[v2,1/1] iw: add support for retrieving keys

Message ID	20230102111213.77129-1-raphael.melotte@mind.be (mailing list archive)
State	Changes Requested
Delegated to:	Johannes Berg
Headers	show Return-Path: <linux-wireless-owner@vger.kernel.org> From: =?utf-8?b?UmFwaGHDq2wgTcOpbG90dGU=?= <raphael.melotte@mind.be> To: johannes@sipsolutions.net Cc: linux-wireless@vger.kernel.org, =?utf-8?b?UmFwaGHDq2wgTcOpbG90dGU=?= <raphael.melotte@mind.be> Subject: [PATCH v2 1/1] iw: add support for retrieving keys Date: Mon, 2 Jan 2023 12:12:13 +0100 Message-Id: <20230102111213.77129-1-raphael.melotte@mind.be> In-Reply-To: <20220822074318.291949-2-raphael.melotte@mind.be> References: <20220822074318.291949-2-raphael.melotte@mind.be> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	[v2,1/1] iw: add support for retrieving keys \| expand [v2,1/1] iw: add support for retrieving keys

Message ID

20230102111213.77129-1-raphael.melotte@mind.be (mailing list archive)

State

Changes Requested

Delegated to:

Johannes Berg

Headers

From: =?utf-8?b?UmFwaGHDq2wgTcOpbG90dGU=?= <raphael.melotte@mind.be>
To: johannes@sipsolutions.net
Cc: linux-wireless@vger.kernel.org,
 =?utf-8?b?UmFwaGHDq2wgTcOpbG90dGU=?= <raphael.melotte@mind.be>
Subject: [PATCH v2 1/1] iw: add support for retrieving keys
Date: Mon,  2 Jan 2023 12:12:13 +0100
Message-Id: <20230102111213.77129-1-raphael.melotte@mind.be>
In-Reply-To: <20220822074318.291949-2-raphael.melotte@mind.be>
References: <20220822074318.291949-2-raphael.melotte@mind.be>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

[v2,1/1] iw: add support for retrieving keys | expand

Commit Message

Raphaël Mélotte Jan. 2, 2023, 11:12 a.m. UTC

For debugging purposes, it can be useful to be able to retrieve keys.

Add a "iw key get" command, to be able to retrieve keys when the key
index is known. A new "key" section is also introduced, in preparation
for future key-related commands.

Example retrieving a pairwise key:
iw dev wlan0 key get 0 02:02:03:04:05:06

Example retrieving a group key:
iw dev wlan0 key get 1

Note that only the outer ATTR_KEY_DATA (and seq) is reported, the
nested KEY_DATA (and seq) within ATTR_KEY is not.

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
---
Changes v1 -> v2:
  - Introduce a 'key' section and update commit message
  - Fix documentation (and remove pairwise flag)
  - Return error when MAC is invalid
  - Rebase on master
 keys.c | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 80 insertions(+)
 create mode 100644 keys.c

Comments

Johannes Berg Jan. 12, 2023, 10:05 a.m. UTC | #1

On Mon, 2023-01-02 at 12:12 +0100, Raphaël Mélotte wrote:
> 
> +	/* key index */
> +	if (argc) {
> +		nla_put_u8(msg, NL80211_ATTR_KEY_IDX, strtoul(argv[0], &end, 10));

This is odd now - if you have &end you should check that strtoul()
actually consumed all the input etc.? Otherwise might as well just use
atoi(), but I'd prefer with the checks.

> +		argv++;
> +		argc--;
> +	}
> +
> +	/* mac */
> +	if (argc) {
> +		if (mac_addr_a2n(mac, argv[0]) == 0) {
> +			NLA_PUT(msg, NL80211_ATTR_MAC, 6, mac);
> +			argv++;
> +			argc--;
> +			nla_put_u32(msg, NL80211_ATTR_KEY_TYPE, NL80211_KEYTYPE_PAIRWISE);

maybe add that before the argv/argc (and maybe break line in there) -
first I got concerned if argv/argc was used in that nla_put_u32().

johannes

Raphaël Mélotte Jan. 12, 2023, 12:22 p.m. UTC | #2

On 1/12/23 11:05, Johannes Berg wrote:
> On Mon, 2023-01-02 at 12:12 +0100, Raphaël Mélotte wrote:
> This is odd now - if you have &end you should check that strtoul()
> actually consumed all the input etc.? Otherwise might as well just use
> atoi(), but I'd prefer with the checks.

Indeed..

> maybe add that before the argv/argc (and maybe break line in there) -
> first I got concerned if argv/argc was used in that nla_put_u32().

Okay, I'll do that in a v3.

Thanks!

Raphaël

diff --git a/keys.c b/keys.c
new file mode 100644
index 0000000..37abc94
--- /dev/null
+++ b/keys.c
@@ -0,0 +1,80 @@ 
+#include <errno.h>
+#include <netlink/genl/genl.h>
+#include <netlink/genl/family.h>
+#include <netlink/genl/ctrl.h>
+#include <netlink/msg.h>
+#include <netlink/attr.h>
+#include "nl80211.h"
+#include "iw.h"
+
+SECTION(key);
+
+static int print_keys(struct nl_msg *msg, void *arg)
+{
+	struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
+	struct nlattr *tb[NL80211_ATTR_MAX + 1];
+
+	nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
+		  genlmsg_attrlen(gnlh, 0), NULL);
+
+	if (!tb[NL80211_ATTR_KEY_IDX]) {
+		fprintf(stderr, "KEY_IDX missing!\n");
+		return NL_SKIP;
+	}
+
+	if (!tb[NL80211_ATTR_KEY_DATA]) {
+		fprintf(stderr, "ATTR_KEY_DATA missing!\n");
+		return NL_SKIP;
+	}
+
+	iw_hexdump("Key", nla_data(tb[NL80211_ATTR_KEY_DATA]),
+		   nla_len(tb[NL80211_ATTR_KEY_DATA]));
+
+	if (!tb[NL80211_ATTR_KEY_SEQ]) {
+		fprintf(stderr, "ATTR_KEY_SEQ missing!\n");
+		return NL_SKIP;
+	}
+
+	iw_hexdump("Key seq", nla_data(tb[NL80211_ATTR_KEY_SEQ]),
+		   nla_len(tb[NL80211_ATTR_KEY_SEQ]));
+
+	return NL_OK;
+}
+
+static int handle_get_key(struct nl80211_state *state,
+			  struct nl_msg *msg, int argc, char **argv,
+			  enum id_input id)
+{
+	char *end;
+	unsigned char mac[6];
+
+	/* key index */
+	if (argc) {
+		nla_put_u8(msg, NL80211_ATTR_KEY_IDX, strtoul(argv[0], &end, 10));
+		argv++;
+		argc--;
+	}
+
+	/* mac */
+	if (argc) {
+		if (mac_addr_a2n(mac, argv[0]) == 0) {
+			NLA_PUT(msg, NL80211_ATTR_MAC, 6, mac);
+			argv++;
+			argc--;
+			nla_put_u32(msg, NL80211_ATTR_KEY_TYPE, NL80211_KEYTYPE_PAIRWISE);
+		} else {
+			return -EINVAL;
+		}
+	} else {
+		nla_put_u32(msg, NL80211_ATTR_KEY_TYPE, NL80211_KEYTYPE_GROUP);
+	}
+
+	register_handler(print_keys, NULL);
+	return 0;
+
+ nla_put_failure:
+	return -ENOSPC;
+}
+COMMAND(key, get, "<key index> <MAC address>",
+	NL80211_CMD_GET_KEY, 0, CIB_NETDEV, handle_get_key,
+	"Retrieve a key and key sequence.\n");

[v2,1/1] iw: add support for retrieving keys

Commit Message

Comments

Patch