Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 1,3,5,7 - это сообщения Enrolle
- #Building Message M1
- static struct wpabuf * wps_build_m1(struct wps_data *wps)
- {
- struct wpabuf *msg;
- u16 methods;
- if (os_get_random(wps->nonce_e, WPS_NONCE_LEN) < 0)
- return NULL;
- wpa_hexdump(MSG_DEBUG, "WPS: Enrollee Nonce",
- wps->nonce_e, WPS_NONCE_LEN);
- wpa_printf(MSG_DEBUG, "WPS: Building Message M1");
- msg = wpabuf_alloc(1000);
- if (msg == NULL)
- return NULL;
- methods = WPS_CONFIG_LABEL | WPS_CONFIG_DISPLAY | WPS_CONFIG_KEYPAD;
- if (wps->pbc)
- methods |= WPS_CONFIG_PUSHBUTTON;
- if (wps_build_version(msg) ||
- wps_build_msg_type(msg, WPS_M1) ||
- wps_build_uuid_e(msg, wps->uuid_e) ||
- wps_build_mac_addr(wps, msg) ||
- wps_build_enrollee_nonce(wps, msg) ||
- wps_build_public_key(wps, msg) ||
- wps_build_auth_type_flags(wps, msg) ||
- wps_build_encr_type_flags(wps, msg) ||
- wps_build_conn_type_flags(wps, msg) ||
- wps_build_config_methods(msg, methods) ||
- wps_build_wps_state(wps, msg) ||
- wps_build_device_attrs(&wps->wps->dev, msg) ||
- wps_build_rf_bands(&wps->wps->dev, msg) ||
- wps_build_assoc_state(wps, msg) ||
- wps_build_dev_password_id(msg, wps->dev_pw_id) ||
- wps_build_config_error(msg, WPS_CFG_NO_ERROR) ||
- wps_build_os_version(&wps->wps->dev, msg)) {
- wpabuf_free(msg);
- return NULL;
- }
- wps->state = RECV_M2;
- return msg;
- }
- #Building Message M3
- static struct wpabuf * wps_build_m3(struct wps_data *wps)
- {
- struct wpabuf *msg;
- wpa_printf(MSG_DEBUG, "WPS: Building Message M3");
- if (wps->dev_password == NULL) {
- wpa_printf(MSG_DEBUG, "WPS: No Device Password available");
- return NULL;
- }
- wps_derive_psk(wps, wps->dev_password, wps->dev_password_len);
- msg = wpabuf_alloc(1000);
- if (msg == NULL)
- return NULL;
- if (wps_build_version(msg) ||
- wps_build_msg_type(msg, WPS_M3) ||
- wps_build_registrar_nonce(wps, msg) ||
- wps_build_e_hash(wps, msg) ||
- wps_build_authenticator(wps, msg)) {
- wpabuf_free(msg);
- return NULL;
- }
- wps->state = RECV_M4;
- return msg;
- }
- #Building Message M5
- static struct wpabuf * wps_build_m5(struct wps_data *wps)
- {
- struct wpabuf *msg, *plain;
- wpa_printf(MSG_DEBUG, "WPS: Building Message M5");
- plain = wpabuf_alloc(200);
- if (plain == NULL)
- return NULL;
- msg = wpabuf_alloc(1000);
- if (msg == NULL) {
- wpabuf_free(plain);
- return NULL;
- }
- if (wps_build_version(msg) ||
- wps_build_msg_type(msg, WPS_M5) ||
- wps_build_registrar_nonce(wps, msg) ||
- wps_build_e_snonce1(wps, plain) ||
- wps_build_key_wrap_auth(wps, plain) ||
- wps_build_encr_settings(wps, msg, plain) ||
- wps_build_authenticator(wps, msg)) {
- wpabuf_free(plain);
- wpabuf_free(msg);
- return NULL;
- }
- wpabuf_free(plain);
- wps->state = RECV_M6;
- return msg;
- }
- #Building Message M7
- static struct wpabuf * wps_build_m7(struct wps_data *wps)
- {
- struct wpabuf *msg, *plain;
- wpa_printf(MSG_DEBUG, "WPS: Building Message M7");
- plain = wpabuf_alloc(500 + wps->wps->ap_settings_len);
- if (plain == NULL)
- return NULL;
- msg = wpabuf_alloc(1000 + wps->wps->ap_settings_len);
- if (msg == NULL) {
- wpabuf_free(plain);
- return NULL;
- }
- if (wps_build_version(msg) ||
- wps_build_msg_type(msg, WPS_M7) ||
- wps_build_registrar_nonce(wps, msg) ||
- wps_build_e_snonce2(wps, plain) ||
- (wps->wps->ap && wps_build_ap_settings(wps, plain)) ||
- wps_build_key_wrap_auth(wps, plain) ||
- wps_build_encr_settings(wps, msg, plain) ||
- wps_build_authenticator(wps, msg)) {
- wpabuf_free(plain);
- wpabuf_free(msg);
- return NULL;
- }
- wpabuf_free(plain);
- wps->state = RECV_M8;
- return msg;
- }
- --------------------------------------------------------------------------=============---------------------------------------------
- 2,4,6,8 - сообщения Registrar
- #Building Message M2
- static struct wpabuf * wps_build_m2(struct wps_data *wps)
- {
- struct wpabuf *msg;
- if (os_get_random(wps->nonce_r, WPS_NONCE_LEN) < 0)
- return NULL;
- wpa_hexdump(MSG_DEBUG, "WPS: Registrar Nonce",
- wps->nonce_r, WPS_NONCE_LEN);
- wpa_hexdump(MSG_DEBUG, "WPS: UUID-R", wps->uuid_r, WPS_UUID_LEN);
- wpa_printf(MSG_DEBUG, "WPS: Building Message M2");
- msg = wpabuf_alloc(1000);
- if (msg == NULL)
- return NULL;
- if (wps_build_version(msg) ||
- wps_build_msg_type(msg, WPS_M2) ||
- wps_build_enrollee_nonce(wps, msg) ||
- wps_build_registrar_nonce(wps, msg) ||
- wps_build_uuid_r(wps, msg) ||
- wps_build_public_key(wps, msg) ||
- wps_derive_keys(wps) ||
- wps_build_auth_type_flags(wps, msg) ||
- wps_build_encr_type_flags(wps, msg) ||
- wps_build_conn_type_flags(wps, msg) ||
- wps_build_config_methods_r(wps->wps->registrar, msg) ||
- wps_build_device_attrs(&wps->wps->dev, msg) ||
- wps_build_rf_bands(&wps->wps->dev, msg) ||
- wps_build_assoc_state(wps, msg) ||
- wps_build_config_error(msg, WPS_CFG_NO_ERROR) ||
- wps_build_dev_password_id(msg, wps->dev_pw_id) ||
- wps_build_os_version(&wps->wps->dev, msg) ||
- wps_build_authenticator(wps, msg)) {
- wpabuf_free(msg);
- return NULL;
- }
- wps->state = RECV_M3;
- return msg;
- }
- #Building Message M4
- static struct wpabuf * wps_build_m4(struct wps_data *wps)
- {
- struct wpabuf *msg, *plain;
- wpa_printf(MSG_DEBUG, "WPS: Building Message M4");
- wps_derive_psk(wps, wps->dev_password, wps->dev_password_len);
- plain = wpabuf_alloc(200);
- if (plain == NULL)
- return NULL;
- msg = wpabuf_alloc(1000);
- if (msg == NULL) {
- wpabuf_free(plain);
- return NULL;
- }
- if (wps_build_version(msg) ||
- wps_build_msg_type(msg, WPS_M4) ||
- wps_build_enrollee_nonce(wps, msg) ||
- wps_build_r_hash(wps, msg) ||
- wps_build_r_snonce1(wps, plain) ||
- wps_build_key_wrap_auth(wps, plain) ||
- wps_build_encr_settings(wps, msg, plain) ||
- wps_build_authenticator(wps, msg)) {
- wpabuf_free(plain);
- wpabuf_free(msg);
- return NULL;
- }
- wpabuf_free(plain);
- wps->state = RECV_M5;
- return msg;
- }
- #Building Message M6
- static struct wpabuf * wps_build_m6(struct wps_data *wps)
- {
- struct wpabuf *msg, *plain;
- wpa_printf(MSG_DEBUG, "WPS: Building Message M6");
- plain = wpabuf_alloc(200);
- if (plain == NULL)
- return NULL;
- msg = wpabuf_alloc(1000);
- if (msg == NULL) {
- wpabuf_free(plain);
- return NULL;
- }
- if (wps_build_version(msg) ||
- wps_build_msg_type(msg, WPS_M6) ||
- wps_build_enrollee_nonce(wps, msg) ||
- wps_build_r_snonce2(wps, plain) ||
- wps_build_key_wrap_auth(wps, plain) ||
- wps_build_encr_settings(wps, msg, plain) ||
- wps_build_authenticator(wps, msg)) {
- wpabuf_free(plain);
- wpabuf_free(msg);
- return NULL;
- }
- wpabuf_free(plain);
- wps->wps_pin_revealed = 1;
- wps->state = RECV_M7;
- return msg;
- }
- #Building Message M8
- static struct wpabuf * wps_build_m8(struct wps_data *wps)
- {
- struct wpabuf *msg, *plain;
- wpa_printf(MSG_DEBUG, "WPS: Building Message M8");
- plain = wpabuf_alloc(500);
- if (plain == NULL)
- return NULL;
- msg = wpabuf_alloc(1000);
- if (msg == NULL) {
- wpabuf_free(plain);
- return NULL;
- }
- if (wps_build_version(msg) ||
- wps_build_msg_type(msg, WPS_M8) ||
- wps_build_enrollee_nonce(wps, msg) ||
- (wps->wps->ap && wps_build_cred(wps, plain)) ||
- (!wps->wps->ap && wps_build_ap_settings(wps, plain)) ||
- wps_build_key_wrap_auth(wps, plain) ||
- wps_build_encr_settings(wps, msg, plain) ||
- wps_build_authenticator(wps, msg)) {
- wpabuf_free(plain);
- wpabuf_free(msg);
- return NULL;
- }
- wpabuf_free(plain);
- wps->state = RECV_DONE;
- return msg;
- }
- Enrolle и Registrar используют похожие функции построения nonce
- int wps_build_enrollee_nonce(struct wps_data *wps, struct wpabuf *msg)
- {
- wpa_printf(MSG_DEBUG, "WPS: * Enrollee Nonce");
- wpabuf_put_be16(msg, ATTR_ENROLLEE_NONCE);
- wpabuf_put_be16(msg, WPS_NONCE_LEN);
- wpabuf_put_data(msg, wps->nonce_e, WPS_NONCE_LEN);
- return 0;
- }
- и Enrolle и Registrar испольуют для генерации nonce E и nonce R следующие функции
- static int wps_process_e_snonce1(struct wps_data *wps, const u8 *e_snonce1)
- {
- u8 hash[SHA256_MAC_LEN];
- const u8 *addr[4];
- size_t len[4];
- if (e_snonce1 == NULL) {
- wpa_printf(MSG_DEBUG, "WPS: No E-SNonce1 received");
- return -1;
- }
- wpa_hexdump_key(MSG_DEBUG, "WPS: E-SNonce1", e_snonce1,
- WPS_SECRET_NONCE_LEN);
- /* E-Hash1 = HMAC_AuthKey(E-S1 || PSK1 || PK_E || PK_R) */
- addr[0] = e_snonce1;
- len[0] = WPS_SECRET_NONCE_LEN;
- addr[1] = wps->psk1;
- len[1] = WPS_PSK_LEN;
- addr[2] = wpabuf_head(wps->dh_pubkey_e);
- len[2] = wpabuf_len(wps->dh_pubkey_e);
- addr[3] = wpabuf_head(wps->dh_pubkey_r);
- len[3] = wpabuf_len(wps->dh_pubkey_r);
- hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 4, addr, len, hash);
- if (os_memcmp(wps->peer_hash1, hash, WPS_HASH_LEN) != 0) {
- wpa_printf(MSG_DEBUG, "WPS: E-Hash1 derived from E-S1 does "
- "not match with the pre-committed value");
- wps->config_error = WPS_CFG_DEV_PASSWORD_AUTH_FAILURE;
- wps_pwd_auth_fail_event(wps->wps, 0, 1);
- return -1;
- }
- wpa_printf(MSG_DEBUG, "WPS: Enrollee proved knowledge of the first "
- "half of the device password");
- return 0;
- }
- static int wps_process_e_snonce2(struct wps_data *wps, const u8 *e_snonce2)
- {
- u8 hash[SHA256_MAC_LEN];
- const u8 *addr[4];
- size_t len[4];
- if (e_snonce2 == NULL) {
- wpa_printf(MSG_DEBUG, "WPS: No E-SNonce2 received");
- return -1;
- }
- wpa_hexdump_key(MSG_DEBUG, "WPS: E-SNonce2", e_snonce2,
- WPS_SECRET_NONCE_LEN);
- /* E-Hash2 = HMAC_AuthKey(E-S2 || PSK2 || PK_E || PK_R) */
- addr[0] = e_snonce2;
- len[0] = WPS_SECRET_NONCE_LEN;
- addr[1] = wps->psk2;
- len[1] = WPS_PSK_LEN;
- addr[2] = wpabuf_head(wps->dh_pubkey_e);
- len[2] = wpabuf_len(wps->dh_pubkey_e);
- addr[3] = wpabuf_head(wps->dh_pubkey_r);
- len[3] = wpabuf_len(wps->dh_pubkey_r);
- hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 4, addr, len, hash);
- if (os_memcmp(wps->peer_hash2, hash, WPS_HASH_LEN) != 0) {
- wpa_printf(MSG_DEBUG, "WPS: E-Hash2 derived from E-S2 does "
- "not match with the pre-committed value");
- wps_registrar_invalidate_pin(wps->wps->registrar, wps->uuid_e);
- wps->config_error = WPS_CFG_DEV_PASSWORD_AUTH_FAILURE;
- wps_pwd_auth_fail_event(wps->wps, 0, 2);
- return -1;
- }
- wpa_printf(MSG_DEBUG, "WPS: Enrollee proved knowledge of the second "
- "half of the device password");
- wps->wps_pin_revealed = 0;
- wps_registrar_unlock_pin(wps->wps->registrar, wps->uuid_e);
- return 0;
- }
- # и генерят через функции
- static int wps_build_e_snonce1(struct wps_data *wps, struct wpabuf *msg)
- {
- wpa_printf(MSG_DEBUG, "WPS: * E-SNonce1");
- wpabuf_put_be16(msg, ATTR_E_SNONCE1);
- wpabuf_put_be16(msg, WPS_SECRET_NONCE_LEN);
- wpabuf_put_data(msg, wps->snonce, WPS_SECRET_NONCE_LEN);
- return 0;
- }
- static int wps_build_e_snonce2(struct wps_data *wps, struct wpabuf *msg)
- {
- wpa_printf(MSG_DEBUG, "WPS: * E-SNonce2");
- wpabuf_put_be16(msg, ATTR_E_SNONCE2);
- wpabuf_put_be16(msg, WPS_SECRET_NONCE_LEN);
- wpabuf_put_data(msg, wps->snonce + WPS_SECRET_NONCE_LEN,
- WPS_SECRET_NONCE_LEN);
- return 0;
- }
- wpabuf_put кладет значение nonce в буфер
- еперед этим сгенерировав обычной функцией
- /**
- * os_random - Get pseudo random value (not necessarily very strong)
- * Returns: Pseudo random value
- */
- unsigned long os_random(void)
- {
- return random();
- }
- --------------------------==================----------------------------
- Supported devices:
- RT-N66U
- RT-AC66U
- RT-AC66U_B1 (use the RT-AC68U firmware)
- RT-AC56U
- RT-AC68U, RT-AC68P, RT-AC68UF (including HW revision C1 and E1)
- RT-AC87U
- RT-AC3200
- RT-AC88U
- RT-AC3100
- RT-AC5300
- RT-AC1900 & RT-AC1900P (use the RT-AC68U firmware)
- Supported devices:
- RT-AC88U
- RT-AC3100
- RT-AC86U
- No longer supported:
- RT-N16
- void linux_random(uint8 *rand, int len)
- {
- static int dev_random_fd = -1;
- int status;
- int i;
- if (dev_random_fd == -1)
- dev_random_fd = open("/dev/urandom", O_RDONLY|O_NONBLOCK);
- assert(dev_random_fd != -1);
- for (i = 0; i < RANDOM_READ_TRY_MAX; i++) {
- status = read(dev_random_fd, rand, len);
- if (status == -1) {
- if (errno == EINTR)
- continue;
- assert(status != -1);
- }
- return;
- }
- assert(i != RANDOM_READ_TRY_MAX);
- }
- #elif __ECOS
- void RAND_ecos_init()
- {
- BN_register_RAND(generic_random);
- }
- #elif WIN32
- void RAND_windows_init()
- {
- BN_register_RAND(windows_random);
- }
- void windows_random(uint8 *rand, int len)
- {
- /* Declare and initialize variables */
- HCRYPTPROV hCryptProv = NULL;
- LPCSTR UserName = "{56E9D11F-76B8-42fa-8645-76980E4E8648}";
- /*
- Attempt to acquire a context and a key
- container. The context will use the default CSP
- for the RSA_FULL provider type. DwFlags is set to 0
- to attempt to open an existing key container.
- */
- if (CryptAcquireContext(&hCryptProv,
- UserName,
- NULL,
- PROV_RSA_FULL,
- 0))
- {
- /* do nothing */
- }
- else
- {
- /*
- An error occurred in acquiring the context. This could mean
- that the key container requested does not exist. In this case,
- the function can be called again to attempt to create a new key
- container. Error codes are defined in winerror.h.
- */
- if (GetLastError() == NTE_BAD_KEYSET)
- {
- if (!CryptAcquireContext(&hCryptProv,
- UserName,
- NULL,
- PROV_RSA_FULL,
- CRYPT_NEWKEYSET))
- {
- printf("Could not create a new key container.\n");
- }
- }
- else
- {
- printf("A cryptographic service handle could not be acquired.\n");
- }
- }
- if (hCryptProv)
- {
- /* Generate a random initialization vector. */
- if (!CryptGenRandom(hCryptProv, len, rand))
- {
- printf("Error during CryptGenRandom.\n");
- }
- if (!CryptReleaseContext(hCryptProv, 0))
- printf("Failed CryptReleaseContext\n");
- }
- return;
- }
- #как я понял для realtek 2860 и 2870
- void GenRandom(struct rt_rtmp_adapter *pAd, u8 * macAddr, u8 * random)
- {
- int i, curr;
- u8 local[80], KeyCounter[32];
- u8 result[80];
- unsigned long CurrentTime;
- u8 prefix[] =
- { 'I', 'n', 'i', 't', ' ', 'C', 'o', 'u', 'n', 't', 'e', 'r' };
- /* Zero the related information */
- NdisZeroMemory(result, 80);
- NdisZeroMemory(local, 80);
- NdisZeroMemory(KeyCounter, 32);
- for (i = 0; i < 32; i++) {
- /* copy the local MAC address */
- COPY_MAC_ADDR(local, macAddr);
- curr = MAC_ADDR_LEN;
- /* concatenate the current time */
- NdisGetSystemUpTime(&CurrentTime);
- NdisMoveMemory(&local[curr], &CurrentTime, sizeof(CurrentTime));
- curr += sizeof(CurrentTime);
- /* concatenate the last result */
- NdisMoveMemory(&local[curr], result, 32);
- curr += 32;
- /* concatenate a variable */
- NdisMoveMemory(&local[curr], &i, 2);
- curr += 2;
- /* calculate the result */
- PRF(KeyCounter, 32, prefix, 12, local, curr, result, 32);
- }
- NdisMoveMemory(random, result, 32);
- }
- # nonce генерится както так
- `GCRY_WEAK_RANDOM'
- For all functions, except for `gcry_mpi_randomize', this level maps
- to GCRY_STRONG_RANDOM. If you do not want this, consider using
- `gcry_create_nonce'.
- /* Create an unpredicable nonce of LENGTH bytes in BUFFER. */
- void
- gcry_create_nonce (void *buffer, size_t length)
- {
- if (fips_mode ())
- _gcry_rngfips_create_nonce (buffer, length);
- else
- _gcry_rngcsprng_create_nonce (buffer, length);
- }
- ------------------------------------------==================
- # ВОТ ТАК ВОТ ГЕНЕРИТСЯ ВСЕ
- /* Create an unpredicable nonce of LENGTH bytes in BUFFER. */
- void
- _gcry_rngcsprng_create_nonce (void *buffer, size_t length)
- {
- static unsigned char nonce_buffer[20+8];
- static int nonce_buffer_initialized = 0;
- static volatile pid_t my_pid; /* The volatile is there to make sure the
- compiler does not optimize the code away
- in case the getpid function is badly
- attributed. */
- volatile pid_t apid;
- unsigned char *p;
- size_t n;
- int err;
- /* Make sure we are initialized. */
- initialize ();
- #ifdef USE_RANDOM_DAEMON
- if (allow_daemon
- && !_gcry_daemon_create_nonce (daemon_socket_name, buffer, length))
- return; /* The daemon succeeded. */
- allow_daemon = 0; /* Daemon failed - switch off. */
- #endif /*USE_RANDOM_DAEMON*/
- /* Acquire the nonce buffer lock. */
- err = ath_mutex_lock (&nonce_buffer_lock);
- if (err)
- log_fatal ("failed to acquire the nonce buffer lock: %s\n",
- strerror (err));
- apid = getpid ();
- /* The first time initialize our buffer. */
- if (!nonce_buffer_initialized)
- {
- time_t atime = time (NULL);
- pid_t xpid = apid;
- my_pid = apid;
- if ((sizeof apid + sizeof atime) > sizeof nonce_buffer)
- BUG ();
- /* Initialize the first 20 bytes with a reasonable value so that
- a failure of gcry_randomize won't affect us too much. Don't
- care about the uninitialized remaining bytes. */
- p = nonce_buffer;
- memcpy (p, &xpid, sizeof xpid);
- p += sizeof xpid;
- memcpy (p, &atime, sizeof atime);
- /* Initialize the never changing private part of 64 bits. */
- gcry_randomize (nonce_buffer+20, 8, GCRY_WEAK_RANDOM);
- nonce_buffer_initialized = 1;
- }
- else if ( my_pid != apid )
- {
- /* We forked. Need to reseed the buffer - doing this for the
- private part should be sufficient. */
- gcry_randomize (nonce_buffer+20, 8, GCRY_WEAK_RANDOM);
- /* Update the pid so that we won't run into here again and
- again. */
- my_pid = apid;
- }
- /* Create the nonce by hashing the entire buffer, returning the hash
- and updating the first 20 bytes of the buffer with this hash. */
- for (p = buffer; length > 0; length -= n, p += n)
- {
- _gcry_sha1_hash_buffer (nonce_buffer,
- nonce_buffer, sizeof nonce_buffer);
- n = length > 20? 20 : length;
- memcpy (p, nonce_buffer, n);
- }
- /* Release the nonce buffer lock. */
- err = ath_mutex_unlock (&nonce_buffer_lock);
- if (err)
- log_fatal ("failed to release the nonce buffer lock: %s\n",
- strerror (err));
- }
- -----------------------------------
- # проверяется nonce вот так
- static void
- check_nonce (void)
- {
- char a[32], b[32];
- int i,j;
- int oops=0;
- if (verbose)
- fprintf (stderr, "checking gcry_create_nonce\n");
- gcry_create_nonce (a, sizeof a);
- for (i=0; i < 10; i++)
- {
- gcry_create_nonce (b, sizeof b);
- if (!memcmp (a, b, sizeof a))
- die ("identical nounce found\n");
- }
- for (i=0; i < 10; i++)
- {
- gcry_create_nonce (a, sizeof a);
- if (!memcmp (a, b, sizeof a))
- die ("identical nounce found\n");
- }
- again:
- for (i=1,j=0; i < sizeof a; i++)
- if (a[0] == a[i])
- j++;
- if (j+1 == sizeof (a))
- {
- if (oops)
- die ("impossible nonce found\n");
- oops++;
- gcry_create_nonce (a, sizeof a);
- goto again;
- }
- }
Add Comment
Please, Sign In to add comment