• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * hostapd - WPA/RSN IE and KDE definitions
3  * Copyright (c) 2004-2008, Jouni Malinen <j@w1.fi>
4  *
5  * This software may be distributed under the terms of the BSD license.
6  * See README for more details.
7  */
8 
9 #include "utils/includes.h"
10 
11 #include "utils/common.h"
12 #include "common/ieee802_11_defs.h"
13 #include "eapol_auth/eapol_auth_sm.h"
14 #include "ap_config.h"
15 #include "ieee802_11.h"
16 #include "wpa_auth.h"
17 #include "pmksa_cache_auth.h"
18 #include "wpa_auth_ie.h"
19 #include "wpa_auth_i.h"
20 
21 
22 #ifdef CONFIG_RSN_TESTING
23 int rsn_testing = 0;
24 #endif /* CONFIG_RSN_TESTING */
25 
26 
wpa_write_wpa_ie(struct wpa_auth_config * conf,u8 * buf,size_t len)27 static int wpa_write_wpa_ie(struct wpa_auth_config *conf, u8 *buf, size_t len)
28 {
29 	struct wpa_ie_hdr *hdr;
30 	int num_suites;
31 	u8 *pos, *count;
32 	u32 suite;
33 
34 	hdr = (struct wpa_ie_hdr *) buf;
35 	hdr->elem_id = WLAN_EID_VENDOR_SPECIFIC;
36 	RSN_SELECTOR_PUT(hdr->oui, WPA_OUI_TYPE);
37 	WPA_PUT_LE16(hdr->version, WPA_VERSION);
38 	pos = (u8 *) (hdr + 1);
39 
40 	suite = wpa_cipher_to_suite(WPA_PROTO_WPA, conf->wpa_group);
41 	if (suite == 0) {
42 		wpa_printf(MSG_DEBUG, "Invalid group cipher (%d).",
43 			   conf->wpa_group);
44 		return -1;
45 	}
46 	RSN_SELECTOR_PUT(pos, suite);
47 	pos += WPA_SELECTOR_LEN;
48 
49 	count = pos;
50 	pos += 2;
51 
52 	num_suites = wpa_cipher_put_suites(pos, conf->wpa_pairwise);
53 	if (num_suites == 0) {
54 		wpa_printf(MSG_DEBUG, "Invalid pairwise cipher (%d).",
55 			   conf->wpa_pairwise);
56 		return -1;
57 	}
58 	pos += num_suites * WPA_SELECTOR_LEN;
59 	WPA_PUT_LE16(count, num_suites);
60 
61 	num_suites = 0;
62 	count = pos;
63 	pos += 2;
64 
65 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
66 		RSN_SELECTOR_PUT(pos, WPA_AUTH_KEY_MGMT_UNSPEC_802_1X);
67 		pos += WPA_SELECTOR_LEN;
68 		num_suites++;
69 	}
70 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
71 		RSN_SELECTOR_PUT(pos, WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X);
72 		pos += WPA_SELECTOR_LEN;
73 		num_suites++;
74 	}
75 
76 	if (num_suites == 0) {
77 		wpa_printf(MSG_DEBUG, "Invalid key management type (%d).",
78 			   conf->wpa_key_mgmt);
79 		return -1;
80 	}
81 	WPA_PUT_LE16(count, num_suites);
82 
83 	/* WPA Capabilities; use defaults, so no need to include it */
84 
85 	hdr->len = (pos - buf) - 2;
86 
87 	return pos - buf;
88 }
89 
90 
wpa_write_rsn_ie(struct wpa_auth_config * conf,u8 * buf,size_t len,const u8 * pmkid)91 int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
92 		     const u8 *pmkid)
93 {
94 	struct rsn_ie_hdr *hdr;
95 	int num_suites, res;
96 	u8 *pos, *count;
97 	u16 capab;
98 	u32 suite;
99 
100 	hdr = (struct rsn_ie_hdr *) buf;
101 	hdr->elem_id = WLAN_EID_RSN;
102 	WPA_PUT_LE16(hdr->version, RSN_VERSION);
103 	pos = (u8 *) (hdr + 1);
104 
105 	suite = wpa_cipher_to_suite(WPA_PROTO_RSN, conf->wpa_group);
106 	if (suite == 0) {
107 		wpa_printf(MSG_DEBUG, "Invalid group cipher (%d).",
108 			   conf->wpa_group);
109 		return -1;
110 	}
111 	RSN_SELECTOR_PUT(pos, suite);
112 	pos += RSN_SELECTOR_LEN;
113 
114 	num_suites = 0;
115 	count = pos;
116 	pos += 2;
117 
118 #ifdef CONFIG_RSN_TESTING
119 	if (rsn_testing) {
120 		RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 1));
121 		pos += RSN_SELECTOR_LEN;
122 		num_suites++;
123 	}
124 #endif /* CONFIG_RSN_TESTING */
125 
126 	res = rsn_cipher_put_suites(pos, conf->rsn_pairwise);
127 	num_suites += res;
128 	pos += res * RSN_SELECTOR_LEN;
129 
130 #ifdef CONFIG_RSN_TESTING
131 	if (rsn_testing) {
132 		RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 2));
133 		pos += RSN_SELECTOR_LEN;
134 		num_suites++;
135 	}
136 #endif /* CONFIG_RSN_TESTING */
137 
138 	if (num_suites == 0) {
139 		wpa_printf(MSG_DEBUG, "Invalid pairwise cipher (%d).",
140 			   conf->rsn_pairwise);
141 		return -1;
142 	}
143 	WPA_PUT_LE16(count, num_suites);
144 
145 	num_suites = 0;
146 	count = pos;
147 	pos += 2;
148 
149 #ifdef CONFIG_RSN_TESTING
150 	if (rsn_testing) {
151 		RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 1));
152 		pos += RSN_SELECTOR_LEN;
153 		num_suites++;
154 	}
155 #endif /* CONFIG_RSN_TESTING */
156 
157 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
158 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_UNSPEC_802_1X);
159 		pos += RSN_SELECTOR_LEN;
160 		num_suites++;
161 	}
162 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
163 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X);
164 		pos += RSN_SELECTOR_LEN;
165 		num_suites++;
166 	}
167 #ifdef CONFIG_IEEE80211R
168 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
169 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_802_1X);
170 		pos += RSN_SELECTOR_LEN;
171 		num_suites++;
172 	}
173 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) {
174 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_PSK);
175 		pos += RSN_SELECTOR_LEN;
176 		num_suites++;
177 	}
178 #endif /* CONFIG_IEEE80211R */
179 #ifdef CONFIG_IEEE80211W
180 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
181 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SHA256);
182 		pos += RSN_SELECTOR_LEN;
183 		num_suites++;
184 	}
185 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
186 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_SHA256);
187 		pos += RSN_SELECTOR_LEN;
188 		num_suites++;
189 	}
190 #endif /* CONFIG_IEEE80211W */
191 #ifdef CONFIG_SAE
192 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) {
193 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_SAE);
194 		pos += RSN_SELECTOR_LEN;
195 		num_suites++;
196 	}
197 	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) {
198 		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_SAE);
199 		pos += RSN_SELECTOR_LEN;
200 		num_suites++;
201 	}
202 #endif /* CONFIG_SAE */
203 
204 #ifdef CONFIG_RSN_TESTING
205 	if (rsn_testing) {
206 		RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 2));
207 		pos += RSN_SELECTOR_LEN;
208 		num_suites++;
209 	}
210 #endif /* CONFIG_RSN_TESTING */
211 
212 	if (num_suites == 0) {
213 		wpa_printf(MSG_DEBUG, "Invalid key management type (%d).",
214 			   conf->wpa_key_mgmt);
215 		return -1;
216 	}
217 	WPA_PUT_LE16(count, num_suites);
218 
219 	/* RSN Capabilities */
220 	capab = 0;
221 	if (conf->rsn_preauth)
222 		capab |= WPA_CAPABILITY_PREAUTH;
223 	if (conf->peerkey)
224 		capab |= WPA_CAPABILITY_PEERKEY_ENABLED;
225 	if (conf->wmm_enabled) {
226 		/* 4 PTKSA replay counters when using WMM */
227 		capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
228 	}
229 #ifdef CONFIG_IEEE80211W
230 	if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
231 		capab |= WPA_CAPABILITY_MFPC;
232 		if (conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED)
233 			capab |= WPA_CAPABILITY_MFPR;
234 	}
235 #endif /* CONFIG_IEEE80211W */
236 #ifdef CONFIG_RSN_TESTING
237 	if (rsn_testing)
238 		capab |= BIT(8) | BIT(14) | BIT(15);
239 #endif /* CONFIG_RSN_TESTING */
240 	WPA_PUT_LE16(pos, capab);
241 	pos += 2;
242 
243 	if (pmkid) {
244 		if (pos + 2 + PMKID_LEN > buf + len)
245 			return -1;
246 		/* PMKID Count */
247 		WPA_PUT_LE16(pos, 1);
248 		pos += 2;
249 		os_memcpy(pos, pmkid, PMKID_LEN);
250 		pos += PMKID_LEN;
251 	}
252 
253 #ifdef CONFIG_IEEE80211W
254 	if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
255 		if (pos + 2 + 4 > buf + len)
256 			return -1;
257 		if (pmkid == NULL) {
258 			/* PMKID Count */
259 			WPA_PUT_LE16(pos, 0);
260 			pos += 2;
261 		}
262 
263 		/* Management Group Cipher Suite */
264 		switch (conf->group_mgmt_cipher) {
265 		case WPA_CIPHER_AES_128_CMAC:
266 			RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC);
267 			break;
268 		case WPA_CIPHER_BIP_GMAC_128:
269 			RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_BIP_GMAC_128);
270 			break;
271 		case WPA_CIPHER_BIP_GMAC_256:
272 			RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_BIP_GMAC_256);
273 			break;
274 		case WPA_CIPHER_BIP_CMAC_256:
275 			RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_BIP_CMAC_256);
276 			break;
277 		default:
278 			wpa_printf(MSG_DEBUG,
279 				   "Invalid group management cipher (0x%x)",
280 				   conf->group_mgmt_cipher);
281 			return -1;
282 		}
283 		pos += RSN_SELECTOR_LEN;
284 	}
285 #endif /* CONFIG_IEEE80211W */
286 
287 #ifdef CONFIG_RSN_TESTING
288 	if (rsn_testing) {
289 		/*
290 		 * Fill in any defined fields and add extra data to the end of
291 		 * the element.
292 		 */
293 		int pmkid_count_set = pmkid != NULL;
294 		if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION)
295 			pmkid_count_set = 1;
296 		/* PMKID Count */
297 		WPA_PUT_LE16(pos, 0);
298 		pos += 2;
299 		if (conf->ieee80211w == NO_MGMT_FRAME_PROTECTION) {
300 			/* Management Group Cipher Suite */
301 			RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC);
302 			pos += RSN_SELECTOR_LEN;
303 		}
304 
305 		os_memset(pos, 0x12, 17);
306 		pos += 17;
307 	}
308 #endif /* CONFIG_RSN_TESTING */
309 
310 	hdr->len = (pos - buf) - 2;
311 
312 	return pos - buf;
313 }
314 
315 
wpa_write_osen(struct wpa_auth_config * conf,u8 * eid)316 static u8 * wpa_write_osen(struct wpa_auth_config *conf, u8 *eid)
317 {
318 	u8 *len;
319 	u16 capab;
320 
321 	*eid++ = WLAN_EID_VENDOR_SPECIFIC;
322 	len = eid++; /* to be filled */
323 	WPA_PUT_BE24(eid, OUI_WFA);
324 	eid += 3;
325 	*eid++ = HS20_OSEN_OUI_TYPE;
326 
327 	/* Group Data Cipher Suite */
328 	RSN_SELECTOR_PUT(eid, RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED);
329 	eid += RSN_SELECTOR_LEN;
330 
331 	/* Pairwise Cipher Suite Count and List */
332 	WPA_PUT_LE16(eid, 1);
333 	eid += 2;
334 	RSN_SELECTOR_PUT(eid, RSN_CIPHER_SUITE_CCMP);
335 	eid += RSN_SELECTOR_LEN;
336 
337 	/* AKM Suite Count and List */
338 	WPA_PUT_LE16(eid, 1);
339 	eid += 2;
340 	RSN_SELECTOR_PUT(eid, RSN_AUTH_KEY_MGMT_OSEN);
341 	eid += RSN_SELECTOR_LEN;
342 
343 	/* RSN Capabilities */
344 	capab = 0;
345 	if (conf->wmm_enabled) {
346 		/* 4 PTKSA replay counters when using WMM */
347 		capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
348 	}
349 #ifdef CONFIG_IEEE80211W
350 	if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
351 		capab |= WPA_CAPABILITY_MFPC;
352 		if (conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED)
353 			capab |= WPA_CAPABILITY_MFPR;
354 	}
355 #endif /* CONFIG_IEEE80211W */
356 	WPA_PUT_LE16(eid, capab);
357 	eid += 2;
358 
359 	*len = eid - len - 1;
360 
361 	return eid;
362 }
363 
364 
wpa_auth_gen_wpa_ie(struct wpa_authenticator * wpa_auth)365 int wpa_auth_gen_wpa_ie(struct wpa_authenticator *wpa_auth)
366 {
367 	u8 *pos, buf[128];
368 	int res;
369 
370 	pos = buf;
371 
372 	if (wpa_auth->conf.wpa == WPA_PROTO_OSEN) {
373 		pos = wpa_write_osen(&wpa_auth->conf, pos);
374 	}
375 	if (wpa_auth->conf.wpa & WPA_PROTO_RSN) {
376 		res = wpa_write_rsn_ie(&wpa_auth->conf,
377 				       pos, buf + sizeof(buf) - pos, NULL);
378 		if (res < 0)
379 			return res;
380 		pos += res;
381 	}
382 #ifdef CONFIG_IEEE80211R
383 	if (wpa_key_mgmt_ft(wpa_auth->conf.wpa_key_mgmt)) {
384 		res = wpa_write_mdie(&wpa_auth->conf, pos,
385 				     buf + sizeof(buf) - pos);
386 		if (res < 0)
387 			return res;
388 		pos += res;
389 	}
390 #endif /* CONFIG_IEEE80211R */
391 	if (wpa_auth->conf.wpa & WPA_PROTO_WPA) {
392 		res = wpa_write_wpa_ie(&wpa_auth->conf,
393 				       pos, buf + sizeof(buf) - pos);
394 		if (res < 0)
395 			return res;
396 		pos += res;
397 	}
398 
399 	os_free(wpa_auth->wpa_ie);
400 	wpa_auth->wpa_ie = os_malloc(pos - buf);
401 	if (wpa_auth->wpa_ie == NULL)
402 		return -1;
403 	os_memcpy(wpa_auth->wpa_ie, buf, pos - buf);
404 	wpa_auth->wpa_ie_len = pos - buf;
405 
406 	return 0;
407 }
408 
409 
wpa_add_kde(u8 * pos,u32 kde,const u8 * data,size_t data_len,const u8 * data2,size_t data2_len)410 u8 * wpa_add_kde(u8 *pos, u32 kde, const u8 *data, size_t data_len,
411 		 const u8 *data2, size_t data2_len)
412 {
413 	*pos++ = WLAN_EID_VENDOR_SPECIFIC;
414 	*pos++ = RSN_SELECTOR_LEN + data_len + data2_len;
415 	RSN_SELECTOR_PUT(pos, kde);
416 	pos += RSN_SELECTOR_LEN;
417 	os_memcpy(pos, data, data_len);
418 	pos += data_len;
419 	if (data2) {
420 		os_memcpy(pos, data2, data2_len);
421 		pos += data2_len;
422 	}
423 	return pos;
424 }
425 
426 
427 struct wpa_auth_okc_iter_data {
428 	struct rsn_pmksa_cache_entry *pmksa;
429 	const u8 *aa;
430 	const u8 *spa;
431 	const u8 *pmkid;
432 };
433 
434 
wpa_auth_okc_iter(struct wpa_authenticator * a,void * ctx)435 static int wpa_auth_okc_iter(struct wpa_authenticator *a, void *ctx)
436 {
437 	struct wpa_auth_okc_iter_data *data = ctx;
438 	data->pmksa = pmksa_cache_get_okc(a->pmksa, data->aa, data->spa,
439 					  data->pmkid);
440 	if (data->pmksa)
441 		return 1;
442 	return 0;
443 }
444 
445 
wpa_validate_wpa_ie(struct wpa_authenticator * wpa_auth,struct wpa_state_machine * sm,const u8 * wpa_ie,size_t wpa_ie_len,const u8 * mdie,size_t mdie_len)446 int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
447 			struct wpa_state_machine *sm,
448 			const u8 *wpa_ie, size_t wpa_ie_len,
449 			const u8 *mdie, size_t mdie_len)
450 {
451 	struct wpa_ie_data data;
452 	int ciphers, key_mgmt, res, version;
453 	u32 selector;
454 	size_t i;
455 	const u8 *pmkid = NULL;
456 
457 	if (wpa_auth == NULL || sm == NULL)
458 		return WPA_NOT_ENABLED;
459 
460 	if (wpa_ie == NULL || wpa_ie_len < 1)
461 		return WPA_INVALID_IE;
462 
463 	if (wpa_ie[0] == WLAN_EID_RSN)
464 		version = WPA_PROTO_RSN;
465 	else
466 		version = WPA_PROTO_WPA;
467 
468 	if (!(wpa_auth->conf.wpa & version)) {
469 		wpa_printf(MSG_DEBUG, "Invalid WPA proto (%d) from " MACSTR,
470 			   version, MAC2STR(sm->addr));
471 		return WPA_INVALID_PROTO;
472 	}
473 
474 	if (version == WPA_PROTO_RSN) {
475 		res = wpa_parse_wpa_ie_rsn(wpa_ie, wpa_ie_len, &data);
476 
477 		selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
478 		if (0) {
479 		}
480 #ifdef CONFIG_IEEE80211R
481 		else if (data.key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
482 			selector = RSN_AUTH_KEY_MGMT_FT_802_1X;
483 		else if (data.key_mgmt & WPA_KEY_MGMT_FT_PSK)
484 			selector = RSN_AUTH_KEY_MGMT_FT_PSK;
485 #endif /* CONFIG_IEEE80211R */
486 #ifdef CONFIG_IEEE80211W
487 		else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
488 			selector = RSN_AUTH_KEY_MGMT_802_1X_SHA256;
489 		else if (data.key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
490 			selector = RSN_AUTH_KEY_MGMT_PSK_SHA256;
491 #endif /* CONFIG_IEEE80211W */
492 #ifdef CONFIG_SAE
493 		else if (data.key_mgmt & WPA_KEY_MGMT_SAE)
494 			selector = RSN_AUTH_KEY_MGMT_SAE;
495 		else if (data.key_mgmt & WPA_KEY_MGMT_FT_SAE)
496 			selector = RSN_AUTH_KEY_MGMT_FT_SAE;
497 #endif /* CONFIG_SAE */
498 		else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
499 			selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
500 		else if (data.key_mgmt & WPA_KEY_MGMT_PSK)
501 			selector = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X;
502 		wpa_auth->dot11RSNAAuthenticationSuiteSelected = selector;
503 
504 		selector = wpa_cipher_to_suite(WPA_PROTO_RSN,
505 					       data.pairwise_cipher);
506 		if (!selector)
507 			selector = RSN_CIPHER_SUITE_CCMP;
508 		wpa_auth->dot11RSNAPairwiseCipherSelected = selector;
509 
510 		selector = wpa_cipher_to_suite(WPA_PROTO_RSN,
511 					       data.group_cipher);
512 		if (!selector)
513 			selector = RSN_CIPHER_SUITE_CCMP;
514 		wpa_auth->dot11RSNAGroupCipherSelected = selector;
515 	} else {
516 		res = wpa_parse_wpa_ie_wpa(wpa_ie, wpa_ie_len, &data);
517 
518 		selector = WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
519 		if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
520 			selector = WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
521 		else if (data.key_mgmt & WPA_KEY_MGMT_PSK)
522 			selector = WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X;
523 		wpa_auth->dot11RSNAAuthenticationSuiteSelected = selector;
524 
525 		selector = wpa_cipher_to_suite(WPA_PROTO_WPA,
526 					       data.pairwise_cipher);
527 		if (!selector)
528 			selector = RSN_CIPHER_SUITE_TKIP;
529 		wpa_auth->dot11RSNAPairwiseCipherSelected = selector;
530 
531 		selector = wpa_cipher_to_suite(WPA_PROTO_WPA,
532 					       data.group_cipher);
533 		if (!selector)
534 			selector = WPA_CIPHER_SUITE_TKIP;
535 		wpa_auth->dot11RSNAGroupCipherSelected = selector;
536 	}
537 	if (res) {
538 		wpa_printf(MSG_DEBUG, "Failed to parse WPA/RSN IE from "
539 			   MACSTR " (res=%d)", MAC2STR(sm->addr), res);
540 		wpa_hexdump(MSG_DEBUG, "WPA/RSN IE", wpa_ie, wpa_ie_len);
541 		return WPA_INVALID_IE;
542 	}
543 
544 	if (data.group_cipher != wpa_auth->conf.wpa_group) {
545 		wpa_printf(MSG_DEBUG, "Invalid WPA group cipher (0x%x) from "
546 			   MACSTR, data.group_cipher, MAC2STR(sm->addr));
547 		return WPA_INVALID_GROUP;
548 	}
549 
550 	key_mgmt = data.key_mgmt & wpa_auth->conf.wpa_key_mgmt;
551 	if (!key_mgmt) {
552 		wpa_printf(MSG_DEBUG, "Invalid WPA key mgmt (0x%x) from "
553 			   MACSTR, data.key_mgmt, MAC2STR(sm->addr));
554 		return WPA_INVALID_AKMP;
555 	}
556 	if (0) {
557 	}
558 #ifdef CONFIG_IEEE80211R
559 	else if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
560 		sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
561 	else if (key_mgmt & WPA_KEY_MGMT_FT_PSK)
562 		sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_PSK;
563 #endif /* CONFIG_IEEE80211R */
564 #ifdef CONFIG_IEEE80211W
565 	else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
566 		sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
567 	else if (key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
568 		sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
569 #endif /* CONFIG_IEEE80211W */
570 #ifdef CONFIG_SAE
571 	else if (key_mgmt & WPA_KEY_MGMT_SAE)
572 		sm->wpa_key_mgmt = WPA_KEY_MGMT_SAE;
573 	else if (key_mgmt & WPA_KEY_MGMT_FT_SAE)
574 		sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_SAE;
575 #endif /* CONFIG_SAE */
576 	else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X)
577 		sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X;
578 	else
579 		sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK;
580 
581 	if (version == WPA_PROTO_RSN)
582 		ciphers = data.pairwise_cipher & wpa_auth->conf.rsn_pairwise;
583 	else
584 		ciphers = data.pairwise_cipher & wpa_auth->conf.wpa_pairwise;
585 	if (!ciphers) {
586 		wpa_printf(MSG_DEBUG, "Invalid %s pairwise cipher (0x%x) "
587 			   "from " MACSTR,
588 			   version == WPA_PROTO_RSN ? "RSN" : "WPA",
589 			   data.pairwise_cipher, MAC2STR(sm->addr));
590 		return WPA_INVALID_PAIRWISE;
591 	}
592 
593 #ifdef CONFIG_IEEE80211W
594 	if (wpa_auth->conf.ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
595 		if (!(data.capabilities & WPA_CAPABILITY_MFPC)) {
596 			wpa_printf(MSG_DEBUG, "Management frame protection "
597 				   "required, but client did not enable it");
598 			return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
599 		}
600 
601 		if (ciphers & WPA_CIPHER_TKIP) {
602 			wpa_printf(MSG_DEBUG, "Management frame protection "
603 				   "cannot use TKIP");
604 			return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
605 		}
606 
607 		if (data.mgmt_group_cipher != wpa_auth->conf.group_mgmt_cipher)
608 		{
609 			wpa_printf(MSG_DEBUG, "Unsupported management group "
610 				   "cipher %d", data.mgmt_group_cipher);
611 			return WPA_INVALID_MGMT_GROUP_CIPHER;
612 		}
613 	}
614 
615 	if (wpa_auth->conf.ieee80211w == NO_MGMT_FRAME_PROTECTION ||
616 	    !(data.capabilities & WPA_CAPABILITY_MFPC))
617 		sm->mgmt_frame_prot = 0;
618 	else
619 		sm->mgmt_frame_prot = 1;
620 #endif /* CONFIG_IEEE80211W */
621 
622 #ifdef CONFIG_IEEE80211R
623 	if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
624 		if (mdie == NULL || mdie_len < MOBILITY_DOMAIN_ID_LEN + 1) {
625 			wpa_printf(MSG_DEBUG, "RSN: Trying to use FT, but "
626 				   "MDIE not included");
627 			return WPA_INVALID_MDIE;
628 		}
629 		if (os_memcmp(mdie, wpa_auth->conf.mobility_domain,
630 			      MOBILITY_DOMAIN_ID_LEN) != 0) {
631 			wpa_hexdump(MSG_DEBUG, "RSN: Attempted to use unknown "
632 				    "MDIE", mdie, MOBILITY_DOMAIN_ID_LEN);
633 			return WPA_INVALID_MDIE;
634 		}
635 	}
636 #endif /* CONFIG_IEEE80211R */
637 
638 	sm->pairwise = wpa_pick_pairwise_cipher(ciphers, 0);
639 	if (sm->pairwise < 0)
640 		return WPA_INVALID_PAIRWISE;
641 
642 	/* TODO: clear WPA/WPA2 state if STA changes from one to another */
643 	if (wpa_ie[0] == WLAN_EID_RSN)
644 		sm->wpa = WPA_VERSION_WPA2;
645 	else
646 		sm->wpa = WPA_VERSION_WPA;
647 
648 	sm->pmksa = NULL;
649 	for (i = 0; i < data.num_pmkid; i++) {
650 		wpa_hexdump(MSG_DEBUG, "RSN IE: STA PMKID",
651 			    &data.pmkid[i * PMKID_LEN], PMKID_LEN);
652 		sm->pmksa = pmksa_cache_auth_get(wpa_auth->pmksa, sm->addr,
653 						 &data.pmkid[i * PMKID_LEN]);
654 		if (sm->pmksa) {
655 			pmkid = sm->pmksa->pmkid;
656 			break;
657 		}
658 	}
659 	for (i = 0; sm->pmksa == NULL && wpa_auth->conf.okc &&
660 		     i < data.num_pmkid; i++) {
661 		struct wpa_auth_okc_iter_data idata;
662 		idata.pmksa = NULL;
663 		idata.aa = wpa_auth->addr;
664 		idata.spa = sm->addr;
665 		idata.pmkid = &data.pmkid[i * PMKID_LEN];
666 		wpa_auth_for_each_auth(wpa_auth, wpa_auth_okc_iter, &idata);
667 		if (idata.pmksa) {
668 			wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
669 					 "OKC match for PMKID");
670 			sm->pmksa = pmksa_cache_add_okc(wpa_auth->pmksa,
671 							idata.pmksa,
672 							wpa_auth->addr,
673 							idata.pmkid);
674 			pmkid = idata.pmkid;
675 			break;
676 		}
677 	}
678 	if (sm->pmksa && pmkid) {
679 		wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
680 				 "PMKID found from PMKSA cache "
681 				 "eap_type=%d vlan_id=%d",
682 				 sm->pmksa->eap_type_authsrv,
683 				 sm->pmksa->vlan_id);
684 		os_memcpy(wpa_auth->dot11RSNAPMKIDUsed, pmkid, PMKID_LEN);
685 	}
686 
687 	if (sm->wpa_ie == NULL || sm->wpa_ie_len < wpa_ie_len) {
688 		os_free(sm->wpa_ie);
689 		sm->wpa_ie = os_malloc(wpa_ie_len);
690 		if (sm->wpa_ie == NULL)
691 			return WPA_ALLOC_FAIL;
692 	}
693 	os_memcpy(sm->wpa_ie, wpa_ie, wpa_ie_len);
694 	sm->wpa_ie_len = wpa_ie_len;
695 
696 	return WPA_IE_OK;
697 }
698 
699 
700 #ifdef CONFIG_HS20
wpa_validate_osen(struct wpa_authenticator * wpa_auth,struct wpa_state_machine * sm,const u8 * osen_ie,size_t osen_ie_len)701 int wpa_validate_osen(struct wpa_authenticator *wpa_auth,
702 		      struct wpa_state_machine *sm,
703 		      const u8 *osen_ie, size_t osen_ie_len)
704 {
705 	if (wpa_auth == NULL || sm == NULL)
706 		return -1;
707 
708 	/* TODO: parse OSEN element */
709 	sm->wpa_key_mgmt = WPA_KEY_MGMT_OSEN;
710 	sm->mgmt_frame_prot = 1;
711 	sm->pairwise = WPA_CIPHER_CCMP;
712 	sm->wpa = WPA_VERSION_WPA2;
713 
714 	if (sm->wpa_ie == NULL || sm->wpa_ie_len < osen_ie_len) {
715 		os_free(sm->wpa_ie);
716 		sm->wpa_ie = os_malloc(osen_ie_len);
717 		if (sm->wpa_ie == NULL)
718 			return -1;
719 	}
720 
721 	os_memcpy(sm->wpa_ie, osen_ie, osen_ie_len);
722 	sm->wpa_ie_len = osen_ie_len;
723 
724 	return 0;
725 }
726 
727 #endif /* CONFIG_HS20 */
728 
729 
730 /**
731  * wpa_parse_generic - Parse EAPOL-Key Key Data Generic IEs
732  * @pos: Pointer to the IE header
733  * @end: Pointer to the end of the Key Data buffer
734  * @ie: Pointer to parsed IE data
735  * Returns: 0 on success, 1 if end mark is found, -1 on failure
736  */
wpa_parse_generic(const u8 * pos,const u8 * end,struct wpa_eapol_ie_parse * ie)737 static int wpa_parse_generic(const u8 *pos, const u8 *end,
738 			     struct wpa_eapol_ie_parse *ie)
739 {
740 	if (pos[1] == 0)
741 		return 1;
742 
743 	if (pos[1] >= 6 &&
744 	    RSN_SELECTOR_GET(pos + 2) == WPA_OUI_TYPE &&
745 	    pos[2 + WPA_SELECTOR_LEN] == 1 &&
746 	    pos[2 + WPA_SELECTOR_LEN + 1] == 0) {
747 		ie->wpa_ie = pos;
748 		ie->wpa_ie_len = pos[1] + 2;
749 		return 0;
750 	}
751 
752 	if (pos[1] >= 4 && WPA_GET_BE32(pos + 2) == OSEN_IE_VENDOR_TYPE) {
753 		ie->osen = pos;
754 		ie->osen_len = pos[1] + 2;
755 		return 0;
756 	}
757 
758 	if (pos + 1 + RSN_SELECTOR_LEN < end &&
759 	    pos[1] >= RSN_SELECTOR_LEN + PMKID_LEN &&
760 	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_PMKID) {
761 		ie->pmkid = pos + 2 + RSN_SELECTOR_LEN;
762 		return 0;
763 	}
764 
765 	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
766 	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_GROUPKEY) {
767 		ie->gtk = pos + 2 + RSN_SELECTOR_LEN;
768 		ie->gtk_len = pos[1] - RSN_SELECTOR_LEN;
769 		return 0;
770 	}
771 
772 	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
773 	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_MAC_ADDR) {
774 		ie->mac_addr = pos + 2 + RSN_SELECTOR_LEN;
775 		ie->mac_addr_len = pos[1] - RSN_SELECTOR_LEN;
776 		return 0;
777 	}
778 
779 #ifdef CONFIG_PEERKEY
780 	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
781 	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_SMK) {
782 		ie->smk = pos + 2 + RSN_SELECTOR_LEN;
783 		ie->smk_len = pos[1] - RSN_SELECTOR_LEN;
784 		return 0;
785 	}
786 
787 	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
788 	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_NONCE) {
789 		ie->nonce = pos + 2 + RSN_SELECTOR_LEN;
790 		ie->nonce_len = pos[1] - RSN_SELECTOR_LEN;
791 		return 0;
792 	}
793 
794 	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
795 	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_LIFETIME) {
796 		ie->lifetime = pos + 2 + RSN_SELECTOR_LEN;
797 		ie->lifetime_len = pos[1] - RSN_SELECTOR_LEN;
798 		return 0;
799 	}
800 
801 	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
802 	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_ERROR) {
803 		ie->error = pos + 2 + RSN_SELECTOR_LEN;
804 		ie->error_len = pos[1] - RSN_SELECTOR_LEN;
805 		return 0;
806 	}
807 #endif /* CONFIG_PEERKEY */
808 
809 #ifdef CONFIG_IEEE80211W
810 	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
811 	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_IGTK) {
812 		ie->igtk = pos + 2 + RSN_SELECTOR_LEN;
813 		ie->igtk_len = pos[1] - RSN_SELECTOR_LEN;
814 		return 0;
815 	}
816 #endif /* CONFIG_IEEE80211W */
817 
818 #ifdef CONFIG_P2P
819 	if (pos[1] >= RSN_SELECTOR_LEN + 1 &&
820 	    RSN_SELECTOR_GET(pos + 2) == WFA_KEY_DATA_IP_ADDR_REQ) {
821 		ie->ip_addr_req = pos + 2 + RSN_SELECTOR_LEN;
822 		wpa_hexdump(MSG_DEBUG, "WPA: IP Address Request in EAPOL-Key",
823 			    ie->ip_addr_req, pos[1] - RSN_SELECTOR_LEN);
824 		return 0;
825 	}
826 
827 	if (pos[1] >= RSN_SELECTOR_LEN + 3 * 4 &&
828 	    RSN_SELECTOR_GET(pos + 2) == WFA_KEY_DATA_IP_ADDR_ALLOC) {
829 		ie->ip_addr_alloc = pos + 2 + RSN_SELECTOR_LEN;
830 		wpa_hexdump(MSG_DEBUG,
831 			    "WPA: IP Address Allocation in EAPOL-Key",
832 			    ie->ip_addr_alloc, pos[1] - RSN_SELECTOR_LEN);
833 		return 0;
834 	}
835 #endif /* CONFIG_P2P */
836 
837 	return 0;
838 }
839 
840 
841 /**
842  * wpa_parse_kde_ies - Parse EAPOL-Key Key Data IEs
843  * @buf: Pointer to the Key Data buffer
844  * @len: Key Data Length
845  * @ie: Pointer to parsed IE data
846  * Returns: 0 on success, -1 on failure
847  */
wpa_parse_kde_ies(const u8 * buf,size_t len,struct wpa_eapol_ie_parse * ie)848 int wpa_parse_kde_ies(const u8 *buf, size_t len, struct wpa_eapol_ie_parse *ie)
849 {
850 	const u8 *pos, *end;
851 	int ret = 0;
852 
853 	os_memset(ie, 0, sizeof(*ie));
854 	for (pos = buf, end = pos + len; pos + 1 < end; pos += 2 + pos[1]) {
855 		if (pos[0] == 0xdd &&
856 		    ((pos == buf + len - 1) || pos[1] == 0)) {
857 			/* Ignore padding */
858 			break;
859 		}
860 		if (pos + 2 + pos[1] > end) {
861 			wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key Key Data "
862 				   "underflow (ie=%d len=%d pos=%d)",
863 				   pos[0], pos[1], (int) (pos - buf));
864 			wpa_hexdump_key(MSG_DEBUG, "WPA: Key Data",
865 					buf, len);
866 			ret = -1;
867 			break;
868 		}
869 		if (*pos == WLAN_EID_RSN) {
870 			ie->rsn_ie = pos;
871 			ie->rsn_ie_len = pos[1] + 2;
872 #ifdef CONFIG_IEEE80211R
873 		} else if (*pos == WLAN_EID_MOBILITY_DOMAIN) {
874 			ie->mdie = pos;
875 			ie->mdie_len = pos[1] + 2;
876 		} else if (*pos == WLAN_EID_FAST_BSS_TRANSITION) {
877 			ie->ftie = pos;
878 			ie->ftie_len = pos[1] + 2;
879 #endif /* CONFIG_IEEE80211R */
880 		} else if (*pos == WLAN_EID_VENDOR_SPECIFIC) {
881 			ret = wpa_parse_generic(pos, end, ie);
882 			if (ret < 0)
883 				break;
884 			if (ret > 0) {
885 				ret = 0;
886 				break;
887 			}
888 		} else {
889 			wpa_hexdump(MSG_DEBUG, "WPA: Unrecognized EAPOL-Key "
890 				    "Key Data IE", pos, 2 + pos[1]);
891 		}
892 	}
893 
894 	return ret;
895 }
896 
897 
wpa_auth_uses_mfp(struct wpa_state_machine * sm)898 int wpa_auth_uses_mfp(struct wpa_state_machine *sm)
899 {
900 	return sm ? sm->mgmt_frame_prot : 0;
901 }
902