1 /*
2 * Received Management frame processing
3 * Copyright (c) 2010-2020, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10
11 #include "utils/common.h"
12 #include "common/defs.h"
13 #include "common/ieee802_11_defs.h"
14 #include "common/ieee802_11_common.h"
15 #include "common/wpa_common.h"
16 #include "crypto/aes.h"
17 #include "crypto/aes_siv.h"
18 #include "crypto/aes_wrap.h"
19 #include "wlantest.h"
20
21
22 static int check_mmie_mic(unsigned int mgmt_group_cipher,
23 const u8 *igtk, size_t igtk_len,
24 const u8 *data, size_t len);
25
26
mgmt_stype(u16 stype)27 static const char * mgmt_stype(u16 stype)
28 {
29 switch (stype) {
30 case WLAN_FC_STYPE_ASSOC_REQ:
31 return "ASSOC-REQ";
32 case WLAN_FC_STYPE_ASSOC_RESP:
33 return "ASSOC-RESP";
34 case WLAN_FC_STYPE_REASSOC_REQ:
35 return "REASSOC-REQ";
36 case WLAN_FC_STYPE_REASSOC_RESP:
37 return "REASSOC-RESP";
38 case WLAN_FC_STYPE_PROBE_REQ:
39 return "PROBE-REQ";
40 case WLAN_FC_STYPE_PROBE_RESP:
41 return "PROBE-RESP";
42 case WLAN_FC_STYPE_BEACON:
43 return "BEACON";
44 case WLAN_FC_STYPE_ATIM:
45 return "ATIM";
46 case WLAN_FC_STYPE_DISASSOC:
47 return "DISASSOC";
48 case WLAN_FC_STYPE_AUTH:
49 return "AUTH";
50 case WLAN_FC_STYPE_DEAUTH:
51 return "DEAUTH";
52 case WLAN_FC_STYPE_ACTION:
53 return "ACTION";
54 case WLAN_FC_STYPE_ACTION_NO_ACK:
55 return "ACTION-NO-ACK";
56 }
57 return "??";
58 }
59
60
rx_mgmt_beacon(struct wlantest * wt,const u8 * data,size_t len)61 static void rx_mgmt_beacon(struct wlantest *wt, const u8 *data, size_t len)
62 {
63 const struct ieee80211_mgmt *mgmt;
64 struct wlantest_bss *bss;
65 struct ieee802_11_elems elems;
66 size_t offset;
67 const u8 *mme;
68 size_t mic_len;
69 u16 keyid;
70
71 mgmt = (const struct ieee80211_mgmt *) data;
72 offset = mgmt->u.beacon.variable - data;
73 if (len < offset)
74 return;
75 bss = bss_get(wt, mgmt->bssid);
76 if (bss == NULL)
77 return;
78 if (bss->proberesp_seen)
79 return; /* do not override with Beacon data */
80 bss->capab_info = le_to_host16(mgmt->u.beacon.capab_info);
81 if (ieee802_11_parse_elems(mgmt->u.beacon.variable, len - offset,
82 &elems, 0) == ParseFailed) {
83 if (bss->parse_error_reported)
84 return;
85 add_note(wt, MSG_INFO, "Invalid IEs in a Beacon frame from "
86 MACSTR, MAC2STR(mgmt->sa));
87 bss->parse_error_reported = 1;
88 return;
89 }
90
91 bss_update(wt, bss, &elems, 1);
92
93 mme = get_ie(mgmt->u.beacon.variable, len - offset, WLAN_EID_MMIE);
94 if (!mme) {
95 if (bss->bigtk_idx) {
96 add_note(wt, MSG_INFO,
97 "Unexpected unprotected Beacon frame from "
98 MACSTR, MAC2STR(mgmt->sa));
99 bss->counters[WLANTEST_BSS_COUNTER_MISSING_BIP_MMIE]++;
100 }
101 return;
102 }
103
104 mic_len = bss->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC ? 8 : 16;
105 if (len < 24 + 10 + mic_len ||
106 data[len - (10 + mic_len)] != WLAN_EID_MMIE ||
107 data[len - (10 + mic_len - 1)] != 8 + mic_len) {
108 add_note(wt, MSG_INFO, "Invalid MME in a Beacon frame from "
109 MACSTR, MAC2STR(mgmt->sa));
110 return;
111 }
112
113 mme += 2;
114 keyid = WPA_GET_LE16(mme);
115 if (keyid < 6 || keyid > 7) {
116 add_note(wt, MSG_INFO, "Unexpected MME KeyID %u from " MACSTR,
117 keyid, MAC2STR(mgmt->sa));
118 bss->counters[WLANTEST_BSS_COUNTER_INVALID_BIP_MMIE]++;
119 return;
120 }
121
122 wpa_printf(MSG_DEBUG, "Beacon frame MME KeyID %u", keyid);
123 wpa_hexdump(MSG_MSGDUMP, "MME IPN", mme + 2, 6);
124 wpa_hexdump(MSG_MSGDUMP, "MME MIC", mme + 8, mic_len);
125
126 if (!bss->igtk_len[keyid]) {
127 add_note(wt, MSG_DEBUG, "No BIGTK known to validate BIP frame");
128 return;
129 }
130
131 if (os_memcmp(mme + 2, bss->ipn[keyid], 6) <= 0) {
132 add_note(wt, MSG_INFO, "BIP replay detected: SA=" MACSTR,
133 MAC2STR(mgmt->sa));
134 wpa_hexdump(MSG_INFO, "RX IPN", mme + 2, 6);
135 wpa_hexdump(MSG_INFO, "Last RX IPN", bss->ipn[keyid], 6);
136 }
137
138 if (check_mmie_mic(bss->mgmt_group_cipher, bss->igtk[keyid],
139 bss->igtk_len[keyid], data, len) < 0) {
140 add_note(wt, MSG_INFO, "Invalid MME MIC in a Beacon frame from "
141 MACSTR, MAC2STR(mgmt->sa));
142 bss->counters[WLANTEST_BSS_COUNTER_INVALID_BIP_MMIE]++;
143 return;
144 }
145
146 add_note(wt, MSG_DEBUG, "Valid MME MIC in Beacon frame");
147 os_memcpy(bss->ipn[keyid], mme + 2, 6);
148 }
149
150
rx_mgmt_probe_resp(struct wlantest * wt,const u8 * data,size_t len)151 static void rx_mgmt_probe_resp(struct wlantest *wt, const u8 *data, size_t len)
152 {
153 const struct ieee80211_mgmt *mgmt;
154 struct wlantest_bss *bss;
155 struct ieee802_11_elems elems;
156 size_t offset;
157
158 mgmt = (const struct ieee80211_mgmt *) data;
159 offset = mgmt->u.probe_resp.variable - data;
160 if (len < offset)
161 return;
162 bss = bss_get(wt, mgmt->bssid);
163 if (bss == NULL)
164 return;
165
166 bss->counters[WLANTEST_BSS_COUNTER_PROBE_RESPONSE]++;
167 bss->capab_info = le_to_host16(mgmt->u.probe_resp.capab_info);
168 if (ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - offset,
169 &elems, 0) == ParseFailed) {
170 if (bss->parse_error_reported)
171 return;
172 add_note(wt, MSG_INFO, "Invalid IEs in a Probe Response frame "
173 "from " MACSTR, MAC2STR(mgmt->sa));
174 bss->parse_error_reported = 1;
175 return;
176 }
177
178 bss_update(wt, bss, &elems, 2);
179 }
180
181
process_fils_auth(struct wlantest * wt,struct wlantest_bss * bss,struct wlantest_sta * sta,const struct ieee80211_mgmt * mgmt,size_t len)182 static void process_fils_auth(struct wlantest *wt, struct wlantest_bss *bss,
183 struct wlantest_sta *sta,
184 const struct ieee80211_mgmt *mgmt, size_t len)
185 {
186 struct ieee802_11_elems elems;
187 u16 trans;
188 struct wpa_ie_data data;
189
190 if (sta->auth_alg != WLAN_AUTH_FILS_SK ||
191 len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth))
192 return;
193
194 trans = le_to_host16(mgmt->u.auth.auth_transaction);
195
196 if (ieee802_11_parse_elems(mgmt->u.auth.variable,
197 len - IEEE80211_HDRLEN -
198 sizeof(mgmt->u.auth), &elems, 0) ==
199 ParseFailed)
200 return;
201
202 if (trans == 1) {
203 if (!elems.rsn_ie) {
204 add_note(wt, MSG_INFO,
205 "FILS Authentication frame missing RSNE");
206 return;
207 }
208 if (wpa_parse_wpa_ie_rsn(elems.rsn_ie - 2,
209 elems.rsn_ie_len + 2, &data) < 0) {
210 add_note(wt, MSG_INFO,
211 "Invalid RSNE in FILS Authentication frame");
212 return;
213 }
214 sta->key_mgmt = data.key_mgmt;
215 sta->pairwise_cipher = data.pairwise_cipher;
216 }
217
218 if (!elems.fils_nonce) {
219 add_note(wt, MSG_INFO,
220 "FILS Authentication frame missing nonce");
221 return;
222 }
223
224 if (os_memcmp(mgmt->sa, mgmt->bssid, ETH_ALEN) == 0)
225 os_memcpy(sta->anonce, elems.fils_nonce, FILS_NONCE_LEN);
226 else
227 os_memcpy(sta->snonce, elems.fils_nonce, FILS_NONCE_LEN);
228 }
229
230
process_ft_auth(struct wlantest * wt,struct wlantest_bss * bss,struct wlantest_sta * sta,const struct ieee80211_mgmt * mgmt,size_t len)231 static void process_ft_auth(struct wlantest *wt, struct wlantest_bss *bss,
232 struct wlantest_sta *sta,
233 const struct ieee80211_mgmt *mgmt, size_t len)
234 {
235 u16 trans;
236 struct wpa_ft_ies parse;
237 struct wpa_ptk ptk;
238 u8 ptk_name[WPA_PMK_NAME_LEN];
239 struct wlantest_bss *old_bss;
240 struct wlantest_sta *old_sta = NULL;
241
242 if (sta->auth_alg != WLAN_AUTH_FT ||
243 len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth))
244 return;
245
246 trans = le_to_host16(mgmt->u.auth.auth_transaction);
247
248 if (wpa_ft_parse_ies(mgmt->u.auth.variable,
249 len - IEEE80211_HDRLEN - sizeof(mgmt->u.auth),
250 &parse, -1)) {
251 add_note(wt, MSG_INFO,
252 "Could not parse FT Authentication Response frame");
253 return;
254 }
255
256 if (trans == 1) {
257 sta->key_mgmt = parse.key_mgmt;
258 sta->pairwise_cipher = parse.pairwise_cipher;
259 return;
260 }
261
262 if (trans != 2)
263 return;
264
265 /* TODO: Should find the latest updated PMK-R0 value here instead
266 * copying the one from the first found matching old STA entry. */
267 dl_list_for_each(old_bss, &wt->bss, struct wlantest_bss, list) {
268 if (old_bss == bss)
269 continue;
270 old_sta = sta_find(old_bss, sta->addr);
271 if (old_sta)
272 break;
273 }
274 if (!old_sta)
275 return;
276
277 os_memcpy(sta->pmk_r0, old_sta->pmk_r0, old_sta->pmk_r0_len);
278 sta->pmk_r0_len = old_sta->pmk_r0_len;
279 os_memcpy(sta->pmk_r0_name, old_sta->pmk_r0_name,
280 sizeof(sta->pmk_r0_name));
281
282 if (parse.r1kh_id)
283 os_memcpy(bss->r1kh_id, parse.r1kh_id, FT_R1KH_ID_LEN);
284
285 if (wpa_derive_pmk_r1(sta->pmk_r0, sta->pmk_r0_len, sta->pmk_r0_name,
286 bss->r1kh_id, sta->addr, sta->pmk_r1,
287 sta->pmk_r1_name) < 0)
288 return;
289 sta->pmk_r1_len = sta->pmk_r0_len;
290
291 if (!parse.fte_anonce || !parse.fte_snonce ||
292 wpa_pmk_r1_to_ptk(sta->pmk_r1, sta->pmk_r1_len, parse.fte_snonce,
293 parse.fte_anonce, sta->addr, bss->bssid,
294 sta->pmk_r1_name, &ptk, ptk_name, sta->key_mgmt,
295 sta->pairwise_cipher, 0) < 0)
296 return;
297
298 add_note(wt, MSG_DEBUG, "Derived new PTK");
299 os_memcpy(&sta->ptk, &ptk, sizeof(ptk));
300 sta->ptk_set = 1;
301 os_memset(sta->rsc_tods, 0, sizeof(sta->rsc_tods));
302 os_memset(sta->rsc_fromds, 0, sizeof(sta->rsc_fromds));
303 }
304
305
rx_mgmt_auth(struct wlantest * wt,const u8 * data,size_t len)306 static void rx_mgmt_auth(struct wlantest *wt, const u8 *data, size_t len)
307 {
308 const struct ieee80211_mgmt *mgmt;
309 struct wlantest_bss *bss;
310 struct wlantest_sta *sta;
311 u16 alg, trans, status;
312
313 mgmt = (const struct ieee80211_mgmt *) data;
314 bss = bss_get(wt, mgmt->bssid);
315 if (bss == NULL)
316 return;
317 if (os_memcmp(mgmt->sa, mgmt->bssid, ETH_ALEN) == 0)
318 sta = sta_get(bss, mgmt->da);
319 else
320 sta = sta_get(bss, mgmt->sa);
321 if (sta == NULL)
322 return;
323
324 if (len < 24 + 6) {
325 add_note(wt, MSG_INFO, "Too short Authentication frame from "
326 MACSTR, MAC2STR(mgmt->sa));
327 return;
328 }
329
330 alg = le_to_host16(mgmt->u.auth.auth_alg);
331 sta->auth_alg = alg;
332 trans = le_to_host16(mgmt->u.auth.auth_transaction);
333 status = le_to_host16(mgmt->u.auth.status_code);
334
335 wpa_printf(MSG_DEBUG, "AUTH " MACSTR " -> " MACSTR
336 " (alg=%u trans=%u status=%u)",
337 MAC2STR(mgmt->sa), MAC2STR(mgmt->da), alg, trans, status);
338
339 if (alg == 0 && trans == 2 && status == 0) {
340 if (sta->state == STATE1) {
341 add_note(wt, MSG_DEBUG, "STA " MACSTR
342 " moved to State 2 with " MACSTR,
343 MAC2STR(sta->addr), MAC2STR(bss->bssid));
344 sta->state = STATE2;
345 }
346 }
347
348 if (os_memcmp(mgmt->sa, mgmt->bssid, ETH_ALEN) == 0)
349 sta->counters[WLANTEST_STA_COUNTER_AUTH_RX]++;
350 else
351 sta->counters[WLANTEST_STA_COUNTER_AUTH_TX]++;
352
353 process_fils_auth(wt, bss, sta, mgmt, len);
354 process_ft_auth(wt, bss, sta, mgmt, len);
355 }
356
357
deauth_all_stas(struct wlantest * wt,struct wlantest_bss * bss)358 static void deauth_all_stas(struct wlantest *wt, struct wlantest_bss *bss)
359 {
360 struct wlantest_sta *sta;
361 dl_list_for_each(sta, &bss->sta, struct wlantest_sta, list) {
362 if (sta->state == STATE1)
363 continue;
364 add_note(wt, MSG_DEBUG, "STA " MACSTR
365 " moved to State 1 with " MACSTR,
366 MAC2STR(sta->addr), MAC2STR(bss->bssid));
367 sta->state = STATE1;
368 }
369 }
370
371
tdls_link_down(struct wlantest * wt,struct wlantest_bss * bss,struct wlantest_sta * sta)372 static void tdls_link_down(struct wlantest *wt, struct wlantest_bss *bss,
373 struct wlantest_sta *sta)
374 {
375 struct wlantest_tdls *tdls;
376 dl_list_for_each(tdls, &bss->tdls, struct wlantest_tdls, list) {
377 if ((tdls->init == sta || tdls->resp == sta) && tdls->link_up)
378 {
379 add_note(wt, MSG_DEBUG, "TDLS: Set link down based on "
380 "STA deauth/disassoc");
381 tdls->link_up = 0;
382 }
383 }
384 }
385
386
rx_mgmt_deauth(struct wlantest * wt,const u8 * data,size_t len,int valid)387 static void rx_mgmt_deauth(struct wlantest *wt, const u8 *data, size_t len,
388 int valid)
389 {
390 const struct ieee80211_mgmt *mgmt;
391 struct wlantest_bss *bss;
392 struct wlantest_sta *sta;
393 u16 fc, reason;
394
395 mgmt = (const struct ieee80211_mgmt *) data;
396 bss = bss_get(wt, mgmt->bssid);
397 if (bss == NULL)
398 return;
399 if (os_memcmp(mgmt->sa, mgmt->bssid, ETH_ALEN) == 0)
400 sta = sta_get(bss, mgmt->da);
401 else
402 sta = sta_get(bss, mgmt->sa);
403
404 if (len < 24 + 2) {
405 add_note(wt, MSG_INFO, "Too short Deauthentication frame from "
406 MACSTR, MAC2STR(mgmt->sa));
407 return;
408 }
409
410 reason = le_to_host16(mgmt->u.deauth.reason_code);
411 wpa_printf(MSG_DEBUG, "DEAUTH " MACSTR " -> " MACSTR
412 " (reason=%u) (valid=%d)",
413 MAC2STR(mgmt->sa), MAC2STR(mgmt->da),
414 reason, valid);
415 wpa_hexdump(MSG_MSGDUMP, "DEAUTH payload", data + 24, len - 24);
416
417 if (sta == NULL) {
418 if (valid && mgmt->da[0] == 0xff)
419 deauth_all_stas(wt, bss);
420 return;
421 }
422
423 if (os_memcmp(mgmt->sa, mgmt->bssid, ETH_ALEN) == 0) {
424 sta->counters[valid ? WLANTEST_STA_COUNTER_VALID_DEAUTH_RX :
425 WLANTEST_STA_COUNTER_INVALID_DEAUTH_RX]++;
426 if (sta->pwrmgt && !sta->pspoll)
427 sta->counters[WLANTEST_STA_COUNTER_DEAUTH_RX_ASLEEP]++;
428 else
429 sta->counters[WLANTEST_STA_COUNTER_DEAUTH_RX_AWAKE]++;
430
431 fc = le_to_host16(mgmt->frame_control);
432 if (!(fc & WLAN_FC_ISWEP) && reason == 6)
433 sta->counters[WLANTEST_STA_COUNTER_DEAUTH_RX_RC6]++;
434 else if (!(fc & WLAN_FC_ISWEP) && reason == 7)
435 sta->counters[WLANTEST_STA_COUNTER_DEAUTH_RX_RC7]++;
436 } else
437 sta->counters[valid ? WLANTEST_STA_COUNTER_VALID_DEAUTH_TX :
438 WLANTEST_STA_COUNTER_INVALID_DEAUTH_TX]++;
439
440 if (!valid) {
441 add_note(wt, MSG_INFO, "Do not change STA " MACSTR " State "
442 "since Disassociation frame was not protected "
443 "correctly", MAC2STR(sta->addr));
444 return;
445 }
446
447 if (sta->state != STATE1) {
448 add_note(wt, MSG_DEBUG, "STA " MACSTR
449 " moved to State 1 with " MACSTR,
450 MAC2STR(sta->addr), MAC2STR(bss->bssid));
451 sta->state = STATE1;
452 }
453 tdls_link_down(wt, bss, sta);
454 }
455
456
get_fils_session(const u8 * ies,size_t ies_len)457 static const u8 * get_fils_session(const u8 *ies, size_t ies_len)
458 {
459 const u8 *ie, *end;
460
461 ie = ies;
462 end = ((const u8 *) ie) + ies_len;
463 while (ie + 1 < end) {
464 if (ie + 2 + ie[1] > end)
465 break;
466 if (ie[0] == WLAN_EID_EXTENSION &&
467 ie[1] >= 1 + FILS_SESSION_LEN &&
468 ie[2] == WLAN_EID_EXT_FILS_SESSION)
469 return ie;
470 ie += 2 + ie[1];
471 }
472 return NULL;
473 }
474
475
try_rmsk(struct wlantest * wt,struct wlantest_bss * bss,struct wlantest_sta * sta,struct wlantest_pmk * pmk,const u8 * frame_start,const u8 * frame_ad,const u8 * frame_ad_end,const u8 * encr_end)476 static int try_rmsk(struct wlantest *wt, struct wlantest_bss *bss,
477 struct wlantest_sta *sta, struct wlantest_pmk *pmk,
478 const u8 *frame_start, const u8 *frame_ad,
479 const u8 *frame_ad_end, const u8 *encr_end)
480 {
481 size_t pmk_len = 0;
482 u8 pmk_buf[PMK_LEN_MAX];
483 struct wpa_ptk ptk;
484 u8 ick[FILS_ICK_MAX_LEN];
485 size_t ick_len;
486 const u8 *aad[5];
487 size_t aad_len[5];
488 u8 buf[2000];
489
490 if (fils_rmsk_to_pmk(sta->key_mgmt, pmk->pmk, pmk->pmk_len,
491 sta->snonce, sta->anonce, NULL, 0,
492 pmk_buf, &pmk_len) < 0)
493 return -1;
494
495 if (fils_pmk_to_ptk(pmk_buf, pmk_len, sta->addr, bss->bssid,
496 sta->snonce, sta->anonce, NULL, 0,
497 &ptk, ick, &ick_len,
498 sta->key_mgmt, sta->pairwise_cipher,
499 NULL, NULL, 0) < 0)
500 return -1;
501
502 /* Check AES-SIV decryption with the derived key */
503
504 /* AES-SIV AAD vectors */
505
506 /* The STA's MAC address */
507 aad[0] = sta->addr;
508 aad_len[0] = ETH_ALEN;
509 /* The AP's BSSID */
510 aad[1] = bss->bssid;
511 aad_len[1] = ETH_ALEN;
512 /* The STA's nonce */
513 aad[2] = sta->snonce;
514 aad_len[2] = FILS_NONCE_LEN;
515 /* The AP's nonce */
516 aad[3] = sta->anonce;
517 aad_len[3] = FILS_NONCE_LEN;
518 /*
519 * The (Re)Association Request frame from the Capability Information
520 * field to the FILS Session element (both inclusive).
521 */
522 aad[4] = frame_ad;
523 aad_len[4] = frame_ad_end - frame_ad;
524
525 if (encr_end - frame_ad_end < AES_BLOCK_SIZE ||
526 encr_end - frame_ad_end > sizeof(buf))
527 return -1;
528 if (aes_siv_decrypt(ptk.kek, ptk.kek_len,
529 frame_ad_end, encr_end - frame_ad_end,
530 5, aad, aad_len, buf) < 0) {
531 wpa_printf(MSG_DEBUG,
532 "FILS: Derived PTK did not match AES-SIV data");
533 return -1;
534 }
535
536 add_note(wt, MSG_DEBUG, "Derived FILS PTK");
537 os_memcpy(&sta->ptk, &ptk, sizeof(ptk));
538 sta->ptk_set = 1;
539 sta->counters[WLANTEST_STA_COUNTER_PTK_LEARNED]++;
540 wpa_hexdump(MSG_DEBUG, "FILS: Decrypted Association Request elements",
541 buf, encr_end - frame_ad_end - AES_BLOCK_SIZE);
542
543 if (wt->write_pcap_dumper || wt->pcapng) {
544 write_pcap_decrypted(wt, frame_start,
545 frame_ad_end - frame_start,
546 buf,
547 encr_end - frame_ad_end - AES_BLOCK_SIZE);
548 }
549
550 return 0;
551 }
552
553
derive_fils_keys(struct wlantest * wt,struct wlantest_bss * bss,struct wlantest_sta * sta,const u8 * frame_start,const u8 * frame_ad,const u8 * frame_ad_end,const u8 * encr_end)554 static void derive_fils_keys(struct wlantest *wt, struct wlantest_bss *bss,
555 struct wlantest_sta *sta, const u8 *frame_start,
556 const u8 *frame_ad, const u8 *frame_ad_end,
557 const u8 *encr_end)
558 {
559 struct wlantest_pmk *pmk;
560
561 wpa_printf(MSG_DEBUG, "Trying to derive PTK for " MACSTR
562 " from FILS rMSK", MAC2STR(sta->addr));
563
564 dl_list_for_each(pmk, &bss->pmk, struct wlantest_pmk,
565 list) {
566 wpa_printf(MSG_DEBUG, "Try per-BSS PMK");
567 if (try_rmsk(wt, bss, sta, pmk, frame_start, frame_ad,
568 frame_ad_end, encr_end) == 0)
569 return;
570 }
571
572 dl_list_for_each(pmk, &wt->pmk, struct wlantest_pmk, list) {
573 wpa_printf(MSG_DEBUG, "Try global PMK");
574 if (try_rmsk(wt, bss, sta, pmk, frame_start, frame_ad,
575 frame_ad_end, encr_end) == 0)
576 return;
577 }
578 }
579
580
rx_mgmt_assoc_req(struct wlantest * wt,const u8 * data,size_t len)581 static void rx_mgmt_assoc_req(struct wlantest *wt, const u8 *data, size_t len)
582 {
583 const struct ieee80211_mgmt *mgmt;
584 struct wlantest_bss *bss;
585 struct wlantest_sta *sta;
586 struct ieee802_11_elems elems;
587 const u8 *ie;
588 size_t ie_len;
589
590 mgmt = (const struct ieee80211_mgmt *) data;
591 bss = bss_get(wt, mgmt->bssid);
592 if (bss == NULL)
593 return;
594 sta = sta_get(bss, mgmt->sa);
595 if (sta == NULL)
596 return;
597
598 if (len < 24 + 4) {
599 add_note(wt, MSG_INFO, "Too short Association Request frame "
600 "from " MACSTR, MAC2STR(mgmt->sa));
601 return;
602 }
603
604 wpa_printf(MSG_DEBUG, "ASSOCREQ " MACSTR " -> " MACSTR
605 " (capab=0x%x listen_int=%u)",
606 MAC2STR(mgmt->sa), MAC2STR(mgmt->da),
607 le_to_host16(mgmt->u.assoc_req.capab_info),
608 le_to_host16(mgmt->u.assoc_req.listen_interval));
609
610 sta->counters[WLANTEST_STA_COUNTER_ASSOCREQ_TX]++;
611
612 ie = mgmt->u.assoc_req.variable;
613 ie_len = len - (mgmt->u.assoc_req.variable - data);
614
615 if (sta->auth_alg == WLAN_AUTH_FILS_SK) {
616 const u8 *session, *frame_ad, *frame_ad_end, *encr_end;
617
618 session = get_fils_session(ie, ie_len);
619 if (session) {
620 frame_ad = (const u8 *) &mgmt->u.assoc_req.capab_info;
621 frame_ad_end = session + 2 + session[1];
622 encr_end = data + len;
623 derive_fils_keys(wt, bss, sta, data, frame_ad,
624 frame_ad_end, encr_end);
625 ie_len = session - ie;
626 }
627 }
628
629 if (ieee802_11_parse_elems(ie, ie_len, &elems, 0) == ParseFailed) {
630 add_note(wt, MSG_INFO, "Invalid IEs in Association Request "
631 "frame from " MACSTR, MAC2STR(mgmt->sa));
632 return;
633 }
634
635 sta->assocreq_capab_info = le_to_host16(mgmt->u.assoc_req.capab_info);
636 sta->assocreq_listen_int =
637 le_to_host16(mgmt->u.assoc_req.listen_interval);
638 os_free(sta->assocreq_ies);
639 sta->assocreq_ies_len = len - (mgmt->u.assoc_req.variable - data);
640 sta->assocreq_ies = os_malloc(sta->assocreq_ies_len);
641 if (sta->assocreq_ies)
642 os_memcpy(sta->assocreq_ies, mgmt->u.assoc_req.variable,
643 sta->assocreq_ies_len);
644
645 sta->assocreq_seen = 1;
646 sta_update_assoc(sta, &elems);
647 }
648
649
decrypt_fils_assoc_resp(struct wlantest * wt,struct wlantest_bss * bss,struct wlantest_sta * sta,const u8 * frame_start,const u8 * frame_ad,const u8 * frame_ad_end,const u8 * encr_end)650 static void decrypt_fils_assoc_resp(struct wlantest *wt,
651 struct wlantest_bss *bss,
652 struct wlantest_sta *sta,
653 const u8 *frame_start, const u8 *frame_ad,
654 const u8 *frame_ad_end, const u8 *encr_end)
655 {
656 const u8 *aad[5];
657 size_t aad_len[5];
658 u8 buf[2000];
659
660 if (!sta->ptk_set)
661 return;
662
663 /* Check AES-SIV decryption with the derived key */
664
665 /* AES-SIV AAD vectors */
666
667 /* The AP's BSSID */
668 aad[0] = bss->bssid;
669 aad_len[0] = ETH_ALEN;
670 /* The STA's MAC address */
671 aad[1] = sta->addr;
672 aad_len[1] = ETH_ALEN;
673 /* The AP's nonce */
674 aad[2] = sta->anonce;
675 aad_len[2] = FILS_NONCE_LEN;
676 /* The STA's nonce */
677 aad[3] = sta->snonce;
678 aad_len[3] = FILS_NONCE_LEN;
679 /*
680 * The (Re)Association Response frame from the Capability Information
681 * field to the FILS Session element (both inclusive).
682 */
683 aad[4] = frame_ad;
684 aad_len[4] = frame_ad_end - frame_ad;
685
686 if (encr_end - frame_ad_end < AES_BLOCK_SIZE ||
687 encr_end - frame_ad_end > sizeof(buf))
688 return;
689 if (aes_siv_decrypt(sta->ptk.kek, sta->ptk.kek_len,
690 frame_ad_end, encr_end - frame_ad_end,
691 5, aad, aad_len, buf) < 0) {
692 wpa_printf(MSG_DEBUG,
693 "FILS: Derived PTK did not match AES-SIV data");
694 return;
695 }
696
697 wpa_hexdump(MSG_DEBUG, "FILS: Decrypted Association Response elements",
698 buf, encr_end - frame_ad_end - AES_BLOCK_SIZE);
699
700 if (wt->write_pcap_dumper || wt->pcapng) {
701 write_pcap_decrypted(wt, frame_start,
702 frame_ad_end - frame_start,
703 buf,
704 encr_end - frame_ad_end - AES_BLOCK_SIZE);
705 }
706 }
707
708
rx_mgmt_assoc_resp(struct wlantest * wt,const u8 * data,size_t len)709 static void rx_mgmt_assoc_resp(struct wlantest *wt, const u8 *data, size_t len)
710 {
711 const struct ieee80211_mgmt *mgmt;
712 struct wlantest_bss *bss;
713 struct wlantest_sta *sta;
714 u16 capab, status, aid;
715 const u8 *ies;
716 size_t ies_len;
717 struct wpa_ft_ies parse;
718
719 mgmt = (const struct ieee80211_mgmt *) data;
720 bss = bss_get(wt, mgmt->bssid);
721 if (bss == NULL)
722 return;
723 sta = sta_get(bss, mgmt->da);
724 if (sta == NULL)
725 return;
726
727 if (len < 24 + 6) {
728 add_note(wt, MSG_INFO, "Too short Association Response frame "
729 "from " MACSTR, MAC2STR(mgmt->sa));
730 return;
731 }
732
733 ies = mgmt->u.assoc_resp.variable;
734 ies_len = len - (mgmt->u.assoc_resp.variable - data);
735
736 capab = le_to_host16(mgmt->u.assoc_resp.capab_info);
737 status = le_to_host16(mgmt->u.assoc_resp.status_code);
738 aid = le_to_host16(mgmt->u.assoc_resp.aid);
739
740 wpa_printf(MSG_DEBUG, "ASSOCRESP " MACSTR " -> " MACSTR
741 " (capab=0x%x status=%u aid=%u)",
742 MAC2STR(mgmt->sa), MAC2STR(mgmt->da), capab, status,
743 aid & 0x3fff);
744
745 if (sta->auth_alg == WLAN_AUTH_FILS_SK) {
746 const u8 *session, *frame_ad, *frame_ad_end, *encr_end;
747
748 session = get_fils_session(ies, ies_len);
749 if (session) {
750 frame_ad = (const u8 *) &mgmt->u.assoc_resp.capab_info;
751 frame_ad_end = session + 2 + session[1];
752 encr_end = data + len;
753 decrypt_fils_assoc_resp(wt, bss, sta, data, frame_ad,
754 frame_ad_end, encr_end);
755 ies_len = session - ies;
756 }
757 }
758
759 if (status == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY) {
760 struct ieee802_11_elems elems;
761 if (ieee802_11_parse_elems(ies, ies_len, &elems, 0) ==
762 ParseFailed) {
763 add_note(wt, MSG_INFO, "Failed to parse IEs in "
764 "AssocResp from " MACSTR,
765 MAC2STR(mgmt->sa));
766 } else if (elems.timeout_int == NULL ||
767 elems.timeout_int[0] !=
768 WLAN_TIMEOUT_ASSOC_COMEBACK) {
769 add_note(wt, MSG_INFO, "No valid Timeout Interval IE "
770 "with Assoc Comeback time in AssocResp "
771 "(status=30) from " MACSTR,
772 MAC2STR(mgmt->sa));
773 } else {
774 sta->counters[
775 WLANTEST_STA_COUNTER_ASSOCRESP_COMEBACK]++;
776 }
777 }
778
779 if (status)
780 return;
781
782 if ((aid & 0xc000) != 0xc000) {
783 add_note(wt, MSG_DEBUG, "Two MSBs of the AID were not set to 1 "
784 "in Association Response from " MACSTR,
785 MAC2STR(mgmt->sa));
786 }
787 sta->aid = aid & 0xc000;
788
789 if (sta->state < STATE2) {
790 add_note(wt, MSG_DEBUG,
791 "STA " MACSTR " was not in State 2 when "
792 "getting associated", MAC2STR(sta->addr));
793 }
794
795 if (sta->state < STATE3) {
796 add_note(wt, MSG_DEBUG, "STA " MACSTR
797 " moved to State 3 with " MACSTR,
798 MAC2STR(sta->addr), MAC2STR(bss->bssid));
799 sta->state = STATE3;
800 }
801
802 if (wpa_ft_parse_ies(ies, ies_len, &parse, 0) == 0) {
803 if (parse.r0kh_id) {
804 os_memcpy(bss->r0kh_id, parse.r0kh_id,
805 parse.r0kh_id_len);
806 bss->r0kh_id_len = parse.r0kh_id_len;
807 }
808 if (parse.r1kh_id)
809 os_memcpy(bss->r1kh_id, parse.r1kh_id, FT_R1KH_ID_LEN);
810 }
811 }
812
813
rx_mgmt_reassoc_req(struct wlantest * wt,const u8 * data,size_t len)814 static void rx_mgmt_reassoc_req(struct wlantest *wt, const u8 *data,
815 size_t len)
816 {
817 const struct ieee80211_mgmt *mgmt;
818 struct wlantest_bss *bss;
819 struct wlantest_sta *sta;
820 struct ieee802_11_elems elems;
821 const u8 *ie;
822 size_t ie_len;
823
824 mgmt = (const struct ieee80211_mgmt *) data;
825 bss = bss_get(wt, mgmt->bssid);
826 if (bss == NULL)
827 return;
828 sta = sta_get(bss, mgmt->sa);
829 if (sta == NULL)
830 return;
831
832 if (len < 24 + 4 + ETH_ALEN) {
833 add_note(wt, MSG_INFO, "Too short Reassociation Request frame "
834 "from " MACSTR, MAC2STR(mgmt->sa));
835 return;
836 }
837
838 wpa_printf(MSG_DEBUG, "REASSOCREQ " MACSTR " -> " MACSTR
839 " (capab=0x%x listen_int=%u current_ap=" MACSTR ")",
840 MAC2STR(mgmt->sa), MAC2STR(mgmt->da),
841 le_to_host16(mgmt->u.reassoc_req.capab_info),
842 le_to_host16(mgmt->u.reassoc_req.listen_interval),
843 MAC2STR(mgmt->u.reassoc_req.current_ap));
844
845 sta->counters[WLANTEST_STA_COUNTER_REASSOCREQ_TX]++;
846
847 ie = mgmt->u.reassoc_req.variable;
848 ie_len = len - (mgmt->u.reassoc_req.variable - data);
849
850 if (sta->auth_alg == WLAN_AUTH_FILS_SK) {
851 const u8 *session, *frame_ad, *frame_ad_end, *encr_end;
852
853 session = get_fils_session(ie, ie_len);
854 if (session) {
855 frame_ad = (const u8 *) &mgmt->u.reassoc_req.capab_info;
856 frame_ad_end = session + 2 + session[1];
857 encr_end = data + len;
858 derive_fils_keys(wt, bss, sta, data, frame_ad,
859 frame_ad_end, encr_end);
860 ie_len = session - ie;
861 }
862 }
863
864 if (ieee802_11_parse_elems(ie, ie_len, &elems, 0) == ParseFailed) {
865 add_note(wt, MSG_INFO, "Invalid IEs in Reassociation Request "
866 "frame from " MACSTR, MAC2STR(mgmt->sa));
867 return;
868 }
869
870 sta->assocreq_capab_info =
871 le_to_host16(mgmt->u.reassoc_req.capab_info);
872 sta->assocreq_listen_int =
873 le_to_host16(mgmt->u.reassoc_req.listen_interval);
874 os_free(sta->assocreq_ies);
875 sta->assocreq_ies_len = len - (mgmt->u.reassoc_req.variable - data);
876 sta->assocreq_ies = os_malloc(sta->assocreq_ies_len);
877 if (sta->assocreq_ies)
878 os_memcpy(sta->assocreq_ies, mgmt->u.reassoc_req.variable,
879 sta->assocreq_ies_len);
880
881 sta->assocreq_seen = 1;
882 sta_update_assoc(sta, &elems);
883
884 if (elems.ftie) {
885 struct wpa_ft_ies parse;
886 int use_sha384;
887 struct rsn_mdie *mde;
888 const u8 *anonce, *snonce, *fte_mic;
889 u8 fte_elem_count;
890 unsigned int count;
891 u8 mic[WPA_EAPOL_KEY_MIC_MAX_LEN];
892 size_t mic_len = 16;
893 const u8 *kck;
894 size_t kck_len;
895
896 use_sha384 = wpa_key_mgmt_sha384(sta->key_mgmt);
897
898 if (wpa_ft_parse_ies(ie, ie_len, &parse, use_sha384) < 0) {
899 add_note(wt, MSG_INFO, "FT: Failed to parse FT IEs");
900 return;
901 }
902
903 if (!parse.rsn) {
904 add_note(wt, MSG_INFO, "FT: No RSNE in Reassoc Req");
905 return;
906 }
907
908 if (!parse.rsn_pmkid) {
909 add_note(wt, MSG_INFO, "FT: No PMKID in RSNE");
910 return;
911 }
912
913 if (os_memcmp_const(parse.rsn_pmkid, sta->pmk_r1_name,
914 WPA_PMK_NAME_LEN) != 0) {
915 add_note(wt, MSG_INFO,
916 "FT: PMKID in Reassoc Req did not match PMKR1Name");
917 wpa_hexdump(MSG_DEBUG,
918 "FT: Received RSNE[PMKR1Name]",
919 parse.rsn_pmkid, WPA_PMK_NAME_LEN);
920 wpa_hexdump(MSG_DEBUG,
921 "FT: Previously derived PMKR1Name",
922 sta->pmk_r1_name, WPA_PMK_NAME_LEN);
923 return;
924 }
925
926 mde = (struct rsn_mdie *) parse.mdie;
927 if (!mde || parse.mdie_len < sizeof(*mde) ||
928 os_memcmp(mde->mobility_domain, bss->mdid,
929 MOBILITY_DOMAIN_ID_LEN) != 0) {
930 add_note(wt, MSG_INFO, "FT: Invalid MDE");
931 }
932
933 if (use_sha384) {
934 struct rsn_ftie_sha384 *fte;
935
936 fte = (struct rsn_ftie_sha384 *) parse.ftie;
937 if (!fte || parse.ftie_len < sizeof(*fte)) {
938 add_note(wt, MSG_INFO, "FT: Invalid FTE");
939 return;
940 }
941
942 anonce = fte->anonce;
943 snonce = fte->snonce;
944 fte_elem_count = fte->mic_control[1];
945 fte_mic = fte->mic;
946 } else {
947 struct rsn_ftie *fte;
948
949 fte = (struct rsn_ftie *) parse.ftie;
950 if (!fte || parse.ftie_len < sizeof(*fte)) {
951 add_note(wt, MSG_INFO, "FT: Invalid FTIE");
952 return;
953 }
954
955 anonce = fte->anonce;
956 snonce = fte->snonce;
957 fte_elem_count = fte->mic_control[1];
958 fte_mic = fte->mic;
959 }
960
961 if (os_memcmp(snonce, sta->snonce, WPA_NONCE_LEN) != 0) {
962 add_note(wt, MSG_INFO, "FT: SNonce mismatch in FTIE");
963 wpa_hexdump(MSG_DEBUG, "FT: Received SNonce",
964 snonce, WPA_NONCE_LEN);
965 wpa_hexdump(MSG_DEBUG, "FT: Expected SNonce",
966 sta->snonce, WPA_NONCE_LEN);
967 return;
968 }
969
970 if (os_memcmp(anonce, sta->anonce, WPA_NONCE_LEN) != 0) {
971 add_note(wt, MSG_INFO, "FT: ANonce mismatch in FTIE");
972 wpa_hexdump(MSG_DEBUG, "FT: Received ANonce",
973 anonce, WPA_NONCE_LEN);
974 wpa_hexdump(MSG_DEBUG, "FT: Expected ANonce",
975 sta->anonce, WPA_NONCE_LEN);
976 return;
977 }
978
979 if (!parse.r0kh_id) {
980 add_note(wt, MSG_INFO, "FT: No R0KH-ID subelem in FTE");
981 return;
982 }
983 os_memcpy(bss->r0kh_id, parse.r0kh_id, parse.r0kh_id_len);
984 bss->r0kh_id_len = parse.r0kh_id_len;
985
986 if (!parse.r1kh_id) {
987 add_note(wt, MSG_INFO, "FT: No R1KH-ID subelem in FTE");
988 return;
989 }
990
991 os_memcpy(bss->r1kh_id, parse.r1kh_id, FT_R1KH_ID_LEN);
992
993 if (!parse.rsn_pmkid ||
994 os_memcmp_const(parse.rsn_pmkid, sta->pmk_r1_name,
995 WPA_PMK_NAME_LEN)) {
996 add_note(wt, MSG_INFO,
997 "FT: No matching PMKR1Name (PMKID) in RSNE (pmkid=%d)",
998 !!parse.rsn_pmkid);
999 return;
1000 }
1001
1002 count = 3;
1003 if (parse.ric)
1004 count += ieee802_11_ie_count(parse.ric, parse.ric_len);
1005 if (parse.rsnxe)
1006 count++;
1007 if (fte_elem_count != count) {
1008 add_note(wt, MSG_INFO,
1009 "FT: Unexpected IE count in MIC Control: received %u expected %u",
1010 fte_elem_count, count);
1011 return;
1012 }
1013
1014 if (wpa_key_mgmt_fils(sta->key_mgmt)) {
1015 kck = sta->ptk.kck2;
1016 kck_len = sta->ptk.kck2_len;
1017 } else {
1018 kck = sta->ptk.kck;
1019 kck_len = sta->ptk.kck_len;
1020 }
1021 if (wpa_ft_mic(kck, kck_len, sta->addr, bss->bssid, 5,
1022 parse.mdie - 2, parse.mdie_len + 2,
1023 parse.ftie - 2, parse.ftie_len + 2,
1024 parse.rsn - 2, parse.rsn_len + 2,
1025 parse.ric, parse.ric_len,
1026 parse.rsnxe ? parse.rsnxe - 2 : NULL,
1027 parse.rsnxe ? parse.rsnxe_len + 2 : 0,
1028 mic) < 0) {
1029 add_note(wt, MSG_INFO, "FT: Failed to calculate MIC");
1030 return;
1031 }
1032
1033 if (os_memcmp_const(mic, fte_mic, mic_len) != 0) {
1034 add_note(wt, MSG_INFO, "FT: Invalid MIC in FTE");
1035 wpa_printf(MSG_DEBUG,
1036 "FT: addr=" MACSTR " auth_addr=" MACSTR,
1037 MAC2STR(sta->addr),
1038 MAC2STR(bss->bssid));
1039 wpa_hexdump(MSG_MSGDUMP, "FT: Received MIC",
1040 fte_mic, mic_len);
1041 wpa_hexdump(MSG_MSGDUMP, "FT: Calculated MIC",
1042 mic, mic_len);
1043 wpa_hexdump(MSG_MSGDUMP, "FT: MDE",
1044 parse.mdie - 2, parse.mdie_len + 2);
1045 wpa_hexdump(MSG_MSGDUMP, "FT: FTE",
1046 parse.ftie - 2, parse.ftie_len + 2);
1047 wpa_hexdump(MSG_MSGDUMP, "FT: RSN",
1048 parse.rsn - 2, parse.rsn_len + 2);
1049 wpa_hexdump(MSG_MSGDUMP, "FT: RSNXE",
1050 parse.rsnxe ? parse.rsnxe - 2 : NULL,
1051 parse.rsnxe ? parse.rsnxe_len + 2 : 0);
1052 return;
1053 }
1054
1055 add_note(wt, MSG_INFO, "FT: Valid FTE MIC");
1056 }
1057 }
1058
1059
process_gtk_subelem(struct wlantest * wt,struct wlantest_bss * bss,struct wlantest_sta * sta,const u8 * kek,size_t kek_len,const u8 * gtk_elem,size_t gtk_elem_len)1060 static void process_gtk_subelem(struct wlantest *wt, struct wlantest_bss *bss,
1061 struct wlantest_sta *sta,
1062 const u8 *kek, size_t kek_len,
1063 const u8 *gtk_elem,
1064 size_t gtk_elem_len)
1065 {
1066 u8 gtk[32];
1067 int keyidx;
1068 enum wpa_alg alg;
1069 size_t gtk_len, keylen;
1070 const u8 *rsc;
1071
1072 if (!gtk_elem) {
1073 add_note(wt, MSG_INFO, "FT: No GTK included in FTE");
1074 return;
1075 }
1076
1077 wpa_hexdump(MSG_DEBUG, "FT: Received GTK in Reassoc Resp",
1078 gtk_elem, gtk_elem_len);
1079
1080 if (gtk_elem_len < 11 + 24 || (gtk_elem_len - 11) % 8 ||
1081 gtk_elem_len - 19 > sizeof(gtk)) {
1082 add_note(wt, MSG_INFO, "FT: Invalid GTK sub-elem length %zu",
1083 gtk_elem_len);
1084 return;
1085 }
1086 gtk_len = gtk_elem_len - 19;
1087 if (aes_unwrap(kek, kek_len, gtk_len / 8, gtk_elem + 11, gtk)) {
1088 add_note(wt, MSG_INFO,
1089 "FT: AES unwrap failed - could not decrypt GTK");
1090 return;
1091 }
1092
1093 keylen = wpa_cipher_key_len(bss->group_cipher);
1094 alg = wpa_cipher_to_alg(bss->group_cipher);
1095 if (alg == WPA_ALG_NONE) {
1096 add_note(wt, MSG_INFO, "FT: Unsupported Group Cipher %d",
1097 bss->group_cipher);
1098 return;
1099 }
1100
1101 if (gtk_len < keylen) {
1102 add_note(wt, MSG_INFO, "FT: Too short GTK in FTE");
1103 return;
1104 }
1105
1106 /* Key Info[2] | Key Length[1] | RSC[8] | Key[5..32]. */
1107
1108 keyidx = WPA_GET_LE16(gtk_elem) & 0x03;
1109
1110 if (gtk_elem[2] != keylen) {
1111 add_note(wt, MSG_INFO,
1112 "FT: GTK length mismatch: received %u negotiated %zu",
1113 gtk_elem[2], keylen);
1114 return;
1115 }
1116
1117 add_note(wt, MSG_DEBUG, "GTK KeyID=%u", keyidx);
1118 wpa_hexdump(MSG_DEBUG, "FT: GTK from Reassoc Resp", gtk, keylen);
1119 if (bss->group_cipher == WPA_CIPHER_TKIP) {
1120 /* Swap Tx/Rx keys for Michael MIC */
1121 u8 tmp[8];
1122
1123 os_memcpy(tmp, gtk + 16, 8);
1124 os_memcpy(gtk + 16, gtk + 24, 8);
1125 os_memcpy(gtk + 24, tmp, 8);
1126 }
1127
1128 bss->gtk_len[keyidx] = gtk_len;
1129 sta->gtk_len = gtk_len;
1130 os_memcpy(bss->gtk[keyidx], gtk, gtk_len);
1131 os_memcpy(sta->gtk, gtk, gtk_len);
1132 rsc = gtk_elem + 2;
1133 bss->rsc[keyidx][0] = rsc[5];
1134 bss->rsc[keyidx][1] = rsc[4];
1135 bss->rsc[keyidx][2] = rsc[3];
1136 bss->rsc[keyidx][3] = rsc[2];
1137 bss->rsc[keyidx][4] = rsc[1];
1138 bss->rsc[keyidx][5] = rsc[0];
1139 bss->gtk_idx = keyidx;
1140 sta->gtk_idx = keyidx;
1141 wpa_hexdump(MSG_DEBUG, "RSC", bss->rsc[keyidx], 6);
1142 }
1143
1144
process_igtk_subelem(struct wlantest * wt,struct wlantest_bss * bss,struct wlantest_sta * sta,const u8 * kek,size_t kek_len,const u8 * igtk_elem,size_t igtk_elem_len)1145 static void process_igtk_subelem(struct wlantest *wt, struct wlantest_bss *bss,
1146 struct wlantest_sta *sta,
1147 const u8 *kek, size_t kek_len,
1148 const u8 *igtk_elem, size_t igtk_elem_len)
1149 {
1150 u8 igtk[WPA_IGTK_MAX_LEN];
1151 size_t igtk_len;
1152 u16 keyidx;
1153 const u8 *ipn;
1154
1155 if (bss->mgmt_group_cipher != WPA_CIPHER_AES_128_CMAC &&
1156 bss->mgmt_group_cipher != WPA_CIPHER_BIP_GMAC_128 &&
1157 bss->mgmt_group_cipher != WPA_CIPHER_BIP_GMAC_256 &&
1158 bss->mgmt_group_cipher != WPA_CIPHER_BIP_CMAC_256)
1159 return;
1160
1161 if (!igtk_elem) {
1162 add_note(wt, MSG_INFO, "FT: No IGTK included in FTE");
1163 return;
1164 }
1165
1166 wpa_hexdump(MSG_DEBUG, "FT: Received IGTK in Reassoc Resp",
1167 igtk_elem, igtk_elem_len);
1168
1169 igtk_len = wpa_cipher_key_len(bss->mgmt_group_cipher);
1170 if (igtk_elem_len != 2 + 6 + 1 + igtk_len + 8) {
1171 add_note(wt, MSG_INFO, "FT: Invalid IGTK sub-elem length %zu",
1172 igtk_elem_len);
1173 return;
1174 }
1175 if (igtk_elem[8] != igtk_len) {
1176 add_note(wt, MSG_INFO,
1177 "FT: Invalid IGTK sub-elem Key Length %d",
1178 igtk_elem[8]);
1179 return;
1180 }
1181
1182 if (aes_unwrap(kek, kek_len, igtk_len / 8, igtk_elem + 9, igtk)) {
1183 add_note(wt, MSG_INFO,
1184 "FT: AES unwrap failed - could not decrypt IGTK");
1185 return;
1186 }
1187
1188 /* KeyID[2] | IPN[6] | Key Length[1] | Key[16+8] */
1189
1190 keyidx = WPA_GET_LE16(igtk_elem);
1191
1192 wpa_hexdump(MSG_DEBUG, "FT: IGTK from Reassoc Resp", igtk, igtk_len);
1193
1194 if (keyidx < 4 || keyidx > 5) {
1195 add_note(wt, MSG_INFO, "Unexpected IGTK KeyID %u", keyidx);
1196 return;
1197 }
1198
1199 add_note(wt, MSG_DEBUG, "IGTK KeyID %u", keyidx);
1200 wpa_hexdump(MSG_DEBUG, "IPN", igtk_elem + 2, 6);
1201 wpa_hexdump(MSG_DEBUG, "IGTK", igtk, igtk_len);
1202 os_memcpy(bss->igtk[keyidx], igtk, igtk_len);
1203 bss->igtk_len[keyidx] = igtk_len;
1204 ipn = igtk_elem + 2;
1205 bss->ipn[keyidx][0] = ipn[5];
1206 bss->ipn[keyidx][1] = ipn[4];
1207 bss->ipn[keyidx][2] = ipn[3];
1208 bss->ipn[keyidx][3] = ipn[2];
1209 bss->ipn[keyidx][4] = ipn[1];
1210 bss->ipn[keyidx][5] = ipn[0];
1211 bss->igtk_idx = keyidx;
1212 }
1213
1214
process_bigtk_subelem(struct wlantest * wt,struct wlantest_bss * bss,struct wlantest_sta * sta,const u8 * kek,size_t kek_len,const u8 * bigtk_elem,size_t bigtk_elem_len)1215 static void process_bigtk_subelem(struct wlantest *wt, struct wlantest_bss *bss,
1216 struct wlantest_sta *sta,
1217 const u8 *kek, size_t kek_len,
1218 const u8 *bigtk_elem, size_t bigtk_elem_len)
1219 {
1220 u8 bigtk[WPA_BIGTK_MAX_LEN];
1221 size_t bigtk_len;
1222 u16 keyidx;
1223 const u8 *ipn;
1224
1225 if (!bigtk_elem ||
1226 (bss->mgmt_group_cipher != WPA_CIPHER_AES_128_CMAC &&
1227 bss->mgmt_group_cipher != WPA_CIPHER_BIP_GMAC_128 &&
1228 bss->mgmt_group_cipher != WPA_CIPHER_BIP_GMAC_256 &&
1229 bss->mgmt_group_cipher != WPA_CIPHER_BIP_CMAC_256))
1230 return;
1231
1232 wpa_hexdump_key(MSG_DEBUG, "FT: Received BIGTK in Reassoc Resp",
1233 bigtk_elem, bigtk_elem_len);
1234
1235 bigtk_len = wpa_cipher_key_len(bss->mgmt_group_cipher);
1236 if (bigtk_elem_len != 2 + 6 + 1 + bigtk_len + 8) {
1237 add_note(wt, MSG_INFO,
1238 "FT: Invalid BIGTK sub-elem length %zu",
1239 bigtk_elem_len);
1240 return;
1241 }
1242 if (bigtk_elem[8] != bigtk_len) {
1243 add_note(wt, MSG_INFO,
1244 "FT: Invalid BIGTK sub-elem Key Length %d",
1245 bigtk_elem[8]);
1246 return;
1247 }
1248
1249 if (aes_unwrap(kek, kek_len, bigtk_len / 8, bigtk_elem + 9, bigtk)) {
1250 add_note(wt, MSG_INFO,
1251 "FT: AES unwrap failed - could not decrypt BIGTK");
1252 return;
1253 }
1254
1255 /* KeyID[2] | IPN[6] | Key Length[1] | Key[16+8] */
1256
1257 keyidx = WPA_GET_LE16(bigtk_elem);
1258
1259 wpa_hexdump(MSG_DEBUG, "FT: BIGTK from Reassoc Resp", bigtk, bigtk_len);
1260
1261 if (keyidx < 6 || keyidx > 7) {
1262 add_note(wt, MSG_INFO, "Unexpected BIGTK KeyID %u", keyidx);
1263 return;
1264 }
1265
1266 add_note(wt, MSG_DEBUG, "BIGTK KeyID %u", keyidx);
1267 wpa_hexdump(MSG_DEBUG, "BIPN", bigtk_elem + 2, 6);
1268 wpa_hexdump(MSG_DEBUG, "BIGTK", bigtk, bigtk_len);
1269 os_memcpy(bss->igtk[keyidx], bigtk, bigtk_len);
1270 bss->igtk_len[keyidx] = bigtk_len;
1271 ipn = bigtk_elem + 2;
1272 bss->ipn[keyidx][0] = ipn[5];
1273 bss->ipn[keyidx][1] = ipn[4];
1274 bss->ipn[keyidx][2] = ipn[3];
1275 bss->ipn[keyidx][3] = ipn[2];
1276 bss->ipn[keyidx][4] = ipn[1];
1277 bss->ipn[keyidx][5] = ipn[0];
1278 bss->bigtk_idx = keyidx;
1279 }
1280
1281
rx_mgmt_reassoc_resp(struct wlantest * wt,const u8 * data,size_t len)1282 static void rx_mgmt_reassoc_resp(struct wlantest *wt, const u8 *data,
1283 size_t len)
1284 {
1285 const struct ieee80211_mgmt *mgmt;
1286 struct wlantest_bss *bss;
1287 struct wlantest_sta *sta;
1288 u16 capab, status, aid;
1289 const u8 *ies;
1290 size_t ies_len;
1291 struct ieee802_11_elems elems;
1292
1293 mgmt = (const struct ieee80211_mgmt *) data;
1294 bss = bss_get(wt, mgmt->bssid);
1295 if (bss == NULL)
1296 return;
1297 sta = sta_get(bss, mgmt->da);
1298 if (sta == NULL)
1299 return;
1300
1301 if (len < 24 + 6) {
1302 add_note(wt, MSG_INFO, "Too short Reassociation Response frame "
1303 "from " MACSTR, MAC2STR(mgmt->sa));
1304 return;
1305 }
1306
1307 ies = mgmt->u.reassoc_resp.variable;
1308 ies_len = len - (mgmt->u.reassoc_resp.variable - data);
1309
1310 capab = le_to_host16(mgmt->u.reassoc_resp.capab_info);
1311 status = le_to_host16(mgmt->u.reassoc_resp.status_code);
1312 aid = le_to_host16(mgmt->u.reassoc_resp.aid);
1313
1314 wpa_printf(MSG_DEBUG, "REASSOCRESP " MACSTR " -> " MACSTR
1315 " (capab=0x%x status=%u aid=%u)",
1316 MAC2STR(mgmt->sa), MAC2STR(mgmt->da), capab, status,
1317 aid & 0x3fff);
1318
1319 if (sta->auth_alg == WLAN_AUTH_FILS_SK) {
1320 const u8 *session, *frame_ad, *frame_ad_end, *encr_end;
1321
1322 session = get_fils_session(ies, ies_len);
1323 if (session) {
1324 frame_ad = (const u8 *)
1325 &mgmt->u.reassoc_resp.capab_info;
1326 frame_ad_end = session + 2 + session[1];
1327 encr_end = data + len;
1328 decrypt_fils_assoc_resp(wt, bss, sta, data, frame_ad,
1329 frame_ad_end, encr_end);
1330 ies_len = session - ies;
1331 }
1332 }
1333
1334 if (ieee802_11_parse_elems(ies, ies_len, &elems, 0) == ParseFailed) {
1335 add_note(wt, MSG_INFO,
1336 "Failed to parse IEs in ReassocResp from " MACSTR,
1337 MAC2STR(mgmt->sa));
1338 }
1339
1340 if (status == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY) {
1341 if (!elems.timeout_int ||
1342 elems.timeout_int[0] != WLAN_TIMEOUT_ASSOC_COMEBACK) {
1343 add_note(wt, MSG_INFO, "No valid Timeout Interval IE "
1344 "with Assoc Comeback time in ReassocResp "
1345 "(status=30) from " MACSTR,
1346 MAC2STR(mgmt->sa));
1347 } else {
1348 sta->counters[
1349 WLANTEST_STA_COUNTER_REASSOCRESP_COMEBACK]++;
1350 }
1351 }
1352
1353 if (status)
1354 return;
1355
1356 if ((aid & 0xc000) != 0xc000) {
1357 add_note(wt, MSG_DEBUG, "Two MSBs of the AID were not set to 1 "
1358 "in Reassociation Response from " MACSTR,
1359 MAC2STR(mgmt->sa));
1360 }
1361 sta->aid = aid & 0xc000;
1362
1363 if (sta->state < STATE2 && !sta->ft_over_ds) {
1364 add_note(wt, MSG_DEBUG,
1365 "STA " MACSTR " was not in State 2 when "
1366 "getting associated", MAC2STR(sta->addr));
1367 }
1368
1369 if (sta->state < STATE3) {
1370 add_note(wt, MSG_DEBUG, "STA " MACSTR
1371 " moved to State 3 with " MACSTR,
1372 MAC2STR(sta->addr), MAC2STR(bss->bssid));
1373 sta->state = STATE3;
1374 }
1375
1376 if (elems.ftie) {
1377 struct wpa_ft_ies parse;
1378 int use_sha384;
1379 struct rsn_mdie *mde;
1380 const u8 *anonce, *snonce, *fte_mic;
1381 u8 fte_elem_count;
1382 unsigned int count;
1383 u8 mic[WPA_EAPOL_KEY_MIC_MAX_LEN];
1384 size_t mic_len = 16;
1385 const u8 *kck, *kek;
1386 size_t kck_len, kek_len;
1387
1388 use_sha384 = wpa_key_mgmt_sha384(sta->key_mgmt);
1389
1390 if (wpa_ft_parse_ies(ies, ies_len, &parse, use_sha384) < 0) {
1391 add_note(wt, MSG_INFO, "FT: Failed to parse FT IEs");
1392 return;
1393 }
1394
1395 if (!parse.rsn) {
1396 add_note(wt, MSG_INFO, "FT: No RSNE in Reassoc Resp");
1397 return;
1398 }
1399
1400 if (!parse.rsn_pmkid) {
1401 add_note(wt, MSG_INFO, "FT: No PMKID in RSNE");
1402 return;
1403 }
1404
1405 if (os_memcmp_const(parse.rsn_pmkid, sta->pmk_r1_name,
1406 WPA_PMK_NAME_LEN) != 0) {
1407 add_note(wt, MSG_INFO,
1408 "FT: PMKID in Reassoc Resp did not match PMKR1Name");
1409 wpa_hexdump(MSG_DEBUG,
1410 "FT: Received RSNE[PMKR1Name]",
1411 parse.rsn_pmkid, WPA_PMK_NAME_LEN);
1412 wpa_hexdump(MSG_DEBUG,
1413 "FT: Previously derived PMKR1Name",
1414 sta->pmk_r1_name, WPA_PMK_NAME_LEN);
1415 return;
1416 }
1417
1418 mde = (struct rsn_mdie *) parse.mdie;
1419 if (!mde || parse.mdie_len < sizeof(*mde) ||
1420 os_memcmp(mde->mobility_domain, bss->mdid,
1421 MOBILITY_DOMAIN_ID_LEN) != 0) {
1422 add_note(wt, MSG_INFO, "FT: Invalid MDE");
1423 }
1424
1425 if (use_sha384) {
1426 struct rsn_ftie_sha384 *fte;
1427
1428 fte = (struct rsn_ftie_sha384 *) parse.ftie;
1429 if (!fte || parse.ftie_len < sizeof(*fte)) {
1430 add_note(wt, MSG_INFO, "FT: Invalid FTE");
1431 return;
1432 }
1433
1434 anonce = fte->anonce;
1435 snonce = fte->snonce;
1436 fte_elem_count = fte->mic_control[1];
1437 fte_mic = fte->mic;
1438 } else {
1439 struct rsn_ftie *fte;
1440
1441 fte = (struct rsn_ftie *) parse.ftie;
1442 if (!fte || parse.ftie_len < sizeof(*fte)) {
1443 add_note(wt, MSG_INFO, "FT: Invalid FTIE");
1444 return;
1445 }
1446
1447 anonce = fte->anonce;
1448 snonce = fte->snonce;
1449 fte_elem_count = fte->mic_control[1];
1450 fte_mic = fte->mic;
1451 }
1452
1453 if (os_memcmp(snonce, sta->snonce, WPA_NONCE_LEN) != 0) {
1454 add_note(wt, MSG_INFO, "FT: SNonce mismatch in FTIE");
1455 wpa_hexdump(MSG_DEBUG, "FT: Received SNonce",
1456 snonce, WPA_NONCE_LEN);
1457 wpa_hexdump(MSG_DEBUG, "FT: Expected SNonce",
1458 sta->snonce, WPA_NONCE_LEN);
1459 return;
1460 }
1461
1462 if (os_memcmp(anonce, sta->anonce, WPA_NONCE_LEN) != 0) {
1463 add_note(wt, MSG_INFO, "FT: ANonce mismatch in FTIE");
1464 wpa_hexdump(MSG_DEBUG, "FT: Received ANonce",
1465 anonce, WPA_NONCE_LEN);
1466 wpa_hexdump(MSG_DEBUG, "FT: Expected ANonce",
1467 sta->anonce, WPA_NONCE_LEN);
1468 return;
1469 }
1470
1471 if (!parse.r0kh_id) {
1472 add_note(wt, MSG_INFO, "FT: No R0KH-ID subelem in FTE");
1473 return;
1474 }
1475
1476 if (parse.r0kh_id_len != bss->r0kh_id_len ||
1477 os_memcmp_const(parse.r0kh_id, bss->r0kh_id,
1478 parse.r0kh_id_len) != 0) {
1479 add_note(wt, MSG_INFO,
1480 "FT: R0KH-ID in FTE did not match the current R0KH-ID");
1481 wpa_hexdump(MSG_DEBUG, "FT: R0KH-ID in FTIE",
1482 parse.r0kh_id, parse.r0kh_id_len);
1483 wpa_hexdump(MSG_DEBUG, "FT: The current R0KH-ID",
1484 bss->r0kh_id, bss->r0kh_id_len);
1485 os_memcpy(bss->r0kh_id, parse.r0kh_id,
1486 parse.r0kh_id_len);
1487 bss->r0kh_id_len = parse.r0kh_id_len;
1488 }
1489
1490 if (!parse.r1kh_id) {
1491 add_note(wt, MSG_INFO, "FT: No R1KH-ID subelem in FTE");
1492 return;
1493 }
1494
1495 if (os_memcmp_const(parse.r1kh_id, bss->r1kh_id,
1496 FT_R1KH_ID_LEN) != 0) {
1497 add_note(wt, MSG_INFO,
1498 "FT: Unknown R1KH-ID used in ReassocResp");
1499 os_memcpy(bss->r1kh_id, parse.r1kh_id, FT_R1KH_ID_LEN);
1500 }
1501
1502 count = 3;
1503 if (parse.ric)
1504 count += ieee802_11_ie_count(parse.ric, parse.ric_len);
1505 if (parse.rsnxe)
1506 count++;
1507 if (fte_elem_count != count) {
1508 add_note(wt, MSG_INFO,
1509 "FT: Unexpected IE count in MIC Control: received %u expected %u",
1510 fte_elem_count, count);
1511 return;
1512 }
1513
1514 if (wpa_key_mgmt_fils(sta->key_mgmt)) {
1515 kck = sta->ptk.kck2;
1516 kck_len = sta->ptk.kck2_len;
1517 kek = sta->ptk.kek2;
1518 kek_len = sta->ptk.kek2_len;
1519 } else {
1520 kck = sta->ptk.kck;
1521 kck_len = sta->ptk.kck_len;
1522 kek = sta->ptk.kek;
1523 kek_len = sta->ptk.kek_len;
1524 }
1525 if (wpa_ft_mic(kck, kck_len, sta->addr, bss->bssid, 6,
1526 parse.mdie - 2, parse.mdie_len + 2,
1527 parse.ftie - 2, parse.ftie_len + 2,
1528 parse.rsn - 2, parse.rsn_len + 2,
1529 parse.ric, parse.ric_len,
1530 parse.rsnxe ? parse.rsnxe - 2 : NULL,
1531 parse.rsnxe ? parse.rsnxe_len + 2 : 0,
1532 mic) < 0) {
1533 add_note(wt, MSG_INFO, "FT: Failed to calculate MIC");
1534 return;
1535 }
1536
1537 if (os_memcmp_const(mic, fte_mic, mic_len) != 0) {
1538 add_note(wt, MSG_INFO, "FT: Invalid MIC in FTE");
1539 wpa_printf(MSG_DEBUG,
1540 "FT: addr=" MACSTR " auth_addr=" MACSTR,
1541 MAC2STR(sta->addr),
1542 MAC2STR(bss->bssid));
1543 wpa_hexdump(MSG_MSGDUMP, "FT: Received MIC",
1544 fte_mic, mic_len);
1545 wpa_hexdump(MSG_MSGDUMP, "FT: Calculated MIC",
1546 mic, mic_len);
1547 wpa_hexdump(MSG_MSGDUMP, "FT: MDE",
1548 parse.mdie - 2, parse.mdie_len + 2);
1549 wpa_hexdump(MSG_MSGDUMP, "FT: FTE",
1550 parse.ftie - 2, parse.ftie_len + 2);
1551 wpa_hexdump(MSG_MSGDUMP, "FT: RSN",
1552 parse.rsn - 2, parse.rsn_len + 2);
1553 wpa_hexdump(MSG_MSGDUMP, "FT: RSNXE",
1554 parse.rsnxe ? parse.rsnxe - 2 : NULL,
1555 parse.rsnxe ? parse.rsnxe_len + 2 : 0);
1556 return;
1557 }
1558
1559 add_note(wt, MSG_INFO, "FT: Valid FTE MIC");
1560
1561 if (wpa_compare_rsn_ie(wpa_key_mgmt_ft(sta->key_mgmt),
1562 bss->rsnie, 2 + bss->rsnie[1],
1563 parse.rsn - 2, parse.rsn_len + 2)) {
1564 add_note(wt, MSG_INFO,
1565 "FT: RSNE mismatch between Beacon/ProbeResp and FT protocol Reassociation Response frame");
1566 wpa_hexdump(MSG_INFO, "RSNE in Beacon/ProbeResp",
1567 &bss->rsnie[2], bss->rsnie[1]);
1568 wpa_hexdump(MSG_INFO,
1569 "RSNE in FT protocol Reassociation Response frame",
1570 parse.rsn ? parse.rsn - 2 : NULL,
1571 parse.rsn ? parse.rsn_len + 2 : 0);
1572 }
1573
1574 process_gtk_subelem(wt, bss, sta, kek, kek_len,
1575 parse.gtk, parse.gtk_len);
1576 process_igtk_subelem(wt, bss, sta, kek, kek_len,
1577 parse.igtk, parse.igtk_len);
1578 process_bigtk_subelem(wt, bss, sta, kek, kek_len,
1579 parse.bigtk, parse.bigtk_len);
1580 }
1581 }
1582
1583
disassoc_all_stas(struct wlantest * wt,struct wlantest_bss * bss)1584 static void disassoc_all_stas(struct wlantest *wt, struct wlantest_bss *bss)
1585 {
1586 struct wlantest_sta *sta;
1587 dl_list_for_each(sta, &bss->sta, struct wlantest_sta, list) {
1588 if (sta->state <= STATE2)
1589 continue;
1590 add_note(wt, MSG_DEBUG, "STA " MACSTR
1591 " moved to State 2 with " MACSTR,
1592 MAC2STR(sta->addr), MAC2STR(bss->bssid));
1593 sta->state = STATE2;
1594 }
1595 }
1596
1597
rx_mgmt_disassoc(struct wlantest * wt,const u8 * data,size_t len,int valid)1598 static void rx_mgmt_disassoc(struct wlantest *wt, const u8 *data, size_t len,
1599 int valid)
1600 {
1601 const struct ieee80211_mgmt *mgmt;
1602 struct wlantest_bss *bss;
1603 struct wlantest_sta *sta;
1604 u16 fc, reason;
1605
1606 mgmt = (const struct ieee80211_mgmt *) data;
1607 bss = bss_get(wt, mgmt->bssid);
1608 if (bss == NULL)
1609 return;
1610 if (os_memcmp(mgmt->sa, mgmt->bssid, ETH_ALEN) == 0)
1611 sta = sta_get(bss, mgmt->da);
1612 else
1613 sta = sta_get(bss, mgmt->sa);
1614
1615 if (len < 24 + 2) {
1616 add_note(wt, MSG_INFO, "Too short Disassociation frame from "
1617 MACSTR, MAC2STR(mgmt->sa));
1618 return;
1619 }
1620
1621 reason = le_to_host16(mgmt->u.disassoc.reason_code);
1622 wpa_printf(MSG_DEBUG, "DISASSOC " MACSTR " -> " MACSTR
1623 " (reason=%u) (valid=%d)",
1624 MAC2STR(mgmt->sa), MAC2STR(mgmt->da),
1625 reason, valid);
1626 wpa_hexdump(MSG_MSGDUMP, "DISASSOC payload", data + 24, len - 24);
1627
1628 if (sta == NULL) {
1629 if (valid && mgmt->da[0] == 0xff)
1630 disassoc_all_stas(wt, bss);
1631 return;
1632 }
1633
1634 if (os_memcmp(mgmt->sa, mgmt->bssid, ETH_ALEN) == 0) {
1635 sta->counters[valid ? WLANTEST_STA_COUNTER_VALID_DISASSOC_RX :
1636 WLANTEST_STA_COUNTER_INVALID_DISASSOC_RX]++;
1637 if (sta->pwrmgt && !sta->pspoll)
1638 sta->counters[
1639 WLANTEST_STA_COUNTER_DISASSOC_RX_ASLEEP]++;
1640 else
1641 sta->counters[
1642 WLANTEST_STA_COUNTER_DISASSOC_RX_AWAKE]++;
1643
1644 fc = le_to_host16(mgmt->frame_control);
1645 if (!(fc & WLAN_FC_ISWEP) && reason == 6)
1646 sta->counters[WLANTEST_STA_COUNTER_DISASSOC_RX_RC6]++;
1647 else if (!(fc & WLAN_FC_ISWEP) && reason == 7)
1648 sta->counters[WLANTEST_STA_COUNTER_DISASSOC_RX_RC7]++;
1649 } else
1650 sta->counters[valid ? WLANTEST_STA_COUNTER_VALID_DISASSOC_TX :
1651 WLANTEST_STA_COUNTER_INVALID_DISASSOC_TX]++;
1652
1653 if (!valid) {
1654 add_note(wt, MSG_INFO, "Do not change STA " MACSTR " State "
1655 "since Disassociation frame was not protected "
1656 "correctly", MAC2STR(sta->addr));
1657 return;
1658 }
1659
1660 if (sta->state < STATE2) {
1661 add_note(wt, MSG_DEBUG,
1662 "STA " MACSTR " was not in State 2 or 3 "
1663 "when getting disassociated", MAC2STR(sta->addr));
1664 }
1665
1666 if (sta->state > STATE2) {
1667 add_note(wt, MSG_DEBUG, "STA " MACSTR
1668 " moved to State 2 with " MACSTR,
1669 MAC2STR(sta->addr), MAC2STR(bss->bssid));
1670 sta->state = STATE2;
1671 }
1672 tdls_link_down(wt, bss, sta);
1673 }
1674
1675
rx_mgmt_action_ft_request(struct wlantest * wt,const struct ieee80211_mgmt * mgmt,size_t len)1676 static void rx_mgmt_action_ft_request(struct wlantest *wt,
1677 const struct ieee80211_mgmt *mgmt,
1678 size_t len)
1679 {
1680 const u8 *ies;
1681 size_t ies_len;
1682 struct wpa_ft_ies parse;
1683 struct wlantest_bss *bss;
1684 struct wlantest_sta *sta;
1685
1686 if (len < 24 + 2 + 2 * ETH_ALEN) {
1687 add_note(wt, MSG_INFO, "Too short FT Request frame");
1688 return;
1689 }
1690
1691 wpa_printf(MSG_DEBUG, "FT Request: STA Address: " MACSTR
1692 " Target AP Address: " MACSTR,
1693 MAC2STR(mgmt->u.action.u.ft_action_req.sta_addr),
1694 MAC2STR(mgmt->u.action.u.ft_action_req.target_ap_addr));
1695 ies = mgmt->u.action.u.ft_action_req.variable;
1696 ies_len = len - (24 + 2 + 2 * ETH_ALEN);
1697 wpa_hexdump(MSG_DEBUG, "FT Request frame body", ies, ies_len);
1698
1699 if (wpa_ft_parse_ies(ies, ies_len, &parse, -1)) {
1700 add_note(wt, MSG_INFO, "Could not parse FT Request frame body");
1701 return;
1702 }
1703
1704 bss = bss_get(wt, mgmt->u.action.u.ft_action_resp.target_ap_addr);
1705 if (!bss) {
1706 add_note(wt, MSG_INFO, "No BSS entry for Target AP");
1707 return;
1708 }
1709
1710 sta = sta_get(bss, mgmt->sa);
1711 if (!sta)
1712 return;
1713
1714 sta->ft_over_ds = true;
1715 sta->key_mgmt = parse.key_mgmt;
1716 sta->pairwise_cipher = parse.pairwise_cipher;
1717 }
1718
1719
rx_mgmt_action_ft_response(struct wlantest * wt,struct wlantest_sta * sta,const struct ieee80211_mgmt * mgmt,size_t len)1720 static void rx_mgmt_action_ft_response(struct wlantest *wt,
1721 struct wlantest_sta *sta,
1722 const struct ieee80211_mgmt *mgmt,
1723 size_t len)
1724 {
1725 struct wlantest_bss *bss;
1726 struct wlantest_sta *new_sta;
1727 const u8 *ies;
1728 size_t ies_len;
1729 struct wpa_ft_ies parse;
1730 struct wpa_ptk ptk;
1731 u8 ptk_name[WPA_PMK_NAME_LEN];
1732
1733 if (len < 24 + 2 + 2 * ETH_ALEN + 2) {
1734 add_note(wt, MSG_INFO, "Too short FT Response frame from "
1735 MACSTR, MAC2STR(mgmt->sa));
1736 return;
1737 }
1738
1739 wpa_printf(MSG_DEBUG, "FT Response: STA Address: " MACSTR
1740 " Target AP Address: " MACSTR " Status Code: %u",
1741 MAC2STR(mgmt->u.action.u.ft_action_resp.sta_addr),
1742 MAC2STR(mgmt->u.action.u.ft_action_resp.target_ap_addr),
1743 le_to_host16(mgmt->u.action.u.ft_action_resp.status_code));
1744 ies = mgmt->u.action.u.ft_action_req.variable;
1745 ies_len = len - (24 + 2 + 2 * ETH_ALEN);
1746 wpa_hexdump(MSG_DEBUG, "FT Response frame body", ies, ies_len);
1747
1748 if (wpa_ft_parse_ies(ies, ies_len, &parse, -1)) {
1749 add_note(wt, MSG_INFO,
1750 "Could not parse FT Response frame body");
1751 return;
1752 }
1753
1754 bss = bss_get(wt, mgmt->u.action.u.ft_action_resp.target_ap_addr);
1755 if (!bss) {
1756 add_note(wt, MSG_INFO, "No BSS entry for Target AP");
1757 return;
1758 }
1759
1760 if (parse.r1kh_id)
1761 os_memcpy(bss->r1kh_id, parse.r1kh_id, FT_R1KH_ID_LEN);
1762
1763 if (wpa_derive_pmk_r1(sta->pmk_r0, sta->pmk_r0_len, sta->pmk_r0_name,
1764 bss->r1kh_id, sta->addr, sta->pmk_r1,
1765 sta->pmk_r1_name) < 0)
1766 return;
1767 sta->pmk_r1_len = sta->pmk_r0_len;
1768
1769 new_sta = sta_get(bss, sta->addr);
1770 if (!new_sta)
1771 return;
1772 os_memcpy(new_sta->pmk_r0, sta->pmk_r0, sta->pmk_r0_len);
1773 new_sta->pmk_r0_len = sta->pmk_r0_len;
1774 os_memcpy(new_sta->pmk_r0_name, sta->pmk_r0_name,
1775 sizeof(sta->pmk_r0_name));
1776 os_memcpy(new_sta->pmk_r1, sta->pmk_r1, sta->pmk_r1_len);
1777 new_sta->pmk_r1_len = sta->pmk_r1_len;
1778 os_memcpy(new_sta->pmk_r1_name, sta->pmk_r1_name,
1779 sizeof(sta->pmk_r1_name));
1780 if (!parse.fte_anonce || !parse.fte_snonce ||
1781 wpa_pmk_r1_to_ptk(sta->pmk_r1, sta->pmk_r1_len, parse.fte_snonce,
1782 parse.fte_anonce, new_sta->addr, bss->bssid,
1783 sta->pmk_r1_name, &ptk, ptk_name,
1784 new_sta->key_mgmt, new_sta->pairwise_cipher,
1785 0) < 0)
1786 return;
1787
1788 add_note(wt, MSG_DEBUG, "Derived new PTK");
1789 os_memcpy(&new_sta->ptk, &ptk, sizeof(ptk));
1790 new_sta->ptk_set = 1;
1791 os_memset(new_sta->rsc_tods, 0, sizeof(new_sta->rsc_tods));
1792 os_memset(new_sta->rsc_fromds, 0, sizeof(new_sta->rsc_fromds));
1793 os_memcpy(new_sta->snonce, parse.fte_snonce, WPA_NONCE_LEN);
1794 os_memcpy(new_sta->anonce, parse.fte_anonce, WPA_NONCE_LEN);
1795 }
1796
1797
rx_mgmt_action_ft(struct wlantest * wt,struct wlantest_sta * sta,const struct ieee80211_mgmt * mgmt,size_t len,int valid)1798 static void rx_mgmt_action_ft(struct wlantest *wt, struct wlantest_sta *sta,
1799 const struct ieee80211_mgmt *mgmt,
1800 size_t len, int valid)
1801 {
1802 if (len < 24 + 2) {
1803 add_note(wt, MSG_INFO, "Too short FT Action frame from " MACSTR,
1804 MAC2STR(mgmt->sa));
1805 return;
1806 }
1807
1808 switch (mgmt->u.action.u.ft_action_req.action) {
1809 case 1:
1810 rx_mgmt_action_ft_request(wt, mgmt, len);
1811 break;
1812 case 2:
1813 rx_mgmt_action_ft_response(wt, sta, mgmt, len);
1814 break;
1815 default:
1816 add_note(wt, MSG_INFO, "Unsupported FT action value %u from "
1817 MACSTR, mgmt->u.action.u.ft_action_req.action,
1818 MAC2STR(mgmt->sa));
1819 }
1820 }
1821
1822
rx_mgmt_action_sa_query_req(struct wlantest * wt,struct wlantest_sta * sta,const struct ieee80211_mgmt * mgmt,size_t len,int valid)1823 static void rx_mgmt_action_sa_query_req(struct wlantest *wt,
1824 struct wlantest_sta *sta,
1825 const struct ieee80211_mgmt *mgmt,
1826 size_t len, int valid)
1827 {
1828 const u8 *rx_id;
1829 u8 *id;
1830
1831 rx_id = (const u8 *) mgmt->u.action.u.sa_query_req.trans_id;
1832 if (os_memcmp(mgmt->sa, mgmt->bssid, ETH_ALEN) == 0)
1833 id = sta->ap_sa_query_tr;
1834 else
1835 id = sta->sta_sa_query_tr;
1836 add_note(wt, MSG_INFO, "SA Query Request " MACSTR " -> " MACSTR
1837 " (trans_id=%02x%02x)%s",
1838 MAC2STR(mgmt->sa), MAC2STR(mgmt->da), rx_id[0], rx_id[1],
1839 valid ? "" : " (invalid protection)");
1840 os_memcpy(id, mgmt->u.action.u.sa_query_req.trans_id, 2);
1841 if (os_memcmp(mgmt->sa, sta->addr, ETH_ALEN) == 0)
1842 sta->counters[valid ?
1843 WLANTEST_STA_COUNTER_VALID_SAQUERYREQ_TX :
1844 WLANTEST_STA_COUNTER_INVALID_SAQUERYREQ_TX]++;
1845 else
1846 sta->counters[valid ?
1847 WLANTEST_STA_COUNTER_VALID_SAQUERYREQ_RX :
1848 WLANTEST_STA_COUNTER_INVALID_SAQUERYREQ_RX]++;
1849 }
1850
1851
rx_mgmt_action_sa_query_resp(struct wlantest * wt,struct wlantest_sta * sta,const struct ieee80211_mgmt * mgmt,size_t len,int valid)1852 static void rx_mgmt_action_sa_query_resp(struct wlantest *wt,
1853 struct wlantest_sta *sta,
1854 const struct ieee80211_mgmt *mgmt,
1855 size_t len, int valid)
1856 {
1857 const u8 *rx_id;
1858 u8 *id;
1859 int match;
1860
1861 rx_id = (const u8 *) mgmt->u.action.u.sa_query_resp.trans_id;
1862 if (os_memcmp(mgmt->sa, mgmt->bssid, ETH_ALEN) == 0)
1863 id = sta->sta_sa_query_tr;
1864 else
1865 id = sta->ap_sa_query_tr;
1866 match = os_memcmp(rx_id, id, 2) == 0;
1867 add_note(wt, MSG_INFO, "SA Query Response " MACSTR " -> " MACSTR
1868 " (trans_id=%02x%02x; %s)%s",
1869 MAC2STR(mgmt->sa), MAC2STR(mgmt->da), rx_id[0], rx_id[1],
1870 match ? "match" : "mismatch",
1871 valid ? "" : " (invalid protection)");
1872 if (os_memcmp(mgmt->sa, sta->addr, ETH_ALEN) == 0)
1873 sta->counters[(valid && match) ?
1874 WLANTEST_STA_COUNTER_VALID_SAQUERYRESP_TX :
1875 WLANTEST_STA_COUNTER_INVALID_SAQUERYRESP_TX]++;
1876 else
1877 sta->counters[(valid && match) ?
1878 WLANTEST_STA_COUNTER_VALID_SAQUERYRESP_RX :
1879 WLANTEST_STA_COUNTER_INVALID_SAQUERYRESP_RX]++;
1880 }
1881
1882
rx_mgmt_action_sa_query(struct wlantest * wt,struct wlantest_sta * sta,const struct ieee80211_mgmt * mgmt,size_t len,int valid)1883 static void rx_mgmt_action_sa_query(struct wlantest *wt,
1884 struct wlantest_sta *sta,
1885 const struct ieee80211_mgmt *mgmt,
1886 size_t len, int valid)
1887 {
1888 if (len < 24 + 2 + WLAN_SA_QUERY_TR_ID_LEN) {
1889 add_note(wt, MSG_INFO, "Too short SA Query frame from " MACSTR,
1890 MAC2STR(mgmt->sa));
1891 return;
1892 }
1893
1894 if (len > 24 + 2 + WLAN_SA_QUERY_TR_ID_LEN) {
1895 size_t elen = len - (24 + 2 + WLAN_SA_QUERY_TR_ID_LEN);
1896 add_note(wt, MSG_INFO, "Unexpected %u octets of extra data at "
1897 "the end of SA Query frame from " MACSTR,
1898 (unsigned) elen, MAC2STR(mgmt->sa));
1899 wpa_hexdump(MSG_INFO, "SA Query extra data",
1900 ((const u8 *) mgmt) + len - elen, elen);
1901 }
1902
1903 switch (mgmt->u.action.u.sa_query_req.action) {
1904 case WLAN_SA_QUERY_REQUEST:
1905 rx_mgmt_action_sa_query_req(wt, sta, mgmt, len, valid);
1906 break;
1907 case WLAN_SA_QUERY_RESPONSE:
1908 rx_mgmt_action_sa_query_resp(wt, sta, mgmt, len, valid);
1909 break;
1910 default:
1911 add_note(wt, MSG_INFO, "Unexpected SA Query action value %u "
1912 "from " MACSTR,
1913 mgmt->u.action.u.sa_query_req.action,
1914 MAC2STR(mgmt->sa));
1915 }
1916 }
1917
1918
1919 static void
rx_mgmt_location_measurement_report(struct wlantest * wt,const struct ieee80211_mgmt * mgmt,size_t len,bool no_ack)1920 rx_mgmt_location_measurement_report(struct wlantest *wt,
1921 const struct ieee80211_mgmt *mgmt,
1922 size_t len, bool no_ack)
1923 {
1924 const u8 *pos = mgmt->u.action.u.public_action.variable;
1925 const u8 *end = ((const u8 *) mgmt) + len;
1926
1927 if (end - pos < 1) {
1928 add_note(wt, MSG_INFO,
1929 "Too short Location Measurement Report frame from "
1930 MACSTR, MAC2STR(mgmt->sa));
1931 return;
1932 }
1933
1934 wpa_printf(MSG_DEBUG, "Location Measurement Report " MACSTR " --> "
1935 MACSTR " (dialog token %u)",
1936 MAC2STR(mgmt->sa), MAC2STR(mgmt->da), *pos);
1937 pos++;
1938
1939 if (!no_ack)
1940 add_note(wt, MSG_INFO,
1941 "Protected Fine Timing Measurement Report incorrectly as an Action frame from "
1942 MACSTR, MAC2STR(mgmt->sa));
1943
1944 wpa_hexdump(MSG_MSGDUMP, "Location Measurement Report contents",
1945 pos, end - pos);
1946 }
1947
1948
rx_mgmt_action_no_bss_public(struct wlantest * wt,const struct ieee80211_mgmt * mgmt,size_t len,bool no_ack)1949 static void rx_mgmt_action_no_bss_public(struct wlantest *wt,
1950 const struct ieee80211_mgmt *mgmt,
1951 size_t len, bool no_ack)
1952 {
1953 switch (mgmt->u.action.u.public_action.action) {
1954 case WLAN_PA_LOCATION_MEASUREMENT_REPORT:
1955 rx_mgmt_location_measurement_report(wt, mgmt, len, no_ack);
1956 break;
1957 }
1958 }
1959
1960
rx_mgmt_prot_ftm_request(struct wlantest * wt,const struct ieee80211_mgmt * mgmt,size_t len,bool no_ack)1961 static void rx_mgmt_prot_ftm_request(struct wlantest *wt,
1962 const struct ieee80211_mgmt *mgmt,
1963 size_t len, bool no_ack)
1964 {
1965 wpa_printf(MSG_DEBUG, "Protected Fine Timing Measurement Request "
1966 MACSTR " --> " MACSTR,
1967 MAC2STR(mgmt->sa), MAC2STR(mgmt->da));
1968 if (no_ack)
1969 add_note(wt, MSG_INFO,
1970 "Protected Fine Timing Measurement Request incorrectly as an Action No Ack frame from "
1971 MACSTR, MAC2STR(mgmt->sa));
1972 }
1973
1974
rx_mgmt_prot_ftm(struct wlantest * wt,const struct ieee80211_mgmt * mgmt,size_t len,bool no_ack)1975 static void rx_mgmt_prot_ftm(struct wlantest *wt,
1976 const struct ieee80211_mgmt *mgmt,
1977 size_t len, bool no_ack)
1978 {
1979 wpa_printf(MSG_DEBUG, "Protected Fine Timing Measurement "
1980 MACSTR " --> " MACSTR,
1981 MAC2STR(mgmt->sa), MAC2STR(mgmt->da));
1982 if (no_ack)
1983 add_note(wt, MSG_INFO,
1984 "Protected Fine Timing Measurement incorrectly as an Action No Ack frame from "
1985 MACSTR, MAC2STR(mgmt->sa));
1986 }
1987
1988
rx_mgmt_prot_ftm_report(struct wlantest * wt,const struct ieee80211_mgmt * mgmt,size_t len,bool no_ack)1989 static void rx_mgmt_prot_ftm_report(struct wlantest *wt,
1990 const struct ieee80211_mgmt *mgmt,
1991 size_t len, bool no_ack)
1992 {
1993 wpa_printf(MSG_DEBUG, "Protected Fine Timing Measurement Report "
1994 MACSTR " --> " MACSTR,
1995 MAC2STR(mgmt->sa), MAC2STR(mgmt->da));
1996 if (!no_ack)
1997 add_note(wt, MSG_INFO,
1998 "Protected Fine Timing Measurement Report incorrectly as an Action frame from "
1999 MACSTR, MAC2STR(mgmt->sa));
2000 }
2001
2002
2003 static void
rx_mgmt_action_no_bss_protected_ftm(struct wlantest * wt,const struct ieee80211_mgmt * mgmt,size_t len,bool no_ack)2004 rx_mgmt_action_no_bss_protected_ftm(struct wlantest *wt,
2005 const struct ieee80211_mgmt *mgmt,
2006 size_t len, bool no_ack)
2007 {
2008 switch (mgmt->u.action.u.public_action.action) {
2009 case WLAN_PROT_FTM_REQUEST:
2010 rx_mgmt_prot_ftm_request(wt, mgmt, len, no_ack);
2011 break;
2012 case WLAN_PROT_FTM:
2013 rx_mgmt_prot_ftm(wt, mgmt, len, no_ack);
2014 break;
2015 case WLAN_PROT_FTM_REPORT:
2016 rx_mgmt_prot_ftm_report(wt, mgmt, len, no_ack);
2017 break;
2018 }
2019 }
2020
2021
rx_mgmt_action_no_bss(struct wlantest * wt,const struct ieee80211_mgmt * mgmt,size_t len,bool no_ack)2022 static void rx_mgmt_action_no_bss(struct wlantest *wt,
2023 const struct ieee80211_mgmt *mgmt, size_t len,
2024 bool no_ack)
2025 {
2026 switch (mgmt->u.action.category) {
2027 case WLAN_ACTION_PUBLIC:
2028 rx_mgmt_action_no_bss_public(wt, mgmt, len, no_ack);
2029 break;
2030 case WLAN_ACTION_PROTECTED_FTM:
2031 rx_mgmt_action_no_bss_protected_ftm(wt, mgmt, len, no_ack);
2032 break;
2033 }
2034 }
2035
2036
rx_mgmt_action(struct wlantest * wt,const u8 * data,size_t len,int valid,bool no_ack)2037 static void rx_mgmt_action(struct wlantest *wt, const u8 *data, size_t len,
2038 int valid, bool no_ack)
2039 {
2040 const struct ieee80211_mgmt *mgmt;
2041 struct wlantest_bss *bss;
2042 struct wlantest_sta *sta;
2043
2044 mgmt = (const struct ieee80211_mgmt *) data;
2045 if (mgmt->da[0] & 0x01) {
2046 add_note(wt, MSG_DEBUG, "Group addressed Action frame: DA="
2047 MACSTR " SA=" MACSTR " BSSID=" MACSTR
2048 " category=%u",
2049 MAC2STR(mgmt->da), MAC2STR(mgmt->sa),
2050 MAC2STR(mgmt->bssid), mgmt->u.action.category);
2051 return; /* Ignore group addressed Action frames for now */
2052 }
2053
2054 if (len < 24 + 2) {
2055 add_note(wt, MSG_INFO, "Too short Action frame from " MACSTR,
2056 MAC2STR(mgmt->sa));
2057 return;
2058 }
2059
2060 wpa_printf(MSG_DEBUG, "ACTION%s " MACSTR " -> " MACSTR
2061 " BSSID=" MACSTR " (category=%u) (valid=%d)",
2062 no_ack ? "-NO-ACK" : "",
2063 MAC2STR(mgmt->sa), MAC2STR(mgmt->da), MAC2STR(mgmt->bssid),
2064 mgmt->u.action.category, valid);
2065 wpa_hexdump(MSG_MSGDUMP, "ACTION payload", data + 24, len - 24);
2066
2067 if (is_broadcast_ether_addr(mgmt->bssid)) {
2068 rx_mgmt_action_no_bss(wt, mgmt, len, no_ack);
2069 return;
2070 }
2071 bss = bss_get(wt, mgmt->bssid);
2072 if (bss == NULL)
2073 return;
2074 if (os_memcmp(mgmt->sa, mgmt->bssid, ETH_ALEN) == 0)
2075 sta = sta_get(bss, mgmt->da);
2076 else
2077 sta = sta_get(bss, mgmt->sa);
2078 if (sta == NULL)
2079 return;
2080
2081 if (mgmt->u.action.category != WLAN_ACTION_PUBLIC &&
2082 sta->state < STATE3) {
2083 add_note(wt, MSG_INFO, "Action frame sent when STA is not in "
2084 "State 3 (SA=" MACSTR " DATA=" MACSTR ")",
2085 MAC2STR(mgmt->sa), MAC2STR(mgmt->da));
2086 }
2087
2088 switch (mgmt->u.action.category) {
2089 case WLAN_ACTION_FT:
2090 rx_mgmt_action_ft(wt, sta, mgmt, len, valid);
2091 break;
2092 case WLAN_ACTION_SA_QUERY:
2093 rx_mgmt_action_sa_query(wt, sta, mgmt, len, valid);
2094 break;
2095 }
2096 }
2097
2098
check_mmie_mic(unsigned int mgmt_group_cipher,const u8 * igtk,size_t igtk_len,const u8 * data,size_t len)2099 static int check_mmie_mic(unsigned int mgmt_group_cipher,
2100 const u8 *igtk, size_t igtk_len,
2101 const u8 *data, size_t len)
2102 {
2103 u8 *buf;
2104 u8 mic[16];
2105 u16 fc;
2106 const struct ieee80211_hdr *hdr;
2107 int ret, mic_len;
2108
2109 if (!mgmt_group_cipher || igtk_len < 16)
2110 return -1;
2111 mic_len = mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC ? 8 : 16;
2112
2113 if (len < 24 || len - 24 < mic_len)
2114 return -1;
2115
2116 buf = os_malloc(len + 20 - 24);
2117 if (buf == NULL)
2118 return -1;
2119
2120 /* BIP AAD: FC(masked) A1 A2 A3 */
2121 hdr = (const struct ieee80211_hdr *) data;
2122 fc = le_to_host16(hdr->frame_control);
2123 fc &= ~(WLAN_FC_RETRY | WLAN_FC_PWRMGT | WLAN_FC_MOREDATA);
2124 WPA_PUT_LE16(buf, fc);
2125 os_memcpy(buf + 2, hdr->addr1, 3 * ETH_ALEN);
2126
2127 /* Frame body with MMIE MIC masked to zero */
2128 os_memcpy(buf + 20, data + 24, len - 24 - mic_len);
2129 os_memset(buf + 20 + len - 24 - mic_len, 0, mic_len);
2130
2131 if (WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON) {
2132 /* Timestamp field masked to zero */
2133 os_memset(buf + 20, 0, 8);
2134 }
2135
2136 wpa_hexdump(MSG_MSGDUMP, "BIP: AAD|Body(masked)", buf, len + 20 - 24);
2137 /* MIC = L(AES-128-CMAC(AAD || Frame Body(masked)), 0, 64) */
2138 if (mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC) {
2139 ret = omac1_aes_128(igtk, buf, len + 20 - 24, mic);
2140 } else if (mgmt_group_cipher == WPA_CIPHER_BIP_CMAC_256) {
2141 ret = omac1_aes_256(igtk, buf, len + 20 - 24, mic);
2142 } else if (mgmt_group_cipher == WPA_CIPHER_BIP_GMAC_128 ||
2143 mgmt_group_cipher == WPA_CIPHER_BIP_GMAC_256) {
2144 u8 nonce[12], *npos;
2145 const u8 *ipn;
2146
2147 ipn = data + len - mic_len - 6;
2148
2149 /* Nonce: A2 | IPN */
2150 os_memcpy(nonce, hdr->addr2, ETH_ALEN);
2151 npos = nonce + ETH_ALEN;
2152 *npos++ = ipn[5];
2153 *npos++ = ipn[4];
2154 *npos++ = ipn[3];
2155 *npos++ = ipn[2];
2156 *npos++ = ipn[1];
2157 *npos++ = ipn[0];
2158
2159 ret = aes_gmac(igtk, igtk_len, nonce, sizeof(nonce),
2160 buf, len + 20 - 24, mic);
2161 } else {
2162 ret = -1;
2163 }
2164 if (ret < 0) {
2165 os_free(buf);
2166 return -1;
2167 }
2168
2169 os_free(buf);
2170
2171 if (os_memcmp(data + len - mic_len, mic, mic_len) != 0)
2172 return -1;
2173
2174 return 0;
2175 }
2176
2177
check_bip(struct wlantest * wt,const u8 * data,size_t len)2178 static int check_bip(struct wlantest *wt, const u8 *data, size_t len)
2179 {
2180 const struct ieee80211_mgmt *mgmt;
2181 u16 fc, stype;
2182 const u8 *mmie;
2183 u16 keyid;
2184 struct wlantest_bss *bss;
2185 size_t mic_len;
2186
2187 mgmt = (const struct ieee80211_mgmt *) data;
2188 fc = le_to_host16(mgmt->frame_control);
2189 stype = WLAN_FC_GET_STYPE(fc);
2190
2191 if (stype == WLAN_FC_STYPE_ACTION ||
2192 stype == WLAN_FC_STYPE_ACTION_NO_ACK) {
2193 if (len < 24 + 1)
2194 return 0;
2195 if (mgmt->u.action.category == WLAN_ACTION_PUBLIC)
2196 return 0; /* Not a robust management frame */
2197 }
2198
2199 bss = bss_get(wt, mgmt->bssid);
2200 if (bss == NULL)
2201 return 0; /* No key known yet */
2202
2203 mic_len = bss->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC ? 8 : 16;
2204
2205 if (len < 24 + 10 + mic_len ||
2206 data[len - (10 + mic_len)] != WLAN_EID_MMIE ||
2207 data[len - (10 + mic_len - 1)] != 8 + mic_len) {
2208 /* No MMIE */
2209 if (bss->rsn_capab & WPA_CAPABILITY_MFPC) {
2210 add_note(wt, MSG_INFO, "Robust group-addressed "
2211 "management frame sent without BIP by "
2212 MACSTR, MAC2STR(mgmt->sa));
2213 bss->counters[WLANTEST_BSS_COUNTER_MISSING_BIP_MMIE]++;
2214 return -1;
2215 }
2216 return 0;
2217 }
2218
2219 mmie = data + len - (8 + mic_len);
2220 keyid = WPA_GET_LE16(mmie);
2221 if (keyid & 0xf000) {
2222 add_note(wt, MSG_INFO, "MMIE KeyID reserved bits not zero "
2223 "(%04x) from " MACSTR, keyid, MAC2STR(mgmt->sa));
2224 keyid &= 0x0fff;
2225 }
2226 if (keyid < 4 || keyid > 5) {
2227 add_note(wt, MSG_INFO, "Unexpected MMIE KeyID %u from " MACSTR,
2228 keyid, MAC2STR(mgmt->sa));
2229 bss->counters[WLANTEST_BSS_COUNTER_INVALID_BIP_MMIE]++;
2230 return 0;
2231 }
2232 wpa_printf(MSG_DEBUG, "MMIE KeyID %u", keyid);
2233 wpa_hexdump(MSG_MSGDUMP, "MMIE IPN", mmie + 2, 6);
2234 wpa_hexdump(MSG_MSGDUMP, "MMIE MIC", mmie + 8, mic_len);
2235
2236 if (!bss->igtk_len[keyid]) {
2237 add_note(wt, MSG_DEBUG, "No IGTK known to validate BIP frame");
2238 return 0;
2239 }
2240
2241 if (os_memcmp(mmie + 2, bss->ipn[keyid], 6) <= 0) {
2242 add_note(wt, MSG_INFO, "BIP replay detected: SA=" MACSTR,
2243 MAC2STR(mgmt->sa));
2244 wpa_hexdump(MSG_INFO, "RX IPN", mmie + 2, 6);
2245 wpa_hexdump(MSG_INFO, "Last RX IPN", bss->ipn[keyid], 6);
2246 }
2247
2248 if (check_mmie_mic(bss->mgmt_group_cipher, bss->igtk[keyid],
2249 bss->igtk_len[keyid], data, len) < 0) {
2250 add_note(wt, MSG_INFO, "Invalid MMIE MIC in a frame from "
2251 MACSTR, MAC2STR(mgmt->sa));
2252 bss->counters[WLANTEST_BSS_COUNTER_INVALID_BIP_MMIE]++;
2253 return -1;
2254 }
2255
2256 add_note(wt, MSG_DEBUG, "Valid MMIE MIC");
2257 os_memcpy(bss->ipn[keyid], mmie + 2, 6);
2258 bss->counters[WLANTEST_BSS_COUNTER_VALID_BIP_MMIE]++;
2259
2260 if (stype == WLAN_FC_STYPE_DEAUTH)
2261 bss->counters[WLANTEST_BSS_COUNTER_BIP_DEAUTH]++;
2262 else if (stype == WLAN_FC_STYPE_DISASSOC)
2263 bss->counters[WLANTEST_BSS_COUNTER_BIP_DISASSOC]++;
2264
2265 return 0;
2266 }
2267
2268
try_tk(struct wpa_ptk * ptk,const u8 * data,size_t len,size_t * dlen)2269 static u8 * try_tk(struct wpa_ptk *ptk, const u8 *data, size_t len,
2270 size_t *dlen)
2271 {
2272 const struct ieee80211_hdr *hdr;
2273 u8 *decrypted, *frame;
2274
2275 hdr = (const struct ieee80211_hdr *) data;
2276 decrypted = ccmp_decrypt(ptk->tk, hdr, data + 24, len - 24, dlen);
2277 if (!decrypted)
2278 return NULL;
2279
2280 frame = os_malloc(24 + *dlen);
2281 if (frame) {
2282 os_memcpy(frame, data, 24);
2283 os_memcpy(frame + 24, decrypted, *dlen);
2284 *dlen += 24;
2285 }
2286 os_free(decrypted);
2287 return frame;
2288 }
2289
2290
mgmt_ccmp_decrypt_tk(struct wlantest * wt,const u8 * data,size_t len,size_t * dlen)2291 static u8 * mgmt_ccmp_decrypt_tk(struct wlantest *wt, const u8 *data,
2292 size_t len, size_t *dlen)
2293 {
2294 struct wlantest_ptk *ptk;
2295 u8 *decrypted;
2296 int prev_level = wpa_debug_level;
2297 int keyid;
2298
2299 keyid = data[24 + 3] >> 6;
2300
2301 wpa_debug_level = MSG_WARNING;
2302 dl_list_for_each(ptk, &wt->ptk, struct wlantest_ptk, list) {
2303 decrypted = try_tk(&ptk->ptk, data, len, dlen);
2304 if (decrypted) {
2305 wpa_debug_level = prev_level;
2306 add_note(wt, MSG_DEBUG,
2307 "Found TK match from the list of all known TKs");
2308 write_decrypted_note(wt, decrypted, ptk->ptk.tk,
2309 ptk->ptk.tk_len, keyid);
2310 return decrypted;
2311 }
2312 }
2313 wpa_debug_level = prev_level;
2314
2315 return NULL;
2316 }
2317
2318
mgmt_ccmp_decrypt(struct wlantest * wt,const u8 * data,size_t len,size_t * dlen)2319 static u8 * mgmt_ccmp_decrypt(struct wlantest *wt, const u8 *data, size_t len,
2320 size_t *dlen)
2321 {
2322 struct wlantest_bss *bss;
2323 struct wlantest_sta *sta;
2324 const struct ieee80211_hdr *hdr;
2325 int keyid;
2326 u8 *decrypted, *frame = NULL;
2327 u8 pn[6], *rsc;
2328 u16 fc;
2329 u8 mask;
2330
2331 hdr = (const struct ieee80211_hdr *) data;
2332 fc = le_to_host16(hdr->frame_control);
2333
2334 if (len < 24 + 4)
2335 return NULL;
2336
2337 if (!(data[24 + 3] & 0x20)) {
2338 add_note(wt, MSG_INFO, "Expected CCMP frame from " MACSTR
2339 " did not have ExtIV bit set to 1",
2340 MAC2STR(hdr->addr2));
2341 return NULL;
2342 }
2343
2344 mask = 0x1f;
2345 if (WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_ACTION ||
2346 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_ACTION_NO_ACK)
2347 mask &= ~0x10; /* FTM */
2348 if (data[24 + 2] != 0 || (data[24 + 3] & mask) != 0) {
2349 add_note(wt, MSG_INFO, "CCMP mgmt frame from " MACSTR " used "
2350 "non-zero reserved bit", MAC2STR(hdr->addr2));
2351 }
2352
2353 keyid = data[24 + 3] >> 6;
2354 if (keyid != 0) {
2355 add_note(wt, MSG_INFO, "Unexpected non-zero KeyID %d in "
2356 "individually addressed Management frame from "
2357 MACSTR, keyid, MAC2STR(hdr->addr2));
2358 }
2359
2360 bss = bss_get(wt, hdr->addr3);
2361 if (bss == NULL)
2362 return mgmt_ccmp_decrypt_tk(wt, data, len, dlen);
2363 if (os_memcmp(hdr->addr1, hdr->addr3, ETH_ALEN) == 0)
2364 sta = sta_get(bss, hdr->addr2);
2365 else
2366 sta = sta_get(bss, hdr->addr1);
2367 if (sta == NULL || !sta->ptk_set) {
2368 decrypted = mgmt_ccmp_decrypt_tk(wt, data, len, dlen);
2369 if (!decrypted)
2370 add_note(wt, MSG_MSGDUMP,
2371 "No PTK known to decrypt the frame");
2372 return decrypted;
2373 }
2374
2375 if (os_memcmp(hdr->addr1, hdr->addr3, ETH_ALEN) == 0)
2376 rsc = sta->rsc_tods[16];
2377 else
2378 rsc = sta->rsc_fromds[16];
2379
2380 ccmp_get_pn(pn, data + 24);
2381 if (os_memcmp(pn, rsc, 6) <= 0) {
2382 u16 seq_ctrl = le_to_host16(hdr->seq_ctrl);
2383 add_note(wt, MSG_INFO, "CCMP/TKIP replay detected: A1=" MACSTR
2384 " A2=" MACSTR " A3=" MACSTR " seq=%u frag=%u%s",
2385 MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
2386 MAC2STR(hdr->addr3),
2387 WLAN_GET_SEQ_SEQ(seq_ctrl),
2388 WLAN_GET_SEQ_FRAG(seq_ctrl),
2389 (le_to_host16(hdr->frame_control) & WLAN_FC_RETRY) ?
2390 " Retry" : "");
2391 wpa_hexdump(MSG_INFO, "RX PN", pn, 6);
2392 wpa_hexdump(MSG_INFO, "RSC", rsc, 6);
2393 }
2394
2395 decrypted = ccmp_decrypt(sta->ptk.tk, hdr, data + 24, len - 24, dlen);
2396 if (decrypted) {
2397 os_memcpy(rsc, pn, 6);
2398 frame = os_malloc(24 + *dlen);
2399 if (frame) {
2400 os_memcpy(frame, data, 24);
2401 os_memcpy(frame + 24, decrypted, *dlen);
2402 *dlen += 24;
2403 }
2404 } else {
2405 /* Assume the frame was corrupted and there was no FCS to check.
2406 * Allow retry of this particular frame to be processed so that
2407 * it could end up getting decrypted if it was received without
2408 * corruption. */
2409 sta->allow_duplicate = 1;
2410 }
2411
2412 os_free(decrypted);
2413
2414 return frame;
2415 }
2416
2417
check_mgmt_ccmp(struct wlantest * wt,const u8 * data,size_t len)2418 static int check_mgmt_ccmp(struct wlantest *wt, const u8 *data, size_t len)
2419 {
2420 const struct ieee80211_mgmt *mgmt;
2421 u16 fc;
2422 struct wlantest_bss *bss;
2423 struct wlantest_sta *sta;
2424
2425 mgmt = (const struct ieee80211_mgmt *) data;
2426 fc = le_to_host16(mgmt->frame_control);
2427
2428 if (WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_ACTION ||
2429 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_ACTION_NO_ACK) {
2430 if (len > 24 &&
2431 mgmt->u.action.category == WLAN_ACTION_PUBLIC)
2432 return 0; /* Not a robust management frame */
2433 }
2434
2435 bss = bss_get(wt, mgmt->bssid);
2436 if (bss == NULL)
2437 return 0;
2438 if (os_memcmp(mgmt->da, mgmt->bssid, ETH_ALEN) == 0)
2439 sta = sta_get(bss, mgmt->sa);
2440 else
2441 sta = sta_get(bss, mgmt->da);
2442 if (sta == NULL)
2443 return 0;
2444
2445 if ((bss->rsn_capab & WPA_CAPABILITY_MFPC) &&
2446 (sta->rsn_capab & WPA_CAPABILITY_MFPC) &&
2447 (sta->state == STATE3 ||
2448 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_ACTION ||
2449 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_ACTION_NO_ACK)) {
2450 add_note(wt, MSG_INFO, "Robust individually-addressed "
2451 "management frame sent without CCMP by "
2452 MACSTR, MAC2STR(mgmt->sa));
2453 return -1;
2454 }
2455
2456 return 0;
2457 }
2458
2459
rx_mgmt(struct wlantest * wt,const u8 * data,size_t len)2460 void rx_mgmt(struct wlantest *wt, const u8 *data, size_t len)
2461 {
2462 const struct ieee80211_hdr *hdr;
2463 u16 fc, stype;
2464 int valid = 1;
2465 u8 *decrypted = NULL;
2466 size_t dlen;
2467
2468 if (len < 24)
2469 return;
2470
2471 hdr = (const struct ieee80211_hdr *) data;
2472 fc = le_to_host16(hdr->frame_control);
2473 wt->rx_mgmt++;
2474 stype = WLAN_FC_GET_STYPE(fc);
2475
2476 if ((hdr->addr1[0] & 0x01) &&
2477 (stype == WLAN_FC_STYPE_DEAUTH ||
2478 stype == WLAN_FC_STYPE_DISASSOC ||
2479 stype == WLAN_FC_STYPE_ACTION ||
2480 stype == WLAN_FC_STYPE_ACTION_NO_ACK)) {
2481 if (check_bip(wt, data, len) < 0)
2482 valid = 0;
2483 }
2484
2485 wpa_printf((stype == WLAN_FC_STYPE_BEACON ||
2486 stype == WLAN_FC_STYPE_PROBE_RESP ||
2487 stype == WLAN_FC_STYPE_PROBE_REQ) ?
2488 MSG_EXCESSIVE : MSG_MSGDUMP,
2489 "MGMT %s%s%s DA=" MACSTR " SA=" MACSTR " BSSID=" MACSTR,
2490 mgmt_stype(stype),
2491 fc & WLAN_FC_PWRMGT ? " PwrMgt" : "",
2492 fc & WLAN_FC_ISWEP ? " Prot" : "",
2493 MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
2494 MAC2STR(hdr->addr3));
2495
2496 if ((fc & WLAN_FC_ISWEP) &&
2497 !(hdr->addr1[0] & 0x01) &&
2498 (stype == WLAN_FC_STYPE_DEAUTH ||
2499 stype == WLAN_FC_STYPE_DISASSOC ||
2500 stype == WLAN_FC_STYPE_ACTION ||
2501 stype == WLAN_FC_STYPE_ACTION_NO_ACK)) {
2502 decrypted = mgmt_ccmp_decrypt(wt, data, len, &dlen);
2503 if (decrypted) {
2504 write_pcap_decrypted(wt, decrypted, dlen, NULL, 0);
2505 data = decrypted;
2506 len = dlen;
2507 } else
2508 valid = 0;
2509 }
2510
2511 if (!(fc & WLAN_FC_ISWEP) &&
2512 !(hdr->addr1[0] & 0x01) &&
2513 (stype == WLAN_FC_STYPE_DEAUTH ||
2514 stype == WLAN_FC_STYPE_DISASSOC ||
2515 stype == WLAN_FC_STYPE_ACTION ||
2516 stype == WLAN_FC_STYPE_ACTION_NO_ACK)) {
2517 if (check_mgmt_ccmp(wt, data, len) < 0)
2518 valid = 0;
2519 }
2520
2521 switch (stype) {
2522 case WLAN_FC_STYPE_BEACON:
2523 rx_mgmt_beacon(wt, data, len);
2524 break;
2525 case WLAN_FC_STYPE_PROBE_RESP:
2526 rx_mgmt_probe_resp(wt, data, len);
2527 break;
2528 case WLAN_FC_STYPE_AUTH:
2529 rx_mgmt_auth(wt, data, len);
2530 break;
2531 case WLAN_FC_STYPE_DEAUTH:
2532 rx_mgmt_deauth(wt, data, len, valid);
2533 break;
2534 case WLAN_FC_STYPE_ASSOC_REQ:
2535 rx_mgmt_assoc_req(wt, data, len);
2536 break;
2537 case WLAN_FC_STYPE_ASSOC_RESP:
2538 rx_mgmt_assoc_resp(wt, data, len);
2539 break;
2540 case WLAN_FC_STYPE_REASSOC_REQ:
2541 rx_mgmt_reassoc_req(wt, data, len);
2542 break;
2543 case WLAN_FC_STYPE_REASSOC_RESP:
2544 rx_mgmt_reassoc_resp(wt, data, len);
2545 break;
2546 case WLAN_FC_STYPE_DISASSOC:
2547 rx_mgmt_disassoc(wt, data, len, valid);
2548 break;
2549 case WLAN_FC_STYPE_ACTION:
2550 rx_mgmt_action(wt, data, len, valid, false);
2551 break;
2552 case WLAN_FC_STYPE_ACTION_NO_ACK:
2553 rx_mgmt_action(wt, data, len, valid, true);
2554 break;
2555 }
2556
2557 os_free(decrypted);
2558
2559 wt->last_mgmt_valid = valid;
2560 }
2561
2562
rx_mgmt_deauth_ack(struct wlantest * wt,const struct ieee80211_hdr * hdr)2563 static void rx_mgmt_deauth_ack(struct wlantest *wt,
2564 const struct ieee80211_hdr *hdr)
2565 {
2566 const struct ieee80211_mgmt *mgmt;
2567 struct wlantest_bss *bss;
2568 struct wlantest_sta *sta;
2569
2570 mgmt = (const struct ieee80211_mgmt *) hdr;
2571 bss = bss_get(wt, mgmt->bssid);
2572 if (bss == NULL)
2573 return;
2574 if (os_memcmp(mgmt->sa, mgmt->bssid, ETH_ALEN) == 0)
2575 sta = sta_get(bss, mgmt->da);
2576 else
2577 sta = sta_get(bss, mgmt->sa);
2578 if (sta == NULL)
2579 return;
2580
2581 add_note(wt, MSG_DEBUG, "DEAUTH from " MACSTR " acknowledged by "
2582 MACSTR, MAC2STR(mgmt->sa), MAC2STR(mgmt->da));
2583 if (os_memcmp(mgmt->sa, mgmt->bssid, ETH_ALEN) == 0) {
2584 int c;
2585 c = wt->last_mgmt_valid ?
2586 WLANTEST_STA_COUNTER_VALID_DEAUTH_RX_ACK :
2587 WLANTEST_STA_COUNTER_INVALID_DEAUTH_RX_ACK;
2588 sta->counters[c]++;
2589 }
2590 }
2591
2592
rx_mgmt_disassoc_ack(struct wlantest * wt,const struct ieee80211_hdr * hdr)2593 static void rx_mgmt_disassoc_ack(struct wlantest *wt,
2594 const struct ieee80211_hdr *hdr)
2595 {
2596 const struct ieee80211_mgmt *mgmt;
2597 struct wlantest_bss *bss;
2598 struct wlantest_sta *sta;
2599
2600 mgmt = (const struct ieee80211_mgmt *) hdr;
2601 bss = bss_get(wt, mgmt->bssid);
2602 if (bss == NULL)
2603 return;
2604 if (os_memcmp(mgmt->sa, mgmt->bssid, ETH_ALEN) == 0)
2605 sta = sta_get(bss, mgmt->da);
2606 else
2607 sta = sta_get(bss, mgmt->sa);
2608 if (sta == NULL)
2609 return;
2610
2611 add_note(wt, MSG_DEBUG, "DISASSOC from " MACSTR " acknowledged by "
2612 MACSTR, MAC2STR(mgmt->sa), MAC2STR(mgmt->da));
2613 if (os_memcmp(mgmt->sa, mgmt->bssid, ETH_ALEN) == 0) {
2614 int c;
2615 c = wt->last_mgmt_valid ?
2616 WLANTEST_STA_COUNTER_VALID_DISASSOC_RX_ACK :
2617 WLANTEST_STA_COUNTER_INVALID_DISASSOC_RX_ACK;
2618 sta->counters[c]++;
2619 }
2620 }
2621
2622
rx_mgmt_ack(struct wlantest * wt,const struct ieee80211_hdr * hdr)2623 void rx_mgmt_ack(struct wlantest *wt, const struct ieee80211_hdr *hdr)
2624 {
2625 u16 fc, stype;
2626 fc = le_to_host16(hdr->frame_control);
2627 stype = WLAN_FC_GET_STYPE(fc);
2628
2629 wpa_printf(MSG_MSGDUMP, "MGMT ACK: stype=%u a1=" MACSTR " a2=" MACSTR
2630 " a3=" MACSTR,
2631 stype, MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
2632 MAC2STR(hdr->addr3));
2633
2634 switch (stype) {
2635 case WLAN_FC_STYPE_DEAUTH:
2636 rx_mgmt_deauth_ack(wt, hdr);
2637 break;
2638 case WLAN_FC_STYPE_DISASSOC:
2639 rx_mgmt_disassoc_ack(wt, hdr);
2640 break;
2641 }
2642 }
2643