1 /*
2 * hostapd - WPA/RSN IE and KDE definitions
3 * Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10
11 #include "utils/common.h"
12 #include "common/ieee802_11_defs.h"
13 #include "eapol_auth/eapol_auth_sm.h"
14 #include "ap_config.h"
15 #include "ieee802_11.h"
16 #include "wpa_auth.h"
17 #include "pmksa_cache_auth.h"
18 #include "wpa_auth_ie.h"
19 #include "wpa_auth_i.h"
20
21
22 #ifdef CONFIG_RSN_TESTING
23 int rsn_testing = 0;
24 #endif /* CONFIG_RSN_TESTING */
25
26
wpa_write_wpa_ie(struct wpa_auth_config * conf,u8 * buf,size_t len)27 static int wpa_write_wpa_ie(struct wpa_auth_config *conf, u8 *buf, size_t len)
28 {
29 struct wpa_ie_hdr *hdr;
30 int num_suites;
31 u8 *pos, *count;
32 u32 suite;
33
34 hdr = (struct wpa_ie_hdr *) buf;
35 hdr->elem_id = WLAN_EID_VENDOR_SPECIFIC;
36 RSN_SELECTOR_PUT(hdr->oui, WPA_OUI_TYPE);
37 WPA_PUT_LE16(hdr->version, WPA_VERSION);
38 pos = (u8 *) (hdr + 1);
39
40 suite = wpa_cipher_to_suite(WPA_PROTO_WPA, conf->wpa_group);
41 if (suite == 0) {
42 wpa_printf(MSG_DEBUG, "Invalid group cipher (%d).",
43 conf->wpa_group);
44 return -1;
45 }
46 RSN_SELECTOR_PUT(pos, suite);
47 pos += WPA_SELECTOR_LEN;
48
49 count = pos;
50 pos += 2;
51
52 num_suites = wpa_cipher_put_suites(pos, conf->wpa_pairwise);
53 if (num_suites == 0) {
54 wpa_printf(MSG_DEBUG, "Invalid pairwise cipher (%d).",
55 conf->wpa_pairwise);
56 return -1;
57 }
58 pos += num_suites * WPA_SELECTOR_LEN;
59 WPA_PUT_LE16(count, num_suites);
60
61 num_suites = 0;
62 count = pos;
63 pos += 2;
64
65 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
66 RSN_SELECTOR_PUT(pos, WPA_AUTH_KEY_MGMT_UNSPEC_802_1X);
67 pos += WPA_SELECTOR_LEN;
68 num_suites++;
69 }
70 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
71 RSN_SELECTOR_PUT(pos, WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X);
72 pos += WPA_SELECTOR_LEN;
73 num_suites++;
74 }
75
76 if (num_suites == 0) {
77 wpa_printf(MSG_DEBUG, "Invalid key management type (%d).",
78 conf->wpa_key_mgmt);
79 return -1;
80 }
81 WPA_PUT_LE16(count, num_suites);
82
83 /* WPA Capabilities; use defaults, so no need to include it */
84
85 hdr->len = (pos - buf) - 2;
86
87 return pos - buf;
88 }
89
90
wpa_write_rsn_ie(struct wpa_auth_config * conf,u8 * buf,size_t len,const u8 * pmkid)91 int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
92 const u8 *pmkid)
93 {
94 struct rsn_ie_hdr *hdr;
95 int num_suites, res;
96 u8 *pos, *count;
97 u16 capab;
98 u32 suite;
99
100 hdr = (struct rsn_ie_hdr *) buf;
101 hdr->elem_id = WLAN_EID_RSN;
102 WPA_PUT_LE16(hdr->version, RSN_VERSION);
103 pos = (u8 *) (hdr + 1);
104
105 suite = wpa_cipher_to_suite(WPA_PROTO_RSN, conf->wpa_group);
106 if (suite == 0) {
107 wpa_printf(MSG_DEBUG, "Invalid group cipher (%d).",
108 conf->wpa_group);
109 return -1;
110 }
111 RSN_SELECTOR_PUT(pos, suite);
112 pos += RSN_SELECTOR_LEN;
113
114 num_suites = 0;
115 count = pos;
116 pos += 2;
117
118 #ifdef CONFIG_RSN_TESTING
119 if (rsn_testing) {
120 RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 1));
121 pos += RSN_SELECTOR_LEN;
122 num_suites++;
123 }
124 #endif /* CONFIG_RSN_TESTING */
125
126 res = rsn_cipher_put_suites(pos, conf->rsn_pairwise);
127 num_suites += res;
128 pos += res * RSN_SELECTOR_LEN;
129
130 #ifdef CONFIG_RSN_TESTING
131 if (rsn_testing) {
132 RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 2));
133 pos += RSN_SELECTOR_LEN;
134 num_suites++;
135 }
136 #endif /* CONFIG_RSN_TESTING */
137
138 if (num_suites == 0) {
139 wpa_printf(MSG_DEBUG, "Invalid pairwise cipher (%d).",
140 conf->rsn_pairwise);
141 return -1;
142 }
143 WPA_PUT_LE16(count, num_suites);
144
145 num_suites = 0;
146 count = pos;
147 pos += 2;
148
149 #ifdef CONFIG_RSN_TESTING
150 if (rsn_testing) {
151 RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 1));
152 pos += RSN_SELECTOR_LEN;
153 num_suites++;
154 }
155 #endif /* CONFIG_RSN_TESTING */
156
157 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
158 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_UNSPEC_802_1X);
159 pos += RSN_SELECTOR_LEN;
160 num_suites++;
161 }
162 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
163 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X);
164 pos += RSN_SELECTOR_LEN;
165 num_suites++;
166 }
167 #ifdef CONFIG_IEEE80211R
168 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
169 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_802_1X);
170 pos += RSN_SELECTOR_LEN;
171 num_suites++;
172 }
173 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) {
174 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_PSK);
175 pos += RSN_SELECTOR_LEN;
176 num_suites++;
177 }
178 #endif /* CONFIG_IEEE80211R */
179 #ifdef CONFIG_IEEE80211W
180 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
181 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SHA256);
182 pos += RSN_SELECTOR_LEN;
183 num_suites++;
184 }
185 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
186 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_SHA256);
187 pos += RSN_SELECTOR_LEN;
188 num_suites++;
189 }
190 #endif /* CONFIG_IEEE80211W */
191 #ifdef CONFIG_SAE
192 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) {
193 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_SAE);
194 pos += RSN_SELECTOR_LEN;
195 num_suites++;
196 }
197 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) {
198 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_SAE);
199 pos += RSN_SELECTOR_LEN;
200 num_suites++;
201 }
202 #endif /* CONFIG_SAE */
203 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
204 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SUITE_B);
205 pos += RSN_SELECTOR_LEN;
206 num_suites++;
207 }
208 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
209 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192);
210 pos += RSN_SELECTOR_LEN;
211 num_suites++;
212 }
213
214 #ifdef CONFIG_RSN_TESTING
215 if (rsn_testing) {
216 RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 2));
217 pos += RSN_SELECTOR_LEN;
218 num_suites++;
219 }
220 #endif /* CONFIG_RSN_TESTING */
221
222 if (num_suites == 0) {
223 wpa_printf(MSG_DEBUG, "Invalid key management type (%d).",
224 conf->wpa_key_mgmt);
225 return -1;
226 }
227 WPA_PUT_LE16(count, num_suites);
228
229 /* RSN Capabilities */
230 capab = 0;
231 if (conf->rsn_preauth)
232 capab |= WPA_CAPABILITY_PREAUTH;
233 if (conf->peerkey)
234 capab |= WPA_CAPABILITY_PEERKEY_ENABLED;
235 if (conf->wmm_enabled) {
236 /* 4 PTKSA replay counters when using WMM */
237 capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
238 }
239 #ifdef CONFIG_IEEE80211W
240 if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
241 capab |= WPA_CAPABILITY_MFPC;
242 if (conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED)
243 capab |= WPA_CAPABILITY_MFPR;
244 }
245 #endif /* CONFIG_IEEE80211W */
246 #ifdef CONFIG_RSN_TESTING
247 if (rsn_testing)
248 capab |= BIT(8) | BIT(14) | BIT(15);
249 #endif /* CONFIG_RSN_TESTING */
250 WPA_PUT_LE16(pos, capab);
251 pos += 2;
252
253 if (pmkid) {
254 if (2 + PMKID_LEN > buf + len - pos)
255 return -1;
256 /* PMKID Count */
257 WPA_PUT_LE16(pos, 1);
258 pos += 2;
259 os_memcpy(pos, pmkid, PMKID_LEN);
260 pos += PMKID_LEN;
261 }
262
263 #ifdef CONFIG_IEEE80211W
264 if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION &&
265 conf->group_mgmt_cipher != WPA_CIPHER_AES_128_CMAC) {
266 if (2 + 4 > buf + len - pos)
267 return -1;
268 if (pmkid == NULL) {
269 /* PMKID Count */
270 WPA_PUT_LE16(pos, 0);
271 pos += 2;
272 }
273
274 /* Management Group Cipher Suite */
275 switch (conf->group_mgmt_cipher) {
276 case WPA_CIPHER_AES_128_CMAC:
277 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC);
278 break;
279 case WPA_CIPHER_BIP_GMAC_128:
280 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_BIP_GMAC_128);
281 break;
282 case WPA_CIPHER_BIP_GMAC_256:
283 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_BIP_GMAC_256);
284 break;
285 case WPA_CIPHER_BIP_CMAC_256:
286 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_BIP_CMAC_256);
287 break;
288 default:
289 wpa_printf(MSG_DEBUG,
290 "Invalid group management cipher (0x%x)",
291 conf->group_mgmt_cipher);
292 return -1;
293 }
294 pos += RSN_SELECTOR_LEN;
295 }
296 #endif /* CONFIG_IEEE80211W */
297
298 #ifdef CONFIG_RSN_TESTING
299 if (rsn_testing) {
300 /*
301 * Fill in any defined fields and add extra data to the end of
302 * the element.
303 */
304 int pmkid_count_set = pmkid != NULL;
305 if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION)
306 pmkid_count_set = 1;
307 /* PMKID Count */
308 WPA_PUT_LE16(pos, 0);
309 pos += 2;
310 if (conf->ieee80211w == NO_MGMT_FRAME_PROTECTION) {
311 /* Management Group Cipher Suite */
312 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC);
313 pos += RSN_SELECTOR_LEN;
314 }
315
316 os_memset(pos, 0x12, 17);
317 pos += 17;
318 }
319 #endif /* CONFIG_RSN_TESTING */
320
321 hdr->len = (pos - buf) - 2;
322
323 return pos - buf;
324 }
325
326
wpa_write_osen(struct wpa_auth_config * conf,u8 * eid)327 static u8 * wpa_write_osen(struct wpa_auth_config *conf, u8 *eid)
328 {
329 u8 *len;
330 u16 capab;
331
332 *eid++ = WLAN_EID_VENDOR_SPECIFIC;
333 len = eid++; /* to be filled */
334 WPA_PUT_BE24(eid, OUI_WFA);
335 eid += 3;
336 *eid++ = HS20_OSEN_OUI_TYPE;
337
338 /* Group Data Cipher Suite */
339 RSN_SELECTOR_PUT(eid, RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED);
340 eid += RSN_SELECTOR_LEN;
341
342 /* Pairwise Cipher Suite Count and List */
343 WPA_PUT_LE16(eid, 1);
344 eid += 2;
345 RSN_SELECTOR_PUT(eid, RSN_CIPHER_SUITE_CCMP);
346 eid += RSN_SELECTOR_LEN;
347
348 /* AKM Suite Count and List */
349 WPA_PUT_LE16(eid, 1);
350 eid += 2;
351 RSN_SELECTOR_PUT(eid, RSN_AUTH_KEY_MGMT_OSEN);
352 eid += RSN_SELECTOR_LEN;
353
354 /* RSN Capabilities */
355 capab = 0;
356 if (conf->wmm_enabled) {
357 /* 4 PTKSA replay counters when using WMM */
358 capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
359 }
360 #ifdef CONFIG_IEEE80211W
361 if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
362 capab |= WPA_CAPABILITY_MFPC;
363 if (conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED)
364 capab |= WPA_CAPABILITY_MFPR;
365 }
366 #endif /* CONFIG_IEEE80211W */
367 WPA_PUT_LE16(eid, capab);
368 eid += 2;
369
370 *len = eid - len - 1;
371
372 return eid;
373 }
374
375
wpa_auth_gen_wpa_ie(struct wpa_authenticator * wpa_auth)376 int wpa_auth_gen_wpa_ie(struct wpa_authenticator *wpa_auth)
377 {
378 u8 *pos, buf[128];
379 int res;
380
381 #ifdef CONFIG_TESTING_OPTIONS
382 if (wpa_auth->conf.own_ie_override_len) {
383 wpa_hexdump(MSG_DEBUG, "WPA: Forced own IE(s) for testing",
384 wpa_auth->conf.own_ie_override,
385 wpa_auth->conf.own_ie_override_len);
386 os_free(wpa_auth->wpa_ie);
387 wpa_auth->wpa_ie =
388 os_malloc(wpa_auth->conf.own_ie_override_len);
389 if (wpa_auth->wpa_ie == NULL)
390 return -1;
391 os_memcpy(wpa_auth->wpa_ie, wpa_auth->conf.own_ie_override,
392 wpa_auth->conf.own_ie_override_len);
393 wpa_auth->wpa_ie_len = wpa_auth->conf.own_ie_override_len;
394 return 0;
395 }
396 #endif /* CONFIG_TESTING_OPTIONS */
397
398 pos = buf;
399
400 if (wpa_auth->conf.wpa == WPA_PROTO_OSEN) {
401 pos = wpa_write_osen(&wpa_auth->conf, pos);
402 }
403 if (wpa_auth->conf.wpa & WPA_PROTO_RSN) {
404 res = wpa_write_rsn_ie(&wpa_auth->conf,
405 pos, buf + sizeof(buf) - pos, NULL);
406 if (res < 0)
407 return res;
408 pos += res;
409 }
410 #ifdef CONFIG_IEEE80211R
411 if (wpa_key_mgmt_ft(wpa_auth->conf.wpa_key_mgmt)) {
412 res = wpa_write_mdie(&wpa_auth->conf, pos,
413 buf + sizeof(buf) - pos);
414 if (res < 0)
415 return res;
416 pos += res;
417 }
418 #endif /* CONFIG_IEEE80211R */
419 if (wpa_auth->conf.wpa & WPA_PROTO_WPA) {
420 res = wpa_write_wpa_ie(&wpa_auth->conf,
421 pos, buf + sizeof(buf) - pos);
422 if (res < 0)
423 return res;
424 pos += res;
425 }
426
427 os_free(wpa_auth->wpa_ie);
428 wpa_auth->wpa_ie = os_malloc(pos - buf);
429 if (wpa_auth->wpa_ie == NULL)
430 return -1;
431 os_memcpy(wpa_auth->wpa_ie, buf, pos - buf);
432 wpa_auth->wpa_ie_len = pos - buf;
433
434 return 0;
435 }
436
437
wpa_add_kde(u8 * pos,u32 kde,const u8 * data,size_t data_len,const u8 * data2,size_t data2_len)438 u8 * wpa_add_kde(u8 *pos, u32 kde, const u8 *data, size_t data_len,
439 const u8 *data2, size_t data2_len)
440 {
441 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
442 *pos++ = RSN_SELECTOR_LEN + data_len + data2_len;
443 RSN_SELECTOR_PUT(pos, kde);
444 pos += RSN_SELECTOR_LEN;
445 os_memcpy(pos, data, data_len);
446 pos += data_len;
447 if (data2) {
448 os_memcpy(pos, data2, data2_len);
449 pos += data2_len;
450 }
451 return pos;
452 }
453
454
455 struct wpa_auth_okc_iter_data {
456 struct rsn_pmksa_cache_entry *pmksa;
457 const u8 *aa;
458 const u8 *spa;
459 const u8 *pmkid;
460 };
461
462
wpa_auth_okc_iter(struct wpa_authenticator * a,void * ctx)463 static int wpa_auth_okc_iter(struct wpa_authenticator *a, void *ctx)
464 {
465 struct wpa_auth_okc_iter_data *data = ctx;
466 data->pmksa = pmksa_cache_get_okc(a->pmksa, data->aa, data->spa,
467 data->pmkid);
468 if (data->pmksa)
469 return 1;
470 return 0;
471 }
472
473
wpa_validate_wpa_ie(struct wpa_authenticator * wpa_auth,struct wpa_state_machine * sm,const u8 * wpa_ie,size_t wpa_ie_len,const u8 * mdie,size_t mdie_len)474 int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
475 struct wpa_state_machine *sm,
476 const u8 *wpa_ie, size_t wpa_ie_len,
477 const u8 *mdie, size_t mdie_len)
478 {
479 struct wpa_ie_data data;
480 int ciphers, key_mgmt, res, version;
481 u32 selector;
482 size_t i;
483 const u8 *pmkid = NULL;
484
485 if (wpa_auth == NULL || sm == NULL)
486 return WPA_NOT_ENABLED;
487
488 if (wpa_ie == NULL || wpa_ie_len < 1)
489 return WPA_INVALID_IE;
490
491 if (wpa_ie[0] == WLAN_EID_RSN)
492 version = WPA_PROTO_RSN;
493 else
494 version = WPA_PROTO_WPA;
495
496 if (!(wpa_auth->conf.wpa & version)) {
497 wpa_printf(MSG_DEBUG, "Invalid WPA proto (%d) from " MACSTR,
498 version, MAC2STR(sm->addr));
499 return WPA_INVALID_PROTO;
500 }
501
502 if (version == WPA_PROTO_RSN) {
503 res = wpa_parse_wpa_ie_rsn(wpa_ie, wpa_ie_len, &data);
504
505 selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
506 if (0) {
507 }
508 else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
509 selector = RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192;
510 else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B)
511 selector = RSN_AUTH_KEY_MGMT_802_1X_SUITE_B;
512 #ifdef CONFIG_IEEE80211R
513 else if (data.key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
514 selector = RSN_AUTH_KEY_MGMT_FT_802_1X;
515 else if (data.key_mgmt & WPA_KEY_MGMT_FT_PSK)
516 selector = RSN_AUTH_KEY_MGMT_FT_PSK;
517 #endif /* CONFIG_IEEE80211R */
518 #ifdef CONFIG_IEEE80211W
519 else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
520 selector = RSN_AUTH_KEY_MGMT_802_1X_SHA256;
521 else if (data.key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
522 selector = RSN_AUTH_KEY_MGMT_PSK_SHA256;
523 #endif /* CONFIG_IEEE80211W */
524 #ifdef CONFIG_SAE
525 else if (data.key_mgmt & WPA_KEY_MGMT_SAE)
526 selector = RSN_AUTH_KEY_MGMT_SAE;
527 else if (data.key_mgmt & WPA_KEY_MGMT_FT_SAE)
528 selector = RSN_AUTH_KEY_MGMT_FT_SAE;
529 #endif /* CONFIG_SAE */
530 else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
531 selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
532 else if (data.key_mgmt & WPA_KEY_MGMT_PSK)
533 selector = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X;
534 wpa_auth->dot11RSNAAuthenticationSuiteSelected = selector;
535
536 selector = wpa_cipher_to_suite(WPA_PROTO_RSN,
537 data.pairwise_cipher);
538 if (!selector)
539 selector = RSN_CIPHER_SUITE_CCMP;
540 wpa_auth->dot11RSNAPairwiseCipherSelected = selector;
541
542 selector = wpa_cipher_to_suite(WPA_PROTO_RSN,
543 data.group_cipher);
544 if (!selector)
545 selector = RSN_CIPHER_SUITE_CCMP;
546 wpa_auth->dot11RSNAGroupCipherSelected = selector;
547 } else {
548 res = wpa_parse_wpa_ie_wpa(wpa_ie, wpa_ie_len, &data);
549
550 selector = WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
551 if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
552 selector = WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
553 else if (data.key_mgmt & WPA_KEY_MGMT_PSK)
554 selector = WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X;
555 wpa_auth->dot11RSNAAuthenticationSuiteSelected = selector;
556
557 selector = wpa_cipher_to_suite(WPA_PROTO_WPA,
558 data.pairwise_cipher);
559 if (!selector)
560 selector = RSN_CIPHER_SUITE_TKIP;
561 wpa_auth->dot11RSNAPairwiseCipherSelected = selector;
562
563 selector = wpa_cipher_to_suite(WPA_PROTO_WPA,
564 data.group_cipher);
565 if (!selector)
566 selector = WPA_CIPHER_SUITE_TKIP;
567 wpa_auth->dot11RSNAGroupCipherSelected = selector;
568 }
569 if (res) {
570 wpa_printf(MSG_DEBUG, "Failed to parse WPA/RSN IE from "
571 MACSTR " (res=%d)", MAC2STR(sm->addr), res);
572 wpa_hexdump(MSG_DEBUG, "WPA/RSN IE", wpa_ie, wpa_ie_len);
573 return WPA_INVALID_IE;
574 }
575
576 if (data.group_cipher != wpa_auth->conf.wpa_group) {
577 wpa_printf(MSG_DEBUG, "Invalid WPA group cipher (0x%x) from "
578 MACSTR, data.group_cipher, MAC2STR(sm->addr));
579 return WPA_INVALID_GROUP;
580 }
581
582 key_mgmt = data.key_mgmt & wpa_auth->conf.wpa_key_mgmt;
583 if (!key_mgmt) {
584 wpa_printf(MSG_DEBUG, "Invalid WPA key mgmt (0x%x) from "
585 MACSTR, data.key_mgmt, MAC2STR(sm->addr));
586 return WPA_INVALID_AKMP;
587 }
588 if (0) {
589 }
590 else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
591 sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
592 else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B)
593 sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
594 #ifdef CONFIG_IEEE80211R
595 else if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
596 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
597 else if (key_mgmt & WPA_KEY_MGMT_FT_PSK)
598 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_PSK;
599 #endif /* CONFIG_IEEE80211R */
600 #ifdef CONFIG_IEEE80211W
601 else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
602 sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
603 else if (key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
604 sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
605 #endif /* CONFIG_IEEE80211W */
606 #ifdef CONFIG_SAE
607 else if (key_mgmt & WPA_KEY_MGMT_SAE)
608 sm->wpa_key_mgmt = WPA_KEY_MGMT_SAE;
609 else if (key_mgmt & WPA_KEY_MGMT_FT_SAE)
610 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_SAE;
611 #endif /* CONFIG_SAE */
612 else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X)
613 sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X;
614 else
615 sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK;
616
617 if (version == WPA_PROTO_RSN)
618 ciphers = data.pairwise_cipher & wpa_auth->conf.rsn_pairwise;
619 else
620 ciphers = data.pairwise_cipher & wpa_auth->conf.wpa_pairwise;
621 if (!ciphers) {
622 wpa_printf(MSG_DEBUG, "Invalid %s pairwise cipher (0x%x) "
623 "from " MACSTR,
624 version == WPA_PROTO_RSN ? "RSN" : "WPA",
625 data.pairwise_cipher, MAC2STR(sm->addr));
626 return WPA_INVALID_PAIRWISE;
627 }
628
629 #ifdef CONFIG_IEEE80211W
630 if (wpa_auth->conf.ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
631 if (!(data.capabilities & WPA_CAPABILITY_MFPC)) {
632 wpa_printf(MSG_DEBUG, "Management frame protection "
633 "required, but client did not enable it");
634 return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
635 }
636
637 if (ciphers & WPA_CIPHER_TKIP) {
638 wpa_printf(MSG_DEBUG, "Management frame protection "
639 "cannot use TKIP");
640 return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
641 }
642
643 if (data.mgmt_group_cipher != wpa_auth->conf.group_mgmt_cipher)
644 {
645 wpa_printf(MSG_DEBUG, "Unsupported management group "
646 "cipher %d", data.mgmt_group_cipher);
647 return WPA_INVALID_MGMT_GROUP_CIPHER;
648 }
649 }
650
651 if (wpa_auth->conf.ieee80211w == NO_MGMT_FRAME_PROTECTION ||
652 !(data.capabilities & WPA_CAPABILITY_MFPC))
653 sm->mgmt_frame_prot = 0;
654 else
655 sm->mgmt_frame_prot = 1;
656 #endif /* CONFIG_IEEE80211W */
657
658 #ifdef CONFIG_IEEE80211R
659 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
660 if (mdie == NULL || mdie_len < MOBILITY_DOMAIN_ID_LEN + 1) {
661 wpa_printf(MSG_DEBUG, "RSN: Trying to use FT, but "
662 "MDIE not included");
663 return WPA_INVALID_MDIE;
664 }
665 if (os_memcmp(mdie, wpa_auth->conf.mobility_domain,
666 MOBILITY_DOMAIN_ID_LEN) != 0) {
667 wpa_hexdump(MSG_DEBUG, "RSN: Attempted to use unknown "
668 "MDIE", mdie, MOBILITY_DOMAIN_ID_LEN);
669 return WPA_INVALID_MDIE;
670 }
671 }
672 #endif /* CONFIG_IEEE80211R */
673
674 sm->pairwise = wpa_pick_pairwise_cipher(ciphers, 0);
675 if (sm->pairwise < 0)
676 return WPA_INVALID_PAIRWISE;
677
678 /* TODO: clear WPA/WPA2 state if STA changes from one to another */
679 if (wpa_ie[0] == WLAN_EID_RSN)
680 sm->wpa = WPA_VERSION_WPA2;
681 else
682 sm->wpa = WPA_VERSION_WPA;
683
684 sm->pmksa = NULL;
685 for (i = 0; i < data.num_pmkid; i++) {
686 wpa_hexdump(MSG_DEBUG, "RSN IE: STA PMKID",
687 &data.pmkid[i * PMKID_LEN], PMKID_LEN);
688 sm->pmksa = pmksa_cache_auth_get(wpa_auth->pmksa, sm->addr,
689 &data.pmkid[i * PMKID_LEN]);
690 if (sm->pmksa) {
691 pmkid = sm->pmksa->pmkid;
692 break;
693 }
694 }
695 for (i = 0; sm->pmksa == NULL && wpa_auth->conf.okc &&
696 i < data.num_pmkid; i++) {
697 struct wpa_auth_okc_iter_data idata;
698 idata.pmksa = NULL;
699 idata.aa = wpa_auth->addr;
700 idata.spa = sm->addr;
701 idata.pmkid = &data.pmkid[i * PMKID_LEN];
702 wpa_auth_for_each_auth(wpa_auth, wpa_auth_okc_iter, &idata);
703 if (idata.pmksa) {
704 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
705 "OKC match for PMKID");
706 sm->pmksa = pmksa_cache_add_okc(wpa_auth->pmksa,
707 idata.pmksa,
708 wpa_auth->addr,
709 idata.pmkid);
710 pmkid = idata.pmkid;
711 break;
712 }
713 }
714 if (sm->pmksa && pmkid) {
715 struct vlan_description *vlan;
716
717 vlan = sm->pmksa->vlan_desc;
718 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
719 "PMKID found from PMKSA cache eap_type=%d vlan=%d%s",
720 sm->pmksa->eap_type_authsrv,
721 vlan ? vlan->untagged : 0,
722 (vlan && vlan->tagged[0]) ? "+" : "");
723 os_memcpy(wpa_auth->dot11RSNAPMKIDUsed, pmkid, PMKID_LEN);
724 }
725
726 if (sm->wpa_ie == NULL || sm->wpa_ie_len < wpa_ie_len) {
727 os_free(sm->wpa_ie);
728 sm->wpa_ie = os_malloc(wpa_ie_len);
729 if (sm->wpa_ie == NULL)
730 return WPA_ALLOC_FAIL;
731 }
732 os_memcpy(sm->wpa_ie, wpa_ie, wpa_ie_len);
733 sm->wpa_ie_len = wpa_ie_len;
734
735 return WPA_IE_OK;
736 }
737
738
739 #ifdef CONFIG_HS20
wpa_validate_osen(struct wpa_authenticator * wpa_auth,struct wpa_state_machine * sm,const u8 * osen_ie,size_t osen_ie_len)740 int wpa_validate_osen(struct wpa_authenticator *wpa_auth,
741 struct wpa_state_machine *sm,
742 const u8 *osen_ie, size_t osen_ie_len)
743 {
744 if (wpa_auth == NULL || sm == NULL)
745 return -1;
746
747 /* TODO: parse OSEN element */
748 sm->wpa_key_mgmt = WPA_KEY_MGMT_OSEN;
749 sm->mgmt_frame_prot = 1;
750 sm->pairwise = WPA_CIPHER_CCMP;
751 sm->wpa = WPA_VERSION_WPA2;
752
753 if (sm->wpa_ie == NULL || sm->wpa_ie_len < osen_ie_len) {
754 os_free(sm->wpa_ie);
755 sm->wpa_ie = os_malloc(osen_ie_len);
756 if (sm->wpa_ie == NULL)
757 return -1;
758 }
759
760 os_memcpy(sm->wpa_ie, osen_ie, osen_ie_len);
761 sm->wpa_ie_len = osen_ie_len;
762
763 return 0;
764 }
765
766 #endif /* CONFIG_HS20 */
767
768
769 /**
770 * wpa_parse_generic - Parse EAPOL-Key Key Data Generic IEs
771 * @pos: Pointer to the IE header
772 * @end: Pointer to the end of the Key Data buffer
773 * @ie: Pointer to parsed IE data
774 * Returns: 0 on success, 1 if end mark is found, -1 on failure
775 */
wpa_parse_generic(const u8 * pos,const u8 * end,struct wpa_eapol_ie_parse * ie)776 static int wpa_parse_generic(const u8 *pos, const u8 *end,
777 struct wpa_eapol_ie_parse *ie)
778 {
779 if (pos[1] == 0)
780 return 1;
781
782 if (pos[1] >= 6 &&
783 RSN_SELECTOR_GET(pos + 2) == WPA_OUI_TYPE &&
784 pos[2 + WPA_SELECTOR_LEN] == 1 &&
785 pos[2 + WPA_SELECTOR_LEN + 1] == 0) {
786 ie->wpa_ie = pos;
787 ie->wpa_ie_len = pos[1] + 2;
788 return 0;
789 }
790
791 if (pos[1] >= 4 && WPA_GET_BE32(pos + 2) == OSEN_IE_VENDOR_TYPE) {
792 ie->osen = pos;
793 ie->osen_len = pos[1] + 2;
794 return 0;
795 }
796
797 if (1 + RSN_SELECTOR_LEN < end - pos &&
798 pos[1] >= RSN_SELECTOR_LEN + PMKID_LEN &&
799 RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_PMKID) {
800 ie->pmkid = pos + 2 + RSN_SELECTOR_LEN;
801 return 0;
802 }
803
804 if (pos[1] > RSN_SELECTOR_LEN + 2 &&
805 RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_GROUPKEY) {
806 ie->gtk = pos + 2 + RSN_SELECTOR_LEN;
807 ie->gtk_len = pos[1] - RSN_SELECTOR_LEN;
808 return 0;
809 }
810
811 if (pos[1] > RSN_SELECTOR_LEN + 2 &&
812 RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_MAC_ADDR) {
813 ie->mac_addr = pos + 2 + RSN_SELECTOR_LEN;
814 ie->mac_addr_len = pos[1] - RSN_SELECTOR_LEN;
815 return 0;
816 }
817
818 #ifdef CONFIG_PEERKEY
819 if (pos[1] > RSN_SELECTOR_LEN + 2 &&
820 RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_SMK) {
821 ie->smk = pos + 2 + RSN_SELECTOR_LEN;
822 ie->smk_len = pos[1] - RSN_SELECTOR_LEN;
823 return 0;
824 }
825
826 if (pos[1] > RSN_SELECTOR_LEN + 2 &&
827 RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_NONCE) {
828 ie->nonce = pos + 2 + RSN_SELECTOR_LEN;
829 ie->nonce_len = pos[1] - RSN_SELECTOR_LEN;
830 return 0;
831 }
832
833 if (pos[1] > RSN_SELECTOR_LEN + 2 &&
834 RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_LIFETIME) {
835 ie->lifetime = pos + 2 + RSN_SELECTOR_LEN;
836 ie->lifetime_len = pos[1] - RSN_SELECTOR_LEN;
837 return 0;
838 }
839
840 if (pos[1] > RSN_SELECTOR_LEN + 2 &&
841 RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_ERROR) {
842 ie->error = pos + 2 + RSN_SELECTOR_LEN;
843 ie->error_len = pos[1] - RSN_SELECTOR_LEN;
844 return 0;
845 }
846 #endif /* CONFIG_PEERKEY */
847
848 #ifdef CONFIG_IEEE80211W
849 if (pos[1] > RSN_SELECTOR_LEN + 2 &&
850 RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_IGTK) {
851 ie->igtk = pos + 2 + RSN_SELECTOR_LEN;
852 ie->igtk_len = pos[1] - RSN_SELECTOR_LEN;
853 return 0;
854 }
855 #endif /* CONFIG_IEEE80211W */
856
857 #ifdef CONFIG_P2P
858 if (pos[1] >= RSN_SELECTOR_LEN + 1 &&
859 RSN_SELECTOR_GET(pos + 2) == WFA_KEY_DATA_IP_ADDR_REQ) {
860 ie->ip_addr_req = pos + 2 + RSN_SELECTOR_LEN;
861 wpa_hexdump(MSG_DEBUG, "WPA: IP Address Request in EAPOL-Key",
862 ie->ip_addr_req, pos[1] - RSN_SELECTOR_LEN);
863 return 0;
864 }
865
866 if (pos[1] >= RSN_SELECTOR_LEN + 3 * 4 &&
867 RSN_SELECTOR_GET(pos + 2) == WFA_KEY_DATA_IP_ADDR_ALLOC) {
868 ie->ip_addr_alloc = pos + 2 + RSN_SELECTOR_LEN;
869 wpa_hexdump(MSG_DEBUG,
870 "WPA: IP Address Allocation in EAPOL-Key",
871 ie->ip_addr_alloc, pos[1] - RSN_SELECTOR_LEN);
872 return 0;
873 }
874 #endif /* CONFIG_P2P */
875
876 return 0;
877 }
878
879
880 /**
881 * wpa_parse_kde_ies - Parse EAPOL-Key Key Data IEs
882 * @buf: Pointer to the Key Data buffer
883 * @len: Key Data Length
884 * @ie: Pointer to parsed IE data
885 * Returns: 0 on success, -1 on failure
886 */
wpa_parse_kde_ies(const u8 * buf,size_t len,struct wpa_eapol_ie_parse * ie)887 int wpa_parse_kde_ies(const u8 *buf, size_t len, struct wpa_eapol_ie_parse *ie)
888 {
889 const u8 *pos, *end;
890 int ret = 0;
891
892 os_memset(ie, 0, sizeof(*ie));
893 for (pos = buf, end = pos + len; end - pos > 1; pos += 2 + pos[1]) {
894 if (pos[0] == 0xdd &&
895 ((pos == buf + len - 1) || pos[1] == 0)) {
896 /* Ignore padding */
897 break;
898 }
899 if (2 + pos[1] > end - pos) {
900 wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key Key Data "
901 "underflow (ie=%d len=%d pos=%d)",
902 pos[0], pos[1], (int) (pos - buf));
903 wpa_hexdump_key(MSG_DEBUG, "WPA: Key Data",
904 buf, len);
905 ret = -1;
906 break;
907 }
908 if (*pos == WLAN_EID_RSN) {
909 ie->rsn_ie = pos;
910 ie->rsn_ie_len = pos[1] + 2;
911 #ifdef CONFIG_IEEE80211R
912 } else if (*pos == WLAN_EID_MOBILITY_DOMAIN) {
913 ie->mdie = pos;
914 ie->mdie_len = pos[1] + 2;
915 } else if (*pos == WLAN_EID_FAST_BSS_TRANSITION) {
916 ie->ftie = pos;
917 ie->ftie_len = pos[1] + 2;
918 #endif /* CONFIG_IEEE80211R */
919 } else if (*pos == WLAN_EID_VENDOR_SPECIFIC) {
920 ret = wpa_parse_generic(pos, end, ie);
921 if (ret < 0)
922 break;
923 if (ret > 0) {
924 ret = 0;
925 break;
926 }
927 } else {
928 wpa_hexdump(MSG_DEBUG, "WPA: Unrecognized EAPOL-Key "
929 "Key Data IE", pos, 2 + pos[1]);
930 }
931 }
932
933 return ret;
934 }
935
936
wpa_auth_uses_mfp(struct wpa_state_machine * sm)937 int wpa_auth_uses_mfp(struct wpa_state_machine *sm)
938 {
939 return sm ? sm->mgmt_frame_prot : 0;
940 }
941