Lines Matching refs:sm
33 #define STATE_MACHINE_ADDR sm->addr
37 static int wpa_sm_step(struct wpa_state_machine *sm);
41 static int wpa_aead_decrypt(struct wpa_state_machine *sm, struct wpa_ptk *ptk,
47 static void wpa_request_new_ptk(struct wpa_state_machine *sm);
52 static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *snonce,
61 static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos);
173 int (*cb)(struct wpa_state_machine *sm, void *ctx), in wpa_auth_for_each_sta() argument
237 static int wpa_use_aes_cmac(struct wpa_state_machine *sm) in wpa_use_aes_cmac() argument
241 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) in wpa_use_aes_cmac()
245 if (wpa_key_mgmt_sha256(sm->wpa_key_mgmt)) in wpa_use_aes_cmac()
248 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) in wpa_use_aes_cmac()
305 struct wpa_state_machine *sm = timeout_ctx; in wpa_rekey_ptk() local
307 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "rekeying PTK"); in wpa_rekey_ptk()
308 wpa_request_new_ptk(sm); in wpa_rekey_ptk()
309 wpa_sm_step(sm); in wpa_rekey_ptk()
313 static int wpa_auth_pmksa_clear_cb(struct wpa_state_machine *sm, void *ctx) in wpa_auth_pmksa_clear_cb() argument
315 if (sm->pmksa == ctx) in wpa_auth_pmksa_clear_cb()
316 sm->pmksa = NULL; in wpa_auth_pmksa_clear_cb()
578 struct wpa_state_machine *sm; in wpa_auth_sta_init() local
583 sm = os_zalloc(sizeof(struct wpa_state_machine)); in wpa_auth_sta_init()
584 if (sm == NULL) in wpa_auth_sta_init()
586 os_memcpy(sm->addr, addr, ETH_ALEN); in wpa_auth_sta_init()
588 os_memcpy(sm->p2p_dev_addr, p2p_dev_addr, ETH_ALEN); in wpa_auth_sta_init()
590 sm->wpa_auth = wpa_auth; in wpa_auth_sta_init()
591 sm->group = wpa_auth->group; in wpa_auth_sta_init()
592 wpa_group_get(sm->wpa_auth, sm->group); in wpa_auth_sta_init()
594 return sm; in wpa_auth_sta_init()
599 struct wpa_state_machine *sm) in wpa_auth_sta_associated() argument
601 if (wpa_auth == NULL || !wpa_auth->conf.wpa || sm == NULL) in wpa_auth_sta_associated()
605 if (sm->ft_completed) { in wpa_auth_sta_associated()
606 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_auth_sta_associated()
610 sm->wpa_ptk_state = WPA_PTK_PTKINITDONE; in wpa_auth_sta_associated()
611 sm->Pair = TRUE; in wpa_auth_sta_associated()
617 if (sm->fils_completed) { in wpa_auth_sta_associated()
618 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_auth_sta_associated()
621 sm->wpa_ptk_state = WPA_PTK_PTKINITDONE; in wpa_auth_sta_associated()
622 sm->Pair = TRUE; in wpa_auth_sta_associated()
627 if (sm->started) { in wpa_auth_sta_associated()
628 os_memset(&sm->key_replay, 0, sizeof(sm->key_replay)); in wpa_auth_sta_associated()
629 sm->ReAuthenticationRequest = TRUE; in wpa_auth_sta_associated()
630 return wpa_sm_step(sm); in wpa_auth_sta_associated()
633 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_auth_sta_associated()
635 sm->started = 1; in wpa_auth_sta_associated()
637 sm->Init = TRUE; in wpa_auth_sta_associated()
638 if (wpa_sm_step(sm) == 1) in wpa_auth_sta_associated()
640 sm->Init = FALSE; in wpa_auth_sta_associated()
641 sm->AuthenticationRequest = TRUE; in wpa_auth_sta_associated()
642 return wpa_sm_step(sm); in wpa_auth_sta_associated()
646 void wpa_auth_sta_no_wpa(struct wpa_state_machine *sm) in wpa_auth_sta_no_wpa() argument
651 if (sm == NULL) in wpa_auth_sta_no_wpa()
654 sm->wpa_key_mgmt = 0; in wpa_auth_sta_no_wpa()
658 static void wpa_free_sta_sm(struct wpa_state_machine *sm) in wpa_free_sta_sm() argument
661 if (WPA_GET_BE32(sm->ip_addr)) { in wpa_free_sta_sm()
665 sm->ip_addr[0], sm->ip_addr[1], in wpa_free_sta_sm()
666 sm->ip_addr[2], sm->ip_addr[3], in wpa_free_sta_sm()
667 MAC2STR(sm->addr)); in wpa_free_sta_sm()
668 start = WPA_GET_BE32(sm->wpa_auth->conf.ip_addr_start); in wpa_free_sta_sm()
669 bitfield_clear(sm->wpa_auth->ip_pool, in wpa_free_sta_sm()
670 WPA_GET_BE32(sm->ip_addr) - start); in wpa_free_sta_sm()
673 if (sm->GUpdateStationKeys) { in wpa_free_sta_sm()
674 sm->group->GKeyDoneStations--; in wpa_free_sta_sm()
675 sm->GUpdateStationKeys = FALSE; in wpa_free_sta_sm()
678 os_free(sm->assoc_resp_ftie); in wpa_free_sta_sm()
679 wpabuf_free(sm->ft_pending_req_ies); in wpa_free_sta_sm()
681 os_free(sm->last_rx_eapol_key); in wpa_free_sta_sm()
682 os_free(sm->wpa_ie); in wpa_free_sta_sm()
683 wpa_group_put(sm->wpa_auth, sm->group); in wpa_free_sta_sm()
684 os_free(sm); in wpa_free_sta_sm()
688 void wpa_auth_sta_deinit(struct wpa_state_machine *sm) in wpa_auth_sta_deinit() argument
690 if (sm == NULL) in wpa_auth_sta_deinit()
693 if (sm->wpa_auth->conf.wpa_strict_rekey && sm->has_GTK) { in wpa_auth_sta_deinit()
694 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_auth_sta_deinit()
697 eloop_cancel_timeout(wpa_rekey_gtk, sm->wpa_auth, NULL); in wpa_auth_sta_deinit()
698 eloop_register_timeout(0, 500000, wpa_rekey_gtk, sm->wpa_auth, in wpa_auth_sta_deinit()
702 eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm); in wpa_auth_sta_deinit()
703 sm->pending_1_of_4_timeout = 0; in wpa_auth_sta_deinit()
704 eloop_cancel_timeout(wpa_sm_call_step, sm, NULL); in wpa_auth_sta_deinit()
705 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm); in wpa_auth_sta_deinit()
706 if (sm->in_step_loop) { in wpa_auth_sta_deinit()
710 "machine deinit for " MACSTR, MAC2STR(sm->addr)); in wpa_auth_sta_deinit()
711 sm->pending_deinit = 1; in wpa_auth_sta_deinit()
713 wpa_free_sta_sm(sm); in wpa_auth_sta_deinit()
717 static void wpa_request_new_ptk(struct wpa_state_machine *sm) in wpa_request_new_ptk() argument
719 if (sm == NULL) in wpa_request_new_ptk()
722 sm->PTKRequest = TRUE; in wpa_request_new_ptk()
723 sm->PTK_valid = 0; in wpa_request_new_ptk()
758 struct wpa_state_machine *sm, in ft_check_msg_2_of_4() argument
771 os_memcpy(sm->sup_pmk_r1_name, ie.pmkid, PMKID_LEN); in ft_check_msg_2_of_4()
773 sm->sup_pmk_r1_name, PMKID_LEN); in ft_check_msg_2_of_4()
789 if (sm->assoc_resp_ftie && in ft_check_msg_2_of_4()
790 (kde->ftie[1] != sm->assoc_resp_ftie[1] || in ft_check_msg_2_of_4()
791 os_memcmp(kde->ftie, sm->assoc_resp_ftie, in ft_check_msg_2_of_4()
792 2 + sm->assoc_resp_ftie[1]) != 0)) { in ft_check_msg_2_of_4()
797 sm->assoc_resp_ftie, 2 + sm->assoc_resp_ftie[1]); in ft_check_msg_2_of_4()
807 struct wpa_state_machine *sm, int group) in wpa_receive_error_report() argument
810 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive_error_report()
816 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive_error_report()
819 } else if (!group && sm->pairwise != WPA_CIPHER_TKIP) { in wpa_receive_error_report()
820 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive_error_report()
824 if (wpa_auth_mic_failure_report(wpa_auth, sm->addr) > 0) in wpa_receive_error_report()
826 sm->dot11RSNAStatsTKIPRemoteMICFailures++; in wpa_receive_error_report()
834 wpa_request_new_ptk(sm); in wpa_receive_error_report()
839 static int wpa_try_alt_snonce(struct wpa_state_machine *sm, u8 *data, in wpa_try_alt_snonce() argument
849 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) { in wpa_try_alt_snonce()
850 pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, in wpa_try_alt_snonce()
851 sm->p2p_dev_addr, pmk); in wpa_try_alt_snonce()
856 pmk = sm->PMK; in wpa_try_alt_snonce()
857 pmk_len = sm->pmk_len; in wpa_try_alt_snonce()
860 if (wpa_derive_ptk(sm, sm->alt_SNonce, pmk, pmk_len, &PTK) < 0) in wpa_try_alt_snonce()
863 if (wpa_verify_key_mic(sm->wpa_key_mgmt, &PTK, data, data_len) in wpa_try_alt_snonce()
869 if (!wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) in wpa_try_alt_snonce()
881 sm->alt_snonce_valid = 0; in wpa_try_alt_snonce()
882 os_memcpy(sm->SNonce, sm->alt_SNonce, WPA_NONCE_LEN); in wpa_try_alt_snonce()
883 os_memcpy(&sm->PTK, &PTK, sizeof(PTK)); in wpa_try_alt_snonce()
884 sm->PTK_valid = TRUE; in wpa_try_alt_snonce()
891 struct wpa_state_machine *sm, in wpa_receive() argument
905 if (wpa_auth == NULL || !wpa_auth->conf.wpa || sm == NULL) in wpa_receive()
909 mic_len = wpa_mic_len(sm->wpa_key_mgmt); in wpa_receive()
925 MAC2STR(sm->addr), key_info, key->type, in wpa_receive()
941 if (sm->wpa == WPA_VERSION_WPA2) { in wpa_receive()
1004 if (sm->pairwise == WPA_CIPHER_CCMP || in wpa_receive()
1005 sm->pairwise == WPA_CIPHER_GCMP) { in wpa_receive()
1006 if (wpa_use_aes_cmac(sm) && in wpa_receive()
1007 sm->wpa_key_mgmt != WPA_KEY_MGMT_OSEN && in wpa_receive()
1008 !wpa_key_mgmt_suite_b(sm->wpa_key_mgmt) && in wpa_receive()
1009 !wpa_key_mgmt_fils(sm->wpa_key_mgmt) && in wpa_receive()
1011 wpa_auth_logger(wpa_auth, sm->addr, in wpa_receive()
1019 if (!wpa_use_aes_cmac(sm) && in wpa_receive()
1020 !wpa_key_mgmt_fils(sm->wpa_key_mgmt) && in wpa_receive()
1022 wpa_auth_logger(wpa_auth, sm->addr, in wpa_receive()
1030 if ((wpa_key_mgmt_suite_b(sm->wpa_key_mgmt) || in wpa_receive()
1031 wpa_key_mgmt_fils(sm->wpa_key_mgmt)) && in wpa_receive()
1033 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_WARNING, in wpa_receive()
1040 if (sm->req_replay_counter_used && in wpa_receive()
1041 os_memcmp(key->replay_counter, sm->req_replay_counter, in wpa_receive()
1043 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_WARNING, in wpa_receive()
1051 !wpa_replay_counter_valid(sm->key_replay, key->replay_counter)) { in wpa_receive()
1055 wpa_replay_counter_valid(sm->prev_key_replay, in wpa_receive()
1057 sm->wpa_ptk_state == WPA_PTK_PTKINITNEGOTIATING && in wpa_receive()
1058 os_memcmp(sm->SNonce, key->key_nonce, WPA_NONCE_LEN) != 0) in wpa_receive()
1067 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_receive()
1071 sm->update_snonce = 1; in wpa_receive()
1072 os_memcpy(sm->alt_SNonce, sm->SNonce, WPA_NONCE_LEN); in wpa_receive()
1073 sm->alt_snonce_valid = TRUE; in wpa_receive()
1074 os_memcpy(sm->alt_replay_counter, in wpa_receive()
1075 sm->key_replay[0].counter, in wpa_receive()
1080 if (msg == PAIRWISE_4 && sm->alt_snonce_valid && in wpa_receive()
1081 sm->wpa_ptk_state == WPA_PTK_PTKINITNEGOTIATING && in wpa_receive()
1082 os_memcmp(key->replay_counter, sm->alt_replay_counter, in wpa_receive()
1089 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_receive()
1095 wpa_replay_counter_valid(sm->prev_key_replay, in wpa_receive()
1097 sm->wpa_ptk_state == WPA_PTK_PTKINITNEGOTIATING) { in wpa_receive()
1098 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_receive()
1102 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_receive()
1107 if (!sm->key_replay[i].valid) in wpa_receive()
1110 sm->key_replay[i].counter, in wpa_receive()
1120 if (sm->wpa == WPA_VERSION_WPA2 && mic_len == 0 && in wpa_receive()
1122 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_receive()
1130 if (sm->wpa_ptk_state != WPA_PTK_PTKSTART && in wpa_receive()
1131 sm->wpa_ptk_state != WPA_PTK_PTKCALCNEGOTIATING && in wpa_receive()
1132 (!sm->update_snonce || in wpa_receive()
1133 sm->wpa_ptk_state != WPA_PTK_PTKINITNEGOTIATING)) { in wpa_receive()
1134 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1137 sm->wpa_ptk_state); in wpa_receive()
1141 if (sm->group->reject_4way_hs_for_entropy) { in wpa_receive()
1155 wpa_sta_disconnect(wpa_auth, sm->addr); in wpa_receive()
1160 if (sm->wpa_ptk_state != WPA_PTK_PTKINITNEGOTIATING || in wpa_receive()
1161 !sm->PTK_valid) { in wpa_receive()
1162 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1165 sm->wpa_ptk_state); in wpa_receive()
1170 if (sm->wpa_ptk_group_state != WPA_PTK_GROUP_REKEYNEGOTIATING in wpa_receive()
1171 || !sm->PTK_valid) { in wpa_receive()
1172 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1175 sm->wpa_ptk_group_state); in wpa_receive()
1188 if (!sm->PTK_valid) { in wpa_receive()
1189 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1205 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_receive()
1209 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1214 if (!wpa_key_mgmt_fils(sm->wpa_key_mgmt) && in wpa_receive()
1216 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1222 if (wpa_key_mgmt_fils(sm->wpa_key_mgmt) && in wpa_receive()
1224 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1230 sm->MICVerified = FALSE; in wpa_receive()
1231 if (sm->PTK_valid && !sm->update_snonce) { in wpa_receive()
1233 wpa_verify_key_mic(sm->wpa_key_mgmt, &sm->PTK, data, in wpa_receive()
1235 (msg != PAIRWISE_4 || !sm->alt_snonce_valid || in wpa_receive()
1236 wpa_try_alt_snonce(sm, data, data_len))) { in wpa_receive()
1237 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1243 wpa_aead_decrypt(sm, &sm->PTK, data, data_len, in wpa_receive()
1245 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1250 sm->MICVerified = TRUE; in wpa_receive()
1251 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm); in wpa_receive()
1252 sm->pending_1_of_4_timeout = 0; in wpa_receive()
1256 if (sm->MICVerified) { in wpa_receive()
1257 sm->req_replay_counter_used = 1; in wpa_receive()
1258 os_memcpy(sm->req_replay_counter, key->replay_counter, in wpa_receive()
1261 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1274 wpa_smk_error(wpa_auth, sm, key_data, key_data_length); in wpa_receive()
1279 wpa_auth, sm, in wpa_receive()
1283 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1286 wpa_request_new_ptk(sm); in wpa_receive()
1289 wpa_smk_m1(wpa_auth, sm, key, key_data, in wpa_receive()
1297 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in wpa_receive()
1305 wpa_replay_counter_mark_invalid(sm->key_replay, in wpa_receive()
1316 os_memcpy(sm->prev_key_replay, sm->key_replay, in wpa_receive()
1317 sizeof(sm->key_replay)); in wpa_receive()
1319 os_memset(sm->prev_key_replay, 0, in wpa_receive()
1320 sizeof(sm->prev_key_replay)); in wpa_receive()
1327 wpa_replay_counter_mark_invalid(sm->key_replay, NULL); in wpa_receive()
1332 wpa_smk_m3(wpa_auth, sm, key, key_data, key_data_length); in wpa_receive()
1337 os_free(sm->last_rx_eapol_key); in wpa_receive()
1338 sm->last_rx_eapol_key = os_malloc(data_len); in wpa_receive()
1339 if (sm->last_rx_eapol_key == NULL) in wpa_receive()
1341 os_memcpy(sm->last_rx_eapol_key, data, data_len); in wpa_receive()
1342 sm->last_rx_eapol_key_len = data_len; in wpa_receive()
1344 sm->rx_eapol_key_secure = !!(key_info & WPA_KEY_INFO_SECURE); in wpa_receive()
1345 sm->EAPOLKeyReceived = TRUE; in wpa_receive()
1346 sm->EAPOLKeyPairwise = !!(key_info & WPA_KEY_INFO_KEY_TYPE); in wpa_receive()
1347 sm->EAPOLKeyRequest = !!(key_info & WPA_KEY_INFO_REQUEST); in wpa_receive()
1348 os_memcpy(sm->SNonce, key->key_nonce, WPA_NONCE_LEN); in wpa_receive()
1349 wpa_sm_step(sm); in wpa_receive()
1390 struct wpa_state_machine *sm = timeout_ctx; in wpa_send_eapol_timeout() local
1392 sm->pending_1_of_4_timeout = 0; in wpa_send_eapol_timeout()
1393 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "EAPOL-Key timeout"); in wpa_send_eapol_timeout()
1394 sm->TimeoutEvt = TRUE; in wpa_send_eapol_timeout()
1395 wpa_sm_step(sm); in wpa_send_eapol_timeout()
1400 struct wpa_state_machine *sm, int key_info, in __wpa_send_eapol() argument
1415 mic_len = wpa_mic_len(sm->wpa_key_mgmt); in __wpa_send_eapol()
1422 else if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN || in __wpa_send_eapol()
1423 wpa_key_mgmt_suite_b(sm->wpa_key_mgmt) || in __wpa_send_eapol()
1424 wpa_key_mgmt_fils(sm->wpa_key_mgmt)) in __wpa_send_eapol()
1426 else if (wpa_use_aes_cmac(sm)) in __wpa_send_eapol()
1428 else if (sm->pairwise != WPA_CIPHER_TKIP) in __wpa_send_eapol()
1448 sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN || in __wpa_send_eapol()
1449 wpa_key_mgmt_suite_b(sm->wpa_key_mgmt) || in __wpa_send_eapol()
1471 key->type = sm->wpa == WPA_VERSION_WPA2 ? in __wpa_send_eapol()
1474 if (encr && sm->wpa == WPA_VERSION_WPA2) in __wpa_send_eapol()
1476 if (sm->wpa != WPA_VERSION_WPA2) in __wpa_send_eapol()
1480 alg = pairwise ? sm->pairwise : wpa_auth->conf.wpa_group; in __wpa_send_eapol()
1482 (sm->wpa == WPA_VERSION_WPA2 && !pairwise)) in __wpa_send_eapol()
1489 sm->key_replay[i].valid = sm->key_replay[i - 1].valid; in __wpa_send_eapol()
1490 os_memcpy(sm->key_replay[i].counter, in __wpa_send_eapol()
1491 sm->key_replay[i - 1].counter, in __wpa_send_eapol()
1494 inc_byte_array(sm->key_replay[0].counter, WPA_REPLAY_COUNTER_LEN); in __wpa_send_eapol()
1495 os_memcpy(key->replay_counter, sm->key_replay[0].counter, in __wpa_send_eapol()
1499 sm->key_replay[0].valid = TRUE; in __wpa_send_eapol()
1520 sm->PTK.kek, sm->PTK.kek_len); in __wpa_send_eapol()
1525 if (aes_siv_encrypt(sm->PTK.kek, sm->PTK.kek_len, kde, kde_len, in __wpa_send_eapol()
1550 sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN || in __wpa_send_eapol()
1551 wpa_key_mgmt_suite_b(sm->wpa_key_mgmt) || in __wpa_send_eapol()
1553 if (aes_wrap(sm->PTK.kek, sm->PTK.kek_len, in __wpa_send_eapol()
1561 } else if (sm->PTK.kek_len == 16) { in __wpa_send_eapol()
1564 sm->group->Counter + WPA_NONCE_LEN - 16, 16); in __wpa_send_eapol()
1565 inc_byte_array(sm->group->Counter, WPA_NONCE_LEN); in __wpa_send_eapol()
1567 os_memcpy(ek + 16, sm->PTK.kek, sm->PTK.kek_len); in __wpa_send_eapol()
1581 if (!sm->PTK_valid || !mic_len) { in __wpa_send_eapol()
1582 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, in __wpa_send_eapol()
1589 wpa_eapol_key_mic(sm->PTK.kck, sm->PTK.kck_len, in __wpa_send_eapol()
1590 sm->wpa_key_mgmt, version, in __wpa_send_eapol()
1597 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in __wpa_send_eapol()
1604 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_inc_EapolFramesTx, in __wpa_send_eapol()
1606 wpa_auth_send_eapol(wpa_auth, sm->addr, (u8 *) hdr, len, in __wpa_send_eapol()
1607 sm->pairwise_set); in __wpa_send_eapol()
1613 struct wpa_state_machine *sm, int key_info, in wpa_send_eapol() argument
1622 if (sm == NULL) in wpa_send_eapol()
1625 __wpa_send_eapol(wpa_auth, sm, key_info, key_rsc, nonce, kde, kde_len, in wpa_send_eapol()
1628 ctr = pairwise ? sm->TimeoutCtr : sm->GTimeoutCtr; in wpa_send_eapol()
1635 sm->pending_1_of_4_timeout = 1; in wpa_send_eapol()
1639 wpa_send_eapol_timeout, wpa_auth, sm); in wpa_send_eapol()
1672 void wpa_remove_ptk(struct wpa_state_machine *sm) in wpa_remove_ptk() argument
1674 sm->PTK_valid = FALSE; in wpa_remove_ptk()
1675 os_memset(&sm->PTK, 0, sizeof(sm->PTK)); in wpa_remove_ptk()
1676 if (wpa_auth_set_key(sm->wpa_auth, 0, WPA_ALG_NONE, sm->addr, 0, NULL, in wpa_remove_ptk()
1680 sm->pairwise_set = FALSE; in wpa_remove_ptk()
1681 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm); in wpa_remove_ptk()
1685 int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event) in wpa_auth_sm_event() argument
1689 if (sm == NULL) in wpa_auth_sm_event()
1692 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_auth_sm_event()
1699 if (wpa_auth_start_ampe(sm->wpa_auth, sm->addr)) { in wpa_auth_sm_event()
1709 sm->DeauthenticationRequest = TRUE; in wpa_auth_sm_event()
1713 if (!sm->started) { in wpa_auth_sm_event()
1723 sm->started = 1; in wpa_auth_sm_event()
1724 sm->Init = TRUE; in wpa_auth_sm_event()
1725 if (wpa_sm_step(sm) == 1) in wpa_auth_sm_event()
1727 sm->Init = FALSE; in wpa_auth_sm_event()
1728 sm->AuthenticationRequest = TRUE; in wpa_auth_sm_event()
1731 if (sm->GUpdateStationKeys) { in wpa_auth_sm_event()
1736 sm->group->GKeyDoneStations--; in wpa_auth_sm_event()
1737 sm->GUpdateStationKeys = FALSE; in wpa_auth_sm_event()
1738 sm->PtkGroupInit = TRUE; in wpa_auth_sm_event()
1740 sm->ReAuthenticationRequest = TRUE; in wpa_auth_sm_event()
1746 wpa_ft_install_ptk(sm); in wpa_auth_sm_event()
1749 sm->ft_completed = 1; in wpa_auth_sm_event()
1755 sm->tk_already_set = FALSE; in wpa_auth_sm_event()
1760 sm->ft_completed = 0; in wpa_auth_sm_event()
1764 if (sm->mgmt_frame_prot && event == WPA_AUTH) in wpa_auth_sm_event()
1768 if (wpa_key_mgmt_fils(sm->wpa_key_mgmt) && in wpa_auth_sm_event()
1774 sm->PTK_valid = FALSE; in wpa_auth_sm_event()
1775 os_memset(&sm->PTK, 0, sizeof(sm->PTK)); in wpa_auth_sm_event()
1778 wpa_remove_ptk(sm); in wpa_auth_sm_event()
1781 if (sm->in_step_loop) { in wpa_auth_sm_event()
1786 sm->changed = TRUE; in wpa_auth_sm_event()
1789 return wpa_sm_step(sm); in wpa_auth_sm_event()
1796 if (sm->Init) { in SM_STATE()
1799 sm->changed = FALSE; in SM_STATE()
1802 sm->keycount = 0; in SM_STATE()
1803 if (sm->GUpdateStationKeys) in SM_STATE()
1804 sm->group->GKeyDoneStations--; in SM_STATE()
1805 sm->GUpdateStationKeys = FALSE; in SM_STATE()
1806 if (sm->wpa == WPA_VERSION_WPA) in SM_STATE()
1807 sm->PInitAKeys = FALSE; in SM_STATE()
1810 sm->Pair = TRUE; in SM_STATE()
1812 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 0); in SM_STATE()
1813 wpa_remove_ptk(sm); in SM_STATE()
1814 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid, 0); in SM_STATE()
1815 sm->TimeoutCtr = 0; in SM_STATE()
1816 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) { in SM_STATE()
1817 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, in SM_STATE()
1826 sm->Disconnect = FALSE; in SM_STATE()
1827 wpa_sta_disconnect(sm->wpa_auth, sm->addr); in SM_STATE()
1834 sm->DeauthenticationRequest = FALSE; in SM_STATE()
1841 os_memset(&sm->PTK, 0, sizeof(sm->PTK)); in SM_STATE()
1842 sm->PTK_valid = FALSE; in SM_STATE()
1843 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portControl_Auto, in SM_STATE()
1845 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 1); in SM_STATE()
1846 sm->AuthenticationRequest = FALSE; in SM_STATE()
1887 wpa_group_ensure_init(sm->wpa_auth, sm->group); in SM_STATE()
1888 sm->ReAuthenticationRequest = FALSE; in SM_STATE()
1899 if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) { in SM_STATE()
1902 sm->Disconnect = TRUE; in SM_STATE()
1905 wpa_hexdump(MSG_DEBUG, "WPA: Assign ANonce", sm->ANonce, in SM_STATE()
1911 sm->TimeoutCtr = 0; in SM_STATE()
1915 static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm) in wpa_auth_sm_ptk_update() argument
1917 if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) { in wpa_auth_sm_ptk_update()
1920 sm->Disconnect = TRUE; in wpa_auth_sm_ptk_update()
1923 wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce, in wpa_auth_sm_ptk_update()
1925 sm->TimeoutCtr = 0; in wpa_auth_sm_ptk_update()
1937 sm->xxkey_len = 0; in SM_STATE()
1939 if (sm->pmksa) { in SM_STATE()
1941 os_memcpy(sm->PMK, sm->pmksa->pmk, sm->pmksa->pmk_len); in SM_STATE()
1942 sm->pmk_len = sm->pmksa->pmk_len; in SM_STATE()
1943 } else if (wpa_auth_get_msk(sm->wpa_auth, sm->addr, msk, &len) == 0) { in SM_STATE()
1946 if (wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) in SM_STATE()
1957 sm->Disconnect = TRUE; in SM_STATE()
1960 os_memcpy(sm->PMK, msk, pmk_len); in SM_STATE()
1961 sm->pmk_len = pmk_len; in SM_STATE()
1964 os_memcpy(sm->xxkey, msk + PMK_LEN, PMK_LEN); in SM_STATE()
1965 sm->xxkey_len = PMK_LEN; in SM_STATE()
1970 sm->wpa_auth->cb->get_msk); in SM_STATE()
1971 sm->Disconnect = TRUE; in SM_STATE()
1976 sm->req_replay_counter_used = 0; in SM_STATE()
1985 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyRun, 0); in SM_STATE()
1993 psk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, sm->p2p_dev_addr, NULL); in SM_STATE()
1995 os_memcpy(sm->PMK, psk, PMK_LEN); in SM_STATE()
1996 sm->pmk_len = PMK_LEN; in SM_STATE()
1998 os_memcpy(sm->xxkey, psk, PMK_LEN); in SM_STATE()
1999 sm->xxkey_len = PMK_LEN; in SM_STATE()
2002 sm->req_replay_counter_used = 0; in SM_STATE()
2012 sm->PTKRequest = FALSE; in SM_STATE()
2013 sm->TimeoutEvt = FALSE; in SM_STATE()
2014 sm->alt_snonce_valid = FALSE; in SM_STATE()
2016 sm->TimeoutCtr++; in SM_STATE()
2017 if (sm->TimeoutCtr > sm->wpa_auth->conf.wpa_pairwise_update_count) { in SM_STATE()
2023 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STATE()
2029 if (sm->wpa == WPA_VERSION_WPA2 && in SM_STATE()
2030 wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt) && in SM_STATE()
2031 sm->wpa_key_mgmt != WPA_KEY_MGMT_OSEN) { in SM_STATE()
2037 if (sm->pmksa) { in SM_STATE()
2039 sm->pmksa->pmkid, PMKID_LEN); in SM_STATE()
2040 } else if (wpa_key_mgmt_suite_b(sm->wpa_key_mgmt)) { in SM_STATE()
2048 rsn_pmkid(sm->PMK, sm->pmk_len, sm->wpa_auth->addr, in SM_STATE()
2049 sm->addr, &pmkid[2 + RSN_SELECTOR_LEN], in SM_STATE()
2050 wpa_key_mgmt_sha256(sm->wpa_key_mgmt)); in SM_STATE()
2053 wpa_send_eapol(sm->wpa_auth, sm, in SM_STATE()
2055 sm->ANonce, pmkid, pmkid_len, 0, 0); in SM_STATE()
2059 static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *snonce, in wpa_derive_ptk() argument
2064 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) in wpa_derive_ptk()
2065 return wpa_auth_derive_ptk_ft(sm, pmk, ptk); in wpa_derive_ptk()
2069 sm->wpa_auth->addr, sm->addr, sm->ANonce, snonce, in wpa_derive_ptk()
2070 ptk, sm->wpa_key_mgmt, sm->pairwise); in wpa_derive_ptk()
2076 int fils_auth_pmk_to_ptk(struct wpa_state_machine *sm, const u8 *pmk, in fils_auth_pmk_to_ptk() argument
2083 res = fils_pmk_to_ptk(pmk, pmk_len, sm->addr, sm->wpa_auth->addr, in fils_auth_pmk_to_ptk()
2084 snonce, anonce, &sm->PTK, ick, &ick_len, in fils_auth_pmk_to_ptk()
2085 sm->wpa_key_mgmt, sm->pairwise); in fils_auth_pmk_to_ptk()
2088 sm->PTK_valid = TRUE; in fils_auth_pmk_to_ptk()
2091 sm->addr, sm->wpa_auth->addr, in fils_auth_pmk_to_ptk()
2093 sm->wpa_key_mgmt, sm->fils_key_auth_sta, in fils_auth_pmk_to_ptk()
2094 sm->fils_key_auth_ap, in fils_auth_pmk_to_ptk()
2095 &sm->fils_key_auth_len); in fils_auth_pmk_to_ptk()
2099 os_memcpy(sm->SNonce, snonce, FILS_NONCE_LEN); in fils_auth_pmk_to_ptk()
2100 os_memcpy(sm->ANonce, anonce, FILS_NONCE_LEN); in fils_auth_pmk_to_ptk()
2106 static int wpa_aead_decrypt(struct wpa_state_machine *sm, struct wpa_ptk *ptk, in wpa_aead_decrypt() argument
2123 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO, in wpa_aead_decrypt()
2139 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO, in wpa_aead_decrypt()
2161 int fils_decrypt_assoc(struct wpa_state_machine *sm, const u8 *fils_session, in fils_decrypt_assoc() argument
2171 if (!sm || !sm->PTK_valid) { in fils_decrypt_assoc()
2177 if (!wpa_key_mgmt_fils(sm->wpa_key_mgmt)) { in fils_decrypt_assoc()
2239 aad[2] = sm->SNonce; in fils_decrypt_assoc()
2242 aad[3] = sm->ANonce; in fils_decrypt_assoc()
2251 if (aes_siv_decrypt(sm->PTK.kek, sm->PTK.kek_len, crypt, end - crypt, in fils_decrypt_assoc()
2270 if (elems.fils_key_confirm_len != sm->fils_key_auth_len) { in fils_decrypt_assoc()
2274 (int) sm->fils_key_auth_len); in fils_decrypt_assoc()
2277 if (os_memcmp(elems.fils_key_confirm, sm->fils_key_auth_sta, in fils_decrypt_assoc()
2278 sm->fils_key_auth_len) != 0) { in fils_decrypt_assoc()
2284 sm->fils_key_auth_sta, sm->fils_key_auth_len); in fils_decrypt_assoc()
2292 int fils_encrypt_assoc(struct wpa_state_machine *sm, u8 *buf, in fils_encrypt_assoc() argument
2308 if (!sm || !sm->PTK_valid) in fils_encrypt_assoc()
2326 aad[2] = sm->ANonce; in fils_encrypt_assoc()
2329 aad[3] = sm->SNonce; in fils_encrypt_assoc()
2349 wpabuf_put_u8(plain, 1 + sm->fils_key_auth_len); /* Length */ in fils_encrypt_assoc()
2352 wpabuf_put_data(plain, sm->fils_key_auth_ap, sm->fils_key_auth_len); in fils_encrypt_assoc()
2361 gsm = sm->group; in fils_encrypt_assoc()
2365 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, in fils_encrypt_assoc()
2370 if (sm->wpa_auth->conf.disable_gtk) { in fils_encrypt_assoc()
2390 tmp2 = ieee80211w_kde_add(sm, tmp); in fils_encrypt_assoc()
2405 if (aes_siv_encrypt(sm->PTK.kek, sm->PTK.kek_len, in fils_encrypt_assoc()
2418 sm->fils_completed = 1; in fils_encrypt_assoc()
2424 int fils_set_tk(struct wpa_state_machine *sm) in fils_set_tk() argument
2429 if (!sm || !sm->PTK_valid) in fils_set_tk()
2432 alg = wpa_cipher_to_alg(sm->pairwise); in fils_set_tk()
2433 klen = wpa_cipher_key_len(sm->pairwise); in fils_set_tk()
2436 if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0, in fils_set_tk()
2437 sm->PTK.tk, klen)) { in fils_set_tk()
2450 struct wpa_authenticator *wpa_auth = sm->wpa_auth; in SM_STATE()
2464 sm->EAPOLKeyReceived = FALSE; in SM_STATE()
2465 sm->update_snonce = FALSE; in SM_STATE()
2468 mic_len = wpa_mic_len(sm->wpa_key_mgmt); in SM_STATE()
2474 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) { in SM_STATE()
2475 pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, in SM_STATE()
2476 sm->p2p_dev_addr, pmk); in SM_STATE()
2482 pmk = sm->PMK; in SM_STATE()
2483 pmk_len = sm->pmk_len; in SM_STATE()
2486 if (wpa_derive_ptk(sm, sm->SNonce, pmk, pmk_len, &PTK) < 0) in SM_STATE()
2490 wpa_verify_key_mic(sm->wpa_key_mgmt, &PTK, in SM_STATE()
2491 sm->last_rx_eapol_key, in SM_STATE()
2492 sm->last_rx_eapol_key_len) == 0) { in SM_STATE()
2499 wpa_aead_decrypt(sm, &PTK, sm->last_rx_eapol_key, in SM_STATE()
2500 sm->last_rx_eapol_key_len, NULL) == 0) { in SM_STATE()
2506 if (!wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) in SM_STATE()
2511 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STATE()
2514 wpa_auth_psk_failure_report(sm->wpa_auth, sm->addr); in SM_STATE()
2522 hdr = (struct ieee802_1x_hdr *) sm->last_rx_eapol_key; in SM_STATE()
2527 if (key_data_length > sm->last_rx_eapol_key_len - sizeof(*hdr) - in SM_STATE()
2532 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
2546 ft = sm->wpa == WPA_VERSION_WPA2 && wpa_key_mgmt_ft(sm->wpa_key_mgmt); in SM_STATE()
2547 if (sm->wpa_ie == NULL || in SM_STATE()
2548 wpa_compare_rsn_ie(ft, sm->wpa_ie, sm->wpa_ie_len, in SM_STATE()
2550 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
2552 if (sm->wpa_ie) { in SM_STATE()
2554 sm->wpa_ie, sm->wpa_ie_len); in SM_STATE()
2559 wpa_sta_disconnect(wpa_auth, sm->addr); in SM_STATE()
2563 if (ft && ft_check_msg_2_of_4(wpa_auth, sm, &kde) < 0) { in SM_STATE()
2564 wpa_sta_disconnect(wpa_auth, sm->addr); in SM_STATE()
2570 wpa_auth->ip_pool && WPA_GET_BE32(sm->ip_addr) == 0) { in SM_STATE()
2578 WPA_PUT_BE32(sm->ip_addr, start + idx); in SM_STATE()
2581 MACSTR, sm->ip_addr[0], sm->ip_addr[1], in SM_STATE()
2582 sm->ip_addr[2], sm->ip_addr[3], in SM_STATE()
2583 MAC2STR(sm->addr)); in SM_STATE()
2589 if (sm->wpa == WPA_VERSION_WPA2 && wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { in SM_STATE()
2594 if (os_memcmp_const(sm->sup_pmk_r1_name, sm->pmk_r1_name, in SM_STATE()
2596 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STATE()
2601 sm->sup_pmk_r1_name, WPA_PMK_NAME_LEN); in SM_STATE()
2603 sm->pmk_r1_name, WPA_PMK_NAME_LEN); in SM_STATE()
2609 sm->pending_1_of_4_timeout = 0; in SM_STATE()
2610 eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm); in SM_STATE()
2612 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) { in SM_STATE()
2616 os_memcpy(sm->PMK, pmk, PMK_LEN); in SM_STATE()
2617 sm->pmk_len = PMK_LEN; in SM_STATE()
2620 sm->MICVerified = TRUE; in SM_STATE()
2622 os_memcpy(&sm->PTK, &PTK, sizeof(PTK)); in SM_STATE()
2623 sm->PTK_valid = TRUE; in SM_STATE()
2630 sm->TimeoutCtr = 0; in SM_STATE()
2636 static int ieee80211w_kde_len(struct wpa_state_machine *sm) in ieee80211w_kde_len() argument
2638 if (sm->mgmt_frame_prot) { in ieee80211w_kde_len()
2640 len = wpa_cipher_key_len(sm->wpa_auth->conf.group_mgmt_cipher); in ieee80211w_kde_len()
2648 static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos) in ieee80211w_kde_add() argument
2651 struct wpa_group *gsm = sm->group; in ieee80211w_kde_add()
2653 size_t len = wpa_cipher_key_len(sm->wpa_auth->conf.group_mgmt_cipher); in ieee80211w_kde_add()
2655 if (!sm->mgmt_frame_prot) in ieee80211w_kde_add()
2661 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, rsc) < 0) in ieee80211w_kde_add()
2666 if (sm->wpa_auth->conf.disable_gtk) { in ieee80211w_kde_add()
2683 static int ieee80211w_kde_len(struct wpa_state_machine *sm) in ieee80211w_kde_len() argument
2689 static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos) in ieee80211w_kde_add() argument
2701 struct wpa_group *gsm = sm->group; in SM_STATE()
2706 sm->TimeoutEvt = FALSE; in SM_STATE()
2708 sm->TimeoutCtr++; in SM_STATE()
2709 if (sm->TimeoutCtr > sm->wpa_auth->conf.wpa_pairwise_update_count) { in SM_STATE()
2719 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc); in SM_STATE()
2721 wpa_ie = sm->wpa_auth->wpa_ie; in SM_STATE()
2722 wpa_ie_len = sm->wpa_auth->wpa_ie_len; in SM_STATE()
2723 if (sm->wpa == WPA_VERSION_WPA && in SM_STATE()
2724 (sm->wpa_auth->conf.wpa & WPA_PROTO_RSN) && in SM_STATE()
2732 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STATE()
2734 if (sm->wpa == WPA_VERSION_WPA2) { in SM_STATE()
2739 if (sm->wpa_auth->conf.disable_gtk) { in SM_STATE()
2758 if (sm->rx_eapol_key_secure) { in SM_STATE()
2767 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STATE()
2774 kde_len = wpa_ie_len + ieee80211w_kde_len(sm); in SM_STATE()
2778 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { in SM_STATE()
2784 if (WPA_GET_BE32(sm->ip_addr) > 0) in SM_STATE()
2795 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { in SM_STATE()
2800 res = wpa_insert_pmkid(kde, &elen, sm->pmk_r1_name); in SM_STATE()
2818 pos = ieee80211w_kde_add(sm, pos); in SM_STATE()
2821 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { in SM_STATE()
2825 conf = &sm->wpa_auth->conf; in SM_STATE()
2826 if (sm->assoc_resp_ftie && in SM_STATE()
2827 kde + kde_len - pos >= 2 + sm->assoc_resp_ftie[1]) { in SM_STATE()
2828 os_memcpy(pos, sm->assoc_resp_ftie, in SM_STATE()
2829 2 + sm->assoc_resp_ftie[1]); in SM_STATE()
2830 res = 2 + sm->assoc_resp_ftie[1]; in SM_STATE()
2862 if (WPA_GET_BE32(sm->ip_addr) > 0) { in SM_STATE()
2864 os_memcpy(addr, sm->ip_addr, 4); in SM_STATE()
2865 os_memcpy(addr + 4, sm->wpa_auth->conf.ip_addr_mask, 4); in SM_STATE()
2866 os_memcpy(addr + 8, sm->wpa_auth->conf.ip_addr_go, 4); in SM_STATE()
2872 wpa_send_eapol(sm->wpa_auth, sm, in SM_STATE()
2874 (wpa_mic_len(sm->wpa_key_mgmt) ? WPA_KEY_INFO_MIC : 0) | in SM_STATE()
2877 _rsc, sm->ANonce, kde, pos - kde, keyidx, encr); in SM_STATE()
2885 sm->EAPOLKeyReceived = FALSE; in SM_STATE()
2886 if (sm->Pair) { in SM_STATE()
2887 enum wpa_alg alg = wpa_cipher_to_alg(sm->pairwise); in SM_STATE()
2888 int klen = wpa_cipher_key_len(sm->pairwise); in SM_STATE()
2889 if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0, in SM_STATE()
2890 sm->PTK.tk, klen)) { in SM_STATE()
2891 wpa_sta_disconnect(sm->wpa_auth, sm->addr); in SM_STATE()
2895 sm->pairwise_set = TRUE; in SM_STATE()
2897 if (sm->wpa_auth->conf.wpa_ptk_rekey) { in SM_STATE()
2898 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm); in SM_STATE()
2899 eloop_register_timeout(sm->wpa_auth->conf. in SM_STATE()
2901 sm->wpa_auth, sm); in SM_STATE()
2904 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) { in SM_STATE()
2905 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, in SM_STATE()
2911 sm->keycount++; in SM_STATE()
2912 if (sm->keycount == 2) { in SM_STATE()
2913 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, in SM_STATE()
2917 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid, in SM_STATE()
2920 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyAvailable, 0); in SM_STATE()
2921 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyDone, 1); in SM_STATE()
2922 if (sm->wpa == WPA_VERSION_WPA) in SM_STATE()
2923 sm->PInitAKeys = TRUE; in SM_STATE()
2925 sm->has_GTK = TRUE; in SM_STATE()
2926 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
2928 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN"); in SM_STATE()
2931 wpa_ft_push_pmk_r1(sm->wpa_auth, sm->addr); in SM_STATE()
2938 struct wpa_authenticator *wpa_auth = sm->wpa_auth; in SM_STEP()
2940 if (sm->Init) in SM_STEP()
2942 else if (sm->Disconnect in SM_STEP()
2944 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STEP()
2948 else if (sm->DeauthenticationRequest) in SM_STEP()
2950 else if (sm->AuthenticationRequest) in SM_STEP()
2952 else if (sm->ReAuthenticationRequest) in SM_STEP()
2954 else if (sm->PTKRequest) { in SM_STEP()
2955 if (wpa_auth_sm_ptk_update(sm) < 0) in SM_STEP()
2959 } else switch (sm->wpa_ptk_state) { in SM_STEP()
2972 if (wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt) && in SM_STEP()
2973 wpa_auth_get_eapol(sm->wpa_auth, sm->addr, in SM_STEP()
2976 else if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) in SM_STEP()
2981 if (wpa_auth_get_eapol(sm->wpa_auth, sm->addr, in SM_STEP()
2986 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO, in SM_STEP()
2992 if (wpa_auth_get_psk(sm->wpa_auth, sm->addr, sm->p2p_dev_addr, in SM_STEP()
2996 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO, in SM_STEP()
3003 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest && in SM_STEP()
3004 sm->EAPOLKeyPairwise) in SM_STEP()
3006 else if (sm->TimeoutCtr > in SM_STEP()
3007 sm->wpa_auth->conf.wpa_pairwise_update_count) { in SM_STEP()
3010 sm->wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STEP()
3012 sm->wpa_auth->conf.wpa_pairwise_update_count); in SM_STEP()
3014 } else if (sm->TimeoutEvt) in SM_STEP()
3018 if (sm->MICVerified) in SM_STEP()
3020 else if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest && in SM_STEP()
3021 sm->EAPOLKeyPairwise) in SM_STEP()
3023 else if (sm->TimeoutEvt) in SM_STEP()
3030 if (sm->update_snonce) in SM_STEP()
3032 else if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest && in SM_STEP()
3033 sm->EAPOLKeyPairwise && sm->MICVerified) in SM_STEP()
3035 else if (sm->TimeoutCtr > in SM_STEP()
3036 sm->wpa_auth->conf.wpa_pairwise_update_count) { in SM_STEP()
3039 sm->wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STEP()
3041 sm->wpa_auth->conf.wpa_pairwise_update_count); in SM_STEP()
3043 } else if (sm->TimeoutEvt) in SM_STEP()
3055 if (sm->Init) { in SM_STATE()
3058 sm->changed = FALSE; in SM_STATE()
3060 sm->GTimeoutCtr = 0; in SM_STATE()
3067 struct wpa_group *gsm = sm->group; in SM_STATE()
3075 sm->GTimeoutCtr++; in SM_STATE()
3076 if (sm->GTimeoutCtr > sm->wpa_auth->conf.wpa_group_update_count) { in SM_STATE()
3082 if (sm->wpa == WPA_VERSION_WPA) in SM_STATE()
3083 sm->PInitAKeys = FALSE; in SM_STATE()
3084 sm->TimeoutEvt = FALSE; in SM_STATE()
3088 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc); in SM_STATE()
3089 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in SM_STATE()
3093 if (sm->wpa_auth->conf.disable_gtk) { in SM_STATE()
3102 if (sm->wpa == WPA_VERSION_WPA2) { in SM_STATE()
3104 ieee80211w_kde_len(sm); in SM_STATE()
3114 pos = ieee80211w_kde_add(sm, pos); in SM_STATE()
3121 wpa_send_eapol(sm->wpa_auth, sm, in SM_STATE()
3123 (wpa_mic_len(sm->wpa_key_mgmt) ? WPA_KEY_INFO_MIC : 0) | in SM_STATE()
3125 (!sm->Pair ? WPA_KEY_INFO_INSTALL : 0), in SM_STATE()
3135 sm->EAPOLKeyReceived = FALSE; in SM_STATE()
3136 if (sm->GUpdateStationKeys) in SM_STATE()
3137 sm->group->GKeyDoneStations--; in SM_STATE()
3138 sm->GUpdateStationKeys = FALSE; in SM_STATE()
3139 sm->GTimeoutCtr = 0; in SM_STATE()
3141 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
3143 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN"); in SM_STATE()
3144 sm->has_GTK = TRUE; in SM_STATE()
3151 if (sm->GUpdateStationKeys) in SM_STATE()
3152 sm->group->GKeyDoneStations--; in SM_STATE()
3153 sm->GUpdateStationKeys = FALSE; in SM_STATE()
3154 sm->Disconnect = TRUE; in SM_STATE()
3155 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO, in SM_STATE()
3157 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN", in SM_STATE()
3158 sm->wpa_auth->conf.wpa_group_update_count); in SM_STATE()
3164 if (sm->Init || sm->PtkGroupInit) { in SM_STEP()
3166 sm->PtkGroupInit = FALSE; in SM_STEP()
3167 } else switch (sm->wpa_ptk_group_state) { in SM_STEP()
3169 if (sm->GUpdateStationKeys || in SM_STEP()
3170 (sm->wpa == WPA_VERSION_WPA && sm->PInitAKeys)) in SM_STEP()
3174 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest && in SM_STEP()
3175 !sm->EAPOLKeyPairwise && sm->MICVerified) in SM_STEP()
3177 else if (sm->GTimeoutCtr > in SM_STEP()
3178 sm->wpa_auth->conf.wpa_group_update_count) in SM_STEP()
3180 else if (sm->TimeoutEvt) in SM_STEP()
3247 static int wpa_group_update_sta(struct wpa_state_machine *sm, void *ctx) in wpa_group_update_sta() argument
3249 if (ctx != NULL && ctx != sm->group) in wpa_group_update_sta()
3252 if (sm->wpa_ptk_state != WPA_PTK_PTKINITDONE) { in wpa_group_update_sta()
3253 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_group_update_sta()
3255 sm->GUpdateStationKeys = FALSE; in wpa_group_update_sta()
3258 if (sm->GUpdateStationKeys) { in wpa_group_update_sta()
3264 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, in wpa_group_update_sta()
3270 if (sm->is_wnmsleep) in wpa_group_update_sta()
3273 sm->group->GKeyDoneStations++; in wpa_group_update_sta()
3274 sm->GUpdateStationKeys = TRUE; in wpa_group_update_sta()
3276 wpa_sm_step(sm); in wpa_group_update_sta()
3283 void wpa_wnmsleep_rekey_gtk(struct wpa_state_machine *sm) in wpa_wnmsleep_rekey_gtk() argument
3285 if (sm == NULL || sm->is_wnmsleep) in wpa_wnmsleep_rekey_gtk()
3288 wpa_group_update_sta(sm, NULL); in wpa_wnmsleep_rekey_gtk()
3292 void wpa_set_wnmsleep(struct wpa_state_machine *sm, int flag) in wpa_set_wnmsleep() argument
3294 if (sm) in wpa_set_wnmsleep()
3295 sm->is_wnmsleep = !!flag; in wpa_set_wnmsleep()
3299 int wpa_wnmsleep_gtk_subelem(struct wpa_state_machine *sm, u8 *pos) in wpa_wnmsleep_gtk_subelem() argument
3301 struct wpa_group *gsm = sm->group; in wpa_wnmsleep_gtk_subelem()
3315 if (wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, pos) != 0) in wpa_wnmsleep_gtk_subelem()
3331 int wpa_wnmsleep_igtk_subelem(struct wpa_state_machine *sm, u8 *pos) in wpa_wnmsleep_igtk_subelem() argument
3333 struct wpa_group *gsm = sm->group; in wpa_wnmsleep_igtk_subelem()
3335 size_t len = wpa_cipher_key_len(sm->wpa_auth->conf.group_mgmt_cipher); in wpa_wnmsleep_igtk_subelem()
3345 if (wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, pos) != 0) in wpa_wnmsleep_igtk_subelem()
3429 static int wpa_group_disconnect_cb(struct wpa_state_machine *sm, void *ctx) in wpa_group_disconnect_cb() argument
3431 if (sm->group == ctx) { in wpa_group_disconnect_cb()
3434 MAC2STR(sm->addr)); in wpa_group_disconnect_cb()
3435 sm->Disconnect = TRUE; in wpa_group_disconnect_cb()
3491 static int wpa_sm_step(struct wpa_state_machine *sm) in wpa_sm_step() argument
3493 if (sm == NULL) in wpa_sm_step()
3496 if (sm->in_step_loop) { in wpa_sm_step()
3504 sm->in_step_loop = 1; in wpa_sm_step()
3506 if (sm->pending_deinit) in wpa_sm_step()
3509 sm->changed = FALSE; in wpa_sm_step()
3510 sm->wpa_auth->group->changed = FALSE; in wpa_sm_step()
3513 if (sm->pending_deinit) in wpa_sm_step()
3516 if (sm->pending_deinit) in wpa_sm_step()
3518 wpa_group_sm_step(sm->wpa_auth, sm->group); in wpa_sm_step()
3519 } while (sm->changed || sm->wpa_auth->group->changed); in wpa_sm_step()
3520 sm->in_step_loop = 0; in wpa_sm_step()
3522 if (sm->pending_deinit) { in wpa_sm_step()
3524 "machine deinit for " MACSTR, MAC2STR(sm->addr)); in wpa_sm_step()
3525 wpa_free_sta_sm(sm); in wpa_sm_step()
3534 struct wpa_state_machine *sm = eloop_ctx; in wpa_sm_call_step() local
3535 wpa_sm_step(sm); in wpa_sm_call_step()
3539 void wpa_auth_sm_notify(struct wpa_state_machine *sm) in wpa_auth_sm_notify() argument
3541 if (sm == NULL) in wpa_auth_sm_notify()
3543 eloop_register_timeout(0, 0, wpa_sm_call_step, sm, NULL); in wpa_auth_sm_notify()
3671 int wpa_get_mib_sta(struct wpa_state_machine *sm, char *buf, size_t buflen) in wpa_get_mib_sta() argument
3676 if (sm == NULL) in wpa_get_mib_sta()
3683 pairwise = wpa_cipher_to_suite(sm->wpa == WPA_VERSION_WPA2 ? in wpa_get_mib_sta()
3685 sm->pairwise); in wpa_get_mib_sta()
3701 MAC2STR(sm->addr), in wpa_get_mib_sta()
3703 sm->dot11RSNAStatsTKIPLocalMICFailures, in wpa_get_mib_sta()
3704 sm->dot11RSNAStatsTKIPRemoteMICFailures); in wpa_get_mib_sta()
3713 sm->wpa_ptk_state, in wpa_get_mib_sta()
3714 sm->wpa_ptk_group_state); in wpa_get_mib_sta()
3730 int wpa_auth_pairwise_set(struct wpa_state_machine *sm) in wpa_auth_pairwise_set() argument
3732 return sm && sm->pairwise_set; in wpa_auth_pairwise_set()
3736 int wpa_auth_get_pairwise(struct wpa_state_machine *sm) in wpa_auth_get_pairwise() argument
3738 return sm->pairwise; in wpa_auth_get_pairwise()
3742 int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm) in wpa_auth_sta_key_mgmt() argument
3744 if (sm == NULL) in wpa_auth_sta_key_mgmt()
3746 return sm->wpa_key_mgmt; in wpa_auth_sta_key_mgmt()
3750 int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm) in wpa_auth_sta_wpa_version() argument
3752 if (sm == NULL) in wpa_auth_sta_wpa_version()
3754 return sm->wpa; in wpa_auth_sta_wpa_version()
3758 int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm) in wpa_auth_sta_ft_tk_already_set() argument
3760 if (!sm || !wpa_key_mgmt_ft(sm->wpa_key_mgmt)) in wpa_auth_sta_ft_tk_already_set()
3762 return sm->tk_already_set; in wpa_auth_sta_ft_tk_already_set()
3766 int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm, in wpa_auth_sta_clear_pmksa() argument
3769 if (sm == NULL || sm->pmksa != entry) in wpa_auth_sta_clear_pmksa()
3771 sm->pmksa = NULL; in wpa_auth_sta_clear_pmksa()
3777 wpa_auth_sta_get_pmksa(struct wpa_state_machine *sm) in wpa_auth_sta_get_pmksa() argument
3779 return sm ? sm->pmksa : NULL; in wpa_auth_sta_get_pmksa()
3783 void wpa_auth_sta_local_mic_failure_report(struct wpa_state_machine *sm) in wpa_auth_sta_local_mic_failure_report() argument
3785 if (sm) in wpa_auth_sta_local_mic_failure_report()
3786 sm->dot11RSNAStatsTKIPLocalMICFailures++; in wpa_auth_sta_local_mic_failure_report()
3799 int wpa_auth_pmksa_add(struct wpa_state_machine *sm, const u8 *pmk, in wpa_auth_pmksa_add() argument
3803 if (sm == NULL || sm->wpa != WPA_VERSION_WPA2 || in wpa_auth_pmksa_add()
3804 sm->wpa_auth->conf.disable_pmksa_caching) in wpa_auth_pmksa_add()
3807 if (wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) { in wpa_auth_pmksa_add()
3814 if (pmksa_cache_auth_add(sm->wpa_auth->pmksa, pmk, pmk_len, NULL, in wpa_auth_pmksa_add()
3815 sm->PTK.kck, sm->PTK.kck_len, in wpa_auth_pmksa_add()
3816 sm->wpa_auth->addr, sm->addr, session_timeout, in wpa_auth_pmksa_add()
3817 eapol, sm->wpa_key_mgmt)) in wpa_auth_pmksa_add()
3954 struct wpa_state_machine *sm, in wpa_auth_pmksa_set_to_sm() argument
3958 if (!sm) in wpa_auth_pmksa_set_to_sm()
3961 sm->pmksa = pmksa; in wpa_auth_pmksa_set_to_sm()
4138 int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id) in wpa_auth_sta_set_vlan() argument
4142 if (sm == NULL || sm->wpa_auth == NULL) in wpa_auth_sta_set_vlan()
4145 group = sm->wpa_auth->group; in wpa_auth_sta_set_vlan()
4153 group = wpa_auth_add_group(sm->wpa_auth, vlan_id); in wpa_auth_sta_set_vlan()
4158 if (sm->group == group) in wpa_auth_sta_set_vlan()
4165 "machine for VLAN ID %d", MAC2STR(sm->addr), vlan_id); in wpa_auth_sta_set_vlan()
4167 wpa_group_get(sm->wpa_auth, group); in wpa_auth_sta_set_vlan()
4168 wpa_group_put(sm->wpa_auth, sm->group); in wpa_auth_sta_set_vlan()
4169 sm->group = group; in wpa_auth_sta_set_vlan()
4176 struct wpa_state_machine *sm, int ack) in wpa_auth_eapol_key_tx_status() argument
4178 if (wpa_auth == NULL || sm == NULL) in wpa_auth_eapol_key_tx_status()
4181 " ack=%d", MAC2STR(sm->addr), ack); in wpa_auth_eapol_key_tx_status()
4182 if (sm->pending_1_of_4_timeout && ack) { in wpa_auth_eapol_key_tx_status()
4197 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm); in wpa_auth_eapol_key_tx_status()
4200 wpa_send_eapol_timeout, wpa_auth, sm); in wpa_auth_eapol_key_tx_status()
4205 int wpa_auth_uses_sae(struct wpa_state_machine *sm) in wpa_auth_uses_sae() argument
4207 if (sm == NULL) in wpa_auth_uses_sae()
4209 return wpa_key_mgmt_sae(sm->wpa_key_mgmt); in wpa_auth_uses_sae()
4213 int wpa_auth_uses_ft_sae(struct wpa_state_machine *sm) in wpa_auth_uses_ft_sae() argument
4215 if (sm == NULL) in wpa_auth_uses_ft_sae()
4217 return sm->wpa_key_mgmt == WPA_KEY_MGMT_FT_SAE; in wpa_auth_uses_ft_sae()
4222 int wpa_auth_get_ip_addr(struct wpa_state_machine *sm, u8 *addr) in wpa_auth_get_ip_addr() argument
4224 if (sm == NULL || WPA_GET_BE32(sm->ip_addr) == 0) in wpa_auth_get_ip_addr()
4226 os_memcpy(addr, sm->ip_addr, 4); in wpa_auth_get_ip_addr()