943acddb49
eapol: Refactor eapol tx path
2016-06-28 18:45:49 -05:00
efe5bed7c5
netdev: Move eapol_read to eapol.c
2016-06-28 18:18:47 -05:00
b6d651dda8
eapol: Move eapol_start
2016-06-28 17:26:03 -05:00
e059ee01a7
eapol: Move eapol_cancel
2016-06-28 17:26:03 -05:00
fb339bcc76
eapol: helper functions for REKEY_OFFLOAD
2016-06-22 18:44:17 -05:00
b93ae37325
eapol: Add eapol_sm_get_own_ie
2016-06-14 19:57:21 -05:00
6d81e0a172
eapol: Add eapol_sm_get_group_cipher
2016-06-14 19:57:21 -05:00
c1ff686ed6
eapol: Add eapol_sm_get_pairwise_cipher
2016-06-14 19:57:21 -05:00
30d1673ba4
eapol: Add support for SHA-256 based AKMs
2016-02-10 19:18:56 -06:00
c35409d73c
eapol: Update to the new API
2016-02-10 16:55:15 -06:00
3320d31ead
sha1: Remove sha1.[ch]
2016-02-10 14:36:14 -06:00
342ad9c61c
eapol: Add clarifying comment
2015-11-03 16:26:34 -06:00
14020b2aa6
eapol: Handle EAPoL-EAP packets
2015-11-02 21:45:43 -06:00
2bccb7e7dc
eapol: Remove user_data from __eapol_rx_packet args
...
Instead of passing the user_data parameter in every __eapol_rx_packet
call to be used by EAPOL in all tx_packet calls, add
eapol_sm_set_tx_user_data function that sets the value of user_data for
all subsequent tx_packet calls. This way tx_packet can be called from
places that are not necessarily inside an __eapol_rx_packet call.
2015-11-02 21:40:21 -06:00
ef9b6f41ce
eapol: Separate EAPOL header from struct eapol_key
...
This is needed so we can better handle sending and receiving EAPoL
packets other than EAPoL-Key.
2015-11-02 21:40:21 -06:00
f1d81cd3c5
eapol: Remove unneded TODO comment
2015-06-08 10:46:48 -05:00
99cdb860c0
eapol: Simplify install_tk callback
2015-05-21 21:10:21 -05:00
e93dd44607
eapol: Simplify GTK install callback
...
Instead of passing in the RSN/WPA elements, simply pass in the
configured cipher. This will make the implementation of the install_gtk
callback much simpler.
2015-05-21 21:08:47 -05:00
9992d3aeda
eapol: Extract & keep track of desired ciphers
...
When our own WPA IE or RSN IE are set, extract group and pairwise
ciphers. These ciphers are the ones we desire to use for the secure
connection.
2015-05-19 00:05:53 -05:00
12551b52ff
eapol: Sanity check 2nd RSNE
...
If the second (optional) RSN element is included in Step 3/4 of the
4-way handshake, parse it and perform basic sanity checks
2015-05-18 23:49:11 -05:00
8593ebaad4
eapol: Set wpa_key_id in WPA1 Step 2 of 2
2015-05-18 14:45:09 -05:00
a227d0b00f
eapol: In GTK step 2 of 2, secure bit is always 1
2015-05-18 12:50:50 -05:00
a84d232eb1
eapol: Accept 32-byte keys in verify_ptk_3_of_4
...
TKIP key data is 32 bytes long.
2015-05-18 12:37:34 -05:00
619448cacc
eapol: Sanity check wpa_key_id field a bit more
2015-05-05 22:26:11 -05:00
9793054a0a
eapol: Update TODO comment
2015-05-05 22:19:45 -05:00
a38b6f1f9a
eapol: Add missing newline
2015-05-05 22:18:35 -05:00
8f3fd6e47d
eapol: Add eapol_verify_gtk_2_of_2
2015-05-05 22:04:21 -05:00
2ba7867e9f
eapol: Drop unneded check in verify_ptk_4_of_4
...
Step 4 is always sent without encrypted Key Data according to Section
11.6.6.5. In the case of WPA, Encrypted Key Data field is reserved, and
should always be 0. Thus it is safe to drop the !is_wpa condition.
2015-05-05 22:01:53 -05:00
bb17f5df94
eapol: Add sanity checking of the install bit
2015-05-05 21:50:35 -05:00
0ea28ba5ad
eapol: Generate new snonce on new 4-Way Handshake
...
Make sure that we handle PTK rekeying.
2015-05-05 21:22:38 -05:00
a7846aee85
eapol: WPA-specific handshake quirks
...
To support WPA allow the legacy EAPOL-Key frame formats.
2015-05-05 21:22:31 -05:00
a8c0f20510
eapol: Handle the Group Key Handshake
2015-05-05 21:10:07 -05:00
169aa04570
eapol: Free eapol_sm even if callback is null
...
If deauthenticate callback was not provided, the state machine was not
being freed / removed.
2015-04-29 08:54:53 -05:00
4a27563b5a
eapol: Fix key-IV check in EAPOL-Key verification
...
The comment correctly states the IV is 0 for version 2, but the
check was actually for version 1.
2015-04-29 08:54:47 -05:00
c22d22f5e5
eapol: Remove eapol_sm's from queue when destroying.
...
Prevents a double-free.
2015-04-17 10:40:10 -05:00
bc98bc9ecb
eapol: Add functions to set own/ap WPA IEs
...
If EAPoL is being run for in WPA mode, then instead of RSN elements, the
WPA elements are required.
2015-04-10 23:46:58 -05:00
445ad55796
eapol: Start a handshake timer
...
We start a timer. This handles the case that the Authenticator does
not send us the first message of the 4-way handshake, or disappears
before sending us the 3rd message.
2015-03-29 22:44:08 -05:00
e2badc9828
eapol: Call deauthenticate callback
2015-03-29 22:32:09 -05:00
9f17b71375
eapol: Add eapol_cancel
2015-03-29 20:58:40 -05:00
cf3681efbe
eapol: Add comment for handling MIC failures
2015-03-29 20:57:58 -05:00
f31407dd46
eapol: Add deauthenticate callback
2015-03-29 20:30:14 -05:00
6ec364cb86
eapol: Add __eapol_set_gtk_install_func
2015-03-25 23:28:22 -05:00
bf5a6a3999
eapol: Add __eapol_set_install_tk_func
2015-03-25 22:35:12 -05:00
ddcbb3f2a8
eapol: Add eapol_sm_set_user_data
2015-03-25 22:34:05 -05:00
3432cfa53e
eapol: Return if eapol_find_sm returns NULL
2015-03-23 20:08:30 -05:00
a95b0e3a5a
eapol: Fix return value
2015-03-23 15:37:40 -05:00
86e7883c74
eapol: Print a message if MIC calculation fails
2015-03-20 14:52:49 -05:00
d78883a068
eapol: Add default nonce generator
2015-03-20 12:31:14 -05:00
35e3de9cdf
eapol: Add default eapol tx path function
2015-03-20 12:30:56 -05:00
0ee173e23f
eapol: Fix PAE socket code
...
Using SOCK_DGRAM allows us to receive just the frame payload instead
of raw ethernet framing.
2015-03-20 00:28:58 -05:00
19c67c3b3a
eapol: Add user_data argument
...
To __eapol_rx_packet. The same argument is passed to tx_packet
function.
2015-03-19 23:57:37 -05:00
6b84e0da1f
eapol: Rename aa_addr
...
The use of aa_addr was redundant. Use 'AA' instead. 802.11 defines
'AA' as 'Authenticator Address'.
2015-03-19 23:57:36 -05:00
b871d904d5
eapol: Rename sta_addr
...
The use of sta_addr made no sense. Instead, use the terminology from
802.11: 'Supplicant Address (SPA)'
2015-03-19 23:57:36 -05:00
581f4e298f
eapol: Use a queue instead of a hashmap
2015-03-19 23:57:36 -05:00
12d529eddb
eapol: Rearrange data structure members
...
The order follows the rough order of initialization, as information
becomes available from the calling code or via steps of the 4-way
handshake.
2015-03-19 23:57:36 -05:00
acce7c9034
eapol: Change the interface index data type
...
The ifindex should be uint32_t instead of int.
2015-03-19 20:18:05 -05:00
2bcfc15e96
eapol: Remove unneeded whitespace
2015-03-02 21:47:27 -06:00
db45cd8dbf
eapol: Provide utility to open raw socket
...
Opens a raw socket to filter ETH_P_PAE based packets. Binds to specific
interface index to read/write eapol frames.
2015-02-26 10:54:05 -06:00
41e82fba77
eapol: Optimize out rsne sizes
...
The RSN IEs contain the sizes of the element inside the data, so it is
not necessary to carry a dedicated size element.
2015-02-24 23:15:20 -06:00
9760bcb5c3
eapol: Add checking that first RSNE is as expected
2015-02-24 22:09:35 -06:00
7f9b8117fd
eapol: Add utility to find GTK KDEs
2015-02-24 17:11:56 -06:00
bfdd4a2328
eapol: Pass decrypted data len
...
to eapol_handle_ptk_3_of_4
2015-02-24 16:03:42 -06:00
c71bfcbb7c
eapol: Decryption of packets changes affects size
2015-02-24 15:59:36 -06:00
f997816a7f
eapol: Handle Step 2 & 4 of the 4-way Handshake
2015-02-24 11:14:11 -06:00
da1180841d
eapol: Handle Step 1 & 2 of 4-way Handshake
2015-02-24 11:13:57 -06:00
9e6cbc5b60
eapol: Add __eapol_rx_packet
2015-02-24 11:13:19 -06:00
4a540526fe
eapol: Add eapol_start
2015-02-24 11:12:22 -06:00
2ee8b8e56e
eapol: Add __eapol_set_protocol_version
2015-02-24 11:11:40 -06:00
87dc9543b2
eapol: Add tx_packet_func and setter
2015-02-24 11:10:42 -06:00
54fa4f29c7
eapol: Add get_nonce func and setter
2015-02-24 11:09:42 -06:00
79bf677e71
eapol: Add eapol_init and eapol_exit
2015-02-24 11:08:03 -06:00
2e1e484f95
eapol: Add eapol_sm_set_own_rsn
2015-02-24 10:58:43 -06:00
08b2980fd6
eapol: Add eapol_sm_set_ap_rsn
2015-02-24 10:58:03 -06:00
f85c860cc3
eapol: Add eapol_sm_set_pmk
2015-02-24 10:57:25 -06:00
ff92e5c5e1
eapol: Add eapol_sm_set_aa_address
2015-02-24 10:56:39 -06:00
122dfe7025
eapol: Add eapol_sm_set_sta_address
2015-02-24 10:55:50 -06:00
2866fbbf91
eapol: Introduce eapol_sm
2015-02-24 10:54:23 -06:00
bf42e3e7a3
eapol: snonce not needed in create_ptk_4_of_4
2015-02-24 10:52:12 -06:00
6ba57c9fa8
eapol: Fix eapol_verify_mic
...
The calculation was using an invalid length
2015-02-24 10:42:20 -06:00
a0bf16c5ca
eapol: Refactor verification functions
...
Use a macro for common checks. Assume that the validate step will be
done separately.
2015-02-23 15:39:26 -06:00
6a4b75cf8d
eapol: Add eapol_verify_mic
2015-02-18 21:13:09 -06:00
ad3e0b6bf2
arc4: Remove and move to src/crypto.c
2015-02-18 21:11:37 -06:00
b3e617838d
aes: Remove and move to src/crypto.c
2015-02-18 21:02:09 -06:00
260ef5bb9d
md5: Remove and move to src/crypto.c
2015-02-18 20:56:18 -06:00
89e4538945
eapol: Rework eapol_decrypt_key_data
...
802.11 uses AES Key Wrap and RC4 with the first 256 bytes skipped. The
IV is also initialized into the RC4 key.
2015-02-17 17:39:47 -06:00
cd08cdfd9f
eapol: Add eapol_decrypt_key_data
2015-02-13 20:37:17 -06:00
85e54c66fe
eapol: Add eapol_verify_ptk_4_of_4
2015-02-13 18:38:10 -06:00
0570940cd7
eapol: Add eapol_verify_ptk_3_of_4
2015-02-13 16:36:52 -06:00
f9515fbe97
eapol: Add additional sanity checks for step 2
2015-02-13 16:36:24 -06:00
9b746cd3c1
eapol: Update comment
2015-02-13 16:12:43 -06:00
54d4090542
eapol: Tweak API
...
We need to extract quite a bit of information from the EAPoL frames, so
tweak the API to just verify that a frame is of a particular type
2015-02-13 16:08:45 -06:00
87f775475a
eapol: Handle cmac_aes in eapol_calcuate_mic
2015-02-13 14:53:16 -06:00
63aae17aa8
eapol: Take out unneeded cast
2015-02-13 14:52:24 -06:00
df8d60d7e1
eapol: Add eapol_create_ptk_4_of_4
2015-02-13 14:10:28 -06:00
005fc0c0d1
eapol: Handle key_replay_counter as a uint64_t
2015-02-13 13:54:50 -06:00
8f946c0cdc
eapol: Change function signatures
...
The frame which comes in is an EAPoL-key frame, thus changing the name
accordingly (as well as the parameter names).
Also, returning the cast pointer instead of a boolean is easier to
use as there won't be any need to perform the cast ourselves afterward
2015-01-22 12:18:17 -06:00
096165d142
eapol: Add eapol_calculate_mic
2014-12-27 23:04:14 -06:00
27d25efc0b
eapol: Add eapol_create_ptk_2_of_4
2014-12-27 23:04:12 -06:00
dc3331a98d
eapol: Add eapol_process_ptk_2_of_4
2014-12-27 22:58:22 -06:00
996e32bf1d
eapol: Add eapol_process_ptk_1_of_4
2014-12-27 22:58:22 -06:00
da8e10cc5f
eapol: Verify key_descriptor_version
2014-12-27 22:34:39 -06:00
5da6ca89e4
eapol: Add eapol_verify
2014-12-27 22:34:39 -06:00
2cc842a302
eapol: Add beginnings of EAPoL utilities
2014-12-18 18:10:10 -06:00
Denis Kenzior