Revert "Revert "[wpa_supplicant] cumilative patch from commit 3a..."
Revert submission 28102966-revert-26533062-Supplicant_merge_June24-CUATTSRBBR
Reason for revert: Fixed the regression issue (ag/28389573)
Reverted changes: /q/submissionid:28102966-revert-26533062-Supplicant_merge_June24-CUATTSRBBR
Bug: 329004037
Test: Turn ON/OFF SoftAp multiple times
Change-Id: Ibfff2a847be5678f1a6d77e28506a05936812a91
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 9f49cf9..3eaa015 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -233,6 +233,12 @@
return;
}
+ if (!sm->ptk_set) {
+ wpa_printf(MSG_INFO,
+ "WPA: No PTK derived yet - cannot send EAPOL-Key Request");
+ return;
+ }
+
if (wpa_use_akm_defined(sm->key_mgmt))
ver = WPA_KEY_INFO_TYPE_AKM_DEFINED;
else if (wpa_key_mgmt_ft(sm->key_mgmt) ||
@@ -254,10 +260,11 @@
sm->proto == WPA_PROTO_OSEN) ?
EAPOL_KEY_TYPE_RSN : EAPOL_KEY_TYPE_WPA;
key_info = WPA_KEY_INFO_REQUEST | ver;
- if (sm->ptk_set)
- key_info |= WPA_KEY_INFO_SECURE;
- if (sm->ptk_set && mic_len)
+ key_info |= WPA_KEY_INFO_SECURE;
+ if (mic_len)
key_info |= WPA_KEY_INFO_MIC;
+ else
+ key_info |= WPA_KEY_INFO_ENCR_KEY_DATA;
if (error)
key_info |= WPA_KEY_INFO_ERROR;
if (pairwise)
@@ -522,11 +529,14 @@
const u8 *wpa_ie, size_t wpa_ie_len,
struct wpa_ptk *ptk)
{
- size_t mic_len, hdrlen, rlen;
+ size_t mic_len, hdrlen, rlen, extra_len = 0;
struct wpa_eapol_key *reply;
u8 *rbuf, *key_mic;
u8 *rsn_ie_buf = NULL;
u16 key_info;
+#ifdef CONFIG_TESTING_OPTIONS
+ size_t pad_len = 0;
+#endif /* CONFIG_TESTING_OPTIONS */
if (wpa_ie == NULL) {
wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: No wpa_ie set - "
@@ -550,7 +560,7 @@
return -1;
os_memcpy(rsn_ie_buf, wpa_ie, wpa_ie_len);
res = wpa_insert_pmkid(rsn_ie_buf, &wpa_ie_len,
- sm->pmk_r1_name);
+ sm->pmk_r1_name, !sm->ft_prepend_pmkid);
if (res < 0) {
os_free(rsn_ie_buf);
return -1;
@@ -574,10 +584,21 @@
wpa_hexdump(MSG_DEBUG, "WPA: WPA IE for msg 2/4", wpa_ie, wpa_ie_len);
+#ifdef CONFIG_TESTING_OPTIONS
+ if (sm->test_eapol_m2_elems)
+ extra_len = wpabuf_len(sm->test_eapol_m2_elems);
+ if (sm->encrypt_eapol_m2) {
+ pad_len = (wpa_ie_len + extra_len) % 8;
+ if (pad_len)
+ pad_len = 8 - pad_len;
+ extra_len += pad_len + 8;
+ }
+#endif /* CONFIG_TESTING_OPTIONS */
+
mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len);
hdrlen = sizeof(*reply) + mic_len + 2;
rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY,
- NULL, hdrlen + wpa_ie_len,
+ NULL, hdrlen + wpa_ie_len + extra_len,
&rlen, (void *) &reply);
if (rbuf == NULL) {
os_free(rsn_ie_buf);
@@ -594,6 +615,10 @@
key_info |= WPA_KEY_INFO_MIC;
else
key_info |= WPA_KEY_INFO_ENCR_KEY_DATA;
+#ifdef CONFIG_TESTING_OPTIONS
+ if (sm->encrypt_eapol_m2)
+ key_info |= WPA_KEY_INFO_ENCR_KEY_DATA;
+#endif /* CONFIG_TESTING_OPTIONS */
WPA_PUT_BE16(reply->key_info, key_info);
if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN)
WPA_PUT_BE16(reply->key_length, 0);
@@ -605,9 +630,48 @@
WPA_REPLAY_COUNTER_LEN);
key_mic = (u8 *) (reply + 1);
- WPA_PUT_BE16(key_mic + mic_len, wpa_ie_len); /* Key Data Length */
+ /* Key Data Length */
+ WPA_PUT_BE16(key_mic + mic_len, wpa_ie_len + extra_len);
os_memcpy(key_mic + mic_len + 2, wpa_ie, wpa_ie_len); /* Key Data */
os_free(rsn_ie_buf);
+#ifdef CONFIG_TESTING_OPTIONS
+ if (sm->test_eapol_m2_elems) {
+ os_memcpy(key_mic + mic_len + 2 + wpa_ie_len,
+ wpabuf_head(sm->test_eapol_m2_elems),
+ wpabuf_len(sm->test_eapol_m2_elems));
+ }
+
+ if (sm->encrypt_eapol_m2) {
+ u8 *plain;
+ size_t plain_len;
+
+ if (sm->test_eapol_m2_elems)
+ extra_len = wpabuf_len(sm->test_eapol_m2_elems);
+ else
+ extra_len = 0;
+ plain_len = wpa_ie_len + extra_len + pad_len;
+ plain = os_memdup(key_mic + mic_len + 2, plain_len);
+ if (!plain) {
+ os_free(rbuf);
+ return -1;
+ }
+ if (pad_len)
+ plain[plain_len - pad_len] = 0xdd;
+
+ wpa_hexdump_key(MSG_DEBUG, "RSN: AES-WRAP using KEK",
+ ptk->kek, ptk->kek_len);
+ if (aes_wrap(ptk->kek, ptk->kek_len, plain_len / 8, plain,
+ key_mic + mic_len + 2)) {
+ os_free(plain);
+ os_free(rbuf);
+ return -1;
+ }
+ wpa_hexdump(MSG_DEBUG,
+ "RSN: Encrypted Key Data from AES-WRAP",
+ key_mic + mic_len + 2, plain_len + 8);
+ os_free(plain);
+ }
+#endif /* CONFIG_TESTING_OPTIONS */
os_memcpy(reply->key_nonce, nonce, WPA_NONCE_LEN);
@@ -769,7 +833,7 @@
static bool is_valid_ap_mld_mac_kde(struct wpa_sm *sm, const u8 *mac_kde)
{
return mac_kde &&
- os_memcmp(mac_kde, sm->mlo.ap_mld_addr, ETH_ALEN) == 0;
+ ether_addr_equal(mac_kde, sm->mlo.ap_mld_addr);
}
@@ -2155,7 +2219,10 @@
struct wpa_eapol_key *reply;
u8 *rbuf, *key_mic;
u8 *kde = NULL;
- size_t kde_len = 0;
+ size_t kde_len = 0, extra_len = 0;
+#ifdef CONFIG_TESTING_OPTIONS
+ size_t pad_len = 0;
+#endif /* CONFIG_TESTING_OPTIONS */
if (sm->mlo.valid_links) {
u8 *pos;
@@ -2172,10 +2239,22 @@
kde_len = pos - kde;
}
+#ifdef CONFIG_TESTING_OPTIONS
+ if (sm->test_eapol_m4_elems)
+ extra_len = wpabuf_len(sm->test_eapol_m4_elems);
+ if (sm->encrypt_eapol_m4) {
+ pad_len = (kde_len + extra_len) % 8;
+ if (pad_len)
+ pad_len = 8 - pad_len;
+ extra_len += pad_len + 8;
+ }
+#endif /* CONFIG_TESTING_OPTIONS */
+
mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len);
hdrlen = sizeof(*reply) + mic_len + 2;
rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL,
- hdrlen + kde_len, &rlen, (void *) &reply);
+ hdrlen + kde_len + extra_len, &rlen,
+ (void *) &reply);
if (!rbuf) {
os_free(kde);
return -1;
@@ -2190,6 +2269,10 @@
key_info |= WPA_KEY_INFO_MIC;
else
key_info |= WPA_KEY_INFO_ENCR_KEY_DATA;
+#ifdef CONFIG_TESTING_OPTIONS
+ if (sm->encrypt_eapol_m4)
+ key_info |= WPA_KEY_INFO_ENCR_KEY_DATA;
+#endif /* CONFIG_TESTING_OPTIONS */
WPA_PUT_BE16(reply->key_info, key_info);
if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN)
WPA_PUT_BE16(reply->key_length, 0);
@@ -2199,12 +2282,52 @@
WPA_REPLAY_COUNTER_LEN);
key_mic = (u8 *) (reply + 1);
- WPA_PUT_BE16(key_mic + mic_len, kde_len); /* Key Data length */
+ /* Key Data length */
+ WPA_PUT_BE16(key_mic + mic_len, kde_len + extra_len);
if (kde) {
os_memcpy(key_mic + mic_len + 2, kde, kde_len); /* Key Data */
os_free(kde);
}
+#ifdef CONFIG_TESTING_OPTIONS
+ if (sm->test_eapol_m4_elems) {
+ os_memcpy(key_mic + mic_len + 2 + kde_len,
+ wpabuf_head(sm->test_eapol_m4_elems),
+ wpabuf_len(sm->test_eapol_m4_elems));
+ }
+
+ if (sm->encrypt_eapol_m4) {
+ u8 *plain;
+ size_t plain_len;
+
+ if (sm->test_eapol_m4_elems)
+ extra_len = wpabuf_len(sm->test_eapol_m4_elems);
+ else
+ extra_len = 0;
+ plain_len = kde_len + extra_len + pad_len;
+ plain = os_memdup(key_mic + mic_len + 2, plain_len);
+ if (!plain) {
+ os_free(rbuf);
+ return -1;
+ }
+ if (pad_len)
+ plain[plain_len - pad_len] = 0xdd;
+
+ wpa_hexdump_key(MSG_DEBUG, "RSN: AES-WRAP using KEK",
+ ptk->kek, ptk->kek_len);
+ if (aes_wrap(ptk->kek, ptk->kek_len, plain_len / 8, plain,
+ key_mic + mic_len + 2)) {
+ os_free(plain);
+ os_free(rbuf);
+ return -1;
+ }
+ wpa_hexdump(MSG_DEBUG,
+ "RSN: Encrypted Key Data from AES-WRAP",
+ key_mic + mic_len + 2, plain_len + 8);
+ os_free(plain);
+ }
+#endif /* CONFIG_TESTING_OPTIONS */
+
wpa_dbg(sm->ctx->msg_ctx, MSG_INFO, "WPA: Sending EAPOL-Key 4/4");
return wpa_eapol_key_send(sm, ptk, ver, dst, ETH_P_EAPOL, rbuf, rlen,
key_mic);
@@ -2226,9 +2349,8 @@
return -1;
}
- if (os_memcmp(sm->mlo.links[link_id].bssid,
- &link_kde[RSN_MLO_LINK_KDE_LINK_MAC_INDEX],
- ETH_ALEN) != 0) {
+ if (!ether_addr_equal(sm->mlo.links[link_id].bssid,
+ &link_kde[RSN_MLO_LINK_KDE_LINK_MAC_INDEX])) {
wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
"RSN: MLO Link %u MAC address (" MACSTR
") not matching association response (" MACSTR ")",
@@ -2319,7 +2441,7 @@
(unsigned int) wpa_cipher_key_len(sm->mgmt_group_cipher)) {
wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
"RSN MLO: Invalid IGTK KDE length %lu for link ID %u",
- (unsigned long) ie->mlo_igtk_len, link_id);
+ (unsigned long) ie->mlo_igtk_len[link_id], link_id);
return -1;
}
@@ -2331,7 +2453,7 @@
(unsigned int) wpa_cipher_key_len(sm->mgmt_group_cipher)) {
wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
"RSN MLO: Invalid BIGTK KDE length %lu for link ID %u",
- (unsigned long) ie->mlo_bigtk_len, link_id);
+ (unsigned long) ie->mlo_bigtk_len[link_id], link_id);
return -1;
}
@@ -4041,6 +4163,8 @@
#endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_TESTING_OPTIONS
wpabuf_free(sm->test_assoc_ie);
+ wpabuf_free(sm->test_eapol_m2_elems);
+ wpabuf_free(sm->test_eapol_m4_elems);
#endif /* CONFIG_TESTING_OPTIONS */
#ifdef CONFIG_FILS_SK_PFS
crypto_ecdh_deinit(sm->fils_ecdh);
@@ -4111,7 +4235,7 @@
os_memset(sm->rx_replay_counter, 0, WPA_REPLAY_COUNTER_LEN);
sm->rx_replay_counter_set = 0;
sm->renew_snonce = 1;
- if (os_memcmp(sm->preauth_bssid, bssid, ETH_ALEN) == 0)
+ if (ether_addr_equal(sm->preauth_bssid, bssid))
rsn_preauth_deinit(sm);
#ifdef CONFIG_IEEE80211R
@@ -4557,6 +4681,12 @@
case WPA_PARAM_DISABLE_EAPOL_G2_TX:
sm->disable_eapol_g2_tx = value;
break;
+ case WPA_PARAM_ENCRYPT_EAPOL_M2:
+ sm->encrypt_eapol_m2 = value;
+ break;
+ case WPA_PARAM_ENCRYPT_EAPOL_M4:
+ sm->encrypt_eapol_m4 = value;
+ break;
#endif /* CONFIG_TESTING_OPTIONS */
#ifdef CONFIG_DPP2
case WPA_PARAM_DPP_PFS:
@@ -4566,6 +4696,9 @@
case WPA_PARAM_WMM_ENABLED:
sm->wmm_enabled = value;
break;
+ case WPA_PARAM_FT_PREPEND_PMKID:
+ sm->ft_prepend_pmkid = value;
+ break;
default:
break;
}
@@ -5247,6 +5380,20 @@
}
+void wpa_sm_set_test_eapol_m2_elems(struct wpa_sm *sm, struct wpabuf *buf)
+{
+ wpabuf_free(sm->test_eapol_m2_elems);
+ sm->test_eapol_m2_elems = buf;
+}
+
+
+void wpa_sm_set_test_eapol_m4_elems(struct wpa_sm *sm, struct wpabuf *buf)
+{
+ wpabuf_free(sm->test_eapol_m4_elems);
+ sm->test_eapol_m4_elems = buf;
+}
+
+
const u8 * wpa_sm_get_anonce(struct wpa_sm *sm)
{
return sm->anonce;