📄 eap_gpsk.c
字号:
if (end - pos < EAP_GPSK_RAND_LEN) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Too short message for " "RAND_Peer"); eap_gpsk_state(data, FAILURE); return; } os_memcpy(data->rand_peer, pos, EAP_GPSK_RAND_LEN); wpa_hexdump(MSG_DEBUG, "EAP-GPSK: RAND_Peer", data->rand_peer, EAP_GPSK_RAND_LEN); pos += EAP_GPSK_RAND_LEN; if (end - pos < EAP_GPSK_RAND_LEN) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Too short message for " "RAND_Server"); eap_gpsk_state(data, FAILURE); return; } if (os_memcmp(data->rand_server, pos, EAP_GPSK_RAND_LEN) != 0) { wpa_printf(MSG_DEBUG, "EAP-GPSK: RAND_Server in GPSK-1 and " "GPSK-2 did not match"); wpa_hexdump(MSG_DEBUG, "EAP-GPSK: RAND_Server in GPSK-1", data->rand_server, EAP_GPSK_RAND_LEN); wpa_hexdump(MSG_DEBUG, "EAP-GPSK: RAND_Server in GPSK-2", pos, EAP_GPSK_RAND_LEN); eap_gpsk_state(data, FAILURE); return; } pos += EAP_GPSK_RAND_LEN; if (end - pos < 2) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Too short message for " "CSuite_List length"); eap_gpsk_state(data, FAILURE); return; } alen = WPA_GET_BE16(pos); pos += 2; if (end - pos < alen) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Too short message for " "CSuite_List"); eap_gpsk_state(data, FAILURE); return; } if (alen != data->csuite_count * sizeof(struct eap_gpsk_csuite) || os_memcmp(pos, data->csuite_list, alen) != 0) { wpa_printf(MSG_DEBUG, "EAP-GPSK: CSuite_List in GPSK-1 and " "GPSK-2 did not match"); eap_gpsk_state(data, FAILURE); return; } pos += alen; if (end - pos < (int) sizeof(*csuite)) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Too short message for " "CSuite_Sel"); eap_gpsk_state(data, FAILURE); return; } csuite = (const struct eap_gpsk_csuite *) pos; for (i = 0; i < data->csuite_count; i++) { if (os_memcmp(csuite, &data->csuite_list[i], sizeof(*csuite)) == 0) break; } if (i == data->csuite_count) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Peer selected unsupported " "ciphersuite %d:%d", WPA_GET_BE32(csuite->vendor), WPA_GET_BE16(csuite->specifier)); eap_gpsk_state(data, FAILURE); return; } data->vendor = WPA_GET_BE32(csuite->vendor); data->specifier = WPA_GET_BE16(csuite->specifier); wpa_printf(MSG_DEBUG, "EAP-GPSK: CSuite_Sel %d:%d", data->vendor, data->specifier); pos += sizeof(*csuite); if (end - pos < 2) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Too short message for " "PD_Payload_1 length"); eap_gpsk_state(data, FAILURE); return; } alen = WPA_GET_BE16(pos); pos += 2; if (end - pos < alen) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Too short message for " "PD_Payload_1"); eap_gpsk_state(data, FAILURE); return; } wpa_hexdump(MSG_DEBUG, "EAP-GPSK: PD_Payload_1", pos, alen); pos += alen; if (sm->user == NULL || sm->user->password == NULL) { wpa_printf(MSG_INFO, "EAP-GPSK: No PSK/password configured " "for the user"); eap_gpsk_state(data, FAILURE); return; } if (eap_gpsk_derive_keys(sm->user->password, sm->user->password_len, data->vendor, data->specifier, data->rand_peer, data->rand_server, data->id_peer, data->id_peer_len, data->id_server, data->id_server_len, data->msk, data->emsk, data->sk, &data->sk_len, data->pk, &data->pk_len) < 0) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Failed to derive keys"); eap_gpsk_state(data, FAILURE); return; } miclen = eap_gpsk_mic_len(data->vendor, data->specifier); if (end - pos < (int) miclen) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Message too short for MIC " "(left=%lu miclen=%lu)", (unsigned long) (end - pos), (unsigned long) miclen); eap_gpsk_state(data, FAILURE); return; } if (eap_gpsk_compute_mic(data->sk, data->sk_len, data->vendor, data->specifier, payload, pos - payload, mic) < 0) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Failed to compute MIC"); eap_gpsk_state(data, FAILURE); return; } if (os_memcmp(mic, pos, miclen) != 0) { wpa_printf(MSG_INFO, "EAP-GPSK: Incorrect MIC in GPSK-2"); wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Received MIC", pos, miclen); wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Computed MIC", mic, miclen); eap_gpsk_state(data, FAILURE); return; } pos += miclen; if (pos != end) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Ignored %lu bytes of extra " "data in the end of GPSK-2", (unsigned long) (end - pos)); } eap_gpsk_state(data, GPSK_3);}static void eap_gpsk_process_gpsk_4(struct eap_sm *sm, struct eap_gpsk_data *data, const u8 *payload, size_t payloadlen){ const u8 *pos, *end; u16 alen; size_t miclen; u8 mic[EAP_GPSK_MAX_MIC_LEN]; if (data->state != GPSK_3) return; wpa_printf(MSG_DEBUG, "EAP-GPSK: Received Response/GPSK-4"); pos = payload; end = payload + payloadlen; if (end - pos < 2) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Too short message for " "PD_Payload_1 length"); eap_gpsk_state(data, FAILURE); return; } alen = WPA_GET_BE16(pos); pos += 2; if (end - pos < alen) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Too short message for " "PD_Payload_1"); eap_gpsk_state(data, FAILURE); return; } wpa_hexdump(MSG_DEBUG, "EAP-GPSK: PD_Payload_1", pos, alen); pos += alen; miclen = eap_gpsk_mic_len(data->vendor, data->specifier); if (end - pos < (int) miclen) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Message too short for MIC " "(left=%lu miclen=%lu)", (unsigned long) (end - pos), (unsigned long) miclen); eap_gpsk_state(data, FAILURE); return; } if (eap_gpsk_compute_mic(data->sk, data->sk_len, data->vendor, data->specifier, payload, pos - payload, mic) < 0) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Failed to compute MIC"); eap_gpsk_state(data, FAILURE); return; } if (os_memcmp(mic, pos, miclen) != 0) { wpa_printf(MSG_INFO, "EAP-GPSK: Incorrect MIC in GPSK-4"); wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Received MIC", pos, miclen); wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Computed MIC", mic, miclen); eap_gpsk_state(data, FAILURE); return; } pos += miclen; if (pos != end) { wpa_printf(MSG_DEBUG, "EAP-GPSK: Ignored %lu bytes of extra " "data in the end of GPSK-4", (unsigned long) (end - pos)); } eap_gpsk_state(data, SUCCESS);}static void eap_gpsk_process(struct eap_sm *sm, void *priv, struct wpabuf *respData){ struct eap_gpsk_data *data = priv; const u8 *pos; size_t len; pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_GPSK, respData, &len); if (pos == NULL || len < 1) return; switch (*pos) { case EAP_GPSK_OPCODE_GPSK_2: eap_gpsk_process_gpsk_2(sm, data, pos + 1, len - 1); break; case EAP_GPSK_OPCODE_GPSK_4: eap_gpsk_process_gpsk_4(sm, data, pos + 1, len - 1); break; }}static Boolean eap_gpsk_isDone(struct eap_sm *sm, void *priv){ struct eap_gpsk_data *data = priv; return data->state == SUCCESS || data->state == FAILURE;}static u8 * eap_gpsk_getKey(struct eap_sm *sm, void *priv, size_t *len){ struct eap_gpsk_data *data = priv; u8 *key; if (data->state != SUCCESS) return NULL; key = os_malloc(EAP_MSK_LEN); if (key == NULL) return NULL; os_memcpy(key, data->msk, EAP_MSK_LEN); *len = EAP_MSK_LEN; return key;}static u8 * eap_gpsk_get_emsk(struct eap_sm *sm, void *priv, size_t *len){ struct eap_gpsk_data *data = priv; u8 *key; if (data->state != SUCCESS) return NULL; key = os_malloc(EAP_EMSK_LEN); if (key == NULL) return NULL; os_memcpy(key, data->emsk, EAP_EMSK_LEN); *len = EAP_EMSK_LEN; return key;}static Boolean eap_gpsk_isSuccess(struct eap_sm *sm, void *priv){ struct eap_gpsk_data *data = priv; return data->state == SUCCESS;}int eap_server_gpsk_register(void){ struct eap_method *eap; int ret; eap = eap_server_method_alloc(EAP_SERVER_METHOD_INTERFACE_VERSION, EAP_VENDOR_IETF, EAP_TYPE_GPSK, "GPSK"); if (eap == NULL) return -1; eap->init = eap_gpsk_init; eap->reset = eap_gpsk_reset; eap->buildReq = eap_gpsk_buildReq; eap->check = eap_gpsk_check; eap->process = eap_gpsk_process; eap->isDone = eap_gpsk_isDone; eap->getKey = eap_gpsk_getKey; eap->isSuccess = eap_gpsk_isSuccess; eap->get_emsk = eap_gpsk_get_emsk; ret = eap_server_method_register(eap); if (ret) eap_server_method_free(eap); return ret;}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -