Commit graph

202 commits

Author SHA1 Message Date
Jouni Malinen
01b0569437 Added protection against EAP-AKA' -> EAP-AKA bidding down attacks
AT_BIDDING attribute is included in EAP-AKA/Challenge to allow peer to
know whether the server would have preferred EAP-AKA'.
2008-12-05 22:25:47 +02:00
Jouni Malinen
8de5048e26 Fixed a typo in a comment 2008-12-04 22:15:51 +02:00
Jouni Malinen
a478ef0d12 EAP-AKA': Added CK',IK' derivation
This is based on a change request 3GPP TS 33.402 CR 0033 for version
8.1.1. The hardcoded ANID is now 'WLAN' since that is used in
3GPP TS 24.302.
2008-12-04 21:50:56 +02:00
Jouni Malinen
a49c428a1b EAP-AKA': Comment out EAP-AKA' server KDF negotiation
Since only one KDF is currently supported, the negotiation is not
allowed and peer must be rejected if it tries to send KDF selection in a
Challenge message. The negotiation code is left in the file and just
commented out since it was tested to work and can be used in the future
if another KDF is added.
2008-12-04 20:32:56 +02:00
Jouni Malinen
6ec4021c03 EAP-AKA': Added processing of AT_KDF and AT_KDF_INPUT attributes
Network Name is not yet generated and validated based on 3GPP.33.402
(i.e., a hardcoded string is used in server and anything is accepted in
peer).
2008-12-04 20:29:46 +02:00
Jouni Malinen
b8ab624984 Fixed EAP-SIM and EAP-AKA AT_IDENTITY parsing (server only)
The attribute uses 'Actual Identity Length' field to indicate the exact
(pre-padding) length of the Identity. This actual length should be used
as the length, not the remaining attribute length.

This was previously worked around by stripping null termination away
from the end of the identity string at EAP-SIM and EAP-AKA server code.
However, it is likely that that workaround is not really needed and the
real problem was in AT_IDENTITY parsing. Anyway, the workaround is left
in just in case it was really needed with some implementations.
2008-12-04 18:51:42 +02:00
Jouni Malinen
15828ba820 Made 802.11 management frame IE parser aware of vendor HT Capab IE
This IE is not (at least yet) actually used for anything, but parsing it
cleans up verbose debug log a bit since thie previously unknown, but
commonly used, vendor IE was being reported as unknown.
2008-12-04 13:42:33 +02:00
Jouni Malinen
73d48dc4b4 EAP-AKA': Allow both AKA AKA' to be registed from eap_aka_prime.c
This allows the same source code file to be shared for both methods. For
now, this is only in eap_aka_prime.c, but eventually, changes in
eap_aka_prime.c are likely to be merged into eap_aka.c at which point
the separate eap_aka_prime.c can be removed.
2008-12-03 19:59:52 +02:00
Jouni Malinen
9881795e2c EAP-AKA': Derive keys using the new KDF (PRF') 2008-12-03 19:22:20 +02:00
Jouni Malinen
806f869918 EAP-AKA': Use HMAC-SHA-256-128 for AT_MAC 2008-12-02 21:29:26 +02:00
Jouni Malinen
f54e2c34bf EAP-AKA': Use SHA256 for AT_CHECKCODE 2008-12-02 21:05:38 +02:00
Jouni Malinen
f09d19d46a Use a variable to store EAP method type for EAP-AKA vs. EAP-AKA'
This makes it easier to eventually replace EAP-AKA implementation with a
shared implementation that supports both EAP-AKA and EAP-AKA'.
2008-12-02 20:27:05 +02:00
Jouni Malinen
8c37556cd1 Add a starting point for EAP-AKA' (draft-arkko-eap-aka-kdf-10)
This is just making an as-is copy of EAP-AKA server and peer
implementation into a new file and by using the different EAP method
type that is allocated for EAP-AKA' (50). None of the other differences
between EAP-AKA and EAP-AKA' are not yet included.

It is likely that once EAP-AKA' implementation is done and is found to
work correctly, large part of the EAP-AKA and EAP-AKA' code will be
shared. However, it is not reasonable to destabilize EAP-AKA
implementation at this point before it is clearer what the final
differences will be.
2008-12-02 20:12:49 +02:00
Jouni Malinen
08bec36178 WPS: Added support for wildcard PINs that work with any UUID-E
Since the Registrar may not yet know the UUID-E when a new PIN is
entered, use of a wildcard PIN that works with any UUID-E can be useful.
Such a PIN will be bound to the first Enrollee trying to use it and it
will be invalidated after the first use.
2008-11-30 20:32:03 +02:00
Jouni Malinen
79d7d8efe7 WPS: Added more verbose debug info on authentication type mismatch 2008-11-30 19:56:11 +02:00
Jouni Malinen
351f09a221 WPS: Added support for fragmented WPS IE in Beacon and Probe Response
Fragment WPS IE if needed to fit into the IE length limits in hostapd
and Reassemble WPS IE data from multiple IEs in wpa_supplicant.

In addition, moved WPS code from events.c into wps_supplicant.c to clean
up module interfaces.
2008-11-29 22:06:34 +02:00
Jouni Malinen
23f53f2a81 WPS: Get AP PIN from configuration instead of using hardcoded value 2008-11-29 21:07:35 +02:00
Jouni Malinen
e05716d0b0 WPS: Added helper functions for generating and validating PINs 2008-11-29 14:02:09 +02:00
Jouni Malinen
b01c18a8ef WPS: Set Request Type properly into WPS IE in ProbeReq/AssocReq 2008-11-29 13:38:03 +02:00
Jouni Malinen
b8a8c299c8 WPS: Moved WPS IE building for ProbeReq/AssocReq into wps.c
These functions fit in better with the category of functions included in
wps.c. wps_common.c is now used for generic helper functions (currently,
only crypto code).
2008-11-29 13:21:28 +02:00
Jouni Malinen
7d7b8e960a WPS: Split wps_common.c into parts
To make it easier to find various functions, attribute functions were
split into wps_attr_{build,parse,process}.c.
2008-11-29 13:16:26 +02:00
Jouni Malinen
120bd30c34 WPS: Moved RF Bands processing into wps_dev_attr.c
This allows the RF Bands attribute to be configured and stored.
2008-11-29 12:59:43 +02:00
Jouni Malinen
c0d041d9a7 WPS: Moved ProbeReq/AssocReq WPS IE building into wps_common.c
This code and the related attributes are not specific to Enrollee
functionality, so wps_common.c is the correct location for them.
2008-11-29 12:44:02 +02:00
Jouni Malinen
7d7c918d97 WPS: Pass device data into wps_enrollee_build_probe_req_ie()
Use configured device data instead of hardcoded values to generate WPS
IE for Probe Request.
2008-11-29 12:19:30 +02:00
Jouni Malinen
eb76b7e3ff WPS: Parse Request Type from WPS IE in (Re)AssocReq and derive mgmt keys
WPS IE is now passed from hostapd association processing into EAP-WSC
and WPS processing. Request Type attribute is parsed from this
information and if the request is for a WLAN Manager Registrar,
additional management keys are derived (to be used with UPnP).
2008-11-29 12:11:56 +02:00
Jouni Malinen
e9ab39b444 WPS: Added comments for main data structures 2008-11-28 20:50:08 +02:00
Jouni Malinen
398cfbf6be WPS: Moved mac_addr and uuid configuration into wps_context
There is no need to complicate EAPOL and EAP interfaces with WPS
specific parameters now that wps_context is passed through.
2008-11-28 20:44:47 +02:00
Jouni Malinen
116654ce24 WPS: Moved wps_context initialization into wps_supplicant.c
The wps_context data is now managed at wpa_supplicant, not EAP-WSC. This
makes wpa_supplicant design for WPS match with hostapd one and also
makes it easier configure whatever parameters and callbacks are needed
for WPS.
2008-11-28 20:32:13 +02:00
Jouni Malinen
bcbbc7af45 WPS: Merged two cred_cb variables into the same one
Previously, wpa_supplicant as Enrollee case was handled using a
different callback function pointer. However, now that the wps_context
structure is allocated for all cases, the same variable can be used in
all cases.
2008-11-28 20:02:32 +02:00
Jouni Malinen
ff434cbdda WPS: Moved device attributes into wps_context::dev for Enrollee case
Previously, hardcoded values were used in wps_enrollee.c. These are now
moved into shared data in struct wps_context. In case of
AP/Authenticator, these are initialized in wps_hostapd.c. In case of
client/supplicant, these are now initialized in EAP-WSC peer method,
but will probably end up being moved into higher layer for better
configuration.
 EAP-WSC peer method for
2008-11-28 19:29:22 +02:00
Jouni Malinen
9d695f3dd0 WPS: Update supplicant configuration when acting as an external Registrar
This allows the network to be used after the Registrar configuration
step. The local WPS network is replaced with a new network block
similarly to the case of acting as an Enrollee.
2008-11-27 21:23:43 +02:00
Jouni Malinen
3f42d42c07 WPS: Moved Credential building to use struct wps_credential
This makes it easier to store old AP settings into wps->cred (and allow
them to modified and taken into use in the future). Separation between
Credential and AP Settings building is also cleaner in this design.
2008-11-27 21:14:39 +02:00
Jouni Malinen
96a2ed9f50 WPS: Process old AP Settings in M7 when registering as external Registrar
The old (i.e., currently used) AP Settings are processed. For now, they
are copied as-is into M8 as new AP Settings to avoid changing
configuration. This should be changed to allow external programs (e.g.,
GUI) to fetch the old AP settings over ctrl_iface and then allow
settings to be changed before sending M8 with the new settings.
2008-11-27 20:32:39 +02:00
Jouni Malinen
fced73755f WPS: Moved Credential and AP Settings processing in common code
The core processing of attributes into struct wps_credential is now in
wps_common.c (was in wps_enrollee.c), so that the same code can be
shared with Registrar.
2008-11-27 20:15:48 +02:00
Jouni Malinen
82c39bf10f Fixed a typo in a debug message 2008-11-27 19:38:52 +02:00
Jouni Malinen
76603ad4c8 WPS: Added parsing of Request Type and Response Type attributes 2008-11-26 21:00:27 +02:00
Jouni Malinen
f855f923a7 WPS: Moved UUID configuration from phase1 into global config area 2008-11-26 20:47:24 +02:00
Jouni Malinen
6dcfad915f PEAPv0: Added support for IPMK/CMK derivation in session resumption case 2008-11-26 13:27:40 +02:00
Jouni Malinen
a8d8410e1f Added support for configuring secondary channel offset for HT40 2008-11-24 16:33:45 +02:00
Jouni Malinen
fc14f56759 Added IEEE 802.11n HT capability configuration (ht_capab) 2008-11-24 15:44:25 +02:00
Jouni Malinen
ba4dc6be9e Updated HT Capabilities Info field names to match with 802.11n/D7.0 2008-11-24 15:08:02 +02:00
Jouni Malinen
191a8ad794 Use SSL_F_SSL_SET_SESSION_TICKET_EXT instead of OPENSSL_VERSION_NUMBER
to figure out whether to use the new session ticket override API with
OpenSSL.
2008-11-23 21:14:43 +02:00
Jouni Malinen
d268507aa0 Reject GPSK-3 if ID_Server in it does not match with the value in GPSK-1 2008-11-23 20:06:13 +02:00
Jouni Malinen
afc7a7ad3c Add a .gitignore for the new wps directory. 2008-11-23 19:40:37 +02:00
Jouni Malinen
ad08c3633c Added preliminary Wi-Fi Protected Setup (WPS) implementation
This adds WPS support for both hostapd and wpa_supplicant. Both programs
can be configured to act as WPS Enrollee and Registrar. Both PBC and PIN
methods are supported.

Currently, hostapd has more complete configuration option for WPS
parameters and wpa_supplicant configuration style will likely change in
the future. External Registrars are not yet supported in hostapd or
wpa_supplicant. While wpa_supplicant has initial support for acting as
an Registrar to configure an AP, this is still using number of hardcoded
parameters which will need to be made configurable for proper operation.
2008-11-23 19:34:26 +02:00
Jouni Malinen
4dcfc4a5ae Preparations for 0.6.6 release 2008-11-23 17:00:52 +02:00
Jouni Malinen
a532c108bd Add more verbose debug output for GSM-Milenage use (RAND,SRES,Kc) 2008-11-22 14:06:58 +02:00
Jouni Malinen
1ac2d4a9ee Fixed canceling of PMKSA caching with driver generated RSN IE
It looks like some Windows NDIS drivers (e.g., Intel) do not clear the
PMKID list even when wpa_supplicant explicitly sets the list to be
empty. In such a case, the driver ends up trying to use PMKSA caching
with the AP and wpa_supplicant may not have the PMK that would be needed
to complete 4-way handshake.

RSN processing already had some code for aborting PMKSA caching by
sending EAPOL-Start. However, this was not triggered in this particular
case where the driver generates the RSN IE. With this change, this case
is included, too, and the failed PMKSA caching attempt is cleanly
canceled and wpa_supplicant can fall back to full EAP authentication.
2008-11-21 15:31:25 +02:00
Jouni Malinen
012783f1ab Fixed EAP-TLS message fragmentation for the last TLS message
It the message was large enough to require fragmentation (e.g., if a large
Session Ticket data is included), More Fragment flag was set, but no
more fragments were actually sent (i.e., Access-Accept was sent out).
2008-11-20 19:39:35 +02:00
Jouni Malinen
f32fe71a1f Fixed Milenage debug output to use correct length for IK and CK 2008-11-20 15:45:31 +02:00