本文整理汇总了C++中wpabuf_put函数的典型用法代码示例。如果您正苦于以下问题:C++ wpabuf_put函数的具体用法?C++ wpabuf_put怎么用?C++ wpabuf_put使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了wpabuf_put函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: tls_connection_decrypt2
struct wpabuf * tls_connection_decrypt2(void *tls_ctx,
struct tls_connection *conn,
const struct wpabuf *in_data,
int *need_more_data)
{
if (need_more_data)
*need_more_data = 0;
#ifdef CONFIG_TLS_INTERNAL_CLIENT
if (conn->client) {
return tlsv1_client_decrypt(conn->client, wpabuf_head(in_data),
wpabuf_len(in_data),
need_more_data);
}
#endif /* CONFIG_TLS_INTERNAL_CLIENT */
#ifdef CONFIG_TLS_INTERNAL_SERVER
if (conn->server) {
struct wpabuf *buf;
int res;
buf = wpabuf_alloc((wpabuf_len(in_data) + 500) * 3);
if (buf == NULL)
return NULL;
res = tlsv1_server_decrypt(conn->server, wpabuf_head(in_data),
wpabuf_len(in_data),
wpabuf_mhead(buf),
wpabuf_size(buf));
if (res < 0) {
wpabuf_free(buf);
return NULL;
}
wpabuf_put(buf, res);
return buf;
}
#endif /* CONFIG_TLS_INTERNAL_SERVER */
return NULL;
}示例2: eap_sake_build_msg
static struct wpabuf * eap_sake_build_msg(struct eap_sake_data *data,
int id, size_t length, u8 subtype)
{
struct eap_sake_hdr *sake;
struct wpabuf *msg;
size_t plen;
plen = length + sizeof(struct eap_sake_hdr);
msg = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_SAKE, plen,
EAP_CODE_RESPONSE, id);
if (msg == NULL) {
wpa_printf(MSG_ERROR, "EAP-SAKE: Failed to allocate memory "
"request");
return NULL;
}
sake = wpabuf_put(msg, sizeof(*sake));
sake->version = EAP_SAKE_VERSION;
sake->session_id = data->session_id;
sake->subtype = subtype;
return msg;
}示例3: wpa_printf
/**
* wps_build_assoc_resp_ie - Build WPS IE for (Re)Association Response
* Returns: WPS IE or %NULL on failure
*
* The caller is responsible for freeing the buffer.
*/
struct wpabuf *wps_build_assoc_resp_ie(void)
{
struct wpabuf *ie;
u8 *len;
wpa_printf(MSG_DEBUG, "WPS: Building WPS IE for (Re)Association " "Response");
ie = wpabuf_alloc(100);
if (ie == NULL) {
return NULL;
}
wpabuf_put_u8(ie, WLAN_EID_VENDOR_SPECIFIC);
len = wpabuf_put(ie, 1);
wpabuf_put_be32(ie, WPS_DEV_OUI_WFA);
if (wps_build_version(ie) || wps_build_resp_type(ie, WPS_RESP_AP) || wps_build_wfa_ext(ie, 0, NULL, 0)) {
wpabuf_free(ie);
return NULL;
}
*len = wpabuf_len(ie) - 2;
return ie;
}示例4: wps_build_assoc_req_ie
/**
* wps_build_assoc_req_ie - Build WPS IE for (Re)Association Request
* @req_type: Value for Request Type attribute
* Returns: WPS IE or %NULL on failure
*
* The caller is responsible for freeing the buffer.
*/
struct wpabuf * wps_build_assoc_req_ie(enum wps_request_type req_type) {
struct wpabuf *ie;
u8 *len;
wpa_printf(MSG_DEBUG, "WPS: Building WPS IE for (Re)Association "
"Request");
ie = wpabuf_alloc(100);
if (ie == NULL)
return NULL;
wpabuf_put_u8(ie, WLAN_EID_VENDOR_SPECIFIC);
len = wpabuf_put(ie, 1);
wpabuf_put_be32(ie, WPS_DEV_OUI_WFA);
if (wps_build_version(ie) ||
wps_build_req_type(ie, req_type)) {
wpabuf_free(ie);
return NULL;
}
*len = wpabuf_len(ie) - 2;
return ie;
}示例5: p2p_buf_update_ie_hdr
void p2p_buf_update_ie_hdr(struct wpabuf *buf, u8 *len)
{
/* Update P2P IE Length */
*len = (u8 *) wpabuf_put(buf, 0) - len - 1;
}示例6: web_connection_send_reply
static void web_connection_send_reply(struct http_request *req,
enum http_reply_code ret,
const char *action, int action_len,
const struct wpabuf *reply,
const char *replyname)
{
struct wpabuf *buf;
char *replydata;
char *put_length_here = NULL;
char *body_start = NULL;
if (reply) {
size_t len;
replydata = (char *) base64_encode(wpabuf_head(reply),
wpabuf_len(reply), &len);
} else
replydata = NULL;
/* Parameters of the response:
* action(action_len) -- action we are responding to
* replyname -- a name we need for the reply
* replydata -- NULL or null-terminated string
*/
buf = wpabuf_alloc(1000 + (replydata ? os_strlen(replydata) : 0U) +
(action_len > 0 ? action_len * 2 : 0));
if (buf == NULL) {
wpa_printf(MSG_INFO, "WPS UPnP: Cannot allocate reply to "
"POST");
os_free(replydata);
http_request_deinit(req);
return;
}
/*
* Assuming we will be successful, put in the output header first.
* Note: we do not keep connections alive (and httpread does
* not support it)... therefore we must have Connection: close.
*/
if (ret == HTTP_OK) {
wpabuf_put_str(buf,
"HTTP/1.1 200 OK\r\n"
"Content-Type: text/xml; "
"charset=\"utf-8\"\r\n");
} else {
wpabuf_printf(buf, "HTTP/1.1 %d Error\r\n", ret);
}
wpabuf_put_str(buf, http_connection_close);
wpabuf_put_str(buf, "Content-Length: ");
/*
* We will paste the length in later, leaving some extra whitespace.
* HTTP code is supposed to be tolerant of extra whitespace.
*/
put_length_here = wpabuf_put(buf, 0);
wpabuf_put_str(buf, " \r\n");
http_put_date(buf);
/* terminating empty line */
wpabuf_put_str(buf, "\r\n");
body_start = wpabuf_put(buf, 0);
if (ret == HTTP_OK) {
wpabuf_put_str(buf, soap_prefix);
wpabuf_put_str(buf, "<u:");
wpabuf_put_data(buf, action, action_len);
wpabuf_put_str(buf, "Response xmlns:u=\"");
wpabuf_put_str(buf, urn_wfawlanconfig);
wpabuf_put_str(buf, "\">\n");
if (replydata && replyname) {
/* TODO: might possibly need to escape part of reply
* data? ...
* probably not, unlikely to have ampersand(&) or left
* angle bracket (<) in it...
*/
wpabuf_printf(buf, "<%s>", replyname);
wpabuf_put_str(buf, replydata);
wpabuf_printf(buf, "</%s>\n", replyname);
}
wpabuf_put_str(buf, "</u:");
wpabuf_put_data(buf, action, action_len);
wpabuf_put_str(buf, "Response>\n");
wpabuf_put_str(buf, soap_postfix);
} else {
/* Error case */
wpabuf_put_str(buf, soap_prefix);
wpabuf_put_str(buf, soap_error_prefix);
wpabuf_printf(buf, "<errorCode>%d</errorCode>\n", ret);
wpabuf_put_str(buf, soap_error_postfix);
wpabuf_put_str(buf, soap_postfix);
}
os_free(replydata);
/* Now patch in the content length at the end */
if (body_start && put_length_here) {
int body_length = (char *) wpabuf_put(buf, 0) - body_start;
char len_buf[10];
os_snprintf(len_buf, sizeof(len_buf), "%d", body_length);
os_memcpy(put_length_here, len_buf, os_strlen(len_buf));
//.........这里部分代码省略.........
示例7: eap_ikev2_build_msg
static struct wpabuf * eap_ikev2_build_msg(struct eap_ikev2_data *data, u8 id)
{
struct wpabuf *req;
u8 flags;
size_t send_len, plen, icv_len = 0;
wpa_printf(MSG_DEBUG, "EAP-IKEV2: Generating Request");
flags = 0;
send_len = wpabuf_len(data->out_buf) - data->out_used;
if (1 + send_len > data->fragment_size) {
send_len = data->fragment_size - 1;
flags |= IKEV2_FLAGS_MORE_FRAGMENTS;
if (data->out_used == 0) {
flags |= IKEV2_FLAGS_LENGTH_INCLUDED;
send_len -= 4;
}
}
plen = 1 + send_len;
if (flags & IKEV2_FLAGS_LENGTH_INCLUDED)
plen += 4;
if (data->keys_ready) {
const struct ikev2_integ_alg *integ;
wpa_printf(MSG_DEBUG, "EAP-IKEV2: Add Integrity Checksum "
"Data");
flags |= IKEV2_FLAGS_ICV_INCLUDED;
integ = ikev2_get_integ(data->ikev2.proposal.integ);
if (integ == NULL) {
wpa_printf(MSG_DEBUG, "EAP-IKEV2: Unknown INTEG "
"transform / cannot generate ICV");
return NULL;
}
icv_len = integ->hash_len;
plen += icv_len;
}
req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_IKEV2, plen,
EAP_CODE_REQUEST, id);
if (req == NULL)
return NULL;
wpabuf_put_u8(req, flags); /* Flags */
if (flags & IKEV2_FLAGS_LENGTH_INCLUDED)
wpabuf_put_be32(req, wpabuf_len(data->out_buf));
wpabuf_put_data(req, wpabuf_head_u8(data->out_buf) + data->out_used,
send_len);
data->out_used += send_len;
if (flags & IKEV2_FLAGS_ICV_INCLUDED) {
const u8 *msg = wpabuf_head(req);
size_t len = wpabuf_len(req);
ikev2_integ_hash(data->ikev2.proposal.integ,
data->ikev2.keys.SK_ai,
data->ikev2.keys.SK_integ_len,
msg, len, wpabuf_put(req, icv_len));
}
if (data->out_used == wpabuf_len(data->out_buf)) {
wpa_printf(MSG_DEBUG, "EAP-IKEV2: Sending out %lu bytes "
"(message sent completely)",
(unsigned long) send_len);
wpabuf_free(data->out_buf);
data->out_buf = NULL;
data->out_used = 0;
} else {
wpa_printf(MSG_DEBUG, "EAP-IKEV2: Sending out %lu bytes "
"(%lu more to send)", (unsigned long) send_len,
(unsigned long) wpabuf_len(data->out_buf) -
data->out_used);
eap_ikev2_state(data, WAIT_FRAG_ACK);
}
return req;
}示例8: ikev2_build_sar1
static int ikev2_build_sar1(struct ikev2_responder_data *data,
struct wpabuf *msg, u8 next_payload)
{
struct ikev2_payload_hdr *phdr;
size_t plen;
struct ikev2_proposal *p;
struct ikev2_transform *t;
wpa_printf(MSG_DEBUG, "IKEV2: Adding SAr1 payload");
/* SAr1 - RFC 4306, Sect. 2.7 and 3.3 */
phdr = wpabuf_put(msg, sizeof(*phdr));
phdr->next_payload = next_payload;
phdr->flags = 0;
p = wpabuf_put(msg, sizeof(*p));
#ifdef CCNS_PL
/* Seems to require that the Proposal # is 1 even though RFC 4306
* Sect 3.3.1 has following requirement "When a proposal is accepted,
* all of the proposal numbers in the SA payload MUST be the same and
* MUST match the number on the proposal sent that was accepted.".
*/
p->proposal_num = 1;
#else /* CCNS_PL */
p->proposal_num = data->proposal.proposal_num;
#endif /* CCNS_PL */
p->protocol_id = IKEV2_PROTOCOL_IKE;
p->num_transforms = 4;
t = wpabuf_put(msg, sizeof(*t));
t->type = 3;
t->transform_type = IKEV2_TRANSFORM_ENCR;
WPA_PUT_BE16(t->transform_id, data->proposal.encr);
if (data->proposal.encr == ENCR_AES_CBC) {
/* Transform Attribute: Key Len = 128 bits */
#ifdef CCNS_PL
wpabuf_put_be16(msg, 0x001d); /* ?? */
#else /* CCNS_PL */
wpabuf_put_be16(msg, 0x800e); /* AF=1, AttrType=14 */
#endif /* CCNS_PL */
wpabuf_put_be16(msg, 128); /* 128-bit key */
}
plen = (u8 *) wpabuf_put(msg, 0) - (u8 *) t;
WPA_PUT_BE16(t->transform_length, plen);
t = wpabuf_put(msg, sizeof(*t));
t->type = 3;
WPA_PUT_BE16(t->transform_length, sizeof(*t));
t->transform_type = IKEV2_TRANSFORM_PRF;
WPA_PUT_BE16(t->transform_id, data->proposal.prf);
t = wpabuf_put(msg, sizeof(*t));
t->type = 3;
WPA_PUT_BE16(t->transform_length, sizeof(*t));
t->transform_type = IKEV2_TRANSFORM_INTEG;
WPA_PUT_BE16(t->transform_id, data->proposal.integ);
t = wpabuf_put(msg, sizeof(*t));
WPA_PUT_BE16(t->transform_length, sizeof(*t));
t->transform_type = IKEV2_TRANSFORM_DH;
WPA_PUT_BE16(t->transform_id, data->proposal.dh);
plen = (u8 *) wpabuf_put(msg, 0) - (u8 *) p;
WPA_PUT_BE16(p->proposal_length, plen);
plen = (u8 *) wpabuf_put(msg, 0) - (u8 *) phdr;
WPA_PUT_BE16(phdr->payload_length, plen);
return 0;
}示例9: p2p_build_wps_ie
int p2p_build_wps_ie(struct p2p_data *p2p, struct wpabuf *buf, int pw_id,
int all_attr)
{
u8 *len;
int i;
if (wpabuf_tailroom(buf) < 6)
return -1;
wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC);
len = wpabuf_put(buf, 1);
wpabuf_put_be32(buf, WPS_DEV_OUI_WFA);
if (wps_build_version(buf) < 0)
return -1;
if (all_attr) {
if (wpabuf_tailroom(buf) < 5)
return -1;
wpabuf_put_be16(buf, ATTR_WPS_STATE);
wpabuf_put_be16(buf, 1);
wpabuf_put_u8(buf, WPS_STATE_NOT_CONFIGURED);
}
if (pw_id >= 0) {
if (wpabuf_tailroom(buf) < 6)
return -1;
/* Device Password ID */
wpabuf_put_be16(buf, ATTR_DEV_PASSWORD_ID);
wpabuf_put_be16(buf, 2);
wpa_printf(MSG_DEBUG, "P2P: WPS IE Device Password ID: %d",
pw_id);
wpabuf_put_be16(buf, pw_id);
}
if (all_attr) {
if (wpabuf_tailroom(buf) < 5)
return -1;
wpabuf_put_be16(buf, ATTR_RESPONSE_TYPE);
wpabuf_put_be16(buf, 1);
wpabuf_put_u8(buf, WPS_RESP_ENROLLEE_INFO);
if (wps_build_uuid_e(buf, p2p->cfg->uuid) < 0 ||
p2p_add_wps_string(buf, ATTR_MANUFACTURER,
p2p->cfg->manufacturer) < 0 ||
p2p_add_wps_string(buf, ATTR_MODEL_NAME,
p2p->cfg->model_name) < 0 ||
p2p_add_wps_string(buf, ATTR_MODEL_NUMBER,
p2p->cfg->model_number) < 0 ||
p2p_add_wps_string(buf, ATTR_SERIAL_NUMBER,
p2p->cfg->serial_number) < 0)
return -1;
if (wpabuf_tailroom(buf) < 4 + WPS_DEV_TYPE_LEN)
return -1;
wpabuf_put_be16(buf, ATTR_PRIMARY_DEV_TYPE);
wpabuf_put_be16(buf, WPS_DEV_TYPE_LEN);
wpabuf_put_data(buf, p2p->cfg->pri_dev_type, WPS_DEV_TYPE_LEN);
if (p2p_add_wps_string(buf, ATTR_DEV_NAME, p2p->cfg->dev_name)
< 0)
return -1;
if (wpabuf_tailroom(buf) < 6)
return -1;
wpabuf_put_be16(buf, ATTR_CONFIG_METHODS);
wpabuf_put_be16(buf, 2);
wpabuf_put_be16(buf, p2p->cfg->config_methods);
}
if (wps_build_wfa_ext(buf, 0, NULL, 0) < 0)
return -1;
if (all_attr && p2p->cfg->num_sec_dev_types) {
if (wpabuf_tailroom(buf) <
4 + WPS_DEV_TYPE_LEN * p2p->cfg->num_sec_dev_types)
return -1;
wpabuf_put_be16(buf, ATTR_SECONDARY_DEV_TYPE_LIST);
wpabuf_put_be16(buf, WPS_DEV_TYPE_LEN *
p2p->cfg->num_sec_dev_types);
wpabuf_put_data(buf, p2p->cfg->sec_dev_type,
WPS_DEV_TYPE_LEN *
p2p->cfg->num_sec_dev_types);
}
/* Add the WPS vendor extensions */
for (i = 0; i < P2P_MAX_WPS_VENDOR_EXT; i++) {
if (p2p->wps_vendor_ext[i] == NULL)
break;
if (wpabuf_tailroom(buf) <
4 + wpabuf_len(p2p->wps_vendor_ext[i]))
continue;
wpabuf_put_be16(buf, ATTR_VENDOR_EXT);
wpabuf_put_be16(buf, wpabuf_len(p2p->wps_vendor_ext[i]));
wpabuf_put_buf(buf, p2p->wps_vendor_ext[i]);
}
p2p_buf_update_ie_hdr(buf, len);
return 0;
}示例10: eap_pax_process_std_1
static struct wpabuf * eap_pax_process_std_1(struct eap_pax_data *data,
struct eap_method_ret *ret, u8 id,
const struct eap_pax_hdr *req,
size_t req_plen)
{
struct wpabuf *resp;
const u8 *pos;
u8 *rpos;
size_t left, plen;
wpa_printf(MSG_DEBUG, "EAP-PAX: PAX_STD-1 (received)");
if (data->state != PAX_INIT) {
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-1 received in "
"unexpected state (%d) - ignored", data->state);
ret->ignore = TRUE;
return NULL;
}
if (req->flags & EAP_PAX_FLAGS_CE) {
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-1 with CE flag set - "
"ignored");
ret->ignore = TRUE;
return NULL;
}
left = req_plen - sizeof(*req);
if (left < 2 + EAP_PAX_RAND_LEN) {
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-1 with too short "
"payload");
ret->ignore = TRUE;
return NULL;
}
pos = (const u8 *) (req + 1);
if (WPA_GET_BE16(pos) != EAP_PAX_RAND_LEN) {
wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-1 with incorrect A "
"length %d (expected %d)",
WPA_GET_BE16(pos), EAP_PAX_RAND_LEN);
ret->ignore = TRUE;
return NULL;
}
pos += 2;
left -= 2;
os_memcpy(data->rand.r.x, pos, EAP_PAX_RAND_LEN);
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: X (server rand)",
data->rand.r.x, EAP_PAX_RAND_LEN);
pos += EAP_PAX_RAND_LEN;
left -= EAP_PAX_RAND_LEN;
if (left > 0) {
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: ignored extra payload",
pos, left);
}
if (random_get_bytes(data->rand.r.y, EAP_PAX_RAND_LEN)) {
wpa_printf(MSG_ERROR, "EAP-PAX: Failed to get random data");
ret->ignore = TRUE;
return NULL;
}
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: Y (client rand)",
data->rand.r.y, EAP_PAX_RAND_LEN);
if (eap_pax_initial_key_derivation(req->mac_id, data->ak, data->rand.e,
data->mk, data->ck, data->ick,
data->mid) < 0) {
ret->ignore = TRUE;
return NULL;
}
wpa_printf(MSG_DEBUG, "EAP-PAX: PAX_STD-2 (sending)");
plen = 2 + EAP_PAX_RAND_LEN + 2 + data->cid_len + 2 + EAP_PAX_MAC_LEN +
EAP_PAX_ICV_LEN;
resp = eap_pax_alloc_resp(req, id, EAP_PAX_OP_STD_2, plen);
if (resp == NULL)
return NULL;
wpabuf_put_be16(resp, EAP_PAX_RAND_LEN);
wpabuf_put_data(resp, data->rand.r.y, EAP_PAX_RAND_LEN);
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: B = Y (client rand)",
data->rand.r.y, EAP_PAX_RAND_LEN);
wpabuf_put_be16(resp, data->cid_len);
wpabuf_put_data(resp, data->cid, data->cid_len);
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-PAX: CID",
(u8 *) data->cid, data->cid_len);
wpabuf_put_be16(resp, EAP_PAX_MAC_LEN);
rpos = wpabuf_put(resp, EAP_PAX_MAC_LEN);
eap_pax_mac(req->mac_id, data->ck, EAP_PAX_CK_LEN,
data->rand.r.x, EAP_PAX_RAND_LEN,
data->rand.r.y, EAP_PAX_RAND_LEN,
(u8 *) data->cid, data->cid_len, rpos);
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: MAC_CK(A, B, CID)",
rpos, EAP_PAX_MAC_LEN);
/* Optional ADE could be added here, if needed */
//.........这里部分代码省略.........
示例11: eap_peap_process_phase2
static void eap_peap_process_phase2(struct eap_sm *sm,
struct eap_peap_data *data,
const struct wpabuf *respData,
struct wpabuf *in_buf)
{
struct wpabuf *in_decrypted;
int len_decrypted;
const struct eap_hdr *hdr;
size_t buf_len, len;
u8 *in_data;
size_t in_len;
in_data = wpabuf_mhead(in_buf);
in_len = wpabuf_len(in_buf);
wpa_printf(MSG_DEBUG, "EAP-PEAP: received %lu bytes encrypted data for"
" Phase 2", (unsigned long) in_len);
if (data->pending_phase2_resp) {
wpa_printf(MSG_DEBUG, "EAP-PEAP: Pending Phase 2 response - "
"skip decryption and use old data");
eap_peap_process_phase2_response(sm, data,
data->pending_phase2_resp);
wpabuf_free(data->pending_phase2_resp);
data->pending_phase2_resp = NULL;
return;
}
buf_len = in_len;
/*
* Even though we try to disable TLS compression, it is possible that
* this cannot be done with all TLS libraries. Add extra buffer space
* to handle the possibility of the decrypted data being longer than
* input data.
*/
buf_len += 500;
buf_len *= 3;
in_decrypted = wpabuf_alloc(buf_len);
if (in_decrypted == NULL) {
wpa_printf(MSG_WARNING, "EAP-PEAP: failed to allocate memory "
"for decryption");
return;
}
len_decrypted = tls_connection_decrypt(sm->ssl_ctx, data->ssl.conn,
in_data, in_len,
wpabuf_mhead(in_decrypted),
buf_len);
if (len_decrypted < 0) {
wpa_printf(MSG_INFO, "EAP-PEAP: Failed to decrypt Phase 2 "
"data");
wpabuf_free(in_decrypted);
eap_peap_state(data, FAILURE);
return;
}
wpabuf_put(in_decrypted, len_decrypted);
wpa_hexdump_buf_key(MSG_DEBUG, "EAP-PEAP: Decrypted Phase 2 EAP",
in_decrypted);
hdr = wpabuf_head(in_decrypted);
if (data->peap_version == 0 && data->state != PHASE2_TLV) {
const struct eap_hdr *resp;
struct eap_hdr *nhdr;
struct wpabuf *nbuf =
wpabuf_alloc(sizeof(struct eap_hdr) +
wpabuf_len(in_decrypted));
if (nbuf == NULL) {
wpabuf_free(in_decrypted);
return;
}
resp = wpabuf_head(respData);
nhdr = wpabuf_put(nbuf, sizeof(*nhdr));
nhdr->code = resp->code;
nhdr->identifier = resp->identifier;
nhdr->length = host_to_be16(sizeof(struct eap_hdr) +
wpabuf_len(in_decrypted));
wpabuf_put_buf(nbuf, in_decrypted);
wpabuf_free(in_decrypted);
in_decrypted = nbuf;
} else if (data->peap_version >= 2) {
struct eap_tlv_hdr *tlv;
struct wpabuf *nmsg;
if (wpabuf_len(in_decrypted) < sizeof(*tlv) + sizeof(*hdr)) {
wpa_printf(MSG_INFO, "EAP-PEAPv2: Too short Phase 2 "
"EAP TLV");
wpabuf_free(in_decrypted);
return;
}
tlv = wpabuf_mhead(in_decrypted);
if ((be_to_host16(tlv->tlv_type) & EAP_TLV_TYPE_MASK) !=
EAP_TLV_EAP_PAYLOAD_TLV) {
wpa_printf(MSG_INFO, "EAP-PEAPv2: Not an EAP TLV");
wpabuf_free(in_decrypted);
return;
}
//.........这里部分代码省略.........
示例12: tlsv1_client_decrypt
/**
* tlsv1_client_decrypt - Decrypt data from TLS tunnel
* @conn: TLSv1 client connection data from tlsv1_client_init()
* @in_data: Pointer to input buffer (encrypted TLS data)
* @in_len: Input buffer length
* @need_more_data: Set to 1 if more data would be needed to complete
* processing
* Returns: Decrypted data or %NULL on failure
*
* This function is used after TLS handshake has been completed successfully to
* receive data from the encrypted tunnel.
*/
struct wpabuf * tlsv1_client_decrypt(struct tlsv1_client *conn,
const u8 *in_data, size_t in_len,
int *need_more_data)
{
const u8 *in_end, *pos;
int used;
u8 alert, *out_pos, ct;
size_t olen;
struct wpabuf *buf = NULL;
if (need_more_data)
*need_more_data = 0;
if (conn->partial_input) {
if (wpabuf_resize(&conn->partial_input, in_len) < 0) {
wpa_printf(MSG_DEBUG, "TLSv1: Failed to allocate "
"memory for pending record");
alert = TLS_ALERT_INTERNAL_ERROR;
goto fail;
}
wpabuf_put_data(conn->partial_input, in_data, in_len);
in_data = wpabuf_head(conn->partial_input);
in_len = wpabuf_len(conn->partial_input);
}
pos = in_data;
in_end = in_data + in_len;
while (pos < in_end) {
ct = pos[0];
if (wpabuf_resize(&buf, in_end - pos) < 0) {
alert = TLS_ALERT_INTERNAL_ERROR;
goto fail;
}
out_pos = wpabuf_put(buf, 0);
olen = wpabuf_tailroom(buf);
used = tlsv1_record_receive(&conn->rl, pos, in_end - pos,
out_pos, &olen, &alert);
if (used < 0) {
wpa_printf(MSG_DEBUG, "TLSv1: Record layer processing "
"failed");
goto fail;
}
if (used == 0) {
struct wpabuf *partial;
wpa_printf(MSG_DEBUG, "TLSv1: Need more data");
partial = wpabuf_alloc_copy(pos, in_end - pos);
wpabuf_free(conn->partial_input);
conn->partial_input = partial;
if (conn->partial_input == NULL) {
wpa_printf(MSG_DEBUG, "TLSv1: Failed to "
"allocate memory for pending "
"record");
alert = TLS_ALERT_INTERNAL_ERROR;
goto fail;
}
if (need_more_data)
*need_more_data = 1;
return buf;
}
if (ct == TLS_CONTENT_TYPE_ALERT) {
if (olen < 2) {
wpa_printf(MSG_DEBUG, "TLSv1: Alert "
"underflow");
alert = TLS_ALERT_DECODE_ERROR;
goto fail;
}
wpa_printf(MSG_DEBUG, "TLSv1: Received alert %d:%d",
out_pos[0], out_pos[1]);
if (out_pos[0] == TLS_ALERT_LEVEL_WARNING) {
/* Continue processing */
pos += used;
continue;
}
alert = out_pos[1];
goto fail;
}
if (ct != TLS_CONTENT_TYPE_APPLICATION_DATA) {
wpa_printf(MSG_DEBUG, "TLSv1: Unexpected content type "
"0x%x when decrypting application data",
pos[0]);
alert = TLS_ALERT_UNEXPECTED_MESSAGE;
goto fail;
}
//.........这里部分代码省略.........
示例13: eap_eke_build_commit
static struct wpabuf * eap_eke_build_commit(struct eap_sm *sm,
struct eap_eke_data *data, u8 id)
{
struct wpabuf *msg;
u8 pub[EAP_EKE_MAX_DH_LEN];
wpa_printf(MSG_DEBUG, "EAP-EKE: Request/Commit");
if (sm->user == NULL || sm->user->password == NULL) {
wpa_printf(MSG_INFO, "EAP-EKE: Password with not configured");
eap_eke_fail(data, EAP_EKE_FAIL_PASSWD_NOT_FOUND);
return eap_eke_build_failure(data, id);
}
if (eap_eke_derive_key(&data->sess, sm->user->password,
sm->user->password_len,
sm->server_id, sm->server_id_len,
data->peerid, data->peerid_len, data->key) < 0) {
wpa_printf(MSG_INFO, "EAP-EKE: Failed to derive key");
eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);
return eap_eke_build_failure(data, id);
}
msg = eap_eke_build_msg(data, id, data->sess.dhcomp_len,
EAP_EKE_COMMIT);
if (msg == NULL) {
eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);
return eap_eke_build_failure(data, id);
}
/*
* y_s = g ^ x_s (mod p)
* x_s = random number 2 .. p-1
* temp = prf(0+, password)
* key = prf+(temp, ID_S | ID_P)
* DHComponent_S = Encr(key, y_s)
*/
if (eap_eke_dh_init(data->sess.dhgroup, data->dh_priv, pub) < 0) {
wpa_printf(MSG_INFO, "EAP-EKE: Failed to initialize DH");
eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);
return eap_eke_build_failure(data, id);
}
if (eap_eke_dhcomp(&data->sess, data->key, pub,
wpabuf_put(msg, data->sess.dhcomp_len))
< 0) {
wpa_printf(MSG_INFO, "EAP-EKE: Failed to build DHComponent_S");
wpabuf_free(msg);
eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);
return eap_eke_build_failure(data, id);
}
if (wpabuf_resize(&data->msgs, wpabuf_len(msg)) < 0) {
wpabuf_free(msg);
eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);
return eap_eke_build_failure(data, id);
}
wpabuf_put_buf(data->msgs, msg);
return msg;
}示例14: eap_psk_process_1
static struct wpabuf * eap_psk_process_1(struct eap_psk_data *data,
struct eap_method_ret *ret,
const struct wpabuf *reqData)
{
const struct eap_psk_hdr_1 *hdr1;
struct eap_psk_hdr_2 *hdr2;
struct wpabuf *resp;
u8 *buf, *pos;
size_t buflen, len;
const u8 *cpos;
wpa_printf(MSG_DEBUG, "EAP-PSK: in INIT state");
cpos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_PSK, reqData, &len);
hdr1 = (const struct eap_psk_hdr_1 *) cpos;
if (cpos == NULL || len < sizeof(*hdr1)) {
wpa_printf(MSG_INFO, "EAP-PSK: Invalid first message "
"length (%lu; expected %lu or more)",
(unsigned long) len,
(unsigned long) sizeof(*hdr1));
ret->ignore = TRUE;
return NULL;
}
wpa_printf(MSG_DEBUG, "EAP-PSK: Flags=0x%x", hdr1->flags);
if (EAP_PSK_FLAGS_GET_T(hdr1->flags) != 0) {
wpa_printf(MSG_INFO, "EAP-PSK: Unexpected T=%d (expected 0)",
EAP_PSK_FLAGS_GET_T(hdr1->flags));
ret->methodState = METHOD_DONE;
ret->decision = DECISION_FAIL;
return NULL;
}
wpa_hexdump(MSG_DEBUG, "EAP-PSK: RAND_S", hdr1->rand_s,
EAP_PSK_RAND_LEN);
os_free(data->id_s);
data->id_s_len = len - sizeof(*hdr1);
data->id_s = os_malloc(data->id_s_len);
if (data->id_s == NULL) {
wpa_printf(MSG_ERROR, "EAP-PSK: Failed to allocate memory for "
"ID_S (len=%lu)", (unsigned long) data->id_s_len);
ret->ignore = TRUE;
return NULL;
}
os_memcpy(data->id_s, (u8 *) (hdr1 + 1), data->id_s_len);
wpa_hexdump_ascii(MSG_DEBUG, "EAP-PSK: ID_S",
data->id_s, data->id_s_len);
if (os_get_random(data->rand_p, EAP_PSK_RAND_LEN)) {
wpa_printf(MSG_ERROR, "EAP-PSK: Failed to get random data");
ret->ignore = TRUE;
return NULL;
}
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_PSK,
sizeof(*hdr2) + data->id_p_len, EAP_CODE_RESPONSE,
eap_get_id(reqData));
if (resp == NULL)
return NULL;
hdr2 = wpabuf_put(resp, sizeof(*hdr2));
hdr2->flags = EAP_PSK_FLAGS_SET_T(1); /* T=1 */
os_memcpy(hdr2->rand_s, hdr1->rand_s, EAP_PSK_RAND_LEN);
os_memcpy(hdr2->rand_p, data->rand_p, EAP_PSK_RAND_LEN);
wpabuf_put_data(resp, data->id_p, data->id_p_len);
/* MAC_P = OMAC1-AES-128(AK, ID_P||ID_S||RAND_S||RAND_P) */
buflen = data->id_p_len + data->id_s_len + 2 * EAP_PSK_RAND_LEN;
buf = os_malloc(buflen);
if (buf == NULL) {
wpabuf_free(resp);
return NULL;
}
os_memcpy(buf, data->id_p, data->id_p_len);
pos = buf + data->id_p_len;
os_memcpy(pos, data->id_s, data->id_s_len);
pos += data->id_s_len;
os_memcpy(pos, hdr1->rand_s, EAP_PSK_RAND_LEN);
pos += EAP_PSK_RAND_LEN;
os_memcpy(pos, data->rand_p, EAP_PSK_RAND_LEN);
if (omac1_aes_128(data->ak, buf, buflen, hdr2->mac_p)) {
os_free(buf);
wpabuf_free(resp);
return NULL;
}
os_free(buf);
wpa_hexdump(MSG_DEBUG, "EAP-PSK: RAND_P", hdr2->rand_p,
EAP_PSK_RAND_LEN);
wpa_hexdump(MSG_DEBUG, "EAP-PSK: MAC_P", hdr2->mac_p, EAP_PSK_MAC_LEN);
wpa_hexdump_ascii(MSG_DEBUG, "EAP-PSK: ID_P",
data->id_p, data->id_p_len);
data->state = PSK_MAC_SENT;
return resp;
}示例15: eap_fast_build_crypto_binding
static struct wpabuf * eap_fast_build_crypto_binding(
struct eap_sm *sm, struct eap_fast_data *data)
{
struct wpabuf *buf;
struct eap_tlv_result_tlv *result;
struct eap_tlv_crypto_binding_tlv *binding;
buf = wpabuf_alloc(2 * sizeof(*result) + sizeof(*binding));
if (buf == NULL)
return NULL;
if (data->send_new_pac || data->anon_provisioning ||
data->phase2_method)
data->final_result = 0;
else
data->final_result = 1;
if (!data->final_result || data->eap_seq > 1) {
/* Intermediate-Result */
wpa_printf(MSG_DEBUG, "EAP-FAST: Add Intermediate-Result TLV "
"(status=SUCCESS)");
result = wpabuf_put(buf, sizeof(*result));
result->tlv_type = host_to_be16(
EAP_TLV_TYPE_MANDATORY |
EAP_TLV_INTERMEDIATE_RESULT_TLV);
result->length = host_to_be16(2);
result->status = host_to_be16(EAP_TLV_RESULT_SUCCESS);
}
if (data->final_result) {
/* Result TLV */
wpa_printf(MSG_DEBUG, "EAP-FAST: Add Result TLV "
"(status=SUCCESS)");
result = wpabuf_put(buf, sizeof(*result));
result->tlv_type = host_to_be16(EAP_TLV_TYPE_MANDATORY |
EAP_TLV_RESULT_TLV);
result->length = host_to_be16(2);
result->status = host_to_be16(EAP_TLV_RESULT_SUCCESS);
}
/* Crypto-Binding TLV */
binding = wpabuf_put(buf, sizeof(*binding));
binding->tlv_type = host_to_be16(EAP_TLV_TYPE_MANDATORY |
EAP_TLV_CRYPTO_BINDING_TLV);
binding->length = host_to_be16(sizeof(*binding) -
sizeof(struct eap_tlv_hdr));
binding->version = EAP_FAST_VERSION;
binding->received_version = data->peer_version;
binding->subtype = EAP_TLV_CRYPTO_BINDING_SUBTYPE_REQUEST;
if (random_get_bytes(binding->nonce, sizeof(binding->nonce)) < 0) {
wpabuf_free(buf);
return NULL;
}
/*
* RFC 4851, Section 4.2.8:
* The nonce in a request MUST have its least significant bit set to 0.
*/
binding->nonce[sizeof(binding->nonce) - 1] &= ~0x01;
os_memcpy(data->crypto_binding_nonce, binding->nonce,
sizeof(binding->nonce));
/*
* RFC 4851, Section 5.3:
* CMK = CMK[j]
* Compound-MAC = HMAC-SHA1( CMK, Crypto-Binding TLV )
*/
hmac_sha1(data->cmk, EAP_FAST_CMK_LEN,
(u8 *) binding, sizeof(*binding),
binding->compound_mac);
wpa_printf(MSG_DEBUG, "EAP-FAST: Add Crypto-Binding TLV: Version %d "
"Received Version %d SubType %d",
binding->version, binding->received_version,
binding->subtype);
wpa_hexdump(MSG_MSGDUMP, "EAP-FAST: NONCE",
binding->nonce, sizeof(binding->nonce));
wpa_hexdump(MSG_MSGDUMP, "EAP-FAST: Compound MAC",
binding->compound_mac, sizeof(binding->compound_mac));
return buf;
}