1/* 2 * local defines for wpapsk supplicant and authenticator 3 * 4 * Copyright (C) 2014, Broadcom Corporation 5 * All Rights Reserved. 6 * 7 * This is UNPUBLISHED PROPRIETARY SOURCE CODE of Broadcom Corporation; 8 * the contents of this file may not be disclosed to third parties, copied 9 * or duplicated in any form, in whole or in part, without the prior 10 * written permission of Broadcom Corporation. 11 * 12 * $Id: wlc_wpa.h,v 1.3 2009-12-04 01:45:51 $ 13 */ 14 15#ifndef _wlc_wpa_h_ 16#define _wlc_wpa_h_ 17 18#include <bcmcrypto/passhash.h> 19 20/* WPA key_info flag sets */ 21#define PMSG1_REQUIRED (WPA_KEY_PAIRWISE | WPA_KEY_ACK) 22#define PMSG1_PROHIBITED (WPA_KEY_SECURE | WPA_KEY_MIC | WPA_KEY_INSTALL) 23#define PMSG2_REQUIRED (WPA_KEY_PAIRWISE | WPA_KEY_MIC) 24#define PMSG2_PROHIBITED (WPA_KEY_ACK | WPA_KEY_INDEX_MASK) 25#define PMSG3_REQUIRED (WPA_KEY_PAIRWISE | WPA_KEY_MIC | WPA_KEY_ACK | WPA_KEY_INSTALL) 26#define PMSG3_BRCM_REQUIRED (PMSG3_REQUIRED | WPA_KEY_SECURE) 27#define PMSG3_WPA2_REQUIRED (PMSG3_REQUIRED | WPA_KEY_SECURE | WPA_KEY_ENCRYPTED_DATA) 28#define PMSG3_PROHIBITED (WPA_KEY_SECURE) 29#define PMSG4_REQUIRED (WPA_KEY_MIC) 30#define PMSG4_PROHIBITED (WPA_KEY_ACK | WPA_KEY_INDEX_MASK) 31#define GMSG1_REQUIRED (WPA_KEY_SECURE | WPA_KEY_MIC | WPA_KEY_ACK) 32#define GMSG2_REQUIRED (WPA_KEY_MIC | WPA_KEY_SECURE) 33#define MIC_ERROR_REQUIRED (WPA_KEY_MIC | WPA_KEY_ERROR | WPA_KEY_REQ) 34 35/* Spec says some key_info flags in supplicant response should match what 36 * authenticator had in previous message. Define masks to copy those. 37 */ 38#define PMSG2_MATCH_FLAGS (WPA_KEY_DESC_V1 | WPA_KEY_DESC_V2 | \ 39 WPA_KEY_PAIRWISE | WPA_KEY_INDEX_MASK | \ 40 WPA_KEY_SECURE | WPA_KEY_ERROR | WPA_KEY_REQ) 41#define PMSG4_MATCH_FLAGS (WPA_KEY_DESC_V1 | WPA_KEY_DESC_V2 | \ 42 WPA_KEY_PAIRWISE | WPA_KEY_SECURE) 43#define GMSG2_MATCH_FLAGS (WPA_KEY_DESC_V1 | WPA_KEY_DESC_V2 | WPA_KEY_PAIRWISE) 44 45typedef enum { 46 /* Supplicant States */ 47 WPA_SUP_DISCONNECTED, 48 WPA_SUP_INITIALIZE, 49 WPA_SUP_AUTHENTICATION, 50 WPA_SUP_STAKEYSTARTP_WAIT_M1 = WPA_SUP_AUTHENTICATION, 51 /* 4-way handshake: waiting for msg M1 */ 52 WPA_SUP_STAKEYSTARTP_PREP_M2, /* 4-way handshake: preparing to send M2 */ 53 WPA_SUP_STAKEYSTARTP_WAIT_M3, /* 4-way handshake: waiting for M3 */ 54 WPA_SUP_STAKEYSTARTP_PREP_M4, /* 4-way handshake: preparing to send M4 */ 55 WPA_SUP_STAKEYSTARTG_WAIT_G1, /* group handshake: waiting for G1 */ 56 WPA_SUP_STAKEYSTARTG_PREP_G2, /* group handshake: preparing to send G2 */ 57 WPA_SUP_KEYUPDATE, /* handshake complete, keys updated */ 58 59 /* Authenticator States */ 60 WPA_AUTH_INITIALIZE, 61 WPA_AUTH_PTKSTART, 62 WPA_AUTH_PTKINITNEGOTIATING, 63 WPA_AUTH_PTKINITDONE, 64 /* for WPA1 group key state machine */ 65 WPA_AUTH_REKEYNEGOTIATING, 66 WPA_AUTH_KEYERROR, 67 WPA_AUTH_REKEYESTABLISHED, 68 WPA_AUTH_KEYUPDATE /* handshake complete, keys updated */ 69} wpapsk_state_t; 70 71typedef struct { 72 wpapsk_state_t state; /* state of WPA PSK key msg exchanges */ 73 uint16 auth_wpaie_len; /* length of authenticator's WPA info element */ 74 uint16 sup_wpaie_len; /* length of supplicant's WPA info element */ 75 uchar *auth_wpaie; /* authenticator's WPA info element */ 76 uchar *sup_wpaie; /* supplicant's WPA info element */ 77 ushort ucipher; /* negotiated unicast cipher */ 78 ushort mcipher; /* negotiated multicast cipher */ 79 ushort ptk_len; /* PTK len, used in PRF calculation */ 80 ushort gtk_len; /* Group (mcast) key length */ 81 ushort tk_len; /* TK len, used when loading key into driver */ 82 ushort desc; /* key descriptor type */ 83 uint8 anonce[EAPOL_WPA_KEY_NONCE_LEN]; /* AP's nonce */ 84 uint8 snonce[EAPOL_WPA_KEY_NONCE_LEN]; /* STA's nonce */ 85 uint8 replay[EAPOL_KEY_REPLAY_LEN]; /* AP's replay counter */ 86 uint8 last_replay[EAPOL_KEY_REPLAY_LEN]; /* AP's last replay counter (for WOWL) */ 87 uint8 gtk[TKIP_KEY_SIZE]; /* group transient key */ 88 89 /* fields of WPA key hierarchy (together forming the PTK) */ 90 uint8 eapol_mic_key[WPA_MIC_KEY_LEN]; 91 uint8 eapol_encr_key[WPA_ENCR_KEY_LEN]; 92 uint8 temp_encr_key[WPA_TEMP_ENCR_KEY_LEN]; 93 uint8 temp_tx_key[WPA_TEMP_TX_KEY_LEN]; 94 uint8 temp_rx_key[WPA_TEMP_RX_KEY_LEN]; 95#if defined(BCMROMBUILD) 96 uint32 rn; /* reassociation request number (refreshed per session key) */ 97 /* fields of CCKM key hierarchy */ 98 uint8 key_refresh_key[CCKM_KRK_LEN]; 99 uint8 base_transient_key[CCKM_BTK_LEN]; 100#endif 101 uint8 gtk_index; 102 uint16 WPA_auth; 103#ifdef BCMAUTH_PSK 104 uint8 retries; /* retry count */ 105#endif /* BCMAUTH_PSK */ 106} wpapsk_t; 107 108/* persistent WPA stuff (survives set_sup initialization ) */ 109typedef struct wpapsk_info { 110 wlc_info_t *wlc; /* pointer to main wlc structure */ 111 ushort psk_len; /* len of pre-shared key */ 112 ushort pmk_len; /* len of pairwise master key */ 113 uchar psk[WSEC_MAX_PSK_LEN]; /* saved pre-shared key */ 114 uint8 pmk[PMK_LEN]; /* saved pairwise master key */ 115 /* break lengthy passhash() calculation into smaller chunks */ 116 struct wl_timer *passhash_timer; /* timer for passhash */ 117 passhash_t passhash_states; /* states for passhash */ 118#ifdef BCMAUTH_PSK 119 void *retry_timer; /* auth retry timer */ 120#endif /* BCMAUTH_PSK */ 121} wpapsk_info_t; 122 123typedef enum { 124 PMSG1, PMSG2, PMSG3, PMSG4, GMSG1, GMSG2, MIC_FAILURE 125} wpa_msg_t; 126 127extern void BCMROMFN(wlc_wpapsk_free)(wlc_info_t *wlc, wpapsk_t *wpa); 128extern bool wlc_wpapsk_start(osl_t *osh, int WPA_auth, wpapsk_t *wpa, uint8 *sup_ies, 129 uint sup_ies_len, uint8 *auth_ies, uint auth_ies_len); 130extern int BCMROMFN(wlc_wpa_cobble_pmk)(wpapsk_info_t *info, char *psk, size_t psk_len, 131 uchar *ssid, uint ssid_len); 132extern bool wlc_wpa_set_ucipher(wpapsk_t *wpa, ushort ucipher, bool wep_ok); 133extern int BCMROMFN(wlc_wpa_set_pmk)(wlc_bsscfg_t *bsscfg, wpapsk_info_t *info, 134 wpapsk_t *wpa, wsec_pmk_t *pmk, bool assoc); 135extern void wlc_wpa_plumb_tk(wlc_info_t *wlc, wlc_bsscfg_t *bsscfg, uint8 *tk, 136 uint32 tk_len, uint32 cipher, struct ether_addr *ea); 137extern void *wlc_eapol_pktget(wlc_info_t *wlc, wlc_bsscfg_t *bsscfg, 138 struct ether_addr *da, uint len); 139extern void 140wlc_wpa_plumb_gtk(wlc_info_t *wlc, wlc_bsscfg_t *bsscfg, uint8 *gtk, uint32 gtk_len, 141 uint32 key_index, uint32 cipher, uint8 *rsc, bool primary_key); 142 143typedef struct _sup_pmkid { 144 struct ether_addr BSSID; 145 uint8 PMKID[WPA2_PMKID_LEN]; 146 uint8 PMK[PMK_LEN]; 147 bool opportunistic; 148} sup_pmkid_t; 149 150#define SUP_MAXPMKID 16 /* Supplementary Max PMK ID */ 151 152#endif /* _wlc_wpa_h_ */ 153