34 	struct sta_info *sta = user_data;  in mesh_auth_timer()  local
37 	if (sta->sae->state != SAE_ACCEPTED) {  in mesh_auth_timer()
40 			   MAC2STR(sta->addr), sta->sae_auth_retry);  in mesh_auth_timer()
42 			MAC2STR(sta->addr));  in mesh_auth_timer()
43 		if (sta->sae_auth_retry < MESH_AUTH_RETRY) {  in mesh_auth_timer()
44 			mesh_rsn_auth_sae_sta(wpa_s, sta);  in mesh_auth_timer()
48 			if (sta->sae_auth_retry > MESH_AUTH_RETRY) {  in mesh_auth_timer()
49 				ap_free_sta(hapd, sta);  in mesh_auth_timer()
54 			wpa_mesh_set_plink_state(wpa_s, sta, PLINK_BLOCKED);  in mesh_auth_timer()
55 			sta->sae->state = SAE_NOTHING;  in mesh_auth_timer()
58 				MAC2STR(sta->addr),  in mesh_auth_timer()
61 		sta->sae_auth_retry++;  in mesh_auth_timer()
83 	struct sta_info *sta = ap_get_sta(hapd, addr);  in auth_get_psk()  local
92 	if (sta && sta->auth_alg == WLAN_AUTH_SAE) {  in auth_get_psk()
93 		if (!sta->sae || prev_psk)  in auth_get_psk()
95 		return sta->sae->pmk;  in auth_get_psk()
130 	struct sta_info *sta;  in auth_start_ampe()  local
136 	sta = ap_get_sta(hapd, addr);  in auth_start_ampe()
137 	if (sta)  in auth_start_ampe()
138 		eloop_cancel_timeout(mesh_auth_timer, mesh_rsn->wpa_s, sta);  in auth_start_ampe()
321 				     struct sta_info *sta)  in mesh_rsn_build_sae_commit()  argument
333 	if (mesh_rsn_sae_group(wpa_s, sta->sae) < 0) {  in mesh_rsn_build_sae_commit()
338 	if (sta->sae->tmp && !sta->sae->tmp->pw_id && ssid->sae_password_id) {  in mesh_rsn_build_sae_commit()
339 		sta->sae->tmp->pw_id = os_strdup(ssid->sae_password_id);  in mesh_rsn_build_sae_commit()
340 		if (!sta->sae->tmp->pw_id)  in mesh_rsn_build_sae_commit()
343 	return sae_prepare_commit(wpa_s->own_addr, sta->addr,  in mesh_rsn_build_sae_commit()
346 				  sta->sae);  in mesh_rsn_build_sae_commit()
352 			  struct sta_info *sta)  in mesh_rsn_auth_sae_sta()  argument
366 	if (!sta->sae) {  in mesh_rsn_auth_sae_sta()
367 		sta->sae = os_zalloc(sizeof(*sta->sae));  in mesh_rsn_auth_sae_sta()
368 		if (sta->sae == NULL)  in mesh_rsn_auth_sae_sta()
372 	pmksa = wpa_auth_pmksa_get(hapd->wpa_auth, sta->addr, NULL);  in mesh_rsn_auth_sae_sta()
374 		if (!sta->wpa_sm)  in mesh_rsn_auth_sae_sta()
375 			sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,  in mesh_rsn_auth_sae_sta()
376 							sta->addr, NULL);  in mesh_rsn_auth_sae_sta()
377 		if (!sta->wpa_sm) {  in mesh_rsn_auth_sae_sta()
386 			   MAC2STR(sta->addr));  in mesh_rsn_auth_sae_sta()
387 		wpa_auth_pmksa_set_to_sm(pmksa, sta->wpa_sm, hapd->wpa_auth,  in mesh_rsn_auth_sae_sta()
388 					 sta->sae->pmkid, sta->sae->pmk);  in mesh_rsn_auth_sae_sta()
389 		sae_accept_sta(hapd, sta);  in mesh_rsn_auth_sae_sta()
390 		sta->mesh_sae_pmksa_caching = 1;  in mesh_rsn_auth_sae_sta()
393 	sta->mesh_sae_pmksa_caching = 0;  in mesh_rsn_auth_sae_sta()
395 	if (mesh_rsn_build_sae_commit(wpa_s, ssid, sta))  in mesh_rsn_auth_sae_sta()
400 		MAC2STR(sta->addr));  in mesh_rsn_auth_sae_sta()
402 	ret = auth_sae_init_committed(hapd, sta);  in mesh_rsn_auth_sae_sta()
406 	eloop_cancel_timeout(mesh_auth_timer, wpa_s, sta);  in mesh_rsn_auth_sae_sta()
409 			       wpa_s, sta);  in mesh_rsn_auth_sae_sta()
414 void mesh_rsn_get_pmkid(struct mesh_rsn *rsn, struct sta_info *sta, u8 *pmkid)  in mesh_rsn_get_pmkid()  argument
416 	os_memcpy(pmkid, sta->sae->pmkid, SAE_PMKID_LEN);  in mesh_rsn_get_pmkid()
421 mesh_rsn_derive_aek(struct mesh_rsn *rsn, struct sta_info *sta)  in mesh_rsn_derive_aek()  argument
424 	u8 *peer = sta->addr;  in mesh_rsn_derive_aek()
447 	sha256_prf(sta->sae->pmk, sizeof(sta->sae->pmk), "AEK Derivation",  in mesh_rsn_derive_aek()
448 		   context, sizeof(context), sta->aek, sizeof(sta->aek));  in mesh_rsn_derive_aek()
453 int mesh_rsn_derive_mtk(struct wpa_supplicant *wpa_s, struct sta_info *sta)  in mesh_rsn_derive_mtk()  argument
458 	u8 *peer = sta->addr;  in mesh_rsn_derive_mtk()
468 	if (os_memcmp(sta->my_nonce, sta->peer_nonce, WPA_NONCE_LEN) < 0) {  in mesh_rsn_derive_mtk()
469 		min = sta->my_nonce;  in mesh_rsn_derive_mtk()
470 		max = sta->peer_nonce;  in mesh_rsn_derive_mtk()
472 		min = sta->peer_nonce;  in mesh_rsn_derive_mtk()
473 		max = sta->my_nonce;  in mesh_rsn_derive_mtk()
480 	if (sta->my_lid < sta->peer_lid) {  in mesh_rsn_derive_mtk()
481 		WPA_PUT_LE16(ptr, sta->my_lid);  in mesh_rsn_derive_mtk()
483 		WPA_PUT_LE16(ptr, sta->peer_lid);  in mesh_rsn_derive_mtk()
486 		WPA_PUT_LE16(ptr, sta->peer_lid);  in mesh_rsn_derive_mtk()
488 		WPA_PUT_LE16(ptr, sta->my_lid);  in mesh_rsn_derive_mtk()
507 	sta->mtk_len = wpa_cipher_key_len(wpa_s->mesh_rsn->pairwise_cipher);  in mesh_rsn_derive_mtk()
508 	sha256_prf(sta->sae->pmk, SAE_PMK_LEN,  in mesh_rsn_derive_mtk()
510 		   sta->mtk, sta->mtk_len);  in mesh_rsn_derive_mtk()
515 void mesh_rsn_init_ampe_sta(struct wpa_supplicant *wpa_s, struct sta_info *sta)  in mesh_rsn_init_ampe_sta()  argument
517 	if (random_get_bytes(sta->my_nonce, WPA_NONCE_LEN) < 0) {  in mesh_rsn_init_ampe_sta()
521 	os_memset(sta->peer_nonce, 0, WPA_NONCE_LEN);  in mesh_rsn_init_ampe_sta()
522 	mesh_rsn_derive_aek(wpa_s->mesh_rsn, sta);  in mesh_rsn_init_ampe_sta()
532 int mesh_rsn_protect_frame(struct mesh_rsn *rsn, struct sta_info *sta,  in mesh_rsn_protect_frame()  argument
538 	const u8 *aad[] = { rsn->wpa_s->own_addr, sta->addr, cat };  in mesh_rsn_protect_frame()
567 	os_memcpy(ampe->local_nonce, sta->my_nonce, WPA_NONCE_LEN);  in mesh_rsn_protect_frame()
568 	os_memcpy(ampe->peer_nonce, sta->peer_nonce, WPA_NONCE_LEN);  in mesh_rsn_protect_frame()
614 	if (aes_siv_encrypt(sta->aek, sizeof(sta->aek), ampe_ie, 2 + len, 3,  in mesh_rsn_protect_frame()
626 int mesh_rsn_process_ampe(struct wpa_supplicant *wpa_s, struct sta_info *sta,  in mesh_rsn_process_ampe()  argument
638 	const u8 *aad[] = { sta->addr, wpa_s->own_addr, cat };  in mesh_rsn_process_ampe()
643 	if (!sta->sae) {  in mesh_rsn_process_ampe()
646 		if (!wpa_auth_pmksa_get(hapd->wpa_auth, sta->addr, NULL)) {  in mesh_rsn_process_ampe()
651 		mesh_rsn_auth_sae_sta(wpa_s, sta);  in mesh_rsn_process_ampe()
655 	    (!sta->sae ||  in mesh_rsn_process_ampe()
656 	     os_memcmp(chosen_pmk, sta->sae->pmkid, PMKID_LEN) != 0)) {  in mesh_rsn_process_ampe()
687 	if (aes_siv_decrypt(sta->aek, sizeof(sta->aek), crypt, crypt_len, 3,  in mesh_rsn_process_ampe()
713 	    os_memcmp(ampe->peer_nonce, sta->my_nonce, WPA_NONCE_LEN) != 0) {  in mesh_rsn_process_ampe()
718 	os_memcpy(sta->peer_nonce, ampe->local_nonce,  in mesh_rsn_process_ampe()
750 	sta->mgtk_key_id = 1; /* FIX: Where to get Key ID? */  in mesh_rsn_process_ampe()
757 	sta->mgtk_len = key_len;  in mesh_rsn_process_ampe()
758 	os_memcpy(sta->mgtk, pos, sta->mgtk_len);  in mesh_rsn_process_ampe()
760 			sta->mgtk, sta->mgtk_len);  in mesh_rsn_process_ampe()
761 	pos += sta->mgtk_len;  in mesh_rsn_process_ampe()
764 	os_memcpy(sta->mgtk_rsc, pos, sizeof(sta->mgtk_rsc));  in mesh_rsn_process_ampe()
777 		sta->igtk_key_id = WPA_GET_LE16(pos);  in mesh_rsn_process_ampe()
779 			   sta->igtk_key_id);  in mesh_rsn_process_ampe()
781 		os_memcpy(sta->igtk_rsc, pos, sizeof(sta->igtk_rsc));  in mesh_rsn_process_ampe()
783 			    sta->igtk_rsc, sizeof(sta->igtk_rsc));  in mesh_rsn_process_ampe()
785 		os_memcpy(sta->igtk, pos, key_len);  in mesh_rsn_process_ampe()
786 		sta->igtk_len = key_len;  in mesh_rsn_process_ampe()
788 				sta->igtk, sta->igtk_len);  in mesh_rsn_process_ampe()