Lines Matching refs:sm
38 #define STATE_MACHINE_ADDR sm->addr
42 static int wpa_sm_step(struct wpa_state_machine *sm);
46 static int wpa_aead_decrypt(struct wpa_state_machine *sm, struct wpa_ptk *ptk,
48 static struct wpabuf * fils_prepare_plainbuf(struct wpa_state_machine *sm,
54 static void wpa_request_new_ptk(struct wpa_state_machine *sm);
59 static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *snonce,
68 static int ieee80211w_kde_len(struct wpa_state_machine *sm);
69 static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos);
212 int (*cb)(struct wpa_state_machine *sm, void *ctx), in wpa_auth_for_each_sta() argument
364 struct wpa_state_machine *sm = timeout_ctx; in wpa_rekey_ptk() local
366 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "rekeying PTK"); in wpa_rekey_ptk()
367 wpa_request_new_ptk(sm); in wpa_rekey_ptk()
368 wpa_sm_step(sm); in wpa_rekey_ptk()
372 void wpa_auth_set_ptk_rekey_timer(struct wpa_state_machine *sm) in wpa_auth_set_ptk_rekey_timer() argument
374 if (sm && sm->wpa_auth->conf.wpa_ptk_rekey) { in wpa_auth_set_ptk_rekey_timer()
376 MACSTR " (%d seconds)", MAC2STR(sm->addr), in wpa_auth_set_ptk_rekey_timer()
377 sm->wpa_auth->conf.wpa_ptk_rekey); in wpa_auth_set_ptk_rekey_timer()
378 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm); in wpa_auth_set_ptk_rekey_timer()
379 eloop_register_timeout(sm->wpa_auth->conf.wpa_ptk_rekey, 0, in wpa_auth_set_ptk_rekey_timer()
380 wpa_rekey_ptk, sm->wpa_auth, sm); in wpa_auth_set_ptk_rekey_timer()
385 static int wpa_auth_pmksa_clear_cb(struct wpa_state_machine *sm, void *ctx) in wpa_auth_pmksa_clear_cb() argument
387 if (sm->pmksa == ctx) in wpa_auth_pmksa_clear_cb()
388 sm->pmksa = NULL; in wpa_auth_pmksa_clear_cb()
655 struct wpa_state_machine *sm; in wpa_auth_sta_init() local
660 sm = os_zalloc(sizeof(struct wpa_state_machine)); in wpa_auth_sta_init()
661 if (!sm) in wpa_auth_sta_init()
663 os_memcpy(sm->addr, addr, ETH_ALEN); in wpa_auth_sta_init()
665 os_memcpy(sm->p2p_dev_addr, p2p_dev_addr, ETH_ALEN); in wpa_auth_sta_init()
667 sm->wpa_auth = wpa_auth; in wpa_auth_sta_init()
668 sm->group = wpa_auth->group; in wpa_auth_sta_init()
669 wpa_group_get(sm->wpa_auth, sm->group); in wpa_auth_sta_init()
671 return sm; in wpa_auth_sta_init()
676 struct wpa_state_machine *sm) in wpa_auth_sta_associated() argument
678 if (!wpa_auth || !wpa_auth->conf.wpa || !sm) in wpa_auth_sta_associated()
682 if (sm->ft_completed) { in wpa_auth_sta_associated()
683 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_auth_sta_associated()
686 sm->wpa_ptk_state = WPA_PTK_PTKINITDONE; in wpa_auth_sta_associated()
687 sm->Pair = true; in wpa_auth_sta_associated()
693 if (sm->fils_completed) { in wpa_auth_sta_associated()
694 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_auth_sta_associated()
697 sm->wpa_ptk_state = WPA_PTK_PTKINITDONE; in wpa_auth_sta_associated()
698 sm->Pair = true; in wpa_auth_sta_associated()
703 if (sm->started) { in wpa_auth_sta_associated()
704 os_memset(&sm->key_replay, 0, sizeof(sm->key_replay)); in wpa_auth_sta_associated()
705 sm->ReAuthenticationRequest = true; in wpa_auth_sta_associated()
706 return wpa_sm_step(sm); in wpa_auth_sta_associated()
709 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_auth_sta_associated()
711 sm->started = 1; in wpa_auth_sta_associated()
713 sm->Init = true; in wpa_auth_sta_associated()
714 if (wpa_sm_step(sm) == 1) in wpa_auth_sta_associated()
716 sm->Init = false; in wpa_auth_sta_associated()
717 sm->AuthenticationRequest = true; in wpa_auth_sta_associated()
718 return wpa_sm_step(sm); in wpa_auth_sta_associated()
722 void wpa_auth_sta_no_wpa(struct wpa_state_machine *sm) in wpa_auth_sta_no_wpa() argument
727 if (!sm) in wpa_auth_sta_no_wpa()
730 sm->wpa_key_mgmt = 0; in wpa_auth_sta_no_wpa()
734 static void wpa_free_sta_sm(struct wpa_state_machine *sm) in wpa_free_sta_sm() argument
737 if (WPA_GET_BE32(sm->ip_addr)) { in wpa_free_sta_sm()
742 sm->ip_addr[0], sm->ip_addr[1], in wpa_free_sta_sm()
743 sm->ip_addr[2], sm->ip_addr[3], in wpa_free_sta_sm()
744 MAC2STR(sm->addr)); in wpa_free_sta_sm()
745 start = WPA_GET_BE32(sm->wpa_auth->conf.ip_addr_start); in wpa_free_sta_sm()
746 bitfield_clear(sm->wpa_auth->ip_pool, in wpa_free_sta_sm()
747 WPA_GET_BE32(sm->ip_addr) - start); in wpa_free_sta_sm()
750 if (sm->GUpdateStationKeys) { in wpa_free_sta_sm()
751 sm->group->GKeyDoneStations--; in wpa_free_sta_sm()
752 sm->GUpdateStationKeys = false; in wpa_free_sta_sm()
755 os_free(sm->assoc_resp_ftie); in wpa_free_sta_sm()
756 wpabuf_free(sm->ft_pending_req_ies); in wpa_free_sta_sm()
758 os_free(sm->last_rx_eapol_key); in wpa_free_sta_sm()
759 os_free(sm->wpa_ie); in wpa_free_sta_sm()
760 os_free(sm->rsnxe); in wpa_free_sta_sm()
761 wpa_group_put(sm->wpa_auth, sm->group); in wpa_free_sta_sm()
763 wpabuf_clear_free(sm->dpp_z); in wpa_free_sta_sm()
765 bin_clear_free(sm, sizeof(*sm)); in wpa_free_sta_sm()
769 void wpa_auth_sta_deinit(struct wpa_state_machine *sm) in wpa_auth_sta_deinit() argument
773 if (!sm) in wpa_auth_sta_deinit()
776 wpa_auth = sm->wpa_auth; in wpa_auth_sta_deinit()
777 if (wpa_auth->conf.wpa_strict_rekey && sm->has_GTK) { in wpa_auth_sta_deinit()
778 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_auth_sta_deinit()
786 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm); in wpa_auth_sta_deinit()
787 sm->pending_1_of_4_timeout = 0; in wpa_auth_sta_deinit()
788 eloop_cancel_timeout(wpa_sm_call_step, sm, NULL); in wpa_auth_sta_deinit()
789 eloop_cancel_timeout(wpa_rekey_ptk, wpa_auth, sm); in wpa_auth_sta_deinit()
791 wpa_ft_sta_deinit(sm); in wpa_auth_sta_deinit()
793 if (sm->in_step_loop) { in wpa_auth_sta_deinit()
798 MACSTR, MAC2STR(sm->addr)); in wpa_auth_sta_deinit()
799 sm->pending_deinit = 1; in wpa_auth_sta_deinit()
801 wpa_free_sta_sm(sm); in wpa_auth_sta_deinit()
805 static void wpa_request_new_ptk(struct wpa_state_machine *sm) in wpa_request_new_ptk() argument
807 if (!sm) in wpa_request_new_ptk()
810 if (!sm->use_ext_key_id && sm->wpa_auth->conf.wpa_deny_ptk0_rekey) { in wpa_request_new_ptk()
813 MAC2STR(sm->addr)); in wpa_request_new_ptk()
814 sm->Disconnect = true; in wpa_request_new_ptk()
816 sm->disconnect_reason = in wpa_request_new_ptk()
819 if (sm->use_ext_key_id) in wpa_request_new_ptk()
820 sm->keyidx_active ^= 1; /* flip Key ID */ in wpa_request_new_ptk()
821 sm->PTKRequest = true; in wpa_request_new_ptk()
822 sm->PTK_valid = 0; in wpa_request_new_ptk()
858 struct wpa_state_machine *sm, in ft_check_msg_2_of_4() argument
871 os_memcpy(sm->sup_pmk_r1_name, ie.pmkid, PMKID_LEN); in ft_check_msg_2_of_4()
873 sm->sup_pmk_r1_name, PMKID_LEN); in ft_check_msg_2_of_4()
890 if (sm->assoc_resp_ftie && in ft_check_msg_2_of_4()
891 (kde->ftie[1] != sm->assoc_resp_ftie[1] || in ft_check_msg_2_of_4()
892 os_memcmp(kde->ftie, sm->assoc_resp_ftie, in ft_check_msg_2_of_4()
893 2 + sm->assoc_resp_ftie[1]) != 0)) { in ft_check_msg_2_of_4()
898 sm->assoc_resp_ftie, 2 + sm->assoc_resp_ftie[1]); in ft_check_msg_2_of_4()
908 struct wpa_state_machine *sm, int group) in wpa_receive_error_report() argument
911 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive_error_report()
916 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive_error_report()
918 } else if (!group && sm->pairwise != WPA_CIPHER_TKIP) { in wpa_receive_error_report()
919 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive_error_report()
922 if (wpa_auth_mic_failure_report(wpa_auth, sm->addr) > 0) in wpa_receive_error_report()
924 sm->dot11RSNAStatsTKIPRemoteMICFailures++; in wpa_receive_error_report()
932 wpa_request_new_ptk(sm); in wpa_receive_error_report()
937 static int wpa_try_alt_snonce(struct wpa_state_machine *sm, u8 *data, in wpa_try_alt_snonce() argument
948 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) && in wpa_try_alt_snonce()
949 !wpa_key_mgmt_sae(sm->wpa_key_mgmt)) { in wpa_try_alt_snonce()
950 pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, in wpa_try_alt_snonce()
951 sm->p2p_dev_addr, pmk, &pmk_len, in wpa_try_alt_snonce()
956 if (wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt)) { in wpa_try_alt_snonce()
957 os_memcpy(sm->xxkey, pmk, pmk_len); in wpa_try_alt_snonce()
958 sm->xxkey_len = pmk_len; in wpa_try_alt_snonce()
962 pmk = sm->PMK; in wpa_try_alt_snonce()
963 pmk_len = sm->pmk_len; in wpa_try_alt_snonce()
966 if (wpa_derive_ptk(sm, sm->alt_SNonce, pmk, pmk_len, &PTK, 0) < in wpa_try_alt_snonce()
970 if (wpa_verify_key_mic(sm->wpa_key_mgmt, pmk_len, &PTK, in wpa_try_alt_snonce()
972 if (sm->PMK != pmk) { in wpa_try_alt_snonce()
973 os_memcpy(sm->PMK, pmk, pmk_len); in wpa_try_alt_snonce()
974 sm->pmk_len = pmk_len; in wpa_try_alt_snonce()
980 if (!wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) || in wpa_try_alt_snonce()
981 wpa_key_mgmt_sae(sm->wpa_key_mgmt)) in wpa_try_alt_snonce()
993 sm->alt_snonce_valid = 0; in wpa_try_alt_snonce()
995 if (vlan_id && wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) && in wpa_try_alt_snonce()
996 wpa_auth_update_vlan(sm->wpa_auth, sm->addr, vlan_id) < 0) in wpa_try_alt_snonce()
999 os_memcpy(sm->SNonce, sm->alt_SNonce, WPA_NONCE_LEN); in wpa_try_alt_snonce()
1000 os_memcpy(&sm->PTK, &PTK, sizeof(PTK)); in wpa_try_alt_snonce()
1002 sm->PTK_valid = true; in wpa_try_alt_snonce()
1009 struct wpa_state_machine *sm, in wpa_receive() argument
1022 if (!wpa_auth || !wpa_auth->conf.wpa || !sm) in wpa_receive()
1026 mic_len = wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len); in wpa_receive()
1042 MAC2STR(sm->addr), key_info, key->type, in wpa_receive()
1057 if (sm->wpa == WPA_VERSION_WPA2) { in wpa_receive()
1112 if (sm->pairwise == WPA_CIPHER_CCMP || in wpa_receive()
1113 sm->pairwise == WPA_CIPHER_GCMP) { in wpa_receive()
1114 if (wpa_use_cmac(sm->wpa_key_mgmt) && in wpa_receive()
1115 !wpa_use_akm_defined(sm->wpa_key_mgmt) && in wpa_receive()
1117 wpa_auth_logger(wpa_auth, sm->addr, in wpa_receive()
1123 if (!wpa_use_cmac(sm->wpa_key_mgmt) && in wpa_receive()
1124 !wpa_use_akm_defined(sm->wpa_key_mgmt) && in wpa_receive()
1126 wpa_auth_logger(wpa_auth, sm->addr, in wpa_receive()
1133 if (wpa_use_akm_defined(sm->wpa_key_mgmt) && in wpa_receive()
1135 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_WARNING, in wpa_receive()
1142 if (sm->req_replay_counter_used && in wpa_receive()
1143 os_memcmp(key->replay_counter, sm->req_replay_counter, in wpa_receive()
1145 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_WARNING, in wpa_receive()
1152 !wpa_replay_counter_valid(sm->key_replay, key->replay_counter)) { in wpa_receive()
1156 wpa_replay_counter_valid(sm->prev_key_replay, in wpa_receive()
1158 sm->wpa_ptk_state == WPA_PTK_PTKINITNEGOTIATING && in wpa_receive()
1159 os_memcmp(sm->SNonce, key->key_nonce, WPA_NONCE_LEN) != 0) in wpa_receive()
1168 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_receive()
1170 sm->update_snonce = 1; in wpa_receive()
1171 os_memcpy(sm->alt_SNonce, sm->SNonce, WPA_NONCE_LEN); in wpa_receive()
1172 sm->alt_snonce_valid = true; in wpa_receive()
1173 os_memcpy(sm->alt_replay_counter, in wpa_receive()
1174 sm->key_replay[0].counter, in wpa_receive()
1179 if (msg == PAIRWISE_4 && sm->alt_snonce_valid && in wpa_receive()
1180 sm->wpa_ptk_state == WPA_PTK_PTKINITNEGOTIATING && in wpa_receive()
1181 os_memcmp(key->replay_counter, sm->alt_replay_counter, in wpa_receive()
1188 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_receive()
1194 wpa_replay_counter_valid(sm->prev_key_replay, in wpa_receive()
1196 sm->wpa_ptk_state == WPA_PTK_PTKINITNEGOTIATING) { in wpa_receive()
1197 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_receive()
1201 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_receive()
1206 if (!sm->key_replay[i].valid) in wpa_receive()
1209 sm->key_replay[i].counter, in wpa_receive()
1219 if (sm->wpa == WPA_VERSION_WPA2 && mic_len == 0 && in wpa_receive()
1221 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_receive()
1229 if (sm->wpa_ptk_state != WPA_PTK_PTKSTART && in wpa_receive()
1230 sm->wpa_ptk_state != WPA_PTK_PTKCALCNEGOTIATING && in wpa_receive()
1231 (!sm->update_snonce || in wpa_receive()
1232 sm->wpa_ptk_state != WPA_PTK_PTKINITNEGOTIATING)) { in wpa_receive()
1233 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1235 sm->wpa_ptk_state); in wpa_receive()
1239 if (sm->group->reject_4way_hs_for_entropy) { in wpa_receive()
1252 wpa_sta_disconnect(wpa_auth, sm->addr, in wpa_receive()
1258 if (sm->wpa_ptk_state != WPA_PTK_PTKINITNEGOTIATING || in wpa_receive()
1259 !sm->PTK_valid) { in wpa_receive()
1260 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1262 sm->wpa_ptk_state); in wpa_receive()
1267 if (sm->wpa_ptk_group_state != WPA_PTK_GROUP_REKEYNEGOTIATING in wpa_receive()
1268 || !sm->PTK_valid) { in wpa_receive()
1269 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1271 sm->wpa_ptk_group_state); in wpa_receive()
1279 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_receive()
1283 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1288 if (!wpa_key_mgmt_fils(sm->wpa_key_mgmt) && in wpa_receive()
1290 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1296 if (wpa_key_mgmt_fils(sm->wpa_key_mgmt) && in wpa_receive()
1298 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1304 sm->MICVerified = false; in wpa_receive()
1305 if (sm->PTK_valid && !sm->update_snonce) { in wpa_receive()
1307 wpa_verify_key_mic(sm->wpa_key_mgmt, sm->pmk_len, &sm->PTK, in wpa_receive()
1309 (msg != PAIRWISE_4 || !sm->alt_snonce_valid || in wpa_receive()
1310 wpa_try_alt_snonce(sm, data, data_len))) { in wpa_receive()
1311 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1322 wpa_aead_decrypt(sm, &sm->PTK, data, data_len, in wpa_receive()
1324 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1337 sm->MICVerified = true; in wpa_receive()
1338 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm); in wpa_receive()
1339 sm->pending_1_of_4_timeout = 0; in wpa_receive()
1343 if (sm->MICVerified) { in wpa_receive()
1344 sm->req_replay_counter_used = 1; in wpa_receive()
1345 os_memcpy(sm->req_replay_counter, key->replay_counter, in wpa_receive()
1348 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1360 wpa_auth, sm, in wpa_receive()
1364 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1366 wpa_request_new_ptk(sm); in wpa_receive()
1372 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1379 wpa_replay_counter_mark_invalid(sm->key_replay, in wpa_receive()
1390 os_memcpy(sm->prev_key_replay, sm->key_replay, in wpa_receive()
1391 sizeof(sm->key_replay)); in wpa_receive()
1393 os_memset(sm->prev_key_replay, 0, in wpa_receive()
1394 sizeof(sm->prev_key_replay)); in wpa_receive()
1401 wpa_replay_counter_mark_invalid(sm->key_replay, NULL); in wpa_receive()
1404 os_free(sm->last_rx_eapol_key); in wpa_receive()
1405 sm->last_rx_eapol_key = os_memdup(data, data_len); in wpa_receive()
1406 if (!sm->last_rx_eapol_key) in wpa_receive()
1408 sm->last_rx_eapol_key_len = data_len; in wpa_receive()
1410 sm->rx_eapol_key_secure = !!(key_info & WPA_KEY_INFO_SECURE); in wpa_receive()
1411 sm->EAPOLKeyReceived = true; in wpa_receive()
1412 sm->EAPOLKeyPairwise = !!(key_info & WPA_KEY_INFO_KEY_TYPE); in wpa_receive()
1413 sm->EAPOLKeyRequest = !!(key_info & WPA_KEY_INFO_REQUEST); in wpa_receive()
1414 os_memcpy(sm->SNonce, key->key_nonce, WPA_NONCE_LEN); in wpa_receive()
1415 wpa_sm_step(sm); in wpa_receive()
1470 struct wpa_state_machine *sm = timeout_ctx; in wpa_send_eapol_timeout() local
1472 sm->pending_1_of_4_timeout = 0; in wpa_send_eapol_timeout()
1473 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "EAPOL-Key timeout"); in wpa_send_eapol_timeout()
1474 sm->TimeoutEvt = true; in wpa_send_eapol_timeout()
1475 wpa_sm_step(sm); in wpa_send_eapol_timeout()
1480 struct wpa_state_machine *sm, int key_info, in __wpa_send_eapol() argument
1496 mic_len = wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len); in __wpa_send_eapol()
1503 else if (wpa_use_akm_defined(sm->wpa_key_mgmt)) in __wpa_send_eapol()
1505 else if (wpa_use_cmac(sm->wpa_key_mgmt)) in __wpa_send_eapol()
1507 else if (sm->pairwise != WPA_CIPHER_TKIP) in __wpa_send_eapol()
1526 wpa_use_aes_key_wrap(sm->wpa_key_mgmt) || in __wpa_send_eapol()
1548 key->type = sm->wpa == WPA_VERSION_WPA2 ? in __wpa_send_eapol()
1551 if (encr && sm->wpa == WPA_VERSION_WPA2) in __wpa_send_eapol()
1553 if (sm->wpa != WPA_VERSION_WPA2) in __wpa_send_eapol()
1557 alg = pairwise ? sm->pairwise : conf->wpa_group; in __wpa_send_eapol()
1558 if (sm->wpa == WPA_VERSION_WPA2 && !pairwise) in __wpa_send_eapol()
1564 sm->key_replay[i].valid = sm->key_replay[i - 1].valid; in __wpa_send_eapol()
1565 os_memcpy(sm->key_replay[i].counter, in __wpa_send_eapol()
1566 sm->key_replay[i - 1].counter, in __wpa_send_eapol()
1569 inc_byte_array(sm->key_replay[0].counter, WPA_REPLAY_COUNTER_LEN); in __wpa_send_eapol()
1570 os_memcpy(key->replay_counter, sm->key_replay[0].counter, in __wpa_send_eapol()
1574 sm->key_replay[0].valid = true; in __wpa_send_eapol()
1595 sm->PTK.kek, sm->PTK.kek_len); in __wpa_send_eapol()
1600 if (aes_siv_encrypt(sm->PTK.kek, sm->PTK.kek_len, kde, kde_len, in __wpa_send_eapol()
1625 wpa_use_aes_key_wrap(sm->wpa_key_mgmt) || in __wpa_send_eapol()
1629 sm->PTK.kek_len); in __wpa_send_eapol()
1630 if (aes_wrap(sm->PTK.kek, sm->PTK.kek_len, in __wpa_send_eapol()
1638 } else if (sm->PTK.kek_len == 16) { in __wpa_send_eapol()
1644 sm->group->Counter + WPA_NONCE_LEN - 16, 16); in __wpa_send_eapol()
1645 inc_byte_array(sm->group->Counter, WPA_NONCE_LEN); in __wpa_send_eapol()
1647 os_memcpy(ek + 16, sm->PTK.kek, sm->PTK.kek_len); in __wpa_send_eapol()
1661 if (!sm->PTK_valid || !mic_len) { in __wpa_send_eapol()
1662 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, in __wpa_send_eapol()
1668 if (wpa_eapol_key_mic(sm->PTK.kck, sm->PTK.kck_len, in __wpa_send_eapol()
1669 sm->wpa_key_mgmt, version, in __wpa_send_eapol()
1678 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in __wpa_send_eapol()
1685 wpa_auth_set_eapol(wpa_auth, sm->addr, WPA_EAPOL_inc_EapolFramesTx, 1); in __wpa_send_eapol()
1686 wpa_auth_send_eapol(wpa_auth, sm->addr, (u8 *) hdr, len, in __wpa_send_eapol()
1687 sm->pairwise_set); in __wpa_send_eapol()
1693 struct wpa_state_machine *sm, int key_info, in wpa_send_eapol() argument
1702 if (!sm) in wpa_send_eapol()
1705 __wpa_send_eapol(wpa_auth, sm, key_info, key_rsc, nonce, kde, kde_len, in wpa_send_eapol()
1708 ctr = pairwise ? sm->TimeoutCtr : sm->GTimeoutCtr; in wpa_send_eapol()
1718 sm->pending_1_of_4_timeout = 1; in wpa_send_eapol()
1731 wpa_send_eapol_timeout, wpa_auth, sm); in wpa_send_eapol()
1764 void wpa_remove_ptk(struct wpa_state_machine *sm) in wpa_remove_ptk() argument
1766 sm->PTK_valid = false; in wpa_remove_ptk()
1767 os_memset(&sm->PTK, 0, sizeof(sm->PTK)); in wpa_remove_ptk()
1769 wpa_auth_remove_ptksa(sm->wpa_auth, sm->addr, sm->pairwise); in wpa_remove_ptk()
1771 if (wpa_auth_set_key(sm->wpa_auth, 0, WPA_ALG_NONE, sm->addr, 0, NULL, in wpa_remove_ptk()
1775 if (sm->use_ext_key_id && in wpa_remove_ptk()
1776 wpa_auth_set_key(sm->wpa_auth, 0, WPA_ALG_NONE, sm->addr, 1, NULL, in wpa_remove_ptk()
1780 sm->pairwise_set = false; in wpa_remove_ptk()
1781 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm); in wpa_remove_ptk()
1785 int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event) in wpa_auth_sm_event() argument
1789 if (!sm) in wpa_auth_sm_event()
1792 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_auth_sm_event()
1799 if (wpa_auth_start_ampe(sm->wpa_auth, sm->addr)) { in wpa_auth_sm_event()
1809 sm->DeauthenticationRequest = true; in wpa_auth_sm_event()
1811 os_memset(sm->PMK, 0, sizeof(sm->PMK)); in wpa_auth_sm_event()
1812 sm->pmk_len = 0; in wpa_auth_sm_event()
1813 os_memset(sm->xxkey, 0, sizeof(sm->xxkey)); in wpa_auth_sm_event()
1814 sm->xxkey_len = 0; in wpa_auth_sm_event()
1815 os_memset(sm->pmk_r1, 0, sizeof(sm->pmk_r1)); in wpa_auth_sm_event()
1816 sm->pmk_r1_len = 0; in wpa_auth_sm_event()
1821 if (!sm->started) { in wpa_auth_sm_event()
1831 sm->started = 1; in wpa_auth_sm_event()
1832 sm->Init = true; in wpa_auth_sm_event()
1833 if (wpa_sm_step(sm) == 1) in wpa_auth_sm_event()
1835 sm->Init = false; in wpa_auth_sm_event()
1836 sm->AuthenticationRequest = true; in wpa_auth_sm_event()
1840 if (!sm->use_ext_key_id && in wpa_auth_sm_event()
1841 sm->wpa_auth->conf.wpa_deny_ptk0_rekey) { in wpa_auth_sm_event()
1844 MACSTR, MAC2STR(sm->addr)); in wpa_auth_sm_event()
1845 sm->Disconnect = true; in wpa_auth_sm_event()
1847 sm->disconnect_reason = in wpa_auth_sm_event()
1852 if (sm->use_ext_key_id) in wpa_auth_sm_event()
1853 sm->keyidx_active ^= 1; /* flip Key ID */ in wpa_auth_sm_event()
1855 if (sm->GUpdateStationKeys) { in wpa_auth_sm_event()
1860 sm->group->GKeyDoneStations--; in wpa_auth_sm_event()
1861 sm->GUpdateStationKeys = false; in wpa_auth_sm_event()
1862 sm->PtkGroupInit = true; in wpa_auth_sm_event()
1864 sm->ReAuthenticationRequest = true; in wpa_auth_sm_event()
1870 wpa_ft_install_ptk(sm, 1); in wpa_auth_sm_event()
1873 sm->ft_completed = 1; in wpa_auth_sm_event()
1874 wpa_auth_set_ptk_rekey_timer(sm); in wpa_auth_sm_event()
1883 fils_set_tk(sm); in wpa_auth_sm_event()
1884 sm->fils_completed = 1; in wpa_auth_sm_event()
1890 sm->tk_already_set = false; in wpa_auth_sm_event()
1895 sm->ft_completed = 0; in wpa_auth_sm_event()
1898 if (sm->mgmt_frame_prot && event == WPA_AUTH) in wpa_auth_sm_event()
1901 if (wpa_key_mgmt_fils(sm->wpa_key_mgmt) && in wpa_auth_sm_event()
1907 sm->PTK_valid = false; in wpa_auth_sm_event()
1908 os_memset(&sm->PTK, 0, sizeof(sm->PTK)); in wpa_auth_sm_event()
1911 wpa_remove_ptk(sm); in wpa_auth_sm_event()
1914 if (sm->in_step_loop) { in wpa_auth_sm_event()
1919 sm->changed = true; in wpa_auth_sm_event()
1922 return wpa_sm_step(sm); in wpa_auth_sm_event()
1929 if (sm->Init) { in SM_STATE()
1932 sm->changed = false; in SM_STATE()
1935 sm->keycount = 0; in SM_STATE()
1936 if (sm->GUpdateStationKeys) in SM_STATE()
1937 sm->group->GKeyDoneStations--; in SM_STATE()
1938 sm->GUpdateStationKeys = false; in SM_STATE()
1939 if (sm->wpa == WPA_VERSION_WPA) in SM_STATE()
1940 sm->PInitAKeys = false; in SM_STATE()
1943 sm->Pair = true; in SM_STATE()
1945 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 0); in SM_STATE()
1946 wpa_remove_ptk(sm); in SM_STATE()
1947 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid, 0); in SM_STATE()
1948 sm->TimeoutCtr = 0; in SM_STATE()
1949 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) || in SM_STATE()
1950 sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP || in SM_STATE()
1951 sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE) { in SM_STATE()
1952 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, in SM_STATE()
1960 u16 reason = sm->disconnect_reason; in SM_STATE()
1963 sm->Disconnect = false; in SM_STATE()
1964 sm->disconnect_reason = 0; in SM_STATE()
1967 wpa_sta_disconnect(sm->wpa_auth, sm->addr, reason); in SM_STATE()
1974 sm->DeauthenticationRequest = false; in SM_STATE()
1981 os_memset(&sm->PTK, 0, sizeof(sm->PTK)); in SM_STATE()
1982 sm->PTK_valid = false; in SM_STATE()
1983 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portControl_Auto, in SM_STATE()
1985 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 1); in SM_STATE()
1986 sm->AuthenticationRequest = false; in SM_STATE()
2027 wpa_group_ensure_init(sm->wpa_auth, sm->group); in SM_STATE()
2028 sm->ReAuthenticationRequest = false; in SM_STATE()
2039 if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) { in SM_STATE()
2042 sm->Disconnect = true; in SM_STATE()
2045 wpa_hexdump(MSG_DEBUG, "WPA: Assign ANonce", sm->ANonce, in SM_STATE()
2051 sm->TimeoutCtr = 0; in SM_STATE()
2055 static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm) in wpa_auth_sm_ptk_update() argument
2057 if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) { in wpa_auth_sm_ptk_update()
2060 sm->Disconnect = true; in wpa_auth_sm_ptk_update()
2063 wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce, in wpa_auth_sm_ptk_update()
2065 sm->TimeoutCtr = 0; in wpa_auth_sm_ptk_update()
2077 sm->xxkey_len = 0; in SM_STATE()
2079 if (sm->pmksa) { in SM_STATE()
2081 os_memcpy(sm->PMK, sm->pmksa->pmk, sm->pmksa->pmk_len); in SM_STATE()
2082 sm->pmk_len = sm->pmksa->pmk_len; in SM_STATE()
2084 } else if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP) { in SM_STATE()
2087 sm->Disconnect = true; in SM_STATE()
2088 sm->disconnect_reason = WLAN_REASON_INVALID_PMKID; in SM_STATE()
2091 } else if (wpa_auth_get_msk(sm->wpa_auth, sm->addr, msk, &len) == 0) { in SM_STATE()
2094 if (wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) in SM_STATE()
2105 sm->Disconnect = true; in SM_STATE()
2108 os_memcpy(sm->PMK, msk, pmk_len); in SM_STATE()
2109 sm->pmk_len = pmk_len; in SM_STATE()
2112 if (wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) { in SM_STATE()
2113 os_memcpy(sm->xxkey, msk, SHA384_MAC_LEN); in SM_STATE()
2114 sm->xxkey_len = SHA384_MAC_LEN; in SM_STATE()
2116 os_memcpy(sm->xxkey, msk + PMK_LEN, PMK_LEN); in SM_STATE()
2117 sm->xxkey_len = PMK_LEN; in SM_STATE()
2123 sm->wpa_auth->cb->get_msk); in SM_STATE()
2124 sm->Disconnect = true; in SM_STATE()
2129 sm->req_replay_counter_used = 0; in SM_STATE()
2138 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyRun, false); in SM_STATE()
2148 psk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, sm->p2p_dev_addr, NULL, in SM_STATE()
2151 os_memcpy(sm->PMK, psk, psk_len); in SM_STATE()
2152 sm->pmk_len = psk_len; in SM_STATE()
2154 os_memcpy(sm->xxkey, psk, PMK_LEN); in SM_STATE()
2155 sm->xxkey_len = PMK_LEN; in SM_STATE()
2159 if (wpa_auth_uses_sae(sm) && sm->pmksa) { in SM_STATE()
2161 os_memcpy(sm->PMK, sm->pmksa->pmk, sm->pmksa->pmk_len); in SM_STATE()
2162 sm->pmk_len = sm->pmksa->pmk_len; in SM_STATE()
2164 os_memcpy(sm->xxkey, sm->pmksa->pmk, sm->pmksa->pmk_len); in SM_STATE()
2165 sm->xxkey_len = sm->pmksa->pmk_len; in SM_STATE()
2169 sm->req_replay_counter_used = 0; in SM_STATE()
2179 sm->PTKRequest = false; in SM_STATE()
2180 sm->TimeoutEvt = false; in SM_STATE()
2181 sm->alt_snonce_valid = false; in SM_STATE()
2183 sm->TimeoutCtr++; in SM_STATE()
2184 if (sm->TimeoutCtr > sm->wpa_auth->conf.wpa_pairwise_update_count) { in SM_STATE()
2190 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STATE()
2206 if (sm->wpa == WPA_VERSION_WPA2 && in SM_STATE()
2207 (wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt) || in SM_STATE()
2208 (sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE && sm->pmksa) || in SM_STATE()
2209 wpa_key_mgmt_sae(sm->wpa_key_mgmt)) && in SM_STATE()
2210 sm->wpa_key_mgmt != WPA_KEY_MGMT_OSEN) { in SM_STATE()
2216 if (sm->pmksa) { in SM_STATE()
2219 sm->pmksa->pmkid, PMKID_LEN); in SM_STATE()
2221 sm->pmksa->pmkid, PMKID_LEN); in SM_STATE()
2222 } else if (wpa_key_mgmt_suite_b(sm->wpa_key_mgmt)) { in SM_STATE()
2228 } else if (wpa_key_mgmt_fils(sm->wpa_key_mgmt)) { in SM_STATE()
2229 if (sm->pmkid_set) { in SM_STATE()
2232 sm->pmkid, PMKID_LEN); in SM_STATE()
2234 sm->pmkid, PMKID_LEN); in SM_STATE()
2243 } else if (wpa_key_mgmt_ft(sm->wpa_key_mgmt) && in SM_STATE()
2244 sm->ft_completed) { in SM_STATE()
2250 } else if (wpa_key_mgmt_sae(sm->wpa_key_mgmt)) { in SM_STATE()
2251 if (sm->pmkid_set) { in SM_STATE()
2254 sm->pmkid, PMKID_LEN); in SM_STATE()
2256 sm->pmkid, PMKID_LEN); in SM_STATE()
2269 rsn_pmkid(sm->PMK, sm->pmk_len, sm->wpa_auth->addr, in SM_STATE()
2270 sm->addr, &pmkid[2 + RSN_SELECTOR_LEN], in SM_STATE()
2271 sm->wpa_key_mgmt); in SM_STATE()
2279 wpa_send_eapol(sm->wpa_auth, sm, in SM_STATE()
2281 sm->ANonce, pmkid, pmkid_len, 0, 0); in SM_STATE()
2285 static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *snonce, in wpa_derive_ptk() argument
2293 if (sm->wpa_auth->conf.force_kdk_derivation || in wpa_derive_ptk()
2294 (sm->wpa_auth->conf.secure_ltf && in wpa_derive_ptk()
2295 sm->rsnxe && sm->rsnxe_len >= 4 && in wpa_derive_ptk()
2296 sm->rsnxe[3] & BIT(WLAN_RSNX_CAPAB_SECURE_LTF - 8))) in wpa_derive_ptk()
2302 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { in wpa_derive_ptk()
2303 if (sm->ft_completed) { in wpa_derive_ptk()
2306 return wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, in wpa_derive_ptk()
2307 sm->SNonce, sm->ANonce, in wpa_derive_ptk()
2308 sm->addr, sm->wpa_auth->addr, in wpa_derive_ptk()
2309 sm->pmk_r1_name, in wpa_derive_ptk()
2311 sm->wpa_key_mgmt, in wpa_derive_ptk()
2312 sm->pairwise, in wpa_derive_ptk()
2315 return wpa_auth_derive_ptk_ft(sm, ptk); in wpa_derive_ptk()
2320 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP && sm->dpp_z) { in wpa_derive_ptk()
2321 z = wpabuf_head(sm->dpp_z); in wpa_derive_ptk()
2322 z_len = wpabuf_len(sm->dpp_z); in wpa_derive_ptk()
2326 akmp = sm->wpa_key_mgmt; in wpa_derive_ptk()
2330 sm->wpa_auth->addr, sm->addr, sm->ANonce, snonce, in wpa_derive_ptk()
2331 ptk, akmp, sm->pairwise, z, z_len, kdk_len); in wpa_derive_ptk()
2337 int fils_auth_pmk_to_ptk(struct wpa_state_machine *sm, const u8 *pmk, in fils_auth_pmk_to_ptk() argument
2348 if (sm->wpa_auth->conf.force_kdk_derivation || in fils_auth_pmk_to_ptk()
2349 (sm->wpa_auth->conf.secure_ltf && in fils_auth_pmk_to_ptk()
2350 sm->rsnxe && sm->rsnxe_len >= 4 && in fils_auth_pmk_to_ptk()
2351 sm->rsnxe[3] & BIT(WLAN_RSNX_CAPAB_SECURE_LTF - 8))) in fils_auth_pmk_to_ptk()
2356 res = fils_pmk_to_ptk(pmk, pmk_len, sm->addr, sm->wpa_auth->addr, in fils_auth_pmk_to_ptk()
2358 &sm->PTK, ick, &ick_len, in fils_auth_pmk_to_ptk()
2359 sm->wpa_key_mgmt, sm->pairwise, in fils_auth_pmk_to_ptk()
2363 sm->PTK_valid = true; in fils_auth_pmk_to_ptk()
2364 sm->tk_already_set = false; in fils_auth_pmk_to_ptk()
2368 struct wpa_authenticator *wpa_auth = sm->wpa_auth; in fils_auth_pmk_to_ptk()
2371 int use_sha384 = wpa_key_mgmt_sha384(sm->wpa_key_mgmt); in fils_auth_pmk_to_ptk()
2378 sm->addr, pmk_r0, pmk_r0_name, in fils_auth_pmk_to_ptk()
2382 wpa_ft_store_pmk_fils(sm, pmk_r0, pmk_r0_name); in fils_auth_pmk_to_ptk()
2386 sm->addr, sm->pmk_r1_name, in fils_auth_pmk_to_ptk()
2391 wpa_hexdump(MSG_DEBUG, "FILS+FT: PMKR1Name", sm->pmk_r1_name, in fils_auth_pmk_to_ptk()
2393 sm->pmk_r1_name_valid = 1; in fils_auth_pmk_to_ptk()
2398 sm->addr, sm->wpa_auth->addr, in fils_auth_pmk_to_ptk()
2403 sm->wpa_key_mgmt, sm->fils_key_auth_sta, in fils_auth_pmk_to_ptk()
2404 sm->fils_key_auth_ap, in fils_auth_pmk_to_ptk()
2405 &sm->fils_key_auth_len); in fils_auth_pmk_to_ptk()
2409 os_memcpy(sm->SNonce, snonce, FILS_NONCE_LEN); in fils_auth_pmk_to_ptk()
2410 os_memcpy(sm->ANonce, anonce, FILS_NONCE_LEN); in fils_auth_pmk_to_ptk()
2416 static int wpa_aead_decrypt(struct wpa_state_machine *sm, struct wpa_ptk *ptk, in wpa_aead_decrypt() argument
2433 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO, in wpa_aead_decrypt()
2449 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO, in wpa_aead_decrypt()
2471 const u8 * wpa_fils_validate_fils_session(struct wpa_state_machine *sm, in wpa_fils_validate_fils_session() argument
2478 if (!wpa_key_mgmt_fils(sm->wpa_key_mgmt)) { in wpa_fils_validate_fils_session()
2525 int wpa_fils_validate_key_confirm(struct wpa_state_machine *sm, const u8 *ies, in wpa_fils_validate_key_confirm() argument
2546 if (elems.fils_key_confirm_len != sm->fils_key_auth_len) { in wpa_fils_validate_key_confirm()
2550 sm->fils_key_auth_len); in wpa_fils_validate_key_confirm()
2554 if (os_memcmp(elems.fils_key_confirm, sm->fils_key_auth_sta, in wpa_fils_validate_key_confirm()
2555 sm->fils_key_auth_len) != 0) { in wpa_fils_validate_key_confirm()
2560 sm->fils_key_auth_sta, sm->fils_key_auth_len); in wpa_fils_validate_key_confirm()
2568 int fils_decrypt_assoc(struct wpa_state_machine *sm, const u8 *fils_session, in fils_decrypt_assoc() argument
2577 if (!sm || !sm->PTK_valid) { in fils_decrypt_assoc()
2583 if (!wpa_key_mgmt_fils(sm->wpa_key_mgmt)) { in fils_decrypt_assoc()
2602 session = wpa_fils_validate_fils_session(sm, ie, end - ie, in fils_decrypt_assoc()
2626 aad[2] = sm->SNonce; in fils_decrypt_assoc()
2629 aad[3] = sm->ANonce; in fils_decrypt_assoc()
2638 if (aes_siv_decrypt(sm->PTK.kek, sm->PTK.kek_len, crypt, end - crypt, in fils_decrypt_assoc()
2647 if (wpa_fils_validate_key_confirm(sm, pos, left - AES_BLOCK_SIZE) < 0) { in fils_decrypt_assoc()
2656 int fils_encrypt_assoc(struct wpa_state_machine *sm, u8 *buf, in fils_encrypt_assoc() argument
2667 if (!sm || !sm->PTK_valid) in fils_encrypt_assoc()
2685 aad[2] = sm->ANonce; in fils_encrypt_assoc()
2688 aad[3] = sm->SNonce; in fils_encrypt_assoc()
2699 plain = fils_prepare_plainbuf(sm, hlp); in fils_encrypt_assoc()
2715 if (aes_siv_encrypt(sm->PTK.kek, sm->PTK.kek_len, in fils_encrypt_assoc()
2728 sm->fils_completed = 1; in fils_encrypt_assoc()
2734 static struct wpabuf * fils_prepare_plainbuf(struct wpa_state_machine *sm, in fils_prepare_plainbuf() argument
2744 struct wpa_auth_config *conf = &sm->wpa_auth->conf; in fils_prepare_plainbuf()
2746 plain_len = 1000 + ieee80211w_kde_len(sm); in fils_prepare_plainbuf()
2757 wpabuf_put_u8(plain, 1 + sm->fils_key_auth_len); /* Length */ in fils_prepare_plainbuf()
2760 wpabuf_put_data(plain, sm->fils_key_auth_ap, sm->fils_key_auth_len); in fils_prepare_plainbuf()
2769 gsm = sm->group; in fils_prepare_plainbuf()
2773 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, in fils_prepare_plainbuf()
2778 if (conf->disable_gtk || sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { in fils_prepare_plainbuf()
2798 tmp2 = ieee80211w_kde_add(sm, tmp); in fils_prepare_plainbuf()
2811 if (wpa_auth_uses_ocv(sm)) { in fils_prepare_plainbuf()
2815 if (wpa_channel_info(sm->wpa_auth, &ci) != 0) { in fils_prepare_plainbuf()
2843 int fils_set_tk(struct wpa_state_machine *sm) in fils_set_tk() argument
2848 if (!sm || !sm->PTK_valid) { in fils_set_tk()
2852 if (sm->tk_already_set) { in fils_set_tk()
2857 alg = wpa_cipher_to_alg(sm->pairwise); in fils_set_tk()
2858 klen = wpa_cipher_key_len(sm->pairwise); in fils_set_tk()
2861 if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0, in fils_set_tk()
2862 sm->PTK.tk, klen, KEY_FLAG_PAIRWISE_RX_TX)) { in fils_set_tk()
2866 sm->tk_already_set = true; in fils_set_tk()
2868 wpa_auth_store_ptksa(sm->wpa_auth, sm->addr, sm->pairwise, in fils_set_tk()
2869 dot11RSNAConfigPMKLifetime, &sm->PTK); in fils_set_tk()
2875 u8 * hostapd_eid_assoc_fils_session(struct wpa_state_machine *sm, u8 *buf, in hostapd_eid_assoc_fils_session() argument
2888 plain = fils_prepare_plainbuf(sm, hlp); in hostapd_eid_assoc_fils_session()
2900 sm->fils_completed = 1; in hostapd_eid_assoc_fils_session()
2908 int get_sta_tx_parameters(struct wpa_state_machine *sm, int ap_max_chanwidth, in get_sta_tx_parameters() argument
2911 struct wpa_authenticator *wpa_auth = sm->wpa_auth; in get_sta_tx_parameters()
2915 return wpa_auth->cb->get_sta_tx_params(wpa_auth->cb_ctx, sm->addr, in get_sta_tx_parameters()
2924 struct wpa_authenticator *wpa_auth = sm->wpa_auth; in SM_STATE()
2940 sm->EAPOLKeyReceived = false; in SM_STATE()
2941 sm->update_snonce = false; in SM_STATE()
2944 mic_len = wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len); in SM_STATE()
2950 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) && in SM_STATE()
2951 !wpa_key_mgmt_sae(sm->wpa_key_mgmt)) { in SM_STATE()
2952 pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, in SM_STATE()
2953 sm->p2p_dev_addr, pmk, &pmk_len, in SM_STATE()
2959 if (wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt)) { in SM_STATE()
2960 os_memcpy(sm->xxkey, pmk, pmk_len); in SM_STATE()
2961 sm->xxkey_len = pmk_len; in SM_STATE()
2965 pmk = sm->PMK; in SM_STATE()
2966 pmk_len = sm->pmk_len; in SM_STATE()
2969 if ((!pmk || !pmk_len) && sm->pmksa) { in SM_STATE()
2971 pmk = sm->pmksa->pmk; in SM_STATE()
2972 pmk_len = sm->pmksa->pmk_len; in SM_STATE()
2975 if (wpa_derive_ptk(sm, sm->SNonce, pmk, pmk_len, &PTK, in SM_STATE()
2980 wpa_verify_key_mic(sm->wpa_key_mgmt, pmk_len, &PTK, in SM_STATE()
2981 sm->last_rx_eapol_key, in SM_STATE()
2982 sm->last_rx_eapol_key_len) == 0) { in SM_STATE()
2983 if (sm->PMK != pmk) { in SM_STATE()
2984 os_memcpy(sm->PMK, pmk, pmk_len); in SM_STATE()
2985 sm->pmk_len = pmk_len; in SM_STATE()
2993 wpa_aead_decrypt(sm, &PTK, sm->last_rx_eapol_key, in SM_STATE()
2994 sm->last_rx_eapol_key_len, NULL) == 0) { in SM_STATE()
3001 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE && pmk_len > 32 && in SM_STATE()
3010 if (!wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) || in SM_STATE()
3011 wpa_key_mgmt_sae(sm->wpa_key_mgmt)) in SM_STATE()
3016 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STATE()
3019 wpa_auth_psk_failure_report(sm->wpa_auth, sm->addr); in SM_STATE()
3027 hdr = (struct ieee802_1x_hdr *) sm->last_rx_eapol_key; in SM_STATE()
3032 if (key_data_length > sm->last_rx_eapol_key_len - sizeof(*hdr) - in SM_STATE()
3037 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
3051 ft = sm->wpa == WPA_VERSION_WPA2 && wpa_key_mgmt_ft(sm->wpa_key_mgmt); in SM_STATE()
3052 if (!sm->wpa_ie || in SM_STATE()
3053 wpa_compare_rsn_ie(ft, sm->wpa_ie, sm->wpa_ie_len, in SM_STATE()
3055 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
3057 if (sm->wpa_ie) { in SM_STATE()
3059 sm->wpa_ie, sm->wpa_ie_len); in SM_STATE()
3064 wpa_sta_disconnect(wpa_auth, sm->addr, in SM_STATE()
3068 if ((!sm->rsnxe && kde.rsnxe) || in SM_STATE()
3069 (sm->rsnxe && !kde.rsnxe) || in SM_STATE()
3070 (sm->rsnxe && kde.rsnxe && in SM_STATE()
3071 (sm->rsnxe_len != kde.rsnxe_len || in SM_STATE()
3072 os_memcmp(sm->rsnxe, kde.rsnxe, sm->rsnxe_len) != 0))) { in SM_STATE()
3073 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
3076 sm->rsnxe, sm->rsnxe_len); in SM_STATE()
3080 wpa_sta_disconnect(wpa_auth, sm->addr, in SM_STATE()
3085 if (wpa_auth_uses_ocv(sm)) { in SM_STATE()
3092 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
3097 if (get_sta_tx_parameters(sm, in SM_STATE()
3105 if (wpa_auth_uses_ocv(sm) == 2 && res == OCI_NOT_FOUND) { in SM_STATE()
3107 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
3109 wpa_auth_set_ocv(sm, 0); in SM_STATE()
3111 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
3117 MAC2STR(sm->addr), ocv_errorstr); in SM_STATE()
3123 if (ft && ft_check_msg_2_of_4(wpa_auth, sm, &kde) < 0) { in SM_STATE()
3124 wpa_sta_disconnect(wpa_auth, sm->addr, in SM_STATE()
3131 wpa_auth->ip_pool && WPA_GET_BE32(sm->ip_addr) == 0) { in SM_STATE()
3139 WPA_PUT_BE32(sm->ip_addr, start + idx); in SM_STATE()
3142 MACSTR, sm->ip_addr[0], sm->ip_addr[1], in SM_STATE()
3143 sm->ip_addr[2], sm->ip_addr[3], in SM_STATE()
3144 MAC2STR(sm->addr)); in SM_STATE()
3154 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP && in SM_STATE()
3157 !sm->dpp_z) { in SM_STATE()
3160 wpa_sta_disconnect(wpa_auth, sm->addr, in SM_STATE()
3168 if (sm->wpa == WPA_VERSION_WPA2 && wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { in SM_STATE()
3173 if (os_memcmp_const(sm->sup_pmk_r1_name, sm->pmk_r1_name, in SM_STATE()
3175 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STATE()
3179 sm->sup_pmk_r1_name, WPA_PMK_NAME_LEN); in SM_STATE()
3181 sm->pmk_r1_name, WPA_PMK_NAME_LEN); in SM_STATE()
3187 if (vlan_id && wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) && in SM_STATE()
3188 wpa_auth_update_vlan(wpa_auth, sm->addr, vlan_id) < 0) { in SM_STATE()
3189 wpa_sta_disconnect(wpa_auth, sm->addr, in SM_STATE()
3194 sm->pending_1_of_4_timeout = 0; in SM_STATE()
3195 eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm); in SM_STATE()
3197 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) && sm->PMK != pmk) { in SM_STATE()
3201 os_memcpy(sm->PMK, pmk, PMK_LEN); in SM_STATE()
3202 sm->pmk_len = PMK_LEN; in SM_STATE()
3205 sm->MICVerified = true; in SM_STATE()
3207 os_memcpy(&sm->PTK, &PTK, sizeof(PTK)); in SM_STATE()
3209 sm->PTK_valid = true; in SM_STATE()
3216 sm->TimeoutCtr = 0; in SM_STATE()
3220 static int ieee80211w_kde_len(struct wpa_state_machine *sm) in ieee80211w_kde_len() argument
3224 if (sm->mgmt_frame_prot) { in ieee80211w_kde_len()
3226 len += wpa_cipher_key_len(sm->wpa_auth->conf.group_mgmt_cipher); in ieee80211w_kde_len()
3228 if (sm->mgmt_frame_prot && sm->wpa_auth->conf.beacon_prot) { in ieee80211w_kde_len()
3230 len += wpa_cipher_key_len(sm->wpa_auth->conf.group_mgmt_cipher); in ieee80211w_kde_len()
3237 static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos) in ieee80211w_kde_add() argument
3241 struct wpa_group *gsm = sm->group; in ieee80211w_kde_add()
3243 struct wpa_auth_config *conf = &sm->wpa_auth->conf; in ieee80211w_kde_add()
3246 if (!sm->mgmt_frame_prot) in ieee80211w_kde_add()
3252 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, rsc) < 0) in ieee80211w_kde_add()
3257 if (conf->disable_gtk || sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { in ieee80211w_kde_add()
3275 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_bigtk, rsc) < 0) in ieee80211w_kde_add()
3280 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { in ieee80211w_kde_add()
3296 static int ocv_oci_len(struct wpa_state_machine *sm) in ocv_oci_len() argument
3299 if (wpa_auth_uses_ocv(sm)) in ocv_oci_len()
3306 static int ocv_oci_add(struct wpa_state_machine *sm, u8 **argpos, in ocv_oci_add() argument
3312 if (!wpa_auth_uses_ocv(sm)) in ocv_oci_add()
3315 if (wpa_channel_info(sm->wpa_auth, &ci) != 0) { in ocv_oci_add()
3372 struct wpa_group *gsm = sm->group; in SM_STATE()
3377 struct wpa_auth_config *conf = &sm->wpa_auth->conf; in SM_STATE()
3380 sm->TimeoutEvt = false; in SM_STATE()
3382 sm->TimeoutCtr++; in SM_STATE()
3383 if (conf->wpa_disable_eapol_key_retries && sm->TimeoutCtr > 1) { in SM_STATE()
3387 if (sm->TimeoutCtr > conf->wpa_pairwise_update_count) { in SM_STATE()
3397 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc); in SM_STATE()
3399 wpa_ie = sm->wpa_auth->wpa_ie; in SM_STATE()
3400 wpa_ie_len = sm->wpa_auth->wpa_ie_len; in SM_STATE()
3401 if (sm->wpa == WPA_VERSION_WPA && (conf->wpa & WPA_PROTO_RSN) && in SM_STATE()
3431 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STATE()
3433 if (sm->wpa == WPA_VERSION_WPA2) { in SM_STATE()
3434 if (sm->use_ext_key_id && sm->TimeoutCtr == 1 && in SM_STATE()
3435 wpa_auth_set_key(sm->wpa_auth, 0, in SM_STATE()
3436 wpa_cipher_to_alg(sm->pairwise), in SM_STATE()
3437 sm->addr, in SM_STATE()
3438 sm->keyidx_active, sm->PTK.tk, in SM_STATE()
3439 wpa_cipher_key_len(sm->pairwise), in SM_STATE()
3441 wpa_sta_disconnect(sm->wpa_auth, sm->addr, in SM_STATE()
3451 sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { in SM_STATE()
3469 if (sm->rx_eapol_key_secure) { in SM_STATE()
3478 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STATE()
3484 kde_len = wpa_ie_len + ieee80211w_kde_len(sm) + ocv_oci_len(sm); in SM_STATE()
3486 if (sm->use_ext_key_id) in SM_STATE()
3492 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { in SM_STATE()
3498 if (WPA_GET_BE32(sm->ip_addr) > 0) in SM_STATE()
3506 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP) in SM_STATE()
3518 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { in SM_STATE()
3523 res = wpa_insert_pmkid(kde, &elen, sm->pmk_r1_name); in SM_STATE()
3535 if (sm->use_ext_key_id) { in SM_STATE()
3536 hdr[0] = sm->keyidx_active & 0x01; in SM_STATE()
3545 pos = ieee80211w_kde_add(sm, pos); in SM_STATE()
3546 if (ocv_oci_add(sm, &pos, conf->oci_freq_override_eapol_m3) < 0) in SM_STATE()
3550 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { in SM_STATE()
3553 if (sm->assoc_resp_ftie && in SM_STATE()
3554 kde + kde_len - pos >= 2 + sm->assoc_resp_ftie[1]) { in SM_STATE()
3555 os_memcpy(pos, sm->assoc_resp_ftie, in SM_STATE()
3556 2 + sm->assoc_resp_ftie[1]); in SM_STATE()
3557 res = 2 + sm->assoc_resp_ftie[1]; in SM_STATE()
3559 int use_sha384 = wpa_key_mgmt_sha384(sm->wpa_key_mgmt); in SM_STATE()
3591 if (WPA_GET_BE32(sm->ip_addr) > 0) { in SM_STATE()
3593 os_memcpy(addr, sm->ip_addr, 4); in SM_STATE()
3606 if (DPP_VERSION > 1 && sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP) { in SM_STATE()
3621 wpa_send_eapol(sm->wpa_auth, sm, in SM_STATE()
3623 (wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len) ? in SM_STATE()
3627 _rsc, sm->ANonce, kde, pos - kde, 0, encr); in SM_STATE()
3638 sm->EAPOLKeyReceived = false; in SM_STATE()
3639 if (sm->Pair) { in SM_STATE()
3640 enum wpa_alg alg = wpa_cipher_to_alg(sm->pairwise); in SM_STATE()
3641 int klen = wpa_cipher_key_len(sm->pairwise); in SM_STATE()
3644 if (sm->use_ext_key_id) in SM_STATE()
3645 res = wpa_auth_set_key(sm->wpa_auth, 0, 0, sm->addr, in SM_STATE()
3646 sm->keyidx_active, NULL, 0, in SM_STATE()
3649 res = wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, in SM_STATE()
3650 0, sm->PTK.tk, klen, in SM_STATE()
3653 wpa_sta_disconnect(sm->wpa_auth, sm->addr, in SM_STATE()
3658 sm->pairwise_set = true; in SM_STATE()
3660 wpa_auth_set_ptk_rekey_timer(sm); in SM_STATE()
3661 wpa_auth_store_ptksa(sm->wpa_auth, sm->addr, sm->pairwise, in SM_STATE()
3662 dot11RSNAConfigPMKLifetime, &sm->PTK); in SM_STATE()
3664 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) || in SM_STATE()
3665 sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP || in SM_STATE()
3666 sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE) { in SM_STATE()
3667 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, in SM_STATE()
3673 sm->keycount++; in SM_STATE()
3674 if (sm->keycount == 2) { in SM_STATE()
3675 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, in SM_STATE()
3679 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid, in SM_STATE()
3682 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyAvailable, in SM_STATE()
3684 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyDone, true); in SM_STATE()
3685 if (sm->wpa == WPA_VERSION_WPA) in SM_STATE()
3686 sm->PInitAKeys = true; in SM_STATE()
3688 sm->has_GTK = true; in SM_STATE()
3689 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
3691 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN"); in SM_STATE()
3694 wpa_ft_push_pmk_r1(sm->wpa_auth, sm->addr); in SM_STATE()
3701 struct wpa_authenticator *wpa_auth = sm->wpa_auth; in SM_STEP()
3704 if (sm->Init) in SM_STEP()
3706 else if (sm->Disconnect in SM_STEP()
3708 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STEP()
3712 else if (sm->DeauthenticationRequest) in SM_STEP()
3714 else if (sm->AuthenticationRequest) in SM_STEP()
3716 else if (sm->ReAuthenticationRequest) in SM_STEP()
3718 else if (sm->PTKRequest) { in SM_STEP()
3719 if (wpa_auth_sm_ptk_update(sm) < 0) in SM_STEP()
3723 } else switch (sm->wpa_ptk_state) { in SM_STEP()
3736 if (wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt) && in SM_STEP()
3737 wpa_auth_get_eapol(wpa_auth, sm->addr, in SM_STEP()
3740 else if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) || in SM_STEP()
3741 sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE in SM_STEP()
3744 else if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP) in SM_STEP()
3748 if (wpa_auth_get_eapol(wpa_auth, sm->addr, in SM_STEP()
3752 } else if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP && sm->pmksa) { in SM_STEP()
3757 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in SM_STEP()
3763 if (wpa_auth_get_psk(wpa_auth, sm->addr, sm->p2p_dev_addr, in SM_STEP()
3767 } else if (wpa_auth_uses_sae(sm) && sm->pmksa) { in SM_STEP()
3771 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in SM_STEP()
3778 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest && in SM_STEP()
3779 sm->EAPOLKeyPairwise) in SM_STEP()
3781 else if (sm->TimeoutCtr > conf->wpa_pairwise_update_count) { in SM_STEP()
3783 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STEP()
3786 sm->disconnect_reason = in SM_STEP()
3789 } else if (sm->TimeoutEvt) in SM_STEP()
3793 if (sm->MICVerified) in SM_STEP()
3795 else if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest && in SM_STEP()
3796 sm->EAPOLKeyPairwise) in SM_STEP()
3798 else if (sm->TimeoutEvt) in SM_STEP()
3805 if (sm->update_snonce) in SM_STEP()
3807 else if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest && in SM_STEP()
3808 sm->EAPOLKeyPairwise && sm->MICVerified) in SM_STEP()
3810 else if (sm->TimeoutCtr > in SM_STEP()
3813 sm->TimeoutCtr > 1)) { in SM_STEP()
3815 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STEP()
3818 sm->disconnect_reason = in SM_STEP()
3821 } else if (sm->TimeoutEvt) in SM_STEP()
3833 if (sm->Init) { in SM_STATE()
3836 sm->changed = false; in SM_STATE()
3838 sm->GTimeoutCtr = 0; in SM_STATE()
3845 struct wpa_group *gsm = sm->group; in SM_STATE()
3850 struct wpa_auth_config *conf = &sm->wpa_auth->conf; in SM_STATE()
3854 sm->GTimeoutCtr++; in SM_STATE()
3855 if (conf->wpa_disable_eapol_key_retries && sm->GTimeoutCtr > 1) { in SM_STATE()
3859 if (sm->GTimeoutCtr > conf->wpa_group_update_count) { in SM_STATE()
3865 if (sm->wpa == WPA_VERSION_WPA) in SM_STATE()
3866 sm->PInitAKeys = false; in SM_STATE()
3867 sm->TimeoutEvt = false; in SM_STATE()
3871 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc); in SM_STATE()
3872 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STATE()
3876 if (conf->disable_gtk || sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { in SM_STATE()
3885 if (sm->wpa == WPA_VERSION_WPA2) { in SM_STATE()
3887 ieee80211w_kde_len(sm) + ocv_oci_len(sm); in SM_STATE()
3897 pos = ieee80211w_kde_add(sm, pos); in SM_STATE()
3898 if (ocv_oci_add(sm, &pos, in SM_STATE()
3909 wpa_send_eapol(sm->wpa_auth, sm, in SM_STATE()
3911 (wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len) ? in SM_STATE()
3914 (!sm->Pair ? WPA_KEY_INFO_INSTALL : 0), in SM_STATE()
3923 struct wpa_authenticator *wpa_auth = sm->wpa_auth; in SM_STATE()
3934 sm->EAPOLKeyReceived = false; in SM_STATE()
3937 mic_len = wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len); in SM_STATE()
3943 hdr = (struct ieee802_1x_hdr *) sm->last_rx_eapol_key; in SM_STATE()
3948 if (key_data_length > sm->last_rx_eapol_key_len - sizeof(*hdr) - in SM_STATE()
3953 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
3958 if (wpa_auth_uses_ocv(sm)) { in SM_STATE()
3964 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
3969 if (get_sta_tx_parameters(sm, in SM_STATE()
3978 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
3984 MAC2STR(sm->addr), ocv_errorstr); in SM_STATE()
3990 if (sm->GUpdateStationKeys) in SM_STATE()
3991 sm->group->GKeyDoneStations--; in SM_STATE()
3992 sm->GUpdateStationKeys = false; in SM_STATE()
3993 sm->GTimeoutCtr = 0; in SM_STATE()
3995 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
3997 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN"); in SM_STATE()
3998 sm->has_GTK = true; in SM_STATE()
4005 if (sm->GUpdateStationKeys) in SM_STATE()
4006 sm->group->GKeyDoneStations--; in SM_STATE()
4007 sm->GUpdateStationKeys = false; in SM_STATE()
4008 sm->Disconnect = true; in SM_STATE()
4009 sm->disconnect_reason = WLAN_REASON_GROUP_KEY_UPDATE_TIMEOUT; in SM_STATE()
4010 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
4012 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN", in SM_STATE()
4013 sm->wpa_auth->conf.wpa_group_update_count); in SM_STATE()
4019 if (sm->Init || sm->PtkGroupInit) { in SM_STEP()
4021 sm->PtkGroupInit = false; in SM_STEP()
4022 } else switch (sm->wpa_ptk_group_state) { in SM_STEP()
4024 if (sm->GUpdateStationKeys || in SM_STEP()
4025 (sm->wpa == WPA_VERSION_WPA && sm->PInitAKeys)) in SM_STEP()
4029 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest && in SM_STEP()
4030 !sm->EAPOLKeyPairwise && sm->MICVerified) in SM_STEP()
4032 else if (sm->GTimeoutCtr > in SM_STEP()
4033 sm->wpa_auth->conf.wpa_group_update_count || in SM_STEP()
4034 (sm->wpa_auth->conf.wpa_disable_eapol_key_retries && in SM_STEP()
4035 sm->GTimeoutCtr > 1)) in SM_STEP()
4037 else if (sm->TimeoutEvt) in SM_STEP()
4117 static int wpa_group_update_sta(struct wpa_state_machine *sm, void *ctx) in wpa_group_update_sta() argument
4119 if (ctx != NULL && ctx != sm->group) in wpa_group_update_sta()
4122 if (sm->wpa_ptk_state != WPA_PTK_PTKINITDONE) { in wpa_group_update_sta()
4123 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_group_update_sta()
4125 sm->GUpdateStationKeys = false; in wpa_group_update_sta()
4128 if (sm->GUpdateStationKeys) { in wpa_group_update_sta()
4134 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_group_update_sta()
4139 if (sm->is_wnmsleep) in wpa_group_update_sta()
4142 sm->group->GKeyDoneStations++; in wpa_group_update_sta()
4143 sm->GUpdateStationKeys = true; in wpa_group_update_sta()
4145 wpa_sm_step(sm); in wpa_group_update_sta()
4152 void wpa_wnmsleep_rekey_gtk(struct wpa_state_machine *sm) in wpa_wnmsleep_rekey_gtk() argument
4154 if (!sm || sm->is_wnmsleep) in wpa_wnmsleep_rekey_gtk()
4157 wpa_group_update_sta(sm, NULL); in wpa_wnmsleep_rekey_gtk()
4161 void wpa_set_wnmsleep(struct wpa_state_machine *sm, int flag) in wpa_set_wnmsleep() argument
4163 if (sm) in wpa_set_wnmsleep()
4164 sm->is_wnmsleep = !!flag; in wpa_set_wnmsleep()
4168 int wpa_wnmsleep_gtk_subelem(struct wpa_state_machine *sm, u8 *pos) in wpa_wnmsleep_gtk_subelem() argument
4170 struct wpa_auth_config *conf = &sm->wpa_auth->conf; in wpa_wnmsleep_gtk_subelem()
4171 struct wpa_group *gsm = sm->group; in wpa_wnmsleep_gtk_subelem()
4185 if (wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, pos) != 0) in wpa_wnmsleep_gtk_subelem()
4189 if (conf->disable_gtk || sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { in wpa_wnmsleep_gtk_subelem()
4208 int wpa_wnmsleep_igtk_subelem(struct wpa_state_machine *sm, u8 *pos) in wpa_wnmsleep_igtk_subelem() argument
4210 struct wpa_auth_config *conf = &sm->wpa_auth->conf; in wpa_wnmsleep_igtk_subelem()
4211 struct wpa_group *gsm = sm->group; in wpa_wnmsleep_igtk_subelem()
4213 size_t len = wpa_cipher_key_len(sm->wpa_auth->conf.group_mgmt_cipher); in wpa_wnmsleep_igtk_subelem()
4223 if (wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, pos) != 0) in wpa_wnmsleep_igtk_subelem()
4228 if (conf->disable_gtk || sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { in wpa_wnmsleep_igtk_subelem()
4247 int wpa_wnmsleep_bigtk_subelem(struct wpa_state_machine *sm, u8 *pos) in wpa_wnmsleep_bigtk_subelem() argument
4249 struct wpa_group *gsm = sm->group; in wpa_wnmsleep_bigtk_subelem()
4251 size_t len = wpa_cipher_key_len(sm->wpa_auth->conf.group_mgmt_cipher); in wpa_wnmsleep_bigtk_subelem()
4261 if (wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_bigtk, pos) != 0) in wpa_wnmsleep_bigtk_subelem()
4266 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { in wpa_wnmsleep_bigtk_subelem()
4363 static int wpa_group_disconnect_cb(struct wpa_state_machine *sm, void *ctx) in wpa_group_disconnect_cb() argument
4365 if (sm->group == ctx) { in wpa_group_disconnect_cb()
4368 MAC2STR(sm->addr)); in wpa_group_disconnect_cb()
4369 sm->Disconnect = true; in wpa_group_disconnect_cb()
4427 static int wpa_sm_step(struct wpa_state_machine *sm) in wpa_sm_step() argument
4429 if (!sm) in wpa_sm_step()
4432 if (sm->in_step_loop) { in wpa_sm_step()
4440 sm->in_step_loop = 1; in wpa_sm_step()
4442 if (sm->pending_deinit) in wpa_sm_step()
4445 sm->changed = false; in wpa_sm_step()
4446 sm->wpa_auth->group->changed = false; in wpa_sm_step()
4449 if (sm->pending_deinit) in wpa_sm_step()
4452 if (sm->pending_deinit) in wpa_sm_step()
4454 wpa_group_sm_step(sm->wpa_auth, sm->group); in wpa_sm_step()
4455 } while (sm->changed || sm->wpa_auth->group->changed); in wpa_sm_step()
4456 sm->in_step_loop = 0; in wpa_sm_step()
4458 if (sm->pending_deinit) { in wpa_sm_step()
4461 MACSTR, MAC2STR(sm->addr)); in wpa_sm_step()
4462 wpa_free_sta_sm(sm); in wpa_sm_step()
4471 struct wpa_state_machine *sm = eloop_ctx; in wpa_sm_call_step() local
4472 wpa_sm_step(sm); in wpa_sm_call_step()
4476 void wpa_auth_sm_notify(struct wpa_state_machine *sm) in wpa_auth_sm_notify() argument
4478 if (!sm) in wpa_auth_sm_notify()
4480 eloop_register_timeout(0, 0, wpa_sm_call_step, sm, NULL); in wpa_auth_sm_notify()
4611 int wpa_get_mib_sta(struct wpa_state_machine *sm, char *buf, size_t buflen) in wpa_get_mib_sta() argument
4616 if (!sm) in wpa_get_mib_sta()
4623 pairwise = wpa_cipher_to_suite(sm->wpa == WPA_VERSION_WPA2 ? in wpa_get_mib_sta()
4625 sm->pairwise); in wpa_get_mib_sta()
4641 MAC2STR(sm->addr), in wpa_get_mib_sta()
4643 sm->dot11RSNAStatsTKIPLocalMICFailures, in wpa_get_mib_sta()
4644 sm->dot11RSNAStatsTKIPRemoteMICFailures); in wpa_get_mib_sta()
4655 sm->wpa, in wpa_get_mib_sta()
4656 RSN_SUITE_ARG(wpa_akm_to_suite(sm->wpa_key_mgmt)), in wpa_get_mib_sta()
4657 sm->wpa_ptk_state, in wpa_get_mib_sta()
4658 sm->wpa_ptk_group_state); in wpa_get_mib_sta()
4674 int wpa_auth_pairwise_set(struct wpa_state_machine *sm) in wpa_auth_pairwise_set() argument
4676 return sm && sm->pairwise_set; in wpa_auth_pairwise_set()
4680 int wpa_auth_get_pairwise(struct wpa_state_machine *sm) in wpa_auth_get_pairwise() argument
4682 return sm->pairwise; in wpa_auth_get_pairwise()
4686 const u8 * wpa_auth_get_pmk(struct wpa_state_machine *sm, int *len) in wpa_auth_get_pmk() argument
4688 if (!sm) in wpa_auth_get_pmk()
4690 *len = sm->pmk_len; in wpa_auth_get_pmk()
4691 return sm->PMK; in wpa_auth_get_pmk()
4695 int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm) in wpa_auth_sta_key_mgmt() argument
4697 if (!sm) in wpa_auth_sta_key_mgmt()
4699 return sm->wpa_key_mgmt; in wpa_auth_sta_key_mgmt()
4703 int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm) in wpa_auth_sta_wpa_version() argument
4705 if (!sm) in wpa_auth_sta_wpa_version()
4707 return sm->wpa; in wpa_auth_sta_wpa_version()
4711 int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm) in wpa_auth_sta_ft_tk_already_set() argument
4713 if (!sm || !wpa_key_mgmt_ft(sm->wpa_key_mgmt)) in wpa_auth_sta_ft_tk_already_set()
4715 return sm->tk_already_set; in wpa_auth_sta_ft_tk_already_set()
4719 int wpa_auth_sta_fils_tk_already_set(struct wpa_state_machine *sm) in wpa_auth_sta_fils_tk_already_set() argument
4721 if (!sm || !wpa_key_mgmt_fils(sm->wpa_key_mgmt)) in wpa_auth_sta_fils_tk_already_set()
4723 return sm->tk_already_set; in wpa_auth_sta_fils_tk_already_set()
4727 int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm, in wpa_auth_sta_clear_pmksa() argument
4730 if (!sm || sm->pmksa != entry) in wpa_auth_sta_clear_pmksa()
4732 sm->pmksa = NULL; in wpa_auth_sta_clear_pmksa()
4738 wpa_auth_sta_get_pmksa(struct wpa_state_machine *sm) in wpa_auth_sta_get_pmksa() argument
4740 return sm ? sm->pmksa : NULL; in wpa_auth_sta_get_pmksa()
4744 void wpa_auth_sta_local_mic_failure_report(struct wpa_state_machine *sm) in wpa_auth_sta_local_mic_failure_report() argument
4746 if (sm) in wpa_auth_sta_local_mic_failure_report()
4747 sm->dot11RSNAStatsTKIPLocalMICFailures++; in wpa_auth_sta_local_mic_failure_report()
4760 int wpa_auth_pmksa_add(struct wpa_state_machine *sm, const u8 *pmk, in wpa_auth_pmksa_add() argument
4764 if (!sm || sm->wpa != WPA_VERSION_WPA2 || in wpa_auth_pmksa_add()
4765 sm->wpa_auth->conf.disable_pmksa_caching) in wpa_auth_pmksa_add()
4769 if (pmk_len >= 2 * PMK_LEN && wpa_key_mgmt_ft(sm->wpa_key_mgmt) && in wpa_auth_pmksa_add()
4770 wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt) && in wpa_auth_pmksa_add()
4771 !wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) { in wpa_auth_pmksa_add()
4777 if (wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) { in wpa_auth_pmksa_add()
4785 if (pmksa_cache_auth_add(sm->wpa_auth->pmksa, pmk, pmk_len, NULL, in wpa_auth_pmksa_add()
4786 sm->PTK.kck, sm->PTK.kck_len, in wpa_auth_pmksa_add()
4787 sm->wpa_auth->addr, sm->addr, session_timeout, in wpa_auth_pmksa_add()
4788 eapol, sm->wpa_key_mgmt)) in wpa_auth_pmksa_add()
4832 void wpa_auth_add_sae_pmkid(struct wpa_state_machine *sm, const u8 *pmkid) in wpa_auth_add_sae_pmkid() argument
4834 os_memcpy(sm->pmkid, pmkid, PMKID_LEN); in wpa_auth_add_sae_pmkid()
4835 sm->pmkid_set = 1; in wpa_auth_add_sae_pmkid()
4951 struct wpa_state_machine *sm, in wpa_auth_pmksa_set_to_sm() argument
4955 if (!sm) in wpa_auth_pmksa_set_to_sm()
4958 sm->pmksa = pmksa; in wpa_auth_pmksa_set_to_sm()
5135 int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id) in wpa_auth_sta_set_vlan() argument
5139 if (!sm || !sm->wpa_auth) in wpa_auth_sta_set_vlan()
5142 group = sm->wpa_auth->group; in wpa_auth_sta_set_vlan()
5150 group = wpa_auth_add_group(sm->wpa_auth, vlan_id); in wpa_auth_sta_set_vlan()
5155 if (sm->group == group) in wpa_auth_sta_set_vlan()
5163 MAC2STR(sm->addr), vlan_id); in wpa_auth_sta_set_vlan()
5165 wpa_group_get(sm->wpa_auth, group); in wpa_auth_sta_set_vlan()
5166 wpa_group_put(sm->wpa_auth, sm->group); in wpa_auth_sta_set_vlan()
5167 sm->group = group; in wpa_auth_sta_set_vlan()
5174 struct wpa_state_machine *sm, int ack) in wpa_auth_eapol_key_tx_status() argument
5176 if (!wpa_auth || !sm) in wpa_auth_eapol_key_tx_status()
5179 " ack=%d", MAC2STR(sm->addr), ack); in wpa_auth_eapol_key_tx_status()
5180 if (sm->pending_1_of_4_timeout && ack) { in wpa_auth_eapol_key_tx_status()
5195 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm); in wpa_auth_eapol_key_tx_status()
5198 wpa_send_eapol_timeout, wpa_auth, sm); in wpa_auth_eapol_key_tx_status()
5202 if (sm->eapol_status_cb) { in wpa_auth_eapol_key_tx_status()
5203 sm->eapol_status_cb(sm->eapol_status_cb_ctx1, in wpa_auth_eapol_key_tx_status()
5204 sm->eapol_status_cb_ctx2); in wpa_auth_eapol_key_tx_status()
5205 sm->eapol_status_cb = NULL; in wpa_auth_eapol_key_tx_status()
5211 int wpa_auth_uses_sae(struct wpa_state_machine *sm) in wpa_auth_uses_sae() argument
5213 if (!sm) in wpa_auth_uses_sae()
5215 return wpa_key_mgmt_sae(sm->wpa_key_mgmt); in wpa_auth_uses_sae()
5219 int wpa_auth_uses_ft_sae(struct wpa_state_machine *sm) in wpa_auth_uses_ft_sae() argument
5221 if (!sm) in wpa_auth_uses_ft_sae()
5223 return sm->wpa_key_mgmt == WPA_KEY_MGMT_FT_SAE; in wpa_auth_uses_ft_sae()
5228 int wpa_auth_get_ip_addr(struct wpa_state_machine *sm, u8 *addr) in wpa_auth_get_ip_addr() argument
5230 if (!sm || WPA_GET_BE32(sm->ip_addr) == 0) in wpa_auth_get_ip_addr()
5232 os_memcpy(addr, sm->ip_addr, 4); in wpa_auth_get_ip_addr()
5311 void wpa_auth_get_fils_aead_params(struct wpa_state_machine *sm, in wpa_auth_get_fils_aead_params() argument
5315 os_memcpy(fils_anonce, sm->ANonce, WPA_NONCE_LEN); in wpa_auth_get_fils_aead_params()
5316 os_memcpy(fils_snonce, sm->SNonce, WPA_NONCE_LEN); in wpa_auth_get_fils_aead_params()
5317 os_memcpy(fils_kek, sm->PTK.kek, WPA_KEK_MAX_LEN); in wpa_auth_get_fils_aead_params()
5318 *fils_kek_len = sm->PTK.kek_len; in wpa_auth_get_fils_aead_params()
5322 void wpa_auth_add_fils_pmk_pmkid(struct wpa_state_machine *sm, const u8 *pmk, in wpa_auth_add_fils_pmk_pmkid() argument
5325 os_memcpy(sm->PMK, pmk, pmk_len); in wpa_auth_add_fils_pmk_pmkid()
5326 sm->pmk_len = pmk_len; in wpa_auth_add_fils_pmk_pmkid()
5327 os_memcpy(sm->pmkid, pmkid, PMKID_LEN); in wpa_auth_add_fils_pmk_pmkid()
5328 sm->pmkid_set = 1; in wpa_auth_add_fils_pmk_pmkid()
5334 void wpa_auth_set_auth_alg(struct wpa_state_machine *sm, u16 auth_alg) in wpa_auth_set_auth_alg() argument
5336 if (sm) in wpa_auth_set_auth_alg()
5337 sm->auth_alg = auth_alg; in wpa_auth_set_auth_alg()
5342 void wpa_auth_set_dpp_z(struct wpa_state_machine *sm, const struct wpabuf *z) in wpa_auth_set_dpp_z() argument
5344 if (sm) { in wpa_auth_set_dpp_z()
5345 wpabuf_clear_free(sm->dpp_z); in wpa_auth_set_dpp_z()
5346 sm->dpp_z = z ? wpabuf_dup(z) : NULL; in wpa_auth_set_dpp_z()
5362 int wpa_auth_resend_m1(struct wpa_state_machine *sm, int change_anonce, in wpa_auth_resend_m1() argument
5366 const u8 *anonce = sm->ANonce; in wpa_auth_resend_m1()
5375 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_auth_resend_m1()
5377 wpa_send_eapol(sm->wpa_auth, sm, in wpa_auth_resend_m1()
5384 int wpa_auth_resend_m3(struct wpa_state_machine *sm, in wpa_auth_resend_m3() argument
5391 struct wpa_auth_config *conf = &sm->wpa_auth->conf; in wpa_auth_resend_m3()
5392 struct wpa_group *gsm = sm->group; in wpa_auth_resend_m3()
5404 wpa_ie = sm->wpa_auth->wpa_ie; in wpa_auth_resend_m3()
5405 wpa_ie_len = sm->wpa_auth->wpa_ie_len; in wpa_auth_resend_m3()
5406 if (sm->wpa == WPA_VERSION_WPA && in wpa_auth_resend_m3()
5407 (sm->wpa_auth->conf.wpa & WPA_PROTO_RSN) && in wpa_auth_resend_m3()
5417 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_auth_resend_m3()
5419 if (sm->wpa == WPA_VERSION_WPA2) { in wpa_auth_resend_m3()
5433 if (sm->rx_eapol_key_secure) { in wpa_auth_resend_m3()
5442 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_auth_resend_m3()
5448 kde_len = wpa_ie_len + ieee80211w_kde_len(sm) + ocv_oci_len(sm); in wpa_auth_resend_m3()
5450 if (sm->use_ext_key_id) in wpa_auth_resend_m3()
5456 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { in wpa_auth_resend_m3()
5469 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { in wpa_auth_resend_m3()
5474 res = wpa_insert_pmkid(kde, &elen, sm->pmk_r1_name); in wpa_auth_resend_m3()
5487 if (sm->use_ext_key_id) { in wpa_auth_resend_m3()
5488 hdr[0] = sm->keyidx_active & 0x01; in wpa_auth_resend_m3()
5498 pos = ieee80211w_kde_add(sm, pos); in wpa_auth_resend_m3()
5504 if (ocv_oci_add(sm, &pos, conf->oci_freq_override_eapol_m3) < 0) { in wpa_auth_resend_m3()
5510 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { in wpa_auth_resend_m3()
5513 if (sm->assoc_resp_ftie && in wpa_auth_resend_m3()
5514 kde + kde_len - pos >= 2 + sm->assoc_resp_ftie[1]) { in wpa_auth_resend_m3()
5515 os_memcpy(pos, sm->assoc_resp_ftie, in wpa_auth_resend_m3()
5516 2 + sm->assoc_resp_ftie[1]); in wpa_auth_resend_m3()
5517 res = 2 + sm->assoc_resp_ftie[1]; in wpa_auth_resend_m3()
5519 int use_sha384 = wpa_key_mgmt_sha384(sm->wpa_key_mgmt); in wpa_auth_resend_m3()
5552 wpa_send_eapol(sm->wpa_auth, sm, in wpa_auth_resend_m3()
5554 (wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len) ? in wpa_auth_resend_m3()
5558 _rsc, sm->ANonce, kde, pos - kde, 0, encr); in wpa_auth_resend_m3()
5564 int wpa_auth_resend_group_m1(struct wpa_state_machine *sm, in wpa_auth_resend_group_m1() argument
5569 struct wpa_auth_config *conf = &sm->wpa_auth->conf; in wpa_auth_resend_group_m1()
5570 struct wpa_group *gsm = sm->group; in wpa_auth_resend_group_m1()
5580 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_auth_resend_group_m1()
5584 if (sm->wpa == WPA_VERSION_WPA2) { in wpa_auth_resend_group_m1()
5586 ieee80211w_kde_len(sm) + ocv_oci_len(sm); in wpa_auth_resend_group_m1()
5597 pos = ieee80211w_kde_add(sm, pos); in wpa_auth_resend_group_m1()
5604 if (ocv_oci_add(sm, &pos, in wpa_auth_resend_group_m1()
5615 sm->eapol_status_cb = cb; in wpa_auth_resend_group_m1()
5616 sm->eapol_status_cb_ctx1 = ctx1; in wpa_auth_resend_group_m1()
5617 sm->eapol_status_cb_ctx2 = ctx2; in wpa_auth_resend_group_m1()
5619 wpa_send_eapol(sm->wpa_auth, sm, in wpa_auth_resend_group_m1()
5621 (wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len) ? in wpa_auth_resend_group_m1()
5624 (!sm->Pair ? WPA_KEY_INFO_INSTALL : 0), in wpa_auth_resend_group_m1()