hostapd
wpa_i.h
1 /*
2  * Internal WPA/RSN supplicant state machine definitions
3  * Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi>
4  *
5  * This software may be distributed under the terms of the BSD license.
6  * See README for more details.
7  */
8 
9 #ifndef WPA_I_H
10 #define WPA_I_H
11 
12 #include "utils/list.h"
13 
14 struct wpa_peerkey;
15 struct wpa_tdls_peer;
16 struct wpa_eapol_key;
17 
21 struct wpa_sm {
22  u8 pmk[PMK_LEN_MAX];
23  size_t pmk_len;
24  struct wpa_ptk ptk, tptk;
25  int ptk_set, tptk_set;
26  unsigned int msg_3_of_4_ok:1;
27  unsigned int tk_to_set:1;
28  u8 snonce[WPA_NONCE_LEN];
29  u8 anonce[WPA_NONCE_LEN]; /* ANonce from the last 1/4 msg */
30  int renew_snonce;
31  u8 rx_replay_counter[WPA_REPLAY_COUNTER_LEN];
32  int rx_replay_counter_set;
33  u8 request_counter[WPA_REPLAY_COUNTER_LEN];
34 
35  struct eapol_sm *eapol; /* EAPOL state machine from upper level code */
36 
37  struct rsn_pmksa_cache *pmksa; /* PMKSA cache */
38  struct rsn_pmksa_cache_entry *cur_pmksa; /* current PMKSA entry */
39  struct dl_list pmksa_candidates;
40 
41  struct l2_packet_data *l2_preauth;
42  struct l2_packet_data *l2_preauth_br;
43  struct l2_packet_data *l2_tdls;
44  u8 preauth_bssid[ETH_ALEN]; /* current RSN pre-auth peer or
45  * 00:00:00:00:00:00 if no pre-auth is
46  * in progress */
47  struct eapol_sm *preauth_eapol;
48 
49  struct wpa_sm_ctx *ctx;
50 
51  void *scard_ctx; /* context for smartcard callbacks */
52  int fast_reauth; /* whether EAP fast re-authentication is enabled */
53 
54  void *network_ctx;
55  int peerkey_enabled;
56  int allowed_pairwise_cipher; /* bitfield of WPA_CIPHER_* */
57  int proactive_key_caching;
58  int eap_workaround;
59  void *eap_conf_ctx;
60  u8 ssid[32];
61  size_t ssid_len;
62  int wpa_ptk_rekey;
63  int p2p;
64  int wpa_rsc_relaxation;
65 
66  u8 own_addr[ETH_ALEN];
67  const char *ifname;
68  const char *bridge_ifname;
69  u8 bssid[ETH_ALEN];
70 
71  unsigned int dot11RSNAConfigPMKLifetime;
72  unsigned int dot11RSNAConfigPMKReauthThreshold;
73  unsigned int dot11RSNAConfigSATimeout;
74 
75  unsigned int dot11RSNA4WayHandshakeFailures;
76 
77  /* Selected configuration (based on Beacon/ProbeResp WPA IE) */
78  unsigned int proto;
79  unsigned int pairwise_cipher;
80  unsigned int group_cipher;
81  unsigned int key_mgmt;
82  unsigned int mgmt_group_cipher;
83 
84  int rsn_enabled; /* Whether RSN is enabled in configuration */
85  int mfp; /* 0 = disabled, 1 = optional, 2 = mandatory */
86 
87  u8 *assoc_wpa_ie; /* Own WPA/RSN IE from (Re)AssocReq */
88  size_t assoc_wpa_ie_len;
89  u8 *ap_wpa_ie, *ap_rsn_ie;
90  size_t ap_wpa_ie_len, ap_rsn_ie_len;
91 
92 #ifdef CONFIG_PEERKEY
93  struct wpa_peerkey *peerkey;
94 #endif /* CONFIG_PEERKEY */
95 #ifdef CONFIG_TDLS
96  struct wpa_tdls_peer *tdls;
97  int tdls_prohibited;
98  int tdls_chan_switch_prohibited;
99  int tdls_disabled;
100 
101  /* The driver supports TDLS */
102  int tdls_supported;
103 
104  /*
105  * The driver requires explicit discovery/setup/teardown frames sent
106  * to it via tdls_mgmt.
107  */
108  int tdls_external_setup;
109 
110  /* The driver supports TDLS channel switching */
111  int tdls_chan_switch;
112 #endif /* CONFIG_TDLS */
113 
114 #ifdef CONFIG_IEEE80211R
115  u8 xxkey[PMK_LEN]; /* PSK or the second 256 bits of MSK */
116  size_t xxkey_len;
117  u8 pmk_r0[PMK_LEN];
118  u8 pmk_r0_name[WPA_PMK_NAME_LEN];
119  u8 pmk_r1[PMK_LEN];
120  u8 pmk_r1_name[WPA_PMK_NAME_LEN];
121  u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN];
122  u8 r0kh_id[FT_R0KH_ID_MAX_LEN];
123  size_t r0kh_id_len;
124  u8 r1kh_id[FT_R1KH_ID_LEN];
125  int ft_completed;
126  int over_the_ds_in_progress;
127  u8 target_ap[ETH_ALEN]; /* over-the-DS target AP */
128  int set_ptk_after_assoc;
129  u8 mdie_ft_capab; /* FT Capability and Policy from target AP MDIE */
130  u8 *assoc_resp_ies; /* MDIE and FTIE from (Re)Association Response */
131  size_t assoc_resp_ies_len;
132 #endif /* CONFIG_IEEE80211R */
133 
134 #ifdef CONFIG_P2P
135  u8 p2p_ip_addr[3 * 4];
136 #endif /* CONFIG_P2P */
137 
138 #ifdef CONFIG_TESTING_OPTIONS
139  struct wpabuf *test_assoc_ie;
140 #endif /* CONFIG_TESTING_OPTIONS */
141 
142 #ifdef CONFIG_FILS
143  u8 fils_nonce[FILS_NONCE_LEN];
144  u8 fils_session[FILS_SESSION_LEN];
145  u8 fils_anonce[FILS_NONCE_LEN];
146  u8 fils_key_auth_ap[FILS_MAX_KEY_AUTH_LEN];
147  u8 fils_key_auth_sta[FILS_MAX_KEY_AUTH_LEN];
148  size_t fils_key_auth_len;
149  unsigned int fils_completed:1;
150 #endif /* CONFIG_FILS */
151 };
152 
153 
154 static inline void wpa_sm_set_state(struct wpa_sm *sm, enum wpa_states state)
155 {
156  WPA_ASSERT(sm->ctx->set_state);
157  sm->ctx->set_state(sm->ctx->ctx, state);
158 }
159 
160 static inline enum wpa_states wpa_sm_get_state(struct wpa_sm *sm)
161 {
162  WPA_ASSERT(sm->ctx->get_state);
163  return sm->ctx->get_state(sm->ctx->ctx);
164 }
165 
166 static inline void wpa_sm_deauthenticate(struct wpa_sm *sm, int reason_code)
167 {
168  WPA_ASSERT(sm->ctx->deauthenticate);
169  sm->ctx->deauthenticate(sm->ctx->ctx, reason_code);
170 }
171 
172 static inline int wpa_sm_set_key(struct wpa_sm *sm, enum wpa_alg alg,
173  const u8 *addr, int key_idx, int set_tx,
174  const u8 *seq, size_t seq_len,
175  const u8 *key, size_t key_len)
176 {
177  WPA_ASSERT(sm->ctx->set_key);
178  return sm->ctx->set_key(sm->ctx->ctx, alg, addr, key_idx, set_tx,
179  seq, seq_len, key, key_len);
180 }
181 
182 static inline void * wpa_sm_get_network_ctx(struct wpa_sm *sm)
183 {
184  WPA_ASSERT(sm->ctx->get_network_ctx);
185  return sm->ctx->get_network_ctx(sm->ctx->ctx);
186 }
187 
188 static inline int wpa_sm_get_bssid(struct wpa_sm *sm, u8 *bssid)
189 {
190  WPA_ASSERT(sm->ctx->get_bssid);
191  return sm->ctx->get_bssid(sm->ctx->ctx, bssid);
192 }
193 
194 static inline int wpa_sm_ether_send(struct wpa_sm *sm, const u8 *dest,
195  u16 proto, const u8 *buf, size_t len)
196 {
197  WPA_ASSERT(sm->ctx->ether_send);
198  return sm->ctx->ether_send(sm->ctx->ctx, dest, proto, buf, len);
199 }
200 
201 static inline int wpa_sm_get_beacon_ie(struct wpa_sm *sm)
202 {
203  WPA_ASSERT(sm->ctx->get_beacon_ie);
204  return sm->ctx->get_beacon_ie(sm->ctx->ctx);
205 }
206 
207 static inline void wpa_sm_cancel_auth_timeout(struct wpa_sm *sm)
208 {
209  WPA_ASSERT(sm->ctx->cancel_auth_timeout);
210  sm->ctx->cancel_auth_timeout(sm->ctx->ctx);
211 }
212 
213 static inline u8 * wpa_sm_alloc_eapol(struct wpa_sm *sm, u8 type,
214  const void *data, u16 data_len,
215  size_t *msg_len, void **data_pos)
216 {
217  WPA_ASSERT(sm->ctx->alloc_eapol);
218  return sm->ctx->alloc_eapol(sm->ctx->ctx, type, data, data_len,
219  msg_len, data_pos);
220 }
221 
222 static inline int wpa_sm_add_pmkid(struct wpa_sm *sm, void *network_ctx,
223  const u8 *bssid, const u8 *pmkid)
224 {
225  WPA_ASSERT(sm->ctx->add_pmkid);
226  return sm->ctx->add_pmkid(sm->ctx->ctx, network_ctx, bssid, pmkid);
227 }
228 
229 static inline int wpa_sm_remove_pmkid(struct wpa_sm *sm, void *network_ctx,
230  const u8 *bssid, const u8 *pmkid)
231 {
232  WPA_ASSERT(sm->ctx->remove_pmkid);
233  return sm->ctx->remove_pmkid(sm->ctx->ctx, network_ctx, bssid, pmkid);
234 }
235 
236 static inline int wpa_sm_mlme_setprotection(struct wpa_sm *sm, const u8 *addr,
237  int protect_type, int key_type)
238 {
239  WPA_ASSERT(sm->ctx->mlme_setprotection);
240  return sm->ctx->mlme_setprotection(sm->ctx->ctx, addr, protect_type,
241  key_type);
242 }
243 
244 static inline int wpa_sm_update_ft_ies(struct wpa_sm *sm, const u8 *md,
245  const u8 *ies, size_t ies_len)
246 {
247  if (sm->ctx->update_ft_ies)
248  return sm->ctx->update_ft_ies(sm->ctx->ctx, md, ies, ies_len);
249  return -1;
250 }
251 
252 static inline int wpa_sm_send_ft_action(struct wpa_sm *sm, u8 action,
253  const u8 *target_ap,
254  const u8 *ies, size_t ies_len)
255 {
256  if (sm->ctx->send_ft_action)
257  return sm->ctx->send_ft_action(sm->ctx->ctx, action, target_ap,
258  ies, ies_len);
259  return -1;
260 }
261 
262 static inline int wpa_sm_mark_authenticated(struct wpa_sm *sm,
263  const u8 *target_ap)
264 {
265  if (sm->ctx->mark_authenticated)
266  return sm->ctx->mark_authenticated(sm->ctx->ctx, target_ap);
267  return -1;
268 }
269 
270 static inline void wpa_sm_set_rekey_offload(struct wpa_sm *sm)
271 {
272  if (!sm->ctx->set_rekey_offload)
273  return;
274  sm->ctx->set_rekey_offload(sm->ctx->ctx, sm->ptk.kek, sm->ptk.kek_len,
275  sm->ptk.kck, sm->ptk.kck_len,
276  sm->rx_replay_counter);
277 }
278 
279 #ifdef CONFIG_TDLS
280 static inline int wpa_sm_tdls_get_capa(struct wpa_sm *sm,
281  int *tdls_supported,
282  int *tdls_ext_setup,
283  int *tdls_chan_switch)
284 {
285  if (sm->ctx->tdls_get_capa)
286  return sm->ctx->tdls_get_capa(sm->ctx->ctx, tdls_supported,
287  tdls_ext_setup, tdls_chan_switch);
288  return -1;
289 }
290 
291 static inline int wpa_sm_send_tdls_mgmt(struct wpa_sm *sm, const u8 *dst,
292  u8 action_code, u8 dialog_token,
293  u16 status_code, u32 peer_capab,
294  int initiator, const u8 *buf,
295  size_t len)
296 {
297  if (sm->ctx->send_tdls_mgmt)
298  return sm->ctx->send_tdls_mgmt(sm->ctx->ctx, dst, action_code,
299  dialog_token, status_code,
300  peer_capab, initiator, buf,
301  len);
302  return -1;
303 }
304 
305 static inline int wpa_sm_tdls_oper(struct wpa_sm *sm, int oper,
306  const u8 *peer)
307 {
308  if (sm->ctx->tdls_oper)
309  return sm->ctx->tdls_oper(sm->ctx->ctx, oper, peer);
310  return -1;
311 }
312 
313 static inline int
314 wpa_sm_tdls_peer_addset(struct wpa_sm *sm, const u8 *addr, int add,
315  u16 aid, u16 capability, const u8 *supp_rates,
316  size_t supp_rates_len,
317  const struct ieee80211_ht_capabilities *ht_capab,
318  const struct ieee80211_vht_capabilities *vht_capab,
319  u8 qosinfo, int wmm, const u8 *ext_capab,
320  size_t ext_capab_len, const u8 *supp_channels,
321  size_t supp_channels_len, const u8 *supp_oper_classes,
322  size_t supp_oper_classes_len)
323 {
324  if (sm->ctx->tdls_peer_addset)
325  return sm->ctx->tdls_peer_addset(sm->ctx->ctx, addr, add,
326  aid, capability, supp_rates,
327  supp_rates_len, ht_capab,
328  vht_capab, qosinfo, wmm,
329  ext_capab, ext_capab_len,
330  supp_channels,
331  supp_channels_len,
332  supp_oper_classes,
333  supp_oper_classes_len);
334  return -1;
335 }
336 
337 static inline int
338 wpa_sm_tdls_enable_channel_switch(struct wpa_sm *sm, const u8 *addr,
339  u8 oper_class,
340  const struct hostapd_freq_params *freq_params)
341 {
342  if (sm->ctx->tdls_enable_channel_switch)
343  return sm->ctx->tdls_enable_channel_switch(sm->ctx->ctx, addr,
344  oper_class,
345  freq_params);
346  return -1;
347 }
348 
349 static inline int
350 wpa_sm_tdls_disable_channel_switch(struct wpa_sm *sm, const u8 *addr)
351 {
352  if (sm->ctx->tdls_disable_channel_switch)
353  return sm->ctx->tdls_disable_channel_switch(sm->ctx->ctx, addr);
354  return -1;
355 }
356 #endif /* CONFIG_TDLS */
357 
358 static inline int wpa_sm_key_mgmt_set_pmk(struct wpa_sm *sm,
359  const u8 *pmk, size_t pmk_len)
360 {
361  if (!sm->ctx->key_mgmt_set_pmk)
362  return -1;
363  return sm->ctx->key_mgmt_set_pmk(sm->ctx->ctx, pmk, pmk_len);
364 }
365 
366 int wpa_eapol_key_send(struct wpa_sm *sm, struct wpa_ptk *ptk,
367  int ver, const u8 *dest, u16 proto,
368  u8 *msg, size_t msg_len, u8 *key_mic);
369 int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst,
370  const struct wpa_eapol_key *key,
371  int ver, const u8 *nonce,
372  const u8 *wpa_ie, size_t wpa_ie_len,
373  struct wpa_ptk *ptk);
374 int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst,
375  const struct wpa_eapol_key *key,
376  u16 ver, u16 key_info,
377  struct wpa_ptk *ptk);
378 
379 int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr,
380  const struct wpa_eapol_key *key, struct wpa_ptk *ptk);
381 
382 void wpa_tdls_assoc(struct wpa_sm *sm);
383 void wpa_tdls_disassoc(struct wpa_sm *sm);
384 
385 #endif /* WPA_I_H */
wpabuf
Definition: wpabuf.h:20
ieee80211_ht_capabilities
Definition: ieee802_11_defs.h:944
rsn_pmksa_cache
Definition: pmksa_cache_auth.c:24
wpa_sm_ctx
Definition: wpa.h:22
ieee80211_vht_capabilities
Definition: ieee802_11_defs.h:978
l2_packet_data
Definition: l2_packet_freebsd.c:36
wpa_eapol_key
Definition: wpa_common.h:176
wpa_ptk
struct wpa_ptk - WPA Pairwise Transient Key IEEE Std 802.11i-2004 - 8.5.1.2 Pairwise key hierarchy ...
Definition: wpa_common.h:201
dl_list
struct dl_list - Doubly-linked list
Definition: list.h:15
rsn_pmksa_cache_entry
struct rsn_pmksa_cache_entry - PMKSA cache entry
Definition: pmksa_cache_auth.h:17
wpa_peerkey
Definition: peerkey.h:13
eapol_sm
struct eapol_sm - Internal data for EAPOL state machines
Definition: eapol_supp_sm.c:31
hostapd_freq_params
struct hostapd_freq_params - Channel parameters
Definition: driver.h:565
wpa_sm
struct wpa_sm - Internal WPA state machine data
Definition: wpa_i.h:21
wpa_tdls_peer
Definition: tdls.c:95
Generated by   doxygen 1.8.12