]> git.ipfire.org Git - thirdparty/hostap.git/blame - hostapd/wpa.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Added more src subdirectories into doxygen docs
[thirdparty/hostap.git] / hostapd / wpa.c
CommitLineData
6fc6879b
JM		 1/*
2 * hostapd - IEEE 802.11i-2004 / WPA Authenticator
3 * Copyright (c) 2004-2008, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 */
14
15#include "includes.h"
16
17#ifndef CONFIG_NATIVE_WINDOWS
18
19#include "common.h"
20#include "config.h"
21#include "eapol_sm.h"
22#include "wpa.h"
23#include "sha1.h"
56586197 24#include "sha256.h"
6fc6879b
JM		 25#include "rc4.h"
26#include "aes_wrap.h"
27#include "crypto.h"
28#include "eloop.h"
29#include "ieee802_11.h"
30#include "pmksa_cache.h"
31#include "state_machine.h"
32#include "wpa_auth_i.h"
33#include "wpa_auth_ie.h"
34
35#define STATE_MACHINE_DATA struct wpa_state_machine
36#define STATE_MACHINE_DEBUG_PREFIX "WPA"
37#define STATE_MACHINE_ADDR sm->addr
38
39
40static void wpa_send_eapol_timeout(void *eloop_ctx, void *timeout_ctx);
41static void wpa_sm_step(struct wpa_state_machine *sm);
42static int wpa_verify_key_mic(struct wpa_ptk *PTK, u8 *data, size_t data_len);
43static void wpa_sm_call_step(void *eloop_ctx, void *timeout_ctx);
44static void wpa_group_sm_step(struct wpa_authenticator *wpa_auth,
45 struct wpa_group *group);
581a8cde 46static void wpa_request_new_ptk(struct wpa_state_machine *sm);
6fc6879b 47
bae61562
JM		 48static const u32 dot11RSNAConfigGroupUpdateCount = 4;
49static const u32 dot11RSNAConfigPairwiseUpdateCount = 4;
50static const u32 eapol_key_timeout_first = 100; /* ms */
51static const u32 eapol_key_timeout_subseq = 1000; /* ms */
6fc6879b
JM		 52
53/* TODO: make these configurable */
54static const int dot11RSNAConfigPMKLifetime = 43200;
55static const int dot11RSNAConfigPMKReauthThreshold = 70;
56static const int dot11RSNAConfigSATimeout = 60;
57
58
59static inline void wpa_auth_mic_failure_report(
60 struct wpa_authenticator *wpa_auth, const u8 *addr)
61{
62 if (wpa_auth->cb.mic_failure_report)
63 wpa_auth->cb.mic_failure_report(wpa_auth->cb.ctx, addr);
64}
65
66
67static inline void wpa_auth_set_eapol(struct wpa_authenticator *wpa_auth,
68 const u8 *addr, wpa_eapol_variable var,
69 int value)
70{
71 if (wpa_auth->cb.set_eapol)
72 wpa_auth->cb.set_eapol(wpa_auth->cb.ctx, addr, var, value);
73}
74
75
76static inline int wpa_auth_get_eapol(struct wpa_authenticator *wpa_auth,
77 const u8 *addr, wpa_eapol_variable var)
78{
79 if (wpa_auth->cb.get_eapol == NULL)
80 return -1;
81 return wpa_auth->cb.get_eapol(wpa_auth->cb.ctx, addr, var);
82}
83
84
85static inline const u8 * wpa_auth_get_psk(struct wpa_authenticator *wpa_auth,
86 const u8 *addr, const u8 *prev_psk)
87{
88 if (wpa_auth->cb.get_psk == NULL)
89 return NULL;
90 return wpa_auth->cb.get_psk(wpa_auth->cb.ctx, addr, prev_psk);
91}
92
93
94static inline int wpa_auth_get_msk(struct wpa_authenticator *wpa_auth,
95 const u8 *addr, u8 *msk, size_t *len)
96{
97 if (wpa_auth->cb.get_msk == NULL)
98 return -1;
99 return wpa_auth->cb.get_msk(wpa_auth->cb.ctx, addr, msk, len);
100}
101
102
103static inline int wpa_auth_set_key(struct wpa_authenticator *wpa_auth,
104 int vlan_id,
105 const char *alg, const u8 *addr, int idx,
106 u8 *key, size_t key_len)
107{
108 if (wpa_auth->cb.set_key == NULL)
109 return -1;
110 return wpa_auth->cb.set_key(wpa_auth->cb.ctx, vlan_id, alg, addr, idx,
111 key, key_len);
112}
113
114
115static inline int wpa_auth_get_seqnum(struct wpa_authenticator *wpa_auth,
116 const u8 *addr, int idx, u8 *seq)
117{
118 if (wpa_auth->cb.get_seqnum == NULL)
119 return -1;
120 return wpa_auth->cb.get_seqnum(wpa_auth->cb.ctx, addr, idx, seq);
121}
122
123
124static inline int wpa_auth_get_seqnum_igtk(struct wpa_authenticator *wpa_auth,
125 const u8 *addr, int idx, u8 *seq)
126{
127 if (wpa_auth->cb.get_seqnum_igtk == NULL)
128 return -1;
129 return wpa_auth->cb.get_seqnum_igtk(wpa_auth->cb.ctx, addr, idx, seq);
130}
131
132
133static inline int
134wpa_auth_send_eapol(struct wpa_authenticator *wpa_auth, const u8 *addr,
135 const u8 *data, size_t data_len, int encrypt)
136{
137 if (wpa_auth->cb.send_eapol == NULL)
138 return -1;
139 return wpa_auth->cb.send_eapol(wpa_auth->cb.ctx, addr, data, data_len,
140 encrypt);
141}
142
143
144int wpa_auth_for_each_sta(struct wpa_authenticator *wpa_auth,
145 int (*cb)(struct wpa_state_machine *sm, void *ctx),
146 void *cb_ctx)
147{
148 if (wpa_auth->cb.for_each_sta == NULL)
149 return 0;
150 return wpa_auth->cb.for_each_sta(wpa_auth->cb.ctx, cb, cb_ctx);
151}
152
153
bf98f7f3
JM		 154int wpa_auth_for_each_auth(struct wpa_authenticator *wpa_auth,
155 int (*cb)(struct wpa_authenticator *a, void *ctx),
156 void *cb_ctx)
157{
158 if (wpa_auth->cb.for_each_auth == NULL)
159 return 0;
160 return wpa_auth->cb.for_each_auth(wpa_auth->cb.ctx, cb, cb_ctx);
161}
162
163
6fc6879b
JM		 164void wpa_auth_logger(struct wpa_authenticator *wpa_auth, const u8 *addr,
165 logger_level level, const char *txt)
166{
167 if (wpa_auth->cb.logger == NULL)
168 return;
169 wpa_auth->cb.logger(wpa_auth->cb.ctx, addr, level, txt);
170}
171
172
173void wpa_auth_vlogger(struct wpa_authenticator *wpa_auth, const u8 *addr,
174 logger_level level, const char *fmt, ...)
175{
176 char *format;
177 int maxlen;
178 va_list ap;
179
180 if (wpa_auth->cb.logger == NULL)
181 return;
182
183 maxlen = os_strlen(fmt) + 100;
184 format = os_malloc(maxlen);
185 if (!format)
186 return;
187
188 va_start(ap, fmt);
189 vsnprintf(format, maxlen, fmt, ap);
190 va_end(ap);
191
192 wpa_auth_logger(wpa_auth, addr, level, format);
193
194 os_free(format);
195}
196
197
198static void wpa_sta_disconnect(struct wpa_authenticator *wpa_auth,
199 const u8 *addr)
200{
201 if (wpa_auth->cb.disconnect == NULL)
202 return;
203 wpa_auth->cb.disconnect(wpa_auth->cb.ctx, addr,
204 WLAN_REASON_PREV_AUTH_NOT_VALID);
205}
206
207
208static int wpa_use_aes_cmac(struct wpa_state_machine *sm)
209{
56586197 210 int ret = 0;
6fc6879b 211#ifdef CONFIG_IEEE80211R
56586197
JM		 212 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt))
213 ret = 1;
6fc6879b 214#endif /* CONFIG_IEEE80211R */
56586197
JM		 215#ifdef CONFIG_IEEE80211W
216 if (wpa_key_mgmt_sha256(sm->wpa_key_mgmt))
217 ret = 1;
218#endif /* CONFIG_IEEE80211W */
219 return ret;
6fc6879b
JM		 220}
221
222
223static void wpa_rekey_gmk(void *eloop_ctx, void *timeout_ctx)
224{
225 struct wpa_authenticator *wpa_auth = eloop_ctx;
226
227 if (os_get_random(wpa_auth->group->GMK, WPA_GMK_LEN)) {
228 wpa_printf(MSG_ERROR, "Failed to get random data for WPA "
229 "initialization.");
230 } else {
231 wpa_auth_logger(wpa_auth, NULL, LOGGER_DEBUG, "GMK rekeyd");
232 }
233
234 if (wpa_auth->conf.wpa_gmk_rekey) {
235 eloop_register_timeout(wpa_auth->conf.wpa_gmk_rekey, 0,
236 wpa_rekey_gmk, wpa_auth, NULL);
237 }
238}
239
240
241static void wpa_rekey_gtk(void *eloop_ctx, void *timeout_ctx)
242{
243 struct wpa_authenticator *wpa_auth = eloop_ctx;
244 struct wpa_group *group;
245
246 wpa_auth_logger(wpa_auth, NULL, LOGGER_DEBUG, "rekeying GTK");
247 for (group = wpa_auth->group; group; group = group->next) {
248 group->GTKReKey = TRUE;
249 do {
250 group->changed = FALSE;
251 wpa_group_sm_step(wpa_auth, group);
252 } while (group->changed);
253 }
254
255 if (wpa_auth->conf.wpa_group_rekey) {
256 eloop_register_timeout(wpa_auth->conf.wpa_group_rekey,
257 0, wpa_rekey_gtk, wpa_auth, NULL);
258 }
259}
260
261
581a8cde
JM		 262static void wpa_rekey_ptk(void *eloop_ctx, void *timeout_ctx)
263{
264 struct wpa_authenticator *wpa_auth = eloop_ctx;
265 struct wpa_state_machine *sm = timeout_ctx;
266
267 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "rekeying PTK");
268 wpa_request_new_ptk(sm);
269 wpa_sm_step(sm);
270}
271
272
6fc6879b
JM		 273static int wpa_auth_pmksa_clear_cb(struct wpa_state_machine *sm, void *ctx)
274{
275 if (sm->pmksa == ctx)
276 sm->pmksa = NULL;
277 return 0;
278}
279
280
281static void wpa_auth_pmksa_free_cb(struct rsn_pmksa_cache_entry *entry,
282 void *ctx)
283{
284 struct wpa_authenticator *wpa_auth = ctx;
285 wpa_auth_for_each_sta(wpa_auth, wpa_auth_pmksa_clear_cb, entry);
286}
287
288
289static struct wpa_group * wpa_group_init(struct wpa_authenticator *wpa_auth,
290 int vlan_id)
291{
292 struct wpa_group *group;
293 u8 buf[ETH_ALEN + 8 + sizeof(group)];
294 u8 rkey[32];
295
296 group = os_zalloc(sizeof(struct wpa_group));
297 if (group == NULL)
298 return NULL;
299
300 group->GTKAuthenticator = TRUE;
301 group->vlan_id = vlan_id;
302
303 switch (wpa_auth->conf.wpa_group) {
304 case WPA_CIPHER_CCMP:
305 group->GTK_len = 16;
306 break;
307 case WPA_CIPHER_TKIP:
308 group->GTK_len = 32;
309 break;
310 case WPA_CIPHER_WEP104:
311 group->GTK_len = 13;
312 break;
313 case WPA_CIPHER_WEP40:
314 group->GTK_len = 5;
315 break;
316 }
317
318 /* Counter = PRF-256(Random number, "Init Counter",
319 * Local MAC Address || Time)
320 */
321 os_memcpy(buf, wpa_auth->addr, ETH_ALEN);
322 wpa_get_ntp_timestamp(buf + ETH_ALEN);
323 os_memcpy(buf + ETH_ALEN + 8, &group, sizeof(group));
324 if (os_get_random(rkey, sizeof(rkey)) ||
325 os_get_random(group->GMK, WPA_GMK_LEN)) {
326 wpa_printf(MSG_ERROR, "Failed to get random data for WPA "
327 "initialization.");
328 os_free(group);
329 return NULL;
330 }
331
332 sha1_prf(rkey, sizeof(rkey), "Init Counter", buf, sizeof(buf),
333 group->Counter, WPA_NONCE_LEN);
334
335 group->GInit = TRUE;
336 wpa_group_sm_step(wpa_auth, group);
337 group->GInit = FALSE;
338 wpa_group_sm_step(wpa_auth, group);
339
340 return group;
341}
342
343
344/**
345 * wpa_init - Initialize WPA authenticator
346 * @addr: Authenticator address
347 * @conf: Configuration for WPA authenticator
348 * Returns: Pointer to WPA authenticator data or %NULL on failure
349 */
350struct wpa_authenticator * wpa_init(const u8 *addr,
351 struct wpa_auth_config *conf,
352 struct wpa_auth_callbacks *cb)
353{
354 struct wpa_authenticator *wpa_auth;
355
356 wpa_auth = os_zalloc(sizeof(struct wpa_authenticator));
357 if (wpa_auth == NULL)
358 return NULL;
359 os_memcpy(wpa_auth->addr, addr, ETH_ALEN);
360 os_memcpy(&wpa_auth->conf, conf, sizeof(*conf));
361 os_memcpy(&wpa_auth->cb, cb, sizeof(*cb));
362
363 if (wpa_auth_gen_wpa_ie(wpa_auth)) {
364 wpa_printf(MSG_ERROR, "Could not generate WPA IE.");
365 os_free(wpa_auth);
366 return NULL;
367 }
368
369 wpa_auth->group = wpa_group_init(wpa_auth, 0);
370 if (wpa_auth->group == NULL) {
371 os_free(wpa_auth->wpa_ie);
372 os_free(wpa_auth);
373 return NULL;
374 }
375
376 wpa_auth->pmksa = pmksa_cache_init(wpa_auth_pmksa_free_cb, wpa_auth);
377 if (wpa_auth->pmksa == NULL) {
378 wpa_printf(MSG_ERROR, "PMKSA cache initialization failed.");
379 os_free(wpa_auth->wpa_ie);
380 os_free(wpa_auth);
381 return NULL;
382 }
383
384#ifdef CONFIG_IEEE80211R
385 wpa_auth->ft_pmk_cache = wpa_ft_pmk_cache_init();
386 if (wpa_auth->ft_pmk_cache == NULL) {
387 wpa_printf(MSG_ERROR, "FT PMK cache initialization failed.");
388 os_free(wpa_auth->wpa_ie);
389 pmksa_cache_deinit(wpa_auth->pmksa);
390 os_free(wpa_auth);
391 return NULL;
392 }
393#endif /* CONFIG_IEEE80211R */
394
395 if (wpa_auth->conf.wpa_gmk_rekey) {
396 eloop_register_timeout(wpa_auth->conf.wpa_gmk_rekey, 0,
397 wpa_rekey_gmk, wpa_auth, NULL);
398 }
399
400 if (wpa_auth->conf.wpa_group_rekey) {
401 eloop_register_timeout(wpa_auth->conf.wpa_group_rekey, 0,
402 wpa_rekey_gtk, wpa_auth, NULL);
403 }
404
405 return wpa_auth;
406}
407
408
409/**
410 * wpa_deinit - Deinitialize WPA authenticator
411 * @wpa_auth: Pointer to WPA authenticator data from wpa_init()
412 */
413void wpa_deinit(struct wpa_authenticator *wpa_auth)
414{
415 struct wpa_group *group, *prev;
416
417 eloop_cancel_timeout(wpa_rekey_gmk, wpa_auth, NULL);
418 eloop_cancel_timeout(wpa_rekey_gtk, wpa_auth, NULL);
419
420#ifdef CONFIG_PEERKEY
421 while (wpa_auth->stsl_negotiations)
422 wpa_stsl_remove(wpa_auth, wpa_auth->stsl_negotiations);
423#endif /* CONFIG_PEERKEY */
424
425 pmksa_cache_deinit(wpa_auth->pmksa);
426
427#ifdef CONFIG_IEEE80211R
428 wpa_ft_pmk_cache_deinit(wpa_auth->ft_pmk_cache);
429 wpa_auth->ft_pmk_cache = NULL;
430#endif /* CONFIG_IEEE80211R */
431
432 os_free(wpa_auth->wpa_ie);
433
434 group = wpa_auth->group;
435 while (group) {
436 prev = group;
437 group = group->next;
438 os_free(prev);
439 }
440
441 os_free(wpa_auth);
442}
443
444
445/**
446 * wpa_reconfig - Update WPA authenticator configuration
447 * @wpa_auth: Pointer to WPA authenticator data from wpa_init()
448 * @conf: Configuration for WPA authenticator
449 */
450int wpa_reconfig(struct wpa_authenticator *wpa_auth,
451 struct wpa_auth_config *conf)
452{
453 if (wpa_auth == NULL)
454 return 0;
455
456 os_memcpy(&wpa_auth->conf, conf, sizeof(*conf));
ad08c363
JM		 457 if (wpa_auth_gen_wpa_ie(wpa_auth)) {
458 wpa_printf(MSG_ERROR, "Could not generate WPA IE.");
459 return -1;
460 }
461
6fc6879b
JM		 462 return 0;
463}
464
465
466struct wpa_state_machine *
467wpa_auth_sta_init(struct wpa_authenticator *wpa_auth, const u8 *addr)
468{
469 struct wpa_state_machine *sm;
470
471 sm = os_zalloc(sizeof(struct wpa_state_machine));
472 if (sm == NULL)
473 return NULL;
474 os_memcpy(sm->addr, addr, ETH_ALEN);
475
476 sm->wpa_auth = wpa_auth;
477 sm->group = wpa_auth->group;
478
479 return sm;
480}
481
482
483void wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth,
484 struct wpa_state_machine *sm)
485{
486 if (wpa_auth == NULL || !wpa_auth->conf.wpa || sm == NULL)
487 return;
488
489#ifdef CONFIG_IEEE80211R
490 if (sm->ft_completed) {
491 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
492 "FT authentication already completed - do not "
493 "start 4-way handshake");
494 return;
495 }
496#endif /* CONFIG_IEEE80211R */
497
498 if (sm->started) {
22a299ee 499 os_memset(&sm->key_replay, 0, sizeof(sm->key_replay));
6fc6879b
JM		 500 sm->ReAuthenticationRequest = TRUE;
501 wpa_sm_step(sm);
502 return;
503 }
504
505 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
506 "start authentication");
507 sm->started = 1;
508
509 sm->Init = TRUE;
510 wpa_sm_step(sm);
511 sm->Init = FALSE;
512 sm->AuthenticationRequest = TRUE;
513 wpa_sm_step(sm);
514}
515
516
a8d05fca
JM		 517void wpa_auth_sta_no_wpa(struct wpa_state_machine *sm)
518{
519 /* WPA/RSN was not used - clear WPA state. This is needed if the STA
520 * reassociates back to the same AP while the previous entry for the
521 * STA has not yet been removed. */
522 if (sm == NULL)
523 return;
524
525 sm->wpa_key_mgmt = 0;
526}
527
528
6fc6879b
JM		 529static void wpa_free_sta_sm(struct wpa_state_machine *sm)
530{
531 os_free(sm->last_rx_eapol_key);
532 os_free(sm->wpa_ie);
533 os_free(sm);
534}
535
536
537void wpa_auth_sta_deinit(struct wpa_state_machine *sm)
538{
539 if (sm == NULL)
540 return;
541
542 if (sm->wpa_auth->conf.wpa_strict_rekey && sm->has_GTK) {
543 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
544 "strict rekeying - force GTK rekey since STA "
545 "is leaving");
546 eloop_cancel_timeout(wpa_rekey_gtk, sm->wpa_auth, NULL);
547 eloop_register_timeout(0, 500000, wpa_rekey_gtk, sm->wpa_auth,
548 NULL);
549 }
550
551 eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm);
552 eloop_cancel_timeout(wpa_sm_call_step, sm, NULL);
581a8cde 553 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
6fc6879b
JM		 554 if (sm->in_step_loop) {
555 /* Must not free state machine while wpa_sm_step() is running.
556 * Freeing will be completed in the end of wpa_sm_step(). */
557 wpa_printf(MSG_DEBUG, "WPA: Registering pending STA state "
558 "machine deinit for " MACSTR, MAC2STR(sm->addr));
559 sm->pending_deinit = 1;
560 } else
561 wpa_free_sta_sm(sm);
562}
563
564
565static void wpa_request_new_ptk(struct wpa_state_machine *sm)
566{
567 if (sm == NULL)
568 return;
569
570 sm->PTKRequest = TRUE;
571 sm->PTK_valid = 0;
572}
573
574
22a299ee
JM		 575static int wpa_replay_counter_valid(struct wpa_state_machine *sm,
576 const u8 *replay_counter)
577{
578 int i;
579 for (i = 0; i < RSNA_MAX_EAPOL_RETRIES; i++) {
580 if (!sm->key_replay[i].valid)
581 break;
582 if (os_memcmp(replay_counter, sm->key_replay[i].counter,
583 WPA_REPLAY_COUNTER_LEN) == 0)
584 return 1;
585 }
586 return 0;
587}
588
589
6fc6879b
JM		 590void wpa_receive(struct wpa_authenticator *wpa_auth,
591 struct wpa_state_machine *sm,
592 u8 *data, size_t data_len)
593{
594 struct ieee802_1x_hdr *hdr;
595 struct wpa_eapol_key *key;
596 u16 key_info, key_data_length;
597 enum { PAIRWISE_2, PAIRWISE_4, GROUP_2, REQUEST,
598 SMK_M1, SMK_M3, SMK_ERROR } msg;
599 char *msgtxt;
600 struct wpa_eapol_ie_parse kde;
601
602 if (wpa_auth == NULL || !wpa_auth->conf.wpa || sm == NULL)
603 return;
604
605 if (data_len < sizeof(*hdr) + sizeof(*key))
606 return;
607
608 hdr = (struct ieee802_1x_hdr *) data;
609 key = (struct wpa_eapol_key *) (hdr + 1);
610 key_info = WPA_GET_BE16(key->key_info);
611 key_data_length = WPA_GET_BE16(key->key_data_length);
612 if (key_data_length > data_len - sizeof(*hdr) - sizeof(*key)) {
613 wpa_printf(MSG_INFO, "WPA: Invalid EAPOL-Key frame - "
614 "key_data overflow (%d > %lu)",
615 key_data_length,
616 (unsigned long) (data_len - sizeof(*hdr) -
617 sizeof(*key)));
618 return;
619 }
620
621 /* FIX: verify that the EAPOL-Key frame was encrypted if pairwise keys
622 * are set */
623
624 if ((key_info & (WPA_KEY_INFO_SMK_MESSAGE | WPA_KEY_INFO_REQUEST)) ==
625 (WPA_KEY_INFO_SMK_MESSAGE | WPA_KEY_INFO_REQUEST)) {
626 if (key_info & WPA_KEY_INFO_ERROR) {
627 msg = SMK_ERROR;
628 msgtxt = "SMK Error";
629 } else {
630 msg = SMK_M1;
631 msgtxt = "SMK M1";
632 }
633 } else if (key_info & WPA_KEY_INFO_SMK_MESSAGE) {
634 msg = SMK_M3;
635 msgtxt = "SMK M3";
636 } else if (key_info & WPA_KEY_INFO_REQUEST) {
637 msg = REQUEST;
638 msgtxt = "Request";
639 } else if (!(key_info & WPA_KEY_INFO_KEY_TYPE)) {
640 msg = GROUP_2;
641 msgtxt = "2/2 Group";
642 } else if (key_data_length == 0) {
643 msg = PAIRWISE_4;
644 msgtxt = "4/4 Pairwise";
645 } else {
646 msg = PAIRWISE_2;
647 msgtxt = "2/4 Pairwise";
648 }
649
650 /* TODO: key_info type validation for PeerKey */
651 if (msg == REQUEST || msg == PAIRWISE_2 || msg == PAIRWISE_4 ||
652 msg == GROUP_2) {
653 u16 ver = key_info & WPA_KEY_INFO_TYPE_MASK;
654 if (sm->pairwise == WPA_CIPHER_CCMP) {
655 if (wpa_use_aes_cmac(sm) &&
656 ver != WPA_KEY_INFO_TYPE_AES_128_CMAC) {
657 wpa_auth_logger(wpa_auth, sm->addr,
658 LOGGER_WARNING,
659 "advertised support for "
660 "AES-128-CMAC, but did not "
661 "use it");
662 return;
663 }
664
665 if (!wpa_use_aes_cmac(sm) &&
666 ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) {
667 wpa_auth_logger(wpa_auth, sm->addr,
668 LOGGER_WARNING,
669 "did not use HMAC-SHA1-AES "
670 "with CCMP");
671 return;
672 }
673 }
674 }
675
676 if (key_info & WPA_KEY_INFO_REQUEST) {
677 if (sm->req_replay_counter_used &&
678 os_memcmp(key->replay_counter, sm->req_replay_counter,
679 WPA_REPLAY_COUNTER_LEN) <= 0) {
680 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_WARNING,
681 "received EAPOL-Key request with "
682 "replayed counter");
683 return;
684 }
685 }
686
687 if (!(key_info & WPA_KEY_INFO_REQUEST) &&
22a299ee
JM		 688 !wpa_replay_counter_valid(sm, key->replay_counter)) {
689 int i;
6fc6879b
JM		 690 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
691 "received EAPOL-Key %s with unexpected "
692 "replay counter", msgtxt);
22a299ee
JM		 693 for (i = 0; i < RSNA_MAX_EAPOL_RETRIES; i++) {
694 if (!sm->key_replay[i].valid)
695 break;
696 wpa_hexdump(MSG_DEBUG, "pending replay counter",
697 sm->key_replay[i].counter,
698 WPA_REPLAY_COUNTER_LEN);
699 }
6fc6879b
JM		 700 wpa_hexdump(MSG_DEBUG, "received replay counter",
701 key->replay_counter, WPA_REPLAY_COUNTER_LEN);
702 return;
703 }
704
705 switch (msg) {
706 case PAIRWISE_2:
707 if (sm->wpa_ptk_state != WPA_PTK_PTKSTART &&
708 sm->wpa_ptk_state != WPA_PTK_PTKCALCNEGOTIATING) {
709 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
710 "received EAPOL-Key msg 2/4 in "
711 "invalid state (%d) - dropped",
712 sm->wpa_ptk_state);
713 return;
714 }
715 if (sm->wpa_ie == NULL ||
716 sm->wpa_ie_len != key_data_length ||
717 os_memcmp(sm->wpa_ie, key + 1, key_data_length) != 0) {
718 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
719 "WPA IE from (Re)AssocReq did not "
720 "match with msg 2/4");
721 if (sm->wpa_ie) {
722 wpa_hexdump(MSG_DEBUG, "WPA IE in AssocReq",
723 sm->wpa_ie, sm->wpa_ie_len);
724 }
725 wpa_hexdump(MSG_DEBUG, "WPA IE in msg 2/4",
726 (u8 *) (key + 1), key_data_length);
727 /* MLME-DEAUTHENTICATE.request */
728 wpa_sta_disconnect(wpa_auth, sm->addr);
729 return;
730 }
731 break;
732 case PAIRWISE_4:
733 if (sm->wpa_ptk_state != WPA_PTK_PTKINITNEGOTIATING ||
734 !sm->PTK_valid) {
735 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
736 "received EAPOL-Key msg 4/4 in "
737 "invalid state (%d) - dropped",
738 sm->wpa_ptk_state);
739 return;
740 }
741 break;
742 case GROUP_2:
743 if (sm->wpa_ptk_group_state != WPA_PTK_GROUP_REKEYNEGOTIATING
744 || !sm->PTK_valid) {
745 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
746 "received EAPOL-Key msg 2/2 in "
747 "invalid state (%d) - dropped",
748 sm->wpa_ptk_group_state);
749 return;
750 }
751 break;
752#ifdef CONFIG_PEERKEY
753 case SMK_M1:
754 case SMK_M3:
755 case SMK_ERROR:
756 if (!wpa_auth->conf.peerkey) {
757 wpa_printf(MSG_DEBUG, "RSN: SMK M1/M3/Error, but "
758 "PeerKey use disabled - ignoring message");
759 return;
760 }
761 if (!sm->PTK_valid) {
762 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
763 "received EAPOL-Key msg SMK in "
764 "invalid state - dropped");
765 return;
766 }
767 break;
768#else /* CONFIG_PEERKEY */
769 case SMK_M1:
770 case SMK_M3:
771 case SMK_ERROR:
772 return; /* STSL disabled - ignore SMK messages */
773#endif /* CONFIG_PEERKEY */
774 case REQUEST:
775 break;
776 }
777
778 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
779 "received EAPOL-Key frame (%s)", msgtxt);
780
781 if (key_info & WPA_KEY_INFO_ACK) {
782 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
783 "received invalid EAPOL-Key: Key Ack set");
784 return;
785 }
786
787 if (!(key_info & WPA_KEY_INFO_MIC)) {
788 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
789 "received invalid EAPOL-Key: Key MIC not set");
790 return;
791 }
792
793 sm->MICVerified = FALSE;
794 if (sm->PTK_valid) {
795 if (wpa_verify_key_mic(&sm->PTK, data, data_len)) {
796 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
797 "received EAPOL-Key with invalid MIC");
798 return;
799 }
800 sm->MICVerified = TRUE;
801 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm);
802 }
803
804 if (key_info & WPA_KEY_INFO_REQUEST) {
805 if (sm->MICVerified) {
806 sm->req_replay_counter_used = 1;
807 os_memcpy(sm->req_replay_counter, key->replay_counter,
808 WPA_REPLAY_COUNTER_LEN);
809 } else {
810 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
811 "received EAPOL-Key request with "
812 "invalid MIC");
813 return;
814 }
815
816 /*
817 * TODO: should decrypt key data field if encryption was used;
818 * even though MAC address KDE is not normally encrypted,
819 * supplicant is allowed to encrypt it.
820 */
821 if (msg == SMK_ERROR) {
822#ifdef CONFIG_PEERKEY
823 wpa_smk_error(wpa_auth, sm, key);
824#endif /* CONFIG_PEERKEY */
825 return;
826 } else if (key_info & WPA_KEY_INFO_ERROR) {
827 /* Supplicant reported a Michael MIC error */
828 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
829 "received EAPOL-Key Error Request "
830 "(STA detected Michael MIC failure)");
831 wpa_auth_mic_failure_report(wpa_auth, sm->addr);
832 sm->dot11RSNAStatsTKIPRemoteMICFailures++;
833 wpa_auth->dot11RSNAStatsTKIPRemoteMICFailures++;
834 /* Error report is not a request for a new key
835 * handshake, but since Authenticator may do it, let's
836 * change the keys now anyway. */
837 wpa_request_new_ptk(sm);
838 } else if (key_info & WPA_KEY_INFO_KEY_TYPE) {
839 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
840 "received EAPOL-Key Request for new "
841 "4-Way Handshake");
842 wpa_request_new_ptk(sm);
843#ifdef CONFIG_PEERKEY
844 } else if (msg == SMK_M1) {
845 wpa_smk_m1(wpa_auth, sm, key);
846#endif /* CONFIG_PEERKEY */
847 } else if (key_data_length > 0 &&
848 wpa_parse_kde_ies((const u8 *) (key + 1),
849 key_data_length, &kde) == 0 &&
850 kde.mac_addr) {
851 } else {
852 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
853 "received EAPOL-Key Request for GTK "
854 "rekeying");
855 /* FIX: why was this triggering PTK rekeying for the
856 * STA that requested Group Key rekeying?? */
857 /* wpa_request_new_ptk(sta->wpa_sm); */
858 eloop_cancel_timeout(wpa_rekey_gtk, wpa_auth, NULL);
859 wpa_rekey_gtk(wpa_auth, NULL);
860 }
861 } else {
22a299ee
JM		 862 /* Do not allow the same key replay counter to be reused. This
863 * does also invalidate all other pending replay counters if
864 * retransmissions were used, i.e., we will only process one of
865 * the pending replies and ignore rest if more than one is
866 * received. */
867 sm->key_replay[0].valid = FALSE;
6fc6879b
JM		 868 }
869
870#ifdef CONFIG_PEERKEY
871 if (msg == SMK_M3) {
872 wpa_smk_m3(wpa_auth, sm, key);
873 return;
874 }
875#endif /* CONFIG_PEERKEY */
876
877 os_free(sm->last_rx_eapol_key);
878 sm->last_rx_eapol_key = os_malloc(data_len);
879 if (sm->last_rx_eapol_key == NULL)
880 return;
881 os_memcpy(sm->last_rx_eapol_key, data, data_len);
882 sm->last_rx_eapol_key_len = data_len;
883
884 sm->EAPOLKeyReceived = TRUE;
885 sm->EAPOLKeyPairwise = !!(key_info & WPA_KEY_INFO_KEY_TYPE);
886 sm->EAPOLKeyRequest = !!(key_info & WPA_KEY_INFO_REQUEST);
887 os_memcpy(sm->SNonce, key->key_nonce, WPA_NONCE_LEN);
888 wpa_sm_step(sm);
889}
890
891
892static void wpa_gmk_to_gtk(const u8 *gmk, const u8 *addr, const u8 *gnonce,
893 u8 *gtk, size_t gtk_len)
894{
895 u8 data[ETH_ALEN + WPA_NONCE_LEN];
896
897 /* GTK = PRF-X(GMK, "Group key expansion", AA || GNonce) */
898 os_memcpy(data, addr, ETH_ALEN);
899 os_memcpy(data + ETH_ALEN, gnonce, WPA_NONCE_LEN);
900
56586197
JM		 901#ifdef CONFIG_IEEE80211W
902 sha256_prf(gmk, WPA_GMK_LEN, "Group key expansion",
903 data, sizeof(data), gtk, gtk_len);
904#else /* CONFIG_IEEE80211W */
6fc6879b
JM		 905 sha1_prf(gmk, WPA_GMK_LEN, "Group key expansion",
906 data, sizeof(data), gtk, gtk_len);
56586197 907#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 908
909 wpa_hexdump_key(MSG_DEBUG, "GMK", gmk, WPA_GMK_LEN);
910 wpa_hexdump_key(MSG_DEBUG, "GTK", gtk, gtk_len);
911}
912
913
914static void wpa_send_eapol_timeout(void *eloop_ctx, void *timeout_ctx)
915{
916 struct wpa_authenticator *wpa_auth = eloop_ctx;
917 struct wpa_state_machine *sm = timeout_ctx;
918
919 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "EAPOL-Key timeout");
920 sm->TimeoutEvt = TRUE;
921 wpa_sm_step(sm);
922}
923
924
925void __wpa_send_eapol(struct wpa_authenticator *wpa_auth,
926 struct wpa_state_machine *sm, int key_info,
927 const u8 *key_rsc, const u8 *nonce,
928 const u8 *kde, size_t kde_len,
929 int keyidx, int encr, int force_version)
930{
931 struct ieee802_1x_hdr *hdr;
932 struct wpa_eapol_key *key;
933 size_t len;
934 int alg;
935 int key_data_len, pad_len = 0;
936 u8 *buf, *pos;
937 int version, pairwise;
22a299ee 938 int i;
6fc6879b
JM		 939
940 len = sizeof(struct ieee802_1x_hdr) + sizeof(struct wpa_eapol_key);
941
942 if (force_version)
943 version = force_version;
944 else if (wpa_use_aes_cmac(sm))
945 version = WPA_KEY_INFO_TYPE_AES_128_CMAC;
946 else if (sm->pairwise == WPA_CIPHER_CCMP)
947 version = WPA_KEY_INFO_TYPE_HMAC_SHA1_AES;
948 else
949 version = WPA_KEY_INFO_TYPE_HMAC_MD5_RC4;
950
951 pairwise = key_info & WPA_KEY_INFO_KEY_TYPE;
952
953 wpa_printf(MSG_DEBUG, "WPA: Send EAPOL(version=%d secure=%d mic=%d "
954 "ack=%d install=%d pairwise=%d kde_len=%lu keyidx=%d "
955 "encr=%d)",
956 version,
957 (key_info & WPA_KEY_INFO_SECURE) ? 1 : 0,
958 (key_info & WPA_KEY_INFO_MIC) ? 1 : 0,
959 (key_info & WPA_KEY_INFO_ACK) ? 1 : 0,
960 (key_info & WPA_KEY_INFO_INSTALL) ? 1 : 0,
961 pairwise, (unsigned long) kde_len, keyidx, encr);
962
963 key_data_len = kde_len;
964
965 if ((version == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES ||
966 version == WPA_KEY_INFO_TYPE_AES_128_CMAC) && encr) {
967 pad_len = key_data_len % 8;
968 if (pad_len)
969 pad_len = 8 - pad_len;
970 key_data_len += pad_len + 8;
971 }
972
973 len += key_data_len;
974
975 hdr = os_zalloc(len);
976 if (hdr == NULL)
977 return;
978 hdr->version = wpa_auth->conf.eapol_version;
979 hdr->type = IEEE802_1X_TYPE_EAPOL_KEY;
980 hdr->length = host_to_be16(len - sizeof(*hdr));
981 key = (struct wpa_eapol_key *) (hdr + 1);
982
983 key->type = sm->wpa == WPA_VERSION_WPA2 ?
984 EAPOL_KEY_TYPE_RSN : EAPOL_KEY_TYPE_WPA;
985 key_info |= version;
986 if (encr && sm->wpa == WPA_VERSION_WPA2)
987 key_info |= WPA_KEY_INFO_ENCR_KEY_DATA;
988 if (sm->wpa != WPA_VERSION_WPA2)
989 key_info |= keyidx << WPA_KEY_INFO_KEY_INDEX_SHIFT;
990 WPA_PUT_BE16(key->key_info, key_info);
991
992 alg = pairwise ? sm->pairwise : wpa_auth->conf.wpa_group;
993 switch (alg) {
994 case WPA_CIPHER_CCMP:
995 WPA_PUT_BE16(key->key_length, 16);
996 break;
997 case WPA_CIPHER_TKIP:
998 WPA_PUT_BE16(key->key_length, 32);
999 break;
1000 case WPA_CIPHER_WEP40:
1001 WPA_PUT_BE16(key->key_length, 5);
1002 break;
1003 case WPA_CIPHER_WEP104:
1004 WPA_PUT_BE16(key->key_length, 13);
1005 break;
1006 }
1007 if (key_info & WPA_KEY_INFO_SMK_MESSAGE)
1008 WPA_PUT_BE16(key->key_length, 0);
1009
1010 /* FIX: STSL: what to use as key_replay_counter? */
22a299ee
JM		 1011 for (i = RSNA_MAX_EAPOL_RETRIES - 1; i > 0; i--) {
1012 sm->key_replay[i].valid = sm->key_replay[i - 1].valid;
1013 os_memcpy(sm->key_replay[i].counter,
1014 sm->key_replay[i - 1].counter,
1015 WPA_REPLAY_COUNTER_LEN);
1016 }
1017 inc_byte_array(sm->key_replay[0].counter, WPA_REPLAY_COUNTER_LEN);
1018 os_memcpy(key->replay_counter, sm->key_replay[0].counter,
6fc6879b 1019 WPA_REPLAY_COUNTER_LEN);
22a299ee 1020 sm->key_replay[0].valid = TRUE;
6fc6879b
JM		 1021
1022 if (nonce)
1023 os_memcpy(key->key_nonce, nonce, WPA_NONCE_LEN);
1024
1025 if (key_rsc)
1026 os_memcpy(key->key_rsc, key_rsc, WPA_KEY_RSC_LEN);
1027
1028 if (kde && !encr) {
1029 os_memcpy(key + 1, kde, kde_len);
1030 WPA_PUT_BE16(key->key_data_length, kde_len);
1031 } else if (encr && kde) {
1032 buf = os_zalloc(key_data_len);
1033 if (buf == NULL) {
1034 os_free(hdr);
1035 return;
1036 }
1037 pos = buf;
1038 os_memcpy(pos, kde, kde_len);
1039 pos += kde_len;
1040
1041 if (pad_len)
1042 *pos++ = 0xdd;
1043
1044 wpa_hexdump_key(MSG_DEBUG, "Plaintext EAPOL-Key Key Data",
1045 buf, key_data_len);
1046 if (version == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES ||
1047 version == WPA_KEY_INFO_TYPE_AES_128_CMAC) {
1048 if (aes_wrap(sm->PTK.kek, (key_data_len - 8) / 8, buf,
1049 (u8 *) (key + 1))) {
1050 os_free(hdr);
1051 os_free(buf);
1052 return;
1053 }
1054 WPA_PUT_BE16(key->key_data_length, key_data_len);
1055 } else {
1056 u8 ek[32];
1057 os_memcpy(key->key_iv,
1058 sm->group->Counter + WPA_NONCE_LEN - 16, 16);
1059 inc_byte_array(sm->group->Counter, WPA_NONCE_LEN);
1060 os_memcpy(ek, key->key_iv, 16);
1061 os_memcpy(ek + 16, sm->PTK.kek, 16);
1062 os_memcpy(key + 1, buf, key_data_len);
1063 rc4_skip(ek, 32, 256, (u8 *) (key + 1), key_data_len);
1064 WPA_PUT_BE16(key->key_data_length, key_data_len);
1065 }
1066 os_free(buf);
1067 }
1068
1069 if (key_info & WPA_KEY_INFO_MIC) {
1070 if (!sm->PTK_valid) {
1071 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
1072 "PTK not valid when sending EAPOL-Key "
1073 "frame");
1074 os_free(hdr);
1075 return;
1076 }
1077 wpa_eapol_key_mic(sm->PTK.kck, version, (u8 *) hdr, len,
1078 key->key_mic);
1079 }
1080
1081 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_inc_EapolFramesTx,
1082 1);
1083 wpa_auth_send_eapol(wpa_auth, sm->addr, (u8 *) hdr, len,
1084 sm->pairwise_set);
1085 os_free(hdr);
1086}
1087
1088
1089static void wpa_send_eapol(struct wpa_authenticator *wpa_auth,
1090 struct wpa_state_machine *sm, int key_info,
1091 const u8 *key_rsc, const u8 *nonce,
1092 const u8 *kde, size_t kde_len,
1093 int keyidx, int encr)
1094{
1095 int timeout_ms;
1096 int pairwise = key_info & WPA_KEY_INFO_KEY_TYPE;
bae61562 1097 int ctr;
6fc6879b
JM		 1098
1099 if (sm == NULL)
1100 return;
1101
1102 __wpa_send_eapol(wpa_auth, sm, key_info, key_rsc, nonce, kde, kde_len,
1103 keyidx, encr, 0);
1104
bae61562
JM		 1105 ctr = pairwise ? sm->TimeoutCtr : sm->GTimeoutCtr;
1106 if (ctr == 1)
1107 timeout_ms = eapol_key_timeout_first;
1108 else
1109 timeout_ms = eapol_key_timeout_subseq;
6fc6879b
JM		 1110 eloop_register_timeout(timeout_ms / 1000, (timeout_ms % 1000) * 1000,
1111 wpa_send_eapol_timeout, wpa_auth, sm);
1112}
1113
1114
1115static int wpa_verify_key_mic(struct wpa_ptk *PTK, u8 *data, size_t data_len)
1116{
1117 struct ieee802_1x_hdr *hdr;
1118 struct wpa_eapol_key *key;
1119 u16 key_info;
1120 int ret = 0;
1121 u8 mic[16];
1122
1123 if (data_len < sizeof(*hdr) + sizeof(*key))
1124 return -1;
1125
1126 hdr = (struct ieee802_1x_hdr *) data;
1127 key = (struct wpa_eapol_key *) (hdr + 1);
1128 key_info = WPA_GET_BE16(key->key_info);
1129 os_memcpy(mic, key->key_mic, 16);
1130 os_memset(key->key_mic, 0, 16);
1131 if (wpa_eapol_key_mic(PTK->kck, key_info & WPA_KEY_INFO_TYPE_MASK,
1132 data, data_len, key->key_mic) ||
1133 os_memcmp(mic, key->key_mic, 16) != 0)
1134 ret = -1;
1135 os_memcpy(key->key_mic, mic, 16);
1136 return ret;
1137}
1138
1139
1140void wpa_remove_ptk(struct wpa_state_machine *sm)
1141{
1142 sm->PTK_valid = FALSE;
1143 os_memset(&sm->PTK, 0, sizeof(sm->PTK));
1144 wpa_auth_set_key(sm->wpa_auth, 0, "none", sm->addr, 0, (u8 *) "", 0);
1145 sm->pairwise_set = FALSE;
581a8cde 1146 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
6fc6879b
JM		 1147}
1148
1149
1150void wpa_auth_sm_event(struct wpa_state_machine *sm, wpa_event event)
1151{
5d22a1d5
JM		 1152 int remove_ptk = 1;
1153
6fc6879b
JM		 1154 if (sm == NULL)
1155 return;
1156
1157 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1158 "event %d notification", event);
1159
1160 switch (event) {
1161 case WPA_AUTH:
1162 case WPA_ASSOC:
1163 break;
1164 case WPA_DEAUTH:
1165 case WPA_DISASSOC:
1166 sm->DeauthenticationRequest = TRUE;
1167 break;
1168 case WPA_REAUTH:
1169 case WPA_REAUTH_EAPOL:
9663596f
JM		 1170 if (sm->GUpdateStationKeys) {
1171 /*
1172 * Reauthentication cancels the pending group key
1173 * update for this STA.
1174 */
1175 sm->group->GKeyDoneStations--;
1176 sm->GUpdateStationKeys = FALSE;
1177 sm->PtkGroupInit = TRUE;
1178 }
6fc6879b
JM		 1179 sm->ReAuthenticationRequest = TRUE;
1180 break;
1181 case WPA_ASSOC_FT:
1182#ifdef CONFIG_IEEE80211R
1183 /* Using FT protocol, not WPA auth state machine */
1184 sm->ft_completed = 1;
1185 return;
1186#else /* CONFIG_IEEE80211R */
1187 break;
1188#endif /* CONFIG_IEEE80211R */
1189 }
1190
1191#ifdef CONFIG_IEEE80211R
1192 sm->ft_completed = 0;
1193#endif /* CONFIG_IEEE80211R */
1194
5d22a1d5
JM		 1195#ifdef CONFIG_IEEE80211W
1196 if (sm->mgmt_frame_prot && event == WPA_AUTH)
1197 remove_ptk = 0;
1198#endif /* CONFIG_IEEE80211W */
6fc6879b 1199
5d22a1d5
JM		 1200 if (remove_ptk) {
1201 sm->PTK_valid = FALSE;
1202 os_memset(&sm->PTK, 0, sizeof(sm->PTK));
1203
1204 if (event != WPA_REAUTH_EAPOL)
1205 wpa_remove_ptk(sm);
1206 }
6fc6879b
JM		 1207
1208 wpa_sm_step(sm);
1209}
1210
1211
1212static const char * wpa_alg_txt(int alg)
1213{
1214 switch (alg) {
1215 case WPA_CIPHER_CCMP:
1216 return "CCMP";
1217 case WPA_CIPHER_TKIP:
1218 return "TKIP";
1219 case WPA_CIPHER_WEP104:
1220 case WPA_CIPHER_WEP40:
1221 return "WEP";
1222 default:
1223 return "";
1224 }
1225}
1226
1227
1228SM_STATE(WPA_PTK, INITIALIZE)
1229{
1230 SM_ENTRY_MA(WPA_PTK, INITIALIZE, wpa_ptk);
1231 if (sm->Init) {
1232 /* Init flag is not cleared here, so avoid busy
1233 * loop by claiming nothing changed. */
1234 sm->changed = FALSE;
1235 }
1236
1237 sm->keycount = 0;
1238 if (sm->GUpdateStationKeys)
1239 sm->group->GKeyDoneStations--;
1240 sm->GUpdateStationKeys = FALSE;
1241 if (sm->wpa == WPA_VERSION_WPA)
1242 sm->PInitAKeys = FALSE;
1243 if (1 /* Unicast cipher supported AND (ESS OR ((IBSS or WDS) and
1244 * Local AA > Remote AA)) */) {
1245 sm->Pair = TRUE;
1246 }
1247 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 0);
1248 wpa_remove_ptk(sm);
1249 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid, 0);
1250 sm->TimeoutCtr = 0;
56586197 1251 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
6fc6879b
JM		 1252 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
1253 WPA_EAPOL_authorized, 0);
1254 }
1255}
1256
1257
1258SM_STATE(WPA_PTK, DISCONNECT)
1259{
1260 SM_ENTRY_MA(WPA_PTK, DISCONNECT, wpa_ptk);
1261 sm->Disconnect = FALSE;
1262 wpa_sta_disconnect(sm->wpa_auth, sm->addr);
1263}
1264
1265
1266SM_STATE(WPA_PTK, DISCONNECTED)
1267{
1268 SM_ENTRY_MA(WPA_PTK, DISCONNECTED, wpa_ptk);
1269 sm->DeauthenticationRequest = FALSE;
1270}
1271
1272
1273SM_STATE(WPA_PTK, AUTHENTICATION)
1274{
1275 SM_ENTRY_MA(WPA_PTK, AUTHENTICATION, wpa_ptk);
1276 os_memset(&sm->PTK, 0, sizeof(sm->PTK));
1277 sm->PTK_valid = FALSE;
1278 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portControl_Auto,
1279 1);
1280 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 1);
1281 sm->AuthenticationRequest = FALSE;
1282}
1283
1284
1285SM_STATE(WPA_PTK, AUTHENTICATION2)
1286{
1287 SM_ENTRY_MA(WPA_PTK, AUTHENTICATION2, wpa_ptk);
1288 os_memcpy(sm->ANonce, sm->group->Counter, WPA_NONCE_LEN);
1289 inc_byte_array(sm->group->Counter, WPA_NONCE_LEN);
1290 sm->ReAuthenticationRequest = FALSE;
1291 /* IEEE 802.11i does not clear TimeoutCtr here, but this is more
1292 * logical place than INITIALIZE since AUTHENTICATION2 can be
1293 * re-entered on ReAuthenticationRequest without going through
1294 * INITIALIZE. */
1295 sm->TimeoutCtr = 0;
1296}
1297
1298
1299SM_STATE(WPA_PTK, INITPMK)
1300{
1301 u8 msk[2 * PMK_LEN];
1302 size_t len = 2 * PMK_LEN;
1303
1304 SM_ENTRY_MA(WPA_PTK, INITPMK, wpa_ptk);
1305#ifdef CONFIG_IEEE80211R
1306 sm->xxkey_len = 0;
1307#endif /* CONFIG_IEEE80211R */
1308 if (sm->pmksa) {
1309 wpa_printf(MSG_DEBUG, "WPA: PMK from PMKSA cache");
1310 os_memcpy(sm->PMK, sm->pmksa->pmk, PMK_LEN);
1311 } else if (wpa_auth_get_msk(sm->wpa_auth, sm->addr, msk, &len) == 0) {
1312 wpa_printf(MSG_DEBUG, "WPA: PMK from EAPOL state machine "
1313 "(len=%lu)", (unsigned long) len);
1314 os_memcpy(sm->PMK, msk, PMK_LEN);
1315#ifdef CONFIG_IEEE80211R
1316 if (len >= 2 * PMK_LEN) {
1317 os_memcpy(sm->xxkey, msk + PMK_LEN, PMK_LEN);
1318 sm->xxkey_len = PMK_LEN;
1319 }
1320#endif /* CONFIG_IEEE80211R */
1321 } else {
1322 wpa_printf(MSG_DEBUG, "WPA: Could not get PMK");
1323 }
1324
1325 sm->req_replay_counter_used = 0;
1326 /* IEEE 802.11i does not set keyRun to FALSE, but not doing this
1327 * will break reauthentication since EAPOL state machines may not be
1328 * get into AUTHENTICATING state that clears keyRun before WPA state
1329 * machine enters AUTHENTICATION2 state and goes immediately to INITPMK
1330 * state and takes PMK from the previously used AAA Key. This will
1331 * eventually fail in 4-Way Handshake because Supplicant uses PMK
1332 * derived from the new AAA Key. Setting keyRun = FALSE here seems to
1333 * be good workaround for this issue. */
1334 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyRun, 0);
1335}
1336
1337
1338SM_STATE(WPA_PTK, INITPSK)
1339{
1340 const u8 *psk;
1341 SM_ENTRY_MA(WPA_PTK, INITPSK, wpa_ptk);
1342 psk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, NULL);
1343 if (psk) {
1344 os_memcpy(sm->PMK, psk, PMK_LEN);
1345#ifdef CONFIG_IEEE80211R
1346 os_memcpy(sm->xxkey, psk, PMK_LEN);
1347 sm->xxkey_len = PMK_LEN;
1348#endif /* CONFIG_IEEE80211R */
1349 }
1350 sm->req_replay_counter_used = 0;
1351}
1352
1353
1354SM_STATE(WPA_PTK, PTKSTART)
1355{
1356 u8 buf[2 + RSN_SELECTOR_LEN + PMKID_LEN], *pmkid = NULL;
1357 size_t pmkid_len = 0;
1358
1359 SM_ENTRY_MA(WPA_PTK, PTKSTART, wpa_ptk);
1360 sm->PTKRequest = FALSE;
1361 sm->TimeoutEvt = FALSE;
bae61562
JM		 1362
1363 sm->TimeoutCtr++;
1364 if (sm->TimeoutCtr > (int) dot11RSNAConfigPairwiseUpdateCount) {
1365 /* No point in sending the EAPOL-Key - we will disconnect
1366 * immediately following this. */
1367 return;
1368 }
1369
6fc6879b
JM		 1370 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1371 "sending 1/4 msg of 4-Way Handshake");
1372 /*
1373 * TODO: Could add PMKID even with WPA2-PSK, but only if there is only
1374 * one possible PSK for this STA.
1375 */
1376 if (sm->wpa == WPA_VERSION_WPA2 &&
56586197 1377 wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt)) {
6fc6879b
JM		 1378 pmkid = buf;
1379 pmkid_len = 2 + RSN_SELECTOR_LEN + PMKID_LEN;
1380 pmkid[0] = WLAN_EID_VENDOR_SPECIFIC;
1381 pmkid[1] = RSN_SELECTOR_LEN + PMKID_LEN;
1382 RSN_SELECTOR_PUT(&pmkid[2], RSN_KEY_DATA_PMKID);
1383 if (sm->pmksa)
1384 os_memcpy(&pmkid[2 + RSN_SELECTOR_LEN],
1385 sm->pmksa->pmkid, PMKID_LEN);
1386 else {
1387 /*
1388 * Calculate PMKID since no PMKSA cache entry was
1389 * available with pre-calculated PMKID.
1390 */
1391 rsn_pmkid(sm->PMK, PMK_LEN, sm->wpa_auth->addr,
56586197
JM		 1392 sm->addr, &pmkid[2 + RSN_SELECTOR_LEN],
1393 wpa_key_mgmt_sha256(sm->wpa_key_mgmt));
6fc6879b
JM		 1394 }
1395 }
1396 wpa_send_eapol(sm->wpa_auth, sm,
1397 WPA_KEY_INFO_ACK | WPA_KEY_INFO_KEY_TYPE, NULL,
1398 sm->ANonce, pmkid, pmkid_len, 0, 0);
6fc6879b
JM		 1399}
1400
1401
1402static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *pmk,
1403 struct wpa_ptk *ptk)
1404{
1405#ifdef CONFIG_IEEE80211R
56586197 1406 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt))
6fc6879b
JM		 1407 return wpa_auth_derive_ptk_ft(sm, pmk, ptk);
1408#endif /* CONFIG_IEEE80211R */
1409
1410 wpa_pmk_to_ptk(pmk, PMK_LEN, "Pairwise key expansion",
1411 sm->wpa_auth->addr, sm->addr, sm->ANonce, sm->SNonce,
56586197
JM		 1412 (u8 *) ptk, sizeof(*ptk),
1413 wpa_key_mgmt_sha256(sm->wpa_key_mgmt));
6fc6879b
JM		 1414
1415 return 0;
1416}
1417
1418
1419SM_STATE(WPA_PTK, PTKCALCNEGOTIATING)
1420{
1421 struct wpa_ptk PTK;
1422 int ok = 0;
1423 const u8 *pmk = NULL;
1424
1425 SM_ENTRY_MA(WPA_PTK, PTKCALCNEGOTIATING, wpa_ptk);
1426 sm->EAPOLKeyReceived = FALSE;
1427
1428 /* WPA with IEEE 802.1X: use the derived PMK from EAP
1429 * WPA-PSK: iterate through possible PSKs and select the one matching
1430 * the packet */
1431 for (;;) {
56586197 1432 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
6fc6879b
JM		 1433 pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, pmk);
1434 if (pmk == NULL)
1435 break;
1436 } else
1437 pmk = sm->PMK;
1438
1439 wpa_derive_ptk(sm, pmk, &PTK);
1440
1441 if (wpa_verify_key_mic(&PTK, sm->last_rx_eapol_key,
1442 sm->last_rx_eapol_key_len) == 0) {
1443 ok = 1;
1444 break;
1445 }
1446
56586197 1447 if (!wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt))
6fc6879b
JM		 1448 break;
1449 }
1450
1451 if (!ok) {
1452 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1453 "invalid MIC in msg 2/4 of 4-Way Handshake");
1454 return;
1455 }
1456
1457 eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm);
1458
56586197 1459 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
6fc6879b
JM		 1460 /* PSK may have changed from the previous choice, so update
1461 * state machine data based on whatever PSK was selected here.
1462 */
1463 os_memcpy(sm->PMK, pmk, PMK_LEN);
1464 }
1465
1466 sm->MICVerified = TRUE;
1467
1468 os_memcpy(&sm->PTK, &PTK, sizeof(PTK));
1469 sm->PTK_valid = TRUE;
1470}
1471
1472
1473SM_STATE(WPA_PTK, PTKCALCNEGOTIATING2)
1474{
1475 SM_ENTRY_MA(WPA_PTK, PTKCALCNEGOTIATING2, wpa_ptk);
1476 sm->TimeoutCtr = 0;
1477}
1478
1479
1480#ifdef CONFIG_IEEE80211W
1481
1482static int ieee80211w_kde_len(struct wpa_state_machine *sm)
1483{
1484 if (sm->mgmt_frame_prot) {
1485 return 2 + RSN_SELECTOR_LEN + sizeof(struct wpa_igtk_kde);
1486 }
1487
1488 return 0;
1489}
1490
1491
1492static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos)
1493{
1494 struct wpa_igtk_kde igtk;
1495 struct wpa_group *gsm = sm->group;
1496
1497 if (!sm->mgmt_frame_prot)
1498 return pos;
1499
1500 igtk.keyid[0] = gsm->GN_igtk;
1501 igtk.keyid[1] = 0;
1502 if (wpa_auth_get_seqnum_igtk(sm->wpa_auth, NULL, gsm->GN_igtk, igtk.pn)
1503 < 0)
1504 os_memset(igtk.pn, 0, sizeof(igtk.pn));
1505 os_memcpy(igtk.igtk, gsm->IGTK[gsm->GN_igtk - 4], WPA_IGTK_LEN);
1506 pos = wpa_add_kde(pos, RSN_KEY_DATA_IGTK,
1507 (const u8 *) &igtk, sizeof(igtk), NULL, 0);
1508
1509 return pos;
1510}
1511
1512#else /* CONFIG_IEEE80211W */
1513
1514static int ieee80211w_kde_len(struct wpa_state_machine *sm)
1515{
1516 return 0;
1517}
1518
1519
1520static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos)
1521{
1522 return pos;
1523}
1524
1525#endif /* CONFIG_IEEE80211W */
1526
1527
1528SM_STATE(WPA_PTK, PTKINITNEGOTIATING)
1529{
1530 u8 rsc[WPA_KEY_RSC_LEN], *_rsc, *gtk, *kde, *pos;
1531 size_t gtk_len, kde_len;
1532 struct wpa_group *gsm = sm->group;
1533 u8 *wpa_ie;
1534 int wpa_ie_len, secure, keyidx, encr = 0;
1535
1536 SM_ENTRY_MA(WPA_PTK, PTKINITNEGOTIATING, wpa_ptk);
1537 sm->TimeoutEvt = FALSE;
bae61562
JM		 1538
1539 sm->TimeoutCtr++;
1540 if (sm->TimeoutCtr > (int) dot11RSNAConfigPairwiseUpdateCount) {
1541 /* No point in sending the EAPOL-Key - we will disconnect
1542 * immediately following this. */
1543 return;
1544 }
1545
6fc6879b
JM		 1546 /* Send EAPOL(1, 1, 1, Pair, P, RSC, ANonce, MIC(PTK), RSNIE, GTK[GN])
1547 */
1548 os_memset(rsc, 0, WPA_KEY_RSC_LEN);
1549 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc);
1550 wpa_ie = sm->wpa_auth->wpa_ie;
1551 wpa_ie_len = sm->wpa_auth->wpa_ie_len;
1552 if (sm->wpa == WPA_VERSION_WPA &&
1553 (sm->wpa_auth->conf.wpa & WPA_PROTO_RSN) &&
1554 wpa_ie_len > wpa_ie[1] + 2 && wpa_ie[0] == WLAN_EID_RSN) {
1555 /* WPA-only STA, remove RSN IE */
1556 wpa_ie = wpa_ie + wpa_ie[1] + 2;
1557 wpa_ie_len = wpa_ie[1] + 2;
1558 }
1559 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1560 "sending 3/4 msg of 4-Way Handshake");
1561 if (sm->wpa == WPA_VERSION_WPA2) {
1562 /* WPA2 send GTK in the 4-way handshake */
1563 secure = 1;
1564 gtk = gsm->GTK[gsm->GN - 1];
1565 gtk_len = gsm->GTK_len;
1566 keyidx = gsm->GN;
1567 _rsc = rsc;
1568 encr = 1;
1569 } else {
1570 /* WPA does not include GTK in msg 3/4 */
1571 secure = 0;
1572 gtk = NULL;
1573 gtk_len = 0;
1574 keyidx = 0;
1575 _rsc = NULL;
1576 }
1577
1578 kde_len = wpa_ie_len + ieee80211w_kde_len(sm);
1579 if (gtk)
1580 kde_len += 2 + RSN_SELECTOR_LEN + 2 + gtk_len;
1581 kde = os_malloc(kde_len);
1582 if (kde == NULL)
1583 return;
1584
1585 pos = kde;
1586 os_memcpy(pos, wpa_ie, wpa_ie_len);
1587 pos += wpa_ie_len;
1588 if (gtk) {
1589 u8 hdr[2];
1590 hdr[0] = keyidx & 0x03;
1591 hdr[1] = 0;
1592 pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2,
1593 gtk, gtk_len);
1594 }
1595 pos = ieee80211w_kde_add(sm, pos);
1596
1597 wpa_send_eapol(sm->wpa_auth, sm,
1598 (secure ? WPA_KEY_INFO_SECURE : 0) | WPA_KEY_INFO_MIC |
1599 WPA_KEY_INFO_ACK | WPA_KEY_INFO_INSTALL |
1600 WPA_KEY_INFO_KEY_TYPE,
1601 _rsc, sm->ANonce, kde, pos - kde, keyidx, encr);
1602 os_free(kde);
6fc6879b
JM		 1603}
1604
1605
1606SM_STATE(WPA_PTK, PTKINITDONE)
1607{
1608 SM_ENTRY_MA(WPA_PTK, PTKINITDONE, wpa_ptk);
1609 sm->EAPOLKeyReceived = FALSE;
1610 if (sm->Pair) {
1611 char *alg;
1612 int klen;
1613 if (sm->pairwise == WPA_CIPHER_TKIP) {
1614 alg = "TKIP";
1615 klen = 32;
1616 } else {
1617 alg = "CCMP";
1618 klen = 16;
1619 }
1620 if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0,
1621 sm->PTK.tk1, klen)) {
1622 wpa_sta_disconnect(sm->wpa_auth, sm->addr);
1623 return;
1624 }
1625 /* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */
1626 sm->pairwise_set = TRUE;
1627
581a8cde
JM		 1628 if (sm->wpa_auth->conf.wpa_ptk_rekey) {
1629 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
1630 eloop_register_timeout(sm->wpa_auth->conf.
1631 wpa_ptk_rekey, 0, wpa_rekey_ptk,
1632 sm->wpa_auth, sm);
1633 }
1634
56586197 1635 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
6fc6879b
JM		 1636 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
1637 WPA_EAPOL_authorized, 1);
1638 }
1639 }
1640
1641 if (0 /* IBSS == TRUE */) {
1642 sm->keycount++;
1643 if (sm->keycount == 2) {
1644 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
1645 WPA_EAPOL_portValid, 1);
1646 }
1647 } else {
1648 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid,
1649 1);
1650 }
1651 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyAvailable, 0);
1652 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyDone, 1);
1653 if (sm->wpa == WPA_VERSION_WPA)
1654 sm->PInitAKeys = TRUE;
1655 else
1656 sm->has_GTK = TRUE;
1657 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO,
1658 "pairwise key handshake completed (%s)",
1659 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN");
1660
1661#ifdef CONFIG_IEEE80211R
1662 wpa_ft_push_pmk_r1(sm->wpa_auth, sm->addr);
1663#endif /* CONFIG_IEEE80211R */
1664}
1665
1666
1667SM_STEP(WPA_PTK)
1668{
1669 struct wpa_authenticator *wpa_auth = sm->wpa_auth;
1670
1671 if (sm->Init)
1672 SM_ENTER(WPA_PTK, INITIALIZE);
1673 else if (sm->Disconnect
1674 /* || FIX: dot11RSNAConfigSALifetime timeout */)
1675 SM_ENTER(WPA_PTK, DISCONNECT);
1676 else if (sm->DeauthenticationRequest)
1677 SM_ENTER(WPA_PTK, DISCONNECTED);
1678 else if (sm->AuthenticationRequest)
1679 SM_ENTER(WPA_PTK, AUTHENTICATION);
1680 else if (sm->ReAuthenticationRequest)
1681 SM_ENTER(WPA_PTK, AUTHENTICATION2);
1682 else if (sm->PTKRequest)
1683 SM_ENTER(WPA_PTK, PTKSTART);
1684 else switch (sm->wpa_ptk_state) {
1685 case WPA_PTK_INITIALIZE:
1686 break;
1687 case WPA_PTK_DISCONNECT:
1688 SM_ENTER(WPA_PTK, DISCONNECTED);
1689 break;
1690 case WPA_PTK_DISCONNECTED:
1691 SM_ENTER(WPA_PTK, INITIALIZE);
1692 break;
1693 case WPA_PTK_AUTHENTICATION:
1694 SM_ENTER(WPA_PTK, AUTHENTICATION2);
1695 break;
1696 case WPA_PTK_AUTHENTICATION2:
56586197 1697 if (wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt) &&
6fc6879b
JM		 1698 wpa_auth_get_eapol(sm->wpa_auth, sm->addr,
1699 WPA_EAPOL_keyRun) > 0)
1700 SM_ENTER(WPA_PTK, INITPMK);
56586197 1701 else if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)
6fc6879b
JM		 1702 /* FIX: && 802.1X::keyRun */)
1703 SM_ENTER(WPA_PTK, INITPSK);
1704 break;
1705 case WPA_PTK_INITPMK:
1706 if (wpa_auth_get_eapol(sm->wpa_auth, sm->addr,
1707 WPA_EAPOL_keyAvailable) > 0)
1708 SM_ENTER(WPA_PTK, PTKSTART);
1709 else {
1710 wpa_auth->dot11RSNA4WayHandshakeFailures++;
1711 SM_ENTER(WPA_PTK, DISCONNECT);
1712 }
1713 break;
1714 case WPA_PTK_INITPSK:
1715 if (wpa_auth_get_psk(sm->wpa_auth, sm->addr, NULL))
1716 SM_ENTER(WPA_PTK, PTKSTART);
1717 else {
1718 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO,
1719 "no PSK configured for the STA");
1720 wpa_auth->dot11RSNA4WayHandshakeFailures++;
1721 SM_ENTER(WPA_PTK, DISCONNECT);
1722 }
1723 break;
1724 case WPA_PTK_PTKSTART:
1725 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
1726 sm->EAPOLKeyPairwise)
1727 SM_ENTER(WPA_PTK, PTKCALCNEGOTIATING);
1728 else if (sm->TimeoutCtr >
1729 (int) dot11RSNAConfigPairwiseUpdateCount) {
1730 wpa_auth->dot11RSNA4WayHandshakeFailures++;
1731 SM_ENTER(WPA_PTK, DISCONNECT);
1732 } else if (sm->TimeoutEvt)
1733 SM_ENTER(WPA_PTK, PTKSTART);
1734 break;
1735 case WPA_PTK_PTKCALCNEGOTIATING:
1736 if (sm->MICVerified)
1737 SM_ENTER(WPA_PTK, PTKCALCNEGOTIATING2);
1738 else if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
1739 sm->EAPOLKeyPairwise)
1740 SM_ENTER(WPA_PTK, PTKCALCNEGOTIATING);
1741 else if (sm->TimeoutEvt)
1742 SM_ENTER(WPA_PTK, PTKSTART);
1743 break;
1744 case WPA_PTK_PTKCALCNEGOTIATING2:
1745 SM_ENTER(WPA_PTK, PTKINITNEGOTIATING);
1746 break;
1747 case WPA_PTK_PTKINITNEGOTIATING:
1748 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
1749 sm->EAPOLKeyPairwise && sm->MICVerified)
1750 SM_ENTER(WPA_PTK, PTKINITDONE);
1751 else if (sm->TimeoutCtr >
1752 (int) dot11RSNAConfigPairwiseUpdateCount) {
1753 wpa_auth->dot11RSNA4WayHandshakeFailures++;
1754 SM_ENTER(WPA_PTK, DISCONNECT);
1755 } else if (sm->TimeoutEvt)
1756 SM_ENTER(WPA_PTK, PTKINITNEGOTIATING);
1757 break;
1758 case WPA_PTK_PTKINITDONE:
1759 break;
1760 }
1761}
1762
1763
1764SM_STATE(WPA_PTK_GROUP, IDLE)
1765{
1766 SM_ENTRY_MA(WPA_PTK_GROUP, IDLE, wpa_ptk_group);
1767 if (sm->Init) {
1768 /* Init flag is not cleared here, so avoid busy
1769 * loop by claiming nothing changed. */
1770 sm->changed = FALSE;
1771 }
1772 sm->GTimeoutCtr = 0;
1773}
1774
1775
1776SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING)
1777{
1778 u8 rsc[WPA_KEY_RSC_LEN];
1779 struct wpa_group *gsm = sm->group;
1780 u8 *kde, *pos, hdr[2];
1781 size_t kde_len;
1782
1783 SM_ENTRY_MA(WPA_PTK_GROUP, REKEYNEGOTIATING, wpa_ptk_group);
bae61562
JM		 1784
1785 sm->GTimeoutCtr++;
1786 if (sm->GTimeoutCtr > (int) dot11RSNAConfigGroupUpdateCount) {
1787 /* No point in sending the EAPOL-Key - we will disconnect
1788 * immediately following this. */
1789 return;
1790 }
1791
6fc6879b
JM		 1792 if (sm->wpa == WPA_VERSION_WPA)
1793 sm->PInitAKeys = FALSE;
1794 sm->TimeoutEvt = FALSE;
1795 /* Send EAPOL(1, 1, 1, !Pair, G, RSC, GNonce, MIC(PTK), GTK[GN]) */
1796 os_memset(rsc, 0, WPA_KEY_RSC_LEN);
1797 if (gsm->wpa_group_state == WPA_GROUP_SETKEYSDONE)
1798 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc);
1799 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1800 "sending 1/2 msg of Group Key Handshake");
1801
1802 if (sm->wpa == WPA_VERSION_WPA2) {
1803 kde_len = 2 + RSN_SELECTOR_LEN + 2 + gsm->GTK_len +
1804 ieee80211w_kde_len(sm);
1805 kde = os_malloc(kde_len);
1806 if (kde == NULL)
1807 return;
1808
1809 pos = kde;
1810 hdr[0] = gsm->GN & 0x03;
1811 hdr[1] = 0;
1812 pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2,
1813 gsm->GTK[gsm->GN - 1], gsm->GTK_len);
1814 pos = ieee80211w_kde_add(sm, pos);
1815 } else {
1816 kde = gsm->GTK[gsm->GN - 1];
1817 pos = kde + gsm->GTK_len;
1818 }
1819
1820 wpa_send_eapol(sm->wpa_auth, sm,
1821 WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC |
1822 WPA_KEY_INFO_ACK |
1823 (!sm->Pair ? WPA_KEY_INFO_INSTALL : 0),
1824 rsc, gsm->GNonce, kde, pos - kde, gsm->GN, 1);
1825 if (sm->wpa == WPA_VERSION_WPA2)
1826 os_free(kde);
6fc6879b
JM		 1827}
1828
1829
1830SM_STATE(WPA_PTK_GROUP, REKEYESTABLISHED)
1831{
1832 SM_ENTRY_MA(WPA_PTK_GROUP, REKEYESTABLISHED, wpa_ptk_group);
1833 sm->EAPOLKeyReceived = FALSE;
1834 if (sm->GUpdateStationKeys)
1835 sm->group->GKeyDoneStations--;
1836 sm->GUpdateStationKeys = FALSE;
1837 sm->GTimeoutCtr = 0;
1838 /* FIX: MLME.SetProtection.Request(TA, Tx_Rx) */
1839 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO,
1840 "group key handshake completed (%s)",
1841 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN");
1842 sm->has_GTK = TRUE;
1843}
1844
1845
1846SM_STATE(WPA_PTK_GROUP, KEYERROR)
1847{
1848 SM_ENTRY_MA(WPA_PTK_GROUP, KEYERROR, wpa_ptk_group);
1849 if (sm->GUpdateStationKeys)
1850 sm->group->GKeyDoneStations--;
1851 sm->GUpdateStationKeys = FALSE;
1852 sm->Disconnect = TRUE;
1853}
1854
1855
1856SM_STEP(WPA_PTK_GROUP)
1857{
9663596f 1858 if (sm->Init || sm->PtkGroupInit) {
6fc6879b 1859 SM_ENTER(WPA_PTK_GROUP, IDLE);
9663596f
JM		 1860 sm->PtkGroupInit = FALSE;
1861 } else switch (sm->wpa_ptk_group_state) {
6fc6879b
JM		 1862 case WPA_PTK_GROUP_IDLE:
1863 if (sm->GUpdateStationKeys ||
1864 (sm->wpa == WPA_VERSION_WPA && sm->PInitAKeys))
1865 SM_ENTER(WPA_PTK_GROUP, REKEYNEGOTIATING);
1866 break;
1867 case WPA_PTK_GROUP_REKEYNEGOTIATING:
1868 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
1869 !sm->EAPOLKeyPairwise && sm->MICVerified)
1870 SM_ENTER(WPA_PTK_GROUP, REKEYESTABLISHED);
1871 else if (sm->GTimeoutCtr >
1872 (int) dot11RSNAConfigGroupUpdateCount)
1873 SM_ENTER(WPA_PTK_GROUP, KEYERROR);
1874 else if (sm->TimeoutEvt)
1875 SM_ENTER(WPA_PTK_GROUP, REKEYNEGOTIATING);
1876 break;
1877 case WPA_PTK_GROUP_KEYERROR:
1878 SM_ENTER(WPA_PTK_GROUP, IDLE);
1879 break;
1880 case WPA_PTK_GROUP_REKEYESTABLISHED:
1881 SM_ENTER(WPA_PTK_GROUP, IDLE);
1882 break;
1883 }
1884}
1885
1886
1887static int wpa_gtk_update(struct wpa_authenticator *wpa_auth,
1888 struct wpa_group *group)
1889{
1890 int ret = 0;
1891
1892 /* FIX: is this the correct way of getting GNonce? */
1893 os_memcpy(group->GNonce, group->Counter, WPA_NONCE_LEN);
1894 inc_byte_array(group->Counter, WPA_NONCE_LEN);
1895 wpa_gmk_to_gtk(group->GMK, wpa_auth->addr, group->GNonce,
1896 group->GTK[group->GN - 1], group->GTK_len);
1897
1898#ifdef CONFIG_IEEE80211W
1899 if (wpa_auth->conf.ieee80211w != WPA_NO_IEEE80211W) {
1900 if (os_get_random(group->IGTK[group->GN_igtk - 4],
1901 WPA_IGTK_LEN) < 0) {
1902 wpa_printf(MSG_INFO, "RSN: Failed to get new random "
1903 "IGTK");
1904 ret = -1;
1905 }
1906 wpa_hexdump_key(MSG_DEBUG, "IGTK",
1907 group->IGTK[group->GN_igtk - 4], WPA_IGTK_LEN);
1908 }
1909#endif /* CONFIG_IEEE80211W */
1910
1911 return ret;
1912}
1913
1914
1915static void wpa_group_gtk_init(struct wpa_authenticator *wpa_auth,
1916 struct wpa_group *group)
1917{
1918 wpa_printf(MSG_DEBUG, "WPA: group state machine entering state "
1919 "GTK_INIT (VLAN-ID %d)", group->vlan_id);
1920 group->changed = FALSE; /* GInit is not cleared here; avoid loop */
1921 group->wpa_group_state = WPA_GROUP_GTK_INIT;
1922
1923 /* GTK[0..N] = 0 */
1924 os_memset(group->GTK, 0, sizeof(group->GTK));
1925 group->GN = 1;
1926 group->GM = 2;
1927#ifdef CONFIG_IEEE80211W
1928 group->GN_igtk = 4;
1929 group->GM_igtk = 5;
1930#endif /* CONFIG_IEEE80211W */
1931 /* GTK[GN] = CalcGTK() */
1932 wpa_gtk_update(wpa_auth, group);
1933}
1934
1935
1936static int wpa_group_update_sta(struct wpa_state_machine *sm, void *ctx)
1937{
1938 if (sm->wpa_ptk_state != WPA_PTK_PTKINITDONE) {
1939 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1940 "Not in PTKINITDONE; skip Group Key update");
1941 return 0;
1942 }
9663596f
JM		 1943 if (sm->GUpdateStationKeys) {
1944 /*
1945 * This should not really happen, but just in case, make sure
1946 * we do not count the same STA twice in GKeyDoneStations.
1947 */
1948 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1949 "GUpdateStationKeys already set - do not "
1950 "increment GKeyDoneStations");
1951 } else {
1952 sm->group->GKeyDoneStations++;
1953 sm->GUpdateStationKeys = TRUE;
1954 }
6fc6879b
JM		 1955 wpa_sm_step(sm);
1956 return 0;
1957}
1958
1959
1960static void wpa_group_setkeys(struct wpa_authenticator *wpa_auth,
1961 struct wpa_group *group)
1962{
1963 int tmp;
1964
1965 wpa_printf(MSG_DEBUG, "WPA: group state machine entering state "
1966 "SETKEYS (VLAN-ID %d)", group->vlan_id);
1967 group->changed = TRUE;
1968 group->wpa_group_state = WPA_GROUP_SETKEYS;
1969 group->GTKReKey = FALSE;
1970 tmp = group->GM;
1971 group->GM = group->GN;
1972 group->GN = tmp;
1973#ifdef CONFIG_IEEE80211W
1974 tmp = group->GM_igtk;
1975 group->GM_igtk = group->GN_igtk;
1976 group->GN_igtk = tmp;
1977#endif /* CONFIG_IEEE80211W */
1978 /* "GKeyDoneStations = GNoStations" is done in more robust way by
1979 * counting the STAs that are marked with GUpdateStationKeys instead of
1980 * including all STAs that could be in not-yet-completed state. */
1981 wpa_gtk_update(wpa_auth, group);
1982
1983 wpa_auth_for_each_sta(wpa_auth, wpa_group_update_sta, NULL);
1984 wpa_printf(MSG_DEBUG, "wpa_group_setkeys: GKeyDoneStations=%d",
1985 group->GKeyDoneStations);
1986}
1987
1988
1989static void wpa_group_setkeysdone(struct wpa_authenticator *wpa_auth,
1990 struct wpa_group *group)
1991{
1992 wpa_printf(MSG_DEBUG, "WPA: group state machine entering state "
1993 "SETKEYSDONE (VLAN-ID %d)", group->vlan_id);
1994 group->changed = TRUE;
1995 group->wpa_group_state = WPA_GROUP_SETKEYSDONE;
1996 wpa_auth_set_key(wpa_auth, group->vlan_id,
1997 wpa_alg_txt(wpa_auth->conf.wpa_group),
1998 NULL, group->GN, group->GTK[group->GN - 1],
1999 group->GTK_len);
2000
2001#ifdef CONFIG_IEEE80211W
2002 if (wpa_auth->conf.ieee80211w != WPA_NO_IEEE80211W) {
2003 wpa_auth_set_key(wpa_auth, group->vlan_id, "IGTK",
2004 NULL, group->GN_igtk,
2005 group->IGTK[group->GN_igtk - 4],
2006 WPA_IGTK_LEN);
2007 }
2008#endif /* CONFIG_IEEE80211W */
2009}
2010
2011
2012static void wpa_group_sm_step(struct wpa_authenticator *wpa_auth,
2013 struct wpa_group *group)
2014{
2015 if (group->GInit) {
2016 wpa_group_gtk_init(wpa_auth, group);
2017 } else if (group->wpa_group_state == WPA_GROUP_GTK_INIT &&
2018 group->GTKAuthenticator) {
2019 wpa_group_setkeysdone(wpa_auth, group);
2020 } else if (group->wpa_group_state == WPA_GROUP_SETKEYSDONE &&
2021 group->GTKReKey) {
2022 wpa_group_setkeys(wpa_auth, group);
2023 } else if (group->wpa_group_state == WPA_GROUP_SETKEYS) {
2024 if (group->GKeyDoneStations == 0)
2025 wpa_group_setkeysdone(wpa_auth, group);
2026 else if (group->GTKReKey)
2027 wpa_group_setkeys(wpa_auth, group);
2028 }
2029}
2030
2031
2032static void wpa_sm_step(struct wpa_state_machine *sm)
2033{
2034 if (sm == NULL)
2035 return;
2036
2037 if (sm->in_step_loop) {
2038 /* This should not happen, but if it does, make sure we do not
2039 * end up freeing the state machine too early by exiting the
2040 * recursive call. */
2041 wpa_printf(MSG_ERROR, "WPA: wpa_sm_step() called recursively");
2042 return;
2043 }
2044
2045 sm->in_step_loop = 1;
2046 do {
2047 if (sm->pending_deinit)
2048 break;
2049
2050 sm->changed = FALSE;
2051 sm->wpa_auth->group->changed = FALSE;
2052
2053 SM_STEP_RUN(WPA_PTK);
2054 if (sm->pending_deinit)
2055 break;
2056 SM_STEP_RUN(WPA_PTK_GROUP);
2057 if (sm->pending_deinit)
2058 break;
2059 wpa_group_sm_step(sm->wpa_auth, sm->group);
2060 } while (sm->changed || sm->wpa_auth->group->changed);
2061 sm->in_step_loop = 0;
2062
2063 if (sm->pending_deinit) {
2064 wpa_printf(MSG_DEBUG, "WPA: Completing pending STA state "
2065 "machine deinit for " MACSTR, MAC2STR(sm->addr));
2066 wpa_free_sta_sm(sm);
2067 }
2068}
2069
2070
2071static void wpa_sm_call_step(void *eloop_ctx, void *timeout_ctx)
2072{
2073 struct wpa_state_machine *sm = eloop_ctx;
2074 wpa_sm_step(sm);
2075}
2076
2077
2078void wpa_auth_sm_notify(struct wpa_state_machine *sm)
2079{
2080 if (sm == NULL)
2081 return;
2082 eloop_register_timeout(0, 0, wpa_sm_call_step, sm, NULL);
2083}
2084
2085
2086void wpa_gtk_rekey(struct wpa_authenticator *wpa_auth)
2087{
2088 int tmp, i;
2089 struct wpa_group *group;
2090
2091 if (wpa_auth == NULL)
2092 return;
2093
2094 group = wpa_auth->group;
2095
2096 for (i = 0; i < 2; i++) {
2097 tmp = group->GM;
2098 group->GM = group->GN;
2099 group->GN = tmp;
2100#ifdef CONFIG_IEEE80211W
2101 tmp = group->GM_igtk;
2102 group->GM_igtk = group->GN_igtk;
2103 group->GN_igtk = tmp;
2104#endif /* CONFIG_IEEE80211W */
2105 wpa_gtk_update(wpa_auth, group);
2106 }
2107}
2108
2109
2110static const char * wpa_bool_txt(int bool)
2111{
2112 return bool ? "TRUE" : "FALSE";
2113}
2114
2115
2116static int wpa_cipher_bits(int cipher)
2117{
2118 switch (cipher) {
2119 case WPA_CIPHER_CCMP:
2120 return 128;
2121 case WPA_CIPHER_TKIP:
2122 return 256;
2123 case WPA_CIPHER_WEP104:
2124 return 104;
2125 case WPA_CIPHER_WEP40:
2126 return 40;
2127 default:
2128 return 0;
2129 }
2130}
2131
2132
2133#define RSN_SUITE "%02x-%02x-%02x-%d"
2134#define RSN_SUITE_ARG(s) \
2135((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff
2136
2137int wpa_get_mib(struct wpa_authenticator *wpa_auth, char *buf, size_t buflen)
2138{
2139 int len = 0, ret;
2140 char pmkid_txt[PMKID_LEN * 2 + 1];
2141
2142 if (wpa_auth == NULL)
2143 return len;
2144
2145 ret = os_snprintf(buf + len, buflen - len,
2146 "dot11RSNAOptionImplemented=TRUE\n"
2147#ifdef CONFIG_RSN_PREAUTH
2148 "dot11RSNAPreauthenticationImplemented=TRUE\n"
2149#else /* CONFIG_RSN_PREAUTH */
2150 "dot11RSNAPreauthenticationImplemented=FALSE\n"
2151#endif /* CONFIG_RSN_PREAUTH */
2152 "dot11RSNAEnabled=%s\n"
2153 "dot11RSNAPreauthenticationEnabled=%s\n",
2154 wpa_bool_txt(wpa_auth->conf.wpa & WPA_PROTO_RSN),
2155 wpa_bool_txt(wpa_auth->conf.rsn_preauth));
2156 if (ret < 0 || (size_t) ret >= buflen - len)
2157 return len;
2158 len += ret;
2159
2160 wpa_snprintf_hex(pmkid_txt, sizeof(pmkid_txt),
2161 wpa_auth->dot11RSNAPMKIDUsed, PMKID_LEN);
2162
2163 ret = os_snprintf(
2164 buf + len, buflen - len,
2165 "dot11RSNAConfigVersion=%u\n"
2166 "dot11RSNAConfigPairwiseKeysSupported=9999\n"
2167 /* FIX: dot11RSNAConfigGroupCipher */
2168 /* FIX: dot11RSNAConfigGroupRekeyMethod */
2169 /* FIX: dot11RSNAConfigGroupRekeyTime */
2170 /* FIX: dot11RSNAConfigGroupRekeyPackets */
2171 "dot11RSNAConfigGroupRekeyStrict=%u\n"
2172 "dot11RSNAConfigGroupUpdateCount=%u\n"
2173 "dot11RSNAConfigPairwiseUpdateCount=%u\n"
2174 "dot11RSNAConfigGroupCipherSize=%u\n"
2175 "dot11RSNAConfigPMKLifetime=%u\n"
2176 "dot11RSNAConfigPMKReauthThreshold=%u\n"
2177 "dot11RSNAConfigNumberOfPTKSAReplayCounters=0\n"
2178 "dot11RSNAConfigSATimeout=%u\n"
2179 "dot11RSNAAuthenticationSuiteSelected=" RSN_SUITE "\n"
2180 "dot11RSNAPairwiseCipherSelected=" RSN_SUITE "\n"
2181 "dot11RSNAGroupCipherSelected=" RSN_SUITE "\n"
2182 "dot11RSNAPMKIDUsed=%s\n"
2183 "dot11RSNAAuthenticationSuiteRequested=" RSN_SUITE "\n"
2184 "dot11RSNAPairwiseCipherRequested=" RSN_SUITE "\n"
2185 "dot11RSNAGroupCipherRequested=" RSN_SUITE "\n"
2186 "dot11RSNATKIPCounterMeasuresInvoked=%u\n"
2187 "dot11RSNA4WayHandshakeFailures=%u\n"
2188 "dot11RSNAConfigNumberOfGTKSAReplayCounters=0\n",
2189 RSN_VERSION,
2190 !!wpa_auth->conf.wpa_strict_rekey,
2191 dot11RSNAConfigGroupUpdateCount,
2192 dot11RSNAConfigPairwiseUpdateCount,
2193 wpa_cipher_bits(wpa_auth->conf.wpa_group),
2194 dot11RSNAConfigPMKLifetime,
2195 dot11RSNAConfigPMKReauthThreshold,
2196 dot11RSNAConfigSATimeout,
2197 RSN_SUITE_ARG(wpa_auth->dot11RSNAAuthenticationSuiteSelected),
2198 RSN_SUITE_ARG(wpa_auth->dot11RSNAPairwiseCipherSelected),
2199 RSN_SUITE_ARG(wpa_auth->dot11RSNAGroupCipherSelected),
2200 pmkid_txt,
2201 RSN_SUITE_ARG(wpa_auth->dot11RSNAAuthenticationSuiteRequested),
2202 RSN_SUITE_ARG(wpa_auth->dot11RSNAPairwiseCipherRequested),
2203 RSN_SUITE_ARG(wpa_auth->dot11RSNAGroupCipherRequested),
2204 wpa_auth->dot11RSNATKIPCounterMeasuresInvoked,
2205 wpa_auth->dot11RSNA4WayHandshakeFailures);
2206 if (ret < 0 || (size_t) ret >= buflen - len)
2207 return len;
2208 len += ret;
2209
2210 /* TODO: dot11RSNAConfigPairwiseCiphersTable */
2211 /* TODO: dot11RSNAConfigAuthenticationSuitesTable */
2212
2213 /* Private MIB */
2214 ret = os_snprintf(buf + len, buflen - len, "hostapdWPAGroupState=%d\n",
2215 wpa_auth->group->wpa_group_state);
2216 if (ret < 0 || (size_t) ret >= buflen - len)
2217 return len;
2218 len += ret;
2219
2220 return len;
2221}
2222
2223
2224int wpa_get_mib_sta(struct wpa_state_machine *sm, char *buf, size_t buflen)
2225{
2226 int len = 0, ret;
2227 u32 pairwise = 0;
2228
2229 if (sm == NULL)
2230 return 0;
2231
2232 /* TODO: FF-FF-FF-FF-FF-FF entry for broadcast/multicast stats */
2233
2234 /* dot11RSNAStatsEntry */
2235
2236 if (sm->wpa == WPA_VERSION_WPA) {
2237 if (sm->pairwise == WPA_CIPHER_CCMP)
2238 pairwise = WPA_CIPHER_SUITE_CCMP;
2239 else if (sm->pairwise == WPA_CIPHER_TKIP)
2240 pairwise = WPA_CIPHER_SUITE_TKIP;
2241 else if (sm->pairwise == WPA_CIPHER_WEP104)
2242 pairwise = WPA_CIPHER_SUITE_WEP104;
2243 else if (sm->pairwise == WPA_CIPHER_WEP40)
2244 pairwise = WPA_CIPHER_SUITE_WEP40;
2245 else if (sm->pairwise == WPA_CIPHER_NONE)
2246 pairwise = WPA_CIPHER_SUITE_NONE;
2247 } else if (sm->wpa == WPA_VERSION_WPA2) {
2248 if (sm->pairwise == WPA_CIPHER_CCMP)
2249 pairwise = RSN_CIPHER_SUITE_CCMP;
2250 else if (sm->pairwise == WPA_CIPHER_TKIP)
2251 pairwise = RSN_CIPHER_SUITE_TKIP;
2252 else if (sm->pairwise == WPA_CIPHER_WEP104)
2253 pairwise = RSN_CIPHER_SUITE_WEP104;
2254 else if (sm->pairwise == WPA_CIPHER_WEP40)
2255 pairwise = RSN_CIPHER_SUITE_WEP40;
2256 else if (sm->pairwise == WPA_CIPHER_NONE)
2257 pairwise = RSN_CIPHER_SUITE_NONE;
2258 } else
2259 return 0;
2260
2261 ret = os_snprintf(
2262 buf + len, buflen - len,
2263 /* TODO: dot11RSNAStatsIndex */
2264 "dot11RSNAStatsSTAAddress=" MACSTR "\n"
2265 "dot11RSNAStatsVersion=1\n"
2266 "dot11RSNAStatsSelectedPairwiseCipher=" RSN_SUITE "\n"
2267 /* TODO: dot11RSNAStatsTKIPICVErrors */
2268 "dot11RSNAStatsTKIPLocalMICFailures=%u\n"
2269 "dot11RSNAStatsTKIPRemoveMICFailures=%u\n"
2270 /* TODO: dot11RSNAStatsCCMPReplays */
2271 /* TODO: dot11RSNAStatsCCMPDecryptErrors */
2272 /* TODO: dot11RSNAStatsTKIPReplays */,
2273 MAC2STR(sm->addr),
2274 RSN_SUITE_ARG(pairwise),
2275 sm->dot11RSNAStatsTKIPLocalMICFailures,
2276 sm->dot11RSNAStatsTKIPRemoteMICFailures);
2277 if (ret < 0 || (size_t) ret >= buflen - len)
2278 return len;
2279 len += ret;
2280
2281 /* Private MIB */
2282 ret = os_snprintf(buf + len, buflen - len,
2283 "hostapdWPAPTKState=%d\n"
2284 "hostapdWPAPTKGroupState=%d\n",
2285 sm->wpa_ptk_state,
2286 sm->wpa_ptk_group_state);
2287 if (ret < 0 || (size_t) ret >= buflen - len)
2288 return len;
2289 len += ret;
2290
2291 return len;
2292}
2293
2294
2295void wpa_auth_countermeasures_start(struct wpa_authenticator *wpa_auth)
2296{
2297 if (wpa_auth)
2298 wpa_auth->dot11RSNATKIPCounterMeasuresInvoked++;
2299}
2300
2301
2302int wpa_auth_pairwise_set(struct wpa_state_machine *sm)
2303{
2304 return sm && sm->pairwise_set;
2305}
2306
2307
ff36ff00
JM		 2308int wpa_auth_get_pairwise(struct wpa_state_machine *sm)
2309{
2310 return sm->pairwise;
2311}
2312
2313
6fc6879b
JM		 2314int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm)
2315{
2316 if (sm == NULL)
2317 return -1;
2318 return sm->wpa_key_mgmt;
2319}
2320
2321
2322int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm)
2323{
2324 if (sm == NULL)
2325 return 0;
2326 return sm->wpa;
2327}
2328
2329
2330int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
2331 struct rsn_pmksa_cache_entry *entry)
2332{
2333 if (sm == NULL || sm->pmksa != entry)
2334 return -1;
2335 sm->pmksa = NULL;
2336 return 0;
2337}
2338
2339
2340struct rsn_pmksa_cache_entry *
2341wpa_auth_sta_get_pmksa(struct wpa_state_machine *sm)
2342{
2343 return sm ? sm->pmksa : NULL;
2344}
2345
2346
2347void wpa_auth_sta_local_mic_failure_report(struct wpa_state_machine *sm)
2348{
2349 if (sm)
2350 sm->dot11RSNAStatsTKIPLocalMICFailures++;
2351}
2352
2353
2354const u8 * wpa_auth_get_wpa_ie(struct wpa_authenticator *wpa_auth, size_t *len)
2355{
2356 if (wpa_auth == NULL)
2357 return NULL;
2358 *len = wpa_auth->wpa_ie_len;
2359 return wpa_auth->wpa_ie;
2360}
2361
2362
2363int wpa_auth_pmksa_add(struct wpa_state_machine *sm, const u8 *pmk,
2364 int session_timeout, struct eapol_state_machine *eapol)
2365{
2366 if (sm == NULL || sm->wpa != WPA_VERSION_WPA2)
2367 return -1;
2368
2369 if (pmksa_cache_add(sm->wpa_auth->pmksa, pmk, PMK_LEN,
2370 sm->wpa_auth->addr, sm->addr, session_timeout,
56586197 2371 eapol, sm->wpa_key_mgmt))
6fc6879b
JM		 2372 return 0;
2373
2374 return -1;
2375}
2376
2377
2378int wpa_auth_pmksa_add_preauth(struct wpa_authenticator *wpa_auth,
2379 const u8 *pmk, size_t len, const u8 *sta_addr,
2380 int session_timeout,
2381 struct eapol_state_machine *eapol)
2382{
2383 if (wpa_auth == NULL)
2384 return -1;
2385
2386 if (pmksa_cache_add(wpa_auth->pmksa, pmk, len, wpa_auth->addr,
56586197
JM		 2387 sta_addr, session_timeout, eapol,
2388 WPA_KEY_MGMT_IEEE8021X))
6fc6879b
JM		 2389 return 0;
2390
2391 return -1;
2392}
2393
2394
2395static struct wpa_group *
2396wpa_auth_add_group(struct wpa_authenticator *wpa_auth, int vlan_id)
2397{
2398 struct wpa_group *group;
2399
2400 if (wpa_auth == NULL || wpa_auth->group == NULL)
2401 return NULL;
2402
2403 wpa_printf(MSG_DEBUG, "WPA: Add group state machine for VLAN-ID %d",
2404 vlan_id);
2405 group = wpa_group_init(wpa_auth, vlan_id);
2406 if (group == NULL)
2407 return NULL;
2408
2409 group->next = wpa_auth->group->next;
2410 wpa_auth->group->next = group;
2411
2412 return group;
2413}
2414
2415
2416int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id)
2417{
2418 struct wpa_group *group;
2419
2420 if (sm == NULL || sm->wpa_auth == NULL)
2421 return 0;
2422
2423 group = sm->wpa_auth->group;
2424 while (group) {
2425 if (group->vlan_id == vlan_id)
2426 break;
2427 group = group->next;
2428 }
2429
2430 if (group == NULL) {
2431 group = wpa_auth_add_group(sm->wpa_auth, vlan_id);
2432 if (group == NULL)
2433 return -1;
2434 }
2435
2436 if (sm->group == group)
2437 return 0;
2438
2439 wpa_printf(MSG_DEBUG, "WPA: Moving STA " MACSTR " to use group state "
2440 "machine for VLAN ID %d", MAC2STR(sm->addr), vlan_id);
2441
2442 sm->group = group;
2443 return 0;
2444}
2445
2446#endif /* CONFIG_NATIVE_WINDOWS */
Unnamed repository; edit this file 'description' to name the repository.