1 /*
2 * Wi-Fi Protected Setup
3 * Copyright (c) 2007-2016, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #ifndef WPS_H
10 #define WPS_H
11
12 #include "common/ieee802_11_defs.h"
13 #include "wps_defs.h"
14
15 /**
16 * enum wsc_op_code - EAP-WSC OP-Code values
17 */
18 enum wsc_op_code {
19 WSC_UPnP = 0 /* No OP Code in UPnP transport */,
20 WSC_Start = 0x01,
21 WSC_ACK = 0x02,
22 WSC_NACK = 0x03,
23 WSC_MSG = 0x04,
24 WSC_Done = 0x05,
25 WSC_FRAG_ACK = 0x06
26 };
27
28 struct wps_registrar;
29 struct upnp_wps_device_sm;
30 struct wps_er;
31 struct wps_parse_attr;
32
33 /**
34 * struct wps_credential - WPS Credential
35 * @ssid: SSID
36 * @ssid_len: Length of SSID
37 * @auth_type: Authentication Type (WPS_AUTH_OPEN, .. flags)
38 * @encr_type: Encryption Type (WPS_ENCR_NONE, .. flags)
39 * @key_idx: Key index
40 * @key: Key
41 * @key_len: Key length in octets
42 * @mac_addr: MAC address of the Credential receiver
43 * @cred_attr: Unparsed Credential attribute data (used only in cred_cb());
44 * this may be %NULL, if not used
45 * @cred_attr_len: Length of cred_attr in octets
46 */
47 struct wps_credential {
48 u8 ssid[SSID_MAX_LEN];
49 size_t ssid_len;
50 u16 auth_type;
51 u16 encr_type;
52 u8 key_idx;
53 u8 key[64];
54 size_t key_len;
55 u8 mac_addr[ETH_ALEN];
56 const u8 *cred_attr;
57 size_t cred_attr_len;
58 };
59
60 #define WPS_DEV_TYPE_LEN 8
61 #define WPS_DEV_TYPE_BUFSIZE 21
62 #define WPS_SEC_DEV_TYPE_MAX_LEN 128
63 /* maximum number of advertised WPS vendor extension attributes */
64 #define MAX_WPS_VENDOR_EXTENSIONS 10
65 /* maximum size of WPS Vendor extension attribute */
66 #define WPS_MAX_VENDOR_EXT_LEN 1024
67 /* maximum number of parsed WPS vendor extension attributes */
68 #define MAX_WPS_PARSE_VENDOR_EXT 10
69
70 /**
71 * struct wps_device_data - WPS Device Data
72 * @mac_addr: Device MAC address
73 * @device_name: Device Name (0..32 octets encoded in UTF-8)
74 * @manufacturer: Manufacturer (0..64 octets encoded in UTF-8)
75 * @model_name: Model Name (0..32 octets encoded in UTF-8)
76 * @model_number: Model Number (0..32 octets encoded in UTF-8)
77 * @serial_number: Serial Number (0..32 octets encoded in UTF-8)
78 * @pri_dev_type: Primary Device Type
79 * @sec_dev_type: Array of secondary device types
80 * @num_sec_dev_type: Number of secondary device types
81 * @os_version: OS Version
82 * @rf_bands: RF bands (WPS_RF_24GHZ, WPS_RF_50GHZ, WPS_RF_60GHZ flags)
83 * @p2p: Whether the device is a P2P device
84 */
85 struct wps_device_data {
86 u8 mac_addr[ETH_ALEN];
87 char *device_name;
88 char *manufacturer;
89 char *model_name;
90 char *model_number;
91 char *serial_number;
92 u8 pri_dev_type[WPS_DEV_TYPE_LEN];
93 #define WPS_SEC_DEVICE_TYPES 5
94 u8 sec_dev_type[WPS_SEC_DEVICE_TYPES][WPS_DEV_TYPE_LEN];
95 u8 num_sec_dev_types;
96 u32 os_version;
97 u8 rf_bands;
98 u16 config_methods;
99 struct wpabuf *vendor_ext_m1;
100 struct wpabuf *vendor_ext[MAX_WPS_VENDOR_EXTENSIONS];
101 struct wpabuf *application_ext;
102
103 int p2p;
104 u8 multi_ap_ext;
105 };
106
107 /**
108 * struct wps_config - WPS configuration for a single registration protocol run
109 */
110 struct wps_config {
111 /**
112 * wps - Pointer to long term WPS context
113 */
114 struct wps_context *wps;
115
116 /**
117 * registrar - Whether this end is a Registrar
118 */
119 int registrar;
120
121 /**
122 * pin - Enrollee Device Password (%NULL for Registrar or PBC)
123 */
124 const u8 *pin;
125
126 /**
127 * pin_len - Length on pin in octets
128 */
129 size_t pin_len;
130
131 /**
132 * pbc - Whether this is protocol run uses PBC
133 */
134 int pbc;
135
136 /**
137 * assoc_wps_ie: (Re)AssocReq WPS IE (in AP; %NULL if not AP)
138 */
139 const struct wpabuf *assoc_wps_ie;
140
141 /**
142 * new_ap_settings - New AP settings (%NULL if not used)
143 *
144 * This parameter provides new AP settings when using a wireless
145 * stations as a Registrar to configure the AP. %NULL means that AP
146 * will not be reconfigured, i.e., the station will only learn the
147 * current AP settings by using AP PIN.
148 */
149 const struct wps_credential *new_ap_settings;
150
151 /**
152 * peer_addr: MAC address of the peer in AP; %NULL if not AP
153 */
154 const u8 *peer_addr;
155
156 /**
157 * use_psk_key - Use PSK format key in Credential
158 *
159 * Force PSK format to be used instead of ASCII passphrase when
160 * building Credential for an Enrollee. The PSK value is set in
161 * struct wpa_context::psk.
162 */
163 int use_psk_key;
164
165 /**
166 * dev_pw_id - Device Password ID for Enrollee when PIN is used
167 */
168 u16 dev_pw_id;
169
170 /**
171 * p2p_dev_addr - P2P Device Address from (Re)Association Request
172 *
173 * On AP/GO, this is set to the P2P Device Address of the associating
174 * P2P client if a P2P IE is included in the (Re)Association Request
175 * frame and the P2P Device Address is included. Otherwise, this is set
176 * to %NULL to indicate the station does not have a P2P Device Address.
177 */
178 const u8 *p2p_dev_addr;
179
180 /**
181 * pbc_in_m1 - Do not remove PushButton config method in M1 (AP)
182 *
183 * This can be used to enable a workaround to allow Windows 7 to use
184 * PBC with the AP.
185 */
186 int pbc_in_m1;
187
188 /**
189 * peer_pubkey_hash - Peer public key hash or %NULL if not known
190 */
191 const u8 *peer_pubkey_hash;
192
193 /**
194 * multi_ap_backhaul_sta - Whether this is a Multi-AP backhaul STA
195 * enrollee
196 */
197 int multi_ap_backhaul_sta;
198 };
199
200 struct wps_data * wps_init(const struct wps_config *cfg);
201
202 void wps_deinit(struct wps_data *data);
203
204 /**
205 * enum wps_process_res - WPS message processing result
206 */
207 enum wps_process_res {
208 /**
209 * WPS_DONE - Processing done
210 */
211 WPS_DONE,
212
213 /**
214 * WPS_CONTINUE - Processing continues
215 */
216 WPS_CONTINUE,
217
218 /**
219 * WPS_FAILURE - Processing failed
220 */
221 WPS_FAILURE,
222
223 /**
224 * WPS_PENDING - Processing continues, but waiting for an external
225 * event (e.g., UPnP message from an external Registrar)
226 */
227 WPS_PENDING
228 };
229 enum wps_process_res wps_process_msg(struct wps_data *wps,
230 enum wsc_op_code op_code,
231 const struct wpabuf *msg);
232
233 struct wpabuf * wps_get_msg(struct wps_data *wps, enum wsc_op_code *op_code);
234
235 int wps_is_selected_pbc_registrar(const struct wpabuf *msg);
236 int wps_is_selected_pin_registrar(const struct wpabuf *msg);
237 int wps_ap_priority_compar(const struct wpabuf *wps_a,
238 const struct wpabuf *wps_b);
239 int wps_is_addr_authorized(const struct wpabuf *msg, const u8 *addr,
240 int ver1_compat);
241 const u8 * wps_get_uuid_e(const struct wpabuf *msg);
242 int wps_is_20(const struct wpabuf *msg);
243
244 struct wpabuf * wps_build_assoc_req_ie(enum wps_request_type req_type);
245 struct wpabuf * wps_build_assoc_resp_ie(void);
246 struct wpabuf * wps_build_probe_req_ie(u16 pw_id, struct wps_device_data *dev,
247 const u8 *uuid,
248 enum wps_request_type req_type,
249 unsigned int num_req_dev_types,
250 const u8 *req_dev_types);
251
252
253 /**
254 * struct wps_registrar_config - WPS Registrar configuration
255 */
256 struct wps_registrar_config {
257 /**
258 * new_psk_cb - Callback for new PSK
259 * @ctx: Higher layer context data (cb_ctx)
260 * @mac_addr: MAC address of the Enrollee
261 * @p2p_dev_addr: P2P Device Address of the Enrollee or all zeros if not
262 * @psk: The new PSK
263 * @psk_len: The length of psk in octets
264 * Returns: 0 on success, -1 on failure
265 *
266 * This callback is called when a new per-device PSK is provisioned.
267 */
268 int (*new_psk_cb)(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr,
269 const u8 *psk, size_t psk_len);
270
271 /**
272 * set_ie_cb - Callback for WPS IE changes
273 * @ctx: Higher layer context data (cb_ctx)
274 * @beacon_ie: WPS IE for Beacon
275 * @probe_resp_ie: WPS IE for Probe Response
276 * Returns: 0 on success, -1 on failure
277 *
278 * This callback is called whenever the WPS IE in Beacon or Probe
279 * Response frames needs to be changed (AP only). Callee is responsible
280 * for freeing the buffers.
281 */
282 int (*set_ie_cb)(void *ctx, struct wpabuf *beacon_ie,
283 struct wpabuf *probe_resp_ie);
284
285 /**
286 * pin_needed_cb - Callback for requesting a PIN
287 * @ctx: Higher layer context data (cb_ctx)
288 * @uuid_e: UUID-E of the unknown Enrollee
289 * @dev: Device Data from the unknown Enrollee
290 *
291 * This callback is called whenever an unknown Enrollee requests to use
292 * PIN method and a matching PIN (Device Password) is not found in
293 * Registrar data.
294 */
295 void (*pin_needed_cb)(void *ctx, const u8 *uuid_e,
296 const struct wps_device_data *dev);
297
298 /**
299 * reg_success_cb - Callback for reporting successful registration
300 * @ctx: Higher layer context data (cb_ctx)
301 * @mac_addr: MAC address of the Enrollee
302 * @uuid_e: UUID-E of the Enrollee
303 * @dev_pw: Device Password (PIN) used during registration
304 * @dev_pw_len: Length of dev_pw in octets
305 *
306 * This callback is called whenever an Enrollee completes registration
307 * successfully.
308 */
309 void (*reg_success_cb)(void *ctx, const u8 *mac_addr,
310 const u8 *uuid_e, const u8 *dev_pw,
311 size_t dev_pw_len);
312
313 /**
314 * set_sel_reg_cb - Callback for reporting selected registrar changes
315 * @ctx: Higher layer context data (cb_ctx)
316 * @sel_reg: Whether the Registrar is selected
317 * @dev_passwd_id: Device Password ID to indicate with method or
318 * specific password the Registrar intends to use
319 * @sel_reg_config_methods: Bit field of active config methods
320 *
321 * This callback is called whenever the Selected Registrar state
322 * changes (e.g., a new PIN becomes available or PBC is invoked). This
323 * callback is only used by External Registrar implementation;
324 * set_ie_cb() is used by AP implementation in similar caes, but it
325 * provides the full WPS IE data instead of just the minimal Registrar
326 * state information.
327 */
328 void (*set_sel_reg_cb)(void *ctx, int sel_reg, u16 dev_passwd_id,
329 u16 sel_reg_config_methods);
330
331 /**
332 * enrollee_seen_cb - Callback for reporting Enrollee based on ProbeReq
333 * @ctx: Higher layer context data (cb_ctx)
334 * @addr: MAC address of the Enrollee
335 * @uuid_e: UUID of the Enrollee
336 * @pri_dev_type: Primary device type
337 * @config_methods: Config Methods
338 * @dev_password_id: Device Password ID
339 * @request_type: Request Type
340 * @dev_name: Device Name (if available)
341 */
342 void (*enrollee_seen_cb)(void *ctx, const u8 *addr, const u8 *uuid_e,
343 const u8 *pri_dev_type, u16 config_methods,
344 u16 dev_password_id, u8 request_type,
345 const char *dev_name);
346
347 /**
348 * lookup_pskfile_cb - Callback for searching for PSK in wpa_psk_file
349 * @ctx: Higher layer context data (cb_ctx)
350 * @addr: Enrollee's MAC address
351 * @psk: Pointer to found PSK (output arg)
352 */
353 int (*lookup_pskfile_cb)(void *ctx, const u8 *mac_addr, const u8 **psk);
354
355 /**
356 * cb_ctx: Higher layer context data for Registrar callbacks
357 */
358 void *cb_ctx;
359
360 /**
361 * skip_cred_build: Do not build credential
362 *
363 * This option can be used to disable internal code that builds
364 * Credential attribute into M8 based on the current network
365 * configuration and Enrollee capabilities. The extra_cred data will
366 * then be used as the Credential(s).
367 */
368 int skip_cred_build;
369
370 /**
371 * extra_cred: Additional Credential attribute(s)
372 *
373 * This optional data (set to %NULL to disable) can be used to add
374 * Credential attribute(s) for other networks into M8. If
375 * skip_cred_build is set, this will also override the automatically
376 * generated Credential attribute.
377 */
378 const u8 *extra_cred;
379
380 /**
381 * extra_cred_len: Length of extra_cred in octets
382 */
383 size_t extra_cred_len;
384
385 /**
386 * disable_auto_conf - Disable auto-configuration on first registration
387 *
388 * By default, the AP that is started in not configured state will
389 * generate a random PSK and move to configured state when the first
390 * registration protocol run is completed successfully. This option can
391 * be used to disable this functionality and leave it up to an external
392 * program to take care of configuration. This requires the extra_cred
393 * to be set with a suitable Credential and skip_cred_build being used.
394 */
395 int disable_auto_conf;
396
397 /**
398 * dualband - Whether this is a concurrent dualband AP
399 */
400 int dualband;
401
402 /**
403 * force_per_enrollee_psk - Force per-Enrollee random PSK
404 *
405 * This forces per-Enrollee random PSK to be generated even if a default
406 * PSK is set for a network.
407 */
408 int force_per_enrollee_psk;
409
410 /**
411 * multi_ap_backhaul_ssid - SSID to supply to a Multi-AP backhaul
412 * enrollee
413 *
414 * This SSID is used by the Registrar to fill in information for
415 * Credentials when the enrollee advertises it is a Multi-AP backhaul
416 * STA.
417 */
418 const u8 *multi_ap_backhaul_ssid;
419
420 /**
421 * multi_ap_backhaul_ssid_len - Length of multi_ap_backhaul_ssid in
422 * octets
423 */
424 size_t multi_ap_backhaul_ssid_len;
425
426 /**
427 * multi_ap_backhaul_network_key - The Network Key (PSK) for the
428 * Multi-AP backhaul enrollee.
429 *
430 * This key can be either the ASCII passphrase (8..63 characters) or the
431 * 32-octet PSK (64 hex characters).
432 */
433 const u8 *multi_ap_backhaul_network_key;
434
435 /**
436 * multi_ap_backhaul_network_key_len - Length of
437 * multi_ap_backhaul_network_key in octets
438 */
439 size_t multi_ap_backhaul_network_key_len;
440 };
441
442
443 /**
444 * enum wps_event - WPS event types
445 */
446 enum wps_event {
447 /**
448 * WPS_EV_M2D - M2D received (Registrar did not know us)
449 */
450 WPS_EV_M2D,
451
452 /**
453 * WPS_EV_FAIL - Registration failed
454 */
455 WPS_EV_FAIL,
456
457 /**
458 * WPS_EV_SUCCESS - Registration succeeded
459 */
460 WPS_EV_SUCCESS,
461
462 /**
463 * WPS_EV_PWD_AUTH_FAIL - Password authentication failed
464 */
465 WPS_EV_PWD_AUTH_FAIL,
466
467 /**
468 * WPS_EV_PBC_OVERLAP - PBC session overlap detected
469 */
470 WPS_EV_PBC_OVERLAP,
471
472 /**
473 * WPS_EV_PBC_TIMEOUT - PBC walktime expired before protocol run start
474 */
475 WPS_EV_PBC_TIMEOUT,
476
477 /**
478 * WPS_EV_PBC_ACTIVE - PBC mode was activated
479 */
480 WPS_EV_PBC_ACTIVE,
481
482 /**
483 * WPS_EV_PBC_DISABLE - PBC mode was disabled
484 */
485 WPS_EV_PBC_DISABLE,
486
487 /**
488 * WPS_EV_ER_AP_ADD - ER: AP added
489 */
490 WPS_EV_ER_AP_ADD,
491
492 /**
493 * WPS_EV_ER_AP_REMOVE - ER: AP removed
494 */
495 WPS_EV_ER_AP_REMOVE,
496
497 /**
498 * WPS_EV_ER_ENROLLEE_ADD - ER: Enrollee added
499 */
500 WPS_EV_ER_ENROLLEE_ADD,
501
502 /**
503 * WPS_EV_ER_ENROLLEE_REMOVE - ER: Enrollee removed
504 */
505 WPS_EV_ER_ENROLLEE_REMOVE,
506
507 /**
508 * WPS_EV_ER_AP_SETTINGS - ER: AP Settings learned
509 */
510 WPS_EV_ER_AP_SETTINGS,
511
512 /**
513 * WPS_EV_ER_SET_SELECTED_REGISTRAR - ER: SetSelectedRegistrar event
514 */
515 WPS_EV_ER_SET_SELECTED_REGISTRAR,
516
517 /**
518 * WPS_EV_AP_PIN_SUCCESS - External Registrar used correct AP PIN
519 */
520 WPS_EV_AP_PIN_SUCCESS
521 };
522
523 /**
524 * union wps_event_data - WPS event data
525 */
526 union wps_event_data {
527 /**
528 * struct wps_event_m2d - M2D event data
529 */
530 struct wps_event_m2d {
531 u16 config_methods;
532 const u8 *manufacturer;
533 size_t manufacturer_len;
534 const u8 *model_name;
535 size_t model_name_len;
536 const u8 *model_number;
537 size_t model_number_len;
538 const u8 *serial_number;
539 size_t serial_number_len;
540 const u8 *dev_name;
541 size_t dev_name_len;
542 const u8 *primary_dev_type; /* 8 octets */
543 u16 config_error;
544 u16 dev_password_id;
545 } m2d;
546
547 /**
548 * struct wps_event_fail - Registration failure information
549 * @msg: enum wps_msg_type
550 */
551 struct wps_event_fail {
552 int msg;
553 u16 config_error;
554 u16 error_indication;
555 u8 peer_macaddr[ETH_ALEN];
556 } fail;
557
558 struct wps_event_success {
559 u8 peer_macaddr[ETH_ALEN];
560 } success;
561
562 struct wps_event_pwd_auth_fail {
563 int enrollee;
564 int part;
565 u8 peer_macaddr[ETH_ALEN];
566 } pwd_auth_fail;
567
568 struct wps_event_er_ap {
569 const u8 *uuid;
570 const u8 *mac_addr;
571 const char *friendly_name;
572 const char *manufacturer;
573 const char *manufacturer_url;
574 const char *model_description;
575 const char *model_name;
576 const char *model_number;
577 const char *model_url;
578 const char *serial_number;
579 const char *upc;
580 const u8 *pri_dev_type;
581 u8 wps_state;
582 } ap;
583
584 struct wps_event_er_enrollee {
585 const u8 *uuid;
586 const u8 *mac_addr;
587 int m1_received;
588 u16 config_methods;
589 u16 dev_passwd_id;
590 const u8 *pri_dev_type;
591 const char *dev_name;
592 const char *manufacturer;
593 const char *model_name;
594 const char *model_number;
595 const char *serial_number;
596 } enrollee;
597
598 struct wps_event_er_ap_settings {
599 const u8 *uuid;
600 const struct wps_credential *cred;
601 } ap_settings;
602
603 struct wps_event_er_set_selected_registrar {
604 const u8 *uuid;
605 int sel_reg;
606 u16 dev_passwd_id;
607 u16 sel_reg_config_methods;
608 enum {
609 WPS_ER_SET_SEL_REG_START,
610 WPS_ER_SET_SEL_REG_DONE,
611 WPS_ER_SET_SEL_REG_FAILED
612 } state;
613 } set_sel_reg;
614 };
615
616 /**
617 * struct upnp_pending_message - Pending PutWLANResponse messages
618 * @next: Pointer to next pending message or %NULL
619 * @addr: NewWLANEventMAC
620 * @msg: NewMessage
621 * @type: Message Type
622 */
623 struct upnp_pending_message {
624 struct upnp_pending_message *next;
625 u8 addr[ETH_ALEN];
626 struct wpabuf *msg;
627 enum wps_msg_type type;
628 };
629
630 /**
631 * struct wps_context - Long term WPS context data
632 *
633 * This data is stored at the higher layer Authenticator or Supplicant data
634 * structures and it is maintained over multiple registration protocol runs.
635 */
636 struct wps_context {
637 /**
638 * ap - Whether the local end is an access point
639 */
640 int ap;
641
642 /**
643 * registrar - Pointer to WPS registrar data from wps_registrar_init()
644 */
645 struct wps_registrar *registrar;
646
647 /**
648 * wps_state - Current WPS state
649 */
650 enum wps_state wps_state;
651
652 /**
653 * ap_setup_locked - Whether AP setup is locked (only used at AP)
654 */
655 int ap_setup_locked;
656
657 /**
658 * uuid - Own UUID
659 */
660 u8 uuid[16];
661
662 /**
663 * ssid - SSID
664 *
665 * This SSID is used by the Registrar to fill in information for
666 * Credentials. In addition, AP uses it when acting as an Enrollee to
667 * notify Registrar of the current configuration.
668 */
669 u8 ssid[SSID_MAX_LEN];
670
671 /**
672 * ssid_len - Length of ssid in octets
673 */
674 size_t ssid_len;
675
676 /**
677 * dev - Own WPS device data
678 */
679 struct wps_device_data dev;
680
681 /**
682 * dh_ctx - Context data for Diffie-Hellman operation
683 */
684 void *dh_ctx;
685
686 /**
687 * dh_privkey - Diffie-Hellman private key
688 */
689 struct wpabuf *dh_privkey;
690
691 /**
692 * dh_pubkey_oob - Diffie-Hellman public key
693 */
694 struct wpabuf *dh_pubkey;
695
696 /**
697 * config_methods - Enabled configuration methods
698 *
699 * Bit field of WPS_CONFIG_*
700 */
701 u16 config_methods;
702
703 /**
704 * encr_types - Enabled encryption types (bit field of WPS_ENCR_*)
705 */
706 u16 encr_types;
707
708 /**
709 * encr_types_rsn - Enabled encryption types for RSN (WPS_ENCR_*)
710 */
711 u16 encr_types_rsn;
712
713 /**
714 * encr_types_wpa - Enabled encryption types for WPA (WPS_ENCR_*)
715 */
716 u16 encr_types_wpa;
717
718 /**
719 * auth_types - Authentication types (bit field of WPS_AUTH_*)
720 */
721 u16 auth_types;
722
723 /**
724 * encr_types - Current AP encryption type (WPS_ENCR_*)
725 */
726 u16 ap_encr_type;
727
728 /**
729 * ap_auth_type - Current AP authentication types (WPS_AUTH_*)
730 */
731 u16 ap_auth_type;
732
733 /**
734 * network_key - The current Network Key (PSK) or %NULL to generate new
735 *
736 * If %NULL, Registrar will generate per-device PSK. In addition, AP
737 * uses this when acting as an Enrollee to notify Registrar of the
738 * current configuration.
739 *
740 * When using WPA/WPA2-Personal, this key can be either the ASCII
741 * passphrase (8..63 characters) or the 32-octet PSK (64 hex
742 * characters). When this is set to the ASCII passphrase, the PSK can
743 * be provided in the psk buffer and used per-Enrollee to control which
744 * key type is included in the Credential (e.g., to reduce calculation
745 * need on low-powered devices by provisioning PSK while still allowing
746 * other devices to get the passphrase).
747 */
748 u8 *network_key;
749
750 /**
751 * network_key_len - Length of network_key in octets
752 */
753 size_t network_key_len;
754
755 /**
756 * psk - The current network PSK
757 *
758 * This optional value can be used to provide the current PSK if
759 * network_key is set to the ASCII passphrase.
760 */
761 u8 psk[32];
762
763 /**
764 * psk_set - Whether psk value is set
765 */
766 int psk_set;
767
768 /**
769 * ap_settings - AP Settings override for M7 (only used at AP)
770 *
771 * If %NULL, AP Settings attributes will be generated based on the
772 * current network configuration.
773 */
774 u8 *ap_settings;
775
776 /**
777 * ap_settings_len - Length of ap_settings in octets
778 */
779 size_t ap_settings_len;
780
781 /**
782 * friendly_name - Friendly Name (required for UPnP)
783 */
784 char *friendly_name;
785
786 /**
787 * manufacturer_url - Manufacturer URL (optional for UPnP)
788 */
789 char *manufacturer_url;
790
791 /**
792 * model_description - Model Description (recommended for UPnP)
793 */
794 char *model_description;
795
796 /**
797 * model_url - Model URL (optional for UPnP)
798 */
799 char *model_url;
800
801 /**
802 * upc - Universal Product Code (optional for UPnP)
803 */
804 char *upc;
805
806 /**
807 * cred_cb - Callback to notify that new Credentials were received
808 * @ctx: Higher layer context data (cb_ctx)
809 * @cred: The received Credential
810 * Return: 0 on success, -1 on failure
811 */
812 int (*cred_cb)(void *ctx, const struct wps_credential *cred);
813
814 /**
815 * event_cb - Event callback (state information about progress)
816 * @ctx: Higher layer context data (cb_ctx)
817 * @event: Event type
818 * @data: Event data
819 */
820 void (*event_cb)(void *ctx, enum wps_event event,
821 union wps_event_data *data);
822
823 /**
824 * rf_band_cb - Fetch currently used RF band
825 * @ctx: Higher layer context data (cb_ctx)
826 * Return: Current used RF band or 0 if not known
827 */
828 int (*rf_band_cb)(void *ctx);
829
830 /**
831 * cb_ctx: Higher layer context data for callbacks
832 */
833 void *cb_ctx;
834
835 struct upnp_wps_device_sm *wps_upnp;
836
837 /* Pending messages from UPnP PutWLANResponse */
838 struct upnp_pending_message *upnp_msgs;
839
840 u16 ap_nfc_dev_pw_id;
841 struct wpabuf *ap_nfc_dh_pubkey;
842 struct wpabuf *ap_nfc_dh_privkey;
843 struct wpabuf *ap_nfc_dev_pw;
844
845 /* Whether to send WPA2-PSK passphrase as a passphrase instead of PSK
846 * for WPA3-Personal transition mode needs. */
847 bool use_passphrase;
848 };
849
850 struct wps_registrar *
851 wps_registrar_init(struct wps_context *wps,
852 const struct wps_registrar_config *cfg);
853 void wps_registrar_deinit(struct wps_registrar *reg);
854 int wps_registrar_add_pin(struct wps_registrar *reg, const u8 *addr,
855 const u8 *uuid, const u8 *pin, size_t pin_len,
856 int timeout);
857 int wps_registrar_invalidate_pin(struct wps_registrar *reg, const u8 *uuid);
858 int wps_registrar_wps_cancel(struct wps_registrar *reg);
859 int wps_registrar_unlock_pin(struct wps_registrar *reg, const u8 *uuid);
860 int wps_registrar_button_pushed(struct wps_registrar *reg,
861 const u8 *p2p_dev_addr);
862 void wps_registrar_complete(struct wps_registrar *registrar, const u8 *uuid_e,
863 const u8 *dev_pw, size_t dev_pw_len);
864 void wps_registrar_probe_req_rx(struct wps_registrar *reg, const u8 *addr,
865 const struct wpabuf *wps_data,
866 int p2p_wildcard);
867 int wps_registrar_update_ie(struct wps_registrar *reg);
868 int wps_registrar_get_info(struct wps_registrar *reg, const u8 *addr,
869 char *buf, size_t buflen);
870 int wps_registrar_config_ap(struct wps_registrar *reg,
871 struct wps_credential *cred);
872 int wps_registrar_add_nfc_pw_token(struct wps_registrar *reg,
873 const u8 *pubkey_hash, u16 pw_id,
874 const u8 *dev_pw, size_t dev_pw_len,
875 int pk_hash_provided_oob);
876 int wps_registrar_add_nfc_password_token(struct wps_registrar *reg,
877 const u8 *oob_dev_pw,
878 size_t oob_dev_pw_len);
879 void wps_registrar_flush(struct wps_registrar *reg);
880 int wps_registrar_update_multi_ap(struct wps_registrar *reg,
881 const u8 *multi_ap_backhaul_ssid,
882 size_t multi_ap_backhaul_ssid_len,
883 const u8 *multi_ap_backhaul_network_key,
884 size_t multi_ap_backhaul_network_key_len);
885
886 int wps_build_credential_wrap(struct wpabuf *msg,
887 const struct wps_credential *cred);
888
889 unsigned int wps_pin_checksum(unsigned int pin);
890 unsigned int wps_pin_valid(unsigned int pin);
891 int wps_generate_pin(unsigned int *pin);
892 int wps_pin_str_valid(const char *pin);
893 void wps_free_pending_msgs(struct upnp_pending_message *msgs);
894
895 struct wpabuf * wps_get_oob_cred(struct wps_context *wps, int rf_band,
896 int channel);
897 int wps_oob_use_cred(struct wps_context *wps, struct wps_parse_attr *attr);
898 int wps_attr_text(struct wpabuf *data, char *buf, char *end);
899 const char * wps_ei_str(enum wps_error_indication ei);
900
901 struct wps_er * wps_er_init(struct wps_context *wps, const char *ifname,
902 const char *filter);
903 void wps_er_refresh(struct wps_er *er);
904 void wps_er_deinit(struct wps_er *er, void (*cb)(void *ctx), void *ctx);
905 void wps_er_set_sel_reg(struct wps_er *er, int sel_reg, u16 dev_passwd_id,
906 u16 sel_reg_config_methods);
907 int wps_er_pbc(struct wps_er *er, const u8 *uuid, const u8 *addr);
908 const u8 * wps_er_get_sta_uuid(struct wps_er *er, const u8 *addr);
909 int wps_er_learn(struct wps_er *er, const u8 *uuid, const u8 *addr,
910 const u8 *pin, size_t pin_len);
911 int wps_er_set_config(struct wps_er *er, const u8 *uuid, const u8 *addr,
912 const struct wps_credential *cred);
913 int wps_er_config(struct wps_er *er, const u8 *uuid, const u8 *addr,
914 const u8 *pin, size_t pin_len,
915 const struct wps_credential *cred);
916 struct wpabuf * wps_er_config_token_from_cred(struct wps_context *wps,
917 struct wps_credential *cred);
918 struct wpabuf * wps_er_nfc_config_token(struct wps_er *er, const u8 *uuid,
919 const u8 *addr);
920 struct wpabuf * wps_er_nfc_handover_sel(struct wps_er *er,
921 struct wps_context *wps, const u8 *uuid,
922 const u8 *addr, struct wpabuf *pubkey);
923
924 int wps_dev_type_str2bin(const char *str, u8 dev_type[WPS_DEV_TYPE_LEN]);
925 char * wps_dev_type_bin2str(const u8 dev_type[WPS_DEV_TYPE_LEN], char *buf,
926 size_t buf_len);
927 void uuid_gen_mac_addr(const u8 *mac_addr, u8 *uuid);
928 u16 wps_config_methods_str2bin(const char *str);
929 struct wpabuf * wps_build_nfc_pw_token(u16 dev_pw_id,
930 const struct wpabuf *pubkey,
931 const struct wpabuf *dev_pw);
932 struct wpabuf * wps_nfc_token_build(int ndef, int id, struct wpabuf *pubkey,
933 struct wpabuf *dev_pw);
934 int wps_nfc_gen_dh(struct wpabuf **pubkey, struct wpabuf **privkey);
935 struct wpabuf * wps_nfc_token_gen(int ndef, int *id, struct wpabuf **pubkey,
936 struct wpabuf **privkey,
937 struct wpabuf **dev_pw);
938 struct wpabuf * wps_build_nfc_handover_req(struct wps_context *ctx,
939 struct wpabuf *nfc_dh_pubkey);
940 struct wpabuf * wps_build_nfc_handover_sel(struct wps_context *ctx,
941 struct wpabuf *nfc_dh_pubkey,
942 const u8 *bssid, int freq);
943 struct wpabuf * wps_build_nfc_handover_req_p2p(struct wps_context *ctx,
944 struct wpabuf *nfc_dh_pubkey);
945 struct wpabuf * wps_build_nfc_handover_sel_p2p(struct wps_context *ctx,
946 int nfc_dev_pw_id,
947 struct wpabuf *nfc_dh_pubkey,
948 struct wpabuf *nfc_dev_pw);
949
950 /* ndef.c */
951 struct wpabuf * ndef_parse_wifi(const struct wpabuf *buf);
952 struct wpabuf * ndef_build_wifi(const struct wpabuf *buf);
953 struct wpabuf * ndef_parse_p2p(const struct wpabuf *buf);
954 struct wpabuf * ndef_build_p2p(const struct wpabuf *buf);
955
956 #ifdef CONFIG_WPS_STRICT
957 int wps_validate_beacon(const struct wpabuf *wps_ie);
958 int wps_validate_beacon_probe_resp(const struct wpabuf *wps_ie, int probe,
959 const u8 *addr);
960 int wps_validate_probe_req(const struct wpabuf *wps_ie, const u8 *addr);
961 int wps_validate_assoc_req(const struct wpabuf *wps_ie);
962 int wps_validate_assoc_resp(const struct wpabuf *wps_ie);
963 int wps_validate_m1(const struct wpabuf *tlvs);
964 int wps_validate_m2(const struct wpabuf *tlvs);
965 int wps_validate_m2d(const struct wpabuf *tlvs);
966 int wps_validate_m3(const struct wpabuf *tlvs);
967 int wps_validate_m4(const struct wpabuf *tlvs);
968 int wps_validate_m4_encr(const struct wpabuf *tlvs, int wps2);
969 int wps_validate_m5(const struct wpabuf *tlvs);
970 int wps_validate_m5_encr(const struct wpabuf *tlvs, int wps2);
971 int wps_validate_m6(const struct wpabuf *tlvs);
972 int wps_validate_m6_encr(const struct wpabuf *tlvs, int wps2);
973 int wps_validate_m7(const struct wpabuf *tlvs);
974 int wps_validate_m7_encr(const struct wpabuf *tlvs, int ap, int wps2);
975 int wps_validate_m8(const struct wpabuf *tlvs);
976 int wps_validate_m8_encr(const struct wpabuf *tlvs, int ap, int wps2);
977 int wps_validate_wsc_ack(const struct wpabuf *tlvs);
978 int wps_validate_wsc_nack(const struct wpabuf *tlvs);
979 int wps_validate_wsc_done(const struct wpabuf *tlvs);
980 int wps_validate_upnp_set_selected_registrar(const struct wpabuf *tlvs);
981 #else /* CONFIG_WPS_STRICT */
wps_validate_beacon(const struct wpabuf * wps_ie)982 static inline int wps_validate_beacon(const struct wpabuf *wps_ie){
983 return 0;
984 }
985
wps_validate_beacon_probe_resp(const struct wpabuf * wps_ie,int probe,const u8 * addr)986 static inline int wps_validate_beacon_probe_resp(const struct wpabuf *wps_ie,
987 int probe, const u8 *addr)
988 {
989 return 0;
990 }
991
wps_validate_probe_req(const struct wpabuf * wps_ie,const u8 * addr)992 static inline int wps_validate_probe_req(const struct wpabuf *wps_ie,
993 const u8 *addr)
994 {
995 return 0;
996 }
997
wps_validate_assoc_req(const struct wpabuf * wps_ie)998 static inline int wps_validate_assoc_req(const struct wpabuf *wps_ie)
999 {
1000 return 0;
1001 }
1002
wps_validate_assoc_resp(const struct wpabuf * wps_ie)1003 static inline int wps_validate_assoc_resp(const struct wpabuf *wps_ie)
1004 {
1005 return 0;
1006 }
1007
wps_validate_m1(const struct wpabuf * tlvs)1008 static inline int wps_validate_m1(const struct wpabuf *tlvs)
1009 {
1010 return 0;
1011 }
1012
wps_validate_m2(const struct wpabuf * tlvs)1013 static inline int wps_validate_m2(const struct wpabuf *tlvs)
1014 {
1015 return 0;
1016 }
1017
wps_validate_m2d(const struct wpabuf * tlvs)1018 static inline int wps_validate_m2d(const struct wpabuf *tlvs)
1019 {
1020 return 0;
1021 }
1022
wps_validate_m3(const struct wpabuf * tlvs)1023 static inline int wps_validate_m3(const struct wpabuf *tlvs)
1024 {
1025 return 0;
1026 }
1027
wps_validate_m4(const struct wpabuf * tlvs)1028 static inline int wps_validate_m4(const struct wpabuf *tlvs)
1029 {
1030 return 0;
1031 }
1032
wps_validate_m4_encr(const struct wpabuf * tlvs,int wps2)1033 static inline int wps_validate_m4_encr(const struct wpabuf *tlvs, int wps2)
1034 {
1035 return 0;
1036 }
1037
wps_validate_m5(const struct wpabuf * tlvs)1038 static inline int wps_validate_m5(const struct wpabuf *tlvs)
1039 {
1040 return 0;
1041 }
1042
wps_validate_m5_encr(const struct wpabuf * tlvs,int wps2)1043 static inline int wps_validate_m5_encr(const struct wpabuf *tlvs, int wps2)
1044 {
1045 return 0;
1046 }
1047
wps_validate_m6(const struct wpabuf * tlvs)1048 static inline int wps_validate_m6(const struct wpabuf *tlvs)
1049 {
1050 return 0;
1051 }
1052
wps_validate_m6_encr(const struct wpabuf * tlvs,int wps2)1053 static inline int wps_validate_m6_encr(const struct wpabuf *tlvs, int wps2)
1054 {
1055 return 0;
1056 }
1057
wps_validate_m7(const struct wpabuf * tlvs)1058 static inline int wps_validate_m7(const struct wpabuf *tlvs)
1059 {
1060 return 0;
1061 }
1062
wps_validate_m7_encr(const struct wpabuf * tlvs,int ap,int wps2)1063 static inline int wps_validate_m7_encr(const struct wpabuf *tlvs, int ap,
1064 int wps2)
1065 {
1066 return 0;
1067 }
1068
wps_validate_m8(const struct wpabuf * tlvs)1069 static inline int wps_validate_m8(const struct wpabuf *tlvs)
1070 {
1071 return 0;
1072 }
1073
wps_validate_m8_encr(const struct wpabuf * tlvs,int ap,int wps2)1074 static inline int wps_validate_m8_encr(const struct wpabuf *tlvs, int ap,
1075 int wps2)
1076 {
1077 return 0;
1078 }
1079
wps_validate_wsc_ack(const struct wpabuf * tlvs)1080 static inline int wps_validate_wsc_ack(const struct wpabuf *tlvs)
1081 {
1082 return 0;
1083 }
1084
wps_validate_wsc_nack(const struct wpabuf * tlvs)1085 static inline int wps_validate_wsc_nack(const struct wpabuf *tlvs)
1086 {
1087 return 0;
1088 }
1089
wps_validate_wsc_done(const struct wpabuf * tlvs)1090 static inline int wps_validate_wsc_done(const struct wpabuf *tlvs)
1091 {
1092 return 0;
1093 }
1094
wps_validate_upnp_set_selected_registrar(const struct wpabuf * tlvs)1095 static inline int wps_validate_upnp_set_selected_registrar(
1096 const struct wpabuf *tlvs)
1097 {
1098 return 0;
1099 }
1100 #endif /* CONFIG_WPS_STRICT */
1101
1102 #endif /* WPS_H */
1103