hostapd: Extend RESET_PN for BIGTK

Extend the RESET_PN command to allow resetting the BIGTK PN
for testing.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This commit is contained in:
Johannes Berg 2020-05-07 10:26:48 +02:00 committed by Jouni Malinen
parent 4a0b27c62f
commit bd1aebbd08
3 changed files with 44 additions and 5 deletions

View file

@ -2165,6 +2165,32 @@ static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd)
if (hwaddr_aton(cmd, addr)) if (hwaddr_aton(cmd, addr))
return -1; return -1;
if (is_broadcast_ether_addr(addr) && os_strstr(cmd, " BIGTK")) {
if (hapd->last_bigtk_alg == WPA_ALG_NONE)
return -1;
wpa_printf(MSG_INFO, "TESTING: Reset BIPN for BIGTK");
/* First, use a zero key to avoid any possible duplicate key
* avoidance in the driver. */
if (hostapd_drv_set_key(hapd->conf->iface, hapd,
hapd->last_bigtk_alg,
broadcast_ether_addr,
hapd->last_bigtk_key_idx, 0, 1, NULL, 0,
zero, hapd->last_bigtk_len,
KEY_FLAG_GROUP_TX_DEFAULT) < 0)
return -1;
/* Set the previously configured key to reset its TSC */
return hostapd_drv_set_key(hapd->conf->iface, hapd,
hapd->last_bigtk_alg,
broadcast_ether_addr,
hapd->last_bigtk_key_idx, 0, 1, NULL,
0, hapd->last_bigtk,
hapd->last_bigtk_len,
KEY_FLAG_GROUP_TX_DEFAULT);
}
if (is_broadcast_ether_addr(addr) && os_strstr(cmd, "IGTK")) { if (is_broadcast_ether_addr(addr) && os_strstr(cmd, "IGTK")) {
if (hapd->last_igtk_alg == WPA_ALG_NONE) if (hapd->last_igtk_alg == WPA_ALG_NONE)
return -1; return -1;

View file

@ -349,6 +349,11 @@ struct hostapd_data {
int last_igtk_key_idx; int last_igtk_key_idx;
u8 last_igtk[WPA_IGTK_MAX_LEN]; u8 last_igtk[WPA_IGTK_MAX_LEN];
size_t last_igtk_len; size_t last_igtk_len;
enum wpa_alg last_bigtk_alg;
int last_bigtk_key_idx;
u8 last_bigtk[WPA_BIGTK_MAX_LEN];
size_t last_bigtk_len;
#endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_TESTING_OPTIONS */
#ifdef CONFIG_MBO #ifdef CONFIG_MBO

View file

@ -457,11 +457,19 @@ static int hostapd_wpa_auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg,
alg == WPA_ALG_BIP_GMAC_128 || alg == WPA_ALG_BIP_GMAC_128 ||
alg == WPA_ALG_BIP_GMAC_256 || alg == WPA_ALG_BIP_GMAC_256 ||
alg == WPA_ALG_BIP_CMAC_256) { alg == WPA_ALG_BIP_CMAC_256) {
if (idx == 4 || idx == 5) {
hapd->last_igtk_alg = alg; hapd->last_igtk_alg = alg;
hapd->last_igtk_key_idx = idx; hapd->last_igtk_key_idx = idx;
if (key) if (key)
os_memcpy(hapd->last_igtk, key, key_len); os_memcpy(hapd->last_igtk, key, key_len);
hapd->last_igtk_len = key_len; hapd->last_igtk_len = key_len;
} else if (idx == 6 || idx == 7) {
hapd->last_bigtk_alg = alg;
hapd->last_bigtk_key_idx = idx;
if (key)
os_memcpy(hapd->last_bigtk, key, key_len);
hapd->last_bigtk_len = key_len;
}
} else { } else {
hapd->last_gtk_alg = alg; hapd->last_gtk_alg = alg;
hapd->last_gtk_key_idx = idx; hapd->last_gtk_key_idx = idx;