1 /** \file sharedKeyAuthSm.c 2 * \brief shared key 802.11 authentication SM source 3 * 4 * \see sharedKeyAuthSm.h 5 */ 6 7 /**************************************************************************** 8 **+-----------------------------------------------------------------------+** 9 **| |** 10 **| Copyright(c) 1998 - 2008 Texas Instruments. All rights reserved. |** 11 **| All rights reserved. |** 12 **| |** 13 **| Redistribution and use in source and binary forms, with or without |** 14 **| modification, are permitted provided that the following conditions |** 15 **| are met: |** 16 **| |** 17 **| * Redistributions of source code must retain the above copyright |** 18 **| notice, this list of conditions and the following disclaimer. |** 19 **| * Redistributions in binary form must reproduce the above copyright |** 20 **| notice, this list of conditions and the following disclaimer in |** 21 **| the documentation and/or other materials provided with the |** 22 **| distribution. |** 23 **| * Neither the name Texas Instruments nor the names of its |** 24 **| contributors may be used to endorse or promote products derived |** 25 **| from this software without specific prior written permission. |** 26 **| |** 27 **| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |** 28 **| "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |** 29 **| LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |** 30 **| A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |** 31 **| OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |** 32 **| SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |** 33 **| LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |** 34 **| DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |** 35 **| THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |** 36 **| (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |** 37 **| OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |** 38 **| |** 39 **+-----------------------------------------------------------------------+** 40 ****************************************************************************/ 41 42 /***************************************************************************/ 43 /* */ 44 /* MODULE: sharedKeyAuthSm.c */ 45 /* PURPOSE: shared key 802.11 authentication SM source */ 46 /* */ 47 /***************************************************************************/ 48 49 #include "osApi.h" 50 51 #include "paramOut.h" 52 #include "paramIn.h" 53 54 #include "utils.h" 55 #include "fsm.h" 56 #include "report.h" 57 #include "mlmeApi.h" 58 #include "../authSm.h" 59 #include "sharedKeyAuthSm.h" 60 61 /* Constants */ 62 63 /** number of states in the state machine */ 64 #define SHARED_KEY_AUTH_SM_NUM_STATES 4 65 66 /** number of events in the state machine */ 67 #define SHARED_KEY_AUTH_SM_NUM_EVENTS 8 68 69 /* Enumerations */ 70 71 /* Typedefs */ 72 73 /* Structures */ 74 75 /* External data definitions */ 76 77 /* External functions definitions */ 78 79 /* Global variables */ 80 81 /* Local function prototypes */ 82 83 /* functions */ 84 85 /** 86 * 87 * sharedKeyAuth_smConfig - configure a new authentication SM 88 * 89 * \b Description: 90 * 91 * Configure a new authentication SM. 92 * 93 * \b ARGS: 94 * 95 * I - hAuth - Association SM context \n 96 * I - hMlme - MLME SM context \n 97 * I - hSiteMgr - Site manager context \n 98 * I - hCtrlData - Control data context \n 99 * I - hTxData - TX data context \n 100 * I - hHalCtrl - Hal control context \n 101 * I - hReport - Report context \n 102 * I - hOs - OS context \n 103 * I - authTimeout - Association SM timeout \n 104 * I - authMaxCount - Max number of authentication requests to send \n 105 * 106 * \b RETURNS: 107 * 108 * OK if successful, NOK otherwise. 109 * 110 * \sa sharedKeyAuth_Create, sharedKeyAuth_Unload 111 */ 112 TI_STATUS sharedKeyAuth_Config(TI_HANDLE hAuth, TI_HANDLE hOs) 113 { 114 auth_t *pHandle; 115 TI_STATUS status; 116 /** Main 802.1X State Machine matrix */ 117 fsm_actionCell_t sharedKeyAuth_smMatrix[SHARED_KEY_AUTH_SM_NUM_STATES][SHARED_KEY_AUTH_SM_NUM_EVENTS] = 118 { 119 /* next state and actions for IDLE state */ 120 {{SHARED_KEY_AUTH_SM_STATE_WAIT_1, (fsm_Action_t)sharedKeyAuth_smStartIdle}, 121 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 122 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 123 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 124 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 125 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 126 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 127 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smActionUnexpected} 128 }, 129 /* next state and actions for WAIT_1 state */ 130 {{SHARED_KEY_AUTH_SM_STATE_WAIT_1, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 131 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smStopWait}, 132 {SHARED_KEY_AUTH_SM_STATE_WAIT_2, (fsm_Action_t)sharedKeyAuth_smSuccess1Wait1}, 133 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smFailure1Wait1}, 134 {SHARED_KEY_AUTH_SM_STATE_WAIT_1, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 135 {SHARED_KEY_AUTH_SM_STATE_WAIT_1, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 136 {SHARED_KEY_AUTH_SM_STATE_WAIT_1, (fsm_Action_t)sharedKeyAuth_smTimeoutWait1}, 137 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smMaxRetryWait} 138 }, 139 /* next state and actions for WAIT_2 state */ 140 {{SHARED_KEY_AUTH_SM_STATE_WAIT_2, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 141 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smStopWait}, 142 {SHARED_KEY_AUTH_SM_STATE_WAIT_2, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 143 {SHARED_KEY_AUTH_SM_STATE_WAIT_2, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 144 {SHARED_KEY_AUTH_SM_STATE_AUTH, (fsm_Action_t)sharedKeyAuth_smSuccess2Wait2}, 145 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smFailure2Wait2}, 146 {SHARED_KEY_AUTH_SM_STATE_WAIT_2, (fsm_Action_t)sharedKeyAuth_smTimeoutWait2}, 147 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smMaxRetryWait} 148 }, 149 /* next state and actions for AUTH state */ 150 {{SHARED_KEY_AUTH_SM_STATE_AUTH, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 151 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smStopAuth}, 152 {SHARED_KEY_AUTH_SM_STATE_AUTH, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 153 {SHARED_KEY_AUTH_SM_STATE_AUTH, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 154 {SHARED_KEY_AUTH_SM_STATE_AUTH, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 155 {SHARED_KEY_AUTH_SM_STATE_AUTH, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 156 {SHARED_KEY_AUTH_SM_STATE_AUTH, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}, 157 {SHARED_KEY_AUTH_SM_STATE_AUTH, (fsm_Action_t)sharedKeyAuth_smActionUnexpected} 158 }}; 159 160 161 if (hAuth == NULL) 162 { 163 return NOK; 164 } 165 166 pHandle = (auth_t*)hAuth; 167 168 status = fsm_Config(pHandle->pAuthSm, &sharedKeyAuth_smMatrix[0][0], 169 SHARED_KEY_AUTH_SM_NUM_STATES, SHARED_KEY_AUTH_SM_NUM_EVENTS, auth_skSMEvent, hOs); 170 if (status != OK) 171 { 172 return NOK; 173 } 174 175 pHandle->currentState = SHARED_KEY_AUTH_SM_STATE_IDLE; 176 177 return OK; 178 } 179 180 181 #ifdef REPORT_LOG 182 183 static char *stateDesc[SHARED_KEY_AUTH_SM_NUM_STATES] = 184 { 185 "SHARED_KEY_AUTH_SM_STATE_IDLE", 186 "SHARED_KEY_AUTH_SM_STATE_WAIT_1", 187 "SHARED_KEY_AUTH_SM_STATE_WAIT_2", 188 "SHARED_KEY_AUTH_SM_STATE_AUTH", 189 }; 190 191 static char *eventDesc[SHARED_KEY_AUTH_SM_NUM_EVENTS] = 192 { 193 "SHARED_KEY_AUTH_SM_EVENT_START", 194 "SHARED_KEY_AUTH_SM_EVENT_STOP", 195 "SHARED_KEY_AUTH_SM_EVENT_SUCCESS_1", 196 "SHARED_KEY_AUTH_SM_EVENT_FAIL_1", 197 "SHARED_KEY_AUTH_SM_EVENT_SUCCESS_2", 198 "SHARED_KEY_AUTH_SM_EVENT_FAIL_2", 199 "SHARED_KEY_AUTH_SM_EVENT_TIMEOUT", 200 "SHARED_KEY_AUTH_SM_EVENT_MAX_RETRY", 201 }; 202 203 #endif 204 205 206 TI_STATUS auth_skSMEvent(UINT8 *currentState, UINT8 event, TI_HANDLE hAuth) 207 { 208 auth_t *pAuth = (auth_t *)hAuth; 209 TI_STATUS status; 210 UINT8 nextState; 211 212 status = fsm_GetNextState(pAuth->pAuthSm, *currentState, event, &nextState); 213 if (status != OK) 214 { 215 WLAN_REPORT_SM(pAuth->hReport, AUTH_MODULE_LOG, ("State machine error, failed getting next state\n")); 216 return(NOK); 217 } 218 219 WLAN_REPORT_SM(pAuth->hReport, AUTH_MODULE_LOG, 220 ("<%s, %s> --> %s\n\n", 221 stateDesc[*currentState], 222 eventDesc[event], 223 stateDesc[nextState])); 224 225 status = fsm_Event(pAuth->pAuthSm, currentState, event, (void *)pAuth); 226 227 return status; 228 } 229 230 231 /** 232 * 233 * sharedKeyAuth_Recv - Recive a message from the AP 234 * 235 * \b Description: 236 * 237 * Parse a message form the AP and perform the appropriate event. 238 * 239 * \b ARGS: 240 * 241 * I - hAuth - Association SM context \n 242 * 243 * \b RETURNS: 244 * 245 * OK if successful, NOK otherwise. 246 * 247 * \sa sharedKeyAuth_Start, sharedKeyAuth_Stop 248 */ 249 TI_STATUS sharedKeyAuth_Recv(TI_HANDLE hAuth, mlmeFrameInfo_t *pFrame) 250 { 251 TI_STATUS status = NOK; 252 auth_t *pHandle; 253 UINT16 authAlgo; 254 UINT16 rspSeq; 255 256 pHandle = (auth_t*)hAuth; 257 258 if (pHandle == NULL) 259 { 260 return NOK; 261 } 262 263 /* check response status */ 264 authAlgo = pFrame->content.auth.authAlgo; 265 if (authAlgo != AUTH_LEGACY_SHARED_KEY) 266 { 267 WLAN_REPORT_SM(pHandle->hReport, AUTH_MODULE_LOG, 268 ("SHARED_KEY_AUTH_SM: DEBUG recieved authentication message with wrong algorithm \n")); 269 return NOK; 270 } 271 272 /* check response status */ 273 rspSeq = pFrame->content.auth.seqNum; 274 275 pHandle->authData.status = pFrame->content.auth.status; 276 pHandle->authData.pChalange = (char *)(pFrame->content.auth.pChallenge->text); 277 pHandle->authData.challangeLen = pFrame->content.auth.pChallenge->hdr.eleLen; 278 279 if (pHandle->authData.status == STATUS_SUCCESSFUL) 280 { 281 switch (rspSeq) 282 { 283 case 2: 284 WLAN_REPORT_SM(pHandle->hReport, AUTH_MODULE_LOG, 285 ("SHARED_KEY_AUTH_SM: DEBUG Success authenticating to AP stage 1\n")); 286 287 if (pFrame->content.auth.pChallenge->hdr.eleId != CHALLANGE_TEXT_IE_ID) 288 { 289 WLAN_REPORT_ERROR(pHandle->hReport, AUTH_MODULE_LOG, 290 ("SHARED_KEY_AUTH_SM: Wrong element ID for challange \n")); 291 status = NOK; 292 break; 293 } 294 295 status = auth_skSMEvent(&pHandle->currentState, SHARED_KEY_AUTH_SM_EVENT_SUCCESS_1, hAuth); 296 break; 297 298 case 4: 299 WLAN_REPORT_SM(pHandle->hReport, AUTH_MODULE_LOG, 300 ("SHARED_KEY_AUTH_SM: DEBUG Success authenticating to AP stage 2\n")); 301 302 status = auth_skSMEvent(&pHandle->currentState, SHARED_KEY_AUTH_SM_EVENT_SUCCESS_2, hAuth); 303 break; 304 305 default: 306 WLAN_REPORT_ERROR(pHandle->hReport, AUTH_MODULE_LOG, 307 ("SHARED_KEY_AUTH_SM: Wrong sequence number \n")); 308 status = NOK; 309 break; 310 } 311 } 312 313 else 314 { 315 switch (rspSeq) 316 { 317 case 2: 318 status = auth_skSMEvent(&pHandle->currentState, SHARED_KEY_AUTH_SM_EVENT_FAIL_1, hAuth); 319 break; 320 321 case 4: 322 status = auth_skSMEvent(&pHandle->currentState, SHARED_KEY_AUTH_SM_EVENT_FAIL_2, hAuth); 323 break; 324 325 default: 326 status = NOK; 327 break; 328 } 329 } 330 331 return status; 332 } 333 334 /* state machine functions */ 335 336 TI_STATUS sharedKeyAuth_smStartIdle(auth_t *hAuth) 337 { 338 TI_STATUS status; 339 340 status = sharedKeyAuth_smResetRetry(hAuth); 341 status = sharedKeyAuth_smSendAuth1(hAuth); 342 status = sharedKeyAuth_smStartTimer(hAuth); 343 status = sharedKeyAuth_smIncRetry(hAuth); 344 345 return status; 346 } 347 348 TI_STATUS sharedKeyAuth_smStopWait(auth_t *hAuth) 349 { 350 TI_STATUS status; 351 352 status = sharedKeyAuth_smStopTimer(hAuth); 353 354 return status; 355 } 356 357 TI_STATUS sharedKeyAuth_smSuccess1Wait1(auth_t *hAuth) 358 { 359 TI_STATUS status; 360 361 status = sharedKeyAuth_smResetRetry(hAuth); 362 if (status != OK) 363 return status; 364 status = sharedKeyAuth_smStopTimer(hAuth); 365 if (status != OK) 366 return status; 367 status = sharedKeyAuth_smSendAuth2(hAuth); 368 if (status != OK) 369 return status; 370 status = sharedKeyAuth_smStartTimer(hAuth); 371 if (status != OK) 372 return status; 373 status = sharedKeyAuth_smIncRetry(hAuth); 374 375 return status; 376 } 377 378 TI_STATUS sharedKeyAuth_smFailure1Wait1(auth_t *hAuth) 379 { 380 TI_STATUS status; 381 382 status = sharedKeyAuth_smStopTimer(hAuth); 383 status = sharedKeyAuth_smReportFailure(hAuth); 384 385 return status; 386 } 387 388 TI_STATUS sharedKeyAuth_smTimeoutWait1(auth_t *hAuth) 389 { 390 TI_STATUS status; 391 392 status = sharedKeyAuth_smSendAuth1(hAuth); 393 status = sharedKeyAuth_smStartTimer(hAuth); 394 status = sharedKeyAuth_smIncRetry(hAuth); 395 396 return status; 397 } 398 399 TI_STATUS sharedKeyAuth_smMaxRetryWait(auth_t *hAuth) 400 { 401 TI_STATUS status; 402 403 status = sharedKeyAuth_smReportFailure(hAuth); 404 405 return status; 406 } 407 408 TI_STATUS sharedKeyAuth_smSuccess2Wait2(auth_t *hAuth) 409 { 410 TI_STATUS status; 411 412 status = sharedKeyAuth_smStopTimer(hAuth); 413 status = sharedKeyAuth_smReportSuccess(hAuth); 414 415 return status; 416 } 417 418 TI_STATUS sharedKeyAuth_smFailure2Wait2(auth_t *hAuth) 419 { 420 TI_STATUS status; 421 422 status = sharedKeyAuth_smStopTimer(hAuth); 423 status = sharedKeyAuth_smReportFailure(hAuth); 424 425 return status; 426 } 427 428 TI_STATUS sharedKeyAuth_smTimeoutWait2(auth_t *hAuth) 429 { 430 TI_STATUS status; 431 432 status = sharedKeyAuth_smSendAuth2(hAuth); 433 status = sharedKeyAuth_smStartTimer(hAuth); 434 status = sharedKeyAuth_smIncRetry(hAuth); 435 436 return status; 437 } 438 439 /* action routines for authentication SM */ 440 441 TI_STATUS sharedKeyAuth_smSendAuth1(auth_t *hAuth) 442 { 443 TI_STATUS status; 444 445 status = auth_smMsgBuild(hAuth, 1, 0, NULL, 0); 446 447 return status; 448 } 449 450 TI_STATUS sharedKeyAuth_smSendAuth2(auth_t *hAuth) 451 { 452 TI_STATUS status; 453 454 /* GET SECRET */ 455 456 /* ENCRYPT CHALLANGE WITH SECRET */ 457 458 status = auth_smMsgBuild(hAuth, 3, 0, (UINT8 *)(hAuth->authData.pChalange), hAuth->authData.challangeLen); 459 460 return status; 461 } 462 463 TI_STATUS sharedKeyAuth_smStopAuth(auth_t *hAuth) 464 { 465 return OK; 466 } 467 468 TI_STATUS sharedKeyAuth_smActionUnexpected(auth_t *hAuth) 469 { 470 return OK; 471 } 472 473 /* local functions */ 474 475 476 TI_STATUS sharedKeyAuth_smResetRetry(auth_t *hAuth) 477 { 478 if (hAuth == NULL) 479 { 480 return NOK; 481 } 482 483 hAuth->retryCount = 0; 484 485 return OK; 486 } 487 488 TI_STATUS sharedKeyAuth_smIncRetry(auth_t *hAuth) 489 { 490 if (hAuth == NULL) 491 { 492 return NOK; 493 } 494 495 hAuth->retryCount++; 496 497 return OK; 498 } 499 500 TI_STATUS sharedKeyAuth_smReportSuccess(auth_t *hAuth) 501 { 502 TI_STATUS status; 503 504 if (hAuth == NULL) 505 { 506 return NOK; 507 } 508 509 status = mlme_reportAuthStatus(hAuth->hMlme, hAuth->authData.status); 510 511 return status; 512 } 513 514 TI_STATUS sharedKeyAuth_smReportFailure(auth_t *hAuth) 515 { 516 TI_STATUS status; 517 518 if (hAuth == NULL) 519 { 520 return NOK; 521 } 522 523 status = mlme_reportAuthStatus(hAuth->hMlme, hAuth->authData.status); 524 525 return status; 526 } 527 528 TI_STATUS sharedKeyAuth_smStartTimer(auth_t *hAuth) 529 { 530 if (hAuth == NULL) 531 { 532 return NOK; 533 } 534 535 os_timerStart(hAuth->hOs, hAuth->timer, hAuth->timeout, FALSE); 536 537 return OK; 538 } 539 540 TI_STATUS sharedKeyAuth_smStopTimer(auth_t *hAuth) 541 { 542 if (hAuth == NULL) 543 { 544 return NOK; 545 } 546 547 os_timerStop(hAuth->hOs, hAuth->timer); 548 549 return OK; 550 } 551 552 TI_STATUS sharedKey_Timeout(auth_t *pAuth) 553 { 554 if (pAuth->retryCount >= pAuth->maxCount) 555 { 556 pAuth->authData.status = STATUS_PACKET_REJ_TIMEOUT; 557 return auth_skSMEvent(&pAuth->currentState, SHARED_KEY_AUTH_SM_EVENT_MAX_RETRY, pAuth); 558 } 559 560 return auth_skSMEvent(&pAuth->currentState, SHARED_KEY_AUTH_SM_EVENT_TIMEOUT, pAuth); 561 } 562 563 564