1/* 2 * Test program for combined WPA authenticator/supplicant 3 * Copyright (c) 2006-2007, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9#include "includes.h" 10 11#include "common.h" 12#include "eloop.h" 13#include "common/ieee802_11_defs.h" 14#include "../config.h" 15#include "rsn_supp/wpa.h" 16#include "rsn_supp/wpa_ie.h" 17#include "ap/wpa_auth.h" 18 19 20struct wpa { 21 u8 auth_addr[ETH_ALEN]; 22 u8 supp_addr[ETH_ALEN]; 23 u8 psk[PMK_LEN]; 24 25 /* from authenticator */ 26 u8 auth_eapol_dst[ETH_ALEN]; 27 u8 *auth_eapol; 28 size_t auth_eapol_len; 29 30 /* from supplicant */ 31 u8 *supp_eapol; 32 size_t supp_eapol_len; 33 34 struct wpa_sm *supp; 35 struct wpa_authenticator *auth_group; 36 struct wpa_state_machine *auth; 37 38 struct wpa_ssid ssid; 39 u8 supp_ie[80]; 40 size_t supp_ie_len; 41}; 42 43 44static int supp_get_bssid(void *ctx, u8 *bssid) 45{ 46 struct wpa *wpa = ctx; 47 wpa_printf(MSG_DEBUG, "SUPP: %s", __func__); 48 os_memcpy(bssid, wpa->auth_addr, ETH_ALEN); 49 return 0; 50} 51 52 53static void supp_set_state(void *ctx, enum wpa_states state) 54{ 55 wpa_printf(MSG_DEBUG, "SUPP: %s(state=%d)", __func__, state); 56} 57 58 59static void auth_eapol_rx(void *eloop_data, void *user_ctx) 60{ 61 struct wpa *wpa = eloop_data; 62 63 wpa_printf(MSG_DEBUG, "AUTH: RX EAPOL frame"); 64 wpa_receive(wpa->auth_group, wpa->auth, wpa->supp_eapol, 65 wpa->supp_eapol_len); 66} 67 68 69static int supp_ether_send(void *ctx, const u8 *dest, u16 proto, const u8 *buf, 70 size_t len) 71{ 72 struct wpa *wpa = ctx; 73 74 wpa_printf(MSG_DEBUG, "SUPP: %s(dest=" MACSTR " proto=0x%04x " 75 "len=%lu)", 76 __func__, MAC2STR(dest), proto, (unsigned long) len); 77 78 os_free(wpa->supp_eapol); 79 wpa->supp_eapol = os_malloc(len); 80 if (wpa->supp_eapol == NULL) 81 return -1; 82 os_memcpy(wpa->supp_eapol, buf, len); 83 wpa->supp_eapol_len = len; 84 eloop_register_timeout(0, 0, auth_eapol_rx, wpa, NULL); 85 86 return 0; 87} 88 89 90static u8 * supp_alloc_eapol(void *ctx, u8 type, const void *data, 91 u16 data_len, size_t *msg_len, void **data_pos) 92{ 93 struct ieee802_1x_hdr *hdr; 94 95 wpa_printf(MSG_DEBUG, "SUPP: %s(type=%d data_len=%d)", 96 __func__, type, data_len); 97 98 *msg_len = sizeof(*hdr) + data_len; 99 hdr = os_malloc(*msg_len); 100 if (hdr == NULL) 101 return NULL; 102 103 hdr->version = 2; 104 hdr->type = type; 105 hdr->length = host_to_be16(data_len); 106 107 if (data) 108 os_memcpy(hdr + 1, data, data_len); 109 else 110 os_memset(hdr + 1, 0, data_len); 111 112 if (data_pos) 113 *data_pos = hdr + 1; 114 115 return (u8 *) hdr; 116} 117 118 119static int supp_get_beacon_ie(void *ctx) 120{ 121 struct wpa *wpa = ctx; 122 const u8 *ie; 123 size_t ielen; 124 125 wpa_printf(MSG_DEBUG, "SUPP: %s", __func__); 126 127 ie = wpa_auth_get_wpa_ie(wpa->auth_group, &ielen); 128 if (ie == NULL || ielen < 1) 129 return -1; 130 if (ie[0] == WLAN_EID_RSN) 131 return wpa_sm_set_ap_rsn_ie(wpa->supp, ie, 2 + ie[1]); 132 return wpa_sm_set_ap_wpa_ie(wpa->supp, ie, 2 + ie[1]); 133} 134 135 136static int supp_set_key(void *ctx, enum wpa_alg alg, 137 const u8 *addr, int key_idx, int set_tx, 138 const u8 *seq, size_t seq_len, 139 const u8 *key, size_t key_len) 140{ 141 wpa_printf(MSG_DEBUG, "SUPP: %s(alg=%d addr=" MACSTR " key_idx=%d " 142 "set_tx=%d)", 143 __func__, alg, MAC2STR(addr), key_idx, set_tx); 144 wpa_hexdump(MSG_DEBUG, "SUPP: set_key - seq", seq, seq_len); 145 wpa_hexdump(MSG_DEBUG, "SUPP: set_key - key", key, key_len); 146 return 0; 147} 148 149 150static int supp_mlme_setprotection(void *ctx, const u8 *addr, 151 int protection_type, int key_type) 152{ 153 wpa_printf(MSG_DEBUG, "SUPP: %s(addr=" MACSTR " protection_type=%d " 154 "key_type=%d)", 155 __func__, MAC2STR(addr), protection_type, key_type); 156 return 0; 157} 158 159 160static void supp_cancel_auth_timeout(void *ctx) 161{ 162 wpa_printf(MSG_DEBUG, "SUPP: %s", __func__); 163} 164 165 166static int supp_init(struct wpa *wpa) 167{ 168 struct wpa_sm_ctx *ctx = os_zalloc(sizeof(*ctx)); 169 if (ctx == NULL) 170 return -1; 171 172 ctx->ctx = wpa; 173 ctx->msg_ctx = wpa; 174 ctx->set_state = supp_set_state; 175 ctx->get_bssid = supp_get_bssid; 176 ctx->ether_send = supp_ether_send; 177 ctx->get_beacon_ie = supp_get_beacon_ie; 178 ctx->alloc_eapol = supp_alloc_eapol; 179 ctx->set_key = supp_set_key; 180 ctx->mlme_setprotection = supp_mlme_setprotection; 181 ctx->cancel_auth_timeout = supp_cancel_auth_timeout; 182 wpa->supp = wpa_sm_init(ctx); 183 if (wpa->supp == NULL) { 184 wpa_printf(MSG_DEBUG, "SUPP: wpa_sm_init() failed"); 185 return -1; 186 } 187 188 wpa_sm_set_own_addr(wpa->supp, wpa->supp_addr); 189 wpa_sm_set_param(wpa->supp, WPA_PARAM_RSN_ENABLED, 1); 190 wpa_sm_set_param(wpa->supp, WPA_PARAM_PROTO, WPA_PROTO_RSN); 191 wpa_sm_set_param(wpa->supp, WPA_PARAM_PAIRWISE, WPA_CIPHER_CCMP); 192 wpa_sm_set_param(wpa->supp, WPA_PARAM_GROUP, WPA_CIPHER_CCMP); 193 wpa_sm_set_param(wpa->supp, WPA_PARAM_KEY_MGMT, WPA_KEY_MGMT_PSK); 194 wpa_sm_set_pmk(wpa->supp, wpa->psk, PMK_LEN); 195 196 wpa->supp_ie_len = sizeof(wpa->supp_ie); 197 if (wpa_sm_set_assoc_wpa_ie_default(wpa->supp, wpa->supp_ie, 198 &wpa->supp_ie_len) < 0) { 199 wpa_printf(MSG_DEBUG, "SUPP: wpa_sm_set_assoc_wpa_ie_default()" 200 " failed"); 201 return -1; 202 } 203 204 wpa_sm_notify_assoc(wpa->supp, wpa->auth_addr); 205 206 return 0; 207} 208 209 210static void auth_logger(void *ctx, const u8 *addr, logger_level level, 211 const char *txt) 212{ 213 if (addr) 214 wpa_printf(MSG_DEBUG, "AUTH: " MACSTR " - %s", 215 MAC2STR(addr), txt); 216 else 217 wpa_printf(MSG_DEBUG, "AUTH: %s", txt); 218} 219 220 221static void supp_eapol_rx(void *eloop_data, void *user_ctx) 222{ 223 struct wpa *wpa = eloop_data; 224 225 wpa_printf(MSG_DEBUG, "SUPP: RX EAPOL frame"); 226 wpa_sm_rx_eapol(wpa->supp, wpa->auth_addr, wpa->auth_eapol, 227 wpa->auth_eapol_len); 228} 229 230 231static int auth_send_eapol(void *ctx, const u8 *addr, const u8 *data, 232 size_t data_len, int encrypt) 233{ 234 struct wpa *wpa = ctx; 235 236 wpa_printf(MSG_DEBUG, "AUTH: %s(addr=" MACSTR " data_len=%lu " 237 "encrypt=%d)", 238 __func__, MAC2STR(addr), (unsigned long) data_len, encrypt); 239 240 os_free(wpa->auth_eapol); 241 wpa->auth_eapol = os_malloc(data_len); 242 if (wpa->auth_eapol == NULL) 243 return -1; 244 os_memcpy(wpa->auth_eapol_dst, addr, ETH_ALEN); 245 os_memcpy(wpa->auth_eapol, data, data_len); 246 wpa->auth_eapol_len = data_len; 247 eloop_register_timeout(0, 0, supp_eapol_rx, wpa, NULL); 248 249 return 0; 250} 251 252 253static const u8 * auth_get_psk(void *ctx, const u8 *addr, const u8 *prev_psk) 254{ 255 struct wpa *wpa = ctx; 256 wpa_printf(MSG_DEBUG, "AUTH: %s (addr=" MACSTR " prev_psk=%p)", 257 __func__, MAC2STR(addr), prev_psk); 258 if (prev_psk) 259 return NULL; 260 return wpa->psk; 261} 262 263 264static int auth_init_group(struct wpa *wpa) 265{ 266 struct wpa_auth_config conf; 267 struct wpa_auth_callbacks cb; 268 269 wpa_printf(MSG_DEBUG, "AUTH: Initializing group state machine"); 270 271 os_memset(&conf, 0, sizeof(conf)); 272 conf.wpa = 2; 273 conf.wpa_key_mgmt = WPA_KEY_MGMT_PSK; 274 conf.wpa_pairwise = WPA_CIPHER_CCMP; 275 conf.rsn_pairwise = WPA_CIPHER_CCMP; 276 conf.wpa_group = WPA_CIPHER_CCMP; 277 conf.eapol_version = 2; 278 279 os_memset(&cb, 0, sizeof(cb)); 280 cb.ctx = wpa; 281 cb.logger = auth_logger; 282 cb.send_eapol = auth_send_eapol; 283 cb.get_psk = auth_get_psk; 284 285 wpa->auth_group = wpa_init(wpa->auth_addr, &conf, &cb); 286 if (wpa->auth_group == NULL) { 287 wpa_printf(MSG_DEBUG, "AUTH: wpa_init() failed"); 288 return -1; 289 } 290 291 return 0; 292} 293 294 295static int auth_init(struct wpa *wpa) 296{ 297 wpa->auth = wpa_auth_sta_init(wpa->auth_group, wpa->supp_addr, NULL); 298 if (wpa->auth == NULL) { 299 wpa_printf(MSG_DEBUG, "AUTH: wpa_auth_sta_init() failed"); 300 return -1; 301 } 302 303 if (wpa_validate_wpa_ie(wpa->auth_group, wpa->auth, wpa->supp_ie, 304 wpa->supp_ie_len, NULL, 0) != WPA_IE_OK) { 305 wpa_printf(MSG_DEBUG, "AUTH: wpa_validate_wpa_ie() failed"); 306 return -1; 307 } 308 309 wpa_auth_sm_event(wpa->auth, WPA_ASSOC); 310 311 wpa_auth_sta_associated(wpa->auth_group, wpa->auth); 312 313 return 0; 314} 315 316 317static void deinit(struct wpa *wpa) 318{ 319 wpa_auth_sta_deinit(wpa->auth); 320 wpa_sm_deinit(wpa->supp); 321 wpa_deinit(wpa->auth_group); 322 os_free(wpa->auth_eapol); 323 wpa->auth_eapol = NULL; 324 os_free(wpa->supp_eapol); 325 wpa->supp_eapol = NULL; 326} 327 328 329int main(int argc, char *argv[]) 330{ 331 struct wpa wpa; 332 333 if (os_program_init()) 334 return -1; 335 336 os_memset(&wpa, 0, sizeof(wpa)); 337 os_memset(wpa.auth_addr, 0x12, ETH_ALEN); 338 os_memset(wpa.supp_addr, 0x32, ETH_ALEN); 339 os_memset(wpa.psk, 0x44, PMK_LEN); 340 341 wpa_debug_level = 0; 342 wpa_debug_show_keys = 1; 343 344 if (eloop_init()) { 345 wpa_printf(MSG_ERROR, "Failed to initialize event loop"); 346 return -1; 347 } 348 349 if (auth_init_group(&wpa) < 0) 350 return -1; 351 352 if (supp_init(&wpa) < 0) 353 return -1; 354 355 if (auth_init(&wpa) < 0) 356 return -1; 357 358 wpa_printf(MSG_DEBUG, "Starting eloop"); 359 eloop_run(); 360 wpa_printf(MSG_DEBUG, "eloop done"); 361 362 deinit(&wpa); 363 364 eloop_destroy(); 365 366 os_program_deinit(); 367 368 return 0; 369} 370