1 /* 2 * Internal WPA/RSN supplicant state machine definitions 3 * Copyright (c) 2004-2010, Jouni Malinen <j (at) w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #ifndef WPA_I_H 10 #define WPA_I_H 11 12 #include "utils/list.h" 13 14 struct wpa_peerkey; 15 struct wpa_tdls_peer; 16 struct wpa_eapol_key; 17 18 /** 19 * struct wpa_sm - Internal WPA state machine data 20 */ 21 struct wpa_sm { 22 u8 pmk[PMK_LEN]; 23 size_t pmk_len; 24 struct wpa_ptk ptk, tptk; 25 int ptk_set, tptk_set; 26 u8 snonce[WPA_NONCE_LEN]; 27 u8 anonce[WPA_NONCE_LEN]; /* ANonce from the last 1/4 msg */ 28 int renew_snonce; 29 u8 rx_replay_counter[WPA_REPLAY_COUNTER_LEN]; 30 int rx_replay_counter_set; 31 u8 request_counter[WPA_REPLAY_COUNTER_LEN]; 32 33 struct eapol_sm *eapol; /* EAPOL state machine from upper level code */ 34 35 struct rsn_pmksa_cache *pmksa; /* PMKSA cache */ 36 struct rsn_pmksa_cache_entry *cur_pmksa; /* current PMKSA entry */ 37 struct dl_list pmksa_candidates; 38 39 struct l2_packet_data *l2_preauth; 40 struct l2_packet_data *l2_preauth_br; 41 struct l2_packet_data *l2_tdls; 42 u8 preauth_bssid[ETH_ALEN]; /* current RSN pre-auth peer or 43 * 00:00:00:00:00:00 if no pre-auth is 44 * in progress */ 45 struct eapol_sm *preauth_eapol; 46 47 struct wpa_sm_ctx *ctx; 48 49 void *scard_ctx; /* context for smartcard callbacks */ 50 int fast_reauth; /* whether EAP fast re-authentication is enabled */ 51 52 void *network_ctx; 53 int peerkey_enabled; 54 int allowed_pairwise_cipher; /* bitfield of WPA_CIPHER_* */ 55 int proactive_key_caching; 56 int eap_workaround; 57 void *eap_conf_ctx; 58 u8 ssid[32]; 59 size_t ssid_len; 60 int wpa_ptk_rekey; 61 62 u8 own_addr[ETH_ALEN]; 63 const char *ifname; 64 const char *bridge_ifname; 65 u8 bssid[ETH_ALEN]; 66 67 unsigned int dot11RSNAConfigPMKLifetime; 68 unsigned int dot11RSNAConfigPMKReauthThreshold; 69 unsigned int dot11RSNAConfigSATimeout; 70 71 unsigned int dot11RSNA4WayHandshakeFailures; 72 73 /* Selected configuration (based on Beacon/ProbeResp WPA IE) */ 74 unsigned int proto; 75 unsigned int pairwise_cipher; 76 unsigned int group_cipher; 77 unsigned int key_mgmt; 78 unsigned int mgmt_group_cipher; 79 80 int rsn_enabled; /* Whether RSN is enabled in configuration */ 81 int mfp; /* 0 = disabled, 1 = optional, 2 = mandatory */ 82 83 u8 *assoc_wpa_ie; /* Own WPA/RSN IE from (Re)AssocReq */ 84 size_t assoc_wpa_ie_len; 85 u8 *ap_wpa_ie, *ap_rsn_ie; 86 size_t ap_wpa_ie_len, ap_rsn_ie_len; 87 88 #ifdef CONFIG_PEERKEY 89 struct wpa_peerkey *peerkey; 90 #endif /* CONFIG_PEERKEY */ 91 #ifdef CONFIG_TDLS 92 struct wpa_tdls_peer *tdls; 93 int tdls_prohibited; 94 int tdls_disabled; 95 96 /* The driver supports TDLS */ 97 int tdls_supported; 98 99 /* 100 * The driver requires explicit discovery/setup/teardown frames sent 101 * to it via tdls_mgmt. 102 */ 103 int tdls_external_setup; 104 #endif /* CONFIG_TDLS */ 105 106 #ifdef CONFIG_IEEE80211R 107 u8 xxkey[PMK_LEN]; /* PSK or the second 256 bits of MSK */ 108 size_t xxkey_len; 109 u8 pmk_r0[PMK_LEN]; 110 u8 pmk_r0_name[WPA_PMK_NAME_LEN]; 111 u8 pmk_r1[PMK_LEN]; 112 u8 pmk_r1_name[WPA_PMK_NAME_LEN]; 113 u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN]; 114 u8 r0kh_id[FT_R0KH_ID_MAX_LEN]; 115 size_t r0kh_id_len; 116 u8 r1kh_id[FT_R1KH_ID_LEN]; 117 int ft_completed; 118 int over_the_ds_in_progress; 119 u8 target_ap[ETH_ALEN]; /* over-the-DS target AP */ 120 int set_ptk_after_assoc; 121 u8 mdie_ft_capab; /* FT Capability and Policy from target AP MDIE */ 122 u8 *assoc_resp_ies; /* MDIE and FTIE from (Re)Association Response */ 123 size_t assoc_resp_ies_len; 124 #endif /* CONFIG_IEEE80211R */ 125 }; 126 127 128 static inline void wpa_sm_set_state(struct wpa_sm *sm, enum wpa_states state) 129 { 130 WPA_ASSERT(sm->ctx->set_state); 131 sm->ctx->set_state(sm->ctx->ctx, state); 132 } 133 134 static inline enum wpa_states wpa_sm_get_state(struct wpa_sm *sm) 135 { 136 WPA_ASSERT(sm->ctx->get_state); 137 return sm->ctx->get_state(sm->ctx->ctx); 138 } 139 140 static inline void wpa_sm_deauthenticate(struct wpa_sm *sm, int reason_code) 141 { 142 WPA_ASSERT(sm->ctx->deauthenticate); 143 sm->ctx->deauthenticate(sm->ctx->ctx, reason_code); 144 } 145 146 static inline void wpa_sm_disassociate(struct wpa_sm *sm, int reason_code) 147 { 148 WPA_ASSERT(sm->ctx->disassociate); 149 sm->ctx->disassociate(sm->ctx->ctx, reason_code); 150 } 151 152 static inline int wpa_sm_set_key(struct wpa_sm *sm, enum wpa_alg alg, 153 const u8 *addr, int key_idx, int set_tx, 154 const u8 *seq, size_t seq_len, 155 const u8 *key, size_t key_len) 156 { 157 WPA_ASSERT(sm->ctx->set_key); 158 return sm->ctx->set_key(sm->ctx->ctx, alg, addr, key_idx, set_tx, 159 seq, seq_len, key, key_len); 160 } 161 162 static inline void * wpa_sm_get_network_ctx(struct wpa_sm *sm) 163 { 164 WPA_ASSERT(sm->ctx->get_network_ctx); 165 return sm->ctx->get_network_ctx(sm->ctx->ctx); 166 } 167 168 static inline int wpa_sm_get_bssid(struct wpa_sm *sm, u8 *bssid) 169 { 170 WPA_ASSERT(sm->ctx->get_bssid); 171 return sm->ctx->get_bssid(sm->ctx->ctx, bssid); 172 } 173 174 static inline int wpa_sm_ether_send(struct wpa_sm *sm, const u8 *dest, 175 u16 proto, const u8 *buf, size_t len) 176 { 177 WPA_ASSERT(sm->ctx->ether_send); 178 return sm->ctx->ether_send(sm->ctx->ctx, dest, proto, buf, len); 179 } 180 181 static inline int wpa_sm_get_beacon_ie(struct wpa_sm *sm) 182 { 183 WPA_ASSERT(sm->ctx->get_beacon_ie); 184 return sm->ctx->get_beacon_ie(sm->ctx->ctx); 185 } 186 187 static inline void wpa_sm_cancel_auth_timeout(struct wpa_sm *sm) 188 { 189 WPA_ASSERT(sm->ctx->cancel_auth_timeout); 190 sm->ctx->cancel_auth_timeout(sm->ctx->ctx); 191 } 192 193 static inline u8 * wpa_sm_alloc_eapol(struct wpa_sm *sm, u8 type, 194 const void *data, u16 data_len, 195 size_t *msg_len, void **data_pos) 196 { 197 WPA_ASSERT(sm->ctx->alloc_eapol); 198 return sm->ctx->alloc_eapol(sm->ctx->ctx, type, data, data_len, 199 msg_len, data_pos); 200 } 201 202 static inline int wpa_sm_add_pmkid(struct wpa_sm *sm, const u8 *bssid, 203 const u8 *pmkid) 204 { 205 WPA_ASSERT(sm->ctx->add_pmkid); 206 return sm->ctx->add_pmkid(sm->ctx->ctx, bssid, pmkid); 207 } 208 209 static inline int wpa_sm_remove_pmkid(struct wpa_sm *sm, const u8 *bssid, 210 const u8 *pmkid) 211 { 212 WPA_ASSERT(sm->ctx->remove_pmkid); 213 return sm->ctx->remove_pmkid(sm->ctx->ctx, bssid, pmkid); 214 } 215 216 static inline int wpa_sm_mlme_setprotection(struct wpa_sm *sm, const u8 *addr, 217 int protect_type, int key_type) 218 { 219 WPA_ASSERT(sm->ctx->mlme_setprotection); 220 return sm->ctx->mlme_setprotection(sm->ctx->ctx, addr, protect_type, 221 key_type); 222 } 223 224 static inline int wpa_sm_update_ft_ies(struct wpa_sm *sm, const u8 *md, 225 const u8 *ies, size_t ies_len) 226 { 227 if (sm->ctx->update_ft_ies) 228 return sm->ctx->update_ft_ies(sm->ctx->ctx, md, ies, ies_len); 229 return -1; 230 } 231 232 static inline int wpa_sm_send_ft_action(struct wpa_sm *sm, u8 action, 233 const u8 *target_ap, 234 const u8 *ies, size_t ies_len) 235 { 236 if (sm->ctx->send_ft_action) 237 return sm->ctx->send_ft_action(sm->ctx->ctx, action, target_ap, 238 ies, ies_len); 239 return -1; 240 } 241 242 static inline int wpa_sm_mark_authenticated(struct wpa_sm *sm, 243 const u8 *target_ap) 244 { 245 if (sm->ctx->mark_authenticated) 246 return sm->ctx->mark_authenticated(sm->ctx->ctx, target_ap); 247 return -1; 248 } 249 250 static inline void wpa_sm_set_rekey_offload(struct wpa_sm *sm) 251 { 252 if (!sm->ctx->set_rekey_offload) 253 return; 254 sm->ctx->set_rekey_offload(sm->ctx->ctx, sm->ptk.kek, 255 sm->ptk.kck, sm->rx_replay_counter); 256 } 257 258 #ifdef CONFIG_TDLS 259 static inline int wpa_sm_tdls_get_capa(struct wpa_sm *sm, 260 int *tdls_supported, 261 int *tdls_ext_setup) 262 { 263 if (sm->ctx->tdls_get_capa) 264 return sm->ctx->tdls_get_capa(sm->ctx->ctx, tdls_supported, 265 tdls_ext_setup); 266 return -1; 267 } 268 269 static inline int wpa_sm_send_tdls_mgmt(struct wpa_sm *sm, const u8 *dst, 270 u8 action_code, u8 dialog_token, 271 u16 status_code, const u8 *buf, 272 size_t len) 273 { 274 if (sm->ctx->send_tdls_mgmt) 275 return sm->ctx->send_tdls_mgmt(sm->ctx->ctx, dst, action_code, 276 dialog_token, status_code, 277 buf, len); 278 return -1; 279 } 280 281 static inline int wpa_sm_tdls_oper(struct wpa_sm *sm, int oper, 282 const u8 *peer) 283 { 284 if (sm->ctx->tdls_oper) 285 return sm->ctx->tdls_oper(sm->ctx->ctx, oper, peer); 286 return -1; 287 } 288 289 static inline int 290 wpa_sm_tdls_peer_addset(struct wpa_sm *sm, const u8 *addr, int add, 291 u16 capability, const u8 *supp_rates, 292 size_t supp_rates_len) 293 { 294 if (sm->ctx->tdls_peer_addset) 295 return sm->ctx->tdls_peer_addset(sm->ctx->ctx, addr, add, 296 capability, supp_rates, 297 supp_rates_len); 298 return -1; 299 } 300 #endif /* CONFIG_TDLS */ 301 302 void wpa_eapol_key_send(struct wpa_sm *sm, const u8 *kck, 303 int ver, const u8 *dest, u16 proto, 304 u8 *msg, size_t msg_len, u8 *key_mic); 305 int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst, 306 const struct wpa_eapol_key *key, 307 int ver, const u8 *nonce, 308 const u8 *wpa_ie, size_t wpa_ie_len, 309 struct wpa_ptk *ptk); 310 int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst, 311 const struct wpa_eapol_key *key, 312 u16 ver, u16 key_info, 313 const u8 *kde, size_t kde_len, 314 struct wpa_ptk *ptk); 315 316 int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr, 317 const struct wpa_eapol_key *key, 318 struct wpa_ptk *ptk, size_t ptk_len); 319 320 void wpa_tdls_assoc(struct wpa_sm *sm); 321 void wpa_tdls_disassoc(struct wpa_sm *sm); 322 323 #endif /* WPA_I_H */ 324
