3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-30 06:02:39 +01:00

handshake: Add utility for decoding GTK & IGTK from FTE

handshake_decode_fte_key unwraps and validates the padding in the FTE
GTK and IGTK subelements.
This commit is contained in:
Andrew Zaborowski 2017-01-31 03:42:52 +01:00 committed by Denis Kenzior
parent 8d8b1c1baf
commit 1f52bfb047
2 changed files with 23 additions and 0 deletions

View File

@ -499,3 +499,23 @@ const uint8_t *handshake_util_find_igtk_kde(const uint8_t *data,
return find_kde(data, data_len, out_igtk_len, igtk_oui); return find_kde(data, data_len, out_igtk_len, igtk_oui);
} }
/* Unwrap a GTK / IGTK included in an FTE following 12.8.5 text */
bool handshake_decode_fte_key(struct handshake_state *s, const uint8_t *wrapped,
size_t key_len, uint8_t *key_out)
{
const struct crypto_ptk *ptk = handshake_state_get_ptk(s);
size_t padded_len = key_len < 16 ? 16 : ((key_len + 7) & ~7);
if (!aes_unwrap(ptk->kek, wrapped, padded_len + 8, key_out))
return false;
if (key_len < padded_len && key_out[key_len++] != 0xdd)
return false;
while (key_len < padded_len)
if (key_out[key_len++] != 0x00)
return false;
return true;
}

View File

@ -130,6 +130,9 @@ void handshake_state_install_igtk(struct handshake_state *s,
void handshake_state_override_pairwise_cipher(struct handshake_state *s, void handshake_state_override_pairwise_cipher(struct handshake_state *s,
enum ie_rsn_cipher_suite pairwise); enum ie_rsn_cipher_suite pairwise);
bool handshake_decode_fte_key(struct handshake_state *s, const uint8_t *wrapped,
size_t key_len, uint8_t *key_out);
bool handshake_util_ap_ie_matches(const uint8_t *msg_ie, bool handshake_util_ap_ie_matches(const uint8_t *msg_ie,
const uint8_t *scan_ie, bool is_wpa); const uint8_t *scan_ie, bool is_wpa);