3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-28 12:12:32 +01:00
Commit Graph

874 Commits

Author SHA1 Message Date
Denis Kenzior
15ac5c3f38 wscutil: Fix uninitialized warning
==5362== Conditional jump or move depends on uninitialised value(s)
==5362==    at 0x419B62: wsc_wfa_ext_iter_next (wscutil.c:52)
==5362==    by 0x41B869: wsc_parse_probe_response (wscutil.c:1016)
==5362==    by 0x41FD77: scan_results (wsc.c:218)
==5362==    by 0x415669: get_scan_done (scan.c:892)
==5362==    by 0x432932: destroy_request (genl.c:134)
==5362==    by 0x433245: process_unicast (genl.c:394)
==5362==    by 0x43361A: received_data (genl.c:506)
==5362==    by 0x42FDC2: io_callback (io.c:120)
==5362==    by 0x42EABE: l_main_run (main.c:381)
==5362==    by 0x402F90: main (main.c:234)
2016-09-14 21:56:18 -05:00
Denis Kenzior
9b0113018f scan: Fix running active scans
A wildcard SSID of zero length is needed
2016-09-14 21:56:18 -05:00
Denis Kenzior
a3fdb88a9a device: add device_get_netdev 2016-09-14 21:56:18 -05:00
Denis Kenzior
959ebd505b device: Free eapol_sm on netdev_connect failure 2016-09-14 21:56:18 -05:00
Denis Kenzior
09dcd78e30 device: Convert device watches to watchlist 2016-09-14 21:56:18 -05:00
Denis Kenzior
ef18c03322 device: Make device_enter_state static 2016-09-14 21:56:18 -05:00
Denis Kenzior
4419a6325a device: Add state watch api 2016-09-14 21:56:16 -05:00
Denis Kenzior
6d410b0bec watchlist: Add watchlist utilities 2016-09-14 20:26:49 -05:00
Denis Kenzior
d9c18deed7 device: Remove extra whitespace 2016-09-14 00:17:27 -05:00
Denis Kenzior
f77d363840 netdev: Add netdev_connect_wsc 2016-09-13 20:50:24 -05:00
Denis Kenzior
8a50054925 device: Make device_disassociated static 2016-09-13 20:49:36 -05:00
Denis Kenzior
db8794460f eapol: Remove io argument from eapol_start 2016-09-13 17:37:13 -05:00
Denis Kenzior
047a196c70 wscutil: Add wsc_build_association_response 2016-09-13 17:26:18 -05:00
Denis Kenzior
77abdb7d96 wscutil: add wsc_build_association_request 2016-09-13 17:23:43 -05:00
Denis Kenzior
da36b87531 wscutil: Add wsc_parse_association_request 2016-09-13 15:59:30 -05:00
Denis Kenzior
022d24474b wscutil: Add wsc_parse_association_response 2016-09-13 15:57:16 -05:00
Denis Kenzior
f3d5adfc3c wsc: report session overlap error 2016-09-13 14:55:13 -05:00
Denis Kenzior
1627b3a2bd wsc: Squash wsc_sm structure
eap-wsc now handles most of the details
2016-09-13 14:53:30 -05:00
Denis Kenzior
c60d34cd8d wiphy: Add wiphy_get_supported_bands 2016-09-13 14:36:46 -05:00
Denis Kenzior
4518394b0e eap-wsc: Send credential obtained events 2016-09-13 13:32:47 -05:00
Denis Kenzior
9fde037b8f eapol: Add eapol_sm_set_event_func 2016-09-13 13:30:54 -05:00
Denis Kenzior
1b72fe9713 eap: Add eap event_func
This is used to get arbitrary information out of the EAP method.  Needed
for EAP-WSC to signal credential information obtained from the peer.

Other uses include signaling why EAP-WSC failed (e.g. invalid PIN, etc)
and processing of M2D discovery messages.  The information in M2Ds might
be useful to external clients.
2016-09-13 11:50:52 -05:00
Denis Kenzior
baf72d7f86 eapol: Move to a single PAE socket
We used to open a socket for each wireless interface.  This patch uses a
single socket with an attached BPF to handle all EAPoL traffic via a
single file descriptor.
2016-09-12 10:02:04 -05:00
Denis Kenzior
8e50144d17 eap-wsc: Handle EAP WSC_NACK Requests
These should be responded to with a NACK as well.
2016-09-09 13:40:41 -05:00
Denis Kenzior
d2d9ce7be5 eap-wsc: implement NACK sending 2016-09-09 12:44:36 -05:00
Denis Kenzior
b93a992ed1 eap-wsc: Handle M8 messages 2016-09-08 21:59:04 -05:00
Denis Kenzior
1dc197d176 wscutil: Rename parse/build_nack
... to parse/build_wsc_nack to be more consistent with the spec naming
2016-09-08 21:34:32 -05:00
Denis Kenzior
983d598d1d wscutil: Add wsc_build_wsc_ack 2016-09-08 21:33:40 -05:00
Denis Kenzior
9c9ecfa239 wscutil: Add wsc_parse_wsc_ack 2016-09-08 21:33:20 -05:00
Denis Kenzior
aa518811b3 wscutil: Add wsc_build_wsc_done 2016-09-08 21:27:44 -05:00
Denis Kenzior
d8b8c25848 wscutil: Add wsc_parse_wsc_done 2016-09-08 21:27:18 -05:00
Andrew Zaborowski
1b1bf3cf65 eapol: On EAP success save the second 256 bits of MSK 2016-09-06 14:07:35 -05:00
Andrew Zaborowski
443e363c20 crypto: Implement crypto_derive_ft_ptk 2016-09-06 13:50:17 -05:00
Andrew Zaborowski
efbbe9870b crypto: Implement crypto_derive_pmk_r1 2016-09-06 13:48:50 -05:00
Andrew Zaborowski
994ffd94c5 crypto: Implement crypto_derive_pmk_r0 2016-09-06 13:47:18 -05:00
Andrew Zaborowski
955c88a64a ie: Consistently set group_management_cipher
RSNE_ADVANCE may return and if it is before the assignment of
info.group_management_cipher, that assignment will be dependent on where
the RSNE ends.
2016-09-05 23:10:29 -05:00
Andrew Zaborowski
316752c5e4 ie: Error in tlv_iter_next if no space to length byte
When parsing the EAPoL-Key key data field we don't strip the 0xdd /
0x00 padding from the decrypted data so there may be trailing padding
after the IE sequence and valgrind will report an invalid read of the
length byte.  Same thing may happen if we're sent garbage.
2016-09-05 23:00:01 -05:00
Denis Kenzior
b67e3f26b5 wscutil: Add wsc_parse_credential 2016-08-31 22:36:21 -05:00
Denis Kenzior
d83bf50a39 wscutil: Add wsc_parse_m8_encrypted_settings 2016-08-31 21:59:52 -05:00
Denis Kenzior
addba697da wscutil: Add wsc_build_m8 2016-08-31 14:14:11 -05:00
Denis Kenzior
ead40f0431 wscutil: Add wsc_parse_m8 2016-08-31 14:14:01 -05:00
Denis Kenzior
34ed84dc41 eap-wsc: Send M7 messages 2016-08-31 12:50:44 -05:00
Denis Kenzior
9bb4ba42dd wscutil: Add wsc_build_m7_encrypted_settings 2016-08-31 11:39:06 -05:00
Denis Kenzior
8df0f9fa28 wscutil: Add wsc_parse_m7_encrypted_settings 2016-08-31 11:38:52 -05:00
Denis Kenzior
a113cba4f2 wscutil: Add wsc_build_m7 2016-08-31 11:32:51 -05:00
Denis Kenzior
b7d44d302a wscutil: Add wsc_parse_m7 2016-08-31 11:32:21 -05:00
Denis Kenzior
6dae861ce2 eap-wsc: Handle M6 messages 2016-08-31 11:18:21 -05:00
Denis Kenzior
2ac78e1306 eap-wsc: split out R_Hash verification
So it can be used in M6 processing
2016-08-31 11:17:29 -05:00
Denis Kenzior
11550b2756 wscutil: Add wsc_m6_build_encrypted_settings 2016-08-31 11:15:35 -05:00
Denis Kenzior
3719e78094 wscutil: Add wsc_parse_m6_encrypted_settings 2016-08-31 11:15:12 -05:00
Denis Kenzior
4e0c932dc9 wscutil: Add wsc_build_m6 2016-08-31 11:14:48 -05:00
Denis Kenzior
815f685c2d wscutil: Add wsc_parse_m6 2016-08-31 11:14:48 -05:00
Denis Kenzior
ba55afa3f4 eap-wsc: Generate M5 messages 2016-08-30 23:20:24 -05:00
Denis Kenzior
c0de9d1790 eap-wsc: optionally load IV1 & IV2 for debugging
When we send M5 & M7, we need to generate a random IV.  For testing
purposes, the IV can be provided in settings, otherwise it will be
generated randomly.
2016-08-30 23:18:53 -05:00
Denis Kenzior
62623e0eb3 eap-wsc: Handle M4 messages 2016-08-30 21:52:24 -05:00
Denis Kenzior
48c3f4a55a eap-wsc: Store PSK1 & PSK2
We will need to use PSK1 & PSK2 when computing R_Hash1 & R_Hash2 when
processing M4 & M6.
2016-08-30 21:51:14 -05:00
Denis Kenzior
9a47f98ccd eap-wsc: Store M2 for future use
We need quite a bit of attributes of M2 for the duration of the WSC
handshake.  Most importantly, we need to use the peer's public key when
processing M4 and M6.  RegistrarNonce is also needed for generating any
ACK/NACK messages as needed.

Also, peer's device attributes such as Model, Manufacturer, etc might be
useful to report upon successful handshake.
2016-08-30 21:10:57 -05:00
Denis Kenzior
633389f2f4 eap-wsc: Add utility to decrypt EncryptedSettings 2016-08-30 14:43:49 -05:00
Denis Kenzior
b78bef2be8 eap-wsc: Add utility to check KeyWrapAuthenticator 2016-08-30 14:42:43 -05:00
Denis Kenzior
046c7b8994 eap-wsc: clear out intermediate key data 2016-08-30 14:41:58 -05:00
Denis Kenzior
39d6acb07d eap-wsc: Don't store AuthKey | KeyWrapKey | EMSK
AuthKey is already uploaded into auth_key_hmac.  KeyWrapKey is now
uploaded into the AES-CBC(128) cipher.  We currently have no use for
EMSK.

So we no longer need to keep the wsc_session_key structure around.
2016-08-30 14:34:03 -05:00
Denis Kenzior
24dfe6e436 wscutil: Add wsc_build_m5_encrypted_settings 2016-08-30 14:10:20 -05:00
Denis Kenzior
7bdb1a0225 wscutil: Add wsc_parse_m5_encrypted_settings 2016-08-30 14:07:53 -05:00
Denis Kenzior
d59086c791 wscutil: Add wsc_build_m4_encrypted_settings 2016-08-30 13:57:28 -05:00
Denis Kenzior
11e56031c0 wscutil: Add wsc_parse_m4_encrypted_settings 2016-08-30 13:38:08 -05:00
Denis Kenzior
757e4dbb90 wscutil: Prepare for parsing of Encrypted Settings
Encrypted Settings TLVs are structured similarly to the various WSC
messages.  However, they lack a version2 extension field and use a Key
Wrap Authenticator element instead of Authenticator.
2016-08-30 13:33:17 -05:00
Denis Kenzior
642804f9d7 wscutil: Handle Key Wrap Authenticator 2016-08-30 13:30:06 -05:00
Denis Kenzior
7810a45a9c eap-wsc: Rework state logic a bit
Mostly so repetitive code is not required
2016-08-30 10:10:11 -05:00
Denis Kenzior
a8580c7ed0 wscutil: Add wsc_build_m5 2016-08-30 09:45:39 -05:00
Denis Kenzior
0081bf4f64 wscutil: Add wsc_parse_m5 2016-08-30 09:34:34 -05:00
Denis Kenzior
05c230c46a eap-wsc: Send M3 2016-08-30 09:22:35 -05:00
Denis Kenzior
397a7d18c2 eap-wsc: Add TX message Authenticator calculation 2016-08-30 09:22:35 -05:00
Denis Kenzior
5951bc220b eap-wsc: Handle M2 messages 2016-08-30 09:22:35 -05:00
Denis Kenzior
33b0034678 eap-wsc: Add util to verify RX frame Authenticator 2016-08-30 09:22:35 -05:00
Denis Kenzior
097e775659 eap-wsc: Add basic logic to send M1 messages 2016-08-30 09:22:33 -05:00
Denis Kenzior
c2cb35b4c9 eap-wsc: store sent pdu
This is needed for authenticator computation
2016-08-29 22:16:34 -05:00
Denis Kenzior
2cbbcb7434 eap-wsc: Load settings related to DevicePassword
DevicePassword is the PIN, either static, dynamically generated or
entered by the user.  For PushButton mode, DevicePassword is set to
'00000000'.  It can also be provided via external means, such as NFC.

This patch allows DevicePassword to be externally configured into the
EAP-WSC layer.  Optionally, the secret nonce values can also be
provided for testing purposes.  If omitted, they will be generated using
l_getrandom.
2016-08-29 12:12:13 -05:00
Denis Kenzior
ce596058cd eap-wsc: Implement load_settings method
We use the load_settings method to bootstrap the internal state of the
EAP WSC state machine.  We require certain information to be provided by
the higher layers, namely:

Global Device parameters
 - Manufacturer
 - Model Name
 - Model Number
 - Serial Number
 - Device Name
 - Primary Device Type
 - OS Version

Session specific parameters
 - MAC Address
 - Configuration Methods
 - RF Bands

The following parameters are auto-generated for each new session, but
can be over-ridden if desired
 - Private Key
 - Enrollee Nonce
2016-08-28 02:47:09 -05:00
Denis Kenzior
b650b16d6f wscutil: Check authenticator more strictly
Make sure Authenticator is the last data in the WSC PDU, with no
extraneous data afterwards
2016-08-28 02:47:09 -05:00
Denis Kenzior
00dac648aa wscutil: Add wsc_build_nack 2016-08-26 17:14:36 -05:00
Denis Kenzior
334ccfce0f wscutil: Add wsc_parse_nack 2016-08-26 17:14:36 -05:00
Denis Kenzior
fdeed24591 eap-wsc: Properly set vendor-id & vendor-type 2016-08-24 21:37:42 -05:00
Denis Kenzior
887119c82f wscutil: Expose WSC WFA OUI 2016-08-24 21:35:41 -05:00
Denis Kenzior
0a314004ce eap: expanded methods start packets at opcode
Expanded EAP methods should get their packets for handling starting at
the op-code field.  They're not really interested in
type/vendor-id/vendor-type fields.
2016-08-24 21:32:16 -05:00
Denis Kenzior
63b5c60743 util: Add util_string_to_address 2016-08-24 21:31:54 -05:00
Denis Kenzior
c2b1351396 wscutil: Add WSC KDF function 2016-08-23 13:52:52 -05:00
Denis Kenzior
0a6ffdf029 netdev: Fix double-free
We should only call eapol_cancel if netdev_connect_free was not
triggered as a result of handshake failure.
2016-08-23 13:15:00 -05:00
Denis Kenzior
5d2c5b3b71 crypto: Add some missing whitespace 2016-08-22 15:54:24 -05:00
Denis Kenzior
9c457de8d5 wscutil: Add M4 builder 2016-08-19 15:24:29 -05:00
Denis Kenzior
d3ee7c71be wscutil: Add M4 parser 2016-08-19 15:14:24 -05:00
Denis Kenzior
ca41b21e15 wscutil: Add extractor for R_HASH1 & R_HASH2 2016-08-19 15:03:44 -05:00
Denis Kenzior
4e4820e2a5 wscutil: Add encrypted settings extractor 2016-08-19 15:03:25 -05:00
Denis Kenzior
f116659ab3 wscutil: Macro-ize WFA extension building 2016-08-18 18:02:08 -05:00
Denis Kenzior
6f0b31b3a4 wscutil: Add M3 builder 2016-08-18 17:58:34 -05:00
Denis Kenzior
b6e7b7a4d6 wscutil: Add M3 parser 2016-08-18 17:48:04 -05:00
Denis Kenzior
dc310bfc49 wscutil: Add e_hash 1 & 2 extractor 2016-08-18 17:47:36 -05:00
Denis Kenzior
a867076c3e wscutil: Relax OS_VERSION parser
Apple implementations seem to not set the MSB bit to 1.
2016-08-18 17:29:16 -05:00
Denis Kenzior
f2e11f5e7c wscutil: Fix memset 2016-08-18 16:22:48 -05:00
Denis Kenzior
af7224a973 wscutil: More strictly handle AUTHENTICATOR tlv
This element must be the TLV in the message
2016-08-18 12:53:06 -05:00
Denis Kenzior
f59f7564ce wscutil: Fix flags
For some reason they weren't setup to be used in a bitfield
2016-08-18 12:52:36 -05:00