Kernel/iwd
3
0
Fork 0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2025-01-25 15:04:10 +01:00
Code Releases Activity
1,552 Commits 1 Branch 81 Tags 24 MiB
42d26089e9
Commit Graph

849 Commits

Author SHA1 Message Date
Denis Kenzior
b93a992ed1 eap-wsc: Handle M8 messages 2016-09-08 21:59:04 -05:00
Denis Kenzior
1dc197d176 wscutil: Rename parse/build_nack 
... to parse/build_wsc_nack to be more consistent with the spec naming
 2016-09-08 21:34:32 -05:00
Denis Kenzior
983d598d1d wscutil: Add wsc_build_wsc_ack 2016-09-08 21:33:40 -05:00
Denis Kenzior
9c9ecfa239 wscutil: Add wsc_parse_wsc_ack 2016-09-08 21:33:20 -05:00
Denis Kenzior
aa518811b3 wscutil: Add wsc_build_wsc_done 2016-09-08 21:27:44 -05:00
Denis Kenzior
d8b8c25848 wscutil: Add wsc_parse_wsc_done 2016-09-08 21:27:18 -05:00
Andrew Zaborowski
1b1bf3cf65 eapol: On EAP success save the second 256 bits of MSK 2016-09-06 14:07:35 -05:00
Andrew Zaborowski
443e363c20 crypto: Implement crypto_derive_ft_ptk 2016-09-06 13:50:17 -05:00
Andrew Zaborowski
efbbe9870b crypto: Implement crypto_derive_pmk_r1 2016-09-06 13:48:50 -05:00
Andrew Zaborowski
994ffd94c5 crypto: Implement crypto_derive_pmk_r0 2016-09-06 13:47:18 -05:00
Andrew Zaborowski
955c88a64a ie: Consistently set group_management_cipher 
RSNE_ADVANCE may return and if it is before the assignment of
info.group_management_cipher, that assignment will be dependent on where
the RSNE ends.
 2016-09-05 23:10:29 -05:00
Andrew Zaborowski
316752c5e4 ie: Error in tlv_iter_next if no space to length byte 
When parsing the EAPoL-Key key data field we don't strip the 0xdd /
0x00 padding from the decrypted data so there may be trailing padding
after the IE sequence and valgrind will report an invalid read of the
length byte.  Same thing may happen if we're sent garbage.
 2016-09-05 23:00:01 -05:00
Denis Kenzior
b67e3f26b5 wscutil: Add wsc_parse_credential 2016-08-31 22:36:21 -05:00
Denis Kenzior
d83bf50a39 wscutil: Add wsc_parse_m8_encrypted_settings 2016-08-31 21:59:52 -05:00
Denis Kenzior
addba697da wscutil: Add wsc_build_m8 2016-08-31 14:14:11 -05:00
Denis Kenzior
ead40f0431 wscutil: Add wsc_parse_m8 2016-08-31 14:14:01 -05:00
Denis Kenzior
34ed84dc41 eap-wsc: Send M7 messages 2016-08-31 12:50:44 -05:00
Denis Kenzior
9bb4ba42dd wscutil: Add wsc_build_m7_encrypted_settings 2016-08-31 11:39:06 -05:00
Denis Kenzior
8df0f9fa28 wscutil: Add wsc_parse_m7_encrypted_settings 2016-08-31 11:38:52 -05:00
Denis Kenzior
a113cba4f2 wscutil: Add wsc_build_m7 2016-08-31 11:32:51 -05:00
Denis Kenzior
b7d44d302a wscutil: Add wsc_parse_m7 2016-08-31 11:32:21 -05:00
Denis Kenzior
6dae861ce2 eap-wsc: Handle M6 messages 2016-08-31 11:18:21 -05:00
Denis Kenzior
2ac78e1306 eap-wsc: split out R_Hash verification 
So it can be used in M6 processing
 2016-08-31 11:17:29 -05:00
Denis Kenzior
11550b2756 wscutil: Add wsc_m6_build_encrypted_settings 2016-08-31 11:15:35 -05:00
Denis Kenzior
3719e78094 wscutil: Add wsc_parse_m6_encrypted_settings 2016-08-31 11:15:12 -05:00
Denis Kenzior
4e0c932dc9 wscutil: Add wsc_build_m6 2016-08-31 11:14:48 -05:00
Denis Kenzior
815f685c2d wscutil: Add wsc_parse_m6 2016-08-31 11:14:48 -05:00
Denis Kenzior
ba55afa3f4 eap-wsc: Generate M5 messages 2016-08-30 23:20:24 -05:00
Denis Kenzior
c0de9d1790 eap-wsc: optionally load IV1 & IV2 for debugging 
When we send M5 & M7, we need to generate a random IV.  For testing
purposes, the IV can be provided in settings, otherwise it will be
generated randomly.
 2016-08-30 23:18:53 -05:00
Denis Kenzior
62623e0eb3 eap-wsc: Handle M4 messages 2016-08-30 21:52:24 -05:00
Denis Kenzior
48c3f4a55a eap-wsc: Store PSK1 & PSK2 
We will need to use PSK1 & PSK2 when computing R_Hash1 & R_Hash2 when
processing M4 & M6.
 2016-08-30 21:51:14 -05:00
Denis Kenzior
9a47f98ccd eap-wsc: Store M2 for future use 
We need quite a bit of attributes of M2 for the duration of the WSC
handshake.  Most importantly, we need to use the peer's public key when
processing M4 and M6.  RegistrarNonce is also needed for generating any
ACK/NACK messages as needed.

Also, peer's device attributes such as Model, Manufacturer, etc might be
useful to report upon successful handshake.
 2016-08-30 21:10:57 -05:00
Denis Kenzior
633389f2f4 eap-wsc: Add utility to decrypt EncryptedSettings 2016-08-30 14:43:49 -05:00
Denis Kenzior
b78bef2be8 eap-wsc: Add utility to check KeyWrapAuthenticator 2016-08-30 14:42:43 -05:00
Denis Kenzior
046c7b8994 eap-wsc: clear out intermediate key data 2016-08-30 14:41:58 -05:00
Denis Kenzior
39d6acb07d eap-wsc: Don't store AuthKey | KeyWrapKey | EMSK 
AuthKey is already uploaded into auth_key_hmac.  KeyWrapKey is now
uploaded into the AES-CBC(128) cipher.  We currently have no use for
EMSK.

So we no longer need to keep the wsc_session_key structure around.
 2016-08-30 14:34:03 -05:00
Denis Kenzior
24dfe6e436 wscutil: Add wsc_build_m5_encrypted_settings 2016-08-30 14:10:20 -05:00
Denis Kenzior
7bdb1a0225 wscutil: Add wsc_parse_m5_encrypted_settings 2016-08-30 14:07:53 -05:00
Denis Kenzior
d59086c791 wscutil: Add wsc_build_m4_encrypted_settings 2016-08-30 13:57:28 -05:00
Denis Kenzior
11e56031c0 wscutil: Add wsc_parse_m4_encrypted_settings 2016-08-30 13:38:08 -05:00
Denis Kenzior
757e4dbb90 wscutil: Prepare for parsing of Encrypted Settings 
Encrypted Settings TLVs are structured similarly to the various WSC
messages.  However, they lack a version2 extension field and use a Key
Wrap Authenticator element instead of Authenticator.
 2016-08-30 13:33:17 -05:00
Denis Kenzior
642804f9d7 wscutil: Handle Key Wrap Authenticator 2016-08-30 13:30:06 -05:00
Denis Kenzior
7810a45a9c eap-wsc: Rework state logic a bit 
Mostly so repetitive code is not required
 2016-08-30 10:10:11 -05:00
Denis Kenzior
a8580c7ed0 wscutil: Add wsc_build_m5 2016-08-30 09:45:39 -05:00
Denis Kenzior
0081bf4f64 wscutil: Add wsc_parse_m5 2016-08-30 09:34:34 -05:00
Denis Kenzior
05c230c46a eap-wsc: Send M3 2016-08-30 09:22:35 -05:00
Denis Kenzior
397a7d18c2 eap-wsc: Add TX message Authenticator calculation 2016-08-30 09:22:35 -05:00
Denis Kenzior
5951bc220b eap-wsc: Handle M2 messages 2016-08-30 09:22:35 -05:00
Denis Kenzior
33b0034678 eap-wsc: Add util to verify RX frame Authenticator 2016-08-30 09:22:35 -05:00
Denis Kenzior
097e775659 eap-wsc: Add basic logic to send M1 messages 2016-08-30 09:22:33 -05:00
Denis Kenzior
c2cb35b4c9 eap-wsc: store sent pdu 
This is needed for authenticator computation
 2016-08-29 22:16:34 -05:00
Denis Kenzior
2cbbcb7434 eap-wsc: Load settings related to DevicePassword 
DevicePassword is the PIN, either static, dynamically generated or
entered by the user.  For PushButton mode, DevicePassword is set to
'00000000'.  It can also be provided via external means, such as NFC.

This patch allows DevicePassword to be externally configured into the
EAP-WSC layer.  Optionally, the secret nonce values can also be
provided for testing purposes.  If omitted, they will be generated using
l_getrandom.
 2016-08-29 12:12:13 -05:00
Denis Kenzior
ce596058cd eap-wsc: Implement load_settings method 
We use the load_settings method to bootstrap the internal state of the
EAP WSC state machine.  We require certain information to be provided by
the higher layers, namely:

Global Device parameters
 - Manufacturer
 - Model Name
 - Model Number
 - Serial Number
 - Device Name
 - Primary Device Type
 - OS Version

Session specific parameters
 - MAC Address
 - Configuration Methods
 - RF Bands

The following parameters are auto-generated for each new session, but
can be over-ridden if desired
 - Private Key
 - Enrollee Nonce
 2016-08-28 02:47:09 -05:00
Denis Kenzior
b650b16d6f wscutil: Check authenticator more strictly 
Make sure Authenticator is the last data in the WSC PDU, with no
extraneous data afterwards
 2016-08-28 02:47:09 -05:00
Denis Kenzior
00dac648aa wscutil: Add wsc_build_nack 2016-08-26 17:14:36 -05:00
Denis Kenzior
334ccfce0f wscutil: Add wsc_parse_nack 2016-08-26 17:14:36 -05:00
Denis Kenzior
fdeed24591 eap-wsc: Properly set vendor-id & vendor-type 2016-08-24 21:37:42 -05:00
Denis Kenzior
887119c82f wscutil: Expose WSC WFA OUI 2016-08-24 21:35:41 -05:00
Denis Kenzior
0a314004ce eap: expanded methods start packets at opcode 
Expanded EAP methods should get their packets for handling starting at
the op-code field.  They're not really interested in
type/vendor-id/vendor-type fields.
 2016-08-24 21:32:16 -05:00
Denis Kenzior
63b5c60743 util: Add util_string_to_address 2016-08-24 21:31:54 -05:00
Denis Kenzior
c2b1351396 wscutil: Add WSC KDF function 2016-08-23 13:52:52 -05:00
Denis Kenzior
0a6ffdf029 netdev: Fix double-free 
We should only call eapol_cancel if netdev_connect_free was not
triggered as a result of handshake failure.
 2016-08-23 13:15:00 -05:00
Denis Kenzior
5d2c5b3b71 crypto: Add some missing whitespace 2016-08-22 15:54:24 -05:00
Denis Kenzior
9c457de8d5 wscutil: Add M4 builder 2016-08-19 15:24:29 -05:00
Denis Kenzior
d3ee7c71be wscutil: Add M4 parser 2016-08-19 15:14:24 -05:00
Denis Kenzior
ca41b21e15 wscutil: Add extractor for R_HASH1 & R_HASH2 2016-08-19 15:03:44 -05:00
Denis Kenzior
4e4820e2a5 wscutil: Add encrypted settings extractor 2016-08-19 15:03:25 -05:00
Denis Kenzior
f116659ab3 wscutil: Macro-ize WFA extension building 2016-08-18 18:02:08 -05:00
Denis Kenzior
6f0b31b3a4 wscutil: Add M3 builder 2016-08-18 17:58:34 -05:00
Denis Kenzior
b6e7b7a4d6 wscutil: Add M3 parser 2016-08-18 17:48:04 -05:00
Denis Kenzior
dc310bfc49 wscutil: Add e_hash 1 & 2 extractor 2016-08-18 17:47:36 -05:00
Denis Kenzior
a867076c3e wscutil: Relax OS_VERSION parser 
Apple implementations seem to not set the MSB bit to 1.
 2016-08-18 17:29:16 -05:00
Denis Kenzior
f2e11f5e7c wscutil: Fix memset 2016-08-18 16:22:48 -05:00
Denis Kenzior
af7224a973 wscutil: More strictly handle AUTHENTICATOR tlv 
This element must be the TLV in the message
 2016-08-18 12:53:06 -05:00
Denis Kenzior
f59f7564ce wscutil: Fix flags 
For some reason they weren't setup to be used in a bitfield
 2016-08-18 12:52:36 -05:00
Denis Kenzior
f11868d59d wscutil: Add builder for M2 messages 2016-08-17 22:20:46 -05:00
Denis Kenzior
ea8fddb897 wscutil: Move builders to proper alphabetical order 2016-08-17 22:20:46 -05:00
Denis Kenzior
966f0a974f wscutil: Add parser for M2 messages 2016-08-17 21:57:50 -05:00
Denis Kenzior
f389b2ffbc wscutil: Extract REGISTRAR_NONCE 2016-08-16 16:20:57 -05:00
Denis Kenzior
d4c41103d9 wscutil: Add extractor for UUID_R 2016-08-16 16:20:34 -05:00
Denis Kenzior
1c9e82001b wscutil: Fix incorrect return value 2016-08-16 16:12:19 -05:00
Denis Kenzior
e91846bbc5 wscutil: Add extractor for AUTHENTICATOR 2016-08-16 16:11:51 -05:00
Denis Kenzior
5f087aa0ea wscutil: Add builder for M1 messages 2016-08-16 15:27:46 -05:00
Denis Kenzior
e9d1ca7f7b wscutil: Don't include request_to_enroll if false 2016-08-16 15:27:16 -05:00
Denis Kenzior
2133a5edb3 wscutil: Rename WSC_CONFIG_STATE to WSC_STATE 2016-08-16 12:30:24 -05:00
Denis Kenzior
0f1372f866 wscutil: move extract_wsc_state 
To proper alphabetical order
 2016-08-16 12:25:55 -05:00
Denis Kenzior
349bc26d41 eap-wsc: Init DH5 prime & generator keys 2016-08-15 10:47:36 -05:00
Denis Kenzior
eb539ddd82 crypto: Add D-H MODP Group 5 prime & generator 2016-08-15 10:47:36 -05:00
Denis Kenzior
f7338c45c5 wscutil: Add M1 parser 2016-08-11 16:39:30 -05:00
Denis Kenzior
9ef4a40f0f wscutil: Add parsers for various flag types 2016-08-11 16:38:50 -05:00
Denis Kenzior
3d29f510e1 wscutil: Add parser for OS_VERSION 2016-08-11 16:38:33 -05:00
Denis Kenzior
e3626018d2 wscutil: Add parser for PUBLIC_KEY 2016-08-11 16:18:57 -05:00
Denis Kenzior
c787a4c5b8 wscutil: Add parser for ENROLLEE_NONCE 2016-08-11 16:17:24 -05:00
Denis Kenzior
2aaff15987 wscutil: Add parser for MAC_ADDRESS 2016-08-11 16:15:55 -05:00
Denis Kenzior
29a0d9f066 wscutil: Simplify uuid extractor 2016-08-11 16:15:14 -05:00
Denis Kenzior
da7477435e wscutil: Add parser for MESSAGE_TYPE 2016-08-11 16:09:46 -05:00
Denis Kenzior
f97d5778ea wscutil: Use macro magic to make more readable 2016-08-11 12:47:03 -05:00
Denis Kenzior
7a19a10528 eap-wsc: Add skeleton 2016-08-10 16:59:15 -05:00
Denis Kenzior
bcfaad2b62 eapol: Make EAP packets use sm->protocol_version 
Instead of hard-coding the EAPoL version to 2004 for all EAP packets,
use the version from eapol_sm.
 2016-08-10 16:37:39 -05:00
Denis Kenzior
abc44fe98a eapol: Use switch-case instead of if 
The if statement was shorter, but a bit less readable.
 2016-08-10 16:36:14 -05:00