Denis Kenzior
34ed84dc41
eap-wsc: Send M7 messages
2016-08-31 12:50:44 -05:00
Denis Kenzior
f542a18f4f
unit: Simplify verification
2016-08-31 12:37:30 -05:00
Denis Kenzior
9bb4ba42dd
wscutil: Add wsc_build_m7_encrypted_settings
2016-08-31 11:39:06 -05:00
Denis Kenzior
8df0f9fa28
wscutil: Add wsc_parse_m7_encrypted_settings
2016-08-31 11:38:52 -05:00
Denis Kenzior
9353da8bf3
unit: Add test for wsc_build_m7
2016-08-31 11:38:35 -05:00
Denis Kenzior
82b007f7b5
unit: Add test fo wsc_parse_m7
2016-08-31 11:38:22 -05:00
Denis Kenzior
a113cba4f2
wscutil: Add wsc_build_m7
2016-08-31 11:32:51 -05:00
Denis Kenzior
b7d44d302a
wscutil: Add wsc_parse_m7
2016-08-31 11:32:21 -05:00
Denis Kenzior
6dae861ce2
eap-wsc: Handle M6 messages
2016-08-31 11:18:21 -05:00
Denis Kenzior
2ac78e1306
eap-wsc: split out R_Hash verification
...
So it can be used in M6 processing
2016-08-31 11:17:29 -05:00
Denis Kenzior
f8eb76a93a
unit: Add test for wsc_build_m6_encrypted_settings
2016-08-31 11:16:30 -05:00
Denis Kenzior
2f09fbc348
unit: Add test for wsc_parse_m6_encrypted_settings
2016-08-31 11:16:15 -05:00
Denis Kenzior
11550b2756
wscutil: Add wsc_m6_build_encrypted_settings
2016-08-31 11:15:35 -05:00
Denis Kenzior
3719e78094
wscutil: Add wsc_parse_m6_encrypted_settings
2016-08-31 11:15:12 -05:00
Denis Kenzior
11cb6e5d35
unit: Add test for wsc_build_m6
2016-08-31 11:14:48 -05:00
Denis Kenzior
6e9b5c912c
unit: Add test for wsc_parse_m6
2016-08-31 11:14:48 -05:00
Denis Kenzior
4e0c932dc9
wscutil: Add wsc_build_m6
2016-08-31 11:14:48 -05:00
Denis Kenzior
815f685c2d
wscutil: Add wsc_parse_m6
2016-08-31 11:14:48 -05:00
Denis Kenzior
97771f80f1
unit: Add M4/M5 pair to end-to-end wsc test
2016-08-30 23:20:43 -05:00
Denis Kenzior
ba55afa3f4
eap-wsc: Generate M5 messages
2016-08-30 23:20:24 -05:00
Denis Kenzior
c0de9d1790
eap-wsc: optionally load IV1 & IV2 for debugging
...
When we send M5 & M7, we need to generate a random IV. For testing
purposes, the IV can be provided in settings, otherwise it will be
generated randomly.
2016-08-30 23:18:53 -05:00
Denis Kenzior
1820d7c33e
merge: M5 parse test
2016-08-30 23:18:19 -05:00
Denis Kenzior
62623e0eb3
eap-wsc: Handle M4 messages
2016-08-30 21:52:24 -05:00
Denis Kenzior
48c3f4a55a
eap-wsc: Store PSK1 & PSK2
...
We will need to use PSK1 & PSK2 when computing R_Hash1 & R_Hash2 when
processing M4 & M6.
2016-08-30 21:51:14 -05:00
Denis Kenzior
9a47f98ccd
eap-wsc: Store M2 for future use
...
We need quite a bit of attributes of M2 for the duration of the WSC
handshake. Most importantly, we need to use the peer's public key when
processing M4 and M6. RegistrarNonce is also needed for generating any
ACK/NACK messages as needed.
Also, peer's device attributes such as Model, Manufacturer, etc might be
useful to report upon successful handshake.
2016-08-30 21:10:57 -05:00
Denis Kenzior
633389f2f4
eap-wsc: Add utility to decrypt EncryptedSettings
2016-08-30 14:43:49 -05:00
Denis Kenzior
b78bef2be8
eap-wsc: Add utility to check KeyWrapAuthenticator
2016-08-30 14:42:43 -05:00
Denis Kenzior
046c7b8994
eap-wsc: clear out intermediate key data
2016-08-30 14:41:58 -05:00
Denis Kenzior
39d6acb07d
eap-wsc: Don't store AuthKey | KeyWrapKey | EMSK
...
AuthKey is already uploaded into auth_key_hmac. KeyWrapKey is now
uploaded into the AES-CBC(128) cipher. We currently have no use for
EMSK.
So we no longer need to keep the wsc_session_key structure around.
2016-08-30 14:34:03 -05:00
Denis Kenzior
24dfe6e436
wscutil: Add wsc_build_m5_encrypted_settings
2016-08-30 14:10:20 -05:00
Denis Kenzior
7bdb1a0225
wscutil: Add wsc_parse_m5_encrypted_settings
2016-08-30 14:07:53 -05:00
Denis Kenzior
ba8e0cd6b7
unit: Add test for wsc_build_m4_encrypted_settings
2016-08-30 13:58:32 -05:00
Denis Kenzior
f8af4886c4
unit: Add test for wsc_parse_m4_encrypted_settings
2016-08-30 13:58:06 -05:00
Denis Kenzior
d59086c791
wscutil: Add wsc_build_m4_encrypted_settings
2016-08-30 13:57:28 -05:00
Denis Kenzior
11e56031c0
wscutil: Add wsc_parse_m4_encrypted_settings
2016-08-30 13:38:08 -05:00
Denis Kenzior
757e4dbb90
wscutil: Prepare for parsing of Encrypted Settings
...
Encrypted Settings TLVs are structured similarly to the various WSC
messages. However, they lack a version2 extension field and use a Key
Wrap Authenticator element instead of Authenticator.
2016-08-30 13:33:17 -05:00
Denis Kenzior
642804f9d7
wscutil: Handle Key Wrap Authenticator
2016-08-30 13:30:06 -05:00
Denis Kenzior
7810a45a9c
eap-wsc: Rework state logic a bit
...
Mostly so repetitive code is not required
2016-08-30 10:10:11 -05:00
Denis Kenzior
a4bf3f3280
unit: Add M5 builder unit test
2016-08-30 09:46:33 -05:00
Denis Kenzior
5c88de6e65
unit: Add M5 parser unit test
2016-08-30 09:46:20 -05:00
Denis Kenzior
a8580c7ed0
wscutil: Add wsc_build_m5
2016-08-30 09:45:39 -05:00
Denis Kenzior
0081bf4f64
wscutil: Add wsc_parse_m5
2016-08-30 09:34:34 -05:00
Denis Kenzior
be1b2a3281
unit: Add end-to-end WSC handshake test
...
This only checks M1 & M3 message generation for now
2016-08-30 09:22:35 -05:00
Denis Kenzior
05c230c46a
eap-wsc: Send M3
2016-08-30 09:22:35 -05:00
Denis Kenzior
397a7d18c2
eap-wsc: Add TX message Authenticator calculation
2016-08-30 09:22:35 -05:00
Denis Kenzior
5951bc220b
eap-wsc: Handle M2 messages
2016-08-30 09:22:35 -05:00
Denis Kenzior
33b0034678
eap-wsc: Add util to verify RX frame Authenticator
2016-08-30 09:22:35 -05:00
Denis Kenzior
097e775659
eap-wsc: Add basic logic to send M1 messages
2016-08-30 09:22:33 -05:00
Denis Kenzior
c2cb35b4c9
eap-wsc: store sent pdu
...
This is needed for authenticator computation
2016-08-29 22:16:34 -05:00
Denis Kenzior
2cbbcb7434
eap-wsc: Load settings related to DevicePassword
...
DevicePassword is the PIN, either static, dynamically generated or
entered by the user. For PushButton mode, DevicePassword is set to
'00000000'. It can also be provided via external means, such as NFC.
This patch allows DevicePassword to be externally configured into the
EAP-WSC layer. Optionally, the secret nonce values can also be
provided for testing purposes. If omitted, they will be generated using
l_getrandom.
2016-08-29 12:12:13 -05:00