• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * hostapd - WPA/RSN IE and KDE definitions
3  * Copyright (c) 2004-2008, Jouni Malinen <j@w1.fi>
4  *
5  * This software may be distributed under the terms of the BSD license.
6  * See README for more details.
7  */
8 
9 #include "utils/includes.h"
10 
11 #include "utils/common.h"
12 #include "common/ieee802_11_defs.h"
13 #include "eapol_auth/eapol_auth_sm.h"
14 #include "ap_config.h"
15 #include "ieee802_11.h"
16 #include "wpa_auth.h"
17 #include "pmksa_cache_auth.h"
18 #include "wpa_auth_ie.h"
19 #include "wpa_auth_i.h"
20 
21 
22 #ifdef CONFIG_RSN_TESTING
23 int rsn_testing = 0;
24 #endif /* CONFIG_RSN_TESTING */
25 
26 
wpa_write_wpa_ie(struct wpa_auth_config * conf,u8 * buf,size_t len)27 static int wpa_write_wpa_ie(struct wpa_auth_config *conf, u8 *buf, size_t len)
28 {
29 	struct wpa_ie_hdr *hdr;
30 	int num_suites;
31 	u8 *pos, *count;
32 	u32 suite;
33 
34 	hdr = (struct wpa_ie_hdr *) buf;
35 	hdr->elem_id = WLAN_EID_VENDOR_SPECIFIC;
36 	RSN_SELECTOR_PUT(hdr->oui, WPA_OUI_TYPE);
37 	WPA_PUT_LE16(hdr->version, WPA_VERSION);
38 	pos = (u8 *) (hdr + 1);
39 
40 	suite = wpa_cipher_to_suite(WPA_PROTO_WPA, conf->wpa_group);
41 	if (suite == 0) {
42 		wpa_printf(MSG_DEBUG, "Invalid group cipher (%d).",
43 			   conf->wpa_group);
44 		return -1;
45 	}
46 	RSN_SELECTOR_PUT(pos, suite);
47 	pos += WPA_SELECTOR_LEN;
48 
49 	count = pos;
50 	pos += 2;
51 
52 	num_suites = wpa_cipher_put_suites(pos, conf->wpa_pairwise);
53 	if (num_suites == 0) {
54 		wpa_printf(MSG_DEBUG, "Invalid pairwise cipher (%d).",
55 			   conf->wpa_pairwise);
56 		return -1;
57 	}
58 	pos += num_suites * WPA_SELECTOR_LEN;
59 	WPA_PUT_LE16(count, num_suites);
60 
61 	num_suites = 0;
62 	count = pos;
63 	pos += 2;
64 
65 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
66 		RSN_SELECTOR_PUT(pos, WPA_AUTH_KEY_MGMT_UNSPEC_802_1X);
67 		pos += WPA_SELECTOR_LEN;
68 		num_suites++;
69 	}
70 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
71 		RSN_SELECTOR_PUT(pos, WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X);
72 		pos += WPA_SELECTOR_LEN;
73 		num_suites++;
74 	}
75 
76 	if (num_suites == 0) {
77 		wpa_printf(MSG_DEBUG, "Invalid key management type (%d).",
78 			   conf->wpa_key_mgmt);
79 		return -1;
80 	}
81 	WPA_PUT_LE16(count, num_suites);
82 
83 	/* WPA Capabilities; use defaults, so no need to include it */
84 
85 	hdr->len = (pos - buf) - 2;
86 
87 	return pos - buf;
88 }
89 
90 
wpa_write_rsn_ie(struct wpa_auth_config * conf,u8 * buf,size_t len,const u8 * pmkid)91 int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
92 		     const u8 *pmkid)
93 {
94 	struct rsn_ie_hdr *hdr;
95 	int num_suites, res;
96 	u8 *pos, *count;
97 	u16 capab;
98 	u32 suite;
99 
100 	hdr = (struct rsn_ie_hdr *) buf;
101 	hdr->elem_id = WLAN_EID_RSN;
102 	WPA_PUT_LE16(hdr->version, RSN_VERSION);
103 	pos = (u8 *) (hdr + 1);
104 
105 	suite = wpa_cipher_to_suite(WPA_PROTO_RSN, conf->wpa_group);
106 	if (suite == 0) {
107 		wpa_printf(MSG_DEBUG, "Invalid group cipher (%d).",
108 			   conf->wpa_group);
109 		return -1;
110 	}
111 	RSN_SELECTOR_PUT(pos, suite);
112 	pos += RSN_SELECTOR_LEN;
113 
114 	num_suites = 0;
115 	count = pos;
116 	pos += 2;
117 
118 #ifdef CONFIG_RSN_TESTING
119 	if (rsn_testing) {
120 		RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 1));
121 		pos += RSN_SELECTOR_LEN;
122 		num_suites++;
123 	}
124 #endif /* CONFIG_RSN_TESTING */
125 
126 	res = rsn_cipher_put_suites(pos, conf->rsn_pairwise);
127 	num_suites += res;
128 	pos += res * RSN_SELECTOR_LEN;
129 
130 #ifdef CONFIG_RSN_TESTING
131 	if (rsn_testing) {
132 		RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 2));
133 		pos += RSN_SELECTOR_LEN;
134 		num_suites++;
135 	}
136 #endif /* CONFIG_RSN_TESTING */
137 
138 	if (num_suites == 0) {
139 		wpa_printf(MSG_DEBUG, "Invalid pairwise cipher (%d).",
140 			   conf->rsn_pairwise);
141 		return -1;
142 	}
143 	WPA_PUT_LE16(count, num_suites);
144 
145 	num_suites = 0;
146 	count = pos;
147 	pos += 2;
148 
149 #ifdef CONFIG_RSN_TESTING
150 	if (rsn_testing) {
151 		RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 1));
152 		pos += RSN_SELECTOR_LEN;
153 		num_suites++;
154 	}
155 #endif /* CONFIG_RSN_TESTING */
156 
157 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
158 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_UNSPEC_802_1X);
159 		pos += RSN_SELECTOR_LEN;
160 		num_suites++;
161 	}
162 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
163 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X);
164 		pos += RSN_SELECTOR_LEN;
165 		num_suites++;
166 	}
167 #ifdef CONFIG_IEEE80211R
168 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
169 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_802_1X);
170 		pos += RSN_SELECTOR_LEN;
171 		num_suites++;
172 	}
173 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) {
174 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_PSK);
175 		pos += RSN_SELECTOR_LEN;
176 		num_suites++;
177 	}
178 #endif /* CONFIG_IEEE80211R */
179 #ifdef CONFIG_IEEE80211W
180 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
181 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SHA256);
182 		pos += RSN_SELECTOR_LEN;
183 		num_suites++;
184 	}
185 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
186 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_SHA256);
187 		pos += RSN_SELECTOR_LEN;
188 		num_suites++;
189 	}
190 #endif /* CONFIG_IEEE80211W */
191 #ifdef CONFIG_SAE
192 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) {
193 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_SAE);
194 		pos += RSN_SELECTOR_LEN;
195 		num_suites++;
196 	}
197 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) {
198 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_SAE);
199 		pos += RSN_SELECTOR_LEN;
200 		num_suites++;
201 	}
202 #endif /* CONFIG_SAE */
203 
204 #ifdef CONFIG_RSN_TESTING
205 	if (rsn_testing) {
206 		RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 2));
207 		pos += RSN_SELECTOR_LEN;
208 		num_suites++;
209 	}
210 #endif /* CONFIG_RSN_TESTING */
211 
212 	if (num_suites == 0) {
213 		wpa_printf(MSG_DEBUG, "Invalid key management type (%d).",
214 			   conf->wpa_key_mgmt);
215 		return -1;
216 	}
217 	WPA_PUT_LE16(count, num_suites);
218 
219 	/* RSN Capabilities */
220 	capab = 0;
221 	if (conf->rsn_preauth)
222 		capab |= WPA_CAPABILITY_PREAUTH;
223 	if (conf->peerkey)
224 		capab |= WPA_CAPABILITY_PEERKEY_ENABLED;
225 	if (conf->wmm_enabled) {
226 		/* 4 PTKSA replay counters when using WMM */
227 		capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
228 	}
229 #ifdef CONFIG_IEEE80211W
230 	if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
231 		capab |= WPA_CAPABILITY_MFPC;
232 		if (conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED)
233 			capab |= WPA_CAPABILITY_MFPR;
234 	}
235 #endif /* CONFIG_IEEE80211W */
236 #ifdef CONFIG_RSN_TESTING
237 	if (rsn_testing)
238 		capab |= BIT(8) | BIT(14) | BIT(15);
239 #endif /* CONFIG_RSN_TESTING */
240 	WPA_PUT_LE16(pos, capab);
241 	pos += 2;
242 
243 	if (pmkid) {
244 		if (pos + 2 + PMKID_LEN > buf + len)
245 			return -1;
246 		/* PMKID Count */
247 		WPA_PUT_LE16(pos, 1);
248 		pos += 2;
249 		os_memcpy(pos, pmkid, PMKID_LEN);
250 		pos += PMKID_LEN;
251 	}
252 
253 #ifdef CONFIG_IEEE80211W
254 	if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
255 		if (pos + 2 + 4 > buf + len)
256 			return -1;
257 		if (pmkid == NULL) {
258 			/* PMKID Count */
259 			WPA_PUT_LE16(pos, 0);
260 			pos += 2;
261 		}
262 
263 		/* Management Group Cipher Suite */
264 		RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC);
265 		pos += RSN_SELECTOR_LEN;
266 	}
267 #endif /* CONFIG_IEEE80211W */
268 
269 #ifdef CONFIG_RSN_TESTING
270 	if (rsn_testing) {
271 		/*
272 		 * Fill in any defined fields and add extra data to the end of
273 		 * the element.
274 		 */
275 		int pmkid_count_set = pmkid != NULL;
276 		if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION)
277 			pmkid_count_set = 1;
278 		/* PMKID Count */
279 		WPA_PUT_LE16(pos, 0);
280 		pos += 2;
281 		if (conf->ieee80211w == NO_MGMT_FRAME_PROTECTION) {
282 			/* Management Group Cipher Suite */
283 			RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC);
284 			pos += RSN_SELECTOR_LEN;
285 		}
286 
287 		os_memset(pos, 0x12, 17);
288 		pos += 17;
289 	}
290 #endif /* CONFIG_RSN_TESTING */
291 
292 	hdr->len = (pos - buf) - 2;
293 
294 	return pos - buf;
295 }
296 
297 
wpa_auth_gen_wpa_ie(struct wpa_authenticator * wpa_auth)298 int wpa_auth_gen_wpa_ie(struct wpa_authenticator *wpa_auth)
299 {
300 	u8 *pos, buf[128];
301 	int res;
302 
303 	pos = buf;
304 
305 	if (wpa_auth->conf.wpa & WPA_PROTO_RSN) {
306 		res = wpa_write_rsn_ie(&wpa_auth->conf,
307 				       pos, buf + sizeof(buf) - pos, NULL);
308 		if (res < 0)
309 			return res;
310 		pos += res;
311 	}
312 #ifdef CONFIG_IEEE80211R
313 	if (wpa_key_mgmt_ft(wpa_auth->conf.wpa_key_mgmt)) {
314 		res = wpa_write_mdie(&wpa_auth->conf, pos,
315 				     buf + sizeof(buf) - pos);
316 		if (res < 0)
317 			return res;
318 		pos += res;
319 	}
320 #endif /* CONFIG_IEEE80211R */
321 	if (wpa_auth->conf.wpa & WPA_PROTO_WPA) {
322 		res = wpa_write_wpa_ie(&wpa_auth->conf,
323 				       pos, buf + sizeof(buf) - pos);
324 		if (res < 0)
325 			return res;
326 		pos += res;
327 	}
328 
329 	os_free(wpa_auth->wpa_ie);
330 	wpa_auth->wpa_ie = os_malloc(pos - buf);
331 	if (wpa_auth->wpa_ie == NULL)
332 		return -1;
333 	os_memcpy(wpa_auth->wpa_ie, buf, pos - buf);
334 	wpa_auth->wpa_ie_len = pos - buf;
335 
336 	return 0;
337 }
338 
339 
wpa_add_kde(u8 * pos,u32 kde,const u8 * data,size_t data_len,const u8 * data2,size_t data2_len)340 u8 * wpa_add_kde(u8 *pos, u32 kde, const u8 *data, size_t data_len,
341 		 const u8 *data2, size_t data2_len)
342 {
343 	*pos++ = WLAN_EID_VENDOR_SPECIFIC;
344 	*pos++ = RSN_SELECTOR_LEN + data_len + data2_len;
345 	RSN_SELECTOR_PUT(pos, kde);
346 	pos += RSN_SELECTOR_LEN;
347 	os_memcpy(pos, data, data_len);
348 	pos += data_len;
349 	if (data2) {
350 		os_memcpy(pos, data2, data2_len);
351 		pos += data2_len;
352 	}
353 	return pos;
354 }
355 
356 
357 struct wpa_auth_okc_iter_data {
358 	struct rsn_pmksa_cache_entry *pmksa;
359 	const u8 *aa;
360 	const u8 *spa;
361 	const u8 *pmkid;
362 };
363 
364 
wpa_auth_okc_iter(struct wpa_authenticator * a,void * ctx)365 static int wpa_auth_okc_iter(struct wpa_authenticator *a, void *ctx)
366 {
367 	struct wpa_auth_okc_iter_data *data = ctx;
368 	data->pmksa = pmksa_cache_get_okc(a->pmksa, data->aa, data->spa,
369 					  data->pmkid);
370 	if (data->pmksa)
371 		return 1;
372 	return 0;
373 }
374 
375 
wpa_validate_wpa_ie(struct wpa_authenticator * wpa_auth,struct wpa_state_machine * sm,const u8 * wpa_ie,size_t wpa_ie_len,const u8 * mdie,size_t mdie_len)376 int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
377 			struct wpa_state_machine *sm,
378 			const u8 *wpa_ie, size_t wpa_ie_len,
379 			const u8 *mdie, size_t mdie_len)
380 {
381 	struct wpa_ie_data data;
382 	int ciphers, key_mgmt, res, version;
383 	u32 selector;
384 	size_t i;
385 	const u8 *pmkid = NULL;
386 
387 	if (wpa_auth == NULL || sm == NULL)
388 		return WPA_NOT_ENABLED;
389 
390 	if (wpa_ie == NULL || wpa_ie_len < 1)
391 		return WPA_INVALID_IE;
392 
393 	if (wpa_ie[0] == WLAN_EID_RSN)
394 		version = WPA_PROTO_RSN;
395 	else
396 		version = WPA_PROTO_WPA;
397 
398 	if (!(wpa_auth->conf.wpa & version)) {
399 		wpa_printf(MSG_DEBUG, "Invalid WPA proto (%d) from " MACSTR,
400 			   version, MAC2STR(sm->addr));
401 		return WPA_INVALID_PROTO;
402 	}
403 
404 	if (version == WPA_PROTO_RSN) {
405 		res = wpa_parse_wpa_ie_rsn(wpa_ie, wpa_ie_len, &data);
406 
407 		selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
408 		if (0) {
409 		}
410 #ifdef CONFIG_IEEE80211R
411 		else if (data.key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
412 			selector = RSN_AUTH_KEY_MGMT_FT_802_1X;
413 		else if (data.key_mgmt & WPA_KEY_MGMT_FT_PSK)
414 			selector = RSN_AUTH_KEY_MGMT_FT_PSK;
415 #endif /* CONFIG_IEEE80211R */
416 #ifdef CONFIG_IEEE80211W
417 		else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
418 			selector = RSN_AUTH_KEY_MGMT_802_1X_SHA256;
419 		else if (data.key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
420 			selector = RSN_AUTH_KEY_MGMT_PSK_SHA256;
421 #endif /* CONFIG_IEEE80211W */
422 #ifdef CONFIG_SAE
423 		else if (data.key_mgmt & WPA_KEY_MGMT_SAE)
424 			selector = RSN_AUTH_KEY_MGMT_SAE;
425 		else if (data.key_mgmt & WPA_KEY_MGMT_FT_SAE)
426 			selector = RSN_AUTH_KEY_MGMT_FT_SAE;
427 #endif /* CONFIG_SAE */
428 		else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
429 			selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
430 		else if (data.key_mgmt & WPA_KEY_MGMT_PSK)
431 			selector = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X;
432 		wpa_auth->dot11RSNAAuthenticationSuiteSelected = selector;
433 
434 		selector = wpa_cipher_to_suite(WPA_PROTO_RSN,
435 					       data.pairwise_cipher);
436 		if (!selector)
437 			selector = RSN_CIPHER_SUITE_CCMP;
438 		wpa_auth->dot11RSNAPairwiseCipherSelected = selector;
439 
440 		selector = wpa_cipher_to_suite(WPA_PROTO_RSN,
441 					       data.group_cipher);
442 		if (!selector)
443 			selector = RSN_CIPHER_SUITE_CCMP;
444 		wpa_auth->dot11RSNAGroupCipherSelected = selector;
445 	} else {
446 		res = wpa_parse_wpa_ie_wpa(wpa_ie, wpa_ie_len, &data);
447 
448 		selector = WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
449 		if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
450 			selector = WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
451 		else if (data.key_mgmt & WPA_KEY_MGMT_PSK)
452 			selector = WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X;
453 		wpa_auth->dot11RSNAAuthenticationSuiteSelected = selector;
454 
455 		selector = wpa_cipher_to_suite(WPA_PROTO_WPA,
456 					       data.pairwise_cipher);
457 		if (!selector)
458 			selector = RSN_CIPHER_SUITE_TKIP;
459 		wpa_auth->dot11RSNAPairwiseCipherSelected = selector;
460 
461 		selector = wpa_cipher_to_suite(WPA_PROTO_WPA,
462 					       data.group_cipher);
463 		if (!selector)
464 			selector = WPA_CIPHER_SUITE_TKIP;
465 		wpa_auth->dot11RSNAGroupCipherSelected = selector;
466 	}
467 	if (res) {
468 		wpa_printf(MSG_DEBUG, "Failed to parse WPA/RSN IE from "
469 			   MACSTR " (res=%d)", MAC2STR(sm->addr), res);
470 		wpa_hexdump(MSG_DEBUG, "WPA/RSN IE", wpa_ie, wpa_ie_len);
471 		return WPA_INVALID_IE;
472 	}
473 
474 	if (data.group_cipher != wpa_auth->conf.wpa_group) {
475 		wpa_printf(MSG_DEBUG, "Invalid WPA group cipher (0x%x) from "
476 			   MACSTR, data.group_cipher, MAC2STR(sm->addr));
477 		return WPA_INVALID_GROUP;
478 	}
479 
480 	key_mgmt = data.key_mgmt & wpa_auth->conf.wpa_key_mgmt;
481 	if (!key_mgmt) {
482 		wpa_printf(MSG_DEBUG, "Invalid WPA key mgmt (0x%x) from "
483 			   MACSTR, data.key_mgmt, MAC2STR(sm->addr));
484 		return WPA_INVALID_AKMP;
485 	}
486 	if (0) {
487 	}
488 #ifdef CONFIG_IEEE80211R
489 	else if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
490 		sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
491 	else if (key_mgmt & WPA_KEY_MGMT_FT_PSK)
492 		sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_PSK;
493 #endif /* CONFIG_IEEE80211R */
494 #ifdef CONFIG_IEEE80211W
495 	else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
496 		sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
497 	else if (key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
498 		sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
499 #endif /* CONFIG_IEEE80211W */
500 #ifdef CONFIG_SAE
501 	else if (key_mgmt & WPA_KEY_MGMT_SAE)
502 		sm->wpa_key_mgmt = WPA_KEY_MGMT_SAE;
503 	else if (key_mgmt & WPA_KEY_MGMT_FT_SAE)
504 		sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_SAE;
505 #endif /* CONFIG_SAE */
506 	else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X)
507 		sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X;
508 	else
509 		sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK;
510 
511 	if (version == WPA_PROTO_RSN)
512 		ciphers = data.pairwise_cipher & wpa_auth->conf.rsn_pairwise;
513 	else
514 		ciphers = data.pairwise_cipher & wpa_auth->conf.wpa_pairwise;
515 	if (!ciphers) {
516 		wpa_printf(MSG_DEBUG, "Invalid %s pairwise cipher (0x%x) "
517 			   "from " MACSTR,
518 			   version == WPA_PROTO_RSN ? "RSN" : "WPA",
519 			   data.pairwise_cipher, MAC2STR(sm->addr));
520 		return WPA_INVALID_PAIRWISE;
521 	}
522 
523 #ifdef CONFIG_IEEE80211W
524 	if (wpa_auth->conf.ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
525 		if (!(data.capabilities & WPA_CAPABILITY_MFPC)) {
526 			wpa_printf(MSG_DEBUG, "Management frame protection "
527 				   "required, but client did not enable it");
528 			return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
529 		}
530 
531 		if (ciphers & WPA_CIPHER_TKIP) {
532 			wpa_printf(MSG_DEBUG, "Management frame protection "
533 				   "cannot use TKIP");
534 			return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
535 		}
536 
537 		if (data.mgmt_group_cipher != WPA_CIPHER_AES_128_CMAC) {
538 			wpa_printf(MSG_DEBUG, "Unsupported management group "
539 				   "cipher %d", data.mgmt_group_cipher);
540 			return WPA_INVALID_MGMT_GROUP_CIPHER;
541 		}
542 	}
543 
544 	if (wpa_auth->conf.ieee80211w == NO_MGMT_FRAME_PROTECTION ||
545 	    !(data.capabilities & WPA_CAPABILITY_MFPC))
546 		sm->mgmt_frame_prot = 0;
547 	else
548 		sm->mgmt_frame_prot = 1;
549 #endif /* CONFIG_IEEE80211W */
550 
551 #ifdef CONFIG_IEEE80211R
552 	if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
553 		if (mdie == NULL || mdie_len < MOBILITY_DOMAIN_ID_LEN + 1) {
554 			wpa_printf(MSG_DEBUG, "RSN: Trying to use FT, but "
555 				   "MDIE not included");
556 			return WPA_INVALID_MDIE;
557 		}
558 		if (os_memcmp(mdie, wpa_auth->conf.mobility_domain,
559 			      MOBILITY_DOMAIN_ID_LEN) != 0) {
560 			wpa_hexdump(MSG_DEBUG, "RSN: Attempted to use unknown "
561 				    "MDIE", mdie, MOBILITY_DOMAIN_ID_LEN);
562 			return WPA_INVALID_MDIE;
563 		}
564 	}
565 #endif /* CONFIG_IEEE80211R */
566 
567 	sm->pairwise = wpa_pick_pairwise_cipher(ciphers, 0);
568 	if (sm->pairwise < 0)
569 		return WPA_INVALID_PAIRWISE;
570 
571 	/* TODO: clear WPA/WPA2 state if STA changes from one to another */
572 	if (wpa_ie[0] == WLAN_EID_RSN)
573 		sm->wpa = WPA_VERSION_WPA2;
574 	else
575 		sm->wpa = WPA_VERSION_WPA;
576 
577 	sm->pmksa = NULL;
578 	for (i = 0; i < data.num_pmkid; i++) {
579 		wpa_hexdump(MSG_DEBUG, "RSN IE: STA PMKID",
580 			    &data.pmkid[i * PMKID_LEN], PMKID_LEN);
581 		sm->pmksa = pmksa_cache_auth_get(wpa_auth->pmksa, sm->addr,
582 						 &data.pmkid[i * PMKID_LEN]);
583 		if (sm->pmksa) {
584 			pmkid = sm->pmksa->pmkid;
585 			break;
586 		}
587 	}
588 	for (i = 0; sm->pmksa == NULL && wpa_auth->conf.okc &&
589 		     i < data.num_pmkid; i++) {
590 		struct wpa_auth_okc_iter_data idata;
591 		idata.pmksa = NULL;
592 		idata.aa = wpa_auth->addr;
593 		idata.spa = sm->addr;
594 		idata.pmkid = &data.pmkid[i * PMKID_LEN];
595 		wpa_auth_for_each_auth(wpa_auth, wpa_auth_okc_iter, &idata);
596 		if (idata.pmksa) {
597 			wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
598 					 "OKC match for PMKID");
599 			sm->pmksa = pmksa_cache_add_okc(wpa_auth->pmksa,
600 							idata.pmksa,
601 							wpa_auth->addr,
602 							idata.pmkid);
603 			pmkid = idata.pmkid;
604 			break;
605 		}
606 	}
607 	if (sm->pmksa) {
608 		wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
609 				 "PMKID found from PMKSA cache "
610 				 "eap_type=%d vlan_id=%d",
611 				 sm->pmksa->eap_type_authsrv,
612 				 sm->pmksa->vlan_id);
613 		os_memcpy(wpa_auth->dot11RSNAPMKIDUsed, pmkid, PMKID_LEN);
614 	}
615 
616 	if (sm->wpa_ie == NULL || sm->wpa_ie_len < wpa_ie_len) {
617 		os_free(sm->wpa_ie);
618 		sm->wpa_ie = os_malloc(wpa_ie_len);
619 		if (sm->wpa_ie == NULL)
620 			return WPA_ALLOC_FAIL;
621 	}
622 	os_memcpy(sm->wpa_ie, wpa_ie, wpa_ie_len);
623 	sm->wpa_ie_len = wpa_ie_len;
624 
625 	return WPA_IE_OK;
626 }
627 
628 
629 /**
630  * wpa_parse_generic - Parse EAPOL-Key Key Data Generic IEs
631  * @pos: Pointer to the IE header
632  * @end: Pointer to the end of the Key Data buffer
633  * @ie: Pointer to parsed IE data
634  * Returns: 0 on success, 1 if end mark is found, -1 on failure
635  */
wpa_parse_generic(const u8 * pos,const u8 * end,struct wpa_eapol_ie_parse * ie)636 static int wpa_parse_generic(const u8 *pos, const u8 *end,
637 			     struct wpa_eapol_ie_parse *ie)
638 {
639 	if (pos[1] == 0)
640 		return 1;
641 
642 	if (pos[1] >= 6 &&
643 	    RSN_SELECTOR_GET(pos + 2) == WPA_OUI_TYPE &&
644 	    pos[2 + WPA_SELECTOR_LEN] == 1 &&
645 	    pos[2 + WPA_SELECTOR_LEN + 1] == 0) {
646 		ie->wpa_ie = pos;
647 		ie->wpa_ie_len = pos[1] + 2;
648 		return 0;
649 	}
650 
651 	if (pos + 1 + RSN_SELECTOR_LEN < end &&
652 	    pos[1] >= RSN_SELECTOR_LEN + PMKID_LEN &&
653 	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_PMKID) {
654 		ie->pmkid = pos + 2 + RSN_SELECTOR_LEN;
655 		return 0;
656 	}
657 
658 	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
659 	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_GROUPKEY) {
660 		ie->gtk = pos + 2 + RSN_SELECTOR_LEN;
661 		ie->gtk_len = pos[1] - RSN_SELECTOR_LEN;
662 		return 0;
663 	}
664 
665 	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
666 	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_MAC_ADDR) {
667 		ie->mac_addr = pos + 2 + RSN_SELECTOR_LEN;
668 		ie->mac_addr_len = pos[1] - RSN_SELECTOR_LEN;
669 		return 0;
670 	}
671 
672 #ifdef CONFIG_PEERKEY
673 	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
674 	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_SMK) {
675 		ie->smk = pos + 2 + RSN_SELECTOR_LEN;
676 		ie->smk_len = pos[1] - RSN_SELECTOR_LEN;
677 		return 0;
678 	}
679 
680 	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
681 	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_NONCE) {
682 		ie->nonce = pos + 2 + RSN_SELECTOR_LEN;
683 		ie->nonce_len = pos[1] - RSN_SELECTOR_LEN;
684 		return 0;
685 	}
686 
687 	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
688 	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_LIFETIME) {
689 		ie->lifetime = pos + 2 + RSN_SELECTOR_LEN;
690 		ie->lifetime_len = pos[1] - RSN_SELECTOR_LEN;
691 		return 0;
692 	}
693 
694 	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
695 	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_ERROR) {
696 		ie->error = pos + 2 + RSN_SELECTOR_LEN;
697 		ie->error_len = pos[1] - RSN_SELECTOR_LEN;
698 		return 0;
699 	}
700 #endif /* CONFIG_PEERKEY */
701 
702 #ifdef CONFIG_IEEE80211W
703 	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
704 	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_IGTK) {
705 		ie->igtk = pos + 2 + RSN_SELECTOR_LEN;
706 		ie->igtk_len = pos[1] - RSN_SELECTOR_LEN;
707 		return 0;
708 	}
709 #endif /* CONFIG_IEEE80211W */
710 
711 	return 0;
712 }
713 
714 
715 /**
716  * wpa_parse_kde_ies - Parse EAPOL-Key Key Data IEs
717  * @buf: Pointer to the Key Data buffer
718  * @len: Key Data Length
719  * @ie: Pointer to parsed IE data
720  * Returns: 0 on success, -1 on failure
721  */
wpa_parse_kde_ies(const u8 * buf,size_t len,struct wpa_eapol_ie_parse * ie)722 int wpa_parse_kde_ies(const u8 *buf, size_t len, struct wpa_eapol_ie_parse *ie)
723 {
724 	const u8 *pos, *end;
725 	int ret = 0;
726 
727 	os_memset(ie, 0, sizeof(*ie));
728 	for (pos = buf, end = pos + len; pos + 1 < end; pos += 2 + pos[1]) {
729 		if (pos[0] == 0xdd &&
730 		    ((pos == buf + len - 1) || pos[1] == 0)) {
731 			/* Ignore padding */
732 			break;
733 		}
734 		if (pos + 2 + pos[1] > end) {
735 			wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key Key Data "
736 				   "underflow (ie=%d len=%d pos=%d)",
737 				   pos[0], pos[1], (int) (pos - buf));
738 			wpa_hexdump_key(MSG_DEBUG, "WPA: Key Data",
739 					buf, len);
740 			ret = -1;
741 			break;
742 		}
743 		if (*pos == WLAN_EID_RSN) {
744 			ie->rsn_ie = pos;
745 			ie->rsn_ie_len = pos[1] + 2;
746 #ifdef CONFIG_IEEE80211R
747 		} else if (*pos == WLAN_EID_MOBILITY_DOMAIN) {
748 			ie->mdie = pos;
749 			ie->mdie_len = pos[1] + 2;
750 		} else if (*pos == WLAN_EID_FAST_BSS_TRANSITION) {
751 			ie->ftie = pos;
752 			ie->ftie_len = pos[1] + 2;
753 #endif /* CONFIG_IEEE80211R */
754 		} else if (*pos == WLAN_EID_VENDOR_SPECIFIC) {
755 			ret = wpa_parse_generic(pos, end, ie);
756 			if (ret < 0)
757 				break;
758 			if (ret > 0) {
759 				ret = 0;
760 				break;
761 			}
762 		} else {
763 			wpa_hexdump(MSG_DEBUG, "WPA: Unrecognized EAPOL-Key "
764 				    "Key Data IE", pos, 2 + pos[1]);
765 		}
766 	}
767 
768 	return ret;
769 }
770 
771 
wpa_auth_uses_mfp(struct wpa_state_machine * sm)772 int wpa_auth_uses_mfp(struct wpa_state_machine *sm)
773 {
774 	return sm ? sm->mgmt_frame_prot : 0;
775 }
776