4,620
edits
Changes
Jump to navigation
Jump to search
Line 1,070:
Line 1,070: − + − + + + + + Line 1,186:
Line 1,190: − + − + Line 1,194:
Line 1,198: − +
no edit summary
A beacon and Action frame are broadcasted. The SSID in the beacon is hidden (32-bytes with value 0). For [[#Scan]]/[[#ScanPrivate]] it doesn't matter if no beacon is available ([[#NetworkInfo]] is the same), as long as the Action frame is broadcasted. However, the Station will not send a probe-request during connection if no beacon is available (and therefore not attempt any communication with the AccessPoint).
A beacon and Action frame are broadcasted. The SSID in the beacon is hidden (32-bytes with value 0). For [[#Scan]]/[[#ScanPrivate]] it doesn't matter if no beacon is available ([[#NetworkInfo]] is the same), as long as the Action frame is broadcasted. However, the Station will not send a probe-request during connection if no beacon is available (and therefore not attempt any communication with the AccessPoint).
During connection, the Station first sends a probe-request using the [[#NetworkInfo|generated]] SSID from the Action frame. If the probe-response contains the expected data for the [[#SecurityConfig]] type, the Station then proceeds to connect to the AccessPoint.
During connection, the Station first sends a probe-request using the [[#NetworkInfo|generated]] SSID from the Action frame. If the probe-response contains the expected data for the [[#SecurityConfig]] type, the Station then proceeds to connect to the AccessPoint. The key for data-frames, if [[#SecurityConfig|enabled]], is derived from a buffer containing: {[[#SecurityParameter]]+0x0} followed by {[[#SecurityConfig]] data with the specified data-size}.
Once connected, the Station must Authenticate with the AccessPoint, this is custom. The Station sends a frame (a maximum of 3 times in some cases if errors occur, with the same data), and the AccessPoint sends a response. Once Authenticated, the node is added to the [[#NodeInfo]] array in [[#NetworkInfo]], the Station will throw an error if it can't find a matching [[#MacAddress]] for itself here. If the Station does not successfully Authenticate X-seconds after connecting, the AccessPoint disconnects the Station. If the Station fails to Authenticate, the Station itself will disconnect as well.
Then the Station scans for an [[#ActionFrame]] for loading the [[#NetworkInfo]].
Once connected, the Station must Authenticate with the AccessPoint, this is custom. The Station sends a frame (a maximum of 3 times in some cases if errors occur, with the same data), and the AccessPoint sends a response. Once Authenticated, the node is added to the [[#NodeInfo]] array in [[#NetworkInfo]]. If the Station does not successfully Authenticate X-seconds after connecting, the AccessPoint disconnects the Station. If the Station fails to Authenticate, the Station itself will disconnect as well.
After Authentication the Station will scan for another [[#ActionFrame]], with frame-comparision enabled with the above frame (frame must have been updated since the previous scan). The Station locates the index for a [[#MacAddress]] matching itself in the [[#NetworkInfo]] [[#NodeInfo]] array (the entry for the AccessPoint is skipped), throwing an error if not found. After validating the LocalCommunicationVersion, it proceeds to handle ARP setup below.
This does not use DHCP, each node on the network has to manually setup ARP (without sending ARP network requests) with the [[#NodeInfo]] array in [[#NetworkInfo]].
This does not use DHCP, each node on the network has to manually setup ARP (without sending ARP network requests) with the [[#NodeInfo]] array in [[#NetworkInfo]].
! Description
! Description
|-
|-
| 0x0 || 0x20 || [[#NetworkInfo]]+0x0. The u64/u16 are big-endian.
| 0x0 || 0x20 || [[#NetworkInfo]]+0x0. The u64/u16 are big-endian. Outside of [[#Scan]]/[[#ScanPrivate]], this must match the previously loaded data for this.
|-
|-
| 0x20 || 0x1 || Must be 0x1-0xF. Copied to [[#NetworkInfo]]+0x63.
| 0x20 || 0x1 || Must be 0x1-0xF. Copied to [[#NetworkInfo]]+0x63. When comparing with a previous frame is enabled, this must match a value in state.
|-
|-
| 0x21 || 0x1 || Encryption type: 1 = plaintext, 2 = encrypted, {frames with other values are ignored by [[#Scan]]/[[#ScanPrivate]]}. Must match the type which is currently being used: with [[#Scan]]/[[#ScanPrivate]] this is determined via this field, otherwise [[#SecurityConfig]] is used to determine this.
| 0x21 || 0x1 || Encryption type: 1 = plaintext, 2 = encrypted, {frames with other values are ignored by [[#Scan]]/[[#ScanPrivate]]}. Must match the type which is currently being used: with [[#Scan]]/[[#ScanPrivate]] this is determined via this field, otherwise [[#SecurityConfig]] is used to determine this.
| 0x22 || 0x2 || Big-endian u16 size for the data starting at +0x48, must be <=0x500, and must match {total frame size relative to +0x0 above} + 0x48.
| 0x22 || 0x2 || Big-endian u16 size for the data starting at +0x48, must be <=0x500, and must match {total frame size relative to +0x0 above} + 0x48.
|-
|-
| 0x24 || 0x4 || Big-endian u32 Counter
| 0x24 || 0x4 || Big-endian u32 Counter, incremented when the below content was updated. Also used by the Station to determine whether the frame changed compared to a previous one. When comparing against a previous frame, new_counter-prev_counter must be <= 0xFF, and the counters must not match.
|-
|-
| 0x28 || 0x20 || SHA256 hash over the entire frame starting at +0x0, with the above size + 0x48. During hashing, this hash is cleared, with the new hash overwriting the original in memory (the original is copied to stack for comparing).
| 0x28 || 0x20 || SHA256 hash over the entire frame starting at +0x0, with the above size + 0x48. During hashing, this hash is cleared, with the new hash overwriting the original in memory (the original is copied to stack for comparing).