This is an old revision of the document!

A PCRE internal error occured. This might be caused by a faulty plugin

====== Joshua Oreman: 802.11 wireless development ====== ===== Journal Week 5 ===== ==== Monday, 29 June ==== Meeting notes from last Saturday: * alloc_iob() should align to the smallest power of two greater than the allocation size, instead of the current constant of 2kb, to make sure allocations don't cross a page boundary for finicky cards. 802.11 packets can be larger than 2kb, so this is the first time it's come up. * Discussed implementing a proper cryptographic RNG, possibly using the low-order bits of the TSC on timer interrupts; for now I've just stubbed the relevant function to use random(). * I'm going to try to get WPA1 with TKIP working by the middle of the week; hopefully WPA2 with CCMP by the end. * I leave Sunday for the IPhO, so I want to get as much done as I can before that :-) * My [[..:notes:modules|loadable module idea]] was vastly overcomplicated; one can get the same effect just by chainloading another gPXE. * It may be a good idea to either turn gPXE into a bzImage (it's currently a low-loaded zImage) or decrease the amount of heap/stack we give to zImages, as my test machine serves as an example of one whose EBDA goes all the way down to 0x98c00 and prevents loading zImage kernels using gPXE. Commits: * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=f88f20d617c740c9d62b092a0230db17d890ed19| [802.11] Make wpa.h global, remove eapol_key.h]] * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=fa77809958e3de729990c056eb1d30a092ad7356| [crypto] Add a placeholder for a proper random number generator]] * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=230cd55eac8f81f31787fb5b484a36d25be9a546| [sha1] Parameter type cleanup]] * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=9cdf468e489c9f112a2a90b0e8dc9cf8a8eabd3e| [802.11] Extensions of core code to make WPA more readily supportable]] * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=3e12e451ead722a85e7cd6dd31195936ac8f1411| [802.11] Clarify some RSN definitions]] * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=2d45fee0cd5b695983a871a312a436531bc6e69f| [eap] Try eap-identity setting before username]] * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=fae195f05e7ce53258a5c7c628dac0f462cb461c| [eapol] Properly free packet we now own, if callback fails]] * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=636dcf67a3b5a08265654b586702bd00f5e48bd0| [802.11] Implement WPA 4-Way Handshake and Group Key Handshake]] The last one is the biggie; it represents about 3/4 of the work necessary to get WPA done. The rest is just in the routine to encrypt or decrypt an individual packet. (I also have to write the encryption and decryption functions for the key data in the 4-Way Handshake frames.) I'm going to try to get TKIP encryption coded tomorrow, so I can have Wednesday to test it. If all goes well, CCMP later in the week. ==== Tuesday, 30 June ==== * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=d387838da36d744327715ca4def419cf4bdbfd62| [crypto] Add parentheses around len argument in blocksize assert]] * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=fc41feef104690b07abf5b3a290260d4625fad93| [crypto] Add arc4_skip() to perform ARC4 skipping some keystream bytes]] * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=363f832a6977c8fea4d13c857afae43478e19156| [802.11] Make IE processing more robust]] * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=149c55b5c98f73902a2462e9c3a6daee14788133| [802.11] Pass initial RSC to sec80211_install()]] * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=5e06bec67cf4e97e484c2758f564fd5d84beecb0| [wpa] Add replay detection, miscellaneous other fixes]] * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=97c5705425ce91c65fccaffce115667f4a018dc7| [wpa] Add PSK frontend and TKIP cryptosystem support]] Theoretically, WPA support [for TKIP and PSK, which are the most common cipher and AKM used] is now complete! In practice it's probably got some serious bugs, but that's what testing tomorrow is for. :-) ==== Wednesday, 1 July ==== * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=9813b562861099a58de1dc769a418844ec67c6f5| [crypto] Properly provide last block of SHA1 PRF data]] * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=9f6aaab6f95c78910d057e32e3408196e32873ab| [rtl818x] Keep device pointer for later cleanup]] * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=fad84bae86d3ae983a5ae00ed671f5f57a66796d| [eapol] Record protocol field in network byte order]] * [[http://git.etherboot.org/?p=people/oremanj/gpxe.git;a=commit;h=d2d44ba47beee86f6fea8071dfb4003cbca990bc| [802.11] WPA bugfix potpourri]] It works! I was able to use gPXE's new WPA support to connect to an access point configured to use either WPA or WPA2-format packets, with TKIP as the cryptosystem. WPA2 also supports a more secure and complex cryptosystem called CCMP, based on AES; hopefully I'll be able to implement it by the end of the week. WPA is quite a complex system, and I'm very glad I was able to get it to work. If you want to get an idea of the stuff it's managing, you can compile with ''DEBUG=net80211:3,sec80211:3,wpa:3,wpa_tkip:3,wpa_psk''; since I used ''DBGC()'', the result is rather psychedelic :-)


Trace: week6

QR Code
QR Code soc:2009:oremanj:journal:week6 (generated for current page)