Lines Matching refs:peerkey
2 * WPA Supplicant - PeerKey for Direct Link Setup (DLS)
22 #include "peerkey.h"
48 struct wpa_peerkey *peerkey = timeout_ctx;
55 struct wpa_peerkey *peerkey)
57 eloop_cancel_timeout(wpa_supplicant_smk_timeout, sm, peerkey);
58 os_free(peerkey);
125 int ver, struct wpa_peerkey *peerkey)
134 kde_len = peerkey->rsnie_p_len +
152 os_memcpy(reply->key_nonce, peerkey->pnonce, WPA_NONCE_LEN);
158 pos = wpa_add_ie(pos, peerkey->rsnie_p, peerkey->rsnie_p_len);
161 pos = wpa_add_kde(pos, RSN_KEY_DATA_MAC_ADDR, peerkey->addr, ETH_ALEN);
164 wpa_add_kde(pos, RSN_KEY_DATA_NONCE, peerkey->inonce, WPA_NONCE_LEN);
178 struct wpa_peerkey *peerkey;
229 wpa_printf(MSG_DEBUG, "RSN: Using %s for PeerKey",
235 peerkey = os_zalloc(sizeof(*peerkey));
236 if (peerkey == NULL)
238 os_memcpy(peerkey->addr, kde.mac_addr, ETH_ALEN);
239 os_memcpy(peerkey->inonce, key->key_nonce, WPA_NONCE_LEN);
240 os_memcpy(peerkey->rsnie_i, kde.rsn_ie, kde.rsn_ie_len);
241 peerkey->rsnie_i_len = kde.rsn_ie_len;
242 peerkey->cipher = cipher;
246 peerkey->use_sha256 = 1;
249 if (random_get_bytes(peerkey->pnonce, WPA_NONCE_LEN)) {
252 wpa_supplicant_peerkey_free(sm, peerkey);
256 hdr = (struct rsn_ie_hdr *) peerkey->rsnie_p;
270 hdr->len = (pos - peerkey->rsnie_p) - 2;
271 peerkey->rsnie_p_len = pos - peerkey->rsnie_p;
273 peerkey->rsnie_p, peerkey->rsnie_p_len);
275 wpa_supplicant_send_smk_m3(sm, src_addr, key, ver, peerkey);
277 peerkey->next = sm->peerkey;
278 sm->peerkey = peerkey;
323 struct wpa_peerkey *peerkey)
341 if (peerkey->cipher != WPA_CIPHER_TKIP)
349 if (peerkey->cipher != WPA_CIPHER_TKIP)
354 os_memcpy(msg->replay_counter, peerkey->replay_counter,
356 inc_byte_array(peerkey->replay_counter, WPA_REPLAY_COUNTER_LEN);
360 peerkey->smkid, PMKID_LEN);
362 if (random_get_bytes(peerkey->inonce, WPA_NONCE_LEN)) {
369 peerkey->inonce, WPA_NONCE_LEN);
370 os_memcpy(msg->key_nonce, peerkey->inonce, WPA_NONCE_LEN);
373 MAC2STR(peerkey->addr));
374 wpa_eapol_key_send(sm, NULL, ver, peerkey->addr, ETH_P_EAPOL,
380 struct wpa_peerkey *peerkey)
389 kde_len = peerkey->rsnie_i_len +
400 if (peerkey->cipher != WPA_CIPHER_TKIP)
409 if (peerkey->cipher != WPA_CIPHER_TKIP)
414 os_memcpy(msg->replay_counter, peerkey->replay_counter,
416 inc_byte_array(peerkey->replay_counter, WPA_REPLAY_COUNTER_LEN);
420 pos = wpa_add_ie(pos, peerkey->rsnie_i, peerkey->rsnie_i_len);
421 lifetime = host_to_be32(peerkey->lifetime);
425 os_memcpy(msg->key_nonce, peerkey->inonce, WPA_NONCE_LEN);
428 MAC2STR(peerkey->addr));
429 wpa_eapol_key_send(sm, peerkey->stk.kck, ver, peerkey->addr,
434 static int wpa_supplicant_process_smk_m4(struct wpa_peerkey *peerkey,
440 if (os_memcmp(kde->smk + PMK_LEN, peerkey->pnonce, WPA_NONCE_LEN) != 0)
447 if (os_memcmp(kde->nonce, peerkey->inonce, WPA_NONCE_LEN) != 0) {
461 struct wpa_peerkey *peerkey,
476 if (os_memcmp(key->key_nonce, peerkey->inonce, WPA_NONCE_LEN) != 0) {
482 if (os_memcmp(kde->smk + PMK_LEN, peerkey->inonce, WPA_NONCE_LEN) != 0)
489 os_memcpy(peerkey->rsnie_p, kde->rsn_ie, kde->rsn_ie_len);
490 peerkey->rsnie_p_len = kde->rsn_ie_len;
491 os_memcpy(peerkey->pnonce, kde->nonce, WPA_NONCE_LEN);
504 wpa_printf(MSG_DEBUG, "RSN: Using %s for PeerKey",
506 peerkey->cipher = cipher;
516 struct wpa_peerkey *peerkey;
542 for (peerkey = sm->peerkey; peerkey; peerkey = peerkey->next) {
543 if (os_memcmp(peerkey->addr, kde.mac_addr, ETH_ALEN) == 0 &&
544 os_memcmp(peerkey->initiator ? peerkey->inonce :
545 peerkey->pnonce,
549 if (peerkey == NULL) {
556 if (peerkey->initiator) {
558 peerkey, &kde) < 0)
561 if (wpa_supplicant_process_smk_m4(peerkey, &kde) < 0)
565 os_memcpy(peerkey->smk, kde.smk, PMK_LEN);
566 peerkey->smk_complete = 1;
567 wpa_hexdump_key(MSG_DEBUG, "RSN: SMK", peerkey->smk, PMK_LEN);
572 peerkey->lifetime = lifetime;
574 peerkey->expiration = now.sec + lifetime;
576 sm, peerkey);
578 if (peerkey->initiator) {
579 peerkey->smk, peerkey->pnonce, peerkey->addr,
580 peerkey->inonce, sm->own_addr, peerkey->smkid,
581 peerkey->use_sha256);
582 wpa_supplicant_send_stk_1_of_4(sm, peerkey);
584 rsn_smkid(peerkey->smk, peerkey->pnonce, sm->own_addr,
585 peerkey->inonce, peerkey->addr, peerkey->smkid,
586 peerkey->use_sha256);
588 wpa_hexdump(MSG_DEBUG, "RSN: SMKID", peerkey->smkid, PMKID_LEN);
637 struct wpa_peerkey *peerkey;
639 for (peerkey = sm->peerkey; peerkey; peerkey = peerkey->next) {
640 if (os_memcmp(peerkey->addr, kde.mac_addr, ETH_ALEN) ==
644 if (peerkey == NULL) {
657 struct wpa_peerkey *peerkey,
669 MACSTR " (ver=%d)", MAC2STR(peerkey->addr), ver);
681 if (os_memcmp(ie.pmkid, peerkey->smkid, PMKID_LEN) != 0) {
687 if (random_get_bytes(peerkey->pnonce, WPA_NONCE_LEN)) {
693 peerkey->pnonce, WPA_NONCE_LEN);
697 stk = &peerkey->tstk;
698 wpa_pmk_to_ptk(peerkey->smk, PMK_LEN, "Peer key expansion",
699 sm->own_addr, peerkey->addr,
700 peerkey->pnonce, key->key_nonce,
702 peerkey->use_sha256);
707 peerkey->tstk_set = 1;
709 kde_buf_len = peerkey->rsnie_p_len +
716 pos = wpa_add_ie(pos, peerkey->rsnie_p, peerkey->rsnie_p_len);
717 lifetime = host_to_be32(peerkey->lifetime);
720 wpa_add_kde(pos, RSN_KEY_DATA_PMKID, peerkey->smkid, PMKID_LEN);
722 if (wpa_supplicant_send_2_of_4(sm, peerkey->addr, key, ver,
723 peerkey->pnonce, kde_buf, kde_buf_len,
730 os_memcpy(peerkey->inonce, key->key_nonce, WPA_NONCE_LEN);
735 struct wpa_peerkey *peerkey,
746 if (lifetime >= peerkey->lifetime) {
749 "seconds - ignored", lifetime, peerkey->lifetime);
755 lifetime, peerkey->lifetime);
756 peerkey->lifetime = lifetime;
759 peerkey->expiration = now.sec + lifetime;
760 eloop_cancel_timeout(wpa_supplicant_smk_timeout, sm, peerkey);
762 sm, peerkey);
767 struct wpa_peerkey *peerkey,
776 MACSTR " (ver=%d)", MAC2STR(peerkey->addr), ver);
791 if (os_memcmp(kde.pmkid, peerkey->smkid, PMKID_LEN) != 0) {
797 if (kde.rsn_ie_len != peerkey->rsnie_p_len ||
798 os_memcmp(kde.rsn_ie, peerkey->rsnie_p, kde.rsn_ie_len) != 0) {
802 peerkey->rsnie_p, peerkey->rsnie_p_len);
808 wpa_supplicant_update_smk_lifetime(sm, peerkey, &kde);
810 wpa_supplicant_send_stk_3_of_4(sm, peerkey);
811 os_memcpy(peerkey->pnonce, key->key_nonce, WPA_NONCE_LEN);
816 struct wpa_peerkey *peerkey,
827 MACSTR " (ver=%d)", MAC2STR(peerkey->addr), ver);
842 if (kde.rsn_ie_len != peerkey->rsnie_i_len ||
843 os_memcmp(kde.rsn_ie, peerkey->rsnie_i, kde.rsn_ie_len) != 0) {
848 peerkey->rsnie_i, peerkey->rsnie_i_len);
855 if (os_memcmp(peerkey->inonce, key->key_nonce, WPA_NONCE_LEN) != 0) {
859 MAC2STR(peerkey->addr));
863 wpa_supplicant_update_smk_lifetime(sm, peerkey, &kde);
865 if (wpa_supplicant_send_4_of_4(sm, peerkey->addr, key, ver,
867 NULL, 0, &peerkey->stk))
870 _key = (u8 *) peerkey->stk.tk1;
871 if (peerkey->cipher == WPA_CIPHER_TKIP) {
874 os_memcpy(key_buf + 16, peerkey->stk.u.auth.rx_mic_key, 8);
875 os_memcpy(key_buf + 24, peerkey->stk.u.auth.tx_mic_key, 8);
882 if (wpa_sm_set_key(sm, peerkey->cipher, peerkey->addr, 0, 1,
892 struct wpa_peerkey *peerkey,
899 MACSTR " (ver=%d)", MAC2STR(peerkey->addr), ver);
902 if (wpa_sm_set_key(sm, peerkey->cipher, peerkey->addr, 0, 1,
903 rsc, sizeof(rsc), (u8 *) peerkey->stk.tk1,
904 peerkey->cipher == WPA_CIPHER_TKIP ? 32 : 16) < 0) {
913 * peerkey_verify_eapol_key_mic - Verify PeerKey MIC
915 * @peerkey: Pointer to the PeerKey data for the peer
923 struct wpa_peerkey *peerkey,
930 if (peerkey->initiator && !peerkey->stk_set) {
931 wpa_pmk_to_ptk(peerkey->smk, PMK_LEN, "Peer key expansion",
932 sm->own_addr, peerkey->addr,
933 peerkey->inonce, key->key_nonce,
934 (u8 *) &peerkey->stk, sizeof(peerkey->stk),
935 peerkey->use_sha256);
936 peerkey->stk_set = 1;
940 if (peerkey->tstk_set) {
942 wpa_eapol_key_mic(peerkey->tstk.kck, ver, buf, len,
949 peerkey->tstk_set = 0;
950 peerkey->stk_set = 1;
951 os_memcpy(&peerkey->stk, &peerkey->tstk,
952 sizeof(peerkey->stk));
956 if (!ok && peerkey->stk_set) {
958 wpa_eapol_key_mic(peerkey->stk.kck, ver, buf, len,
974 os_memcpy(peerkey->replay_counter, key->replay_counter,
976 peerkey->replay_counter_set = 1;
998 struct wpa_peerkey *peerkey;
1024 peerkey = os_zalloc(sizeof(*peerkey));
1025 if (peerkey == NULL)
1027 peerkey->initiator = 1;
1028 os_memcpy(peerkey->addr, peer, ETH_ALEN);
1031 peerkey->use_sha256 = 1;
1039 hdr = (struct rsn_ie_hdr *) peerkey->rsnie_i;
1054 hdr->len = (pos - peerkey->rsnie_i) - 2;
1055 peerkey->rsnie_i_len = pos - peerkey->rsnie_i;
1057 peerkey->rsnie_i, peerkey->rsnie_i_len);
1059 kde_len = peerkey->rsnie_i_len + 2 + RSN_SELECTOR_LEN + ETH_ALEN;
1065 wpa_supplicant_peerkey_free(sm, peerkey);
1078 if (random_get_bytes(peerkey->inonce, WPA_NONCE_LEN)) {
1082 wpa_supplicant_peerkey_free(sm, peerkey);
1085 os_memcpy(req->key_nonce, peerkey->inonce, WPA_NONCE_LEN);
1093 pos = wpa_add_ie(pos, peerkey->rsnie_i, peerkey->rsnie_i_len);
1102 peerkey->next = sm->peerkey;
1103 sm->peerkey = peerkey;
1110 * peerkey_deinit - Free PeerKey values
1115 struct wpa_peerkey *prev, *peerkey = sm->peerkey;
1116 while (peerkey) {
1117 prev = peerkey;
1118 peerkey = peerkey->next;
1121 sm->peerkey = NULL;
1125 void peerkey_rx_eapol_4way(struct wpa_sm *sm, struct wpa_peerkey *peerkey,
1131 wpa_supplicant_process_stk_3_of_4(sm, peerkey, key, ver);
1134 wpa_supplicant_process_stk_1_of_4(sm, peerkey, key, ver);
1137 wpa_supplicant_process_stk_4_of_4(sm, peerkey, key, ver);
1140 wpa_supplicant_process_stk_2_of_4(sm, peerkey, key, ver);
