1 /*
2 * Test program for combined WPA authenticator/supplicant
3 * Copyright (c) 2006-2007, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "includes.h"
10
11 #include "common.h"
12 #include "eloop.h"
13 #include "common/ieee802_11_defs.h"
14 #include "../config.h"
15 #include "rsn_supp/wpa.h"
16 #include "rsn_supp/wpa_ie.h"
17 #include "ap/wpa_auth.h"
18
19
20 extern int wpa_debug_level;
21 extern int wpa_debug_show_keys;
22
23
24 struct wpa {
25 u8 auth_addr[ETH_ALEN];
26 u8 supp_addr[ETH_ALEN];
27 u8 psk[PMK_LEN];
28
29 /* from authenticator */
30 u8 auth_eapol_dst[ETH_ALEN];
31 u8 *auth_eapol;
32 size_t auth_eapol_len;
33
34 /* from supplicant */
35 u8 *supp_eapol;
36 size_t supp_eapol_len;
37
38 struct wpa_sm *supp;
39 struct wpa_authenticator *auth_group;
40 struct wpa_state_machine *auth;
41
42 struct wpa_ssid ssid;
43 u8 supp_ie[80];
44 size_t supp_ie_len;
45 };
46
47
supp_get_bssid(void * ctx,u8 * bssid)48 static int supp_get_bssid(void *ctx, u8 *bssid)
49 {
50 struct wpa *wpa = ctx;
51 wpa_printf(MSG_DEBUG, "SUPP: %s", __func__);
52 os_memcpy(bssid, wpa->auth_addr, ETH_ALEN);
53 return 0;
54 }
55
56
supp_set_state(void * ctx,enum wpa_states state)57 static void supp_set_state(void *ctx, enum wpa_states state)
58 {
59 wpa_printf(MSG_DEBUG, "SUPP: %s(state=%d)", __func__, state);
60 }
61
62
auth_eapol_rx(void * eloop_data,void * user_ctx)63 static void auth_eapol_rx(void *eloop_data, void *user_ctx)
64 {
65 struct wpa *wpa = eloop_data;
66
67 wpa_printf(MSG_DEBUG, "AUTH: RX EAPOL frame");
68 wpa_receive(wpa->auth_group, wpa->auth, wpa->supp_eapol,
69 wpa->supp_eapol_len);
70 }
71
72
supp_ether_send(void * ctx,const u8 * dest,u16 proto,const u8 * buf,size_t len)73 static int supp_ether_send(void *ctx, const u8 *dest, u16 proto, const u8 *buf,
74 size_t len)
75 {
76 struct wpa *wpa = ctx;
77
78 wpa_printf(MSG_DEBUG, "SUPP: %s(dest=" MACSTR " proto=0x%04x "
79 "len=%lu)",
80 __func__, MAC2STR(dest), proto, (unsigned long) len);
81
82 os_free(wpa->supp_eapol);
83 wpa->supp_eapol = os_malloc(len);
84 if (wpa->supp_eapol == NULL)
85 return -1;
86 os_memcpy(wpa->supp_eapol, buf, len);
87 wpa->supp_eapol_len = len;
88 eloop_register_timeout(0, 0, auth_eapol_rx, wpa, NULL);
89
90 return 0;
91 }
92
93
supp_alloc_eapol(void * ctx,u8 type,const void * data,u16 data_len,size_t * msg_len,void ** data_pos)94 static u8 * supp_alloc_eapol(void *ctx, u8 type, const void *data,
95 u16 data_len, size_t *msg_len, void **data_pos)
96 {
97 struct ieee802_1x_hdr *hdr;
98
99 wpa_printf(MSG_DEBUG, "SUPP: %s(type=%d data_len=%d)",
100 __func__, type, data_len);
101
102 *msg_len = sizeof(*hdr) + data_len;
103 hdr = os_malloc(*msg_len);
104 if (hdr == NULL)
105 return NULL;
106
107 hdr->version = 2;
108 hdr->type = type;
109 hdr->length = host_to_be16(data_len);
110
111 if (data)
112 os_memcpy(hdr + 1, data, data_len);
113 else
114 os_memset(hdr + 1, 0, data_len);
115
116 if (data_pos)
117 *data_pos = hdr + 1;
118
119 return (u8 *) hdr;
120 }
121
122
supp_get_beacon_ie(void * ctx)123 static int supp_get_beacon_ie(void *ctx)
124 {
125 struct wpa *wpa = ctx;
126 const u8 *ie;
127 size_t ielen;
128
129 wpa_printf(MSG_DEBUG, "SUPP: %s", __func__);
130
131 ie = wpa_auth_get_wpa_ie(wpa->auth_group, &ielen);
132 if (ie == NULL || ielen < 1)
133 return -1;
134 if (ie[0] == WLAN_EID_RSN)
135 return wpa_sm_set_ap_rsn_ie(wpa->supp, ie, 2 + ie[1]);
136 return wpa_sm_set_ap_wpa_ie(wpa->supp, ie, 2 + ie[1]);
137 }
138
139
supp_set_key(void * ctx,enum wpa_alg alg,const u8 * addr,int key_idx,int set_tx,const u8 * seq,size_t seq_len,const u8 * key,size_t key_len)140 static int supp_set_key(void *ctx, enum wpa_alg alg,
141 const u8 *addr, int key_idx, int set_tx,
142 const u8 *seq, size_t seq_len,
143 const u8 *key, size_t key_len)
144 {
145 wpa_printf(MSG_DEBUG, "SUPP: %s(alg=%d addr=" MACSTR " key_idx=%d "
146 "set_tx=%d)",
147 __func__, alg, MAC2STR(addr), key_idx, set_tx);
148 wpa_hexdump(MSG_DEBUG, "SUPP: set_key - seq", seq, seq_len);
149 wpa_hexdump(MSG_DEBUG, "SUPP: set_key - key", key, key_len);
150 return 0;
151 }
152
153
supp_mlme_setprotection(void * ctx,const u8 * addr,int protection_type,int key_type)154 static int supp_mlme_setprotection(void *ctx, const u8 *addr,
155 int protection_type, int key_type)
156 {
157 wpa_printf(MSG_DEBUG, "SUPP: %s(addr=" MACSTR " protection_type=%d "
158 "key_type=%d)",
159 __func__, MAC2STR(addr), protection_type, key_type);
160 return 0;
161 }
162
163
supp_cancel_auth_timeout(void * ctx)164 static void supp_cancel_auth_timeout(void *ctx)
165 {
166 wpa_printf(MSG_DEBUG, "SUPP: %s", __func__);
167 }
168
169
supp_init(struct wpa * wpa)170 static int supp_init(struct wpa *wpa)
171 {
172 struct wpa_sm_ctx *ctx = os_zalloc(sizeof(*ctx));
173 if (ctx == NULL)
174 return -1;
175
176 ctx->ctx = wpa;
177 ctx->msg_ctx = wpa;
178 ctx->set_state = supp_set_state;
179 ctx->get_bssid = supp_get_bssid;
180 ctx->ether_send = supp_ether_send;
181 ctx->get_beacon_ie = supp_get_beacon_ie;
182 ctx->alloc_eapol = supp_alloc_eapol;
183 ctx->set_key = supp_set_key;
184 ctx->mlme_setprotection = supp_mlme_setprotection;
185 ctx->cancel_auth_timeout = supp_cancel_auth_timeout;
186 wpa->supp = wpa_sm_init(ctx);
187 if (wpa->supp == NULL) {
188 wpa_printf(MSG_DEBUG, "SUPP: wpa_sm_init() failed");
189 return -1;
190 }
191
192 wpa_sm_set_own_addr(wpa->supp, wpa->supp_addr);
193 wpa_sm_set_param(wpa->supp, WPA_PARAM_RSN_ENABLED, 1);
194 wpa_sm_set_param(wpa->supp, WPA_PARAM_PROTO, WPA_PROTO_RSN);
195 wpa_sm_set_param(wpa->supp, WPA_PARAM_PAIRWISE, WPA_CIPHER_CCMP);
196 wpa_sm_set_param(wpa->supp, WPA_PARAM_GROUP, WPA_CIPHER_CCMP);
197 wpa_sm_set_param(wpa->supp, WPA_PARAM_KEY_MGMT, WPA_KEY_MGMT_PSK);
198 wpa_sm_set_pmk(wpa->supp, wpa->psk, PMK_LEN);
199
200 wpa->supp_ie_len = sizeof(wpa->supp_ie);
201 if (wpa_sm_set_assoc_wpa_ie_default(wpa->supp, wpa->supp_ie,
202 &wpa->supp_ie_len) < 0) {
203 wpa_printf(MSG_DEBUG, "SUPP: wpa_sm_set_assoc_wpa_ie_default()"
204 " failed");
205 return -1;
206 }
207
208 wpa_sm_notify_assoc(wpa->supp, wpa->auth_addr);
209
210 return 0;
211 }
212
213
auth_logger(void * ctx,const u8 * addr,logger_level level,const char * txt)214 static void auth_logger(void *ctx, const u8 *addr, logger_level level,
215 const char *txt)
216 {
217 if (addr)
218 wpa_printf(MSG_DEBUG, "AUTH: " MACSTR " - %s",
219 MAC2STR(addr), txt);
220 else
221 wpa_printf(MSG_DEBUG, "AUTH: %s", txt);
222 }
223
224
supp_eapol_rx(void * eloop_data,void * user_ctx)225 static void supp_eapol_rx(void *eloop_data, void *user_ctx)
226 {
227 struct wpa *wpa = eloop_data;
228
229 wpa_printf(MSG_DEBUG, "SUPP: RX EAPOL frame");
230 wpa_sm_rx_eapol(wpa->supp, wpa->auth_addr, wpa->auth_eapol,
231 wpa->auth_eapol_len);
232 }
233
234
auth_send_eapol(void * ctx,const u8 * addr,const u8 * data,size_t data_len,int encrypt)235 static int auth_send_eapol(void *ctx, const u8 *addr, const u8 *data,
236 size_t data_len, int encrypt)
237 {
238 struct wpa *wpa = ctx;
239
240 wpa_printf(MSG_DEBUG, "AUTH: %s(addr=" MACSTR " data_len=%lu "
241 "encrypt=%d)",
242 __func__, MAC2STR(addr), (unsigned long) data_len, encrypt);
243
244 os_free(wpa->auth_eapol);
245 wpa->auth_eapol = os_malloc(data_len);
246 if (wpa->auth_eapol == NULL)
247 return -1;
248 os_memcpy(wpa->auth_eapol_dst, addr, ETH_ALEN);
249 os_memcpy(wpa->auth_eapol, data, data_len);
250 wpa->auth_eapol_len = data_len;
251 eloop_register_timeout(0, 0, supp_eapol_rx, wpa, NULL);
252
253 return 0;
254 }
255
256
auth_get_psk(void * ctx,const u8 * addr,const u8 * prev_psk)257 static const u8 * auth_get_psk(void *ctx, const u8 *addr, const u8 *prev_psk)
258 {
259 struct wpa *wpa = ctx;
260 wpa_printf(MSG_DEBUG, "AUTH: %s (addr=" MACSTR " prev_psk=%p)",
261 __func__, MAC2STR(addr), prev_psk);
262 if (prev_psk)
263 return NULL;
264 return wpa->psk;
265 }
266
267
auth_init_group(struct wpa * wpa)268 static int auth_init_group(struct wpa *wpa)
269 {
270 struct wpa_auth_config conf;
271 struct wpa_auth_callbacks cb;
272
273 wpa_printf(MSG_DEBUG, "AUTH: Initializing group state machine");
274
275 os_memset(&conf, 0, sizeof(conf));
276 conf.wpa = 2;
277 conf.wpa_key_mgmt = WPA_KEY_MGMT_PSK;
278 conf.wpa_pairwise = WPA_CIPHER_CCMP;
279 conf.rsn_pairwise = WPA_CIPHER_CCMP;
280 conf.wpa_group = WPA_CIPHER_CCMP;
281 conf.eapol_version = 2;
282
283 os_memset(&cb, 0, sizeof(cb));
284 cb.ctx = wpa;
285 cb.logger = auth_logger;
286 cb.send_eapol = auth_send_eapol;
287 cb.get_psk = auth_get_psk;
288
289 wpa->auth_group = wpa_init(wpa->auth_addr, &conf, &cb);
290 if (wpa->auth_group == NULL) {
291 wpa_printf(MSG_DEBUG, "AUTH: wpa_init() failed");
292 return -1;
293 }
294
295 return 0;
296 }
297
298
auth_init(struct wpa * wpa)299 static int auth_init(struct wpa *wpa)
300 {
301 wpa->auth = wpa_auth_sta_init(wpa->auth_group, wpa->supp_addr, NULL);
302 if (wpa->auth == NULL) {
303 wpa_printf(MSG_DEBUG, "AUTH: wpa_auth_sta_init() failed");
304 return -1;
305 }
306
307 if (wpa_validate_wpa_ie(wpa->auth_group, wpa->auth, wpa->supp_ie,
308 wpa->supp_ie_len, NULL, 0) != WPA_IE_OK) {
309 wpa_printf(MSG_DEBUG, "AUTH: wpa_validate_wpa_ie() failed");
310 return -1;
311 }
312
313 wpa_auth_sm_event(wpa->auth, WPA_ASSOC);
314
315 wpa_auth_sta_associated(wpa->auth_group, wpa->auth);
316
317 return 0;
318 }
319
320
deinit(struct wpa * wpa)321 static void deinit(struct wpa *wpa)
322 {
323 wpa_auth_sta_deinit(wpa->auth);
324 wpa_sm_deinit(wpa->supp);
325 wpa_deinit(wpa->auth_group);
326 os_free(wpa->auth_eapol);
327 wpa->auth_eapol = NULL;
328 os_free(wpa->supp_eapol);
329 wpa->supp_eapol = NULL;
330 }
331
332
main(int argc,char * argv[])333 int main(int argc, char *argv[])
334 {
335 struct wpa wpa;
336
337 if (os_program_init())
338 return -1;
339
340 os_memset(&wpa, 0, sizeof(wpa));
341 os_memset(wpa.auth_addr, 0x12, ETH_ALEN);
342 os_memset(wpa.supp_addr, 0x32, ETH_ALEN);
343 os_memset(wpa.psk, 0x44, PMK_LEN);
344
345 wpa_debug_level = 0;
346 wpa_debug_show_keys = 1;
347
348 if (eloop_init()) {
349 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
350 return -1;
351 }
352
353 if (auth_init_group(&wpa) < 0)
354 return -1;
355
356 if (supp_init(&wpa) < 0)
357 return -1;
358
359 if (auth_init(&wpa) < 0)
360 return -1;
361
362 wpa_printf(MSG_DEBUG, "Starting eloop");
363 eloop_run();
364 wpa_printf(MSG_DEBUG, "eloop done");
365
366 deinit(&wpa);
367
368 eloop_destroy();
369
370 os_program_deinit();
371
372 return 0;
373 }
374