handshake: add functions to save and set IGTK
To add MFP support in the AP mode, add utility functions to save the IGTK and to add the IGTK to handshake messages.
This commit is contained in:
John Brandt
Denis Kenzior
parent
78bdb26296
commit
9274f70fec
|
|
@ -838,6 +838,21 @@ void handshake_state_set_gtk(struct handshake_state *s, const uint8_t *key,
|
|||
memcpy(s->gtk_rsc, rsc, 6);
|
||||
}
|
||||
|
||||
void handshake_state_set_igtk(struct handshake_state *s, const uint8_t *key,
|
||||
unsigned int key_index, const uint8_t *rsc)
|
||||
{
|
||||
enum crypto_cipher cipher =
|
||||
ie_rsn_cipher_suite_to_cipher(s->group_management_cipher);
|
||||
int key_len = crypto_cipher_key_len(cipher);
|
||||
|
||||
if (!key_len)
|
||||
return;
|
||||
|
||||
memcpy(s->igtk, key, key_len);
|
||||
s->igtk_index = key_index;
|
||||
memcpy(s->igtk_rsc, rsc, 6);
|
||||
}
|
||||
|
||||
/*
|
||||
* This function performs a match of the RSN/WPA IE obtained from the scan
|
||||
* results vs the RSN/WPA IE obtained as part of the 4-way handshake. If they
|
||||
|
|
@ -1027,6 +1042,25 @@ void handshake_util_build_gtk_kde(enum crypto_cipher cipher, const uint8_t *key,
|
|||
memcpy(to, key, key_len);
|
||||
}
|
||||
|
||||
void handshake_util_build_igtk_kde(enum crypto_cipher cipher, const uint8_t *key,
|
||||
unsigned int key_index, uint8_t *to)
|
||||
{
|
||||
size_t key_len = crypto_cipher_key_len(cipher);
|
||||
|
||||
*to++ = IE_TYPE_VENDOR_SPECIFIC;
|
||||
*to++ = 12 + key_len;
|
||||
l_put_be32(HANDSHAKE_KDE_IGTK, to);
|
||||
to += 4;
|
||||
*to++ = key_index;
|
||||
*to++ = 0;
|
||||
|
||||
/** Initialize PN to zero **/
|
||||
memset(to, 0, 6);
|
||||
to += 6;
|
||||
|
||||
memcpy(to, key, key_len);
|
||||
}
|
||||
|
||||
static const uint8_t *handshake_state_get_ft_fils_kek(struct handshake_state *s,
|
||||
size_t *len)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -150,8 +150,11 @@ struct handshake_state {
|
|||
uint8_t r1khid[6];
|
||||
uint8_t gtk[32];
|
||||
uint8_t gtk_rsc[6];
|
||||
uint8_t igtk[32];
|
||||
uint8_t igtk_rsc[6];
|
||||
uint8_t proto_version : 2;
|
||||
unsigned int gtk_index;
|
||||
unsigned int igtk_index;
|
||||
uint8_t active_tk_index;
|
||||
struct erp_cache_entry *erp_cache;
|
||||
bool support_ip_allocation : 1;
|
||||
|
|
@ -288,6 +291,9 @@ bool handshake_decode_fte_key(struct handshake_state *s, const uint8_t *wrapped,
|
|||
void handshake_state_set_gtk(struct handshake_state *s, const uint8_t *key,
|
||||
unsigned int key_index, const uint8_t *rsc);
|
||||
|
||||
void handshake_state_set_igtk(struct handshake_state *s, const uint8_t *key,
|
||||
unsigned int key_index, const uint8_t *rsc);
|
||||
|
||||
void handshake_state_set_chandef(struct handshake_state *s,
|
||||
struct band_chandef *chandef);
|
||||
int handshake_state_verify_oci(struct handshake_state *s, const uint8_t *oci,
|
||||
|
|
@ -307,5 +313,7 @@ const uint8_t *handshake_util_find_pmkid_kde(const uint8_t *data,
|
|||
size_t data_len);
|
||||
void handshake_util_build_gtk_kde(enum crypto_cipher cipher, const uint8_t *key,
|
||||
unsigned int key_index, uint8_t *to);
|
||||
void handshake_util_build_igtk_kde(enum crypto_cipher cipher, const uint8_t *key,
|
||||
unsigned int key_index, uint8_t *to);
|
||||
|
||||
DEFINE_CLEANUP_FUNC(handshake_state_free);
|
||||
|
|
|
|||
Loading…
Reference in New Issue