Lines Matching full:sm
40 #define STATE_MACHINE_ADDR wpa_auth_get_spa(sm)
44 static int wpa_sm_step(struct wpa_state_machine *sm);
48 static int wpa_aead_decrypt(struct wpa_state_machine *sm, struct wpa_ptk *ptk,
50 static struct wpabuf * fils_prepare_plainbuf(struct wpa_state_machine *sm,
56 static void wpa_request_new_ptk(struct wpa_state_machine *sm);
61 static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *snonce,
72 static int ieee80211w_kde_len(struct wpa_state_machine *sm);
73 static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos);
89 static const u8 * wpa_auth_get_aa(const struct wpa_state_machine *sm) in wpa_auth_get_aa() argument
92 if (sm->mld_assoc_link_id >= 0) in wpa_auth_get_aa()
93 return sm->wpa_auth->mld_addr; in wpa_auth_get_aa()
95 return sm->wpa_auth->addr; in wpa_auth_get_aa()
99 static const u8 * wpa_auth_get_spa(const struct wpa_state_machine *sm) in wpa_auth_get_spa() argument
102 if (sm->mld_assoc_link_id >= 0) in wpa_auth_get_spa()
103 return sm->peer_mld_addr; in wpa_auth_get_spa()
105 return sm->addr; in wpa_auth_get_spa()
109 static void wpa_gkeydone_sta(struct wpa_state_machine *sm) in wpa_gkeydone_sta() argument
115 if (!sm->wpa_auth) in wpa_gkeydone_sta()
118 sm->wpa_auth->group->GKeyDoneStations--; in wpa_gkeydone_sta()
119 sm->GUpdateStationKeys = false; in wpa_gkeydone_sta()
122 for_each_sm_auth(sm, link_id) in wpa_gkeydone_sta()
123 sm->mld_links[link_id].wpa_auth->group->GKeyDoneStations--; in wpa_gkeydone_sta()
130 void wpa_release_link_auth_ref(struct wpa_state_machine *sm, in wpa_release_link_auth_ref() argument
135 if (!sm || release_link_id >= MAX_NUM_MLD_LINKS) in wpa_release_link_auth_ref()
138 for_each_sm_auth(sm, link_id) { in wpa_release_link_auth_ref()
140 wpa_group_put(sm->mld_links[link_id].wpa_auth, in wpa_release_link_auth_ref()
141 sm->mld_links[link_id].wpa_auth->group); in wpa_release_link_auth_ref()
142 sm->mld_links[link_id].wpa_auth = NULL; in wpa_release_link_auth_ref()
371 int (*cb)(struct wpa_state_machine *sm, void *ctx), in wpa_auth_for_each_sta() argument
603 struct wpa_state_machine *sm = timeout_ctx; in wpa_rekey_ptk() local
605 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, in wpa_rekey_ptk()
607 wpa_request_new_ptk(sm); in wpa_rekey_ptk()
608 wpa_sm_step(sm); in wpa_rekey_ptk()
612 void wpa_auth_set_ptk_rekey_timer(struct wpa_state_machine *sm) in wpa_auth_set_ptk_rekey_timer() argument
614 if (sm && sm->wpa_auth->conf.wpa_ptk_rekey) { in wpa_auth_set_ptk_rekey_timer()
617 MAC2STR(wpa_auth_get_spa(sm)), in wpa_auth_set_ptk_rekey_timer()
618 sm->wpa_auth->conf.wpa_ptk_rekey); in wpa_auth_set_ptk_rekey_timer()
619 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm); in wpa_auth_set_ptk_rekey_timer()
620 eloop_register_timeout(sm->wpa_auth->conf.wpa_ptk_rekey, 0, in wpa_auth_set_ptk_rekey_timer()
621 wpa_rekey_ptk, sm->wpa_auth, sm); in wpa_auth_set_ptk_rekey_timer()
626 static int wpa_auth_pmksa_clear_cb(struct wpa_state_machine *sm, void *ctx) in wpa_auth_pmksa_clear_cb() argument
628 if (sm->pmksa == ctx) in wpa_auth_pmksa_clear_cb()
629 sm->pmksa = NULL; in wpa_auth_pmksa_clear_cb()
940 struct wpa_state_machine *sm; local
945 sm = os_zalloc(sizeof(struct wpa_state_machine));
946 if (!sm)
948 os_memcpy(sm->addr, addr, ETH_ALEN);
950 os_memcpy(sm->p2p_dev_addr, p2p_dev_addr, ETH_ALEN);
952 sm->wpa_auth = wpa_auth;
953 sm->group = wpa_auth->group;
954 wpa_group_get(sm->wpa_auth, sm->group);
956 sm->mld_assoc_link_id = -1;
959 return sm;
964 struct wpa_state_machine *sm) argument
966 if (!wpa_auth || !wpa_auth->conf.wpa || !sm)
970 if (sm->ft_completed) {
971 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
974 sm->wpa_ptk_state = WPA_PTK_PTKINITDONE;
975 sm->Pair = true;
981 if (sm->fils_completed) {
982 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
985 sm->wpa_ptk_state = WPA_PTK_PTKINITDONE;
986 sm->Pair = true;
991 if (sm->started) {
992 os_memset(&sm->key_replay, 0, sizeof(sm->key_replay));
993 sm->ReAuthenticationRequest = true;
994 return wpa_sm_step(sm);
997 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
999 sm->started = 1;
1001 sm->Init = true;
1002 if (wpa_sm_step(sm) == 1)
1004 sm->Init = false;
1005 sm->AuthenticationRequest = true;
1006 return wpa_sm_step(sm);
1010 void wpa_auth_sta_no_wpa(struct wpa_state_machine *sm) argument
1015 if (!sm)
1018 sm->wpa_key_mgmt = 0;
1022 static void wpa_free_sta_sm(struct wpa_state_machine *sm) argument
1029 if (WPA_GET_BE32(sm->ip_addr)) {
1033 sm->ip_addr[0], sm->ip_addr[1],
1034 sm->ip_addr[2], sm->ip_addr[3],
1035 MAC2STR(wpa_auth_get_spa(sm)),
1036 sm->ip_addr_bit);
1037 bitfield_clear(sm->wpa_auth->ip_pool, sm->ip_addr_bit);
1040 if (sm->GUpdateStationKeys)
1041 wpa_gkeydone_sta(sm);
1043 os_free(sm->assoc_resp_ftie);
1044 wpabuf_free(sm->ft_pending_req_ies);
1046 os_free(sm->last_rx_eapol_key);
1047 os_free(sm->wpa_ie);
1048 os_free(sm->rsnxe);
1050 for_each_sm_auth(sm, link_id) {
1051 wpa_group_put(sm->mld_links[link_id].wpa_auth,
1052 sm->mld_links[link_id].wpa_auth->group);
1053 sm->mld_links[link_id].wpa_auth = NULL;
1056 wpa_group_put(sm->wpa_auth, sm->group);
1058 wpabuf_clear_free(sm->dpp_z);
1060 bin_clear_free(sm, sizeof(*sm));
1064 void wpa_auth_sta_deinit(struct wpa_state_machine *sm) argument
1068 if (!sm)
1071 wpa_auth = sm->wpa_auth;
1072 if (wpa_auth->conf.wpa_strict_rekey && sm->has_GTK) {
1075 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
1089 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm);
1090 sm->pending_1_of_4_timeout = 0;
1091 eloop_cancel_timeout(wpa_sm_call_step, sm, NULL);
1092 eloop_cancel_timeout(wpa_rekey_ptk, wpa_auth, sm);
1094 wpa_ft_sta_deinit(sm);
1096 if (sm->in_step_loop) {
1101 MACSTR, MAC2STR(wpa_auth_get_spa(sm)));
1102 sm->pending_deinit = 1;
1104 wpa_free_sta_sm(sm);
1108 static void wpa_request_new_ptk(struct wpa_state_machine *sm) argument
1110 if (!sm)
1113 if (!sm->use_ext_key_id && sm->wpa_auth->conf.wpa_deny_ptk0_rekey) {
1116 MAC2STR(wpa_auth_get_spa(sm)));
1117 sm->Disconnect = true;
1119 sm->disconnect_reason =
1122 if (sm->use_ext_key_id)
1123 sm->keyidx_active ^= 1; /* flip Key ID */
1124 sm->PTKRequest = true;
1125 sm->PTK_valid = 0;
1161 struct wpa_state_machine *sm, argument
1179 if (wpa_parse_wpa_ie_rsn(sm->wpa_ie, sm->wpa_ie_len, &assoc_ie) < 0) {
1190 if (os_memcmp_const(pmkid, sm->pmk_r1_name,
1218 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
1225 sm->pmk_r1_name, WPA_PMK_NAME_LEN);
1244 if (sm->assoc_resp_ftie &&
1245 (kde->ftie[1] != sm->assoc_resp_ftie[1] ||
1246 os_memcmp(kde->ftie, sm->assoc_resp_ftie,
1247 2 + sm->assoc_resp_ftie[1]) != 0)) {
1252 sm->assoc_resp_ftie, 2 + sm->assoc_resp_ftie[1]);
1262 struct wpa_state_machine *sm, int group) argument
1265 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1270 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1272 } else if (!group && sm->pairwise != WPA_CIPHER_TKIP) {
1273 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1277 wpa_auth_get_spa(sm)) > 0)
1279 sm->dot11RSNAStatsTKIPRemoteMICFailures++;
1287 wpa_request_new_ptk(sm);
1292 static int wpa_try_alt_snonce(struct wpa_state_machine *sm, u8 *data, argument
1307 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) &&
1308 !wpa_key_mgmt_sae(sm->wpa_key_mgmt)) {
1309 pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr,
1310 sm->p2p_dev_addr, pmk, &pmk_len,
1315 if (wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt)) {
1316 os_memcpy(sm->xxkey, pmk, pmk_len);
1317 sm->xxkey_len = pmk_len;
1321 pmk = sm->PMK;
1322 pmk_len = sm->pmk_len;
1325 if (wpa_derive_ptk(sm, sm->alt_SNonce, pmk, pmk_len, &PTK, 0,
1330 if (wpa_verify_key_mic(sm->wpa_key_mgmt, pmk_len, &PTK,
1332 if (sm->PMK != pmk) {
1333 os_memcpy(sm->PMK, pmk, pmk_len);
1334 sm->pmk_len = pmk_len;
1340 if (!wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) ||
1341 wpa_key_mgmt_sae(sm->wpa_key_mgmt))
1353 sm->alt_snonce_valid = 0;
1355 if (vlan_id && wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) &&
1356 wpa_auth_update_vlan(sm->wpa_auth, sm->addr, vlan_id) < 0)
1360 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt) && !sm->ft_completed) {
1362 wpa_auth_ft_store_keys(sm, pmk_r0, pmk_r1, pmk_r0_name,
1367 os_memcpy(sm->SNonce, sm->alt_SNonce, WPA_NONCE_LEN);
1368 os_memcpy(&sm->PTK, &PTK, sizeof(PTK));
1370 sm->PTK_valid = true;
1395 struct wpa_state_machine *sm, u16 ver) argument
1400 MAC2STR(wpa_auth_get_spa(sm)), ver);
1404 if (!wpa_use_akm_defined(sm->wpa_key_mgmt) &&
1405 wpa_use_cmac(sm->wpa_key_mgmt) &&
1407 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1413 if (sm->pairwise != WPA_CIPHER_TKIP &&
1414 !wpa_use_akm_defined(sm->wpa_key_mgmt) &&
1415 !wpa_use_cmac(sm->wpa_key_mgmt) &&
1417 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1423 if (wpa_use_akm_defined(sm->wpa_key_mgmt) &&
1425 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1436 struct wpa_state_machine *sm, argument
1440 if (sm->req_replay_counter_used &&
1441 os_memcmp(replay_counter, sm->req_replay_counter,
1443 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1454 struct wpa_state_machine *sm, argument
1462 return wpa_auth_valid_request_counter(wpa_auth, sm,
1465 if (wpa_replay_counter_valid(sm->key_replay, key->replay_counter))
1469 wpa_replay_counter_valid(sm->prev_key_replay,
1471 sm->wpa_ptk_state == WPA_PTK_PTKINITNEGOTIATING &&
1472 os_memcmp(sm->SNonce, key->key_nonce, WPA_NONCE_LEN) != 0) {
1480 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1483 sm->update_snonce = 1;
1484 os_memcpy(sm->alt_SNonce, sm->SNonce, WPA_NONCE_LEN);
1485 sm->alt_snonce_valid = true;
1486 os_memcpy(sm->alt_replay_counter,
1487 sm->key_replay[0].counter,
1492 if (msg == PAIRWISE_4 && sm->alt_snonce_valid &&
1493 sm->wpa_ptk_state == WPA_PTK_PTKINITNEGOTIATING &&
1494 os_memcmp(key->replay_counter, sm->alt_replay_counter,
1501 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1508 wpa_replay_counter_valid(sm->prev_key_replay,
1510 sm->wpa_ptk_state == WPA_PTK_PTKINITNEGOTIATING) {
1511 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1516 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1522 if (!sm->key_replay[i].valid)
1525 sm->key_replay[i].counter,
1535 struct wpa_state_machine *sm, argument
1549 if (!wpa_auth || !wpa_auth->conf.wpa || !sm)
1554 mic_len = wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len);
1570 MAC2STR(wpa_auth_get_spa(sm)), key_info, key->type,
1585 if (sm->wpa == WPA_VERSION_WPA2) {
1622 if (!wpa_auth_valid_key_desc_ver(wpa_auth, sm, ver))
1625 sm->PTK_valid &&
1628 wpa_use_aes_key_wrap(sm->wpa_key_mgmt)) &&
1635 if (aes_unwrap(sm->PTK.kek, sm->PTK.kek_len,
1653 (sm->wpa == WPA_VERSION_WPA2 &&
1667 if (!wpa_auth_valid_counter(wpa_auth, sm, key, msg, msgtxt))
1671 if (sm->wpa == WPA_VERSION_WPA2 && mic_len == 0 &&
1673 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
1681 if (sm->wpa_ptk_state != WPA_PTK_PTKSTART &&
1682 sm->wpa_ptk_state != WPA_PTK_PTKCALCNEGOTIATING &&
1683 (!sm->update_snonce ||
1684 sm->wpa_ptk_state != WPA_PTK_PTKINITNEGOTIATING)) {
1685 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1688 sm->wpa_ptk_state);
1692 if (sm->group->reject_4way_hs_for_entropy) {
1705 wpa_sta_disconnect(wpa_auth, sm->addr,
1711 if (sm->wpa_ptk_state != WPA_PTK_PTKINITNEGOTIATING ||
1712 !sm->PTK_valid) {
1713 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1716 sm->wpa_ptk_state);
1721 if (sm->wpa_ptk_group_state != WPA_PTK_GROUP_REKEYNEGOTIATING
1722 || !sm->PTK_valid) {
1723 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1726 sm->wpa_ptk_group_state);
1731 if (sm->wpa_ptk_state == WPA_PTK_PTKSTART ||
1732 sm->wpa_ptk_state == WPA_PTK_PTKCALCNEGOTIATING ||
1733 sm->wpa_ptk_state == WPA_PTK_PTKCALCNEGOTIATING2 ||
1734 sm->wpa_ptk_state == WPA_PTK_PTKINITNEGOTIATING) {
1735 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1738 sm->wpa_ptk_state);
1744 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
1748 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1753 if (!wpa_key_mgmt_fils(sm->wpa_key_mgmt) &&
1755 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1761 if (wpa_key_mgmt_fils(sm->wpa_key_mgmt) &&
1763 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1769 sm->MICVerified = false;
1770 if (sm->PTK_valid && !sm->update_snonce) {
1772 wpa_verify_key_mic(sm->wpa_key_mgmt, sm->pmk_len, &sm->PTK,
1774 (msg != PAIRWISE_4 || !sm->alt_snonce_valid ||
1775 wpa_try_alt_snonce(sm, data, data_len))) {
1776 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1788 wpa_aead_decrypt(sm, &sm->PTK, data, data_len,
1790 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1804 sm->MICVerified = true;
1805 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm);
1806 sm->pending_1_of_4_timeout = 0;
1811 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1816 if (sm->MICVerified) {
1817 sm->req_replay_counter_used = 1;
1818 os_memcpy(sm->req_replay_counter, key->replay_counter,
1821 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1829 wpa_auth, sm,
1833 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1836 wpa_request_new_ptk(sm);
1838 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1854 wpa_replay_counter_mark_invalid(sm->key_replay,
1865 os_memcpy(sm->prev_key_replay, sm->key_replay,
1866 sizeof(sm->key_replay));
1868 os_memset(sm->prev_key_replay, 0,
1869 sizeof(sm->prev_key_replay));
1876 wpa_replay_counter_mark_invalid(sm->key_replay, NULL);
1879 os_free(sm->last_rx_eapol_key);
1880 sm->last_rx_eapol_key = os_memdup(data, data_len);
1881 if (!sm->last_rx_eapol_key)
1883 sm->last_rx_eapol_key_len = data_len;
1885 sm->rx_eapol_key_secure = !!(key_info & WPA_KEY_INFO_SECURE);
1886 sm->EAPOLKeyReceived = true;
1887 sm->EAPOLKeyPairwise = !!(key_info & WPA_KEY_INFO_KEY_TYPE);
1888 sm->EAPOLKeyRequest = !!(key_info & WPA_KEY_INFO_REQUEST);
1889 os_memcpy(sm->SNonce, key->key_nonce, WPA_NONCE_LEN);
1890 wpa_sm_step(sm);
1948 struct wpa_state_machine *sm = timeout_ctx; local
1950 if (sm->waiting_radius_psk) {
1951 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
1956 sm->pending_1_of_4_timeout = 0;
1957 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
1959 sm->TimeoutEvt = true;
1960 wpa_sm_step(sm);
1965 struct wpa_state_machine *sm, int key_info, argument
1981 mic_len = wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len);
1988 else if (wpa_use_akm_defined(sm->wpa_key_mgmt))
1990 else if (wpa_use_cmac(sm->wpa_key_mgmt))
1992 else if (sm->pairwise != WPA_CIPHER_TKIP)
2011 wpa_use_aes_key_wrap(sm->wpa_key_mgmt) ||
2033 key->type = sm->wpa == WPA_VERSION_WPA2 ?
2036 if (encr && sm->wpa == WPA_VERSION_WPA2)
2038 if (sm->wpa != WPA_VERSION_WPA2)
2042 alg = pairwise ? sm->pairwise : conf->wpa_group;
2043 if (sm->wpa == WPA_VERSION_WPA2 && !pairwise)
2049 sm->key_replay[i].valid = sm->key_replay[i - 1].valid;
2050 os_memcpy(sm->key_replay[i].counter,
2051 sm->key_replay[i - 1].counter,
2054 inc_byte_array(sm->key_replay[0].counter, WPA_REPLAY_COUNTER_LEN);
2055 os_memcpy(key->replay_counter, sm->key_replay[0].counter,
2059 sm->key_replay[0].valid = true;
2080 sm->PTK.kek, sm->PTK.kek_len);
2085 if (aes_siv_encrypt(sm->PTK.kek, sm->PTK.kek_len, kde, kde_len,
2111 wpa_use_aes_key_wrap(sm->wpa_key_mgmt) ||
2114 sm->PTK.kek, sm->PTK.kek_len);
2115 if (aes_wrap(sm->PTK.kek, sm->PTK.kek_len,
2126 } else if (sm->PTK.kek_len == 16) {
2132 sm->group->Counter + WPA_NONCE_LEN - 16, 16);
2133 inc_byte_array(sm->group->Counter, WPA_NONCE_LEN);
2135 os_memcpy(ek + 16, sm->PTK.kek, sm->PTK.kek_len);
2149 if (!sm->PTK_valid || !mic_len) {
2150 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
2157 if (wpa_eapol_key_mic(sm->PTK.kck, sm->PTK.kck_len,
2158 sm->wpa_key_mgmt, version,
2167 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
2175 wpa_auth_set_eapol(wpa_auth, sm->addr, WPA_EAPOL_inc_EapolFramesTx, 1);
2177 wpa_auth_send_eapol(wpa_auth, sm->addr, (u8 *) hdr, len,
2178 sm->pairwise_set);
2193 struct wpa_state_machine *sm, int key_info, argument
2202 if (!sm)
2205 ctr = pairwise ? sm->TimeoutCtr : sm->GTimeoutCtr;
2213 wpa_msg(sm->wpa_auth->conf.msg_ctx, MSG_INFO,
2218 __wpa_send_eapol(wpa_auth, sm, key_info, key_rsc, nonce, kde, kde_len,
2238 sm->pending_1_of_4_timeout = 1;
2246 wpa_send_eapol_timeout, wpa_auth, sm);
2279 void wpa_remove_ptk(struct wpa_state_machine *sm) argument
2281 sm->PTK_valid = false;
2282 os_memset(&sm->PTK, 0, sizeof(sm->PTK));
2284 wpa_auth_remove_ptksa(sm->wpa_auth, sm->addr, sm->pairwise);
2286 if (wpa_auth_set_key(sm->wpa_auth, 0, WPA_ALG_NONE, sm->addr, 0, NULL,
2290 if (sm->use_ext_key_id &&
2291 wpa_auth_set_key(sm->wpa_auth, 0, WPA_ALG_NONE, sm->addr, 1, NULL,
2295 sm->pairwise_set = false;
2296 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
2300 int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event) argument
2304 if (!sm)
2307 wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
2314 if (wpa_auth_start_ampe(sm->wpa_auth, sm->addr)) {
2324 sm->DeauthenticationRequest = true;
2325 os_memset(sm->PMK, 0, sizeof(sm->PMK));
2326 sm->pmk_len = 0;
2328 os_memset(sm->xxkey, 0, sizeof(sm->xxkey));
2329 sm->xxkey_len = 0;
2330 os_memset(sm->pmk_r1, 0, sizeof(sm->pmk_r1));
2331 sm->pmk_r1_len = 0;
2336 if (!sm->started) {
2346 sm->started = 1;
2347 sm->Init = true;
2348 if (wpa_sm_step(sm) == 1)
2350 sm->Init = false;
2351 sm->AuthenticationRequest = true;
2355 if (sm->ptkstart_without_success > 3) {
2358 MACSTR, MAC2STR(sm->addr));
2359 sm->Disconnect = true;
2363 if (!sm->use_ext_key_id &&
2364 sm->wpa_auth->conf.wpa_deny_ptk0_rekey) {
2367 MACSTR, MAC2STR(wpa_auth_get_spa(sm)));
2368 sm->Disconnect = true;
2370 sm->disconnect_reason =
2375 if (sm->use_ext_key_id)
2376 sm->keyidx_active ^= 1; /* flip Key ID */
2378 if (sm->GUpdateStationKeys) {
2383 wpa_gkeydone_sta(sm);
2384 sm->PtkGroupInit = true;
2386 sm->ReAuthenticationRequest = true;
2392 wpa_ft_install_ptk(sm, 1);
2395 sm->ft_completed = 1;
2396 wpa_auth_set_ptk_rekey_timer(sm);
2405 fils_set_tk(sm);
2406 sm->fils_completed = 1;
2412 sm->tk_already_set = false;
2417 sm->ft_completed = 0;
2420 if (sm->mgmt_frame_prot && event == WPA_AUTH)
2423 if (wpa_key_mgmt_fils(sm->wpa_key_mgmt) &&
2429 sm->PTK_valid = false;
2430 os_memset(&sm->PTK, 0, sizeof(sm->PTK));
2433 wpa_remove_ptk(sm);
2436 if (sm->in_step_loop) {
2441 sm->changed = true;
2444 return wpa_sm_step(sm);
2451 if (sm->Init) {
2454 sm->changed = false;
2457 sm->keycount = 0;
2458 if (sm->GUpdateStationKeys)
2459 wpa_gkeydone_sta(sm);
2460 if (sm->wpa == WPA_VERSION_WPA)
2461 sm->PInitAKeys = false;
2464 sm->Pair = true;
2466 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 0);
2467 wpa_remove_ptk(sm);
2468 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid, 0);
2469 sm->TimeoutCtr = 0;
2470 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) ||
2471 sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP ||
2472 sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE) {
2473 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
2481 u16 reason = sm->disconnect_reason;
2484 sm->Disconnect = false;
2485 sm->disconnect_reason = 0;
2488 wpa_sta_disconnect(sm->wpa_auth, sm->addr, reason);
2495 sm->DeauthenticationRequest = false;
2502 os_memset(&sm->PTK, 0, sizeof(sm->PTK));
2503 sm->PTK_valid = false;
2504 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portControl_Auto,
2506 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 1);
2507 sm->AuthenticationRequest = false;
2548 wpa_group_ensure_init(sm->wpa_auth, sm->group);
2549 sm->ReAuthenticationRequest = false;
2560 if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) {
2563 sm->Disconnect = true;
2566 wpa_hexdump(MSG_DEBUG, "WPA: Assign ANonce", sm->ANonce,
2572 sm->TimeoutCtr = 0;
2576 static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm) argument
2578 if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) {
2581 sm->Disconnect = true;
2584 wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce,
2586 sm->TimeoutCtr = 0;
2598 sm->xxkey_len = 0;
2600 if (sm->pmksa) {
2602 os_memcpy(sm->PMK, sm->pmksa->pmk, sm->pmksa->pmk_len);
2603 sm->pmk_len = sm->pmksa->pmk_len;
2605 } else if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP) {
2608 sm->Disconnect = true;
2609 sm->disconnect_reason = WLAN_REASON_INVALID_PMKID;
2612 } else if (wpa_auth_get_msk(sm->wpa_auth, wpa_auth_get_spa(sm),
2616 if (wpa_key_mgmt_sha384(sm->wpa_key_mgmt))
2627 sm->Disconnect = true;
2630 os_memcpy(sm->PMK, msk, pmk_len);
2631 sm->pmk_len = pmk_len;
2634 if (wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) {
2635 os_memcpy(sm->xxkey, msk, SHA384_MAC_LEN);
2636 sm->xxkey_len = SHA384_MAC_LEN;
2638 os_memcpy(sm->xxkey, msk + PMK_LEN, PMK_LEN);
2639 sm->xxkey_len = PMK_LEN;
2645 sm->wpa_auth->cb->get_msk);
2646 sm->Disconnect = true;
2651 sm->req_replay_counter_used = 0;
2660 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyRun, false);
2670 psk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, sm->p2p_dev_addr, NULL,
2673 os_memcpy(sm->PMK, psk, psk_len);
2674 sm->pmk_len = psk_len;
2676 sm->xxkey_len = PMK_LEN;
2678 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_FT_SAE_EXT_KEY &&
2681 sm->xxkey_len = psk_len;
2683 os_memcpy(sm->xxkey, psk, sm->xxkey_len);
2687 if (wpa_auth_uses_sae(sm) && sm->pmksa) {
2689 sm->pmksa->pmk_len);
2690 os_memcpy(sm->PMK, sm->pmksa->pmk, sm->pmksa->pmk_len);
2691 sm->pmk_len = sm->pmksa->pmk_len;
2693 os_memcpy(sm->xxkey, sm->pmksa->pmk, sm->pmksa->pmk_len);
2694 sm->xxkey_len = sm->pmksa->pmk_len;
2698 sm->req_replay_counter_used = 0;
2710 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
2714 sm->PTKRequest = false;
2715 sm->TimeoutEvt = false;
2716 sm->alt_snonce_valid = false;
2717 sm->ptkstart_without_success++;
2719 sm->TimeoutCtr++;
2720 if (sm->TimeoutCtr > sm->wpa_auth->conf.wpa_pairwise_update_count) {
2727 if (sm->mld_assoc_link_id >= 0)
2739 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
2755 if (sm->wpa == WPA_VERSION_WPA2 &&
2756 (wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt) ||
2757 (sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE && sm->pmksa) ||
2758 wpa_key_mgmt_sae(sm->wpa_key_mgmt)) &&
2759 sm->wpa_key_mgmt != WPA_KEY_MGMT_OSEN) {
2765 if (sm->pmksa) {
2768 sm->pmksa->pmkid, PMKID_LEN);
2770 sm->pmksa->pmkid, PMKID_LEN);
2771 } else if (wpa_key_mgmt_suite_b(sm->wpa_key_mgmt)) {
2777 } else if (wpa_key_mgmt_fils(sm->wpa_key_mgmt)) {
2778 if (sm->pmkid_set) {
2781 sm->pmkid, PMKID_LEN);
2783 sm->pmkid, PMKID_LEN);
2792 } else if (wpa_key_mgmt_ft(sm->wpa_key_mgmt) &&
2793 sm->ft_completed) {
2799 } else if (wpa_key_mgmt_sae(sm->wpa_key_mgmt)) {
2800 if (sm->pmkid_set) {
2803 sm->pmkid, PMKID_LEN);
2805 sm->pmkid, PMKID_LEN);
2818 rsn_pmkid(sm->PMK, sm->pmk_len,
2819 wpa_auth_get_aa(sm),
2820 wpa_auth_get_spa(sm),
2822 sm->wpa_key_mgmt);
2832 if (sm->mld_assoc_link_id >= 0) {
2837 sm->wpa_auth->mld_addr, ETH_ALEN, NULL, 0);
2851 if (sm->pairwise_set && sm->wpa != WPA_VERSION_WPA)
2853 wpa_send_eapol(sm->wpa_auth, sm, key_info, NULL,
2854 sm->ANonce, kde_len ? buf : NULL, kde_len, 0, 0);
2859 static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *snonce, argument
2870 if (sm->wpa_auth->conf.force_kdk_derivation ||
2871 (!no_kdk && sm->wpa_auth->conf.secure_ltf &&
2872 ieee802_11_rsnx_capab(sm->rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF)))
2878 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
2879 if (sm->ft_completed) {
2882 ret = wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len,
2883 sm->SNonce, sm->ANonce,
2884 wpa_auth_get_spa(sm),
2885 wpa_auth_get_aa(sm),
2886 sm->pmk_r1_name, ptk,
2887 ptk_name, sm->wpa_key_mgmt,
2888 sm->pairwise, kdk_len);
2890 ret = wpa_auth_derive_ptk_ft(sm, ptk, pmk_r0, pmk_r1,
2900 if (!no_kdk && sm->wpa_auth->conf.secure_ltf &&
2901 ieee802_11_rsnx_capab(sm->rsnxe,
2903 ret = wpa_ltf_keyseed(ptk, sm->wpa_key_mgmt,
2904 sm->pairwise);
2916 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP && sm->dpp_z) {
2917 z = wpabuf_head(sm->dpp_z);
2918 z_len = wpabuf_len(sm->dpp_z);
2922 akmp = sm->wpa_key_mgmt;
2926 wpa_auth_get_aa(sm), wpa_auth_get_spa(sm),
2927 sm->ANonce, snonce, ptk, akmp,
2928 sm->pairwise, z, z_len, kdk_len);
2936 if (!no_kdk && sm->wpa_auth->conf.secure_ltf &&
2937 ieee802_11_rsnx_capab(sm->rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF)) {
2938 ret = wpa_ltf_keyseed(ptk, sm->wpa_key_mgmt, sm->pairwise);
2951 int fils_auth_pmk_to_ptk(struct wpa_state_machine *sm, const u8 *pmk, argument
2962 if (sm->wpa_auth->conf.force_kdk_derivation ||
2963 (sm->wpa_auth->conf.secure_ltf &&
2964 ieee802_11_rsnx_capab(sm->rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF)))
2969 res = fils_pmk_to_ptk(pmk, pmk_len, wpa_auth_get_spa(sm),
2970 wpa_auth_get_aa(sm),
2972 &sm->PTK, ick, &ick_len,
2973 sm->wpa_key_mgmt, sm->pairwise,
2979 if (sm->wpa_auth->conf.secure_ltf &&
2980 ieee802_11_rsnx_capab(sm->rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF)) {
2981 res = wpa_ltf_keyseed(&sm->PTK, sm->wpa_key_mgmt, sm->pairwise);
2990 sm->PTK_valid = true;
2991 sm->tk_already_set = false;
2995 struct wpa_authenticator *wpa_auth = sm->wpa_auth;
3004 wpa_auth_get_spa(sm), pmk_r0, pmk_r0_name,
3005 sm->wpa_key_mgmt) < 0)
3008 wpa_ft_store_pmk_fils(sm, pmk_r0, pmk_r0_name);
3012 wpa_auth_get_spa(sm),
3013 sm->pmk_r1_name,
3018 wpa_hexdump(MSG_DEBUG, "FILS+FT: PMKR1Name", sm->pmk_r1_name,
3020 sm->pmk_r1_name_valid = 1;
3025 wpa_auth_get_spa(sm),
3026 wpa_auth_get_aa(sm),
3031 sm->wpa_key_mgmt, sm->fils_key_auth_sta,
3032 sm->fils_key_auth_ap,
3033 &sm->fils_key_auth_len);
3037 os_memcpy(sm->SNonce, snonce, FILS_NONCE_LEN);
3038 os_memcpy(sm->ANonce, anonce, FILS_NONCE_LEN);
3044 static int wpa_aead_decrypt(struct wpa_state_machine *sm, struct wpa_ptk *ptk, argument
3061 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
3077 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
3099 const u8 * wpa_fils_validate_fils_session(struct wpa_state_machine *sm, argument
3106 if (!wpa_key_mgmt_fils(sm->wpa_key_mgmt)) {
3153 int wpa_fils_validate_key_confirm(struct wpa_state_machine *sm, const u8 *ies, argument
3174 if (elems.fils_key_confirm_len != sm->fils_key_auth_len) {
3178 sm->fils_key_auth_len);
3182 if (os_memcmp(elems.fils_key_confirm, sm->fils_key_auth_sta,
3183 sm->fils_key_auth_len) != 0) {
3188 sm->fils_key_auth_sta, sm->fils_key_auth_len);
3196 int fils_decrypt_assoc(struct wpa_state_machine *sm, const u8 *fils_session, argument
3205 if (!sm || !sm->PTK_valid) {
3211 if (!wpa_key_mgmt_fils(sm->wpa_key_mgmt)) {
3230 session = wpa_fils_validate_fils_session(sm, ie, end - ie,
3254 aad[2] = sm->SNonce;
3257 aad[3] = sm->ANonce;
3266 if (aes_siv_decrypt(sm->PTK.kek, sm->PTK.kek_len, crypt, end - crypt,
3275 if (wpa_fils_validate_key_confirm(sm, pos, left - AES_BLOCK_SIZE) < 0) {
3284 int fils_encrypt_assoc(struct wpa_state_machine *sm, u8 *buf, argument
3295 if (!sm || !sm->PTK_valid)
3313 aad[2] = sm->ANonce;
3316 aad[3] = sm->SNonce;
3327 plain = fils_prepare_plainbuf(sm, hlp);
3343 if (aes_siv_encrypt(sm->PTK.kek, sm->PTK.kek_len,
3356 sm->fils_completed = 1;
3362 static struct wpabuf * fils_prepare_plainbuf(struct wpa_state_machine *sm, argument
3372 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
3374 plain_len = 1000 + ieee80211w_kde_len(sm);
3385 wpabuf_put_u8(plain, 1 + sm->fils_key_auth_len); /* Length */
3388 wpabuf_put_data(plain, sm->fils_key_auth_ap, sm->fils_key_auth_len);
3397 gsm = sm->group;
3401 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN,
3406 if (conf->disable_gtk || sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) {
3426 tmp2 = ieee80211w_kde_add(sm, tmp);
3439 if (wpa_auth_uses_ocv(sm)) {
3443 if (wpa_channel_info(sm->wpa_auth, &ci) != 0) {
3471 int fils_set_tk(struct wpa_state_machine *sm) argument
3476 if (!sm || !sm->PTK_valid) {
3480 if (sm->tk_already_set) {
3485 alg = wpa_cipher_to_alg(sm->pairwise);
3486 klen = wpa_cipher_key_len(sm->pairwise);
3489 if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0,
3490 sm->PTK.tk, klen, KEY_FLAG_PAIRWISE_RX_TX)) {
3496 if (sm->wpa_auth->conf.secure_ltf &&
3497 ieee802_11_rsnx_capab(sm->rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF) &&
3498 wpa_auth_set_ltf_keyseed(sm->wpa_auth, sm->addr,
3499 sm->PTK.ltf_keyseed,
3500 sm->PTK.ltf_keyseed_len)) {
3507 sm->pairwise_set = true;
3508 sm->tk_already_set = true;
3510 wpa_auth_store_ptksa(sm->wpa_auth, sm->addr, sm->pairwise,
3511 dot11RSNAConfigPMKLifetime, &sm->PTK);
3517 u8 * hostapd_eid_assoc_fils_session(struct wpa_state_machine *sm, u8 *buf, argument
3530 plain = fils_prepare_plainbuf(sm, hlp);
3542 sm->fils_completed = 1;
3550 int get_sta_tx_parameters(struct wpa_state_machine *sm, int ap_max_chanwidth, argument
3553 struct wpa_authenticator *wpa_auth = sm->wpa_auth;
3557 return wpa_auth->cb->get_sta_tx_params(wpa_auth->cb_ctx, sm->addr,
3564 static int wpa_auth_validate_ml_kdes_m2(struct wpa_state_machine *sm, argument
3571 if (sm->mld_assoc_link_id < 0)
3576 !ether_addr_equal(kde->mac_addr, sm->peer_mld_addr)) {
3594 if (!sm->mld_links[i].valid || i == sm->mld_assoc_link_id) {
3600 if (!ether_addr_equal(sm->mld_links[i].peer_addr,
3606 MAC2STR(sm->mld_links[i].peer_addr), i);
3614 if (n_links != sm->n_mld_affiliated_links) {
3617 sm->n_mld_affiliated_links, n_links);
3628 struct wpa_authenticator *wpa_auth = sm->wpa_auth;
3650 sm->EAPOLKeyReceived = false;
3651 sm->update_snonce = false;
3654 mic_len = wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len);
3656 derive_kdk = sm->wpa_auth->conf.secure_ltf &&
3657 ieee802_11_rsnx_capab(sm->rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF);
3663 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) &&
3664 !wpa_key_mgmt_sae(sm->wpa_key_mgmt)) {
3665 pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr,
3666 sm->p2p_dev_addr, pmk, &pmk_len,
3672 if (wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt)) {
3673 os_memcpy(sm->xxkey, pmk, pmk_len);
3674 sm->xxkey_len = pmk_len;
3678 pmk = sm->PMK;
3679 pmk_len = sm->pmk_len;
3682 if ((!pmk || !pmk_len) && sm->pmksa) {
3684 pmk = sm->pmksa->pmk;
3685 pmk_len = sm->pmksa->pmk_len;
3690 if (wpa_derive_ptk(sm, sm->SNonce, pmk, pmk_len, &PTK,
3696 wpa_verify_key_mic(sm->wpa_key_mgmt, pmk_len, &PTK,
3697 sm->last_rx_eapol_key,
3698 sm->last_rx_eapol_key_len) == 0) {
3699 if (sm->PMK != pmk) {
3700 os_memcpy(sm->PMK, pmk, pmk_len);
3701 sm->pmk_len = pmk_len;
3709 wpa_aead_decrypt(sm, &PTK, sm->last_rx_eapol_key,
3710 sm->last_rx_eapol_key_len, NULL) == 0) {
3717 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE && pmk_len > 32 &&
3730 if (!sm->wpa_auth->conf.force_kdk_derivation &&
3738 if (!wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) ||
3739 wpa_key_mgmt_sae(sm->wpa_key_mgmt))
3748 MACSTR, MAC2STR(sm->addr));
3751 if (!ok && wpa_key_mgmt_wpa_psk_no_sae(sm->wpa_key_mgmt) &&
3753 !sm->waiting_radius_psk) {
3755 wpa_auth->cb->request_radius_psk(wpa_auth->cb_ctx, sm->addr,
3756 sm->wpa_key_mgmt,
3757 sm->ANonce,
3758 sm->last_rx_eapol_key,
3759 sm->last_rx_eapol_key_len);
3760 sm->waiting_radius_psk = 1;
3765 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
3769 wpa_auth_psk_failure_report(sm->wpa_auth, sm->addr);
3777 hdr = (struct ieee802_1x_hdr *) sm->last_rx_eapol_key;
3783 if (key_data_length > sm->last_rx_eapol_key_len - sizeof(*hdr) -
3791 !wpa_use_aes_key_wrap(sm->wpa_key_mgmt)) {
3821 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
3835 ft = sm->wpa == WPA_VERSION_WPA2 && wpa_key_mgmt_ft(sm->wpa_key_mgmt);
3836 if (!sm->wpa_ie ||
3837 wpa_compare_rsn_ie(ft, sm->wpa_ie, sm->wpa_ie_len,
3839 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
3841 if (sm->wpa_ie) {
3843 sm->wpa_ie, sm->wpa_ie_len);
3848 wpa_sta_disconnect(wpa_auth, sm->addr,
3852 if ((!sm->rsnxe && kde.rsnxe) ||
3853 (sm->rsnxe && !kde.rsnxe) ||
3854 (sm->rsnxe && kde.rsnxe &&
3855 (sm->rsnxe_len != kde.rsnxe_len ||
3856 os_memcmp(sm->rsnxe, kde.rsnxe, sm->rsnxe_len) != 0))) {
3857 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
3860 sm->rsnxe, sm->rsnxe_len);
3864 wpa_sta_disconnect(wpa_auth, sm->addr,
3869 if (wpa_auth_uses_ocv(sm)) {
3876 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
3882 if (get_sta_tx_parameters(sm,
3890 if (wpa_auth_uses_ocv(sm) == 2 && res == OCI_NOT_FOUND) {
3892 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
3895 wpa_auth_set_ocv(sm, 0);
3897 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
3904 MAC2STR(wpa_auth_get_spa(sm)),
3911 if (ft && ft_check_msg_2_of_4(wpa_auth, sm, &kde) < 0) {
3912 wpa_sta_disconnect(wpa_auth, sm->addr,
3919 wpa_auth->ip_pool && WPA_GET_BE32(sm->ip_addr) == 0) {
3927 sm->ip_addr_bit = idx;
3928 WPA_PUT_BE32(sm->ip_addr, start + idx);
3932 sm->ip_addr[0], sm->ip_addr[1],
3933 sm->ip_addr[2], sm->ip_addr[3],
3934 MAC2STR(wpa_auth_get_spa(sm)),
3935 sm->ip_addr_bit);
3945 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP &&
3948 !sm->dpp_z) {
3951 wpa_sta_disconnect(wpa_auth, sm->addr,
3958 if (wpa_auth_validate_ml_kdes_m2(sm, &kde) < 0) {
3959 wpa_sta_disconnect(wpa_auth, sm->addr,
3964 if (vlan_id && wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) &&
3965 wpa_auth_update_vlan(wpa_auth, sm->addr, vlan_id) < 0) {
3966 wpa_sta_disconnect(wpa_auth, sm->addr,
3971 sm->pending_1_of_4_timeout = 0;
3972 eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm);
3974 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) && sm->PMK != pmk) {
3978 os_memcpy(sm->PMK, pmk, PMK_LEN);
3979 sm->pmk_len = PMK_LEN;
3982 sm->MICVerified = true;
3985 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt) && !sm->ft_completed) {
3987 wpa_auth_ft_store_keys(sm, pmk_r0, pmk_r1, pmk_r0_name,
3992 os_memcpy(&sm->PTK, &PTK, sizeof(PTK));
3994 sm->PTK_valid = true;
4005 sm->TimeoutCtr = 0;
4009 static int ieee80211w_kde_len(struct wpa_state_machine *sm) argument
4012 struct wpa_authenticator *wpa_auth = sm->wpa_auth;
4014 if (sm->mgmt_frame_prot) {
4021 if (sm->mgmt_frame_prot && sm->wpa_auth->conf.beacon_prot) {
4030 static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos) argument
4034 struct wpa_group *gsm = sm->group;
4036 struct wpa_authenticator *wpa_auth = sm->wpa_auth;
4040 if (!sm->mgmt_frame_prot)
4044 if (sm->mld_assoc_link_id >= 0)
4051 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, rsc) < 0)
4056 if (conf->disable_gtk || sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) {
4076 if (!sm->wpa_auth->conf.beacon_prot)
4082 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_bigtk, rsc) < 0)
4087 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) {
4104 static int ocv_oci_len(struct wpa_state_machine *sm) argument
4107 if (wpa_auth_uses_ocv(sm))
4114 static int ocv_oci_add(struct wpa_state_machine *sm, u8 **argpos, argument
4120 if (!wpa_auth_uses_ocv(sm))
4123 if (wpa_channel_info(sm->wpa_auth, &ci) != 0) {
4238 static size_t wpa_auth_ml_group_kdes_len(struct wpa_state_machine *sm) argument
4244 if (sm->mld_assoc_link_id < 0)
4248 if (!sm->mld_links[link_id].valid)
4251 wpa_auth = sm->mld_links[link_id].wpa_auth;
4260 if (!sm->mgmt_frame_prot)
4286 static u8 * wpa_auth_ml_group_kdes(struct wpa_state_machine *sm, u8 *pos) argument
4294 ml_key_info.n_mld_links = sm->n_mld_affiliated_links + 1;
4300 ml_key_info.mgmt_frame_prot = sm->mgmt_frame_prot;
4301 ml_key_info.beacon_prot = sm->wpa_auth->conf.beacon_prot;
4304 if (!sm->mld_links[link_id].valid)
4310 wpa_auth_get_ml_key_info(sm->wpa_auth, &ml_key_info);
4314 if (!sm->mld_links[link_id].valid ||
4342 if (!sm->mgmt_frame_prot) {
4350 if (!sm->mld_links[link_id].valid ||
4385 if (!sm->wpa_auth->conf.beacon_prot) {
4393 if (!sm->mld_links[link_id].valid ||
4436 static size_t wpa_auth_ml_kdes_len(struct wpa_state_machine *sm) argument
4443 if (sm->mld_assoc_link_id < 0)
4454 wpa_auth = wpa_get_link_auth(sm->wpa_auth, link_id);
4469 kde_len += wpa_auth_ml_group_kdes_len(sm);
4476 static u8 * wpa_auth_ml_kdes(struct wpa_state_machine *sm, u8 *pos) argument
4482 if (sm->mld_assoc_link_id < 0)
4487 sm->wpa_auth->mld_addr, ETH_ALEN, NULL, 0);
4494 wpa_auth = wpa_get_link_auth(sm->wpa_auth, link_id);
4541 pos = wpa_auth_ml_group_kdes(sm, pos);
4552 struct wpa_group *gsm = sm->group;
4557 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
4559 bool is_mld = sm->mld_assoc_link_id >= 0;
4565 sm->TimeoutEvt = false;
4567 sm->TimeoutCtr++;
4568 if (conf->wpa_disable_eapol_key_retries && sm->TimeoutCtr > 1) {
4572 if (sm->TimeoutCtr > conf->wpa_pairwise_update_count) {
4582 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc);
4584 wpa_ie = sm->wpa_auth->wpa_ie;
4585 wpa_ie_len = sm->wpa_auth->wpa_ie_len;
4586 if (sm->wpa == WPA_VERSION_WPA && (conf->wpa & WPA_PROTO_RSN) &&
4616 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
4618 if (sm->wpa == WPA_VERSION_WPA2) {
4619 if (sm->use_ext_key_id && sm->TimeoutCtr == 1 &&
4620 wpa_auth_set_key(sm->wpa_auth, 0,
4621 wpa_cipher_to_alg(sm->pairwise),
4622 sm->addr,
4623 sm->keyidx_active, sm->PTK.tk,
4624 wpa_cipher_key_len(sm->pairwise),
4626 wpa_sta_disconnect(sm->wpa_auth, sm->addr,
4632 if (sm->wpa_auth->conf.secure_ltf &&
4633 ieee802_11_rsnx_capab(sm->rsnxe,
4635 wpa_auth_set_ltf_keyseed(sm->wpa_auth, sm->addr,
4636 sm->PTK.ltf_keyseed,
4637 sm->PTK.ltf_keyseed_len)) {
4640 wpa_sta_disconnect(sm->wpa_auth, sm->addr,
4651 sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) {
4670 if (sm->rx_eapol_key_secure) {
4679 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
4686 kde_len = wpa_ie_len + ieee80211w_kde_len(sm) + ocv_oci_len(sm);
4688 if (sm->use_ext_key_id)
4694 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
4700 if (WPA_GET_BE32(sm->ip_addr) > 0)
4708 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP)
4712 kde_len += wpa_auth_ml_kdes_len(sm);
4714 if (sm->ssid_protection)
4732 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
4737 res = wpa_insert_pmkid(kde, &elen, sm->pmk_r1_name, true);
4749 if (sm->use_ext_key_id) {
4750 hdr[0] = sm->keyidx_active & 0x01;
4759 pos = ieee80211w_kde_add(sm, pos);
4760 if (ocv_oci_add(sm, &pos, conf->oci_freq_override_eapol_m3) < 0)
4764 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
4767 if (sm->assoc_resp_ftie &&
4768 kde + kde_len - pos >= 2 + sm->assoc_resp_ftie[1]) {
4769 os_memcpy(pos, sm->assoc_resp_ftie,
4770 2 + sm->assoc_resp_ftie[1]);
4771 res = 2 + sm->assoc_resp_ftie[1];
4773 res = wpa_write_ftie(conf, sm->wpa_key_mgmt,
4774 sm->xxkey_len,
4804 if (WPA_GET_BE32(sm->ip_addr) > 0) {
4806 os_memcpy(addr, sm->ip_addr, 4);
4819 if (DPP_VERSION > 1 && sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP) {
4834 pos = wpa_auth_ml_kdes(sm, pos);
4836 if (sm->ssid_protection) {
4854 wpa_send_eapol(sm->wpa_auth, sm,
4856 (wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len) ?
4860 _rsc, sm->ANonce, kde, pos - kde, 0, encr);
4868 static int wpa_auth_validate_ml_kdes_m4(struct wpa_state_machine *sm) argument
4878 if (sm->mld_assoc_link_id < 0)
4885 mic_len = wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len);
4887 hdr = (const struct ieee802_1x_hdr *) sm->last_rx_eapol_key;
4892 if (key_data_length > sm->last_rx_eapol_key_len - sizeof(*hdr) -
4897 wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm),
4905 !ether_addr_equal(kde.mac_addr, sm->peer_mld_addr)) {
4922 sm->EAPOLKeyReceived = false;
4924 if (wpa_auth_validate_ml_kdes_m4(sm) < 0) {
4925 wpa_sta_disconnect(sm->wpa_auth, sm->addr,
4930 if (sm->Pair) {
4931 enum wpa_alg alg = wpa_cipher_to_alg(sm->pairwise);
4932 int klen = wpa_cipher_key_len(sm->pairwise);
4935 if (sm->use_ext_key_id)
4936 res = wpa_auth_set_key(sm->wpa_auth, 0, 0, sm->addr,
4937 sm->keyidx_active, NULL, 0,
4940 res = wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr,
4941 0, sm->PTK.tk, klen,
4944 wpa_sta_disconnect(sm->wpa_auth, sm->addr,
4950 if (sm->wpa_auth->conf.secure_ltf &&
4951 ieee802_11_rsnx_capab(sm->rsnxe,
4953 wpa_auth_set_ltf_keyseed(sm->wpa_auth, sm->addr,
4954 sm->PTK.ltf_keyseed,
4955 sm->PTK.ltf_keyseed_len)) {
4958 wpa_sta_disconnect(sm->wpa_auth, sm->addr,
4965 sm->pairwise_set = true;
4967 wpa_auth_set_ptk_rekey_timer(sm);
4968 wpa_auth_store_ptksa(sm->wpa_auth, sm->addr, sm->pairwise,
4969 dot11RSNAConfigPMKLifetime, &sm->PTK);
4971 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) ||
4972 sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP ||
4973 sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE) {
4974 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
4980 sm->keycount++;
4981 if (sm->keycount == 2) {
4982 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
4986 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid,
4989 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyAvailable,
4991 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyDone, true);
4992 if (sm->wpa == WPA_VERSION_WPA)
4993 sm->PInitAKeys = true;
4995 sm->has_GTK = true;
4996 wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
4998 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN");
4999 wpa_msg(sm->wpa_auth->conf.msg_ctx, MSG_INFO, "EAPOL-4WAY-HS-COMPLETED "
5000 MACSTR, MAC2STR(sm->addr));
5003 wpa_ft_push_pmk_r1(sm->wpa_auth, wpa_auth_get_spa(sm));
5006 sm->ptkstart_without_success = 0;
5012 struct wpa_authenticator *wpa_auth = sm->wpa_auth;
5015 if (sm->Init)
5017 else if (sm->Disconnect
5019 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
5020 "WPA_PTK: sm->Disconnect");
5023 else if (sm->DeauthenticationRequest)
5025 else if (sm->AuthenticationRequest)
5027 else if (sm->ReAuthenticationRequest)
5029 else if (sm->PTKRequest) {
5030 if (wpa_auth_sm_ptk_update(sm) < 0)
5034 } else switch (sm->wpa_ptk_state) {
5047 if (wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt) &&
5048 wpa_auth_get_eapol(wpa_auth, sm->addr,
5051 else if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) ||
5052 sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE
5055 else if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP)
5059 if (wpa_auth_get_eapol(wpa_auth, sm->addr,
5063 } else if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP && sm->pmksa) {
5068 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
5075 if (wpa_auth_get_psk(wpa_auth, sm->addr, sm->p2p_dev_addr,
5079 } else if (wpa_auth_uses_sae(sm) && sm->pmksa) {
5082 } else if (wpa_key_mgmt_wpa_psk_no_sae(sm->wpa_key_mgmt) &&
5088 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
5096 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
5097 sm->EAPOLKeyPairwise)
5099 else if (sm->TimeoutCtr > conf->wpa_pairwise_update_count) {
5101 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
5105 sm->disconnect_reason =
5108 } else if (sm->TimeoutEvt)
5112 if (sm->MICVerified)
5114 else if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
5115 sm->EAPOLKeyPairwise)
5117 else if (sm->TimeoutEvt)
5124 if (sm->update_snonce)
5126 else if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
5127 sm->EAPOLKeyPairwise && sm->MICVerified)
5129 else if (sm->TimeoutCtr >
5132 sm->TimeoutCtr > 1)) {
5134 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
5138 sm->disconnect_reason =
5141 } else if (sm->TimeoutEvt)
5153 if (sm->Init) {
5156 sm->changed = false;
5158 sm->GTimeoutCtr = 0;
5165 struct wpa_group *gsm = sm->group;
5170 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
5174 is_mld = sm->mld_assoc_link_id >= 0;
5179 sm->GTimeoutCtr++;
5180 if (conf->wpa_disable_eapol_key_retries && sm->GTimeoutCtr > 1) {
5184 if (sm->GTimeoutCtr > conf->wpa_group_update_count) {
5190 if (sm->wpa == WPA_VERSION_WPA)
5191 sm->PInitAKeys = false;
5192 sm->TimeoutEvt = false;
5196 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc);
5197 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
5201 if (conf->disable_gtk || sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) {
5211 if (sm->wpa == WPA_VERSION_WPA2 && !is_mld) {
5213 ieee80211w_kde_len(sm) + ocv_oci_len(sm);
5223 pos = ieee80211w_kde_add(sm, pos);
5224 if (ocv_oci_add(sm, &pos,
5231 } else if (sm->wpa == WPA_VERSION_WPA2 && is_mld) {
5232 kde_len = wpa_auth_ml_group_kdes_len(sm);
5239 pos = wpa_auth_ml_group_kdes(sm, pos);
5248 wpa_send_eapol(sm->wpa_auth, sm,
5250 (wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len) ?
5253 (!sm->Pair ? WPA_KEY_INFO_INSTALL : 0),
5262 struct wpa_authenticator *wpa_auth = sm->wpa_auth;
5273 sm->EAPOLKeyReceived = false;
5276 mic_len = wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len);
5282 hdr = (struct ieee802_1x_hdr *) sm->last_rx_eapol_key;
5287 if (key_data_length > sm->last_rx_eapol_key_len - sizeof(*hdr) -
5292 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
5297 if (wpa_auth_uses_ocv(sm)) {
5303 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
5309 if (get_sta_tx_parameters(sm,
5318 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
5325 MAC2STR(wpa_auth_get_spa(sm)),
5332 if (sm->GUpdateStationKeys)
5333 wpa_gkeydone_sta(sm);
5334 sm->GTimeoutCtr = 0;
5336 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
5338 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN");
5339 sm->has_GTK = true;
5346 if (sm->GUpdateStationKeys)
5347 wpa_gkeydone_sta(sm);
5348 if (sm->wpa_auth->conf.no_disconnect_on_group_keyerror &&
5349 sm->wpa == WPA_VERSION_WPA2) {
5350 wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm),
5353 sm->wpa_auth->conf.wpa_group_update_count);
5356 sm->Disconnect = true;
5357 sm->disconnect_reason = WLAN_REASON_GROUP_KEY_UPDATE_TIMEOUT;
5358 wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
5360 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN",
5361 sm->wpa_auth->conf.wpa_group_update_count);
5367 if (sm->Init || sm->PtkGroupInit) {
5369 sm->PtkGroupInit = false;
5370 } else switch (sm->wpa_ptk_group_state) {
5372 if (sm->GUpdateStationKeys ||
5373 (sm->wpa == WPA_VERSION_WPA && sm->PInitAKeys))
5377 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
5378 !sm->EAPOLKeyPairwise && sm->MICVerified)
5380 else if (sm->GTimeoutCtr >
5381 sm->wpa_auth->conf.wpa_group_update_count ||
5382 (sm->wpa_auth->conf.wpa_disable_eapol_key_retries &&
5383 sm->GTimeoutCtr > 1))
5385 else if (sm->TimeoutEvt)
5476 static int wpa_group_update_sta(struct wpa_state_machine *sm, void *ctx) argument
5478 if (ctx != NULL && ctx != sm->group)
5481 if (sm->wpa_ptk_state != WPA_PTK_PTKINITDONE) {
5482 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
5485 sm->GUpdateStationKeys = false;
5488 if (sm->GUpdateStationKeys) {
5494 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
5500 if (sm->is_wnmsleep)
5503 sm->group->GKeyDoneStations++;
5504 sm->GUpdateStationKeys = true;
5506 wpa_sm_step(sm);
5513 void wpa_wnmsleep_rekey_gtk(struct wpa_state_machine *sm) argument
5515 if (!sm || sm->is_wnmsleep)
5518 wpa_group_update_sta(sm, NULL);
5522 void wpa_set_wnmsleep(struct wpa_state_machine *sm, int flag) argument
5524 if (sm)
5525 sm->is_wnmsleep = !!flag;
5529 int wpa_wnmsleep_gtk_subelem(struct wpa_state_machine *sm, u8 *pos) argument
5531 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
5532 struct wpa_group *gsm = sm->group;
5546 if (wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, pos) != 0)
5550 if (conf->disable_gtk || sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) {
5569 int wpa_wnmsleep_igtk_subelem(struct wpa_state_machine *sm, u8 *pos) argument
5571 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
5572 struct wpa_group *gsm = sm->group;
5574 size_t len = wpa_cipher_key_len(sm->wpa_auth->conf.group_mgmt_cipher);
5584 if (wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, pos) != 0)
5589 if (conf->disable_gtk || sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) {
5608 int wpa_wnmsleep_bigtk_subelem(struct wpa_state_machine *sm, u8 *pos) argument
5610 struct wpa_authenticator *wpa_auth = sm->wpa_auth;
5628 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) {
5751 static int wpa_group_disconnect_cb(struct wpa_state_machine *sm, void *ctx) argument
5753 if (sm->group == ctx) {
5756 MAC2STR(wpa_auth_get_spa(sm)));
5757 sm->Disconnect = true;
5815 static void wpa_clear_changed(struct wpa_state_machine *sm) argument
5821 sm->changed = false;
5822 sm->wpa_auth->group->changed = false;
5825 for_each_sm_auth(sm, link_id)
5826 sm->mld_links[link_id].wpa_auth->group->changed = false;
5831 static void wpa_group_sm_step_links(struct wpa_state_machine *sm) argument
5837 if (!sm || !sm->wpa_auth)
5839 wpa_group_sm_step(sm->wpa_auth, sm->wpa_auth->group);
5842 for_each_sm_auth(sm, link_id) {
5843 wpa_group_sm_step(sm->mld_links[link_id].wpa_auth,
5844 sm->mld_links[link_id].wpa_auth->group);
5850 static bool wpa_group_sm_changed(struct wpa_state_machine *sm) argument
5857 if (!sm || !sm->wpa_auth)
5859 changed = sm->wpa_auth->group->changed;
5862 for_each_sm_auth(sm, link_id)
5863 changed |= sm->mld_links[link_id].wpa_auth->group->changed;
5870 static int wpa_sm_step(struct wpa_state_machine *sm) argument
5872 if (!sm)
5875 if (sm->in_step_loop) {
5883 sm->in_step_loop = 1;
5885 if (sm->pending_deinit)
5888 wpa_clear_changed(sm);
5891 if (sm->pending_deinit)
5894 if (sm->pending_deinit)
5896 wpa_group_sm_step_links(sm);
5897 } while (sm->changed || wpa_group_sm_changed(sm));
5898 sm->in_step_loop = 0;
5900 if (sm->pending_deinit) {
5903 MACSTR, MAC2STR(wpa_auth_get_spa(sm)));
5904 wpa_free_sta_sm(sm);
5913 struct wpa_state_machine *sm = eloop_ctx; local
5914 wpa_sm_step(sm);
5918 void wpa_auth_sm_notify(struct wpa_state_machine *sm) argument
5920 if (!sm)
5922 eloop_register_timeout(0, 0, wpa_sm_call_step, sm, NULL);
6055 int wpa_get_mib_sta(struct wpa_state_machine *sm, char *buf, size_t buflen) argument
6060 if (!sm)
6067 pairwise = wpa_cipher_to_suite(sm->wpa == WPA_VERSION_WPA2 ?
6069 sm->pairwise);
6085 MAC2STR(sm->addr),
6087 sm->dot11RSNAStatsTKIPLocalMICFailures,
6088 sm->dot11RSNAStatsTKIPRemoteMICFailures);
6100 sm->wpa,
6101 RSN_SUITE_ARG(wpa_akm_to_suite(sm->wpa_key_mgmt)),
6102 sm->wpa_ptk_state,
6103 sm->wpa_ptk_group_state,
6104 sm->mfpr);
6120 int wpa_auth_pairwise_set(struct wpa_state_machine *sm) argument
6122 return sm && sm->pairwise_set;
6126 int wpa_auth_get_pairwise(struct wpa_state_machine *sm) argument
6128 return sm->pairwise;
6132 const u8 * wpa_auth_get_pmk(struct wpa_state_machine *sm, int *len) argument
6134 if (!sm)
6136 *len = sm->pmk_len;
6137 return sm->PMK;
6141 const u8 * wpa_auth_get_dpp_pkhash(struct wpa_state_machine *sm) argument
6143 if (!sm || !sm->pmksa)
6145 return sm->pmksa->dpp_pkhash;
6149 int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm) argument
6151 if (!sm)
6153 return sm->wpa_key_mgmt;
6157 int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm) argument
6159 if (!sm)
6161 return sm->wpa;
6165 int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm) argument
6167 if (!sm || !wpa_key_mgmt_ft(sm->wpa_key_mgmt))
6169 return sm->tk_already_set;
6173 int wpa_auth_sta_fils_tk_already_set(struct wpa_state_machine *sm) argument
6175 if (!sm || !wpa_key_mgmt_fils(sm->wpa_key_mgmt))
6177 return sm->tk_already_set;
6181 int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm, argument
6184 if (!sm || sm->pmksa != entry)
6186 sm->pmksa = NULL;
6192 wpa_auth_sta_get_pmksa(struct wpa_state_machine *sm) argument
6194 return sm ? sm->pmksa : NULL;
6198 void wpa_auth_sta_local_mic_failure_report(struct wpa_state_machine *sm) argument
6200 if (sm)
6201 sm->dot11RSNAStatsTKIPLocalMICFailures++;
6214 int wpa_auth_pmksa_add(struct wpa_state_machine *sm, const u8 *pmk, argument
6218 if (!sm || sm->wpa != WPA_VERSION_WPA2 ||
6219 sm->wpa_auth->conf.disable_pmksa_caching)
6223 if (pmk_len >= 2 * PMK_LEN && wpa_key_mgmt_ft(sm->wpa_key_mgmt) &&
6224 wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt) &&
6225 !wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) {
6231 if (wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) {
6239 if (pmksa_cache_auth_add(sm->wpa_auth->pmksa, pmk, pmk_len, NULL,
6240 sm->PTK.kck, sm->PTK.kck_len,
6241 wpa_auth_get_aa(sm),
6242 wpa_auth_get_spa(sm), session_timeout,
6243 eapol, sm->wpa_key_mgmt))
6288 void wpa_auth_add_sae_pmkid(struct wpa_state_machine *sm, const u8 *pmkid) argument
6290 os_memcpy(sm->pmkid, pmkid, PMKID_LEN);
6291 sm->pmkid_set = 1;
6423 struct wpa_state_machine *sm, argument
6427 if (!sm)
6430 sm->pmksa = pmksa;
6608 int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id) argument
6612 if (!sm || !sm->wpa_auth)
6615 group = sm->wpa_auth->group;
6623 group = wpa_auth_add_group(sm->wpa_auth, vlan_id);
6628 if (sm->group == group)
6636 MAC2STR(wpa_auth_get_spa(sm)), vlan_id);
6638 wpa_group_get(sm->wpa_auth, group);
6639 wpa_group_put(sm->wpa_auth, sm->group);
6640 sm->group = group;
6647 struct wpa_state_machine *sm, int ack) argument
6649 if (!wpa_auth || !sm)
6652 " ack=%d", MAC2STR(wpa_auth_get_spa(sm)), ack);
6653 if (sm->pending_1_of_4_timeout && ack) {
6668 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm);
6671 wpa_send_eapol_timeout, wpa_auth, sm);
6675 if (sm->eapol_status_cb) {
6676 sm->eapol_status_cb(sm->eapol_status_cb_ctx1,
6677 sm->eapol_status_cb_ctx2);
6678 sm->eapol_status_cb = NULL;
6684 int wpa_auth_uses_sae(struct wpa_state_machine *sm) argument
6686 if (!sm)
6688 return wpa_key_mgmt_sae(sm->wpa_key_mgmt);
6692 int wpa_auth_uses_ft_sae(struct wpa_state_machine *sm) argument
6694 if (!sm)
6696 return sm->wpa_key_mgmt == WPA_KEY_MGMT_FT_SAE ||
6697 sm->wpa_key_mgmt == WPA_KEY_MGMT_FT_SAE_EXT_KEY;
6702 int wpa_auth_get_ip_addr(struct wpa_state_machine *sm, u8 *addr) argument
6704 if (!sm || WPA_GET_BE32(sm->ip_addr) == 0)
6706 os_memcpy(addr, sm->ip_addr, 4);
6774 struct wpa_state_machine *sm, argument
6779 return wpa_write_ftie(conf, sm->wpa_key_mgmt, sm->xxkey_len,
6786 void wpa_auth_get_fils_aead_params(struct wpa_state_machine *sm, argument
6790 os_memcpy(fils_anonce, sm->ANonce, WPA_NONCE_LEN);
6791 os_memcpy(fils_snonce, sm->SNonce, WPA_NONCE_LEN);
6792 os_memcpy(fils_kek, sm->PTK.kek, WPA_KEK_MAX_LEN);
6793 *fils_kek_len = sm->PTK.kek_len;
6797 void wpa_auth_add_fils_pmk_pmkid(struct wpa_state_machine *sm, const u8 *pmk, argument
6800 os_memcpy(sm->PMK, pmk, pmk_len);
6801 sm->pmk_len = pmk_len;
6802 os_memcpy(sm->pmkid, pmkid, PMKID_LEN);
6803 sm->pmkid_set = 1;
6809 void wpa_auth_set_auth_alg(struct wpa_state_machine *sm, u16 auth_alg) argument
6811 if (sm)
6812 sm->auth_alg = auth_alg;
6817 void wpa_auth_set_dpp_z(struct wpa_state_machine *sm, const struct wpabuf *z) argument
6819 if (sm) {
6820 wpabuf_clear_free(sm->dpp_z);
6821 sm->dpp_z = z ? wpabuf_dup(z) : NULL;
6827 void wpa_auth_set_ssid_protection(struct wpa_state_machine *sm, bool val) argument
6829 if (sm)
6830 sm->ssid_protection = val;
6844 int wpa_auth_resend_m1(struct wpa_state_machine *sm, int change_anonce, argument
6848 const u8 *anonce = sm->ANonce;
6857 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
6859 wpa_send_eapol(sm->wpa_auth, sm,
6866 int wpa_auth_resend_m3(struct wpa_state_machine *sm, argument
6873 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
6874 struct wpa_group *gsm = sm->group;
6886 wpa_ie = sm->wpa_auth->wpa_ie;
6887 wpa_ie_len = sm->wpa_auth->wpa_ie_len;
6888 if (sm->wpa == WPA_VERSION_WPA &&
6889 (sm->wpa_auth->conf.wpa & WPA_PROTO_RSN) &&
6899 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
6901 if (sm->wpa == WPA_VERSION_WPA2) {
6915 if (sm->rx_eapol_key_secure) {
6924 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
6931 kde_len = wpa_ie_len + ieee80211w_kde_len(sm) + ocv_oci_len(sm);
6933 if (sm->use_ext_key_id)
6939 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
6952 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
6957 res = wpa_insert_pmkid(kde, &elen, sm->pmk_r1_name, true);
6970 if (sm->use_ext_key_id) {
6971 hdr[0] = sm->keyidx_active & 0x01;
6981 pos = ieee80211w_kde_add(sm, pos);
6987 if (ocv_oci_add(sm, &pos, conf->oci_freq_override_eapol_m3) < 0) {
6993 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
6996 if (sm->assoc_resp_ftie &&
6997 kde + kde_len - pos >= 2 + sm->assoc_resp_ftie[1]) {
6998 os_memcpy(pos, sm->assoc_resp_ftie,
6999 2 + sm->assoc_resp_ftie[1]);
7000 res = 2 + sm->assoc_resp_ftie[1];
7002 res = wpa_write_ftie(conf, sm->wpa_key_mgmt,
7003 sm->xxkey_len,
7034 wpa_send_eapol(sm->wpa_auth, sm,
7036 (wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len) ?
7040 _rsc, sm->ANonce, kde, pos - kde, 0, encr);
7046 int wpa_auth_resend_group_m1(struct wpa_state_machine *sm, argument
7051 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
7052 struct wpa_group *gsm = sm->group;
7062 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
7066 if (sm->wpa == WPA_VERSION_WPA2) {
7068 ieee80211w_kde_len(sm) + ocv_oci_len(sm);
7079 pos = ieee80211w_kde_add(sm, pos);
7086 if (ocv_oci_add(sm, &pos,
7097 sm->eapol_status_cb = cb;
7098 sm->eapol_status_cb_ctx1 = ctx1;
7099 sm->eapol_status_cb_ctx2 = ctx2;
7101 wpa_send_eapol(sm->wpa_auth, sm,
7103 (wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len) ?
7106 (!sm->Pair ? WPA_KEY_INFO_INSTALL : 0),
7126 struct wpa_state_machine *sm) argument
7128 if (!wpa_auth || !sm)
7130 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "rekeying PTK");
7131 wpa_request_new_ptk(sm);
7132 wpa_sm_step(sm);
7169 void wpa_auth_sta_radius_psk_resp(struct wpa_state_machine *sm, bool success) argument
7171 if (!sm->waiting_radius_psk) {
7175 MAC2STR(sm->addr));
7180 MAC2STR(sm->addr), success ? "success" : "fail");
7181 sm->waiting_radius_psk = 0;
7185 sm->EAPOLKeyReceived = true;
7187 sm->Disconnect = true;
7190 eloop_register_timeout(0, 0, wpa_sm_call_step, sm, NULL);
7194 void wpa_auth_set_ml_info(struct wpa_state_machine *sm, argument
7203 os_memset(sm->mld_links, 0, sizeof(sm->mld_links));
7204 sm->n_mld_affiliated_links = 0;
7206 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
7209 os_memcpy(sm->peer_mld_addr, info->common_info.mld_addr, ETH_ALEN);
7211 sm->mld_assoc_link_id = mld_assoc_link_id;
7215 struct mld_link *sm_link = &sm->mld_links[link_id];
7230 sm->n_mld_affiliated_links++;
7235 wpa_auth_for_each_auth(sm->wpa_auth,
7243 sm_link->wpa_auth = sm->wpa_auth;
7250 MAC2STR(sm->wpa_auth->mld_addr),