This makes the code more readable by getting rid of the multiple
instances of references to the specifiec fields within the FT Action
frame.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
The MIC length depends on the negotiated group when SAE-EXT-KEY or OWE
key_mgmt is used. wlantest can determine the group if the capture file
includes the group negotiation, i.e., the initial association when a PMK
was created. However, if the capture file includes only an association
using PMKSA caching, the group information is not available. This can
result in inability to be able to process the EAPOL-Key frames (e.g.,
with the "Truncated EAPOL-Key from" message).
If the negotiated group is not known and an EAPOL-Key frame length does
not seem to match the default expectations for group 19, check whether
the alternative lengths for group 20 or 21 would result in a frame that
seems to have valid length. If so, update the STA entry with the guessed
group and continue processing the EAPOL-Key frames based on this.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Commit b20991da69 introduced errors in
the order of arguments to the calls of ccmp_decrypt() and
ccmp_256_decrypt(). Correct the order of arguments.
Fixes: b20991da69 ("wlantest: MLD MAC Address in CCMP/GCMP AAD/nonce")
Signed-off-by: Henry Ptasinski <henry@e78com.com>
The new PTK migth need to be copied to another MLO STA entry, but that
operation should not modify the MLD MAC address of unrelated AP MLDs.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The "Updated AP MLD MAC Address from EAPOL-Key 1/4" can be confusing
when there is actually no change.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This makes the "Discovered new STA" entries in the debug log easier to
use when analyzing roaming cases with MLO.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
When FT over-the-DS is used with MLO, the Target AP Address field is
expected to identify the AP MLD using its MLD MAC address.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Allow either a link address or the MLD MAC address of a non-AP MLD to
match the MAC address that is being used to identify a source or
destination of a frame for the MLO cases.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
FT over-the-DS might have created the new STA entry on another
affiliated BSS during the FT Request/Response exchange, so use a wider
search to locate the correct STA entry when processing the Reassociation
Request/Response frames.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Use the Basic Multi-Link element in (Re)Association Request frames to
learn the non-AP MLD MAC address instead of having to wait until this
address is included in an EAPOL-Key frame. This is needed for FT
protocol (where 4-way handshake is not used) and it is also convenient
to have the MLD MAC address available as soon as possible to be able to
decrypt frames and even to recognize some special AP vs. STA cases when
either the BSSID or the AP MLD MAC address might be used.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Compare A1 against all the link addresses of a non-AP MLD when
determining whether a Data frame is from the non-AP MLD or the AP MLD
during a decryption attempt.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Make sta_find_mlo() more accurate by searching a non-AP MLD only from
the affialiated BSSs of the AP MLD instead of from any BSS. This might
help in some roaming cases where both the old and the new AP MLD have
their affiliated links in the BSS table.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Use the Basic Multi-Link element in Beacon frames (and Probe Response
frames for that matter) to learn the AP MLD MAC address instead of
having to wait until this address is included in an EAPOL-Key frame.
This is needed for FT protocol (where 4-way handshake is not used) and
it is also convenient to have the MLD MAC address available as soon as
possible to be able to decrypt frames and even to recognize some special
AP vs. STA cases when either the BSSID or the AP MLD MAC address might
be used.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The set of protected elements in the FTE in Reassociation Response frame
is different for MLO. Count RSNE and RSNXE separately for each link.
This implementation uses the number of links for which a GTK was
provided which does not fully match the standard ("requested link") and
a more accurate implementation is likely needed, but that will require
some more complexity and state information.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Allow the -r<file> command line argument to be used multiple times to
read more than a single capture file for processing. This reduces need
for external tools to be used first to merge capture files for wlantest.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The Key MIC field is of variable length when using OWE, so determine the
correct length based on which group was negotiated for OWE during
association.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Check the +HTC bit in FC to determine if the HT Control field is present
when decrypting Robust Management frames. This was already done for QoS
Data frames, but the Management frame case had not been extended to
cover this option.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Find a STA entry based on MLO affiliated link addresses for the case
where an unprotected Data frame is being processed. This extends the
changes in commit 228420e2d9 ("wlantest: Find a STA entry based on MLO
affiliated link addresses") to cover the unencrypted case. This is
needed in particular for the Null frames used for managing the power
save state to avoid generating duplicate STA entries that can mess up
key information for the following frames.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This is needed to derive the PTK correct when Secure LTF support is used
and the additional KDK component needs to be taken into account.
Signed-off-by: Adil Saeed Musthafa <quic_adilm@quicinc.com>
Commit b20991da69 ("wlantest: MLD MAC Address in CCMP/GCMP AAD/nonce")
updated AAD and nonce construction to use MLD addresses in AAD for A1
and A2. IEEE P802.11be has additional cases where A3 in AAD is set to
the AP MLD address, so cover those as well.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Prefer a BSS entry that has a matching STA entry when processing
EAPOL-Key frames. This avoids issues where some combination of MLD
and/or link addresses are used in a sequence that could end up
generating two separate STA entries for the same non-AP MLD.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The BSSID (RA/TA) might differ from SA/DA for the AP, so print it as
well in the debug entry for EAPOL-Key frames.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Commit 25b52e5f83 ("FT: Extend FTE parsing for FT-SAE-EXT-KEY") used
possible MIC length iteration to try to figure out the length of the MIC
field in FTE. That was the only option available at the time, but FTE is
now being extended in IEEE 802.11-REVme to explicitly indicate the
length of the MIC field for the new FT-SAE-EXT-KEY AKM to make this
easier.
Use the new design from the approved comment resolution (*) in
REVme/D2.0 ballot CID 3135 to simplify implementation. This gets rid of
the need to pass in key length and the somewhat strange need_{r0kh,r1kh}
parameters to wpa_ft_parse_ies().
(*)
https://mentor.ieee.org/802.11/dcn/22/11-22-1991-02-000m-proposed-resolutions-to-some-lb270-comments.docx
Signed-off-by: Jouni Malinen <j@w1.fi>
It is possible for there to be multiple STA entries (e.g., one for each
BSS) when a sniffer capture contains multiple associations using MLO.
For such cases, the new PTK information needs to be updated to all
existing STA entries to be able to find the latest TK when decrypting
following frames since the other STA entries might be located first when
trying to figure out how to decrypt a frame.
In addition to the PTK, copy the MLD MAC addresses to the other STA and
BSS entries to make sure the latest values are used when trying to
decrypt frames.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Provide AKM, key length, and information about needed subelements to the
parser function so that the variable length MIC field cases can be
recognized for FT-SAE-EXT-KEY. Knowledge about R0KH-ID/R1KH-ID being
needed is required to be able to iterate over possible MIC field lengths
for the case where the AP does not yet know the correct key length at
the beginning of FT protocol.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Provide AKM to the helper function so that the new SHA256 and SHA512
options can be covered for FT-SAE-EXT-KEY.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Extend wlantest capabilities to cover the new SAE-EXT-KEY AKM and
variable length MIC field and key lengths for it based on the used SAE
group.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Update bss entries for all affiliated links whenever learning
GTK/IGTK/BIGTK from EAPOL-Key msg 3/4 or group msg 1/2.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Allow a single STA entry to be found for a non-AP MLD regardless of
which link MAC address was used to transmit/receive it.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Update STA state tracking for SAE authentication as well as the previous
covered Open System algorithm.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Check the Beacon/Probe Response frame RSNE against the RSNE within the
MLO Link KDE for the current affiliated link instead of RSNE when
processing the EAPOL-Key msg 3/4 Key Data field.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This makes the debug message more useful for determining whether an
expected BIGTK has been derived.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Make this easier to understand by using the appropriately named function
to parse KDEs/IEs in the Key Data field of EAPOL-Key frames instead of
using the wrapper function that is there just to provide the old
function name for wpa_supplicant.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
rx_mgmt_beacon() was skipping all steps after a Probe Response frame
from the AP had been processed. This is expected for the parts that were
updating the bss entry information, but the checks for beacon protection
should not be skipped in this manner.
Skip onlu the updating parts while checking that beacon protection is
used correctly to make this more useful.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Use the MLD MAC Address instead of link address in CCMP/GCMP AAD/nonce
construction when processing an individually addressed Data frame with
FromDS=1 or ToDS=1 between an AP MLD and non-AP MLD.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Do not complain about unprotected Action frames for additional
categories that have been defined as not being Robust.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
SA/DA in EAPOL-Key frames might not be the BSSID when MLO is used. Check
for these cases to avoid adding unexpected BSS entries for AP MLD
instead of the per-link BSS entry. This is needed to be able to find the
derived keys when decrypting protected frames.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
IEEE P802.11be adds the MAC Address KDE into the EAPOL-Key msg 4/4 when
MLO is used and as such, the previously used check for Key Data Length
value 0 is not sufficient for recognizing the EAPOL-Key msg 4/4 anymore.
Also check for an all zero Key Nonce value since that field is supposed
to be zero in EAPOL-Key msg 4/4 and it has to be a random value in
EAPOL-Key msg 2/4.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
When MLO is used, the MLD MAC addresses of the AP MLD and non-AP MLD are
used as the Authenticator and Supplicant addresses. Update PTK
derivation to use this information to work with MLO.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
IEEE P802.11be indicates the MLD MAC addresses, i.e., the Authenticator
and Supplicant addresses, in the MAC Address KDE in EAPOL-Key msg 1/4
and 2/4. Learn those addresses so that wlantest can be extended to
support MLO.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Data frame processing had already been extended to support additional
cipher suites, but Robust Management frame processing was still using a
hardcoded cipher suite (CCMP-128). Extend it to support GCMP-128,
GCMP-256, and CCMP-256 as well.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
To be consistent with how all the other dl lists like passphrase, PMK,
and PTK lists are freed, delete each entry from the WEP list before
freeing the entry.
Signed-off-by: Gokul Sivakumar <gokulkumar792@gmail.com>