Lines Matching +full:mic +full:- +full:pos
2 * hostapd - IEEE 802.11r - Fast BSS Transition
3 * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi>
58 * wpa_ft_rrb_decrypt - Decrypt FT RRB message
59 * @key: AES-SIV key for AEAD
66 * @type: Vendor-specific subtype of the RRB frame (FT_PACKET_*)
72 * Returns: 0 on success, -1 on error
105 *plain = os_zalloc(enc_len - AES_BLOCK_SIZE); in wpa_ft_rrb_decrypt()
117 enc_len -= 2; in wpa_ft_rrb_decrypt()
123 *plain_size = enc_len - AES_BLOCK_SIZE; in wpa_ft_rrb_decrypt()
134 return -1; in wpa_ft_rrb_decrypt()
140 * @return 0 on success else -1
156 left -= sizeof(*f); in wpa_ft_rrb_get_tlv()
158 len = le_to_host16(f->len); in wpa_ft_rrb_get_tlv()
165 if (f->type == type16) { in wpa_ft_rrb_get_tlv()
171 left -= len; in wpa_ft_rrb_get_tlv()
175 return -1; in wpa_ft_rrb_get_tlv()
191 left -= sizeof(*f); in wpa_ft_rrb_dump()
193 len = le_to_host16(f->len); in wpa_ft_rrb_dump()
196 le_to_host16(f->type), len); in wpa_ft_rrb_dump()
207 left -= len; in wpa_ft_rrb_dump()
224 return x - y; in cmp_int()
245 left -= sizeof(*f); in wpa_ft_rrb_get_tlv_vlan()
248 len = le_to_host16(f->len); in wpa_ft_rrb_get_tlv_vlan()
249 type = le_to_host16(f->type); in wpa_ft_rrb_get_tlv_vlan()
253 return -1; in wpa_ft_rrb_get_tlv_vlan()
262 return -1; in wpa_ft_rrb_get_tlv_vlan()
268 return -1; in wpa_ft_rrb_get_tlv_vlan()
274 left -= sizeof(le16); in wpa_ft_rrb_get_tlv_vlan()
275 len -= sizeof(le16); in wpa_ft_rrb_get_tlv_vlan()
285 vlan->untagged = vlan_id; in wpa_ft_rrb_get_tlv_vlan()
289 vlan->tagged[taggedidx] = vlan_id; in wpa_ft_rrb_get_tlv_vlan()
297 left -= len; in wpa_ft_rrb_get_tlv_vlan()
302 qsort(vlan->tagged, taggedidx, sizeof(int), cmp_int); in wpa_ft_rrb_get_tlv_vlan()
304 vlan->notempty = vlan->untagged || vlan->tagged[0]; in wpa_ft_rrb_get_tlv_vlan()
333 u8 *pos; in wpa_ft_tlv_lin() local
339 pos = start; in wpa_ft_tlv_lin()
341 if (tlv_len + sizeof(*hdr) > (size_t) (endpos - start)) in wpa_ft_tlv_lin()
344 hdr = (struct ft_rrb_tlv *) pos; in wpa_ft_tlv_lin()
345 hdr->type = host_to_le16(tlvs[i].type); in wpa_ft_tlv_lin()
346 hdr->len = host_to_le16(tlvs[i].len); in wpa_ft_tlv_lin()
347 pos = start + tlv_len; in wpa_ft_tlv_lin()
349 if (tlv_len + tlvs[i].len > (size_t) (endpos - start)) in wpa_ft_tlv_lin()
354 os_memcpy(pos, tlvs[i].data, tlvs[i].len); in wpa_ft_tlv_lin()
355 pos = start + tlv_len; in wpa_ft_tlv_lin()
367 if (!vlan || !vlan->notempty) in wpa_ft_vlan_len()
370 if (vlan->untagged) { in wpa_ft_vlan_len()
374 if (vlan->tagged[0]) in wpa_ft_vlan_len()
376 for (i = 0; i < MAX_NUM_TAGGED_VLAN && vlan->tagged[i]; i++) in wpa_ft_vlan_len()
389 u8 *pos = start; in wpa_ft_vlan_lin() local
391 if (!vlan || !vlan->notempty) in wpa_ft_vlan_lin()
395 if (vlan->untagged) { in wpa_ft_vlan_lin()
399 hdr = (struct ft_rrb_tlv *) pos; in wpa_ft_vlan_lin()
400 hdr->type = host_to_le16(FT_RRB_VLAN_UNTAGGED); in wpa_ft_vlan_lin()
401 hdr->len = host_to_le16(sizeof(le16)); in wpa_ft_vlan_lin()
402 pos = start + tlv_len; in wpa_ft_vlan_lin()
407 WPA_PUT_LE16(pos, vlan->untagged); in wpa_ft_vlan_lin()
408 pos = start + tlv_len; in wpa_ft_vlan_lin()
411 if (!vlan->tagged[0]) in wpa_ft_vlan_lin()
417 hdr = (struct ft_rrb_tlv *) pos; in wpa_ft_vlan_lin()
418 hdr->type = host_to_le16(FT_RRB_VLAN_TAGGED); in wpa_ft_vlan_lin()
420 pos = start + tlv_len; in wpa_ft_vlan_lin()
422 for (i = 0; i < MAX_NUM_TAGGED_VLAN && vlan->tagged[i]; i++) { in wpa_ft_vlan_lin()
427 WPA_PUT_LE16(pos, vlan->tagged[i]); in wpa_ft_vlan_lin()
428 pos = start + tlv_len; in wpa_ft_vlan_lin()
431 hdr->len = host_to_le16(len); in wpa_ft_vlan_lin()
442 u8 *pos, *endpos; in wpa_ft_rrb_lin() local
456 pos = *plain; in wpa_ft_rrb_lin()
458 pos += wpa_ft_tlv_lin(tlvs1, pos, endpos); in wpa_ft_rrb_lin()
459 pos += wpa_ft_tlv_lin(tlvs2, pos, endpos); in wpa_ft_rrb_lin()
460 pos += wpa_ft_vlan_lin(vlan, pos, endpos); in wpa_ft_rrb_lin()
463 if (pos != endpos) { in wpa_ft_rrb_lin()
474 return -1; in wpa_ft_rrb_lin()
498 wpa_printf(MSG_ERROR, "FT: Failed to encrypt RRB-OUI message"); in wpa_ft_rrb_encrypt()
499 return -1; in wpa_ft_rrb_encrypt()
509 * wpa_ft_rrb_build - Build and encrypt an FT RRB message
510 * @key: AES-SIV key for AEAD
512 * @tlvs_enc0: First set of to-be-encrypted TLVs
513 * @tlvs_enc1: Second set of to-be-encrypted TLVs
514 * @tlvs_auth: Set of to-be-authenticated TLVs
516 * @type: Vendor-specific subtype of the RRB frame (FT_PACKET_*)
521 * Returns: 0 on success, -1 on error
531 u8 *plain = NULL, *auth = NULL, *pos, *tmp; in wpa_ft_rrb_build() local
533 int ret = -1; in wpa_ft_rrb_build()
548 pad_len = RRB_MIN_MSG_LEN - *packet_len; in wpa_ft_rrb_build()
552 "FT: Pad message to minimum Ethernet frame length (%d --> %d)", in wpa_ft_rrb_build()
559 pos = auth + auth_len; in wpa_ft_rrb_build()
560 WPA_PUT_LE16(pos, FT_RRB_LAST_EMPTY); in wpa_ft_rrb_build()
561 pos += 2; in wpa_ft_rrb_build()
562 WPA_PUT_LE16(pos, pad_len - sizeof(struct ft_rrb_tlv)); in wpa_ft_rrb_build()
563 pos += 2; in wpa_ft_rrb_build()
564 os_memset(pos, 0, pad_len - sizeof(struct ft_rrb_tlv)); in wpa_ft_rrb_build()
572 pos = *packet; in wpa_ft_rrb_build()
573 WPA_PUT_LE16(pos, auth_len); in wpa_ft_rrb_build()
574 pos += 2; in wpa_ft_rrb_build()
575 os_memcpy(pos, auth, auth_len); in wpa_ft_rrb_build()
576 pos += auth_len; in wpa_ft_rrb_build()
578 auth_len, src_addr, type, pos) < 0) in wpa_ft_rrb_build()
589 wpa_printf(MSG_ERROR, "FT: Failed to build RRB-OUI message"); in wpa_ft_rrb_build()
634 if (wpa_auth->cb->send_ether == NULL) in wpa_ft_rrb_send()
635 return -1; in wpa_ft_rrb_send()
637 return wpa_auth->cb->send_ether(wpa_auth->cb_ctx, dst, ETH_P_RRB, in wpa_ft_rrb_send()
646 if (!wpa_auth->cb->send_oui) in wpa_ft_rrb_oui_send()
647 return -1; in wpa_ft_rrb_oui_send()
648 wpa_printf(MSG_DEBUG, "FT: RRB-OUI type %u send to " MACSTR " (len=%u)", in wpa_ft_rrb_oui_send()
650 return wpa_auth->cb->send_oui(wpa_auth->cb_ctx, dst, oui_suffix, data, in wpa_ft_rrb_oui_send()
658 if (wpa_auth->cb->send_ft_action == NULL) in wpa_ft_action_send()
659 return -1; in wpa_ft_action_send()
660 return wpa_auth->cb->send_ft_action(wpa_auth->cb_ctx, dst, in wpa_ft_action_send()
669 if (wpa_auth->cb->get_psk == NULL) in wpa_ft_get_psk()
671 return wpa_auth->cb->get_psk(wpa_auth->cb_ctx, addr, p2p_dev_addr, in wpa_ft_get_psk()
679 if (wpa_auth->cb->add_sta == NULL) in wpa_ft_add_sta()
681 return wpa_auth->cb->add_sta(wpa_auth->cb_ctx, sta_addr); in wpa_ft_add_sta()
688 if (!wpa_auth->cb->set_vlan) in wpa_ft_set_vlan()
689 return -1; in wpa_ft_set_vlan()
690 return wpa_auth->cb->set_vlan(wpa_auth->cb_ctx, sta_addr, vlan); in wpa_ft_set_vlan()
697 if (!wpa_auth->cb->get_vlan) in wpa_ft_get_vlan()
698 return -1; in wpa_ft_get_vlan()
699 return wpa_auth->cb->get_vlan(wpa_auth->cb_ctx, sta_addr, vlan); in wpa_ft_get_vlan()
707 if (!wpa_auth->cb->set_identity) in wpa_ft_set_identity()
708 return -1; in wpa_ft_set_identity()
709 return wpa_auth->cb->set_identity(wpa_auth->cb_ctx, sta_addr, identity, in wpa_ft_set_identity()
719 if (!wpa_auth->cb->get_identity) in wpa_ft_get_identity()
721 return wpa_auth->cb->get_identity(wpa_auth->cb_ctx, sta_addr, buf); in wpa_ft_get_identity()
729 if (!wpa_auth->cb->set_radius_cui) in wpa_ft_set_radius_cui()
730 return -1; in wpa_ft_set_radius_cui()
731 return wpa_auth->cb->set_radius_cui(wpa_auth->cb_ctx, sta_addr, in wpa_ft_set_radius_cui()
741 if (!wpa_auth->cb->get_radius_cui) in wpa_ft_get_radius_cui()
743 return wpa_auth->cb->get_radius_cui(wpa_auth->cb_ctx, sta_addr, buf); in wpa_ft_get_radius_cui()
751 if (!wpa_auth->cb->set_session_timeout) in wpa_ft_set_session_timeout()
753 wpa_auth->cb->set_session_timeout(wpa_auth->cb_ctx, sta_addr, in wpa_ft_set_session_timeout()
762 if (!wpa_auth->cb->get_session_timeout) in wpa_ft_get_session_timeout()
764 return wpa_auth->cb->get_session_timeout(wpa_auth->cb_ctx, sta_addr); in wpa_ft_get_session_timeout()
772 if (wpa_auth->cb->add_tspec == NULL) { in wpa_ft_add_tspec()
774 return -1; in wpa_ft_add_tspec()
776 return wpa_auth->cb->add_tspec(wpa_auth->cb_ctx, sta_addr, tspec_ie, in wpa_ft_add_tspec()
785 if (!wpa_auth->cb->channel_info) in wpa_channel_info()
786 return -1; in wpa_channel_info()
787 return wpa_auth->cb->channel_info(wpa_auth->cb_ctx, ci); in wpa_channel_info()
794 u8 *pos = buf; in wpa_write_mdie() local
797 return -1; in wpa_write_mdie()
799 *pos++ = WLAN_EID_MOBILITY_DOMAIN; in wpa_write_mdie()
800 *pos++ = MOBILITY_DOMAIN_ID_LEN + 1; in wpa_write_mdie()
801 os_memcpy(pos, conf->mobility_domain, MOBILITY_DOMAIN_ID_LEN); in wpa_write_mdie()
802 pos += MOBILITY_DOMAIN_ID_LEN; in wpa_write_mdie()
804 if (conf->ft_over_ds) in wpa_write_mdie()
806 *pos++ = capab; in wpa_write_mdie()
808 return pos - buf; in wpa_write_mdie()
818 u8 *pos = buf, *ielen; in wpa_write_ftie() local
838 return -1; in wpa_write_ftie()
840 *pos++ = WLAN_EID_FAST_BSS_TRANSITION; in wpa_write_ftie()
841 ielen = pos++; in wpa_write_ftie()
845 struct rsn_ftie_sha512 *hdr = (struct rsn_ftie_sha512 *) pos; in wpa_write_ftie()
848 pos += sizeof(*hdr); in wpa_write_ftie()
850 WPA_PUT_LE16(hdr->mic_control, mic_control); in wpa_write_ftie()
852 os_memcpy(hdr->anonce, anonce, WPA_NONCE_LEN); in wpa_write_ftie()
854 os_memcpy(hdr->snonce, snonce, WPA_NONCE_LEN); in wpa_write_ftie()
858 struct rsn_ftie_sha384 *hdr = (struct rsn_ftie_sha384 *) pos; in wpa_write_ftie()
861 pos += sizeof(*hdr); in wpa_write_ftie()
863 WPA_PUT_LE16(hdr->mic_control, mic_control); in wpa_write_ftie()
865 os_memcpy(hdr->anonce, anonce, WPA_NONCE_LEN); in wpa_write_ftie()
867 os_memcpy(hdr->snonce, snonce, WPA_NONCE_LEN); in wpa_write_ftie()
869 struct rsn_ftie *hdr = (struct rsn_ftie *) pos; in wpa_write_ftie()
872 pos += sizeof(*hdr); in wpa_write_ftie()
874 WPA_PUT_LE16(hdr->mic_control, mic_control); in wpa_write_ftie()
876 os_memcpy(hdr->anonce, anonce, WPA_NONCE_LEN); in wpa_write_ftie()
878 os_memcpy(hdr->snonce, snonce, WPA_NONCE_LEN); in wpa_write_ftie()
882 *pos++ = FTIE_SUBELEM_R1KH_ID; in wpa_write_ftie()
883 *pos++ = FT_R1KH_ID_LEN; in wpa_write_ftie()
884 os_memcpy(pos, conf->r1_key_holder, FT_R1KH_ID_LEN); in wpa_write_ftie()
885 pos += FT_R1KH_ID_LEN; in wpa_write_ftie()
888 *pos++ = FTIE_SUBELEM_R0KH_ID; in wpa_write_ftie()
889 *pos++ = r0kh_id_len; in wpa_write_ftie()
890 os_memcpy(pos, r0kh_id, r0kh_id_len); in wpa_write_ftie()
891 pos += r0kh_id_len; in wpa_write_ftie()
895 os_memcpy(pos, subelem, subelem_len); in wpa_write_ftie()
896 pos += subelem_len; in wpa_write_ftie()
899 *ielen = pos - buf - 2; in wpa_write_ftie()
901 return pos - buf; in wpa_write_ftie()
928 dl_list_del(&item->list); in wpa_ft_rrb_seq_free()
929 bin_clear_free(item->enc, item->enc_len); in wpa_ft_rrb_seq_free()
930 os_free(item->auth); in wpa_ft_rrb_seq_free()
940 dl_list_for_each_safe(item, n, &rkh_seq->rx.queue, in wpa_ft_rrb_seq_flush()
942 if (cb && item->cb) in wpa_ft_rrb_seq_flush()
943 item->cb(wpa_auth, item->src_addr, item->enc, in wpa_ft_rrb_seq_flush()
944 item->enc_len, item->auth, item->auth_len, 1); in wpa_ft_rrb_seq_flush()
976 .data = NULL /* to be filled: item->nonce */ }, in wpa_ft_rrb_seq_req()
984 if (dl_list_len(&rkh_seq->rx.queue) >= ftRRBmaxQueueLen) { in wpa_ft_rrb_seq_req()
991 MAC2STR(wpa_auth->addr), MAC2STR(src_addr)); in wpa_ft_rrb_seq_req()
996 os_memcpy(item->src_addr, src_addr, ETH_ALEN); in wpa_ft_rrb_seq_req()
997 item->cb = cb; in wpa_ft_rrb_seq_req()
999 if (random_get_bytes(item->nonce, FT_RRB_NONCE_LEN) < 0) { in wpa_ft_rrb_seq_req()
1004 if (os_get_reltime(&item->nonce_ts) < 0) in wpa_ft_rrb_seq_req()
1008 item->enc = os_memdup(enc, enc_len); in wpa_ft_rrb_seq_req()
1009 item->enc_len = enc_len; in wpa_ft_rrb_seq_req()
1010 if (!item->enc) in wpa_ft_rrb_seq_req()
1015 item->auth = os_memdup(auth, auth_len); in wpa_ft_rrb_seq_req()
1016 item->auth_len = auth_len; in wpa_ft_rrb_seq_req()
1017 if (!item->auth) in wpa_ft_rrb_seq_req()
1024 seq_req_auth[0].data = item->nonce; in wpa_ft_rrb_seq_req()
1027 wpa_auth->addr, FT_PACKET_R0KH_R1KH_SEQ_REQ, in wpa_ft_rrb_seq_req()
1033 dl_list_add(&rkh_seq->rx.queue, &item->list); in wpa_ft_rrb_seq_req()
1044 os_free(item->auth); in wpa_ft_rrb_seq_req()
1045 bin_clear_free(item->enc, item->enc_len); in wpa_ft_rrb_seq_req()
1049 return -1; in wpa_ft_rrb_seq_req()
1074 if (rkh_seq->rx.num_last == 0) { in wpa_ft_rrb_seq_chk()
1079 if (le_to_host32(msg_both->dom) != rkh_seq->rx.dom) { in wpa_ft_rrb_seq_chk()
1088 os_reltime_sub(&now, &rkh_seq->rx.time_offset, &now_remote); in wpa_ft_rrb_seq_chk()
1090 msg_ts_off = le_to_host32(msg_both->ts) - in wpa_ft_rrb_seq_chk()
1091 (msg_ts_now_remote - ftRRBseqTimeout); in wpa_ft_rrb_seq_chk()
1096 msg_seq = le_to_host32(msg_both->seq); in wpa_ft_rrb_seq_chk()
1097 rkh_off = rkh_seq->rx.last[rkh_seq->rx.offsetidx]; in wpa_ft_rrb_seq_chk()
1098 msg_off = msg_seq - rkh_off; in wpa_ft_rrb_seq_chk()
1103 for (i = 0; i < rkh_seq->rx.num_last; i++) { in wpa_ft_rrb_seq_chk()
1104 if (rkh_seq->rx.last[i] == msg_seq) in wpa_ft_rrb_seq_chk()
1143 msg_seq = le_to_host32(msg_both->seq); in wpa_ft_rrb_seq_accept()
1145 if (rkh_seq->rx.num_last < FT_REMOTE_SEQ_BACKLOG) { in wpa_ft_rrb_seq_accept()
1146 rkh_seq->rx.last[rkh_seq->rx.num_last] = msg_seq; in wpa_ft_rrb_seq_accept()
1147 rkh_seq->rx.num_last++; in wpa_ft_rrb_seq_accept()
1151 rkh_off = rkh_seq->rx.last[rkh_seq->rx.offsetidx]; in wpa_ft_rrb_seq_accept()
1152 for (i = 0; i < rkh_seq->rx.num_last; i++) { in wpa_ft_rrb_seq_accept()
1153 msg_off = rkh_seq->rx.last[i] - rkh_off; in wpa_ft_rrb_seq_accept()
1154 min_off = rkh_seq->rx.last[minidx] - rkh_off; in wpa_ft_rrb_seq_accept()
1155 if (msg_off < min_off && i != rkh_seq->rx.offsetidx) in wpa_ft_rrb_seq_accept()
1158 rkh_seq->rx.last[rkh_seq->rx.offsetidx] = msg_seq; in wpa_ft_rrb_seq_accept()
1159 rkh_seq->rx.offsetidx = minidx; in wpa_ft_rrb_seq_accept()
1175 return -1; in wpa_ft_new_seq()
1177 if (!rkh_seq->tx.dom) { in wpa_ft_new_seq()
1178 if (random_get_bytes((u8 *) &rkh_seq->tx.seq, in wpa_ft_new_seq()
1179 sizeof(rkh_seq->tx.seq))) { in wpa_ft_new_seq()
1182 rkh_seq->tx.seq = now.usec; in wpa_ft_new_seq()
1184 if (random_get_bytes((u8 *) &rkh_seq->tx.dom, in wpa_ft_new_seq()
1185 sizeof(rkh_seq->tx.dom))) { in wpa_ft_new_seq()
1188 rkh_seq->tx.dom = now.usec; in wpa_ft_new_seq()
1190 rkh_seq->tx.dom |= 1; in wpa_ft_new_seq()
1193 f_seq->dom = host_to_le32(rkh_seq->tx.dom); in wpa_ft_new_seq()
1194 f_seq->seq = host_to_le32(rkh_seq->tx.seq); in wpa_ft_new_seq()
1195 f_seq->ts = host_to_le32(now.sec); in wpa_ft_new_seq()
1197 rkh_seq->tx.seq++; in wpa_ft_new_seq()
1252 dl_list_del(&r0->list); in wpa_ft_free_pmk_r0()
1255 os_memset(r0->pmk_r0, 0, PMK_LEN_MAX); in wpa_ft_free_pmk_r0()
1256 os_free(r0->vlan); in wpa_ft_free_pmk_r0()
1257 os_free(r0->identity); in wpa_ft_free_pmk_r0()
1258 os_free(r0->radius_cui); in wpa_ft_free_pmk_r0()
1275 expires_in = r0->expiration - now.sec; in wpa_ft_expire_pmk_r0()
1276 session_timeout = r0->session_timeout - now.sec; in wpa_ft_expire_pmk_r0()
1278 * a) r0->expiration is set and hit in wpa_ft_expire_pmk_r0()
1279 * -or- in wpa_ft_expire_pmk_r0()
1280 * b) r0->session_timeout is set and hit in wpa_ft_expire_pmk_r0()
1282 if ((!r0->expiration || expires_in > 0) && in wpa_ft_expire_pmk_r0()
1283 (!r0->session_timeout || session_timeout > 0)) { in wpa_ft_expire_pmk_r0()
1285 "FT: %s() called for non-expired entry %p", in wpa_ft_expire_pmk_r0()
1288 if (r0->expiration && expires_in > 0) in wpa_ft_expire_pmk_r0()
1291 if (r0->session_timeout && session_timeout > 0) in wpa_ft_expire_pmk_r0()
1306 dl_list_del(&r1->list); in wpa_ft_free_pmk_r1()
1309 os_memset(r1->pmk_r1, 0, PMK_LEN_MAX); in wpa_ft_free_pmk_r1()
1310 os_free(r1->vlan); in wpa_ft_free_pmk_r1()
1311 os_free(r1->identity); in wpa_ft_free_pmk_r1()
1312 os_free(r1->radius_cui); in wpa_ft_free_pmk_r1()
1331 dl_list_init(&cache->pmk_r0); in wpa_ft_pmk_cache_init()
1332 dl_list_init(&cache->pmk_r1); in wpa_ft_pmk_cache_init()
1344 dl_list_for_each_safe(r0, r0prev, &cache->pmk_r0, in wpa_ft_pmk_cache_deinit()
1348 dl_list_for_each_safe(r1, r1prev, &cache->pmk_r1, in wpa_ft_pmk_cache_deinit()
1365 struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache; in wpa_ft_store_pmk_r0()
1374 return -1; in wpa_ft_store_pmk_r0()
1376 os_memcpy(r0->pmk_r0, pmk_r0, pmk_r0_len); in wpa_ft_store_pmk_r0()
1377 r0->pmk_r0_len = pmk_r0_len; in wpa_ft_store_pmk_r0()
1378 os_memcpy(r0->pmk_r0_name, pmk_r0_name, WPA_PMK_NAME_LEN); in wpa_ft_store_pmk_r0()
1379 os_memcpy(r0->spa, spa, ETH_ALEN); in wpa_ft_store_pmk_r0()
1380 r0->pairwise = pairwise; in wpa_ft_store_pmk_r0()
1382 r0->expiration = now.sec + expires_in; in wpa_ft_store_pmk_r0()
1383 if (vlan && vlan->notempty) { in wpa_ft_store_pmk_r0()
1384 r0->vlan = os_zalloc(sizeof(*vlan)); in wpa_ft_store_pmk_r0()
1385 if (!r0->vlan) { in wpa_ft_store_pmk_r0()
1387 return -1; in wpa_ft_store_pmk_r0()
1389 *r0->vlan = *vlan; in wpa_ft_store_pmk_r0()
1392 r0->identity = os_malloc(identity_len); in wpa_ft_store_pmk_r0()
1393 if (r0->identity) { in wpa_ft_store_pmk_r0()
1394 os_memcpy(r0->identity, identity, identity_len); in wpa_ft_store_pmk_r0()
1395 r0->identity_len = identity_len; in wpa_ft_store_pmk_r0()
1399 r0->radius_cui = os_malloc(radius_cui_len); in wpa_ft_store_pmk_r0()
1400 if (r0->radius_cui) { in wpa_ft_store_pmk_r0()
1401 os_memcpy(r0->radius_cui, radius_cui, radius_cui_len); in wpa_ft_store_pmk_r0()
1402 r0->radius_cui_len = radius_cui_len; in wpa_ft_store_pmk_r0()
1406 r0->session_timeout = now.sec + session_timeout; in wpa_ft_store_pmk_r0()
1408 dl_list_add(&cache->pmk_r0, &r0->list); in wpa_ft_store_pmk_r0()
1424 struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache; in wpa_ft_fetch_pmk_r0()
1429 dl_list_for_each(r0, &cache->pmk_r0, struct wpa_ft_pmk_r0_sa, list) { in wpa_ft_fetch_pmk_r0()
1430 if (ether_addr_equal(r0->spa, spa) && in wpa_ft_fetch_pmk_r0()
1431 os_memcmp_const(r0->pmk_r0_name, pmk_r0_name, in wpa_ft_fetch_pmk_r0()
1439 return -1; in wpa_ft_fetch_pmk_r0()
1452 struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache; in wpa_ft_store_pmk_r1()
1453 int max_expires_in = wpa_auth->conf.r1_max_key_lifetime; in wpa_ft_store_pmk_r1()
1465 return -1; in wpa_ft_store_pmk_r1()
1467 os_memcpy(r1->pmk_r1, pmk_r1, pmk_r1_len); in wpa_ft_store_pmk_r1()
1468 r1->pmk_r1_len = pmk_r1_len; in wpa_ft_store_pmk_r1()
1469 os_memcpy(r1->pmk_r1_name, pmk_r1_name, WPA_PMK_NAME_LEN); in wpa_ft_store_pmk_r1()
1470 os_memcpy(r1->spa, spa, ETH_ALEN); in wpa_ft_store_pmk_r1()
1471 r1->pairwise = pairwise; in wpa_ft_store_pmk_r1()
1472 if (vlan && vlan->notempty) { in wpa_ft_store_pmk_r1()
1473 r1->vlan = os_zalloc(sizeof(*vlan)); in wpa_ft_store_pmk_r1()
1474 if (!r1->vlan) { in wpa_ft_store_pmk_r1()
1476 return -1; in wpa_ft_store_pmk_r1()
1478 *r1->vlan = *vlan; in wpa_ft_store_pmk_r1()
1481 r1->identity = os_malloc(identity_len); in wpa_ft_store_pmk_r1()
1482 if (r1->identity) { in wpa_ft_store_pmk_r1()
1483 os_memcpy(r1->identity, identity, identity_len); in wpa_ft_store_pmk_r1()
1484 r1->identity_len = identity_len; in wpa_ft_store_pmk_r1()
1488 r1->radius_cui = os_malloc(radius_cui_len); in wpa_ft_store_pmk_r1()
1489 if (r1->radius_cui) { in wpa_ft_store_pmk_r1()
1490 os_memcpy(r1->radius_cui, radius_cui, radius_cui_len); in wpa_ft_store_pmk_r1()
1491 r1->radius_cui_len = radius_cui_len; in wpa_ft_store_pmk_r1()
1495 r1->session_timeout = now.sec + session_timeout; in wpa_ft_store_pmk_r1()
1497 dl_list_add(&cache->pmk_r1, &r1->list); in wpa_ft_store_pmk_r1()
1518 struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache; in wpa_ft_fetch_pmk_r1()
1524 dl_list_for_each(r1, &cache->pmk_r1, struct wpa_ft_pmk_r1_sa, list) { in wpa_ft_fetch_pmk_r1()
1525 if (ether_addr_equal(r1->spa, spa) && in wpa_ft_fetch_pmk_r1()
1526 os_memcmp_const(r1->pmk_r1_name, pmk_r1_name, in wpa_ft_fetch_pmk_r1()
1528 os_memcpy(pmk_r1, r1->pmk_r1, r1->pmk_r1_len); in wpa_ft_fetch_pmk_r1()
1529 *pmk_r1_len = r1->pmk_r1_len; in wpa_ft_fetch_pmk_r1()
1531 *pairwise = r1->pairwise; in wpa_ft_fetch_pmk_r1()
1532 if (vlan && r1->vlan) in wpa_ft_fetch_pmk_r1()
1533 *vlan = *r1->vlan; in wpa_ft_fetch_pmk_r1()
1534 if (vlan && !r1->vlan) in wpa_ft_fetch_pmk_r1()
1537 *identity = r1->identity; in wpa_ft_fetch_pmk_r1()
1538 *identity_len = r1->identity_len; in wpa_ft_fetch_pmk_r1()
1541 *radius_cui = r1->radius_cui; in wpa_ft_fetch_pmk_r1()
1542 *radius_cui_len = r1->radius_cui_len; in wpa_ft_fetch_pmk_r1()
1544 if (session_timeout && r1->session_timeout > now.sec) in wpa_ft_fetch_pmk_r1()
1545 *session_timeout = r1->session_timeout - in wpa_ft_fetch_pmk_r1()
1547 else if (session_timeout && r1->session_timeout) in wpa_ft_fetch_pmk_r1()
1555 return -1; in wpa_ft_fetch_pmk_r1()
1561 if (r0kh->seq) in wpa_ft_rrb_init_r0kh_seq()
1564 r0kh->seq = os_zalloc(sizeof(*r0kh->seq)); in wpa_ft_rrb_init_r0kh_seq()
1565 if (!r0kh->seq) { in wpa_ft_rrb_init_r0kh_seq()
1566 wpa_printf(MSG_DEBUG, "FT: Failed to allocate r0kh->seq"); in wpa_ft_rrb_init_r0kh_seq()
1567 return -1; in wpa_ft_rrb_init_r0kh_seq()
1570 dl_list_init(&r0kh->seq->rx.queue); in wpa_ft_rrb_init_r0kh_seq()
1586 if (wpa_auth->conf.r0kh_list) in wpa_ft_rrb_lookup_r0kh()
1587 r0kh = *wpa_auth->conf.r0kh_list; in wpa_ft_rrb_lookup_r0kh()
1590 for (; r0kh; r0kh = r0kh->next) { in wpa_ft_rrb_lookup_r0kh()
1591 if (r0kh->id_len == 1 && r0kh->id[0] == '*') in wpa_ft_rrb_lookup_r0kh()
1593 if (f_r0kh_id && r0kh->id_len == f_r0kh_id_len && in wpa_ft_rrb_lookup_r0kh()
1594 os_memcmp_const(f_r0kh_id, r0kh->id, f_r0kh_id_len) == 0) in wpa_ft_rrb_lookup_r0kh()
1608 if (r1kh->seq) in wpa_ft_rrb_init_r1kh_seq()
1611 r1kh->seq = os_zalloc(sizeof(*r1kh->seq)); in wpa_ft_rrb_init_r1kh_seq()
1612 if (!r1kh->seq) { in wpa_ft_rrb_init_r1kh_seq()
1613 wpa_printf(MSG_DEBUG, "FT: Failed to allocate r1kh->seq"); in wpa_ft_rrb_init_r1kh_seq()
1614 return -1; in wpa_ft_rrb_init_r1kh_seq()
1617 dl_list_init(&r1kh->seq->rx.queue); in wpa_ft_rrb_init_r1kh_seq()
1633 if (wpa_auth->conf.r1kh_list) in wpa_ft_rrb_lookup_r1kh()
1634 r1kh = *wpa_auth->conf.r1kh_list; in wpa_ft_rrb_lookup_r1kh()
1637 for (; r1kh; r1kh = r1kh->next) { in wpa_ft_rrb_lookup_r1kh()
1638 if (is_zero_ether_addr(r1kh->addr) && in wpa_ft_rrb_lookup_r1kh()
1639 is_zero_ether_addr(r1kh->id)) in wpa_ft_rrb_lookup_r1kh()
1642 os_memcmp_const(r1kh->id, f_r1kh_id, FT_R1KH_ID_LEN) == 0) in wpa_ft_rrb_lookup_r1kh()
1657 if (f_r0kh_id_len != wpa_auth->conf.r0_key_holder_len || in wpa_ft_rrb_check_r0kh()
1658 os_memcmp_const(f_r0kh_id, wpa_auth->conf.r0_key_holder, in wpa_ft_rrb_check_r0kh()
1660 return -1; in wpa_ft_rrb_check_r0kh()
1669 if (os_memcmp_const(f_r1kh_id, wpa_auth->conf.r1_key_holder, in wpa_ft_rrb_check_r1kh()
1671 return -1; in wpa_ft_rrb_check_r1kh()
1682 if (!wpa_auth->conf.r0kh_list) in wpa_ft_rrb_del_r0kh()
1685 for (r0kh = *wpa_auth->conf.r0kh_list; r0kh; r0kh = r0kh->next) { in wpa_ft_rrb_del_r0kh()
1693 prev->next = r0kh->next; in wpa_ft_rrb_del_r0kh()
1695 *wpa_auth->conf.r0kh_list = r0kh->next; in wpa_ft_rrb_del_r0kh()
1696 if (r0kh->seq) in wpa_ft_rrb_del_r0kh()
1697 wpa_ft_rrb_seq_flush(wpa_auth, r0kh->seq, 0); in wpa_ft_rrb_del_r0kh()
1698 os_free(r0kh->seq); in wpa_ft_rrb_del_r0kh()
1731 if (!wpa_auth->conf.r0kh_list) in wpa_ft_rrb_add_r0kh()
1739 os_memcpy(r0kh->addr, src_addr, sizeof(r0kh->addr)); in wpa_ft_rrb_add_r0kh()
1743 os_memcpy(r0kh->id, r0kh_id, id_len); in wpa_ft_rrb_add_r0kh()
1744 r0kh->id_len = id_len; in wpa_ft_rrb_add_r0kh()
1746 os_memcpy(r0kh->key, r0kh_wildcard->key, sizeof(r0kh->key)); in wpa_ft_rrb_add_r0kh()
1748 r0kh->next = *wpa_auth->conf.r0kh_list; in wpa_ft_rrb_add_r0kh()
1749 *wpa_auth->conf.r0kh_list = r0kh; in wpa_ft_rrb_add_r0kh()
1767 if (!wpa_auth->conf.r1kh_list) in wpa_ft_rrb_del_r1kh()
1770 for (r1kh = *wpa_auth->conf.r1kh_list; r1kh; r1kh = r1kh->next) { in wpa_ft_rrb_del_r1kh()
1778 prev->next = r1kh->next; in wpa_ft_rrb_del_r1kh()
1780 *wpa_auth->conf.r1kh_list = r1kh->next; in wpa_ft_rrb_del_r1kh()
1781 if (r1kh->seq) in wpa_ft_rrb_del_r1kh()
1782 wpa_ft_rrb_seq_flush(wpa_auth, r1kh->seq, 0); in wpa_ft_rrb_del_r1kh()
1783 os_free(r1kh->seq); in wpa_ft_rrb_del_r1kh()
1804 if (!wpa_auth->conf.r1kh_list) in wpa_ft_rrb_add_r1kh()
1811 os_memcpy(r1kh->addr, src_addr, sizeof(r1kh->addr)); in wpa_ft_rrb_add_r1kh()
1812 os_memcpy(r1kh->id, r1kh_id, sizeof(r1kh->id)); in wpa_ft_rrb_add_r1kh()
1813 os_memcpy(r1kh->key, r1kh_wildcard->key, sizeof(r1kh->key)); in wpa_ft_rrb_add_r1kh()
1814 r1kh->next = *wpa_auth->conf.r1kh_list; in wpa_ft_rrb_add_r1kh()
1815 *wpa_auth->conf.r1kh_list = r1kh; in wpa_ft_rrb_add_r1kh()
1841 if (wpa_auth->conf.r0kh_list) in wpa_ft_deinit_seq()
1842 r0kh = *wpa_auth->conf.r0kh_list; in wpa_ft_deinit_seq()
1845 for (; r0kh; r0kh = r0kh->next) { in wpa_ft_deinit_seq()
1846 if (!r0kh->seq) in wpa_ft_deinit_seq()
1848 wpa_ft_rrb_seq_flush(wpa_auth, r0kh->seq, 0); in wpa_ft_deinit_seq()
1849 os_free(r0kh->seq); in wpa_ft_deinit_seq()
1850 r0kh->seq = NULL; in wpa_ft_deinit_seq()
1853 if (wpa_auth->conf.r1kh_list) in wpa_ft_deinit_seq()
1854 r1kh = *wpa_auth->conf.r1kh_list; in wpa_ft_deinit_seq()
1857 for (; r1kh; r1kh = r1kh->next) { in wpa_ft_deinit_seq()
1858 if (!r1kh->seq) in wpa_ft_deinit_seq()
1860 wpa_ft_rrb_seq_flush(wpa_auth, r1kh->seq, 0); in wpa_ft_deinit_seq()
1861 os_free(r1kh->seq); in wpa_ft_deinit_seq()
1862 r1kh->seq = NULL; in wpa_ft_deinit_seq()
1872 if (wpa_auth->conf.r0kh_list) in wpa_ft_deinit_rkh_tmp()
1873 r0kh = *wpa_auth->conf.r0kh_list; in wpa_ft_deinit_rkh_tmp()
1877 r0kh_next = r0kh->next; in wpa_ft_deinit_rkh_tmp()
1881 r0kh_prev->next = r0kh_next; in wpa_ft_deinit_rkh_tmp()
1883 *wpa_auth->conf.r0kh_list = r0kh_next; in wpa_ft_deinit_rkh_tmp()
1891 if (wpa_auth->conf.r1kh_list) in wpa_ft_deinit_rkh_tmp()
1892 r1kh = *wpa_auth->conf.r1kh_list; in wpa_ft_deinit_rkh_tmp()
1896 r1kh_next = r1kh->next; in wpa_ft_deinit_rkh_tmp()
1900 r1kh_prev->next = r1kh_next; in wpa_ft_deinit_rkh_tmp()
1902 *wpa_auth->conf.r1kh_list = r1kh_next; in wpa_ft_deinit_rkh_tmp()
1924 if (!wpa_auth->conf.rkh_neg_timeout) in wpa_ft_block_r0kh()
1931 /* r0kh removed after neg_timeout and might need re-adding */ in wpa_ft_block_r0kh()
1935 wpa_hexdump(MSG_DEBUG, "FT: Temporarily block R0KH-ID", in wpa_ft_block_r0kh()
1940 wpa_auth->conf.rkh_neg_timeout); in wpa_ft_block_r0kh()
1941 os_memset(r0kh->addr, 0, ETH_ALEN); in wpa_ft_block_r0kh()
1945 wpa_auth->conf.rkh_neg_timeout); in wpa_ft_block_r0kh()
1954 MAC2STR(sm->addr)); in wpa_ft_expire_pull()
1955 if (sm->ft_pending_pull_left_retries <= 0) in wpa_ft_expire_pull()
1956 wpa_ft_block_r0kh(sm->wpa_auth, sm->r0kh_id, sm->r0kh_id_len); in wpa_ft_expire_pull()
1970 const u8 *key, *f_r1kh_id = sm->wpa_auth->conf.r1_key_holder; in wpa_ft_pull_pmk_r1()
1980 .data = sm->addr }, in wpa_ft_pull_pmk_r1()
1985 .data = sm->ft_pending_pull_nonce }, in wpa_ft_pull_pmk_r1()
1988 { .type = FT_RRB_R0KH_ID, .len = sm->r0kh_id_len, in wpa_ft_pull_pmk_r1()
1989 .data = sm->r0kh_id }, in wpa_ft_pull_pmk_r1()
1995 if (sm->ft_pending_pull_left_retries <= 0) in wpa_ft_pull_pmk_r1()
1996 return -1; in wpa_ft_pull_pmk_r1()
1997 first = sm->ft_pending_pull_left_retries == in wpa_ft_pull_pmk_r1()
1998 sm->wpa_auth->conf.rkh_pull_retries; in wpa_ft_pull_pmk_r1()
1999 sm->ft_pending_pull_left_retries--; in wpa_ft_pull_pmk_r1()
2001 wpa_ft_rrb_lookup_r0kh(sm->wpa_auth, sm->r0kh_id, sm->r0kh_id_len, in wpa_ft_pull_pmk_r1()
2005 r0kh_timeout = sm->wpa_auth->conf.rkh_pull_timeout / 1000 + in wpa_ft_pull_pmk_r1()
2008 wpa_ft_rrb_r0kh_replenish(sm->wpa_auth, r0kh, r0kh_timeout); in wpa_ft_pull_pmk_r1()
2010 wpa_printf(MSG_DEBUG, "FT: Using wildcard R0KH-ID"); in wpa_ft_pull_pmk_r1()
2011 /* r0kh->addr: updated by SEQ_RESP and wpa_ft_expire_pull */ in wpa_ft_pull_pmk_r1()
2012 r0kh = wpa_ft_rrb_add_r0kh(sm->wpa_auth, r0kh_wildcard, in wpa_ft_pull_pmk_r1()
2013 r0kh_wildcard->addr, in wpa_ft_pull_pmk_r1()
2014 sm->r0kh_id, sm->r0kh_id_len, in wpa_ft_pull_pmk_r1()
2018 wpa_hexdump(MSG_DEBUG, "FT: Did not find R0KH-ID", in wpa_ft_pull_pmk_r1()
2019 sm->r0kh_id, sm->r0kh_id_len); in wpa_ft_pull_pmk_r1()
2020 return -1; in wpa_ft_pull_pmk_r1()
2022 if (is_zero_ether_addr(r0kh->addr)) { in wpa_ft_pull_pmk_r1()
2023 wpa_hexdump(MSG_DEBUG, "FT: R0KH-ID is temporarily blocked", in wpa_ft_pull_pmk_r1()
2024 sm->r0kh_id, sm->r0kh_id_len); in wpa_ft_pull_pmk_r1()
2025 return -1; in wpa_ft_pull_pmk_r1()
2027 if (ether_addr_equal(r0kh->addr, sm->wpa_auth->addr)) { in wpa_ft_pull_pmk_r1()
2029 "FT: R0KH-ID points to self - no matching key available"); in wpa_ft_pull_pmk_r1()
2030 return -1; in wpa_ft_pull_pmk_r1()
2033 key = r0kh->key; in wpa_ft_pull_pmk_r1()
2034 key_len = sizeof(r0kh->key); in wpa_ft_pull_pmk_r1()
2036 if (r0kh->seq->rx.num_last == 0) { in wpa_ft_pull_pmk_r1()
2039 wpa_ft_rrb_seq_req(sm->wpa_auth, r0kh->seq, r0kh->addr, in wpa_ft_pull_pmk_r1()
2040 r0kh->id, r0kh->id_len, f_r1kh_id, key, in wpa_ft_pull_pmk_r1()
2044 wpa_printf(MSG_DEBUG, "FT: Send PMK-R1 pull request from " MACSTR in wpa_ft_pull_pmk_r1()
2046 MAC2STR(sm->wpa_auth->addr), MAC2STR(r0kh->addr)); in wpa_ft_pull_pmk_r1()
2049 random_get_bytes(sm->ft_pending_pull_nonce, FT_RRB_NONCE_LEN) < 0) { in wpa_ft_pull_pmk_r1()
2052 return -1; in wpa_ft_pull_pmk_r1()
2055 if (wpa_ft_new_seq(r0kh->seq, &f_seq) < 0) { in wpa_ft_pull_pmk_r1()
2057 return -1; in wpa_ft_pull_pmk_r1()
2061 sm->wpa_auth->addr, FT_PACKET_R0KH_R1KH_PULL, in wpa_ft_pull_pmk_r1()
2063 return -1; in wpa_ft_pull_pmk_r1()
2066 wpabuf_free(sm->ft_pending_req_ies); in wpa_ft_pull_pmk_r1()
2067 sm->ft_pending_req_ies = ft_pending_req_ies; in wpa_ft_pull_pmk_r1()
2068 if (!sm->ft_pending_req_ies) { in wpa_ft_pull_pmk_r1()
2070 return -1; in wpa_ft_pull_pmk_r1()
2073 tsecs = sm->wpa_auth->conf.rkh_pull_timeout / 1000; in wpa_ft_pull_pmk_r1()
2074 tusecs = (sm->wpa_auth->conf.rkh_pull_timeout % 1000) * 1000; in wpa_ft_pull_pmk_r1()
2077 wpa_ft_rrb_oui_send(sm->wpa_auth, r0kh->addr, FT_PACKET_R0KH_R1KH_PULL, in wpa_ft_pull_pmk_r1()
2089 int expires_in = sm->wpa_auth->conf.r0_key_lifetime; in wpa_ft_store_pmk_fils()
2094 size_t pmk_r0_len = wpa_key_mgmt_sha384(sm->wpa_key_mgmt) ? in wpa_ft_store_pmk_fils()
2097 if (wpa_ft_get_vlan(sm->wpa_auth, sm->addr, &vlan) < 0) { in wpa_ft_store_pmk_fils()
2099 MAC2STR(sm->addr)); in wpa_ft_store_pmk_fils()
2100 return -1; in wpa_ft_store_pmk_fils()
2103 identity_len = wpa_ft_get_identity(sm->wpa_auth, sm->addr, &identity); in wpa_ft_store_pmk_fils()
2104 radius_cui_len = wpa_ft_get_radius_cui(sm->wpa_auth, sm->addr, in wpa_ft_store_pmk_fils()
2106 session_timeout = wpa_ft_get_session_timeout(sm->wpa_auth, sm->addr); in wpa_ft_store_pmk_fils()
2108 return wpa_ft_store_pmk_r0(sm->wpa_auth, sm->addr, pmk_r0, pmk_r0_len, in wpa_ft_store_pmk_fils()
2109 pmk_r0_name, sm->pairwise, &vlan, expires_in, in wpa_ft_store_pmk_fils()
2121 const u8 *mdid = sm->wpa_auth->conf.mobility_domain; in wpa_auth_derive_ptk_ft()
2122 const u8 *r0kh = sm->wpa_auth->conf.r0_key_holder; in wpa_auth_derive_ptk_ft()
2123 size_t r0kh_len = sm->wpa_auth->conf.r0_key_holder_len; in wpa_auth_derive_ptk_ft()
2124 const u8 *r1kh = sm->wpa_auth->conf.r1_key_holder; in wpa_auth_derive_ptk_ft()
2125 const u8 *ssid = sm->wpa_auth->conf.ssid; in wpa_auth_derive_ptk_ft()
2126 size_t ssid_len = sm->wpa_auth->conf.ssid_len; in wpa_auth_derive_ptk_ft()
2130 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_FT_SAE_EXT_KEY && in wpa_auth_derive_ptk_ft()
2131 (sm->xxkey_len == SHA256_MAC_LEN || in wpa_auth_derive_ptk_ft()
2132 sm->xxkey_len == SHA384_MAC_LEN || in wpa_auth_derive_ptk_ft()
2133 sm->xxkey_len == SHA512_MAC_LEN)) in wpa_auth_derive_ptk_ft()
2134 pmk_r0_len = sm->xxkey_len; in wpa_auth_derive_ptk_ft()
2135 else if (wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) in wpa_auth_derive_ptk_ft()
2141 if (sm->xxkey_len > 0) { in wpa_auth_derive_ptk_ft()
2142 mpmk = sm->xxkey; in wpa_auth_derive_ptk_ft()
2143 mpmk_len = sm->xxkey_len; in wpa_auth_derive_ptk_ft()
2144 } else if (sm->pmksa) { in wpa_auth_derive_ptk_ft()
2145 mpmk = sm->pmksa->pmk; in wpa_auth_derive_ptk_ft()
2146 mpmk_len = sm->pmksa->pmk_len; in wpa_auth_derive_ptk_ft()
2150 return -1; in wpa_auth_derive_ptk_ft()
2154 r0kh, r0kh_len, sm->addr, in wpa_auth_derive_ptk_ft()
2156 sm->wpa_key_mgmt) < 0 || in wpa_auth_derive_ptk_ft()
2157 wpa_derive_pmk_r1(pmk_r0, pmk_r0_len, pmk_r0_name, r1kh, sm->addr, in wpa_auth_derive_ptk_ft()
2158 pmk_r1, sm->pmk_r1_name) < 0) in wpa_auth_derive_ptk_ft()
2159 return -1; in wpa_auth_derive_ptk_ft()
2161 return wpa_pmk_r1_to_ptk(pmk_r1, pmk_r1_len, sm->SNonce, sm->ANonce, in wpa_auth_derive_ptk_ft()
2162 sm->addr, sm->wpa_auth->addr, sm->pmk_r1_name, in wpa_auth_derive_ptk_ft()
2163 ptk, ptk_name, sm->wpa_key_mgmt, sm->pairwise, in wpa_auth_derive_ptk_ft()
2172 int psk_local = sm->wpa_auth->conf.ft_psk_generate_local; in wpa_auth_ft_store_keys()
2173 int expires_in = sm->wpa_auth->conf.r0_key_lifetime; in wpa_auth_ft_store_keys()
2179 if (psk_local && wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt)) in wpa_auth_ft_store_keys()
2182 if (wpa_ft_get_vlan(sm->wpa_auth, sm->addr, &vlan) < 0) { in wpa_auth_ft_store_keys()
2184 MAC2STR(sm->addr)); in wpa_auth_ft_store_keys()
2188 identity_len = wpa_ft_get_identity(sm->wpa_auth, sm->addr, &identity); in wpa_auth_ft_store_keys()
2189 radius_cui_len = wpa_ft_get_radius_cui(sm->wpa_auth, sm->addr, in wpa_auth_ft_store_keys()
2191 session_timeout = wpa_ft_get_session_timeout(sm->wpa_auth, sm->addr); in wpa_auth_ft_store_keys()
2194 wpa_ft_store_pmk_r0(sm->wpa_auth, sm->addr, pmk_r0, key_len, in wpa_auth_ft_store_keys()
2196 sm->pairwise, &vlan, expires_in, in wpa_auth_ft_store_keys()
2199 wpa_ft_store_pmk_r1(sm->wpa_auth, sm->addr, pmk_r1, key_len, in wpa_auth_ft_store_keys()
2200 sm->pmk_r1_name, sm->pairwise, &vlan, in wpa_auth_ft_store_keys()
2209 if (wpa_auth->cb->get_seqnum == NULL) in wpa_auth_get_seqnum()
2210 return -1; in wpa_auth_get_seqnum()
2211 return wpa_auth->cb->get_seqnum(wpa_auth->cb_ctx, addr, idx, seq); in wpa_auth_get_seqnum()
2218 struct wpa_auth_config *conf = &sm->wpa_auth->conf; in wpa_ft_gtk_subelem()
2219 struct wpa_group *gsm = sm->group; in wpa_ft_gtk_subelem()
2227 if (wpa_key_mgmt_fils(sm->wpa_key_mgmt)) { in wpa_ft_gtk_subelem()
2228 kek = sm->PTK.kek2; in wpa_ft_gtk_subelem()
2229 kek_len = sm->PTK.kek2_len; in wpa_ft_gtk_subelem()
2231 kek = sm->PTK.kek; in wpa_ft_gtk_subelem()
2232 kek_len = sm->PTK.kek_len; in wpa_ft_gtk_subelem()
2235 key_len = gsm->GTK_len; in wpa_ft_gtk_subelem()
2245 pad_len = 8 - pad_len; in wpa_ft_gtk_subelem()
2249 os_memcpy(keybuf, gsm->GTK[gsm->GN - 1], key_len); in wpa_ft_gtk_subelem()
2250 if (conf->disable_gtk || in wpa_ft_gtk_subelem()
2251 sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { in wpa_ft_gtk_subelem()
2263 } else if (conf->disable_gtk || sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { in wpa_ft_gtk_subelem()
2272 key = gsm->GTK[gsm->GN - 1]; in wpa_ft_gtk_subelem()
2276 * Sub-elem ID[1] | Length[1] | Key Info[2] | Key Length[1] | RSC[8] | in wpa_ft_gtk_subelem()
2286 /* Key ID in B0-B1 of Key Info */ in wpa_ft_gtk_subelem()
2287 WPA_PUT_LE16(&subelem[2], gsm->GN & 0x03); in wpa_ft_gtk_subelem()
2288 subelem[4] = gsm->GTK_len; in wpa_ft_gtk_subelem()
2289 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, subelem + 5); in wpa_ft_gtk_subelem()
2307 u8 *subelem, *pos; in wpa_ft_igtk_subelem() local
2308 struct wpa_auth_config *conf = &sm->wpa_auth->conf; in wpa_ft_igtk_subelem()
2309 struct wpa_group *gsm = sm->group; in wpa_ft_igtk_subelem()
2316 if (wpa_key_mgmt_fils(sm->wpa_key_mgmt)) { in wpa_ft_igtk_subelem()
2317 kek = sm->PTK.kek2; in wpa_ft_igtk_subelem()
2318 kek_len = sm->PTK.kek2_len; in wpa_ft_igtk_subelem()
2320 kek = sm->PTK.kek; in wpa_ft_igtk_subelem()
2321 kek_len = sm->PTK.kek_len; in wpa_ft_igtk_subelem()
2324 igtk_len = wpa_cipher_key_len(sm->wpa_auth->conf.group_mgmt_cipher); in wpa_ft_igtk_subelem()
2326 /* Sub-elem ID[1] | Length[1] | KeyID[2] | IPN[6] | Key Length[1] | in wpa_ft_igtk_subelem()
2333 pos = subelem; in wpa_ft_igtk_subelem()
2334 *pos++ = FTIE_SUBELEM_IGTK; in wpa_ft_igtk_subelem()
2335 *pos++ = subelem_len - 2; in wpa_ft_igtk_subelem()
2336 WPA_PUT_LE16(pos, gsm->GN_igtk); in wpa_ft_igtk_subelem()
2337 pos += 2; in wpa_ft_igtk_subelem()
2338 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, pos); in wpa_ft_igtk_subelem()
2339 pos += 6; in wpa_ft_igtk_subelem()
2340 *pos++ = igtk_len; in wpa_ft_igtk_subelem()
2341 igtk = gsm->IGTK[gsm->GN_igtk - 4]; in wpa_ft_igtk_subelem()
2342 if (conf->disable_gtk || sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { in wpa_ft_igtk_subelem()
2353 if (aes_wrap(kek, kek_len, igtk_len / 8, igtk, pos)) { in wpa_ft_igtk_subelem()
2368 u8 *subelem, *pos; in wpa_ft_bigtk_subelem() local
2369 struct wpa_authenticator *wpa_auth = sm->wpa_auth; in wpa_ft_bigtk_subelem()
2370 struct wpa_group *gsm = wpa_auth->group; in wpa_ft_bigtk_subelem()
2377 if (wpa_key_mgmt_fils(sm->wpa_key_mgmt)) { in wpa_ft_bigtk_subelem()
2378 kek = sm->PTK.kek2; in wpa_ft_bigtk_subelem()
2379 kek_len = sm->PTK.kek2_len; in wpa_ft_bigtk_subelem()
2381 kek = sm->PTK.kek; in wpa_ft_bigtk_subelem()
2382 kek_len = sm->PTK.kek_len; in wpa_ft_bigtk_subelem()
2385 bigtk_len = wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher); in wpa_ft_bigtk_subelem()
2387 /* Sub-elem ID[1] | Length[1] | KeyID[2] | BIPN[6] | Key Length[1] | in wpa_ft_bigtk_subelem()
2394 pos = subelem; in wpa_ft_bigtk_subelem()
2395 *pos++ = FTIE_SUBELEM_BIGTK; in wpa_ft_bigtk_subelem()
2396 *pos++ = subelem_len - 2; in wpa_ft_bigtk_subelem()
2397 WPA_PUT_LE16(pos, gsm->GN_bigtk); in wpa_ft_bigtk_subelem()
2398 pos += 2; in wpa_ft_bigtk_subelem()
2399 wpa_auth_get_seqnum(wpa_auth, NULL, gsm->GN_bigtk, pos); in wpa_ft_bigtk_subelem()
2400 pos += 6; in wpa_ft_bigtk_subelem()
2401 *pos++ = bigtk_len; in wpa_ft_bigtk_subelem()
2402 bigtk = gsm->BIGTK[gsm->GN_bigtk - 6]; in wpa_ft_bigtk_subelem()
2403 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OSEN) { in wpa_ft_bigtk_subelem()
2414 if (aes_wrap(kek, kek_len, bigtk_len / 8, bigtk, pos)) { in wpa_ft_bigtk_subelem()
2428 u8 *pos, u8 *end, u8 id, u8 descr_count, in wpa_ft_process_rdie() argument
2439 if (end - pos < (int) sizeof(*rdie)) { in wpa_ft_process_rdie()
2441 return pos; in wpa_ft_process_rdie()
2444 *pos++ = WLAN_EID_RIC_DATA; in wpa_ft_process_rdie()
2445 *pos++ = sizeof(*rdie); in wpa_ft_process_rdie()
2446 rdie = (struct rsn_rdie *) pos; in wpa_ft_process_rdie()
2447 rdie->id = id; in wpa_ft_process_rdie()
2448 rdie->descr_count = 0; in wpa_ft_process_rdie()
2449 rdie->status_code = host_to_le16(WLAN_STATUS_SUCCESS); in wpa_ft_process_rdie()
2450 pos += sizeof(*rdie); in wpa_ft_process_rdie()
2455 rdie->status_code = in wpa_ft_process_rdie()
2457 return pos; in wpa_ft_process_rdie()
2466 rdie->status_code = in wpa_ft_process_rdie()
2468 return pos; in wpa_ft_process_rdie()
2470 if (end - pos < (int) sizeof(*tspec)) { in wpa_ft_process_rdie()
2473 rdie->status_code = in wpa_ft_process_rdie()
2475 return pos; in wpa_ft_process_rdie()
2477 tspec = (struct wmm_tspec_element *) pos; in wpa_ft_process_rdie()
2478 os_memcpy(tspec, parse.wmm_tspec - 2, sizeof(*tspec)); in wpa_ft_process_rdie()
2482 if (parse.wmm_tspec && sm->wpa_auth->conf.ap_mlme) { in wpa_ft_process_rdie()
2485 res = wmm_process_tspec((struct wmm_tspec_element *) pos); in wpa_ft_process_rdie()
2488 rdie->status_code = in wpa_ft_process_rdie()
2491 rdie->status_code = in wpa_ft_process_rdie()
2495 rdie->descr_count = 1; in wpa_ft_process_rdie()
2496 pos += sizeof(struct wmm_tspec_element); in wpa_ft_process_rdie()
2498 return pos; in wpa_ft_process_rdie()
2502 if (parse.wmm_tspec && !sm->wpa_auth->conf.ap_mlme) { in wpa_ft_process_rdie()
2505 res = wpa_ft_add_tspec(sm->wpa_auth, sm->addr, pos, in wpa_ft_process_rdie()
2509 rdie->status_code = host_to_le16(res); in wpa_ft_process_rdie()
2513 rdie->descr_count = 1; in wpa_ft_process_rdie()
2514 pos += sizeof(struct wmm_tspec_element); in wpa_ft_process_rdie()
2516 return pos; in wpa_ft_process_rdie()
2521 rdie->status_code = host_to_le16(WLAN_STATUS_UNSPECIFIED_FAILURE); in wpa_ft_process_rdie()
2522 return pos; in wpa_ft_process_rdie()
2526 static u8 * wpa_ft_process_ric(struct wpa_state_machine *sm, u8 *pos, u8 *end, in wpa_ft_process_ric() argument
2549 pos = wpa_ft_process_rdie(sm, pos, end, rdie->id, in wpa_ft_process_ric()
2550 rdie->descr_count, in wpa_ft_process_ric()
2551 start, rpos - start); in wpa_ft_process_ric()
2554 return pos; in wpa_ft_process_ric()
2558 u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos, in wpa_sm_write_assoc_resp_ies() argument
2579 return pos; in wpa_sm_write_assoc_resp_ies()
2581 conf = &sm->wpa_auth->conf; in wpa_sm_write_assoc_resp_ies()
2583 if (!wpa_key_mgmt_ft(sm->wpa_key_mgmt)) in wpa_sm_write_assoc_resp_ies()
2584 return pos; in wpa_sm_write_assoc_resp_ies()
2586 end = pos + max_len; in wpa_sm_write_assoc_resp_ies()
2590 sm->wpa_auth->conf.rsne_override_ft_set) { in wpa_sm_write_assoc_resp_ies()
2592 "TESTING: RSNE FT override for MIC calculation"); in wpa_sm_write_assoc_resp_ies()
2593 rsnie = sm->wpa_auth->conf.rsne_override_ft; in wpa_sm_write_assoc_resp_ies()
2594 rsnie_len = sm->wpa_auth->conf.rsne_override_ft_len; in wpa_sm_write_assoc_resp_ies()
2595 if (end - pos < (long int) rsnie_len) in wpa_sm_write_assoc_resp_ies()
2596 return pos; in wpa_sm_write_assoc_resp_ies()
2597 os_memcpy(pos, rsnie, rsnie_len); in wpa_sm_write_assoc_resp_ies()
2598 rsnie = pos; in wpa_sm_write_assoc_resp_ies()
2599 pos += rsnie_len; in wpa_sm_write_assoc_resp_ies()
2600 if (rsnie_len > PMKID_LEN && sm->pmk_r1_name_valid) { in wpa_sm_write_assoc_resp_ies()
2605 if (rsnie[rsnie_len - 1 - idx] != 0xff) in wpa_sm_write_assoc_resp_ies()
2609 os_memcpy(&rsnie[rsnie_len - PMKID_LEN], in wpa_sm_write_assoc_resp_ies()
2610 sm->pmk_r1_name, WPA_PMK_NAME_LEN); in wpa_sm_write_assoc_resp_ies()
2618 (sm->wpa_key_mgmt & (WPA_KEY_MGMT_FT_FILS_SHA256 | in wpa_sm_write_assoc_resp_ies()
2620 if (!sm->pmk_r1_name_valid) { in wpa_sm_write_assoc_resp_ies()
2626 sm->pmk_r1_name, WPA_PMK_NAME_LEN); in wpa_sm_write_assoc_resp_ies()
2633 res = wpa_write_rsn_ie(conf, pos, end - pos, sm->pmk_r1_name); in wpa_sm_write_assoc_resp_ies()
2636 rsnie = pos; in wpa_sm_write_assoc_resp_ies()
2638 pos += res; in wpa_sm_write_assoc_resp_ies()
2642 res = wpa_write_mdie(conf, pos, end - pos); in wpa_sm_write_assoc_resp_ies()
2645 mdie = pos; in wpa_sm_write_assoc_resp_ies()
2647 pos += res; in wpa_sm_write_assoc_resp_ies()
2657 r0kh_id = sm->r0kh_id; in wpa_sm_write_assoc_resp_ies()
2658 r0kh_id_len = sm->r0kh_id_len; in wpa_sm_write_assoc_resp_ies()
2659 anonce = sm->ANonce; in wpa_sm_write_assoc_resp_ies()
2660 snonce = sm->SNonce; in wpa_sm_write_assoc_resp_ies()
2661 if (sm->mgmt_frame_prot) { in wpa_sm_write_assoc_resp_ies()
2683 if (sm->mgmt_frame_prot && conf->beacon_prot) { in wpa_sm_write_assoc_resp_ies()
2711 if (wpa_channel_info(sm->wpa_auth, &ci) != 0) { in wpa_sm_write_assoc_resp_ies()
2718 if (conf->oci_freq_override_ft_assoc) { in wpa_sm_write_assoc_resp_ies()
2720 "TEST: Override OCI frequency %d -> %u MHz", in wpa_sm_write_assoc_resp_ies()
2722 conf->oci_freq_override_ft_assoc); in wpa_sm_write_assoc_resp_ies()
2723 ci.frequency = conf->oci_freq_override_ft_assoc; in wpa_sm_write_assoc_resp_ies()
2735 ocipos = subelem + subelem_len - 2 - OCV_OCI_LEN; in wpa_sm_write_assoc_resp_ies()
2745 r0kh_id = conf->r0_key_holder; in wpa_sm_write_assoc_resp_ies()
2746 r0kh_id_len = conf->r0_key_holder_len; in wpa_sm_write_assoc_resp_ies()
2751 (conf->sae_pwe == SAE_PWE_HASH_TO_ELEMENT || in wpa_sm_write_assoc_resp_ies()
2752 conf->sae_pwe == SAE_PWE_BOTH); in wpa_sm_write_assoc_resp_ies()
2754 if (sm->wpa_auth->conf.ft_rsnxe_used) { in wpa_sm_write_assoc_resp_ies()
2755 rsnxe_used = sm->wpa_auth->conf.ft_rsnxe_used == 1; in wpa_sm_write_assoc_resp_ies()
2760 key_len = sm->xxkey_len; in wpa_sm_write_assoc_resp_ies()
2762 key_len = sm->pmk_r1_len; in wpa_sm_write_assoc_resp_ies()
2763 if (!key_len && sm->wpa_key_mgmt == WPA_KEY_MGMT_FT_SAE_EXT_KEY && in wpa_sm_write_assoc_resp_ies()
2764 sm->wpa_auth->cb->get_psk) { in wpa_sm_write_assoc_resp_ies()
2767 if (sm->wpa_auth->cb->get_psk(sm->wpa_auth->cb_ctx, in wpa_sm_write_assoc_resp_ies()
2768 sm->addr, sm->p2p_dev_addr, in wpa_sm_write_assoc_resp_ies()
2772 res = wpa_write_ftie(conf, sm->wpa_key_mgmt, key_len, in wpa_sm_write_assoc_resp_ies()
2774 anonce, snonce, pos, end - pos, in wpa_sm_write_assoc_resp_ies()
2779 ftie = pos; in wpa_sm_write_assoc_resp_ies()
2781 pos += res; in wpa_sm_write_assoc_resp_ies()
2783 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_FT_SAE_EXT_KEY && in wpa_sm_write_assoc_resp_ies()
2788 fte_mic = _ftie->mic; in wpa_sm_write_assoc_resp_ies()
2789 elem_count = &_ftie->mic_control[1]; in wpa_sm_write_assoc_resp_ies()
2790 } else if ((sm->wpa_key_mgmt == WPA_KEY_MGMT_FT_SAE_EXT_KEY && in wpa_sm_write_assoc_resp_ies()
2792 wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) { in wpa_sm_write_assoc_resp_ies()
2796 fte_mic = _ftie->mic; in wpa_sm_write_assoc_resp_ies()
2797 elem_count = &_ftie->mic_control[1]; in wpa_sm_write_assoc_resp_ies()
2801 fte_mic = _ftie->mic; in wpa_sm_write_assoc_resp_ies()
2802 elem_count = &_ftie->mic_control[1]; in wpa_sm_write_assoc_resp_ies()
2807 ric_start = pos; in wpa_sm_write_assoc_resp_ies()
2809 sm->wpa_key_mgmt, false) == 0 && parse.ric) { in wpa_sm_write_assoc_resp_ies()
2810 pos = wpa_ft_process_ric(sm, pos, end, parse.ric, in wpa_sm_write_assoc_resp_ies()
2815 pos - ric_start); in wpa_sm_write_assoc_resp_ies()
2817 if (ric_start == pos) in wpa_sm_write_assoc_resp_ies()
2823 res = wpa_write_rsnxe(&sm->wpa_auth->conf, rsnxe, in wpa_sm_write_assoc_resp_ies()
2826 pos = NULL; in wpa_sm_write_assoc_resp_ies()
2833 sm->wpa_auth->conf.rsnxe_override_ft_set) { in wpa_sm_write_assoc_resp_ies()
2835 "TESTING: RSNXE FT override for MIC calculation"); in wpa_sm_write_assoc_resp_ies()
2836 rsnxe = sm->wpa_auth->conf.rsnxe_override_ft; in wpa_sm_write_assoc_resp_ies()
2837 rsnxe_len = sm->wpa_auth->conf.rsnxe_override_ft_len; in wpa_sm_write_assoc_resp_ies()
2843 if (wpa_key_mgmt_fils(sm->wpa_key_mgmt)) { in wpa_sm_write_assoc_resp_ies()
2844 kck = sm->PTK.kck2; in wpa_sm_write_assoc_resp_ies()
2845 kck_len = sm->PTK.kck2_len; in wpa_sm_write_assoc_resp_ies()
2847 kck = sm->PTK.kck; in wpa_sm_write_assoc_resp_ies()
2848 kck_len = sm->PTK.kck_len; in wpa_sm_write_assoc_resp_ies()
2851 wpa_ft_mic(sm->wpa_key_mgmt, kck, kck_len, in wpa_sm_write_assoc_resp_ies()
2852 sm->addr, sm->wpa_auth->addr, 6, in wpa_sm_write_assoc_resp_ies()
2855 ric_start, ric_start ? pos - ric_start : 0, in wpa_sm_write_assoc_resp_ies()
2859 wpa_printf(MSG_DEBUG, "FT: Failed to calculate MIC"); in wpa_sm_write_assoc_resp_ies()
2860 pos = NULL; in wpa_sm_write_assoc_resp_ies()
2864 os_free(sm->assoc_resp_ftie); in wpa_sm_write_assoc_resp_ies()
2865 sm->assoc_resp_ftie = os_malloc(ftie_len); in wpa_sm_write_assoc_resp_ies()
2866 if (!sm->assoc_resp_ftie) { in wpa_sm_write_assoc_resp_ies()
2867 pos = NULL; in wpa_sm_write_assoc_resp_ies()
2870 os_memcpy(sm->assoc_resp_ftie, ftie, ftie_len); in wpa_sm_write_assoc_resp_ies()
2874 return pos; in wpa_sm_write_assoc_resp_ies()
2884 if (wpa_auth->cb->set_key == NULL) in wpa_auth_set_key()
2885 return -1; in wpa_auth_set_key()
2886 return wpa_auth->cb->set_key(wpa_auth->cb_ctx, vlan_id, alg, addr, idx, in wpa_auth_set_key()
2897 if (!wpa_auth->cb->set_ltf_keyseed) in wpa_auth_set_ltf_keyseed()
2898 return -1; in wpa_auth_set_ltf_keyseed()
2899 return wpa_auth->cb->set_ltf_keyseed(wpa_auth->cb_ctx, peer_addr, in wpa_auth_set_ltf_keyseed()
2908 if (!wpa_auth->cb->add_sta_ft) in wpa_auth_add_sta_ft()
2909 return -1; in wpa_auth_add_sta_ft()
2910 return wpa_auth->cb->add_sta_ft(wpa_auth->cb_ctx, addr); in wpa_auth_add_sta_ft()
2919 /* MLME-SETKEYS.request(PTK) */ in wpa_ft_install_ptk()
2920 alg = wpa_cipher_to_alg(sm->pairwise); in wpa_ft_install_ptk()
2921 klen = wpa_cipher_key_len(sm->pairwise); in wpa_ft_install_ptk()
2922 if (!wpa_cipher_valid_pairwise(sm->pairwise)) { in wpa_ft_install_ptk()
2923 wpa_printf(MSG_DEBUG, "FT: Unknown pairwise alg 0x%x - skip " in wpa_ft_install_ptk()
2924 "PTK configuration", sm->pairwise); in wpa_ft_install_ptk()
2928 if (sm->tk_already_set) { in wpa_ft_install_ptk()
2932 "FT: Do not re-install same PTK to the driver"); in wpa_ft_install_ptk()
2937 wpa_auth_add_sta_ft(sm->wpa_auth, sm->addr); in wpa_ft_install_ptk()
2945 if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, sm->keyidx_active, in wpa_ft_install_ptk()
2946 sm->PTK.tk, klen, KEY_FLAG_PAIRWISE_RX_TX)) in wpa_ft_install_ptk()
2950 if (sm->wpa_auth->conf.secure_ltf && in wpa_ft_install_ptk()
2951 ieee802_11_rsnx_capab(sm->rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF) && in wpa_ft_install_ptk()
2952 wpa_auth_set_ltf_keyseed(sm->wpa_auth, sm->addr, in wpa_ft_install_ptk()
2953 sm->PTK.ltf_keyseed, in wpa_ft_install_ptk()
2954 sm->PTK.ltf_keyseed_len)) { in wpa_ft_install_ptk()
2961 /* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */ in wpa_ft_install_ptk()
2962 sm->pairwise_set = true; in wpa_ft_install_ptk()
2963 sm->tk_already_set = true; in wpa_ft_install_ptk()
2965 wpa_auth_store_ptksa(sm->wpa_auth, sm->addr, sm->pairwise, in wpa_ft_install_ptk()
2966 dot11RSNAConfigPMKLifetime, &sm->PTK); in wpa_ft_install_ptk()
2970 /* Derive PMK-R1 from PSK, check all available PSK */
2983 struct wpa_authenticator *wpa_auth = sm->wpa_auth; in wpa_ft_psk_pmk_r1()
2984 const u8 *mdid = wpa_auth->conf.mobility_domain; in wpa_ft_psk_pmk_r1()
2985 const u8 *r0kh = sm->r0kh_id; in wpa_ft_psk_pmk_r1()
2986 size_t r0kh_len = sm->r0kh_id_len; in wpa_ft_psk_pmk_r1()
2987 const u8 *r1kh = wpa_auth->conf.r1_key_holder; in wpa_ft_psk_pmk_r1()
2988 const u8 *ssid = wpa_auth->conf.ssid; in wpa_ft_psk_pmk_r1()
2989 size_t ssid_len = wpa_auth->conf.ssid_len; in wpa_ft_psk_pmk_r1()
2992 pairwise = sm->pairwise; in wpa_ft_psk_pmk_r1()
2995 pmk = wpa_ft_get_psk(wpa_auth, sm->addr, sm->p2p_dev_addr, in wpa_ft_psk_pmk_r1()
3001 r0kh_len, sm->addr, in wpa_ft_psk_pmk_r1()
3005 sm->addr, pmk_r1, pmk_r1_name) < 0 || in wpa_ft_psk_pmk_r1()
3012 "FT: Found PSK to generate PMK-R1 locally"); in wpa_ft_psk_pmk_r1()
3016 os_memcpy(sm->PMK, pmk, PMK_LEN); in wpa_ft_psk_pmk_r1()
3017 sm->pmk_len = PMK_LEN; in wpa_ft_psk_pmk_r1()
3019 wpa_ft_get_vlan(sm->wpa_auth, sm->addr, out_vlan) < 0) { in wpa_ft_psk_pmk_r1()
3021 MACSTR, MAC2STR(sm->addr)); in wpa_ft_psk_pmk_r1()
3022 return -1; in wpa_ft_psk_pmk_r1()
3027 sm->wpa_auth, sm->addr, out_identity); in wpa_ft_psk_pmk_r1()
3032 sm->wpa_auth, sm->addr, out_radius_cui); in wpa_ft_psk_pmk_r1()
3037 sm->wpa_auth, sm->addr); in wpa_ft_psk_pmk_r1()
3044 "FT: Did not find PSK to generate PMK-R1 locally"); in wpa_ft_psk_pmk_r1()
3045 return -1; in wpa_ft_psk_pmk_r1()
3050 * Required to detect FT-PSK and pairwise cipher.
3057 if (sm->wpa_key_mgmt) in wpa_ft_set_key_mgmt()
3060 key_mgmt = parse->key_mgmt & sm->wpa_auth->conf.wpa_key_mgmt; in wpa_ft_set_key_mgmt()
3063 MACSTR, parse->key_mgmt, MAC2STR(sm->addr)); in wpa_ft_set_key_mgmt()
3064 return -1; in wpa_ft_set_key_mgmt()
3067 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X; in wpa_ft_set_key_mgmt()
3070 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384; in wpa_ft_set_key_mgmt()
3073 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_PSK; in wpa_ft_set_key_mgmt()
3076 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256; in wpa_ft_set_key_mgmt()
3078 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384; in wpa_ft_set_key_mgmt()
3080 ciphers = parse->pairwise_cipher & sm->wpa_auth->conf.rsn_pairwise; in wpa_ft_set_key_mgmt()
3084 parse->pairwise_cipher, MAC2STR(sm->addr)); in wpa_ft_set_key_mgmt()
3085 return -1; in wpa_ft_set_key_mgmt()
3087 sm->pairwise = wpa_pick_pairwise_cipher(ciphers, 0); in wpa_ft_set_key_mgmt()
3106 struct wpa_auth_config *conf = &wpa_auth->conf; in wpa_ft_local_derive_pmk_r1()
3112 if (conf->r0_key_holder_len != r0kh_id_len || in wpa_ft_local_derive_pmk_r1()
3113 os_memcmp(conf->r0_key_holder, r0kh_id, conf->r0_key_holder_len) != in wpa_ft_local_derive_pmk_r1()
3115 return -1; /* not our R0KH-ID */ in wpa_ft_local_derive_pmk_r1()
3117 wpa_printf(MSG_DEBUG, "FT: STA R0KH-ID matching local configuration"); in wpa_ft_local_derive_pmk_r1()
3118 if (wpa_ft_fetch_pmk_r0(sm->wpa_auth, sm->addr, req_pmk_r0_name, &r0) < in wpa_ft_local_derive_pmk_r1()
3120 return -1; /* no matching PMKR0Name in local cache */ in wpa_ft_local_derive_pmk_r1()
3124 if (wpa_derive_pmk_r1(r0->pmk_r0, r0->pmk_r0_len, r0->pmk_r0_name, in wpa_ft_local_derive_pmk_r1()
3125 conf->r1_key_holder, in wpa_ft_local_derive_pmk_r1()
3126 sm->addr, out_pmk_r1, out_pmk_r1_name) < 0) in wpa_ft_local_derive_pmk_r1()
3127 return -1; in wpa_ft_local_derive_pmk_r1()
3130 if (r0->expiration) in wpa_ft_local_derive_pmk_r1()
3131 expires_in = r0->expiration - now.sec; in wpa_ft_local_derive_pmk_r1()
3133 if (r0->session_timeout) in wpa_ft_local_derive_pmk_r1()
3134 session_timeout = r0->session_timeout - now.sec; in wpa_ft_local_derive_pmk_r1()
3136 wpa_ft_store_pmk_r1(wpa_auth, sm->addr, out_pmk_r1, r0->pmk_r0_len, in wpa_ft_local_derive_pmk_r1()
3138 sm->pairwise, r0->vlan, expires_in, session_timeout, in wpa_ft_local_derive_pmk_r1()
3139 r0->identity, r0->identity_len, in wpa_ft_local_derive_pmk_r1()
3140 r0->radius_cui, r0->radius_cui_len); in wpa_ft_local_derive_pmk_r1()
3142 *out_pairwise = sm->pairwise; in wpa_ft_local_derive_pmk_r1()
3144 if (r0->vlan) in wpa_ft_local_derive_pmk_r1()
3145 *vlan = *r0->vlan; in wpa_ft_local_derive_pmk_r1()
3151 *identity = r0->identity; in wpa_ft_local_derive_pmk_r1()
3152 *identity_len = r0->identity_len; in wpa_ft_local_derive_pmk_r1()
3156 *radius_cui = r0->radius_cui; in wpa_ft_local_derive_pmk_r1()
3157 *radius_cui_len = r0->radius_cui_len; in wpa_ft_local_derive_pmk_r1()
3162 *pmk_r1_len = r0->pmk_r0_len; in wpa_ft_local_derive_pmk_r1()
3179 u8 *pos, *end; in wpa_ft_process_auth_req() local
3190 sm->pmk_r1_name_valid = 0; in wpa_ft_process_auth_req()
3191 conf = &sm->wpa_auth->conf; in wpa_ft_process_auth_req()
3203 os_memcmp(mdie->mobility_domain, in wpa_ft_process_auth_req()
3204 sm->wpa_auth->conf.mobility_domain, in wpa_ft_process_auth_req()
3218 wpa_printf(MSG_DEBUG, "FT: Invalid FTIE - no R0KH-ID"); in wpa_ft_process_auth_req()
3223 wpa_hexdump(MSG_DEBUG, "FT: STA R0KH-ID", in wpa_ft_process_auth_req()
3225 os_memcpy(sm->r0kh_id, parse.r0kh_id, parse.r0kh_id_len); in wpa_ft_process_auth_req()
3226 sm->r0kh_id_len = parse.r0kh_id_len; in wpa_ft_process_auth_req()
3240 if (conf->ft_psk_generate_local && in wpa_ft_process_auth_req()
3241 wpa_key_mgmt_ft_psk(sm->wpa_key_mgmt)) { in wpa_ft_process_auth_req()
3243 sm->wpa_auth->conf.r1_key_holder, in wpa_ft_process_auth_req()
3244 sm->addr, pmk_r1_name, PMK_LEN) < 0) in wpa_ft_process_auth_req()
3255 "FT: Generated PMK-R1 for FT-PSK locally"); in wpa_ft_process_auth_req()
3259 /* Need to test all possible hash algorithms for FT-SAE-EXT-KEY since in wpa_ft_process_auth_req()
3270 sm->wpa_auth->conf.r1_key_holder, in wpa_ft_process_auth_req()
3271 sm->addr, pmk_r1_name, len) < 0) in wpa_ft_process_auth_req()
3274 if (wpa_ft_fetch_pmk_r1(sm->wpa_auth, sm->addr, pmk_r1_name, in wpa_ft_process_auth_req()
3287 "FT: No PMK-R1 available in local cache for the requested PMKR1Name"); in wpa_ft_process_auth_req()
3288 if (wpa_ft_local_derive_pmk_r1(sm->wpa_auth, sm, in wpa_ft_process_auth_req()
3296 "FT: Generated PMK-R1 based on local PMK-R0"); in wpa_ft_process_auth_req()
3302 "FT: Did not have matching PMK-R1 and either unknown or blocked R0KH-ID or NAK from R0KH"); in wpa_ft_process_auth_req()
3307 retval = -1; /* Status pending */ in wpa_ft_process_auth_req()
3311 wpa_hexdump_key(MSG_DEBUG, "FT: Selected PMK-R1", pmk_r1, pmk_r1_len); in wpa_ft_process_auth_req()
3312 sm->pmk_r1_name_valid = 1; in wpa_ft_process_auth_req()
3313 os_memcpy(sm->pmk_r1_name, pmk_r1_name, WPA_PMK_NAME_LEN); in wpa_ft_process_auth_req()
3314 os_memcpy(sm->pmk_r1, pmk_r1, pmk_r1_len); in wpa_ft_process_auth_req()
3315 sm->pmk_r1_len = pmk_r1_len; in wpa_ft_process_auth_req()
3317 if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) { in wpa_ft_process_auth_req()
3323 /* Now that we know the correct PMK-R1 length and as such, the length in wpa_ft_process_auth_req()
3324 * of the MIC field, fetch the SNonce. */ in wpa_ft_process_auth_req()
3335 os_memcpy(sm->SNonce, ftie->snonce, WPA_NONCE_LEN); in wpa_ft_process_auth_req()
3346 os_memcpy(sm->SNonce, ftie->snonce, WPA_NONCE_LEN); in wpa_ft_process_auth_req()
3357 os_memcpy(sm->SNonce, ftie->snonce, WPA_NONCE_LEN); in wpa_ft_process_auth_req()
3361 sm->SNonce, WPA_NONCE_LEN); in wpa_ft_process_auth_req()
3363 sm->ANonce, WPA_NONCE_LEN); in wpa_ft_process_auth_req()
3365 if (sm->wpa_auth->conf.force_kdk_derivation || in wpa_ft_process_auth_req()
3366 (sm->wpa_auth->conf.secure_ltf && in wpa_ft_process_auth_req()
3367 ieee802_11_rsnx_capab(sm->rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF))) in wpa_ft_process_auth_req()
3372 if (wpa_pmk_r1_to_ptk(pmk_r1, pmk_r1_len, sm->SNonce, sm->ANonce, in wpa_ft_process_auth_req()
3373 sm->addr, sm->wpa_auth->addr, pmk_r1_name, in wpa_ft_process_auth_req()
3374 &sm->PTK, ptk_name, parse.key_mgmt, in wpa_ft_process_auth_req()
3379 if (sm->wpa_auth->conf.secure_ltf && in wpa_ft_process_auth_req()
3380 ieee802_11_rsnx_capab(sm->rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF) && in wpa_ft_process_auth_req()
3381 wpa_ltf_keyseed(&sm->PTK, parse.key_mgmt, pairwise)) { in wpa_ft_process_auth_req()
3387 sm->pairwise = pairwise; in wpa_ft_process_auth_req()
3388 sm->PTK_valid = true; in wpa_ft_process_auth_req()
3389 sm->tk_already_set = false; in wpa_ft_process_auth_req()
3392 if (wpa_ft_set_vlan(sm->wpa_auth, sm->addr, &vlan) < 0) { in wpa_ft_process_auth_req()
3396 if (wpa_ft_set_identity(sm->wpa_auth, sm->addr, in wpa_ft_process_auth_req()
3398 wpa_ft_set_radius_cui(sm->wpa_auth, sm->addr, in wpa_ft_process_auth_req()
3403 wpa_ft_set_session_timeout(sm->wpa_auth, sm->addr, session_timeout); in wpa_ft_process_auth_req()
3411 pos = *resp_ies; in wpa_ft_process_auth_req()
3414 ret = wpa_write_rsn_ie(conf, pos, end - pos, parse.rsn_pmkid); in wpa_ft_process_auth_req()
3417 pos += ret; in wpa_ft_process_auth_req()
3419 ret = wpa_write_mdie(conf, pos, end - pos); in wpa_ft_process_auth_req()
3422 pos += ret; in wpa_ft_process_auth_req()
3426 sm->ANonce, sm->SNonce, pos, end - pos, NULL, 0, in wpa_ft_process_auth_req()
3430 pos += ret; in wpa_ft_process_auth_req()
3432 *resp_ies_len = pos - *resp_ies; in wpa_ft_process_auth_req()
3465 MAC2STR(sm->addr), MAC2STR(sm->wpa_auth->addr), in wpa_ft_process_auth()
3467 sm->ft_pending_cb = cb; in wpa_ft_process_auth()
3468 sm->ft_pending_cb_ctx = ctx; in wpa_ft_process_auth()
3469 sm->ft_pending_auth_transaction = auth_transaction; in wpa_ft_process_auth()
3470 sm->ft_pending_pull_left_retries = sm->wpa_auth->conf.rkh_pull_retries; in wpa_ft_process_auth()
3481 MAC2STR(sm->addr), auth_transaction + 1, status, in wpa_ft_process_auth()
3484 cb(ctx, sm->addr, auth_transaction + 1, status, resp_ies, resp_ies_len); in wpa_ft_process_auth()
3494 u8 mic[WPA_EAPOL_KEY_MIC_MAX_LEN]; in wpa_ft_validate_reassoc() local
3505 conf = &sm->wpa_auth->conf; in wpa_ft_validate_reassoc()
3509 if (wpa_ft_parse_ies(ies, ies_len, &parse, sm->wpa_key_mgmt, in wpa_ft_validate_reassoc()
3526 if (os_memcmp_const(parse.rsn_pmkid, sm->pmk_r1_name, WPA_PMK_NAME_LEN) in wpa_ft_validate_reassoc()
3536 os_memcmp(mdie->mobility_domain, conf->mobility_domain, in wpa_ft_validate_reassoc()
3543 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_FT_SAE_EXT_KEY && in wpa_ft_validate_reassoc()
3544 sm->pmk_r1_len == SHA512_MAC_LEN) in wpa_ft_validate_reassoc()
3546 else if ((sm->wpa_key_mgmt == WPA_KEY_MGMT_FT_SAE_EXT_KEY && in wpa_ft_validate_reassoc()
3547 sm->pmk_r1_len == SHA384_MAC_LEN) || in wpa_ft_validate_reassoc()
3548 wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) in wpa_ft_validate_reassoc()
3562 if (os_memcmp(parse.fte_snonce, sm->SNonce, WPA_NONCE_LEN) != 0) { in wpa_ft_validate_reassoc()
3567 sm->SNonce, WPA_NONCE_LEN); in wpa_ft_validate_reassoc()
3572 if (os_memcmp(parse.fte_anonce, sm->ANonce, WPA_NONCE_LEN) != 0) { in wpa_ft_validate_reassoc()
3577 sm->ANonce, WPA_NONCE_LEN); in wpa_ft_validate_reassoc()
3583 wpa_printf(MSG_DEBUG, "FT: No R0KH-ID subelem in FTIE"); in wpa_ft_validate_reassoc()
3588 if (parse.r0kh_id_len != sm->r0kh_id_len || in wpa_ft_validate_reassoc()
3589 os_memcmp_const(parse.r0kh_id, sm->r0kh_id, parse.r0kh_id_len) != 0) in wpa_ft_validate_reassoc()
3591 wpa_printf(MSG_DEBUG, "FT: R0KH-ID in FTIE did not match with " in wpa_ft_validate_reassoc()
3592 "the current R0KH-ID"); in wpa_ft_validate_reassoc()
3593 wpa_hexdump(MSG_DEBUG, "FT: R0KH-ID in FTIE", in wpa_ft_validate_reassoc()
3595 wpa_hexdump(MSG_DEBUG, "FT: The current R0KH-ID", in wpa_ft_validate_reassoc()
3596 sm->r0kh_id, sm->r0kh_id_len); in wpa_ft_validate_reassoc()
3602 wpa_printf(MSG_DEBUG, "FT: No R1KH-ID subelem in FTIE"); in wpa_ft_validate_reassoc()
3607 if (os_memcmp_const(parse.r1kh_id, conf->r1_key_holder, in wpa_ft_validate_reassoc()
3609 wpa_printf(MSG_DEBUG, "FT: Unknown R1KH-ID used in " in wpa_ft_validate_reassoc()
3611 wpa_hexdump(MSG_DEBUG, "FT: R1KH-ID in FTIE", in wpa_ft_validate_reassoc()
3613 wpa_hexdump(MSG_DEBUG, "FT: Expected R1KH-ID", in wpa_ft_validate_reassoc()
3614 conf->r1_key_holder, FT_R1KH_ID_LEN); in wpa_ft_validate_reassoc()
3620 os_memcmp_const(parse.rsn_pmkid, sm->pmk_r1_name, WPA_PMK_NAME_LEN)) in wpa_ft_validate_reassoc()
3634 wpa_printf(MSG_DEBUG, "FT: Unexpected IE count in MIC " in wpa_ft_validate_reassoc()
3640 if (wpa_key_mgmt_fils(sm->wpa_key_mgmt)) { in wpa_ft_validate_reassoc()
3641 kck = sm->PTK.kck2; in wpa_ft_validate_reassoc()
3642 kck_len = sm->PTK.kck2_len; in wpa_ft_validate_reassoc()
3644 kck = sm->PTK.kck; in wpa_ft_validate_reassoc()
3645 kck_len = sm->PTK.kck_len; in wpa_ft_validate_reassoc()
3647 if (wpa_ft_mic(sm->wpa_key_mgmt, kck, kck_len, in wpa_ft_validate_reassoc()
3648 sm->addr, sm->wpa_auth->addr, 5, in wpa_ft_validate_reassoc()
3649 parse.mdie - 2, parse.mdie_len + 2, in wpa_ft_validate_reassoc()
3650 parse.ftie - 2, parse.ftie_len + 2, in wpa_ft_validate_reassoc()
3651 parse.rsn - 2, parse.rsn_len + 2, in wpa_ft_validate_reassoc()
3653 parse.rsnxe ? parse.rsnxe - 2 : NULL, in wpa_ft_validate_reassoc()
3656 mic) < 0) { in wpa_ft_validate_reassoc()
3657 wpa_printf(MSG_DEBUG, "FT: Failed to calculate MIC"); in wpa_ft_validate_reassoc()
3661 if (os_memcmp_const(mic, parse.fte_mic, mic_len) != 0) { in wpa_ft_validate_reassoc()
3662 wpa_printf(MSG_DEBUG, "FT: Invalid MIC in FTIE"); in wpa_ft_validate_reassoc()
3664 MAC2STR(sm->addr), MAC2STR(sm->wpa_auth->addr)); in wpa_ft_validate_reassoc()
3665 wpa_hexdump(MSG_MSGDUMP, "FT: Received MIC", in wpa_ft_validate_reassoc()
3667 wpa_hexdump(MSG_MSGDUMP, "FT: Calculated MIC", mic, mic_len); in wpa_ft_validate_reassoc()
3669 parse.mdie - 2, parse.mdie_len + 2); in wpa_ft_validate_reassoc()
3671 parse.ftie - 2, parse.ftie_len + 2); in wpa_ft_validate_reassoc()
3673 parse.rsn - 2, parse.rsn_len + 2); in wpa_ft_validate_reassoc()
3675 parse.rsnxe ? parse.rsnxe - 2 : NULL, in wpa_ft_validate_reassoc()
3682 (conf->sae_pwe == SAE_PWE_HASH_TO_ELEMENT || in wpa_ft_validate_reassoc()
3683 conf->sae_pwe == SAE_PWE_BOTH) && in wpa_ft_validate_reassoc()
3687 retval = -1; /* discard request */ in wpa_ft_validate_reassoc()
3698 if (wpa_channel_info(sm->wpa_auth, &ci) != 0) { in wpa_ft_validate_reassoc()
3719 if (sm->wpa_auth->conf.msg_ctx) in wpa_ft_validate_reassoc()
3720 wpa_msg(sm->wpa_auth->conf.msg_ctx, MSG_INFO, in wpa_ft_validate_reassoc()
3722 " frame=ft-reassoc-req error=%s", in wpa_ft_validate_reassoc()
3723 MAC2STR(sm->addr), ocv_errorstr); in wpa_ft_validate_reassoc()
3746 return -1; in wpa_ft_action_rx()
3756 return -1; in wpa_ft_action_rx()
3763 ies_len = len - 14; in wpa_ft_action_rx()
3769 if (!ether_addr_equal(sta_addr, sm->addr)) { in wpa_ft_action_rx()
3771 "STA=" MACSTR " STA-Address=" MACSTR, in wpa_ft_action_rx()
3772 MAC2STR(sm->addr), MAC2STR(sta_addr)); in wpa_ft_action_rx()
3773 return -1; in wpa_ft_action_rx()
3782 ether_addr_equal(target_ap, sm->wpa_auth->addr)) { in wpa_ft_action_rx()
3785 return -1; in wpa_ft_action_rx()
3790 if (!sm->wpa_auth->conf.ft_over_ds) { in wpa_ft_action_rx()
3791 wpa_printf(MSG_DEBUG, "FT: Over-DS option disabled - reject"); in wpa_ft_action_rx()
3792 return -1; in wpa_ft_action_rx()
3795 /* RRB - Forward action frame to the target AP */ in wpa_ft_action_rx()
3798 return -1; in wpa_ft_action_rx()
3799 frame->frame_type = RSN_REMOTE_FRAME_TYPE_FT_RRB; in wpa_ft_action_rx()
3800 frame->packet_type = FT_PACKET_REQUEST; in wpa_ft_action_rx()
3801 frame->action_length = host_to_le16(len); in wpa_ft_action_rx()
3802 os_memcpy(frame->ap_address, sm->wpa_auth->addr, ETH_ALEN); in wpa_ft_action_rx()
3805 wpa_ft_rrb_send(sm->wpa_auth, target_ap, (u8 *) frame, in wpa_ft_action_rx()
3818 wpa_printf(MSG_DEBUG, "FT: Over-the-DS RX request cb for " MACSTR, in wpa_ft_rrb_rx_request_cb()
3819 MAC2STR(sm->addr)); in wpa_ft_rrb_rx_request_cb()
3820 wpa_ft_send_rrb_auth_resp(sm, sm->ft_pending_current_ap, sm->addr, in wpa_ft_rrb_rx_request_cb()
3839 return -1; in wpa_ft_rrb_rx_request()
3844 sm->ft_pending_cb = wpa_ft_rrb_rx_request_cb; in wpa_ft_rrb_rx_request()
3845 sm->ft_pending_cb_ctx = sm; in wpa_ft_rrb_rx_request()
3846 os_memcpy(sm->ft_pending_current_ap, current_ap, ETH_ALEN); in wpa_ft_rrb_rx_request()
3847 sm->ft_pending_pull_left_retries = sm->wpa_auth->conf.rkh_pull_retries; in wpa_ft_rrb_rx_request()
3851 wpa_printf(MSG_DEBUG, "FT: No immediate response available - wait for pull response"); in wpa_ft_rrb_rx_request()
3868 struct wpa_authenticator *wpa_auth = sm->wpa_auth; in wpa_ft_send_rrb_auth_resp()
3871 u8 *pos; in wpa_ft_send_rrb_auth_resp() local
3875 MAC2STR(sm->addr), MAC2STR(current_ap), status, in wpa_ft_send_rrb_auth_resp()
3879 /* RRB - Forward action frame response to the Current AP */ in wpa_ft_send_rrb_auth_resp()
3889 return -1; in wpa_ft_send_rrb_auth_resp()
3890 frame->frame_type = RSN_REMOTE_FRAME_TYPE_FT_RRB; in wpa_ft_send_rrb_auth_resp()
3891 frame->packet_type = FT_PACKET_RESPONSE; in wpa_ft_send_rrb_auth_resp()
3892 frame->action_length = host_to_le16(rlen); in wpa_ft_send_rrb_auth_resp()
3893 os_memcpy(frame->ap_address, wpa_auth->addr, ETH_ALEN); in wpa_ft_send_rrb_auth_resp()
3894 pos = (u8 *) (frame + 1); in wpa_ft_send_rrb_auth_resp()
3895 *pos++ = WLAN_ACTION_FT; in wpa_ft_send_rrb_auth_resp()
3896 *pos++ = 2; /* Action: Response */ in wpa_ft_send_rrb_auth_resp()
3897 os_memcpy(pos, sta_addr, ETH_ALEN); in wpa_ft_send_rrb_auth_resp()
3898 pos += ETH_ALEN; in wpa_ft_send_rrb_auth_resp()
3899 os_memcpy(pos, wpa_auth->addr, ETH_ALEN); in wpa_ft_send_rrb_auth_resp()
3900 pos += ETH_ALEN; in wpa_ft_send_rrb_auth_resp()
3901 WPA_PUT_LE16(pos, status); in wpa_ft_send_rrb_auth_resp()
3902 pos += 2; in wpa_ft_send_rrb_auth_resp()
3904 os_memcpy(pos, resp_ies, resp_ies_len); in wpa_ft_send_rrb_auth_resp()
3923 size_t pmk_r1_len = pmk_r0->pmk_r0_len; in wpa_ft_rrb_build_r0()
3941 { .type = FT_RRB_IDENTITY, .len = pmk_r0->identity_len, in wpa_ft_rrb_build_r0()
3942 .data = pmk_r0->identity }, in wpa_ft_rrb_build_r0()
3943 { .type = FT_RRB_RADIUS_CUI, .len = pmk_r0->radius_cui_len, in wpa_ft_rrb_build_r0()
3944 .data = pmk_r0->radius_cui }, in wpa_ft_rrb_build_r0()
3951 wpa_printf(MSG_DEBUG, "FT: Derive PMK-R1 for peer AP"); in wpa_ft_rrb_build_r0()
3952 if (wpa_derive_pmk_r1(pmk_r0->pmk_r0, pmk_r0->pmk_r0_len, in wpa_ft_rrb_build_r0()
3953 pmk_r0->pmk_r0_name, r1kh_id, in wpa_ft_rrb_build_r0()
3955 return -1; in wpa_ft_rrb_build_r0()
3956 WPA_PUT_LE16(f_pairwise, pmk_r0->pairwise); in wpa_ft_rrb_build_r0()
3959 if (pmk_r0->expiration > now.sec) in wpa_ft_rrb_build_r0()
3960 expires_in = pmk_r0->expiration - now.sec; in wpa_ft_rrb_build_r0()
3961 else if (pmk_r0->expiration) in wpa_ft_rrb_build_r0()
3967 if (pmk_r0->session_timeout > now.sec) in wpa_ft_rrb_build_r0()
3968 session_timeout = pmk_r0->session_timeout - now.sec; in wpa_ft_rrb_build_r0()
3969 else if (pmk_r0->session_timeout) in wpa_ft_rrb_build_r0()
3976 pmk_r0->vlan, src_addr, type, in wpa_ft_rrb_build_r0()
4007 wpa_printf(MSG_DEBUG, "FT: Received PMK-R1 pull"); in wpa_ft_rrb_rx_pull()
4009 RRB_GET_AUTH(FT_RRB_R0KH_ID, r0kh_id, msgtype, -1); in wpa_ft_rrb_rx_pull()
4010 wpa_hexdump(MSG_DEBUG, "FT: R0KH-ID", f_r0kh_id, f_r0kh_id_len); in wpa_ft_rrb_rx_pull()
4013 wpa_printf(MSG_DEBUG, "FT: R0KH-ID mismatch"); in wpa_ft_rrb_rx_pull()
4018 wpa_printf(MSG_DEBUG, "FT: R1KH-ID=" MACSTR, MAC2STR(f_r1kh_id)); in wpa_ft_rrb_rx_pull()
4022 key = r1kh->key; in wpa_ft_rrb_rx_pull()
4023 key_len = sizeof(r1kh->key); in wpa_ft_rrb_rx_pull()
4025 wpa_printf(MSG_DEBUG, "FT: Using wildcard R1KH-ID"); in wpa_ft_rrb_rx_pull()
4026 key = r1kh_wildcard->key; in wpa_ft_rrb_rx_pull()
4027 key_len = sizeof(r1kh_wildcard->key); in wpa_ft_rrb_rx_pull()
4037 seq_ret = wpa_ft_rrb_seq_chk(r1kh->seq, src_addr, enc, enc_len, in wpa_ft_rrb_rx_pull()
4040 (!r1kh || !ether_addr_equal(r1kh->addr, src_addr))) { in wpa_ft_rrb_rx_pull()
4041 /* wildcard: r1kh-id unknown or changed addr -> do a seq req */ in wpa_ft_rrb_rx_pull()
4056 wpa_auth->conf.rkh_pos_timeout); in wpa_ft_rrb_rx_pull()
4061 wpa_ft_rrb_seq_req(wpa_auth, r1kh->seq, src_addr, f_r0kh_id, in wpa_ft_rrb_rx_pull()
4068 wpa_ft_rrb_seq_accept(wpa_auth, r1kh->seq, src_addr, auth, auth_len, in wpa_ft_rrb_rx_pull()
4071 wpa_auth->conf.rkh_pos_timeout); in wpa_ft_rrb_rx_pull()
4078 wpa_printf(MSG_DEBUG, "FT: S1KH-ID=" MACSTR, MAC2STR(f_s1kh_id)); in wpa_ft_rrb_rx_pull()
4080 if (wpa_ft_new_seq(r1kh->seq, &f_seq) < 0) { in wpa_ft_rrb_rx_pull()
4085 wpa_printf(MSG_DEBUG, "FT: Send PMK-R1 pull response from " MACSTR in wpa_ft_rrb_rx_pull()
4087 MAC2STR(wpa_auth->addr), MAC2STR(src_addr)); in wpa_ft_rrb_rx_pull()
4113 wpa_printf(MSG_DEBUG, "FT: No matching PMK-R0-Name found"); in wpa_ft_rrb_rx_pull()
4115 NULL, wpa_auth->addr, in wpa_ft_rrb_rx_pull()
4120 f_s1kh_id, resp_auth, wpa_auth->addr, in wpa_ft_rrb_rx_pull()
4139 * -1 on error
4140 * -2 if FR_RRB_PAIRWISE is missing
4170 int ret = -1; in wpa_ft_rrb_rx_r1()
4176 RRB_GET_AUTH(FT_RRB_R0KH_ID, r0kh_id, msgtype, -1); in wpa_ft_rrb_rx_r1()
4177 wpa_hexdump(MSG_DEBUG, "FT: R0KH-ID", f_r0kh_id, f_r0kh_id_len); in wpa_ft_rrb_rx_r1()
4180 wpa_printf(MSG_DEBUG, "FT: R1KH-ID=" MACSTR, MAC2STR(f_r1kh_id)); in wpa_ft_rrb_rx_r1()
4183 wpa_printf(MSG_DEBUG, "FT: R1KH-ID mismatch"); in wpa_ft_rrb_rx_r1()
4190 key = r0kh->key; in wpa_ft_rrb_rx_r1()
4191 key_len = sizeof(r0kh->key); in wpa_ft_rrb_rx_r1()
4193 wpa_printf(MSG_DEBUG, "FT: Using wildcard R0KH-ID"); in wpa_ft_rrb_rx_r1()
4194 key = r0kh_wildcard->key; in wpa_ft_rrb_rx_r1()
4195 key_len = sizeof(r0kh_wildcard->key); in wpa_ft_rrb_rx_r1()
4202 seq_ret = wpa_ft_rrb_seq_chk(r0kh->seq, src_addr, enc, enc_len, in wpa_ft_rrb_rx_r1()
4207 (!r0kh || !ether_addr_equal(r0kh->addr, src_addr))) { in wpa_ft_rrb_rx_r1()
4208 /* wildcard: r0kh-id unknown or changed addr -> do a seq req */ in wpa_ft_rrb_rx_r1()
4222 wpa_auth->conf.rkh_pos_timeout); in wpa_ft_rrb_rx_r1()
4227 wpa_ft_rrb_seq_req(wpa_auth, r0kh->seq, src_addr, f_r0kh_id, in wpa_ft_rrb_rx_r1()
4233 wpa_ft_rrb_seq_accept(wpa_auth, r0kh->seq, src_addr, auth, auth_len, in wpa_ft_rrb_rx_r1()
4236 wpa_auth->conf.rkh_pos_timeout); in wpa_ft_rrb_rx_r1()
4239 wpa_printf(MSG_DEBUG, "FT: S1KH-ID=" MACSTR, MAC2STR(f_s1kh_id)); in wpa_ft_rrb_rx_r1()
4244 ret = -2; in wpa_ft_rrb_rx_r1()
4248 ret = -1; in wpa_ft_rrb_rx_r1()
4260 wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", f_pmk_r1, pmk_r1_len); in wpa_ft_rrb_rx_r1()
4271 wpa_printf(MSG_DEBUG, "FT: PMK-R1 %s - expires_in=%d", msgtype, in wpa_ft_rrb_rx_r1()
4283 RRB_GET_OPTIONAL(FT_RRB_IDENTITY, identity, msgtype, -1); in wpa_ft_rrb_rx_r1()
4288 RRB_GET_OPTIONAL(FT_RRB_RADIUS_CUI, radius_cui, msgtype, -1); in wpa_ft_rrb_rx_r1()
4324 if (!sm->ft_pending_cb || !sm->ft_pending_req_ies) in ft_finish_pull()
4327 res = wpa_ft_process_auth_req(sm, wpabuf_head(sm->ft_pending_req_ies), in ft_finish_pull()
4328 wpabuf_len(sm->ft_pending_req_ies), in ft_finish_pull()
4336 wpabuf_free(sm->ft_pending_req_ies); in ft_finish_pull()
4337 sm->ft_pending_req_ies = NULL; in ft_finish_pull()
4340 " - status %u", MAC2STR(sm->addr), status); in ft_finish_pull()
4342 sm->ft_pending_cb(sm->ft_pending_cb_ctx, sm->addr, in ft_finish_pull()
4343 sm->ft_pending_auth_transaction + 1, status, in ft_finish_pull()
4360 if ((info->s1kh_id && in ft_get_sta_cb()
4361 !ether_addr_equal(info->s1kh_id, sm->addr)) || in ft_get_sta_cb()
4362 os_memcmp(info->nonce, sm->ft_pending_pull_nonce, in ft_get_sta_cb()
4364 sm->ft_pending_cb == NULL || sm->ft_pending_req_ies == NULL) in ft_get_sta_cb()
4367 info->sm = sm; in ft_get_sta_cb()
4380 int nak, ret = -1; in wpa_ft_rrb_rx_resp()
4386 wpa_printf(MSG_DEBUG, "FT: Received PMK-R1 pull response"); in wpa_ft_rrb_rx_resp()
4396 return -1; in wpa_ft_rrb_rx_resp()
4402 if (ret == -2) { in wpa_ft_rrb_rx_resp()
4409 return -1; in wpa_ft_rrb_rx_resp()
4415 MAC2STR(ctx.sm->addr)); in wpa_ft_rrb_rx_resp()
4418 ctx.sm->ft_pending_pull_left_retries = 0; in wpa_ft_rrb_rx_resp()
4434 wpa_printf(MSG_DEBUG, "FT: Received PMK-R1 push"); in wpa_ft_rrb_rx_push()
4439 return -1; in wpa_ft_rrb_rx_push()
4466 RRB_GET_AUTH(FT_RRB_R0KH_ID, r0kh_id, "seq", -1); in wpa_ft_rrb_rx_seq()
4473 wpa_printf(MSG_DEBUG, "FT: seq - local R0KH-ID and R1KH-ID"); in wpa_ft_rrb_rx_seq()
4478 wpa_printf(MSG_DEBUG, "FT: seq - remote R0KH-ID and R1KH-ID"); in wpa_ft_rrb_rx_seq()
4486 (!r0kh || !ether_addr_equal(r0kh->addr, src_addr))) { in wpa_ft_rrb_rx_seq()
4487 wpa_hexdump(MSG_DEBUG, "FT: Did not find R0KH-ID", in wpa_ft_rrb_rx_seq()
4492 *key = r0kh->key; in wpa_ft_rrb_rx_seq()
4493 *key_len = sizeof(r0kh->key); in wpa_ft_rrb_rx_seq()
4495 *key = r0kh_wildcard->key; in wpa_ft_rrb_rx_seq()
4496 *key_len = sizeof(r0kh_wildcard->key); in wpa_ft_rrb_rx_seq()
4504 (!r1kh || !ether_addr_equal(r1kh->addr, src_addr))) { in wpa_ft_rrb_rx_seq()
4505 wpa_hexdump(MSG_DEBUG, "FT: Did not find R1KH-ID", in wpa_ft_rrb_rx_seq()
4510 *key = r1kh->key; in wpa_ft_rrb_rx_seq()
4511 *key_len = sizeof(r1kh->key); in wpa_ft_rrb_rx_seq()
4513 *key = r1kh_wildcard->key; in wpa_ft_rrb_rx_seq()
4514 *key_len = sizeof(r1kh_wildcard->key); in wpa_ft_rrb_rx_seq()
4534 *rkh_seq = r0kh->seq; in wpa_ft_rrb_rx_seq()
4550 *rkh_seq = r1kh->seq; in wpa_ft_rrb_rx_seq()
4559 return -1; in wpa_ft_rrb_rx_seq()
4569 int ret = -1; in wpa_ft_rrb_rx_seq_req()
4586 wpa_hexdump(MSG_DEBUG, "FT: seq request - nonce", f_nonce, f_nonce_len); in wpa_ft_rrb_rx_seq_req()
4588 RRB_GET_AUTH(FT_RRB_R0KH_ID, r0kh_id, "seq", -1); in wpa_ft_rrb_rx_seq_req()
4598 MAC2STR(wpa_auth->addr), MAC2STR(src_addr)); in wpa_ft_rrb_rx_seq_req()
4617 wpa_auth->addr, FT_PACKET_R0KH_R1KH_SEQ_RESP, in wpa_ft_rrb_rx_seq_req()
4660 wpa_hexdump(MSG_DEBUG, "FT: seq response - nonce", f_nonce, in wpa_ft_rrb_rx_seq_resp()
4664 dl_list_for_each(item, &rkh_seq->rx.queue, struct ft_remote_item, in wpa_ft_rrb_rx_seq_resp()
4666 if (os_memcmp_const(f_nonce, item->nonce, in wpa_ft_rrb_rx_seq_resp()
4669 os_reltime_expired(&now, &item->nonce_ts, ftRRBseqTimeout)) in wpa_ft_rrb_rx_seq_resp()
4676 wpa_printf(MSG_DEBUG, "FT: seq response - bad nonce"); in wpa_ft_rrb_rx_seq_resp()
4682 wpa_auth->conf.rkh_pos_timeout); in wpa_ft_rrb_rx_seq_resp()
4684 os_memcpy(r0kh->addr, src_addr, ETH_ALEN); in wpa_ft_rrb_rx_seq_resp()
4689 wpa_auth->conf.rkh_pos_timeout); in wpa_ft_rrb_rx_seq_resp()
4691 os_memcpy(r1kh->addr, src_addr, ETH_ALEN); in wpa_ft_rrb_rx_seq_resp()
4697 wpa_printf(MSG_DEBUG, "FT: seq response - valid seq number"); in wpa_ft_rrb_rx_seq_resp()
4701 wpa_printf(MSG_DEBUG, "FT: seq response - reset seq number"); in wpa_ft_rrb_rx_seq_resp()
4707 msg_dom = le_to_host32(msg_both->dom); in wpa_ft_rrb_rx_seq_resp()
4708 msg_seq = le_to_host32(msg_both->seq); in wpa_ft_rrb_rx_seq_resp()
4709 now_remote.sec = le_to_host32(msg_both->ts); in wpa_ft_rrb_rx_seq_resp()
4712 rkh_seq->rx.num_last = 2; in wpa_ft_rrb_rx_seq_resp()
4713 rkh_seq->rx.dom = msg_dom; in wpa_ft_rrb_rx_seq_resp()
4714 rkh_seq->rx.offsetidx = 0; in wpa_ft_rrb_rx_seq_resp()
4716 rkh_seq->rx.last[0] = msg_seq - FT_REMOTE_SEQ_BACKLOG - in wpa_ft_rrb_rx_seq_resp()
4717 dl_list_len(&rkh_seq->rx.queue); in wpa_ft_rrb_rx_seq_resp()
4718 rkh_seq->rx.last[1] = msg_seq; in wpa_ft_rrb_rx_seq_resp()
4720 /* local time - offset = remote time in wpa_ft_rrb_rx_seq_resp()
4721 * <=> local time - remote time = offset */ in wpa_ft_rrb_rx_seq_resp()
4722 os_reltime_sub(&now, &now_remote, &rkh_seq->rx.time_offset); in wpa_ft_rrb_rx_seq_resp()
4729 return -1; in wpa_ft_rrb_rx_seq_resp()
4738 const u8 *pos, *end, *start; in wpa_ft_rrb_rx() local
4748 return -1; in wpa_ft_rrb_rx()
4751 pos = data; in wpa_ft_rrb_rx()
4752 frame = (struct ft_rrb_frame *) pos; in wpa_ft_rrb_rx()
4753 pos += sizeof(*frame); in wpa_ft_rrb_rx()
4755 alen = le_to_host16(frame->action_length); in wpa_ft_rrb_rx()
4756 wpa_printf(MSG_DEBUG, "FT: RRB frame - frame_type=%d packet_type=%d " in wpa_ft_rrb_rx()
4758 frame->frame_type, frame->packet_type, alen, in wpa_ft_rrb_rx()
4759 MAC2STR(frame->ap_address)); in wpa_ft_rrb_rx()
4761 if (frame->frame_type != RSN_REMOTE_FRAME_TYPE_FT_RRB) { in wpa_ft_rrb_rx()
4762 /* Discard frame per IEEE Std 802.11r-2008, 11A.10.3 */ in wpa_ft_rrb_rx()
4764 "unrecognized type %d", frame->frame_type); in wpa_ft_rrb_rx()
4765 return -1; in wpa_ft_rrb_rx()
4768 if (alen > data_len - sizeof(*frame)) { in wpa_ft_rrb_rx()
4771 return -1; in wpa_ft_rrb_rx()
4774 wpa_hexdump(MSG_MSGDUMP, "FT: RRB - FT Action frame", pos, alen); in wpa_ft_rrb_rx()
4780 return -1; in wpa_ft_rrb_rx()
4782 start = pos; in wpa_ft_rrb_rx()
4783 end = pos + alen; in wpa_ft_rrb_rx()
4785 if (*pos != WLAN_ACTION_FT) { in wpa_ft_rrb_rx()
4787 "%d", *pos); in wpa_ft_rrb_rx()
4788 return -1; in wpa_ft_rrb_rx()
4791 pos++; in wpa_ft_rrb_rx()
4792 action = *pos++; in wpa_ft_rrb_rx()
4793 sta_addr = pos; in wpa_ft_rrb_rx()
4794 pos += ETH_ALEN; in wpa_ft_rrb_rx()
4795 target_ap_addr = pos; in wpa_ft_rrb_rx()
4796 pos += ETH_ALEN; in wpa_ft_rrb_rx()
4801 if (frame->packet_type == FT_PACKET_REQUEST) { in wpa_ft_rrb_rx()
4802 wpa_printf(MSG_DEBUG, "FT: FT Packet Type - Request"); in wpa_ft_rrb_rx()
4807 return -1; in wpa_ft_rrb_rx()
4810 if (!ether_addr_equal(target_ap_addr, wpa_auth->addr)) { in wpa_ft_rrb_rx()
4814 return -1; in wpa_ft_rrb_rx()
4817 if (wpa_ft_rrb_rx_request(wpa_auth, frame->ap_address, in wpa_ft_rrb_rx()
4818 sta_addr, pos, end - pos) < 0) in wpa_ft_rrb_rx()
4819 return -1; in wpa_ft_rrb_rx()
4820 } else if (frame->packet_type == FT_PACKET_RESPONSE) { in wpa_ft_rrb_rx()
4823 if (end - pos < 2) { in wpa_ft_rrb_rx()
4826 return -1; in wpa_ft_rrb_rx()
4828 status_code = WPA_GET_LE16(pos); in wpa_ft_rrb_rx()
4830 wpa_printf(MSG_DEBUG, "FT: FT Packet Type - Response " in wpa_ft_rrb_rx()
4834 return -1; in wpa_ft_rrb_rx()
4837 "packet_type %d", frame->packet_type); in wpa_ft_rrb_rx()
4838 return -1; in wpa_ft_rrb_rx()
4853 wpa_printf(MSG_DEBUG, "FT: RRB-OUI(" MACSTR in wpa_ft_rrb_oui_rx()
4856 MAC2STR(wpa_auth->addr), MAC2STR(src_addr), oui_suffix, in wpa_ft_rrb_oui_rx()
4862 "FT: RRB-OUI received frame from multicast address " in wpa_ft_rrb_oui_rx()
4871 wpa_printf(MSG_DEBUG, "FT: RRB-OUI frame too short"); in wpa_ft_rrb_oui_rx()
4877 wpa_printf(MSG_DEBUG, "FT: RRB-OUI frame too short"); in wpa_ft_rrb_oui_rx()
4884 elen = data_len - sizeof(u16) - alen; in wpa_ft_rrb_oui_rx()
4924 .data = pmk_r0->pmk_r0_name }, in wpa_ft_generate_pmk_r1()
4931 .len = wpa_auth->conf.r0_key_holder_len, in wpa_ft_generate_pmk_r1()
4932 .data = wpa_auth->conf.r0_key_holder }, in wpa_ft_generate_pmk_r1()
4934 .data = r1kh->id }, in wpa_ft_generate_pmk_r1()
4938 if (wpa_ft_new_seq(r1kh->seq, &f_seq) < 0) { in wpa_ft_generate_pmk_r1()
4940 return -1; in wpa_ft_generate_pmk_r1()
4943 wpa_printf(MSG_DEBUG, "FT: Send PMK-R1 push from " MACSTR in wpa_ft_generate_pmk_r1()
4945 MAC2STR(wpa_auth->addr), MAC2STR(r1kh->addr)); in wpa_ft_generate_pmk_r1()
4947 if (wpa_ft_rrb_build_r0(r1kh->key, sizeof(r1kh->key), push, pmk_r0, in wpa_ft_generate_pmk_r1()
4948 r1kh->id, s1kh_id, push_auth, wpa_auth->addr, in wpa_ft_generate_pmk_r1()
4951 return -1; in wpa_ft_generate_pmk_r1()
4953 wpa_ft_rrb_oui_send(wpa_auth, r1kh->addr, FT_PACKET_R0KH_R1KH_PUSH, in wpa_ft_generate_pmk_r1()
4963 struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache; in wpa_ft_push_pmk_r1()
4967 if (!wpa_auth->conf.pmk_r1_push) in wpa_ft_push_pmk_r1()
4969 if (!wpa_auth->conf.r1kh_list) in wpa_ft_push_pmk_r1()
4972 dl_list_for_each(r0, &cache->pmk_r0, struct wpa_ft_pmk_r0_sa, list) { in wpa_ft_push_pmk_r1()
4973 if (ether_addr_equal(r0->spa, addr)) { in wpa_ft_push_pmk_r1()
4980 if (r0 == NULL || r0->pmk_r1_pushed) in wpa_ft_push_pmk_r1()
4982 r0->pmk_r1_pushed = 1; in wpa_ft_push_pmk_r1()
4984 wpa_printf(MSG_DEBUG, "FT: Deriving and pushing PMK-R1 keys to R1KHs " in wpa_ft_push_pmk_r1()
4987 for (r1kh = *wpa_auth->conf.r1kh_list; r1kh; r1kh = r1kh->next) { in wpa_ft_push_pmk_r1()
4988 if (is_zero_ether_addr(r1kh->addr) || in wpa_ft_push_pmk_r1()
4989 is_zero_ether_addr(r1kh->id)) in wpa_ft_push_pmk_r1()