eapol: Add eapol_append_key_data utility

Add a utility to append a KDE to the key_data field in an EAPoL frame. The KDE types enum is actually added to handshake.h because we've got the utilities for finding those KDEs in a buffer there. The new function is specific to EAPoL-Key frames though and perhaps to simple to be split across handshake.c and eapol.c. Also it didn't seem useful to use the ie_tlv_builder here.
2017-09-22 05:06:40 +02:00 · 2017-09-22 05:06:40 +02:00 · 89c2f14683
parent 29ee350ec3
commit 89c2f14683
3 changed files with 34 additions and 0 deletions
--- a/src/eapol.c
+++ b/src/eapol.c
@ -352,6 +352,22 @@ bool eapol_encrypt_key_data(const uint8_t *kek, uint8_t *key_data,
 	return true;
 }

+void eapol_key_data_append(struct eapol_key *ek, enum handshake_kde selector,
+				const uint8_t *data, size_t data_len)
+{
+	uint16_t key_data_len = L_BE16_TO_CPU(ek->key_data_len);
+
+	ek->key_data[key_data_len++] = IE_TYPE_VENDOR_SPECIFIC;
+	ek->key_data[key_data_len++] = 4 + data_len; /* OUI + Data type + len */
+	l_put_be32(selector, ek->key_data + key_data_len);
+	key_data_len += 4;
+
+	memcpy(ek->key_data + key_data_len, data, data_len);
+	key_data_len += data_len;
+
+	ek->key_data_len = L_CPU_TO_BE16(key_data_len);
+}
+
 const struct eapol_key *eapol_key_validate(const uint8_t *frame, size_t len)
 {
 	const struct eapol_key *ek;
--- a/src/eapol.h
+++ b/src/eapol.h
@ -50,6 +50,7 @@ enum eapol_key_descriptor_version {
 struct eapol_sm;
 struct handshake_state;
 struct preauth_sm;
+enum handshake_kde;

 struct eapol_header {
 	uint8_t protocol_version;
@ -138,6 +139,8 @@ uint8_t *eapol_decrypt_key_data(const uint8_t *kek,
 bool eapol_encrypt_key_data(const uint8_t *kek, uint8_t *key_data,
 				size_t key_data_len,
 				struct eapol_key *out_frame);
+void eapol_key_data_append(struct eapol_key *ek, enum handshake_kde selector,
+				const uint8_t *data, size_t data_len);

 const struct eapol_key *eapol_key_validate(const uint8_t *frame, size_t len);

--- a/src/handshake.h
+++ b/src/handshake.h
@ -25,6 +25,21 @@
 #include <asm/byteorder.h>
 #include <linux/types.h>

+/* 802.11-2016 Table 12-6 in section 12.7.2 */
+enum handshake_kde {
+	HANDSHAKE_KDE_GTK		= 0x000fac01,
+	HANDSHAKE_KDE_MAC_ADDRESS	= 0x000fac03,
+	HANDSHAKE_KDE_PMKID		= 0x000fac04,
+	HANDSHAKE_KDE_SMK		= 0x000fac05,
+	HANDSHAKE_KDE_NONCE		= 0x000fac06,
+	HANDSHAKE_KDE_LIFETIME		= 0x000fac07,
+	HANDSHAKE_KDE_ERROR		= 0x000fac08,
+	HANDSHAKE_KDE_IGTK		= 0x000fac09,
+	HANDSHAKE_KDE_KEY_ID		= 0x000fac0a,
+	HANDSHAKE_KDE_MULTIBAND_GTK	= 0x000fac0b,
+	HANDSHAKE_KDE_MULTIBAND_KEY_ID	= 0x000fac0c,
+};
+
 typedef bool (*handshake_get_nonce_func_t)(uint8_t nonce[]);
 typedef void (*handshake_install_tk_func_t)(uint32_t ifindex, const uint8_t *aa,
 					const uint8_t *tk, uint32_t cipher,