Home | History | Annotate | Download | only in wps
      1 /*
      2  * Wi-Fi Protected Setup - Strict protocol validation routines
      3  * Copyright (c) 2010, Atheros Communications, Inc.
      4  *
      5  * This software may be distributed under the terms of the BSD license.
      6  * See README for more details.
      7  */
      8 
      9 #include "utils/includes.h"
     10 
     11 #include "utils/common.h"
     12 #include "wps_i.h"
     13 #include "wps.h"
     14 
     15 
     16 #ifndef WPS_STRICT_ALL
     17 #define WPS_STRICT_WPS2
     18 #endif /* WPS_STRICT_ALL */
     19 
     20 
     21 static int wps_validate_version(const u8 *version, int mandatory)
     22 {
     23 	if (version == NULL) {
     24 		if (mandatory) {
     25 			wpa_printf(MSG_INFO, "WPS-STRICT: Version attribute "
     26 				   "missing");
     27 			return -1;
     28 		}
     29 		return 0;
     30 	}
     31 	if (*version != 0x10) {
     32 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Version attribute "
     33 			   "value 0x%x", *version);
     34 		return -1;
     35 	}
     36 	return 0;
     37 }
     38 
     39 
     40 static int wps_validate_version2(const u8 *version2, int mandatory)
     41 {
     42 	if (version2 == NULL) {
     43 		if (mandatory) {
     44 			wpa_printf(MSG_INFO, "WPS-STRICT: Version2 attribute "
     45 				   "missing");
     46 			return -1;
     47 		}
     48 		return 0;
     49 	}
     50 	if (*version2 < 0x20) {
     51 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Version2 attribute "
     52 			   "value 0x%x", *version2);
     53 		return -1;
     54 	}
     55 	return 0;
     56 }
     57 
     58 
     59 static int wps_validate_request_type(const u8 *request_type, int mandatory)
     60 {
     61 	if (request_type == NULL) {
     62 		if (mandatory) {
     63 			wpa_printf(MSG_INFO, "WPS-STRICT: Request Type "
     64 				   "attribute missing");
     65 			return -1;
     66 		}
     67 		return 0;
     68 	}
     69 	if (*request_type > 0x03) {
     70 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Request Type "
     71 			   "attribute value 0x%x", *request_type);
     72 		return -1;
     73 	}
     74 	return 0;
     75 }
     76 
     77 
     78 static int wps_validate_response_type(const u8 *response_type, int mandatory)
     79 {
     80 	if (response_type == NULL) {
     81 		if (mandatory) {
     82 			wpa_printf(MSG_INFO, "WPS-STRICT: Response Type "
     83 				   "attribute missing");
     84 			return -1;
     85 		}
     86 		return 0;
     87 	}
     88 	if (*response_type > 0x03) {
     89 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Response Type "
     90 			   "attribute value 0x%x", *response_type);
     91 		return -1;
     92 	}
     93 	return 0;
     94 }
     95 
     96 
     97 static int valid_config_methods(u16 val, int wps2)
     98 {
     99 	if (wps2) {
    100 		if ((val & 0x6000) && !(val & WPS_CONFIG_DISPLAY)) {
    101 			wpa_printf(MSG_INFO, "WPS-STRICT: Physical/Virtual "
    102 				   "Display flag without old Display flag "
    103 				   "set");
    104 			return 0;
    105 		}
    106 		if (!(val & 0x6000) && (val & WPS_CONFIG_DISPLAY)) {
    107 			wpa_printf(MSG_INFO, "WPS-STRICT: Display flag "
    108 				   "without Physical/Virtual Display flag");
    109 			return 0;
    110 		}
    111 		if ((val & 0x0600) && !(val & WPS_CONFIG_PUSHBUTTON)) {
    112 			wpa_printf(MSG_INFO, "WPS-STRICT: Physical/Virtual "
    113 				   "PushButton flag without old PushButton "
    114 				   "flag set");
    115 			return 0;
    116 		}
    117 		if (!(val & 0x0600) && (val & WPS_CONFIG_PUSHBUTTON)) {
    118 			wpa_printf(MSG_INFO, "WPS-STRICT: PushButton flag "
    119 				   "without Physical/Virtual PushButton flag");
    120 			return 0;
    121 		}
    122 	}
    123 
    124 	return 1;
    125 }
    126 
    127 
    128 static int wps_validate_config_methods(const u8 *config_methods, int wps2,
    129 				       int mandatory)
    130 {
    131 	u16 val;
    132 
    133 	if (config_methods == NULL) {
    134 		if (mandatory) {
    135 			wpa_printf(MSG_INFO, "WPS-STRICT: Configuration "
    136 				   "Methods attribute missing");
    137 			return -1;
    138 		}
    139 		return 0;
    140 	}
    141 
    142 	val = WPA_GET_BE16(config_methods);
    143 	if (!valid_config_methods(val, wps2)) {
    144 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Configuration "
    145 			   "Methods attribute value 0x%04x", val);
    146 		return -1;
    147 	}
    148 	return 0;
    149 }
    150 
    151 
    152 static int wps_validate_ap_config_methods(const u8 *config_methods, int wps2,
    153 					  int mandatory)
    154 {
    155 	u16 val;
    156 
    157 	if (wps_validate_config_methods(config_methods, wps2, mandatory) < 0)
    158 		return -1;
    159 	if (config_methods == NULL)
    160 		return 0;
    161 	val = WPA_GET_BE16(config_methods);
    162 	if (val & WPS_CONFIG_PUSHBUTTON) {
    163 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Configuration "
    164 			   "Methods attribute value 0x%04x in AP info "
    165 			   "(PushButton not allowed for registering new ER)",
    166 			   val);
    167 		return -1;
    168 	}
    169 	return 0;
    170 }
    171 
    172 
    173 static int wps_validate_uuid_e(const u8 *uuid_e, int mandatory)
    174 {
    175 	if (uuid_e == NULL) {
    176 		if (mandatory) {
    177 			wpa_printf(MSG_INFO, "WPS-STRICT: UUID-E "
    178 				   "attribute missing");
    179 			return -1;
    180 		}
    181 		return 0;
    182 	}
    183 	return 0;
    184 }
    185 
    186 
    187 static int wps_validate_uuid_r(const u8 *uuid_r, int mandatory)
    188 {
    189 	if (uuid_r == NULL) {
    190 		if (mandatory) {
    191 			wpa_printf(MSG_INFO, "WPS-STRICT: UUID-R "
    192 				   "attribute missing");
    193 			return -1;
    194 		}
    195 		return 0;
    196 	}
    197 	return 0;
    198 }
    199 
    200 
    201 static int wps_validate_primary_dev_type(const u8 *primary_dev_type,
    202 					 int mandatory)
    203 {
    204 	if (primary_dev_type == NULL) {
    205 		if (mandatory) {
    206 			wpa_printf(MSG_INFO, "WPS-STRICT: Primary Device Type "
    207 				   "attribute missing");
    208 			return -1;
    209 		}
    210 		return 0;
    211 	}
    212 	return 0;
    213 }
    214 
    215 
    216 static int wps_validate_rf_bands(const u8 *rf_bands, int mandatory)
    217 {
    218 	if (rf_bands == NULL) {
    219 		if (mandatory) {
    220 			wpa_printf(MSG_INFO, "WPS-STRICT: RF Bands "
    221 				   "attribute missing");
    222 			return -1;
    223 		}
    224 		return 0;
    225 	}
    226 	if (*rf_bands != WPS_RF_24GHZ && *rf_bands != WPS_RF_50GHZ &&
    227 	    *rf_bands != (WPS_RF_24GHZ | WPS_RF_50GHZ)) {
    228 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Rf Bands "
    229 			   "attribute value 0x%x", *rf_bands);
    230 		return -1;
    231 	}
    232 	return 0;
    233 }
    234 
    235 
    236 static int wps_validate_assoc_state(const u8 *assoc_state, int mandatory)
    237 {
    238 	u16 val;
    239 	if (assoc_state == NULL) {
    240 		if (mandatory) {
    241 			wpa_printf(MSG_INFO, "WPS-STRICT: Association State "
    242 				   "attribute missing");
    243 			return -1;
    244 		}
    245 		return 0;
    246 	}
    247 	val = WPA_GET_BE16(assoc_state);
    248 	if (val > 4) {
    249 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Association State "
    250 			   "attribute value 0x%04x", val);
    251 		return -1;
    252 	}
    253 	return 0;
    254 }
    255 
    256 
    257 static int wps_validate_config_error(const u8 *config_error, int mandatory)
    258 {
    259 	u16 val;
    260 
    261 	if (config_error == NULL) {
    262 		if (mandatory) {
    263 			wpa_printf(MSG_INFO, "WPS-STRICT: Configuration Error "
    264 				   "attribute missing");
    265 			return -1;
    266 		}
    267 		return 0;
    268 	}
    269 	val = WPA_GET_BE16(config_error);
    270 	if (val > 20) {
    271 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Configuration Error "
    272 			   "attribute value 0x%04x", val);
    273 		return -1;
    274 	}
    275 	return 0;
    276 }
    277 
    278 
    279 static int wps_validate_dev_password_id(const u8 *dev_password_id,
    280 					int mandatory)
    281 {
    282 	u16 val;
    283 
    284 	if (dev_password_id == NULL) {
    285 		if (mandatory) {
    286 			wpa_printf(MSG_INFO, "WPS-STRICT: Device Password ID "
    287 				   "attribute missing");
    288 			return -1;
    289 		}
    290 		return 0;
    291 	}
    292 	val = WPA_GET_BE16(dev_password_id);
    293 	if (val >= 0x0008 && val <= 0x000f) {
    294 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Device Password ID "
    295 			   "attribute value 0x%04x", val);
    296 		return -1;
    297 	}
    298 	return 0;
    299 }
    300 
    301 
    302 static int wps_validate_manufacturer(const u8 *manufacturer, size_t len,
    303 				     int mandatory)
    304 {
    305 	if (manufacturer == NULL) {
    306 		if (mandatory) {
    307 			wpa_printf(MSG_INFO, "WPS-STRICT: Manufacturer "
    308 				   "attribute missing");
    309 			return -1;
    310 		}
    311 		return 0;
    312 	}
    313 	if (len > 0 && manufacturer[len - 1] == 0) {
    314 		wpa_hexdump_ascii(MSG_INFO, "WPS-STRICT: Invalid Manufacturer "
    315 			   "attribute value", manufacturer, len);
    316 		return -1;
    317 	}
    318 	return 0;
    319 }
    320 
    321 
    322 static int wps_validate_model_name(const u8 *model_name, size_t len,
    323 				   int mandatory)
    324 {
    325 	if (model_name == NULL) {
    326 		if (mandatory) {
    327 			wpa_printf(MSG_INFO, "WPS-STRICT: Model Name "
    328 				   "attribute missing");
    329 			return -1;
    330 		}
    331 		return 0;
    332 	}
    333 	if (len > 0 && model_name[len - 1] == 0) {
    334 		wpa_hexdump_ascii(MSG_INFO, "WPS-STRICT: Invalid Model Name "
    335 			   "attribute value", model_name, len);
    336 		return -1;
    337 	}
    338 	return 0;
    339 }
    340 
    341 
    342 static int wps_validate_model_number(const u8 *model_number, size_t len,
    343 				     int mandatory)
    344 {
    345 	if (model_number == NULL) {
    346 		if (mandatory) {
    347 			wpa_printf(MSG_INFO, "WPS-STRICT: Model Number "
    348 				   "attribute missing");
    349 			return -1;
    350 		}
    351 		return 0;
    352 	}
    353 	if (len > 0 && model_number[len - 1] == 0) {
    354 		wpa_hexdump_ascii(MSG_INFO, "WPS-STRICT: Invalid Model Number "
    355 			   "attribute value", model_number, len);
    356 		return -1;
    357 	}
    358 	return 0;
    359 }
    360 
    361 
    362 static int wps_validate_serial_number(const u8 *serial_number, size_t len,
    363 				      int mandatory)
    364 {
    365 	if (serial_number == NULL) {
    366 		if (mandatory) {
    367 			wpa_printf(MSG_INFO, "WPS-STRICT: Serial Number "
    368 				   "attribute missing");
    369 			return -1;
    370 		}
    371 		return 0;
    372 	}
    373 	if (len > 0 && serial_number[len - 1] == 0) {
    374 		wpa_hexdump_ascii(MSG_INFO, "WPS-STRICT: Invalid Serial "
    375 				  "Number attribute value",
    376 				  serial_number, len);
    377 		return -1;
    378 	}
    379 	return 0;
    380 }
    381 
    382 
    383 static int wps_validate_dev_name(const u8 *dev_name, size_t len,
    384 				 int mandatory)
    385 {
    386 	if (dev_name == NULL) {
    387 		if (mandatory) {
    388 			wpa_printf(MSG_INFO, "WPS-STRICT: Device Name "
    389 				   "attribute missing");
    390 			return -1;
    391 		}
    392 		return 0;
    393 	}
    394 	if (len > 0 && dev_name[len - 1] == 0) {
    395 		wpa_hexdump_ascii(MSG_INFO, "WPS-STRICT: Invalid Device Name "
    396 			   "attribute value", dev_name, len);
    397 		return -1;
    398 	}
    399 	return 0;
    400 }
    401 
    402 
    403 static int wps_validate_request_to_enroll(const u8 *request_to_enroll,
    404 					  int mandatory)
    405 {
    406 	if (request_to_enroll == NULL) {
    407 		if (mandatory) {
    408 			wpa_printf(MSG_INFO, "WPS-STRICT: Request to Enroll "
    409 				   "attribute missing");
    410 			return -1;
    411 		}
    412 		return 0;
    413 	}
    414 	if (*request_to_enroll > 0x01) {
    415 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Request to Enroll "
    416 			   "attribute value 0x%x", *request_to_enroll);
    417 		return -1;
    418 	}
    419 	return 0;
    420 }
    421 
    422 
    423 static int wps_validate_req_dev_type(const u8 *req_dev_type[], size_t num,
    424 				     int mandatory)
    425 {
    426 	if (num == 0) {
    427 		if (mandatory) {
    428 			wpa_printf(MSG_INFO, "WPS-STRICT: Requested Device "
    429 				   "Type attribute missing");
    430 			return -1;
    431 		}
    432 		return 0;
    433 	}
    434 	return 0;
    435 }
    436 
    437 
    438 static int wps_validate_wps_state(const u8 *wps_state, int mandatory)
    439 {
    440 	if (wps_state == NULL) {
    441 		if (mandatory) {
    442 			wpa_printf(MSG_INFO, "WPS-STRICT: Wi-Fi Protected "
    443 				   "Setup State attribute missing");
    444 			return -1;
    445 		}
    446 		return 0;
    447 	}
    448 	if (*wps_state != WPS_STATE_NOT_CONFIGURED &&
    449 	    *wps_state != WPS_STATE_CONFIGURED) {
    450 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Wi-Fi Protected "
    451 			   "Setup State attribute value 0x%x", *wps_state);
    452 		return -1;
    453 	}
    454 	return 0;
    455 }
    456 
    457 
    458 static int wps_validate_ap_setup_locked(const u8 *ap_setup_locked,
    459 					int mandatory)
    460 {
    461 	if (ap_setup_locked == NULL) {
    462 		if (mandatory) {
    463 			wpa_printf(MSG_INFO, "WPS-STRICT: AP Setup Locked "
    464 				   "attribute missing");
    465 			return -1;
    466 		}
    467 		return 0;
    468 	}
    469 	if (*ap_setup_locked > 1) {
    470 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid AP Setup Locked "
    471 			   "attribute value 0x%x", *ap_setup_locked);
    472 		return -1;
    473 	}
    474 	return 0;
    475 }
    476 
    477 
    478 static int wps_validate_selected_registrar(const u8 *selected_registrar,
    479 					   int mandatory)
    480 {
    481 	if (selected_registrar == NULL) {
    482 		if (mandatory) {
    483 			wpa_printf(MSG_INFO, "WPS-STRICT: Selected Registrar "
    484 				   "attribute missing");
    485 			return -1;
    486 		}
    487 		return 0;
    488 	}
    489 	if (*selected_registrar > 1) {
    490 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Selected Registrar "
    491 			   "attribute value 0x%x", *selected_registrar);
    492 		return -1;
    493 	}
    494 	return 0;
    495 }
    496 
    497 
    498 static int wps_validate_sel_reg_config_methods(const u8 *config_methods,
    499 					       int wps2, int mandatory)
    500 {
    501 	u16 val;
    502 
    503 	if (config_methods == NULL) {
    504 		if (mandatory) {
    505 			wpa_printf(MSG_INFO, "WPS-STRICT: Selected Registrar "
    506 				   "Configuration Methods attribute missing");
    507 			return -1;
    508 		}
    509 		return 0;
    510 	}
    511 
    512 	val = WPA_GET_BE16(config_methods);
    513 	if (!valid_config_methods(val, wps2)) {
    514 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Selected Registrar "
    515 			   "Configuration Methods attribute value 0x%04x",
    516 			   val);
    517 		return -1;
    518 	}
    519 	return 0;
    520 }
    521 
    522 
    523 static int wps_validate_authorized_macs(const u8 *authorized_macs, size_t len,
    524 					int mandatory)
    525 {
    526 	if (authorized_macs == NULL) {
    527 		if (mandatory) {
    528 			wpa_printf(MSG_INFO, "WPS-STRICT: Authorized MACs "
    529 				   "attribute missing");
    530 			return -1;
    531 		}
    532 		return 0;
    533 	}
    534 	if (len > 30 && (len % ETH_ALEN) != 0) {
    535 		wpa_hexdump(MSG_INFO, "WPS-STRICT: Invalid Authorized "
    536 			    "MACs attribute value", authorized_macs, len);
    537 		return -1;
    538 	}
    539 	return 0;
    540 }
    541 
    542 
    543 static int wps_validate_msg_type(const u8 *msg_type, int mandatory)
    544 {
    545 	if (msg_type == NULL) {
    546 		if (mandatory) {
    547 			wpa_printf(MSG_INFO, "WPS-STRICT: Message Type "
    548 				   "attribute missing");
    549 			return -1;
    550 		}
    551 		return 0;
    552 	}
    553 	if (*msg_type < WPS_Beacon || *msg_type > WPS_WSC_DONE) {
    554 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Message Type "
    555 			   "attribute value 0x%x", *msg_type);
    556 		return -1;
    557 	}
    558 	return 0;
    559 }
    560 
    561 
    562 static int wps_validate_mac_addr(const u8 *mac_addr, int mandatory)
    563 {
    564 	if (mac_addr == NULL) {
    565 		if (mandatory) {
    566 			wpa_printf(MSG_INFO, "WPS-STRICT: MAC Address "
    567 				   "attribute missing");
    568 			return -1;
    569 		}
    570 		return 0;
    571 	}
    572 	if (mac_addr[0] & 0x01) {
    573 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid MAC Address "
    574 			   "attribute value " MACSTR, MAC2STR(mac_addr));
    575 		return -1;
    576 	}
    577 	return 0;
    578 }
    579 
    580 
    581 static int wps_validate_enrollee_nonce(const u8 *enrollee_nonce, int mandatory)
    582 {
    583 	if (enrollee_nonce == NULL) {
    584 		if (mandatory) {
    585 			wpa_printf(MSG_INFO, "WPS-STRICT: Enrollee Nonce "
    586 				   "attribute missing");
    587 			return -1;
    588 		}
    589 		return 0;
    590 	}
    591 	return 0;
    592 }
    593 
    594 
    595 static int wps_validate_registrar_nonce(const u8 *registrar_nonce,
    596 					int mandatory)
    597 {
    598 	if (registrar_nonce == NULL) {
    599 		if (mandatory) {
    600 			wpa_printf(MSG_INFO, "WPS-STRICT: Registrar Nonce "
    601 				   "attribute missing");
    602 			return -1;
    603 		}
    604 		return 0;
    605 	}
    606 	return 0;
    607 }
    608 
    609 
    610 static int wps_validate_public_key(const u8 *public_key, size_t len,
    611 				   int mandatory)
    612 {
    613 	if (public_key == NULL) {
    614 		if (mandatory) {
    615 			wpa_printf(MSG_INFO, "WPS-STRICT: Public Key "
    616 				   "attribute missing");
    617 			return -1;
    618 		}
    619 		return 0;
    620 	}
    621 	if (len != 192) {
    622 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Public Key "
    623 			   "attribute length %d", (int) len);
    624 		return -1;
    625 	}
    626 	return 0;
    627 }
    628 
    629 
    630 static int num_bits_set(u16 val)
    631 {
    632 	int c;
    633 	for (c = 0; val; c++)
    634 		val &= val - 1;
    635 	return c;
    636 }
    637 
    638 
    639 static int wps_validate_auth_type_flags(const u8 *flags, int mandatory)
    640 {
    641 	u16 val;
    642 
    643 	if (flags == NULL) {
    644 		if (mandatory) {
    645 			wpa_printf(MSG_INFO, "WPS-STRICT: Authentication Type "
    646 				   "Flags attribute missing");
    647 			return -1;
    648 		}
    649 		return 0;
    650 	}
    651 	val = WPA_GET_BE16(flags);
    652 	if ((val & ~WPS_AUTH_TYPES) || !(val & WPS_AUTH_WPA2PSK)) {
    653 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Authentication Type "
    654 			   "Flags attribute value 0x%04x", val);
    655 		return -1;
    656 	}
    657 	return 0;
    658 }
    659 
    660 
    661 static int wps_validate_auth_type(const u8 *type, int mandatory)
    662 {
    663 	u16 val;
    664 
    665 	if (type == NULL) {
    666 		if (mandatory) {
    667 			wpa_printf(MSG_INFO, "WPS-STRICT: Authentication Type "
    668 				   "attribute missing");
    669 			return -1;
    670 		}
    671 		return 0;
    672 	}
    673 	val = WPA_GET_BE16(type);
    674 	if ((val & ~WPS_AUTH_TYPES) || val == 0 ||
    675 	    (num_bits_set(val) > 1 &&
    676 	     val != (WPS_AUTH_WPAPSK | WPS_AUTH_WPA2PSK))) {
    677 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Authentication Type "
    678 			   "attribute value 0x%04x", val);
    679 		return -1;
    680 	}
    681 	return 0;
    682 }
    683 
    684 
    685 static int wps_validate_encr_type_flags(const u8 *flags, int mandatory)
    686 {
    687 	u16 val;
    688 
    689 	if (flags == NULL) {
    690 		if (mandatory) {
    691 			wpa_printf(MSG_INFO, "WPS-STRICT: Encryption Type "
    692 				   "Flags attribute missing");
    693 			return -1;
    694 		}
    695 		return 0;
    696 	}
    697 	val = WPA_GET_BE16(flags);
    698 	if ((val & ~WPS_ENCR_TYPES) || !(val & WPS_ENCR_AES)) {
    699 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Encryption Type "
    700 			   "Flags attribute value 0x%04x", val);
    701 		return -1;
    702 	}
    703 	return 0;
    704 }
    705 
    706 
    707 static int wps_validate_encr_type(const u8 *type, int mandatory)
    708 {
    709 	u16 val;
    710 
    711 	if (type == NULL) {
    712 		if (mandatory) {
    713 			wpa_printf(MSG_INFO, "WPS-STRICT: Encryption Type "
    714 				   "attribute missing");
    715 			return -1;
    716 		}
    717 		return 0;
    718 	}
    719 	val = WPA_GET_BE16(type);
    720 	if ((val & ~WPS_ENCR_TYPES) || val == 0 ||
    721 	    (num_bits_set(val) > 1 && val != (WPS_ENCR_TKIP | WPS_ENCR_AES))) {
    722 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Encryption Type "
    723 			   "attribute value 0x%04x", val);
    724 		return -1;
    725 	}
    726 	return 0;
    727 }
    728 
    729 
    730 static int wps_validate_conn_type_flags(const u8 *flags, int mandatory)
    731 {
    732 	if (flags == NULL) {
    733 		if (mandatory) {
    734 			wpa_printf(MSG_INFO, "WPS-STRICT: Connection Type "
    735 				   "Flags attribute missing");
    736 			return -1;
    737 		}
    738 		return 0;
    739 	}
    740 	if ((*flags & ~(WPS_CONN_ESS | WPS_CONN_IBSS)) ||
    741 	    !(*flags & WPS_CONN_ESS)) {
    742 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Connection Type "
    743 			   "Flags attribute value 0x%02x", *flags);
    744 		return -1;
    745 	}
    746 	return 0;
    747 }
    748 
    749 
    750 static int wps_validate_os_version(const u8 *os_version, int mandatory)
    751 {
    752 	if (os_version == NULL) {
    753 		if (mandatory) {
    754 			wpa_printf(MSG_INFO, "WPS-STRICT: OS Version "
    755 				   "attribute missing");
    756 			return -1;
    757 		}
    758 		return 0;
    759 	}
    760 	return 0;
    761 }
    762 
    763 
    764 static int wps_validate_authenticator(const u8 *authenticator, int mandatory)
    765 {
    766 	if (authenticator == NULL) {
    767 		if (mandatory) {
    768 			wpa_printf(MSG_INFO, "WPS-STRICT: Authenticator "
    769 				   "attribute missing");
    770 			return -1;
    771 		}
    772 		return 0;
    773 	}
    774 	return 0;
    775 }
    776 
    777 
    778 static int wps_validate_e_hash1(const u8 *hash, int mandatory)
    779 {
    780 	if (hash == NULL) {
    781 		if (mandatory) {
    782 			wpa_printf(MSG_INFO, "WPS-STRICT: E-Hash1 "
    783 				   "attribute missing");
    784 			return -1;
    785 		}
    786 		return 0;
    787 	}
    788 	return 0;
    789 }
    790 
    791 
    792 static int wps_validate_e_hash2(const u8 *hash, int mandatory)
    793 {
    794 	if (hash == NULL) {
    795 		if (mandatory) {
    796 			wpa_printf(MSG_INFO, "WPS-STRICT: E-Hash2 "
    797 				   "attribute missing");
    798 			return -1;
    799 		}
    800 		return 0;
    801 	}
    802 	return 0;
    803 }
    804 
    805 
    806 static int wps_validate_r_hash1(const u8 *hash, int mandatory)
    807 {
    808 	if (hash == NULL) {
    809 		if (mandatory) {
    810 			wpa_printf(MSG_INFO, "WPS-STRICT: R-Hash1 "
    811 				   "attribute missing");
    812 			return -1;
    813 		}
    814 		return 0;
    815 	}
    816 	return 0;
    817 }
    818 
    819 
    820 static int wps_validate_r_hash2(const u8 *hash, int mandatory)
    821 {
    822 	if (hash == NULL) {
    823 		if (mandatory) {
    824 			wpa_printf(MSG_INFO, "WPS-STRICT: R-Hash2 "
    825 				   "attribute missing");
    826 			return -1;
    827 		}
    828 		return 0;
    829 	}
    830 	return 0;
    831 }
    832 
    833 
    834 static int wps_validate_encr_settings(const u8 *encr_settings, size_t len,
    835 				   int mandatory)
    836 {
    837 	if (encr_settings == NULL) {
    838 		if (mandatory) {
    839 			wpa_printf(MSG_INFO, "WPS-STRICT: Encrypted Settings "
    840 				   "attribute missing");
    841 			return -1;
    842 		}
    843 		return 0;
    844 	}
    845 	if (len < 16) {
    846 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Encrypted Settings "
    847 			   "attribute length %d", (int) len);
    848 		return -1;
    849 	}
    850 	return 0;
    851 }
    852 
    853 
    854 static int wps_validate_settings_delay_time(const u8 *delay, int mandatory)
    855 {
    856 	if (delay == NULL) {
    857 		if (mandatory) {
    858 			wpa_printf(MSG_INFO, "WPS-STRICT: Settings Delay Time "
    859 				   "attribute missing");
    860 			return -1;
    861 		}
    862 		return 0;
    863 	}
    864 	return 0;
    865 }
    866 
    867 
    868 static int wps_validate_r_snonce1(const u8 *nonce, int mandatory)
    869 {
    870 	if (nonce == NULL) {
    871 		if (mandatory) {
    872 			wpa_printf(MSG_INFO, "WPS-STRICT: R-SNonce1 "
    873 				   "attribute missing");
    874 			return -1;
    875 		}
    876 		return 0;
    877 	}
    878 	return 0;
    879 }
    880 
    881 
    882 static int wps_validate_r_snonce2(const u8 *nonce, int mandatory)
    883 {
    884 	if (nonce == NULL) {
    885 		if (mandatory) {
    886 			wpa_printf(MSG_INFO, "WPS-STRICT: R-SNonce2 "
    887 				   "attribute missing");
    888 			return -1;
    889 		}
    890 		return 0;
    891 	}
    892 	return 0;
    893 }
    894 
    895 
    896 static int wps_validate_e_snonce1(const u8 *nonce, int mandatory)
    897 {
    898 	if (nonce == NULL) {
    899 		if (mandatory) {
    900 			wpa_printf(MSG_INFO, "WPS-STRICT: E-SNonce1 "
    901 				   "attribute missing");
    902 			return -1;
    903 		}
    904 		return 0;
    905 	}
    906 	return 0;
    907 }
    908 
    909 
    910 static int wps_validate_e_snonce2(const u8 *nonce, int mandatory)
    911 {
    912 	if (nonce == NULL) {
    913 		if (mandatory) {
    914 			wpa_printf(MSG_INFO, "WPS-STRICT: E-SNonce2 "
    915 				   "attribute missing");
    916 			return -1;
    917 		}
    918 		return 0;
    919 	}
    920 	return 0;
    921 }
    922 
    923 
    924 static int wps_validate_key_wrap_auth(const u8 *auth, int mandatory)
    925 {
    926 	if (auth == NULL) {
    927 		if (mandatory) {
    928 			wpa_printf(MSG_INFO, "WPS-STRICT: Key Wrap "
    929 				   "Authenticator attribute missing");
    930 			return -1;
    931 		}
    932 		return 0;
    933 	}
    934 	return 0;
    935 }
    936 
    937 
    938 static int wps_validate_ssid(const u8 *ssid, size_t ssid_len, int mandatory)
    939 {
    940 	if (ssid == NULL) {
    941 		if (mandatory) {
    942 			wpa_printf(MSG_INFO, "WPS-STRICT: SSID "
    943 				   "attribute missing");
    944 			return -1;
    945 		}
    946 		return 0;
    947 	}
    948 	if (ssid_len == 0 || ssid[ssid_len - 1] == 0) {
    949 		wpa_hexdump_ascii(MSG_INFO, "WPS-STRICT: Invalid SSID "
    950 				  "attribute value", ssid, ssid_len);
    951 		return -1;
    952 	}
    953 	return 0;
    954 }
    955 
    956 
    957 static int wps_validate_network_key_index(const u8 *idx, int mandatory)
    958 {
    959 	if (idx == NULL) {
    960 		if (mandatory) {
    961 			wpa_printf(MSG_INFO, "WPS-STRICT: Network Key Index "
    962 				   "attribute missing");
    963 			return -1;
    964 		}
    965 		return 0;
    966 	}
    967 	return 0;
    968 }
    969 
    970 
    971 static int wps_validate_network_idx(const u8 *idx, int mandatory)
    972 {
    973 	if (idx == NULL) {
    974 		if (mandatory) {
    975 			wpa_printf(MSG_INFO, "WPS-STRICT: Network Index "
    976 				   "attribute missing");
    977 			return -1;
    978 		}
    979 		return 0;
    980 	}
    981 	return 0;
    982 }
    983 
    984 
    985 static int wps_validate_network_key(const u8 *key, size_t key_len,
    986 				    const u8 *encr_type, int mandatory)
    987 {
    988 	if (key == NULL) {
    989 		if (mandatory) {
    990 			wpa_printf(MSG_INFO, "WPS-STRICT: Network Key "
    991 				   "attribute missing");
    992 			return -1;
    993 		}
    994 		return 0;
    995 	}
    996 	if (((encr_type == NULL || WPA_GET_BE16(encr_type) != WPS_ENCR_WEP) &&
    997 	     key_len > 8 && key_len < 64 && key[key_len - 1] == 0) ||
    998 	    key_len > 64) {
    999 		wpa_hexdump_ascii_key(MSG_INFO, "WPS-STRICT: Invalid Network "
   1000 				      "Key attribute value", key, key_len);
   1001 		return -1;
   1002 	}
   1003 	return 0;
   1004 }
   1005 
   1006 
   1007 static int wps_validate_network_key_shareable(const u8 *val, int mandatory)
   1008 {
   1009 	if (val == NULL) {
   1010 		if (mandatory) {
   1011 			wpa_printf(MSG_INFO, "WPS-STRICT: Network Key "
   1012 				   "Shareable attribute missing");
   1013 			return -1;
   1014 		}
   1015 		return 0;
   1016 	}
   1017 	if (*val > 1) {
   1018 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Network Key "
   1019 			   "Shareable attribute value 0x%x", *val);
   1020 		return -1;
   1021 	}
   1022 	return 0;
   1023 }
   1024 
   1025 
   1026 static int wps_validate_cred(const u8 *cred, size_t len)
   1027 {
   1028 	struct wps_parse_attr attr;
   1029 	struct wpabuf buf;
   1030 
   1031 	if (cred == NULL)
   1032 		return -1;
   1033 	wpabuf_set(&buf, cred, len);
   1034 	if (wps_parse_msg(&buf, &attr) < 0) {
   1035 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse Credential");
   1036 		return -1;
   1037 	}
   1038 
   1039 	if (wps_validate_network_idx(attr.network_idx, 1) ||
   1040 	    wps_validate_ssid(attr.ssid, attr.ssid_len, 1) ||
   1041 	    wps_validate_auth_type(attr.auth_type, 1) ||
   1042 	    wps_validate_encr_type(attr.encr_type, 1) ||
   1043 	    wps_validate_network_key_index(attr.network_key_idx, 0) ||
   1044 	    wps_validate_network_key(attr.network_key, attr.network_key_len,
   1045 				     attr.encr_type, 1) ||
   1046 	    wps_validate_mac_addr(attr.mac_addr, 1) ||
   1047 	    wps_validate_network_key_shareable(attr.network_key_shareable, 0))
   1048 	{
   1049 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Credential");
   1050 		return -1;
   1051 	}
   1052 
   1053 
   1054 	return 0;
   1055 }
   1056 
   1057 
   1058 static int wps_validate_credential(const u8 *cred[], size_t len[], size_t num,
   1059 				   int mandatory)
   1060 {
   1061 	size_t i;
   1062 
   1063 	if (num == 0) {
   1064 		if (mandatory) {
   1065 			wpa_printf(MSG_INFO, "WPS-STRICT: Credential "
   1066 				   "attribute missing");
   1067 			return -1;
   1068 		}
   1069 		return 0;
   1070 	}
   1071 
   1072 	for (i = 0; i < num; i++) {
   1073 		if (wps_validate_cred(cred[i], len[i]) < 0)
   1074 			return -1;
   1075 	}
   1076 
   1077 	return 0;
   1078 }
   1079 
   1080 
   1081 int wps_validate_beacon(const struct wpabuf *wps_ie)
   1082 {
   1083 	struct wps_parse_attr attr;
   1084 	int wps2, sel_reg;
   1085 
   1086 	if (wps_ie == NULL) {
   1087 		wpa_printf(MSG_INFO, "WPS-STRICT: No WPS IE in Beacon frame");
   1088 		return -1;
   1089 	}
   1090 	if (wps_parse_msg(wps_ie, &attr) < 0) {
   1091 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse WPS IE in "
   1092 			   "Beacon frame");
   1093 		return -1;
   1094 	}
   1095 
   1096 	wps2 = attr.version2 != NULL;
   1097 	sel_reg = attr.selected_registrar != NULL &&
   1098 		*attr.selected_registrar != 0;
   1099 	if (wps_validate_version(attr.version, 1) ||
   1100 	    wps_validate_wps_state(attr.wps_state, 1) ||
   1101 	    wps_validate_ap_setup_locked(attr.ap_setup_locked, 0) ||
   1102 	    wps_validate_selected_registrar(attr.selected_registrar, 0) ||
   1103 	    wps_validate_dev_password_id(attr.dev_password_id, sel_reg) ||
   1104 	    wps_validate_sel_reg_config_methods(attr.sel_reg_config_methods,
   1105 						wps2, sel_reg) ||
   1106 	    wps_validate_uuid_e(attr.uuid_e, 0) ||
   1107 	    wps_validate_rf_bands(attr.rf_bands, 0) ||
   1108 	    wps_validate_version2(attr.version2, wps2) ||
   1109 	    wps_validate_authorized_macs(attr.authorized_macs,
   1110 					 attr.authorized_macs_len, 0)) {
   1111 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Beacon frame");
   1112 		return -1;
   1113 	}
   1114 
   1115 	return 0;
   1116 }
   1117 
   1118 
   1119 int wps_validate_beacon_probe_resp(const struct wpabuf *wps_ie, int probe,
   1120 				   const u8 *addr)
   1121 {
   1122 	struct wps_parse_attr attr;
   1123 	int wps2, sel_reg;
   1124 
   1125 	if (wps_ie == NULL) {
   1126 		wpa_printf(MSG_INFO, "WPS-STRICT: No WPS IE in "
   1127 			   "%sProbe Response frame", probe ? "" : "Beacon/");
   1128 		return -1;
   1129 	}
   1130 	if (wps_parse_msg(wps_ie, &attr) < 0) {
   1131 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse WPS IE in "
   1132 			   "%sProbe Response frame", probe ? "" : "Beacon/");
   1133 		return -1;
   1134 	}
   1135 
   1136 	wps2 = attr.version2 != NULL;
   1137 	sel_reg = attr.selected_registrar != NULL &&
   1138 		*attr.selected_registrar != 0;
   1139 	if (wps_validate_version(attr.version, 1) ||
   1140 	    wps_validate_wps_state(attr.wps_state, 1) ||
   1141 	    wps_validate_ap_setup_locked(attr.ap_setup_locked, 0) ||
   1142 	    wps_validate_selected_registrar(attr.selected_registrar, 0) ||
   1143 	    wps_validate_dev_password_id(attr.dev_password_id, sel_reg) ||
   1144 	    wps_validate_sel_reg_config_methods(attr.sel_reg_config_methods,
   1145 						wps2, sel_reg) ||
   1146 	    wps_validate_response_type(attr.response_type, probe) ||
   1147 	    wps_validate_uuid_e(attr.uuid_e, probe) ||
   1148 	    wps_validate_manufacturer(attr.manufacturer, attr.manufacturer_len,
   1149 				      probe) ||
   1150 	    wps_validate_model_name(attr.model_name, attr.model_name_len,
   1151 				    probe) ||
   1152 	    wps_validate_model_number(attr.model_number, attr.model_number_len,
   1153 				      probe) ||
   1154 	    wps_validate_serial_number(attr.serial_number,
   1155 				       attr.serial_number_len, probe) ||
   1156 	    wps_validate_primary_dev_type(attr.primary_dev_type, probe) ||
   1157 	    wps_validate_dev_name(attr.dev_name, attr.dev_name_len, probe) ||
   1158 	    wps_validate_ap_config_methods(attr.config_methods, wps2, probe) ||
   1159 	    wps_validate_rf_bands(attr.rf_bands, 0) ||
   1160 	    wps_validate_version2(attr.version2, wps2) ||
   1161 	    wps_validate_authorized_macs(attr.authorized_macs,
   1162 					 attr.authorized_macs_len, 0)) {
   1163 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid %sProbe Response "
   1164 			   "frame from " MACSTR, probe ? "" : "Beacon/",
   1165 			   MAC2STR(addr));
   1166 #ifdef WPS_STRICT_WPS2
   1167 		if (wps2)
   1168 			return -1;
   1169 #else /* WPS_STRICT_WPS2 */
   1170 		return -1;
   1171 #endif /* WPS_STRICT_WPS2 */
   1172 	}
   1173 
   1174 	return 0;
   1175 }
   1176 
   1177 
   1178 int wps_validate_probe_req(const struct wpabuf *wps_ie, const u8 *addr)
   1179 {
   1180 	struct wps_parse_attr attr;
   1181 	int wps2;
   1182 
   1183 	if (wps_ie == NULL) {
   1184 		wpa_printf(MSG_INFO, "WPS-STRICT: No WPS IE in "
   1185 			   "Probe Request frame");
   1186 		return -1;
   1187 	}
   1188 	if (wps_parse_msg(wps_ie, &attr) < 0) {
   1189 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse WPS IE in "
   1190 			   "Probe Request frame");
   1191 		return -1;
   1192 	}
   1193 
   1194 	wps2 = attr.version2 != NULL;
   1195 	if (wps_validate_version(attr.version, 1) ||
   1196 	    wps_validate_request_type(attr.request_type, 1) ||
   1197 	    wps_validate_config_methods(attr.config_methods, wps2, 1) ||
   1198 	    wps_validate_uuid_e(attr.uuid_e, attr.uuid_r == NULL) ||
   1199 	    wps_validate_uuid_r(attr.uuid_r, attr.uuid_e == NULL) ||
   1200 	    wps_validate_primary_dev_type(attr.primary_dev_type, 1) ||
   1201 	    wps_validate_rf_bands(attr.rf_bands, 1) ||
   1202 	    wps_validate_assoc_state(attr.assoc_state, 1) ||
   1203 	    wps_validate_config_error(attr.config_error, 1) ||
   1204 	    wps_validate_dev_password_id(attr.dev_password_id, 1) ||
   1205 	    wps_validate_version2(attr.version2, wps2) ||
   1206 	    wps_validate_manufacturer(attr.manufacturer, attr.manufacturer_len,
   1207 				      wps2) ||
   1208 	    wps_validate_model_name(attr.model_name, attr.model_name_len,
   1209 				    wps2) ||
   1210 	    wps_validate_model_number(attr.model_number, attr.model_number_len,
   1211 				      wps2) ||
   1212 	    wps_validate_dev_name(attr.dev_name, attr.dev_name_len, wps2) ||
   1213 	    wps_validate_request_to_enroll(attr.request_to_enroll, 0) ||
   1214 	    wps_validate_req_dev_type(attr.req_dev_type, attr.num_req_dev_type,
   1215 				      0)) {
   1216 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Probe Request "
   1217 			   "frame from " MACSTR, MAC2STR(addr));
   1218 		return -1;
   1219 	}
   1220 
   1221 	return 0;
   1222 }
   1223 
   1224 
   1225 int wps_validate_assoc_req(const struct wpabuf *wps_ie)
   1226 {
   1227 	struct wps_parse_attr attr;
   1228 	int wps2;
   1229 
   1230 	if (wps_ie == NULL) {
   1231 		wpa_printf(MSG_INFO, "WPS-STRICT: No WPS IE in "
   1232 			   "(Re)Association Request frame");
   1233 		return -1;
   1234 	}
   1235 	if (wps_parse_msg(wps_ie, &attr) < 0) {
   1236 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse WPS IE in "
   1237 			   "(Re)Association Request frame");
   1238 		return -1;
   1239 	}
   1240 
   1241 	wps2 = attr.version2 != NULL;
   1242 	if (wps_validate_version(attr.version, 1) ||
   1243 	    wps_validate_request_type(attr.request_type, 1) ||
   1244 	    wps_validate_version2(attr.version2, wps2)) {
   1245 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid (Re)Association "
   1246 			   "Request frame");
   1247 		return -1;
   1248 	}
   1249 
   1250 	return 0;
   1251 }
   1252 
   1253 
   1254 int wps_validate_assoc_resp(const struct wpabuf *wps_ie)
   1255 {
   1256 	struct wps_parse_attr attr;
   1257 	int wps2;
   1258 
   1259 	if (wps_ie == NULL) {
   1260 		wpa_printf(MSG_INFO, "WPS-STRICT: No WPS IE in "
   1261 			   "(Re)Association Response frame");
   1262 		return -1;
   1263 	}
   1264 	if (wps_parse_msg(wps_ie, &attr) < 0) {
   1265 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse WPS IE in "
   1266 			   "(Re)Association Response frame");
   1267 		return -1;
   1268 	}
   1269 
   1270 	wps2 = attr.version2 != NULL;
   1271 	if (wps_validate_version(attr.version, 1) ||
   1272 	    wps_validate_response_type(attr.response_type, 1) ||
   1273 	    wps_validate_version2(attr.version2, wps2)) {
   1274 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid (Re)Association "
   1275 			   "Response frame");
   1276 		return -1;
   1277 	}
   1278 
   1279 	return 0;
   1280 }
   1281 
   1282 
   1283 int wps_validate_m1(const struct wpabuf *tlvs)
   1284 {
   1285 	struct wps_parse_attr attr;
   1286 	int wps2;
   1287 
   1288 	if (tlvs == NULL) {
   1289 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M1");
   1290 		return -1;
   1291 	}
   1292 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1293 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1294 			   "in M1");
   1295 		return -1;
   1296 	}
   1297 
   1298 	wps2 = attr.version2 != NULL;
   1299 	if (wps_validate_version(attr.version, 1) ||
   1300 	    wps_validate_msg_type(attr.msg_type, 1) ||
   1301 	    wps_validate_uuid_e(attr.uuid_e, 1) ||
   1302 	    wps_validate_mac_addr(attr.mac_addr, 1) ||
   1303 	    wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
   1304 	    wps_validate_public_key(attr.public_key, attr.public_key_len, 1) ||
   1305 	    wps_validate_auth_type_flags(attr.auth_type_flags, 1) ||
   1306 	    wps_validate_encr_type_flags(attr.encr_type_flags, 1) ||
   1307 	    wps_validate_conn_type_flags(attr.conn_type_flags, 1) ||
   1308 	    wps_validate_config_methods(attr.config_methods, wps2, 1) ||
   1309 	    wps_validate_wps_state(attr.wps_state, 1) ||
   1310 	    wps_validate_manufacturer(attr.manufacturer, attr.manufacturer_len,
   1311 				      1) ||
   1312 	    wps_validate_model_name(attr.model_name, attr.model_name_len, 1) ||
   1313 	    wps_validate_model_number(attr.model_number, attr.model_number_len,
   1314 				      1) ||
   1315 	    wps_validate_serial_number(attr.serial_number,
   1316 				       attr.serial_number_len, 1) ||
   1317 	    wps_validate_primary_dev_type(attr.primary_dev_type, 1) ||
   1318 	    wps_validate_dev_name(attr.dev_name, attr.dev_name_len, 1) ||
   1319 	    wps_validate_rf_bands(attr.rf_bands, 1) ||
   1320 	    wps_validate_assoc_state(attr.assoc_state, 1) ||
   1321 	    wps_validate_dev_password_id(attr.dev_password_id, 1) ||
   1322 	    wps_validate_config_error(attr.config_error, 1) ||
   1323 	    wps_validate_os_version(attr.os_version, 1) ||
   1324 	    wps_validate_version2(attr.version2, wps2) ||
   1325 	    wps_validate_request_to_enroll(attr.request_to_enroll, 0)) {
   1326 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M1");
   1327 #ifdef WPS_STRICT_WPS2
   1328 		if (wps2)
   1329 			return -1;
   1330 #else /* WPS_STRICT_WPS2 */
   1331 		return -1;
   1332 #endif /* WPS_STRICT_WPS2 */
   1333 	}
   1334 
   1335 	return 0;
   1336 }
   1337 
   1338 
   1339 int wps_validate_m2(const struct wpabuf *tlvs)
   1340 {
   1341 	struct wps_parse_attr attr;
   1342 	int wps2;
   1343 
   1344 	if (tlvs == NULL) {
   1345 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M2");
   1346 		return -1;
   1347 	}
   1348 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1349 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1350 			   "in M2");
   1351 		return -1;
   1352 	}
   1353 
   1354 	wps2 = attr.version2 != NULL;
   1355 	if (wps_validate_version(attr.version, 1) ||
   1356 	    wps_validate_msg_type(attr.msg_type, 1) ||
   1357 	    wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
   1358 	    wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
   1359 	    wps_validate_uuid_r(attr.uuid_r, 1) ||
   1360 	    wps_validate_public_key(attr.public_key, attr.public_key_len, 1) ||
   1361 	    wps_validate_auth_type_flags(attr.auth_type_flags, 1) ||
   1362 	    wps_validate_encr_type_flags(attr.encr_type_flags, 1) ||
   1363 	    wps_validate_conn_type_flags(attr.conn_type_flags, 1) ||
   1364 	    wps_validate_config_methods(attr.config_methods, wps2, 1) ||
   1365 	    wps_validate_manufacturer(attr.manufacturer, attr.manufacturer_len,
   1366 				      1) ||
   1367 	    wps_validate_model_name(attr.model_name, attr.model_name_len, 1) ||
   1368 	    wps_validate_model_number(attr.model_number, attr.model_number_len,
   1369 				      1) ||
   1370 	    wps_validate_serial_number(attr.serial_number,
   1371 				       attr.serial_number_len, 1) ||
   1372 	    wps_validate_primary_dev_type(attr.primary_dev_type, 1) ||
   1373 	    wps_validate_dev_name(attr.dev_name, attr.dev_name_len, 1) ||
   1374 	    wps_validate_rf_bands(attr.rf_bands, 1) ||
   1375 	    wps_validate_assoc_state(attr.assoc_state, 1) ||
   1376 	    wps_validate_config_error(attr.config_error, 1) ||
   1377 	    wps_validate_dev_password_id(attr.dev_password_id, 1) ||
   1378 	    wps_validate_os_version(attr.os_version, 1) ||
   1379 	    wps_validate_version2(attr.version2, wps2) ||
   1380 	    wps_validate_authenticator(attr.authenticator, 1)) {
   1381 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M2");
   1382 #ifdef WPS_STRICT_WPS2
   1383 		if (wps2)
   1384 			return -1;
   1385 #else /* WPS_STRICT_WPS2 */
   1386 		return -1;
   1387 #endif /* WPS_STRICT_WPS2 */
   1388 	}
   1389 
   1390 	return 0;
   1391 }
   1392 
   1393 
   1394 int wps_validate_m2d(const struct wpabuf *tlvs)
   1395 {
   1396 	struct wps_parse_attr attr;
   1397 	int wps2;
   1398 
   1399 	if (tlvs == NULL) {
   1400 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M2D");
   1401 		return -1;
   1402 	}
   1403 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1404 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1405 			   "in M2D");
   1406 		return -1;
   1407 	}
   1408 
   1409 	wps2 = attr.version2 != NULL;
   1410 	if (wps_validate_version(attr.version, 1) ||
   1411 	    wps_validate_msg_type(attr.msg_type, 1) ||
   1412 	    wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
   1413 	    wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
   1414 	    wps_validate_uuid_r(attr.uuid_r, 1) ||
   1415 	    wps_validate_auth_type_flags(attr.auth_type_flags, 1) ||
   1416 	    wps_validate_encr_type_flags(attr.encr_type_flags, 1) ||
   1417 	    wps_validate_conn_type_flags(attr.conn_type_flags, 1) ||
   1418 	    wps_validate_config_methods(attr.config_methods, wps2, 1) ||
   1419 	    wps_validate_manufacturer(attr.manufacturer, attr.manufacturer_len,
   1420 				      1) ||
   1421 	    wps_validate_model_name(attr.model_name, attr.model_name_len, 1) ||
   1422 	    wps_validate_model_number(attr.model_number, attr.model_number_len,
   1423 				      1) ||
   1424 	    wps_validate_serial_number(attr.serial_number,
   1425 				       attr.serial_number_len, 1) ||
   1426 	    wps_validate_primary_dev_type(attr.primary_dev_type, 1) ||
   1427 	    wps_validate_dev_name(attr.dev_name, attr.dev_name_len, 1) ||
   1428 	    wps_validate_rf_bands(attr.rf_bands, 1) ||
   1429 	    wps_validate_assoc_state(attr.assoc_state, 1) ||
   1430 	    wps_validate_config_error(attr.config_error, 1) ||
   1431 	    wps_validate_os_version(attr.os_version, 1) ||
   1432 	    wps_validate_version2(attr.version2, wps2)) {
   1433 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M2D");
   1434 #ifdef WPS_STRICT_WPS2
   1435 		if (wps2)
   1436 			return -1;
   1437 #else /* WPS_STRICT_WPS2 */
   1438 		return -1;
   1439 #endif /* WPS_STRICT_WPS2 */
   1440 	}
   1441 
   1442 	return 0;
   1443 }
   1444 
   1445 
   1446 int wps_validate_m3(const struct wpabuf *tlvs)
   1447 {
   1448 	struct wps_parse_attr attr;
   1449 	int wps2;
   1450 
   1451 	if (tlvs == NULL) {
   1452 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M3");
   1453 		return -1;
   1454 	}
   1455 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1456 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1457 			   "in M3");
   1458 		return -1;
   1459 	}
   1460 
   1461 	wps2 = attr.version2 != NULL;
   1462 	if (wps_validate_version(attr.version, 1) ||
   1463 	    wps_validate_msg_type(attr.msg_type, 1) ||
   1464 	    wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
   1465 	    wps_validate_e_hash1(attr.e_hash1, 1) ||
   1466 	    wps_validate_e_hash2(attr.e_hash2, 1) ||
   1467 	    wps_validate_version2(attr.version2, wps2) ||
   1468 	    wps_validate_authenticator(attr.authenticator, 1)) {
   1469 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M3");
   1470 #ifdef WPS_STRICT_WPS2
   1471 		if (wps2)
   1472 			return -1;
   1473 #else /* WPS_STRICT_WPS2 */
   1474 		return -1;
   1475 #endif /* WPS_STRICT_WPS2 */
   1476 	}
   1477 
   1478 	return 0;
   1479 }
   1480 
   1481 
   1482 int wps_validate_m4(const struct wpabuf *tlvs)
   1483 {
   1484 	struct wps_parse_attr attr;
   1485 	int wps2;
   1486 
   1487 	if (tlvs == NULL) {
   1488 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M4");
   1489 		return -1;
   1490 	}
   1491 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1492 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1493 			   "in M4");
   1494 		return -1;
   1495 	}
   1496 
   1497 	wps2 = attr.version2 != NULL;
   1498 	if (wps_validate_version(attr.version, 1) ||
   1499 	    wps_validate_msg_type(attr.msg_type, 1) ||
   1500 	    wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
   1501 	    wps_validate_r_hash1(attr.r_hash1, 1) ||
   1502 	    wps_validate_r_hash2(attr.r_hash2, 1) ||
   1503 	    wps_validate_encr_settings(attr.encr_settings,
   1504 				       attr.encr_settings_len, 1) ||
   1505 	    wps_validate_version2(attr.version2, wps2) ||
   1506 	    wps_validate_authenticator(attr.authenticator, 1)) {
   1507 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M4");
   1508 #ifdef WPS_STRICT_WPS2
   1509 		if (wps2)
   1510 			return -1;
   1511 #else /* WPS_STRICT_WPS2 */
   1512 		return -1;
   1513 #endif /* WPS_STRICT_WPS2 */
   1514 	}
   1515 
   1516 	return 0;
   1517 }
   1518 
   1519 
   1520 int wps_validate_m4_encr(const struct wpabuf *tlvs, int wps2)
   1521 {
   1522 	struct wps_parse_attr attr;
   1523 
   1524 	if (tlvs == NULL) {
   1525 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M4 encrypted "
   1526 			   "settings");
   1527 		return -1;
   1528 	}
   1529 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1530 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1531 			   "in M4 encrypted settings");
   1532 		return -1;
   1533 	}
   1534 
   1535 	if (wps_validate_r_snonce1(attr.r_snonce1, 1) ||
   1536 	    wps_validate_key_wrap_auth(attr.key_wrap_auth, 1)) {
   1537 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M4 encrypted "
   1538 			   "settings");
   1539 #ifdef WPS_STRICT_WPS2
   1540 		if (wps2)
   1541 			return -1;
   1542 #else /* WPS_STRICT_WPS2 */
   1543 		return -1;
   1544 #endif /* WPS_STRICT_WPS2 */
   1545 	}
   1546 
   1547 	return 0;
   1548 }
   1549 
   1550 
   1551 int wps_validate_m5(const struct wpabuf *tlvs)
   1552 {
   1553 	struct wps_parse_attr attr;
   1554 	int wps2;
   1555 
   1556 	if (tlvs == NULL) {
   1557 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M5");
   1558 		return -1;
   1559 	}
   1560 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1561 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1562 			   "in M5");
   1563 		return -1;
   1564 	}
   1565 
   1566 	wps2 = attr.version2 != NULL;
   1567 	if (wps_validate_version(attr.version, 1) ||
   1568 	    wps_validate_msg_type(attr.msg_type, 1) ||
   1569 	    wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
   1570 	    wps_validate_encr_settings(attr.encr_settings,
   1571 				       attr.encr_settings_len, 1) ||
   1572 	    wps_validate_version2(attr.version2, wps2) ||
   1573 	    wps_validate_authenticator(attr.authenticator, 1)) {
   1574 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M5");
   1575 #ifdef WPS_STRICT_WPS2
   1576 		if (wps2)
   1577 			return -1;
   1578 #else /* WPS_STRICT_WPS2 */
   1579 		return -1;
   1580 #endif /* WPS_STRICT_WPS2 */
   1581 	}
   1582 
   1583 	return 0;
   1584 }
   1585 
   1586 
   1587 int wps_validate_m5_encr(const struct wpabuf *tlvs, int wps2)
   1588 {
   1589 	struct wps_parse_attr attr;
   1590 
   1591 	if (tlvs == NULL) {
   1592 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M5 encrypted "
   1593 			   "settings");
   1594 		return -1;
   1595 	}
   1596 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1597 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1598 			   "in M5 encrypted settings");
   1599 		return -1;
   1600 	}
   1601 
   1602 	if (wps_validate_e_snonce1(attr.e_snonce1, 1) ||
   1603 	    wps_validate_key_wrap_auth(attr.key_wrap_auth, 1)) {
   1604 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M5 encrypted "
   1605 			   "settings");
   1606 #ifdef WPS_STRICT_WPS2
   1607 		if (wps2)
   1608 			return -1;
   1609 #else /* WPS_STRICT_WPS2 */
   1610 		return -1;
   1611 #endif /* WPS_STRICT_WPS2 */
   1612 	}
   1613 
   1614 	return 0;
   1615 }
   1616 
   1617 
   1618 int wps_validate_m6(const struct wpabuf *tlvs)
   1619 {
   1620 	struct wps_parse_attr attr;
   1621 	int wps2;
   1622 
   1623 	if (tlvs == NULL) {
   1624 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M6");
   1625 		return -1;
   1626 	}
   1627 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1628 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1629 			   "in M6");
   1630 		return -1;
   1631 	}
   1632 
   1633 	wps2 = attr.version2 != NULL;
   1634 	if (wps_validate_version(attr.version, 1) ||
   1635 	    wps_validate_msg_type(attr.msg_type, 1) ||
   1636 	    wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
   1637 	    wps_validate_encr_settings(attr.encr_settings,
   1638 				       attr.encr_settings_len, 1) ||
   1639 	    wps_validate_version2(attr.version2, wps2) ||
   1640 	    wps_validate_authenticator(attr.authenticator, 1)) {
   1641 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M6");
   1642 #ifdef WPS_STRICT_WPS2
   1643 		if (wps2)
   1644 			return -1;
   1645 #else /* WPS_STRICT_WPS2 */
   1646 		return -1;
   1647 #endif /* WPS_STRICT_WPS2 */
   1648 	}
   1649 
   1650 	return 0;
   1651 }
   1652 
   1653 
   1654 int wps_validate_m6_encr(const struct wpabuf *tlvs, int wps2)
   1655 {
   1656 	struct wps_parse_attr attr;
   1657 
   1658 	if (tlvs == NULL) {
   1659 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M6 encrypted "
   1660 			   "settings");
   1661 		return -1;
   1662 	}
   1663 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1664 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1665 			   "in M6 encrypted settings");
   1666 		return -1;
   1667 	}
   1668 
   1669 	if (wps_validate_r_snonce2(attr.r_snonce2, 1) ||
   1670 	    wps_validate_key_wrap_auth(attr.key_wrap_auth, 1)) {
   1671 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M6 encrypted "
   1672 			   "settings");
   1673 #ifdef WPS_STRICT_WPS2
   1674 		if (wps2)
   1675 			return -1;
   1676 #else /* WPS_STRICT_WPS2 */
   1677 		return -1;
   1678 #endif /* WPS_STRICT_WPS2 */
   1679 	}
   1680 
   1681 	return 0;
   1682 }
   1683 
   1684 
   1685 int wps_validate_m7(const struct wpabuf *tlvs)
   1686 {
   1687 	struct wps_parse_attr attr;
   1688 	int wps2;
   1689 
   1690 	if (tlvs == NULL) {
   1691 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M7");
   1692 		return -1;
   1693 	}
   1694 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1695 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1696 			   "in M7");
   1697 		return -1;
   1698 	}
   1699 
   1700 	wps2 = attr.version2 != NULL;
   1701 	if (wps_validate_version(attr.version, 1) ||
   1702 	    wps_validate_msg_type(attr.msg_type, 1) ||
   1703 	    wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
   1704 	    wps_validate_encr_settings(attr.encr_settings,
   1705 				       attr.encr_settings_len, 1) ||
   1706 	    wps_validate_settings_delay_time(attr.settings_delay_time, 0) ||
   1707 	    wps_validate_version2(attr.version2, wps2) ||
   1708 	    wps_validate_authenticator(attr.authenticator, 1)) {
   1709 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M7");
   1710 #ifdef WPS_STRICT_WPS2
   1711 		if (wps2)
   1712 			return -1;
   1713 #else /* WPS_STRICT_WPS2 */
   1714 		return -1;
   1715 #endif /* WPS_STRICT_WPS2 */
   1716 	}
   1717 
   1718 	return 0;
   1719 }
   1720 
   1721 
   1722 int wps_validate_m7_encr(const struct wpabuf *tlvs, int ap, int wps2)
   1723 {
   1724 	struct wps_parse_attr attr;
   1725 
   1726 	if (tlvs == NULL) {
   1727 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M7 encrypted "
   1728 			   "settings");
   1729 		return -1;
   1730 	}
   1731 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1732 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1733 			   "in M7 encrypted settings");
   1734 		return -1;
   1735 	}
   1736 
   1737 	if (wps_validate_e_snonce2(attr.e_snonce2, 1) ||
   1738 	    wps_validate_ssid(attr.ssid, attr.ssid_len, !ap) ||
   1739 	    wps_validate_mac_addr(attr.mac_addr, !ap) ||
   1740 	    wps_validate_auth_type(attr.auth_type, !ap) ||
   1741 	    wps_validate_encr_type(attr.encr_type, !ap) ||
   1742 	    wps_validate_network_key_index(attr.network_key_idx, 0) ||
   1743 	    wps_validate_network_key(attr.network_key, attr.network_key_len,
   1744 				     attr.encr_type, !ap) ||
   1745 	    wps_validate_key_wrap_auth(attr.key_wrap_auth, 1)) {
   1746 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M7 encrypted "
   1747 			   "settings");
   1748 #ifdef WPS_STRICT_WPS2
   1749 		if (wps2)
   1750 			return -1;
   1751 #else /* WPS_STRICT_WPS2 */
   1752 		return -1;
   1753 #endif /* WPS_STRICT_WPS2 */
   1754 	}
   1755 
   1756 	return 0;
   1757 }
   1758 
   1759 
   1760 int wps_validate_m8(const struct wpabuf *tlvs)
   1761 {
   1762 	struct wps_parse_attr attr;
   1763 	int wps2;
   1764 
   1765 	if (tlvs == NULL) {
   1766 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M8");
   1767 		return -1;
   1768 	}
   1769 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1770 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1771 			   "in M8");
   1772 		return -1;
   1773 	}
   1774 
   1775 	wps2 = attr.version2 != NULL;
   1776 	if (wps_validate_version(attr.version, 1) ||
   1777 	    wps_validate_msg_type(attr.msg_type, 1) ||
   1778 	    wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
   1779 	    wps_validate_encr_settings(attr.encr_settings,
   1780 				       attr.encr_settings_len, 1) ||
   1781 	    wps_validate_version2(attr.version2, wps2) ||
   1782 	    wps_validate_authenticator(attr.authenticator, 1)) {
   1783 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M8");
   1784 #ifdef WPS_STRICT_WPS2
   1785 		if (wps2)
   1786 			return -1;
   1787 #else /* WPS_STRICT_WPS2 */
   1788 		return -1;
   1789 #endif /* WPS_STRICT_WPS2 */
   1790 	}
   1791 
   1792 	return 0;
   1793 }
   1794 
   1795 
   1796 int wps_validate_m8_encr(const struct wpabuf *tlvs, int ap, int wps2)
   1797 {
   1798 	struct wps_parse_attr attr;
   1799 
   1800 	if (tlvs == NULL) {
   1801 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M8 encrypted "
   1802 			   "settings");
   1803 		return -1;
   1804 	}
   1805 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1806 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1807 			   "in M8 encrypted settings");
   1808 		return -1;
   1809 	}
   1810 
   1811 	if (wps_validate_ssid(attr.ssid, attr.ssid_len, ap) ||
   1812 	    wps_validate_auth_type(attr.auth_type, ap) ||
   1813 	    wps_validate_encr_type(attr.encr_type, ap) ||
   1814 	    wps_validate_network_key_index(attr.network_key_idx, 0) ||
   1815 	    wps_validate_mac_addr(attr.mac_addr, ap) ||
   1816 	    wps_validate_credential(attr.cred, attr.cred_len, attr.num_cred,
   1817 				    !ap) ||
   1818 	    wps_validate_key_wrap_auth(attr.key_wrap_auth, 1)) {
   1819 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M8 encrypted "
   1820 			   "settings");
   1821 #ifdef WPS_STRICT_WPS2
   1822 		if (wps2)
   1823 			return -1;
   1824 #else /* WPS_STRICT_WPS2 */
   1825 		return -1;
   1826 #endif /* WPS_STRICT_WPS2 */
   1827 	}
   1828 
   1829 	return 0;
   1830 }
   1831 
   1832 
   1833 int wps_validate_wsc_ack(const struct wpabuf *tlvs)
   1834 {
   1835 	struct wps_parse_attr attr;
   1836 	int wps2;
   1837 
   1838 	if (tlvs == NULL) {
   1839 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in WSC_ACK");
   1840 		return -1;
   1841 	}
   1842 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1843 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1844 			   "in WSC_ACK");
   1845 		return -1;
   1846 	}
   1847 
   1848 	wps2 = attr.version2 != NULL;
   1849 	if (wps_validate_version(attr.version, 1) ||
   1850 	    wps_validate_msg_type(attr.msg_type, 1) ||
   1851 	    wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
   1852 	    wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
   1853 	    wps_validate_version2(attr.version2, wps2)) {
   1854 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid WSC_ACK");
   1855 #ifdef WPS_STRICT_WPS2
   1856 		if (wps2)
   1857 			return -1;
   1858 #else /* WPS_STRICT_WPS2 */
   1859 		return -1;
   1860 #endif /* WPS_STRICT_WPS2 */
   1861 	}
   1862 
   1863 	return 0;
   1864 }
   1865 
   1866 
   1867 int wps_validate_wsc_nack(const struct wpabuf *tlvs)
   1868 {
   1869 	struct wps_parse_attr attr;
   1870 	int wps2;
   1871 
   1872 	if (tlvs == NULL) {
   1873 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in WSC_NACK");
   1874 		return -1;
   1875 	}
   1876 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1877 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1878 			   "in WSC_NACK");
   1879 		return -1;
   1880 	}
   1881 
   1882 	wps2 = attr.version2 != NULL;
   1883 	if (wps_validate_version(attr.version, 1) ||
   1884 	    wps_validate_msg_type(attr.msg_type, 1) ||
   1885 	    wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
   1886 	    wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
   1887 	    wps_validate_config_error(attr.config_error, 1) ||
   1888 	    wps_validate_version2(attr.version2, wps2)) {
   1889 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid WSC_NACK");
   1890 #ifdef WPS_STRICT_WPS2
   1891 		if (wps2)
   1892 			return -1;
   1893 #else /* WPS_STRICT_WPS2 */
   1894 		return -1;
   1895 #endif /* WPS_STRICT_WPS2 */
   1896 	}
   1897 
   1898 	return 0;
   1899 }
   1900 
   1901 
   1902 int wps_validate_wsc_done(const struct wpabuf *tlvs)
   1903 {
   1904 	struct wps_parse_attr attr;
   1905 	int wps2;
   1906 
   1907 	if (tlvs == NULL) {
   1908 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in WSC_Done");
   1909 		return -1;
   1910 	}
   1911 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1912 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1913 			   "in WSC_Done");
   1914 		return -1;
   1915 	}
   1916 
   1917 	wps2 = attr.version2 != NULL;
   1918 	if (wps_validate_version(attr.version, 1) ||
   1919 	    wps_validate_msg_type(attr.msg_type, 1) ||
   1920 	    wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
   1921 	    wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
   1922 	    wps_validate_version2(attr.version2, wps2)) {
   1923 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid WSC_Done");
   1924 #ifdef WPS_STRICT_WPS2
   1925 		if (wps2)
   1926 			return -1;
   1927 #else /* WPS_STRICT_WPS2 */
   1928 		return -1;
   1929 #endif /* WPS_STRICT_WPS2 */
   1930 	}
   1931 
   1932 	return 0;
   1933 }
   1934 
   1935 
   1936 int wps_validate_upnp_set_selected_registrar(const struct wpabuf *tlvs)
   1937 {
   1938 	struct wps_parse_attr attr;
   1939 	int wps2;
   1940 	int sel_reg;
   1941 
   1942 	if (tlvs == NULL) {
   1943 		wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in "
   1944 			   "SetSelectedRegistrar");
   1945 		return -1;
   1946 	}
   1947 	if (wps_parse_msg(tlvs, &attr) < 0) {
   1948 		wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
   1949 			   "in SetSelectedRegistrar");
   1950 		return -1;
   1951 	}
   1952 
   1953 	wps2 = attr.version2 != NULL;
   1954 	sel_reg = attr.selected_registrar != NULL &&
   1955 		*attr.selected_registrar != 0;
   1956 	if (wps_validate_version(attr.version, 1) ||
   1957 	    wps_validate_dev_password_id(attr.dev_password_id, sel_reg) ||
   1958 	    wps_validate_sel_reg_config_methods(attr.sel_reg_config_methods,
   1959 						wps2, sel_reg) ||
   1960 	    wps_validate_version2(attr.version2, wps2) ||
   1961 	    wps_validate_authorized_macs(attr.authorized_macs,
   1962 					 attr.authorized_macs_len, wps2) ||
   1963 	    wps_validate_uuid_r(attr.uuid_r, wps2)) {
   1964 		wpa_printf(MSG_INFO, "WPS-STRICT: Invalid "
   1965 			   "SetSelectedRegistrar");
   1966 #ifdef WPS_STRICT_WPS2
   1967 		if (wps2)
   1968 			return -1;
   1969 #else /* WPS_STRICT_WPS2 */
   1970 		return -1;
   1971 #endif /* WPS_STRICT_WPS2 */
   1972 	}
   1973 
   1974 	return 0;
   1975 }
   1976