1341618Scy/* 2341618Scy * DPP functionality shared between hostapd and wpa_supplicant 3341618Scy * Copyright (c) 2017, Qualcomm Atheros, Inc. 4346981Scy * Copyright (c) 2018-2019, The Linux Foundation 5341618Scy * 6341618Scy * This software may be distributed under the terms of the BSD license. 7341618Scy * See README for more details. 8341618Scy */ 9341618Scy 10341618Scy#ifndef DPP_H 11341618Scy#define DPP_H 12341618Scy 13346981Scy#ifdef CONFIG_DPP 14341618Scy#include <openssl/x509.h> 15341618Scy 16341618Scy#include "utils/list.h" 17341618Scy#include "common/wpa_common.h" 18341618Scy#include "crypto/sha256.h" 19341618Scy 20346981Scystruct crypto_ecdh; 21351611Scystruct hostapd_ip_addr; 22346981Scystruct dpp_global; 23346981Scy 24341618Scy#define DPP_HDR_LEN (4 + 2) /* OUI, OUI Type, Crypto Suite, DPP frame type */ 25351611Scy#define DPP_TCP_PORT 7871 26341618Scy 27341618Scyenum dpp_public_action_frame_type { 28341618Scy DPP_PA_AUTHENTICATION_REQ = 0, 29341618Scy DPP_PA_AUTHENTICATION_RESP = 1, 30341618Scy DPP_PA_AUTHENTICATION_CONF = 2, 31341618Scy DPP_PA_PEER_DISCOVERY_REQ = 5, 32341618Scy DPP_PA_PEER_DISCOVERY_RESP = 6, 33341618Scy DPP_PA_PKEX_EXCHANGE_REQ = 7, 34341618Scy DPP_PA_PKEX_EXCHANGE_RESP = 8, 35341618Scy DPP_PA_PKEX_COMMIT_REVEAL_REQ = 9, 36341618Scy DPP_PA_PKEX_COMMIT_REVEAL_RESP = 10, 37346981Scy DPP_PA_CONFIGURATION_RESULT = 11, 38341618Scy}; 39341618Scy 40341618Scyenum dpp_attribute_id { 41341618Scy DPP_ATTR_STATUS = 0x1000, 42341618Scy DPP_ATTR_I_BOOTSTRAP_KEY_HASH = 0x1001, 43341618Scy DPP_ATTR_R_BOOTSTRAP_KEY_HASH = 0x1002, 44341618Scy DPP_ATTR_I_PROTOCOL_KEY = 0x1003, 45341618Scy DPP_ATTR_WRAPPED_DATA = 0x1004, 46341618Scy DPP_ATTR_I_NONCE = 0x1005, 47341618Scy DPP_ATTR_I_CAPABILITIES = 0x1006, 48341618Scy DPP_ATTR_R_NONCE = 0x1007, 49341618Scy DPP_ATTR_R_CAPABILITIES = 0x1008, 50341618Scy DPP_ATTR_R_PROTOCOL_KEY = 0x1009, 51341618Scy DPP_ATTR_I_AUTH_TAG = 0x100A, 52341618Scy DPP_ATTR_R_AUTH_TAG = 0x100B, 53341618Scy DPP_ATTR_CONFIG_OBJ = 0x100C, 54341618Scy DPP_ATTR_CONNECTOR = 0x100D, 55341618Scy DPP_ATTR_CONFIG_ATTR_OBJ = 0x100E, 56341618Scy DPP_ATTR_BOOTSTRAP_KEY = 0x100F, 57341618Scy DPP_ATTR_OWN_NET_NK_HASH = 0x1011, 58341618Scy DPP_ATTR_FINITE_CYCLIC_GROUP = 0x1012, 59341618Scy DPP_ATTR_ENCRYPTED_KEY = 0x1013, 60341618Scy DPP_ATTR_ENROLLEE_NONCE = 0x1014, 61341618Scy DPP_ATTR_CODE_IDENTIFIER = 0x1015, 62341618Scy DPP_ATTR_TRANSACTION_ID = 0x1016, 63341618Scy DPP_ATTR_BOOTSTRAP_INFO = 0x1017, 64341618Scy DPP_ATTR_CHANNEL = 0x1018, 65346981Scy DPP_ATTR_PROTOCOL_VERSION = 0x1019, 66346981Scy DPP_ATTR_ENVELOPED_DATA = 0x101A, 67341618Scy}; 68341618Scy 69341618Scyenum dpp_status_error { 70341618Scy DPP_STATUS_OK = 0, 71341618Scy DPP_STATUS_NOT_COMPATIBLE = 1, 72341618Scy DPP_STATUS_AUTH_FAILURE = 2, 73341618Scy DPP_STATUS_UNWRAP_FAILURE = 3, 74341618Scy DPP_STATUS_BAD_GROUP = 4, 75341618Scy DPP_STATUS_CONFIGURE_FAILURE = 5, 76341618Scy DPP_STATUS_RESPONSE_PENDING = 6, 77341618Scy DPP_STATUS_INVALID_CONNECTOR = 7, 78341618Scy DPP_STATUS_NO_MATCH = 8, 79346981Scy DPP_STATUS_CONFIG_REJECTED = 9, 80341618Scy}; 81341618Scy 82341618Scy#define DPP_CAPAB_ENROLLEE BIT(0) 83341618Scy#define DPP_CAPAB_CONFIGURATOR BIT(1) 84341618Scy#define DPP_CAPAB_ROLE_MASK (BIT(0) | BIT(1)) 85341618Scy 86341618Scy#define DPP_BOOTSTRAP_MAX_FREQ 30 87341618Scy#define DPP_MAX_NONCE_LEN 32 88341618Scy#define DPP_MAX_HASH_LEN 64 89341618Scy#define DPP_MAX_SHARED_SECRET_LEN 66 90341618Scy 91341618Scystruct dpp_curve_params { 92341618Scy const char *name; 93341618Scy size_t hash_len; 94341618Scy size_t aes_siv_key_len; 95341618Scy size_t nonce_len; 96341618Scy size_t prime_len; 97341618Scy const char *jwk_crv; 98341618Scy u16 ike_group; 99341618Scy const char *jws_alg; 100341618Scy}; 101341618Scy 102341618Scyenum dpp_bootstrap_type { 103341618Scy DPP_BOOTSTRAP_QR_CODE, 104341618Scy DPP_BOOTSTRAP_PKEX, 105341618Scy}; 106341618Scy 107341618Scystruct dpp_bootstrap_info { 108341618Scy struct dl_list list; 109341618Scy unsigned int id; 110341618Scy enum dpp_bootstrap_type type; 111341618Scy char *uri; 112341618Scy u8 mac_addr[ETH_ALEN]; 113341618Scy char *info; 114341618Scy unsigned int freq[DPP_BOOTSTRAP_MAX_FREQ]; 115341618Scy unsigned int num_freq; 116341618Scy int own; 117341618Scy EVP_PKEY *pubkey; 118341618Scy u8 pubkey_hash[SHA256_MAC_LEN]; 119341618Scy const struct dpp_curve_params *curve; 120341618Scy unsigned int pkex_t; /* number of failures before dpp_pkex 121341618Scy * instantiation */ 122341618Scy}; 123341618Scy 124341618Scy#define PKEX_COUNTER_T_LIMIT 5 125341618Scy 126341618Scystruct dpp_pkex { 127341618Scy void *msg_ctx; 128341618Scy unsigned int initiator:1; 129341618Scy unsigned int exchange_done:1; 130341618Scy unsigned int failed:1; 131341618Scy struct dpp_bootstrap_info *own_bi; 132341618Scy u8 own_mac[ETH_ALEN]; 133341618Scy u8 peer_mac[ETH_ALEN]; 134341618Scy char *identifier; 135341618Scy char *code; 136341618Scy EVP_PKEY *x; 137341618Scy EVP_PKEY *y; 138341618Scy u8 Mx[DPP_MAX_SHARED_SECRET_LEN]; 139341618Scy u8 Nx[DPP_MAX_SHARED_SECRET_LEN]; 140341618Scy u8 z[DPP_MAX_HASH_LEN]; 141341618Scy EVP_PKEY *peer_bootstrap_key; 142341618Scy struct wpabuf *exchange_req; 143341618Scy struct wpabuf *exchange_resp; 144341618Scy unsigned int t; /* number of failures on code use */ 145341618Scy unsigned int exch_req_wait_time; 146341618Scy unsigned int exch_req_tries; 147341618Scy unsigned int freq; 148341618Scy}; 149341618Scy 150341618Scyenum dpp_akm { 151341618Scy DPP_AKM_UNKNOWN, 152341618Scy DPP_AKM_DPP, 153341618Scy DPP_AKM_PSK, 154341618Scy DPP_AKM_SAE, 155346981Scy DPP_AKM_PSK_SAE, 156346981Scy DPP_AKM_SAE_DPP, 157346981Scy DPP_AKM_PSK_SAE_DPP, 158341618Scy}; 159341618Scy 160341618Scystruct dpp_configuration { 161341618Scy u8 ssid[32]; 162341618Scy size_t ssid_len; 163341618Scy enum dpp_akm akm; 164341618Scy 165341618Scy /* For DPP configuration (connector) */ 166341618Scy os_time_t netaccesskey_expiry; 167341618Scy 168341618Scy /* TODO: groups */ 169341618Scy char *group_id; 170341618Scy 171341618Scy /* For legacy configuration */ 172341618Scy char *passphrase; 173341618Scy u8 psk[32]; 174346981Scy int psk_set; 175341618Scy}; 176341618Scy 177341618Scystruct dpp_authentication { 178341618Scy void *msg_ctx; 179346981Scy u8 peer_version; 180341618Scy const struct dpp_curve_params *curve; 181341618Scy struct dpp_bootstrap_info *peer_bi; 182341618Scy struct dpp_bootstrap_info *own_bi; 183341618Scy struct dpp_bootstrap_info *tmp_own_bi; 184341618Scy u8 waiting_pubkey_hash[SHA256_MAC_LEN]; 185341618Scy int response_pending; 186341618Scy enum dpp_status_error auth_resp_status; 187346981Scy enum dpp_status_error conf_resp_status; 188341618Scy u8 peer_mac_addr[ETH_ALEN]; 189341618Scy u8 i_nonce[DPP_MAX_NONCE_LEN]; 190341618Scy u8 r_nonce[DPP_MAX_NONCE_LEN]; 191341618Scy u8 e_nonce[DPP_MAX_NONCE_LEN]; 192341618Scy u8 i_capab; 193341618Scy u8 r_capab; 194341618Scy EVP_PKEY *own_protocol_key; 195341618Scy EVP_PKEY *peer_protocol_key; 196341618Scy struct wpabuf *req_msg; 197341618Scy struct wpabuf *resp_msg; 198341618Scy /* Intersection of possible frequencies for initiating DPP 199341618Scy * Authentication exchange */ 200341618Scy unsigned int freq[DPP_BOOTSTRAP_MAX_FREQ]; 201341618Scy unsigned int num_freq, freq_idx; 202341618Scy unsigned int curr_freq; 203341618Scy unsigned int neg_freq; 204341618Scy unsigned int num_freq_iters; 205341618Scy size_t secret_len; 206341618Scy u8 Mx[DPP_MAX_SHARED_SECRET_LEN]; 207341618Scy size_t Mx_len; 208341618Scy u8 Nx[DPP_MAX_SHARED_SECRET_LEN]; 209341618Scy size_t Nx_len; 210341618Scy u8 Lx[DPP_MAX_SHARED_SECRET_LEN]; 211341618Scy size_t Lx_len; 212341618Scy u8 k1[DPP_MAX_HASH_LEN]; 213341618Scy u8 k2[DPP_MAX_HASH_LEN]; 214341618Scy u8 ke[DPP_MAX_HASH_LEN]; 215341618Scy int initiator; 216341618Scy int waiting_auth_resp; 217341618Scy int waiting_auth_conf; 218341618Scy int auth_req_ack; 219341618Scy unsigned int auth_resp_tries; 220341618Scy u8 allowed_roles; 221341618Scy int configurator; 222341618Scy int remove_on_tx_status; 223346981Scy int connect_on_tx_status; 224346981Scy int waiting_conf_result; 225341618Scy int auth_success; 226341618Scy struct wpabuf *conf_req; 227341618Scy const struct wpabuf *conf_resp; /* owned by GAS server */ 228341618Scy struct dpp_configuration *conf_ap; 229341618Scy struct dpp_configuration *conf_sta; 230341618Scy struct dpp_configurator *conf; 231341618Scy char *connector; /* received signedConnector */ 232341618Scy u8 ssid[SSID_MAX_LEN]; 233341618Scy u8 ssid_len; 234341618Scy char passphrase[64]; 235341618Scy u8 psk[PMK_LEN]; 236341618Scy int psk_set; 237341618Scy enum dpp_akm akm; 238341618Scy struct wpabuf *net_access_key; 239341618Scy os_time_t net_access_key_expiry; 240341618Scy struct wpabuf *c_sign_key; 241341618Scy#ifdef CONFIG_TESTING_OPTIONS 242341618Scy char *config_obj_override; 243341618Scy char *discovery_override; 244341618Scy char *groups_override; 245341618Scy unsigned int ignore_netaccesskey_mismatch:1; 246341618Scy#endif /* CONFIG_TESTING_OPTIONS */ 247341618Scy}; 248341618Scy 249341618Scystruct dpp_configurator { 250341618Scy struct dl_list list; 251341618Scy unsigned int id; 252341618Scy int own; 253341618Scy EVP_PKEY *csign; 254341618Scy char *kid; 255341618Scy const struct dpp_curve_params *curve; 256341618Scy}; 257341618Scy 258341618Scystruct dpp_introduction { 259341618Scy u8 pmkid[PMKID_LEN]; 260341618Scy u8 pmk[PMK_LEN_MAX]; 261341618Scy size_t pmk_len; 262341618Scy}; 263341618Scy 264351611Scystruct dpp_relay_config { 265351611Scy const struct hostapd_ip_addr *ipaddr; 266351611Scy const u8 *pkhash; 267351611Scy 268351611Scy void *cb_ctx; 269351611Scy void (*tx)(void *ctx, const u8 *addr, unsigned int freq, const u8 *msg, 270351611Scy size_t len); 271351611Scy void (*gas_resp_tx)(void *ctx, const u8 *addr, u8 dialog_token, int prot, 272351611Scy struct wpabuf *buf); 273351611Scy}; 274351611Scy 275351611Scystruct dpp_controller_config { 276351611Scy const char *configurator_params; 277351611Scy int tcp_port; 278351611Scy}; 279351611Scy 280341618Scy#ifdef CONFIG_TESTING_OPTIONS 281341618Scyenum dpp_test_behavior { 282341618Scy DPP_TEST_DISABLED = 0, 283341618Scy DPP_TEST_AFTER_WRAPPED_DATA_AUTH_REQ = 1, 284341618Scy DPP_TEST_AFTER_WRAPPED_DATA_AUTH_RESP = 2, 285341618Scy DPP_TEST_AFTER_WRAPPED_DATA_AUTH_CONF = 3, 286341618Scy DPP_TEST_AFTER_WRAPPED_DATA_PKEX_CR_REQ = 4, 287341618Scy DPP_TEST_AFTER_WRAPPED_DATA_PKEX_CR_RESP = 5, 288341618Scy DPP_TEST_AFTER_WRAPPED_DATA_CONF_REQ = 6, 289341618Scy DPP_TEST_AFTER_WRAPPED_DATA_CONF_RESP = 7, 290341618Scy DPP_TEST_ZERO_I_CAPAB = 8, 291341618Scy DPP_TEST_ZERO_R_CAPAB = 9, 292341618Scy DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_REQ = 10, 293341618Scy DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_REQ = 11, 294341618Scy DPP_TEST_NO_I_PROTO_KEY_AUTH_REQ = 12, 295341618Scy DPP_TEST_NO_I_NONCE_AUTH_REQ = 13, 296341618Scy DPP_TEST_NO_I_CAPAB_AUTH_REQ = 14, 297341618Scy DPP_TEST_NO_WRAPPED_DATA_AUTH_REQ = 15, 298341618Scy DPP_TEST_NO_STATUS_AUTH_RESP = 16, 299341618Scy DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_RESP = 17, 300341618Scy DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_RESP = 18, 301341618Scy DPP_TEST_NO_R_PROTO_KEY_AUTH_RESP = 19, 302341618Scy DPP_TEST_NO_R_NONCE_AUTH_RESP = 20, 303341618Scy DPP_TEST_NO_I_NONCE_AUTH_RESP = 21, 304341618Scy DPP_TEST_NO_R_CAPAB_AUTH_RESP = 22, 305341618Scy DPP_TEST_NO_R_AUTH_AUTH_RESP = 23, 306341618Scy DPP_TEST_NO_WRAPPED_DATA_AUTH_RESP = 24, 307341618Scy DPP_TEST_NO_STATUS_AUTH_CONF = 25, 308341618Scy DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_CONF = 26, 309341618Scy DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_CONF = 27, 310341618Scy DPP_TEST_NO_I_AUTH_AUTH_CONF = 28, 311341618Scy DPP_TEST_NO_WRAPPED_DATA_AUTH_CONF = 29, 312341618Scy DPP_TEST_I_NONCE_MISMATCH_AUTH_RESP = 30, 313341618Scy DPP_TEST_INCOMPATIBLE_R_CAPAB_AUTH_RESP = 31, 314341618Scy DPP_TEST_R_AUTH_MISMATCH_AUTH_RESP = 32, 315341618Scy DPP_TEST_I_AUTH_MISMATCH_AUTH_CONF = 33, 316341618Scy DPP_TEST_NO_FINITE_CYCLIC_GROUP_PKEX_EXCHANGE_REQ = 34, 317341618Scy DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_REQ = 35, 318341618Scy DPP_TEST_NO_STATUS_PKEX_EXCHANGE_RESP = 36, 319341618Scy DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_RESP = 37, 320341618Scy DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_REQ = 38, 321341618Scy DPP_TEST_NO_I_AUTH_TAG_PKEX_CR_REQ = 39, 322341618Scy DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_REQ = 40, 323341618Scy DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_RESP = 41, 324341618Scy DPP_TEST_NO_R_AUTH_TAG_PKEX_CR_RESP = 42, 325341618Scy DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_RESP = 43, 326341618Scy DPP_TEST_INVALID_ENCRYPTED_KEY_PKEX_EXCHANGE_REQ = 44, 327341618Scy DPP_TEST_INVALID_ENCRYPTED_KEY_PKEX_EXCHANGE_RESP = 45, 328341618Scy DPP_TEST_INVALID_STATUS_PKEX_EXCHANGE_RESP = 46, 329341618Scy DPP_TEST_INVALID_BOOTSTRAP_KEY_PKEX_CR_REQ = 47, 330341618Scy DPP_TEST_INVALID_BOOTSTRAP_KEY_PKEX_CR_RESP = 48, 331341618Scy DPP_TEST_I_AUTH_TAG_MISMATCH_PKEX_CR_REQ = 49, 332341618Scy DPP_TEST_R_AUTH_TAG_MISMATCH_PKEX_CR_RESP = 50, 333341618Scy DPP_TEST_NO_E_NONCE_CONF_REQ = 51, 334341618Scy DPP_TEST_NO_CONFIG_ATTR_OBJ_CONF_REQ = 52, 335341618Scy DPP_TEST_NO_WRAPPED_DATA_CONF_REQ = 53, 336341618Scy DPP_TEST_NO_E_NONCE_CONF_RESP = 54, 337341618Scy DPP_TEST_NO_CONFIG_OBJ_CONF_RESP = 55, 338341618Scy DPP_TEST_NO_STATUS_CONF_RESP = 56, 339341618Scy DPP_TEST_NO_WRAPPED_DATA_CONF_RESP = 57, 340341618Scy DPP_TEST_INVALID_STATUS_CONF_RESP = 58, 341341618Scy DPP_TEST_E_NONCE_MISMATCH_CONF_RESP = 59, 342341618Scy DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_REQ = 60, 343341618Scy DPP_TEST_NO_CONNECTOR_PEER_DISC_REQ = 61, 344341618Scy DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_RESP = 62, 345341618Scy DPP_TEST_NO_STATUS_PEER_DISC_RESP = 63, 346341618Scy DPP_TEST_NO_CONNECTOR_PEER_DISC_RESP = 64, 347341618Scy DPP_TEST_AUTH_RESP_IN_PLACE_OF_CONF = 65, 348341618Scy DPP_TEST_INVALID_I_PROTO_KEY_AUTH_REQ = 66, 349341618Scy DPP_TEST_INVALID_R_PROTO_KEY_AUTH_RESP = 67, 350341618Scy DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_REQ = 68, 351341618Scy DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_REQ = 69, 352341618Scy DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_RESP = 70, 353341618Scy DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_RESP = 71, 354341618Scy DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_CONF = 72, 355341618Scy DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_CONF = 73, 356341618Scy DPP_TEST_INVALID_STATUS_AUTH_RESP = 74, 357341618Scy DPP_TEST_INVALID_STATUS_AUTH_CONF = 75, 358341618Scy DPP_TEST_INVALID_CONFIG_ATTR_OBJ_CONF_REQ = 76, 359341618Scy DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_RESP = 77, 360341618Scy DPP_TEST_INVALID_STATUS_PEER_DISC_RESP = 78, 361341618Scy DPP_TEST_INVALID_CONNECTOR_PEER_DISC_RESP = 79, 362341618Scy DPP_TEST_INVALID_CONNECTOR_PEER_DISC_REQ = 80, 363341618Scy DPP_TEST_INVALID_I_NONCE_AUTH_REQ = 81, 364341618Scy DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_REQ = 82, 365341618Scy DPP_TEST_INVALID_E_NONCE_CONF_REQ = 83, 366341618Scy DPP_TEST_STOP_AT_PKEX_EXCHANGE_RESP = 84, 367341618Scy DPP_TEST_STOP_AT_PKEX_CR_REQ = 85, 368341618Scy DPP_TEST_STOP_AT_PKEX_CR_RESP = 86, 369341618Scy DPP_TEST_STOP_AT_AUTH_REQ = 87, 370341618Scy DPP_TEST_STOP_AT_AUTH_RESP = 88, 371341618Scy DPP_TEST_STOP_AT_AUTH_CONF = 89, 372341618Scy DPP_TEST_STOP_AT_CONF_REQ = 90, 373346981Scy DPP_TEST_REJECT_CONFIG = 91, 374341618Scy}; 375341618Scy 376341618Scyextern enum dpp_test_behavior dpp_test; 377341618Scyextern u8 dpp_pkex_own_mac_override[ETH_ALEN]; 378341618Scyextern u8 dpp_pkex_peer_mac_override[ETH_ALEN]; 379341618Scyextern u8 dpp_pkex_ephemeral_key_override[600]; 380341618Scyextern size_t dpp_pkex_ephemeral_key_override_len; 381341618Scyextern u8 dpp_protocol_key_override[600]; 382341618Scyextern size_t dpp_protocol_key_override_len; 383341618Scyextern u8 dpp_nonce_override[DPP_MAX_NONCE_LEN]; 384341618Scyextern size_t dpp_nonce_override_len; 385341618Scy#endif /* CONFIG_TESTING_OPTIONS */ 386341618Scy 387341618Scyvoid dpp_bootstrap_info_free(struct dpp_bootstrap_info *info); 388341618Scyconst char * dpp_bootstrap_type_txt(enum dpp_bootstrap_type type); 389341618Scyint dpp_bootstrap_key_hash(struct dpp_bootstrap_info *bi); 390341618Scyint dpp_parse_uri_chan_list(struct dpp_bootstrap_info *bi, 391341618Scy const char *chan_list); 392341618Scyint dpp_parse_uri_mac(struct dpp_bootstrap_info *bi, const char *mac); 393341618Scyint dpp_parse_uri_info(struct dpp_bootstrap_info *bi, const char *info); 394341618Scystruct dpp_bootstrap_info * dpp_parse_qr_code(const char *uri); 395341618Scychar * dpp_keygen(struct dpp_bootstrap_info *bi, const char *curve, 396341618Scy const u8 *privkey, size_t privkey_len); 397341618Scystruct hostapd_hw_modes; 398341618Scystruct dpp_authentication * dpp_auth_init(void *msg_ctx, 399341618Scy struct dpp_bootstrap_info *peer_bi, 400341618Scy struct dpp_bootstrap_info *own_bi, 401341618Scy u8 dpp_allowed_roles, 402341618Scy unsigned int neg_freq, 403341618Scy struct hostapd_hw_modes *own_modes, 404341618Scy u16 num_modes); 405341618Scystruct dpp_authentication * 406341618Scydpp_auth_req_rx(void *msg_ctx, u8 dpp_allowed_roles, int qr_mutual, 407341618Scy struct dpp_bootstrap_info *peer_bi, 408341618Scy struct dpp_bootstrap_info *own_bi, 409341618Scy unsigned int freq, const u8 *hdr, const u8 *attr_start, 410341618Scy size_t attr_len); 411341618Scystruct wpabuf * 412341618Scydpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr, 413341618Scy const u8 *attr_start, size_t attr_len); 414341618Scystruct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth, 415341618Scy const char *json); 416341618Scyint dpp_auth_conf_rx(struct dpp_authentication *auth, const u8 *hdr, 417341618Scy const u8 *attr_start, size_t attr_len); 418341618Scyint dpp_notify_new_qr_code(struct dpp_authentication *auth, 419341618Scy struct dpp_bootstrap_info *peer_bi); 420346981Scystruct dpp_configuration * dpp_configuration_alloc(const char *type); 421346981Scyint dpp_akm_psk(enum dpp_akm akm); 422346981Scyint dpp_akm_sae(enum dpp_akm akm); 423346981Scyint dpp_akm_legacy(enum dpp_akm akm); 424346981Scyint dpp_akm_dpp(enum dpp_akm akm); 425346981Scyint dpp_akm_ver2(enum dpp_akm akm); 426346981Scyint dpp_configuration_valid(const struct dpp_configuration *conf); 427341618Scyvoid dpp_configuration_free(struct dpp_configuration *conf); 428346981Scyint dpp_set_configurator(struct dpp_global *dpp, void *msg_ctx, 429346981Scy struct dpp_authentication *auth, 430346981Scy const char *cmd); 431341618Scyvoid dpp_auth_deinit(struct dpp_authentication *auth); 432341618Scystruct wpabuf * 433341618Scydpp_conf_req_rx(struct dpp_authentication *auth, const u8 *attr_start, 434341618Scy size_t attr_len); 435341618Scyint dpp_conf_resp_rx(struct dpp_authentication *auth, 436341618Scy const struct wpabuf *resp); 437346981Scyenum dpp_status_error dpp_conf_result_rx(struct dpp_authentication *auth, 438346981Scy const u8 *hdr, 439346981Scy const u8 *attr_start, size_t attr_len); 440346981Scystruct wpabuf * dpp_build_conf_result(struct dpp_authentication *auth, 441346981Scy enum dpp_status_error status); 442341618Scystruct wpabuf * dpp_alloc_msg(enum dpp_public_action_frame_type type, 443341618Scy size_t len); 444341618Scyconst u8 * dpp_get_attr(const u8 *buf, size_t len, u16 req_id, u16 *ret_len); 445341618Scyint dpp_check_attrs(const u8 *buf, size_t len); 446341618Scyint dpp_key_expired(const char *timestamp, os_time_t *expiry); 447341618Scyconst char * dpp_akm_str(enum dpp_akm akm); 448341618Scyint dpp_configurator_get_key(const struct dpp_configurator *conf, char *buf, 449341618Scy size_t buflen); 450341618Scyvoid dpp_configurator_free(struct dpp_configurator *conf); 451341618Scystruct dpp_configurator * 452341618Scydpp_keygen_configurator(const char *curve, const u8 *privkey, 453341618Scy size_t privkey_len); 454341618Scyint dpp_configurator_own_config(struct dpp_authentication *auth, 455341618Scy const char *curve, int ap); 456341618Scyenum dpp_status_error 457341618Scydpp_peer_intro(struct dpp_introduction *intro, const char *own_connector, 458341618Scy const u8 *net_access_key, size_t net_access_key_len, 459341618Scy const u8 *csign_key, size_t csign_key_len, 460341618Scy const u8 *peer_connector, size_t peer_connector_len, 461341618Scy os_time_t *expiry); 462341618Scystruct dpp_pkex * dpp_pkex_init(void *msg_ctx, struct dpp_bootstrap_info *bi, 463341618Scy const u8 *own_mac, 464341618Scy const char *identifier, 465341618Scy const char *code); 466341618Scystruct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, 467341618Scy struct dpp_bootstrap_info *bi, 468341618Scy const u8 *own_mac, 469341618Scy const u8 *peer_mac, 470341618Scy const char *identifier, 471341618Scy const char *code, 472341618Scy const u8 *buf, size_t len); 473341618Scystruct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex, 474341618Scy const u8 *peer_mac, 475341618Scy const u8 *buf, size_t len); 476341618Scystruct wpabuf * dpp_pkex_rx_commit_reveal_req(struct dpp_pkex *pkex, 477341618Scy const u8 *hdr, 478341618Scy const u8 *buf, size_t len); 479341618Scyint dpp_pkex_rx_commit_reveal_resp(struct dpp_pkex *pkex, const u8 *hdr, 480341618Scy const u8 *buf, size_t len); 481341618Scyvoid dpp_pkex_free(struct dpp_pkex *pkex); 482341618Scy 483341618Scychar * dpp_corrupt_connector_signature(const char *connector); 484341618Scy 485346981Scy 486346981Scystruct dpp_pfs { 487346981Scy struct crypto_ecdh *ecdh; 488346981Scy const struct dpp_curve_params *curve; 489346981Scy struct wpabuf *ie; 490346981Scy struct wpabuf *secret; 491346981Scy}; 492346981Scy 493346981Scystruct dpp_pfs * dpp_pfs_init(const u8 *net_access_key, 494346981Scy size_t net_access_key_len); 495346981Scyint dpp_pfs_process(struct dpp_pfs *pfs, const u8 *peer_ie, size_t peer_ie_len); 496346981Scyvoid dpp_pfs_free(struct dpp_pfs *pfs); 497346981Scy 498346981Scystruct dpp_bootstrap_info * dpp_add_qr_code(struct dpp_global *dpp, 499346981Scy const char *uri); 500346981Scyint dpp_bootstrap_gen(struct dpp_global *dpp, const char *cmd); 501346981Scystruct dpp_bootstrap_info * 502346981Scydpp_bootstrap_get_id(struct dpp_global *dpp, unsigned int id); 503346981Scyint dpp_bootstrap_remove(struct dpp_global *dpp, const char *id); 504346981Scystruct dpp_bootstrap_info * 505346981Scydpp_pkex_finish(struct dpp_global *dpp, struct dpp_pkex *pkex, const u8 *peer, 506346981Scy unsigned int freq); 507346981Scyconst char * dpp_bootstrap_get_uri(struct dpp_global *dpp, unsigned int id); 508346981Scyint dpp_bootstrap_info(struct dpp_global *dpp, int id, 509346981Scy char *reply, int reply_size); 510346981Scyvoid dpp_bootstrap_find_pair(struct dpp_global *dpp, const u8 *i_bootstrap, 511346981Scy const u8 *r_bootstrap, 512346981Scy struct dpp_bootstrap_info **own_bi, 513346981Scy struct dpp_bootstrap_info **peer_bi); 514346981Scyint dpp_configurator_add(struct dpp_global *dpp, const char *cmd); 515346981Scyint dpp_configurator_remove(struct dpp_global *dpp, const char *id); 516346981Scyint dpp_configurator_get_key_id(struct dpp_global *dpp, unsigned int id, 517346981Scy char *buf, size_t buflen); 518351611Scyint dpp_relay_add_controller(struct dpp_global *dpp, 519351611Scy struct dpp_relay_config *config); 520351611Scyint dpp_relay_rx_action(struct dpp_global *dpp, const u8 *src, const u8 *hdr, 521351611Scy const u8 *buf, size_t len, unsigned int freq, 522351611Scy const u8 *i_bootstrap, const u8 *r_bootstrap); 523351611Scyint dpp_relay_rx_gas_req(struct dpp_global *dpp, const u8 *src, const u8 *data, 524351611Scy size_t data_len); 525351611Scyint dpp_controller_start(struct dpp_global *dpp, 526351611Scy struct dpp_controller_config *config); 527351611Scyvoid dpp_controller_stop(struct dpp_global *dpp); 528351611Scyint dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth, 529351611Scy const struct hostapd_ip_addr *addr, int port); 530351611Scy 531351611Scystruct dpp_global_config { 532351611Scy void *msg_ctx; 533351611Scy void *cb_ctx; 534351611Scy int (*process_conf_obj)(void *ctx, struct dpp_authentication *auth); 535351611Scy}; 536351611Scy 537351611Scystruct dpp_global * dpp_global_init(struct dpp_global_config *config); 538346981Scyvoid dpp_global_clear(struct dpp_global *dpp); 539346981Scyvoid dpp_global_deinit(struct dpp_global *dpp); 540346981Scy 541346981Scy#endif /* CONFIG_DPP */ 542341618Scy#endif /* DPP_H */ 543