diff options
| author | Damien Bergamini <damien@cvs.openbsd.org> | 2007-07-24 20:34:17 +0000 |
|---|---|---|
| committer | Damien Bergamini <damien@cvs.openbsd.org> | 2007-07-24 20:34:17 +0000 |
| commit | 578ab3d946b38901b51eea00507c46894054dc0b (patch) | |
| tree | 4ed33b2c4b6731d26c993128e5511a58c6ac8b4a /sys | |
| parent | 6557416368b7eb9c38e56c07d331f99a2e8f66cf (diff) | |
new function to check the MIC of a received EAPOL-Key frame.
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/net80211/ieee80211_crypto.c | 25 | ||||
| -rw-r--r-- | sys/net80211/ieee80211_proto.h | 4 |
2 files changed, 27 insertions, 2 deletions
diff --git a/sys/net80211/ieee80211_crypto.c b/sys/net80211/ieee80211_crypto.c index 86fb47c3a60..139658bed88 100644 --- a/sys/net80211/ieee80211_crypto.c +++ b/sys/net80211/ieee80211_crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ieee80211_crypto.c,v 1.24 2007/07/24 19:39:22 damien Exp $ */ +/* $OpenBSD: ieee80211_crypto.c,v 1.25 2007/07/24 20:34:16 damien Exp $ */ /* $NetBSD: ieee80211_crypto.c,v 1.5 2003/12/14 09:56:53 dyoung Exp $ */ /*- @@ -677,6 +677,29 @@ ieee80211_eapol_key_mic(struct ieee80211_eapol_key *key, const u_int8_t *kck) } /* + * Check the MIC of a received EAPOL-Key frame using the specified Key + * Confirmation Key (KCK). + */ +int +ieee80211_eapol_key_check_mic(struct ieee80211_eapol_key *key, + const u_int8_t *kck) +{ + u_int8_t mic[EAPOL_KEY_MIC_LEN]; + u_int16_t info; + + info = BE_READ_2(key->info); + KASSERT(info & EAPOL_KEY_KEYMIC); + + memcpy(mic, key->mic, EAPOL_KEY_MIC_LEN); + memset(key->mic, 0, EAPOL_KEY_MIC_LEN); + info &= ~EAPOL_KEY_KEYMIC; + BE_WRITE_2(key->info, info); + ieee80211_eapol_key_mic(key, kck); + + return memcmp(key->mic, mic, EAPOL_KEY_MIC_LEN) != 0; +} + +/* * Encrypt the Key Data field of an EAPOL-Key frame using the specified Key * Encryption Key (KEK). The encryption algorithm can be either ARC4 or * AES Key Wrap depending on the EAPOL-Key Key Descriptor Version. diff --git a/sys/net80211/ieee80211_proto.h b/sys/net80211/ieee80211_proto.h index 352cb285543..f8cb2c63bd9 100644 --- a/sys/net80211/ieee80211_proto.h +++ b/sys/net80211/ieee80211_proto.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ieee80211_proto.h,v 1.22 2007/07/24 16:53:03 damien Exp $ */ +/* $OpenBSD: ieee80211_proto.h,v 1.23 2007/07/24 20:34:16 damien Exp $ */ /* $NetBSD: ieee80211_proto.h,v 1.3 2003/10/13 04:23:56 dyoung Exp $ */ /*- @@ -108,6 +108,8 @@ extern void ieee80211_reset_erp(struct ieee80211com *); extern void ieee80211_set_shortslottime(struct ieee80211com *, int); extern void ieee80211_eapol_key_mic(struct ieee80211_eapol_key *, const u_int8_t *); +extern int ieee80211_eapol_key_check_mic(struct ieee80211_eapol_key *, + const u_int8_t *); extern void ieee80211_eapol_key_encrypt(struct ieee80211com *, struct ieee80211_eapol_key *, const u_int8_t *); extern int ieee80211_eapol_key_decrypt(struct ieee80211_eapol_key *, |