• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * hostapd - IEEE 802.11i-2004 / WPA Authenticator: Internal definitions
3  * Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi>
4  *
5  * This software may be distributed under the terms of the BSD license.
6  * See README for more details.
7  */
8 
9 #ifndef WPA_AUTH_I_H
10 #define WPA_AUTH_I_H
11 
12 #include "utils/list.h"
13 
14 /* max(dot11RSNAConfigGroupUpdateCount,dot11RSNAConfigPairwiseUpdateCount) */
15 #define RSNA_MAX_EAPOL_RETRIES 4
16 
17 struct wpa_group;
18 
19 struct wpa_state_machine {
20 	struct wpa_authenticator *wpa_auth;
21 	struct wpa_group *group;
22 
23 	u8 addr[ETH_ALEN];
24 	u8 p2p_dev_addr[ETH_ALEN];
25 	u16 auth_alg;
26 
27 	enum {
28 		WPA_PTK_INITIALIZE, WPA_PTK_DISCONNECT, WPA_PTK_DISCONNECTED,
29 		WPA_PTK_AUTHENTICATION, WPA_PTK_AUTHENTICATION2,
30 		WPA_PTK_INITPMK, WPA_PTK_INITPSK, WPA_PTK_PTKSTART,
31 		WPA_PTK_PTKCALCNEGOTIATING, WPA_PTK_PTKCALCNEGOTIATING2,
32 		WPA_PTK_PTKINITNEGOTIATING, WPA_PTK_PTKINITDONE
33 	} wpa_ptk_state;
34 
35 	enum {
36 		WPA_PTK_GROUP_IDLE = 0,
37 		WPA_PTK_GROUP_REKEYNEGOTIATING,
38 		WPA_PTK_GROUP_REKEYESTABLISHED,
39 		WPA_PTK_GROUP_KEYERROR
40 	} wpa_ptk_group_state;
41 
42 	Boolean Init;
43 	Boolean DeauthenticationRequest;
44 	Boolean AuthenticationRequest;
45 	Boolean ReAuthenticationRequest;
46 	Boolean Disconnect;
47 	u16 disconnect_reason; /* specific reason code to use with Disconnect */
48 	u32 TimeoutCtr;
49 	u32 GTimeoutCtr;
50 	Boolean TimeoutEvt;
51 	Boolean EAPOLKeyReceived;
52 	Boolean EAPOLKeyPairwise;
53 	Boolean EAPOLKeyRequest;
54 	Boolean MICVerified;
55 	Boolean GUpdateStationKeys;
56 	u8 ANonce[WPA_NONCE_LEN];
57 	u8 SNonce[WPA_NONCE_LEN];
58 	u8 alt_SNonce[WPA_NONCE_LEN];
59 	u8 alt_replay_counter[WPA_REPLAY_COUNTER_LEN];
60 	u8 PMK[PMK_LEN_MAX];
61 	unsigned int pmk_len;
62 	u8 pmkid[PMKID_LEN]; /* valid if pmkid_set == 1 */
63 	struct wpa_ptk PTK;
64 	Boolean PTK_valid;
65 	Boolean pairwise_set;
66 	Boolean tk_already_set;
67 	int keycount;
68 	Boolean Pair;
69 	struct wpa_key_replay_counter {
70 		u8 counter[WPA_REPLAY_COUNTER_LEN];
71 		Boolean valid;
72 	} key_replay[RSNA_MAX_EAPOL_RETRIES],
73 		prev_key_replay[RSNA_MAX_EAPOL_RETRIES];
74 	Boolean PInitAKeys; /* WPA only, not in IEEE 802.11i */
75 	Boolean PTKRequest; /* not in IEEE 802.11i state machine */
76 	Boolean has_GTK;
77 	Boolean PtkGroupInit; /* init request for PTK Group state machine */
78 
79 	u8 *last_rx_eapol_key; /* starting from IEEE 802.1X header */
80 	size_t last_rx_eapol_key_len;
81 
82 	unsigned int changed:1;
83 	unsigned int in_step_loop:1;
84 	unsigned int pending_deinit:1;
85 	unsigned int started:1;
86 	unsigned int mgmt_frame_prot:1;
87 	unsigned int rx_eapol_key_secure:1;
88 	unsigned int update_snonce:1;
89 	unsigned int alt_snonce_valid:1;
90 #ifdef CONFIG_IEEE80211R_AP
91 	unsigned int ft_completed:1;
92 	unsigned int pmk_r1_name_valid:1;
93 #endif /* CONFIG_IEEE80211R_AP */
94 	unsigned int is_wnmsleep:1;
95 	unsigned int pmkid_set:1;
96 #ifdef CONFIG_OCV
97 	unsigned int ocv_enabled:1;
98 #endif /* CONFIG_OCV */
99 
100 	u8 req_replay_counter[WPA_REPLAY_COUNTER_LEN];
101 	int req_replay_counter_used;
102 
103 	u8 *wpa_ie;
104 	size_t wpa_ie_len;
105 
106 	enum {
107 		WPA_VERSION_NO_WPA = 0 /* WPA not used */,
108 		WPA_VERSION_WPA = 1 /* WPA / IEEE 802.11i/D3.0 */,
109 		WPA_VERSION_WPA2 = 2 /* WPA2 / IEEE 802.11i */
110 	} wpa;
111 	int pairwise; /* Pairwise cipher suite, WPA_CIPHER_* */
112 	int wpa_key_mgmt; /* the selected WPA_KEY_MGMT_* */
113 	struct rsn_pmksa_cache_entry *pmksa;
114 
115 	u32 dot11RSNAStatsTKIPLocalMICFailures;
116 	u32 dot11RSNAStatsTKIPRemoteMICFailures;
117 
118 #ifdef CONFIG_IEEE80211R_AP
119 	u8 xxkey[PMK_LEN_MAX]; /* PSK or the second 256 bits of MSK, or the
120 				* first 384 bits of MSK */
121 	size_t xxkey_len;
122 	u8 pmk_r1_name[WPA_PMK_NAME_LEN]; /* PMKR1Name derived from FT Auth
123 					   * Request */
124 	u8 r0kh_id[FT_R0KH_ID_MAX_LEN]; /* R0KH-ID from FT Auth Request */
125 	size_t r0kh_id_len;
126 	u8 sup_pmk_r1_name[WPA_PMK_NAME_LEN]; /* PMKR1Name from EAPOL-Key
127 					       * message 2/4 */
128 	u8 *assoc_resp_ftie;
129 
130 	void (*ft_pending_cb)(void *ctx, const u8 *dst, const u8 *bssid,
131 			      u16 auth_transaction, u16 status,
132 			      const u8 *ies, size_t ies_len);
133 	void *ft_pending_cb_ctx;
134 	struct wpabuf *ft_pending_req_ies;
135 	u8 ft_pending_pull_nonce[FT_RRB_NONCE_LEN];
136 	u8 ft_pending_auth_transaction;
137 	u8 ft_pending_current_ap[ETH_ALEN];
138 	int ft_pending_pull_left_retries;
139 #endif /* CONFIG_IEEE80211R_AP */
140 
141 	int pending_1_of_4_timeout;
142 
143 #ifdef CONFIG_P2P
144 	u8 ip_addr[4];
145 #endif /* CONFIG_P2P */
146 
147 #ifdef CONFIG_FILS
148 	u8 fils_key_auth_sta[FILS_MAX_KEY_AUTH_LEN];
149 	u8 fils_key_auth_ap[FILS_MAX_KEY_AUTH_LEN];
150 	size_t fils_key_auth_len;
151 	unsigned int fils_completed:1;
152 #endif /* CONFIG_FILS */
153 
154 #ifdef CONFIG_DPP2
155 	struct wpabuf *dpp_z;
156 #endif /* CONFIG_DPP2 */
157 
158 #ifdef CONFIG_TESTING_OPTIONS
159 	void (*eapol_status_cb)(void *ctx1, void *ctx2);
160 	void *eapol_status_cb_ctx1;
161 	void *eapol_status_cb_ctx2;
162 #endif /* CONFIG_TESTING_OPTIONS */
163 };
164 
165 
166 /* per group key state machine data */
167 struct wpa_group {
168 	struct wpa_group *next;
169 	int vlan_id;
170 
171 	Boolean GInit;
172 	int GKeyDoneStations;
173 	Boolean GTKReKey;
174 	int GTK_len;
175 	int GN, GM;
176 	Boolean GTKAuthenticator;
177 	u8 Counter[WPA_NONCE_LEN];
178 
179 	enum {
180 		WPA_GROUP_GTK_INIT = 0,
181 		WPA_GROUP_SETKEYS, WPA_GROUP_SETKEYSDONE,
182 		WPA_GROUP_FATAL_FAILURE
183 	} wpa_group_state;
184 
185 	u8 GMK[WPA_GMK_LEN];
186 	u8 GTK[2][WPA_GTK_MAX_LEN];
187 	u8 GNonce[WPA_NONCE_LEN];
188 	Boolean changed;
189 	Boolean first_sta_seen;
190 	Boolean reject_4way_hs_for_entropy;
191 #ifdef CONFIG_IEEE80211W
192 	u8 IGTK[2][WPA_IGTK_MAX_LEN];
193 	int GN_igtk, GM_igtk;
194 #endif /* CONFIG_IEEE80211W */
195 	/* Number of references except those in struct wpa_group->next */
196 	unsigned int references;
197 	unsigned int num_setup_iface;
198 };
199 
200 
201 struct wpa_ft_pmk_cache;
202 
203 /* per authenticator data */
204 struct wpa_authenticator {
205 	struct wpa_group *group;
206 
207 	unsigned int dot11RSNAStatsTKIPRemoteMICFailures;
208 	u32 dot11RSNAAuthenticationSuiteSelected;
209 	u32 dot11RSNAPairwiseCipherSelected;
210 	u32 dot11RSNAGroupCipherSelected;
211 	u8 dot11RSNAPMKIDUsed[PMKID_LEN];
212 	u32 dot11RSNAAuthenticationSuiteRequested; /* FIX: update */
213 	u32 dot11RSNAPairwiseCipherRequested; /* FIX: update */
214 	u32 dot11RSNAGroupCipherRequested; /* FIX: update */
215 	unsigned int dot11RSNATKIPCounterMeasuresInvoked;
216 	unsigned int dot11RSNA4WayHandshakeFailures;
217 
218 	struct wpa_auth_config conf;
219 	const struct wpa_auth_callbacks *cb;
220 	void *cb_ctx;
221 
222 	u8 *wpa_ie;
223 	size_t wpa_ie_len;
224 
225 	u8 addr[ETH_ALEN];
226 
227 	struct rsn_pmksa_cache *pmksa;
228 	struct wpa_ft_pmk_cache *ft_pmk_cache;
229 
230 #ifdef CONFIG_P2P
231 	struct bitfield *ip_pool;
232 #endif /* CONFIG_P2P */
233 };
234 
235 
236 #ifdef CONFIG_IEEE80211R_AP
237 
238 #define FT_REMOTE_SEQ_BACKLOG 16
239 struct ft_remote_seq_rx {
240 	u32 dom;
241 	struct os_reltime time_offset; /* local time - offset = remote time */
242 
243 	/* accepted sequence numbers: (offset ... offset + 0x40000000]
244 	 *   (except those in last)
245 	 * dropped sequence numbers: (offset - 0x40000000 ... offset]
246 	 * all others trigger SEQ_REQ message (except first message)
247 	 */
248 	u32 last[FT_REMOTE_SEQ_BACKLOG];
249 	unsigned int num_last;
250 	u32 offsetidx;
251 
252 	struct dl_list queue; /* send nonces + rrb msgs awaiting seq resp */
253 };
254 
255 struct ft_remote_seq_tx {
256 	u32 dom; /* non zero if initialized */
257 	u32 seq;
258 };
259 
260 struct ft_remote_seq {
261 	struct ft_remote_seq_rx rx;
262 	struct ft_remote_seq_tx tx;
263 };
264 
265 #endif /* CONFIG_IEEE80211R_AP */
266 
267 
268 int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
269 		     const u8 *pmkid);
270 void wpa_auth_logger(struct wpa_authenticator *wpa_auth, const u8 *addr,
271 		     logger_level level, const char *txt);
272 void wpa_auth_vlogger(struct wpa_authenticator *wpa_auth, const u8 *addr,
273 		      logger_level level, const char *fmt, ...);
274 void __wpa_send_eapol(struct wpa_authenticator *wpa_auth,
275 		      struct wpa_state_machine *sm, int key_info,
276 		      const u8 *key_rsc, const u8 *nonce,
277 		      const u8 *kde, size_t kde_len,
278 		      int keyidx, int encr, int force_version);
279 int wpa_auth_for_each_sta(struct wpa_authenticator *wpa_auth,
280 			  int (*cb)(struct wpa_state_machine *sm, void *ctx),
281 			  void *cb_ctx);
282 int wpa_auth_for_each_auth(struct wpa_authenticator *wpa_auth,
283 			   int (*cb)(struct wpa_authenticator *a, void *ctx),
284 			   void *cb_ctx);
285 
286 #ifdef CONFIG_IEEE80211R_AP
287 int wpa_write_mdie(struct wpa_auth_config *conf, u8 *buf, size_t len);
288 int wpa_write_ftie(struct wpa_auth_config *conf, int use_sha384,
289 		   const u8 *r0kh_id, size_t r0kh_id_len,
290 		   const u8 *anonce, const u8 *snonce,
291 		   u8 *buf, size_t len, const u8 *subelem,
292 		   size_t subelem_len);
293 int wpa_auth_derive_ptk_ft(struct wpa_state_machine *sm, const u8 *pmk,
294 			   struct wpa_ptk *ptk);
295 struct wpa_ft_pmk_cache * wpa_ft_pmk_cache_init(void);
296 void wpa_ft_pmk_cache_deinit(struct wpa_ft_pmk_cache *cache);
297 void wpa_ft_install_ptk(struct wpa_state_machine *sm);
298 int wpa_ft_store_pmk_fils(struct wpa_state_machine *sm, const u8 *pmk_r0,
299 			  const u8 *pmk_r0_name);
300 #endif /* CONFIG_IEEE80211R_AP */
301 
302 #endif /* WPA_AUTH_I_H */
303