Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Print the algorithms used for EAPOL-Key professing in log

This makes it easier to debug crypto algorithm selection for 4-way
handshake related functions.

Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen 8 years ago
parent
ef23838590
commit
ef9627cbc7
3 changed files with 61 additions and 15 deletions
Split View Show Diff Stats
  1. 6 0
      src/ap/wpa_auth.c
  2. 46 15
      src/common/wpa_common.c
  3. 9 0
      src/rsn_supp/wpa.c

+ 6 - 0
src/ap/wpa_auth.c
View File 

@@ -1549,6 +1549,9 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth,
 
 		    sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN ||
 
 		    wpa_key_mgmt_suite_b(sm->wpa_key_mgmt) ||
 
 		    version == WPA_KEY_INFO_TYPE_AES_128_CMAC) {
 
+			wpa_printf(MSG_DEBUG,
 
+				   "WPA: Encrypt Key Data using AES-WRAP (KEK length %u)",
 
+				   (unsigned int) sm->PTK.kek_len);
 
 			if (aes_wrap(sm->PTK.kek, sm->PTK.kek_len,
 
 				     (key_data_len - 8) / 8, buf, key_data)) {
 
 				os_free(hdr);
 
@@ -1559,6 +1562,9 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth,
 
 #ifndef CONFIG_NO_RC4
 
 		} else if (sm->PTK.kek_len == 16) {
 
 			u8 ek[32];
 
+
 
+			wpa_printf(MSG_DEBUG,
 
+				   "WPA: Encrypt Key Data using RC4");
 
 			os_memcpy(key->key_iv,
 
 				  sm->group->Counter + WPA_NONCE_LEN - 16, 16);
 
 			inc_byte_array(sm->group->Counter, WPA_NONCE_LEN);

+ 46 - 15
src/common/wpa_common.c
View File 

@@ -96,25 +96,32 @@ int wpa_eapol_key_mic(const u8 *key, size_t key_len, int akmp, int ver,
 
 	switch (ver) {
 
 #ifndef CONFIG_FIPS
 
 	case WPA_KEY_INFO_TYPE_HMAC_MD5_RC4:
 
+		wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key MIC using HMAC-MD5");
 
 		return hmac_md5(key, key_len, buf, len, mic);
 
 #endif /* CONFIG_FIPS */
 
 	case WPA_KEY_INFO_TYPE_HMAC_SHA1_AES:
 
+		wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key MIC using HMAC-SHA1");
 
 		if (hmac_sha1(key, key_len, buf, len, hash))
 
 			return -1;
 
 		os_memcpy(mic, hash, MD5_MAC_LEN);
 
 		break;
 
 #if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W)
 
 	case WPA_KEY_INFO_TYPE_AES_128_CMAC:
 
+		wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key MIC using AES-CMAC");
 
 		return omac1_aes_128(key, buf, len, mic);
 
 #endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W */
 
 	case WPA_KEY_INFO_TYPE_AKM_DEFINED:
 
 		switch (akmp) {
 
 #ifdef CONFIG_HS20
 
 		case WPA_KEY_MGMT_OSEN:
 
+			wpa_printf(MSG_DEBUG,
 
+				   "WPA: EAPOL-Key MIC using AES-CMAC (AKM-defined - OSEN)");
 
 			return omac1_aes_128(key, buf, len, mic);
 
 #endif /* CONFIG_HS20 */
 
 #ifdef CONFIG_SUITEB
 
 		case WPA_KEY_MGMT_IEEE8021X_SUITE_B:
 
+			wpa_printf(MSG_DEBUG,
 
+				   "WPA: EAPOL-Key MIC using HMAC-SHA256 (AKM-defined - Suite B)");
 
 			if (hmac_sha256(key, key_len, buf, len, hash))
 
 				return -1;
 
 			os_memcpy(mic, hash, MD5_MAC_LEN);
 
@@ -122,16 +129,24 @@ int wpa_eapol_key_mic(const u8 *key, size_t key_len, int akmp, int ver,
 
 #endif /* CONFIG_SUITEB */
 
 #ifdef CONFIG_SUITEB192
 
 		case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192:
 
+			wpa_printf(MSG_DEBUG,
 
+				   "WPA: EAPOL-Key MIC using HMAC-SHA384 (AKM-defined - Suite B 192-bit)");
 
 			if (hmac_sha384(key, key_len, buf, len, hash))
 
 				return -1;
 
 			os_memcpy(mic, hash, 24);
 
 			break;
 
 #endif /* CONFIG_SUITEB192 */
 
 		default:
 
+			wpa_printf(MSG_DEBUG,
 
+				   "WPA: EAPOL-Key MIC algorithm not known (AKM-defined - akmp=0x%x)",
 
+				   akmp);
 
 			return -1;
 
 		}
 
 		break;
 
 	default:
 
+		wpa_printf(MSG_DEBUG,
 
+			   "WPA: EAPOL-Key MIC algorithm not known (ver=%d)",
 
+			   ver);
 
 		return -1;
 
 	}
 
 
@@ -194,19 +209,30 @@ int wpa_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const char *label,
 
 	ptk->tk_len = wpa_cipher_key_len(cipher);
 
 	ptk_len = ptk->kck_len + ptk->kek_len + ptk->tk_len;
 
 
+	if (wpa_key_mgmt_sha384(akmp)) {
 
 #if defined(CONFIG_SUITEB192) || defined(CONFIG_FILS)
 
-	if (wpa_key_mgmt_sha384(akmp))
 
-		sha384_prf(pmk, pmk_len, label, data, sizeof(data),
 
-			   tmp, ptk_len);
 
-	else
 
+		wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA384)");
 
+		if (sha384_prf(pmk, pmk_len, label, data, sizeof(data),
 
+			       tmp, ptk_len) < 0)
 
+			return -1;
 
+#else /* CONFIG_SUITEB192 || CONFIG_FILS */
 
+		return -1;
 
 #endif /* CONFIG_SUITEB192 || CONFIG_FILS */
 
+	} else if (wpa_key_mgmt_sha256(akmp)) {
 
 #ifdef CONFIG_IEEE80211W
 
-	if (wpa_key_mgmt_sha256(akmp))
 
-		sha256_prf(pmk, pmk_len, label, data, sizeof(data),
 
-			   tmp, ptk_len);
 
-	else
 
+		wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA256)");
 
+		if (sha256_prf(pmk, pmk_len, label, data, sizeof(data),
 
+			       tmp, ptk_len) < 0)
 
+			return -1;
 
+#else /* CONFIG_IEEE80211W */
 
+		return -1;
 
 #endif /* CONFIG_IEEE80211W */
 
-		sha1_prf(pmk, pmk_len, label, data, sizeof(data), tmp, ptk_len);
 
+	} else {
 
+		wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA1)");
 
+		if (sha1_prf(pmk, pmk_len, label, data, sizeof(data), tmp,
 
+			     ptk_len) < 0)
 
+			return -1;
 
+	}
 
 
 	wpa_printf(MSG_DEBUG, "WPA: PTK derivation - A1=" MACSTR " A2=" MACSTR,
 
 		   MAC2STR(addr1), MAC2STR(addr2));
 
@@ -337,12 +363,17 @@ int fils_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const u8 *spa, const u8 *aa,
 
 		return -1;
 
 	key_data_len = *ick_len + ptk->kek_len + ptk->tk_len;
 
 
-	if (wpa_key_mgmt_sha384(akmp))
 
-		sha384_prf(pmk, pmk_len, label, data, sizeof(data),
 
-			   tmp, key_data_len);
 
-	else if (sha256_prf(pmk, pmk_len, label, data, sizeof(data),
 
-			    tmp, key_data_len) < 0)
 
-		return -1;
 
+	if (wpa_key_mgmt_sha384(akmp)) {
 
+		wpa_printf(MSG_DEBUG, "FILS: PTK derivation using PRF(SHA384)");
 
+		if (sha384_prf(pmk, pmk_len, label, data, sizeof(data),
 
+			       tmp, key_data_len) < 0)
 
+			return -1;
 
+	} else {
 
+		wpa_printf(MSG_DEBUG, "FILS: PTK derivation using PRF(SHA256)");
 
+		if (sha256_prf(pmk, pmk_len, label, data, sizeof(data),
 
+			       tmp, key_data_len) < 0)
 
+			return -1;
 
+	}
 
 
 	wpa_printf(MSG_DEBUG, "FILS: PTK derivation - SPA=" MACSTR
 
 		   " AA=" MACSTR, MAC2STR(spa), MAC2STR(aa));

+ 9 - 0
src/rsn_supp/wpa.c
View File 

@@ -51,6 +51,9 @@ int wpa_eapol_key_send(struct wpa_sm *sm, struct wpa_ptk *ptk,
 
 	int ret = -1;
 
 	size_t mic_len = wpa_mic_len(sm->key_mgmt);
 
 
+	wpa_printf(MSG_DEBUG, "WPA: Send EAPOL-Key frame to " MACSTR
 
+		   " ver=%d mic_len=%d key_mgmt=0x%x",
 
+		   MAC2STR(dest), ver, (int) mic_len, sm->key_mgmt);
 
 	if (is_zero_ether_addr(dest) && is_zero_ether_addr(sm->bssid)) {
 
 		/*
 
 		 * Association event was not yet received; try to fetch
 
@@ -1720,6 +1723,8 @@ static int wpa_supplicant_decrypt_key_data(struct wpa_sm *sm,
 
 		return -1;
 
 #else /* CONFIG_NO_RC4 */
 
 		u8 ek[32];
 
+
 
+		wpa_printf(MSG_DEBUG, "WPA: Decrypt Key Data using RC4");
 
 		os_memcpy(ek, key->key_iv, 16);
 
 		os_memcpy(ek + 16, sm->ptk.kek, sm->ptk.kek_len);
 
 		if (rc4_skip(ek, 32, 256, key_data, *key_data_len)) {
 
@@ -1735,6 +1740,10 @@ static int wpa_supplicant_decrypt_key_data(struct wpa_sm *sm,
 
 		   sm->key_mgmt == WPA_KEY_MGMT_OSEN ||
 
 		   wpa_key_mgmt_suite_b(sm->key_mgmt)) {
 
 		u8 *buf;
 
+
 
+		wpa_printf(MSG_DEBUG,
 
+			   "WPA: Decrypt Key Data using AES-UNWRAP (KEK length %u)",
 
+			   (unsigned int) sm->ptk.kek_len);
 
 		if (*key_data_len < 8 || *key_data_len % 8) {
 
 			wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
 
 				"WPA: Unsupported AES-WRAP len %u",