WPA on laptops running FreeBSD 5.3 (hacked a custom driver but
having trouble)
Arvind Srinivasan
arvind1 at gmail.com
Thu Mar 10 21:22:53 PST 2005
Thanks. The link is definitely up and the router is sending packets
back to the card
but they are garbled. I think I may have messed up the encryption? How
do the Linksys and Netgear routers convert the ascii passphrase into a
PSK?
On the laptop, I used pbkdf2_sha1 to convert an ascii password into a
256-bit PSK:
pbkdf2_sha1(passphrase, ssid, strlen(ssid), 4096, psk, 32);
Then I used the first 128 bits of psk as the encryption key, the next
64 bits as the receive MIC key and the last 64 bits as the transmit
key (supplicant mode) to set the key in the NDIS driver.
Some more info on the packets received from the router:
Each packet's ethertype is unknown (0x888e). They are 113 bytes long
and they all start with:
0103 005f fe00 8900 2000 0000 0000 0000
<rest of data varies from packet to packet (TKIP?)>
Thanks.
Bruce M Simpson wrote:
>On Wed, Mar 09, 2005 at 02:19:57PM -0800, Arvind Srinivasan wrote:
>
>>The setting of keys is working, as well as association with SSIDs that
>>are known to be running WPA. The privacy bit is also working. I did not
>>implement anything relating to TKIP countermeasures, which may be why I
>>am unable to exchange any packets subsequently.
>>Is there way to debug what's going on when I try dhclient on the interface?
>
>
>Try ports/net/dhcpdump -- it's a postprocess filter for tcpdump which will
>dump the dhcp packets in human readable format.
>
>BMS
>
>
On Wed, 9 Mar 2005 20:32:30 -0800, Arvind Srinivasan <arvind1 at gmail.com> wrote:
> From what I read, the 4-way handshake for WPA-PSK is the
> responsibility of the NDIS driver, and after that the link should be
> up? Would this approach work if I only want WPA-PSK?
> Thanks.
>
> On Wed, 09 Mar 2005 14:19:57 -0800, Arvind Srinivasan <arvind at celar.us> wrote:
> > Sam:
> > I implemented it in if_ndis in the kernel because I wanted to get it
> > going in 5.3 for just NDIS and WPA without having to require that a
> > supplicant be running - to emulate the behavior of the utilities under
> > Windows.
> > The setting of keys is working, as well as association with SSIDs that
> > are known to be running WPA. The privacy bit is also working. I did not
> > implement anything relating to TKIP countermeasures, which may be why I
> > am unable to exchange any packets subsequently.
> > Is there way to debug what's going on when I try dhclient on the interface?
> > Thanks.
> >
> > Sam Leffler wrote:
> >
> > > Arvind Srinivasan wrote:
> > >
> > >> I hacked a custom ndis driver to use WPA-PSK. The driver pretends to
> > >> be WEP (so that I can continue to use the existing API's) but under
> > >> the covers it actually calls the ndis wrapper with WPA OIDs instead of
> > >> the WEP OIDs.
> > >>
> > >> The essential changes I made are a call to OID_802_11_ADD_KEY instead
> > >> of OID_802_11_ADD_WEP, and NDIS_80211_WEPSTAT_ENC2ENABLED instead of
> > >> NDIS_80211_WEPSTAT_ENABLED.
> > >> All the changes are in if_ndis.c:ndis_setstate_80211.
> > >
> > >
> > > I don't understand why didn't use the existing API's that work with
> > > wpa_supplicant?
> > >
> > >>
> > >> I've tried two different cards: Linksys WPC54G and Dell WLAN 1350.
> > >> Both cards associate fine, but do not get much further than that. I am
> > >> unable to get an IP address from the NETGEAR router via DHCP, even
> > >> though the link is up.
> > >> Note that both cards work fine with the same router in Windows.....
> > >>
> > >> Is there anything else I need to do besides provide the right key and
> > >> encryption method in ndis_setstate_80211?
> > >
> > >
> > > Do your drivers implement a WPA supplicant in the kernel? If not you
> > > need a supplicant to use WPA in station mode. wpa_supplicant is the
> > > right program for this and to use it with FreeBSD you need to
> > > implement ioctl's to get+set keys, set the optional information
> > > element with negotiated WPA algorithms, and implement the scan results
> > > interface so wpa_supplicant can identify WPA-capable AP's (and
> > > probably a couple of other minor bits like enable the privacy bit and
> > > handle TKIP countermeasures). I believe there are OID's that map to
> > > all these mechanisms as I looked at the M$ spec when I designed the
> > > ioctls.
> > >
> > > Sam
> > >
> > >
> >
> > _______________________________________________
> > freebsd-mobile at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-mobile
> > To unsubscribe, send any mail to "freebsd-mobile-unsubscribe at freebsd.org"
> >
>
More information about the freebsd-mobile
mailing list