[thirdparty/hostap.git] / hostapd / wpa.h

/*
 * hostapd - IEEE 802.11i-2004 / WPA Authenticator
 * Copyright (c) 2004-2007, Jouni Malinen <j@w1.fi>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 *
 * Alternatively, this software may be distributed under the terms of BSD
 * license.
 *
 * See README and COPYING for more details.
 */

#ifndef WPA_AUTH_H
#define WPA_AUTH_H

#include "eapol_common.h"
#include "wpa_common.h"

#ifdef _MSC_VER
#pragma pack(push, 1)
#endif /* _MSC_VER */

/* IEEE Std 802.11r-2008, 11A.10.3 - Remote request/response frame definition
 */
struct ft_rrb_frame {
	u8 frame_type; /* RSN_REMOTE_FRAME_TYPE_FT_RRB */
	u8 packet_type; /* FT_PACKET_REQUEST/FT_PACKET_RESPONSE */
	u16 action_length; /* little endian length of action_frame */
	u8 ap_address[ETH_ALEN];
	/*
	 * Followed by action_length bytes of FT Action frame (from Category
	 * field to the end of Action Frame body.
	 */
} STRUCT_PACKED;

#define RSN_REMOTE_FRAME_TYPE_FT_RRB 1

#define FT_PACKET_REQUEST 0
#define FT_PACKET_RESPONSE 1
/* Vendor-specific types for R0KH-R1KH protocol; not defined in 802.11r */
#define FT_PACKET_R0KH_R1KH_PULL 200
#define FT_PACKET_R0KH_R1KH_RESP 201
#define FT_PACKET_R0KH_R1KH_PUSH 202

#ifndef ETH_P_RRB
#define ETH_P_RRB 0x890D
#endif /* ETH_P_RRB */

#define FT_R0KH_R1KH_PULL_DATA_LEN 44
#define FT_R0KH_R1KH_RESP_DATA_LEN 76
#define FT_R0KH_R1KH_PUSH_DATA_LEN 80

struct ft_r0kh_r1kh_pull_frame {
	u8 frame_type; /* RSN_REMOTE_FRAME_TYPE_FT_RRB */
	u8 packet_type; /* FT_PACKET_R0KH_R1KH_PULL */
	u16 data_length; /* little endian length of data (44) */
	u8 ap_address[ETH_ALEN];

	u8 nonce[16];
	u8 pmk_r0_name[WPA_PMK_NAME_LEN];
	u8 r1kh_id[FT_R1KH_ID_LEN];
	u8 s1kh_id[ETH_ALEN];
	u8 pad[4]; /* 8-octet boundary for AES key wrap */
	u8 key_wrap_extra[8];
} STRUCT_PACKED;

struct ft_r0kh_r1kh_resp_frame {
	u8 frame_type; /* RSN_REMOTE_FRAME_TYPE_FT_RRB */
	u8 packet_type; /* FT_PACKET_R0KH_R1KH_RESP */
	u16 data_length; /* little endian length of data (76) */
	u8 ap_address[ETH_ALEN];

	u8 nonce[16]; /* copied from pull */
	u8 r1kh_id[FT_R1KH_ID_LEN]; /* copied from pull */
	u8 s1kh_id[ETH_ALEN]; /* copied from pull */
	u8 pmk_r1[PMK_LEN];
	u8 pmk_r1_name[WPA_PMK_NAME_LEN];
	u8 pad[4]; /* 8-octet boundary for AES key wrap */
	u8 key_wrap_extra[8];
} STRUCT_PACKED;

struct ft_r0kh_r1kh_push_frame {
	u8 frame_type; /* RSN_REMOTE_FRAME_TYPE_FT_RRB */
	u8 packet_type; /* FT_PACKET_R0KH_R1KH_PUSH */
	u16 data_length; /* little endian length of data (80) */
	u8 ap_address[ETH_ALEN];

	/* Encrypted with AES key-wrap */
	u8 timestamp[4]; /* current time in seconds since unix epoch, little
			  * endian */
	u8 r1kh_id[FT_R1KH_ID_LEN];
	u8 s1kh_id[ETH_ALEN];
	u8 pmk_r0_name[WPA_PMK_NAME_LEN];
	u8 pmk_r1[PMK_LEN];
	u8 pmk_r1_name[WPA_PMK_NAME_LEN];
	u8 key_wrap_extra[8];
} STRUCT_PACKED;

#ifdef _MSC_VER
#pragma pack(pop)
#endif /* _MSC_VER */


/* per STA state machine data */

struct wpa_authenticator;
struct wpa_state_machine;
struct rsn_pmksa_cache_entry;
struct eapol_state_machine;


struct ft_remote_r0kh {
	struct ft_remote_r0kh *next;
	u8 addr[ETH_ALEN];
	u8 id[FT_R0KH_ID_MAX_LEN];
	size_t id_len;
	u8 key[16];
};


struct ft_remote_r1kh {
	struct ft_remote_r1kh *next;
	u8 addr[ETH_ALEN];
	u8 id[FT_R1KH_ID_LEN];
	u8 key[16];
};


struct wpa_auth_config {
	int wpa;
	int wpa_key_mgmt;
	int wpa_pairwise;
	int wpa_group;
	int wpa_group_rekey;
	int wpa_strict_rekey;
	int wpa_gmk_rekey;
	int rsn_pairwise;
	int rsn_preauth;
	int eapol_version;
	int peerkey;
	int wme_enabled;
	int okc;
#ifdef CONFIG_IEEE80211W
	enum {
		WPA_NO_IEEE80211W = 0,
		WPA_IEEE80211W_OPTIONAL = 1,
		WPA_IEEE80211W_REQUIRED = 2
	} ieee80211w;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211R
#define SSID_LEN 32
	u8 ssid[SSID_LEN];
	size_t ssid_len;
	u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN];
	u8 r0_key_holder[FT_R0KH_ID_MAX_LEN];
	size_t r0_key_holder_len;
	u8 r1_key_holder[FT_R1KH_ID_LEN];
	u32 r0_key_lifetime;
	u32 reassociation_deadline;
	struct ft_remote_r0kh *r0kh_list;
	struct ft_remote_r1kh *r1kh_list;
	int pmk_r1_push;
#endif /* CONFIG_IEEE80211R */
};

typedef enum {
	LOGGER_DEBUG, LOGGER_INFO, LOGGER_WARNING
} logger_level;

typedef enum {
	WPA_EAPOL_portEnabled, WPA_EAPOL_portValid, WPA_EAPOL_authorized,
	WPA_EAPOL_portControl_Auto, WPA_EAPOL_keyRun, WPA_EAPOL_keyAvailable,
	WPA_EAPOL_keyDone, WPA_EAPOL_inc_EapolFramesTx
} wpa_eapol_variable;

struct wpa_auth_callbacks {
	void *ctx;
	void (*logger)(void *ctx, const u8 *addr, logger_level level,
		       const char *txt);
	void (*disconnect)(void *ctx, const u8 *addr, u16 reason);
	void (*mic_failure_report)(void *ctx, const u8 *addr);
	void (*set_eapol)(void *ctx, const u8 *addr, wpa_eapol_variable var,
			  int value);
	int (*get_eapol)(void *ctx, const u8 *addr, wpa_eapol_variable var);
	const u8 * (*get_psk)(void *ctx, const u8 *addr, const u8 *prev_psk);
	int (*get_msk)(void *ctx, const u8 *addr, u8 *msk, size_t *len);
	int (*set_key)(void *ctx, int vlan_id, const char *alg, const u8 *addr,
		       int idx, u8 *key, size_t key_len);
	int (*get_seqnum)(void *ctx, const u8 *addr, int idx, u8 *seq);
	int (*get_seqnum_igtk)(void *ctx, const u8 *addr, int idx, u8 *seq);
	int (*send_eapol)(void *ctx, const u8 *addr, const u8 *data,
			  size_t data_len, int encrypt);
	int (*for_each_sta)(void *ctx, int (*cb)(struct wpa_state_machine *sm,
						 void *ctx), void *cb_ctx);
	int (*for_each_auth)(void *ctx, int (*cb)(struct wpa_authenticator *a,
						  void *ctx), void *cb_ctx);
	int (*send_ether)(void *ctx, const u8 *dst, u16 proto, const u8 *data,
			  size_t data_len);
#ifdef CONFIG_IEEE80211R
	struct wpa_state_machine * (*add_sta)(void *ctx, const u8 *sta_addr);
	int (*send_ft_action)(void *ctx, const u8 *dst,
			      const u8 *data, size_t data_len);
#endif /* CONFIG_IEEE80211R */
};

struct wpa_authenticator * wpa_init(const u8 *addr,
				    struct wpa_auth_config *conf,
				    struct wpa_auth_callbacks *cb);
void wpa_deinit(struct wpa_authenticator *wpa_auth);
int wpa_reconfig(struct wpa_authenticator *wpa_auth,
		 struct wpa_auth_config *conf);

enum {
	WPA_IE_OK, WPA_INVALID_IE, WPA_INVALID_GROUP, WPA_INVALID_PAIRWISE,
	WPA_INVALID_AKMP, WPA_NOT_ENABLED, WPA_ALLOC_FAIL,
	WPA_MGMT_FRAME_PROTECTION_VIOLATION, WPA_INVALID_MGMT_GROUP_CIPHER,
	WPA_INVALID_MDIE
};
	
int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
			struct wpa_state_machine *sm,
			const u8 *wpa_ie, size_t wpa_ie_len,
			const u8 *mdie, size_t mdie_len);
int wpa_auth_uses_mfp(struct wpa_state_machine *sm);
struct wpa_state_machine *
wpa_auth_sta_init(struct wpa_authenticator *wpa_auth, const u8 *addr);
void wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth,
			     struct wpa_state_machine *sm);
void wpa_auth_sta_deinit(struct wpa_state_machine *sm);
void wpa_receive(struct wpa_authenticator *wpa_auth,
		 struct wpa_state_machine *sm,
		 u8 *data, size_t data_len);
typedef enum {
	WPA_AUTH, WPA_ASSOC, WPA_DISASSOC, WPA_DEAUTH, WPA_REAUTH,
	WPA_REAUTH_EAPOL, WPA_ASSOC_FT
} wpa_event;
void wpa_remove_ptk(struct wpa_state_machine *sm);
void wpa_auth_sm_event(struct wpa_state_machine *sm, wpa_event event);
void wpa_auth_sm_notify(struct wpa_state_machine *sm);
void wpa_gtk_rekey(struct wpa_authenticator *wpa_auth);
int wpa_get_mib(struct wpa_authenticator *wpa_auth, char *buf, size_t buflen);
int wpa_get_mib_sta(struct wpa_state_machine *sm, char *buf, size_t buflen);
void wpa_auth_countermeasures_start(struct wpa_authenticator *wpa_auth);
int wpa_auth_pairwise_set(struct wpa_state_machine *sm);
int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm);
int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm);
int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
			     struct rsn_pmksa_cache_entry *entry);
struct rsn_pmksa_cache_entry *
wpa_auth_sta_get_pmksa(struct wpa_state_machine *sm);
void wpa_auth_sta_local_mic_failure_report(struct wpa_state_machine *sm);
const u8 * wpa_auth_get_wpa_ie(struct wpa_authenticator *wpa_auth,
			       size_t *len);
int wpa_auth_pmksa_add(struct wpa_state_machine *sm, const u8 *pmk,
		       int session_timeout, struct eapol_state_machine *eapol);
int wpa_auth_pmksa_add_preauth(struct wpa_authenticator *wpa_auth,
			       const u8 *pmk, size_t len, const u8 *sta_addr,
			       int session_timeout,
			       struct eapol_state_machine *eapol);
int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id);

#ifdef CONFIG_IEEE80211R
u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos,
				 size_t max_len, int auth_alg);
void wpa_ft_process_auth(struct wpa_state_machine *sm, const u8 *bssid,
			 u16 auth_transaction, const u8 *ies, size_t ies_len,
			 void (*cb)(void *ctx, const u8 *dst, const u8 *bssid,
				    u16 auth_transaction, u16 resp,
				    const u8 *ies, size_t ies_len),
			 void *ctx);
u16 wpa_ft_validate_reassoc(struct wpa_state_machine *sm, const u8 *ies,
			    size_t ies_len);
int wpa_ft_action_rx(struct wpa_state_machine *sm, const u8 *data, size_t len);
int wpa_ft_rrb_rx(struct wpa_authenticator *wpa_auth, const u8 *src_addr,
		  const u8 *data, size_t data_len);
void wpa_ft_push_pmk_r1(struct wpa_authenticator *wpa_auth, const u8 *addr);
#endif /* CONFIG_IEEE80211R */

#endif /* WPA_AUTH_H */
Commit	Line	Data
6fc6879b JM	1	/*
	2	* hostapd - IEEE 802.11i-2004 / WPA Authenticator
	3	* Copyright (c) 2004-2007, Jouni Malinen <j@w1.fi>
	4	*
	5	* This program is free software; you can redistribute it and/or modify
	6	* it under the terms of the GNU General Public License version 2 as
	7	* published by the Free Software Foundation.
	8	*
	9	* Alternatively, this software may be distributed under the terms of BSD
	10	* license.
	11	*
	12	* See README and COPYING for more details.
	13	*/
	14
	15	#ifndef WPA_AUTH_H
	16	#define WPA_AUTH_H
	17
	18	#include "eapol_common.h"
	19	#include "wpa_common.h"
	20
	21	#ifdef _MSC_VER
	22	#pragma pack(push, 1)
	23	#endif /* _MSC_VER */
	24
c1e033b0 JM	25	/* IEEE Std 802.11r-2008, 11A.10.3 - Remote request/response frame definition
c1e033b0 JM	26	*/
6fc6879b JM	27	struct ft_rrb_frame {
	28	u8 frame_type; /* RSN_REMOTE_FRAME_TYPE_FT_RRB */
	29	u8 packet_type; /* FT_PACKET_REQUEST/FT_PACKET_RESPONSE */
	30	u16 action_length; /* little endian length of action_frame */
	31	u8 ap_address[ETH_ALEN];
	32	/*
	33	* Followed by action_length bytes of FT Action frame (from Category
	34	* field to the end of Action Frame body.
	35	*/
	36	} STRUCT_PACKED;
	37
	38	#define RSN_REMOTE_FRAME_TYPE_FT_RRB 1
	39
	40	#define FT_PACKET_REQUEST 0
	41	#define FT_PACKET_RESPONSE 1
	42	/* Vendor-specific types for R0KH-R1KH protocol; not defined in 802.11r */
	43	#define FT_PACKET_R0KH_R1KH_PULL 200
	44	#define FT_PACKET_R0KH_R1KH_RESP 201
	45	#define FT_PACKET_R0KH_R1KH_PUSH 202
	46
	47	#ifndef ETH_P_RRB
	48	#define ETH_P_RRB 0x890D
	49	#endif /* ETH_P_RRB */
	50
	51	#define FT_R0KH_R1KH_PULL_DATA_LEN 44
	52	#define FT_R0KH_R1KH_RESP_DATA_LEN 76
	53	#define FT_R0KH_R1KH_PUSH_DATA_LEN 80
	54
	55	struct ft_r0kh_r1kh_pull_frame {
	56	u8 frame_type; /* RSN_REMOTE_FRAME_TYPE_FT_RRB */
	57	u8 packet_type; /* FT_PACKET_R0KH_R1KH_PULL */
	58	u16 data_length; /* little endian length of data (44) */
	59	u8 ap_address[ETH_ALEN];
	60
	61	u8 nonce[16];
	62	u8 pmk_r0_name[WPA_PMK_NAME_LEN];
	63	u8 r1kh_id[FT_R1KH_ID_LEN];
	64	u8 s1kh_id[ETH_ALEN];
	65	u8 pad[4]; /* 8-octet boundary for AES key wrap */
	66	u8 key_wrap_extra[8];
	67	} STRUCT_PACKED;
	68
	69	struct ft_r0kh_r1kh_resp_frame {
	70	u8 frame_type; /* RSN_REMOTE_FRAME_TYPE_FT_RRB */
	71	u8 packet_type; /* FT_PACKET_R0KH_R1KH_RESP */
	72	u16 data_length; /* little endian length of data (76) */
	73	u8 ap_address[ETH_ALEN];
	74
	75	u8 nonce[16]; /* copied from pull */
	76	u8 r1kh_id[FT_R1KH_ID_LEN]; /* copied from pull */
	77	u8 s1kh_id[ETH_ALEN]; /* copied from pull */
	78	u8 pmk_r1[PMK_LEN];
	79	u8 pmk_r1_name[WPA_PMK_NAME_LEN];
	80	u8 pad[4]; /* 8-octet boundary for AES key wrap */
	81	u8 key_wrap_extra[8];
	82	} STRUCT_PACKED;
	83
	84	struct ft_r0kh_r1kh_push_frame {
	85	u8 frame_type; /* RSN_REMOTE_FRAME_TYPE_FT_RRB */
	86	u8 packet_type; /* FT_PACKET_R0KH_R1KH_PUSH */
	87	u16 data_length; /* little endian length of data (80) */
	88	u8 ap_address[ETH_ALEN];
	89
	90	/* Encrypted with AES key-wrap */
91	u8 timestamp[4]; /* current time in seconds since unix epoch, little
92	* endian */
93	u8 r1kh_id[FT_R1KH_ID_LEN];
94	u8 s1kh_id[ETH_ALEN];
95	u8 pmk_r0_name[WPA_PMK_NAME_LEN];
96	u8 pmk_r1[PMK_LEN];
97	u8 pmk_r1_name[WPA_PMK_NAME_LEN];
98	u8 key_wrap_extra[8];
99	} STRUCT_PACKED;
100
101	#ifdef _MSC_VER
102	#pragma pack(pop)
103	#endif /* _MSC_VER */
104
105
106	/* per STA state machine data */
107
108	struct wpa_authenticator;
109	struct wpa_state_machine;
110	struct rsn_pmksa_cache_entry;
111	struct eapol_state_machine;
112
113
114	struct ft_remote_r0kh {
115	struct ft_remote_r0kh *next;
116	u8 addr[ETH_ALEN];
117	u8 id[FT_R0KH_ID_MAX_LEN];
118	size_t id_len;
119	u8 key[16];
120	};
121
122
123	struct ft_remote_r1kh {
124	struct ft_remote_r1kh *next;
125	u8 addr[ETH_ALEN];
126	u8 id[FT_R1KH_ID_LEN];
127	u8 key[16];
128	};
129
130
131	struct wpa_auth_config {
132	int wpa;
133	int wpa_key_mgmt;
134	int wpa_pairwise;
135	int wpa_group;
136	int wpa_group_rekey;
137	int wpa_strict_rekey;
138	int wpa_gmk_rekey;
139	int rsn_pairwise;
140	int rsn_preauth;
141	int eapol_version;
142	int peerkey;
143	int wme_enabled;
bf98f7f3	144	int okc;
6fc6879b JM	145	#ifdef CONFIG_IEEE80211W
	146	enum {
	147	WPA_NO_IEEE80211W = 0,
	148	WPA_IEEE80211W_OPTIONAL = 1,
	149	WPA_IEEE80211W_REQUIRED = 2
	150	} ieee80211w;
	151	#endif /* CONFIG_IEEE80211W */
	152	#ifdef CONFIG_IEEE80211R
	153	#define SSID_LEN 32
	154	u8 ssid[SSID_LEN];
	155	size_t ssid_len;
	156	u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN];
	157	u8 r0_key_holder[FT_R0KH_ID_MAX_LEN];
	158	size_t r0_key_holder_len;
	159	u8 r1_key_holder[FT_R1KH_ID_LEN];
	160	u32 r0_key_lifetime;
	161	u32 reassociation_deadline;
	162	struct ft_remote_r0kh *r0kh_list;
	163	struct ft_remote_r1kh *r1kh_list;
	164	int pmk_r1_push;
	165	#endif /* CONFIG_IEEE80211R */
	166	};
	167
	168	typedef enum {
	169	LOGGER_DEBUG, LOGGER_INFO, LOGGER_WARNING
	170	} logger_level;
	171
	172	typedef enum {
	173	WPA_EAPOL_portEnabled, WPA_EAPOL_portValid, WPA_EAPOL_authorized,
	174	WPA_EAPOL_portControl_Auto, WPA_EAPOL_keyRun, WPA_EAPOL_keyAvailable,
	175	WPA_EAPOL_keyDone, WPA_EAPOL_inc_EapolFramesTx
	176	} wpa_eapol_variable;
	177
	178	struct wpa_auth_callbacks {
	179	void *ctx;
	180	void (logger)(void ctx, const u8 *addr, logger_level level,
	181	const char *txt);
	182	void (disconnect)(void ctx, const u8 *addr, u16 reason);
	183	void (mic_failure_report)(void ctx, const u8 *addr);
	184	void (set_eapol)(void ctx, const u8 *addr, wpa_eapol_variable var,
	185	int value);
	186	int (get_eapol)(void ctx, const u8 *addr, wpa_eapol_variable var);
	187	const u8 * (get_psk)(void ctx, const u8 addr, const u8 prev_psk);
	188	int (get_msk)(void ctx, const u8 addr, u8 msk, size_t *len);
	189	int (set_key)(void ctx, int vlan_id, const char alg, const u8 addr,
	190	int idx, u8 *key, size_t key_len);
	191	int (get_seqnum)(void ctx, const u8 addr, int idx, u8 seq);
	192	int (get_seqnum_igtk)(void ctx, const u8 addr, int idx, u8 seq);
	193	int (send_eapol)(void ctx, const u8 addr, const u8 data,
	194	size_t data_len, int encrypt);
	195	int (for_each_sta)(void ctx, int (cb)(struct wpa_state_machine sm,
	196	void ctx), void cb_ctx);
bf98f7f3 JM	197	int (for_each_auth)(void ctx, int (cb)(struct wpa_authenticator a,
bf98f7f3 JM	198	void ctx), void cb_ctx);
6fc6879b JM	199	int (send_ether)(void ctx, const u8 dst, u16 proto, const u8 data,
	200	size_t data_len);
	201	#ifdef CONFIG_IEEE80211R
	202	struct wpa_state_machine * (add_sta)(void ctx, const u8 *sta_addr);
	203	int (send_ft_action)(void ctx, const u8 *dst,
	204	const u8 *data, size_t data_len);
	205	#endif /* CONFIG_IEEE80211R */
	206	};
	207
	208	struct wpa_authenticator * wpa_init(const u8 *addr,
	209	struct wpa_auth_config *conf,
	210	struct wpa_auth_callbacks *cb);
	211	void wpa_deinit(struct wpa_authenticator *wpa_auth);
	212	int wpa_reconfig(struct wpa_authenticator *wpa_auth,
	213	struct wpa_auth_config *conf);
	214
	215	enum {
	216	WPA_IE_OK, WPA_INVALID_IE, WPA_INVALID_GROUP, WPA_INVALID_PAIRWISE,
	217	WPA_INVALID_AKMP, WPA_NOT_ENABLED, WPA_ALLOC_FAIL,
	218	WPA_MGMT_FRAME_PROTECTION_VIOLATION, WPA_INVALID_MGMT_GROUP_CIPHER,
	219	WPA_INVALID_MDIE
	220	};
	221
	222	int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
	223	struct wpa_state_machine *sm,
	224	const u8 *wpa_ie, size_t wpa_ie_len,
	225	const u8 *mdie, size_t mdie_len);
f3f7540e	226	int wpa_auth_uses_mfp(struct wpa_state_machine *sm);
6fc6879b JM	227	struct wpa_state_machine *
	228	wpa_auth_sta_init(struct wpa_authenticator wpa_auth, const u8 addr);
	229	void wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth,
	230	struct wpa_state_machine *sm);
	231	void wpa_auth_sta_deinit(struct wpa_state_machine *sm);
	232	void wpa_receive(struct wpa_authenticator *wpa_auth,
	233	struct wpa_state_machine *sm,
	234	u8 *data, size_t data_len);
	235	typedef enum {
	236	WPA_AUTH, WPA_ASSOC, WPA_DISASSOC, WPA_DEAUTH, WPA_REAUTH,
	237	WPA_REAUTH_EAPOL, WPA_ASSOC_FT
	238	} wpa_event;
	239	void wpa_remove_ptk(struct wpa_state_machine *sm);
	240	void wpa_auth_sm_event(struct wpa_state_machine *sm, wpa_event event);
	241	void wpa_auth_sm_notify(struct wpa_state_machine *sm);
	242	void wpa_gtk_rekey(struct wpa_authenticator *wpa_auth);
	243	int wpa_get_mib(struct wpa_authenticator wpa_auth, char buf, size_t buflen);
	244	int wpa_get_mib_sta(struct wpa_state_machine sm, char buf, size_t buflen);
	245	void wpa_auth_countermeasures_start(struct wpa_authenticator *wpa_auth);
	246	int wpa_auth_pairwise_set(struct wpa_state_machine *sm);
	247	int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm);
	248	int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm);
	249	int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
	250	struct rsn_pmksa_cache_entry *entry);
	251	struct rsn_pmksa_cache_entry *
	252	wpa_auth_sta_get_pmksa(struct wpa_state_machine *sm);
	253	void wpa_auth_sta_local_mic_failure_report(struct wpa_state_machine *sm);
	254	const u8 * wpa_auth_get_wpa_ie(struct wpa_authenticator *wpa_auth,
	255	size_t *len);
	256	int wpa_auth_pmksa_add(struct wpa_state_machine sm, const u8 pmk,
	257	int session_timeout, struct eapol_state_machine *eapol);
	258	int wpa_auth_pmksa_add_preauth(struct wpa_authenticator *wpa_auth,
	259	const u8 pmk, size_t len, const u8 sta_addr,
	260	int session_timeout,
	261	struct eapol_state_machine *eapol);
	262	int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id);
	263
	264	#ifdef CONFIG_IEEE80211R
	265	u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine sm, u8 pos,
	266	size_t max_len, int auth_alg);
	267	void wpa_ft_process_auth(struct wpa_state_machine sm, const u8 bssid,
	268	u16 auth_transaction, const u8 *ies, size_t ies_len,
	269	void (cb)(void ctx, const u8 dst, const u8 bssid,
	270	u16 auth_transaction, u16 resp,
	271	const u8 *ies, size_t ies_len),
	272	void *ctx);
	273	u16 wpa_ft_validate_reassoc(struct wpa_state_machine sm, const u8 ies,
	274	size_t ies_len);
	275	int wpa_ft_action_rx(struct wpa_state_machine sm, const u8 data, size_t len);
	276	int wpa_ft_rrb_rx(struct wpa_authenticator wpa_auth, const u8 src_addr,
	277	const u8 *data, size_t data_len);
	278	void wpa_ft_push_pmk_r1(struct wpa_authenticator wpa_auth, const u8 addr);
	279	#endif /* CONFIG_IEEE80211R */
	280
	281	#endif /* WPA_AUTH_H */