diff --git a/src/eapol.c b/src/eapol.c index b6e281d2..b3b92e61 100644 --- a/src/eapol.c +++ b/src/eapol.c @@ -231,7 +231,7 @@ error: * Note that for efficiency @key_data is being modified, including in * case of failure, so it must be sufficiently larger than @key_data_len. */ -bool eapol_encrypt_key_data(const uint8_t *kek, uint8_t *key_data, +static bool eapol_encrypt_key_data(const uint8_t *kek, uint8_t *key_data, size_t key_data_len, struct eapol_key *out_frame) { @@ -260,7 +260,8 @@ bool eapol_encrypt_key_data(const uint8_t *kek, uint8_t *key_data, return true; } -void eapol_key_data_append(struct eapol_key *ek, enum handshake_kde selector, +static void eapol_key_data_append(struct eapol_key *ek, + enum handshake_kde selector, const uint8_t *data, size_t data_len) { uint16_t key_data_len = L_BE16_TO_CPU(ek->key_data_len); @@ -1178,6 +1179,32 @@ static void eapol_ptk_3_of_4_retry(struct l_timeout *timeout, l_debug("attempt %i", sm->frame_retry); } +static const uint8_t *eapol_find_rsne(const uint8_t *data, size_t data_len, + const uint8_t **optional) +{ + struct ie_tlv_iter iter; + const uint8_t *first = NULL; + + ie_tlv_iter_init(&iter, data, data_len); + + while (ie_tlv_iter_next(&iter)) { + if (ie_tlv_iter_get_tag(&iter) != IE_TYPE_RSN) + continue; + + if (!first) { + first = ie_tlv_iter_get_data(&iter) - 2; + continue; + } + + if (optional) + *optional = ie_tlv_iter_get_data(&iter) - 2; + + return first; + } + + return first; +} + /* 802.11-2016 Section 12.7.6.3 */ static void eapol_handle_ptk_2_of_4(struct eapol_sm *sm, const struct eapol_key *ek) @@ -1233,32 +1260,6 @@ static void eapol_handle_ptk_2_of_4(struct eapol_sm *sm, eapol_ptk_3_of_4_retry(NULL, sm); } -const uint8_t *eapol_find_rsne(const uint8_t *data, size_t data_len, - const uint8_t **optional) -{ - struct ie_tlv_iter iter; - const uint8_t *first = NULL; - - ie_tlv_iter_init(&iter, data, data_len); - - while (ie_tlv_iter_next(&iter)) { - if (ie_tlv_iter_get_tag(&iter) != IE_TYPE_RSN) - continue; - - if (!first) { - first = ie_tlv_iter_get_data(&iter) - 2; - continue; - } - - if (optional) - *optional = ie_tlv_iter_get_data(&iter) - 2; - - return first; - } - - return first; -} - static const uint8_t *eapol_find_wpa_ie(const uint8_t *data, size_t data_len) { struct ie_tlv_iter iter; diff --git a/src/eapol.h b/src/eapol.h index c5bd10b7..dd0e9b0d 100644 --- a/src/eapol.h +++ b/src/eapol.h @@ -59,11 +59,6 @@ bool eapol_verify_mic(enum ie_rsn_akm_suite akm, const uint8_t *kck, uint8_t *eapol_decrypt_key_data(enum ie_rsn_akm_suite akm, const uint8_t *kek, const struct eapol_key *frame, size_t *decrypted_size); -bool eapol_encrypt_key_data(const uint8_t *kek, uint8_t *key_data, - size_t key_data_len, - struct eapol_key *out_frame); -void eapol_key_data_append(struct eapol_key *ek, enum handshake_kde selector, - const uint8_t *data, size_t data_len); bool eapol_verify_ptk_1_of_4(const struct eapol_key *ek); bool eapol_verify_ptk_2_of_4(const struct eapol_key *ek); @@ -93,9 +88,6 @@ struct eapol_key *eapol_create_gtk_2_of_2( uint64_t key_replay_counter, bool is_wpa, uint8_t wpa_key_id); -const uint8_t *eapol_find_rsne(const uint8_t *data, size_t data_len, - const uint8_t **optional); - void __eapol_rx_packet(uint32_t ifindex, const uint8_t *src, uint16_t proto, const uint8_t *frame, size_t len, bool noencrypt); void __eapol_tx_packet(uint32_t ifindex, const uint8_t *dst, uint16_t proto,