]> git.ipfire.org Git - thirdparty/hostap.git/blob - src/ap/wpa_auth.h
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
FILS: Fix PTK rekeying
[thirdparty/hostap.git] / src / ap / wpa_auth.h
1 /*
2 * hostapd - IEEE 802.11i-2004 / WPA Authenticator
3 * Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #ifndef WPA_AUTH_H
10 #define WPA_AUTH_H
11
12 #include "common/defs.h"
13 #include "common/eapol_common.h"
14 #include "common/wpa_common.h"
15 #include "common/ieee802_11_defs.h"
16
17 struct vlan_description;
18
19 #define MAX_OWN_IE_OVERRIDE 256
20
21 #ifdef _MSC_VER
22 #pragma pack(push, 1)
23 #endif /* _MSC_VER */
24
25 /* IEEE Std 802.11r-2008, 11A.10.3 - Remote request/response frame definition
26 */
27 struct ft_rrb_frame {
28 u8 frame_type; /* RSN_REMOTE_FRAME_TYPE_FT_RRB */
29 u8 packet_type; /* FT_PACKET_REQUEST/FT_PACKET_RESPONSE */
30 le16 action_length; /* little endian length of action_frame */
31 u8 ap_address[ETH_ALEN];
32 /*
33 * Followed by action_length bytes of FT Action frame (from Category
34 * field to the end of Action Frame body.
35 */
36 } STRUCT_PACKED;
37
38 #define RSN_REMOTE_FRAME_TYPE_FT_RRB 1
39
40 #define FT_PACKET_REQUEST 0
41 #define FT_PACKET_RESPONSE 1
42
43 /* Vendor-specific types for R0KH-R1KH protocol; not defined in 802.11r. These
44 * use OUI Extended EtherType as the encapsulating format. */
45 #define FT_PACKET_R0KH_R1KH_PULL 0x01
46 #define FT_PACKET_R0KH_R1KH_RESP 0x02
47 #define FT_PACKET_R0KH_R1KH_PUSH 0x03
48 #define FT_PACKET_R0KH_R1KH_SEQ_REQ 0x04
49 #define FT_PACKET_R0KH_R1KH_SEQ_RESP 0x05
50
51 /* packet layout
52 * IEEE 802 extended OUI ethertype frame header
53 * u16 authlen (little endian)
54 * multiple of struct ft_rrb_tlv (authenticated only, length = authlen)
55 * multiple of struct ft_rrb_tlv (AES-SIV encrypted, AES-SIV needs an extra
56 * blocksize length)
57 *
58 * AES-SIV AAD;
59 * source MAC address (6)
60 * authenticated-only TLVs (authlen)
61 * subtype (1; FT_PACKET_*)
62 */
63
64 #define FT_RRB_NONCE_LEN 16
65
66 #define FT_RRB_LAST_EMPTY 0 /* placeholder or padding */
67
68 #define FT_RRB_SEQ 1 /* struct ft_rrb_seq */
69 #define FT_RRB_NONCE 2 /* size FT_RRB_NONCE_LEN */
70 #define FT_RRB_TIMESTAMP 3 /* le32 unix seconds */
71
72 #define FT_RRB_R0KH_ID 4 /* FT_R0KH_ID_MAX_LEN */
73 #define FT_RRB_R1KH_ID 5 /* FT_R1KH_ID_LEN */
74 #define FT_RRB_S1KH_ID 6 /* ETH_ALEN */
75
76 #define FT_RRB_PMK_R0_NAME 7 /* WPA_PMK_NAME_LEN */
77 #define FT_RRB_PMK_R0 8 /* PMK_LEN */
78 #define FT_RRB_PMK_R1_NAME 9 /* WPA_PMK_NAME_LEN */
79 #define FT_RRB_PMK_R1 10 /* PMK_LEN */
80
81 #define FT_RRB_PAIRWISE 11 /* le16 */
82 #define FT_RRB_EXPIRES_IN 12 /* le16 seconds */
83
84 #define FT_RRB_VLAN_UNTAGGED 13 /* le16 */
85 #define FT_RRB_VLAN_TAGGED 14 /* n times le16 */
86
87 #define FT_RRB_IDENTITY 15
88 #define FT_RRB_RADIUS_CUI 16
89 #define FT_RRB_SESSION_TIMEOUT 17 /* le32 seconds */
90
91 struct ft_rrb_tlv {
92 le16 type;
93 le16 len;
94 /* followed by data of length len */
95 } STRUCT_PACKED;
96
97 struct ft_rrb_seq {
98 le32 dom;
99 le32 seq;
100 le32 ts;
101 } STRUCT_PACKED;
102
103 /* session TLVs:
104 * required: PMK_R1, PMK_R1_NAME, PAIRWISE
105 * optional: VLAN_UNTAGGED, VLAN_TAGGED, EXPIRES_IN, IDENTITY, RADIUS_CUI,
106 * SESSION_TIMEOUT
107 *
108 * pull frame TLVs:
109 * auth:
110 * required: SEQ, NONCE, R0KH_ID, R1KH_ID
111 * encrypted:
112 * required: PMK_R0_NAME, S1KH_ID
113 *
114 * response frame TLVs:
115 * auth:
116 * required: SEQ, NONCE, R0KH_ID, R1KH_ID
117 * encrypted:
118 * required: S1KH_ID
119 * optional: session TLVs
120 *
121 * push frame TLVs:
122 * auth:
123 * required: SEQ, R0KH_ID, R1KH_ID
124 * encrypted:
125 * required: S1KH_ID, PMK_R0_NAME, session TLVs
126 *
127 * sequence number request frame TLVs:
128 * auth:
129 * required: R0KH_ID, R1KH_ID, NONCE
130 *
131 * sequence number response frame TLVs:
132 * auth:
133 * required: SEQ, NONCE, R0KH_ID, R1KH_ID
134 */
135
136 #ifdef _MSC_VER
137 #pragma pack(pop)
138 #endif /* _MSC_VER */
139
140
141 /* per STA state machine data */
142
143 struct wpa_authenticator;
144 struct wpa_state_machine;
145 struct rsn_pmksa_cache_entry;
146 struct eapol_state_machine;
147 struct ft_remote_seq;
148 struct wpa_channel_info;
149
150
151 struct ft_remote_r0kh {
152 struct ft_remote_r0kh *next;
153 u8 addr[ETH_ALEN];
154 u8 id[FT_R0KH_ID_MAX_LEN];
155 size_t id_len;
156 u8 key[32];
157 struct ft_remote_seq *seq;
158 };
159
160
161 struct ft_remote_r1kh {
162 struct ft_remote_r1kh *next;
163 u8 addr[ETH_ALEN];
164 u8 id[FT_R1KH_ID_LEN];
165 u8 key[32];
166 struct ft_remote_seq *seq;
167 };
168
169
170 struct wpa_auth_config {
171 int wpa;
172 int wpa_key_mgmt;
173 int wpa_pairwise;
174 int wpa_group;
175 int wpa_group_rekey;
176 int wpa_strict_rekey;
177 int wpa_gmk_rekey;
178 int wpa_ptk_rekey;
179 u32 wpa_group_update_count;
180 u32 wpa_pairwise_update_count;
181 int wpa_disable_eapol_key_retries;
182 int rsn_pairwise;
183 int rsn_preauth;
184 int eapol_version;
185 int wmm_enabled;
186 int wmm_uapsd;
187 int disable_pmksa_caching;
188 int okc;
189 int tx_status;
190 #ifdef CONFIG_IEEE80211W
191 enum mfp_options ieee80211w;
192 int group_mgmt_cipher;
193 int sae_require_mfp;
194 #endif /* CONFIG_IEEE80211W */
195 #ifdef CONFIG_OCV
196 int ocv; /* Operating Channel Validation */
197 #endif /* CONFIG_OCV */
198 #ifdef CONFIG_IEEE80211R_AP
199 u8 ssid[SSID_MAX_LEN];
200 size_t ssid_len;
201 u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN];
202 u8 r0_key_holder[FT_R0KH_ID_MAX_LEN];
203 size_t r0_key_holder_len;
204 u8 r1_key_holder[FT_R1KH_ID_LEN];
205 u32 r0_key_lifetime; /* PMK-R0 lifetime seconds */
206 int rkh_pos_timeout;
207 int rkh_neg_timeout;
208 int rkh_pull_timeout; /* ms */
209 int rkh_pull_retries;
210 int r1_max_key_lifetime;
211 u32 reassociation_deadline;
212 struct ft_remote_r0kh **r0kh_list;
213 struct ft_remote_r1kh **r1kh_list;
214 int pmk_r1_push;
215 int ft_over_ds;
216 int ft_psk_generate_local;
217 #endif /* CONFIG_IEEE80211R_AP */
218 int disable_gtk;
219 int ap_mlme;
220 #ifdef CONFIG_TESTING_OPTIONS
221 double corrupt_gtk_rekey_mic_probability;
222 u8 own_ie_override[MAX_OWN_IE_OVERRIDE];
223 size_t own_ie_override_len;
224 #endif /* CONFIG_TESTING_OPTIONS */
225 #ifdef CONFIG_P2P
226 u8 ip_addr_go[4];
227 u8 ip_addr_mask[4];
228 u8 ip_addr_start[4];
229 u8 ip_addr_end[4];
230 #endif /* CONFIG_P2P */
231 #ifdef CONFIG_FILS
232 unsigned int fils_cache_id_set:1;
233 u8 fils_cache_id[FILS_CACHE_ID_LEN];
234 #endif /* CONFIG_FILS */
235 };
236
237 typedef enum {
238 LOGGER_DEBUG, LOGGER_INFO, LOGGER_WARNING
239 } logger_level;
240
241 typedef enum {
242 WPA_EAPOL_portEnabled, WPA_EAPOL_portValid, WPA_EAPOL_authorized,
243 WPA_EAPOL_portControl_Auto, WPA_EAPOL_keyRun, WPA_EAPOL_keyAvailable,
244 WPA_EAPOL_keyDone, WPA_EAPOL_inc_EapolFramesTx
245 } wpa_eapol_variable;
246
247 struct wpa_auth_callbacks {
248 void (*logger)(void *ctx, const u8 *addr, logger_level level,
249 const char *txt);
250 void (*disconnect)(void *ctx, const u8 *addr, u16 reason);
251 int (*mic_failure_report)(void *ctx, const u8 *addr);
252 void (*psk_failure_report)(void *ctx, const u8 *addr);
253 void (*set_eapol)(void *ctx, const u8 *addr, wpa_eapol_variable var,
254 int value);
255 int (*get_eapol)(void *ctx, const u8 *addr, wpa_eapol_variable var);
256 const u8 * (*get_psk)(void *ctx, const u8 *addr, const u8 *p2p_dev_addr,
257 const u8 *prev_psk, size_t *psk_len,
258 int *vlan_id);
259 int (*get_msk)(void *ctx, const u8 *addr, u8 *msk, size_t *len);
260 int (*set_key)(void *ctx, int vlan_id, enum wpa_alg alg,
261 const u8 *addr, int idx, u8 *key, size_t key_len);
262 int (*get_seqnum)(void *ctx, const u8 *addr, int idx, u8 *seq);
263 int (*send_eapol)(void *ctx, const u8 *addr, const u8 *data,
264 size_t data_len, int encrypt);
265 int (*for_each_sta)(void *ctx, int (*cb)(struct wpa_state_machine *sm,
266 void *ctx), void *cb_ctx);
267 int (*for_each_auth)(void *ctx, int (*cb)(struct wpa_authenticator *a,
268 void *ctx), void *cb_ctx);
269 int (*send_ether)(void *ctx, const u8 *dst, u16 proto, const u8 *data,
270 size_t data_len);
271 int (*send_oui)(void *ctx, const u8 *dst, u8 oui_suffix, const u8 *data,
272 size_t data_len);
273 int (*channel_info)(void *ctx, struct wpa_channel_info *ci);
274 int (*update_vlan)(void *ctx, const u8 *addr, int vlan_id);
275 int (*get_sta_tx_params)(void *ctx, const u8 *addr,
276 int ap_max_chanwidth, int ap_seg1_idx,
277 int *bandwidth, int *seg1_idx);
278 #ifdef CONFIG_IEEE80211R_AP
279 struct wpa_state_machine * (*add_sta)(void *ctx, const u8 *sta_addr);
280 int (*set_vlan)(void *ctx, const u8 *sta_addr,
281 struct vlan_description *vlan);
282 int (*get_vlan)(void *ctx, const u8 *sta_addr,
283 struct vlan_description *vlan);
284 int (*set_identity)(void *ctx, const u8 *sta_addr,
285 const u8 *identity, size_t identity_len);
286 size_t (*get_identity)(void *ctx, const u8 *sta_addr, const u8 **buf);
287 int (*set_radius_cui)(void *ctx, const u8 *sta_addr,
288 const u8 *radius_cui, size_t radius_cui_len);
289 size_t (*get_radius_cui)(void *ctx, const u8 *sta_addr, const u8 **buf);
290 void (*set_session_timeout)(void *ctx, const u8 *sta_addr,
291 int session_timeout);
292 int (*get_session_timeout)(void *ctx, const u8 *sta_addr);
293
294 int (*send_ft_action)(void *ctx, const u8 *dst,
295 const u8 *data, size_t data_len);
296 int (*add_tspec)(void *ctx, const u8 *sta_addr, u8 *tspec_ie,
297 size_t tspec_ielen);
298 #endif /* CONFIG_IEEE80211R_AP */
299 #ifdef CONFIG_MESH
300 int (*start_ampe)(void *ctx, const u8 *sta_addr);
301 #endif /* CONFIG_MESH */
302 };
303
304 struct wpa_authenticator * wpa_init(const u8 *addr,
305 struct wpa_auth_config *conf,
306 const struct wpa_auth_callbacks *cb,
307 void *cb_ctx);
308 int wpa_init_keys(struct wpa_authenticator *wpa_auth);
309 void wpa_deinit(struct wpa_authenticator *wpa_auth);
310 int wpa_reconfig(struct wpa_authenticator *wpa_auth,
311 struct wpa_auth_config *conf);
312
313 enum {
314 WPA_IE_OK, WPA_INVALID_IE, WPA_INVALID_GROUP, WPA_INVALID_PAIRWISE,
315 WPA_INVALID_AKMP, WPA_NOT_ENABLED, WPA_ALLOC_FAIL,
316 WPA_MGMT_FRAME_PROTECTION_VIOLATION, WPA_INVALID_MGMT_GROUP_CIPHER,
317 WPA_INVALID_MDIE, WPA_INVALID_PROTO, WPA_INVALID_PMKID
318 };
319
320 int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
321 struct wpa_state_machine *sm, int freq,
322 const u8 *wpa_ie, size_t wpa_ie_len,
323 const u8 *mdie, size_t mdie_len,
324 const u8 *owe_dh, size_t owe_dh_len);
325 int wpa_validate_osen(struct wpa_authenticator *wpa_auth,
326 struct wpa_state_machine *sm,
327 const u8 *osen_ie, size_t osen_ie_len);
328 int wpa_auth_uses_mfp(struct wpa_state_machine *sm);
329 void wpa_auth_set_ocv(struct wpa_state_machine *sm, int ocv);
330 int wpa_auth_uses_ocv(struct wpa_state_machine *sm);
331 struct wpa_state_machine *
332 wpa_auth_sta_init(struct wpa_authenticator *wpa_auth, const u8 *addr,
333 const u8 *p2p_dev_addr);
334 int wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth,
335 struct wpa_state_machine *sm);
336 void wpa_auth_sta_no_wpa(struct wpa_state_machine *sm);
337 void wpa_auth_sta_deinit(struct wpa_state_machine *sm);
338 void wpa_receive(struct wpa_authenticator *wpa_auth,
339 struct wpa_state_machine *sm,
340 u8 *data, size_t data_len);
341 enum wpa_event {
342 WPA_AUTH, WPA_ASSOC, WPA_DISASSOC, WPA_DEAUTH, WPA_REAUTH,
343 WPA_REAUTH_EAPOL, WPA_ASSOC_FT, WPA_ASSOC_FILS, WPA_DRV_STA_REMOVED
344 };
345 void wpa_remove_ptk(struct wpa_state_machine *sm);
346 int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event);
347 void wpa_auth_sm_notify(struct wpa_state_machine *sm);
348 void wpa_gtk_rekey(struct wpa_authenticator *wpa_auth);
349 int wpa_get_mib(struct wpa_authenticator *wpa_auth, char *buf, size_t buflen);
350 int wpa_get_mib_sta(struct wpa_state_machine *sm, char *buf, size_t buflen);
351 void wpa_auth_countermeasures_start(struct wpa_authenticator *wpa_auth);
352 int wpa_auth_pairwise_set(struct wpa_state_machine *sm);
353 int wpa_auth_get_pairwise(struct wpa_state_machine *sm);
354 const u8 * wpa_auth_get_pmk(struct wpa_state_machine *sm, int *len);
355 int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm);
356 int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm);
357 int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm);
358 int wpa_auth_sta_fils_tk_already_set(struct wpa_state_machine *sm);
359 int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
360 struct rsn_pmksa_cache_entry *entry);
361 struct rsn_pmksa_cache_entry *
362 wpa_auth_sta_get_pmksa(struct wpa_state_machine *sm);
363 void wpa_auth_sta_local_mic_failure_report(struct wpa_state_machine *sm);
364 const u8 * wpa_auth_get_wpa_ie(struct wpa_authenticator *wpa_auth,
365 size_t *len);
366 int wpa_auth_pmksa_add(struct wpa_state_machine *sm, const u8 *pmk,
367 unsigned int pmk_len,
368 int session_timeout, struct eapol_state_machine *eapol);
369 int wpa_auth_pmksa_add_preauth(struct wpa_authenticator *wpa_auth,
370 const u8 *pmk, size_t len, const u8 *sta_addr,
371 int session_timeout,
372 struct eapol_state_machine *eapol);
373 int wpa_auth_pmksa_add_sae(struct wpa_authenticator *wpa_auth, const u8 *addr,
374 const u8 *pmk, const u8 *pmkid);
375 void wpa_auth_add_sae_pmkid(struct wpa_state_machine *sm, const u8 *pmkid);
376 int wpa_auth_pmksa_add2(struct wpa_authenticator *wpa_auth, const u8 *addr,
377 const u8 *pmk, size_t pmk_len, const u8 *pmkid,
378 int session_timeout, int akmp);
379 void wpa_auth_pmksa_remove(struct wpa_authenticator *wpa_auth,
380 const u8 *sta_addr);
381 int wpa_auth_pmksa_list(struct wpa_authenticator *wpa_auth, char *buf,
382 size_t len);
383 void wpa_auth_pmksa_flush(struct wpa_authenticator *wpa_auth);
384 int wpa_auth_pmksa_list_mesh(struct wpa_authenticator *wpa_auth, const u8 *addr,
385 char *buf, size_t len);
386 struct rsn_pmksa_cache_entry *
387 wpa_auth_pmksa_create_entry(const u8 *aa, const u8 *spa, const u8 *pmk,
388 const u8 *pmkid, int expiration);
389 int wpa_auth_pmksa_add_entry(struct wpa_authenticator *wpa_auth,
390 struct rsn_pmksa_cache_entry *entry);
391 struct rsn_pmksa_cache_entry *
392 wpa_auth_pmksa_get(struct wpa_authenticator *wpa_auth, const u8 *sta_addr,
393 const u8 *pmkid);
394 struct rsn_pmksa_cache_entry *
395 wpa_auth_pmksa_get_fils_cache_id(struct wpa_authenticator *wpa_auth,
396 const u8 *sta_addr, const u8 *pmkid);
397 void wpa_auth_pmksa_set_to_sm(struct rsn_pmksa_cache_entry *pmksa,
398 struct wpa_state_machine *sm,
399 struct wpa_authenticator *wpa_auth,
400 u8 *pmkid, u8 *pmk);
401 int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id);
402 void wpa_auth_eapol_key_tx_status(struct wpa_authenticator *wpa_auth,
403 struct wpa_state_machine *sm, int ack);
404
405 #ifdef CONFIG_IEEE80211R_AP
406 u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos,
407 size_t max_len, int auth_alg,
408 const u8 *req_ies, size_t req_ies_len);
409 void wpa_ft_process_auth(struct wpa_state_machine *sm, const u8 *bssid,
410 u16 auth_transaction, const u8 *ies, size_t ies_len,
411 void (*cb)(void *ctx, const u8 *dst, const u8 *bssid,
412 u16 auth_transaction, u16 resp,
413 const u8 *ies, size_t ies_len),
414 void *ctx);
415 u16 wpa_ft_validate_reassoc(struct wpa_state_machine *sm, const u8 *ies,
416 size_t ies_len);
417 int wpa_ft_action_rx(struct wpa_state_machine *sm, const u8 *data, size_t len);
418 int wpa_ft_rrb_rx(struct wpa_authenticator *wpa_auth, const u8 *src_addr,
419 const u8 *data, size_t data_len);
420 void wpa_ft_rrb_oui_rx(struct wpa_authenticator *wpa_auth, const u8 *src_addr,
421 const u8 *dst_addr, u8 oui_suffix, const u8 *data,
422 size_t data_len);
423 void wpa_ft_push_pmk_r1(struct wpa_authenticator *wpa_auth, const u8 *addr);
424 void wpa_ft_deinit(struct wpa_authenticator *wpa_auth);
425 void wpa_ft_sta_deinit(struct wpa_state_machine *sm);
426 #endif /* CONFIG_IEEE80211R_AP */
427
428 void wpa_wnmsleep_rekey_gtk(struct wpa_state_machine *sm);
429 void wpa_set_wnmsleep(struct wpa_state_machine *sm, int flag);
430 int wpa_wnmsleep_gtk_subelem(struct wpa_state_machine *sm, u8 *pos);
431 int wpa_wnmsleep_igtk_subelem(struct wpa_state_machine *sm, u8 *pos);
432
433 int wpa_auth_uses_sae(struct wpa_state_machine *sm);
434 int wpa_auth_uses_ft_sae(struct wpa_state_machine *sm);
435
436 int wpa_auth_get_ip_addr(struct wpa_state_machine *sm, u8 *addr);
437
438 struct radius_das_attrs;
439 int wpa_auth_radius_das_disconnect_pmksa(struct wpa_authenticator *wpa_auth,
440 struct radius_das_attrs *attr);
441 void wpa_auth_reconfig_group_keys(struct wpa_authenticator *wpa_auth);
442
443 int wpa_auth_ensure_group(struct wpa_authenticator *wpa_auth, int vlan_id);
444 int wpa_auth_release_group(struct wpa_authenticator *wpa_auth, int vlan_id);
445 int fils_auth_pmk_to_ptk(struct wpa_state_machine *sm, const u8 *pmk,
446 size_t pmk_len, const u8 *snonce, const u8 *anonce,
447 const u8 *dhss, size_t dhss_len,
448 struct wpabuf *g_sta, struct wpabuf *g_ap);
449 int fils_decrypt_assoc(struct wpa_state_machine *sm, const u8 *fils_session,
450 const struct ieee80211_mgmt *mgmt, size_t frame_len,
451 u8 *pos, size_t left);
452 int fils_encrypt_assoc(struct wpa_state_machine *sm, u8 *buf,
453 size_t current_len, size_t max_len,
454 const struct wpabuf *hlp);
455 int fils_set_tk(struct wpa_state_machine *sm);
456 u8 * hostapd_eid_assoc_fils_session(struct wpa_state_machine *sm, u8 *eid,
457 const u8 *fils_session,
458 struct wpabuf *fils_hlp_resp);
459 const u8 * wpa_fils_validate_fils_session(struct wpa_state_machine *sm,
460 const u8 *ies, size_t ies_len,
461 const u8 *fils_session);
462 int wpa_fils_validate_key_confirm(struct wpa_state_machine *sm, const u8 *ies,
463 size_t ies_len);
464
465 int get_sta_tx_parameters(struct wpa_state_machine *sm, int ap_max_chanwidth,
466 int ap_seg1_idx, int *bandwidth, int *seg1_idx);
467
468 int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, int use_sha384,
469 u8 *buf, size_t len);
470 void wpa_auth_get_fils_aead_params(struct wpa_state_machine *sm,
471 u8 *fils_anonce, u8 *fils_snonce,
472 u8 *fils_kek, size_t *fils_kek_len);
473 void wpa_auth_add_fils_pmk_pmkid(struct wpa_state_machine *sm, const u8 *pmk,
474 size_t pmk_len, const u8 *pmkid);
475 u8 * wpa_auth_write_assoc_resp_owe(struct wpa_state_machine *sm,
476 u8 *pos, size_t max_len,
477 const u8 *req_ies, size_t req_ies_len);
478 void wpa_auth_set_auth_alg(struct wpa_state_machine *sm, u16 auth_alg);
479 void wpa_auth_set_dpp_z(struct wpa_state_machine *sm, const struct wpabuf *z);
480
481 int wpa_auth_resend_m1(struct wpa_state_machine *sm, int change_anonce,
482 void (*cb)(void *ctx1, void *ctx2),
483 void *ctx1, void *ctx2);
484 int wpa_auth_resend_m3(struct wpa_state_machine *sm,
485 void (*cb)(void *ctx1, void *ctx2),
486 void *ctx1, void *ctx2);
487 int wpa_auth_resend_group_m1(struct wpa_state_machine *sm,
488 void (*cb)(void *ctx1, void *ctx2),
489 void *ctx1, void *ctx2);
490 int wpa_auth_rekey_gtk(struct wpa_authenticator *wpa_auth);
491 void wpa_auth_set_ptk_rekey_timer(struct wpa_state_machine *sm);
492
493 #endif /* WPA_AUTH_H */
Unnamed repository; edit this file 'description' to name the repository.