]> git.ipfire.org Git - thirdparty/hostap.git/blame - src/common/dpp.h
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
DPP: Require conf=configurator to allow Configurator provisioning
[thirdparty/hostap.git] / src / common / dpp.h
CommitLineData
be27e185
JM		 1/*
2 * DPP functionality shared between hostapd and wpa_supplicant
3 * Copyright (c) 2017, Qualcomm Atheros, Inc.
2bbe6ad3 4 * Copyright (c) 2018-2020, The Linux Foundation
be27e185
JM		 5 *
6 * This software may be distributed under the terms of the BSD license.
7 * See README for more details.
8 */
9
10#ifndef DPP_H
11#define DPP_H
12
1326cb76 13#ifdef CONFIG_DPP
be27e185
JM		 14#include <openssl/x509.h>
15
16#include "utils/list.h"
650a70a7 17#include "common/wpa_common.h"
be27e185
JM		 18#include "crypto/sha256.h"
19
10ec6a5f 20struct crypto_ecdh;
88a78bdd 21struct hostapd_ip_addr;
87d8435c 22struct dpp_global;
10ec6a5f 23
dc4d271c 24#define DPP_HDR_LEN (4 + 2) /* OUI, OUI Type, Crypto Suite, DPP frame type */
88a78bdd 25#define DPP_TCP_PORT 7871
dc4d271c 26
30d27b04
JM		 27enum dpp_public_action_frame_type {
28 DPP_PA_AUTHENTICATION_REQ = 0,
29 DPP_PA_AUTHENTICATION_RESP = 1,
30 DPP_PA_AUTHENTICATION_CONF = 2,
31 DPP_PA_PEER_DISCOVERY_REQ = 5,
32 DPP_PA_PEER_DISCOVERY_RESP = 6,
33 DPP_PA_PKEX_EXCHANGE_REQ = 7,
34 DPP_PA_PKEX_EXCHANGE_RESP = 8,
35 DPP_PA_PKEX_COMMIT_REVEAL_REQ = 9,
36 DPP_PA_PKEX_COMMIT_REVEAL_RESP = 10,
22f90b32 37 DPP_PA_CONFIGURATION_RESULT = 11,
e501a2eb 38 DPP_PA_CONNECTION_STATUS_RESULT = 12,
30d27b04
JM		 39};
40
41enum dpp_attribute_id {
42 DPP_ATTR_STATUS = 0x1000,
43 DPP_ATTR_I_BOOTSTRAP_KEY_HASH = 0x1001,
44 DPP_ATTR_R_BOOTSTRAP_KEY_HASH = 0x1002,
45 DPP_ATTR_I_PROTOCOL_KEY = 0x1003,
46 DPP_ATTR_WRAPPED_DATA = 0x1004,
47 DPP_ATTR_I_NONCE = 0x1005,
48 DPP_ATTR_I_CAPABILITIES = 0x1006,
49 DPP_ATTR_R_NONCE = 0x1007,
50 DPP_ATTR_R_CAPABILITIES = 0x1008,
51 DPP_ATTR_R_PROTOCOL_KEY = 0x1009,
52 DPP_ATTR_I_AUTH_TAG = 0x100A,
53 DPP_ATTR_R_AUTH_TAG = 0x100B,
54 DPP_ATTR_CONFIG_OBJ = 0x100C,
55 DPP_ATTR_CONNECTOR = 0x100D,
56 DPP_ATTR_CONFIG_ATTR_OBJ = 0x100E,
57 DPP_ATTR_BOOTSTRAP_KEY = 0x100F,
30d27b04
JM		 58 DPP_ATTR_OWN_NET_NK_HASH = 0x1011,
59 DPP_ATTR_FINITE_CYCLIC_GROUP = 0x1012,
60 DPP_ATTR_ENCRYPTED_KEY = 0x1013,
61 DPP_ATTR_ENROLLEE_NONCE = 0x1014,
62 DPP_ATTR_CODE_IDENTIFIER = 0x1015,
85fd8263 63 DPP_ATTR_TRANSACTION_ID = 0x1016,
d2709206
JM		 64 DPP_ATTR_BOOTSTRAP_INFO = 0x1017,
65 DPP_ATTR_CHANNEL = 0x1018,
0b4a906d
JM		 66 DPP_ATTR_PROTOCOL_VERSION = 0x1019,
67 DPP_ATTR_ENVELOPED_DATA = 0x101A,
e501a2eb
JM		 68 DPP_ATTR_SEND_CONN_STATUS = 0x101B,
69 DPP_ATTR_CONN_STATUS = 0x101C,
30d27b04
JM		 70};
71
72enum dpp_status_error {
73 DPP_STATUS_OK = 0,
74 DPP_STATUS_NOT_COMPATIBLE = 1,
75 DPP_STATUS_AUTH_FAILURE = 2,
76 DPP_STATUS_UNWRAP_FAILURE = 3,
77 DPP_STATUS_BAD_GROUP = 4,
78 DPP_STATUS_CONFIGURE_FAILURE = 5,
79 DPP_STATUS_RESPONSE_PENDING = 6,
e85b6601
JM		 80 DPP_STATUS_INVALID_CONNECTOR = 7,
81 DPP_STATUS_NO_MATCH = 8,
22f90b32 82 DPP_STATUS_CONFIG_REJECTED = 9,
e501a2eb 83 DPP_STATUS_NO_AP = 10,
30d27b04
JM		 84};
85
86#define DPP_CAPAB_ENROLLEE BIT(0)
87#define DPP_CAPAB_CONFIGURATOR BIT(1)
88#define DPP_CAPAB_ROLE_MASK (BIT(0) | BIT(1))
89
be27e185 90#define DPP_BOOTSTRAP_MAX_FREQ 30
30d27b04
JM		 91#define DPP_MAX_NONCE_LEN 32
92#define DPP_MAX_HASH_LEN 64
93#define DPP_MAX_SHARED_SECRET_LEN 66
be27e185
JM		 94
95struct dpp_curve_params {
96 const char *name;
97 size_t hash_len;
98 size_t aes_siv_key_len;
99 size_t nonce_len;
100 size_t prime_len;
101 const char *jwk_crv;
500ed7f0 102 u16 ike_group;
31f03cb0 103 const char *jws_alg;
be27e185
JM		 104};
105
106enum dpp_bootstrap_type {
107 DPP_BOOTSTRAP_QR_CODE,
500ed7f0 108 DPP_BOOTSTRAP_PKEX,
e780b4bf 109 DPP_BOOTSTRAP_NFC_URI,
be27e185
JM		 110};
111
112struct dpp_bootstrap_info {
113 struct dl_list list;
114 unsigned int id;
115 enum dpp_bootstrap_type type;
116 char *uri;
117 u8 mac_addr[ETH_ALEN];
2bbe6ad3 118 char *chan;
be27e185 119 char *info;
2bbe6ad3 120 char *pk;
be27e185
JM		 121 unsigned int freq[DPP_BOOTSTRAP_MAX_FREQ];
122 unsigned int num_freq;
123 int own;
124 EVP_PKEY *pubkey;
125 u8 pubkey_hash[SHA256_MAC_LEN];
126 const struct dpp_curve_params *curve;
29ab69e4
JM		 127 unsigned int pkex_t; /* number of failures before dpp_pkex
128 * instantiation */
be27e185
JM		 129};
130
29ab69e4
JM		 131#define PKEX_COUNTER_T_LIMIT 5
132
500ed7f0 133struct dpp_pkex {
219d4c9f 134 void *msg_ctx;
500ed7f0
JM		 135 unsigned int initiator:1;
136 unsigned int exchange_done:1;
e0247e79 137 unsigned int failed:1;
500ed7f0
JM		 138 struct dpp_bootstrap_info *own_bi;
139 u8 own_mac[ETH_ALEN];
140 u8 peer_mac[ETH_ALEN];
141 char *identifier;
142 char *code;
143 EVP_PKEY *x;
144 EVP_PKEY *y;
145 u8 Mx[DPP_MAX_SHARED_SECRET_LEN];
146 u8 Nx[DPP_MAX_SHARED_SECRET_LEN];
147 u8 z[DPP_MAX_HASH_LEN];
148 EVP_PKEY *peer_bootstrap_key;
149 struct wpabuf *exchange_req;
150 struct wpabuf *exchange_resp;
29ab69e4 151 unsigned int t; /* number of failures on code use */
00d2d13d
JM		 152 unsigned int exch_req_wait_time;
153 unsigned int exch_req_tries;
154 unsigned int freq;
500ed7f0
JM		 155};
156
5dd745b7
JM		 157enum dpp_akm {
158 DPP_AKM_UNKNOWN,
159 DPP_AKM_DPP,
160 DPP_AKM_PSK,
161 DPP_AKM_SAE,
18015fc8
JM		 162 DPP_AKM_PSK_SAE,
163 DPP_AKM_SAE_DPP,
164 DPP_AKM_PSK_SAE_DPP,
5dd745b7
JM		 165};
166
99918e06
JM		 167enum dpp_netrole {
168 DPP_NETROLE_STA,
169 DPP_NETROLE_AP,
5661ebd7 170 DPP_NETROLE_CONFIGURATOR,
99918e06
JM		 171};
172
461d39af
JM		 173struct dpp_configuration {
174 u8 ssid[32];
175 size_t ssid_len;
71e2848e 176 int ssid_charset;
e3a5882b 177 enum dpp_akm akm;
99918e06 178 enum dpp_netrole netrole;
461d39af
JM		 179
180 /* For DPP configuration (connector) */
181 os_time_t netaccesskey_expiry;
182
a4bf0078 183 /* TODO: groups */
20f612d9 184 char *group_id;
461d39af
JM		 185
186 /* For legacy configuration */
187 char *passphrase;
188 u8 psk[32];
9305c233 189 int psk_set;
461d39af
JM		 190};
191
ea91ddb0
JM		 192struct dpp_asymmetric_key {
193 struct dpp_asymmetric_key *next;
194 EVP_PKEY *csign;
195 char *config_template;
196 char *connector_template;
197};
198
52d469de
JM		 199#define DPP_MAX_CONF_OBJ 10
200
30d27b04
JM		 201struct dpp_authentication {
202 void *msg_ctx;
0b4a906d 203 u8 peer_version;
30d27b04
JM		 204 const struct dpp_curve_params *curve;
205 struct dpp_bootstrap_info *peer_bi;
206 struct dpp_bootstrap_info *own_bi;
73f21929 207 struct dpp_bootstrap_info *tmp_own_bi;
30d27b04
JM		 208 u8 waiting_pubkey_hash[SHA256_MAC_LEN];
209 int response_pending;
210 enum dpp_status_error auth_resp_status;
22f90b32 211 enum dpp_status_error conf_resp_status;
30d27b04
JM		 212 u8 peer_mac_addr[ETH_ALEN];
213 u8 i_nonce[DPP_MAX_NONCE_LEN];
214 u8 r_nonce[DPP_MAX_NONCE_LEN];
461d39af 215 u8 e_nonce[DPP_MAX_NONCE_LEN];
30d27b04
JM		 216 u8 i_capab;
217 u8 r_capab;
218 EVP_PKEY *own_protocol_key;
219 EVP_PKEY *peer_protocol_key;
dc4d271c
JM		 220 struct wpabuf *req_msg;
221 struct wpabuf *resp_msg;
f97ace34
JM		 222 /* Intersection of possible frequencies for initiating DPP
223 * Authentication exchange */
224 unsigned int freq[DPP_BOOTSTRAP_MAX_FREQ];
225 unsigned int num_freq, freq_idx;
30d27b04 226 unsigned int curr_freq;
d2709206 227 unsigned int neg_freq;
f97ace34 228 unsigned int num_freq_iters;
30d27b04
JM		 229 size_t secret_len;
230 u8 Mx[DPP_MAX_SHARED_SECRET_LEN];
630ea133 231 size_t Mx_len;
30d27b04 232 u8 Nx[DPP_MAX_SHARED_SECRET_LEN];
630ea133 233 size_t Nx_len;
30d27b04 234 u8 Lx[DPP_MAX_SHARED_SECRET_LEN];
630ea133 235 size_t Lx_len;
30d27b04
JM		 236 u8 k1[DPP_MAX_HASH_LEN];
237 u8 k2[DPP_MAX_HASH_LEN];
238 u8 ke[DPP_MAX_HASH_LEN];
239 int initiator;
f97ace34 240 int waiting_auth_resp;
95b0104a 241 int waiting_auth_conf;
248264c6 242 int auth_req_ack;
95b0104a 243 unsigned int auth_resp_tries;
d1f08264 244 u8 allowed_roles;
30d27b04
JM		 245 int configurator;
246 int remove_on_tx_status;
22f90b32
JM		 247 int connect_on_tx_status;
248 int waiting_conf_result;
b10e01a7 249 int waiting_conn_status_result;
30d27b04 250 int auth_success;
461d39af 251 struct wpabuf *conf_req;
82feacce 252 const struct wpabuf *conf_resp; /* owned by GAS server */
461d39af 253 struct dpp_configuration *conf_ap;
7eb06a33 254 struct dpp_configuration *conf2_ap;
461d39af 255 struct dpp_configuration *conf_sta;
7eb06a33 256 struct dpp_configuration *conf2_sta;
e2b1e7dc 257 int provision_configurator;
461d39af 258 struct dpp_configurator *conf;
52d469de
JM		 259 struct dpp_config_obj {
260 char *connector; /* received signedConnector */
261 u8 ssid[SSID_MAX_LEN];
262 u8 ssid_len;
57a63b13 263 int ssid_charset;
52d469de
JM		 264 char passphrase[64];
265 u8 psk[PMK_LEN];
266 int psk_set;
267 enum dpp_akm akm;
268 struct wpabuf *c_sign_key;
269 } conf_obj[DPP_MAX_CONF_OBJ];
270 unsigned int num_conf_obj;
ea91ddb0 271 struct dpp_asymmetric_key *conf_key_pkg;
461d39af
JM		 272 struct wpabuf *net_access_key;
273 os_time_t net_access_key_expiry;
b10e01a7 274 int send_conn_status;
16ef233b 275 int conn_status_requested;
68fea960 276 int akm_use_selector;
461d39af
JM		 277#ifdef CONFIG_TESTING_OPTIONS
278 char *config_obj_override;
279 char *discovery_override;
280 char *groups_override;
461d39af
JM		 281 unsigned int ignore_netaccesskey_mismatch:1;
282#endif /* CONFIG_TESTING_OPTIONS */
283};
284
285struct dpp_configurator {
286 struct dl_list list;
287 unsigned int id;
288 int own;
289 EVP_PKEY *csign;
290 char *kid;
291 const struct dpp_curve_params *curve;
30d27b04
JM		 292};
293
650a70a7
JM		 294struct dpp_introduction {
295 u8 pmkid[PMKID_LEN];
296 u8 pmk[PMK_LEN_MAX];
297 size_t pmk_len;
650a70a7
JM		 298};
299
88a78bdd
JM		 300struct dpp_relay_config {
301 const struct hostapd_ip_addr *ipaddr;
302 const u8 *pkhash;
303
304 void *cb_ctx;
305 void (*tx)(void *ctx, const u8 *addr, unsigned int freq, const u8 *msg,
306 size_t len);
307 void (*gas_resp_tx)(void *ctx, const u8 *addr, u8 dialog_token, int prot,
308 struct wpabuf *buf);
309};
310
311struct dpp_controller_config {
312 const char *configurator_params;
313 int tcp_port;
314};
315
60239f60
JM		 316#ifdef CONFIG_TESTING_OPTIONS
317enum dpp_test_behavior {
318 DPP_TEST_DISABLED = 0,
319 DPP_TEST_AFTER_WRAPPED_DATA_AUTH_REQ = 1,
320 DPP_TEST_AFTER_WRAPPED_DATA_AUTH_RESP = 2,
321 DPP_TEST_AFTER_WRAPPED_DATA_AUTH_CONF = 3,
322 DPP_TEST_AFTER_WRAPPED_DATA_PKEX_CR_REQ = 4,
323 DPP_TEST_AFTER_WRAPPED_DATA_PKEX_CR_RESP = 5,
324 DPP_TEST_AFTER_WRAPPED_DATA_CONF_REQ = 6,
325 DPP_TEST_AFTER_WRAPPED_DATA_CONF_RESP = 7,
326 DPP_TEST_ZERO_I_CAPAB = 8,
327 DPP_TEST_ZERO_R_CAPAB = 9,
0e7cb8c6
JM		 328 DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_REQ = 10,
329 DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_REQ = 11,
330 DPP_TEST_NO_I_PROTO_KEY_AUTH_REQ = 12,
331 DPP_TEST_NO_I_NONCE_AUTH_REQ = 13,
332 DPP_TEST_NO_I_CAPAB_AUTH_REQ = 14,
333 DPP_TEST_NO_WRAPPED_DATA_AUTH_REQ = 15,
ce9acce0
JM		 334 DPP_TEST_NO_STATUS_AUTH_RESP = 16,
335 DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_RESP = 17,
336 DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_RESP = 18,
337 DPP_TEST_NO_R_PROTO_KEY_AUTH_RESP = 19,
338 DPP_TEST_NO_R_NONCE_AUTH_RESP = 20,
339 DPP_TEST_NO_I_NONCE_AUTH_RESP = 21,
340 DPP_TEST_NO_R_CAPAB_AUTH_RESP = 22,
341 DPP_TEST_NO_R_AUTH_AUTH_RESP = 23,
342 DPP_TEST_NO_WRAPPED_DATA_AUTH_RESP = 24,
f9c7d770
JM		 343 DPP_TEST_NO_STATUS_AUTH_CONF = 25,
344 DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_CONF = 26,
345 DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_CONF = 27,
346 DPP_TEST_NO_I_AUTH_AUTH_CONF = 28,
347 DPP_TEST_NO_WRAPPED_DATA_AUTH_CONF = 29,
978bc3f2
JM		 348 DPP_TEST_I_NONCE_MISMATCH_AUTH_RESP = 30,
349 DPP_TEST_INCOMPATIBLE_R_CAPAB_AUTH_RESP = 31,
350 DPP_TEST_R_AUTH_MISMATCH_AUTH_RESP = 32,
351 DPP_TEST_I_AUTH_MISMATCH_AUTH_CONF = 33,
61f9f27f
JM		 352 DPP_TEST_NO_FINITE_CYCLIC_GROUP_PKEX_EXCHANGE_REQ = 34,
353 DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_REQ = 35,
354 DPP_TEST_NO_STATUS_PKEX_EXCHANGE_RESP = 36,
355 DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_RESP = 37,
356 DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_REQ = 38,
357 DPP_TEST_NO_I_AUTH_TAG_PKEX_CR_REQ = 39,
358 DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_REQ = 40,
359 DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_RESP = 41,
360 DPP_TEST_NO_R_AUTH_TAG_PKEX_CR_RESP = 42,
361 DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_RESP = 43,
1cfcbd32
JM		 362 DPP_TEST_INVALID_ENCRYPTED_KEY_PKEX_EXCHANGE_REQ = 44,
363 DPP_TEST_INVALID_ENCRYPTED_KEY_PKEX_EXCHANGE_RESP = 45,
f31ef96d 364 DPP_TEST_INVALID_STATUS_PKEX_EXCHANGE_RESP = 46,
89d0bf67
JM		 365 DPP_TEST_INVALID_BOOTSTRAP_KEY_PKEX_CR_REQ = 47,
366 DPP_TEST_INVALID_BOOTSTRAP_KEY_PKEX_CR_RESP = 48,
7e0ebe21
JM		 367 DPP_TEST_I_AUTH_TAG_MISMATCH_PKEX_CR_REQ = 49,
368 DPP_TEST_R_AUTH_TAG_MISMATCH_PKEX_CR_RESP = 50,
f411ad1b
JM		 369 DPP_TEST_NO_E_NONCE_CONF_REQ = 51,
370 DPP_TEST_NO_CONFIG_ATTR_OBJ_CONF_REQ = 52,
371 DPP_TEST_NO_WRAPPED_DATA_CONF_REQ = 53,
372 DPP_TEST_NO_E_NONCE_CONF_RESP = 54,
373 DPP_TEST_NO_CONFIG_OBJ_CONF_RESP = 55,
374 DPP_TEST_NO_STATUS_CONF_RESP = 56,
375 DPP_TEST_NO_WRAPPED_DATA_CONF_RESP = 57,
af7f10fc
JM		 376 DPP_TEST_INVALID_STATUS_CONF_RESP = 58,
377 DPP_TEST_E_NONCE_MISMATCH_CONF_RESP = 59,
a306ed5a
JM		 378 DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_REQ = 60,
379 DPP_TEST_NO_CONNECTOR_PEER_DISC_REQ = 61,
380 DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_RESP = 62,
381 DPP_TEST_NO_STATUS_PEER_DISC_RESP = 63,
382 DPP_TEST_NO_CONNECTOR_PEER_DISC_RESP = 64,
762fb4f0 383 DPP_TEST_AUTH_RESP_IN_PLACE_OF_CONF = 65,
b6b4226b
JM		 384 DPP_TEST_INVALID_I_PROTO_KEY_AUTH_REQ = 66,
385 DPP_TEST_INVALID_R_PROTO_KEY_AUTH_RESP = 67,
65ecce87
JM		 386 DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_REQ = 68,
387 DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_REQ = 69,
388 DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_RESP = 70,
389 DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_RESP = 71,
390 DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_CONF = 72,
391 DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_CONF = 73,
3f35ec2d
JM		 392 DPP_TEST_INVALID_STATUS_AUTH_RESP = 74,
393 DPP_TEST_INVALID_STATUS_AUTH_CONF = 75,
f9cf7d03 394 DPP_TEST_INVALID_CONFIG_ATTR_OBJ_CONF_REQ = 76,
4b8de0c9
JM		 395 DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_RESP = 77,
396 DPP_TEST_INVALID_STATUS_PEER_DISC_RESP = 78,
397 DPP_TEST_INVALID_CONNECTOR_PEER_DISC_RESP = 79,
398 DPP_TEST_INVALID_CONNECTOR_PEER_DISC_REQ = 80,
a4446739 399 DPP_TEST_INVALID_I_NONCE_AUTH_REQ = 81,
55c6c858 400 DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_REQ = 82,
f0a383a9 401 DPP_TEST_INVALID_E_NONCE_CONF_REQ = 83,
34603767
JM		 402 DPP_TEST_STOP_AT_PKEX_EXCHANGE_RESP = 84,
403 DPP_TEST_STOP_AT_PKEX_CR_REQ = 85,
404 DPP_TEST_STOP_AT_PKEX_CR_RESP = 86,
405 DPP_TEST_STOP_AT_AUTH_REQ = 87,
406 DPP_TEST_STOP_AT_AUTH_RESP = 88,
407 DPP_TEST_STOP_AT_AUTH_CONF = 89,
408 DPP_TEST_STOP_AT_CONF_REQ = 90,
67b3bcc9 409 DPP_TEST_REJECT_CONFIG = 91,
60239f60
JM		 410};
411
412extern enum dpp_test_behavior dpp_test;
2bdc47a9
JM		 413extern u8 dpp_pkex_own_mac_override[ETH_ALEN];
414extern u8 dpp_pkex_peer_mac_override[ETH_ALEN];
acc555f9
JM		 415extern u8 dpp_pkex_ephemeral_key_override[600];
416extern size_t dpp_pkex_ephemeral_key_override_len;
f5526975
JM		 417extern u8 dpp_protocol_key_override[600];
418extern size_t dpp_protocol_key_override_len;
055cd397
JM		 419extern u8 dpp_nonce_override[DPP_MAX_NONCE_LEN];
420extern size_t dpp_nonce_override_len;
60239f60
JM		 421#endif /* CONFIG_TESTING_OPTIONS */
422
be27e185 423void dpp_bootstrap_info_free(struct dpp_bootstrap_info *info);
484788b8 424const char * dpp_bootstrap_type_txt(enum dpp_bootstrap_type type);
500ed7f0 425int dpp_bootstrap_key_hash(struct dpp_bootstrap_info *bi);
be27e185
JM		 426int dpp_parse_uri_chan_list(struct dpp_bootstrap_info *bi,
427 const char *chan_list);
428int dpp_parse_uri_mac(struct dpp_bootstrap_info *bi, const char *mac);
429int dpp_parse_uri_info(struct dpp_bootstrap_info *bi, const char *info);
5e287724
JM		 430int dpp_nfc_update_bi(struct dpp_bootstrap_info *own_bi,
431 struct dpp_bootstrap_info *peer_bi);
f97ace34 432struct hostapd_hw_modes;
30d27b04
JM		 433struct dpp_authentication * dpp_auth_init(void *msg_ctx,
434 struct dpp_bootstrap_info *peer_bi,
435 struct dpp_bootstrap_info *own_bi,
d1f08264 436 u8 dpp_allowed_roles,
f97ace34
JM		 437 unsigned int neg_freq,
438 struct hostapd_hw_modes *own_modes,
439 u16 num_modes);
30d27b04
JM		 440struct dpp_authentication *
441dpp_auth_req_rx(void *msg_ctx, u8 dpp_allowed_roles, int qr_mutual,
442 struct dpp_bootstrap_info *peer_bi,
443 struct dpp_bootstrap_info *own_bi,
dc4d271c 444 unsigned int freq, const u8 *hdr, const u8 *attr_start,
27fefbbb 445 size_t attr_len);
30d27b04 446struct wpabuf *
dc4d271c
JM		 447dpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr,
448 const u8 *attr_start, size_t attr_len);
461d39af
JM		 449struct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth,
450 const char *json);
5a5639b0 451struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth,
74045744
JM		 452 const char *name,
453 enum dpp_netrole netrole,
8f8c423a 454 const char *mud_url, int *opclasses);
dc4d271c
JM		 455int dpp_auth_conf_rx(struct dpp_authentication *auth, const u8 *hdr,
456 const u8 *attr_start, size_t attr_len);
30d27b04
JM		 457int dpp_notify_new_qr_code(struct dpp_authentication *auth,
458 struct dpp_bootstrap_info *peer_bi);
9305c233 459struct dpp_configuration * dpp_configuration_alloc(const char *type);
18015fc8
JM		 460int dpp_akm_psk(enum dpp_akm akm);
461int dpp_akm_sae(enum dpp_akm akm);
462int dpp_akm_legacy(enum dpp_akm akm);
463int dpp_akm_dpp(enum dpp_akm akm);
464int dpp_akm_ver2(enum dpp_akm akm);
9305c233 465int dpp_configuration_valid(const struct dpp_configuration *conf);
461d39af 466void dpp_configuration_free(struct dpp_configuration *conf);
87d8435c
JM		 467int dpp_set_configurator(struct dpp_global *dpp, void *msg_ctx,
468 struct dpp_authentication *auth,
469 const char *cmd);
30d27b04 470void dpp_auth_deinit(struct dpp_authentication *auth);
461d39af
JM		 471struct wpabuf *
472dpp_conf_req_rx(struct dpp_authentication *auth, const u8 *attr_start,
473 size_t attr_len);
474int dpp_conf_resp_rx(struct dpp_authentication *auth,
475 const struct wpabuf *resp);
22f90b32
JM		 476enum dpp_status_error dpp_conf_result_rx(struct dpp_authentication *auth,
477 const u8 *hdr,
478 const u8 *attr_start, size_t attr_len);
479struct wpabuf * dpp_build_conf_result(struct dpp_authentication *auth,
480 enum dpp_status_error status);
b10e01a7
JM		 481enum dpp_status_error dpp_conn_status_result_rx(struct dpp_authentication *auth,
482 const u8 *hdr,
483 const u8 *attr_start,
484 size_t attr_len,
485 u8 *ssid, size_t *ssid_len,
486 char **channel_list);
16ef233b
JM		 487struct wpabuf * dpp_build_conn_status_result(struct dpp_authentication *auth,
488 enum dpp_status_error result,
489 const u8 *ssid, size_t ssid_len,
490 const char *channel_list);
30d27b04
JM		 491struct wpabuf * dpp_alloc_msg(enum dpp_public_action_frame_type type,
492 size_t len);
493const u8 * dpp_get_attr(const u8 *buf, size_t len, u16 req_id, u16 *ret_len);
494int dpp_check_attrs(const u8 *buf, size_t len);
461d39af 495int dpp_key_expired(const char *timestamp, os_time_t *expiry);
5dd745b7 496const char * dpp_akm_str(enum dpp_akm akm);
68fea960 497const char * dpp_akm_selector_str(enum dpp_akm akm);
8179ae3a
PK		 498int dpp_configurator_get_key(const struct dpp_configurator *conf, char *buf,
499 size_t buflen);
461d39af
JM		 500void dpp_configurator_free(struct dpp_configurator *conf);
501struct dpp_configurator *
502dpp_keygen_configurator(const char *curve, const u8 *privkey,
503 size_t privkey_len);
f522bb23 504int dpp_configurator_own_config(struct dpp_authentication *auth,
a2588be8 505 const char *curve, int ap);
e85b6601
JM		 506enum dpp_status_error
507dpp_peer_intro(struct dpp_introduction *intro, const char *own_connector,
508 const u8 *net_access_key, size_t net_access_key_len,
509 const u8 *csign_key, size_t csign_key_len,
510 const u8 *peer_connector, size_t peer_connector_len,
511 os_time_t *expiry);
219d4c9f 512struct dpp_pkex * dpp_pkex_init(void *msg_ctx, struct dpp_bootstrap_info *bi,
500ed7f0
JM		 513 const u8 *own_mac,
514 const char *identifier,
515 const char *code);
219d4c9f
JM		 516struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx,
517 struct dpp_bootstrap_info *bi,
500ed7f0
JM		 518 const u8 *own_mac,
519 const u8 *peer_mac,
520 const char *identifier,
521 const char *code,
522 const u8 *buf, size_t len);
523struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex,
af4103e5 524 const u8 *peer_mac,
500ed7f0
JM		 525 const u8 *buf, size_t len);
526struct wpabuf * dpp_pkex_rx_commit_reveal_req(struct dpp_pkex *pkex,
4be5bc98 527 const u8 *hdr,
500ed7f0 528 const u8 *buf, size_t len);
4be5bc98 529int dpp_pkex_rx_commit_reveal_resp(struct dpp_pkex *pkex, const u8 *hdr,
500ed7f0
JM		 530 const u8 *buf, size_t len);
531void dpp_pkex_free(struct dpp_pkex *pkex);
be27e185 532
4b8de0c9
JM		 533char * dpp_corrupt_connector_signature(const char *connector);
534
10ec6a5f
JM		 535
536struct dpp_pfs {
537 struct crypto_ecdh *ecdh;
538 const struct dpp_curve_params *curve;
539 struct wpabuf *ie;
540 struct wpabuf *secret;
541};
542
543struct dpp_pfs * dpp_pfs_init(const u8 *net_access_key,
544 size_t net_access_key_len);
545int dpp_pfs_process(struct dpp_pfs *pfs, const u8 *peer_ie, size_t peer_ie_len);
546void dpp_pfs_free(struct dpp_pfs *pfs);
547
87d8435c
JM		 548struct dpp_bootstrap_info * dpp_add_qr_code(struct dpp_global *dpp,
549 const char *uri);
e780b4bf
JM		 550struct dpp_bootstrap_info * dpp_add_nfc_uri(struct dpp_global *dpp,
551 const char *uri);
87d8435c
JM		 552int dpp_bootstrap_gen(struct dpp_global *dpp, const char *cmd);
553struct dpp_bootstrap_info *
554dpp_bootstrap_get_id(struct dpp_global *dpp, unsigned int id);
555int dpp_bootstrap_remove(struct dpp_global *dpp, const char *id);
556struct dpp_bootstrap_info *
557dpp_pkex_finish(struct dpp_global *dpp, struct dpp_pkex *pkex, const u8 *peer,
558 unsigned int freq);
559const char * dpp_bootstrap_get_uri(struct dpp_global *dpp, unsigned int id);
560int dpp_bootstrap_info(struct dpp_global *dpp, int id,
561 char *reply, int reply_size);
562void dpp_bootstrap_find_pair(struct dpp_global *dpp, const u8 *i_bootstrap,
563 const u8 *r_bootstrap,
564 struct dpp_bootstrap_info **own_bi,
565 struct dpp_bootstrap_info **peer_bi);
566int dpp_configurator_add(struct dpp_global *dpp, const char *cmd);
567int dpp_configurator_remove(struct dpp_global *dpp, const char *id);
568int dpp_configurator_get_key_id(struct dpp_global *dpp, unsigned int id,
569 char *buf, size_t buflen);
7d9e3200
JM		 570int dpp_configurator_from_backup(struct dpp_global *dpp,
571 struct dpp_asymmetric_key *key);
88a78bdd
JM		 572int dpp_relay_add_controller(struct dpp_global *dpp,
573 struct dpp_relay_config *config);
574int dpp_relay_rx_action(struct dpp_global *dpp, const u8 *src, const u8 *hdr,
575 const u8 *buf, size_t len, unsigned int freq,
576 const u8 *i_bootstrap, const u8 *r_bootstrap);
577int dpp_relay_rx_gas_req(struct dpp_global *dpp, const u8 *src, const u8 *data,
578 size_t data_len);
579int dpp_controller_start(struct dpp_global *dpp,
580 struct dpp_controller_config *config);
581void dpp_controller_stop(struct dpp_global *dpp);
582int dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth,
583 const struct hostapd_ip_addr *addr, int port);
2ed2b52f
JM		 584
585struct dpp_global_config {
586 void *msg_ctx;
88a78bdd
JM		 587 void *cb_ctx;
588 int (*process_conf_obj)(void *ctx, struct dpp_authentication *auth);
2ed2b52f
JM		 589};
590
591struct dpp_global * dpp_global_init(struct dpp_global_config *config);
87d8435c
JM		 592void dpp_global_clear(struct dpp_global *dpp);
593void dpp_global_deinit(struct dpp_global *dpp);
594
1326cb76 595#endif /* CONFIG_DPP */
be27e185 596#endif /* DPP_H */
Unnamed repository; edit this file 'description' to name the repository.