2 * WPA Supplicant - Common definitions
3 * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
18 typedef enum { FALSE
= 0, TRUE
= 1 } Boolean
;
21 #define WPA_CIPHER_NONE BIT(0)
22 #define WPA_CIPHER_WEP40 BIT(1)
23 #define WPA_CIPHER_WEP104 BIT(2)
24 #define WPA_CIPHER_TKIP BIT(3)
25 #define WPA_CIPHER_CCMP BIT(4)
26 #define WPA_CIPHER_AES_128_CMAC BIT(5)
27 #define WPA_CIPHER_GCMP BIT(6)
28 #define WPA_CIPHER_SMS4 BIT(7)
29 #define WPA_CIPHER_GCMP_256 BIT(8)
30 #define WPA_CIPHER_CCMP_256 BIT(9)
31 #define WPA_CIPHER_BIP_GMAC_128 BIT(11)
32 #define WPA_CIPHER_BIP_GMAC_256 BIT(12)
33 #define WPA_CIPHER_BIP_CMAC_256 BIT(13)
34 #define WPA_CIPHER_GTK_NOT_USED BIT(14)
36 #define WPA_KEY_MGMT_IEEE8021X BIT(0)
37 #define WPA_KEY_MGMT_PSK BIT(1)
38 #define WPA_KEY_MGMT_NONE BIT(2)
39 #define WPA_KEY_MGMT_IEEE8021X_NO_WPA BIT(3)
40 #define WPA_KEY_MGMT_WPA_NONE BIT(4)
41 #define WPA_KEY_MGMT_FT_IEEE8021X BIT(5)
42 #define WPA_KEY_MGMT_FT_PSK BIT(6)
43 #define WPA_KEY_MGMT_IEEE8021X_SHA256 BIT(7)
44 #define WPA_KEY_MGMT_PSK_SHA256 BIT(8)
45 #define WPA_KEY_MGMT_WPS BIT(9)
46 #define WPA_KEY_MGMT_SAE BIT(10)
47 #define WPA_KEY_MGMT_FT_SAE BIT(11)
48 #define WPA_KEY_MGMT_WAPI_PSK BIT(12)
49 #define WPA_KEY_MGMT_WAPI_CERT BIT(13)
50 #define WPA_KEY_MGMT_CCKM BIT(14)
51 #define WPA_KEY_MGMT_OSEN BIT(15)
52 #define WPA_KEY_MGMT_IEEE8021X_SUITE_B BIT(16)
53 #define WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 BIT(17)
54 #define WPA_KEY_MGMT_FILS_SHA256 BIT(18)
55 #define WPA_KEY_MGMT_FILS_SHA384 BIT(19)
56 #define WPA_KEY_MGMT_FT_FILS_SHA256 BIT(20)
57 #define WPA_KEY_MGMT_FT_FILS_SHA384 BIT(21)
58 #define WPA_KEY_MGMT_OWE BIT(22)
59 #define WPA_KEY_MGMT_DPP BIT(23)
60 #define WPA_KEY_MGMT_FT_IEEE8021X_SHA384 BIT(24)
62 #define WPA_KEY_MGMT_FT (WPA_KEY_MGMT_FT_PSK | \
63 WPA_KEY_MGMT_FT_IEEE8021X | \
64 WPA_KEY_MGMT_FT_IEEE8021X_SHA384 | \
65 WPA_KEY_MGMT_FT_SAE | \
66 WPA_KEY_MGMT_FT_FILS_SHA256 | \
67 WPA_KEY_MGMT_FT_FILS_SHA384)
69 static inline int wpa_key_mgmt_wpa_ieee8021x(int akm
)
71 return !!(akm
& (WPA_KEY_MGMT_IEEE8021X
|
72 WPA_KEY_MGMT_FT_IEEE8021X
|
73 WPA_KEY_MGMT_FT_IEEE8021X_SHA384
|
76 WPA_KEY_MGMT_IEEE8021X_SHA256
|
77 WPA_KEY_MGMT_IEEE8021X_SUITE_B
|
78 WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
|
79 WPA_KEY_MGMT_FILS_SHA256
|
80 WPA_KEY_MGMT_FILS_SHA384
|
81 WPA_KEY_MGMT_FT_FILS_SHA256
|
82 WPA_KEY_MGMT_FT_FILS_SHA384
));
85 static inline int wpa_key_mgmt_wpa_psk(int akm
)
87 return !!(akm
& (WPA_KEY_MGMT_PSK
|
89 WPA_KEY_MGMT_PSK_SHA256
|
91 WPA_KEY_MGMT_FT_SAE
));
94 static inline int wpa_key_mgmt_ft(int akm
)
96 return !!(akm
& WPA_KEY_MGMT_FT
);
99 static inline int wpa_key_mgmt_only_ft(int akm
)
101 int ft
= wpa_key_mgmt_ft(akm
);
102 akm
&= ~WPA_KEY_MGMT_FT
;
106 static inline int wpa_key_mgmt_ft_psk(int akm
)
108 return !!(akm
& WPA_KEY_MGMT_FT_PSK
);
111 static inline int wpa_key_mgmt_sae(int akm
)
113 return !!(akm
& (WPA_KEY_MGMT_SAE
|
114 WPA_KEY_MGMT_FT_SAE
));
117 static inline int wpa_key_mgmt_fils(int akm
)
119 return !!(akm
& (WPA_KEY_MGMT_FILS_SHA256
|
120 WPA_KEY_MGMT_FILS_SHA384
|
121 WPA_KEY_MGMT_FT_FILS_SHA256
|
122 WPA_KEY_MGMT_FT_FILS_SHA384
));
125 static inline int wpa_key_mgmt_sha256(int akm
)
127 return !!(akm
& (WPA_KEY_MGMT_PSK_SHA256
|
128 WPA_KEY_MGMT_IEEE8021X_SHA256
|
130 WPA_KEY_MGMT_FT_SAE
|
132 WPA_KEY_MGMT_IEEE8021X_SUITE_B
|
133 WPA_KEY_MGMT_FILS_SHA256
|
134 WPA_KEY_MGMT_FT_FILS_SHA256
));
137 static inline int wpa_key_mgmt_sha384(int akm
)
139 return !!(akm
& (WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
|
140 WPA_KEY_MGMT_FT_IEEE8021X_SHA384
|
141 WPA_KEY_MGMT_FILS_SHA384
|
142 WPA_KEY_MGMT_FT_FILS_SHA384
));
145 static inline int wpa_key_mgmt_suite_b(int akm
)
147 return !!(akm
& (WPA_KEY_MGMT_IEEE8021X_SUITE_B
|
148 WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
));
151 static inline int wpa_key_mgmt_wpa(int akm
)
153 return wpa_key_mgmt_wpa_ieee8021x(akm
) ||
154 wpa_key_mgmt_wpa_psk(akm
) ||
155 wpa_key_mgmt_fils(akm
) ||
156 wpa_key_mgmt_sae(akm
) ||
157 akm
== WPA_KEY_MGMT_OWE
||
158 akm
== WPA_KEY_MGMT_DPP
;
161 static inline int wpa_key_mgmt_wpa_any(int akm
)
163 return wpa_key_mgmt_wpa(akm
) || (akm
& WPA_KEY_MGMT_WPA_NONE
);
166 static inline int wpa_key_mgmt_cckm(int akm
)
168 return akm
== WPA_KEY_MGMT_CCKM
;
172 #define WPA_PROTO_WPA BIT(0)
173 #define WPA_PROTO_RSN BIT(1)
174 #define WPA_PROTO_WAPI BIT(2)
175 #define WPA_PROTO_OSEN BIT(3)
177 #define WPA_AUTH_ALG_OPEN BIT(0)
178 #define WPA_AUTH_ALG_SHARED BIT(1)
179 #define WPA_AUTH_ALG_LEAP BIT(2)
180 #define WPA_AUTH_ALG_FT BIT(3)
181 #define WPA_AUTH_ALG_SAE BIT(4)
182 #define WPA_AUTH_ALG_FILS BIT(5)
183 #define WPA_AUTH_ALG_FILS_SK_PFS BIT(6)
185 static inline int wpa_auth_alg_fils(int alg
)
187 return !!(alg
& (WPA_AUTH_ALG_FILS
| WPA_AUTH_ALG_FILS_SK_PFS
));
202 WPA_ALG_BIP_GMAC_128
,
203 WPA_ALG_BIP_GMAC_256
,
208 * enum wpa_states - wpa_supplicant state
210 * These enumeration values are used to indicate the current wpa_supplicant
211 * state (wpa_s->wpa_state). The current state can be retrieved with
212 * wpa_supplicant_get_state() function and the state can be changed by calling
213 * wpa_supplicant_set_state(). In WPA state machine (wpa.c and preauth.c), the
214 * wrapper functions wpa_sm_get_state() and wpa_sm_set_state() should be used
215 * to access the state variable.
219 * WPA_DISCONNECTED - Disconnected state
221 * This state indicates that client is not associated, but is likely to
222 * start looking for an access point. This state is entered when a
223 * connection is lost.
228 * WPA_INTERFACE_DISABLED - Interface disabled
230 * This state is entered if the network interface is disabled, e.g.,
231 * due to rfkill. wpa_supplicant refuses any new operations that would
232 * use the radio until the interface has been enabled.
234 WPA_INTERFACE_DISABLED
,
237 * WPA_INACTIVE - Inactive state (wpa_supplicant disabled)
239 * This state is entered if there are no enabled networks in the
240 * configuration. wpa_supplicant is not trying to associate with a new
241 * network and external interaction (e.g., ctrl_iface call to add or
242 * enable a network) is needed to start association.
247 * WPA_SCANNING - Scanning for a network
249 * This state is entered when wpa_supplicant starts scanning for a
255 * WPA_AUTHENTICATING - Trying to authenticate with a BSS/SSID
257 * This state is entered when wpa_supplicant has found a suitable BSS
258 * to authenticate with and the driver is configured to try to
259 * authenticate with this BSS. This state is used only with drivers
260 * that use wpa_supplicant as the SME.
265 * WPA_ASSOCIATING - Trying to associate with a BSS/SSID
267 * This state is entered when wpa_supplicant has found a suitable BSS
268 * to associate with and the driver is configured to try to associate
269 * with this BSS in ap_scan=1 mode. When using ap_scan=2 mode, this
270 * state is entered when the driver is configured to try to associate
271 * with a network using the configured SSID and security policy.
276 * WPA_ASSOCIATED - Association completed
278 * This state is entered when the driver reports that association has
279 * been successfully completed with an AP. If IEEE 802.1X is used
280 * (with or without WPA/WPA2), wpa_supplicant remains in this state
281 * until the IEEE 802.1X/EAPOL authentication has been completed.
286 * WPA_4WAY_HANDSHAKE - WPA 4-Way Key Handshake in progress
288 * This state is entered when WPA/WPA2 4-Way Handshake is started. In
289 * case of WPA-PSK, this happens when receiving the first EAPOL-Key
290 * frame after association. In case of WPA-EAP, this state is entered
291 * when the IEEE 802.1X/EAPOL authentication has been completed.
296 * WPA_GROUP_HANDSHAKE - WPA Group Key Handshake in progress
298 * This state is entered when 4-Way Key Handshake has been completed
299 * (i.e., when the supplicant sends out message 4/4) and when Group
300 * Key rekeying is started by the AP (i.e., when supplicant receives
306 * WPA_COMPLETED - All authentication completed
308 * This state is entered when the full authentication process is
309 * completed. In case of WPA2, this happens when the 4-Way Handshake is
310 * successfully completed. With WPA, this state is entered after the
311 * Group Key Handshake; with IEEE 802.1X (non-WPA) connection is
312 * completed after dynamic keys are received (or if not used, after
313 * the EAP authentication has been completed). With static WEP keys and
314 * plaintext connections, this state is entered when an association
315 * has been completed.
317 * This state indicates that the supplicant has completed its
318 * processing for the association phase and that data connection is
324 #define MLME_SETPROTECTION_PROTECT_TYPE_NONE 0
325 #define MLME_SETPROTECTION_PROTECT_TYPE_RX 1
326 #define MLME_SETPROTECTION_PROTECT_TYPE_TX 2
327 #define MLME_SETPROTECTION_PROTECT_TYPE_RX_TX 3
329 #define MLME_SETPROTECTION_KEY_TYPE_GROUP 0
330 #define MLME_SETPROTECTION_KEY_TYPE_PAIRWISE 1
334 * enum mfp_options - Management frame protection (IEEE 802.11w) options
337 NO_MGMT_FRAME_PROTECTION
= 0,
338 MGMT_FRAME_PROTECTION_OPTIONAL
= 1,
339 MGMT_FRAME_PROTECTION_REQUIRED
= 2,
341 #define MGMT_FRAME_PROTECTION_DEFAULT 3
344 * enum hostapd_hw_mode - Hardware mode
346 enum hostapd_hw_mode
{
347 HOSTAPD_MODE_IEEE80211B
,
348 HOSTAPD_MODE_IEEE80211G
,
349 HOSTAPD_MODE_IEEE80211A
,
350 HOSTAPD_MODE_IEEE80211AD
,
351 HOSTAPD_MODE_IEEE80211ANY
,
356 * enum wpa_ctrl_req_type - Control interface request types
358 enum wpa_ctrl_req_type
{
359 WPA_CTRL_REQ_UNKNOWN
,
360 WPA_CTRL_REQ_EAP_IDENTITY
,
361 WPA_CTRL_REQ_EAP_PASSWORD
,
362 WPA_CTRL_REQ_EAP_NEW_PASSWORD
,
363 WPA_CTRL_REQ_EAP_PIN
,
364 WPA_CTRL_REQ_EAP_OTP
,
365 WPA_CTRL_REQ_EAP_PASSPHRASE
,
367 WPA_CTRL_REQ_PSK_PASSPHRASE
,
368 WPA_CTRL_REQ_EXT_CERT_CHECK
,
372 /* Maximum number of EAP methods to store for EAP server user information */
373 #define EAP_MAX_METHODS 8
375 enum mesh_plink_state
{
382 PLINK_BLOCKED
, /* not defined in the IEEE 802.11 standard */
391 enum wpa_radio_work_band
{
392 BAND_2_4_GHZ
= BIT(0),
394 BAND_60_GHZ
= BIT(2),
397 enum beacon_rate_type
{
403 enum eap_proxy_sim_state
{
407 #define OCE_STA BIT(0)
408 #define OCE_STA_CFON BIT(1)
409 #define OCE_AP BIT(2)
411 /* enum chan_width - Channel width definitions */
427 KEY_FLAG_MODIFY
= BIT(0),
428 KEY_FLAG_DEFAULT
= BIT(1),
429 KEY_FLAG_RX
= BIT(2),
430 KEY_FLAG_TX
= BIT(3),
431 KEY_FLAG_GROUP
= BIT(4),
432 KEY_FLAG_PAIRWISE
= BIT(5),
433 KEY_FLAG_PMK
= BIT(6),
434 /* Used flag combinations */
435 KEY_FLAG_RX_TX
= KEY_FLAG_RX
| KEY_FLAG_TX
,
436 KEY_FLAG_GROUP_RX_TX
= KEY_FLAG_GROUP
| KEY_FLAG_RX_TX
,
437 KEY_FLAG_GROUP_RX_TX_DEFAULT
= KEY_FLAG_GROUP_RX_TX
|
439 KEY_FLAG_GROUP_RX
= KEY_FLAG_GROUP
| KEY_FLAG_RX
,
440 KEY_FLAG_GROUP_TX_DEFAULT
= KEY_FLAG_GROUP
| KEY_FLAG_TX
|
442 KEY_FLAG_PAIRWISE_RX_TX
= KEY_FLAG_PAIRWISE
| KEY_FLAG_RX_TX
,
443 KEY_FLAG_PAIRWISE_RX
= KEY_FLAG_PAIRWISE
| KEY_FLAG_RX
,
444 KEY_FLAG_PAIRWISE_RX_TX_MODIFY
= KEY_FLAG_PAIRWISE_RX_TX
|
448 enum ptk0_rekey_handling
{
449 PTK0_REKEY_ALLOW_ALWAYS
,
450 PTK0_REKEY_ALLOW_LOCAL_OK
,
451 PTK0_REKEY_ALLOW_NEVER