WPA PSK - AUTH, ASSOC, 4-Way Handshake

Jouni Malinen jkmaline
Wed Sep 8 23:45:11 PDT 2004 

On Thu, Sep 09, 2004 at 01:56:57AM -0400, Luis R. Rodriguez wrote:

> Can someone tell me at what point the AUTH and ASSOC wireless
> events are caught when a STA is associating to an AP using wpa_supplicant?
> Is the AUTH sent, and in reponse the 4-way handshake occur? And then you
> get an ASSOC at the 4th step of the handshake? Or does both of these
> occur (AUTH, and ASSOC) occur prior to the 4-way handshake?

If by AUTH you mean IEEE 802.11 authentication, the last option wuld be
correct. In other words:

0) Scan results, wpa_supplicants configures driver
1) IEEE 802.11 authentication (wpa_supplicant doesn't really care about
   this)
2) IEEE 802.11 association (New Access Point)
3) AP starts 4-Way Handshake by sending an EAPOL-Key frame
4) wpa_supplicant replies with EAPOL-Key frame and then another pair of
   EAPOL-Key frames
5) wpa_supplicant configures the pairwise key to the driver
6) Group Key handshake (encrypted) if WPA is used (WPA2 combines this
   with four way handshake)
7) wpa_supplicant configures the group key to the driver
8) data connection is fully operational

> While at it, can someone please send me wpa_supplicant -d logs and iwevent logs
> of a successfull connection using PSK and TKIP?

I'm lazy, so you can have WPA-PSK with CCMP which happens to be my
current configuration ;-).

Waiting for Wireless Events...
06:32:27.735722    wifi0    New Access Point/Cell address:00:00:00:00:00:00
06:32:28.013444    wifi0    New Access Point/Cell address:00:00:00:00:00:00
06:32:29.306483    wifi0    New Access Point/Cell address:00:00:00:00:00:00
06:32:30.125096    wifi0    New Access Point/Cell address:00:00:00:00:00:00
06:32:30.528911    wifi0    Scan request completed
06:32:30.533789    wifi0    New Access Point/Cell address:00:00:00:00:00:00
06:32:30.545894    wlan0    Channel:1
06:32:30.547007    wifi0    New Access Point/Cell address:00:00:00:00:00:00
06:32:30.559103    wlan0    ESSID:"jkm private"
06:32:30.588124    wifi0    New Access Point/Cell address:00:09:5B:95:E0:4E


wpa_supplicant debug log is attached.

-- 
Jouni Malinen                                            PGP id EFC895FA
-------------- next part --------------
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
ctrl_interface_group=10 (from group name 'wheel')
Priority group 10
   id=0 ssid='jkm private'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
Own MAC address: 00:06:25:11:57:6c
wpa_driver_wext_set_wpa
SIOCGIWRANGE: WE(compiled)=18 WE(source)=18 enc_capa=0xf
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_countermeasures
wpa_driver_wext_set_drop_unencrypted
Setting scan request: 0 sec 100000 usec
Wireless event: cmd=0x8b15 len=20
Wireless event: new AP: 00:00:00:00:00:00
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
Disconnect event - remove keys
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
Starting AP scan (specific SSID)
Scan SSID - hexdump_ascii(len=11):
     6a 6b 6d 20 70 72 69 76 61 74 65                  jkm private     
Wireless event: cmd=0x8b19 len=12
Received 236 bytes of scan results (1 BSSes)
Scan results: 1
Selecting BSS from priority group 10
0: 00:09:5b:95:e0:4e ssid='jkm private' wpa_ie_len=26 rsn_ie_len=0
   selected
Trying to associate with 00:09:5b:95:e0:4e (SSID='jkm private' freq=2412 MHz)
Cancelling scan request
Automatic auth_alg selection: 0x1
WPA: using IEEE 802.11i/D3.0
WPA: using GTK CCMP
WPA: using PTK CCMP
WPA: using KEY_MGMT WPA-PSK
WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 04 01 00 00 50 f2 04 01 00 00 50 f2 02
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_drop_unencrypted
wpa_driver_wext_associate
Setting authentication timeout: 5 sec 0 usec
EAPOL: External notification - EAP success=0
EAPOL: External notification - EAP fail=0
EAPOL: External notification - portControl=Auto
Wireless event: cmd=0x8b15 len=20
Wireless event: new AP: 00:00:00:00:00:00
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - EAP success=0
Disconnect event - remove keys
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
Wireless event: cmd=0x8b04 len=12
Wireless event: cmd=0x8b15 len=20
Wireless event: new AP: 00:00:00:00:00:00
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - EAP success=0
Disconnect event - remove keys
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
Wireless event: cmd=0x8b1a len=23
Wireless event: cmd=0x8b15 len=20
Wireless event: new AP: 00:09:5b:95:e0:4e
Association event - clear replay counter
Associated to a new BSS: BSSID=00:09:5b:95:e0:4e
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
EAPOL: External notification - portValid=0
EAPOL: External notification - EAP success=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
WPA: drop TX EAPOL in non-IEEE 802.1X mode (type=1 len=0)
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
Setting authentication timeout: 10 sec 0 usec
RTM_NEWLINK, IFLA_IFNAME: Interface 'wifi0' added
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
RX EAPOL from 00:09:5b:95:e0:4e
Setting authentication timeout: 10 sec 0 usec
EAPOL: Ignoring WPA EAPOL-Key frame in EAPOL state machines
IEEE 802.1X RX: version=1 type=3 length=95
  EAPOL-Key type=254
WPA: RX message 1 of 4-Way Handshake from 00:09:5b:95:e0:4e (ver=2)
WPA: WPA IE for msg 2/4 - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 04 01 00 00 50 f2 04 01 00 00 50 f2 02
WPA: Renewed SNonce - hexdump(len=32): f8 9f 32 06 06 5a 66 9d 2e bc 9f 64 15 7b 93 6b ba 04 f8 94 de f4 7c 35 ce 24 c3 95 23 9c 13 de
WPA: PMK - hexdump(len=32): <removed>
WPA: PTK - hexdump(len=64): <removed>
WPA: EAPOL-Key MIC - hexdump(len=16): 75 68 2f 81 01 3a ec 3c 06 aa 91 db 4e 24 cf eb
WPA: Sending EAPOL-Key 2/4
RX EAPOL from 00:09:5b:95:e0:4e
EAPOL: Ignoring WPA EAPOL-Key frame in EAPOL state machines
IEEE 802.1X RX: version=1 type=3 length=121
  EAPOL-Key type=254
WPA: RX message 3 of 4-Way Handshake from 00:09:5b:95:e0:4e (ver=2)
WPA: Sending EAPOL-Key 4/4
WPA: Installing PTK to the driver.
WPA: RSC - hexdump(len=6): 00 00 00 00 00 00
wpa_driver_wext_set_key: alg=3 key_idx=0 set_tx=1 seq_len=6 key_len=16
RX EAPOL from 00:09:5b:95:e0:4e
EAPOL: Ignoring WPA EAPOL-Key frame in EAPOL state machines
IEEE 802.1X RX: version=1 type=3 length=119
  EAPOL-Key type=254
WPA: RX message 1 of Group Key Handshake from 00:09:5b:95:e0:4e (ver=2)
WPA: Group Key - hexdump(len=16): db 33 c4 d2 a4 62 8d bb 3e b0 09 b5 f8 3f 67 d3
WPA: Installing GTK to the driver (keyidx=1 tx=0).
WPA: RSC - hexdump(len=6): 01 00 00 00 00 00
wpa_driver_wext_set_key: alg=3 key_idx=1 set_tx=0 seq_len=6 key_len=16
WPA: Sending EAPOL-Key 2/2
WPA: Key negotiation completed with 00:09:5b:95:e0:4e [PTK=CCMP GTK=CCMP]
Cancelling authentication timeout
EAPOL: External notification - portValid=1
EAPOL: External notification - EAP success=1
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state SUCCESS
EAP: EAP entering state SUCCESS
EAPOL: SUPP_PAE entering state AUTHENTICATED
EAPOL: SUPP_BE entering state IDLE
RX EAPOL from 00:09:5b:95:e0:4e
EAPOL: Ignoring WPA EAPOL-Key frame in EAPOL state machines
IEEE 802.1X RX: version=1 type=3 length=119
  EAPOL-Key type=254
WPA: RX message 1 of Group Key Handshake from 00:09:5b:95:e0:4e (ver=2)
WPA: Group Key - hexdump(len=16): 12 bf ee 79 58 70 a9 eb 18 88 58 5f a0 54 3c 6e
WPA: Installing GTK to the driver (keyidx=2 tx=0).
WPA: RSC - hexdump(len=6): 00 00 00 00 00 00
wpa_driver_wext_set_key: alg=3 key_idx=2 set_tx=0 seq_len=6 key_len=16
WPA: Sending EAPOL-Key 2/2
WPA: Key negotiation completed with 00:09:5b:95:e0:4e [PTK=CCMP GTK=CCMP]
Cancelling authentication timeout
EAPOL: External notification - portValid=1
EAPOL: External notification - EAP success=1
Signal 2 received - terminating
wpa_driver_wext_deauthenticate
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
EAPOL: External notification - portEnabled=0
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=0
wpa_driver_wext_set_wpa
wpa_driver_wext_set_drop_unencrypted
wpa_driver_wext_set_countermeasures

More information about the Hostap mailing list