3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-22 04:32:37 +01:00

eapol: Extract & keep track of desired ciphers

When our own WPA IE or RSN IE are set, extract group and pairwise
ciphers.  These ciphers are the ones we desire to use for the secure
connection.
This commit is contained in:
Denis Kenzior 2015-05-19 00:05:53 -05:00
parent 12551b52ff
commit 9992d3aeda
2 changed files with 35 additions and 4 deletions

View File

@ -590,6 +590,8 @@ struct eapol_sm {
uint8_t aa[6]; uint8_t aa[6];
uint8_t *ap_ie; uint8_t *ap_ie;
uint8_t *own_ie; uint8_t *own_ie;
enum ie_rsn_cipher_suite pairwise_cipher;
enum ie_rsn_cipher_suite group_cipher;
uint8_t pmk[32]; uint8_t pmk[32];
uint64_t replay_counter; uint64_t replay_counter;
uint8_t snonce[32]; uint8_t snonce[32];
@ -671,10 +673,32 @@ void eapol_sm_set_ap_rsn(struct eapol_sm *sm, const uint8_t *rsn_ie, size_t len)
eapol_sm_set_ap_ie(sm, rsn_ie, len, false); eapol_sm_set_ap_ie(sm, rsn_ie, len, false);
} }
void eapol_sm_set_own_rsn(struct eapol_sm *sm, const uint8_t *rsn_ie, static bool eapol_sm_setup_own_ciphers(struct eapol_sm *sm,
const struct ie_rsn_info *info)
{
if (__builtin_popcount(info->pairwise_ciphers) != 1)
return false;
if (__builtin_popcount(info->akm_suites) != 1)
return false;
sm->pairwise_cipher = info->pairwise_ciphers;
sm->group_cipher = info->group_cipher;
return true;
}
bool eapol_sm_set_own_rsn(struct eapol_sm *sm, const uint8_t *rsn_ie,
size_t len) size_t len)
{ {
struct ie_rsn_info info;
eapol_sm_set_own_ie(sm, rsn_ie, len, false); eapol_sm_set_own_ie(sm, rsn_ie, len, false);
if (ie_parse_rsne_from_data(rsn_ie, rsn_ie[1] + 2, &info) < 0)
return false;
return eapol_sm_setup_own_ciphers(sm, &info);
} }
void eapol_sm_set_ap_wpa(struct eapol_sm *sm, const uint8_t *wpa_ie, size_t len) void eapol_sm_set_ap_wpa(struct eapol_sm *sm, const uint8_t *wpa_ie, size_t len)
@ -682,10 +706,17 @@ void eapol_sm_set_ap_wpa(struct eapol_sm *sm, const uint8_t *wpa_ie, size_t len)
eapol_sm_set_ap_ie(sm, wpa_ie, len, true); eapol_sm_set_ap_ie(sm, wpa_ie, len, true);
} }
void eapol_sm_set_own_wpa(struct eapol_sm *sm, const uint8_t *wpa_ie, bool eapol_sm_set_own_wpa(struct eapol_sm *sm, const uint8_t *wpa_ie,
size_t len) size_t len)
{ {
struct ie_rsn_info info;
eapol_sm_set_own_ie(sm, wpa_ie, len, true); eapol_sm_set_own_ie(sm, wpa_ie, len, true);
if (ie_parse_wpa_from_data(wpa_ie, wpa_ie[1] + 2, &info) < 0)
return false;
return eapol_sm_setup_own_ciphers(sm, &info);
} }
void eapol_sm_set_user_data(struct eapol_sm *sm, void *user_data) void eapol_sm_set_user_data(struct eapol_sm *sm, void *user_data)

View File

@ -168,11 +168,11 @@ void eapol_sm_set_authenticator_address(struct eapol_sm *sm, const uint8_t *aa);
void eapol_sm_set_pmk(struct eapol_sm *sm, const uint8_t *pmk); void eapol_sm_set_pmk(struct eapol_sm *sm, const uint8_t *pmk);
void eapol_sm_set_ap_rsn(struct eapol_sm *sm, const uint8_t *rsn_ie, void eapol_sm_set_ap_rsn(struct eapol_sm *sm, const uint8_t *rsn_ie,
size_t len); size_t len);
void eapol_sm_set_own_rsn(struct eapol_sm *sm, const uint8_t *rsn_ie, bool eapol_sm_set_own_rsn(struct eapol_sm *sm, const uint8_t *rsn_ie,
size_t len); size_t len);
void eapol_sm_set_ap_wpa(struct eapol_sm *sm, const uint8_t *wpa_ie, void eapol_sm_set_ap_wpa(struct eapol_sm *sm, const uint8_t *wpa_ie,
size_t len); size_t len);
void eapol_sm_set_own_wpa(struct eapol_sm *sm, const uint8_t *wpa_ie, bool eapol_sm_set_own_wpa(struct eapol_sm *sm, const uint8_t *wpa_ie,
size_t len); size_t len);
void eapol_sm_set_user_data(struct eapol_sm *sm, void *user_data); void eapol_sm_set_user_data(struct eapol_sm *sm, void *user_data);
struct l_io *eapol_open_pae(uint32_t index); struct l_io *eapol_open_pae(uint32_t index);