Revert "Cumulative patch from commit 4ec1fd8e42bad9390f14a58225b6e5f6fb691950"
This reverts commit 78a5dac804c22aa6e4ec8226a864d3b0d6ccddbb.
Test: None
diff --git a/src/rsn_supp/peerkey.c b/src/rsn_supp/peerkey.c
index f06ed04..79764d9 100644
--- a/src/rsn_supp/peerkey.c
+++ b/src/rsn_supp/peerkey.c
@@ -65,9 +65,10 @@
{
size_t rlen;
struct wpa_eapol_key *err;
+ struct wpa_eapol_key_192 *err192;
struct rsn_error_kde error;
- u8 *rbuf, *pos, *mic;
- size_t kde_len, mic_len = 16;
+ u8 *rbuf, *pos;
+ size_t kde_len;
u16 key_info;
kde_len = 2 + RSN_SELECTOR_LEN + sizeof(error);
@@ -75,11 +76,11 @@
kde_len += 2 + RSN_SELECTOR_LEN + ETH_ALEN;
rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY,
- NULL, sizeof(*err) + mic_len + 2 + kde_len,
- &rlen, (void *) &err);
+ NULL, sizeof(*err) + kde_len, &rlen,
+ (void *) &err);
if (rbuf == NULL)
return -1;
- mic = (u8 *) (err + 1);
+ err192 = (struct wpa_eapol_key_192 *) err;
err->type = EAPOL_KEY_TYPE_RSN;
key_info = ver | WPA_KEY_INFO_SMK_MESSAGE | WPA_KEY_INFO_MIC |
@@ -91,8 +92,8 @@
WPA_REPLAY_COUNTER_LEN);
inc_byte_array(sm->request_counter, WPA_REPLAY_COUNTER_LEN);
- WPA_PUT_BE16(mic + mic_len, (u16) kde_len);
- pos = mic + mic_len + 2;
+ WPA_PUT_BE16(err->key_data_length, (u16) kde_len);
+ pos = (u8 *) (err + 1);
if (peer) {
/* Peer MAC Address KDE */
@@ -113,8 +114,8 @@
"(mui %d error_type %d)", mui, error_type);
}
- wpa_eapol_key_send(sm, &sm->ptk, ver, dst, ETH_P_EAPOL, rbuf, rlen,
- mic);
+ wpa_eapol_key_send(sm, sm->ptk.kck, sm->ptk.kck_len, ver, dst,
+ ETH_P_EAPOL, rbuf, rlen, err192->key_mic);
return 0;
}
@@ -127,8 +128,9 @@
{
size_t rlen;
struct wpa_eapol_key *reply;
- u8 *rbuf, *pos, *mic;
- size_t kde_len, mic_len = 16;
+ struct wpa_eapol_key_192 *reply192;
+ u8 *rbuf, *pos;
+ size_t kde_len;
u16 key_info;
/* KDEs: Peer RSN IE, Initiator MAC Address, Initiator Nonce */
@@ -137,10 +139,11 @@
2 + RSN_SELECTOR_LEN + WPA_NONCE_LEN;
rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY,
- NULL, sizeof(*reply) + mic_len + 2 + kde_len,
- &rlen, (void *) &reply);
+ NULL, sizeof(*reply) + kde_len, &rlen,
+ (void *) &reply);
if (rbuf == NULL)
return -1;
+ reply192 = (struct wpa_eapol_key_192 *) reply;
reply->type = EAPOL_KEY_TYPE_RSN;
key_info = ver | WPA_KEY_INFO_SMK_MESSAGE | WPA_KEY_INFO_MIC |
@@ -152,9 +155,8 @@
os_memcpy(reply->key_nonce, peerkey->pnonce, WPA_NONCE_LEN);
- mic = (u8 *) (reply + 1);
- WPA_PUT_BE16(mic + mic_len, (u16) kde_len);
- pos = mic + mic_len + 2;
+ WPA_PUT_BE16(reply->key_data_length, (u16) kde_len);
+ pos = (u8 *) (reply + 1);
/* Peer RSN IE */
pos = wpa_add_ie(pos, peerkey->rsnie_p, peerkey->rsnie_p_len);
@@ -166,8 +168,8 @@
wpa_add_kde(pos, RSN_KEY_DATA_NONCE, peerkey->inonce, WPA_NONCE_LEN);
wpa_printf(MSG_DEBUG, "RSN: Sending EAPOL-Key SMK M3");
- wpa_eapol_key_send(sm, &sm->ptk, ver, src_addr, ETH_P_EAPOL, rbuf, rlen,
- mic);
+ wpa_eapol_key_send(sm, sm->ptk.kck, sm->ptk.kck_len, ver, src_addr,
+ ETH_P_EAPOL, rbuf, rlen, reply192->key_mic);
return 0;
}
@@ -322,19 +324,18 @@
{
size_t mlen;
struct wpa_eapol_key *msg;
- u8 *mbuf, *mic;
- size_t kde_len, mic_len = 16;
+ u8 *mbuf;
+ size_t kde_len;
u16 key_info, ver;
kde_len = 2 + RSN_SELECTOR_LEN + PMKID_LEN;
mbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL,
- sizeof(*msg) + mic_len + 2 + kde_len, &mlen,
+ sizeof(*msg) + kde_len, &mlen,
(void *) &msg);
if (mbuf == NULL)
return;
- mic = (u8 *) (msg + 1);
msg->type = EAPOL_KEY_TYPE_RSN;
if (peerkey->cipher != WPA_CIPHER_TKIP)
@@ -354,8 +355,8 @@
WPA_REPLAY_COUNTER_LEN);
inc_byte_array(peerkey->replay_counter, WPA_REPLAY_COUNTER_LEN);
- WPA_PUT_BE16(mic + mic_len, kde_len);
- wpa_add_kde(mic + mic_len + 2, RSN_KEY_DATA_PMKID,
+ WPA_PUT_BE16(msg->key_data_length, kde_len);
+ wpa_add_kde((u8 *) (msg + 1), RSN_KEY_DATA_PMKID,
peerkey->smkid, PMKID_LEN);
if (random_get_bytes(peerkey->inonce, WPA_NONCE_LEN)) {
@@ -370,7 +371,7 @@
wpa_printf(MSG_DEBUG, "RSN: Sending EAPOL-Key STK 1/4 to " MACSTR,
MAC2STR(peerkey->addr));
- wpa_eapol_key_send(sm, NULL, ver, peerkey->addr, ETH_P_EAPOL,
+ wpa_eapol_key_send(sm, NULL, 0, ver, peerkey->addr, ETH_P_EAPOL,
mbuf, mlen, NULL);
}
@@ -380,8 +381,8 @@
{
size_t mlen;
struct wpa_eapol_key *msg;
- u8 *mbuf, *pos, *mic;
- size_t kde_len, mic_len = 16;
+ u8 *mbuf, *pos;
+ size_t kde_len;
u16 key_info, ver;
be32 lifetime;
@@ -389,12 +390,11 @@
2 + RSN_SELECTOR_LEN + sizeof(lifetime);
mbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL,
- sizeof(*msg) + mic_len + 2 + kde_len, &mlen,
+ sizeof(*msg) + kde_len, &mlen,
(void *) &msg);
if (mbuf == NULL)
return;
- mic = (u8 *) (msg + 1);
msg->type = EAPOL_KEY_TYPE_RSN;
if (peerkey->cipher != WPA_CIPHER_TKIP)
@@ -415,8 +415,8 @@
WPA_REPLAY_COUNTER_LEN);
inc_byte_array(peerkey->replay_counter, WPA_REPLAY_COUNTER_LEN);
- WPA_PUT_BE16(mic + mic_len, kde_len);
- pos = mic + mic_len;
+ WPA_PUT_BE16(msg->key_data_length, kde_len);
+ pos = (u8 *) (msg + 1);
pos = wpa_add_ie(pos, peerkey->rsnie_i, peerkey->rsnie_i_len);
lifetime = host_to_be32(peerkey->lifetime);
wpa_add_kde(pos, RSN_KEY_DATA_LIFETIME,
@@ -426,8 +426,9 @@
wpa_printf(MSG_DEBUG, "RSN: Sending EAPOL-Key STK 3/4 to " MACSTR,
MAC2STR(peerkey->addr));
- wpa_eapol_key_send(sm, &peerkey->stk, ver, peerkey->addr, ETH_P_EAPOL,
- mbuf, mlen, mic);
+ wpa_eapol_key_send(sm, peerkey->stk.kck, peerkey->stk.kck_len, ver,
+ peerkey->addr, ETH_P_EAPOL, mbuf, mlen,
+ msg->key_mic);
}
@@ -910,10 +911,10 @@
*/
int peerkey_verify_eapol_key_mic(struct wpa_sm *sm,
struct wpa_peerkey *peerkey,
- struct wpa_eapol_key *key, u16 ver,
+ struct wpa_eapol_key_192 *key, u16 ver,
const u8 *buf, size_t len)
{
- u8 mic[WPA_EAPOL_KEY_MIC_MAX_LEN], *mic_pos;
+ u8 mic[WPA_EAPOL_KEY_MIC_MAX_LEN];
size_t mic_len = 16;
int ok = 0;
@@ -925,13 +926,12 @@
peerkey->stk_set = 1;
}
- mic_pos = (u8 *) (key + 1);
- os_memcpy(mic, mic_pos, mic_len);
+ os_memcpy(mic, key->key_mic, mic_len);
if (peerkey->tstk_set) {
- os_memset(mic_pos, 0, mic_len);
+ os_memset(key->key_mic, 0, mic_len);
wpa_eapol_key_mic(peerkey->tstk.kck, peerkey->tstk.kck_len,
- sm->key_mgmt, ver, buf, len, mic_pos);
- if (os_memcmp_const(mic, mic_pos, mic_len) != 0) {
+ sm->key_mgmt, ver, buf, len, key->key_mic);
+ if (os_memcmp_const(mic, key->key_mic, mic_len) != 0) {
wpa_printf(MSG_WARNING, "RSN: Invalid EAPOL-Key MIC "
"when using TSTK - ignoring TSTK");
} else {
@@ -945,10 +945,10 @@
}
if (!ok && peerkey->stk_set) {
- os_memset(mic_pos, 0, mic_len);
+ os_memset(key->key_mic, 0, mic_len);
wpa_eapol_key_mic(peerkey->stk.kck, peerkey->stk.kck_len,
- sm->key_mgmt, ver, buf, len, mic_pos);
- if (os_memcmp_const(mic, mic_pos, mic_len) != 0) {
+ sm->key_mgmt, ver, buf, len, key->key_mic);
+ if (os_memcmp_const(mic, key->key_mic, mic_len) != 0) {
wpa_printf(MSG_WARNING, "RSN: Invalid EAPOL-Key MIC "
"- dropping packet");
return -1;
@@ -980,10 +980,10 @@
*/
int wpa_sm_stkstart(struct wpa_sm *sm, const u8 *peer)
{
- size_t rlen, kde_len, mic_len;
+ size_t rlen, kde_len;
struct wpa_eapol_key *req;
int key_info, ver;
- u8 bssid[ETH_ALEN], *rbuf, *pos, *count_pos, *mic;
+ u8 bssid[ETH_ALEN], *rbuf, *pos, *count_pos;
u16 count;
struct rsn_ie_hdr *hdr;
struct wpa_peerkey *peerkey;
@@ -999,7 +999,6 @@
return -1;
}
- mic_len = wpa_mic_len(sm->key_mgmt);
if (sm->pairwise_cipher != WPA_CIPHER_TKIP)
ver = WPA_KEY_INFO_TYPE_HMAC_SHA1_AES;
else
@@ -1048,7 +1047,7 @@
kde_len = peerkey->rsnie_i_len + 2 + RSN_SELECTOR_LEN + ETH_ALEN;
rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL,
- sizeof(*req) + mic_len + 2 + kde_len, &rlen,
+ sizeof(*req) + kde_len, &rlen,
(void *) &req);
if (rbuf == NULL) {
wpa_supplicant_peerkey_free(sm, peerkey);
@@ -1075,10 +1074,8 @@
wpa_hexdump(MSG_DEBUG, "WPA: INonce for SMK handshake",
req->key_nonce, WPA_NONCE_LEN);
- mic = pos = (u8 *) (req + 1);
- pos += mic_len;
- WPA_PUT_BE16(pos, (u16) kde_len);
- pos += 2;
+ WPA_PUT_BE16(req->key_data_length, (u16) kde_len);
+ pos = (u8 *) (req + 1);
/* Initiator RSN IE */
pos = wpa_add_ie(pos, peerkey->rsnie_i, peerkey->rsnie_i_len);
@@ -1087,8 +1084,8 @@
wpa_printf(MSG_INFO, "RSN: Sending EAPOL-Key SMK M1 Request (peer "
MACSTR ")", MAC2STR(peer));
- wpa_eapol_key_send(sm, &sm->ptk, ver, bssid, ETH_P_EAPOL, rbuf, rlen,
- mic);
+ wpa_eapol_key_send(sm, sm->ptk.kck, sm->ptk.kck_len, ver, bssid,
+ ETH_P_EAPOL, rbuf, rlen, req->key_mic);
peerkey->next = sm->peerkey;
sm->peerkey = peerkey;