1 /*
2 * wpa_supplicant - PASN processing
3 *
4 * Copyright (C) 2019 Intel Corporation
5 *
6 * This software may be distributed under the terms of the BSD license.
7 * See README for more details.
8 */
9
10 #include "includes.h"
11
12 #include "common/ieee802_11_defs.h"
13 #include "common/ieee802_11_common.h"
14 #include "common/dragonfly.h"
15 #include "common/ptksa_cache.h"
16 #include "utils/eloop.h"
17 #include "drivers/driver.h"
18 #include "crypto/crypto.h"
19 #include "crypto/random.h"
20 #include "eap_common/eap_defs.h"
21 #include "rsn_supp/wpa.h"
22 #include "rsn_supp/pmksa_cache.h"
23 #include "wpa_supplicant_i.h"
24 #include "driver_i.h"
25 #include "bss.h"
26 #include "scan.h"
27 #include "config.h"
28
29 static const int dot11RSNAConfigPMKLifetime = 43200;
30
31 struct wpa_pasn_auth_work {
32 u8 own_addr[ETH_ALEN];
33 u8 peer_addr[ETH_ALEN];
34 int akmp;
35 int cipher;
36 u16 group;
37 int network_id;
38 struct wpabuf *comeback;
39 };
40
41
wpas_pasn_send_mlme(void * ctx,const u8 * data,size_t data_len,int noack,unsigned int freq,unsigned int wait)42 static int wpas_pasn_send_mlme(void *ctx, const u8 *data, size_t data_len,
43 int noack, unsigned int freq, unsigned int wait)
44 {
45 struct wpa_supplicant *wpa_s = ctx;
46
47 return wpa_drv_send_mlme(wpa_s, data, data_len, noack, freq, wait);
48 }
49
50
wpas_pasn_free_auth_work(struct wpa_pasn_auth_work * awork)51 static void wpas_pasn_free_auth_work(struct wpa_pasn_auth_work *awork)
52 {
53 wpabuf_free(awork->comeback);
54 awork->comeback = NULL;
55 os_free(awork);
56 }
57
58
wpas_pasn_auth_work_timeout(void * eloop_ctx,void * timeout_ctx)59 static void wpas_pasn_auth_work_timeout(void *eloop_ctx, void *timeout_ctx)
60 {
61 struct wpa_supplicant *wpa_s = eloop_ctx;
62
63 wpa_printf(MSG_DEBUG, "PASN: Auth work timeout - stopping auth");
64
65 wpas_pasn_auth_stop(wpa_s);
66
67 wpas_pasn_auth_work_done(wpa_s, PASN_STATUS_FAILURE);
68 }
69
70
wpas_pasn_cancel_auth_work(struct wpa_supplicant * wpa_s)71 static void wpas_pasn_cancel_auth_work(struct wpa_supplicant *wpa_s)
72 {
73 wpa_printf(MSG_DEBUG, "PASN: Cancel pasn-start-auth work");
74
75 /* Remove pending/started work */
76 radio_remove_works(wpa_s, "pasn-start-auth", 0);
77 }
78
79
wpas_pasn_auth_status(struct wpa_supplicant * wpa_s,const u8 * peer_addr,int akmp,int cipher,u8 status,struct wpabuf * comeback,u16 comeback_after)80 static void wpas_pasn_auth_status(struct wpa_supplicant *wpa_s,
81 const u8 *peer_addr,
82 int akmp, int cipher, u8 status,
83 struct wpabuf *comeback,
84 u16 comeback_after)
85 {
86 if (comeback) {
87 size_t comeback_len = wpabuf_len(comeback);
88 size_t buflen = comeback_len * 2 + 1;
89 char *comeback_txt = os_malloc(buflen);
90
91 if (comeback_txt) {
92 wpa_snprintf_hex(comeback_txt, buflen,
93 wpabuf_head(comeback), comeback_len);
94
95 wpa_msg(wpa_s, MSG_INFO, PASN_AUTH_STATUS MACSTR
96 " akmp=%s, status=%u comeback_after=%u comeback=%s",
97 MAC2STR(peer_addr),
98 wpa_key_mgmt_txt(akmp, WPA_PROTO_RSN),
99 status, comeback_after, comeback_txt);
100 wpa_printf(MSG_INFO, PASN_AUTH_STATUS MACSTR_SEC
101 " akmp=%s, status=%u comeback_after=%u comeback=%s",
102 MAC2STR_SEC(peer_addr),
103 wpa_key_mgmt_txt(akmp, WPA_PROTO_RSN),
104 status, comeback_after, comeback_txt);
105
106 os_free(comeback_txt);
107 return;
108 }
109 }
110
111 wpa_msg(wpa_s, MSG_INFO,
112 PASN_AUTH_STATUS MACSTR " akmp=%s, status=%u",
113 MAC2STR(peer_addr), wpa_key_mgmt_txt(akmp, WPA_PROTO_RSN),
114 status);
115 }
116
117
118 #ifdef CONFIG_SAE
119
120 static struct sae_pt *
wpas_pasn_sae_derive_pt(struct wpa_ssid * ssid,int group)121 wpas_pasn_sae_derive_pt(struct wpa_ssid *ssid, int group)
122 {
123 const char *password = ssid->sae_password;
124 int groups[2] = { group, 0 };
125
126 if (!password)
127 password = ssid->passphrase;
128
129 if (!password) {
130 wpa_printf(MSG_DEBUG, "PASN: SAE without a password");
131 return NULL;
132 }
133
134 return sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
135 (const u8 *) password, os_strlen(password),
136 ssid->sae_password_id);
137 }
138
139
wpas_pasn_sae_setup_pt(struct wpa_ssid * ssid,int group)140 static int wpas_pasn_sae_setup_pt(struct wpa_ssid *ssid, int group)
141 {
142 if (!ssid->sae_password && !ssid->passphrase) {
143 wpa_printf(MSG_DEBUG, "PASN: SAE without a password");
144 return -1;
145 }
146
147 if (ssid->pt)
148 return 0; /* PT already derived */
149
150 ssid->pt = wpas_pasn_sae_derive_pt(ssid, group);
151
152 return ssid->pt ? 0 : -1;
153 }
154
155 #endif /* CONFIG_SAE */
156
157
wpas_pasn_get_params_from_bss(struct wpa_supplicant * wpa_s,struct pasn_peer * peer)158 static int wpas_pasn_get_params_from_bss(struct wpa_supplicant *wpa_s,
159 struct pasn_peer *peer)
160 {
161 int ret;
162 const u8 *rsne, *rsnxe;
163 struct wpa_bss *bss;
164 struct wpa_ie_data rsne_data;
165 int sel, key_mgmt, pairwise_cipher;
166 int network_id = 0, group = 19;
167 struct wpa_ssid *ssid = NULL;
168 size_t ssid_str_len = 0;
169 const u8 *ssid_str = NULL;
170 const u8 *peer_addr = peer->peer_addr;
171
172 bss = wpa_bss_get_bssid(wpa_s, peer_addr);
173 if (!bss) {
174 wpa_supplicant_update_scan_results(wpa_s, peer_addr);
175 bss = wpa_bss_get_bssid(wpa_s, peer_addr);
176 if (!bss) {
177 wpa_printf(MSG_DEBUG, "PASN: BSS not found");
178 return -1;
179 }
180 }
181
182 rsne = wpa_bss_get_ie(bss, WLAN_EID_RSN);
183 if (!rsne) {
184 wpa_printf(MSG_DEBUG, "PASN: BSS without RSNE");
185 return -1;
186 }
187
188 ret = wpa_parse_wpa_ie(rsne, *(rsne + 1) + 2, &rsne_data);
189 if (ret) {
190 wpa_printf(MSG_DEBUG, "PASN: Failed parsing RSNE data");
191 return -1;
192 }
193
194 rsnxe = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
195
196 ssid_str_len = bss->ssid_len;
197 ssid_str = bss->ssid;
198
199 /* Get the network configuration based on the obtained SSID */
200 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
201 if (!wpas_network_disabled(wpa_s, ssid) &&
202 ssid_str_len == ssid->ssid_len &&
203 os_memcmp(ssid_str, ssid->ssid, ssid_str_len) == 0)
204 break;
205 }
206
207 if (ssid)
208 network_id = ssid->id;
209
210 sel = rsne_data.pairwise_cipher;
211 if (ssid && ssid->pairwise_cipher)
212 sel &= ssid->pairwise_cipher;
213
214 wpa_printf(MSG_DEBUG, "PASN: peer pairwise 0x%x, select 0x%x",
215 rsne_data.pairwise_cipher, sel);
216
217 pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
218 if (pairwise_cipher < 0) {
219 wpa_msg(wpa_s, MSG_WARNING,
220 "PASN: Failed to select pairwise cipher");
221 return -1;
222 }
223
224 sel = rsne_data.key_mgmt;
225 if (ssid && ssid->key_mgmt)
226 sel &= ssid->key_mgmt;
227
228 wpa_printf(MSG_DEBUG, "PASN: peer AKMP 0x%x, select 0x%x",
229 rsne_data.key_mgmt, sel);
230 #ifdef CONFIG_SAE
231 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE) || !ssid)
232 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY |
233 WPA_KEY_MGMT_FT_SAE | WPA_KEY_MGMT_FT_SAE_EXT_KEY);
234 #endif /* CONFIG_SAE */
235 #ifdef CONFIG_IEEE80211R
236 if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME |
237 WPA_DRIVER_FLAGS_UPDATE_FT_IES)))
238 sel &= ~WPA_KEY_MGMT_FT;
239 #endif /* CONFIG_IEEE80211R */
240 if (0) {
241 #ifdef CONFIG_IEEE80211R
242 #ifdef CONFIG_SHA384
243 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
244 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
245 key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
246 wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FT/802.1X-SHA384");
247 if (ssid && !ssid->ft_eap_pmksa_caching &&
248 pmksa_cache_get_current(wpa_s->wpa)) {
249 /* PMKSA caching with FT may have interoperability
250 * issues, so disable that case by default for now.
251 */
252 wpa_printf(MSG_DEBUG,
253 "PASN: Disable PMKSA caching for FT/802.1X connection");
254 pmksa_cache_clear_current(wpa_s->wpa);
255 }
256 #endif /* CONFIG_SHA384 */
257 #endif /* CONFIG_IEEE80211R */
258 #ifdef CONFIG_SAE
259 } else if ((sel & WPA_KEY_MGMT_SAE_EXT_KEY) &&
260 (ieee802_11_rsnx_capab(rsnxe,
261 WLAN_RSNX_CAPAB_SAE_H2E)) &&
262 (wpas_pasn_sae_setup_pt(ssid, group) == 0)) {
263 key_mgmt = WPA_KEY_MGMT_SAE_EXT_KEY;
264 wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT SAE (ext key)");
265 } else if ((sel & WPA_KEY_MGMT_SAE) &&
266 (ieee802_11_rsnx_capab(rsnxe,
267 WLAN_RSNX_CAPAB_SAE_H2E)) &&
268 (wpas_pasn_sae_setup_pt(ssid, group) == 0)) {
269 key_mgmt = WPA_KEY_MGMT_SAE;
270 wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT SAE");
271 #endif /* CONFIG_SAE */
272 #ifdef CONFIG_FILS
273 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
274 key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
275 wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FILS-SHA384");
276 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
277 key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
278 wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FILS-SHA256");
279 #endif /* CONFIG_FILS */
280 #ifdef CONFIG_IEEE80211R
281 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
282 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
283 key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
284 wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FT/802.1X");
285 if (ssid && !ssid->ft_eap_pmksa_caching &&
286 pmksa_cache_get_current(wpa_s->wpa)) {
287 /* PMKSA caching with FT may have interoperability
288 * issues, so disable that case by default for now.
289 */
290 wpa_printf(MSG_DEBUG,
291 "PASN: Disable PMKSA caching for FT/802.1X connection");
292 pmksa_cache_clear_current(wpa_s->wpa);
293 }
294 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
295 key_mgmt = WPA_KEY_MGMT_FT_PSK;
296 wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FT/PSK");
297 #endif /* CONFIG_IEEE80211R */
298 } else if (sel & WPA_KEY_MGMT_PASN) {
299 key_mgmt = WPA_KEY_MGMT_PASN;
300 wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT PASN");
301 } else {
302 wpa_printf(MSG_DEBUG, "PASN: invalid AKMP");
303 return -1;
304 }
305
306 peer->akmp = key_mgmt;
307 peer->cipher = pairwise_cipher;
308 peer->network_id = network_id;
309 peer->group = group;
310 return 0;
311 }
312
313
wpas_pasn_set_keys_from_cache(struct wpa_supplicant * wpa_s,const u8 * own_addr,const u8 * peer_addr,int cipher,int akmp)314 static int wpas_pasn_set_keys_from_cache(struct wpa_supplicant *wpa_s,
315 const u8 *own_addr,
316 const u8 *peer_addr,
317 int cipher, int akmp)
318 {
319 struct ptksa_cache_entry *entry;
320
321 entry = ptksa_cache_get(wpa_s->ptksa, peer_addr, cipher);
322 if (!entry) {
323 wpa_printf(MSG_DEBUG, "PASN: peer " MACSTR_SEC
324 " not present in PTKSA cache", MAC2STR_SEC(peer_addr));
325 return -1;
326 }
327
328 if (!ether_addr_equal(entry->own_addr, own_addr)) {
329 wpa_printf(MSG_DEBUG,
330 "PASN: own addr " MACSTR_SEC " and PTKSA entry own addr "
331 MACSTR_SEC " differ",
332 MAC2STR_SEC(own_addr), MAC2STR_SEC(entry->own_addr));
333 return -1;
334 }
335
336 wpa_printf(MSG_DEBUG, "PASN: " MACSTR_SEC " present in PTKSA cache",
337 MAC2STR_SEC(peer_addr));
338 wpa_drv_set_secure_ranging_ctx(wpa_s, own_addr, peer_addr, cipher,
339 entry->ptk.tk_len,
340 entry->ptk.tk,
341 entry->ptk.ltf_keyseed_len,
342 entry->ptk.ltf_keyseed, 0);
343 return 0;
344 }
345
346
wpas_pasn_configure_next_peer(struct wpa_supplicant * wpa_s,struct pasn_auth * pasn_params)347 static void wpas_pasn_configure_next_peer(struct wpa_supplicant *wpa_s,
348 struct pasn_auth *pasn_params)
349 {
350 struct pasn_peer *peer;
351 u8 comeback_len = 0;
352 const u8 *comeback = NULL;
353
354 if (!pasn_params)
355 return;
356
357 while (wpa_s->pasn_count < pasn_params->num_peers) {
358 peer = &pasn_params->peer[wpa_s->pasn_count];
359
360 if (ether_addr_equal(wpa_s->bssid, peer->peer_addr)) {
361 wpa_printf(MSG_DEBUG,
362 "PASN: Associated peer is not expected");
363 peer->status = PASN_STATUS_FAILURE;
364 wpa_s->pasn_count++;
365 continue;
366 }
367
368 if (wpas_pasn_set_keys_from_cache(wpa_s, peer->own_addr,
369 peer->peer_addr,
370 peer->cipher,
371 peer->akmp) == 0) {
372 peer->status = PASN_STATUS_SUCCESS;
373 wpa_s->pasn_count++;
374 continue;
375 }
376
377 if (wpas_pasn_get_params_from_bss(wpa_s, peer)) {
378 peer->status = PASN_STATUS_FAILURE;
379 wpa_s->pasn_count++;
380 continue;
381 }
382
383 if (wpas_pasn_auth_start(wpa_s, peer->own_addr,
384 peer->peer_addr, peer->akmp,
385 peer->cipher, peer->group,
386 peer->network_id,
387 comeback, comeback_len)) {
388 peer->status = PASN_STATUS_FAILURE;
389 wpa_s->pasn_count++;
390 continue;
391 }
392 wpa_printf(MSG_DEBUG, "PASN: Sent PASN auth start for " MACSTR,
393 MAC2STR(peer->peer_addr));
394 return;
395 }
396
397 if (wpa_s->pasn_count == pasn_params->num_peers) {
398 wpa_drv_send_pasn_resp(wpa_s, pasn_params);
399 wpa_printf(MSG_DEBUG, "PASN: Response sent");
400 os_free(wpa_s->pasn_params);
401 wpa_s->pasn_params = NULL;
402 }
403 }
404
405
wpas_pasn_auth_work_done(struct wpa_supplicant * wpa_s,int status)406 void wpas_pasn_auth_work_done(struct wpa_supplicant *wpa_s, int status)
407 {
408 if (!wpa_s->pasn_params)
409 return;
410
411 wpa_s->pasn_params->peer[wpa_s->pasn_count].status = status;
412 wpa_s->pasn_count++;
413 wpas_pasn_configure_next_peer(wpa_s, wpa_s->pasn_params);
414 }
415
416
wpas_pasn_delete_peers(struct wpa_supplicant * wpa_s,struct pasn_auth * pasn_params)417 static void wpas_pasn_delete_peers(struct wpa_supplicant *wpa_s,
418 struct pasn_auth *pasn_params)
419 {
420 struct pasn_peer *peer;
421 unsigned int i;
422
423 if (!pasn_params)
424 return;
425
426 for (i = 0; i < pasn_params->num_peers; i++) {
427 peer = &pasn_params->peer[i];
428 ptksa_cache_flush(wpa_s->ptksa, peer->peer_addr,
429 WPA_CIPHER_NONE);
430 }
431 }
432
433
434 #ifdef CONFIG_FILS
wpas_pasn_initiate_eapol(struct pasn_data * pasn,struct wpa_ssid * ssid)435 static void wpas_pasn_initiate_eapol(struct pasn_data *pasn,
436 struct wpa_ssid *ssid)
437 {
438 struct eapol_config eapol_conf;
439
440 wpa_printf(MSG_DEBUG, "PASN: FILS: Initiating EAPOL");
441
442 eapol_sm_notify_eap_success(pasn->eapol, false);
443 eapol_sm_notify_eap_fail(pasn->eapol, false);
444 eapol_sm_notify_portControl(pasn->eapol, Auto);
445
446 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
447 eapol_conf.fast_reauth = pasn->fast_reauth;
448 eapol_conf.workaround = ssid->eap_workaround;
449
450 eapol_sm_notify_config(pasn->eapol, &ssid->eap, &eapol_conf);
451 }
452 #endif /* CONFIG_FILS */
453
454
wpas_pasn_reset(struct wpa_supplicant * wpa_s)455 static void wpas_pasn_reset(struct wpa_supplicant *wpa_s)
456 {
457 struct pasn_data *pasn = &wpa_s->pasn;
458
459 wpas_pasn_cancel_auth_work(wpa_s);
460 wpa_s->pasn_auth_work = NULL;
461 eloop_cancel_timeout(wpas_pasn_auth_work_timeout, wpa_s, NULL);
462
463 wpa_pasn_reset(pasn);
464 }
465
466
wpas_pasn_allowed(struct wpa_supplicant * wpa_s,const u8 * peer_addr,int akmp,int cipher)467 static struct wpa_bss * wpas_pasn_allowed(struct wpa_supplicant *wpa_s,
468 const u8 *peer_addr, int akmp,
469 int cipher)
470 {
471 struct wpa_bss *bss;
472 const u8 *rsne;
473 struct wpa_ie_data rsne_data;
474 int ret;
475
476 if (ether_addr_equal(wpa_s->bssid, peer_addr)) {
477 wpa_printf(MSG_DEBUG,
478 "PASN: Not doing authentication with current BSS");
479 return NULL;
480 }
481
482 bss = wpa_bss_get_bssid_latest(wpa_s, peer_addr);
483 if (!bss) {
484 wpa_printf(MSG_DEBUG, "PASN: BSS not found");
485 return NULL;
486 }
487
488 rsne = wpa_bss_get_ie(bss, WLAN_EID_RSN);
489 if (!rsne) {
490 wpa_printf(MSG_DEBUG, "PASN: BSS without RSNE");
491 return NULL;
492 }
493
494 ret = wpa_parse_wpa_ie(rsne, *(rsne + 1) + 2, &rsne_data);
495 if (ret) {
496 wpa_printf(MSG_DEBUG, "PASN: Failed parsing RSNE data");
497 return NULL;
498 }
499
500 if (!(rsne_data.key_mgmt & akmp) ||
501 !(rsne_data.pairwise_cipher & cipher)) {
502 wpa_printf(MSG_DEBUG,
503 "PASN: AP does not support requested AKMP or cipher");
504 return NULL;
505 }
506
507 return bss;
508 }
509
510
wpas_pasn_auth_start_cb(struct wpa_radio_work * work,int deinit)511 static void wpas_pasn_auth_start_cb(struct wpa_radio_work *work, int deinit)
512 {
513 struct wpa_supplicant *wpa_s = work->wpa_s;
514 struct wpa_pasn_auth_work *awork = work->ctx;
515 struct pasn_data *pasn = &wpa_s->pasn;
516 struct wpa_ssid *ssid;
517 struct wpa_bss *bss;
518 const u8 *rsne, *rsnxe;
519 #ifdef CONFIG_FILS
520 const u8 *indic;
521 u16 fils_info;
522 #endif /* CONFIG_FILS */
523 u16 capab = 0;
524 bool derive_kdk;
525 int ret;
526
527 wpa_printf(MSG_DEBUG, "PASN: auth_start_cb: deinit=%d", deinit);
528
529 if (deinit) {
530 if (work->started) {
531 eloop_cancel_timeout(wpas_pasn_auth_work_timeout,
532 wpa_s, NULL);
533 wpa_s->pasn_auth_work = NULL;
534 }
535
536 wpas_pasn_free_auth_work(awork);
537 return;
538 }
539
540 /*
541 * It is possible that by the time the callback is called, the PASN
542 * authentication is not allowed, e.g., a connection with the AP was
543 * established.
544 */
545 bss = wpas_pasn_allowed(wpa_s, awork->peer_addr, awork->akmp,
546 awork->cipher);
547 if (!bss) {
548 wpa_printf(MSG_DEBUG, "PASN: auth_start_cb: Not allowed");
549 goto fail;
550 }
551
552 rsne = wpa_bss_get_ie(bss, WLAN_EID_RSN);
553 if (!rsne) {
554 wpa_printf(MSG_DEBUG, "PASN: BSS without RSNE");
555 goto fail;
556 }
557
558 rsnxe = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
559
560 derive_kdk = (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF_STA) &&
561 ieee802_11_rsnx_capab(rsnxe,
562 WLAN_RSNX_CAPAB_SECURE_LTF);
563 #ifdef CONFIG_TESTING_OPTIONS
564 if (!derive_kdk)
565 derive_kdk = wpa_s->conf->force_kdk_derivation;
566 #endif /* CONFIG_TESTING_OPTIONS */
567 if (derive_kdk)
568 pasn_enable_kdk_derivation(pasn);
569 else
570 pasn_disable_kdk_derivation(pasn);
571
572 wpa_printf(MSG_DEBUG, "PASN: kdk_len=%zu", pasn->kdk_len);
573
574 if ((wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF_STA) &&
575 ieee802_11_rsnx_capab(rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF))
576 pasn->secure_ltf = true;
577 else
578 pasn->secure_ltf = false;
579
580 #ifdef CONFIG_TESTING_OPTIONS
581 pasn->corrupt_mic = wpa_s->conf->pasn_corrupt_mic;
582 #endif /* CONFIG_TESTING_OPTIONS */
583
584 capab |= BIT(WLAN_RSNX_CAPAB_SAE_H2E);
585 if (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF_STA)
586 capab |= BIT(WLAN_RSNX_CAPAB_SECURE_LTF);
587 if (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_RTT_STA)
588 capab |= BIT(WLAN_RSNX_CAPAB_SECURE_RTT);
589 if (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_PROT_RANGE_NEG_STA)
590 capab |= BIT(WLAN_RSNX_CAPAB_URNM_MFPR);
591 pasn_set_rsnxe_caps(pasn, capab);
592 pasn_register_callbacks(pasn, wpa_s, wpas_pasn_send_mlme, NULL);
593 ssid = wpa_config_get_network(wpa_s->conf, awork->network_id);
594
595 #ifdef CONFIG_SAE
596 if (awork->akmp == WPA_KEY_MGMT_SAE) {
597 if (!ssid) {
598 wpa_printf(MSG_DEBUG,
599 "PASN: No network profile found for SAE");
600 goto fail;
601 }
602 pasn_set_pt(pasn, wpas_pasn_sae_derive_pt(ssid, awork->group));
603 if (!pasn->pt) {
604 wpa_printf(MSG_DEBUG, "PASN: Failed to derive PT");
605 goto fail;
606 }
607 pasn->network_id = ssid->id;
608 }
609 #endif /* CONFIG_SAE */
610
611 #ifdef CONFIG_FILS
612 /* Prepare needed information for wpas_pasn_wd_fils_auth(). */
613 if (awork->akmp == WPA_KEY_MGMT_FILS_SHA256 ||
614 awork->akmp == WPA_KEY_MGMT_FILS_SHA384) {
615 indic = wpa_bss_get_ie(bss, WLAN_EID_FILS_INDICATION);
616 if (!ssid) {
617 wpa_printf(MSG_DEBUG, "PASN: FILS: No network block");
618 } else if (!indic || indic[1] < 2) {
619 wpa_printf(MSG_DEBUG,
620 "PASN: Missing FILS Indication IE");
621 } else {
622 fils_info = WPA_GET_LE16(indic + 2);
623 if ((fils_info & BIT(9)) && ssid) {
624 pasn->eapol = wpa_s->eapol;
625 pasn->network_id = ssid->id;
626 wpas_pasn_initiate_eapol(pasn, ssid);
627 pasn->fils_eapol = true;
628 } else {
629 wpa_printf(MSG_DEBUG,
630 "PASN: FILS auth without PFS not supported");
631 }
632 }
633 pasn->fast_reauth = wpa_s->conf->fast_reauth;
634 }
635 #endif /* CONFIG_FILS */
636
637 pasn_set_initiator_pmksa(pasn, wpa_sm_get_pmksa_cache(wpa_s->wpa));
638
639 if (wpa_key_mgmt_ft(awork->akmp)) {
640 #ifdef CONFIG_IEEE80211R
641 ret = wpa_pasn_ft_derive_pmk_r1(wpa_s->wpa, awork->akmp,
642 awork->peer_addr,
643 pasn->pmk_r1,
644 &pasn->pmk_r1_len,
645 pasn->pmk_r1_name);
646 if (ret) {
647 wpa_printf(MSG_DEBUG,
648 "PASN: FT: Failed to derive keys");
649 goto fail;
650 }
651 #else /* CONFIG_IEEE80211R */
652 goto fail;
653 #endif /* CONFIG_IEEE80211R */
654 }
655
656
657 ret = wpas_pasn_start(pasn, awork->own_addr, awork->peer_addr,
658 awork->peer_addr, awork->akmp, awork->cipher,
659 awork->group, bss->freq, rsne, *(rsne + 1) + 2,
660 rsnxe, rsnxe ? *(rsnxe + 1) + 2 : 0,
661 awork->comeback);
662 if (ret) {
663 wpa_printf(MSG_DEBUG,
664 "PASN: Failed to start PASN authentication");
665 goto fail;
666 }
667 eloop_register_timeout(2, 0, wpas_pasn_auth_work_timeout, wpa_s, NULL);
668
669 /* comeback token is no longer needed at this stage */
670 wpabuf_free(awork->comeback);
671 awork->comeback = NULL;
672
673 wpa_s->pasn_auth_work = work;
674 return;
675 fail:
676 wpas_pasn_free_auth_work(awork);
677 work->ctx = NULL;
678 radio_work_done(work);
679 }
680
681
wpas_pasn_auth_start(struct wpa_supplicant * wpa_s,const u8 * own_addr,const u8 * peer_addr,int akmp,int cipher,u16 group,int network_id,const u8 * comeback,size_t comeback_len)682 int wpas_pasn_auth_start(struct wpa_supplicant *wpa_s,
683 const u8 *own_addr, const u8 *peer_addr,
684 int akmp, int cipher, u16 group, int network_id,
685 const u8 *comeback, size_t comeback_len)
686 {
687 struct wpa_pasn_auth_work *awork;
688 struct wpa_bss *bss;
689
690 wpa_printf(MSG_DEBUG, "PASN: Start: " MACSTR_SEC " akmp=0x%x, cipher=0x%x",
691 MAC2STR_SEC(peer_addr), akmp, cipher);
692
693 /*
694 * TODO: Consider modifying the offchannel logic to handle additional
695 * Management frames other then Action frames. For now allow PASN only
696 * with drivers that support off-channel TX.
697 */
698 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX)) {
699 wpa_printf(MSG_DEBUG,
700 "PASN: Driver does not support offchannel TX");
701 return -1;
702 }
703
704 if (radio_work_pending(wpa_s, "pasn-start-auth")) {
705 wpa_printf(MSG_DEBUG,
706 "PASN: send_auth: Work is already pending");
707 return -1;
708 }
709
710 if (wpa_s->pasn_auth_work) {
711 wpa_printf(MSG_DEBUG, "PASN: send_auth: Already in progress");
712 return -1;
713 }
714
715 bss = wpas_pasn_allowed(wpa_s, peer_addr, akmp, cipher);
716 if (!bss)
717 return -1;
718
719 wpas_pasn_reset(wpa_s);
720
721 awork = os_zalloc(sizeof(*awork));
722 if (!awork)
723 return -1;
724
725 os_memcpy(awork->own_addr, own_addr, ETH_ALEN);
726 os_memcpy(awork->peer_addr, peer_addr, ETH_ALEN);
727 awork->akmp = akmp;
728 awork->cipher = cipher;
729 awork->group = group;
730 awork->network_id = network_id;
731
732 if (comeback && comeback_len) {
733 awork->comeback = wpabuf_alloc_copy(comeback, comeback_len);
734 if (!awork->comeback) {
735 wpas_pasn_free_auth_work(awork);
736 return -1;
737 }
738 }
739
740 if (radio_add_work(wpa_s, bss->freq, "pasn-start-auth", 1,
741 wpas_pasn_auth_start_cb, awork) < 0) {
742 wpas_pasn_free_auth_work(awork);
743 return -1;
744 }
745
746 wpa_printf(MSG_DEBUG, "PASN: Auth work successfully added");
747 return 0;
748 }
749
750
wpas_pasn_auth_stop(struct wpa_supplicant * wpa_s)751 void wpas_pasn_auth_stop(struct wpa_supplicant *wpa_s)
752 {
753 struct pasn_data *pasn = &wpa_s->pasn;
754
755 if (!wpa_s->pasn.ecdh)
756 return;
757
758 wpa_printf(MSG_DEBUG, "PASN: Stopping authentication");
759
760 wpas_pasn_auth_status(wpa_s, pasn->peer_addr, pasn_get_akmp(pasn),
761 pasn_get_cipher(pasn),
762 pasn->status, pasn->comeback,
763 pasn->comeback_after);
764
765 wpas_pasn_reset(wpa_s);
766 }
767
768
wpas_pasn_immediate_retry(struct wpa_supplicant * wpa_s,struct pasn_data * pasn,struct wpa_pasn_params_data * params)769 static int wpas_pasn_immediate_retry(struct wpa_supplicant *wpa_s,
770 struct pasn_data *pasn,
771 struct wpa_pasn_params_data *params)
772 {
773 int akmp = pasn_get_akmp(pasn);
774 int cipher = pasn_get_cipher(pasn);
775 u16 group = pasn->group;
776 u8 own_addr[ETH_ALEN];
777 u8 peer_addr[ETH_ALEN];
778
779 wpa_printf(MSG_DEBUG, "PASN: Immediate retry");
780 os_memcpy(own_addr, pasn->own_addr, ETH_ALEN);
781 os_memcpy(peer_addr, pasn->peer_addr, ETH_ALEN);
782 wpas_pasn_reset(wpa_s);
783
784 return wpas_pasn_auth_start(wpa_s, own_addr, peer_addr, akmp, cipher,
785 group, pasn->network_id,
786 params->comeback, params->comeback_len);
787 }
788
789
wpas_pasn_deauth_cb(struct ptksa_cache_entry * entry)790 static void wpas_pasn_deauth_cb(struct ptksa_cache_entry *entry)
791 {
792 struct wpa_supplicant *wpa_s = entry->ctx;
793 u8 own_addr[ETH_ALEN];
794 u8 peer_addr[ETH_ALEN];
795
796 /* Use a copy of the addresses from the entry to avoid issues with the
797 * entry getting freed during deauthentication processing. */
798 os_memcpy(own_addr, entry->own_addr, ETH_ALEN);
799 os_memcpy(peer_addr, entry->addr, ETH_ALEN);
800 wpas_pasn_deauthenticate(wpa_s, own_addr, peer_addr);
801 }
802
803
wpas_pasn_auth_rx(struct wpa_supplicant * wpa_s,const struct ieee80211_mgmt * mgmt,size_t len)804 int wpas_pasn_auth_rx(struct wpa_supplicant *wpa_s,
805 const struct ieee80211_mgmt *mgmt, size_t len)
806 {
807 struct pasn_data *pasn = &wpa_s->pasn;
808 struct wpa_pasn_params_data pasn_data;
809 int ret;
810
811 if (!wpa_s->pasn_auth_work)
812 return -2;
813
814 pasn_register_callbacks(pasn, wpa_s, wpas_pasn_send_mlme, NULL);
815 ret = wpa_pasn_auth_rx(pasn, (const u8 *) mgmt, len, &pasn_data);
816 if (ret == 0) {
817 ptksa_cache_add(wpa_s->ptksa, pasn->own_addr, pasn->peer_addr,
818 pasn_get_cipher(pasn),
819 dot11RSNAConfigPMKLifetime,
820 pasn_get_ptk(pasn),
821 wpa_s->pasn_params ? wpas_pasn_deauth_cb : NULL,
822 wpa_s->pasn_params ? wpa_s : NULL,
823 pasn_get_akmp(pasn));
824
825 if (pasn->pmksa_entry)
826 wpa_sm_set_cur_pmksa(wpa_s->wpa, pasn->pmksa_entry);
827 }
828
829 forced_memzero(pasn_get_ptk(pasn), sizeof(pasn->ptk));
830
831 if (ret == -1) {
832 wpas_pasn_auth_stop(wpa_s);
833 wpas_pasn_auth_work_done(wpa_s, PASN_STATUS_FAILURE);
834 }
835
836 if (ret == 1)
837 ret = wpas_pasn_immediate_retry(wpa_s, pasn, &pasn_data);
838
839 return ret;
840 }
841
842
wpas_pasn_auth_trigger(struct wpa_supplicant * wpa_s,struct pasn_auth * pasn_auth)843 void wpas_pasn_auth_trigger(struct wpa_supplicant *wpa_s,
844 struct pasn_auth *pasn_auth)
845 {
846 struct pasn_peer *src, *dst;
847 unsigned int i, num_peers = pasn_auth->num_peers;
848
849 if (wpa_s->pasn_params) {
850 wpa_printf(MSG_DEBUG,
851 "PASN: auth_trigger: Already in progress");
852 return;
853 }
854
855 if (!num_peers || num_peers > WPAS_MAX_PASN_PEERS) {
856 wpa_printf(MSG_DEBUG,
857 "PASN: auth trigger: Invalid number of peers");
858 return;
859 }
860
861 wpa_s->pasn_params = os_zalloc(sizeof(struct pasn_auth));
862 if (!wpa_s->pasn_params) {
863 wpa_printf(MSG_DEBUG,
864 "PASN: auth trigger: Failed to allocate a buffer");
865 return;
866 }
867
868 wpa_s->pasn_count = 0;
869 wpa_s->pasn_params->num_peers = num_peers;
870
871 for (i = 0; i < num_peers; i++) {
872 dst = &wpa_s->pasn_params->peer[i];
873 src = &pasn_auth->peer[i];
874 os_memcpy(dst->own_addr, wpa_s->own_addr, ETH_ALEN);
875 os_memcpy(dst->peer_addr, src->peer_addr, ETH_ALEN);
876 dst->ltf_keyseed_required = src->ltf_keyseed_required;
877 dst->status = PASN_STATUS_SUCCESS;
878
879 if (!is_zero_ether_addr(src->own_addr)) {
880 os_memcpy(dst->own_addr, src->own_addr, ETH_ALEN);
881 wpa_printf(MSG_DEBUG, "PASN: Own (source) MAC addr: "
882 MACSTR, MAC2STR(dst->own_addr));
883 }
884 }
885
886 if (pasn_auth->action == PASN_ACTION_DELETE_SECURE_RANGING_CONTEXT) {
887 wpas_pasn_delete_peers(wpa_s, wpa_s->pasn_params);
888 os_free(wpa_s->pasn_params);
889 wpa_s->pasn_params = NULL;
890 } else if (pasn_auth->action == PASN_ACTION_AUTH) {
891 wpas_pasn_configure_next_peer(wpa_s, wpa_s->pasn_params);
892 }
893 }
894
895
wpas_pasn_auth_tx_status(struct wpa_supplicant * wpa_s,const u8 * data,size_t data_len,u8 acked)896 int wpas_pasn_auth_tx_status(struct wpa_supplicant *wpa_s,
897 const u8 *data, size_t data_len, u8 acked)
898
899 {
900 struct pasn_data *pasn = &wpa_s->pasn;
901 int ret;
902
903 if (!wpa_s->pasn_auth_work) {
904 wpa_printf(MSG_DEBUG,
905 "PASN: auth_tx_status: no work in progress");
906 return -1;
907 }
908
909 ret = wpa_pasn_auth_tx_status(pasn, data, data_len, acked);
910 if (ret != 1)
911 return ret;
912
913 if (!wpa_s->pasn_params) {
914 wpas_pasn_auth_stop(wpa_s);
915 return 0;
916 }
917
918 wpas_pasn_set_keys_from_cache(wpa_s, pasn->own_addr, pasn->peer_addr,
919 pasn_get_cipher(pasn),
920 pasn_get_akmp(pasn));
921 wpas_pasn_auth_stop(wpa_s);
922 wpas_pasn_auth_work_done(wpa_s, PASN_STATUS_SUCCESS);
923
924 return 0;
925 }
926
927
wpas_pasn_deauthenticate(struct wpa_supplicant * wpa_s,const u8 * own_addr,const u8 * peer_addr)928 int wpas_pasn_deauthenticate(struct wpa_supplicant *wpa_s, const u8 *own_addr,
929 const u8 *peer_addr)
930 {
931 struct wpa_bss *bss;
932 struct wpabuf *buf;
933 struct ieee80211_mgmt *deauth;
934 int ret;
935
936 if (ether_addr_equal(wpa_s->bssid, peer_addr)) {
937 wpa_printf(MSG_DEBUG,
938 "PASN: Cannot deauthenticate from current BSS");
939 return -1;
940 }
941
942 wpa_drv_set_secure_ranging_ctx(wpa_s, own_addr, peer_addr, 0, 0, NULL,
943 0, NULL, 1);
944
945 wpa_printf(MSG_DEBUG, "PASN: deauth: Flushing all PTKSA entries for "
946 MACSTR_SEC, MAC2STR_SEC(peer_addr));
947 ptksa_cache_flush(wpa_s->ptksa, peer_addr, WPA_CIPHER_NONE);
948
949 bss = wpa_bss_get_bssid(wpa_s, peer_addr);
950 if (!bss) {
951 wpa_printf(MSG_DEBUG, "PASN: deauth: BSS not found");
952 return -1;
953 }
954
955 buf = wpabuf_alloc(64);
956 if (!buf) {
957 wpa_printf(MSG_DEBUG, "PASN: deauth: Failed wpabuf allocate");
958 return -1;
959 }
960
961 deauth = wpabuf_put(buf, offsetof(struct ieee80211_mgmt,
962 u.deauth.variable));
963
964 deauth->frame_control = host_to_le16((WLAN_FC_TYPE_MGMT << 2) |
965 (WLAN_FC_STYPE_DEAUTH << 4));
966
967 os_memcpy(deauth->da, peer_addr, ETH_ALEN);
968 os_memcpy(deauth->sa, own_addr, ETH_ALEN);
969 os_memcpy(deauth->bssid, peer_addr, ETH_ALEN);
970 deauth->u.deauth.reason_code =
971 host_to_le16(WLAN_REASON_PREV_AUTH_NOT_VALID);
972
973 /*
974 * Since we do not expect any response from the AP, implement the
975 * Deauthentication frame transmission using direct call to the driver
976 * without a radio work.
977 */
978 ret = wpa_drv_send_mlme(wpa_s, wpabuf_head(buf), wpabuf_len(buf), 1,
979 bss->freq, 0);
980
981 wpabuf_free(buf);
982 wpa_printf(MSG_DEBUG, "PASN: deauth: send_mlme ret=%d", ret);
983
984 return ret;
985 }
986