aboutsummaryrefslogtreecommitdiffstats
path: root/wlantest
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2014-05-15 09:40:02 (GMT)
committerJouni Malinen <j@w1.fi>2014-05-15 13:56:59 (GMT)
commitf6ff5160f024b3e632260e657fe076702d98ffb5 (patch)
tree6801360e9a38657fa60c197126f322461ee6c5cb /wlantest
parent84a40841779f3a606c3c4c09ee0d584059a7abcf (diff)
downloadhostap-f6ff5160f024b3e632260e657fe076702d98ffb5.zip
hostap-f6ff5160f024b3e632260e657fe076702d98ffb5.tar.gz
hostap-f6ff5160f024b3e632260e657fe076702d98ffb5.tar.bz2
wlantest: Add support for OSEN
This allows Hotspot 2.0 OSEN connection to be analyzed more conveniently. The frames from an OSEN association can now be decrypted using an MSK file. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'wlantest')
-rw-r--r--wlantest/Makefile1
-rw-r--r--wlantest/bss.c35
-rw-r--r--wlantest/rx_eapol.c10
-rw-r--r--wlantest/sta.c23
-rw-r--r--wlantest/wlantest.h2
5 files changed, 63 insertions, 8 deletions
diff --git a/wlantest/Makefile b/wlantest/Makefile
index 175fb51..5b23bba 100644
--- a/wlantest/Makefile
+++ b/wlantest/Makefile
@@ -44,6 +44,7 @@ OBJS_lib += ../src/crypto/libcrypto.a
CFLAGS += -DCONFIG_PEERKEY
CFLAGS += -DCONFIG_IEEE80211W
CFLAGS += -DCONFIG_IEEE80211R
+CFLAGS += -DCONFIG_HS20
CFLAGS += -DCONFIG_DEBUG_FILE
OBJS += ../src/common/ieee802_11_common.o
diff --git a/wlantest/bss.c b/wlantest/bss.c
index 98d98ef..67af707 100644
--- a/wlantest/bss.c
+++ b/wlantest/bss.c
@@ -154,6 +154,26 @@ void bss_update(struct wlantest *wt, struct wlantest_bss *bss,
bss_add_pmk(wt, bss);
}
+ if (elems->osen == NULL) {
+ if (bss->osenie[0]) {
+ add_note(wt, MSG_INFO, "BSS " MACSTR
+ " - OSEN IE removed", MAC2STR(bss->bssid));
+ bss->rsnie[0] = 0;
+ update = 1;
+ }
+ } else {
+ if (bss->osenie[0] == 0 ||
+ os_memcmp(bss->osenie, elems->osen - 2,
+ elems->osen_len + 2) != 0) {
+ wpa_printf(MSG_INFO, "BSS " MACSTR " - OSEN IE "
+ "stored", MAC2STR(bss->bssid));
+ wpa_hexdump(MSG_DEBUG, "OSEN IE", elems->osen - 2,
+ elems->osen_len + 2);
+ update = 1;
+ }
+ os_memcpy(bss->osenie, elems->osen - 2,
+ elems->osen_len + 2);
+ }
if (elems->rsn_ie == NULL) {
if (bss->rsnie[0]) {
@@ -238,25 +258,33 @@ void bss_update(struct wlantest *wt, struct wlantest_bss *bss,
}
}
+ if (bss->osenie[0]) {
+ bss->proto |= WPA_PROTO_OSEN;
+ bss->pairwise_cipher |= WPA_CIPHER_CCMP;
+ bss->group_cipher |= WPA_CIPHER_CCMP;
+ bss->key_mgmt |= WPA_KEY_MGMT_OSEN;
+ }
+
if (!(bss->proto & WPA_PROTO_RSN) ||
!(bss->rsn_capab & WPA_CAPABILITY_MFPC))
bss->mgmt_group_cipher = 0;
- if (!bss->wpaie[0] && !bss->rsnie[0] &&
+ if (!bss->wpaie[0] && !bss->rsnie[0] && !bss->osenie[0] &&
(bss->capab_info & WLAN_CAPABILITY_PRIVACY))
bss->group_cipher = WPA_CIPHER_WEP40;
wpa_printf(MSG_INFO, "BSS " MACSTR
- " proto=%s%s%s"
+ " proto=%s%s%s%s"
"pairwise=%s%s%s%s"
"group=%s%s%s%s%s%s"
"mgmt_group_cipher=%s"
- "key_mgmt=%s%s%s%s%s%s%s%s"
+ "key_mgmt=%s%s%s%s%s%s%s%s%s"
"rsn_capab=%s%s%s%s%s",
MAC2STR(bss->bssid),
bss->proto == 0 ? "OPEN " : "",
bss->proto & WPA_PROTO_WPA ? "WPA " : "",
bss->proto & WPA_PROTO_RSN ? "WPA2 " : "",
+ bss->proto & WPA_PROTO_OSEN ? "OSEN " : "",
bss->pairwise_cipher == 0 ? "N/A " : "",
bss->pairwise_cipher & WPA_CIPHER_NONE ? "NONE " : "",
bss->pairwise_cipher & WPA_CIPHER_TKIP ? "TKIP " : "",
@@ -279,6 +307,7 @@ void bss_update(struct wlantest *wt, struct wlantest_bss *bss,
"EAP-SHA256 " : "",
bss->key_mgmt & WPA_KEY_MGMT_PSK_SHA256 ?
"PSK-SHA256 " : "",
+ bss->key_mgmt & WPA_KEY_MGMT_OSEN ? "OSEN " : "",
bss->rsn_capab & WPA_CAPABILITY_PREAUTH ? "PREAUTH " : "",
bss->rsn_capab & WPA_CAPABILITY_NO_PAIRWISE ?
"NO_PAIRWISE " : "",
diff --git a/wlantest/rx_eapol.c b/wlantest/rx_eapol.c
index 5e1ad34..8118a27 100644
--- a/wlantest/rx_eapol.c
+++ b/wlantest/rx_eapol.c
@@ -144,8 +144,8 @@ static void derive_ptk(struct wlantest *wt, struct wlantest_bss *bss,
{
struct wlantest_pmk *pmk;
- wpa_printf(MSG_DEBUG, "Trying to derive PTK for " MACSTR,
- MAC2STR(sta->addr));
+ wpa_printf(MSG_DEBUG, "Trying to derive PTK for " MACSTR " (ver %u)",
+ MAC2STR(sta->addr), ver);
dl_list_for_each(pmk, &bss->pmk, struct wlantest_pmk, list) {
wpa_printf(MSG_DEBUG, "Try per-BSS PMK");
if (try_pmk(wt, bss, sta, ver, data, len, pmk) == 0)
@@ -372,6 +372,9 @@ static u8 * decrypt_eapol_key_data(struct wlantest *wt, const u8 *kek, u16 ver,
case WPA_KEY_INFO_TYPE_HMAC_SHA1_AES:
case WPA_KEY_INFO_TYPE_AES_128_CMAC:
return decrypt_eapol_key_data_aes(wt, kek, hdr, len);
+ case WPA_KEY_INFO_TYPE_AKM_DEFINED:
+ /* For now, assume this is OSEN */
+ return decrypt_eapol_key_data_aes(wt, kek, hdr, len);
default:
add_note(wt, MSG_INFO,
"Unsupported EAPOL-Key Key Descriptor Version %u",
@@ -916,7 +919,8 @@ static void rx_data_eapol_key(struct wlantest *wt, const u8 *dst,
if (ver != WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 &&
ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES &&
- ver != WPA_KEY_INFO_TYPE_AES_128_CMAC) {
+ ver != WPA_KEY_INFO_TYPE_AES_128_CMAC &&
+ ver != WPA_KEY_INFO_TYPE_AKM_DEFINED) {
wpa_printf(MSG_INFO, "Unsupported EAPOL-Key Key Descriptor "
"Version %u from " MACSTR, ver, MAC2STR(src));
return;
diff --git a/wlantest/sta.c b/wlantest/sta.c
index 115ef8a..6f6178d 100644
--- a/wlantest/sta.c
+++ b/wlantest/sta.c
@@ -82,6 +82,14 @@ void sta_update_assoc(struct wlantest_sta *sta, struct ieee802_11_elems *elems)
elems->rsn_ie = NULL;
}
+ if (elems->osen && !bss->osenie[0]) {
+ wpa_printf(MSG_INFO, "OSEN IE included in Association Request "
+ "frame from " MACSTR " even though BSS does not "
+ "use OSEN - ignore IE",
+ MAC2STR(sta->addr));
+ elems->osen = NULL;
+ }
+
if (elems->wpa_ie && elems->rsn_ie) {
wpa_printf(MSG_INFO, "Both WPA IE and RSN IE included in "
"Association Request frame from " MACSTR,
@@ -108,6 +116,15 @@ void sta_update_assoc(struct wlantest_sta *sta, struct ieee802_11_elems *elems)
wpa_printf(MSG_INFO, "Failed to parse WPA IE from "
MACSTR, MAC2STR(sta->addr));
}
+ } else if (elems->osen) {
+ wpa_hexdump(MSG_DEBUG, "OSEN IE", elems->osen - 2,
+ elems->osen_len + 2);
+ os_memcpy(sta->osenie, elems->osen - 2, elems->osen_len + 2);
+ sta->proto = WPA_PROTO_OSEN;
+ sta->pairwise_cipher = WPA_CIPHER_CCMP;
+ sta->key_mgmt = WPA_KEY_MGMT_OSEN;
+ sta->rsn_capab = 0;
+ goto skip_rsn_wpa;
} else {
sta->rsnie[0] = 0;
sta->proto = 0;
@@ -151,14 +168,15 @@ void sta_update_assoc(struct wlantest_sta *sta, struct ieee802_11_elems *elems)
skip_rsn_wpa:
wpa_printf(MSG_INFO, "STA " MACSTR
- " proto=%s%s%s"
+ " proto=%s%s%s%s"
"pairwise=%s%s%s%s"
- "key_mgmt=%s%s%s%s%s%s%s%s"
+ "key_mgmt=%s%s%s%s%s%s%s%s%s"
"rsn_capab=%s%s%s%s%s",
MAC2STR(sta->addr),
sta->proto == 0 ? "OPEN " : "",
sta->proto & WPA_PROTO_WPA ? "WPA " : "",
sta->proto & WPA_PROTO_RSN ? "WPA2 " : "",
+ sta->proto & WPA_PROTO_OSEN ? "OSEN " : "",
sta->pairwise_cipher == 0 ? "N/A " : "",
sta->pairwise_cipher & WPA_CIPHER_NONE ? "NONE " : "",
sta->pairwise_cipher & WPA_CIPHER_TKIP ? "TKIP " : "",
@@ -173,6 +191,7 @@ skip_rsn_wpa:
"EAP-SHA256 " : "",
sta->key_mgmt & WPA_KEY_MGMT_PSK_SHA256 ?
"PSK-SHA256 " : "",
+ sta->key_mgmt & WPA_KEY_MGMT_OSEN ? "OSEN " : "",
sta->rsn_capab & WPA_CAPABILITY_PREAUTH ? "PREAUTH " : "",
sta->rsn_capab & WPA_CAPABILITY_NO_PAIRWISE ?
"NO_PAIRWISE " : "",
diff --git a/wlantest/wlantest.h b/wlantest/wlantest.h
index 68531d8..566ba6b 100644
--- a/wlantest/wlantest.h
+++ b/wlantest/wlantest.h
@@ -61,6 +61,7 @@ struct wlantest_sta {
} state;
u16 aid;
u8 rsnie[257]; /* WPA/RSN IE */
+ u8 osenie[257]; /* OSEN IE */
int proto;
int pairwise_cipher;
int group_cipher;
@@ -130,6 +131,7 @@ struct wlantest_bss {
int parse_error_reported;
u8 wpaie[257];
u8 rsnie[257];
+ u8 osenie[257];
int proto;
int pairwise_cipher;
int group_cipher;