]>
Commit | Line | Data |
---|---|---|
6fc6879b | 1 | /* |
c5b26e33 | 2 | * Internal WPA/RSN supplicant state machine definitions |
a3e18dbb | 3 | * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi> |
6fc6879b | 4 | * |
0f3d578e JM |
5 | * This software may be distributed under the terms of the BSD license. |
6 | * See README for more details. | |
6fc6879b JM |
7 | */ |
8 | ||
9 | #ifndef WPA_I_H | |
10 | #define WPA_I_H | |
11 | ||
c5b26e33 JM |
12 | #include "utils/list.h" |
13 | ||
281ff0aa | 14 | struct wpa_tdls_peer; |
6fc6879b JM |
15 | struct wpa_eapol_key; |
16 | ||
17 | /** | |
18 | * struct wpa_sm - Internal WPA state machine data | |
19 | */ | |
20 | struct wpa_sm { | |
207976f0 | 21 | u8 pmk[PMK_LEN_MAX]; |
6fc6879b JM |
22 | size_t pmk_len; |
23 | struct wpa_ptk ptk, tptk; | |
24 | int ptk_set, tptk_set; | |
761396e4 | 25 | unsigned int msg_3_of_4_ok:1; |
6fc6879b JM |
26 | u8 snonce[WPA_NONCE_LEN]; |
27 | u8 anonce[WPA_NONCE_LEN]; /* ANonce from the last 1/4 msg */ | |
28 | int renew_snonce; | |
29 | u8 rx_replay_counter[WPA_REPLAY_COUNTER_LEN]; | |
30 | int rx_replay_counter_set; | |
31 | u8 request_counter[WPA_REPLAY_COUNTER_LEN]; | |
cb5132bb | 32 | struct wpa_gtk gtk; |
87e2db16 | 33 | struct wpa_gtk gtk_wnm_sleep; |
cb5132bb | 34 | struct wpa_igtk igtk; |
87e2db16 | 35 | struct wpa_igtk igtk_wnm_sleep; |
6fc6879b JM |
36 | |
37 | struct eapol_sm *eapol; /* EAPOL state machine from upper level code */ | |
38 | ||
39 | struct rsn_pmksa_cache *pmksa; /* PMKSA cache */ | |
40 | struct rsn_pmksa_cache_entry *cur_pmksa; /* current PMKSA entry */ | |
c5b26e33 | 41 | struct dl_list pmksa_candidates; |
6fc6879b JM |
42 | |
43 | struct l2_packet_data *l2_preauth; | |
44 | struct l2_packet_data *l2_preauth_br; | |
281ff0aa | 45 | struct l2_packet_data *l2_tdls; |
6fc6879b JM |
46 | u8 preauth_bssid[ETH_ALEN]; /* current RSN pre-auth peer or |
47 | * 00:00:00:00:00:00 if no pre-auth is | |
48 | * in progress */ | |
49 | struct eapol_sm *preauth_eapol; | |
50 | ||
51 | struct wpa_sm_ctx *ctx; | |
52 | ||
53 | void *scard_ctx; /* context for smartcard callbacks */ | |
54 | int fast_reauth; /* whether EAP fast re-authentication is enabled */ | |
55 | ||
56 | void *network_ctx; | |
6fc6879b JM |
57 | int allowed_pairwise_cipher; /* bitfield of WPA_CIPHER_* */ |
58 | int proactive_key_caching; | |
59 | int eap_workaround; | |
60 | void *eap_conf_ctx; | |
61 | u8 ssid[32]; | |
62 | size_t ssid_len; | |
581a8cde | 63 | int wpa_ptk_rekey; |
25ef8529 | 64 | int p2p; |
73ed03f3 | 65 | int wpa_rsc_relaxation; |
6fc6879b JM |
66 | |
67 | u8 own_addr[ETH_ALEN]; | |
68 | const char *ifname; | |
69 | const char *bridge_ifname; | |
70 | u8 bssid[ETH_ALEN]; | |
71 | ||
72 | unsigned int dot11RSNAConfigPMKLifetime; | |
73 | unsigned int dot11RSNAConfigPMKReauthThreshold; | |
74 | unsigned int dot11RSNAConfigSATimeout; | |
75 | ||
76 | unsigned int dot11RSNA4WayHandshakeFailures; | |
77 | ||
78 | /* Selected configuration (based on Beacon/ProbeResp WPA IE) */ | |
79 | unsigned int proto; | |
80 | unsigned int pairwise_cipher; | |
81 | unsigned int group_cipher; | |
82 | unsigned int key_mgmt; | |
83 | unsigned int mgmt_group_cipher; | |
84 | ||
85 | int rsn_enabled; /* Whether RSN is enabled in configuration */ | |
e820cf95 | 86 | int mfp; /* 0 = disabled, 1 = optional, 2 = mandatory */ |
55c12f5d | 87 | int ocv; /* Operating Channel Validation */ |
6fc6879b JM |
88 | |
89 | u8 *assoc_wpa_ie; /* Own WPA/RSN IE from (Re)AssocReq */ | |
90 | size_t assoc_wpa_ie_len; | |
91 | u8 *ap_wpa_ie, *ap_rsn_ie; | |
92 | size_t ap_wpa_ie_len, ap_rsn_ie_len; | |
93 | ||
281ff0aa GP |
94 | #ifdef CONFIG_TDLS |
95 | struct wpa_tdls_peer *tdls; | |
52c9e6f3 | 96 | int tdls_prohibited; |
d9d3b78c | 97 | int tdls_chan_switch_prohibited; |
b8f64582 | 98 | int tdls_disabled; |
c58ab8f2 AN |
99 | |
100 | /* The driver supports TDLS */ | |
101 | int tdls_supported; | |
102 | ||
103 | /* | |
104 | * The driver requires explicit discovery/setup/teardown frames sent | |
105 | * to it via tdls_mgmt. | |
106 | */ | |
107 | int tdls_external_setup; | |
4daa5729 AN |
108 | |
109 | /* The driver supports TDLS channel switching */ | |
110 | int tdls_chan_switch; | |
281ff0aa | 111 | #endif /* CONFIG_TDLS */ |
6fc6879b JM |
112 | |
113 | #ifdef CONFIG_IEEE80211R | |
a3e18dbb JM |
114 | u8 xxkey[PMK_LEN_MAX]; /* PSK or the second 256 bits of MSK, or the |
115 | * first 384 bits of MSK */ | |
6fc6879b | 116 | size_t xxkey_len; |
a3e18dbb JM |
117 | u8 pmk_r0[PMK_LEN_MAX]; |
118 | size_t pmk_r0_len; | |
6fc6879b | 119 | u8 pmk_r0_name[WPA_PMK_NAME_LEN]; |
a3e18dbb JM |
120 | u8 pmk_r1[PMK_LEN_MAX]; |
121 | size_t pmk_r1_len; | |
6fc6879b JM |
122 | u8 pmk_r1_name[WPA_PMK_NAME_LEN]; |
123 | u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN]; | |
124 | u8 r0kh_id[FT_R0KH_ID_MAX_LEN]; | |
125 | size_t r0kh_id_len; | |
126 | u8 r1kh_id[FT_R1KH_ID_LEN]; | |
0a1a82db JM |
127 | unsigned int ft_completed:1; |
128 | unsigned int ft_reassoc_completed:1; | |
129 | unsigned int ft_protocol:1; | |
6fc6879b JM |
130 | int over_the_ds_in_progress; |
131 | u8 target_ap[ETH_ALEN]; /* over-the-DS target AP */ | |
86f7b62a | 132 | int set_ptk_after_assoc; |
f4ec630d | 133 | u8 mdie_ft_capab; /* FT Capability and Policy from target AP MDIE */ |
55046414 JM |
134 | u8 *assoc_resp_ies; /* MDIE and FTIE from (Re)Association Response */ |
135 | size_t assoc_resp_ies_len; | |
6fc6879b | 136 | #endif /* CONFIG_IEEE80211R */ |
25ef8529 JM |
137 | |
138 | #ifdef CONFIG_P2P | |
139 | u8 p2p_ip_addr[3 * 4]; | |
140 | #endif /* CONFIG_P2P */ | |
651c6a84 JM |
141 | |
142 | #ifdef CONFIG_TESTING_OPTIONS | |
143 | struct wpabuf *test_assoc_ie; | |
144 | #endif /* CONFIG_TESTING_OPTIONS */ | |
f00b9b88 JM |
145 | |
146 | #ifdef CONFIG_FILS | |
147 | u8 fils_nonce[FILS_NONCE_LEN]; | |
148 | u8 fils_session[FILS_SESSION_LEN]; | |
a6609937 JM |
149 | u8 fils_anonce[FILS_NONCE_LEN]; |
150 | u8 fils_key_auth_ap[FILS_MAX_KEY_AUTH_LEN]; | |
151 | u8 fils_key_auth_sta[FILS_MAX_KEY_AUTH_LEN]; | |
152 | size_t fils_key_auth_len; | |
706df429 | 153 | unsigned int fils_completed:1; |
fcd3d6ce | 154 | unsigned int fils_erp_pmkid_set:1; |
869af307 | 155 | unsigned int fils_cache_id_set:1; |
fcd3d6ce | 156 | u8 fils_erp_pmkid[PMKID_LEN]; |
869af307 | 157 | u8 fils_cache_id[FILS_CACHE_ID_LEN]; |
76e20f4f JM |
158 | struct crypto_ecdh *fils_ecdh; |
159 | int fils_dh_group; | |
160 | size_t fils_dh_elem_len; | |
7d440a3b JM |
161 | struct wpabuf *fils_ft_ies; |
162 | u8 fils_ft[FILS_FT_MAX_LEN]; | |
163 | size_t fils_ft_len; | |
f00b9b88 | 164 | #endif /* CONFIG_FILS */ |
0a614799 JM |
165 | |
166 | #ifdef CONFIG_OWE | |
167 | struct crypto_ecdh *owe_ecdh; | |
ec9f4837 | 168 | u16 owe_group; |
0a614799 | 169 | #endif /* CONFIG_OWE */ |
10ec6a5f JM |
170 | |
171 | #ifdef CONFIG_DPP2 | |
172 | struct wpabuf *dpp_z; | |
173 | #endif /* CONFIG_DPP2 */ | |
6fc6879b JM |
174 | }; |
175 | ||
176 | ||
71934751 | 177 | static inline void wpa_sm_set_state(struct wpa_sm *sm, enum wpa_states state) |
6fc6879b JM |
178 | { |
179 | WPA_ASSERT(sm->ctx->set_state); | |
180 | sm->ctx->set_state(sm->ctx->ctx, state); | |
181 | } | |
182 | ||
71934751 | 183 | static inline enum wpa_states wpa_sm_get_state(struct wpa_sm *sm) |
6fc6879b JM |
184 | { |
185 | WPA_ASSERT(sm->ctx->get_state); | |
186 | return sm->ctx->get_state(sm->ctx->ctx); | |
187 | } | |
188 | ||
4be17ffb | 189 | static inline void wpa_sm_deauthenticate(struct wpa_sm *sm, u16 reason_code) |
6fc6879b JM |
190 | { |
191 | WPA_ASSERT(sm->ctx->deauthenticate); | |
192 | sm->ctx->deauthenticate(sm->ctx->ctx, reason_code); | |
193 | } | |
194 | ||
71934751 | 195 | static inline int wpa_sm_set_key(struct wpa_sm *sm, enum wpa_alg alg, |
6fc6879b JM |
196 | const u8 *addr, int key_idx, int set_tx, |
197 | const u8 *seq, size_t seq_len, | |
198 | const u8 *key, size_t key_len) | |
199 | { | |
200 | WPA_ASSERT(sm->ctx->set_key); | |
201 | return sm->ctx->set_key(sm->ctx->ctx, alg, addr, key_idx, set_tx, | |
202 | seq, seq_len, key, key_len); | |
203 | } | |
204 | ||
205 | static inline void * wpa_sm_get_network_ctx(struct wpa_sm *sm) | |
206 | { | |
207 | WPA_ASSERT(sm->ctx->get_network_ctx); | |
208 | return sm->ctx->get_network_ctx(sm->ctx->ctx); | |
209 | } | |
210 | ||
211 | static inline int wpa_sm_get_bssid(struct wpa_sm *sm, u8 *bssid) | |
212 | { | |
213 | WPA_ASSERT(sm->ctx->get_bssid); | |
214 | return sm->ctx->get_bssid(sm->ctx->ctx, bssid); | |
215 | } | |
216 | ||
217 | static inline int wpa_sm_ether_send(struct wpa_sm *sm, const u8 *dest, | |
218 | u16 proto, const u8 *buf, size_t len) | |
219 | { | |
220 | WPA_ASSERT(sm->ctx->ether_send); | |
221 | return sm->ctx->ether_send(sm->ctx->ctx, dest, proto, buf, len); | |
222 | } | |
223 | ||
224 | static inline int wpa_sm_get_beacon_ie(struct wpa_sm *sm) | |
225 | { | |
226 | WPA_ASSERT(sm->ctx->get_beacon_ie); | |
227 | return sm->ctx->get_beacon_ie(sm->ctx->ctx); | |
228 | } | |
229 | ||
230 | static inline void wpa_sm_cancel_auth_timeout(struct wpa_sm *sm) | |
231 | { | |
232 | WPA_ASSERT(sm->ctx->cancel_auth_timeout); | |
233 | sm->ctx->cancel_auth_timeout(sm->ctx->ctx); | |
234 | } | |
235 | ||
236 | static inline u8 * wpa_sm_alloc_eapol(struct wpa_sm *sm, u8 type, | |
237 | const void *data, u16 data_len, | |
238 | size_t *msg_len, void **data_pos) | |
239 | { | |
240 | WPA_ASSERT(sm->ctx->alloc_eapol); | |
241 | return sm->ctx->alloc_eapol(sm->ctx->ctx, type, data, data_len, | |
242 | msg_len, data_pos); | |
243 | } | |
244 | ||
c5793127 | 245 | static inline int wpa_sm_add_pmkid(struct wpa_sm *sm, void *network_ctx, |
42e69bda VK |
246 | const u8 *bssid, const u8 *pmkid, |
247 | const u8 *cache_id, const u8 *pmk, | |
248 | size_t pmk_len) | |
6fc6879b JM |
249 | { |
250 | WPA_ASSERT(sm->ctx->add_pmkid); | |
42e69bda VK |
251 | return sm->ctx->add_pmkid(sm->ctx->ctx, network_ctx, bssid, pmkid, |
252 | cache_id, pmk, pmk_len); | |
6fc6879b JM |
253 | } |
254 | ||
c5793127 | 255 | static inline int wpa_sm_remove_pmkid(struct wpa_sm *sm, void *network_ctx, |
42e69bda VK |
256 | const u8 *bssid, const u8 *pmkid, |
257 | const u8 *cache_id) | |
6fc6879b JM |
258 | { |
259 | WPA_ASSERT(sm->ctx->remove_pmkid); | |
42e69bda VK |
260 | return sm->ctx->remove_pmkid(sm->ctx->ctx, network_ctx, bssid, pmkid, |
261 | cache_id); | |
6fc6879b JM |
262 | } |
263 | ||
264 | static inline int wpa_sm_mlme_setprotection(struct wpa_sm *sm, const u8 *addr, | |
265 | int protect_type, int key_type) | |
266 | { | |
267 | WPA_ASSERT(sm->ctx->mlme_setprotection); | |
268 | return sm->ctx->mlme_setprotection(sm->ctx->ctx, addr, protect_type, | |
269 | key_type); | |
270 | } | |
271 | ||
272 | static inline int wpa_sm_update_ft_ies(struct wpa_sm *sm, const u8 *md, | |
273 | const u8 *ies, size_t ies_len) | |
274 | { | |
275 | if (sm->ctx->update_ft_ies) | |
276 | return sm->ctx->update_ft_ies(sm->ctx->ctx, md, ies, ies_len); | |
277 | return -1; | |
278 | } | |
279 | ||
280 | static inline int wpa_sm_send_ft_action(struct wpa_sm *sm, u8 action, | |
281 | const u8 *target_ap, | |
282 | const u8 *ies, size_t ies_len) | |
283 | { | |
284 | if (sm->ctx->send_ft_action) | |
285 | return sm->ctx->send_ft_action(sm->ctx->ctx, action, target_ap, | |
286 | ies, ies_len); | |
287 | return -1; | |
288 | } | |
289 | ||
2a7e7f4e JM |
290 | static inline int wpa_sm_mark_authenticated(struct wpa_sm *sm, |
291 | const u8 *target_ap) | |
292 | { | |
293 | if (sm->ctx->mark_authenticated) | |
294 | return sm->ctx->mark_authenticated(sm->ctx->ctx, target_ap); | |
295 | return -1; | |
296 | } | |
297 | ||
b14a210c JB |
298 | static inline void wpa_sm_set_rekey_offload(struct wpa_sm *sm) |
299 | { | |
300 | if (!sm->ctx->set_rekey_offload) | |
301 | return; | |
98cd3d1c JM |
302 | sm->ctx->set_rekey_offload(sm->ctx->ctx, sm->ptk.kek, sm->ptk.kek_len, |
303 | sm->ptk.kck, sm->ptk.kck_len, | |
304 | sm->rx_replay_counter); | |
b14a210c JB |
305 | } |
306 | ||
281ff0aa | 307 | #ifdef CONFIG_TDLS |
c58ab8f2 AN |
308 | static inline int wpa_sm_tdls_get_capa(struct wpa_sm *sm, |
309 | int *tdls_supported, | |
4daa5729 AN |
310 | int *tdls_ext_setup, |
311 | int *tdls_chan_switch) | |
c58ab8f2 AN |
312 | { |
313 | if (sm->ctx->tdls_get_capa) | |
314 | return sm->ctx->tdls_get_capa(sm->ctx->ctx, tdls_supported, | |
4daa5729 | 315 | tdls_ext_setup, tdls_chan_switch); |
c58ab8f2 AN |
316 | return -1; |
317 | } | |
318 | ||
281ff0aa GP |
319 | static inline int wpa_sm_send_tdls_mgmt(struct wpa_sm *sm, const u8 *dst, |
320 | u8 action_code, u8 dialog_token, | |
96ecea5e | 321 | u16 status_code, u32 peer_capab, |
984dadc2 AN |
322 | int initiator, const u8 *buf, |
323 | size_t len) | |
281ff0aa GP |
324 | { |
325 | if (sm->ctx->send_tdls_mgmt) | |
326 | return sm->ctx->send_tdls_mgmt(sm->ctx->ctx, dst, action_code, | |
327 | dialog_token, status_code, | |
984dadc2 AN |
328 | peer_capab, initiator, buf, |
329 | len); | |
281ff0aa GP |
330 | return -1; |
331 | } | |
332 | ||
333 | static inline int wpa_sm_tdls_oper(struct wpa_sm *sm, int oper, | |
334 | const u8 *peer) | |
335 | { | |
336 | if (sm->ctx->tdls_oper) | |
337 | return sm->ctx->tdls_oper(sm->ctx->ctx, oper, peer); | |
338 | return -1; | |
339 | } | |
45b722f1 AN |
340 | |
341 | static inline int | |
342 | wpa_sm_tdls_peer_addset(struct wpa_sm *sm, const u8 *addr, int add, | |
78533699 | 343 | u16 aid, u16 capability, const u8 *supp_rates, |
ff4178d5 SD |
344 | size_t supp_rates_len, |
345 | const struct ieee80211_ht_capabilities *ht_capab, | |
f8361e3d | 346 | const struct ieee80211_vht_capabilities *vht_capab, |
08d7665c AN |
347 | u8 qosinfo, int wmm, const u8 *ext_capab, |
348 | size_t ext_capab_len, const u8 *supp_channels, | |
349 | size_t supp_channels_len, const u8 *supp_oper_classes, | |
3ed97271 | 350 | size_t supp_oper_classes_len) |
45b722f1 AN |
351 | { |
352 | if (sm->ctx->tdls_peer_addset) | |
353 | return sm->ctx->tdls_peer_addset(sm->ctx->ctx, addr, add, | |
78533699 | 354 | aid, capability, supp_rates, |
ff4178d5 | 355 | supp_rates_len, ht_capab, |
08d7665c | 356 | vht_capab, qosinfo, wmm, |
3ed97271 SD |
357 | ext_capab, ext_capab_len, |
358 | supp_channels, | |
359 | supp_channels_len, | |
360 | supp_oper_classes, | |
361 | supp_oper_classes_len); | |
45b722f1 AN |
362 | return -1; |
363 | } | |
6b90deae AN |
364 | |
365 | static inline int | |
366 | wpa_sm_tdls_enable_channel_switch(struct wpa_sm *sm, const u8 *addr, | |
367 | u8 oper_class, | |
368 | const struct hostapd_freq_params *freq_params) | |
369 | { | |
370 | if (sm->ctx->tdls_enable_channel_switch) | |
371 | return sm->ctx->tdls_enable_channel_switch(sm->ctx->ctx, addr, | |
372 | oper_class, | |
373 | freq_params); | |
374 | return -1; | |
375 | } | |
376 | ||
377 | static inline int | |
378 | wpa_sm_tdls_disable_channel_switch(struct wpa_sm *sm, const u8 *addr) | |
379 | { | |
380 | if (sm->ctx->tdls_disable_channel_switch) | |
381 | return sm->ctx->tdls_disable_channel_switch(sm->ctx->ctx, addr); | |
382 | return -1; | |
383 | } | |
281ff0aa | 384 | #endif /* CONFIG_TDLS */ |
6fc6879b | 385 | |
b41f2684 CL |
386 | static inline int wpa_sm_key_mgmt_set_pmk(struct wpa_sm *sm, |
387 | const u8 *pmk, size_t pmk_len) | |
388 | { | |
b41f2684 CL |
389 | if (!sm->ctx->key_mgmt_set_pmk) |
390 | return -1; | |
391 | return sm->ctx->key_mgmt_set_pmk(sm->ctx->ctx, pmk, pmk_len); | |
392 | } | |
393 | ||
124ddfa1 JM |
394 | static inline void wpa_sm_fils_hlp_rx(struct wpa_sm *sm, |
395 | const u8 *dst, const u8 *src, | |
396 | const u8 *pkt, size_t pkt_len) | |
397 | { | |
398 | if (sm->ctx->fils_hlp_rx) | |
399 | sm->ctx->fils_hlp_rx(sm->ctx->ctx, dst, src, pkt, pkt_len); | |
400 | } | |
401 | ||
4b62b52e MV |
402 | static inline int wpa_sm_channel_info(struct wpa_sm *sm, |
403 | struct wpa_channel_info *ci) | |
404 | { | |
405 | if (!sm->ctx->channel_info) | |
406 | return -1; | |
407 | return sm->ctx->channel_info(sm->ctx->ctx, ci); | |
408 | } | |
409 | ||
124ddfa1 | 410 | |
1049af7e | 411 | int wpa_eapol_key_send(struct wpa_sm *sm, struct wpa_ptk *ptk, |
c93b7e18 AA |
412 | int ver, const u8 *dest, u16 proto, |
413 | u8 *msg, size_t msg_len, u8 *key_mic); | |
6fc6879b JM |
414 | int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst, |
415 | const struct wpa_eapol_key *key, | |
416 | int ver, const u8 *nonce, | |
417 | const u8 *wpa_ie, size_t wpa_ie_len, | |
418 | struct wpa_ptk *ptk); | |
419 | int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst, | |
420 | const struct wpa_eapol_key *key, | |
421 | u16 ver, u16 key_info, | |
6fc6879b JM |
422 | struct wpa_ptk *ptk); |
423 | ||
424 | int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr, | |
98cd3d1c | 425 | const struct wpa_eapol_key *key, struct wpa_ptk *ptk); |
6fc6879b | 426 | |
40cf22e6 JM |
427 | void wpa_tdls_assoc(struct wpa_sm *sm); |
428 | void wpa_tdls_disassoc(struct wpa_sm *sm); | |
429 | ||
6fc6879b | 430 | #endif /* WPA_I_H */ |