1 /*
2 * WPA Supplicant - Sta network Aidl interface
3 * Copyright (c) 2021, Google Inc. All rights reserved.
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "aidl_manager.h"
10 #include "aidl_return_util.h"
11 #include "misc_utils.h"
12 #include "sta_network.h"
13
14 extern "C"
15 {
16 #include "wps_supplicant.h"
17 #include "crypto/tls.h"
18 }
19
20 namespace {
21 using aidl::android::hardware::wifi::supplicant::AuthAlgMask;
22 using aidl::android::hardware::wifi::supplicant::EapMethod;
23 using aidl::android::hardware::wifi::supplicant::EapPhase2Method;
24 using aidl::android::hardware::wifi::supplicant::GroupCipherMask;
25 using aidl::android::hardware::wifi::supplicant::GroupMgmtCipherMask;
26 using aidl::android::hardware::wifi::supplicant::ISupplicantStaNetwork;
27 using aidl::android::hardware::wifi::supplicant::KeyMgmtMask;
28 using aidl::android::hardware::wifi::supplicant::PairwiseCipherMask;
29 using aidl::android::hardware::wifi::supplicant::ProtoMask;
30
31 constexpr uint8_t kZeroBssid[6] = {0, 0, 0, 0, 0, 0};
32
33 constexpr uint32_t kAllowedKeyMgmtMask =
34 (static_cast<uint32_t>(KeyMgmtMask::NONE) |
35 static_cast<uint32_t>(KeyMgmtMask::WPA_PSK) |
36 static_cast<uint32_t>(KeyMgmtMask::WPA_EAP) |
37 static_cast<uint32_t>(KeyMgmtMask::IEEE8021X) |
38 static_cast<uint32_t>(KeyMgmtMask::FT_EAP) |
39 static_cast<uint32_t>(KeyMgmtMask::FT_PSK) |
40 static_cast<uint32_t>(KeyMgmtMask::OSEN) |
41 static_cast<uint32_t>(KeyMgmtMask::SAE) |
42 static_cast<uint32_t>(KeyMgmtMask::SUITE_B_192) |
43 static_cast<uint32_t>(KeyMgmtMask::OWE) |
44 static_cast<uint32_t>(KeyMgmtMask::WPA_PSK_SHA256) |
45 static_cast<uint32_t>(KeyMgmtMask::WPA_EAP_SHA256) |
46 static_cast<uint32_t>(KeyMgmtMask::WAPI_PSK) |
47 static_cast<uint32_t>(KeyMgmtMask::WAPI_CERT) |
48 static_cast<uint32_t>(KeyMgmtMask::FILS_SHA256) |
49 static_cast<uint32_t>(KeyMgmtMask::FILS_SHA384) |
50 static_cast<uint32_t>(KeyMgmtMask::DPP));
51 constexpr uint32_t kAllowedProtoMask =
52 (static_cast<uint32_t>(ProtoMask::WPA) |
53 static_cast<uint32_t>(ProtoMask::RSN) |
54 static_cast<uint32_t>(ProtoMask::OSEN) |
55 static_cast<uint32_t>(ProtoMask::WAPI));
56 constexpr uint32_t kAllowedAuthAlgMask =
57 (static_cast<uint32_t>(AuthAlgMask::OPEN) |
58 static_cast<uint32_t>(AuthAlgMask::SHARED) |
59 static_cast<uint32_t>(AuthAlgMask::LEAP) |
60 static_cast<uint32_t>(AuthAlgMask::SAE));
61 constexpr uint32_t kAllowedGroupCipherMask =
62 (static_cast<uint32_t>(GroupCipherMask::WEP40) |
63 static_cast<uint32_t>(GroupCipherMask::WEP104) |
64 static_cast<uint32_t>(GroupCipherMask::TKIP) |
65 static_cast<uint32_t>(GroupCipherMask::CCMP) |
66 static_cast<uint32_t>(
67 GroupCipherMask::GTK_NOT_USED) |
68 static_cast<uint32_t>(GroupCipherMask::GCMP_256) |
69 static_cast<uint32_t>(GroupCipherMask::SMS4) |
70 static_cast<uint32_t>(GroupCipherMask::GCMP_128));
71 constexpr uint32_t kAllowedPairwisewCipherMask =
72 (static_cast<uint32_t>(PairwiseCipherMask::NONE) |
73 static_cast<uint32_t>(PairwiseCipherMask::TKIP) |
74 static_cast<uint32_t>(PairwiseCipherMask::CCMP) |
75 static_cast<uint32_t>(
76 PairwiseCipherMask::GCMP_256) |
77 static_cast<uint32_t>(
78 PairwiseCipherMask::SMS4) |
79 static_cast<uint32_t>(PairwiseCipherMask::GCMP_128));
80 constexpr uint32_t kAllowedGroupMgmtCipherMask =
81 (static_cast<uint32_t>(
82 GroupMgmtCipherMask::BIP_GMAC_128) |
83 static_cast<uint32_t>(
84 GroupMgmtCipherMask::BIP_GMAC_256) |
85 static_cast<uint32_t>(
86 GroupMgmtCipherMask::BIP_CMAC_256));
87
88 constexpr uint32_t kEapMethodMax =
89 static_cast<uint32_t>(EapMethod::WFA_UNAUTH_TLS) + 1;
90 constexpr char const *kEapMethodStrings[kEapMethodMax] = {
91 "PEAP", "TLS", "TTLS", "PWD", "SIM", "AKA", "AKA'", "WFA-UNAUTH-TLS"};
92 constexpr uint32_t kEapPhase2MethodMax =
93 static_cast<uint32_t>(EapPhase2Method::AKA_PRIME) + 1;
94 constexpr char const *kEapPhase2MethodStrings[kEapPhase2MethodMax] = {
95 "", "PAP", "MSCHAP", "MSCHAPV2", "GTC", "SIM", "AKA", "AKA'"};
96 constexpr char kEapPhase2AuthPrefix[] = "auth=";
97 constexpr char kEapPhase2AuthEapPrefix[] = "autheap=";
98 constexpr char kNetworkEapSimGsmAuthResponse[] = "GSM-AUTH";
99 constexpr char kNetworkEapSimUmtsAuthResponse[] = "UMTS-AUTH";
100 constexpr char kNetworkEapSimUmtsAutsResponse[] = "UMTS-AUTS";
101 constexpr char kNetworkEapSimGsmAuthFailure[] = "GSM-FAIL";
102 constexpr char kNetworkEapSimUmtsAuthFailure[] = "UMTS-FAIL";
103
104 #ifdef CONFIG_WAPI_INTERFACE
105 std::string dummyWapiCertSuite;
106 std::vector<uint8_t> dummyWapiPsk;
107 #endif /* CONFIG_WAPI_INTERFACE */
108 } // namespace
109
110 namespace aidl {
111 namespace android {
112 namespace hardware {
113 namespace wifi {
114 namespace supplicant {
115 using aidl_return_util::validateAndCall;
116 using misc_utils::createStatus;
117 using misc_utils::createStatusWithMsg;
118
StaNetwork(struct wpa_global * wpa_global,const char ifname[],int network_id)119 StaNetwork::StaNetwork(
120 struct wpa_global *wpa_global, const char ifname[], int network_id)
121 : wpa_global_(wpa_global),
122 ifname_(ifname),
123 network_id_(network_id),
124 is_valid_(true)
125 {
126 tlsFlags = 0;
127 }
128
invalidate()129 void StaNetwork::invalidate() { is_valid_ = false; }
isValid()130 bool StaNetwork::isValid()
131 {
132 return (is_valid_ && (retrieveNetworkPtr() != nullptr));
133 }
134
getId(int32_t * _aidl_return)135 ::ndk::ScopedAStatus StaNetwork::getId(
136 int32_t* _aidl_return)
137 {
138 return validateAndCall(
139 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
140 &StaNetwork::getIdInternal, _aidl_return);
141 }
142
getInterfaceName(std::string * _aidl_return)143 ::ndk::ScopedAStatus StaNetwork::getInterfaceName(
144 std::string* _aidl_return)
145 {
146 return validateAndCall(
147 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
148 &StaNetwork::getInterfaceNameInternal, _aidl_return);
149 }
150
getType(IfaceType * _aidl_return)151 ::ndk::ScopedAStatus StaNetwork::getType(
152 IfaceType* _aidl_return)
153 {
154 return validateAndCall(
155 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
156 &StaNetwork::getTypeInternal, _aidl_return);
157 }
158
registerCallback(const std::shared_ptr<ISupplicantStaNetworkCallback> & in_callback)159 ::ndk::ScopedAStatus StaNetwork::registerCallback(
160 const std::shared_ptr<ISupplicantStaNetworkCallback>& in_callback)
161 {
162 return validateAndCall(
163 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
164 &StaNetwork::registerCallbackInternal, in_callback);
165 }
166
setSsid(const std::vector<uint8_t> & in_ssid)167 ::ndk::ScopedAStatus StaNetwork::setSsid(
168 const std::vector<uint8_t>& in_ssid)
169 {
170 return validateAndCall(
171 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
172 &StaNetwork::setSsidInternal, in_ssid);
173 }
174
setBssid(const std::vector<uint8_t> & in_bssid)175 ::ndk::ScopedAStatus StaNetwork::setBssid(
176 const std::vector<uint8_t>& in_bssid)
177 {
178 return validateAndCall(
179 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
180 &StaNetwork::setBssidInternal, in_bssid);
181 }
182
setDppKeys(const DppConnectionKeys & in_keys)183 ::ndk::ScopedAStatus StaNetwork::setDppKeys(const DppConnectionKeys& in_keys)
184 {
185 return validateAndCall(
186 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
187 &StaNetwork::setDppKeysInternal, in_keys);
188 }
189
setScanSsid(bool in_enable)190 ::ndk::ScopedAStatus StaNetwork::setScanSsid(bool in_enable)
191 {
192 return validateAndCall(
193 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
194 &StaNetwork::setScanSsidInternal, in_enable);
195 }
196
setKeyMgmt(KeyMgmtMask in_keyMgmtMask)197 ::ndk::ScopedAStatus StaNetwork::setKeyMgmt(
198 KeyMgmtMask in_keyMgmtMask)
199 {
200 return validateAndCall(
201 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
202 &StaNetwork::setKeyMgmtInternal, in_keyMgmtMask);
203 }
204
setProto(ProtoMask in_protoMask)205 ::ndk::ScopedAStatus StaNetwork::setProto(
206 ProtoMask in_protoMask)
207 {
208 return validateAndCall(
209 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
210 &StaNetwork::setProtoInternal, in_protoMask);
211 }
212
setAuthAlg(AuthAlgMask in_authAlgMask)213 ::ndk::ScopedAStatus StaNetwork::setAuthAlg(
214 AuthAlgMask in_authAlgMask)
215 {
216 return validateAndCall(
217 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
218 &StaNetwork::setAuthAlgInternal, in_authAlgMask);
219 }
220
setGroupCipher(GroupCipherMask in_groupCipherMask)221 ::ndk::ScopedAStatus StaNetwork::setGroupCipher(
222 GroupCipherMask in_groupCipherMask)
223 {
224 return validateAndCall(
225 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
226 &StaNetwork::setGroupCipherInternal, in_groupCipherMask);
227 }
228
setPairwiseCipher(PairwiseCipherMask in_pairwiseCipherMask)229 ::ndk::ScopedAStatus StaNetwork::setPairwiseCipher(
230 PairwiseCipherMask in_pairwiseCipherMask)
231 {
232 return validateAndCall(
233 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
234 &StaNetwork::setPairwiseCipherInternal,
235 in_pairwiseCipherMask);
236 }
237
setPskPassphrase(const std::string & in_psk)238 ::ndk::ScopedAStatus StaNetwork::setPskPassphrase(
239 const std::string& in_psk)
240 {
241 return validateAndCall(
242 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
243 &StaNetwork::setPskPassphraseInternal, in_psk);
244 }
245
setPsk(const std::vector<uint8_t> & in_psk)246 ::ndk::ScopedAStatus StaNetwork::setPsk(
247 const std::vector<uint8_t>& in_psk)
248 {
249 return validateAndCall(
250 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
251 &StaNetwork::setPskInternal, in_psk);
252 }
253
setWepKey(int32_t in_keyIdx,const std::vector<uint8_t> & in_wepKey)254 ::ndk::ScopedAStatus StaNetwork::setWepKey(
255 int32_t in_keyIdx, const std::vector<uint8_t>& in_wepKey)
256 {
257 return validateAndCall(
258 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
259 &StaNetwork::setWepKeyInternal, in_keyIdx, in_wepKey);
260 }
261
setWepTxKeyIdx(int32_t in_keyIdx)262 ::ndk::ScopedAStatus StaNetwork::setWepTxKeyIdx(
263 int32_t in_keyIdx)
264 {
265 return validateAndCall(
266 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
267 &StaNetwork::setWepTxKeyIdxInternal, in_keyIdx);
268 }
269
setRequirePmf(bool in_enable)270 ::ndk::ScopedAStatus StaNetwork::setRequirePmf(bool in_enable)
271 {
272 return validateAndCall(
273 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
274 &StaNetwork::setRequirePmfInternal, in_enable);
275 }
276
setEapMethod(EapMethod in_method)277 ::ndk::ScopedAStatus StaNetwork::setEapMethod(
278 EapMethod in_method)
279 {
280 return validateAndCall(
281 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
282 &StaNetwork::setEapMethodInternal, in_method);
283 }
284
setEapPhase2Method(EapPhase2Method in_method)285 ::ndk::ScopedAStatus StaNetwork::setEapPhase2Method(
286 EapPhase2Method in_method)
287 {
288 return validateAndCall(
289 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
290 &StaNetwork::setEapPhase2MethodInternal, in_method);
291 }
292
setEapIdentity(const std::vector<uint8_t> & in_identity)293 ::ndk::ScopedAStatus StaNetwork::setEapIdentity(
294 const std::vector<uint8_t>& in_identity)
295 {
296 return validateAndCall(
297 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
298 &StaNetwork::setEapIdentityInternal, in_identity);
299 }
300
setEapEncryptedImsiIdentity(const std::vector<uint8_t> & in_identity)301 ::ndk::ScopedAStatus StaNetwork::setEapEncryptedImsiIdentity(
302 const std::vector<uint8_t>& in_identity)
303 {
304 return validateAndCall(
305 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
306 &StaNetwork::setEapEncryptedImsiIdentityInternal,
307 in_identity);
308 }
309
setStrictConservativePeerMode(bool in_enable)310 ::ndk::ScopedAStatus StaNetwork::setStrictConservativePeerMode(
311 bool in_enable)
312 {
313 return validateAndCall(
314 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
315 &StaNetwork::setStrictConservativePeerModeInternal,
316 in_enable);
317 }
318
setEapAnonymousIdentity(const std::vector<uint8_t> & in_identity)319 ::ndk::ScopedAStatus StaNetwork::setEapAnonymousIdentity(
320 const std::vector<uint8_t>& in_identity)
321 {
322 return validateAndCall(
323 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
324 &StaNetwork::setEapAnonymousIdentityInternal, in_identity);
325 }
326
setEapPassword(const std::vector<uint8_t> & in_password)327 ::ndk::ScopedAStatus StaNetwork::setEapPassword(
328 const std::vector<uint8_t>& in_password)
329 {
330 return validateAndCall(
331 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
332 &StaNetwork::setEapPasswordInternal, in_password);
333 }
334
setEapCACert(const std::string & in_path)335 ::ndk::ScopedAStatus StaNetwork::setEapCACert(
336 const std::string& in_path)
337 {
338 return validateAndCall(
339 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
340 &StaNetwork::setEapCACertInternal, in_path);
341 }
342
setEapCAPath(const std::string & in_path)343 ::ndk::ScopedAStatus StaNetwork::setEapCAPath(
344 const std::string& in_path)
345 {
346 return validateAndCall(
347 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
348 &StaNetwork::setEapCAPathInternal, in_path);
349 }
350
setEapClientCert(const std::string & in_path)351 ::ndk::ScopedAStatus StaNetwork::setEapClientCert(
352 const std::string& in_path)
353 {
354 return validateAndCall(
355 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
356 &StaNetwork::setEapClientCertInternal, in_path);
357 }
358
setEapPrivateKeyId(const std::string & in_id)359 ::ndk::ScopedAStatus StaNetwork::setEapPrivateKeyId(
360 const std::string& in_id)
361 {
362 return validateAndCall(
363 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
364 &StaNetwork::setEapPrivateKeyIdInternal, in_id);
365 }
366
setEapSubjectMatch(const std::string & in_match)367 ::ndk::ScopedAStatus StaNetwork::setEapSubjectMatch(
368 const std::string& in_match)
369 {
370 return validateAndCall(
371 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
372 &StaNetwork::setEapSubjectMatchInternal, in_match);
373 }
374
setEapAltSubjectMatch(const std::string & in_match)375 ::ndk::ScopedAStatus StaNetwork::setEapAltSubjectMatch(
376 const std::string& in_match)
377 {
378 return validateAndCall(
379 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
380 &StaNetwork::setEapAltSubjectMatchInternal, in_match);
381 }
382
setEapEngine(bool in_enable)383 ::ndk::ScopedAStatus StaNetwork::setEapEngine(bool in_enable)
384 {
385 return validateAndCall(
386 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
387 &StaNetwork::setEapEngineInternal, in_enable);
388 }
389
setEapEngineID(const std::string & in_id)390 ::ndk::ScopedAStatus StaNetwork::setEapEngineID(
391 const std::string& in_id)
392 {
393 return validateAndCall(
394 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
395 &StaNetwork::setEapEngineIDInternal, in_id);
396 }
397
setEapDomainSuffixMatch(const std::string & in_match)398 ::ndk::ScopedAStatus StaNetwork::setEapDomainSuffixMatch(
399 const std::string& in_match)
400 {
401 return validateAndCall(
402 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
403 &StaNetwork::setEapDomainSuffixMatchInternal, in_match);
404 }
405
setProactiveKeyCaching(bool in_enable)406 ::ndk::ScopedAStatus StaNetwork::setProactiveKeyCaching(
407 bool in_enable)
408 {
409 return validateAndCall(
410 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
411 &StaNetwork::setProactiveKeyCachingInternal, in_enable);
412 }
413
setIdStr(const std::string & in_idStr)414 ::ndk::ScopedAStatus StaNetwork::setIdStr(
415 const std::string& in_idStr)
416 {
417 return validateAndCall(
418 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
419 &StaNetwork::setIdStrInternal, in_idStr);
420 }
421
setUpdateIdentifier(int32_t in_id)422 ::ndk::ScopedAStatus StaNetwork::setUpdateIdentifier(
423 int32_t in_id)
424 {
425 return validateAndCall(
426 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
427 &StaNetwork::setUpdateIdentifierInternal, in_id);
428 }
429
setWapiCertSuite(const std::string & in_suite)430 ::ndk::ScopedAStatus StaNetwork::setWapiCertSuite(
431 const std::string& in_suite)
432 {
433 return validateAndCall(
434 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
435 &StaNetwork::setWapiCertSuiteInternal, in_suite);
436 }
437
setEdmg(bool in_enable)438 ::ndk::ScopedAStatus StaNetwork::setEdmg(bool in_enable)
439 {
440 return validateAndCall(
441 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
442 &StaNetwork::setEdmgInternal, in_enable);
443 }
444
getSsid(std::vector<uint8_t> * _aidl_return)445 ::ndk::ScopedAStatus StaNetwork::getSsid(
446 std::vector<uint8_t>* _aidl_return)
447 {
448 return validateAndCall(
449 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
450 &StaNetwork::getSsidInternal, _aidl_return);
451 }
452
getBssid(std::vector<uint8_t> * _aidl_return)453 ndk::ScopedAStatus StaNetwork::getBssid(
454 std::vector<uint8_t>* _aidl_return)
455 {
456 return validateAndCall(
457 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
458 &StaNetwork::getBssidInternal, _aidl_return);
459 }
460
getScanSsid(bool * _aidl_return)461 ::ndk::ScopedAStatus StaNetwork::getScanSsid(
462 bool* _aidl_return)
463 {
464 return validateAndCall(
465 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
466 &StaNetwork::getScanSsidInternal, _aidl_return);
467 }
468
getKeyMgmt(KeyMgmtMask * _aidl_return)469 ::ndk::ScopedAStatus StaNetwork::getKeyMgmt(
470 KeyMgmtMask* _aidl_return)
471 {
472 return validateAndCall(
473 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
474 &StaNetwork::getKeyMgmtInternal, _aidl_return);
475 }
476
getProto(ProtoMask * _aidl_return)477 ::ndk::ScopedAStatus StaNetwork::getProto(
478 ProtoMask* _aidl_return)
479 {
480 return validateAndCall(
481 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
482 &StaNetwork::getProtoInternal, _aidl_return);
483 }
484
getAuthAlg(AuthAlgMask * _aidl_return)485 ::ndk::ScopedAStatus StaNetwork::getAuthAlg(
486 AuthAlgMask* _aidl_return)
487 {
488 return validateAndCall(
489 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
490 &StaNetwork::getAuthAlgInternal, _aidl_return);
491 }
492
getGroupCipher(GroupCipherMask * _aidl_return)493 ::ndk::ScopedAStatus StaNetwork::getGroupCipher(
494 GroupCipherMask* _aidl_return)
495 {
496 return validateAndCall(
497 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
498 &StaNetwork::getGroupCipherInternal, _aidl_return);
499 }
500
getPairwiseCipher(PairwiseCipherMask * _aidl_return)501 ::ndk::ScopedAStatus StaNetwork::getPairwiseCipher(
502 PairwiseCipherMask* _aidl_return)
503 {
504 return validateAndCall(
505 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
506 &StaNetwork::getPairwiseCipherInternal, _aidl_return);
507 }
508
getPskPassphrase(std::string * _aidl_return)509 ::ndk::ScopedAStatus StaNetwork::getPskPassphrase(
510 std::string* _aidl_return)
511 {
512 return validateAndCall(
513 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
514 &StaNetwork::getPskPassphraseInternal, _aidl_return);
515 }
516
getPsk(std::vector<uint8_t> * _aidl_return)517 ::ndk::ScopedAStatus StaNetwork::getPsk(
518 std::vector<uint8_t>* _aidl_return)
519 {
520 return validateAndCall(
521 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
522 &StaNetwork::getPskInternal, _aidl_return);
523 }
524
getSaePassword(std::string * _aidl_return)525 ::ndk::ScopedAStatus StaNetwork::getSaePassword(
526 std::string* _aidl_return)
527 {
528 return validateAndCall(
529 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
530 &StaNetwork::getSaePasswordInternal, _aidl_return);
531 }
532
getSaePasswordId(std::string * _aidl_return)533 ::ndk::ScopedAStatus StaNetwork::getSaePasswordId(
534 std::string* _aidl_return)
535 {
536 return validateAndCall(
537 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
538 &StaNetwork::getSaePasswordIdInternal, _aidl_return);
539 }
540
getWepKey(int32_t in_keyIdx,std::vector<uint8_t> * _aidl_return)541 ::ndk::ScopedAStatus StaNetwork::getWepKey(
542 int32_t in_keyIdx,
543 std::vector<uint8_t>* _aidl_return)
544 {
545 return validateAndCall(
546 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
547 &StaNetwork::getWepKeyInternal, _aidl_return, in_keyIdx);
548 }
549
getWepTxKeyIdx(int32_t * _aidl_return)550 ::ndk::ScopedAStatus StaNetwork::getWepTxKeyIdx(
551 int32_t* _aidl_return)
552 {
553 return validateAndCall(
554 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
555 &StaNetwork::getWepTxKeyIdxInternal, _aidl_return);
556 }
557
getRequirePmf(bool * _aidl_return)558 ::ndk::ScopedAStatus StaNetwork::getRequirePmf(
559 bool* _aidl_return)
560 {
561 return validateAndCall(
562 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
563 &StaNetwork::getRequirePmfInternal, _aidl_return);
564 }
565
getEapMethod(EapMethod * _aidl_return)566 ::ndk::ScopedAStatus StaNetwork::getEapMethod(
567 EapMethod* _aidl_return)
568 {
569 return validateAndCall(
570 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
571 &StaNetwork::getEapMethodInternal, _aidl_return);
572 }
573
getEapPhase2Method(EapPhase2Method * _aidl_return)574 ::ndk::ScopedAStatus StaNetwork::getEapPhase2Method(
575 EapPhase2Method* _aidl_return)
576 {
577 return validateAndCall(
578 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
579 &StaNetwork::getEapPhase2MethodInternal, _aidl_return);
580 }
581
getEapIdentity(std::vector<uint8_t> * _aidl_return)582 ::ndk::ScopedAStatus StaNetwork::getEapIdentity(
583 std::vector<uint8_t>* _aidl_return)
584 {
585 return validateAndCall(
586 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
587 &StaNetwork::getEapIdentityInternal, _aidl_return);
588 }
589
getEapAnonymousIdentity(std::vector<uint8_t> * _aidl_return)590 ::ndk::ScopedAStatus StaNetwork::getEapAnonymousIdentity(
591 std::vector<uint8_t>* _aidl_return)
592 {
593 return validateAndCall(
594 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
595 &StaNetwork::getEapAnonymousIdentityInternal, _aidl_return);
596 }
597
getEapPassword(std::vector<uint8_t> * _aidl_return)598 ::ndk::ScopedAStatus StaNetwork::getEapPassword(
599 std::vector<uint8_t>* _aidl_return)
600 {
601 return validateAndCall(
602 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
603 &StaNetwork::getEapPasswordInternal, _aidl_return);
604 }
605
getEapCACert(std::string * _aidl_return)606 ::ndk::ScopedAStatus StaNetwork::getEapCACert(
607 std::string* _aidl_return)
608 {
609 return validateAndCall(
610 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
611 &StaNetwork::getEapCACertInternal, _aidl_return);
612 }
613
getEapCAPath(std::string * _aidl_return)614 ::ndk::ScopedAStatus StaNetwork::getEapCAPath(
615 std::string* _aidl_return)
616 {
617 return validateAndCall(
618 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
619 &StaNetwork::getEapCAPathInternal, _aidl_return);
620 }
621
getEapClientCert(std::string * _aidl_return)622 ::ndk::ScopedAStatus StaNetwork::getEapClientCert(
623 std::string* _aidl_return)
624 {
625 return validateAndCall(
626 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
627 &StaNetwork::getEapClientCertInternal, _aidl_return);
628 }
629
getEapPrivateKeyId(std::string * _aidl_return)630 ::ndk::ScopedAStatus StaNetwork::getEapPrivateKeyId(
631 std::string* _aidl_return)
632 {
633 return validateAndCall(
634 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
635 &StaNetwork::getEapPrivateKeyIdInternal, _aidl_return);
636 }
637
getEapSubjectMatch(std::string * _aidl_return)638 ::ndk::ScopedAStatus StaNetwork::getEapSubjectMatch(
639 std::string* _aidl_return)
640 {
641 return validateAndCall(
642 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
643 &StaNetwork::getEapSubjectMatchInternal, _aidl_return);
644 }
645
getEapAltSubjectMatch(std::string * _aidl_return)646 ::ndk::ScopedAStatus StaNetwork::getEapAltSubjectMatch(
647 std::string* _aidl_return)
648 {
649 return validateAndCall(
650 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
651 &StaNetwork::getEapAltSubjectMatchInternal, _aidl_return);
652 }
653
getEapEngine(bool * _aidl_return)654 ::ndk::ScopedAStatus StaNetwork::getEapEngine(
655 bool* _aidl_return)
656 {
657 return validateAndCall(
658 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
659 &StaNetwork::getEapEngineInternal, _aidl_return);
660 }
661
getEapEngineId(std::string * _aidl_return)662 ::ndk::ScopedAStatus StaNetwork::getEapEngineId(
663 std::string* _aidl_return)
664 {
665 return validateAndCall(
666 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
667 &StaNetwork::getEapEngineIdInternal, _aidl_return);
668 }
669
getEapDomainSuffixMatch(std::string * _aidl_return)670 ::ndk::ScopedAStatus StaNetwork::getEapDomainSuffixMatch(
671 std::string* _aidl_return)
672 {
673 return validateAndCall(
674 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
675 &StaNetwork::getEapDomainSuffixMatchInternal, _aidl_return);
676 }
677
getIdStr(std::string * _aidl_return)678 ::ndk::ScopedAStatus StaNetwork::getIdStr(
679 std::string* _aidl_return)
680 {
681 return validateAndCall(
682 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
683 &StaNetwork::getIdStrInternal, _aidl_return);
684 }
685
getWpsNfcConfigurationToken(std::vector<uint8_t> * _aidl_return)686 ::ndk::ScopedAStatus StaNetwork::getWpsNfcConfigurationToken(
687 std::vector<uint8_t>* _aidl_return)
688 {
689 return validateAndCall(
690 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
691 &StaNetwork::getWpsNfcConfigurationTokenInternal, _aidl_return);
692 }
693
getWapiCertSuite(std::string * _aidl_return)694 ::ndk::ScopedAStatus StaNetwork::getWapiCertSuite(
695 std::string* _aidl_return)
696 {
697 return validateAndCall(
698 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
699 &StaNetwork::getWapiCertSuiteInternal, _aidl_return);
700 }
701
getEdmg(bool * _aidl_return)702 ::ndk::ScopedAStatus StaNetwork::getEdmg(
703 bool* _aidl_return)
704 {
705 return validateAndCall(
706 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
707 &StaNetwork::getEdmgInternal, _aidl_return);
708 }
709
enable(bool in_noConnect)710 ::ndk::ScopedAStatus StaNetwork::enable(bool in_noConnect)
711 {
712 return validateAndCall(
713 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
714 &StaNetwork::enableInternal, in_noConnect);
715 }
716
disable()717 ::ndk::ScopedAStatus StaNetwork::disable()
718 {
719 return validateAndCall(
720 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
721 &StaNetwork::disableInternal);
722 }
723
select()724 ::ndk::ScopedAStatus StaNetwork::select()
725 {
726 return validateAndCall(
727 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
728 &StaNetwork::selectInternal);
729 }
730
sendNetworkEapSimGsmAuthResponse(const std::vector<NetworkResponseEapSimGsmAuthParams> & in_params)731 ::ndk::ScopedAStatus StaNetwork::sendNetworkEapSimGsmAuthResponse(
732 const std::vector<NetworkResponseEapSimGsmAuthParams>& in_params)
733 {
734 return validateAndCall(
735 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
736 &StaNetwork::sendNetworkEapSimGsmAuthResponseInternal,
737 in_params);
738 }
739
sendNetworkEapSimGsmAuthFailure()740 ::ndk::ScopedAStatus StaNetwork::sendNetworkEapSimGsmAuthFailure()
741 {
742 return validateAndCall(
743 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
744 &StaNetwork::sendNetworkEapSimGsmAuthFailureInternal);
745 }
746
sendNetworkEapSimUmtsAuthResponse(const NetworkResponseEapSimUmtsAuthParams & in_params)747 ::ndk::ScopedAStatus StaNetwork::sendNetworkEapSimUmtsAuthResponse(
748 const NetworkResponseEapSimUmtsAuthParams& in_params)
749 {
750 return validateAndCall(
751 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
752 &StaNetwork::sendNetworkEapSimUmtsAuthResponseInternal,
753 in_params);
754 }
755
sendNetworkEapSimUmtsAutsResponse(const std::vector<uint8_t> & in_auts)756 ::ndk::ScopedAStatus StaNetwork::sendNetworkEapSimUmtsAutsResponse(
757 const std::vector<uint8_t>& in_auts)
758 {
759 return validateAndCall(
760 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
761 &StaNetwork::sendNetworkEapSimUmtsAutsResponseInternal,
762 in_auts);
763 }
764
sendNetworkEapSimUmtsAuthFailure()765 ::ndk::ScopedAStatus StaNetwork::sendNetworkEapSimUmtsAuthFailure()
766 {
767 return validateAndCall(
768 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
769 &StaNetwork::sendNetworkEapSimUmtsAuthFailureInternal);
770 }
771
sendNetworkEapIdentityResponse(const std::vector<uint8_t> & in_identity,const std::vector<uint8_t> & in_encryptedIdentity)772 ::ndk::ScopedAStatus StaNetwork::sendNetworkEapIdentityResponse(
773 const std::vector<uint8_t>& in_identity,
774 const std::vector<uint8_t>& in_encryptedIdentity)
775 {
776 return validateAndCall(
777 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
778 &StaNetwork::sendNetworkEapIdentityResponseInternal,
779 in_identity, in_encryptedIdentity);
780 }
781
setGroupMgmtCipher(GroupMgmtCipherMask in_groupMgmtCipherMask)782 ::ndk::ScopedAStatus StaNetwork::setGroupMgmtCipher(
783 GroupMgmtCipherMask in_groupMgmtCipherMask)
784 {
785 return validateAndCall(
786 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
787 &StaNetwork::setGroupMgmtCipherInternal,
788 in_groupMgmtCipherMask);
789 }
790
getGroupMgmtCipher(GroupMgmtCipherMask * _aidl_return)791 ::ndk::ScopedAStatus StaNetwork::getGroupMgmtCipher(
792 GroupMgmtCipherMask* _aidl_return)
793 {
794 return validateAndCall(
795 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
796 &StaNetwork::getGroupMgmtCipherInternal, _aidl_return);
797 }
798
enableTlsSuiteBEapPhase1Param(bool in_enable)799 ::ndk::ScopedAStatus StaNetwork::enableTlsSuiteBEapPhase1Param(
800 bool in_enable)
801 {
802 return validateAndCall(
803 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
804 &StaNetwork::enableTlsSuiteBEapPhase1ParamInternal, in_enable);
805 }
806
enableSuiteBEapOpenSslCiphers()807 ::ndk::ScopedAStatus StaNetwork::enableSuiteBEapOpenSslCiphers()
808 {
809 return validateAndCall(
810 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
811 &StaNetwork::enableSuiteBEapOpenSslCiphersInternal);
812 }
813
setSaePassword(const std::string & in_saePassword)814 ::ndk::ScopedAStatus StaNetwork::setSaePassword(
815 const std::string& in_saePassword)
816 {
817 return validateAndCall(
818 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
819 &StaNetwork::setSaePasswordInternal, in_saePassword);
820 }
821
setSaePasswordId(const std::string & in_saePasswordId)822 ::ndk::ScopedAStatus StaNetwork::setSaePasswordId(
823 const std::string& in_saePasswordId)
824 {
825 return validateAndCall(
826 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
827 &StaNetwork::setSaePasswordIdInternal, in_saePasswordId);
828 }
829
setOcsp(OcspType in_ocspType)830 ::ndk::ScopedAStatus StaNetwork::setOcsp(
831 OcspType in_ocspType)
832 {
833 return validateAndCall(
834 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
835 &StaNetwork::setOcspInternal, in_ocspType);
836 }
837
getOcsp(OcspType * _aidl_return)838 ::ndk::ScopedAStatus StaNetwork::getOcsp(
839 OcspType* _aidl_return)
840 {
841 return validateAndCall(
842 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
843 &StaNetwork::getOcspInternal, _aidl_return);
844 }
845
setPmkCache(const std::vector<uint8_t> & in_serializedEntry)846 ::ndk::ScopedAStatus StaNetwork::setPmkCache(
847 const std::vector<uint8_t>& in_serializedEntry)
848 {
849 return validateAndCall(
850 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
851 &StaNetwork::setPmkCacheInternal, in_serializedEntry);
852 }
853
setEapErp(bool in_enable)854 ::ndk::ScopedAStatus StaNetwork::setEapErp(
855 bool in_enable)
856 {
857 return validateAndCall(
858 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
859 &StaNetwork::setEapErpInternal, in_enable);
860 }
861
setSaeH2eMode(SaeH2eMode in_mode)862 ::ndk::ScopedAStatus StaNetwork::setSaeH2eMode(
863 SaeH2eMode in_mode)
864 {
865 return validateAndCall(
866 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
867 &StaNetwork::setSaeH2eModeInternal, in_mode);
868 }
869
enableSaePkOnlyMode(bool in_enable)870 ::ndk::ScopedAStatus StaNetwork::enableSaePkOnlyMode(
871 bool in_enable)
872 {
873 return validateAndCall(
874 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
875 &StaNetwork::enableSaePkOnlyModeInternal, in_enable);
876 }
877
setRoamingConsortiumSelection(const std::vector<uint8_t> & in_selectedRcoi)878 ::ndk::ScopedAStatus StaNetwork::setRoamingConsortiumSelection(
879 const std::vector<uint8_t>& in_selectedRcoi)
880 {
881 return validateAndCall(
882 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
883 &StaNetwork::setRoamingConsortiumSelectionInternal, in_selectedRcoi);
884 }
885
setMinimumTlsVersionEapPhase1Param(TlsVersion in_tlsVersion)886 ::ndk::ScopedAStatus StaNetwork::setMinimumTlsVersionEapPhase1Param(
887 TlsVersion in_tlsVersion)
888 {
889 return validateAndCall(
890 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
891 &StaNetwork::setMinimumTlsVersionEapPhase1ParamInternal, in_tlsVersion);
892 }
893
getIdInternal()894 std::pair<uint32_t, ndk::ScopedAStatus> StaNetwork::getIdInternal()
895 {
896 return {network_id_, ndk::ScopedAStatus::ok()};
897 }
898
getInterfaceNameInternal()899 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getInterfaceNameInternal()
900 {
901 return {ifname_, ndk::ScopedAStatus::ok()};
902 }
903
getTypeInternal()904 std::pair<IfaceType, ndk::ScopedAStatus> StaNetwork::getTypeInternal()
905 {
906 return {IfaceType::STA, ndk::ScopedAStatus::ok()};
907 }
908
registerCallbackInternal(const std::shared_ptr<ISupplicantStaNetworkCallback> & callback)909 ndk::ScopedAStatus StaNetwork::registerCallbackInternal(
910 const std::shared_ptr<ISupplicantStaNetworkCallback> &callback)
911 {
912 AidlManager *aidl_manager = AidlManager::getInstance();
913 if (!aidl_manager || aidl_manager->addStaNetworkCallbackAidlObject(
914 ifname_, network_id_, callback)) {
915 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
916 }
917 return ndk::ScopedAStatus::ok();
918 }
919
setSsidInternal(const std::vector<uint8_t> & ssid)920 ndk::ScopedAStatus StaNetwork::setSsidInternal(const std::vector<uint8_t> &ssid)
921 {
922 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
923 if (ssid.size() == 0 ||
924 ssid.size() >
925 static_cast<uint32_t>(ISupplicantStaNetwork::
926 SSID_MAX_LEN_IN_BYTES)) {
927 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
928 }
929 if (setByteArrayFieldAndResetState(
930 ssid.data(), ssid.size(), &(wpa_ssid->ssid),
931 &(wpa_ssid->ssid_len), "ssid")) {
932 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
933 }
934 if (wpa_ssid->passphrase) {
935 wpa_config_update_psk(wpa_ssid);
936 }
937 return ndk::ScopedAStatus::ok();
938 }
939
setBssidInternal(const std::vector<uint8_t> & bssid)940 ndk::ScopedAStatus StaNetwork::setBssidInternal(
941 const std::vector<uint8_t> &bssid)
942 {
943 if (bssid.size() != ETH_ALEN) {
944 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
945 }
946 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
947 int prev_bssid_set = wpa_ssid->bssid_set;
948 u8 prev_bssid[ETH_ALEN];
949 os_memcpy(prev_bssid, wpa_ssid->bssid, ETH_ALEN);
950 // Zero'ed array is used to clear out the BSSID value.
951 if (os_memcmp(bssid.data(), kZeroBssid, ETH_ALEN) == 0) {
952 wpa_ssid->bssid_set = 0;
953 wpa_printf(MSG_MSGDUMP, "BSSID any");
954 } else {
955 os_memcpy(wpa_ssid->bssid, bssid.data(), ETH_ALEN);
956 wpa_ssid->bssid_set = 1;
957 wpa_hexdump(MSG_MSGDUMP, "BSSID", wpa_ssid->bssid, ETH_ALEN);
958 }
959 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
960 if ((wpa_ssid->bssid_set != prev_bssid_set ||
961 os_memcmp(wpa_ssid->bssid, prev_bssid, ETH_ALEN) != 0)) {
962 wpas_notify_network_bssid_set_changed(wpa_s, wpa_ssid);
963 }
964 return ndk::ScopedAStatus::ok();
965 }
966
setDppKeysInternal(const DppConnectionKeys & keys)967 ndk::ScopedAStatus StaNetwork::setDppKeysInternal(const DppConnectionKeys& keys)
968 {
969 #ifdef CONFIG_DPP
970 if (keys.connector.empty() || keys.cSign.empty() || keys.netAccessKey.empty()) {
971 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
972 }
973
974 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
975 std::string connector_str(keys.connector.begin(), keys.connector.end());
976
977 if (setStringFieldAndResetState(
978 connector_str.c_str(), &(wpa_ssid->dpp_connector), "dpp_connector")) {
979 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
980 }
981
982 if (setByteArrayFieldAndResetState(
983 keys.cSign.data(), keys.cSign.size(), &(wpa_ssid->dpp_csign),
984 &(wpa_ssid->dpp_csign_len), "dpp csign")) {
985 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
986 }
987
988 if (setByteArrayFieldAndResetState(
989 keys.netAccessKey.data(), keys.netAccessKey.size(), &(wpa_ssid->dpp_netaccesskey),
990 &(wpa_ssid->dpp_netaccesskey_len), "dpp netAccessKey")) {
991 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
992 }
993
994 return ndk::ScopedAStatus::ok();
995 #else
996 return createStatus(SupplicantStatusCode::FAILURE_UNSUPPORTED);
997 #endif
998 }
999
setScanSsidInternal(bool enable)1000 ndk::ScopedAStatus StaNetwork::setScanSsidInternal(bool enable)
1001 {
1002 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1003 wpa_ssid->scan_ssid = enable ? 1 : 0;
1004 resetInternalStateAfterParamsUpdate();
1005 return ndk::ScopedAStatus::ok();
1006 }
1007
setAuthAlgInternal(AuthAlgMask mask)1008 ndk::ScopedAStatus StaNetwork::setAuthAlgInternal(
1009 AuthAlgMask mask)
1010 {
1011 uint32_t auth_alg_mask = static_cast<uint32_t>(mask);
1012 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1013 if (auth_alg_mask & ~kAllowedAuthAlgMask) {
1014 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1015 }
1016 wpa_ssid->auth_alg = auth_alg_mask;
1017 wpa_printf(MSG_MSGDUMP, "auth_alg: 0x%x", wpa_ssid->auth_alg);
1018 resetInternalStateAfterParamsUpdate();
1019 return ndk::ScopedAStatus::ok();
1020 }
1021
setEdmgInternal(bool enable)1022 ndk::ScopedAStatus StaNetwork::setEdmgInternal(bool enable)
1023 {
1024 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1025 wpa_ssid->enable_edmg = enable ? 1 : 0;
1026 resetInternalStateAfterParamsUpdate();
1027 return ndk::ScopedAStatus::ok();
1028 }
1029
setPskPassphraseInternal(const std::string & rawPsk)1030 ndk::ScopedAStatus StaNetwork::setPskPassphraseInternal(const std::string &rawPsk)
1031 {
1032 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1033 std::string psk = rawPsk;
1034 #ifdef CONFIG_WAPI_INTERFACE
1035 if (wpa_ssid->key_mgmt & WPA_KEY_MGMT_WAPI_PSK) {
1036 if (rawPsk.size() > 2 && rawPsk.front()== '"' && rawPsk.back() == '"') {
1037 psk = rawPsk.substr(1, rawPsk.size() - 2);
1038 } else {
1039 if ((rawPsk.size() & 1)) {
1040 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1041 }
1042 size_t len = psk.size() / 2;
1043 uint8_t *buf = (uint8_t *) os_malloc(len);
1044 if (hexstr2bin(psk.c_str(), buf, len) < 0) {
1045 os_free(buf);
1046 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1047 }
1048 std::vector<uint8_t> bytes(buf, buf + len);
1049 os_free(buf);
1050 return setWapiPskInternal(bytes);
1051 }
1052 }
1053 #endif
1054 if (isPskPassphraseValid(psk)) {
1055 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1056 }
1057 if (wpa_ssid->passphrase &&
1058 os_strlen(wpa_ssid->passphrase) == psk.size() &&
1059 os_memcmp(wpa_ssid->passphrase, psk.c_str(), psk.size()) == 0) {
1060 return ndk::ScopedAStatus::ok();
1061 }
1062 // Flag to indicate if raw psk is calculated or not using
1063 // |wpa_config_update_psk|. Deferred if ssid not already set.
1064 wpa_ssid->psk_set = 0;
1065 if (setStringKeyFieldAndResetState(
1066 psk.c_str(), &(wpa_ssid->passphrase), "psk passphrase")) {
1067 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1068 }
1069 if (wpa_ssid->ssid_len) {
1070 wpa_config_update_psk(wpa_ssid);
1071 }
1072 return ndk::ScopedAStatus::ok();
1073 }
1074
setPskInternal(const std::vector<uint8_t> & psk)1075 ndk::ScopedAStatus StaNetwork::setPskInternal(const std::vector<uint8_t> &psk)
1076 {
1077 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1078 WPA_ASSERT(psk.size() == sizeof(wpa_ssid->psk));
1079 str_clear_free(wpa_ssid->passphrase);
1080 wpa_ssid->passphrase = nullptr;
1081 os_memcpy(wpa_ssid->psk, psk.data(), sizeof(wpa_ssid->psk));
1082 wpa_ssid->psk_set = 1;
1083 resetInternalStateAfterParamsUpdate();
1084 return ndk::ScopedAStatus::ok();
1085 }
1086
setWepKeyInternal(uint32_t key_idx,const std::vector<uint8_t> & wep_key)1087 ndk::ScopedAStatus StaNetwork::setWepKeyInternal(
1088 uint32_t key_idx, const std::vector<uint8_t> &wep_key)
1089 {
1090 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1091 if (key_idx >=
1092 static_cast<uint32_t>(
1093 ISupplicantStaNetwork::WEP_KEYS_MAX_NUM)) {
1094 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1095 }
1096 if (wep_key.size() !=
1097 static_cast<uint32_t>(ISupplicantStaNetwork::
1098 WEP40_KEY_LEN_IN_BYTES) &&
1099 wep_key.size() !=
1100 static_cast<uint32_t>(ISupplicantStaNetwork::
1101 WEP104_KEY_LEN_IN_BYTES)) {
1102 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1103 }
1104 os_memcpy(wpa_ssid->wep_key[key_idx], wep_key.data(), wep_key.size());
1105 wpa_ssid->wep_key_len[key_idx] = wep_key.size();
1106 std::string msg_dump_title("wep_key" + std::to_string(key_idx));
1107 wpa_hexdump_key(
1108 MSG_MSGDUMP, msg_dump_title.c_str(), wpa_ssid->wep_key[key_idx],
1109 wpa_ssid->wep_key_len[key_idx]);
1110 resetInternalStateAfterParamsUpdate();
1111 return ndk::ScopedAStatus::ok();
1112 }
1113
setWepTxKeyIdxInternal(uint32_t key_idx)1114 ndk::ScopedAStatus StaNetwork::setWepTxKeyIdxInternal(uint32_t key_idx)
1115 {
1116 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1117 if (key_idx >=
1118 static_cast<uint32_t>(
1119 ISupplicantStaNetwork::WEP_KEYS_MAX_NUM)) {
1120 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1121 }
1122 wpa_ssid->wep_tx_keyidx = key_idx;
1123 resetInternalStateAfterParamsUpdate();
1124 return ndk::ScopedAStatus::ok();
1125 }
1126
setRequirePmfInternal(bool enable)1127 ndk::ScopedAStatus StaNetwork::setRequirePmfInternal(bool enable)
1128 {
1129 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1130 if (enable) {
1131 wpa_ssid->ieee80211w = MGMT_FRAME_PROTECTION_REQUIRED;
1132 }
1133 resetInternalStateAfterParamsUpdate();
1134 return ndk::ScopedAStatus::ok();
1135 }
1136
setEapMethodInternal(EapMethod method)1137 ndk::ScopedAStatus StaNetwork::setEapMethodInternal(
1138 EapMethod method)
1139 {
1140 uint32_t eap_method_idx = static_cast<
1141 std::underlying_type<EapMethod>::type>(
1142 method);
1143 if (eap_method_idx >= kEapMethodMax) {
1144 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1145 }
1146
1147 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1148 int retrieved_vendor, retrieved_method;
1149 const char *method_str = kEapMethodStrings[eap_method_idx];
1150 // This string lookup is needed to check if the device supports the
1151 // corresponding EAP type.
1152 retrieved_method = eap_peer_get_type(method_str, &retrieved_vendor);
1153 if (retrieved_vendor == EAP_VENDOR_IETF &&
1154 retrieved_method == EAP_TYPE_NONE) {
1155 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1156 }
1157 if (wpa_ssid->eap.eap_methods) {
1158 os_free(wpa_ssid->eap.eap_methods);
1159 }
1160 // wpa_supplicant can support setting multiple eap methods for each
1161 // network. But, this is not really used by Android. So, just adding
1162 // support for setting one EAP method for each network. The additional
1163 // |eap_method_type| member in the array is used to indicate the end
1164 // of list.
1165 wpa_ssid->eap.eap_methods =
1166 (eap_method_type *)os_malloc(sizeof(eap_method_type) * 2);
1167 if (!wpa_ssid->eap.eap_methods) {
1168 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1169 }
1170 wpa_ssid->eap.eap_methods[0].vendor = retrieved_vendor;
1171 wpa_ssid->eap.eap_methods[0].method = retrieved_method;
1172 wpa_ssid->eap.eap_methods[1].vendor = EAP_VENDOR_IETF;
1173 wpa_ssid->eap.eap_methods[1].method = EAP_TYPE_NONE;
1174
1175 wpa_ssid->leap = 0;
1176 wpa_ssid->non_leap = 0;
1177 if (retrieved_vendor == EAP_VENDOR_IETF &&
1178 retrieved_method == EAP_TYPE_LEAP) {
1179 wpa_ssid->leap++;
1180 } else {
1181 wpa_ssid->non_leap++;
1182 }
1183 wpa_hexdump(
1184 MSG_MSGDUMP, "eap methods", (u8 *)wpa_ssid->eap.eap_methods,
1185 sizeof(eap_method_type) * 2);
1186 resetInternalStateAfterParamsUpdate();
1187 return ndk::ScopedAStatus::ok();
1188 }
1189
setEapPhase2MethodInternal(EapPhase2Method method)1190 ndk::ScopedAStatus StaNetwork::setEapPhase2MethodInternal(
1191 EapPhase2Method method)
1192 {
1193 uint32_t eap_phase2_method_idx = static_cast<
1194 std::underlying_type<EapPhase2Method>::type>(
1195 method);
1196 if (eap_phase2_method_idx >= kEapPhase2MethodMax) {
1197 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1198 }
1199
1200 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1201 // EAP method needs to be set for us to construct the eap
1202 // phase 2 method string.
1203 ndk::ScopedAStatus status;
1204 EapMethod eap_method;
1205 std::tie(eap_method, status) = getEapMethodInternal();
1206 if (!status.isOk()) {
1207 return createStatusWithMsg(SupplicantStatusCode::FAILURE_UNKNOWN,
1208 "EAP method not set");
1209 }
1210 std::string eap_phase2_str;
1211 if (method == EapPhase2Method::NONE) {
1212 eap_phase2_str = "";
1213 } else if (
1214 eap_method == EapMethod::TTLS &&
1215 method == EapPhase2Method::GTC) {
1216 eap_phase2_str = kEapPhase2AuthEapPrefix;
1217 } else {
1218 eap_phase2_str = kEapPhase2AuthPrefix;
1219 }
1220 eap_phase2_str += kEapPhase2MethodStrings[eap_phase2_method_idx];
1221 if (setStringFieldAndResetState(
1222 eap_phase2_str.c_str(), &(wpa_ssid->eap.phase2),
1223 "eap phase2")) {
1224 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1225 }
1226 return ndk::ScopedAStatus::ok();
1227 }
1228
setEapIdentityInternal(const std::vector<uint8_t> & identity)1229 ndk::ScopedAStatus StaNetwork::setEapIdentityInternal(
1230 const std::vector<uint8_t> &identity)
1231 {
1232 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1233 if (setByteArrayFieldAndResetState(
1234 identity.data(), identity.size(), &(wpa_ssid->eap.identity),
1235 &(wpa_ssid->eap.identity_len), "eap identity")) {
1236 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1237 }
1238 // plain IMSI identity
1239 if (setByteArrayFieldAndResetState(
1240 identity.data(), identity.size(),
1241 &(wpa_ssid->eap.imsi_identity),
1242 &(wpa_ssid->eap.imsi_identity_len), "eap imsi identity")) {
1243 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1244 }
1245 return ndk::ScopedAStatus::ok();
1246 }
1247
setEapEncryptedImsiIdentityInternal(const std::vector<uint8_t> & identity)1248 ndk::ScopedAStatus StaNetwork::setEapEncryptedImsiIdentityInternal(
1249 const std::vector<uint8_t> &identity)
1250 {
1251 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1252 // encrypted IMSI identity
1253 if (setByteArrayFieldAndResetState(
1254 identity.data(), identity.size(), &(wpa_ssid->eap.identity),
1255 &(wpa_ssid->eap.identity_len), "eap encrypted imsi identity")) {
1256 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1257 }
1258 return ndk::ScopedAStatus::ok();
1259 }
1260
setStrictConservativePeerModeInternal(bool enable)1261 ndk::ScopedAStatus StaNetwork::setStrictConservativePeerModeInternal(bool enable)
1262 {
1263 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1264 wpa_ssid->eap.strict_conservative_peer_mode = enable ? 1 : 0;
1265 return ndk::ScopedAStatus::ok();
1266 }
1267
setEapAnonymousIdentityInternal(const std::vector<uint8_t> & identity)1268 ndk::ScopedAStatus StaNetwork::setEapAnonymousIdentityInternal(
1269 const std::vector<uint8_t> &identity)
1270 {
1271 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1272 // If current supplicant pseudonym is the prefix of new pseudonym,
1273 // the credential is not changed, just update the decoration.
1274 // As a result, no need to reset the state.
1275 // The decorated identity will have a postfix like
1276 // @mncXXX.mccYYY.3gppnetwork.org, so the length will be always
1277 // greater than the current one.
1278 bool resetState = wpa_ssid->eap.anonymous_identity == NULL
1279 || wpa_ssid->eap.anonymous_identity_len == 0
1280 || identity.size() == 0
1281 || wpa_ssid->eap.anonymous_identity_len >= identity.size()
1282 || os_strncmp((char *) identity.data(),
1283 (char *) wpa_ssid->eap.anonymous_identity,
1284 wpa_ssid->eap.anonymous_identity_len) != 0;
1285 if (setByteArrayField(
1286 identity.data(), identity.size(),
1287 &(wpa_ssid->eap.anonymous_identity),
1288 &(wpa_ssid->eap.anonymous_identity_len),
1289 "eap anonymous_identity", resetState)) {
1290 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1291 }
1292 return ndk::ScopedAStatus::ok();
1293 }
1294
setEapPasswordInternal(const std::vector<uint8_t> & password)1295 ndk::ScopedAStatus StaNetwork::setEapPasswordInternal(
1296 const std::vector<uint8_t> &password)
1297 {
1298 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1299 if (setByteArrayKeyFieldAndResetState(
1300 password.data(), password.size(), &(wpa_ssid->eap.password),
1301 &(wpa_ssid->eap.password_len), "eap password")) {
1302 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1303 }
1304 wpa_ssid->eap.flags &= ~EAP_CONFIG_FLAGS_PASSWORD_NTHASH;
1305 wpa_ssid->eap.flags &= ~EAP_CONFIG_FLAGS_EXT_PASSWORD;
1306 return ndk::ScopedAStatus::ok();
1307 }
1308
setEapCACertInternal(const std::string & path)1309 ndk::ScopedAStatus StaNetwork::setEapCACertInternal(const std::string &path)
1310 {
1311 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1312 if (setStringFieldAndResetState(
1313 path.c_str(), &(wpa_ssid->eap.cert.ca_cert), "eap ca_cert")) {
1314 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1315 }
1316 return ndk::ScopedAStatus::ok();
1317 }
1318
setEapCAPathInternal(const std::string & path)1319 ndk::ScopedAStatus StaNetwork::setEapCAPathInternal(const std::string &path)
1320 {
1321 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1322 if (setStringFieldAndResetState(
1323 path.c_str(), &(wpa_ssid->eap.cert.ca_path), "eap ca_path")) {
1324 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1325 }
1326 return ndk::ScopedAStatus::ok();
1327 }
1328
setEapClientCertInternal(const std::string & path)1329 ndk::ScopedAStatus StaNetwork::setEapClientCertInternal(const std::string &path)
1330 {
1331 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1332 if (setStringFieldAndResetState(
1333 path.c_str(), &(wpa_ssid->eap.cert.client_cert),
1334 "eap client_cert")) {
1335 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1336 }
1337 return ndk::ScopedAStatus::ok();
1338 }
1339
setEapPrivateKeyIdInternal(const std::string & id)1340 ndk::ScopedAStatus StaNetwork::setEapPrivateKeyIdInternal(const std::string &id)
1341 {
1342 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1343 if (setStringFieldAndResetState(
1344 id.c_str(), &(wpa_ssid->eap.cert.key_id), "eap key_id")) {
1345 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1346 }
1347 return ndk::ScopedAStatus::ok();
1348 }
1349
setEapSubjectMatchInternal(const std::string & match)1350 ndk::ScopedAStatus StaNetwork::setEapSubjectMatchInternal(
1351 const std::string &match)
1352 {
1353 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1354 if (setStringFieldAndResetState(
1355 match.c_str(), &(wpa_ssid->eap.cert.subject_match),
1356 "eap subject_match")) {
1357 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1358 }
1359 return ndk::ScopedAStatus::ok();
1360 }
1361
setEapAltSubjectMatchInternal(const std::string & match)1362 ndk::ScopedAStatus StaNetwork::setEapAltSubjectMatchInternal(
1363 const std::string &match)
1364 {
1365 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1366 if (setStringFieldAndResetState(
1367 match.c_str(), &(wpa_ssid->eap.cert.altsubject_match),
1368 "eap altsubject_match")) {
1369 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1370 }
1371 return ndk::ScopedAStatus::ok();
1372 }
1373
setEapEngineInternal(bool enable)1374 ndk::ScopedAStatus StaNetwork::setEapEngineInternal(bool enable)
1375 {
1376 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1377 wpa_ssid->eap.cert.engine = enable ? 1 : 0;
1378 return ndk::ScopedAStatus::ok();
1379 }
1380
setEapEngineIDInternal(const std::string & id)1381 ndk::ScopedAStatus StaNetwork::setEapEngineIDInternal(const std::string &id)
1382 {
1383 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1384 if (setStringFieldAndResetState(
1385 id.c_str(), &(wpa_ssid->eap.cert.engine_id), "eap engine_id")) {
1386 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1387 }
1388 return ndk::ScopedAStatus::ok();
1389 }
1390
setEapDomainSuffixMatchInternal(const std::string & match)1391 ndk::ScopedAStatus StaNetwork::setEapDomainSuffixMatchInternal(
1392 const std::string &match)
1393 {
1394 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1395 if (setStringFieldAndResetState(
1396 match.c_str(), &(wpa_ssid->eap.cert.domain_suffix_match),
1397 "eap domain_suffix_match")) {
1398 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1399 }
1400 return ndk::ScopedAStatus::ok();
1401 }
1402
setProactiveKeyCachingInternal(bool enable)1403 ndk::ScopedAStatus StaNetwork::setProactiveKeyCachingInternal(bool enable)
1404 {
1405 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1406 wpa_ssid->proactive_key_caching = enable ? 1 : 0;
1407 resetInternalStateAfterParamsUpdate();
1408 return ndk::ScopedAStatus::ok();
1409 }
1410
setIdStrInternal(const std::string & id_str)1411 ndk::ScopedAStatus StaNetwork::setIdStrInternal(const std::string &id_str)
1412 {
1413 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1414 if (setStringFieldAndResetState(
1415 id_str.c_str(), &(wpa_ssid->id_str), "id_str")) {
1416 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1417 }
1418 return ndk::ScopedAStatus::ok();
1419 }
1420
setUpdateIdentifierInternal(uint32_t id)1421 ndk::ScopedAStatus StaNetwork::setUpdateIdentifierInternal(uint32_t id)
1422 {
1423 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1424 wpa_ssid->update_identifier = id;
1425 wpa_printf(
1426 MSG_MSGDUMP, "update_identifier: %d", wpa_ssid->update_identifier);
1427 resetInternalStateAfterParamsUpdate();
1428 return ndk::ScopedAStatus::ok();
1429 }
1430
setWapiCertSuiteInternal(const std::string & suite)1431 ndk::ScopedAStatus StaNetwork::setWapiCertSuiteInternal(const std::string &suite)
1432 {
1433 #ifdef CONFIG_WAPI_INTERFACE
1434 // Dummy implementation
1435 dummyWapiCertSuite = suite;
1436 return ndk::ScopedAStatus::ok();
1437 #else
1438 return createStatusWithMsg(SupplicantStatusCode::FAILURE_UNKNOWN, "Not implemented");
1439 #endif
1440 }
1441
setWapiPskInternal(const std::vector<uint8_t> & psk)1442 ndk::ScopedAStatus StaNetwork::setWapiPskInternal(const std::vector<uint8_t> &psk)
1443 {
1444 #ifdef CONFIG_WAPI_INTERFACE
1445 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1446 str_clear_free(wpa_ssid->passphrase);
1447 wpa_ssid->passphrase = nullptr;
1448
1449 // Dummy implementation
1450 dummyWapiPsk = psk;
1451
1452 wpa_ssid->psk_set = 1;
1453 resetInternalStateAfterParamsUpdate();
1454 return ndk::ScopedAStatus::ok();
1455 #else
1456 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1457 #endif
1458 }
1459
getSsidInternal()1460 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus> StaNetwork::getSsidInternal()
1461 {
1462 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1463 std::vector<uint8_t> ssid(
1464 wpa_ssid->ssid,
1465 wpa_ssid->ssid + wpa_ssid->ssid_len);
1466 return {std::move(ssid), ndk::ScopedAStatus::ok()};
1467 }
1468
1469 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus>
getBssidInternal()1470 StaNetwork::getBssidInternal()
1471 {
1472 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1473 std::vector<uint8_t> bssid(kZeroBssid, kZeroBssid + ETH_ALEN);
1474 if (wpa_ssid->bssid_set) {
1475 bssid.assign(wpa_ssid->bssid, wpa_ssid->bssid + ETH_ALEN);
1476 }
1477 return {std::move(bssid), ndk::ScopedAStatus::ok()};
1478 }
1479
getScanSsidInternal()1480 std::pair<bool, ndk::ScopedAStatus> StaNetwork::getScanSsidInternal()
1481 {
1482 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1483 return {(wpa_ssid->scan_ssid == 1), ndk::ScopedAStatus::ok()};
1484 }
1485
1486 std::pair<AuthAlgMask, ndk::ScopedAStatus>
getAuthAlgInternal()1487 StaNetwork::getAuthAlgInternal()
1488 {
1489 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1490 uint32_t auth_alg_mask = wpa_ssid->auth_alg & kAllowedAuthAlgMask;
1491 return {static_cast<AuthAlgMask>(auth_alg_mask), ndk::ScopedAStatus::ok()};
1492 }
1493
getPskPassphraseInternal()1494 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getPskPassphraseInternal()
1495 {
1496 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1497 #ifdef CONFIG_WAPI_INTERFACE
1498 if (wpa_ssid->key_mgmt & WPA_KEY_MGMT_WAPI_PSK) {
1499 if (wpa_ssid->psk_set) {
1500 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus> ret = getWapiPskInternal();
1501 std::string psk;
1502 char buf[3] = {0};
1503 for (int i = 0; i < ret.second.size(); i++) {
1504 snprintf(buf, sizeof(buf), "%02x", ret.second[i]);
1505 psk.append(buf);
1506 }
1507 return {psk, ndk::ScopedAStatus::ok()};
1508 } else {
1509 if (!wpa_ssid->passphrase) {
1510 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1511 }
1512 std::string passphrase;
1513 passphrase.append("\"");
1514 passphrase.append(wpa_ssid->passphrase);
1515 passphrase.append("\"");
1516 return {passphrase, ndk::ScopedAStatus::ok()};
1517 }
1518 }
1519 #endif
1520 if (!wpa_ssid->passphrase) {
1521 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1522 }
1523 return {wpa_ssid->passphrase, ndk::ScopedAStatus::ok()};
1524 }
1525
1526 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus>
getPskInternal()1527 StaNetwork::getPskInternal()
1528 {
1529 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1530 WPA_ASSERT(psk.size() == sizeof(wpa_ssid->psk));
1531 if (!wpa_ssid->psk_set) {
1532 return {std::vector<uint8_t>(),
1533 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1534 }
1535 std::vector<uint8_t> psk(wpa_ssid->psk, wpa_ssid->psk + 32);
1536 return {psk, ndk::ScopedAStatus::ok()};
1537 }
1538
getSaePasswordInternal()1539 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getSaePasswordInternal()
1540 {
1541 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1542 if (!wpa_ssid->sae_password) {
1543 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1544 }
1545 return {misc_utils::charBufToString(wpa_ssid->sae_password),
1546 ndk::ScopedAStatus::ok()};
1547 }
1548
getSaePasswordIdInternal()1549 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getSaePasswordIdInternal()
1550 {
1551 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1552 if (!wpa_ssid->sae_password_id) {
1553 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1554 }
1555 return {misc_utils::charBufToString(wpa_ssid->sae_password_id),
1556 ndk::ScopedAStatus::ok()};
1557 }
1558
getWepKeyInternal(uint32_t key_idx)1559 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus> StaNetwork::getWepKeyInternal(
1560 uint32_t key_idx)
1561 {
1562 std::vector<uint8_t> wep_key;
1563 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1564 if (key_idx >=
1565 static_cast<uint32_t>(
1566 ISupplicantStaNetwork::WEP_KEYS_MAX_NUM)) {
1567 return {wep_key,
1568 createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID)};
1569 }
1570 wep_key.assign(
1571 wpa_ssid->wep_key[key_idx],
1572 wpa_ssid->wep_key[key_idx] + wpa_ssid->wep_key_len[key_idx]);
1573 return {std::move(wep_key), ndk::ScopedAStatus::ok()};
1574 }
1575
getWepTxKeyIdxInternal()1576 std::pair<uint32_t, ndk::ScopedAStatus> StaNetwork::getWepTxKeyIdxInternal()
1577 {
1578 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1579 return {wpa_ssid->wep_tx_keyidx, ndk::ScopedAStatus::ok()};
1580 }
1581
getRequirePmfInternal()1582 std::pair<bool, ndk::ScopedAStatus> StaNetwork::getRequirePmfInternal()
1583 {
1584 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1585 return {(wpa_ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED),
1586 ndk::ScopedAStatus::ok()};
1587 }
1588
1589 std::pair<EapMethod, ndk::ScopedAStatus>
getEapMethodInternal()1590 StaNetwork::getEapMethodInternal()
1591 {
1592 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1593 if (!wpa_ssid->eap.eap_methods) {
1594 return {static_cast<EapMethod>(0),
1595 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1596 }
1597 // wpa_supplicant can support setting multiple eap methods for each
1598 // network. But, this is not really used by Android. So, just reading
1599 // the first EAP method for each network.
1600 const std::string eap_method_str = eap_get_name(
1601 wpa_ssid->eap.eap_methods[0].vendor,
1602 static_cast<enum eap_type>(wpa_ssid->eap.eap_methods[0].method));
1603 size_t eap_method_idx =
1604 std::find(
1605 std::begin(kEapMethodStrings), std::end(kEapMethodStrings),
1606 eap_method_str) -
1607 std::begin(kEapMethodStrings);
1608 if (eap_method_idx >= kEapMethodMax) {
1609 return {static_cast<EapMethod>(0),
1610 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1611 }
1612 return {static_cast<EapMethod>(eap_method_idx), ndk::ScopedAStatus::ok()};
1613 }
1614
1615 std::pair<EapPhase2Method, ndk::ScopedAStatus>
getEapPhase2MethodInternal()1616 StaNetwork::getEapPhase2MethodInternal()
1617 {
1618 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1619 if (!wpa_ssid->eap.phase2) {
1620 return {static_cast<EapPhase2Method>(0),
1621 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1622 }
1623 const std::string eap_phase2_method_str_with_prefix =
1624 wpa_ssid->eap.phase2;
1625 std::string eap_phase2_method_str;
1626 // Strip out the phase 2 method prefix before doing a reverse lookup
1627 // of phase 2 string to the Eap Phase 2 type.
1628 if (eap_phase2_method_str_with_prefix.find(kEapPhase2AuthPrefix) == 0) {
1629 eap_phase2_method_str =
1630 eap_phase2_method_str_with_prefix.substr(
1631 strlen(kEapPhase2AuthPrefix),
1632 eap_phase2_method_str_with_prefix.size());
1633 } else if (
1634 eap_phase2_method_str_with_prefix.find(kEapPhase2AuthEapPrefix) ==
1635 0) {
1636 eap_phase2_method_str =
1637 eap_phase2_method_str_with_prefix.substr(
1638 strlen(kEapPhase2AuthEapPrefix),
1639 eap_phase2_method_str_with_prefix.size());
1640 }
1641 size_t eap_phase2_method_idx =
1642 std::find(
1643 std::begin(kEapPhase2MethodStrings),
1644 std::end(kEapPhase2MethodStrings), eap_phase2_method_str) -
1645 std::begin(kEapPhase2MethodStrings);
1646 if (eap_phase2_method_idx >= kEapPhase2MethodMax) {
1647 return {static_cast<EapPhase2Method>(0),
1648 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1649 }
1650 return {static_cast<EapPhase2Method>(eap_phase2_method_idx),
1651 ndk::ScopedAStatus::ok()};
1652 }
1653
1654 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus>
getEapIdentityInternal()1655 StaNetwork::getEapIdentityInternal()
1656 {
1657 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1658 if (!wpa_ssid->eap.identity) {
1659 return {std::vector<uint8_t>(),
1660 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1661 }
1662 return {std::vector<uint8_t>(
1663 wpa_ssid->eap.identity,
1664 wpa_ssid->eap.identity + wpa_ssid->eap.identity_len),
1665 ndk::ScopedAStatus::ok()};
1666 }
1667
1668 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus>
getEapAnonymousIdentityInternal()1669 StaNetwork::getEapAnonymousIdentityInternal()
1670 {
1671 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1672 if (!wpa_ssid->eap.anonymous_identity) {
1673 return {std::vector<uint8_t>(),
1674 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1675 }
1676 return {std::vector<uint8_t>(
1677 wpa_ssid->eap.anonymous_identity,
1678 wpa_ssid->eap.anonymous_identity +
1679 wpa_ssid->eap.anonymous_identity_len),
1680 ndk::ScopedAStatus::ok()};
1681 }
1682
1683 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus>
getEapPasswordInternal()1684 StaNetwork::getEapPasswordInternal()
1685 {
1686 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1687 if (!wpa_ssid->eap.password) {
1688 return {std::vector<uint8_t>(), createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1689 }
1690 return {std::vector<uint8_t>(
1691 wpa_ssid->eap.password,
1692 wpa_ssid->eap.password + wpa_ssid->eap.password_len),
1693 ndk::ScopedAStatus::ok()};
1694 }
1695
getEapCACertInternal()1696 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getEapCACertInternal()
1697 {
1698 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1699 if (!wpa_ssid->eap.cert.ca_cert) {
1700 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1701 }
1702 return {misc_utils::charBufToString(wpa_ssid->eap.cert.ca_cert),
1703 ndk::ScopedAStatus::ok()};
1704 }
1705
getEapCAPathInternal()1706 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getEapCAPathInternal()
1707 {
1708 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1709 if (!wpa_ssid->eap.cert.ca_path) {
1710 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1711 }
1712 return {misc_utils::charBufToString(wpa_ssid->eap.cert.ca_path),
1713 ndk::ScopedAStatus::ok()};
1714 }
1715
getEapClientCertInternal()1716 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getEapClientCertInternal()
1717 {
1718 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1719 if (!wpa_ssid->eap.cert.client_cert) {
1720 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1721 }
1722 return {misc_utils::charBufToString(wpa_ssid->eap.cert.client_cert),
1723 ndk::ScopedAStatus::ok()};
1724 }
1725
1726 std::pair<std::string, ndk::ScopedAStatus>
getEapPrivateKeyIdInternal()1727 StaNetwork::getEapPrivateKeyIdInternal()
1728 {
1729 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1730 if (!wpa_ssid->eap.cert.key_id) {
1731 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1732 }
1733 return {misc_utils::charBufToString(reinterpret_cast<char *>(wpa_ssid->eap.cert.key_id)),
1734 ndk::ScopedAStatus::ok()};
1735 }
1736
1737 std::pair<std::string, ndk::ScopedAStatus>
getEapSubjectMatchInternal()1738 StaNetwork::getEapSubjectMatchInternal()
1739 {
1740 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1741 if (!wpa_ssid->eap.cert.subject_match) {
1742 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1743 }
1744 return {misc_utils::charBufToString(wpa_ssid->eap.cert.subject_match),
1745 ndk::ScopedAStatus::ok()};
1746 }
1747
1748 std::pair<std::string, ndk::ScopedAStatus>
getEapAltSubjectMatchInternal()1749 StaNetwork::getEapAltSubjectMatchInternal()
1750 {
1751 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1752 if (!wpa_ssid->eap.cert.altsubject_match) {
1753 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1754 }
1755 return {misc_utils::charBufToString(wpa_ssid->eap.cert.altsubject_match),
1756 ndk::ScopedAStatus::ok()};
1757 }
1758
getEapEngineInternal()1759 std::pair<bool, ndk::ScopedAStatus> StaNetwork::getEapEngineInternal()
1760 {
1761 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1762 return {wpa_ssid->eap.cert.engine == 1, ndk::ScopedAStatus::ok()};
1763 }
1764
getEapEngineIdInternal()1765 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getEapEngineIdInternal()
1766 {
1767 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1768 if (!wpa_ssid->eap.cert.engine_id) {
1769 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1770 }
1771 return {misc_utils::charBufToString(wpa_ssid->eap.cert.engine_id),
1772 ndk::ScopedAStatus::ok()};
1773 }
1774
1775 std::pair<std::string, ndk::ScopedAStatus>
getEapDomainSuffixMatchInternal()1776 StaNetwork::getEapDomainSuffixMatchInternal()
1777 {
1778 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1779 if (!wpa_ssid->eap.cert.domain_suffix_match) {
1780 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1781 }
1782 return {misc_utils::charBufToString(wpa_ssid->eap.cert.domain_suffix_match),
1783 ndk::ScopedAStatus::ok()};
1784 }
1785
getIdStrInternal()1786 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getIdStrInternal()
1787 {
1788 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1789 if (!wpa_ssid->id_str) {
1790 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1791 }
1792 return {misc_utils::charBufToString(wpa_ssid->id_str),
1793 ndk::ScopedAStatus::ok()};
1794 }
1795
getEdmgInternal()1796 std::pair<bool, ndk::ScopedAStatus> StaNetwork::getEdmgInternal()
1797 {
1798 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1799 return {(wpa_ssid->enable_edmg == 1), ndk::ScopedAStatus::ok()};
1800 }
1801
1802 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus>
getWpsNfcConfigurationTokenInternal()1803 StaNetwork::getWpsNfcConfigurationTokenInternal()
1804 {
1805 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1806 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1807 auto token_buf = misc_utils::createWpaBufUniquePtr(
1808 wpas_wps_network_config_token(wpa_s, 0, wpa_ssid));
1809 if (!token_buf) {
1810 return {std::vector<uint8_t>(),
1811 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1812 }
1813 return {misc_utils::convertWpaBufToVector(token_buf.get()),
1814 ndk::ScopedAStatus::ok()};
1815 }
1816
getWapiCertSuiteInternal()1817 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getWapiCertSuiteInternal()
1818 {
1819 #ifdef CONFIG_WAPI_INTERFACE
1820 // Dummy implementation
1821 return {dummyWapiCertSuite, ndk::ScopedAStatus::ok()};
1822 #else
1823 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1824 #endif
1825 }
1826
getWapiPskInternal()1827 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus> StaNetwork::getWapiPskInternal()
1828 {
1829 #ifdef CONFIG_WAPI_INTERFACE
1830 // Dummy implementation
1831 return {dummyWapiPsk, ndk::ScopedAStatus::ok()};
1832 #else
1833 return {std::vector<uint8_t>(),
1834 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1835 #endif
1836 }
1837
enableInternal(bool no_connect)1838 ndk::ScopedAStatus StaNetwork::enableInternal(bool no_connect)
1839 {
1840 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1841 if (wpa_ssid->disabled == 2) {
1842 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1843 }
1844 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1845 if (no_connect) {
1846 wpa_ssid->disabled = 0;
1847 } else {
1848 wpa_s->scan_min_time.sec = 0;
1849 wpa_s->scan_min_time.usec = 0;
1850 wpa_supplicant_enable_network(wpa_s, wpa_ssid);
1851 }
1852 return ndk::ScopedAStatus::ok();
1853 }
1854
disableInternal()1855 ndk::ScopedAStatus StaNetwork::disableInternal()
1856 {
1857 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1858 if (wpa_ssid->disabled == 2) {
1859 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1860 }
1861 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1862 wpa_supplicant_disable_network(wpa_s, wpa_ssid);
1863 return ndk::ScopedAStatus::ok();
1864 }
1865
selectInternal()1866 ndk::ScopedAStatus StaNetwork::selectInternal()
1867 {
1868 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1869 if (wpa_ssid->disabled == 2) {
1870 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1871 }
1872 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1873 wpa_s->scan_min_time.sec = 0;
1874 wpa_s->scan_min_time.usec = 0;
1875 wpa_supplicant_select_network(wpa_s, wpa_ssid);
1876 return ndk::ScopedAStatus::ok();
1877 }
1878
sendNetworkEapSimGsmAuthResponseInternal(const std::vector<NetworkResponseEapSimGsmAuthParams> & vec_params)1879 ndk::ScopedAStatus StaNetwork::sendNetworkEapSimGsmAuthResponseInternal(
1880 const std::vector<NetworkResponseEapSimGsmAuthParams>
1881 &vec_params)
1882 {
1883 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1884 // Convert the incoming parameters to a string to pass to
1885 // wpa_supplicant.
1886 std::string ctrl_rsp_param = std::string(kNetworkEapSimGsmAuthResponse);
1887 for (const auto ¶ms : vec_params) {
1888 uint32_t kc_hex_len = params.kc.size() * 2 + 1;
1889 std::vector<char> kc_hex(kc_hex_len);
1890 uint32_t sres_hex_len = params.sres.size() * 2 + 1;
1891 std::vector<char> sres_hex(sres_hex_len);
1892 wpa_snprintf_hex(
1893 kc_hex.data(), kc_hex.size(), params.kc.data(),
1894 params.kc.size());
1895 wpa_snprintf_hex(
1896 sres_hex.data(), sres_hex.size(), params.sres.data(),
1897 params.sres.size());
1898 ctrl_rsp_param += ":" + std::string(kc_hex.data()) + ":" +
1899 std::string(sres_hex.data());
1900 }
1901 enum wpa_ctrl_req_type rtype = WPA_CTRL_REQ_SIM;
1902 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1903 if (wpa_supplicant_ctrl_rsp_handle(
1904 wpa_s, wpa_ssid, rtype, ctrl_rsp_param.c_str(),
1905 ctrl_rsp_param.size())) {
1906 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1907 }
1908 eapol_sm_notify_ctrl_response(wpa_s->eapol);
1909 wpa_hexdump_ascii_key(
1910 MSG_DEBUG, "network sim gsm auth response param",
1911 (const u8 *)ctrl_rsp_param.c_str(), ctrl_rsp_param.size());
1912 return ndk::ScopedAStatus::ok();
1913 }
1914
sendNetworkEapSimGsmAuthFailureInternal()1915 ndk::ScopedAStatus StaNetwork::sendNetworkEapSimGsmAuthFailureInternal()
1916 {
1917 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1918 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1919 enum wpa_ctrl_req_type rtype = WPA_CTRL_REQ_SIM;
1920 if (wpa_supplicant_ctrl_rsp_handle(
1921 wpa_s, wpa_ssid, rtype, kNetworkEapSimGsmAuthFailure,
1922 strlen(kNetworkEapSimGsmAuthFailure))) {
1923 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1924 }
1925 eapol_sm_notify_ctrl_response(wpa_s->eapol);
1926 return ndk::ScopedAStatus::ok();
1927 }
1928
sendNetworkEapSimUmtsAuthResponseInternal(const NetworkResponseEapSimUmtsAuthParams & params)1929 ndk::ScopedAStatus StaNetwork::sendNetworkEapSimUmtsAuthResponseInternal(
1930 const NetworkResponseEapSimUmtsAuthParams ¶ms)
1931 {
1932 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1933 // Convert the incoming parameters to a string to pass to
1934 // wpa_supplicant.
1935 uint32_t ik_hex_len = params.ik.size() * 2 + 1;
1936 std::vector<char> ik_hex(ik_hex_len);
1937 uint32_t ck_hex_len = params.ck.size() * 2 + 1;
1938 std::vector<char> ck_hex(ck_hex_len);
1939 uint32_t res_hex_len = params.res.size() * 2 + 1;
1940 std::vector<char> res_hex(res_hex_len);
1941 wpa_snprintf_hex(
1942 ik_hex.data(), ik_hex.size(), params.ik.data(), params.ik.size());
1943 wpa_snprintf_hex(
1944 ck_hex.data(), ck_hex.size(), params.ck.data(), params.ck.size());
1945 wpa_snprintf_hex(
1946 res_hex.data(), res_hex.size(), params.res.data(),
1947 params.res.size());
1948 std::string ctrl_rsp_param =
1949 std::string(kNetworkEapSimUmtsAuthResponse) + ":" +
1950 std::string(ik_hex.data()) + ":" + std::string(ck_hex.data()) +
1951 ":" + std::string(res_hex.data());
1952 enum wpa_ctrl_req_type rtype = WPA_CTRL_REQ_SIM;
1953 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1954 if (wpa_supplicant_ctrl_rsp_handle(
1955 wpa_s, wpa_ssid, rtype, ctrl_rsp_param.c_str(),
1956 ctrl_rsp_param.size())) {
1957 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1958 }
1959 eapol_sm_notify_ctrl_response(wpa_s->eapol);
1960 wpa_hexdump_ascii_key(
1961 MSG_DEBUG, "network sim umts auth response param",
1962 (const u8 *)ctrl_rsp_param.c_str(), ctrl_rsp_param.size());
1963 return ndk::ScopedAStatus::ok();
1964 }
1965
sendNetworkEapSimUmtsAutsResponseInternal(const std::vector<uint8_t> & auts)1966 ndk::ScopedAStatus StaNetwork::sendNetworkEapSimUmtsAutsResponseInternal(
1967 const std::vector<uint8_t> &auts)
1968 {
1969 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1970 uint32_t auts_hex_len = auts.size() * 2 + 1;
1971 std::vector<char> auts_hex(auts_hex_len);
1972 wpa_snprintf_hex(
1973 auts_hex.data(), auts_hex.size(), auts.data(), auts.size());
1974 std::string ctrl_rsp_param =
1975 std::string(kNetworkEapSimUmtsAutsResponse) + ":" +
1976 std::string(auts_hex.data());
1977 enum wpa_ctrl_req_type rtype = WPA_CTRL_REQ_SIM;
1978 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1979 if (wpa_supplicant_ctrl_rsp_handle(
1980 wpa_s, wpa_ssid, rtype, ctrl_rsp_param.c_str(),
1981 ctrl_rsp_param.size())) {
1982 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1983 }
1984 eapol_sm_notify_ctrl_response(wpa_s->eapol);
1985 wpa_hexdump_ascii_key(
1986 MSG_DEBUG, "network sim umts auts response param",
1987 (const u8 *)ctrl_rsp_param.c_str(), ctrl_rsp_param.size());
1988 return ndk::ScopedAStatus::ok();
1989 }
1990
sendNetworkEapSimUmtsAuthFailureInternal()1991 ndk::ScopedAStatus StaNetwork::sendNetworkEapSimUmtsAuthFailureInternal()
1992 {
1993 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1994 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1995 enum wpa_ctrl_req_type rtype = WPA_CTRL_REQ_SIM;
1996 if (wpa_supplicant_ctrl_rsp_handle(
1997 wpa_s, wpa_ssid, rtype, kNetworkEapSimUmtsAuthFailure,
1998 strlen(kNetworkEapSimUmtsAuthFailure))) {
1999 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2000 }
2001 eapol_sm_notify_ctrl_response(wpa_s->eapol);
2002 return ndk::ScopedAStatus::ok();
2003 }
2004
sendNetworkEapIdentityResponseInternal(const std::vector<uint8_t> & identity,const std::vector<uint8_t> & encrypted_imsi_identity)2005 ndk::ScopedAStatus StaNetwork::sendNetworkEapIdentityResponseInternal(
2006 const std::vector<uint8_t> &identity,
2007 const std::vector<uint8_t> &encrypted_imsi_identity)
2008 {
2009 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2010 std::string ctrl_rsp_param(identity.begin(), identity.end());
2011 // If encrypted identity is included, format is:
2012 // plain identity + ":" + encrypted_identity
2013 if (encrypted_imsi_identity.size() != 0) {
2014 ctrl_rsp_param += ":" + std::string(
2015 encrypted_imsi_identity.begin(), encrypted_imsi_identity.end());
2016 }
2017 enum wpa_ctrl_req_type rtype = WPA_CTRL_REQ_EAP_IDENTITY;
2018 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
2019 if (wpa_supplicant_ctrl_rsp_handle(
2020 wpa_s, wpa_ssid, rtype, ctrl_rsp_param.c_str(),
2021 ctrl_rsp_param.size())) {
2022 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2023 }
2024 eapol_sm_notify_ctrl_response(wpa_s->eapol);
2025 wpa_hexdump_ascii_key(
2026 MSG_DEBUG, "network identity response param",
2027 (const u8 *)ctrl_rsp_param.c_str(), ctrl_rsp_param.size());
2028 return ndk::ScopedAStatus::ok();
2029 }
2030
enableTlsSuiteBEapPhase1ParamInternal(bool enable)2031 ndk::ScopedAStatus StaNetwork::enableTlsSuiteBEapPhase1ParamInternal(bool enable)
2032 {
2033 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2034 int val = enable == true ? 1 : 0;
2035 if (enable) {
2036 setTlsFlagsFor192BitMode(true /*rsaMode */);
2037 } else {
2038 tlsFlags &= ~TLS_CONN_SUITEB;
2039 }
2040 std::string phase1_params("tls_suiteb=" + std::to_string(val));
2041 if (wpa_ssid->eap.phase1 != NULL) {
2042 phase1_params.append(wpa_ssid->eap.phase1);
2043 }
2044
2045 if (setStringKeyFieldAndResetState(
2046 phase1_params.c_str(), &(wpa_ssid->eap.phase1), "phase1")) {
2047 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2048 }
2049 return ndk::ScopedAStatus::ok();
2050 }
2051
enableSuiteBEapOpenSslCiphersInternal()2052 ndk::ScopedAStatus StaNetwork::enableSuiteBEapOpenSslCiphersInternal()
2053 {
2054 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2055 const char openssl_suiteb_cipher[] = "SUITEB192";
2056
2057 if (setStringKeyFieldAndResetState(
2058 openssl_suiteb_cipher, &(wpa_ssid->eap.openssl_ciphers),
2059 "openssl_ciphers")) {
2060 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2061 }
2062 setTlsFlagsFor192BitMode(false /*rsaMode */);
2063 return ndk::ScopedAStatus::ok();
2064 }
2065
setSaePasswordInternal(const std::string & sae_password)2066 ndk::ScopedAStatus StaNetwork::setSaePasswordInternal(
2067 const std::string &sae_password)
2068 {
2069 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2070 if (sae_password.length() < 1) {
2071 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2072 }
2073 if (wpa_ssid->sae_password &&
2074 os_strlen(wpa_ssid->sae_password) == sae_password.length() &&
2075 os_memcmp(
2076 wpa_ssid->sae_password, sae_password.c_str(),
2077 sae_password.length()) == 0) {
2078 return ndk::ScopedAStatus::ok();
2079 }
2080 wpa_ssid->psk_set = 1;
2081 if (setStringKeyFieldAndResetState(
2082 sae_password.c_str(), &(wpa_ssid->sae_password),
2083 "sae password")) {
2084 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2085 }
2086 return ndk::ScopedAStatus::ok();
2087 }
2088
setSaePasswordIdInternal(const std::string & sae_password_id)2089 ndk::ScopedAStatus StaNetwork::setSaePasswordIdInternal(
2090 const std::string &sae_password_id)
2091 {
2092 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2093 if (sae_password_id.length() < 1) {
2094 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2095 }
2096 if (wpa_ssid->sae_password_id &&
2097 os_strlen(wpa_ssid->sae_password_id) == sae_password_id.length() &&
2098 os_memcmp(
2099 wpa_ssid->sae_password_id, sae_password_id.c_str(),
2100 sae_password_id.length()) == 0) {
2101 return ndk::ScopedAStatus::ok();
2102 }
2103 wpa_ssid->psk_set = 1;
2104 if (setStringKeyFieldAndResetState(
2105 sae_password_id.c_str(), &(wpa_ssid->sae_password_id),
2106 "sae password id")) {
2107 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2108 }
2109 return ndk::ScopedAStatus::ok();
2110 }
2111
setGroupMgmtCipherInternal(GroupMgmtCipherMask mask)2112 ndk::ScopedAStatus StaNetwork::setGroupMgmtCipherInternal(
2113 GroupMgmtCipherMask mask)
2114 {
2115 uint32_t group_mgmt_cipher_mask = static_cast<uint32_t>(mask);
2116 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2117 if (group_mgmt_cipher_mask & ~kAllowedGroupMgmtCipherMask) {
2118 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2119 }
2120 wpa_ssid->group_mgmt_cipher = group_mgmt_cipher_mask;
2121 wpa_printf(MSG_MSGDUMP, "group_mgmt_cipher: 0x%x",
2122 wpa_ssid->group_mgmt_cipher);
2123 resetInternalStateAfterParamsUpdate();
2124 return ndk::ScopedAStatus::ok();
2125 }
2126
2127 std::pair<GroupMgmtCipherMask, ndk::ScopedAStatus>
getGroupMgmtCipherInternal()2128 StaNetwork::getGroupMgmtCipherInternal()
2129 {
2130 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2131 uint32_t group_mgmt_cipher_mask =
2132 wpa_ssid->group_mgmt_cipher & kAllowedGroupMgmtCipherMask;
2133 return {static_cast<GroupMgmtCipherMask>(group_mgmt_cipher_mask),
2134 ndk::ScopedAStatus::ok()};
2135 }
2136
setOcspInternal(OcspType ocspType)2137 ndk::ScopedAStatus StaNetwork::setOcspInternal(OcspType ocspType) {
2138 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2139 if (ocspType < OcspType::NONE || ocspType > OcspType::REQUIRE_ALL_CERTS_STATUS) {
2140 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2141 }
2142 wpa_ssid->eap.cert.ocsp = (int) ocspType;
2143 wpa_printf(
2144 MSG_MSGDUMP, "ocsp: %d", wpa_ssid->eap.cert.ocsp);
2145 resetInternalStateAfterParamsUpdate();
2146 return ndk::ScopedAStatus::ok();
2147 }
2148
getOcspInternal()2149 std::pair<OcspType, ndk::ScopedAStatus> StaNetwork::getOcspInternal()
2150 {
2151 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2152 return {static_cast<OcspType>(wpa_ssid->eap.cert.ocsp),
2153 ndk::ScopedAStatus::ok()};
2154 }
2155
setPmkCacheInternal(const std::vector<uint8_t> & serializedEntry)2156 ndk::ScopedAStatus StaNetwork::setPmkCacheInternal(const std::vector<uint8_t>& serializedEntry) {
2157 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
2158 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2159 struct rsn_pmksa_cache_entry *new_entry = NULL;
2160
2161 new_entry = (struct rsn_pmksa_cache_entry *) os_zalloc(sizeof(*new_entry));
2162 if (!new_entry) {
2163 return createStatusWithMsg(SupplicantStatusCode::FAILURE_UNKNOWN,
2164 "Allocating memory failed");
2165 }
2166
2167 std::stringstream ss(
2168 std::stringstream::in | std::stringstream::out | std::stringstream::binary);
2169 ss.write((char *) serializedEntry.data(), std::streamsize(serializedEntry.size()));
2170 if (misc_utils::deserializePmkCacheEntry(ss, new_entry) < 0) {
2171 os_free(new_entry);
2172 return createStatusWithMsg(SupplicantStatusCode::FAILURE_ARGS_INVALID,
2173 "Invalid pmk length");
2174 }
2175 new_entry->network_ctx = wpa_ssid;
2176
2177 // If there is an entry has a later expiration, ignore this one.
2178 struct rsn_pmksa_cache_entry *existing_entry = wpa_sm_pmksa_cache_get(
2179 wpa_s->wpa, new_entry->aa, NULL, NULL, new_entry->akmp);
2180 if (NULL != existing_entry &&
2181 existing_entry->expiration >= new_entry->expiration) {
2182 return ndk::ScopedAStatus::ok();
2183 }
2184
2185 new_entry->external = true;
2186 wpa_sm_pmksa_cache_add_entry(wpa_s->wpa, new_entry);
2187
2188 return ndk::ScopedAStatus::ok();
2189 }
2190
setKeyMgmtInternal(KeyMgmtMask mask)2191 ndk::ScopedAStatus StaNetwork::setKeyMgmtInternal(
2192 KeyMgmtMask mask)
2193 {
2194 uint32_t key_mgmt_mask = static_cast<uint32_t>(mask);
2195 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
2196 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2197 if (key_mgmt_mask & ~kAllowedKeyMgmtMask) {
2198 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2199 }
2200 #ifdef CONFIG_SAE
2201 struct wpa_driver_capa capa;
2202 int res = wpa_drv_get_capa(wpa_s, &capa);
2203 if ((res == 0) && (key_mgmt_mask & WPA_KEY_MGMT_SAE) &&
2204 (capa.key_mgmt_iftype[WPA_IF_STATION] & WPA_DRIVER_CAPA_KEY_MGMT_SAE_EXT_KEY)) {
2205 key_mgmt_mask |= WPA_KEY_MGMT_SAE_EXT_KEY;
2206 }
2207 #endif
2208 setFastTransitionKeyMgmt(key_mgmt_mask);
2209
2210 if (key_mgmt_mask & WPA_KEY_MGMT_OWE) {
2211 // Do not allow to connect to Open network when OWE is selected
2212 wpa_ssid->owe_only = 1;
2213 wpa_ssid->owe_ptk_workaround = 1;
2214 }
2215 wpa_ssid->key_mgmt = key_mgmt_mask;
2216 wpa_printf(MSG_MSGDUMP, "key_mgmt: 0x%x", wpa_ssid->key_mgmt);
2217 resetInternalStateAfterParamsUpdate();
2218 return ndk::ScopedAStatus::ok();
2219 }
2220
2221 std::pair<KeyMgmtMask, ndk::ScopedAStatus>
getKeyMgmtInternal()2222 StaNetwork::getKeyMgmtInternal()
2223 {
2224 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2225 uint32_t key_mgmt_mask = wpa_ssid->key_mgmt & kAllowedKeyMgmtMask;
2226
2227 resetFastTransitionKeyMgmt(key_mgmt_mask);
2228 return {static_cast<KeyMgmtMask>(key_mgmt_mask),
2229 ndk::ScopedAStatus::ok()};
2230 }
2231
setProtoInternal(ProtoMask mask)2232 ndk::ScopedAStatus StaNetwork::setProtoInternal(
2233 ProtoMask mask)
2234 {
2235 uint32_t proto_mask = static_cast<uint32_t>(mask);
2236 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2237 if (proto_mask & ~kAllowedProtoMask) {
2238 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2239 }
2240 wpa_ssid->proto = proto_mask;
2241 wpa_printf(MSG_MSGDUMP, "proto: 0x%x", wpa_ssid->proto);
2242 resetInternalStateAfterParamsUpdate();
2243 return ndk::ScopedAStatus::ok();
2244 }
2245
2246 std::pair<ProtoMask, ndk::ScopedAStatus>
getProtoInternal()2247 StaNetwork::getProtoInternal()
2248 {
2249 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2250 uint32_t proto_mask = wpa_ssid->proto & kAllowedProtoMask;
2251 return {static_cast<ProtoMask>(proto_mask), ndk::ScopedAStatus::ok()};
2252 }
2253
setGroupCipherInternal(GroupCipherMask mask)2254 ndk::ScopedAStatus StaNetwork::setGroupCipherInternal(
2255 GroupCipherMask mask)
2256 {
2257 uint32_t group_cipher_mask = static_cast<uint32_t>(mask);
2258 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2259 if (group_cipher_mask & ~kAllowedGroupCipherMask) {
2260 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2261 }
2262 wpa_ssid->group_cipher = group_cipher_mask;
2263 wpa_printf(MSG_MSGDUMP, "group_cipher: 0x%x", wpa_ssid->group_cipher);
2264 resetInternalStateAfterParamsUpdate();
2265 return ndk::ScopedAStatus::ok();
2266 }
2267
2268 std::pair<GroupCipherMask, ndk::ScopedAStatus>
getGroupCipherInternal()2269 StaNetwork::getGroupCipherInternal()
2270 {
2271 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2272 uint32_t group_cipher_mask = wpa_ssid->group_cipher & kAllowedGroupCipherMask;
2273 return {static_cast<GroupCipherMask>(group_cipher_mask),
2274 ndk::ScopedAStatus::ok()};
2275 }
2276
setPairwiseCipherInternal(PairwiseCipherMask mask)2277 ndk::ScopedAStatus StaNetwork::setPairwiseCipherInternal(
2278 PairwiseCipherMask mask)
2279 {
2280 uint32_t pairwise_cipher_mask = static_cast<uint32_t>(mask);
2281 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2282 if (pairwise_cipher_mask & ~kAllowedPairwisewCipherMask) {
2283 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2284 }
2285 wpa_ssid->pairwise_cipher = pairwise_cipher_mask;
2286 wpa_printf(
2287 MSG_MSGDUMP, "pairwise_cipher: 0x%x", wpa_ssid->pairwise_cipher);
2288 resetInternalStateAfterParamsUpdate();
2289 return ndk::ScopedAStatus::ok();
2290 }
2291
2292 std::pair<PairwiseCipherMask, ndk::ScopedAStatus>
getPairwiseCipherInternal()2293 StaNetwork::getPairwiseCipherInternal()
2294 {
2295 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2296 uint32_t pairwise_cipher_mask = wpa_ssid->pairwise_cipher & kAllowedPairwisewCipherMask;
2297 return {static_cast<PairwiseCipherMask>(pairwise_cipher_mask),
2298 ndk::ScopedAStatus::ok()};
2299 }
2300
setRoamingConsortiumSelectionInternal(const std::vector<uint8_t> & selectedRcoi)2301 ndk::ScopedAStatus StaNetwork::setRoamingConsortiumSelectionInternal(
2302 const std::vector<uint8_t> &selectedRcoi)
2303 {
2304 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2305 if (wpa_ssid == NULL) {
2306 return createStatus(SupplicantStatusCode::FAILURE_NETWORK_INVALID);
2307 }
2308
2309 if (setByteArrayFieldAndResetState(
2310 selectedRcoi.data(), selectedRcoi.size(),
2311 &(wpa_ssid->roaming_consortium_selection),
2312 &(wpa_ssid->roaming_consortium_selection_len),
2313 "roaming_consortium_selection")) {
2314 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2315 }
2316
2317 resetInternalStateAfterParamsUpdate();
2318 return ndk::ScopedAStatus::ok();
2319 }
2320
2321 /**
2322 * Retrieve the underlying |wpa_ssid| struct pointer for
2323 * this network.
2324 * If the underlying network is removed or the interface
2325 * this network belong to
2326 * is removed, all RPC method calls on this object will
2327 * return failure.
2328 */
retrieveNetworkPtr()2329 struct wpa_ssid *StaNetwork::retrieveNetworkPtr()
2330 {
2331 wpa_supplicant *wpa_s = retrieveIfacePtr();
2332 if (!wpa_s)
2333 return nullptr;
2334 return wpa_config_get_network(wpa_s->conf, network_id_);
2335 }
2336
2337 /**
2338 * Retrieve the underlying |wpa_supplicant| struct
2339 * pointer for
2340 * this network.
2341 */
retrieveIfacePtr()2342 struct wpa_supplicant *StaNetwork::retrieveIfacePtr()
2343 {
2344 return wpa_supplicant_get_iface(wpa_global_, ifname_.c_str());
2345 }
2346
2347 /**
2348 * Check if the provided psk passhrase is valid or not.
2349 *
2350 * Returns 0 if valid, 1 otherwise.
2351 */
isPskPassphraseValid(const std::string & psk)2352 int StaNetwork::isPskPassphraseValid(const std::string &psk)
2353 {
2354 if (psk.size() <
2355 static_cast<uint32_t>(ISupplicantStaNetwork::
2356 PSK_PASSPHRASE_MIN_LEN_IN_BYTES) ||
2357 psk.size() >
2358 static_cast<uint32_t>(ISupplicantStaNetwork::
2359 PSK_PASSPHRASE_MAX_LEN_IN_BYTES)) {
2360 return 1;
2361 }
2362 if (has_ctrl_char((u8 *)psk.c_str(), psk.size())) {
2363 return 1;
2364 }
2365 return 0;
2366 }
2367
2368 /**
2369 * Reset internal wpa_supplicant state machine state
2370 * after params update (except
2371 * bssid).
2372 */
resetInternalStateAfterParamsUpdate()2373 void StaNetwork::resetInternalStateAfterParamsUpdate()
2374 {
2375 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
2376 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2377
2378 wpa_sm_pmksa_cache_flush(wpa_s->wpa, wpa_ssid);
2379
2380 if (wpa_s->current_ssid == wpa_ssid || wpa_s->current_ssid == NULL) {
2381 /*
2382 * Invalidate the EAP session cache if
2383 * anything in the
2384 * current or previously used
2385 * configuration changes.
2386 */
2387 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2388 }
2389 }
2390
2391 /**
2392 * Helper function to set value in a string field in |wpa_ssid| structue
2393 * instance for this network.
2394 * This function frees any existing data in these fields.
2395 */
setStringFieldAndResetState(const char * value,uint8_t ** to_update_field,const char * hexdump_prefix)2396 int StaNetwork::setStringFieldAndResetState(
2397 const char *value, uint8_t **to_update_field, const char *hexdump_prefix)
2398 {
2399 return setStringFieldAndResetState(
2400 value, (char **)to_update_field, hexdump_prefix);
2401 }
2402
2403 /**
2404 * Helper function to set value in a string field in |wpa_ssid| structue
2405 * instance for this network.
2406 * This function frees any existing data in these fields.
2407 */
setStringFieldAndResetState(const char * value,char ** to_update_field,const char * hexdump_prefix)2408 int StaNetwork::setStringFieldAndResetState(
2409 const char *value, char **to_update_field, const char *hexdump_prefix)
2410 {
2411 int value_len = strlen(value);
2412 if (*to_update_field) {
2413 os_free(*to_update_field);
2414 }
2415 *to_update_field = dup_binstr(value, value_len);
2416 if (!(*to_update_field)) {
2417 return 1;
2418 }
2419 wpa_hexdump_ascii(
2420 MSG_MSGDUMP, hexdump_prefix, *to_update_field, value_len);
2421 resetInternalStateAfterParamsUpdate();
2422 return 0;
2423 }
2424
2425 /**
2426 * Helper function to set value in a string key field in |wpa_ssid| structue
2427 * instance for this network.
2428 * This function frees any existing data in these fields.
2429 */
setStringKeyFieldAndResetState(const char * value,char ** to_update_field,const char * hexdump_prefix)2430 int StaNetwork::setStringKeyFieldAndResetState(
2431 const char *value, char **to_update_field, const char *hexdump_prefix)
2432 {
2433 int value_len = strlen(value);
2434 if (*to_update_field) {
2435 str_clear_free(*to_update_field);
2436 }
2437 *to_update_field = dup_binstr(value, value_len);
2438 if (!(*to_update_field)) {
2439 return 1;
2440 }
2441 wpa_hexdump_ascii_key(
2442 MSG_MSGDUMP, hexdump_prefix, *to_update_field, value_len);
2443 resetInternalStateAfterParamsUpdate();
2444 return 0;
2445 }
2446
2447 /**
2448 * Helper function to set value in a string field with a corresponding length
2449 * field in |wpa_ssid| structure instance for this network.
2450 * This function frees any existing data in these fields.
2451 */
setByteArrayField(const uint8_t * value,const size_t value_len,uint8_t ** to_update_field,size_t * to_update_field_len,const char * hexdump_prefix,bool resetState)2452 int StaNetwork::setByteArrayField(
2453 const uint8_t *value, const size_t value_len, uint8_t **to_update_field,
2454 size_t *to_update_field_len, const char *hexdump_prefix, bool resetState)
2455 {
2456 if (*to_update_field) {
2457 os_free(*to_update_field);
2458 }
2459 *to_update_field = (uint8_t *)os_malloc(value_len);
2460 if (!(*to_update_field)) {
2461 return 1;
2462 }
2463 os_memcpy(*to_update_field, value, value_len);
2464 *to_update_field_len = value_len;
2465
2466 wpa_hexdump_ascii(
2467 MSG_MSGDUMP, hexdump_prefix, *to_update_field,
2468 *to_update_field_len);
2469
2470 if (resetState) {
2471 resetInternalStateAfterParamsUpdate();
2472 }
2473 return 0;
2474 }
2475
2476 /**
2477 * Helper function to set value in a string field with a corresponding length
2478 * field in |wpa_ssid| structure instance for this network.
2479 * This function frees any existing data in these fields.
2480 */
setByteArrayFieldAndResetState(const uint8_t * value,const size_t value_len,uint8_t ** to_update_field,size_t * to_update_field_len,const char * hexdump_prefix)2481 int StaNetwork::setByteArrayFieldAndResetState(
2482 const uint8_t *value, const size_t value_len, uint8_t **to_update_field,
2483 size_t *to_update_field_len, const char *hexdump_prefix)
2484 {
2485 return setByteArrayField(value, value_len, to_update_field,
2486 to_update_field_len, hexdump_prefix, true);
2487 }
2488
2489 /**
2490 * Helper function to set value in a string key field with a corresponding
2491 * length field in |wpa_ssid| structue instance for this network.
2492 * This function frees any existing data in these fields.
2493 */
setByteArrayKeyFieldAndResetState(const uint8_t * value,const size_t value_len,uint8_t ** to_update_field,size_t * to_update_field_len,const char * hexdump_prefix)2494 int StaNetwork::setByteArrayKeyFieldAndResetState(
2495 const uint8_t *value, const size_t value_len, uint8_t **to_update_field,
2496 size_t *to_update_field_len, const char *hexdump_prefix)
2497 {
2498 if (*to_update_field) {
2499 bin_clear_free(*to_update_field, *to_update_field_len);
2500 }
2501 *to_update_field = (uint8_t *)os_malloc(value_len);
2502 if (!(*to_update_field)) {
2503 return 1;
2504 }
2505 os_memcpy(*to_update_field, value, value_len);
2506 *to_update_field_len = value_len;
2507
2508 wpa_hexdump_ascii_key(
2509 MSG_MSGDUMP, hexdump_prefix, *to_update_field,
2510 *to_update_field_len);
2511 resetInternalStateAfterParamsUpdate();
2512 return 0;
2513 }
2514
2515 /**
2516 * Helper function to set the fast transition bits in the key management
2517 * bitmask, to allow FT support when possible.
2518 */
setFastTransitionKeyMgmt(uint32_t & key_mgmt_mask)2519 void StaNetwork::setFastTransitionKeyMgmt(uint32_t &key_mgmt_mask)
2520 {
2521 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
2522 int res;
2523 struct wpa_driver_capa capa;
2524
2525 if (key_mgmt_mask & WPA_KEY_MGMT_PSK) {
2526 key_mgmt_mask |= WPA_KEY_MGMT_FT_PSK;
2527 }
2528
2529 if (key_mgmt_mask & WPA_KEY_MGMT_IEEE8021X) {
2530 key_mgmt_mask |= WPA_KEY_MGMT_FT_IEEE8021X;
2531 }
2532
2533 res = wpa_drv_get_capa(wpa_s, &capa);
2534 if (res == 0) {
2535 #ifdef CONFIG_IEEE80211R
2536 #ifdef CONFIG_SAE
2537 if ((key_mgmt_mask & WPA_KEY_MGMT_SAE) &&
2538 (capa.key_mgmt_iftype[WPA_IF_STATION] & WPA_DRIVER_CAPA_KEY_MGMT_FT_SAE)) {
2539 key_mgmt_mask |= WPA_KEY_MGMT_FT_SAE;
2540 }
2541 if ((key_mgmt_mask & WPA_KEY_MGMT_SAE_EXT_KEY) &&
2542 (capa.key_mgmt_iftype[WPA_IF_STATION] &
2543 WPA_DRIVER_CAPA_KEY_MGMT_FT_SAE_EXT_KEY)) {
2544 key_mgmt_mask |= WPA_KEY_MGMT_FT_SAE_EXT_KEY;
2545 }
2546 #endif
2547 #ifdef CONFIG_FILS
2548 if ((key_mgmt_mask & WPA_KEY_MGMT_FILS_SHA256) &&
2549 (capa.key_mgmt_iftype[WPA_IF_STATION] &
2550 WPA_DRIVER_CAPA_KEY_MGMT_FT_FILS_SHA256)) {
2551 key_mgmt_mask |= WPA_KEY_MGMT_FT_FILS_SHA256;
2552 }
2553
2554 if ((key_mgmt_mask & WPA_KEY_MGMT_FILS_SHA384) &&
2555 (capa.key_mgmt_iftype[WPA_IF_STATION] &
2556 WPA_DRIVER_CAPA_KEY_MGMT_FT_FILS_SHA384)) {
2557 key_mgmt_mask |= WPA_KEY_MGMT_FT_FILS_SHA384;
2558 }
2559 #endif
2560 #ifdef CONFIG_SUITEB192
2561 if ((key_mgmt_mask & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) &&
2562 (capa.key_mgmt_iftype[WPA_IF_STATION] &
2563 WPA_DRIVER_CAPA_KEY_MGMT_FT_802_1X_SHA384)) {
2564 key_mgmt_mask |= WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
2565 }
2566 #endif
2567 #endif
2568 }
2569
2570 }
2571
2572 /**
2573 * Helper function to reset the fast transition bits in the key management
2574 * bitmask.
2575 */
resetFastTransitionKeyMgmt(uint32_t & key_mgmt_mask)2576 void StaNetwork::resetFastTransitionKeyMgmt(uint32_t &key_mgmt_mask)
2577 {
2578 if (key_mgmt_mask & WPA_KEY_MGMT_PSK) {
2579 key_mgmt_mask &= ~WPA_KEY_MGMT_FT_PSK;
2580 }
2581
2582 if (key_mgmt_mask & WPA_KEY_MGMT_IEEE8021X) {
2583 key_mgmt_mask &= ~WPA_KEY_MGMT_FT_IEEE8021X;
2584 }
2585 #ifdef CONFIG_IEEE80211R
2586 #ifdef CONFIG_SAE
2587 if (key_mgmt_mask & WPA_KEY_MGMT_SAE) {
2588 key_mgmt_mask &= ~WPA_KEY_MGMT_FT_SAE;
2589 }
2590 #endif
2591 #ifdef CONFIG_FILS
2592 if (key_mgmt_mask & WPA_KEY_MGMT_FILS_SHA256) {
2593 key_mgmt_mask &= ~WPA_KEY_MGMT_FT_FILS_SHA256;
2594 }
2595
2596 if (key_mgmt_mask & WPA_KEY_MGMT_FILS_SHA384) {
2597 key_mgmt_mask &= ~WPA_KEY_MGMT_FT_FILS_SHA384;
2598 }
2599 #endif
2600 #ifdef CONFIG_SUITEB192
2601 if (key_mgmt_mask & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
2602 key_mgmt_mask &= ~WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
2603 }
2604 #endif
2605 #endif
2606 }
2607
2608 /**
2609 * Helper function to enable erp keys generation while connecting to FILS
2610 * enabled APs.
2611 */
setEapErpInternal(bool enable)2612 ndk::ScopedAStatus StaNetwork::setEapErpInternal(bool enable)
2613 {
2614 #ifdef CONFIG_FILS
2615 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2616 wpa_ssid->eap.erp = enable ? 1 : 0;
2617 return ndk::ScopedAStatus::ok();
2618 #else /* CONFIG_FILS */
2619 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2620 #endif /* CONFIG_FILS */
2621 }
2622
setSaeH2eModeInternal(SaeH2eMode mode)2623 ndk::ScopedAStatus StaNetwork::setSaeH2eModeInternal(
2624 SaeH2eMode mode)
2625 {
2626 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
2627 switch (mode) {
2628 case SaeH2eMode::DISABLED:
2629 wpa_s->conf->sae_pwe = SAE_PWE_HUNT_AND_PECK;
2630 break;
2631 case SaeH2eMode::H2E_MANDATORY:
2632 wpa_s->conf->sae_pwe = SAE_PWE_HASH_TO_ELEMENT;
2633 break;
2634 case SaeH2eMode::H2E_OPTIONAL:
2635 wpa_s->conf->sae_pwe = SAE_PWE_BOTH;
2636 break;
2637 }
2638 resetInternalStateAfterParamsUpdate();
2639 return ndk::ScopedAStatus::ok();
2640 }
2641
enableSaePkOnlyModeInternal(bool enable)2642 ndk::ScopedAStatus StaNetwork::enableSaePkOnlyModeInternal(bool enable)
2643 {
2644 #ifdef CONFIG_SAE_PK
2645 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2646 wpa_ssid->sae_pk = enable ? SAE_PK_MODE_ONLY : SAE_PK_MODE_AUTOMATIC;
2647 resetInternalStateAfterParamsUpdate();
2648 return ndk::ScopedAStatus::ok();
2649 #else
2650 return createStatus(SupplicantStatusCode::FAILURE_UNSUPPORTED);
2651 #endif
2652 }
2653
setMinimumTlsVersionEapPhase1ParamInternal(TlsVersion tlsVersion)2654 ndk::ScopedAStatus StaNetwork::setMinimumTlsVersionEapPhase1ParamInternal(TlsVersion tlsVersion)
2655 {
2656 if (tlsVersion < TlsVersion::TLS_V1_0 || tlsVersion > TlsVersion::TLS_V1_3) {
2657 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2658 }
2659 if (tlsVersion == TlsVersion::TLS_V1_0) {
2660 // no restriction
2661 return ndk::ScopedAStatus::ok();
2662 }
2663
2664 if (tlsVersion < TlsVersion::TLS_V1_3 && (tlsFlags & TLS_CONN_SUITEB)) {
2665 // TLS configuration already set up for WPA3-Enterprise 192-bit mode
2666 return ndk::ScopedAStatus::ok();
2667 }
2668
2669 tlsFlags &= ~(TLS_CONN_DISABLE_TLSv1_3 | TLS_CONN_DISABLE_TLSv1_2 \
2670 | TLS_CONN_DISABLE_TLSv1_1 | TLS_CONN_DISABLE_TLSv1_0);
2671
2672 // Fallback to disable lower version TLS cascadingly.
2673 switch (tlsVersion) {
2674 #ifdef EAP_TLSV1_3
2675 case TlsVersion::TLS_V1_3:
2676 tlsFlags |= TLS_CONN_DISABLE_TLSv1_2;
2677 FALLTHROUGH_INTENDED;
2678 #endif
2679 case TlsVersion::TLS_V1_2:
2680 tlsFlags |= TLS_CONN_DISABLE_TLSv1_1;
2681 FALLTHROUGH_INTENDED;
2682 case TlsVersion::TLS_V1_1:
2683 tlsFlags |= TLS_CONN_DISABLE_TLSv1_0;
2684 FALLTHROUGH_INTENDED;
2685 default:
2686 break;
2687 }
2688
2689 generateTlsParams();
2690 return ndk::ScopedAStatus::ok();
2691 }
2692
2693 /**
2694 * WPA3-Enterprise 192-bit mode workaround to force the connection to EAP-TLSv1.2 due to
2695 * interoperability issues in TLSv1.3 which disables the SSL_SIGN_RSA_PKCS1_SHA384
2696 * signature algorithm, and has its own set of incompatible cipher suites which the
2697 * current WPA3 specification doesn't specify. The only specified cipher suites in the
2698 * WPA3 specifications are:
2699 * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, and
2700 * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384.
2701 * See boringssl/include/openssl/tls1.h for TLSv1.3 cipher suites.
2702 */
setTlsFlagsFor192BitMode(bool rsaMode)2703 void StaNetwork::setTlsFlagsFor192BitMode(bool rsaMode) {
2704 // Disable TLSv1.0 and TLSv1.1 by default for 192-bit mode
2705 int flags = TLS_CONN_DISABLE_TLSv1_1 \
2706 | TLS_CONN_DISABLE_TLSv1_0;
2707 if (rsaMode) {
2708 // Check if flags not set or already set to use EAP-TLSv1.3
2709 if (tlsFlags == 0 || !(tlsFlags & TLS_CONN_DISABLE_TLSv1_2)) {
2710 // Set up EAP-TLSv1.2 by default for maximum compatibility
2711 tlsFlags |= TLS_CONN_DISABLE_TLSv1_3;
2712 tlsFlags &= ~TLS_CONN_DISABLE_TLSv1_2;
2713 }
2714 tlsFlags |= TLS_CONN_SUITEB;
2715 }
2716
2717 tlsFlags |= flags;
2718 generateTlsParams();
2719 }
2720
generateTlsParams()2721 void StaNetwork::generateTlsParams() {
2722 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2723 if (wpa_ssid->eap.phase1 != NULL) {
2724 os_free(wpa_ssid->eap.phase1);
2725 wpa_ssid->eap.phase1 = NULL;
2726 }
2727 std::string tlsConfig;
2728
2729 if (tlsFlags & TLS_CONN_DISABLE_TLSv1_3) {
2730 tlsConfig.append("tls_disable_tlsv1_3=1");
2731 } else {
2732 tlsConfig.append("tls_disable_tlsv1_3=0");
2733 }
2734 if (tlsFlags & TLS_CONN_DISABLE_TLSv1_2) {
2735 tlsConfig.append("tls_disable_tlsv1_2=1");
2736 } else {
2737 tlsConfig.append("tls_disable_tlsv1_2=0");
2738 }
2739 if (tlsFlags & TLS_CONN_DISABLE_TLSv1_1) {
2740 tlsConfig.append("tls_disable_tlsv1_1=1");
2741 } else {
2742 tlsConfig.append("tls_disable_tlsv1_1=0");
2743 }
2744 if (tlsFlags & TLS_CONN_DISABLE_TLSv1_0) {
2745 tlsConfig.append("tls_disable_tlsv1_0=1");
2746 } else {
2747 tlsConfig.append("tls_disable_tlsv1_0=0");
2748 }
2749 if (tlsFlags & TLS_CONN_SUITEB) {
2750 tlsConfig.append("tls_suiteb=1");
2751 }
2752
2753 wpa_printf(MSG_DEBUG, "TLS configuration: %s", tlsConfig.c_str());
2754 setStringKeyFieldAndResetState(
2755 tlsConfig.c_str(), &(wpa_ssid->eap.phase1), "phase1");
2756 }
2757 } // namespace supplicant
2758 } // namespace wifi
2759 } // namespace hardware
2760 } // namespace android
2761 } // namespace aidl
2762