]> git.ipfire.org Git - thirdparty/hostap.git/blame - src/ap/wpa.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Add new src/ap directory into Doxygen documents
[thirdparty/hostap.git] / src / ap / wpa.c
CommitLineData
6fc6879b
JM		 1/*
2 * hostapd - IEEE 802.11i-2004 / WPA Authenticator
e6965d4e 3 * Copyright (c) 2004-2009, Jouni Malinen <j@w1.fi>
6fc6879b
JM		 4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 */
14
15#include "includes.h"
16
17#ifndef CONFIG_NATIVE_WINDOWS
18
19#include "common.h"
03da66bd
JM		 20#include "eloop.h"
21#include "crypto/aes_wrap.h"
22#include "crypto/crypto.h"
23#include "crypto/sha1.h"
24#include "crypto/sha256.h"
281c950b 25#include "eapol_auth/eapol_auth_sm.h"
03da66bd 26#include "config.h"
6fc6879b 27#include "wpa.h"
6fc6879b
JM		 28#include "ieee802_11.h"
29#include "pmksa_cache.h"
30#include "state_machine.h"
31#include "wpa_auth_i.h"
32#include "wpa_auth_ie.h"
33
34#define STATE_MACHINE_DATA struct wpa_state_machine
35#define STATE_MACHINE_DEBUG_PREFIX "WPA"
36#define STATE_MACHINE_ADDR sm->addr
37
38
39static void wpa_send_eapol_timeout(void *eloop_ctx, void *timeout_ctx);
40static void wpa_sm_step(struct wpa_state_machine *sm);
41static int wpa_verify_key_mic(struct wpa_ptk *PTK, u8 *data, size_t data_len);
42static void wpa_sm_call_step(void *eloop_ctx, void *timeout_ctx);
43static void wpa_group_sm_step(struct wpa_authenticator *wpa_auth,
44 struct wpa_group *group);
581a8cde 45static void wpa_request_new_ptk(struct wpa_state_machine *sm);
e6965d4e
JM		 46static int wpa_gtk_update(struct wpa_authenticator *wpa_auth,
47 struct wpa_group *group);
6fc6879b 48
bae61562
JM		 49static const u32 dot11RSNAConfigGroupUpdateCount = 4;
50static const u32 dot11RSNAConfigPairwiseUpdateCount = 4;
51static const u32 eapol_key_timeout_first = 100; /* ms */
52static const u32 eapol_key_timeout_subseq = 1000; /* ms */
6fc6879b
JM		 53
54/* TODO: make these configurable */
55static const int dot11RSNAConfigPMKLifetime = 43200;
56static const int dot11RSNAConfigPMKReauthThreshold = 70;
57static const int dot11RSNAConfigSATimeout = 60;
58
59
60static inline void wpa_auth_mic_failure_report(
61 struct wpa_authenticator *wpa_auth, const u8 *addr)
62{
63 if (wpa_auth->cb.mic_failure_report)
64 wpa_auth->cb.mic_failure_report(wpa_auth->cb.ctx, addr);
65}
66
67
68static inline void wpa_auth_set_eapol(struct wpa_authenticator *wpa_auth,
69 const u8 *addr, wpa_eapol_variable var,
70 int value)
71{
72 if (wpa_auth->cb.set_eapol)
73 wpa_auth->cb.set_eapol(wpa_auth->cb.ctx, addr, var, value);
74}
75
76
77static inline int wpa_auth_get_eapol(struct wpa_authenticator *wpa_auth,
78 const u8 *addr, wpa_eapol_variable var)
79{
80 if (wpa_auth->cb.get_eapol == NULL)
81 return -1;
82 return wpa_auth->cb.get_eapol(wpa_auth->cb.ctx, addr, var);
83}
84
85
86static inline const u8 * wpa_auth_get_psk(struct wpa_authenticator *wpa_auth,
87 const u8 *addr, const u8 *prev_psk)
88{
89 if (wpa_auth->cb.get_psk == NULL)
90 return NULL;
91 return wpa_auth->cb.get_psk(wpa_auth->cb.ctx, addr, prev_psk);
92}
93
94
95static inline int wpa_auth_get_msk(struct wpa_authenticator *wpa_auth,
96 const u8 *addr, u8 *msk, size_t *len)
97{
98 if (wpa_auth->cb.get_msk == NULL)
99 return -1;
100 return wpa_auth->cb.get_msk(wpa_auth->cb.ctx, addr, msk, len);
101}
102
103
104static inline int wpa_auth_set_key(struct wpa_authenticator *wpa_auth,
105 int vlan_id,
89d39d9d 106 wpa_alg alg, const u8 *addr, int idx,
6fc6879b
JM		 107 u8 *key, size_t key_len)
108{
109 if (wpa_auth->cb.set_key == NULL)
110 return -1;
111 return wpa_auth->cb.set_key(wpa_auth->cb.ctx, vlan_id, alg, addr, idx,
112 key, key_len);
113}
114
115
116static inline int wpa_auth_get_seqnum(struct wpa_authenticator *wpa_auth,
117 const u8 *addr, int idx, u8 *seq)
118{
119 if (wpa_auth->cb.get_seqnum == NULL)
120 return -1;
121 return wpa_auth->cb.get_seqnum(wpa_auth->cb.ctx, addr, idx, seq);
122}
123
124
6fc6879b
JM		 125static inline int
126wpa_auth_send_eapol(struct wpa_authenticator *wpa_auth, const u8 *addr,
127 const u8 *data, size_t data_len, int encrypt)
128{
129 if (wpa_auth->cb.send_eapol == NULL)
130 return -1;
131 return wpa_auth->cb.send_eapol(wpa_auth->cb.ctx, addr, data, data_len,
132 encrypt);
133}
134
135
136int wpa_auth_for_each_sta(struct wpa_authenticator *wpa_auth,
137 int (*cb)(struct wpa_state_machine *sm, void *ctx),
138 void *cb_ctx)
139{
140 if (wpa_auth->cb.for_each_sta == NULL)
141 return 0;
142 return wpa_auth->cb.for_each_sta(wpa_auth->cb.ctx, cb, cb_ctx);
143}
144
145
bf98f7f3
JM		 146int wpa_auth_for_each_auth(struct wpa_authenticator *wpa_auth,
147 int (*cb)(struct wpa_authenticator *a, void *ctx),
148 void *cb_ctx)
149{
150 if (wpa_auth->cb.for_each_auth == NULL)
151 return 0;
152 return wpa_auth->cb.for_each_auth(wpa_auth->cb.ctx, cb, cb_ctx);
153}
154
155
6fc6879b
JM		 156void wpa_auth_logger(struct wpa_authenticator *wpa_auth, const u8 *addr,
157 logger_level level, const char *txt)
158{
159 if (wpa_auth->cb.logger == NULL)
160 return;
161 wpa_auth->cb.logger(wpa_auth->cb.ctx, addr, level, txt);
162}
163
164
165void wpa_auth_vlogger(struct wpa_authenticator *wpa_auth, const u8 *addr,
166 logger_level level, const char *fmt, ...)
167{
168 char *format;
169 int maxlen;
170 va_list ap;
171
172 if (wpa_auth->cb.logger == NULL)
173 return;
174
175 maxlen = os_strlen(fmt) + 100;
176 format = os_malloc(maxlen);
177 if (!format)
178 return;
179
180 va_start(ap, fmt);
181 vsnprintf(format, maxlen, fmt, ap);
182 va_end(ap);
183
184 wpa_auth_logger(wpa_auth, addr, level, format);
185
186 os_free(format);
187}
188
189
190static void wpa_sta_disconnect(struct wpa_authenticator *wpa_auth,
191 const u8 *addr)
192{
193 if (wpa_auth->cb.disconnect == NULL)
194 return;
195 wpa_auth->cb.disconnect(wpa_auth->cb.ctx, addr,
196 WLAN_REASON_PREV_AUTH_NOT_VALID);
197}
198
199
200static int wpa_use_aes_cmac(struct wpa_state_machine *sm)
201{
56586197 202 int ret = 0;
6fc6879b 203#ifdef CONFIG_IEEE80211R
56586197
JM		 204 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt))
205 ret = 1;
6fc6879b 206#endif /* CONFIG_IEEE80211R */
56586197
JM		 207#ifdef CONFIG_IEEE80211W
208 if (wpa_key_mgmt_sha256(sm->wpa_key_mgmt))
209 ret = 1;
210#endif /* CONFIG_IEEE80211W */
211 return ret;
6fc6879b
JM		 212}
213
214
215static void wpa_rekey_gmk(void *eloop_ctx, void *timeout_ctx)
216{
217 struct wpa_authenticator *wpa_auth = eloop_ctx;
218
219 if (os_get_random(wpa_auth->group->GMK, WPA_GMK_LEN)) {
220 wpa_printf(MSG_ERROR, "Failed to get random data for WPA "
221 "initialization.");
222 } else {
223 wpa_auth_logger(wpa_auth, NULL, LOGGER_DEBUG, "GMK rekeyd");
224 }
225
226 if (wpa_auth->conf.wpa_gmk_rekey) {
227 eloop_register_timeout(wpa_auth->conf.wpa_gmk_rekey, 0,
228 wpa_rekey_gmk, wpa_auth, NULL);
229 }
230}
231
232
233static void wpa_rekey_gtk(void *eloop_ctx, void *timeout_ctx)
234{
235 struct wpa_authenticator *wpa_auth = eloop_ctx;
236 struct wpa_group *group;
237
238 wpa_auth_logger(wpa_auth, NULL, LOGGER_DEBUG, "rekeying GTK");
239 for (group = wpa_auth->group; group; group = group->next) {
240 group->GTKReKey = TRUE;
241 do {
242 group->changed = FALSE;
243 wpa_group_sm_step(wpa_auth, group);
244 } while (group->changed);
245 }
246
247 if (wpa_auth->conf.wpa_group_rekey) {
248 eloop_register_timeout(wpa_auth->conf.wpa_group_rekey,
249 0, wpa_rekey_gtk, wpa_auth, NULL);
250 }
251}
252
253
581a8cde
JM		 254static void wpa_rekey_ptk(void *eloop_ctx, void *timeout_ctx)
255{
256 struct wpa_authenticator *wpa_auth = eloop_ctx;
257 struct wpa_state_machine *sm = timeout_ctx;
258
259 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "rekeying PTK");
260 wpa_request_new_ptk(sm);
261 wpa_sm_step(sm);
262}
263
264
6fc6879b
JM		 265static int wpa_auth_pmksa_clear_cb(struct wpa_state_machine *sm, void *ctx)
266{
267 if (sm->pmksa == ctx)
268 sm->pmksa = NULL;
269 return 0;
270}
271
272
273static void wpa_auth_pmksa_free_cb(struct rsn_pmksa_cache_entry *entry,
274 void *ctx)
275{
276 struct wpa_authenticator *wpa_auth = ctx;
277 wpa_auth_for_each_sta(wpa_auth, wpa_auth_pmksa_clear_cb, entry);
278}
279
280
e6965d4e 281static void wpa_group_set_key_len(struct wpa_group *group, int cipher)
6fc6879b 282{
e6965d4e 283 switch (cipher) {
6fc6879b
JM		 284 case WPA_CIPHER_CCMP:
285 group->GTK_len = 16;
286 break;
287 case WPA_CIPHER_TKIP:
288 group->GTK_len = 32;
289 break;
290 case WPA_CIPHER_WEP104:
291 group->GTK_len = 13;
292 break;
293 case WPA_CIPHER_WEP40:
294 group->GTK_len = 5;
295 break;
296 }
e6965d4e
JM		 297}
298
299
300static struct wpa_group * wpa_group_init(struct wpa_authenticator *wpa_auth,
301 int vlan_id)
302{
303 struct wpa_group *group;
304 u8 buf[ETH_ALEN + 8 + sizeof(group)];
305 u8 rkey[32];
306
307 group = os_zalloc(sizeof(struct wpa_group));
308 if (group == NULL)
309 return NULL;
310
311 group->GTKAuthenticator = TRUE;
312 group->vlan_id = vlan_id;
313
314 wpa_group_set_key_len(group, wpa_auth->conf.wpa_group);
6fc6879b
JM		 315
316 /* Counter = PRF-256(Random number, "Init Counter",
317 * Local MAC Address || Time)
318 */
319 os_memcpy(buf, wpa_auth->addr, ETH_ALEN);
320 wpa_get_ntp_timestamp(buf + ETH_ALEN);
321 os_memcpy(buf + ETH_ALEN + 8, &group, sizeof(group));
322 if (os_get_random(rkey, sizeof(rkey)) ||
323 os_get_random(group->GMK, WPA_GMK_LEN)) {
324 wpa_printf(MSG_ERROR, "Failed to get random data for WPA "
325 "initialization.");
326 os_free(group);
327 return NULL;
328 }
329
330 sha1_prf(rkey, sizeof(rkey), "Init Counter", buf, sizeof(buf),
331 group->Counter, WPA_NONCE_LEN);
332
333 group->GInit = TRUE;
334 wpa_group_sm_step(wpa_auth, group);
335 group->GInit = FALSE;
336 wpa_group_sm_step(wpa_auth, group);
337
338 return group;
339}
340
341
342/**
343 * wpa_init - Initialize WPA authenticator
344 * @addr: Authenticator address
345 * @conf: Configuration for WPA authenticator
a17df5fb 346 * @cb: Callback functions for WPA authenticator
6fc6879b
JM		 347 * Returns: Pointer to WPA authenticator data or %NULL on failure
348 */
349struct wpa_authenticator * wpa_init(const u8 *addr,
350 struct wpa_auth_config *conf,
351 struct wpa_auth_callbacks *cb)
352{
353 struct wpa_authenticator *wpa_auth;
354
355 wpa_auth = os_zalloc(sizeof(struct wpa_authenticator));
356 if (wpa_auth == NULL)
357 return NULL;
358 os_memcpy(wpa_auth->addr, addr, ETH_ALEN);
359 os_memcpy(&wpa_auth->conf, conf, sizeof(*conf));
360 os_memcpy(&wpa_auth->cb, cb, sizeof(*cb));
361
362 if (wpa_auth_gen_wpa_ie(wpa_auth)) {
363 wpa_printf(MSG_ERROR, "Could not generate WPA IE.");
364 os_free(wpa_auth);
365 return NULL;
366 }
367
368 wpa_auth->group = wpa_group_init(wpa_auth, 0);
369 if (wpa_auth->group == NULL) {
370 os_free(wpa_auth->wpa_ie);
371 os_free(wpa_auth);
372 return NULL;
373 }
374
4bb081f1
JM		 375 wpa_auth->pmksa = pmksa_cache_auth_init(wpa_auth_pmksa_free_cb,
376 wpa_auth);
6fc6879b
JM		 377 if (wpa_auth->pmksa == NULL) {
378 wpa_printf(MSG_ERROR, "PMKSA cache initialization failed.");
379 os_free(wpa_auth->wpa_ie);
380 os_free(wpa_auth);
381 return NULL;
382 }
383
384#ifdef CONFIG_IEEE80211R
385 wpa_auth->ft_pmk_cache = wpa_ft_pmk_cache_init();
386 if (wpa_auth->ft_pmk_cache == NULL) {
387 wpa_printf(MSG_ERROR, "FT PMK cache initialization failed.");
388 os_free(wpa_auth->wpa_ie);
4bb081f1 389 pmksa_cache_auth_deinit(wpa_auth->pmksa);
6fc6879b
JM		 390 os_free(wpa_auth);
391 return NULL;
392 }
393#endif /* CONFIG_IEEE80211R */
394
395 if (wpa_auth->conf.wpa_gmk_rekey) {
396 eloop_register_timeout(wpa_auth->conf.wpa_gmk_rekey, 0,
397 wpa_rekey_gmk, wpa_auth, NULL);
398 }
399
400 if (wpa_auth->conf.wpa_group_rekey) {
401 eloop_register_timeout(wpa_auth->conf.wpa_group_rekey, 0,
402 wpa_rekey_gtk, wpa_auth, NULL);
403 }
404
405 return wpa_auth;
406}
407
408
409/**
410 * wpa_deinit - Deinitialize WPA authenticator
411 * @wpa_auth: Pointer to WPA authenticator data from wpa_init()
412 */
413void wpa_deinit(struct wpa_authenticator *wpa_auth)
414{
415 struct wpa_group *group, *prev;
416
417 eloop_cancel_timeout(wpa_rekey_gmk, wpa_auth, NULL);
418 eloop_cancel_timeout(wpa_rekey_gtk, wpa_auth, NULL);
419
420#ifdef CONFIG_PEERKEY
421 while (wpa_auth->stsl_negotiations)
422 wpa_stsl_remove(wpa_auth, wpa_auth->stsl_negotiations);
423#endif /* CONFIG_PEERKEY */
424
4bb081f1 425 pmksa_cache_auth_deinit(wpa_auth->pmksa);
6fc6879b
JM		 426
427#ifdef CONFIG_IEEE80211R
428 wpa_ft_pmk_cache_deinit(wpa_auth->ft_pmk_cache);
429 wpa_auth->ft_pmk_cache = NULL;
430#endif /* CONFIG_IEEE80211R */
431
432 os_free(wpa_auth->wpa_ie);
433
434 group = wpa_auth->group;
435 while (group) {
436 prev = group;
437 group = group->next;
438 os_free(prev);
439 }
440
441 os_free(wpa_auth);
442}
443
444
445/**
446 * wpa_reconfig - Update WPA authenticator configuration
447 * @wpa_auth: Pointer to WPA authenticator data from wpa_init()
448 * @conf: Configuration for WPA authenticator
449 */
450int wpa_reconfig(struct wpa_authenticator *wpa_auth,
451 struct wpa_auth_config *conf)
452{
e6965d4e 453 struct wpa_group *group;
6fc6879b
JM		 454 if (wpa_auth == NULL)
455 return 0;
456
457 os_memcpy(&wpa_auth->conf, conf, sizeof(*conf));
ad08c363
JM		 458 if (wpa_auth_gen_wpa_ie(wpa_auth)) {
459 wpa_printf(MSG_ERROR, "Could not generate WPA IE.");
460 return -1;
461 }
462
e6965d4e
JM		 463 /*
464 * Reinitialize GTK to make sure it is suitable for the new
465 * configuration.
466 */
467 group = wpa_auth->group;
468 wpa_group_set_key_len(group, wpa_auth->conf.wpa_group);
469 group->GInit = TRUE;
470 wpa_group_sm_step(wpa_auth, group);
471 group->GInit = FALSE;
472 wpa_group_sm_step(wpa_auth, group);
473
6fc6879b
JM		 474 return 0;
475}
476
477
478struct wpa_state_machine *
479wpa_auth_sta_init(struct wpa_authenticator *wpa_auth, const u8 *addr)
480{
481 struct wpa_state_machine *sm;
482
483 sm = os_zalloc(sizeof(struct wpa_state_machine));
484 if (sm == NULL)
485 return NULL;
486 os_memcpy(sm->addr, addr, ETH_ALEN);
487
488 sm->wpa_auth = wpa_auth;
489 sm->group = wpa_auth->group;
490
491 return sm;
492}
493
494
495void wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth,
496 struct wpa_state_machine *sm)
497{
498 if (wpa_auth == NULL || !wpa_auth->conf.wpa || sm == NULL)
499 return;
500
501#ifdef CONFIG_IEEE80211R
502 if (sm->ft_completed) {
503 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
504 "FT authentication already completed - do not "
505 "start 4-way handshake");
506 return;
507 }
508#endif /* CONFIG_IEEE80211R */
509
510 if (sm->started) {
22a299ee 511 os_memset(&sm->key_replay, 0, sizeof(sm->key_replay));
6fc6879b
JM		 512 sm->ReAuthenticationRequest = TRUE;
513 wpa_sm_step(sm);
514 return;
515 }
516
517 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
518 "start authentication");
519 sm->started = 1;
520
521 sm->Init = TRUE;
522 wpa_sm_step(sm);
523 sm->Init = FALSE;
524 sm->AuthenticationRequest = TRUE;
525 wpa_sm_step(sm);
526}
527
528
a8d05fca
JM		 529void wpa_auth_sta_no_wpa(struct wpa_state_machine *sm)
530{
531 /* WPA/RSN was not used - clear WPA state. This is needed if the STA
532 * reassociates back to the same AP while the previous entry for the
533 * STA has not yet been removed. */
534 if (sm == NULL)
535 return;
536
537 sm->wpa_key_mgmt = 0;
538}
539
540
6fc6879b
JM		 541static void wpa_free_sta_sm(struct wpa_state_machine *sm)
542{
543 os_free(sm->last_rx_eapol_key);
544 os_free(sm->wpa_ie);
545 os_free(sm);
546}
547
548
549void wpa_auth_sta_deinit(struct wpa_state_machine *sm)
550{
551 if (sm == NULL)
552 return;
553
554 if (sm->wpa_auth->conf.wpa_strict_rekey && sm->has_GTK) {
555 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
556 "strict rekeying - force GTK rekey since STA "
557 "is leaving");
558 eloop_cancel_timeout(wpa_rekey_gtk, sm->wpa_auth, NULL);
559 eloop_register_timeout(0, 500000, wpa_rekey_gtk, sm->wpa_auth,
560 NULL);
561 }
562
563 eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm);
564 eloop_cancel_timeout(wpa_sm_call_step, sm, NULL);
581a8cde 565 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
6fc6879b
JM		 566 if (sm->in_step_loop) {
567 /* Must not free state machine while wpa_sm_step() is running.
568 * Freeing will be completed in the end of wpa_sm_step(). */
569 wpa_printf(MSG_DEBUG, "WPA: Registering pending STA state "
570 "machine deinit for " MACSTR, MAC2STR(sm->addr));
571 sm->pending_deinit = 1;
572 } else
573 wpa_free_sta_sm(sm);
574}
575
576
577static void wpa_request_new_ptk(struct wpa_state_machine *sm)
578{
579 if (sm == NULL)
580 return;
581
582 sm->PTKRequest = TRUE;
583 sm->PTK_valid = 0;
584}
585
586
22a299ee
JM		 587static int wpa_replay_counter_valid(struct wpa_state_machine *sm,
588 const u8 *replay_counter)
589{
590 int i;
591 for (i = 0; i < RSNA_MAX_EAPOL_RETRIES; i++) {
592 if (!sm->key_replay[i].valid)
593 break;
594 if (os_memcmp(replay_counter, sm->key_replay[i].counter,
595 WPA_REPLAY_COUNTER_LEN) == 0)
596 return 1;
597 }
598 return 0;
599}
600
601
6fc6879b
JM		 602void wpa_receive(struct wpa_authenticator *wpa_auth,
603 struct wpa_state_machine *sm,
604 u8 *data, size_t data_len)
605{
606 struct ieee802_1x_hdr *hdr;
607 struct wpa_eapol_key *key;
608 u16 key_info, key_data_length;
609 enum { PAIRWISE_2, PAIRWISE_4, GROUP_2, REQUEST,
610 SMK_M1, SMK_M3, SMK_ERROR } msg;
611 char *msgtxt;
612 struct wpa_eapol_ie_parse kde;
613
614 if (wpa_auth == NULL || !wpa_auth->conf.wpa || sm == NULL)
615 return;
616
617 if (data_len < sizeof(*hdr) + sizeof(*key))
618 return;
619
620 hdr = (struct ieee802_1x_hdr *) data;
621 key = (struct wpa_eapol_key *) (hdr + 1);
622 key_info = WPA_GET_BE16(key->key_info);
623 key_data_length = WPA_GET_BE16(key->key_data_length);
624 if (key_data_length > data_len - sizeof(*hdr) - sizeof(*key)) {
625 wpa_printf(MSG_INFO, "WPA: Invalid EAPOL-Key frame - "
626 "key_data overflow (%d > %lu)",
627 key_data_length,
628 (unsigned long) (data_len - sizeof(*hdr) -
629 sizeof(*key)));
630 return;
631 }
632
f8e96eb6
JM		 633 if (sm->wpa == WPA_VERSION_WPA2) {
634 if (key->type != EAPOL_KEY_TYPE_RSN) {
635 wpa_printf(MSG_DEBUG, "Ignore EAPOL-Key with "
636 "unexpected type %d in RSN mode",
637 key->type);
638 return;
639 }
640 } else {
641 if (key->type != EAPOL_KEY_TYPE_WPA) {
642 wpa_printf(MSG_DEBUG, "Ignore EAPOL-Key with "
643 "unexpected type %d in WPA mode",
644 key->type);
645 return;
646 }
647 }
648
6fc6879b
JM		 649 /* FIX: verify that the EAPOL-Key frame was encrypted if pairwise keys
650 * are set */
651
652 if ((key_info & (WPA_KEY_INFO_SMK_MESSAGE | WPA_KEY_INFO_REQUEST)) ==
653 (WPA_KEY_INFO_SMK_MESSAGE | WPA_KEY_INFO_REQUEST)) {
654 if (key_info & WPA_KEY_INFO_ERROR) {
655 msg = SMK_ERROR;
656 msgtxt = "SMK Error";
657 } else {
658 msg = SMK_M1;
659 msgtxt = "SMK M1";
660 }
661 } else if (key_info & WPA_KEY_INFO_SMK_MESSAGE) {
662 msg = SMK_M3;
663 msgtxt = "SMK M3";
664 } else if (key_info & WPA_KEY_INFO_REQUEST) {
665 msg = REQUEST;
666 msgtxt = "Request";
667 } else if (!(key_info & WPA_KEY_INFO_KEY_TYPE)) {
668 msg = GROUP_2;
669 msgtxt = "2/2 Group";
670 } else if (key_data_length == 0) {
671 msg = PAIRWISE_4;
672 msgtxt = "4/4 Pairwise";
673 } else {
674 msg = PAIRWISE_2;
675 msgtxt = "2/4 Pairwise";
676 }
677
678 /* TODO: key_info type validation for PeerKey */
679 if (msg == REQUEST || msg == PAIRWISE_2 || msg == PAIRWISE_4 ||
680 msg == GROUP_2) {
681 u16 ver = key_info & WPA_KEY_INFO_TYPE_MASK;
682 if (sm->pairwise == WPA_CIPHER_CCMP) {
683 if (wpa_use_aes_cmac(sm) &&
684 ver != WPA_KEY_INFO_TYPE_AES_128_CMAC) {
685 wpa_auth_logger(wpa_auth, sm->addr,
686 LOGGER_WARNING,
687 "advertised support for "
688 "AES-128-CMAC, but did not "
689 "use it");
690 return;
691 }
692
693 if (!wpa_use_aes_cmac(sm) &&
694 ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) {
695 wpa_auth_logger(wpa_auth, sm->addr,
696 LOGGER_WARNING,
697 "did not use HMAC-SHA1-AES "
698 "with CCMP");
699 return;
700 }
701 }
702 }
703
704 if (key_info & WPA_KEY_INFO_REQUEST) {
705 if (sm->req_replay_counter_used &&
706 os_memcmp(key->replay_counter, sm->req_replay_counter,
707 WPA_REPLAY_COUNTER_LEN) <= 0) {
708 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_WARNING,
709 "received EAPOL-Key request with "
710 "replayed counter");
711 return;
712 }
713 }
714
715 if (!(key_info & WPA_KEY_INFO_REQUEST) &&
22a299ee
JM		 716 !wpa_replay_counter_valid(sm, key->replay_counter)) {
717 int i;
6fc6879b
JM		 718 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
719 "received EAPOL-Key %s with unexpected "
720 "replay counter", msgtxt);
22a299ee
JM		 721 for (i = 0; i < RSNA_MAX_EAPOL_RETRIES; i++) {
722 if (!sm->key_replay[i].valid)
723 break;
724 wpa_hexdump(MSG_DEBUG, "pending replay counter",
725 sm->key_replay[i].counter,
726 WPA_REPLAY_COUNTER_LEN);
727 }
6fc6879b
JM		 728 wpa_hexdump(MSG_DEBUG, "received replay counter",
729 key->replay_counter, WPA_REPLAY_COUNTER_LEN);
730 return;
731 }
732
733 switch (msg) {
734 case PAIRWISE_2:
735 if (sm->wpa_ptk_state != WPA_PTK_PTKSTART &&
736 sm->wpa_ptk_state != WPA_PTK_PTKCALCNEGOTIATING) {
737 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
738 "received EAPOL-Key msg 2/4 in "
739 "invalid state (%d) - dropped",
740 sm->wpa_ptk_state);
741 return;
742 }
743 if (sm->wpa_ie == NULL ||
744 sm->wpa_ie_len != key_data_length ||
745 os_memcmp(sm->wpa_ie, key + 1, key_data_length) != 0) {
746 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
747 "WPA IE from (Re)AssocReq did not "
748 "match with msg 2/4");
749 if (sm->wpa_ie) {
750 wpa_hexdump(MSG_DEBUG, "WPA IE in AssocReq",
751 sm->wpa_ie, sm->wpa_ie_len);
752 }
753 wpa_hexdump(MSG_DEBUG, "WPA IE in msg 2/4",
754 (u8 *) (key + 1), key_data_length);
755 /* MLME-DEAUTHENTICATE.request */
756 wpa_sta_disconnect(wpa_auth, sm->addr);
757 return;
758 }
759 break;
760 case PAIRWISE_4:
761 if (sm->wpa_ptk_state != WPA_PTK_PTKINITNEGOTIATING ||
762 !sm->PTK_valid) {
763 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
764 "received EAPOL-Key msg 4/4 in "
765 "invalid state (%d) - dropped",
766 sm->wpa_ptk_state);
767 return;
768 }
769 break;
770 case GROUP_2:
771 if (sm->wpa_ptk_group_state != WPA_PTK_GROUP_REKEYNEGOTIATING
772 || !sm->PTK_valid) {
773 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
774 "received EAPOL-Key msg 2/2 in "
775 "invalid state (%d) - dropped",
776 sm->wpa_ptk_group_state);
777 return;
778 }
779 break;
780#ifdef CONFIG_PEERKEY
781 case SMK_M1:
782 case SMK_M3:
783 case SMK_ERROR:
784 if (!wpa_auth->conf.peerkey) {
785 wpa_printf(MSG_DEBUG, "RSN: SMK M1/M3/Error, but "
786 "PeerKey use disabled - ignoring message");
787 return;
788 }
789 if (!sm->PTK_valid) {
790 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
791 "received EAPOL-Key msg SMK in "
792 "invalid state - dropped");
793 return;
794 }
795 break;
796#else /* CONFIG_PEERKEY */
797 case SMK_M1:
798 case SMK_M3:
799 case SMK_ERROR:
800 return; /* STSL disabled - ignore SMK messages */
801#endif /* CONFIG_PEERKEY */
802 case REQUEST:
803 break;
804 }
805
806 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
807 "received EAPOL-Key frame (%s)", msgtxt);
808
809 if (key_info & WPA_KEY_INFO_ACK) {
810 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
811 "received invalid EAPOL-Key: Key Ack set");
812 return;
813 }
814
815 if (!(key_info & WPA_KEY_INFO_MIC)) {
816 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
817 "received invalid EAPOL-Key: Key MIC not set");
818 return;
819 }
820
821 sm->MICVerified = FALSE;
822 if (sm->PTK_valid) {
823 if (wpa_verify_key_mic(&sm->PTK, data, data_len)) {
824 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
825 "received EAPOL-Key with invalid MIC");
826 return;
827 }
828 sm->MICVerified = TRUE;
829 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm);
830 }
831
832 if (key_info & WPA_KEY_INFO_REQUEST) {
833 if (sm->MICVerified) {
834 sm->req_replay_counter_used = 1;
835 os_memcpy(sm->req_replay_counter, key->replay_counter,
836 WPA_REPLAY_COUNTER_LEN);
837 } else {
838 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
839 "received EAPOL-Key request with "
840 "invalid MIC");
841 return;
842 }
843
844 /*
845 * TODO: should decrypt key data field if encryption was used;
846 * even though MAC address KDE is not normally encrypted,
847 * supplicant is allowed to encrypt it.
848 */
849 if (msg == SMK_ERROR) {
850#ifdef CONFIG_PEERKEY
851 wpa_smk_error(wpa_auth, sm, key);
852#endif /* CONFIG_PEERKEY */
853 return;
854 } else if (key_info & WPA_KEY_INFO_ERROR) {
855 /* Supplicant reported a Michael MIC error */
856 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
857 "received EAPOL-Key Error Request "
858 "(STA detected Michael MIC failure)");
859 wpa_auth_mic_failure_report(wpa_auth, sm->addr);
860 sm->dot11RSNAStatsTKIPRemoteMICFailures++;
861 wpa_auth->dot11RSNAStatsTKIPRemoteMICFailures++;
862 /* Error report is not a request for a new key
863 * handshake, but since Authenticator may do it, let's
864 * change the keys now anyway. */
865 wpa_request_new_ptk(sm);
866 } else if (key_info & WPA_KEY_INFO_KEY_TYPE) {
867 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
868 "received EAPOL-Key Request for new "
869 "4-Way Handshake");
870 wpa_request_new_ptk(sm);
871#ifdef CONFIG_PEERKEY
872 } else if (msg == SMK_M1) {
873 wpa_smk_m1(wpa_auth, sm, key);
874#endif /* CONFIG_PEERKEY */
875 } else if (key_data_length > 0 &&
876 wpa_parse_kde_ies((const u8 *) (key + 1),
877 key_data_length, &kde) == 0 &&
878 kde.mac_addr) {
879 } else {
880 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
881 "received EAPOL-Key Request for GTK "
882 "rekeying");
883 /* FIX: why was this triggering PTK rekeying for the
884 * STA that requested Group Key rekeying?? */
885 /* wpa_request_new_ptk(sta->wpa_sm); */
886 eloop_cancel_timeout(wpa_rekey_gtk, wpa_auth, NULL);
887 wpa_rekey_gtk(wpa_auth, NULL);
888 }
889 } else {
22a299ee
JM		 890 /* Do not allow the same key replay counter to be reused. This
891 * does also invalidate all other pending replay counters if
892 * retransmissions were used, i.e., we will only process one of
893 * the pending replies and ignore rest if more than one is
894 * received. */
895 sm->key_replay[0].valid = FALSE;
6fc6879b
JM		 896 }
897
898#ifdef CONFIG_PEERKEY
899 if (msg == SMK_M3) {
900 wpa_smk_m3(wpa_auth, sm, key);
901 return;
902 }
903#endif /* CONFIG_PEERKEY */
904
905 os_free(sm->last_rx_eapol_key);
906 sm->last_rx_eapol_key = os_malloc(data_len);
907 if (sm->last_rx_eapol_key == NULL)
908 return;
909 os_memcpy(sm->last_rx_eapol_key, data, data_len);
910 sm->last_rx_eapol_key_len = data_len;
911
912 sm->EAPOLKeyReceived = TRUE;
913 sm->EAPOLKeyPairwise = !!(key_info & WPA_KEY_INFO_KEY_TYPE);
914 sm->EAPOLKeyRequest = !!(key_info & WPA_KEY_INFO_REQUEST);
915 os_memcpy(sm->SNonce, key->key_nonce, WPA_NONCE_LEN);
916 wpa_sm_step(sm);
917}
918
919
920static void wpa_gmk_to_gtk(const u8 *gmk, const u8 *addr, const u8 *gnonce,
921 u8 *gtk, size_t gtk_len)
922{
923 u8 data[ETH_ALEN + WPA_NONCE_LEN];
924
925 /* GTK = PRF-X(GMK, "Group key expansion", AA || GNonce) */
926 os_memcpy(data, addr, ETH_ALEN);
927 os_memcpy(data + ETH_ALEN, gnonce, WPA_NONCE_LEN);
928
56586197
JM		 929#ifdef CONFIG_IEEE80211W
930 sha256_prf(gmk, WPA_GMK_LEN, "Group key expansion",
931 data, sizeof(data), gtk, gtk_len);
932#else /* CONFIG_IEEE80211W */
6fc6879b
JM		 933 sha1_prf(gmk, WPA_GMK_LEN, "Group key expansion",
934 data, sizeof(data), gtk, gtk_len);
56586197 935#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 936
937 wpa_hexdump_key(MSG_DEBUG, "GMK", gmk, WPA_GMK_LEN);
938 wpa_hexdump_key(MSG_DEBUG, "GTK", gtk, gtk_len);
939}
940
941
942static void wpa_send_eapol_timeout(void *eloop_ctx, void *timeout_ctx)
943{
944 struct wpa_authenticator *wpa_auth = eloop_ctx;
945 struct wpa_state_machine *sm = timeout_ctx;
946
947 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "EAPOL-Key timeout");
948 sm->TimeoutEvt = TRUE;
949 wpa_sm_step(sm);
950}
951
952
953void __wpa_send_eapol(struct wpa_authenticator *wpa_auth,
954 struct wpa_state_machine *sm, int key_info,
955 const u8 *key_rsc, const u8 *nonce,
956 const u8 *kde, size_t kde_len,
957 int keyidx, int encr, int force_version)
958{
959 struct ieee802_1x_hdr *hdr;
960 struct wpa_eapol_key *key;
961 size_t len;
962 int alg;
963 int key_data_len, pad_len = 0;
964 u8 *buf, *pos;
965 int version, pairwise;
22a299ee 966 int i;
6fc6879b
JM		 967
968 len = sizeof(struct ieee802_1x_hdr) + sizeof(struct wpa_eapol_key);
969
970 if (force_version)
971 version = force_version;
972 else if (wpa_use_aes_cmac(sm))
973 version = WPA_KEY_INFO_TYPE_AES_128_CMAC;
974 else if (sm->pairwise == WPA_CIPHER_CCMP)
975 version = WPA_KEY_INFO_TYPE_HMAC_SHA1_AES;
976 else
977 version = WPA_KEY_INFO_TYPE_HMAC_MD5_RC4;
978
979 pairwise = key_info & WPA_KEY_INFO_KEY_TYPE;
980
981 wpa_printf(MSG_DEBUG, "WPA: Send EAPOL(version=%d secure=%d mic=%d "
982 "ack=%d install=%d pairwise=%d kde_len=%lu keyidx=%d "
983 "encr=%d)",
984 version,
985 (key_info & WPA_KEY_INFO_SECURE) ? 1 : 0,
986 (key_info & WPA_KEY_INFO_MIC) ? 1 : 0,
987 (key_info & WPA_KEY_INFO_ACK) ? 1 : 0,
988 (key_info & WPA_KEY_INFO_INSTALL) ? 1 : 0,
989 pairwise, (unsigned long) kde_len, keyidx, encr);
990
991 key_data_len = kde_len;
992
993 if ((version == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES ||
994 version == WPA_KEY_INFO_TYPE_AES_128_CMAC) && encr) {
995 pad_len = key_data_len % 8;
996 if (pad_len)
997 pad_len = 8 - pad_len;
998 key_data_len += pad_len + 8;
999 }
1000
1001 len += key_data_len;
1002
1003 hdr = os_zalloc(len);
1004 if (hdr == NULL)
1005 return;
1006 hdr->version = wpa_auth->conf.eapol_version;
1007 hdr->type = IEEE802_1X_TYPE_EAPOL_KEY;
1008 hdr->length = host_to_be16(len - sizeof(*hdr));
1009 key = (struct wpa_eapol_key *) (hdr + 1);
1010
1011 key->type = sm->wpa == WPA_VERSION_WPA2 ?
1012 EAPOL_KEY_TYPE_RSN : EAPOL_KEY_TYPE_WPA;
1013 key_info |= version;
1014 if (encr && sm->wpa == WPA_VERSION_WPA2)
1015 key_info |= WPA_KEY_INFO_ENCR_KEY_DATA;
1016 if (sm->wpa != WPA_VERSION_WPA2)
1017 key_info |= keyidx << WPA_KEY_INFO_KEY_INDEX_SHIFT;
1018 WPA_PUT_BE16(key->key_info, key_info);
1019
1020 alg = pairwise ? sm->pairwise : wpa_auth->conf.wpa_group;
1021 switch (alg) {
1022 case WPA_CIPHER_CCMP:
1023 WPA_PUT_BE16(key->key_length, 16);
1024 break;
1025 case WPA_CIPHER_TKIP:
1026 WPA_PUT_BE16(key->key_length, 32);
1027 break;
1028 case WPA_CIPHER_WEP40:
1029 WPA_PUT_BE16(key->key_length, 5);
1030 break;
1031 case WPA_CIPHER_WEP104:
1032 WPA_PUT_BE16(key->key_length, 13);
1033 break;
1034 }
1035 if (key_info & WPA_KEY_INFO_SMK_MESSAGE)
1036 WPA_PUT_BE16(key->key_length, 0);
1037
1038 /* FIX: STSL: what to use as key_replay_counter? */
22a299ee
JM		 1039 for (i = RSNA_MAX_EAPOL_RETRIES - 1; i > 0; i--) {
1040 sm->key_replay[i].valid = sm->key_replay[i - 1].valid;
1041 os_memcpy(sm->key_replay[i].counter,
1042 sm->key_replay[i - 1].counter,
1043 WPA_REPLAY_COUNTER_LEN);
1044 }
1045 inc_byte_array(sm->key_replay[0].counter, WPA_REPLAY_COUNTER_LEN);
1046 os_memcpy(key->replay_counter, sm->key_replay[0].counter,
6fc6879b 1047 WPA_REPLAY_COUNTER_LEN);
22a299ee 1048 sm->key_replay[0].valid = TRUE;
6fc6879b
JM		 1049
1050 if (nonce)
1051 os_memcpy(key->key_nonce, nonce, WPA_NONCE_LEN);
1052
1053 if (key_rsc)
1054 os_memcpy(key->key_rsc, key_rsc, WPA_KEY_RSC_LEN);
1055
1056 if (kde && !encr) {
1057 os_memcpy(key + 1, kde, kde_len);
1058 WPA_PUT_BE16(key->key_data_length, kde_len);
1059 } else if (encr && kde) {
1060 buf = os_zalloc(key_data_len);
1061 if (buf == NULL) {
1062 os_free(hdr);
1063 return;
1064 }
1065 pos = buf;
1066 os_memcpy(pos, kde, kde_len);
1067 pos += kde_len;
1068
1069 if (pad_len)
1070 *pos++ = 0xdd;
1071
1072 wpa_hexdump_key(MSG_DEBUG, "Plaintext EAPOL-Key Key Data",
1073 buf, key_data_len);
1074 if (version == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES ||
1075 version == WPA_KEY_INFO_TYPE_AES_128_CMAC) {
1076 if (aes_wrap(sm->PTK.kek, (key_data_len - 8) / 8, buf,
1077 (u8 *) (key + 1))) {
1078 os_free(hdr);
1079 os_free(buf);
1080 return;
1081 }
1082 WPA_PUT_BE16(key->key_data_length, key_data_len);
1083 } else {
1084 u8 ek[32];
1085 os_memcpy(key->key_iv,
1086 sm->group->Counter + WPA_NONCE_LEN - 16, 16);
1087 inc_byte_array(sm->group->Counter, WPA_NONCE_LEN);
1088 os_memcpy(ek, key->key_iv, 16);
1089 os_memcpy(ek + 16, sm->PTK.kek, 16);
1090 os_memcpy(key + 1, buf, key_data_len);
1091 rc4_skip(ek, 32, 256, (u8 *) (key + 1), key_data_len);
1092 WPA_PUT_BE16(key->key_data_length, key_data_len);
1093 }
1094 os_free(buf);
1095 }
1096
1097 if (key_info & WPA_KEY_INFO_MIC) {
1098 if (!sm->PTK_valid) {
1099 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
1100 "PTK not valid when sending EAPOL-Key "
1101 "frame");
1102 os_free(hdr);
1103 return;
1104 }
1105 wpa_eapol_key_mic(sm->PTK.kck, version, (u8 *) hdr, len,
1106 key->key_mic);
1107 }
1108
1109 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_inc_EapolFramesTx,
1110 1);
1111 wpa_auth_send_eapol(wpa_auth, sm->addr, (u8 *) hdr, len,
1112 sm->pairwise_set);
1113 os_free(hdr);
1114}
1115
1116
1117static void wpa_send_eapol(struct wpa_authenticator *wpa_auth,
1118 struct wpa_state_machine *sm, int key_info,
1119 const u8 *key_rsc, const u8 *nonce,
1120 const u8 *kde, size_t kde_len,
1121 int keyidx, int encr)
1122{
1123 int timeout_ms;
1124 int pairwise = key_info & WPA_KEY_INFO_KEY_TYPE;
bae61562 1125 int ctr;
6fc6879b
JM		 1126
1127 if (sm == NULL)
1128 return;
1129
1130 __wpa_send_eapol(wpa_auth, sm, key_info, key_rsc, nonce, kde, kde_len,
1131 keyidx, encr, 0);
1132
bae61562
JM		 1133 ctr = pairwise ? sm->TimeoutCtr : sm->GTimeoutCtr;
1134 if (ctr == 1)
1135 timeout_ms = eapol_key_timeout_first;
1136 else
1137 timeout_ms = eapol_key_timeout_subseq;
6fc6879b
JM		 1138 eloop_register_timeout(timeout_ms / 1000, (timeout_ms % 1000) * 1000,
1139 wpa_send_eapol_timeout, wpa_auth, sm);
1140}
1141
1142
1143static int wpa_verify_key_mic(struct wpa_ptk *PTK, u8 *data, size_t data_len)
1144{
1145 struct ieee802_1x_hdr *hdr;
1146 struct wpa_eapol_key *key;
1147 u16 key_info;
1148 int ret = 0;
1149 u8 mic[16];
1150
1151 if (data_len < sizeof(*hdr) + sizeof(*key))
1152 return -1;
1153
1154 hdr = (struct ieee802_1x_hdr *) data;
1155 key = (struct wpa_eapol_key *) (hdr + 1);
1156 key_info = WPA_GET_BE16(key->key_info);
1157 os_memcpy(mic, key->key_mic, 16);
1158 os_memset(key->key_mic, 0, 16);
1159 if (wpa_eapol_key_mic(PTK->kck, key_info & WPA_KEY_INFO_TYPE_MASK,
1160 data, data_len, key->key_mic) ||
1161 os_memcmp(mic, key->key_mic, 16) != 0)
1162 ret = -1;
1163 os_memcpy(key->key_mic, mic, 16);
1164 return ret;
1165}
1166
1167
1168void wpa_remove_ptk(struct wpa_state_machine *sm)
1169{
1170 sm->PTK_valid = FALSE;
1171 os_memset(&sm->PTK, 0, sizeof(sm->PTK));
89d39d9d
JM		 1172 wpa_auth_set_key(sm->wpa_auth, 0, WPA_ALG_NONE, sm->addr, 0, (u8 *) "",
1173 0);
6fc6879b 1174 sm->pairwise_set = FALSE;
581a8cde 1175 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
6fc6879b
JM		 1176}
1177
1178
1179void wpa_auth_sm_event(struct wpa_state_machine *sm, wpa_event event)
1180{
5d22a1d5
JM		 1181 int remove_ptk = 1;
1182
6fc6879b
JM		 1183 if (sm == NULL)
1184 return;
1185
1186 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1187 "event %d notification", event);
1188
1189 switch (event) {
1190 case WPA_AUTH:
1191 case WPA_ASSOC:
1192 break;
1193 case WPA_DEAUTH:
1194 case WPA_DISASSOC:
1195 sm->DeauthenticationRequest = TRUE;
1196 break;
1197 case WPA_REAUTH:
1198 case WPA_REAUTH_EAPOL:
9663596f
JM		 1199 if (sm->GUpdateStationKeys) {
1200 /*
1201 * Reauthentication cancels the pending group key
1202 * update for this STA.
1203 */
1204 sm->group->GKeyDoneStations--;
1205 sm->GUpdateStationKeys = FALSE;
1206 sm->PtkGroupInit = TRUE;
1207 }
6fc6879b
JM		 1208 sm->ReAuthenticationRequest = TRUE;
1209 break;
1210 case WPA_ASSOC_FT:
1211#ifdef CONFIG_IEEE80211R
1212 /* Using FT protocol, not WPA auth state machine */
1213 sm->ft_completed = 1;
1214 return;
1215#else /* CONFIG_IEEE80211R */
1216 break;
1217#endif /* CONFIG_IEEE80211R */
1218 }
1219
1220#ifdef CONFIG_IEEE80211R
1221 sm->ft_completed = 0;
1222#endif /* CONFIG_IEEE80211R */
1223
5d22a1d5
JM		 1224#ifdef CONFIG_IEEE80211W
1225 if (sm->mgmt_frame_prot && event == WPA_AUTH)
1226 remove_ptk = 0;
1227#endif /* CONFIG_IEEE80211W */
6fc6879b 1228
5d22a1d5
JM		 1229 if (remove_ptk) {
1230 sm->PTK_valid = FALSE;
1231 os_memset(&sm->PTK, 0, sizeof(sm->PTK));
1232
1233 if (event != WPA_REAUTH_EAPOL)
1234 wpa_remove_ptk(sm);
1235 }
6fc6879b
JM		 1236
1237 wpa_sm_step(sm);
1238}
1239
1240
89d39d9d 1241static wpa_alg wpa_alg_enum(int alg)
6fc6879b
JM		 1242{
1243 switch (alg) {
1244 case WPA_CIPHER_CCMP:
89d39d9d 1245 return WPA_ALG_CCMP;
6fc6879b 1246 case WPA_CIPHER_TKIP:
89d39d9d 1247 return WPA_ALG_TKIP;
6fc6879b
JM		 1248 case WPA_CIPHER_WEP104:
1249 case WPA_CIPHER_WEP40:
89d39d9d 1250 return WPA_ALG_WEP;
6fc6879b 1251 default:
89d39d9d 1252 return WPA_ALG_NONE;
6fc6879b
JM		 1253 }
1254}
1255
1256
1257SM_STATE(WPA_PTK, INITIALIZE)
1258{
1259 SM_ENTRY_MA(WPA_PTK, INITIALIZE, wpa_ptk);
1260 if (sm->Init) {
1261 /* Init flag is not cleared here, so avoid busy
1262 * loop by claiming nothing changed. */
1263 sm->changed = FALSE;
1264 }
1265
1266 sm->keycount = 0;
1267 if (sm->GUpdateStationKeys)
1268 sm->group->GKeyDoneStations--;
1269 sm->GUpdateStationKeys = FALSE;
1270 if (sm->wpa == WPA_VERSION_WPA)
1271 sm->PInitAKeys = FALSE;
1272 if (1 /* Unicast cipher supported AND (ESS OR ((IBSS or WDS) and
1273 * Local AA > Remote AA)) */) {
1274 sm->Pair = TRUE;
1275 }
1276 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 0);
1277 wpa_remove_ptk(sm);
1278 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid, 0);
1279 sm->TimeoutCtr = 0;
56586197 1280 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
6fc6879b
JM		 1281 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
1282 WPA_EAPOL_authorized, 0);
1283 }
1284}
1285
1286
1287SM_STATE(WPA_PTK, DISCONNECT)
1288{
1289 SM_ENTRY_MA(WPA_PTK, DISCONNECT, wpa_ptk);
1290 sm->Disconnect = FALSE;
1291 wpa_sta_disconnect(sm->wpa_auth, sm->addr);
1292}
1293
1294
1295SM_STATE(WPA_PTK, DISCONNECTED)
1296{
1297 SM_ENTRY_MA(WPA_PTK, DISCONNECTED, wpa_ptk);
1298 sm->DeauthenticationRequest = FALSE;
1299}
1300
1301
1302SM_STATE(WPA_PTK, AUTHENTICATION)
1303{
1304 SM_ENTRY_MA(WPA_PTK, AUTHENTICATION, wpa_ptk);
1305 os_memset(&sm->PTK, 0, sizeof(sm->PTK));
1306 sm->PTK_valid = FALSE;
1307 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portControl_Auto,
1308 1);
1309 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 1);
1310 sm->AuthenticationRequest = FALSE;
1311}
1312
1313
1314SM_STATE(WPA_PTK, AUTHENTICATION2)
1315{
1316 SM_ENTRY_MA(WPA_PTK, AUTHENTICATION2, wpa_ptk);
1317 os_memcpy(sm->ANonce, sm->group->Counter, WPA_NONCE_LEN);
1318 inc_byte_array(sm->group->Counter, WPA_NONCE_LEN);
1319 sm->ReAuthenticationRequest = FALSE;
1320 /* IEEE 802.11i does not clear TimeoutCtr here, but this is more
1321 * logical place than INITIALIZE since AUTHENTICATION2 can be
1322 * re-entered on ReAuthenticationRequest without going through
1323 * INITIALIZE. */
1324 sm->TimeoutCtr = 0;
1325}
1326
1327
1328SM_STATE(WPA_PTK, INITPMK)
1329{
1330 u8 msk[2 * PMK_LEN];
1331 size_t len = 2 * PMK_LEN;
1332
1333 SM_ENTRY_MA(WPA_PTK, INITPMK, wpa_ptk);
1334#ifdef CONFIG_IEEE80211R
1335 sm->xxkey_len = 0;
1336#endif /* CONFIG_IEEE80211R */
1337 if (sm->pmksa) {
1338 wpa_printf(MSG_DEBUG, "WPA: PMK from PMKSA cache");
1339 os_memcpy(sm->PMK, sm->pmksa->pmk, PMK_LEN);
1340 } else if (wpa_auth_get_msk(sm->wpa_auth, sm->addr, msk, &len) == 0) {
1341 wpa_printf(MSG_DEBUG, "WPA: PMK from EAPOL state machine "
1342 "(len=%lu)", (unsigned long) len);
1343 os_memcpy(sm->PMK, msk, PMK_LEN);
1344#ifdef CONFIG_IEEE80211R
1345 if (len >= 2 * PMK_LEN) {
1346 os_memcpy(sm->xxkey, msk + PMK_LEN, PMK_LEN);
1347 sm->xxkey_len = PMK_LEN;
1348 }
1349#endif /* CONFIG_IEEE80211R */
1350 } else {
1351 wpa_printf(MSG_DEBUG, "WPA: Could not get PMK");
1352 }
1353
1354 sm->req_replay_counter_used = 0;
1355 /* IEEE 802.11i does not set keyRun to FALSE, but not doing this
1356 * will break reauthentication since EAPOL state machines may not be
1357 * get into AUTHENTICATING state that clears keyRun before WPA state
1358 * machine enters AUTHENTICATION2 state and goes immediately to INITPMK
1359 * state and takes PMK from the previously used AAA Key. This will
1360 * eventually fail in 4-Way Handshake because Supplicant uses PMK
1361 * derived from the new AAA Key. Setting keyRun = FALSE here seems to
1362 * be good workaround for this issue. */
1363 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyRun, 0);
1364}
1365
1366
1367SM_STATE(WPA_PTK, INITPSK)
1368{
1369 const u8 *psk;
1370 SM_ENTRY_MA(WPA_PTK, INITPSK, wpa_ptk);
1371 psk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, NULL);
1372 if (psk) {
1373 os_memcpy(sm->PMK, psk, PMK_LEN);
1374#ifdef CONFIG_IEEE80211R
1375 os_memcpy(sm->xxkey, psk, PMK_LEN);
1376 sm->xxkey_len = PMK_LEN;
1377#endif /* CONFIG_IEEE80211R */
1378 }
1379 sm->req_replay_counter_used = 0;
1380}
1381
1382
1383SM_STATE(WPA_PTK, PTKSTART)
1384{
1385 u8 buf[2 + RSN_SELECTOR_LEN + PMKID_LEN], *pmkid = NULL;
1386 size_t pmkid_len = 0;
1387
1388 SM_ENTRY_MA(WPA_PTK, PTKSTART, wpa_ptk);
1389 sm->PTKRequest = FALSE;
1390 sm->TimeoutEvt = FALSE;
bae61562
JM		 1391
1392 sm->TimeoutCtr++;
1393 if (sm->TimeoutCtr > (int) dot11RSNAConfigPairwiseUpdateCount) {
1394 /* No point in sending the EAPOL-Key - we will disconnect
1395 * immediately following this. */
1396 return;
1397 }
1398
6fc6879b
JM		 1399 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1400 "sending 1/4 msg of 4-Way Handshake");
1401 /*
1402 * TODO: Could add PMKID even with WPA2-PSK, but only if there is only
1403 * one possible PSK for this STA.
1404 */
1405 if (sm->wpa == WPA_VERSION_WPA2 &&
56586197 1406 wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt)) {
6fc6879b
JM		 1407 pmkid = buf;
1408 pmkid_len = 2 + RSN_SELECTOR_LEN + PMKID_LEN;
1409 pmkid[0] = WLAN_EID_VENDOR_SPECIFIC;
1410 pmkid[1] = RSN_SELECTOR_LEN + PMKID_LEN;
1411 RSN_SELECTOR_PUT(&pmkid[2], RSN_KEY_DATA_PMKID);
1412 if (sm->pmksa)
1413 os_memcpy(&pmkid[2 + RSN_SELECTOR_LEN],
1414 sm->pmksa->pmkid, PMKID_LEN);
1415 else {
1416 /*
1417 * Calculate PMKID since no PMKSA cache entry was
1418 * available with pre-calculated PMKID.
1419 */
1420 rsn_pmkid(sm->PMK, PMK_LEN, sm->wpa_auth->addr,
56586197
JM		 1421 sm->addr, &pmkid[2 + RSN_SELECTOR_LEN],
1422 wpa_key_mgmt_sha256(sm->wpa_key_mgmt));
6fc6879b
JM		 1423 }
1424 }
1425 wpa_send_eapol(sm->wpa_auth, sm,
1426 WPA_KEY_INFO_ACK | WPA_KEY_INFO_KEY_TYPE, NULL,
1427 sm->ANonce, pmkid, pmkid_len, 0, 0);
6fc6879b
JM		 1428}
1429
1430
1431static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *pmk,
1432 struct wpa_ptk *ptk)
1433{
c0a61908 1434 size_t ptk_len = sm->pairwise == WPA_CIPHER_CCMP ? 48 : 64;
6fc6879b 1435#ifdef CONFIG_IEEE80211R
56586197 1436 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt))
c0a61908 1437 return wpa_auth_derive_ptk_ft(sm, pmk, ptk, ptk_len);
6fc6879b
JM		 1438#endif /* CONFIG_IEEE80211R */
1439
1440 wpa_pmk_to_ptk(pmk, PMK_LEN, "Pairwise key expansion",
1441 sm->wpa_auth->addr, sm->addr, sm->ANonce, sm->SNonce,
c0a61908 1442 (u8 *) ptk, ptk_len,
56586197 1443 wpa_key_mgmt_sha256(sm->wpa_key_mgmt));
6fc6879b
JM		 1444
1445 return 0;
1446}
1447
1448
1449SM_STATE(WPA_PTK, PTKCALCNEGOTIATING)
1450{
1451 struct wpa_ptk PTK;
1452 int ok = 0;
1453 const u8 *pmk = NULL;
1454
1455 SM_ENTRY_MA(WPA_PTK, PTKCALCNEGOTIATING, wpa_ptk);
1456 sm->EAPOLKeyReceived = FALSE;
1457
1458 /* WPA with IEEE 802.1X: use the derived PMK from EAP
1459 * WPA-PSK: iterate through possible PSKs and select the one matching
1460 * the packet */
1461 for (;;) {
56586197 1462 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
6fc6879b
JM		 1463 pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, pmk);
1464 if (pmk == NULL)
1465 break;
1466 } else
1467 pmk = sm->PMK;
1468
1469 wpa_derive_ptk(sm, pmk, &PTK);
1470
1471 if (wpa_verify_key_mic(&PTK, sm->last_rx_eapol_key,
1472 sm->last_rx_eapol_key_len) == 0) {
1473 ok = 1;
1474 break;
1475 }
1476
56586197 1477 if (!wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt))
6fc6879b
JM		 1478 break;
1479 }
1480
1481 if (!ok) {
1482 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1483 "invalid MIC in msg 2/4 of 4-Way Handshake");
1484 return;
1485 }
1486
1487 eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm);
1488
56586197 1489 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
6fc6879b
JM		 1490 /* PSK may have changed from the previous choice, so update
1491 * state machine data based on whatever PSK was selected here.
1492 */
1493 os_memcpy(sm->PMK, pmk, PMK_LEN);
1494 }
1495
1496 sm->MICVerified = TRUE;
1497
1498 os_memcpy(&sm->PTK, &PTK, sizeof(PTK));
1499 sm->PTK_valid = TRUE;
1500}
1501
1502
1503SM_STATE(WPA_PTK, PTKCALCNEGOTIATING2)
1504{
1505 SM_ENTRY_MA(WPA_PTK, PTKCALCNEGOTIATING2, wpa_ptk);
1506 sm->TimeoutCtr = 0;
1507}
1508
1509
1510#ifdef CONFIG_IEEE80211W
1511
1512static int ieee80211w_kde_len(struct wpa_state_machine *sm)
1513{
1514 if (sm->mgmt_frame_prot) {
1515 return 2 + RSN_SELECTOR_LEN + sizeof(struct wpa_igtk_kde);
1516 }
1517
1518 return 0;
1519}
1520
1521
1522static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos)
1523{
1524 struct wpa_igtk_kde igtk;
1525 struct wpa_group *gsm = sm->group;
1526
1527 if (!sm->mgmt_frame_prot)
1528 return pos;
1529
1530 igtk.keyid[0] = gsm->GN_igtk;
1531 igtk.keyid[1] = 0;
9008a3e4 1532 if (wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, igtk.pn) < 0)
6fc6879b
JM		 1533 os_memset(igtk.pn, 0, sizeof(igtk.pn));
1534 os_memcpy(igtk.igtk, gsm->IGTK[gsm->GN_igtk - 4], WPA_IGTK_LEN);
1535 pos = wpa_add_kde(pos, RSN_KEY_DATA_IGTK,
1536 (const u8 *) &igtk, sizeof(igtk), NULL, 0);
1537
1538 return pos;
1539}
1540
1541#else /* CONFIG_IEEE80211W */
1542
1543static int ieee80211w_kde_len(struct wpa_state_machine *sm)
1544{
1545 return 0;
1546}
1547
1548
1549static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos)
1550{
1551 return pos;
1552}
1553
1554#endif /* CONFIG_IEEE80211W */
1555
1556
1557SM_STATE(WPA_PTK, PTKINITNEGOTIATING)
1558{
1559 u8 rsc[WPA_KEY_RSC_LEN], *_rsc, *gtk, *kde, *pos;
1560 size_t gtk_len, kde_len;
1561 struct wpa_group *gsm = sm->group;
1562 u8 *wpa_ie;
1563 int wpa_ie_len, secure, keyidx, encr = 0;
1564
1565 SM_ENTRY_MA(WPA_PTK, PTKINITNEGOTIATING, wpa_ptk);
1566 sm->TimeoutEvt = FALSE;
bae61562
JM		 1567
1568 sm->TimeoutCtr++;
1569 if (sm->TimeoutCtr > (int) dot11RSNAConfigPairwiseUpdateCount) {
1570 /* No point in sending the EAPOL-Key - we will disconnect
1571 * immediately following this. */
1572 return;
1573 }
1574
6fc6879b
JM		 1575 /* Send EAPOL(1, 1, 1, Pair, P, RSC, ANonce, MIC(PTK), RSNIE, GTK[GN])
1576 */
1577 os_memset(rsc, 0, WPA_KEY_RSC_LEN);
1578 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc);
1579 wpa_ie = sm->wpa_auth->wpa_ie;
1580 wpa_ie_len = sm->wpa_auth->wpa_ie_len;
1581 if (sm->wpa == WPA_VERSION_WPA &&
1582 (sm->wpa_auth->conf.wpa & WPA_PROTO_RSN) &&
1583 wpa_ie_len > wpa_ie[1] + 2 && wpa_ie[0] == WLAN_EID_RSN) {
1584 /* WPA-only STA, remove RSN IE */
1585 wpa_ie = wpa_ie + wpa_ie[1] + 2;
1586 wpa_ie_len = wpa_ie[1] + 2;
1587 }
1588 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1589 "sending 3/4 msg of 4-Way Handshake");
1590 if (sm->wpa == WPA_VERSION_WPA2) {
1591 /* WPA2 send GTK in the 4-way handshake */
1592 secure = 1;
1593 gtk = gsm->GTK[gsm->GN - 1];
1594 gtk_len = gsm->GTK_len;
1595 keyidx = gsm->GN;
1596 _rsc = rsc;
1597 encr = 1;
1598 } else {
1599 /* WPA does not include GTK in msg 3/4 */
1600 secure = 0;
1601 gtk = NULL;
1602 gtk_len = 0;
1603 keyidx = 0;
1604 _rsc = NULL;
1605 }
1606
1607 kde_len = wpa_ie_len + ieee80211w_kde_len(sm);
1608 if (gtk)
1609 kde_len += 2 + RSN_SELECTOR_LEN + 2 + gtk_len;
1610 kde = os_malloc(kde_len);
1611 if (kde == NULL)
1612 return;
1613
1614 pos = kde;
1615 os_memcpy(pos, wpa_ie, wpa_ie_len);
1616 pos += wpa_ie_len;
1617 if (gtk) {
1618 u8 hdr[2];
1619 hdr[0] = keyidx & 0x03;
1620 hdr[1] = 0;
1621 pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2,
1622 gtk, gtk_len);
1623 }
1624 pos = ieee80211w_kde_add(sm, pos);
1625
1626 wpa_send_eapol(sm->wpa_auth, sm,
1627 (secure ? WPA_KEY_INFO_SECURE : 0) | WPA_KEY_INFO_MIC |
1628 WPA_KEY_INFO_ACK | WPA_KEY_INFO_INSTALL |
1629 WPA_KEY_INFO_KEY_TYPE,
1630 _rsc, sm->ANonce, kde, pos - kde, keyidx, encr);
1631 os_free(kde);
6fc6879b
JM		 1632}
1633
1634
1635SM_STATE(WPA_PTK, PTKINITDONE)
1636{
1637 SM_ENTRY_MA(WPA_PTK, PTKINITDONE, wpa_ptk);
1638 sm->EAPOLKeyReceived = FALSE;
1639 if (sm->Pair) {
89d39d9d 1640 wpa_alg alg;
6fc6879b
JM		 1641 int klen;
1642 if (sm->pairwise == WPA_CIPHER_TKIP) {
89d39d9d 1643 alg = WPA_ALG_TKIP;
6fc6879b
JM		 1644 klen = 32;
1645 } else {
89d39d9d 1646 alg = WPA_ALG_CCMP;
6fc6879b
JM		 1647 klen = 16;
1648 }
1649 if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0,
1650 sm->PTK.tk1, klen)) {
1651 wpa_sta_disconnect(sm->wpa_auth, sm->addr);
1652 return;
1653 }
1654 /* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */
1655 sm->pairwise_set = TRUE;
1656
581a8cde
JM		 1657 if (sm->wpa_auth->conf.wpa_ptk_rekey) {
1658 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
1659 eloop_register_timeout(sm->wpa_auth->conf.
1660 wpa_ptk_rekey, 0, wpa_rekey_ptk,
1661 sm->wpa_auth, sm);
1662 }
1663
56586197 1664 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
6fc6879b
JM		 1665 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
1666 WPA_EAPOL_authorized, 1);
1667 }
1668 }
1669
1670 if (0 /* IBSS == TRUE */) {
1671 sm->keycount++;
1672 if (sm->keycount == 2) {
1673 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
1674 WPA_EAPOL_portValid, 1);
1675 }
1676 } else {
1677 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid,
1678 1);
1679 }
1680 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyAvailable, 0);
1681 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyDone, 1);
1682 if (sm->wpa == WPA_VERSION_WPA)
1683 sm->PInitAKeys = TRUE;
1684 else
1685 sm->has_GTK = TRUE;
1686 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO,
1687 "pairwise key handshake completed (%s)",
1688 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN");
1689
1690#ifdef CONFIG_IEEE80211R
1691 wpa_ft_push_pmk_r1(sm->wpa_auth, sm->addr);
1692#endif /* CONFIG_IEEE80211R */
1693}
1694
1695
1696SM_STEP(WPA_PTK)
1697{
1698 struct wpa_authenticator *wpa_auth = sm->wpa_auth;
1699
1700 if (sm->Init)
1701 SM_ENTER(WPA_PTK, INITIALIZE);
1702 else if (sm->Disconnect
1703 /* || FIX: dot11RSNAConfigSALifetime timeout */)
1704 SM_ENTER(WPA_PTK, DISCONNECT);
1705 else if (sm->DeauthenticationRequest)
1706 SM_ENTER(WPA_PTK, DISCONNECTED);
1707 else if (sm->AuthenticationRequest)
1708 SM_ENTER(WPA_PTK, AUTHENTICATION);
1709 else if (sm->ReAuthenticationRequest)
1710 SM_ENTER(WPA_PTK, AUTHENTICATION2);
1711 else if (sm->PTKRequest)
1712 SM_ENTER(WPA_PTK, PTKSTART);
1713 else switch (sm->wpa_ptk_state) {
1714 case WPA_PTK_INITIALIZE:
1715 break;
1716 case WPA_PTK_DISCONNECT:
1717 SM_ENTER(WPA_PTK, DISCONNECTED);
1718 break;
1719 case WPA_PTK_DISCONNECTED:
1720 SM_ENTER(WPA_PTK, INITIALIZE);
1721 break;
1722 case WPA_PTK_AUTHENTICATION:
1723 SM_ENTER(WPA_PTK, AUTHENTICATION2);
1724 break;
1725 case WPA_PTK_AUTHENTICATION2:
56586197 1726 if (wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt) &&
6fc6879b
JM		 1727 wpa_auth_get_eapol(sm->wpa_auth, sm->addr,
1728 WPA_EAPOL_keyRun) > 0)
1729 SM_ENTER(WPA_PTK, INITPMK);
56586197 1730 else if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)
6fc6879b
JM		 1731 /* FIX: && 802.1X::keyRun */)
1732 SM_ENTER(WPA_PTK, INITPSK);
1733 break;
1734 case WPA_PTK_INITPMK:
1735 if (wpa_auth_get_eapol(sm->wpa_auth, sm->addr,
1736 WPA_EAPOL_keyAvailable) > 0)
1737 SM_ENTER(WPA_PTK, PTKSTART);
1738 else {
1739 wpa_auth->dot11RSNA4WayHandshakeFailures++;
1740 SM_ENTER(WPA_PTK, DISCONNECT);
1741 }
1742 break;
1743 case WPA_PTK_INITPSK:
1744 if (wpa_auth_get_psk(sm->wpa_auth, sm->addr, NULL))
1745 SM_ENTER(WPA_PTK, PTKSTART);
1746 else {
1747 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO,
1748 "no PSK configured for the STA");
1749 wpa_auth->dot11RSNA4WayHandshakeFailures++;
1750 SM_ENTER(WPA_PTK, DISCONNECT);
1751 }
1752 break;
1753 case WPA_PTK_PTKSTART:
1754 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
1755 sm->EAPOLKeyPairwise)
1756 SM_ENTER(WPA_PTK, PTKCALCNEGOTIATING);
1757 else if (sm->TimeoutCtr >
1758 (int) dot11RSNAConfigPairwiseUpdateCount) {
1759 wpa_auth->dot11RSNA4WayHandshakeFailures++;
1760 SM_ENTER(WPA_PTK, DISCONNECT);
1761 } else if (sm->TimeoutEvt)
1762 SM_ENTER(WPA_PTK, PTKSTART);
1763 break;
1764 case WPA_PTK_PTKCALCNEGOTIATING:
1765 if (sm->MICVerified)
1766 SM_ENTER(WPA_PTK, PTKCALCNEGOTIATING2);
1767 else if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
1768 sm->EAPOLKeyPairwise)
1769 SM_ENTER(WPA_PTK, PTKCALCNEGOTIATING);
1770 else if (sm->TimeoutEvt)
1771 SM_ENTER(WPA_PTK, PTKSTART);
1772 break;
1773 case WPA_PTK_PTKCALCNEGOTIATING2:
1774 SM_ENTER(WPA_PTK, PTKINITNEGOTIATING);
1775 break;
1776 case WPA_PTK_PTKINITNEGOTIATING:
1777 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
1778 sm->EAPOLKeyPairwise && sm->MICVerified)
1779 SM_ENTER(WPA_PTK, PTKINITDONE);
1780 else if (sm->TimeoutCtr >
1781 (int) dot11RSNAConfigPairwiseUpdateCount) {
1782 wpa_auth->dot11RSNA4WayHandshakeFailures++;
1783 SM_ENTER(WPA_PTK, DISCONNECT);
1784 } else if (sm->TimeoutEvt)
1785 SM_ENTER(WPA_PTK, PTKINITNEGOTIATING);
1786 break;
1787 case WPA_PTK_PTKINITDONE:
1788 break;
1789 }
1790}
1791
1792
1793SM_STATE(WPA_PTK_GROUP, IDLE)
1794{
1795 SM_ENTRY_MA(WPA_PTK_GROUP, IDLE, wpa_ptk_group);
1796 if (sm->Init) {
1797 /* Init flag is not cleared here, so avoid busy
1798 * loop by claiming nothing changed. */
1799 sm->changed = FALSE;
1800 }
1801 sm->GTimeoutCtr = 0;
1802}
1803
1804
1805SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING)
1806{
1807 u8 rsc[WPA_KEY_RSC_LEN];
1808 struct wpa_group *gsm = sm->group;
1809 u8 *kde, *pos, hdr[2];
1810 size_t kde_len;
1811
1812 SM_ENTRY_MA(WPA_PTK_GROUP, REKEYNEGOTIATING, wpa_ptk_group);
bae61562
JM		 1813
1814 sm->GTimeoutCtr++;
1815 if (sm->GTimeoutCtr > (int) dot11RSNAConfigGroupUpdateCount) {
1816 /* No point in sending the EAPOL-Key - we will disconnect
1817 * immediately following this. */
1818 return;
1819 }
1820
6fc6879b
JM		 1821 if (sm->wpa == WPA_VERSION_WPA)
1822 sm->PInitAKeys = FALSE;
1823 sm->TimeoutEvt = FALSE;
1824 /* Send EAPOL(1, 1, 1, !Pair, G, RSC, GNonce, MIC(PTK), GTK[GN]) */
1825 os_memset(rsc, 0, WPA_KEY_RSC_LEN);
1826 if (gsm->wpa_group_state == WPA_GROUP_SETKEYSDONE)
1827 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc);
1828 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1829 "sending 1/2 msg of Group Key Handshake");
1830
1831 if (sm->wpa == WPA_VERSION_WPA2) {
1832 kde_len = 2 + RSN_SELECTOR_LEN + 2 + gsm->GTK_len +
1833 ieee80211w_kde_len(sm);
1834 kde = os_malloc(kde_len);
1835 if (kde == NULL)
1836 return;
1837
1838 pos = kde;
1839 hdr[0] = gsm->GN & 0x03;
1840 hdr[1] = 0;
1841 pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2,
1842 gsm->GTK[gsm->GN - 1], gsm->GTK_len);
1843 pos = ieee80211w_kde_add(sm, pos);
1844 } else {
1845 kde = gsm->GTK[gsm->GN - 1];
1846 pos = kde + gsm->GTK_len;
1847 }
1848
1849 wpa_send_eapol(sm->wpa_auth, sm,
1850 WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC |
1851 WPA_KEY_INFO_ACK |
1852 (!sm->Pair ? WPA_KEY_INFO_INSTALL : 0),
1853 rsc, gsm->GNonce, kde, pos - kde, gsm->GN, 1);
1854 if (sm->wpa == WPA_VERSION_WPA2)
1855 os_free(kde);
6fc6879b
JM		 1856}
1857
1858
1859SM_STATE(WPA_PTK_GROUP, REKEYESTABLISHED)
1860{
1861 SM_ENTRY_MA(WPA_PTK_GROUP, REKEYESTABLISHED, wpa_ptk_group);
1862 sm->EAPOLKeyReceived = FALSE;
1863 if (sm->GUpdateStationKeys)
1864 sm->group->GKeyDoneStations--;
1865 sm->GUpdateStationKeys = FALSE;
1866 sm->GTimeoutCtr = 0;
1867 /* FIX: MLME.SetProtection.Request(TA, Tx_Rx) */
1868 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO,
1869 "group key handshake completed (%s)",
1870 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN");
1871 sm->has_GTK = TRUE;
1872}
1873
1874
1875SM_STATE(WPA_PTK_GROUP, KEYERROR)
1876{
1877 SM_ENTRY_MA(WPA_PTK_GROUP, KEYERROR, wpa_ptk_group);
1878 if (sm->GUpdateStationKeys)
1879 sm->group->GKeyDoneStations--;
1880 sm->GUpdateStationKeys = FALSE;
1881 sm->Disconnect = TRUE;
1882}
1883
1884
1885SM_STEP(WPA_PTK_GROUP)
1886{
9663596f 1887 if (sm->Init || sm->PtkGroupInit) {
6fc6879b 1888 SM_ENTER(WPA_PTK_GROUP, IDLE);
9663596f
JM		 1889 sm->PtkGroupInit = FALSE;
1890 } else switch (sm->wpa_ptk_group_state) {
6fc6879b
JM		 1891 case WPA_PTK_GROUP_IDLE:
1892 if (sm->GUpdateStationKeys ||
1893 (sm->wpa == WPA_VERSION_WPA && sm->PInitAKeys))
1894 SM_ENTER(WPA_PTK_GROUP, REKEYNEGOTIATING);
1895 break;
1896 case WPA_PTK_GROUP_REKEYNEGOTIATING:
1897 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
1898 !sm->EAPOLKeyPairwise && sm->MICVerified)
1899 SM_ENTER(WPA_PTK_GROUP, REKEYESTABLISHED);
1900 else if (sm->GTimeoutCtr >
1901 (int) dot11RSNAConfigGroupUpdateCount)
1902 SM_ENTER(WPA_PTK_GROUP, KEYERROR);
1903 else if (sm->TimeoutEvt)
1904 SM_ENTER(WPA_PTK_GROUP, REKEYNEGOTIATING);
1905 break;
1906 case WPA_PTK_GROUP_KEYERROR:
1907 SM_ENTER(WPA_PTK_GROUP, IDLE);
1908 break;
1909 case WPA_PTK_GROUP_REKEYESTABLISHED:
1910 SM_ENTER(WPA_PTK_GROUP, IDLE);
1911 break;
1912 }
1913}
1914
1915
1916static int wpa_gtk_update(struct wpa_authenticator *wpa_auth,
1917 struct wpa_group *group)
1918{
1919 int ret = 0;
1920
1921 /* FIX: is this the correct way of getting GNonce? */
1922 os_memcpy(group->GNonce, group->Counter, WPA_NONCE_LEN);
1923 inc_byte_array(group->Counter, WPA_NONCE_LEN);
1924 wpa_gmk_to_gtk(group->GMK, wpa_auth->addr, group->GNonce,
1925 group->GTK[group->GN - 1], group->GTK_len);
1926
1927#ifdef CONFIG_IEEE80211W
1928 if (wpa_auth->conf.ieee80211w != WPA_NO_IEEE80211W) {
1929 if (os_get_random(group->IGTK[group->GN_igtk - 4],
1930 WPA_IGTK_LEN) < 0) {
1931 wpa_printf(MSG_INFO, "RSN: Failed to get new random "
1932 "IGTK");
1933 ret = -1;
1934 }
1935 wpa_hexdump_key(MSG_DEBUG, "IGTK",
1936 group->IGTK[group->GN_igtk - 4], WPA_IGTK_LEN);
1937 }
1938#endif /* CONFIG_IEEE80211W */
1939
1940 return ret;
1941}
1942
1943
1944static void wpa_group_gtk_init(struct wpa_authenticator *wpa_auth,
1945 struct wpa_group *group)
1946{
1947 wpa_printf(MSG_DEBUG, "WPA: group state machine entering state "
1948 "GTK_INIT (VLAN-ID %d)", group->vlan_id);
1949 group->changed = FALSE; /* GInit is not cleared here; avoid loop */
1950 group->wpa_group_state = WPA_GROUP_GTK_INIT;
1951
1952 /* GTK[0..N] = 0 */
1953 os_memset(group->GTK, 0, sizeof(group->GTK));
1954 group->GN = 1;
1955 group->GM = 2;
1956#ifdef CONFIG_IEEE80211W
1957 group->GN_igtk = 4;
1958 group->GM_igtk = 5;
1959#endif /* CONFIG_IEEE80211W */
1960 /* GTK[GN] = CalcGTK() */
1961 wpa_gtk_update(wpa_auth, group);
1962}
1963
1964
1965static int wpa_group_update_sta(struct wpa_state_machine *sm, void *ctx)
1966{
1967 if (sm->wpa_ptk_state != WPA_PTK_PTKINITDONE) {
1968 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1969 "Not in PTKINITDONE; skip Group Key update");
1970 return 0;
1971 }
9663596f
JM		 1972 if (sm->GUpdateStationKeys) {
1973 /*
1974 * This should not really happen, but just in case, make sure
1975 * we do not count the same STA twice in GKeyDoneStations.
1976 */
1977 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1978 "GUpdateStationKeys already set - do not "
1979 "increment GKeyDoneStations");
1980 } else {
1981 sm->group->GKeyDoneStations++;
1982 sm->GUpdateStationKeys = TRUE;
1983 }
6fc6879b
JM		 1984 wpa_sm_step(sm);
1985 return 0;
1986}
1987
1988
1989static void wpa_group_setkeys(struct wpa_authenticator *wpa_auth,
1990 struct wpa_group *group)
1991{
1992 int tmp;
1993
1994 wpa_printf(MSG_DEBUG, "WPA: group state machine entering state "
1995 "SETKEYS (VLAN-ID %d)", group->vlan_id);
1996 group->changed = TRUE;
1997 group->wpa_group_state = WPA_GROUP_SETKEYS;
1998 group->GTKReKey = FALSE;
1999 tmp = group->GM;
2000 group->GM = group->GN;
2001 group->GN = tmp;
2002#ifdef CONFIG_IEEE80211W
2003 tmp = group->GM_igtk;
2004 group->GM_igtk = group->GN_igtk;
2005 group->GN_igtk = tmp;
2006#endif /* CONFIG_IEEE80211W */
2007 /* "GKeyDoneStations = GNoStations" is done in more robust way by
2008 * counting the STAs that are marked with GUpdateStationKeys instead of
2009 * including all STAs that could be in not-yet-completed state. */
2010 wpa_gtk_update(wpa_auth, group);
2011
2012 wpa_auth_for_each_sta(wpa_auth, wpa_group_update_sta, NULL);
2013 wpa_printf(MSG_DEBUG, "wpa_group_setkeys: GKeyDoneStations=%d",
2014 group->GKeyDoneStations);
2015}
2016
2017
2018static void wpa_group_setkeysdone(struct wpa_authenticator *wpa_auth,
2019 struct wpa_group *group)
2020{
2021 wpa_printf(MSG_DEBUG, "WPA: group state machine entering state "
2022 "SETKEYSDONE (VLAN-ID %d)", group->vlan_id);
2023 group->changed = TRUE;
2024 group->wpa_group_state = WPA_GROUP_SETKEYSDONE;
2025 wpa_auth_set_key(wpa_auth, group->vlan_id,
89d39d9d 2026 wpa_alg_enum(wpa_auth->conf.wpa_group),
6fc6879b
JM		 2027 NULL, group->GN, group->GTK[group->GN - 1],
2028 group->GTK_len);
2029
2030#ifdef CONFIG_IEEE80211W
2031 if (wpa_auth->conf.ieee80211w != WPA_NO_IEEE80211W) {
89d39d9d 2032 wpa_auth_set_key(wpa_auth, group->vlan_id, WPA_ALG_IGTK,
6fc6879b
JM		 2033 NULL, group->GN_igtk,
2034 group->IGTK[group->GN_igtk - 4],
2035 WPA_IGTK_LEN);
2036 }
2037#endif /* CONFIG_IEEE80211W */
2038}
2039
2040
2041static void wpa_group_sm_step(struct wpa_authenticator *wpa_auth,
2042 struct wpa_group *group)
2043{
2044 if (group->GInit) {
2045 wpa_group_gtk_init(wpa_auth, group);
2046 } else if (group->wpa_group_state == WPA_GROUP_GTK_INIT &&
2047 group->GTKAuthenticator) {
2048 wpa_group_setkeysdone(wpa_auth, group);
2049 } else if (group->wpa_group_state == WPA_GROUP_SETKEYSDONE &&
2050 group->GTKReKey) {
2051 wpa_group_setkeys(wpa_auth, group);
2052 } else if (group->wpa_group_state == WPA_GROUP_SETKEYS) {
2053 if (group->GKeyDoneStations == 0)
2054 wpa_group_setkeysdone(wpa_auth, group);
2055 else if (group->GTKReKey)
2056 wpa_group_setkeys(wpa_auth, group);
2057 }
2058}
2059
2060
2061static void wpa_sm_step(struct wpa_state_machine *sm)
2062{
2063 if (sm == NULL)
2064 return;
2065
2066 if (sm->in_step_loop) {
2067 /* This should not happen, but if it does, make sure we do not
2068 * end up freeing the state machine too early by exiting the
2069 * recursive call. */
2070 wpa_printf(MSG_ERROR, "WPA: wpa_sm_step() called recursively");
2071 return;
2072 }
2073
2074 sm->in_step_loop = 1;
2075 do {
2076 if (sm->pending_deinit)
2077 break;
2078
2079 sm->changed = FALSE;
2080 sm->wpa_auth->group->changed = FALSE;
2081
2082 SM_STEP_RUN(WPA_PTK);
2083 if (sm->pending_deinit)
2084 break;
2085 SM_STEP_RUN(WPA_PTK_GROUP);
2086 if (sm->pending_deinit)
2087 break;
2088 wpa_group_sm_step(sm->wpa_auth, sm->group);
2089 } while (sm->changed || sm->wpa_auth->group->changed);
2090 sm->in_step_loop = 0;
2091
2092 if (sm->pending_deinit) {
2093 wpa_printf(MSG_DEBUG, "WPA: Completing pending STA state "
2094 "machine deinit for " MACSTR, MAC2STR(sm->addr));
2095 wpa_free_sta_sm(sm);
2096 }
2097}
2098
2099
2100static void wpa_sm_call_step(void *eloop_ctx, void *timeout_ctx)
2101{
2102 struct wpa_state_machine *sm = eloop_ctx;
2103 wpa_sm_step(sm);
2104}
2105
2106
2107void wpa_auth_sm_notify(struct wpa_state_machine *sm)
2108{
2109 if (sm == NULL)
2110 return;
2111 eloop_register_timeout(0, 0, wpa_sm_call_step, sm, NULL);
2112}
2113
2114
2115void wpa_gtk_rekey(struct wpa_authenticator *wpa_auth)
2116{
2117 int tmp, i;
2118 struct wpa_group *group;
2119
2120 if (wpa_auth == NULL)
2121 return;
2122
2123 group = wpa_auth->group;
2124
2125 for (i = 0; i < 2; i++) {
2126 tmp = group->GM;
2127 group->GM = group->GN;
2128 group->GN = tmp;
2129#ifdef CONFIG_IEEE80211W
2130 tmp = group->GM_igtk;
2131 group->GM_igtk = group->GN_igtk;
2132 group->GN_igtk = tmp;
2133#endif /* CONFIG_IEEE80211W */
2134 wpa_gtk_update(wpa_auth, group);
2135 }
2136}
2137
2138
2139static const char * wpa_bool_txt(int bool)
2140{
2141 return bool ? "TRUE" : "FALSE";
2142}
2143
2144
2145static int wpa_cipher_bits(int cipher)
2146{
2147 switch (cipher) {
2148 case WPA_CIPHER_CCMP:
2149 return 128;
2150 case WPA_CIPHER_TKIP:
2151 return 256;
2152 case WPA_CIPHER_WEP104:
2153 return 104;
2154 case WPA_CIPHER_WEP40:
2155 return 40;
2156 default:
2157 return 0;
2158 }
2159}
2160
2161
2162#define RSN_SUITE "%02x-%02x-%02x-%d"
2163#define RSN_SUITE_ARG(s) \
2164((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff
2165
2166int wpa_get_mib(struct wpa_authenticator *wpa_auth, char *buf, size_t buflen)
2167{
2168 int len = 0, ret;
2169 char pmkid_txt[PMKID_LEN * 2 + 1];
2170
2171 if (wpa_auth == NULL)
2172 return len;
2173
2174 ret = os_snprintf(buf + len, buflen - len,
2175 "dot11RSNAOptionImplemented=TRUE\n"
2176#ifdef CONFIG_RSN_PREAUTH
2177 "dot11RSNAPreauthenticationImplemented=TRUE\n"
2178#else /* CONFIG_RSN_PREAUTH */
2179 "dot11RSNAPreauthenticationImplemented=FALSE\n"
2180#endif /* CONFIG_RSN_PREAUTH */
2181 "dot11RSNAEnabled=%s\n"
2182 "dot11RSNAPreauthenticationEnabled=%s\n",
2183 wpa_bool_txt(wpa_auth->conf.wpa & WPA_PROTO_RSN),
2184 wpa_bool_txt(wpa_auth->conf.rsn_preauth));
2185 if (ret < 0 || (size_t) ret >= buflen - len)
2186 return len;
2187 len += ret;
2188
2189 wpa_snprintf_hex(pmkid_txt, sizeof(pmkid_txt),
2190 wpa_auth->dot11RSNAPMKIDUsed, PMKID_LEN);
2191
2192 ret = os_snprintf(
2193 buf + len, buflen - len,
2194 "dot11RSNAConfigVersion=%u\n"
2195 "dot11RSNAConfigPairwiseKeysSupported=9999\n"
2196 /* FIX: dot11RSNAConfigGroupCipher */
2197 /* FIX: dot11RSNAConfigGroupRekeyMethod */
2198 /* FIX: dot11RSNAConfigGroupRekeyTime */
2199 /* FIX: dot11RSNAConfigGroupRekeyPackets */
2200 "dot11RSNAConfigGroupRekeyStrict=%u\n"
2201 "dot11RSNAConfigGroupUpdateCount=%u\n"
2202 "dot11RSNAConfigPairwiseUpdateCount=%u\n"
2203 "dot11RSNAConfigGroupCipherSize=%u\n"
2204 "dot11RSNAConfigPMKLifetime=%u\n"
2205 "dot11RSNAConfigPMKReauthThreshold=%u\n"
2206 "dot11RSNAConfigNumberOfPTKSAReplayCounters=0\n"
2207 "dot11RSNAConfigSATimeout=%u\n"
2208 "dot11RSNAAuthenticationSuiteSelected=" RSN_SUITE "\n"
2209 "dot11RSNAPairwiseCipherSelected=" RSN_SUITE "\n"
2210 "dot11RSNAGroupCipherSelected=" RSN_SUITE "\n"
2211 "dot11RSNAPMKIDUsed=%s\n"
2212 "dot11RSNAAuthenticationSuiteRequested=" RSN_SUITE "\n"
2213 "dot11RSNAPairwiseCipherRequested=" RSN_SUITE "\n"
2214 "dot11RSNAGroupCipherRequested=" RSN_SUITE "\n"
2215 "dot11RSNATKIPCounterMeasuresInvoked=%u\n"
2216 "dot11RSNA4WayHandshakeFailures=%u\n"
2217 "dot11RSNAConfigNumberOfGTKSAReplayCounters=0\n",
2218 RSN_VERSION,
2219 !!wpa_auth->conf.wpa_strict_rekey,
2220 dot11RSNAConfigGroupUpdateCount,
2221 dot11RSNAConfigPairwiseUpdateCount,
2222 wpa_cipher_bits(wpa_auth->conf.wpa_group),
2223 dot11RSNAConfigPMKLifetime,
2224 dot11RSNAConfigPMKReauthThreshold,
2225 dot11RSNAConfigSATimeout,
2226 RSN_SUITE_ARG(wpa_auth->dot11RSNAAuthenticationSuiteSelected),
2227 RSN_SUITE_ARG(wpa_auth->dot11RSNAPairwiseCipherSelected),
2228 RSN_SUITE_ARG(wpa_auth->dot11RSNAGroupCipherSelected),
2229 pmkid_txt,
2230 RSN_SUITE_ARG(wpa_auth->dot11RSNAAuthenticationSuiteRequested),
2231 RSN_SUITE_ARG(wpa_auth->dot11RSNAPairwiseCipherRequested),
2232 RSN_SUITE_ARG(wpa_auth->dot11RSNAGroupCipherRequested),
2233 wpa_auth->dot11RSNATKIPCounterMeasuresInvoked,
2234 wpa_auth->dot11RSNA4WayHandshakeFailures);
2235 if (ret < 0 || (size_t) ret >= buflen - len)
2236 return len;
2237 len += ret;
2238
2239 /* TODO: dot11RSNAConfigPairwiseCiphersTable */
2240 /* TODO: dot11RSNAConfigAuthenticationSuitesTable */
2241
2242 /* Private MIB */
2243 ret = os_snprintf(buf + len, buflen - len, "hostapdWPAGroupState=%d\n",
2244 wpa_auth->group->wpa_group_state);
2245 if (ret < 0 || (size_t) ret >= buflen - len)
2246 return len;
2247 len += ret;
2248
2249 return len;
2250}
2251
2252
2253int wpa_get_mib_sta(struct wpa_state_machine *sm, char *buf, size_t buflen)
2254{
2255 int len = 0, ret;
2256 u32 pairwise = 0;
2257
2258 if (sm == NULL)
2259 return 0;
2260
2261 /* TODO: FF-FF-FF-FF-FF-FF entry for broadcast/multicast stats */
2262
2263 /* dot11RSNAStatsEntry */
2264
2265 if (sm->wpa == WPA_VERSION_WPA) {
2266 if (sm->pairwise == WPA_CIPHER_CCMP)
2267 pairwise = WPA_CIPHER_SUITE_CCMP;
2268 else if (sm->pairwise == WPA_CIPHER_TKIP)
2269 pairwise = WPA_CIPHER_SUITE_TKIP;
2270 else if (sm->pairwise == WPA_CIPHER_WEP104)
2271 pairwise = WPA_CIPHER_SUITE_WEP104;
2272 else if (sm->pairwise == WPA_CIPHER_WEP40)
2273 pairwise = WPA_CIPHER_SUITE_WEP40;
2274 else if (sm->pairwise == WPA_CIPHER_NONE)
2275 pairwise = WPA_CIPHER_SUITE_NONE;
2276 } else if (sm->wpa == WPA_VERSION_WPA2) {
2277 if (sm->pairwise == WPA_CIPHER_CCMP)
2278 pairwise = RSN_CIPHER_SUITE_CCMP;
2279 else if (sm->pairwise == WPA_CIPHER_TKIP)
2280 pairwise = RSN_CIPHER_SUITE_TKIP;
2281 else if (sm->pairwise == WPA_CIPHER_WEP104)
2282 pairwise = RSN_CIPHER_SUITE_WEP104;
2283 else if (sm->pairwise == WPA_CIPHER_WEP40)
2284 pairwise = RSN_CIPHER_SUITE_WEP40;
2285 else if (sm->pairwise == WPA_CIPHER_NONE)
2286 pairwise = RSN_CIPHER_SUITE_NONE;
2287 } else
2288 return 0;
2289
2290 ret = os_snprintf(
2291 buf + len, buflen - len,
2292 /* TODO: dot11RSNAStatsIndex */
2293 "dot11RSNAStatsSTAAddress=" MACSTR "\n"
2294 "dot11RSNAStatsVersion=1\n"
2295 "dot11RSNAStatsSelectedPairwiseCipher=" RSN_SUITE "\n"
2296 /* TODO: dot11RSNAStatsTKIPICVErrors */
2297 "dot11RSNAStatsTKIPLocalMICFailures=%u\n"
2298 "dot11RSNAStatsTKIPRemoveMICFailures=%u\n"
2299 /* TODO: dot11RSNAStatsCCMPReplays */
2300 /* TODO: dot11RSNAStatsCCMPDecryptErrors */
2301 /* TODO: dot11RSNAStatsTKIPReplays */,
2302 MAC2STR(sm->addr),
2303 RSN_SUITE_ARG(pairwise),
2304 sm->dot11RSNAStatsTKIPLocalMICFailures,
2305 sm->dot11RSNAStatsTKIPRemoteMICFailures);
2306 if (ret < 0 || (size_t) ret >= buflen - len)
2307 return len;
2308 len += ret;
2309
2310 /* Private MIB */
2311 ret = os_snprintf(buf + len, buflen - len,
2312 "hostapdWPAPTKState=%d\n"
2313 "hostapdWPAPTKGroupState=%d\n",
2314 sm->wpa_ptk_state,
2315 sm->wpa_ptk_group_state);
2316 if (ret < 0 || (size_t) ret >= buflen - len)
2317 return len;
2318 len += ret;
2319
2320 return len;
2321}
2322
2323
2324void wpa_auth_countermeasures_start(struct wpa_authenticator *wpa_auth)
2325{
2326 if (wpa_auth)
2327 wpa_auth->dot11RSNATKIPCounterMeasuresInvoked++;
2328}
2329
2330
2331int wpa_auth_pairwise_set(struct wpa_state_machine *sm)
2332{
2333 return sm && sm->pairwise_set;
2334}
2335
2336
ff36ff00
JM		 2337int wpa_auth_get_pairwise(struct wpa_state_machine *sm)
2338{
2339 return sm->pairwise;
2340}
2341
2342
6fc6879b
JM		 2343int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm)
2344{
2345 if (sm == NULL)
2346 return -1;
2347 return sm->wpa_key_mgmt;
2348}
2349
2350
2351int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm)
2352{
2353 if (sm == NULL)
2354 return 0;
2355 return sm->wpa;
2356}
2357
2358
2359int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
2360 struct rsn_pmksa_cache_entry *entry)
2361{
2362 if (sm == NULL || sm->pmksa != entry)
2363 return -1;
2364 sm->pmksa = NULL;
2365 return 0;
2366}
2367
2368
2369struct rsn_pmksa_cache_entry *
2370wpa_auth_sta_get_pmksa(struct wpa_state_machine *sm)
2371{
2372 return sm ? sm->pmksa : NULL;
2373}
2374
2375
2376void wpa_auth_sta_local_mic_failure_report(struct wpa_state_machine *sm)
2377{
2378 if (sm)
2379 sm->dot11RSNAStatsTKIPLocalMICFailures++;
2380}
2381
2382
2383const u8 * wpa_auth_get_wpa_ie(struct wpa_authenticator *wpa_auth, size_t *len)
2384{
2385 if (wpa_auth == NULL)
2386 return NULL;
2387 *len = wpa_auth->wpa_ie_len;
2388 return wpa_auth->wpa_ie;
2389}
2390
2391
2392int wpa_auth_pmksa_add(struct wpa_state_machine *sm, const u8 *pmk,
2393 int session_timeout, struct eapol_state_machine *eapol)
2394{
2395 if (sm == NULL || sm->wpa != WPA_VERSION_WPA2)
2396 return -1;
2397
4bb081f1
JM		 2398 if (pmksa_cache_auth_add(sm->wpa_auth->pmksa, pmk, PMK_LEN,
2399 sm->wpa_auth->addr, sm->addr, session_timeout,
2400 eapol, sm->wpa_key_mgmt))
6fc6879b
JM		 2401 return 0;
2402
2403 return -1;
2404}
2405
2406
2407int wpa_auth_pmksa_add_preauth(struct wpa_authenticator *wpa_auth,
2408 const u8 *pmk, size_t len, const u8 *sta_addr,
2409 int session_timeout,
2410 struct eapol_state_machine *eapol)
2411{
2412 if (wpa_auth == NULL)
2413 return -1;
2414
4bb081f1
JM		 2415 if (pmksa_cache_auth_add(wpa_auth->pmksa, pmk, len, wpa_auth->addr,
2416 sta_addr, session_timeout, eapol,
2417 WPA_KEY_MGMT_IEEE8021X))
6fc6879b
JM		 2418 return 0;
2419
2420 return -1;
2421}
2422
2423
2424static struct wpa_group *
2425wpa_auth_add_group(struct wpa_authenticator *wpa_auth, int vlan_id)
2426{
2427 struct wpa_group *group;
2428
2429 if (wpa_auth == NULL || wpa_auth->group == NULL)
2430 return NULL;
2431
2432 wpa_printf(MSG_DEBUG, "WPA: Add group state machine for VLAN-ID %d",
2433 vlan_id);
2434 group = wpa_group_init(wpa_auth, vlan_id);
2435 if (group == NULL)
2436 return NULL;
2437
2438 group->next = wpa_auth->group->next;
2439 wpa_auth->group->next = group;
2440
2441 return group;
2442}
2443
2444
2445int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id)
2446{
2447 struct wpa_group *group;
2448
2449 if (sm == NULL || sm->wpa_auth == NULL)
2450 return 0;
2451
2452 group = sm->wpa_auth->group;
2453 while (group) {
2454 if (group->vlan_id == vlan_id)
2455 break;
2456 group = group->next;
2457 }
2458
2459 if (group == NULL) {
2460 group = wpa_auth_add_group(sm->wpa_auth, vlan_id);
2461 if (group == NULL)
2462 return -1;
2463 }
2464
2465 if (sm->group == group)
2466 return 0;
2467
2468 wpa_printf(MSG_DEBUG, "WPA: Moving STA " MACSTR " to use group state "
2469 "machine for VLAN ID %d", MAC2STR(sm->addr), vlan_id);
2470
2471 sm->group = group;
2472 return 0;
2473}
2474
2475#endif /* CONFIG_NATIVE_WINDOWS */
Unnamed repository; edit this file 'description' to name the repository.