1 /*
2 * WPA Supplicant - Common definitions
3 * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #ifndef DEFS_H
10 #define DEFS_H
11
12 #ifdef FALSE
13 #undef FALSE
14 #endif
15 #ifdef TRUE
16 #undef TRUE
17 #endif
18 typedef enum { FALSE = 0, TRUE = 1 } Boolean;
19
20 #ifndef BIT
21 #define BIT(x) (1U << (x))
22 #endif
23
24 #define WPA_CIPHER_NONE BIT(0)
25 #define WPA_CIPHER_WEP40 BIT(1)
26 #define WPA_CIPHER_WEP104 BIT(2)
27 #define WPA_CIPHER_TKIP BIT(3)
28 #define WPA_CIPHER_CCMP BIT(4)
29 #define WPA_CIPHER_AES_128_CMAC BIT(5)
30 #define WPA_CIPHER_GCMP BIT(6)
31 #define WPA_CIPHER_SMS4 BIT(7)
32 #define WPA_CIPHER_GCMP_256 BIT(8)
33 #define WPA_CIPHER_CCMP_256 BIT(9)
34 #define WPA_CIPHER_BIP_GMAC_128 BIT(11)
35 #define WPA_CIPHER_BIP_GMAC_256 BIT(12)
36 #define WPA_CIPHER_BIP_CMAC_256 BIT(13)
37 #define WPA_CIPHER_GTK_NOT_USED BIT(14)
38
39 #define WPA_KEY_MGMT_IEEE8021X BIT(0)
40 #define WPA_KEY_MGMT_PSK BIT(1)
41 #define WPA_KEY_MGMT_NONE BIT(2)
42 #define WPA_KEY_MGMT_IEEE8021X_NO_WPA BIT(3)
43 #define WPA_KEY_MGMT_WPA_NONE BIT(4)
44 #define WPA_KEY_MGMT_FT_IEEE8021X BIT(5)
45 #define WPA_KEY_MGMT_FT_PSK BIT(6)
46 #define WPA_KEY_MGMT_IEEE8021X_SHA256 BIT(7)
47 #define WPA_KEY_MGMT_PSK_SHA256 BIT(8)
48 #define WPA_KEY_MGMT_WPS BIT(9)
49 #define WPA_KEY_MGMT_SAE BIT(10)
50 #define WPA_KEY_MGMT_FT_SAE BIT(11)
51 #define WPA_KEY_MGMT_WAPI_PSK BIT(12)
52 #define WPA_KEY_MGMT_WAPI_CERT BIT(13)
53 #define WPA_KEY_MGMT_CCKM BIT(14)
54 #define WPA_KEY_MGMT_OSEN BIT(15)
55 #define WPA_KEY_MGMT_IEEE8021X_SUITE_B BIT(16)
56 #define WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 BIT(17)
57 #define WPA_KEY_MGMT_FILS_SHA256 BIT(18)
58 #define WPA_KEY_MGMT_FILS_SHA384 BIT(19)
59 #define WPA_KEY_MGMT_FT_FILS_SHA256 BIT(20)
60 #define WPA_KEY_MGMT_FT_FILS_SHA384 BIT(21)
61 #define WPA_KEY_MGMT_OWE BIT(22)
62 #define WPA_KEY_MGMT_DPP BIT(23)
63 #define WPA_KEY_MGMT_FT_IEEE8021X_SHA384 BIT(24)
64 #define WPA_KEY_MGMT_PASN BIT(25)
65 #define WPA_KEY_MGMT_SAE_EXT_KEY BIT(26)
66 #define WPA_KEY_MGMT_FT_SAE_EXT_KEY BIT(27)
67
68
69 #define WPA_KEY_MGMT_FT (WPA_KEY_MGMT_FT_PSK | \
70 WPA_KEY_MGMT_FT_IEEE8021X | \
71 WPA_KEY_MGMT_FT_IEEE8021X_SHA384 | \
72 WPA_KEY_MGMT_FT_SAE | \
73 WPA_KEY_MGMT_FT_FILS_SHA256 | \
74 WPA_KEY_MGMT_FT_FILS_SHA384)
75
wpa_key_mgmt_wpa_ieee8021x(int akm)76 static inline int wpa_key_mgmt_wpa_ieee8021x(int akm)
77 {
78 return !!(akm & (WPA_KEY_MGMT_IEEE8021X |
79 WPA_KEY_MGMT_FT_IEEE8021X |
80 WPA_KEY_MGMT_FT_IEEE8021X_SHA384 |
81 WPA_KEY_MGMT_CCKM |
82 WPA_KEY_MGMT_OSEN |
83 WPA_KEY_MGMT_IEEE8021X_SHA256 |
84 WPA_KEY_MGMT_IEEE8021X_SUITE_B |
85 #ifdef CONFIG_WAPI
86 WPA_KEY_MGMT_WAPI_PSK |
87 WPA_KEY_MGMT_WAPI_CERT |
88 #endif
89 WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 |
90 WPA_KEY_MGMT_FILS_SHA256 |
91 WPA_KEY_MGMT_FILS_SHA384 |
92 WPA_KEY_MGMT_FT_FILS_SHA256 |
93 WPA_KEY_MGMT_FT_FILS_SHA384));
94 }
95
wpa_key_mgmt_wpa_psk_no_sae(int akm)96 static inline int wpa_key_mgmt_wpa_psk_no_sae(int akm)
97 {
98 return !!(akm & (WPA_KEY_MGMT_PSK |
99 WPA_KEY_MGMT_FT_PSK |
100 WPA_KEY_MGMT_PSK_SHA256));
101 }
102
wpa_key_mgmt_wpa_psk(int akm)103 static inline int wpa_key_mgmt_wpa_psk(int akm)
104 {
105 return !!(akm & (WPA_KEY_MGMT_PSK |
106 WPA_KEY_MGMT_FT_PSK |
107 WPA_KEY_MGMT_PSK_SHA256 |
108 WPA_KEY_MGMT_SAE |
109 WPA_KEY_MGMT_SAE_EXT_KEY |
110 WPA_KEY_MGMT_FT_SAE));
111 }
112
wpa_key_mgmt_ft(int akm)113 static inline int wpa_key_mgmt_ft(int akm)
114 {
115 return !!(akm & WPA_KEY_MGMT_FT);
116 }
117
wpa_key_mgmt_only_ft(int akm)118 static inline int wpa_key_mgmt_only_ft(int akm)
119 {
120 int ft = wpa_key_mgmt_ft(akm);
121 akm &= ~WPA_KEY_MGMT_FT;
122 return ft && !akm;
123 }
124
wpa_key_mgmt_ft_psk(int akm)125 static inline int wpa_key_mgmt_ft_psk(int akm)
126 {
127 return !!(akm & WPA_KEY_MGMT_FT_PSK);
128 }
129
wpa_key_mgmt_sae(int akm)130 static inline int wpa_key_mgmt_sae(int akm)
131 {
132 return !!(akm & (WPA_KEY_MGMT_SAE |
133 WPA_KEY_MGMT_SAE_EXT_KEY |
134 WPA_KEY_MGMT_FT_SAE));
135 }
136
wpa_key_mgmt_sae_ext_key(int akm)137 static inline int wpa_key_mgmt_sae_ext_key(int akm)
138 {
139 return !!(akm & WPA_KEY_MGMT_SAE_EXT_KEY);
140 }
141
wpa_key_mgmt_fils(int akm)142 static inline int wpa_key_mgmt_fils(int akm)
143 {
144 return !!(akm & (WPA_KEY_MGMT_FILS_SHA256 |
145 WPA_KEY_MGMT_FILS_SHA384 |
146 WPA_KEY_MGMT_FT_FILS_SHA256 |
147 WPA_KEY_MGMT_FT_FILS_SHA384));
148 }
149
wpa_key_mgmt_sha256(int akm)150 static inline int wpa_key_mgmt_sha256(int akm)
151 {
152 return !!(akm & (WPA_KEY_MGMT_PSK_SHA256 |
153 WPA_KEY_MGMT_IEEE8021X_SHA256 |
154 WPA_KEY_MGMT_SAE |
155 WPA_KEY_MGMT_FT_SAE |
156 WPA_KEY_MGMT_OSEN |
157 WPA_KEY_MGMT_IEEE8021X_SUITE_B |
158 WPA_KEY_MGMT_FILS_SHA256 |
159 WPA_KEY_MGMT_FT_FILS_SHA256));
160 }
161
wpa_key_mgmt_sha384(int akm)162 static inline int wpa_key_mgmt_sha384(int akm)
163 {
164 return !!(akm & (WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 |
165 WPA_KEY_MGMT_FT_IEEE8021X_SHA384 |
166 WPA_KEY_MGMT_FILS_SHA384 |
167 WPA_KEY_MGMT_FT_FILS_SHA384));
168 }
169
wpa_key_mgmt_suite_b(int akm)170 static inline int wpa_key_mgmt_suite_b(int akm)
171 {
172 return !!(akm & (WPA_KEY_MGMT_IEEE8021X_SUITE_B |
173 WPA_KEY_MGMT_IEEE8021X_SUITE_B_192));
174 }
175
wpa_key_mgmt_wpa(int akm)176 static inline int wpa_key_mgmt_wpa(int akm)
177 {
178 return wpa_key_mgmt_wpa_ieee8021x(akm) ||
179 wpa_key_mgmt_wpa_psk(akm) ||
180 wpa_key_mgmt_fils(akm) ||
181 wpa_key_mgmt_sae(akm) ||
182 akm == WPA_KEY_MGMT_OWE ||
183 akm == WPA_KEY_MGMT_DPP;
184 }
185
wpa_key_mgmt_wpa_any(int akm)186 static inline int wpa_key_mgmt_wpa_any(int akm)
187 {
188 return wpa_key_mgmt_wpa(akm) || (akm & WPA_KEY_MGMT_WPA_NONE);
189 }
190
wpa_key_mgmt_cckm(int akm)191 static inline int wpa_key_mgmt_cckm(int akm)
192 {
193 return akm == WPA_KEY_MGMT_CCKM;
194 }
195
196
197 #define WPA_PROTO_WPA BIT(0)
198 #define WPA_PROTO_RSN BIT(1)
199 #define WPA_PROTO_WAPI BIT(2)
200 #define WPA_PROTO_OSEN BIT(3)
201
202 #define WPA_AUTH_ALG_OPEN BIT(0)
203 #define WPA_AUTH_ALG_SHARED BIT(1)
204 #define WPA_AUTH_ALG_LEAP BIT(2)
205 #define WPA_AUTH_ALG_FT BIT(3)
206 #define WPA_AUTH_ALG_SAE BIT(4)
207 #define WPA_AUTH_ALG_FILS BIT(5)
208 #define WPA_AUTH_ALG_FILS_SK_PFS BIT(6)
209
wpa_auth_alg_fils(int alg)210 static inline int wpa_auth_alg_fils(int alg)
211 {
212 return !!(alg & (WPA_AUTH_ALG_FILS | WPA_AUTH_ALG_FILS_SK_PFS));
213 }
214
215 enum wpa_alg {
216 WPA_ALG_NONE,
217 WPA_ALG_WEP,
218 WPA_ALG_TKIP,
219 WPA_ALG_CCMP,
220 WPA_ALG_BIP_CMAC_128,
221 WPA_ALG_GCMP,
222 WPA_ALG_SMS4,
223 WPA_ALG_KRK,
224 WPA_ALG_GCMP_256,
225 WPA_ALG_CCMP_256,
226 WPA_ALG_BIP_GMAC_128,
227 WPA_ALG_BIP_GMAC_256,
228 WPA_ALG_BIP_CMAC_256
229 };
230
wpa_alg_bip(enum wpa_alg alg)231 static inline int wpa_alg_bip(enum wpa_alg alg)
232 {
233 return alg == WPA_ALG_BIP_CMAC_128 ||
234 alg == WPA_ALG_BIP_GMAC_128 ||
235 alg == WPA_ALG_BIP_GMAC_256 ||
236 alg == WPA_ALG_BIP_CMAC_256;
237 }
238
239 /**
240 * enum wpa_states - wpa_supplicant state
241 *
242 * These enumeration values are used to indicate the current wpa_supplicant
243 * state (wpa_s->wpa_state). The current state can be retrieved with
244 * wpa_supplicant_get_state() function and the state can be changed by calling
245 * wpa_supplicant_set_state(). In WPA state machine (wpa.c and preauth.c), the
246 * wrapper functions wpa_sm_get_state() and wpa_sm_set_state() should be used
247 * to access the state variable.
248 */
249 enum wpa_states {
250 /**
251 * WPA_DISCONNECTED - Disconnected state
252 *
253 * This state indicates that client is not associated, but is likely to
254 * start looking for an access point. This state is entered when a
255 * connection is lost.
256 */
257 WPA_DISCONNECTED,
258
259 /**
260 * WPA_INTERFACE_DISABLED - Interface disabled
261 *
262 * This state is entered if the network interface is disabled, e.g.,
263 * due to rfkill. wpa_supplicant refuses any new operations that would
264 * use the radio until the interface has been enabled.
265 */
266 WPA_INTERFACE_DISABLED,
267
268 /**
269 * WPA_INACTIVE - Inactive state (wpa_supplicant disabled)
270 *
271 * This state is entered if there are no enabled networks in the
272 * configuration. wpa_supplicant is not trying to associate with a new
273 * network and external interaction (e.g., ctrl_iface call to add or
274 * enable a network) is needed to start association.
275 */
276 WPA_INACTIVE,
277
278 /**
279 * WPA_SCANNING - Scanning for a network
280 *
281 * This state is entered when wpa_supplicant starts scanning for a
282 * network.
283 */
284 WPA_SCANNING,
285
286 /**
287 * WPA_AUTHENTICATING - Trying to authenticate with a BSS/SSID
288 *
289 * This state is entered when wpa_supplicant has found a suitable BSS
290 * to authenticate with and the driver is configured to try to
291 * authenticate with this BSS. This state is used only with drivers
292 * that use wpa_supplicant as the SME.
293 */
294 WPA_AUTHENTICATING,
295
296 /**
297 * WPA_ASSOCIATING - Trying to associate with a BSS/SSID
298 *
299 * This state is entered when wpa_supplicant has found a suitable BSS
300 * to associate with and the driver is configured to try to associate
301 * with this BSS in ap_scan=1 mode. When using ap_scan=2 mode, this
302 * state is entered when the driver is configured to try to associate
303 * with a network using the configured SSID and security policy.
304 */
305 WPA_ASSOCIATING,
306
307 /**
308 * WPA_ASSOCIATED - Association completed
309 *
310 * This state is entered when the driver reports that association has
311 * been successfully completed with an AP. If IEEE 802.1X is used
312 * (with or without WPA/WPA2), wpa_supplicant remains in this state
313 * until the IEEE 802.1X/EAPOL authentication has been completed.
314 */
315 WPA_ASSOCIATED,
316
317 /**
318 * WPA_4WAY_HANDSHAKE - WPA 4-Way Key Handshake in progress
319 *
320 * This state is entered when WPA/WPA2 4-Way Handshake is started. In
321 * case of WPA-PSK, this happens when receiving the first EAPOL-Key
322 * frame after association. In case of WPA-EAP, this state is entered
323 * when the IEEE 802.1X/EAPOL authentication has been completed.
324 */
325 WPA_4WAY_HANDSHAKE,
326
327 /**
328 * WPA_GROUP_HANDSHAKE - WPA Group Key Handshake in progress
329 *
330 * This state is entered when 4-Way Key Handshake has been completed
331 * (i.e., when the supplicant sends out message 4/4) and when Group
332 * Key rekeying is started by the AP (i.e., when supplicant receives
333 * message 1/2).
334 */
335 WPA_GROUP_HANDSHAKE,
336
337 /**
338 * WPA_COMPLETED - All authentication completed
339 *
340 * This state is entered when the full authentication process is
341 * completed. In case of WPA2, this happens when the 4-Way Handshake is
342 * successfully completed. With WPA, this state is entered after the
343 * Group Key Handshake; with IEEE 802.1X (non-WPA) connection is
344 * completed after dynamic keys are received (or if not used, after
345 * the EAP authentication has been completed). With static WEP keys and
346 * plaintext connections, this state is entered when an association
347 * has been completed.
348 *
349 * This state indicates that the supplicant has completed its
350 * processing for the association phase and that data connection is
351 * fully configured.
352 */
353 WPA_COMPLETED
354 };
355
356 #define MLME_SETPROTECTION_PROTECT_TYPE_NONE 0
357 #define MLME_SETPROTECTION_PROTECT_TYPE_RX 1
358 #define MLME_SETPROTECTION_PROTECT_TYPE_TX 2
359 #define MLME_SETPROTECTION_PROTECT_TYPE_RX_TX 3
360
361 #define MLME_SETPROTECTION_KEY_TYPE_GROUP 0
362 #define MLME_SETPROTECTION_KEY_TYPE_PAIRWISE 1
363
364
365 /**
366 * enum mfp_options - Management frame protection (IEEE 802.11w) options
367 */
368 enum mfp_options {
369 NO_MGMT_FRAME_PROTECTION = 0,
370 MGMT_FRAME_PROTECTION_OPTIONAL = 1,
371 MGMT_FRAME_PROTECTION_REQUIRED = 2,
372 };
373 #define MGMT_FRAME_PROTECTION_DEFAULT 3
374
375 /**
376 * enum hostapd_hw_mode - Hardware mode
377 */
378 enum hostapd_hw_mode {
379 HOSTAPD_MODE_IEEE80211B,
380 HOSTAPD_MODE_IEEE80211G,
381 HOSTAPD_MODE_IEEE80211A,
382 HOSTAPD_MODE_IEEE80211AD,
383 HOSTAPD_MODE_IEEE80211ANY,
384 NUM_HOSTAPD_MODES
385 };
386
387 /**
388 * enum wpa_ctrl_req_type - Control interface request types
389 */
390 enum wpa_ctrl_req_type {
391 WPA_CTRL_REQ_UNKNOWN,
392 WPA_CTRL_REQ_EAP_IDENTITY,
393 WPA_CTRL_REQ_EAP_PASSWORD,
394 WPA_CTRL_REQ_EAP_NEW_PASSWORD,
395 WPA_CTRL_REQ_EAP_PIN,
396 WPA_CTRL_REQ_EAP_OTP,
397 WPA_CTRL_REQ_EAP_PASSPHRASE,
398 WPA_CTRL_REQ_SIM,
399 WPA_CTRL_REQ_PSK_PASSPHRASE,
400 WPA_CTRL_REQ_EXT_CERT_CHECK,
401 NUM_WPA_CTRL_REQS
402 };
403
404 /* Maximum number of EAP methods to store for EAP server user information */
405 #define EAP_MAX_METHODS 8
406
407 enum mesh_plink_state {
408 PLINK_IDLE = 1,
409 PLINK_OPN_SNT,
410 PLINK_OPN_RCVD,
411 PLINK_CNF_RCVD,
412 PLINK_ESTAB,
413 PLINK_HOLDING,
414 PLINK_BLOCKED, /* not defined in the IEEE 802.11 standard */
415 };
416
417 enum set_band {
418 WPA_SETBAND_AUTO = 0,
419 WPA_SETBAND_5G = BIT(0),
420 WPA_SETBAND_2G = BIT(1),
421 WPA_SETBAND_6G = BIT(2),
422 };
423
424 enum wpa_radio_work_band {
425 BAND_2_4_GHZ = 1,
426 BAND_5_GHZ = 2,
427 BAND_60_GHZ = 4,
428 };
429
430 enum beacon_rate_type {
431 BEACON_RATE_LEGACY,
432 BEACON_RATE_HT,
433 BEACON_RATE_VHT,
434 BEACON_RATE_HE
435 };
436
437 enum eap_proxy_sim_state {
438 SIM_STATE_ERROR,
439 };
440
441 #define OCE_STA BIT(0)
442 #define OCE_STA_CFON BIT(1)
443 #define OCE_AP BIT(2)
444
445 /* enum chan_width - Channel width definitions */
446 enum chan_width {
447 CHAN_WIDTH_20_NOHT,
448 CHAN_WIDTH_20,
449 CHAN_WIDTH_40,
450 CHAN_WIDTH_80,
451 CHAN_WIDTH_80P80,
452 CHAN_WIDTH_160,
453 CHAN_WIDTH_2160,
454 CHAN_WIDTH_4320,
455 CHAN_WIDTH_6480,
456 CHAN_WIDTH_8640,
457 CHAN_WIDTH_UNKNOWN
458 };
459
460 enum key_flag {
461 KEY_FLAG_MODIFY = BIT(0),
462 KEY_FLAG_DEFAULT = BIT(1),
463 KEY_FLAG_RX = BIT(2),
464 KEY_FLAG_TX = BIT(3),
465 KEY_FLAG_GROUP = BIT(4),
466 KEY_FLAG_PAIRWISE = BIT(5),
467 KEY_FLAG_PMK = BIT(6),
468 /* Used flag combinations */
469 KEY_FLAG_RX_TX = KEY_FLAG_RX | KEY_FLAG_TX,
470 KEY_FLAG_GROUP_RX_TX = KEY_FLAG_GROUP | KEY_FLAG_RX_TX,
471 KEY_FLAG_GROUP_RX_TX_DEFAULT = KEY_FLAG_GROUP_RX_TX |
472 KEY_FLAG_DEFAULT,
473 KEY_FLAG_GROUP_RX = KEY_FLAG_GROUP | KEY_FLAG_RX,
474 KEY_FLAG_GROUP_TX_DEFAULT = KEY_FLAG_GROUP | KEY_FLAG_TX |
475 KEY_FLAG_DEFAULT,
476 KEY_FLAG_PAIRWISE_RX_TX = KEY_FLAG_PAIRWISE | KEY_FLAG_RX_TX,
477 KEY_FLAG_PAIRWISE_RX = KEY_FLAG_PAIRWISE | KEY_FLAG_RX,
478 KEY_FLAG_PAIRWISE_RX_TX_MODIFY = KEY_FLAG_PAIRWISE_RX_TX |
479 KEY_FLAG_MODIFY,
480 /* Max allowed flags for each key type */
481 KEY_FLAG_PAIRWISE_MASK = KEY_FLAG_PAIRWISE_RX_TX_MODIFY,
482 KEY_FLAG_GROUP_MASK = KEY_FLAG_GROUP_RX_TX_DEFAULT,
483 KEY_FLAG_PMK_MASK = KEY_FLAG_PMK,
484 };
485
check_key_flag(enum key_flag key_flag)486 static inline int check_key_flag(enum key_flag key_flag)
487 {
488 return !!(!key_flag ||
489 ((key_flag & (KEY_FLAG_PAIRWISE | KEY_FLAG_MODIFY)) &&
490 (key_flag & ~KEY_FLAG_PAIRWISE_MASK)) ||
491 ((key_flag & KEY_FLAG_GROUP) &&
492 (key_flag & ~KEY_FLAG_GROUP_MASK)) ||
493 ((key_flag & KEY_FLAG_PMK) &&
494 (key_flag & ~KEY_FLAG_PMK_MASK)));
495 }
496
497 enum ptk0_rekey_handling {
498 PTK0_REKEY_ALLOW_ALWAYS,
499 PTK0_REKEY_ALLOW_LOCAL_OK,
500 PTK0_REKEY_ALLOW_NEVER
501 };
502
503 #ifdef CONFIG_MLD_PATCH
504 #define MAX_NUM_MLD_LINKS 15
505 #endif
506
507 enum sae_pwe {
508 SAE_PWE_HUNT_AND_PECK = 0,
509 SAE_PWE_HASH_TO_ELEMENT = 1,
510 SAE_PWE_BOTH = 2,
511 SAE_PWE_FORCE_HUNT_AND_PECK = 3,
512 SAE_PWE_NOT_SET = 4,
513 };
514
515 #endif /* DEFS_H */
516