1/* 2 * Internal WPA/RSN supplicant state machine definitions 3 * Copyright (c) 2004-2010, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9#ifndef WPA_I_H 10#define WPA_I_H 11 12#include "utils/list.h" 13 14struct wpa_peerkey; 15struct wpa_tdls_peer; 16struct wpa_eapol_key; 17 18/** 19 * struct wpa_sm - Internal WPA state machine data 20 */ 21struct wpa_sm { 22 u8 pmk[PMK_LEN]; 23 size_t pmk_len; 24 struct wpa_ptk ptk, tptk; 25 int ptk_set, tptk_set; 26 int ptk_installed; 27 u8 snonce[WPA_NONCE_LEN]; 28 u8 anonce[WPA_NONCE_LEN]; /* ANonce from the last 1/4 msg */ 29 int renew_snonce; 30 u8 rx_replay_counter[WPA_REPLAY_COUNTER_LEN]; 31 int rx_replay_counter_set; 32 u8 request_counter[WPA_REPLAY_COUNTER_LEN]; 33 struct wpa_gtk gtk; 34 struct wpa_gtk gtk_wnm_sleep; 35#ifdef CONFIG_IEEE80211W 36 struct wpa_igtk igtk; 37 struct wpa_igtk igtk_wnm_sleep; 38#endif /* CONFIG_IEEE80211W */ 39 40 struct eapol_sm *eapol; /* EAPOL state machine from upper level code */ 41 42 struct rsn_pmksa_cache *pmksa; /* PMKSA cache */ 43 struct rsn_pmksa_cache_entry *cur_pmksa; /* current PMKSA entry */ 44 struct dl_list pmksa_candidates; 45 46 struct l2_packet_data *l2_preauth; 47 struct l2_packet_data *l2_preauth_br; 48 struct l2_packet_data *l2_tdls; 49 u8 preauth_bssid[ETH_ALEN]; /* current RSN pre-auth peer or 50 * 00:00:00:00:00:00 if no pre-auth is 51 * in progress */ 52 struct eapol_sm *preauth_eapol; 53 54 struct wpa_sm_ctx *ctx; 55 56 void *scard_ctx; /* context for smartcard callbacks */ 57 int fast_reauth; /* whether EAP fast re-authentication is enabled */ 58 59 void *network_ctx; 60 int peerkey_enabled; 61 int allowed_pairwise_cipher; /* bitfield of WPA_CIPHER_* */ 62 int proactive_key_caching; 63 int eap_workaround; 64 void *eap_conf_ctx; 65 u8 ssid[32]; 66 size_t ssid_len; 67 int wpa_ptk_rekey; 68 69 u8 own_addr[ETH_ALEN]; 70 const char *ifname; 71 const char *bridge_ifname; 72 u8 bssid[ETH_ALEN]; 73 74 unsigned int dot11RSNAConfigPMKLifetime; 75 unsigned int dot11RSNAConfigPMKReauthThreshold; 76 unsigned int dot11RSNAConfigSATimeout; 77 78 unsigned int dot11RSNA4WayHandshakeFailures; 79 80 /* Selected configuration (based on Beacon/ProbeResp WPA IE) */ 81 unsigned int proto; 82 unsigned int pairwise_cipher; 83 unsigned int group_cipher; 84 unsigned int key_mgmt; 85 unsigned int mgmt_group_cipher; 86 87 int rsn_enabled; /* Whether RSN is enabled in configuration */ 88 int mfp; /* 0 = disabled, 1 = optional, 2 = mandatory */ 89 90 u8 *assoc_wpa_ie; /* Own WPA/RSN IE from (Re)AssocReq */ 91 size_t assoc_wpa_ie_len; 92 u8 *ap_wpa_ie, *ap_rsn_ie; 93 size_t ap_wpa_ie_len, ap_rsn_ie_len; 94 95#ifdef CONFIG_PEERKEY 96 struct wpa_peerkey *peerkey; 97#endif /* CONFIG_PEERKEY */ 98#ifdef CONFIG_TDLS 99 struct wpa_tdls_peer *tdls; 100 int tdls_prohibited; 101 int tdls_disabled; 102 103 /* The driver supports TDLS */ 104 int tdls_supported; 105 106 /* 107 * The driver requires explicit discovery/setup/teardown frames sent 108 * to it via tdls_mgmt. 109 */ 110 int tdls_external_setup; 111#endif /* CONFIG_TDLS */ 112 113#ifdef CONFIG_IEEE80211R 114 u8 xxkey[PMK_LEN]; /* PSK or the second 256 bits of MSK */ 115 size_t xxkey_len; 116 u8 pmk_r0[PMK_LEN]; 117 u8 pmk_r0_name[WPA_PMK_NAME_LEN]; 118 u8 pmk_r1[PMK_LEN]; 119 u8 pmk_r1_name[WPA_PMK_NAME_LEN]; 120 u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN]; 121 u8 r0kh_id[FT_R0KH_ID_MAX_LEN]; 122 size_t r0kh_id_len; 123 u8 r1kh_id[FT_R1KH_ID_LEN]; 124 int ft_completed; 125 int ft_reassoc_completed; 126 int over_the_ds_in_progress; 127 u8 target_ap[ETH_ALEN]; /* over-the-DS target AP */ 128 int set_ptk_after_assoc; 129 u8 mdie_ft_capab; /* FT Capability and Policy from target AP MDIE */ 130 u8 *assoc_resp_ies; /* MDIE and FTIE from (Re)Association Response */ 131 size_t assoc_resp_ies_len; 132#endif /* CONFIG_IEEE80211R */ 133}; 134 135 136static inline void wpa_sm_set_state(struct wpa_sm *sm, enum wpa_states state) 137{ 138 WPA_ASSERT(sm->ctx->set_state); 139 sm->ctx->set_state(sm->ctx->ctx, state); 140} 141 142static inline enum wpa_states wpa_sm_get_state(struct wpa_sm *sm) 143{ 144 WPA_ASSERT(sm->ctx->get_state); 145 return sm->ctx->get_state(sm->ctx->ctx); 146} 147 148static inline void wpa_sm_deauthenticate(struct wpa_sm *sm, int reason_code) 149{ 150 WPA_ASSERT(sm->ctx->deauthenticate); 151 sm->ctx->deauthenticate(sm->ctx->ctx, reason_code); 152} 153 154static inline int wpa_sm_set_key(struct wpa_sm *sm, enum wpa_alg alg, 155 const u8 *addr, int key_idx, int set_tx, 156 const u8 *seq, size_t seq_len, 157 const u8 *key, size_t key_len) 158{ 159 WPA_ASSERT(sm->ctx->set_key); 160 return sm->ctx->set_key(sm->ctx->ctx, alg, addr, key_idx, set_tx, 161 seq, seq_len, key, key_len); 162} 163 164static inline void * wpa_sm_get_network_ctx(struct wpa_sm *sm) 165{ 166 WPA_ASSERT(sm->ctx->get_network_ctx); 167 return sm->ctx->get_network_ctx(sm->ctx->ctx); 168} 169 170static inline int wpa_sm_get_bssid(struct wpa_sm *sm, u8 *bssid) 171{ 172 WPA_ASSERT(sm->ctx->get_bssid); 173 return sm->ctx->get_bssid(sm->ctx->ctx, bssid); 174} 175 176static inline int wpa_sm_ether_send(struct wpa_sm *sm, const u8 *dest, 177 u16 proto, const u8 *buf, size_t len) 178{ 179 WPA_ASSERT(sm->ctx->ether_send); 180 return sm->ctx->ether_send(sm->ctx->ctx, dest, proto, buf, len); 181} 182 183static inline int wpa_sm_get_beacon_ie(struct wpa_sm *sm) 184{ 185 WPA_ASSERT(sm->ctx->get_beacon_ie); 186 return sm->ctx->get_beacon_ie(sm->ctx->ctx); 187} 188 189static inline void wpa_sm_cancel_auth_timeout(struct wpa_sm *sm) 190{ 191 WPA_ASSERT(sm->ctx->cancel_auth_timeout); 192 sm->ctx->cancel_auth_timeout(sm->ctx->ctx); 193} 194 195static inline u8 * wpa_sm_alloc_eapol(struct wpa_sm *sm, u8 type, 196 const void *data, u16 data_len, 197 size_t *msg_len, void **data_pos) 198{ 199 WPA_ASSERT(sm->ctx->alloc_eapol); 200 return sm->ctx->alloc_eapol(sm->ctx->ctx, type, data, data_len, 201 msg_len, data_pos); 202} 203 204static inline int wpa_sm_add_pmkid(struct wpa_sm *sm, const u8 *bssid, 205 const u8 *pmkid) 206{ 207 WPA_ASSERT(sm->ctx->add_pmkid); 208 return sm->ctx->add_pmkid(sm->ctx->ctx, bssid, pmkid); 209} 210 211static inline int wpa_sm_remove_pmkid(struct wpa_sm *sm, const u8 *bssid, 212 const u8 *pmkid) 213{ 214 WPA_ASSERT(sm->ctx->remove_pmkid); 215 return sm->ctx->remove_pmkid(sm->ctx->ctx, bssid, pmkid); 216} 217 218static inline int wpa_sm_mlme_setprotection(struct wpa_sm *sm, const u8 *addr, 219 int protect_type, int key_type) 220{ 221 WPA_ASSERT(sm->ctx->mlme_setprotection); 222 return sm->ctx->mlme_setprotection(sm->ctx->ctx, addr, protect_type, 223 key_type); 224} 225 226static inline int wpa_sm_update_ft_ies(struct wpa_sm *sm, const u8 *md, 227 const u8 *ies, size_t ies_len) 228{ 229 if (sm->ctx->update_ft_ies) 230 return sm->ctx->update_ft_ies(sm->ctx->ctx, md, ies, ies_len); 231 return -1; 232} 233 234static inline int wpa_sm_send_ft_action(struct wpa_sm *sm, u8 action, 235 const u8 *target_ap, 236 const u8 *ies, size_t ies_len) 237{ 238 if (sm->ctx->send_ft_action) 239 return sm->ctx->send_ft_action(sm->ctx->ctx, action, target_ap, 240 ies, ies_len); 241 return -1; 242} 243 244static inline int wpa_sm_mark_authenticated(struct wpa_sm *sm, 245 const u8 *target_ap) 246{ 247 if (sm->ctx->mark_authenticated) 248 return sm->ctx->mark_authenticated(sm->ctx->ctx, target_ap); 249 return -1; 250} 251 252static inline void wpa_sm_set_rekey_offload(struct wpa_sm *sm) 253{ 254 if (!sm->ctx->set_rekey_offload) 255 return; 256 sm->ctx->set_rekey_offload(sm->ctx->ctx, sm->ptk.kek, 257 sm->ptk.kck, sm->rx_replay_counter); 258} 259 260#ifdef CONFIG_TDLS 261static inline int wpa_sm_tdls_get_capa(struct wpa_sm *sm, 262 int *tdls_supported, 263 int *tdls_ext_setup) 264{ 265 if (sm->ctx->tdls_get_capa) 266 return sm->ctx->tdls_get_capa(sm->ctx->ctx, tdls_supported, 267 tdls_ext_setup); 268 return -1; 269} 270 271static inline int wpa_sm_send_tdls_mgmt(struct wpa_sm *sm, const u8 *dst, 272 u8 action_code, u8 dialog_token, 273 u16 status_code, const u8 *buf, 274 size_t len) 275{ 276 if (sm->ctx->send_tdls_mgmt) 277 return sm->ctx->send_tdls_mgmt(sm->ctx->ctx, dst, action_code, 278 dialog_token, status_code, 279 buf, len); 280 return -1; 281} 282 283static inline int wpa_sm_tdls_oper(struct wpa_sm *sm, int oper, 284 const u8 *peer) 285{ 286 if (sm->ctx->tdls_oper) 287 return sm->ctx->tdls_oper(sm->ctx->ctx, oper, peer); 288 return -1; 289} 290 291static inline int 292wpa_sm_tdls_peer_addset(struct wpa_sm *sm, const u8 *addr, int add, 293 u16 capability, const u8 *supp_rates, 294 size_t supp_rates_len) 295{ 296 if (sm->ctx->tdls_peer_addset) 297 return sm->ctx->tdls_peer_addset(sm->ctx->ctx, addr, add, 298 capability, supp_rates, 299 supp_rates_len); 300 return -1; 301} 302#endif /* CONFIG_TDLS */ 303 304void wpa_eapol_key_send(struct wpa_sm *sm, const u8 *kck, 305 int ver, const u8 *dest, u16 proto, 306 u8 *msg, size_t msg_len, u8 *key_mic); 307int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst, 308 const struct wpa_eapol_key *key, 309 int ver, const u8 *nonce, 310 const u8 *wpa_ie, size_t wpa_ie_len, 311 struct wpa_ptk *ptk); 312int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst, 313 const struct wpa_eapol_key *key, 314 u16 ver, u16 key_info, 315 const u8 *kde, size_t kde_len, 316 struct wpa_ptk *ptk); 317 318int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr, 319 const struct wpa_eapol_key *key, 320 struct wpa_ptk *ptk, size_t ptk_len); 321 322void wpa_tdls_assoc(struct wpa_sm *sm); 323void wpa_tdls_disassoc(struct wpa_sm *sm); 324 325#endif /* WPA_I_H */ 326