09 13:30:51 +03:00
Jouni Malinen
af0963fab4 Support arbitrary IV length with AES-GCM
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-09 00:49:54 +03:00
Jouni Malinen
1cd7a5032a Move AES-GCM implementation into src/crypto
This is a generic AES GCM and GMAC implementation that can be used for
other purposes than just implementing GCMP, so it fits better in a
separate file in src/crypto.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-08 23:48:08 +03:00
Jouni Malinen
be87d3c345 wlantest: Allow GHASH update calls to avoid extra allocation
There is no need to allocate a temporary buffer and build GHASH input
data into it. Instead, ghash() is trivial to split into update part that
can be called separately for each segment.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-08 23:40:06 +03:00
Jouni Malinen
b4a5fcb286 wlantest: Remove CCMP specific AAD handling from GCMP
GCMP encodes length of AAD differently, so remove the unnecessary
code that got copied from the CCMP implementation.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-08 22:10:05 +03:00
Jouni Malinen
37c8fe2e3b wlantest: Move GCM-AE and GCM-AD into separate functions
This splits the more generic GCM operations from GCMP specific
implementation.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-08 22:08:00 +03:00
Jouni Malinen
455bcc0f5c wlantest: Add GCMP implementation and test vectors from P802.11ad/D9.0
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-08 20:00:54 +03:00
Jouni Malinen
5a652e71b0 wlantest: Check TKIP/CCMP decryption routines for test vectors
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-08 17:08:53 +03:00
Jouni Malinen
7d68241d3e wlantest: Add IEEE Std 802.11-2012, M.9.1 BIP test vector
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-08 17:08:53 +03:00
Jouni Malinen
a9eae7efe3 wlantest: Move BIP function into a separate function and file
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-08 17:08:53 +03:00
Jouni Malinen
6522984086 wlantest: Add IEEE Std 802.11-2012, M.9.2 CCMP (mgmt) test vector
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-08 16:44:37 +03:00
Jouni Malinen
3ae8968679 wlantest: Add program for generating IEEE 802.11 test vectors
This version can generate CCMP and TKIP test vectors that match with
the IEEE Std 802.11-2012, Annex M.6.3 and M.6.4.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-08 16:44:37 +03:00
Jouni Malinen
729f02e149 wlantest: Implement tkip_encrypt()
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-08 14:03:10 +03:00
Jouni Malinen
add11058e2 wlantest: Fix couple of compiler warnings
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-22 11:16:48 +03:00
Jouni Malinen
f9884c096a Convert os_zalloc() for an array to use os_calloc()
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-13 20:44:21 +03:00
Janusz Dziedzic
2d2398a11f edit: Add support for setting prompt string
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2012-08-05 20:46:34 +03:00
Jouni Malinen
c81defea87 wlantest: Update STA info based on WPA/RSN IE in EAPOL-Key 2/4
The WPA/RSN IE in EAPOL-Key 2/4 is more reliable than the one in
(Re)Association Request frame. Update the STA info base don the
EAPOL-Key frame so that the correct cipher information is used
even if the (Re)Association Request frame is missing or corrupted
in the capture.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-03-21 16:19:00 -07:00
Jouni Malinen
0f3d578efc Remove the GPL notification from files contributed by Jouni Malinen
Remove the GPL notification text from the files that were
initially contributed by myself.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-11 19:39:36 +02:00
Jouni Malinen
fd848ab9e3 wlantest: Store last received GTK for each STA
This allows info_sta command to be used to fetch the last received GTK
separately for each STA.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-22 16:59:25 +02:00
Jouni Malinen
3c56f0e275 wlantest: Fix EAPOL-Key Key Data decryption for rekey case
KEK from TPTK needs to be used instead of from PTK when processing
rekeying case similarly to what was already done with KCK.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-22 16:39:17 +02:00
Jouni Malinen
219fd441fd wlantest: Allow MSK/PMK list to be read from a text file
A text file with MSK/PMK entries (one key per line in hexdump format)
can be read into wlantest (-f<path to file>) to initialize list of
known PMKs.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-09 00:12:27 +02:00
Jouni Malinen
d0b251d2e8 wlantest: Fix handling of PTK rekeying
Use a temporary PTK buffer during 4-way handshake when rekeying PTK
so that the new EAPOL-Key frame MIC values are checked against the
new PTK and frames are decrypted using the old PTK. Take the new
PTK into use once msg 4/4 is processed and clear RSC counters at
that point (including moving of RSC update to avoid setting RSC
based on the msg 4/4).

In addition, add a workaround to handle supplicant implementations that
set Secure bit to one during PTK rekeying 4-way handshake in msg 2/4.
This was previously assumed to be msg 4/4, but the key data contents
can be used to figure out whether this is msg 2/4 even if the Secure
bit is set to one.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-14 22:36:02 +02:00
Jouni Malinen
62f05ce9c5 wlantest: Add STA counters for disconnect reason 6/7 RX
These can be useful in tests involving association state mismatch
between the AP and the STA (i.e., STA assumes it is still associated
but the AP does not have association state). In such a case, the AP
would be sending out unprotected Deauthentication or Disassociation
frames with reason code 6 or 7 depending on what frame is triggering
this.
2011-10-26 00:06:06 +03:00
Jouni Malinen
6908d459e2 wlantest: Verify that comeback assoc resp includes correct type
The Timeout Interval element needs to use Association Comeback time
for the case when (Re)Association Response frame uses Status Code 30.
Verify this before incrementing the (re)assocresp_comeback counters.
2011-09-20 20:13:18 +03:00
Jouni Malinen
02b915f689 wlantest: Allow injection of unprotected frames to unknown BSS 2011-08-28 19:19:38 +03:00
Jouni Malinen
6ca4da6518 wlantest: Use source address of TDLS Setup Confirm failure for matching
This is needed to be able to find the correct TDLS entry for the
frame regardless of whether a FromDS or ToDS frame is being processed.
2011-03-14 21:35:40 +02:00
Jouni Malinen
39c147261e wlantest: Fix source address for FromDS frames 2011-03-14 21:35:14 +02:00
Jouni Malinen
9a994178f1 wlantest: Add command for adding WEP keys during run time 2011-01-28 13:33:21 +02:00
Jouni Malinen
dfaeda0492 Fix couple of compiler warnings about uninitialized variables 2011-01-26 21:29:28 +02:00
Jouni Malinen
4e062e35de wlantest: Handle missing fields in TDLS Setup Confirm error case 2011-01-24 20:51:28 +02:00
Jouni Malinen
2878cae7a7 wlantest: Handle missing fields in TDLS Setup Response error case 2011-01-24 18:16:26 +02:00
Jouni Malinen
5acf56f6a2 wlantest: Count TDLS Teardown messages 2011-01-24 17:00:28 +02:00
Jouni Malinen
9559a7f882 wlantest: Fix compiler warnings 2011-01-24 16:57:36 +02:00
Jouni Malinen
44a0486607 wlantest: Fix TDLS setup failure counting
Need to be able to handle TDLS Setup Response frame with LinkId IE
when non-zero status code is used. In addition, allow finding of a
TDLS entry based on real BSSID instead of the one used in the LinkId
to allow negative testing of different BSS.
2011-01-24 15:25:59 +02:00
Jouni Malinen
244c9303cb wlantest: Determine ping matches properly for direct link
Check ICMP echo request/response matches for both STAs to get proper
counter values for a ping from a one STA to another one using TDLS.
2011-01-24 14:50:51 +02:00
Jouni Malinen
719e7eb28d wlantest: Set direct links down on deauth/disassoc 2011-01-24 14:34:54 +02:00
Jouni Malinen
0d2e395d74 wlantest: Maintain only a single entry for an active direct link
The TDLS link itself is bidirectional, but there is explicit
initiator/responder roles. Remove the other direction of the link if it
exists when processing TDLS Setup Confirm to make sure that the link
counters are stored for the current TDLS entery.

This is also changing the control interface search for TDLS counters
to require initiator/responder addresses in the correct order instead
of matching entries regardless of the role.
2011-01-24 14:34:45 +02:00
Jouni Malinen
eb4923fdae wlantest: Add counters for TDLS setup frames 2011-01-24 14:03:03 +02:00
Jouni Malinen
8a1cf4be21 wlantest: Add TDLS entry on TDLS Setup Request
This will make the TDLS counters available even if setup fails.
2011-01-19 14:00:14 +02:00