src/rsn_supp/wpa_i.h

   1 /*
   2  * Internal WPA/RSN supplicant state machine definitions
   3  * Copyright (c) 2004-2010, Jouni Malinen <j@w1.fi>
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License version 2 as
   7  * published by the Free Software Foundation.
   8  *
   9  * Alternatively, this software may be distributed under the terms of BSD
  10  * license.
  11  *
  12  * See README and COPYING for more details.
  13  */
  14
  15 #ifndef WPA_I_H
  16 #define WPA_I_H
  17
  18 #include "utils/list.h"
  19
  20 struct wpa_peerkey;
  21 struct wpa_tdls_peer;
  22 struct wpa_eapol_key;
  23
  24 /**
  25  * struct wpa_sm - Internal WPA state machine data
  26  */
  27 struct wpa_sm {
  28         u8 pmk[PMK_LEN];
  29         size_t pmk_len;
  30         struct wpa_ptk ptk, tptk;
  31         int ptk_set, tptk_set;
  32         u8 snonce[WPA_NONCE_LEN];
  33         u8 anonce[WPA_NONCE_LEN]; /* ANonce from the last 1/4 msg */
  34         int renew_snonce;
  35         u8 rx_replay_counter[WPA_REPLAY_COUNTER_LEN];
  36         int rx_replay_counter_set;
  37         u8 request_counter[WPA_REPLAY_COUNTER_LEN];
  38
  39         struct eapol_sm *eapol; /* EAPOL state machine from upper level code */
  40
  41         struct rsn_pmksa_cache *pmksa; /* PMKSA cache */
  42         struct rsn_pmksa_cache_entry *cur_pmksa; /* current PMKSA entry */
  43         struct dl_list pmksa_candidates;
  44
  45         struct l2_packet_data *l2_preauth;
  46         struct l2_packet_data *l2_preauth_br;
  47         struct l2_packet_data *l2_tdls;
  48         u8 preauth_bssid[ETH_ALEN]; /* current RSN pre-auth peer or
  49                                      * 00:00:00:00:00:00 if no pre-auth is
  50                                      * in progress */
  51         struct eapol_sm *preauth_eapol;
  52
  53         struct wpa_sm_ctx *ctx;
  54
  55         void *scard_ctx; /* context for smartcard callbacks */
  56         int fast_reauth; /* whether EAP fast re-authentication is enabled */
  57
  58         void *network_ctx;
  59         int peerkey_enabled;
  60         int allowed_pairwise_cipher; /* bitfield of WPA_CIPHER_* */
  61         int proactive_key_caching;
  62         int eap_workaround;
  63         void *eap_conf_ctx;
  64         u8 ssid[32];
  65         size_t ssid_len;
  66         int wpa_ptk_rekey;
  67
  68         u8 own_addr[ETH_ALEN];
  69         const char *ifname;
  70         const char *bridge_ifname;
  71         u8 bssid[ETH_ALEN];
  72
  73         unsigned int dot11RSNAConfigPMKLifetime;
  74         unsigned int dot11RSNAConfigPMKReauthThreshold;
  75         unsigned int dot11RSNAConfigSATimeout;
  76
  77         unsigned int dot11RSNA4WayHandshakeFailures;
  78
  79         /* Selected configuration (based on Beacon/ProbeResp WPA IE) */
  80         unsigned int proto;
  81         unsigned int pairwise_cipher;
  82         unsigned int group_cipher;
  83         unsigned int key_mgmt;
  84         unsigned int mgmt_group_cipher;
  85
  86         int rsn_enabled; /* Whether RSN is enabled in configuration */
  87         int mfp; /* 0 = disabled, 1 = optional, 2 = mandatory */
  88
  89         u8 *assoc_wpa_ie; /* Own WPA/RSN IE from (Re)AssocReq */
  90         size_t assoc_wpa_ie_len;
  91         u8 *ap_wpa_ie, *ap_rsn_ie;
  92         size_t ap_wpa_ie_len, ap_rsn_ie_len;
  93
  94 #ifdef CONFIG_PEERKEY
  95         struct wpa_peerkey *peerkey;
  96 #endif /* CONFIG_PEERKEY */
  97 #ifdef CONFIG_TDLS
  98         struct wpa_tdls_peer *tdls;
  99         int tdls_prohibited;
 100         int tdls_disabled;
 101 #endif /* CONFIG_TDLS */
 102
 103 #ifdef CONFIG_IEEE80211R
 104         u8 xxkey[PMK_LEN]; /* PSK or the second 256 bits of MSK */
 105         size_t xxkey_len;
 106         u8 pmk_r0[PMK_LEN];
 107         u8 pmk_r0_name[WPA_PMK_NAME_LEN];
 108         u8 pmk_r1[PMK_LEN];
 109         u8 pmk_r1_name[WPA_PMK_NAME_LEN];
 110         u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN];
 111         u8 r0kh_id[FT_R0KH_ID_MAX_LEN];
 112         size_t r0kh_id_len;
 113         u8 r1kh_id[FT_R1KH_ID_LEN];
 114         int ft_completed;
 115         int over_the_ds_in_progress;
 116         u8 target_ap[ETH_ALEN]; /* over-the-DS target AP */
 117         int set_ptk_after_assoc;
 118         u8 mdie_ft_capab; /* FT Capability and Policy from target AP MDIE */
 119         u8 *assoc_resp_ies; /* MDIE and FTIE from (Re)Association Response */
 120         size_t assoc_resp_ies_len;
 121 #endif /* CONFIG_IEEE80211R */
 122 };
 123
 124
 125 static inline void wpa_sm_set_state(struct wpa_sm *sm, enum wpa_states state)
 126 {
 127         WPA_ASSERT(sm->ctx->set_state);
 128         sm->ctx->set_state(sm->ctx->ctx, state);
 129 }
 130
 131 static inline enum wpa_states wpa_sm_get_state(struct wpa_sm *sm)
 132 {
 133         WPA_ASSERT(sm->ctx->get_state);
 134         return sm->ctx->get_state(sm->ctx->ctx);
 135 }
 136
 137 static inline void wpa_sm_deauthenticate(struct wpa_sm *sm, int reason_code)
 138 {
 139         WPA_ASSERT(sm->ctx->deauthenticate);
 140         sm->ctx->deauthenticate(sm->ctx->ctx, reason_code);
 141 }
 142
 143 static inline void wpa_sm_disassociate(struct wpa_sm *sm, int reason_code)
 144 {
 145         WPA_ASSERT(sm->ctx->disassociate);
 146         sm->ctx->disassociate(sm->ctx->ctx, reason_code);
 147 }
 148
 149 static inline int wpa_sm_set_key(struct wpa_sm *sm, enum wpa_alg alg,
 150                                  const u8 *addr, int key_idx, int set_tx,
 151                                  const u8 *seq, size_t seq_len,
 152                                  const u8 *key, size_t key_len)
 153 {
 154         WPA_ASSERT(sm->ctx->set_key);
 155         return sm->ctx->set_key(sm->ctx->ctx, alg, addr, key_idx, set_tx,
 156                                 seq, seq_len, key, key_len);
 157 }
 158
 159 static inline void * wpa_sm_get_network_ctx(struct wpa_sm *sm)
 160 {
 161         WPA_ASSERT(sm->ctx->get_network_ctx);
 162         return sm->ctx->get_network_ctx(sm->ctx->ctx);
 163 }
 164
 165 static inline int wpa_sm_get_bssid(struct wpa_sm *sm, u8 *bssid)
 166 {
 167         WPA_ASSERT(sm->ctx->get_bssid);
 168         return sm->ctx->get_bssid(sm->ctx->ctx, bssid);
 169 }
 170
 171 static inline int wpa_sm_ether_send(struct wpa_sm *sm, const u8 *dest,
 172                                     u16 proto, const u8 *buf, size_t len)
 173 {
 174         WPA_ASSERT(sm->ctx->ether_send);
 175         return sm->ctx->ether_send(sm->ctx->ctx, dest, proto, buf, len);
 176 }
 177
 178 static inline int wpa_sm_get_beacon_ie(struct wpa_sm *sm)
 179 {
 180         WPA_ASSERT(sm->ctx->get_beacon_ie);
 181         return sm->ctx->get_beacon_ie(sm->ctx->ctx);
 182 }
 183
 184 static inline void wpa_sm_cancel_auth_timeout(struct wpa_sm *sm)
 185 {
 186         WPA_ASSERT(sm->ctx->cancel_auth_timeout);
 187         sm->ctx->cancel_auth_timeout(sm->ctx->ctx);
 188 }
 189
 190 static inline u8 * wpa_sm_alloc_eapol(struct wpa_sm *sm, u8 type,
 191                                       const void *data, u16 data_len,
 192                                       size_t *msg_len, void **data_pos)
 193 {
 194         WPA_ASSERT(sm->ctx->alloc_eapol);
 195         return sm->ctx->alloc_eapol(sm->ctx->ctx, type, data, data_len,
 196                                     msg_len, data_pos);
 197 }
 198
 199 static inline int wpa_sm_add_pmkid(struct wpa_sm *sm, const u8 *bssid,
 200                                    const u8 *pmkid)
 201 {
 202         WPA_ASSERT(sm->ctx->add_pmkid);
 203         return sm->ctx->add_pmkid(sm->ctx->ctx, bssid, pmkid);
 204 }
 205
 206 static inline int wpa_sm_remove_pmkid(struct wpa_sm *sm, const u8 *bssid,
 207                                       const u8 *pmkid)
 208 {
 209         WPA_ASSERT(sm->ctx->remove_pmkid);
 210         return sm->ctx->remove_pmkid(sm->ctx->ctx, bssid, pmkid);
 211 }
 212
 213 static inline int wpa_sm_mlme_setprotection(struct wpa_sm *sm, const u8 *addr,
 214                                             int protect_type, int key_type)
 215 {
 216         WPA_ASSERT(sm->ctx->mlme_setprotection);
 217         return sm->ctx->mlme_setprotection(sm->ctx->ctx, addr, protect_type,
 218                                            key_type);
 219 }
 220
 221 static inline int wpa_sm_update_ft_ies(struct wpa_sm *sm, const u8 *md,
 222                                        const u8 *ies, size_t ies_len)
 223 {
 224         if (sm->ctx->update_ft_ies)
 225                 return sm->ctx->update_ft_ies(sm->ctx->ctx, md, ies, ies_len);
 226         return -1;
 227 }
 228
 229 static inline int wpa_sm_send_ft_action(struct wpa_sm *sm, u8 action,
 230                                         const u8 *target_ap,
 231                                         const u8 *ies, size_t ies_len)
 232 {
 233         if (sm->ctx->send_ft_action)
 234                 return sm->ctx->send_ft_action(sm->ctx->ctx, action, target_ap,
 235                                                ies, ies_len);
 236         return -1;
 237 }
 238
 239 static inline int wpa_sm_mark_authenticated(struct wpa_sm *sm,
 240                                             const u8 *target_ap)
 241 {
 242         if (sm->ctx->mark_authenticated)
 243                 return sm->ctx->mark_authenticated(sm->ctx->ctx, target_ap);
 244         return -1;
 245 }
 246
 247 static inline void wpa_sm_set_rekey_offload(struct wpa_sm *sm)
 248 {
 249         if (!sm->ctx->set_rekey_offload)
 250                 return;
 251         sm->ctx->set_rekey_offload(sm->ctx->ctx, sm->ptk.kek,
 252                                    sm->ptk.kck, sm->rx_replay_counter);
 253 }
 254
 255 #ifdef CONFIG_TDLS
 256 static inline int wpa_sm_send_tdls_mgmt(struct wpa_sm *sm, const u8 *dst,
 257                                         u8 action_code, u8 dialog_token,
 258                                         u16 status_code, const u8 *buf,
 259                                         size_t len)
 260 {
 261         if (sm->ctx->send_tdls_mgmt)
 262                 return sm->ctx->send_tdls_mgmt(sm->ctx->ctx, dst, action_code,
 263                                                dialog_token, status_code,
 264                                                buf, len);
 265         return -1;
 266 }
 267
 268 static inline int wpa_sm_tdls_oper(struct wpa_sm *sm, int oper,
 269                                    const u8 *peer)
 270 {
 271         if (sm->ctx->tdls_oper)
 272                 return sm->ctx->tdls_oper(sm->ctx->ctx, oper, peer);
 273         return -1;
 274 }
 275 #endif /* CONFIG_TDLS */
 276
 277 void wpa_eapol_key_send(struct wpa_sm *sm, const u8 *kck,
 278                         int ver, const u8 *dest, u16 proto,
 279                         u8 *msg, size_t msg_len, u8 *key_mic);
 280 int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst,
 281                                const struct wpa_eapol_key *key,
 282                                int ver, const u8 *nonce,
 283                                const u8 *wpa_ie, size_t wpa_ie_len,
 284                                struct wpa_ptk *ptk);
 285 int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst,
 286                                const struct wpa_eapol_key *key,
 287                                u16 ver, u16 key_info,
 288                                const u8 *kde, size_t kde_len,
 289                                struct wpa_ptk *ptk);
 290
 291 int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr,
 292                       const struct wpa_eapol_key *key,
 293                       struct wpa_ptk *ptk, size_t ptk_len);
 294
 295 void wpa_tdls_assoc(struct wpa_sm *sm);
 296 void wpa_tdls_disassoc(struct wpa_sm *sm);
 297
 298 #endif /* WPA_I_H */