📄 wps_registrar.c
字号:
return 0;}static int wps_process_uuid_e(struct wps_data *wps, const u8 *uuid_e){ if (uuid_e == NULL) { wpa_printf(MSG_DEBUG, "WPS: No UUID-E received"); return -1; } os_memcpy(wps->uuid_e, uuid_e, WPS_UUID_LEN); wpa_hexdump(MSG_DEBUG, "WPS: UUID-E", wps->uuid_e, WPS_UUID_LEN); return 0;}static int wps_process_dev_password_id(struct wps_data *wps, const u8 *pw_id){ if (pw_id == NULL) { wpa_printf(MSG_DEBUG, "WPS: No Device Password ID received"); return -1; } wps->dev_pw_id = WPA_GET_BE16(pw_id); wpa_printf(MSG_DEBUG, "WPS: Device Password ID %d", wps->dev_pw_id); return 0;}static int wps_process_e_hash1(struct wps_data *wps, const u8 *e_hash1){ if (e_hash1 == NULL) { wpa_printf(MSG_DEBUG, "WPS: No E-Hash1 received"); return -1; } os_memcpy(wps->peer_hash1, e_hash1, WPS_HASH_LEN); wpa_hexdump(MSG_DEBUG, "WPS: E-Hash1", wps->peer_hash1, WPS_HASH_LEN); return 0;}static int wps_process_e_hash2(struct wps_data *wps, const u8 *e_hash2){ if (e_hash2 == NULL) { wpa_printf(MSG_DEBUG, "WPS: No E-Hash2 received"); return -1; } os_memcpy(wps->peer_hash2, e_hash2, WPS_HASH_LEN); wpa_hexdump(MSG_DEBUG, "WPS: E-Hash2", wps->peer_hash2, WPS_HASH_LEN); return 0;}static int wps_process_e_snonce1(struct wps_data *wps, const u8 *e_snonce1){ u8 hash[SHA256_MAC_LEN]; const u8 *addr[4]; size_t len[4]; if (e_snonce1 == NULL) { wpa_printf(MSG_DEBUG, "WPS: No E-SNonce1 received"); return -1; } wpa_hexdump_key(MSG_DEBUG, "WPS: E-SNonce1", e_snonce1, WPS_SECRET_NONCE_LEN); /* E-Hash1 = HMAC_AuthKey(E-S1 || PSK1 || PK_E || PK_R) */ addr[0] = e_snonce1; len[0] = WPS_SECRET_NONCE_LEN; addr[1] = wps->psk1; len[1] = WPS_PSK_LEN; addr[2] = wpabuf_head(wps->dh_pubkey_e); len[2] = wpabuf_len(wps->dh_pubkey_e); addr[3] = wpabuf_head(wps->dh_pubkey_r); len[3] = wpabuf_len(wps->dh_pubkey_r); hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 4, addr, len, hash); if (os_memcmp(wps->peer_hash1, hash, WPS_HASH_LEN) != 0) { wpa_printf(MSG_DEBUG, "WPS: E-Hash1 derived from E-S1 does " "not match with the pre-committed value"); wps->config_error = WPS_CFG_DEV_PASSWORD_AUTH_FAILURE; wps_pwd_auth_fail_event(wps->wps, 0, 1); return -1; } wpa_printf(MSG_DEBUG, "WPS: Enrollee proved knowledge of the first " "half of the device password"); return 0;}static int wps_process_e_snonce2(struct wps_data *wps, const u8 *e_snonce2){ u8 hash[SHA256_MAC_LEN]; const u8 *addr[4]; size_t len[4]; if (e_snonce2 == NULL) { wpa_printf(MSG_DEBUG, "WPS: No E-SNonce2 received"); return -1; } wpa_hexdump_key(MSG_DEBUG, "WPS: E-SNonce2", e_snonce2, WPS_SECRET_NONCE_LEN); /* E-Hash2 = HMAC_AuthKey(E-S2 || PSK2 || PK_E || PK_R) */ addr[0] = e_snonce2; len[0] = WPS_SECRET_NONCE_LEN; addr[1] = wps->psk2; len[1] = WPS_PSK_LEN; addr[2] = wpabuf_head(wps->dh_pubkey_e); len[2] = wpabuf_len(wps->dh_pubkey_e); addr[3] = wpabuf_head(wps->dh_pubkey_r); len[3] = wpabuf_len(wps->dh_pubkey_r); hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 4, addr, len, hash); if (os_memcmp(wps->peer_hash2, hash, WPS_HASH_LEN) != 0) { wpa_printf(MSG_DEBUG, "WPS: E-Hash2 derived from E-S2 does " "not match with the pre-committed value"); wps_registrar_invalidate_pin(wps->wps->registrar, wps->uuid_e); wps->config_error = WPS_CFG_DEV_PASSWORD_AUTH_FAILURE; wps_pwd_auth_fail_event(wps->wps, 0, 2); return -1; } wpa_printf(MSG_DEBUG, "WPS: Enrollee proved knowledge of the second " "half of the device password"); wps->wps_pin_revealed = 0; wps_registrar_unlock_pin(wps->wps->registrar, wps->uuid_e); return 0;}static int wps_process_mac_addr(struct wps_data *wps, const u8 *mac_addr){ if (mac_addr == NULL) { wpa_printf(MSG_DEBUG, "WPS: No MAC Address received"); return -1; } wpa_printf(MSG_DEBUG, "WPS: Enrollee MAC Address " MACSTR, MAC2STR(mac_addr)); os_memcpy(wps->mac_addr_e, mac_addr, ETH_ALEN); os_memcpy(wps->peer_dev.mac_addr, mac_addr, ETH_ALEN); return 0;}static int wps_process_pubkey(struct wps_data *wps, const u8 *pk, size_t pk_len){ if (pk == NULL || pk_len == 0) { wpa_printf(MSG_DEBUG, "WPS: No Public Key received"); return -1; } wpabuf_free(wps->dh_pubkey_e); wps->dh_pubkey_e = wpabuf_alloc_copy(pk, pk_len); if (wps->dh_pubkey_e == NULL) return -1; return 0;}static int wps_process_auth_type_flags(struct wps_data *wps, const u8 *auth){ u16 auth_types; if (auth == NULL) { wpa_printf(MSG_DEBUG, "WPS: No Authentication Type flags " "received"); return -1; } auth_types = WPA_GET_BE16(auth); wpa_printf(MSG_DEBUG, "WPS: Enrollee Authentication Type flags 0x%x", auth_types); wps->auth_type = wps->wps->auth_types & auth_types; if (wps->auth_type == 0) { wpa_printf(MSG_DEBUG, "WPS: No match in supported " "authentication types (own 0x%x Enrollee 0x%x)", wps->wps->auth_types, auth_types); return -1; } return 0;}static int wps_process_encr_type_flags(struct wps_data *wps, const u8 *encr){ u16 encr_types; if (encr == NULL) { wpa_printf(MSG_DEBUG, "WPS: No Encryption Type flags " "received"); return -1; } encr_types = WPA_GET_BE16(encr); wpa_printf(MSG_DEBUG, "WPS: Enrollee Encryption Type flags 0x%x", encr_types); wps->encr_type = wps->wps->encr_types & encr_types; if (wps->encr_type == 0) { wpa_printf(MSG_DEBUG, "WPS: No match in supported " "encryption types"); return -1; } return 0;}static int wps_process_conn_type_flags(struct wps_data *wps, const u8 *conn){ if (conn == NULL) { wpa_printf(MSG_DEBUG, "WPS: No Connection Type flags " "received"); return -1; } wpa_printf(MSG_DEBUG, "WPS: Enrollee Connection Type flags 0x%x", *conn); return 0;}static int wps_process_config_methods(struct wps_data *wps, const u8 *methods){ u16 m; if (methods == NULL) { wpa_printf(MSG_DEBUG, "WPS: No Config Methods received"); return -1; } m = WPA_GET_BE16(methods); wpa_printf(MSG_DEBUG, "WPS: Enrollee Config Methods 0x%x", m); return 0;}static int wps_process_wps_state(struct wps_data *wps, const u8 *state){ if (state == NULL) { wpa_printf(MSG_DEBUG, "WPS: No Wi-Fi Protected Setup State " "received"); return -1; } wpa_printf(MSG_DEBUG, "WPS: Enrollee Wi-Fi Protected Setup State %d", *state); return 0;}static int wps_process_assoc_state(struct wps_data *wps, const u8 *assoc){ u16 a; if (assoc == NULL) { wpa_printf(MSG_DEBUG, "WPS: No Association State received"); return -1; } a = WPA_GET_BE16(assoc); wpa_printf(MSG_DEBUG, "WPS: Enrollee Association State %d", a); return 0;}static int wps_process_config_error(struct wps_data *wps, const u8 *err){ u16 e; if (err == NULL) { wpa_printf(MSG_DEBUG, "WPS: No Configuration Error received"); return -1; } e = WPA_GET_BE16(err); wpa_printf(MSG_DEBUG, "WPS: Enrollee Configuration Error %d", e); return 0;}static enum wps_process_res wps_process_m1(struct wps_data *wps, struct wps_parse_attr *attr){ wpa_printf(MSG_DEBUG, "WPS: Received M1"); if (wps->state != RECV_M1) { wpa_printf(MSG_DEBUG, "WPS: Unexpected state (%d) for " "receiving M1", wps->state); return WPS_FAILURE; } if (wps_process_uuid_e(wps, attr->uuid_e) || wps_process_mac_addr(wps, attr->mac_addr) || wps_process_enrollee_nonce(wps, attr->enrollee_nonce) || wps_process_pubkey(wps, attr->public_key, attr->public_key_len) || wps_process_auth_type_flags(wps, attr->auth_type_flags) || wps_process_encr_type_flags(wps, attr->encr_type_flags) || wps_process_conn_type_flags(wps, attr->conn_type_flags) || wps_process_config_methods(wps, attr->config_methods) || wps_process_wps_state(wps, attr->wps_state) || wps_process_device_attrs(&wps->peer_dev, attr) || wps_process_rf_bands(&wps->peer_dev, attr->rf_bands) || wps_process_assoc_state(wps, attr->assoc_state) || wps_process_dev_password_id(wps, attr->dev_password_id) || wps_process_config_error(wps, attr->config_error) || wps_process_os_version(&wps->peer_dev, attr->os_version)) return WPS_FAILURE; if (wps->dev_pw_id != DEV_PW_DEFAULT && wps->dev_pw_id != DEV_PW_USER_SPECIFIED && wps->dev_pw_id != DEV_PW_MACHINE_SPECIFIED && wps->dev_pw_id != DEV_PW_REGISTRAR_SPECIFIED && (wps->dev_pw_id != DEV_PW_PUSHBUTTON || !wps->wps->registrar->pbc)) { wpa_printf(MSG_DEBUG, "WPS: Unsupported Device Password ID %d", wps->dev_pw_id); wps->state = SEND_M2D; return WPS_CONTINUE; } if (wps->dev_pw_id == DEV_PW_PUSHBUTTON) { if (wps_registrar_pbc_overlap(wps->wps->registrar, wps->mac_addr_e, wps->uuid_e)) { wpa_printf(MSG_DEBUG, "WPS: PBC overlap - deny PBC " "negotiation"); wps->state = SEND_M2D; return WPS_CONTINUE; } wps_registrar_add_pbc_session(wps->wps->registrar, wps->mac_addr_e, wps->uuid_e); wps->pbc = 1; } wps->state = SEND_M2; return WPS_CONTINUE;}static enum wps_process_res wps_process_m3(struct wps_data *wps, const struct wpabuf *msg, struct wps_parse_attr *attr){ wpa_printf(MSG_DEBUG, "WPS: Received M3"); if (wps->state != RECV_M3) { wpa_printf(MSG_DEBUG, "WPS: Unexpected state (%d) for " "receiving M3", wps->state); wps->state = SEND_WSC_NACK; return WPS_CONTINUE; } if (wps_process_registrar_nonce(wps, attr->registrar_nonce) || wps_process_authenticator(wps, attr->authenticator, msg) || wps_process_e_hash1(wps, attr->e_hash1) || wps_process_e_hash2(wps, attr->e_hash2)) { wps->state = SEND_WSC_NACK; return WPS_CONTINUE; } wps->state = SEND_M4; return WPS_CONTINUE;}static enum wps_process_res wps_process_m5(struct wps_data *wps, const struct wpabuf *msg, struct wps_parse_attr *attr){ struct wpabuf *decrypted; struct wps_parse_attr eattr; wpa_printf(MSG_DEBUG, "WPS: Received M5"); if (wps->state != RECV_M5) { wpa_printf(MSG_DEBUG, "WPS: Unexpected state (%d) for " "receiving M5", wps->state); wps->state = SEND_WSC_NACK; return WPS_CONTINUE; } if (wps_process_registrar_nonce(wps, attr->registrar_nonce) || wps_process_authenticator(wps, attr->authenticator, msg)) { wps->state = SEND_WSC_NACK; return WPS_CONTINUE; } decrypted = wps_decrypt_encr_settings(wps, attr->encr_settings, attr->encr_settings_len); if (decrypted == NULL) { wpa_printf(MSG_DEBUG, "WPS: Failed to decrypted Encrypted " "Settings attribute"); wps->state = SEND_WSC_NACK; return WPS_CONTINUE; } wpa_printf(MSG_DEBUG, "WPS: Processing decrypted Encrypted Settings " "attribute"); if (wps_parse_msg(decrypted, &eattr) < 0 || wps_process_key_wrap_auth(wps, decrypted, eattr.key_wrap_auth) || wps_process_e_snonce1(wps, eattr.e_snonce1)) { wpabuf_free(decrypted); wps->state = SEND_WSC_NACK; return WPS_CONTINUE; } wpabuf_free(decrypted); wps->state = SEND_M6; return WPS_CONTINUE;}static int wps_process_ap_settings_r(struct wps_data *wps, struct wps_parse_attr *attr){ if (wps->wps->ap) return 0; /* AP Settings Attributes in M7 when Enrollee is an AP */ if (wps_process_ap_settings(attr, &wps->cred) < 0) return -1; wpa_printf(MSG_INFO, "WPS: Received old AP configuration from AP"); /* * TODO: Provide access to AP settings and allow changes before sending * out M8. For now, just copy the settings unchanged into M8. */ return 0;}static enum wps_process_res wps_process_m7(struct wps_data *wps, const struct wpabuf *msg, struct wps_parse_attr *attr){ struct wpabuf *decrypted; struct wps_parse_attr eattr; wpa_printf(MSG_DEBUG, "WPS: Received M7"); if (wps->state != RECV_M7) { wpa_printf(MSG_DEBUG, "WPS: Unexpected state (%d) for " "receiving M7", wps->state); wps->state = SEND_WSC_NACK; return WPS_CONTINUE; } if (wps_process_registrar_nonce(wps, attr->registrar_nonce) || wps_process_authenticator(wps, attr->authenticator, msg)) { wps->state = SEND_WSC_NACK; return WPS_CONTINUE; } decrypted = wps_decrypt_encr_settings(wps, attr->encr_settings, attr->encr_settings_len); if (decrypted == NULL) { wpa_printf(MSG_DEBUG, "WPS: Failed to decrypted Encrypted " "Settings attribute"); wps->state = SEND_WSC_NACK; return WPS_CONTINUE; } wpa_printf(MSG_DEBUG, "WPS: Processing decrypted Encrypted Settings " "attribute"); if (wps_parse_msg(decrypted, &eattr) < 0 || wps_process_key_wrap_auth(wps, decrypted, eattr.key_wrap_auth) || wps_process_e_snonce2(wps, eattr.e_snonce2) || wps_process_ap_settings_r(wps, &eattr)) {⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -