1 /*
2 * hostapd - WPA/RSN IE and KDE definitions
3 * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10
11 #include "utils/common.h"
12 #include "common/ieee802_11_defs.h"
13 #include "eapol_auth/eapol_auth_sm.h"
14 #include "ap_config.h"
15 #include "ieee802_11.h"
16 #include "wpa_auth.h"
17 #include "pmksa_cache_auth.h"
18 #include "wpa_auth_ie.h"
19 #include "wpa_auth_i.h"
20
21
22 #ifdef CONFIG_RSN_TESTING
23 int rsn_testing = 0;
24 #endif /* CONFIG_RSN_TESTING */
25
26
wpa_write_wpa_ie(struct wpa_auth_config * conf,u8 * buf,size_t len)27 static int wpa_write_wpa_ie(struct wpa_auth_config *conf, u8 *buf, size_t len)
28 {
29 struct wpa_ie_hdr *hdr;
30 int num_suites;
31 u8 *pos, *count;
32 u32 suite;
33
34 hdr = (struct wpa_ie_hdr *) buf;
35 hdr->elem_id = WLAN_EID_VENDOR_SPECIFIC;
36 RSN_SELECTOR_PUT(hdr->oui, WPA_OUI_TYPE);
37 WPA_PUT_LE16(hdr->version, WPA_VERSION);
38 pos = (u8 *) (hdr + 1);
39
40 suite = wpa_cipher_to_suite(WPA_PROTO_WPA, conf->wpa_group);
41 if (suite == 0) {
42 wpa_printf(MSG_DEBUG, "Invalid group cipher (%d).",
43 conf->wpa_group);
44 return -1;
45 }
46 RSN_SELECTOR_PUT(pos, suite);
47 pos += WPA_SELECTOR_LEN;
48
49 count = pos;
50 pos += 2;
51
52 num_suites = wpa_cipher_put_suites(pos, conf->wpa_pairwise);
53 if (num_suites == 0) {
54 wpa_printf(MSG_DEBUG, "Invalid pairwise cipher (%d).",
55 conf->wpa_pairwise);
56 return -1;
57 }
58 pos += num_suites * WPA_SELECTOR_LEN;
59 WPA_PUT_LE16(count, num_suites);
60
61 num_suites = 0;
62 count = pos;
63 pos += 2;
64
65 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
66 RSN_SELECTOR_PUT(pos, WPA_AUTH_KEY_MGMT_UNSPEC_802_1X);
67 pos += WPA_SELECTOR_LEN;
68 num_suites++;
69 }
70 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
71 RSN_SELECTOR_PUT(pos, WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X);
72 pos += WPA_SELECTOR_LEN;
73 num_suites++;
74 }
75
76 if (num_suites == 0) {
77 wpa_printf(MSG_DEBUG, "Invalid key management type (%d).",
78 conf->wpa_key_mgmt);
79 return -1;
80 }
81 WPA_PUT_LE16(count, num_suites);
82
83 /* WPA Capabilities; use defaults, so no need to include it */
84
85 hdr->len = (pos - buf) - 2;
86
87 return pos - buf;
88 }
89
90
wpa_write_rsn_ie(struct wpa_auth_config * conf,u8 * buf,size_t len,const u8 * pmkid)91 int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
92 const u8 *pmkid)
93 {
94 struct rsn_ie_hdr *hdr;
95 int num_suites, res;
96 u8 *pos, *count;
97 u16 capab;
98 u32 suite;
99
100 hdr = (struct rsn_ie_hdr *) buf;
101 hdr->elem_id = WLAN_EID_RSN;
102 WPA_PUT_LE16(hdr->version, RSN_VERSION);
103 pos = (u8 *) (hdr + 1);
104
105 suite = wpa_cipher_to_suite(WPA_PROTO_RSN, conf->wpa_group);
106 if (suite == 0) {
107 wpa_printf(MSG_DEBUG, "Invalid group cipher (%d).",
108 conf->wpa_group);
109 return -1;
110 }
111 RSN_SELECTOR_PUT(pos, suite);
112 pos += RSN_SELECTOR_LEN;
113
114 num_suites = 0;
115 count = pos;
116 pos += 2;
117
118 #ifdef CONFIG_RSN_TESTING
119 if (rsn_testing) {
120 RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 1));
121 pos += RSN_SELECTOR_LEN;
122 num_suites++;
123 }
124 #endif /* CONFIG_RSN_TESTING */
125
126 res = rsn_cipher_put_suites(pos, conf->rsn_pairwise);
127 num_suites += res;
128 pos += res * RSN_SELECTOR_LEN;
129
130 #ifdef CONFIG_RSN_TESTING
131 if (rsn_testing) {
132 RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 2));
133 pos += RSN_SELECTOR_LEN;
134 num_suites++;
135 }
136 #endif /* CONFIG_RSN_TESTING */
137
138 if (num_suites == 0) {
139 wpa_printf(MSG_DEBUG, "Invalid pairwise cipher (%d).",
140 conf->rsn_pairwise);
141 return -1;
142 }
143 WPA_PUT_LE16(count, num_suites);
144
145 num_suites = 0;
146 count = pos;
147 pos += 2;
148
149 #ifdef CONFIG_RSN_TESTING
150 if (rsn_testing) {
151 RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 1));
152 pos += RSN_SELECTOR_LEN;
153 num_suites++;
154 }
155 #endif /* CONFIG_RSN_TESTING */
156
157 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
158 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_UNSPEC_802_1X);
159 pos += RSN_SELECTOR_LEN;
160 num_suites++;
161 }
162 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
163 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X);
164 pos += RSN_SELECTOR_LEN;
165 num_suites++;
166 }
167 #ifdef CONFIG_IEEE80211R_AP
168 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
169 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_802_1X);
170 pos += RSN_SELECTOR_LEN;
171 num_suites++;
172 }
173 #ifdef CONFIG_SHA384
174 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) {
175 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_802_1X_SHA384);
176 pos += RSN_SELECTOR_LEN;
177 num_suites++;
178 }
179 #endif /* CONFIG_SHA384 */
180 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) {
181 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_PSK);
182 pos += RSN_SELECTOR_LEN;
183 num_suites++;
184 }
185 #endif /* CONFIG_IEEE80211R_AP */
186 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
187 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SHA256);
188 pos += RSN_SELECTOR_LEN;
189 num_suites++;
190 }
191 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
192 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_SHA256);
193 pos += RSN_SELECTOR_LEN;
194 num_suites++;
195 }
196 #ifdef CONFIG_SAE
197 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) {
198 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_SAE);
199 pos += RSN_SELECTOR_LEN;
200 num_suites++;
201 }
202 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) {
203 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_SAE);
204 pos += RSN_SELECTOR_LEN;
205 num_suites++;
206 }
207 #endif /* CONFIG_SAE */
208 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
209 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SUITE_B);
210 pos += RSN_SELECTOR_LEN;
211 num_suites++;
212 }
213 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
214 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192);
215 pos += RSN_SELECTOR_LEN;
216 num_suites++;
217 }
218 #ifdef CONFIG_FILS
219 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FILS_SHA256) {
220 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FILS_SHA256);
221 pos += RSN_SELECTOR_LEN;
222 num_suites++;
223 }
224 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FILS_SHA384) {
225 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FILS_SHA384);
226 pos += RSN_SELECTOR_LEN;
227 num_suites++;
228 }
229 #ifdef CONFIG_IEEE80211R_AP
230 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256) {
231 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_FILS_SHA256);
232 pos += RSN_SELECTOR_LEN;
233 num_suites++;
234 }
235 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384) {
236 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_FILS_SHA384);
237 pos += RSN_SELECTOR_LEN;
238 num_suites++;
239 }
240 #endif /* CONFIG_IEEE80211R_AP */
241 #endif /* CONFIG_FILS */
242 #ifdef CONFIG_OWE
243 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) {
244 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_OWE);
245 pos += RSN_SELECTOR_LEN;
246 num_suites++;
247 }
248 #endif /* CONFIG_OWE */
249 #ifdef CONFIG_DPP
250 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) {
251 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_DPP);
252 pos += RSN_SELECTOR_LEN;
253 num_suites++;
254 }
255 #endif /* CONFIG_DPP */
256 #ifdef CONFIG_HS20
257 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_OSEN) {
258 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_OSEN);
259 pos += RSN_SELECTOR_LEN;
260 num_suites++;
261 }
262 #endif /* CONFIG_HS20 */
263
264 #ifdef CONFIG_RSN_TESTING
265 if (rsn_testing) {
266 RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 2));
267 pos += RSN_SELECTOR_LEN;
268 num_suites++;
269 }
270 #endif /* CONFIG_RSN_TESTING */
271
272 if (num_suites == 0) {
273 wpa_printf(MSG_DEBUG, "Invalid key management type (%d).",
274 conf->wpa_key_mgmt);
275 return -1;
276 }
277 WPA_PUT_LE16(count, num_suites);
278
279 /* RSN Capabilities */
280 capab = 0;
281 if (conf->rsn_preauth)
282 capab |= WPA_CAPABILITY_PREAUTH;
283 if (conf->wmm_enabled) {
284 /* 4 PTKSA replay counters when using WMM */
285 capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
286 }
287 if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
288 capab |= WPA_CAPABILITY_MFPC;
289 if (conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED)
290 capab |= WPA_CAPABILITY_MFPR;
291 }
292 #ifdef CONFIG_OCV
293 if (conf->ocv)
294 capab |= WPA_CAPABILITY_OCVC;
295 #endif /* CONFIG_OCV */
296 #ifdef CONFIG_RSN_TESTING
297 if (rsn_testing)
298 capab |= BIT(8) | BIT(15);
299 #endif /* CONFIG_RSN_TESTING */
300 if (conf->extended_key_id)
301 capab |= WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST;
302 WPA_PUT_LE16(pos, capab);
303 pos += 2;
304
305 if (pmkid) {
306 if (2 + PMKID_LEN > buf + len - pos)
307 return -1;
308 /* PMKID Count */
309 WPA_PUT_LE16(pos, 1);
310 pos += 2;
311 os_memcpy(pos, pmkid, PMKID_LEN);
312 pos += PMKID_LEN;
313 }
314
315 if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION &&
316 conf->group_mgmt_cipher != WPA_CIPHER_AES_128_CMAC) {
317 if (2 + 4 > buf + len - pos)
318 return -1;
319 if (pmkid == NULL) {
320 /* PMKID Count */
321 WPA_PUT_LE16(pos, 0);
322 pos += 2;
323 }
324
325 /* Management Group Cipher Suite */
326 switch (conf->group_mgmt_cipher) {
327 case WPA_CIPHER_AES_128_CMAC:
328 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC);
329 break;
330 case WPA_CIPHER_BIP_GMAC_128:
331 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_BIP_GMAC_128);
332 break;
333 case WPA_CIPHER_BIP_GMAC_256:
334 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_BIP_GMAC_256);
335 break;
336 case WPA_CIPHER_BIP_CMAC_256:
337 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_BIP_CMAC_256);
338 break;
339 default:
340 wpa_printf(MSG_DEBUG,
341 "Invalid group management cipher (0x%x)",
342 conf->group_mgmt_cipher);
343 return -1;
344 }
345 pos += RSN_SELECTOR_LEN;
346 }
347
348 #ifdef CONFIG_RSN_TESTING
349 if (rsn_testing) {
350 /*
351 * Fill in any defined fields and add extra data to the end of
352 * the element.
353 */
354 int pmkid_count_set = pmkid != NULL;
355 if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION)
356 pmkid_count_set = 1;
357 /* PMKID Count */
358 WPA_PUT_LE16(pos, 0);
359 pos += 2;
360 if (conf->ieee80211w == NO_MGMT_FRAME_PROTECTION) {
361 /* Management Group Cipher Suite */
362 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC);
363 pos += RSN_SELECTOR_LEN;
364 }
365
366 os_memset(pos, 0x12, 17);
367 pos += 17;
368 }
369 #endif /* CONFIG_RSN_TESTING */
370
371 hdr->len = (pos - buf) - 2;
372
373 return pos - buf;
374 }
375
376
wpa_write_rsnxe(struct wpa_auth_config * conf,u8 * buf,size_t len)377 int wpa_write_rsnxe(struct wpa_auth_config *conf, u8 *buf, size_t len)
378 {
379 u8 *pos = buf;
380
381 if (conf->sae_pwe != 1 && conf->sae_pwe != 2)
382 return 0; /* no supported extended RSN capabilities */
383
384 if (len < 3)
385 return -1;
386
387 *pos++ = WLAN_EID_RSNX;
388 *pos++ = 1;
389 /* bits 0-3 = 0 since only one octet of Extended RSN Capabilities is
390 * used for now */
391 *pos++ = BIT(WLAN_RSNX_CAPAB_SAE_H2E);
392
393 return pos - buf;
394 }
395
396
wpa_write_osen(struct wpa_auth_config * conf,u8 * eid)397 static u8 * wpa_write_osen(struct wpa_auth_config *conf, u8 *eid)
398 {
399 u8 *len;
400 u16 capab;
401
402 *eid++ = WLAN_EID_VENDOR_SPECIFIC;
403 len = eid++; /* to be filled */
404 WPA_PUT_BE24(eid, OUI_WFA);
405 eid += 3;
406 *eid++ = HS20_OSEN_OUI_TYPE;
407
408 /* Group Data Cipher Suite */
409 RSN_SELECTOR_PUT(eid, RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED);
410 eid += RSN_SELECTOR_LEN;
411
412 /* Pairwise Cipher Suite Count and List */
413 WPA_PUT_LE16(eid, 1);
414 eid += 2;
415 RSN_SELECTOR_PUT(eid, RSN_CIPHER_SUITE_CCMP);
416 eid += RSN_SELECTOR_LEN;
417
418 /* AKM Suite Count and List */
419 WPA_PUT_LE16(eid, 1);
420 eid += 2;
421 RSN_SELECTOR_PUT(eid, RSN_AUTH_KEY_MGMT_OSEN);
422 eid += RSN_SELECTOR_LEN;
423
424 /* RSN Capabilities */
425 capab = 0;
426 if (conf->wmm_enabled) {
427 /* 4 PTKSA replay counters when using WMM */
428 capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
429 }
430 if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
431 capab |= WPA_CAPABILITY_MFPC;
432 if (conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED)
433 capab |= WPA_CAPABILITY_MFPR;
434 }
435 #ifdef CONFIG_OCV
436 if (conf->ocv)
437 capab |= WPA_CAPABILITY_OCVC;
438 #endif /* CONFIG_OCV */
439 WPA_PUT_LE16(eid, capab);
440 eid += 2;
441
442 *len = eid - len - 1;
443
444 return eid;
445 }
446
447
wpa_auth_gen_wpa_ie(struct wpa_authenticator * wpa_auth)448 int wpa_auth_gen_wpa_ie(struct wpa_authenticator *wpa_auth)
449 {
450 u8 *pos, buf[128];
451 int res;
452
453 #ifdef CONFIG_TESTING_OPTIONS
454 if (wpa_auth->conf.own_ie_override_len) {
455 wpa_hexdump(MSG_DEBUG, "WPA: Forced own IE(s) for testing",
456 wpa_auth->conf.own_ie_override,
457 wpa_auth->conf.own_ie_override_len);
458 os_free(wpa_auth->wpa_ie);
459 wpa_auth->wpa_ie =
460 os_malloc(wpa_auth->conf.own_ie_override_len);
461 if (wpa_auth->wpa_ie == NULL)
462 return -1;
463 os_memcpy(wpa_auth->wpa_ie, wpa_auth->conf.own_ie_override,
464 wpa_auth->conf.own_ie_override_len);
465 wpa_auth->wpa_ie_len = wpa_auth->conf.own_ie_override_len;
466 return 0;
467 }
468 #endif /* CONFIG_TESTING_OPTIONS */
469
470 pos = buf;
471
472 if (wpa_auth->conf.wpa == WPA_PROTO_OSEN) {
473 pos = wpa_write_osen(&wpa_auth->conf, pos);
474 }
475 if (wpa_auth->conf.wpa & WPA_PROTO_RSN) {
476 res = wpa_write_rsn_ie(&wpa_auth->conf,
477 pos, buf + sizeof(buf) - pos, NULL);
478 if (res < 0)
479 return res;
480 pos += res;
481 res = wpa_write_rsnxe(&wpa_auth->conf, pos,
482 buf + sizeof(buf) - pos);
483 if (res < 0)
484 return res;
485 pos += res;
486 }
487 #ifdef CONFIG_IEEE80211R_AP
488 if (wpa_key_mgmt_ft(wpa_auth->conf.wpa_key_mgmt)) {
489 res = wpa_write_mdie(&wpa_auth->conf, pos,
490 buf + sizeof(buf) - pos);
491 if (res < 0)
492 return res;
493 pos += res;
494 }
495 #endif /* CONFIG_IEEE80211R_AP */
496 if (wpa_auth->conf.wpa & WPA_PROTO_WPA) {
497 res = wpa_write_wpa_ie(&wpa_auth->conf,
498 pos, buf + sizeof(buf) - pos);
499 if (res < 0)
500 return res;
501 pos += res;
502 }
503
504 os_free(wpa_auth->wpa_ie);
505 wpa_auth->wpa_ie = os_malloc(pos - buf);
506 if (wpa_auth->wpa_ie == NULL)
507 return -1;
508 os_memcpy(wpa_auth->wpa_ie, buf, pos - buf);
509 wpa_auth->wpa_ie_len = pos - buf;
510
511 return 0;
512 }
513
514
wpa_add_kde(u8 * pos,u32 kde,const u8 * data,size_t data_len,const u8 * data2,size_t data2_len)515 u8 * wpa_add_kde(u8 *pos, u32 kde, const u8 *data, size_t data_len,
516 const u8 *data2, size_t data2_len)
517 {
518 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
519 *pos++ = RSN_SELECTOR_LEN + data_len + data2_len;
520 RSN_SELECTOR_PUT(pos, kde);
521 pos += RSN_SELECTOR_LEN;
522 os_memcpy(pos, data, data_len);
523 pos += data_len;
524 if (data2) {
525 os_memcpy(pos, data2, data2_len);
526 pos += data2_len;
527 }
528 return pos;
529 }
530
531
532 struct wpa_auth_okc_iter_data {
533 struct rsn_pmksa_cache_entry *pmksa;
534 const u8 *aa;
535 const u8 *spa;
536 const u8 *pmkid;
537 };
538
539
wpa_auth_okc_iter(struct wpa_authenticator * a,void * ctx)540 static int wpa_auth_okc_iter(struct wpa_authenticator *a, void *ctx)
541 {
542 struct wpa_auth_okc_iter_data *data = ctx;
543 data->pmksa = pmksa_cache_get_okc(a->pmksa, data->aa, data->spa,
544 data->pmkid);
545 if (data->pmksa)
546 return 1;
547 return 0;
548 }
549
550
551 enum wpa_validate_result
wpa_validate_wpa_ie(struct wpa_authenticator * wpa_auth,struct wpa_state_machine * sm,int freq,const u8 * wpa_ie,size_t wpa_ie_len,const u8 * rsnxe,size_t rsnxe_len,const u8 * mdie,size_t mdie_len,const u8 * owe_dh,size_t owe_dh_len)552 wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
553 struct wpa_state_machine *sm, int freq,
554 const u8 *wpa_ie, size_t wpa_ie_len,
555 const u8 *rsnxe, size_t rsnxe_len,
556 const u8 *mdie, size_t mdie_len,
557 const u8 *owe_dh, size_t owe_dh_len)
558 {
559 struct wpa_auth_config *conf = &wpa_auth->conf;
560 struct wpa_ie_data data;
561 int ciphers, key_mgmt, res, version;
562 u32 selector;
563 size_t i;
564 const u8 *pmkid = NULL;
565
566 if (wpa_auth == NULL || sm == NULL)
567 return WPA_NOT_ENABLED;
568
569 if (wpa_ie == NULL || wpa_ie_len < 1)
570 return WPA_INVALID_IE;
571
572 if (wpa_ie[0] == WLAN_EID_RSN)
573 version = WPA_PROTO_RSN;
574 else
575 version = WPA_PROTO_WPA;
576
577 if (!(wpa_auth->conf.wpa & version)) {
578 wpa_printf(MSG_DEBUG, "Invalid WPA proto (%d) from " MACSTR,
579 version, MAC2STR(sm->addr));
580 return WPA_INVALID_PROTO;
581 }
582
583 if (version == WPA_PROTO_RSN) {
584 res = wpa_parse_wpa_ie_rsn(wpa_ie, wpa_ie_len, &data);
585 if (!data.has_pairwise)
586 data.pairwise_cipher = wpa_default_rsn_cipher(freq);
587 if (!data.has_group)
588 data.group_cipher = wpa_default_rsn_cipher(freq);
589
590 if (wpa_key_mgmt_ft(data.key_mgmt) && !mdie &&
591 !wpa_key_mgmt_only_ft(data.key_mgmt)) {
592 /* Workaround for some HP and Epson printers that seem
593 * to incorrectly copy the FT-PSK + WPA-PSK AKMs from AP
594 * advertised RSNE to Association Request frame. */
595 wpa_printf(MSG_DEBUG,
596 "RSN: FT set in RSNE AKM but MDE is missing from "
597 MACSTR
598 " - ignore FT AKM(s) because there's also a non-FT AKM",
599 MAC2STR(sm->addr));
600 data.key_mgmt &= ~WPA_KEY_MGMT_FT;
601 }
602
603 selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
604 if (0) {
605 }
606 else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
607 selector = RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192;
608 else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B)
609 selector = RSN_AUTH_KEY_MGMT_802_1X_SUITE_B;
610 #ifdef CONFIG_FILS
611 #ifdef CONFIG_IEEE80211R_AP
612 else if (data.key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384)
613 selector = RSN_AUTH_KEY_MGMT_FT_FILS_SHA384;
614 else if (data.key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256)
615 selector = RSN_AUTH_KEY_MGMT_FT_FILS_SHA256;
616 #endif /* CONFIG_IEEE80211R_AP */
617 else if (data.key_mgmt & WPA_KEY_MGMT_FILS_SHA384)
618 selector = RSN_AUTH_KEY_MGMT_FILS_SHA384;
619 else if (data.key_mgmt & WPA_KEY_MGMT_FILS_SHA256)
620 selector = RSN_AUTH_KEY_MGMT_FILS_SHA256;
621 #endif /* CONFIG_FILS */
622 #ifdef CONFIG_IEEE80211R_AP
623 #ifdef CONFIG_SHA384
624 else if (data.key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384)
625 selector = RSN_AUTH_KEY_MGMT_FT_802_1X_SHA384;
626 #endif /* CONFIG_SHA384 */
627 else if (data.key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
628 selector = RSN_AUTH_KEY_MGMT_FT_802_1X;
629 else if (data.key_mgmt & WPA_KEY_MGMT_FT_PSK)
630 selector = RSN_AUTH_KEY_MGMT_FT_PSK;
631 #endif /* CONFIG_IEEE80211R_AP */
632 else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
633 selector = RSN_AUTH_KEY_MGMT_802_1X_SHA256;
634 else if (data.key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
635 selector = RSN_AUTH_KEY_MGMT_PSK_SHA256;
636 #ifdef CONFIG_SAE
637 else if (data.key_mgmt & WPA_KEY_MGMT_SAE)
638 selector = RSN_AUTH_KEY_MGMT_SAE;
639 else if (data.key_mgmt & WPA_KEY_MGMT_FT_SAE)
640 selector = RSN_AUTH_KEY_MGMT_FT_SAE;
641 #endif /* CONFIG_SAE */
642 else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
643 selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
644 else if (data.key_mgmt & WPA_KEY_MGMT_PSK)
645 selector = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X;
646 #ifdef CONFIG_OWE
647 else if (data.key_mgmt & WPA_KEY_MGMT_OWE)
648 selector = RSN_AUTH_KEY_MGMT_OWE;
649 #endif /* CONFIG_OWE */
650 #ifdef CONFIG_DPP
651 else if (data.key_mgmt & WPA_KEY_MGMT_DPP)
652 selector = RSN_AUTH_KEY_MGMT_DPP;
653 #endif /* CONFIG_DPP */
654 #ifdef CONFIG_HS20
655 else if (data.key_mgmt & WPA_KEY_MGMT_OSEN)
656 selector = RSN_AUTH_KEY_MGMT_OSEN;
657 #endif /* CONFIG_HS20 */
658 wpa_auth->dot11RSNAAuthenticationSuiteSelected = selector;
659
660 selector = wpa_cipher_to_suite(WPA_PROTO_RSN,
661 data.pairwise_cipher);
662 if (!selector)
663 selector = RSN_CIPHER_SUITE_CCMP;
664 wpa_auth->dot11RSNAPairwiseCipherSelected = selector;
665
666 selector = wpa_cipher_to_suite(WPA_PROTO_RSN,
667 data.group_cipher);
668 if (!selector)
669 selector = RSN_CIPHER_SUITE_CCMP;
670 wpa_auth->dot11RSNAGroupCipherSelected = selector;
671 } else {
672 res = wpa_parse_wpa_ie_wpa(wpa_ie, wpa_ie_len, &data);
673
674 selector = WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
675 if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
676 selector = WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
677 else if (data.key_mgmt & WPA_KEY_MGMT_PSK)
678 selector = WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X;
679 wpa_auth->dot11RSNAAuthenticationSuiteSelected = selector;
680
681 selector = wpa_cipher_to_suite(WPA_PROTO_WPA,
682 data.pairwise_cipher);
683 if (!selector)
684 selector = RSN_CIPHER_SUITE_TKIP;
685 wpa_auth->dot11RSNAPairwiseCipherSelected = selector;
686
687 selector = wpa_cipher_to_suite(WPA_PROTO_WPA,
688 data.group_cipher);
689 if (!selector)
690 selector = WPA_CIPHER_SUITE_TKIP;
691 wpa_auth->dot11RSNAGroupCipherSelected = selector;
692 }
693 if (res) {
694 wpa_printf(MSG_DEBUG, "Failed to parse WPA/RSN IE from "
695 MACSTR " (res=%d)", MAC2STR(sm->addr), res);
696 wpa_hexdump(MSG_DEBUG, "WPA/RSN IE", wpa_ie, wpa_ie_len);
697 return WPA_INVALID_IE;
698 }
699
700 if (data.group_cipher != wpa_auth->conf.wpa_group) {
701 wpa_printf(MSG_DEBUG, "Invalid WPA group cipher (0x%x) from "
702 MACSTR, data.group_cipher, MAC2STR(sm->addr));
703 return WPA_INVALID_GROUP;
704 }
705
706 key_mgmt = data.key_mgmt & wpa_auth->conf.wpa_key_mgmt;
707 if (!key_mgmt) {
708 wpa_printf(MSG_DEBUG, "Invalid WPA key mgmt (0x%x) from "
709 MACSTR, data.key_mgmt, MAC2STR(sm->addr));
710 return WPA_INVALID_AKMP;
711 }
712 if (0) {
713 }
714 else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
715 sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
716 else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B)
717 sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
718 #ifdef CONFIG_FILS
719 #ifdef CONFIG_IEEE80211R_AP
720 else if (key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384)
721 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
722 else if (data.key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256)
723 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
724 #endif /* CONFIG_IEEE80211R_AP */
725 else if (key_mgmt & WPA_KEY_MGMT_FILS_SHA384)
726 sm->wpa_key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
727 else if (key_mgmt & WPA_KEY_MGMT_FILS_SHA256)
728 sm->wpa_key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
729 #endif /* CONFIG_FILS */
730 #ifdef CONFIG_IEEE80211R_AP
731 #ifdef CONFIG_SHA384
732 else if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384)
733 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
734 #endif /* CONFIG_SHA384 */
735 else if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
736 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
737 else if (key_mgmt & WPA_KEY_MGMT_FT_PSK)
738 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_PSK;
739 #endif /* CONFIG_IEEE80211R_AP */
740 else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
741 sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
742 else if (key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
743 sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
744 #ifdef CONFIG_SAE
745 else if (key_mgmt & WPA_KEY_MGMT_SAE)
746 sm->wpa_key_mgmt = WPA_KEY_MGMT_SAE;
747 else if (key_mgmt & WPA_KEY_MGMT_FT_SAE)
748 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_SAE;
749 #endif /* CONFIG_SAE */
750 else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X)
751 sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X;
752 #ifdef CONFIG_OWE
753 else if (key_mgmt & WPA_KEY_MGMT_OWE)
754 sm->wpa_key_mgmt = WPA_KEY_MGMT_OWE;
755 #endif /* CONFIG_OWE */
756 #ifdef CONFIG_DPP
757 else if (key_mgmt & WPA_KEY_MGMT_DPP)
758 sm->wpa_key_mgmt = WPA_KEY_MGMT_DPP;
759 #endif /* CONFIG_DPP */
760 #ifdef CONFIG_HS20
761 else if (key_mgmt & WPA_KEY_MGMT_OSEN)
762 sm->wpa_key_mgmt = WPA_KEY_MGMT_OSEN;
763 #endif /* CONFIG_HS20 */
764 else
765 sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK;
766
767 if (version == WPA_PROTO_RSN)
768 ciphers = data.pairwise_cipher & wpa_auth->conf.rsn_pairwise;
769 else
770 ciphers = data.pairwise_cipher & wpa_auth->conf.wpa_pairwise;
771 if (!ciphers) {
772 wpa_printf(MSG_DEBUG, "Invalid %s pairwise cipher (0x%x) "
773 "from " MACSTR,
774 version == WPA_PROTO_RSN ? "RSN" : "WPA",
775 data.pairwise_cipher, MAC2STR(sm->addr));
776 return WPA_INVALID_PAIRWISE;
777 }
778
779 if (wpa_auth->conf.ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
780 if (!(data.capabilities & WPA_CAPABILITY_MFPC)) {
781 wpa_printf(MSG_DEBUG, "Management frame protection "
782 "required, but client did not enable it");
783 return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
784 }
785
786 if (data.mgmt_group_cipher != wpa_auth->conf.group_mgmt_cipher)
787 {
788 wpa_printf(MSG_DEBUG, "Unsupported management group "
789 "cipher %d", data.mgmt_group_cipher);
790 return WPA_INVALID_MGMT_GROUP_CIPHER;
791 }
792 }
793
794 #ifdef CONFIG_SAE
795 if (wpa_auth->conf.ieee80211w == MGMT_FRAME_PROTECTION_OPTIONAL &&
796 wpa_auth->conf.sae_require_mfp &&
797 wpa_key_mgmt_sae(sm->wpa_key_mgmt) &&
798 !(data.capabilities & WPA_CAPABILITY_MFPC)) {
799 wpa_printf(MSG_DEBUG,
800 "Management frame protection required with SAE, but client did not enable it");
801 return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
802 }
803 #endif /* CONFIG_SAE */
804
805 #ifdef CONFIG_OCV
806 if ((data.capabilities & WPA_CAPABILITY_OCVC) &&
807 !(data.capabilities & WPA_CAPABILITY_MFPC)) {
808 wpa_printf(MSG_DEBUG,
809 "Management frame protection required with OCV, but client did not enable it");
810 return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
811 }
812 wpa_auth_set_ocv(sm, wpa_auth->conf.ocv &&
813 (data.capabilities & WPA_CAPABILITY_OCVC));
814 #endif /* CONFIG_OCV */
815
816 if (wpa_auth->conf.ieee80211w == NO_MGMT_FRAME_PROTECTION ||
817 !(data.capabilities & WPA_CAPABILITY_MFPC))
818 sm->mgmt_frame_prot = 0;
819 else
820 sm->mgmt_frame_prot = 1;
821
822 if (sm->mgmt_frame_prot && (ciphers & WPA_CIPHER_TKIP)) {
823 wpa_printf(MSG_DEBUG,
824 "Management frame protection cannot use TKIP");
825 return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
826 }
827
828 #ifdef CONFIG_IEEE80211R_AP
829 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
830 if (mdie == NULL || mdie_len < MOBILITY_DOMAIN_ID_LEN + 1) {
831 wpa_printf(MSG_DEBUG, "RSN: Trying to use FT, but "
832 "MDIE not included");
833 return WPA_INVALID_MDIE;
834 }
835 if (os_memcmp(mdie, wpa_auth->conf.mobility_domain,
836 MOBILITY_DOMAIN_ID_LEN) != 0) {
837 wpa_hexdump(MSG_DEBUG, "RSN: Attempted to use unknown "
838 "MDIE", mdie, MOBILITY_DOMAIN_ID_LEN);
839 return WPA_INVALID_MDIE;
840 }
841 } else if (mdie != NULL) {
842 wpa_printf(MSG_DEBUG,
843 "RSN: Trying to use non-FT AKM suite, but MDIE included");
844 return WPA_INVALID_AKMP;
845 }
846 #endif /* CONFIG_IEEE80211R_AP */
847
848 #ifdef CONFIG_OWE
849 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE && !owe_dh) {
850 wpa_printf(MSG_DEBUG,
851 "OWE: No Diffie-Hellman Parameter element");
852 return WPA_INVALID_AKMP;
853 }
854 #endif /* CONFIG_OWE */
855
856 #ifdef CONFIG_DPP2
857 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP &&
858 ((conf->dpp_pfs == 1 && !owe_dh) ||
859 (conf->dpp_pfs == 2 && owe_dh))) {
860 wpa_printf(MSG_DEBUG, "DPP: PFS %s",
861 conf->dpp_pfs == 1 ? "required" : "not allowed");
862 return WPA_DENIED_OTHER_REASON;
863 }
864 #endif /* CONFIG_DPP2 */
865
866 sm->pairwise = wpa_pick_pairwise_cipher(ciphers, 0);
867 if (sm->pairwise < 0)
868 return WPA_INVALID_PAIRWISE;
869
870 /* TODO: clear WPA/WPA2 state if STA changes from one to another */
871 if (wpa_ie[0] == WLAN_EID_RSN)
872 sm->wpa = WPA_VERSION_WPA2;
873 else
874 sm->wpa = WPA_VERSION_WPA;
875
876 #if defined(CONFIG_IEEE80211R_AP) && defined(CONFIG_FILS)
877 if ((sm->wpa_key_mgmt == WPA_KEY_MGMT_FT_FILS_SHA256 ||
878 sm->wpa_key_mgmt == WPA_KEY_MGMT_FT_FILS_SHA384) &&
879 (sm->auth_alg == WLAN_AUTH_FILS_SK ||
880 sm->auth_alg == WLAN_AUTH_FILS_SK_PFS ||
881 sm->auth_alg == WLAN_AUTH_FILS_PK) &&
882 (data.num_pmkid != 1 || !data.pmkid || !sm->pmk_r1_name_valid ||
883 os_memcmp_const(data.pmkid, sm->pmk_r1_name,
884 WPA_PMK_NAME_LEN) != 0)) {
885 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
886 "No PMKR1Name match for FILS+FT");
887 return WPA_INVALID_PMKID;
888 }
889 #endif /* CONFIG_IEEE80211R_AP && CONFIG_FILS */
890
891 sm->pmksa = NULL;
892 for (i = 0; i < data.num_pmkid; i++) {
893 wpa_hexdump(MSG_DEBUG, "RSN IE: STA PMKID",
894 &data.pmkid[i * PMKID_LEN], PMKID_LEN);
895 sm->pmksa = pmksa_cache_auth_get(wpa_auth->pmksa, sm->addr,
896 &data.pmkid[i * PMKID_LEN]);
897 if (sm->pmksa) {
898 pmkid = sm->pmksa->pmkid;
899 break;
900 }
901 }
902 for (i = 0; sm->pmksa == NULL && wpa_auth->conf.okc &&
903 i < data.num_pmkid; i++) {
904 struct wpa_auth_okc_iter_data idata;
905 idata.pmksa = NULL;
906 idata.aa = wpa_auth->addr;
907 idata.spa = sm->addr;
908 idata.pmkid = &data.pmkid[i * PMKID_LEN];
909 wpa_auth_for_each_auth(wpa_auth, wpa_auth_okc_iter, &idata);
910 if (idata.pmksa) {
911 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
912 "OKC match for PMKID");
913 sm->pmksa = pmksa_cache_add_okc(wpa_auth->pmksa,
914 idata.pmksa,
915 wpa_auth->addr,
916 idata.pmkid);
917 pmkid = idata.pmkid;
918 break;
919 }
920 }
921 if (sm->pmksa && pmkid) {
922 struct vlan_description *vlan;
923
924 vlan = sm->pmksa->vlan_desc;
925 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
926 "PMKID found from PMKSA cache eap_type=%d vlan=%d%s",
927 sm->pmksa->eap_type_authsrv,
928 vlan ? vlan->untagged : 0,
929 (vlan && vlan->tagged[0]) ? "+" : "");
930 os_memcpy(wpa_auth->dot11RSNAPMKIDUsed, pmkid, PMKID_LEN);
931 }
932
933 #ifdef CONFIG_SAE
934 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_SAE && data.num_pmkid &&
935 !sm->pmksa) {
936 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
937 "No PMKSA cache entry found for SAE");
938 return WPA_INVALID_PMKID;
939 }
940 #endif /* CONFIG_SAE */
941
942 #ifdef CONFIG_DPP
943 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP && !sm->pmksa) {
944 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
945 "No PMKSA cache entry found for DPP");
946 return WPA_INVALID_PMKID;
947 }
948 #endif /* CONFIG_DPP */
949
950 if (conf->extended_key_id && sm->wpa == WPA_VERSION_WPA2 &&
951 sm->pairwise != WPA_CIPHER_TKIP &&
952 (data.capabilities & WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST)) {
953 sm->use_ext_key_id = true;
954 if (conf->extended_key_id == 2 &&
955 !wpa_key_mgmt_ft(sm->wpa_key_mgmt) &&
956 !wpa_key_mgmt_fils(sm->wpa_key_mgmt))
957 sm->keyidx_active = 1;
958 else
959 sm->keyidx_active = 0;
960 wpa_printf(MSG_DEBUG,
961 "RSN: Extended Key ID supported (start with %d)",
962 sm->keyidx_active);
963 } else {
964 sm->use_ext_key_id = false;
965 }
966
967 if (sm->wpa_ie == NULL || sm->wpa_ie_len < wpa_ie_len) {
968 os_free(sm->wpa_ie);
969 sm->wpa_ie = os_malloc(wpa_ie_len);
970 if (sm->wpa_ie == NULL)
971 return WPA_ALLOC_FAIL;
972 }
973 os_memcpy(sm->wpa_ie, wpa_ie, wpa_ie_len);
974 sm->wpa_ie_len = wpa_ie_len;
975
976 if (rsnxe && rsnxe_len) {
977 if (!sm->rsnxe || sm->rsnxe_len < rsnxe_len) {
978 os_free(sm->rsnxe);
979 sm->rsnxe = os_malloc(rsnxe_len);
980 if (!sm->rsnxe)
981 return WPA_ALLOC_FAIL;
982 }
983 os_memcpy(sm->rsnxe, rsnxe, rsnxe_len);
984 sm->rsnxe_len = rsnxe_len;
985 } else {
986 os_free(sm->rsnxe);
987 sm->rsnxe = NULL;
988 sm->rsnxe_len = 0;
989 }
990
991 return WPA_IE_OK;
992 }
993
994
995 #ifdef CONFIG_HS20
wpa_validate_osen(struct wpa_authenticator * wpa_auth,struct wpa_state_machine * sm,const u8 * osen_ie,size_t osen_ie_len)996 int wpa_validate_osen(struct wpa_authenticator *wpa_auth,
997 struct wpa_state_machine *sm,
998 const u8 *osen_ie, size_t osen_ie_len)
999 {
1000 if (wpa_auth == NULL || sm == NULL)
1001 return -1;
1002
1003 /* TODO: parse OSEN element */
1004 sm->wpa_key_mgmt = WPA_KEY_MGMT_OSEN;
1005 sm->mgmt_frame_prot = 1;
1006 sm->pairwise = WPA_CIPHER_CCMP;
1007 sm->wpa = WPA_VERSION_WPA2;
1008
1009 if (sm->wpa_ie == NULL || sm->wpa_ie_len < osen_ie_len) {
1010 os_free(sm->wpa_ie);
1011 sm->wpa_ie = os_malloc(osen_ie_len);
1012 if (sm->wpa_ie == NULL)
1013 return -1;
1014 }
1015
1016 os_memcpy(sm->wpa_ie, osen_ie, osen_ie_len);
1017 sm->wpa_ie_len = osen_ie_len;
1018
1019 return 0;
1020 }
1021
1022 #endif /* CONFIG_HS20 */
1023
1024
wpa_auth_uses_mfp(struct wpa_state_machine * sm)1025 int wpa_auth_uses_mfp(struct wpa_state_machine *sm)
1026 {
1027 return sm ? sm->mgmt_frame_prot : 0;
1028 }
1029
1030
1031 #ifdef CONFIG_OCV
1032
wpa_auth_set_ocv(struct wpa_state_machine * sm,int ocv)1033 void wpa_auth_set_ocv(struct wpa_state_machine *sm, int ocv)
1034 {
1035 if (sm)
1036 sm->ocv_enabled = ocv;
1037 }
1038
1039
wpa_auth_uses_ocv(struct wpa_state_machine * sm)1040 int wpa_auth_uses_ocv(struct wpa_state_machine *sm)
1041 {
1042 return sm ? sm->ocv_enabled : 0;
1043 }
1044
1045 #endif /* CONFIG_OCV */
1046
1047
1048 #ifdef CONFIG_OWE
wpa_auth_write_assoc_resp_owe(struct wpa_state_machine * sm,u8 * pos,size_t max_len,const u8 * req_ies,size_t req_ies_len)1049 u8 * wpa_auth_write_assoc_resp_owe(struct wpa_state_machine *sm,
1050 u8 *pos, size_t max_len,
1051 const u8 *req_ies, size_t req_ies_len)
1052 {
1053 int res;
1054 struct wpa_auth_config *conf;
1055
1056 if (!sm)
1057 return pos;
1058 conf = &sm->wpa_auth->conf;
1059
1060 #ifdef CONFIG_TESTING_OPTIONS
1061 if (conf->own_ie_override_len) {
1062 if (max_len < conf->own_ie_override_len)
1063 return NULL;
1064 wpa_hexdump(MSG_DEBUG, "WPA: Forced own IE(s) for testing",
1065 conf->own_ie_override, conf->own_ie_override_len);
1066 os_memcpy(pos, conf->own_ie_override,
1067 conf->own_ie_override_len);
1068 return pos + conf->own_ie_override_len;
1069 }
1070 #endif /* CONFIG_TESTING_OPTIONS */
1071
1072 res = wpa_write_rsn_ie(conf, pos, max_len,
1073 sm->pmksa ? sm->pmksa->pmkid : NULL);
1074 if (res < 0)
1075 return pos;
1076 return pos + res;
1077 }
1078 #endif /* CONFIG_OWE */
1079
1080
1081 #ifdef CONFIG_FILS
wpa_auth_write_assoc_resp_fils(struct wpa_state_machine * sm,u8 * pos,size_t max_len,const u8 * req_ies,size_t req_ies_len)1082 u8 * wpa_auth_write_assoc_resp_fils(struct wpa_state_machine *sm,
1083 u8 *pos, size_t max_len,
1084 const u8 *req_ies, size_t req_ies_len)
1085 {
1086 int res;
1087
1088 if (!sm ||
1089 sm->wpa_key_mgmt & (WPA_KEY_MGMT_FT_FILS_SHA256 |
1090 WPA_KEY_MGMT_FT_FILS_SHA384))
1091 return pos;
1092
1093 res = wpa_write_rsn_ie(&sm->wpa_auth->conf, pos, max_len, NULL);
1094 if (res < 0)
1095 return pos;
1096 return pos + res;
1097 }
1098 #endif /* CONFIG_FILS */
1099