Verify the expected value against P802.11ac/D7.0 CCMP-256, GCMP-256,
BIP-GMAC-128, and BIP-GMAC-256 test vectors.
Signed-hostap: Jouni Malinen <j@w1.fi>
IEEE Std 802.11ad-2012 includes two test vectors for GCMP. Verify both
of those and also verify that the results match the values in the
standard instead of just verifying that decrypted frame matches
original.
Signed-hostap: Jouni Malinen <j@w1.fi>
When writing pcap-ng files, always include a radiotap
header even if there wasn't one in the input. For now
just drop prism headers, I don't have any to test.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Some corner cases may result in both directions of TDLS tracking context
existing. If that is the case, the incorrect one may end up getting
picked when figuring out which TK to use for decryption or fix
statistics counter to increment. Fix this by preferring the context that
has TDLS link up.
Signed-hostap: Jouni Malinen <j@w1.fi>
This adds debug information from wlantest into pcapng frame comments to
make the information more convenient to use, e.g., in Wireshark.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new -n<file> command line argument can be used to request wlantest
to write all read or captured frames into a pcapng file. This is similar
to the -w argument, but with pcapng allowing per-frame comments to be
embedded in the file.
Signed-hostap: Jouni Malinen <j@w1.fi>
Injecting protected broadcast frames fails because of the unnecessary
null check for sta. In case of broadcast frames sta can be null, so
remove the check.
Reported-by: Janardhan R <janardhanr@posedge.com>
Signed-hostap: Chaitanya T K <chaitanyatk@posedge.com>
TK was incorrectly truncated in a way that resulted in CCMP (128-bit
key) encryption being used in practice.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When using DLT_IEEE802_11 datalink type in a pcap file, wlantest will now
add a radiotap header to the re-written pcap file to make sure all frames
in the output file will include the radiotap header.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When using DLT_IEEE802_11 datalink type in a pcap file, wlantest can now
be instructed to assume there is an FCS included in the frame by adding
the new -F command line argument. This will make wlantest validate the
FCS and strip it from the frame before processing.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This is needed to allow capture files from the mac80211 cooked monitor
mode interface to be processed properly. Without this, the locally
generated frames may not get processed.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is a generic AES CCM implementation that can be used for other
purposes than just implementing CCMP, so it fits better in a separate
file in src/crypto.
Signed-hostap: Jouni Malinen <j@w1.fi>
This adds 192-bit and 256-bit key support to the internal AES
implementation and extends the AES-GCM functions to accept key length to
enable longer AES key use.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is a generic AES GCM and GMAC implementation that can be used for
other purposes than just implementing GCMP, so it fits better in a
separate file in src/crypto.
Signed-hostap: Jouni Malinen <j@w1.fi>
There is no need to allocate a temporary buffer and build GHASH input
data into it. Instead, ghash() is trivial to split into update part that
can be called separately for each segment.
Signed-hostap: Jouni Malinen <j@w1.fi>
GCMP encodes length of AAD differently, so remove the unnecessary
code that got copied from the CCMP implementation.
Signed-hostap: Jouni Malinen <j@w1.fi>
This version can generate CCMP and TKIP test vectors that match with
the IEEE Std 802.11-2012, Annex M.6.3 and M.6.4.
Signed-hostap: Jouni Malinen <j@w1.fi>
The WPA/RSN IE in EAPOL-Key 2/4 is more reliable than the one in
(Re)Association Request frame. Update the STA info base don the
EAPOL-Key frame so that the correct cipher information is used
even if the (Re)Association Request frame is missing or corrupted
in the capture.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
KEK from TPTK needs to be used instead of from PTK when processing
rekeying case similarly to what was already done with KCK.
Signed-hostap: Jouni Malinen <j@w1.fi>
A text file with MSK/PMK entries (one key per line in hexdump format)
can be read into wlantest (-f<path to file>) to initialize list of
known PMKs.
Signed-hostap: Jouni Malinen <j@w1.fi>
Use a temporary PTK buffer during 4-way handshake when rekeying PTK
so that the new EAPOL-Key frame MIC values are checked against the
new PTK and frames are decrypted using the old PTK. Take the new
PTK into use once msg 4/4 is processed and clear RSC counters at
that point (including moving of RSC update to avoid setting RSC
based on the msg 4/4).
In addition, add a workaround to handle supplicant implementations that
set Secure bit to one during PTK rekeying 4-way handshake in msg 2/4.
This was previously assumed to be msg 4/4, but the key data contents
can be used to figure out whether this is msg 2/4 even if the Secure
bit is set to one.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
These can be useful in tests involving association state mismatch
between the AP and the STA (i.e., STA assumes it is still associated
but the AP does not have association state). In such a case, the AP
would be sending out unprotected Deauthentication or Disassociation
frames with reason code 6 or 7 depending on what frame is triggering
this.
The Timeout Interval element needs to use Association Comeback time
for the case when (Re)Association Response frame uses Status Code 30.
Verify this before incrementing the (re)assocresp_comeback counters.