Lines Matching refs:sm
28 * @sm: Pointer to WPA state machine data from wpa_sm_init()
37 void wpa_eapol_key_send(struct wpa_sm *sm, const u8 *kck,
41 if (is_zero_ether_addr(dest) && is_zero_ether_addr(sm->bssid)) {
46 if (wpa_sm_get_bssid(sm, sm->bssid) < 0) {
47 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
51 dest = sm->bssid;
52 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
60 wpa_msg(sm->ctx->msg_ctx, MSG_ERROR,
68 wpa_sm_ether_send(sm, dest, proto, msg, msg_len);
69 eapol_sm_notify_tx_eapol_key(sm->eapol);
77 * @sm: Pointer to WPA state machine data from wpa_sm_init()
85 void wpa_sm_key_request(struct wpa_sm *sm, int error, int pairwise)
92 if (wpa_key_mgmt_ft(sm->key_mgmt) || wpa_key_mgmt_sha256(sm->key_mgmt))
94 else if (sm->pairwise_cipher != WPA_CIPHER_TKIP)
99 if (wpa_sm_get_bssid(sm, bssid) < 0) {
100 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
105 rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL,
110 reply->type = sm->proto == WPA_PROTO_RSN ?
113 if (sm->ptk_set)
121 os_memcpy(reply->replay_counter, sm->request_counter,
123 inc_byte_array(sm->request_counter, WPA_REPLAY_COUNTER_LEN);
127 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
130 error, pairwise, sm->ptk_set, (unsigned long) rlen);
131 wpa_eapol_key_send(sm, sm->ptk.kck, ver, bssid, ETH_P_EAPOL,
137 static int wpa_supplicant_get_pmk(struct wpa_sm *sm,
143 if (pmkid && !sm->cur_pmksa) {
148 sm->cur_pmksa = pmksa_cache_get(sm->pmksa, src_addr, pmkid,
150 if (sm->cur_pmksa) {
151 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
154 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
160 if (pmkid && sm->cur_pmksa &&
161 os_memcmp(pmkid, sm->cur_pmksa->pmkid, PMKID_LEN) == 0) {
163 wpa_sm_set_pmk_from_pmksa(sm);
165 sm->pmk, sm->pmk_len);
166 eapol_sm_notify_cached(sm->eapol);
168 sm->xxkey_len = 0;
170 } else if (wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt) && sm->eapol) {
173 res = eapol_sm_get_key(sm->eapol, sm->pmk, PMK_LEN);
179 res = eapol_sm_get_key(sm->eapol, sm->pmk, 16);
184 if (eapol_sm_get_key(sm->eapol, buf, 2 * PMK_LEN) == 0)
186 os_memcpy(sm->xxkey, buf + PMK_LEN, PMK_LEN);
187 sm->xxkey_len = PMK_LEN;
195 "machines", sm->pmk, pmk_len);
196 sm->pmk_len = pmk_len;
197 if (sm->proto == WPA_PROTO_RSN &&
198 !wpa_key_mgmt_ft(sm->key_mgmt)) {
199 sa = pmksa_cache_add(sm->pmksa,
200 sm->pmk, pmk_len,
201 src_addr, sm->own_addr,
202 sm->network_ctx,
203 sm->key_mgmt);
205 if (!sm->cur_pmksa && pmkid &&
206 pmksa_cache_get(sm->pmksa, src_addr, pmkid, NULL))
208 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
214 if (!sm->cur_pmksa)
215 sm->cur_pmksa = sa;
217 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
221 if (sm->cur_pmksa) {
222 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
225 sm->cur_pmksa = NULL;
233 if (abort_cached && wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt) &&
234 !wpa_key_mgmt_ft(sm->key_mgmt)) {
239 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
242 buf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_START,
245 wpa_sm_ether_send(sm, sm->bssid, ETH_P_EAPOL,
260 * @sm: Pointer to WPA state machine data from wpa_sm_init()
270 int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst,
282 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: No wpa_ie set - "
288 if (wpa_key_mgmt_ft(sm->key_mgmt)) {
296 sm->assoc_resp_ies_len);
301 sm->pmk_r1_name);
308 if (sm->assoc_resp_ies) {
309 os_memcpy(rsn_ie_buf + wpa_ie_len, sm->assoc_resp_ies,
310 sm->assoc_resp_ies_len);
311 wpa_ie_len += sm->assoc_resp_ies_len;
320 rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY,
328 reply->type = sm->proto == WPA_PROTO_RSN ?
332 if (sm->proto == WPA_PROTO_RSN)
347 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Sending EAPOL-Key 2/4");
348 wpa_eapol_key_send(sm, ptk->kck, ver, dst, ETH_P_EAPOL,
355 static int wpa_derive_ptk(struct wpa_sm *sm, const unsigned char *src_addr,
359 size_t ptk_len = sm->pairwise_cipher != WPA_CIPHER_TKIP ? 48 : 64;
361 if (wpa_key_mgmt_ft(sm->key_mgmt))
362 return wpa_derive_ptk_ft(sm, src_addr, key, ptk, ptk_len);
365 wpa_pmk_to_ptk(sm->pmk, sm->pmk_len, "Pairwise key expansion",
366 sm->own_addr, sm->bssid, sm->snonce, key->key_nonce,
368 wpa_key_mgmt_sha256(sm->key_mgmt));
373 static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm,
383 if (wpa_sm_get_network_ctx(sm) == NULL) {
384 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: No SSID info "
389 wpa_sm_set_state(sm, WPA_4WAY_HANDSHAKE);
390 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: RX message 1 of 4-Way "
396 if (sm->proto == WPA_PROTO_RSN) {
410 res = wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid);
412 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "RSN: Do not reply to "
419 if (sm->renew_snonce) {
420 if (random_get_bytes(sm->snonce, WPA_NONCE_LEN)) {
421 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
425 sm->renew_snonce = 0;
427 sm->snonce, WPA_NONCE_LEN);
432 ptk = &sm->tptk;
433 wpa_derive_ptk(sm, src_addr, key, ptk);
438 sm->tptk_set = 1;
440 if (wpa_supplicant_send_2_of_4(sm, sm->bssid, key, ver, sm->snonce,
441 sm->assoc_wpa_ie, sm->assoc_wpa_ie_len,
445 os_memcpy(sm->anonce, key->key_nonce, WPA_NONCE_LEN);
449 wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED);
455 struct wpa_sm *sm = eloop_ctx;
456 rsn_preauth_candidate_process(sm);
460 static void wpa_supplicant_key_neg_complete(struct wpa_sm *sm,
463 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
466 wpa_cipher_txt(sm->pairwise_cipher),
467 wpa_cipher_txt(sm->group_cipher));
468 wpa_sm_cancel_auth_timeout(sm);
469 wpa_sm_set_state(sm, WPA_COMPLETED);
473 sm, addr, MLME_SETPROTECTION_PROTECT_TYPE_RX_TX,
475 eapol_sm_notify_portValid(sm->eapol, TRUE);
476 if (wpa_key_mgmt_wpa_psk(sm->key_mgmt))
477 eapol_sm_notify_eap_success(sm->eapol, TRUE);
485 eloop_register_timeout(1, 0, wpa_sm_start_preauth, sm, NULL);
488 if (sm->cur_pmksa && sm->cur_pmksa->opportunistic) {
489 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
492 sm->cur_pmksa->opportunistic = 0;
496 if (wpa_key_mgmt_ft(sm->key_mgmt)) {
498 wpa_ft_prepare_auth_request(sm, NULL);
506 struct wpa_sm *sm = eloop_ctx;
507 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Request PTK rekeying");
508 wpa_sm_key_request(sm, 0, 1);
512 static int wpa_supplicant_install_ptk(struct wpa_sm *sm,
520 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
523 if (sm->pairwise_cipher == WPA_CIPHER_NONE) {
524 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Pairwise Cipher "
529 if (!wpa_cipher_valid_pairwise(sm->pairwise_cipher)) {
530 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
532 sm->pairwise_cipher);
536 alg = wpa_cipher_to_alg(sm->pairwise_cipher);
537 keylen = wpa_cipher_key_len(sm->pairwise_cipher);
538 rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher);
540 if (sm->proto == WPA_PROTO_RSN) {
547 if (wpa_sm_set_key(sm, alg, sm->bssid, 0, 1, key_rsc, rsclen,
548 (u8 *) sm->ptk.tk1, keylen) < 0) {
549 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
552 alg, keylen, MAC2STR(sm->bssid));
556 if (sm->wpa_ptk_rekey) {
557 eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL);
558 eloop_register_timeout(sm->wpa_ptk_rekey, 0, wpa_sm_rekey_ptk,
559 sm, NULL);
566 static int wpa_supplicant_check_group_cipher(struct wpa_sm *sm,
576 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
585 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
602 static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
610 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
614 if (sm->group_cipher == WPA_CIPHER_TKIP) {
621 if (sm->pairwise_cipher == WPA_CIPHER_NONE) {
622 if (wpa_sm_set_key(sm, gd->alg, NULL,
625 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
630 } else if (wpa_sm_set_key(sm, gd->alg, broadcast_ether_addr,
633 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
644 static int wpa_supplicant_gtk_tx_bit_workaround(const struct wpa_sm *sm,
647 if (tx && sm->pairwise_cipher != WPA_CIPHER_NONE) {
653 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
662 static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm,
686 gd.tx = wpa_supplicant_gtk_tx_bit_workaround(sm,
694 if (wpa_supplicant_check_group_cipher(sm, sm->group_cipher,
697 wpa_supplicant_install_gtk(sm, &gd, key->key_rsc)) {
698 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
703 wpa_supplicant_key_neg_complete(sm, sm->bssid,
712 static int ieee80211w_set_keys(struct wpa_sm *sm,
716 if (sm->mgmt_group_cipher != WPA_CIPHER_AES_128_CMAC)
726 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: IGTK keyid %d "
732 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
736 if (wpa_sm_set_key(sm, WPA_ALG_IGTK, broadcast_ether_addr,
739 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
752 static void wpa_report_ie_mismatch(struct wpa_sm *sm,
757 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: %s (src=" MACSTR ")",
760 if (sm->ap_wpa_ie) {
762 sm->ap_wpa_ie, sm->ap_wpa_ie_len);
765 if (!sm->ap_wpa_ie) {
766 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
773 if (sm->ap_rsn_ie) {
775 sm->ap_rsn_ie, sm->ap_rsn_ie_len);
778 if (!sm->ap_rsn_ie) {
779 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
786 wpa_sm_disassociate(sm, WLAN_REASON_IE_IN_4WAY_DIFFERS);
792 static int ft_validate_mdie(struct wpa_sm *sm,
801 os_memcmp(mdie->mobility_domain, sm->mobility_domain,
803 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "FT: MDIE in msg 3/4 did "
811 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "FT: MDIE mismatch");
823 static int ft_validate_ftie(struct wpa_sm *sm,
829 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
839 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "FT: FTIE mismatch");
851 static int ft_validate_rsnie(struct wpa_sm *sm,
866 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "FT: No PMKR1Name in "
871 if (os_memcmp(rsn.pmkid, sm->pmk_r1_name, WPA_PMK_NAME_LEN) != 0) {
872 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
878 sm->pmk_r1_name, WPA_PMK_NAME_LEN);
886 static int wpa_supplicant_validate_ie_ft(struct wpa_sm *sm,
892 if (sm->assoc_resp_ies) {
893 pos = sm->assoc_resp_ies;
894 end = pos + sm->assoc_resp_ies_len;
910 if (ft_validate_mdie(sm, src_addr, ie, mdie) < 0 ||
911 ft_validate_ftie(sm, src_addr, ie, ftie) < 0 ||
912 ft_validate_rsnie(sm, src_addr, ie) < 0)
921 static int wpa_supplicant_validate_ie(struct wpa_sm *sm,
925 if (sm->ap_wpa_ie == NULL && sm->ap_rsn_ie == NULL) {
926 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
929 if (wpa_sm_get_beacon_ie(sm) < 0) {
930 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
934 wpa_msg(sm->ctx->msg_ctx, MSG_DEBUG,
941 (sm->ap_wpa_ie || sm->ap_rsn_ie)) {
942 wpa_report_ie_mismatch(sm, "IE in 3/4 msg does not match "
949 if ((ie->wpa_ie && sm->ap_wpa_ie &&
950 (ie->wpa_ie_len != sm->ap_wpa_ie_len ||
951 os_memcmp(ie->wpa_ie, sm->ap_wpa_ie, ie->wpa_ie_len) != 0)) ||
952 (ie->rsn_ie && sm->ap_rsn_ie &&
953 wpa_compare_rsn_ie(wpa_key_mgmt_ft(sm->key_mgmt),
954 sm->ap_rsn_ie, sm->ap_rsn_ie_len,
956 wpa_report_ie_mismatch(sm, "IE in 3/4 msg does not match "
963 if (sm->proto == WPA_PROTO_WPA &&
964 ie->rsn_ie && sm->ap_rsn_ie == NULL && sm->rsn_enabled) {
965 wpa_report_ie_mismatch(sm, "Possible downgrade attack "
975 if (wpa_key_mgmt_ft(sm->key_mgmt) &&
976 wpa_supplicant_validate_ie_ft(sm, src_addr, ie) < 0)
986 * @sm: Pointer to WPA state machine data from wpa_sm_init()
996 int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst,
1009 rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL,
1015 reply->type = sm->proto == WPA_PROTO_RSN ?
1020 if (sm->proto == WPA_PROTO_RSN)
1031 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Sending EAPOL-Key 4/4");
1032 wpa_eapol_key_send(sm, ptk->kck, ver, dst, ETH_P_EAPOL,
1039 static void wpa_supplicant_process_3_of_4(struct wpa_sm *sm,
1047 wpa_sm_set_state(sm, WPA_4WAY_HANDSHAKE);
1048 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: RX message 3 of 4-Way "
1049 "Handshake from " MACSTR " (ver=%d)", MAC2STR(sm->bssid), ver);
1059 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1065 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1071 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1078 if (wpa_supplicant_validate_ie(sm, sm->bssid, &ie) < 0)
1081 if (os_memcmp(sm->anonce, key->key_nonce, WPA_NONCE_LEN) != 0) {
1082 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1085 MACSTR ")", MAC2STR(sm->bssid));
1090 if (keylen != wpa_cipher_key_len(sm->pairwise_cipher)) {
1091 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1093 ")", wpa_cipher_txt(sm->pairwise_cipher), keylen,
1094 MAC2STR(sm->bssid));
1098 if (wpa_supplicant_send_4_of_4(sm, sm->bssid, key, ver, key_info,
1099 NULL, 0, &sm->ptk)) {
1106 sm->renew_snonce = 1;
1109 if (wpa_supplicant_install_ptk(sm, key))
1115 sm, sm->bssid, MLME_SETPROTECTION_PROTECT_TYPE_RX,
1117 eapol_sm_notify_portValid(sm->eapol, TRUE);
1119 wpa_sm_set_state(sm, WPA_GROUP_HANDSHAKE);
1122 wpa_supplicant_pairwise_gtk(sm, key,
1124 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
1129 if (ieee80211w_set_keys(sm, &ie) < 0) {
1130 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
1135 wpa_sm_set_rekey_offload(sm);
1140 wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED);
1144 static int wpa_supplicant_process_1_of_2_rsn(struct wpa_sm *sm,
1157 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1162 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
1168 if (wpa_supplicant_check_group_cipher(sm, sm->group_cipher,
1176 gd->tx = wpa_supplicant_gtk_tx_bit_workaround(sm,
1179 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
1186 if (ieee80211w_set_keys(sm, &ie) < 0)
1187 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
1194 static int wpa_supplicant_process_1_of_2_wpa(struct wpa_sm *sm,
1206 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
1214 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
1222 if (wpa_supplicant_check_group_cipher(sm, sm->group_cipher,
1231 os_memcpy(ek + 16, sm->ptk.kek, 16);
1233 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1240 wpa_msg(sm->ctx->msg_ctx, MSG_ERROR,
1246 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1252 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1259 if (aes_unwrap(sm->ptk.kek, maxkeylen / 8,
1261 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1267 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1272 sm, !!(key_info & WPA_KEY_INFO_TXRX));
1277 static int wpa_supplicant_send_2_of_2(struct wpa_sm *sm,
1285 rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL,
1290 reply->type = sm->proto == WPA_PROTO_RSN ?
1295 if (sm->proto == WPA_PROTO_RSN)
1304 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Sending EAPOL-Key 2/2");
1305 wpa_eapol_key_send(sm, sm->ptk.kck, ver, sm->bssid, ETH_P_EAPOL,
1312 static void wpa_supplicant_process_1_of_2(struct wpa_sm *sm,
1323 rekey = wpa_sm_get_state(sm) == WPA_COMPLETED;
1324 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: RX message 1 of Group Key "
1330 if (sm->proto == WPA_PROTO_RSN) {
1331 ret = wpa_supplicant_process_1_of_2_rsn(sm,
1336 ret = wpa_supplicant_process_1_of_2_wpa(sm, key, keydatalen,
1341 wpa_sm_set_state(sm, WPA_GROUP_HANDSHAKE);
1346 if (wpa_supplicant_install_gtk(sm, &gd, key->key_rsc) ||
1347 wpa_supplicant_send_2_of_2(sm, key, ver, key_info))
1351 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: Group rekeying "
1353 MAC2STR(sm->bssid), wpa_cipher_txt(sm->group_cipher));
1354 wpa_sm_cancel_auth_timeout(sm);
1355 wpa_sm_set_state(sm, WPA_COMPLETED);
1357 wpa_sm_set_rekey_offload(sm);
1359 wpa_supplicant_key_neg_complete(sm, sm->bssid,
1366 wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED);
1370 static int wpa_supplicant_verify_eapol_key_mic(struct wpa_sm *sm,
1379 if (sm->tptk_set) {
1381 wpa_eapol_key_mic(sm->tptk.kck, ver, buf, len,
1384 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1389 sm->tptk_set = 0;
1390 sm->ptk_set = 1;
1391 os_memcpy(&sm->ptk, &sm->tptk, sizeof(sm->ptk));
1395 if (!ok && sm->ptk_set) {
1397 wpa_eapol_key_mic(sm->ptk.kck, ver, buf, len,
1400 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1409 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1415 os_memcpy(sm->rx_replay_counter, key->replay_counter,
1417 sm->rx_replay_counter_set = 1;
1423 static int wpa_supplicant_decrypt_key_data(struct wpa_sm *sm,
1430 if (!sm->ptk_set) {
1431 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1442 os_memcpy(ek + 16, sm->ptk.kek, 16);
1444 wpa_msg(sm->ctx->msg_ctx, MSG_ERROR,
1452 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1460 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1464 if (aes_unwrap(sm->ptk.kek, keydatalen / 8,
1467 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1476 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1488 * @sm: Pointer to WPA state machine data from wpa_sm_init()
1490 void wpa_sm_aborted_cached(struct wpa_sm *sm)
1492 if (sm && sm->cur_pmksa) {
1493 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
1495 sm->cur_pmksa = NULL;
1500 static void wpa_eapol_key_dump(struct wpa_sm *sm,
1506 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, " EAPOL-Key type=%d", key->type);
1507 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
1521 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
1538 * @sm: Pointer to WPA state machine data from wpa_sm_init()
1552 int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr,
1564 sm->ft_completed = 0;
1568 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
1585 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
1593 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
1600 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
1610 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
1616 wpa_eapol_key_dump(sm, key);
1618 eapol_sm_notify_lower_layer_success(sm->eapol, 0);
1621 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
1632 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
1639 if (wpa_key_mgmt_ft(sm->key_mgmt)) {
1642 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
1649 if (wpa_key_mgmt_sha256(sm->key_mgmt)) {
1651 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
1658 if (sm->pairwise_cipher == WPA_CIPHER_CCMP &&
1660 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
1663 if (sm->group_cipher != WPA_CIPHER_CCMP &&
1669 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
1675 if (sm->pairwise_cipher == WPA_CIPHER_GCMP &&
1677 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
1684 for (peerkey = sm->peerkey; peerkey; peerkey = peerkey->next) {
1693 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1704 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
1714 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
1720 if (!peerkey && sm->rx_replay_counter_set &&
1721 os_memcmp(key->replay_counter, sm->rx_replay_counter,
1723 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1734 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
1740 wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
1746 wpa_supplicant_verify_eapol_key_mic(sm, key, ver, tmp, data_len))
1751 peerkey_verify_eapol_key_mic(sm, peerkey, key, ver, tmp, data_len))
1758 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: Invalid EAPOL-Key "
1766 if (sm->proto == WPA_PROTO_RSN &&
1768 if (wpa_supplicant_decrypt_key_data(sm, key, ver))
1775 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1782 peerkey_rx_eapol_4way(sm, peerkey, key, key_info, ver);
1785 wpa_supplicant_process_3_of_4(sm, key, ver);
1788 wpa_supplicant_process_1_of_4(sm, src_addr, key,
1793 peerkey_rx_eapol_smk(sm, src_addr, key, extra_len, key_info,
1798 wpa_supplicant_process_1_of_2(sm, src_addr, key,
1801 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
1816 static u32 wpa_key_mgmt_suite(struct wpa_sm *sm)
1818 switch (sm->key_mgmt) {
1820 return (sm->proto == WPA_PROTO_RSN ?
1824 return (sm->proto == WPA_PROTO_RSN ?
1853 * @sm: Pointer to WPA state machine data from wpa_sm_init()
1860 int wpa_sm_get_mib(struct wpa_sm *sm, char *buf, size_t buflen)
1866 if (sm->cur_pmksa) {
1868 sm->cur_pmksa->pmkid, PMKID_LEN);
1872 if ((wpa_key_mgmt_wpa_psk(sm->key_mgmt) ||
1873 wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt)) &&
1874 sm->proto == WPA_PROTO_RSN)
1894 wpa_cipher_key_len(sm->group_cipher) * 8,
1895 sm->dot11RSNAConfigPMKLifetime,
1896 sm->dot11RSNAConfigPMKReauthThreshold,
1897 sm->dot11RSNAConfigSATimeout);
1913 RSN_SUITE_ARG(wpa_key_mgmt_suite(sm)),
1914 RSN_SUITE_ARG(wpa_cipher_to_suite(sm->proto,
1915 sm->pairwise_cipher)),
1916 RSN_SUITE_ARG(wpa_cipher_to_suite(sm->proto,
1917 sm->group_cipher)),
1919 RSN_SUITE_ARG(wpa_key_mgmt_suite(sm)),
1920 RSN_SUITE_ARG(wpa_cipher_to_suite(sm->proto,
1921 sm->pairwise_cipher)),
1922 RSN_SUITE_ARG(wpa_cipher_to_suite(sm->proto,
1923 sm->group_cipher)),
1924 sm->dot11RSNA4WayHandshakeFailures);
1936 struct wpa_sm *sm = ctx;
1938 if (sm->cur_pmksa == entry ||
1939 (sm->pmk_len == entry->pmk_len &&
1940 os_memcmp(sm->pmk, entry->pmk, sm->pmk_len) == 0)) {
1941 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
1943 sm->cur_pmksa = NULL;
1953 os_memset(sm->pmk, 0, sizeof(sm->pmk));
1954 wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED);
1969 struct wpa_sm *sm;
1971 sm = os_zalloc(sizeof(*sm));
1972 if (sm == NULL)
1974 dl_list_init(&sm->pmksa_candidates);
1975 sm->renew_snonce = 1;
1976 sm->ctx = ctx;
1978 sm->dot11RSNAConfigPMKLifetime = 43200;
1979 sm->dot11RSNAConfigPMKReauthThreshold = 70;
1980 sm->dot11RSNAConfigSATimeout = 60;
1982 sm->pmksa = pmksa_cache_init(wpa_sm_pmksa_free_cb, sm, sm);
1983 if (sm->pmksa == NULL) {
1984 wpa_msg(sm->ctx->msg_ctx, MSG_ERROR,
1986 os_free(sm);
1990 return sm;
1996 * @sm: Pointer to WPA state machine data from wpa_sm_init()
1998 void wpa_sm_deinit(struct wpa_sm *sm)
2000 if (sm == NULL)
2002 pmksa_cache_deinit(sm->pmksa);
2003 eloop_cancel_timeout(wpa_sm_start_preauth, sm, NULL);
2004 eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL);
2005 os_free(sm->assoc_wpa_ie);
2006 os_free(sm->ap_wpa_ie);
2007 os_free(sm->ap_rsn_ie);
2008 os_free(sm->ctx);
2009 peerkey_deinit(sm);
2011 os_free(sm->assoc_resp_ies);
2013 os_free(sm);
2019 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2025 void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
2029 if (sm == NULL)
2032 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
2034 os_memcpy(sm->bssid, bssid, ETH_ALEN);
2035 os_memset(sm->rx_replay_counter, 0, WPA_REPLAY_COUNTER_LEN);
2036 sm->rx_replay_counter_set = 0;
2037 sm->renew_snonce = 1;
2038 if (os_memcmp(sm->preauth_bssid, bssid, ETH_ALEN) == 0)
2039 rsn_preauth_deinit(sm);
2042 if (wpa_ft_is_completed(sm)) {
2047 eapol_sm_notify_portValid(sm->eapol, FALSE);
2048 wpa_supplicant_key_neg_complete(sm, sm->bssid, 1);
2051 wpa_ft_prepare_auth_request(sm, NULL);
2062 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Clear old PTK");
2063 sm->ptk_set = 0;
2064 sm->tptk_set = 0;
2068 wpa_tdls_assoc(sm);
2075 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2080 void wpa_sm_notify_disassoc(struct wpa_sm *sm)
2082 rsn_preauth_deinit(sm);
2083 if (wpa_sm_get_state(sm) == WPA_4WAY_HANDSHAKE)
2084 sm->dot11RSNA4WayHandshakeFailures++;
2086 wpa_tdls_disassoc(sm);
2093 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2099 void wpa_sm_set_pmk(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len)
2101 if (sm == NULL)
2104 sm->pmk_len = pmk_len;
2105 os_memcpy(sm->pmk, pmk, pmk_len);
2109 sm->xxkey_len = pmk_len;
2110 os_memcpy(sm->xxkey, pmk, pmk_len);
2117 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2122 void wpa_sm_set_pmk_from_pmksa(struct wpa_sm *sm)
2124 if (sm == NULL)
2127 if (sm->cur_pmksa) {
2128 sm->pmk_len = sm->cur_pmksa->pmk_len;
2129 os_memcpy(sm->pmk, sm->cur_pmksa->pmk, sm->pmk_len);
2131 sm->pmk_len = PMK_LEN;
2132 os_memset(sm->pmk, 0, PMK_LEN);
2139 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2142 void wpa_sm_set_fast_reauth(struct wpa_sm *sm, int fast_reauth)
2144 if (sm)
2145 sm->fast_reauth = fast_reauth;
2151 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2154 void wpa_sm_set_scard_ctx(struct wpa_sm *sm, void *scard_ctx)
2156 if (sm == NULL)
2158 sm->scard_ctx = scard_ctx;
2159 if (sm->preauth_eapol)
2160 eapol_sm_register_scard_ctx(sm->preauth_eapol, scard_ctx);
2166 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2173 void wpa_sm_set_config(struct wpa_sm *sm, struct rsn_supp_config *config)
2175 if (!sm)
2179 sm->network_ctx = config->network_ctx;
2180 sm->peerkey_enabled = config->peerkey_enabled;
2181 sm->allowed_pairwise_cipher = config->allowed_pairwise_cipher;
2182 sm->proactive_key_caching = config->proactive_key_caching;
2183 sm->eap_workaround = config->eap_workaround;
2184 sm->eap_conf_ctx = config->eap_conf_ctx;
2186 os_memcpy(sm->ssid, config->ssid, config->ssid_len);
2187 sm->ssid_len = config->ssid_len;
2189 sm->ssid_len = 0;
2190 sm->wpa_ptk_rekey = config->wpa_ptk_rekey;
2192 sm->network_ctx = NULL;
2193 sm->peerkey_enabled = 0;
2194 sm->allowed_pairwise_cipher = 0;
2195 sm->proactive_key_caching = 0;
2196 sm->eap_workaround = 0;
2197 sm->eap_conf_ctx = NULL;
2198 sm->ssid_len = 0;
2199 sm->wpa_ptk_rekey = 0;
2206 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2209 void wpa_sm_set_own_addr(struct wpa_sm *sm, const u8 *addr)
2211 if (sm)
2212 os_memcpy(sm->own_addr, addr, ETH_ALEN);
2218 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2222 void wpa_sm_set_ifname(struct wpa_sm *sm, const char *ifname,
2225 if (sm) {
2226 sm->ifname = ifname;
2227 sm->bridge_ifname = bridge_ifname;
2234 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2237 void wpa_sm_set_eapol(struct wpa_sm *sm, struct eapol_sm *eapol)
2239 if (sm)
2240 sm->eapol = eapol;
2246 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2251 int wpa_sm_set_param(struct wpa_sm *sm, enum wpa_sm_conf_params param,
2256 if (sm == NULL)
2262 sm->dot11RSNAConfigPMKLifetime = value;
2268 sm->dot11RSNAConfigPMKReauthThreshold = value;
2274 sm->dot11RSNAConfigSATimeout = value;
2279 sm->proto = value;
2282 sm->pairwise_cipher = value;
2285 sm->group_cipher = value;
2288 sm->key_mgmt = value;
2292 sm->mgmt_group_cipher = value;
2296 sm->rsn_enabled = value;
2299 sm->mfp = value;
2311 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2315 unsigned int wpa_sm_get_param(struct wpa_sm *sm, enum wpa_sm_conf_params param)
2317 if (sm == NULL)
2322 return sm->dot11RSNAConfigPMKLifetime;
2324 return sm->dot11RSNAConfigPMKReauthThreshold;
2326 return sm->dot11RSNAConfigSATimeout;
2328 return sm->proto;
2330 return sm->pairwise_cipher;
2332 return sm->group_cipher;
2334 return sm->key_mgmt;
2337 return sm->mgmt_group_cipher;
2340 return sm->rsn_enabled;
2349 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2359 int wpa_sm_get_status(struct wpa_sm *sm, char *buf, size_t buflen,
2369 wpa_cipher_txt(sm->pairwise_cipher),
2370 wpa_cipher_txt(sm->group_cipher),
2371 wpa_key_mgmt_txt(sm->key_mgmt, sm->proto));
2381 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2386 int wpa_sm_set_assoc_wpa_ie_default(struct wpa_sm *sm, u8 *wpa_ie,
2391 if (sm == NULL)
2394 res = wpa_gen_wpa_ie(sm, wpa_ie, *wpa_ie_len);
2402 if (sm->assoc_wpa_ie == NULL) {
2408 sm->assoc_wpa_ie = os_malloc(*wpa_ie_len);
2409 if (sm->assoc_wpa_ie == NULL)
2412 os_memcpy(sm->assoc_wpa_ie, wpa_ie, *wpa_ie_len);
2413 sm->assoc_wpa_ie_len = *wpa_ie_len;
2422 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2431 int wpa_sm_set_assoc_wpa_ie(struct wpa_sm *sm, const u8 *ie, size_t len)
2433 if (sm == NULL)
2436 os_free(sm->assoc_wpa_ie);
2438 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
2440 sm->assoc_wpa_ie = NULL;
2441 sm->assoc_wpa_ie_len = 0;
2444 sm->assoc_wpa_ie = os_malloc(len);
2445 if (sm->assoc_wpa_ie == NULL)
2448 os_memcpy(sm->assoc_wpa_ie, ie, len);
2449 sm->assoc_wpa_ie_len = len;
2458 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2466 int wpa_sm_set_ap_wpa_ie(struct wpa_sm *sm, const u8 *ie, size_t len)
2468 if (sm == NULL)
2471 os_free(sm->ap_wpa_ie);
2473 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
2475 sm->ap_wpa_ie = NULL;
2476 sm->ap_wpa_ie_len = 0;
2479 sm->ap_wpa_ie = os_malloc(len);
2480 if (sm->ap_wpa_ie == NULL)
2483 os_memcpy(sm->ap_wpa_ie, ie, len);
2484 sm->ap_wpa_ie_len = len;
2493 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2501 int wpa_sm_set_ap_rsn_ie(struct wpa_sm *sm, const u8 *ie, size_t len)
2503 if (sm == NULL)
2506 os_free(sm->ap_rsn_ie);
2508 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
2510 sm->ap_rsn_ie = NULL;
2511 sm->ap_rsn_ie_len = 0;
2514 sm->ap_rsn_ie = os_malloc(len);
2515 if (sm->ap_rsn_ie == NULL)
2518 os_memcpy(sm->ap_rsn_ie, ie, len);
2519 sm->ap_rsn_ie_len = len;
2528 * @sm: Pointer to WPA state machine data from wpa_sm_init()
2535 int wpa_sm_parse_own_wpa_ie(struct wpa_sm *sm, struct wpa_ie_data *data)
2537 if (sm == NULL)
2540 if (sm->assoc_wpa_ie == NULL) {
2541 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
2545 if (wpa_parse_wpa_ie(sm->assoc_wpa_ie, sm->assoc_wpa_ie_len, data))
2551 int wpa_sm_pmksa_cache_list(struct wpa_sm *sm, char *buf, size_t len)
2554 return pmksa_cache_list(sm->pmksa, buf, len);
2561 void wpa_sm_drop_sa(struct wpa_sm *sm)
2563 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Clear old PMK and PTK");
2564 sm->ptk_set = 0;
2565 sm->tptk_set = 0;
2566 os_memset(sm->pmk, 0, sizeof(sm->pmk));
2567 os_memset(&sm->ptk, 0, sizeof(sm->ptk));
2568 os_memset(&sm->tptk, 0, sizeof(sm->tptk));
2572 int wpa_sm_has_ptk(struct wpa_sm *sm)
2574 if (sm == NULL)
2576 return sm->ptk_set;
2580 void wpa_sm_update_replay_ctr(struct wpa_sm *sm, const u8 *replay_ctr)
2582 os_memcpy(sm->rx_replay_counter, replay_ctr, WPA_REPLAY_COUNTER_LEN);
2586 void wpa_sm_pmksa_cache_flush(struct wpa_sm *sm, void *network_ctx)
2589 pmksa_cache_flush(sm->pmksa, network_ctx);
2595 int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf)
2612 keylen = wpa_cipher_key_len(sm->group_cipher);
2613 gd.key_rsc_len = wpa_cipher_rsc_len(sm->group_cipher);
2614 gd.alg = wpa_cipher_to_alg(sm->group_cipher);
2632 sm, !!(keyinfo & WPA_KEY_INFO_TXRX));
2640 if (aes_unwrap(sm->ptk.kek, keydatalen / 8, buf + 13, gd.gtk))
2649 if (wpa_supplicant_install_gtk(sm, &gd, key_rsc)) {
2666 if (aes_unwrap(sm->ptk.kek, WPA_IGTK_LEN / 8, buf + 10,
2675 if (wpa_sm_set_key(sm, WPA_ALG_IGTK, broadcast_ether_addr,
