mirror of
https://git.kernel.org/pub/scm/network/wireless/iwd.git
synced 2025-03-31 06:56:52 +02:00
eap-wsc: Handle M8 messages
This commit is contained in:
Denis Kenzior
parent
1dc197d176
commit
b93a992ed1
@ -58,6 +58,7 @@ enum state {
|
|||||||
STATE_EXPECT_M4,
|
STATE_EXPECT_M4,
|
||||||
STATE_EXPECT_M6,
|
STATE_EXPECT_M6,
|
||||||
STATE_EXPECT_M8,
|
STATE_EXPECT_M8,
|
||||||
|
STATE_FINISHED,
|
||||||
};
|
};
|
||||||
|
|
||||||
static struct l_key *dh5_generator;
|
static struct l_key *dh5_generator;
|
||||||
@ -338,6 +339,80 @@ static void eap_wsc_send_nack(struct eap_state *eap,
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void eap_wsc_send_done(struct eap_state *eap)
|
||||||
|
{
|
||||||
|
struct eap_wsc_state *wsc = eap_get_data(eap);
|
||||||
|
struct wsc_done done;
|
||||||
|
uint8_t *pdu;
|
||||||
|
size_t pdu_len;
|
||||||
|
uint8_t buf[256];
|
||||||
|
|
||||||
|
done.version2 = true;
|
||||||
|
memcpy(done.enrollee_nonce, wsc->m1->enrollee_nonce,
|
||||||
|
sizeof(done.enrollee_nonce));
|
||||||
|
memcpy(done.registrar_nonce, wsc->m2->registrar_nonce,
|
||||||
|
sizeof(done.registrar_nonce));
|
||||||
|
|
||||||
|
pdu = wsc_build_wsc_done(&done, &pdu_len);
|
||||||
|
if (!pdu)
|
||||||
|
return;
|
||||||
|
|
||||||
|
buf[12] = WSC_OP_DONE;
|
||||||
|
buf[13] = 0;
|
||||||
|
memcpy(buf + 14, pdu, pdu_len);
|
||||||
|
|
||||||
|
eap_send_response(eap, EAP_TYPE_EXPANDED, buf, pdu_len + 14);
|
||||||
|
l_free(pdu);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void eap_wsc_handle_m8(struct eap_state *eap,
|
||||||
|
const uint8_t *pdu, size_t len)
|
||||||
|
{
|
||||||
|
struct eap_wsc_state *wsc = eap_get_data(eap);
|
||||||
|
struct wsc_m8 m8;
|
||||||
|
struct iovec encrypted;
|
||||||
|
uint8_t *decrypted;
|
||||||
|
size_t decrypted_len;
|
||||||
|
struct wsc_m8_encrypted_settings m8es;
|
||||||
|
struct iovec creds[3];
|
||||||
|
size_t n_creds;
|
||||||
|
|
||||||
|
/* Spec unclear what to do here, see comments in eap_wsc_send_nack */
|
||||||
|
if (wsc_parse_m8(pdu, len, &m8, &encrypted) != 0) {
|
||||||
|
eap_wsc_send_nack(eap, WSC_CONFIGURATION_ERROR_NO_ERROR);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!authenticator_check(wsc, pdu, len))
|
||||||
|
return;
|
||||||
|
|
||||||
|
decrypted = encrypted_settings_decrypt(wsc, encrypted.iov_base,
|
||||||
|
encrypted.iov_len,
|
||||||
|
&decrypted_len);
|
||||||
|
if (!decrypted)
|
||||||
|
goto send_nack;
|
||||||
|
|
||||||
|
n_creds = L_ARRAY_SIZE(creds);
|
||||||
|
|
||||||
|
if (wsc_parse_m8_encrypted_settings(decrypted, decrypted_len,
|
||||||
|
&m8es, creds, &n_creds))
|
||||||
|
goto invalid_settings;
|
||||||
|
|
||||||
|
if (!keywrap_authenticator_check(wsc, decrypted, decrypted_len))
|
||||||
|
goto invalid_settings;
|
||||||
|
|
||||||
|
l_free(decrypted);
|
||||||
|
|
||||||
|
eap_wsc_send_done(eap);
|
||||||
|
wsc->state = STATE_FINISHED;
|
||||||
|
return;
|
||||||
|
|
||||||
|
invalid_settings:
|
||||||
|
l_free(decrypted);
|
||||||
|
send_nack:
|
||||||
|
eap_wsc_send_nack(eap, WSC_CONFIGURATION_ERROR_DECRYPTION_CRC_FAILURE);
|
||||||
|
}
|
||||||
|
|
||||||
static void eap_wsc_send_m7(struct eap_state *eap,
|
static void eap_wsc_send_m7(struct eap_state *eap,
|
||||||
const uint8_t *m6_pdu, size_t m6_len)
|
const uint8_t *m6_pdu, size_t m6_len)
|
||||||
{
|
{
|
||||||
@ -743,7 +818,11 @@ static void eap_wsc_handle_request(struct eap_state *eap,
|
|||||||
eap_wsc_handle_m6(eap, pkt + 2, len - 2);
|
eap_wsc_handle_m6(eap, pkt + 2, len - 2);
|
||||||
break;
|
break;
|
||||||
case STATE_EXPECT_M8:
|
case STATE_EXPECT_M8:
|
||||||
|
eap_wsc_handle_m8(eap, pkt + 2, len - 2);
|
||||||
break;
|
break;
|
||||||
|
case STATE_FINISHED:
|
||||||
|
eap_wsc_send_nack(eap, WSC_CONFIGURATION_ERROR_NO_ERROR);
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user