Lines Matching +full:mic +full:- +full:max +full:- +full:freq
2 * WPA/RSN - Shared functions for supplicant and authenticator
3 * Copyright (c) 2002-2018, Jouni Malinen <j@w1.fi>
131 * wpa_use_akm_defined - Is AKM-defined Key Descriptor Version used
133 * Returns: 1 if AKM-defined Key Descriptor Version is used; 0 otherwise
149 * wpa_use_cmac - Is CMAC integrity algorithm used for EAPOL-Key MIC
167 * wpa_use_aes_key_wrap - Is AES Keywrap algorithm used for EAPOL-Key Key Data
171 * Note: AKM 00-0F-AC:1 and 00-0F-AC:2 have special rules for selecting whether
189 * wpa_eapol_key_mic - Calculate EAPOL-Key MIC
190 * @key: EAPOL-Key Key Confirmation Key (KCK)
196 * @mic: Pointer to the buffer to which the EAPOL-Key MIC is written
197 * Returns: 0 on success, -1 on failure
199 * Calculate EAPOL-Key MIC for an EAPOL-Key packet. The EAPOL-Key MIC field has
202 * Note: 'IEEE Std 802.11i-2004 - 8.5.2 EAPOL-Key frames' has an error in the
203 * description of the Key MIC calculation. It includes packet data from the
204 * beginning of the EAPOL-Key header, not EAPOL header. This incorrect change
209 const u8 *buf, size_t len, u8 *mic) in wpa_eapol_key_mic() argument
215 "WPA: KCK not set - cannot calculate MIC"); in wpa_eapol_key_mic()
216 return -1; in wpa_eapol_key_mic()
222 wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key MIC using HMAC-MD5"); in wpa_eapol_key_mic()
223 return hmac_md5(key, key_len, buf, len, mic); in wpa_eapol_key_mic()
226 wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key MIC using HMAC-SHA1"); in wpa_eapol_key_mic()
228 return -1; in wpa_eapol_key_mic()
229 os_memcpy(mic, hash, MD5_MAC_LEN); in wpa_eapol_key_mic()
232 wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key MIC using AES-CMAC"); in wpa_eapol_key_mic()
233 return omac1_aes_128(key, buf, len, mic); in wpa_eapol_key_mic()
240 "WPA: EAPOL-Key MIC using AES-CMAC (AKM-defined - SAE)"); in wpa_eapol_key_mic()
241 return omac1_aes_128(key, buf, len, mic); in wpa_eapol_key_mic()
245 "WPA: EAPOL-Key MIC using HMAC-SHA%u (AKM-defined - SAE-EXT-KEY)", in wpa_eapol_key_mic()
249 return -1; in wpa_eapol_key_mic()
253 return -1; in wpa_eapol_key_mic()
258 return -1; in wpa_eapol_key_mic()
264 return -1; in wpa_eapol_key_mic()
266 os_memcpy(mic, hash, key_len); in wpa_eapol_key_mic()
272 "WPA: EAPOL-Key MIC using AES-CMAC (AKM-defined - OSEN)"); in wpa_eapol_key_mic()
273 return omac1_aes_128(key, buf, len, mic); in wpa_eapol_key_mic()
278 "WPA: EAPOL-Key MIC using HMAC-SHA256 (AKM-defined - Suite B)"); in wpa_eapol_key_mic()
280 return -1; in wpa_eapol_key_mic()
281 os_memcpy(mic, hash, MD5_MAC_LEN); in wpa_eapol_key_mic()
287 "WPA: EAPOL-Key MIC using HMAC-SHA384 (AKM-defined - Suite B 192-bit)"); in wpa_eapol_key_mic()
289 return -1; in wpa_eapol_key_mic()
290 os_memcpy(mic, hash, 24); in wpa_eapol_key_mic()
296 "WPA: EAPOL-Key MIC using HMAC-SHA%u (AKM-defined - OWE)", in wpa_eapol_key_mic()
300 return -1; in wpa_eapol_key_mic()
303 return -1; in wpa_eapol_key_mic()
306 return -1; in wpa_eapol_key_mic()
311 return -1; in wpa_eapol_key_mic()
313 os_memcpy(mic, hash, key_len); in wpa_eapol_key_mic()
319 "WPA: EAPOL-Key MIC using HMAC-SHA%u (AKM-defined - DPP)", in wpa_eapol_key_mic()
323 return -1; in wpa_eapol_key_mic()
326 return -1; in wpa_eapol_key_mic()
329 return -1; in wpa_eapol_key_mic()
334 return -1; in wpa_eapol_key_mic()
336 os_memcpy(mic, hash, key_len); in wpa_eapol_key_mic()
345 "WPA: EAPOL-Key MIC using HMAC-SHA384 (AKM-defined - 802.1X SHA384)"); in wpa_eapol_key_mic()
347 return -1; in wpa_eapol_key_mic()
348 os_memcpy(mic, hash, 24); in wpa_eapol_key_mic()
353 "WPA: EAPOL-Key MIC algorithm not known (AKM-defined - akmp=0x%x)", in wpa_eapol_key_mic()
355 return -1; in wpa_eapol_key_mic()
360 "WPA: EAPOL-Key MIC algorithm not known (ver=%d)", in wpa_eapol_key_mic()
362 return -1; in wpa_eapol_key_mic()
370 * wpa_pmk_to_ptk - Calculate PTK from PMK, addresses, and nonces
382 * Returns: 0 on success, -1 on failure
384 * IEEE Std 802.11i-2004 - 8.5.1.2 Pairwise key hierarchy
385 * PTK = PRF-X(PMK, "Pairwise key expansion",
386 * Min(AA, SA) || Max(AA, SA) ||
387 * Min(ANonce, SNonce) || Max(ANonce, SNonce)
399 #define MAX_Z_LEN 66 /* with NIST P-521 */ in wpa_pmk_to_ptk()
416 return -1; in wpa_pmk_to_ptk()
420 return -1; in wpa_pmk_to_ptk()
447 "WPA: KDK len=%zu exceeds max supported len", in wpa_pmk_to_ptk()
449 return -1; in wpa_pmk_to_ptk()
452 ptk->kck_len = wpa_kck_len(akmp, pmk_len); in wpa_pmk_to_ptk()
453 ptk->kek_len = wpa_kek_len(akmp, pmk_len); in wpa_pmk_to_ptk()
454 ptk->tk_len = wpa_cipher_key_len(cipher); in wpa_pmk_to_ptk()
455 ptk->kdk_len = kdk_len; in wpa_pmk_to_ptk()
456 if (ptk->tk_len == 0) { in wpa_pmk_to_ptk()
460 return -1; in wpa_pmk_to_ptk()
462 ptk_len = ptk->kck_len + ptk->kek_len + ptk->tk_len + ptk->kdk_len; in wpa_pmk_to_ptk()
469 return -1; in wpa_pmk_to_ptk()
471 return -1; in wpa_pmk_to_ptk()
477 return -1; in wpa_pmk_to_ptk()
484 return -1; in wpa_pmk_to_ptk()
489 return -1; in wpa_pmk_to_ptk()
494 return -1; in wpa_pmk_to_ptk()
498 return -1; in wpa_pmk_to_ptk()
505 return -1; in wpa_pmk_to_ptk()
510 return -1; in wpa_pmk_to_ptk()
515 return -1; in wpa_pmk_to_ptk()
519 return -1; in wpa_pmk_to_ptk()
528 return -1; in wpa_pmk_to_ptk()
535 return -1; in wpa_pmk_to_ptk()
543 return -1; in wpa_pmk_to_ptk()
548 return -1; in wpa_pmk_to_ptk()
555 return -1; in wpa_pmk_to_ptk()
558 wpa_printf(MSG_DEBUG, "WPA: PTK derivation - A1=" MACSTR " A2=" MACSTR, in wpa_pmk_to_ptk()
567 os_memcpy(ptk->kck, tmp, ptk->kck_len); in wpa_pmk_to_ptk()
568 wpa_hexdump_key(MSG_DEBUG, "WPA: KCK", ptk->kck, ptk->kck_len); in wpa_pmk_to_ptk()
570 os_memcpy(ptk->kek, tmp + ptk->kck_len, ptk->kek_len); in wpa_pmk_to_ptk()
571 wpa_hexdump_key(MSG_DEBUG, "WPA: KEK", ptk->kek, ptk->kek_len); in wpa_pmk_to_ptk()
573 os_memcpy(ptk->tk, tmp + ptk->kck_len + ptk->kek_len, ptk->tk_len); in wpa_pmk_to_ptk()
574 wpa_hexdump_key(MSG_DEBUG, "WPA: TK", ptk->tk, ptk->tk_len); in wpa_pmk_to_ptk()
577 os_memcpy(ptk->kdk, tmp + ptk->kck_len + ptk->kek_len + in wpa_pmk_to_ptk()
578 ptk->tk_len, ptk->kdk_len); in wpa_pmk_to_ptk()
579 wpa_hexdump_key(MSG_DEBUG, "WPA: KDK", ptk->kdk, ptk->kdk_len); in wpa_pmk_to_ptk()
582 ptk->kek2_len = 0; in wpa_pmk_to_ptk()
583 ptk->kck2_len = 0; in wpa_pmk_to_ptk()
602 /* PMK = HMAC-Hash(SNonce || ANonce, rMSK [ || DHss ]) */ in fils_rmsk_to_pmk()
610 return -1; in fils_rmsk_to_pmk()
649 /* PMKID = Truncate-128(Hash(EAP-Initiate/Reauth)) */ in fils_pmkid_erp()
657 return -1; in fils_pmkid_erp()
678 int ret = -1; in fils_pmk_to_ptk()
682 * FILS-Key-Data = PRF-X(PMK, "FILS PTK Derivation", in fils_pmk_to_ptk()
684 * ICK = L(FILS-Key-Data, 0, ICK_bits) in fils_pmk_to_ptk()
685 * KEK = L(FILS-Key-Data, ICK_bits, KEK_bits) in fils_pmk_to_ptk()
686 * TK = L(FILS-Key-Data, ICK_bits + KEK_bits, TK_bits) in fils_pmk_to_ptk()
688 * FILS-FT = L(FILS-Key-Data, ICK_bits + KEK_bits + TK_bits, in fils_pmk_to_ptk()
689 * FILS-FT_bits) in fils_pmk_to_ptk()
691 * KDK = L(FILS-Key-Data, ICK_bits + KEK_bits + TK_bits + FILS-FT_bits, in fils_pmk_to_ptk()
710 ptk->kck_len = 0; in fils_pmk_to_ptk()
711 ptk->kek_len = wpa_kek_len(akmp, pmk_len); in fils_pmk_to_ptk()
712 ptk->tk_len = wpa_cipher_key_len(cipher); in fils_pmk_to_ptk()
719 key_data_len = *ick_len + ptk->kek_len + ptk->tk_len; in fils_pmk_to_ptk()
728 ptk->kdk_len = kdk_len; in fils_pmk_to_ptk()
731 ptk->kdk_len = 0; in fils_pmk_to_ptk()
758 wpa_printf(MSG_DEBUG, "FILS: PTK derivation - SPA=" MACSTR in fils_pmk_to_ptk()
765 wpa_hexdump_key(MSG_DEBUG, "FILS: FILS-Key-Data", tmp, key_data_len); in fils_pmk_to_ptk()
771 os_memcpy(ptk->kek, tmp + offset, ptk->kek_len); in fils_pmk_to_ptk()
772 wpa_hexdump_key(MSG_DEBUG, "FILS: KEK", ptk->kek, ptk->kek_len); in fils_pmk_to_ptk()
773 offset += ptk->kek_len; in fils_pmk_to_ptk()
775 os_memcpy(ptk->tk, tmp + offset, ptk->tk_len); in fils_pmk_to_ptk()
776 wpa_hexdump_key(MSG_DEBUG, "FILS: TK", ptk->tk, ptk->tk_len); in fils_pmk_to_ptk()
777 offset += ptk->tk_len; in fils_pmk_to_ptk()
781 wpa_hexdump_key(MSG_DEBUG, "FILS: FILS-FT", in fils_pmk_to_ptk()
786 if (ptk->kdk_len) { in fils_pmk_to_ptk()
787 os_memcpy(ptk->kdk, tmp + offset, ptk->kdk_len); in fils_pmk_to_ptk()
788 wpa_hexdump_key(MSG_DEBUG, "FILS: KDK", ptk->kdk, ptk->kdk_len); in fils_pmk_to_ptk()
791 ptk->kek2_len = 0; in fils_pmk_to_ptk()
792 ptk->kck2_len = 0; in fils_pmk_to_ptk()
814 wpa_printf(MSG_DEBUG, "FILS: Key-Auth derivation: STA-MAC=" MACSTR in fils_key_auth_sk()
815 " AP-BSSID=" MACSTR, MAC2STR(sta_addr), MAC2STR(bssid)); in fils_key_auth_sk()
823 * For (Re)Association Request frame (STA->AP): in fils_key_auth_sk()
824 * Key-Auth = HMAC-Hash(ICK, SNonce || ANonce || STA-MAC || AP-BSSID in fils_key_auth_sk()
852 return -1; in fils_key_auth_sk()
858 * For (Re)Association Response frame (AP->STA): in fils_key_auth_sk()
859 * Key-Auth = HMAC-Hash(ICK, ANonce || SNonce || AP-BSSID || STA-MAC in fils_key_auth_sk()
882 wpa_hexdump(MSG_DEBUG, "FILS: Key-Auth (STA)", in fils_key_auth_sk()
884 wpa_hexdump(MSG_DEBUG, "FILS: Key-Auth (AP)", in fils_key_auth_sk()
902 u8 *mic) in wpa_ft_mic() argument
924 return -1; in wpa_ft_mic()
927 fte_fixed_len = sizeof(struct rsn_ftie) - 16 + mic_len; in wpa_ft_mic()
953 return -1; in wpa_ft_mic()
960 /* MIC field with all zeros */ in wpa_ft_mic()
968 len[num_elem] = ftie_len - (2 + 2 + mic_len); in wpa_ft_mic()
990 wpa_hexdump(MSG_MSGDUMP, "FT: MIC data", addr[i], len[i]); in wpa_ft_mic()
991 res = -1; in wpa_ft_mic()
997 return -1; in wpa_ft_mic()
998 os_memcpy(mic, hash, 32); in wpa_ft_mic()
1007 return -1; in wpa_ft_mic()
1008 os_memcpy(mic, hash, 24); in wpa_ft_mic()
1016 return -1; in wpa_ft_mic()
1017 os_memcpy(mic, hash, 16); in wpa_ft_mic()
1021 omac1_aes_128_vector(kck, num_elem, addr, len, mic) == 0) in wpa_ft_mic()
1036 wpa_hexdump(MSG_DEBUG, "FT: Parse FTE subelements", pos, end - pos); in wpa_ft_parse_ftie()
1038 while (end - pos >= 2) { in wpa_ft_parse_ftie()
1043 if (len > end - pos) { in wpa_ft_parse_ftie()
1045 return -1; in wpa_ft_parse_ftie()
1052 "FT: Invalid R1KH-ID length in FTIE: %d", in wpa_ft_parse_ftie()
1054 return -1; in wpa_ft_parse_ftie()
1056 parse->r1kh_id = pos; in wpa_ft_parse_ftie()
1057 wpa_hexdump(MSG_DEBUG, "FT: R1KH-ID", in wpa_ft_parse_ftie()
1058 parse->r1kh_id, FT_R1KH_ID_LEN); in wpa_ft_parse_ftie()
1062 parse->gtk = pos; in wpa_ft_parse_ftie()
1063 parse->gtk_len = len; in wpa_ft_parse_ftie()
1068 "FT: Invalid R0KH-ID length in FTIE: %d", in wpa_ft_parse_ftie()
1070 return -1; in wpa_ft_parse_ftie()
1072 parse->r0kh_id = pos; in wpa_ft_parse_ftie()
1073 parse->r0kh_id_len = len; in wpa_ft_parse_ftie()
1074 wpa_hexdump(MSG_DEBUG, "FT: R0KH-ID", in wpa_ft_parse_ftie()
1075 parse->r0kh_id, parse->r0kh_id_len); in wpa_ft_parse_ftie()
1079 parse->igtk = pos; in wpa_ft_parse_ftie()
1080 parse->igtk_len = len; in wpa_ft_parse_ftie()
1084 parse->oci = pos; in wpa_ft_parse_ftie()
1085 parse->oci_len = len; in wpa_ft_parse_ftie()
1087 parse->oci, parse->oci_len); in wpa_ft_parse_ftie()
1092 parse->bigtk = pos; in wpa_ft_parse_ftie()
1093 parse->bigtk_len = len; in wpa_ft_parse_ftie()
1099 return -1; in wpa_ft_parse_ftie()
1106 parse->valid_mlo_gtks |= BIT(link_id); in wpa_ft_parse_ftie()
1107 parse->mlo_gtk[link_id] = pos; in wpa_ft_parse_ftie()
1108 parse->mlo_gtk_len[link_id] = len; in wpa_ft_parse_ftie()
1114 return -1; in wpa_ft_parse_ftie()
1121 parse->valid_mlo_igtks |= BIT(link_id); in wpa_ft_parse_ftie()
1122 parse->mlo_igtk[link_id] = pos; in wpa_ft_parse_ftie()
1123 parse->mlo_igtk_len[link_id] = len; in wpa_ft_parse_ftie()
1129 return -1; in wpa_ft_parse_ftie()
1136 parse->valid_mlo_bigtks |= BIT(link_id); in wpa_ft_parse_ftie()
1137 parse->mlo_bigtk[link_id] = pos; in wpa_ft_parse_ftie()
1138 parse->mlo_bigtk_len[link_id] = len; in wpa_ft_parse_ftie()
1160 wpa_hexdump(MSG_DEBUG, "FT: FTE-MIC Control", pos, 2); in wpa_ft_parse_fte()
1161 parse->fte_rsnxe_used = pos[0] & FTE_MIC_CTRL_RSNXE_USED; in wpa_ft_parse_fte()
1164 parse->fte_elem_count = pos[1]; in wpa_ft_parse_fte()
1180 "FT: Unknown MIC Length subfield value %u", in wpa_ft_parse_fte()
1182 return -1; in wpa_ft_parse_fte()
1187 if (mic_len > (size_t) (end - pos)) { in wpa_ft_parse_fte()
1188 wpa_printf(MSG_DEBUG, "FT: No room for %zu octet MIC in FTE", in wpa_ft_parse_fte()
1190 return -1; in wpa_ft_parse_fte()
1192 wpa_hexdump(MSG_DEBUG, "FT: FTE-MIC", pos, mic_len); in wpa_ft_parse_fte()
1193 parse->fte_mic = pos; in wpa_ft_parse_fte()
1194 parse->fte_mic_len = mic_len; in wpa_ft_parse_fte()
1197 if (2 * WPA_NONCE_LEN > end - pos) in wpa_ft_parse_fte()
1198 return -1; in wpa_ft_parse_fte()
1199 parse->fte_anonce = pos; in wpa_ft_parse_fte()
1200 wpa_hexdump(MSG_DEBUG, "FT: FTE-ANonce", in wpa_ft_parse_fte()
1201 parse->fte_anonce, WPA_NONCE_LEN); in wpa_ft_parse_fte()
1203 parse->fte_snonce = pos; in wpa_ft_parse_fte()
1204 wpa_hexdump(MSG_DEBUG, "FT: FTE-SNonce", in wpa_ft_parse_fte()
1205 parse->fte_snonce, WPA_NONCE_LEN); in wpa_ft_parse_fte()
1235 while (end - pos >= 2) { in wpa_ft_parse_ies()
1240 if (len > end - pos) in wpa_ft_parse_ies()
1250 parse->rsn = pos; in wpa_ft_parse_ies()
1251 parse->rsn_len = len; in wpa_ft_parse_ies()
1252 ret = wpa_parse_wpa_ie_rsn(parse->rsn - 2, in wpa_ft_parse_ies()
1253 parse->rsn_len + 2, in wpa_ft_parse_ies()
1260 parse->rsn_capab = data.capabilities; in wpa_ft_parse_ies()
1262 parse->rsn_pmkid = data.pmkid; in wpa_ft_parse_ies()
1263 parse->key_mgmt = data.key_mgmt; in wpa_ft_parse_ies()
1264 parse->pairwise_cipher = data.pairwise_cipher; in wpa_ft_parse_ies()
1266 key_mgmt = parse->key_mgmt; in wpa_ft_parse_ies()
1272 parse->rsnxe = pos; in wpa_ft_parse_ies()
1273 parse->rsnxe_len = len; in wpa_ft_parse_ies()
1279 parse->mdie = pos; in wpa_ft_parse_ies()
1280 parse->mdie_len = len; in wpa_ft_parse_ies()
1284 /* The first two octets (MIC Control field) is in the in wpa_ft_parse_ies()
1285 * same offset for all cases, but the second field (MIC) in wpa_ft_parse_ies()
1287 * In particular the FT-SAE-EXT-KEY is inconvinient to in wpa_ft_parse_ies()
1294 * MIC Control */ in wpa_ft_parse_ies()
1311 parse->tie = pos; in wpa_ft_parse_ies()
1312 parse->tie_len = len; in wpa_ft_parse_ies()
1315 if (parse->ric == NULL) in wpa_ft_parse_ies()
1316 parse->ric = pos - 2; in wpa_ft_parse_ies()
1329 parse->fte_buf = ieee802_11_defrag(fte, fte_len, false); in wpa_ft_parse_ies()
1330 if (!parse->fte_buf) in wpa_ft_parse_ies()
1333 wpabuf_head(parse->fte_buf), in wpa_ft_parse_ies()
1334 wpabuf_len(parse->fte_buf), in wpa_ft_parse_ies()
1341 * elements are included in MIC calculation as full elements. */ in wpa_ft_parse_ies()
1342 parse->ftie = fte; in wpa_ft_parse_ies()
1343 parse->ftie_len = fte_len; in wpa_ft_parse_ies()
1347 return 0; /* no MIC */ in wpa_ft_parse_ies()
1359 if (parse->mlo_gtk[link_id]) { in wpa_ft_parse_ies()
1360 if (parse->rsn) in wpa_ft_parse_ies()
1361 prot_ie_count--; in wpa_ft_parse_ies()
1362 if (parse->rsnxe) in wpa_ft_parse_ies()
1363 prot_ie_count--; in wpa_ft_parse_ies()
1367 if (parse->rsn) in wpa_ft_parse_ies()
1368 prot_ie_count--; in wpa_ft_parse_ies()
1369 if (parse->rsnxe) in wpa_ft_parse_ies()
1370 prot_ie_count--; in wpa_ft_parse_ies()
1372 if (parse->mdie) in wpa_ft_parse_ies()
1373 prot_ie_count--; in wpa_ft_parse_ies()
1374 if (parse->ftie) in wpa_ft_parse_ies()
1375 prot_ie_count--; in wpa_ft_parse_ies()
1382 if (prot_ie_count == 0 && parse->ric) { in wpa_ft_parse_ies()
1389 if (parse->ric) { in wpa_ft_parse_ies()
1390 pos = parse->ric; in wpa_ft_parse_ies()
1391 while (end - pos >= 2 && 2 + pos[1] <= end - pos && in wpa_ft_parse_ies()
1393 prot_ie_count--; in wpa_ft_parse_ies()
1396 parse->ric_len = pos - parse->ric; in wpa_ft_parse_ies()
1408 return -1; in wpa_ft_parse_ies()
1416 wpabuf_free(parse->fte_buf); in wpa_ft_parse_ies_free()
1417 parse->fte_buf = NULL; in wpa_ft_parse_ies_free()
1426 * pasn_use_sha384 - Should SHA384 be used or SHA256
1432 * hash algorithm defined for the Base AKM (see Table 9-151 (AKM suite
1435 * PASN frame. SHA-256 is used as the hash algorithm, except for the ciphers
1436 * 00-0F-AC:9 and 00-0F-AC:10 for which SHA-384 is used.
1447 * pasn_pmk_to_ptk - Calculate PASN PTK from PMK, addresses, etc.
1459 * Returns: 0 on success, -1 on failure
1470 int ret = -1; in pasn_pmk_to_ptk()
1475 return -1; in pasn_pmk_to_ptk()
1480 return -1; in pasn_pmk_to_ptk()
1484 * PASN-PTK = KDF(PMK, “PASN PTK Derivation”, SPA || BSSID || DHss) in pasn_pmk_to_ptk()
1486 * KCK = L(PASN-PTK, 0, 256) in pasn_pmk_to_ptk()
1487 * TK = L(PASN-PTK, 256, TK_bits) in pasn_pmk_to_ptk()
1488 * KDK = L(PASN-PTK, 256 + TK_bits, kdk_len * 8) in pasn_pmk_to_ptk()
1493 return -1; in pasn_pmk_to_ptk()
1499 ptk->kck_len = WPA_PASN_KCK_LEN; in pasn_pmk_to_ptk()
1500 ptk->tk_len = wpa_cipher_key_len(cipher); in pasn_pmk_to_ptk()
1501 ptk->kdk_len = kdk_len; in pasn_pmk_to_ptk()
1502 ptk->kek_len = 0; in pasn_pmk_to_ptk()
1503 ptk->kek2_len = 0; in pasn_pmk_to_ptk()
1504 ptk->kck2_len = 0; in pasn_pmk_to_ptk()
1506 if (ptk->tk_len == 0) { in pasn_pmk_to_ptk()
1513 ptk_len = ptk->kck_len + ptk->tk_len + ptk->kdk_len; in pasn_pmk_to_ptk()
1537 wpa_hexdump_key(MSG_DEBUG, "PASN: PASN-PTK", tmp, ptk_len); in pasn_pmk_to_ptk()
1539 os_memcpy(ptk->kck, tmp, WPA_PASN_KCK_LEN); in pasn_pmk_to_ptk()
1540 wpa_hexdump_key(MSG_DEBUG, "PASN: KCK:", ptk->kck, WPA_PASN_KCK_LEN); in pasn_pmk_to_ptk()
1542 os_memcpy(ptk->tk, tmp + WPA_PASN_KCK_LEN, ptk->tk_len); in pasn_pmk_to_ptk()
1543 wpa_hexdump_key(MSG_DEBUG, "PASN: TK:", ptk->tk, ptk->tk_len); in pasn_pmk_to_ptk()
1546 os_memcpy(ptk->kdk, tmp + WPA_PASN_KCK_LEN + ptk->tk_len, in pasn_pmk_to_ptk()
1547 ptk->kdk_len); in pasn_pmk_to_ptk()
1549 ptk->kdk, ptk->kdk_len); in pasn_pmk_to_ptk()
1561 * pasn_mic_len - Returns the MIC length for PASN authentication
1573 * wpa_ltf_keyseed - Compute LTF keyseed from KDK
1577 * Returns: 0 on success, -1 on failure
1584 const u8 *kdk = ptk->kdk; in wpa_ltf_keyseed()
1585 size_t kdk_len = ptk->kdk_len; in wpa_ltf_keyseed()
1590 return -1; in wpa_ltf_keyseed()
1598 "WPA: Secure LTF keyseed using HMAC-SHA384"); in wpa_ltf_keyseed()
1602 "WPA: HMAC-SHA384 compute failed"); in wpa_ltf_keyseed()
1603 return -1; in wpa_ltf_keyseed()
1605 os_memcpy(ptk->ltf_keyseed, hash, SHA384_MAC_LEN); in wpa_ltf_keyseed()
1606 ptk->ltf_keyseed_len = SHA384_MAC_LEN; in wpa_ltf_keyseed()
1608 ptk->ltf_keyseed, ptk->ltf_keyseed_len); in wpa_ltf_keyseed()
1611 wpa_printf(MSG_DEBUG, "WPA: LTF keyseed using HMAC-SHA256"); in wpa_ltf_keyseed()
1615 "WPA: HMAC-SHA256 compute failed"); in wpa_ltf_keyseed()
1616 return -1; in wpa_ltf_keyseed()
1618 os_memcpy(ptk->ltf_keyseed, hash, SHA256_MAC_LEN); in wpa_ltf_keyseed()
1619 ptk->ltf_keyseed_len = SHA256_MAC_LEN; in wpa_ltf_keyseed()
1621 ptk->ltf_keyseed, ptk->ltf_keyseed_len); in wpa_ltf_keyseed()
1629 * pasn_mic - Calculate PASN MIC
1637 * @data: For calculating the MIC for the 2nd PASN frame, this should hold the
1638 * Beacon frame RSNE + RSNXE. For calculating the MIC for the 3rd PASN
1641 * @frame: The body of the PASN frame including the MIC element with the octets
1642 * in the MIC field of the MIC element set to 0.
1644 * @mic: Buffer to hold the MIC on success. Should be big enough to handle the
1645 * maximal MIC length
1646 * Returns: 0 on success, -1 on failure
1651 const u8 *frame, size_t frame_len, u8 *mic) in pasn_mic() argument
1656 int ret = -1; in pasn_mic()
1659 wpa_printf(MSG_ERROR, "PASN: No KCK for MIC calculation"); in pasn_mic()
1660 return -1; in pasn_mic()
1664 wpa_printf(MSG_ERROR, "PASN: invalid data for MIC calculation"); in pasn_mic()
1665 return -1; in pasn_mic()
1669 wpa_printf(MSG_ERROR, "PASN: invalid data for MIC calculation"); in pasn_mic()
1670 return -1; in pasn_mic()
1675 return -1; in pasn_mic()
1680 wpa_hexdump_key(MSG_DEBUG, "PASN: MIC: data", data, data_len); in pasn_mic()
1683 wpa_hexdump_key(MSG_DEBUG, "PASN: MIC: frame", frame, frame_len); in pasn_mic()
1686 wpa_hexdump_key(MSG_DEBUG, "PASN: MIC: KCK", kck, WPA_PASN_KCK_LEN); in pasn_mic()
1687 wpa_hexdump_key(MSG_DEBUG, "PASN: MIC: buf", buf, buf_len); in pasn_mic()
1690 wpa_printf(MSG_DEBUG, "PASN: MIC using HMAC-SHA384"); in pasn_mic()
1695 os_memcpy(mic, hash, 24); in pasn_mic()
1696 wpa_hexdump_key(MSG_DEBUG, "PASN: MIC: mic: ", mic, 24); in pasn_mic()
1698 wpa_printf(MSG_DEBUG, "PASN: MIC using HMAC-SHA256"); in pasn_mic()
1703 os_memcpy(mic, hash, 16); in pasn_mic()
1704 wpa_hexdump_key(MSG_DEBUG, "PASN: MIC: mic: ", mic, 16); in pasn_mic()
1715 * pasn_auth_frame_hash - Computes a hash of an Authentication frame body
1722 * Returns: 0 on success, -1 on failure
1728 wpa_printf(MSG_DEBUG, "PASN: Frame hash using SHA-384"); in pasn_auth_frame_hash()
1731 wpa_printf(MSG_DEBUG, "PASN: Frame hash using SHA-256"); in pasn_auth_frame_hash()
1849 * wpa_parse_wpa_ie_rsn - Parse RSN IE
1863 data->proto = WPA_PROTO_RSN; in wpa_parse_wpa_ie_rsn()
1864 data->pairwise_cipher = WPA_CIPHER_CCMP; in wpa_parse_wpa_ie_rsn()
1865 data->group_cipher = WPA_CIPHER_CCMP; in wpa_parse_wpa_ie_rsn()
1866 data->key_mgmt = WPA_KEY_MGMT_IEEE8021X; in wpa_parse_wpa_ie_rsn()
1867 data->capabilities = 0; in wpa_parse_wpa_ie_rsn()
1868 data->pmkid = NULL; in wpa_parse_wpa_ie_rsn()
1869 data->num_pmkid = 0; in wpa_parse_wpa_ie_rsn()
1870 data->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC; in wpa_parse_wpa_ie_rsn()
1873 /* No RSN IE - fail silently */ in wpa_parse_wpa_ie_rsn()
1874 return -1; in wpa_parse_wpa_ie_rsn()
1880 return -1; in wpa_parse_wpa_ie_rsn()
1884 rsn_ie[1] == rsn_ie_len - 2 && in wpa_parse_wpa_ie_rsn()
1887 left = rsn_ie_len - 6; in wpa_parse_wpa_ie_rsn()
1889 data->group_cipher = WPA_CIPHER_GTK_NOT_USED; in wpa_parse_wpa_ie_rsn()
1890 data->has_group = 1; in wpa_parse_wpa_ie_rsn()
1891 data->key_mgmt = WPA_KEY_MGMT_OSEN; in wpa_parse_wpa_ie_rsn()
1892 data->proto = WPA_PROTO_OSEN; in wpa_parse_wpa_ie_rsn()
1898 if (hdr->elem_id != WLAN_EID_RSN || in wpa_parse_wpa_ie_rsn()
1899 hdr->len != rsn_ie_len - 2 || in wpa_parse_wpa_ie_rsn()
1900 WPA_GET_LE16(hdr->version) != RSN_VERSION) { in wpa_parse_wpa_ie_rsn()
1903 return -2; in wpa_parse_wpa_ie_rsn()
1907 left = rsn_ie_len - sizeof(*hdr); in wpa_parse_wpa_ie_rsn()
1911 data->group_cipher = rsn_selector_to_bitfield(pos); in wpa_parse_wpa_ie_rsn()
1912 data->has_group = 1; in wpa_parse_wpa_ie_rsn()
1913 if (!wpa_cipher_valid_group(data->group_cipher)) { in wpa_parse_wpa_ie_rsn()
1916 __func__, data->group_cipher, in wpa_parse_wpa_ie_rsn()
1925 return -1; in wpa_parse_wpa_ie_rsn()
1928 left -= RSN_SELECTOR_LEN; in wpa_parse_wpa_ie_rsn()
1932 return -3; in wpa_parse_wpa_ie_rsn()
1936 data->pairwise_cipher = 0; in wpa_parse_wpa_ie_rsn()
1939 left -= 2; in wpa_parse_wpa_ie_rsn()
1943 return -4; in wpa_parse_wpa_ie_rsn()
1946 data->has_pairwise = 1; in wpa_parse_wpa_ie_rsn()
1948 data->pairwise_cipher |= rsn_selector_to_bitfield(pos); in wpa_parse_wpa_ie_rsn()
1950 left -= RSN_SELECTOR_LEN; in wpa_parse_wpa_ie_rsn()
1952 if (data->pairwise_cipher & WPA_CIPHER_AES_128_CMAC) { in wpa_parse_wpa_ie_rsn()
1953 wpa_printf(MSG_DEBUG, "%s: AES-128-CMAC used as " in wpa_parse_wpa_ie_rsn()
1955 return -1; in wpa_parse_wpa_ie_rsn()
1960 return -5; in wpa_parse_wpa_ie_rsn()
1964 data->key_mgmt = 0; in wpa_parse_wpa_ie_rsn()
1967 left -= 2; in wpa_parse_wpa_ie_rsn()
1971 return -6; in wpa_parse_wpa_ie_rsn()
1974 data->key_mgmt |= rsn_key_mgmt_to_bitfield(pos); in wpa_parse_wpa_ie_rsn()
1976 left -= RSN_SELECTOR_LEN; in wpa_parse_wpa_ie_rsn()
1981 return -7; in wpa_parse_wpa_ie_rsn()
1985 data->capabilities = WPA_GET_LE16(pos); in wpa_parse_wpa_ie_rsn()
1987 left -= 2; in wpa_parse_wpa_ie_rsn()
1993 left -= 2; in wpa_parse_wpa_ie_rsn()
1998 data->num_pmkid = 0; in wpa_parse_wpa_ie_rsn()
1999 return -9; in wpa_parse_wpa_ie_rsn()
2001 data->num_pmkid = num_pmkid; in wpa_parse_wpa_ie_rsn()
2002 data->pmkid = pos; in wpa_parse_wpa_ie_rsn()
2003 pos += data->num_pmkid * PMKID_LEN; in wpa_parse_wpa_ie_rsn()
2004 left -= data->num_pmkid * PMKID_LEN; in wpa_parse_wpa_ie_rsn()
2009 data->mgmt_group_cipher = rsn_selector_to_bitfield(pos); in wpa_parse_wpa_ie_rsn()
2010 if (!wpa_cipher_valid_mgmt_group(data->mgmt_group_cipher)) { in wpa_parse_wpa_ie_rsn()
2013 __func__, data->mgmt_group_cipher, in wpa_parse_wpa_ie_rsn()
2015 return -10; in wpa_parse_wpa_ie_rsn()
2018 left -= RSN_SELECTOR_LEN; in wpa_parse_wpa_ie_rsn()
2064 data->proto = WPA_PROTO_WPA; in wpa_parse_wpa_ie_wpa()
2065 data->pairwise_cipher = WPA_CIPHER_TKIP; in wpa_parse_wpa_ie_wpa()
2066 data->group_cipher = WPA_CIPHER_TKIP; in wpa_parse_wpa_ie_wpa()
2067 data->key_mgmt = WPA_KEY_MGMT_IEEE8021X; in wpa_parse_wpa_ie_wpa()
2068 data->capabilities = 0; in wpa_parse_wpa_ie_wpa()
2069 data->pmkid = NULL; in wpa_parse_wpa_ie_wpa()
2070 data->num_pmkid = 0; in wpa_parse_wpa_ie_wpa()
2071 data->mgmt_group_cipher = 0; in wpa_parse_wpa_ie_wpa()
2076 return -1; in wpa_parse_wpa_ie_wpa()
2081 if (hdr->elem_id != WLAN_EID_VENDOR_SPECIFIC || in wpa_parse_wpa_ie_wpa()
2082 hdr->len != wpa_ie_len - 2 || in wpa_parse_wpa_ie_wpa()
2083 RSN_SELECTOR_GET(hdr->oui) != WPA_OUI_TYPE || in wpa_parse_wpa_ie_wpa()
2084 WPA_GET_LE16(hdr->version) != WPA_VERSION) { in wpa_parse_wpa_ie_wpa()
2087 return -2; in wpa_parse_wpa_ie_wpa()
2091 left = wpa_ie_len - sizeof(*hdr); in wpa_parse_wpa_ie_wpa()
2094 data->group_cipher = wpa_selector_to_bitfield(pos); in wpa_parse_wpa_ie_wpa()
2096 left -= WPA_SELECTOR_LEN; in wpa_parse_wpa_ie_wpa()
2100 return -3; in wpa_parse_wpa_ie_wpa()
2104 data->pairwise_cipher = 0; in wpa_parse_wpa_ie_wpa()
2107 left -= 2; in wpa_parse_wpa_ie_wpa()
2111 return -4; in wpa_parse_wpa_ie_wpa()
2114 data->pairwise_cipher |= wpa_selector_to_bitfield(pos); in wpa_parse_wpa_ie_wpa()
2116 left -= WPA_SELECTOR_LEN; in wpa_parse_wpa_ie_wpa()
2121 return -5; in wpa_parse_wpa_ie_wpa()
2125 data->key_mgmt = 0; in wpa_parse_wpa_ie_wpa()
2128 left -= 2; in wpa_parse_wpa_ie_wpa()
2132 return -6; in wpa_parse_wpa_ie_wpa()
2135 data->key_mgmt |= wpa_key_mgmt_to_bitfield(pos); in wpa_parse_wpa_ie_wpa()
2137 left -= WPA_SELECTOR_LEN; in wpa_parse_wpa_ie_wpa()
2142 return -7; in wpa_parse_wpa_ie_wpa()
2146 data->capabilities = WPA_GET_LE16(pos); in wpa_parse_wpa_ie_wpa()
2148 left -= 2; in wpa_parse_wpa_ie_wpa()
2161 int wpa_default_rsn_cipher(int freq) in wpa_default_rsn_cipher() argument
2163 if (freq > 56160) in wpa_default_rsn_cipher()
2173 * wpa_derive_pmk_r0 - Derive PMK-R0 and PMKR0Name
2175 * IEEE Std 802.11r-2008 - 8.5.1.5.3
2202 * R0-Key-Data = KDF-Hash-Length(XXKey, "FT-R0", in wpa_derive_pmk_r0()
2204 * R0KH-ID || S0KH-ID) in wpa_derive_pmk_r0()
2206 * 384 bits of MSK for FT-EAP-SHA384; or PMK from SAE. in wpa_derive_pmk_r0()
2207 * PMK-R0 = L(R0-Key-Data, 0, Q) in wpa_derive_pmk_r0()
2208 * PMK-R0Name-Salt = L(R0-Key-Data, Q, 128) in wpa_derive_pmk_r0()
2209 * Q = 384 for FT-EAP-SHA384; the length of the digest generated by H() in wpa_derive_pmk_r0()
2210 * for FT-SAE-EXT-KEY; or otherwise, 256 in wpa_derive_pmk_r0()
2213 return -1; in wpa_derive_pmk_r0()
2214 wpa_printf(MSG_DEBUG, "FT: Derive PMK-R0 using KDF-SHA%zu", q * 8); in wpa_derive_pmk_r0()
2218 wpa_hexdump_ascii(MSG_DEBUG, "FT: R0KH-ID", r0kh_id, r0kh_id_len); in wpa_derive_pmk_r0()
2219 wpa_printf(MSG_DEBUG, "FT: S0KH-ID: " MACSTR, MAC2STR(s0kh_id)); in wpa_derive_pmk_r0()
2232 res = -1; in wpa_derive_pmk_r0()
2239 return -1; in wpa_derive_pmk_r0()
2241 res = sha512_prf(xxkey, xxkey_len, "FT-R0", buf, pos - buf, in wpa_derive_pmk_r0()
2251 return -1; in wpa_derive_pmk_r0()
2253 res = sha384_prf(xxkey, xxkey_len, "FT-R0", buf, pos - buf, in wpa_derive_pmk_r0()
2262 return -1; in wpa_derive_pmk_r0()
2264 res = sha256_prf(xxkey, xxkey_len, "FT-R0", buf, pos - buf, in wpa_derive_pmk_r0()
2270 wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R0", pmk_r0, q); in wpa_derive_pmk_r0()
2271 wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R0Name-Salt", &r0_key_data[q], 16); in wpa_derive_pmk_r0()
2274 * PMKR0Name = Truncate-128(Hash("FT-R0N" || PMK-R0Name-Salt) in wpa_derive_pmk_r0()
2276 addr[0] = (const u8 *) "FT-R0N"; in wpa_derive_pmk_r0()
2281 res = -1; in wpa_derive_pmk_r0()
2294 "FT: Failed to derive PMKR0Name (PMK-R0 len %zu)", in wpa_derive_pmk_r0()
2306 * wpa_derive_pmk_r1_name - Derive PMKR1Name
2308 * IEEE Std 802.11r-2008 - 8.5.1.5.4
2321 * PMKR1Name = Truncate-128(Hash("FT-R1N" || PMKR0Name || in wpa_derive_pmk_r1_name()
2322 * R1KH-ID || S1KH-ID)) in wpa_derive_pmk_r1_name()
2324 addr[0] = (const u8 *) "FT-R1N"; in wpa_derive_pmk_r1_name()
2333 res = -1; in wpa_derive_pmk_r1_name()
2352 "FT: Failed to derive PMKR1Name (PMK-R1 len %zu)", in wpa_derive_pmk_r1_name()
2363 * wpa_derive_pmk_r1 - Derive PMK-R1 and PMKR1Name from PMK-R0
2365 * IEEE Std 802.11r-2008 - 8.5.1.5.4
2376 /* PMK-R1 = KDF-Hash(PMK-R0, "FT-R1", R1KH-ID || S1KH-ID) */ in wpa_derive_pmk_r1()
2377 wpa_printf(MSG_DEBUG, "FT: Derive PMK-R1 using KDF-SHA%zu", in wpa_derive_pmk_r1()
2379 wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R0", pmk_r0, pmk_r0_len); in wpa_derive_pmk_r1()
2380 wpa_hexdump(MSG_DEBUG, "FT: R1KH-ID", r1kh_id, FT_R1KH_ID_LEN); in wpa_derive_pmk_r1()
2381 wpa_printf(MSG_DEBUG, "FT: S1KH-ID: " MACSTR, MAC2STR(s1kh_id)); in wpa_derive_pmk_r1()
2388 res = -1; in wpa_derive_pmk_r1()
2391 res = sha512_prf(pmk_r0, pmk_r0_len, "FT-R1", in wpa_derive_pmk_r1()
2392 buf, pos - buf, pmk_r1, pmk_r0_len); in wpa_derive_pmk_r1()
2396 res = sha384_prf(pmk_r0, pmk_r0_len, "FT-R1", in wpa_derive_pmk_r1()
2397 buf, pos - buf, pmk_r1, pmk_r0_len); in wpa_derive_pmk_r1()
2400 res = sha256_prf(pmk_r0, pmk_r0_len, "FT-R1", in wpa_derive_pmk_r1()
2401 buf, pos - buf, pmk_r1, pmk_r0_len); in wpa_derive_pmk_r1()
2403 wpa_printf(MSG_ERROR, "FT: Failed to derive PMK-R1"); in wpa_derive_pmk_r1()
2406 wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", pmk_r1, pmk_r0_len); in wpa_derive_pmk_r1()
2414 * wpa_pmk_r1_to_ptk - Derive PTK and PTKName from PMK-R1
2416 * IEEE Std 802.11r-2008 - 8.5.1.5.5
2437 "FT: KDK len=%zu exceeds max supported len", in wpa_pmk_r1_to_ptk()
2439 return -1; in wpa_pmk_r1_to_ptk()
2452 * PTK = KDF-PTKLen(PMK-R1, "FT-PTK", SNonce || ANonce || in wpa_pmk_r1_to_ptk()
2453 * BSSID || STA-ADDR) in wpa_pmk_r1_to_ptk()
2455 wpa_printf(MSG_DEBUG, "FT: Derive PTK using KDF-SHA%zu", key_len * 8); in wpa_pmk_r1_to_ptk()
2456 wpa_hexdump_key(MSG_DEBUG, "FT: PMK-R1", pmk_r1, pmk_r1_len); in wpa_pmk_r1_to_ptk()
2459 wpa_printf(MSG_DEBUG, "FT: BSSID=" MACSTR " STA-ADDR=" MACSTR, in wpa_pmk_r1_to_ptk()
2471 ptk->kck_len = wpa_kck_len(akmp, key_len); in wpa_pmk_r1_to_ptk()
2472 ptk->kck2_len = wpa_kck2_len(akmp); in wpa_pmk_r1_to_ptk()
2473 ptk->kek_len = wpa_kek_len(akmp, key_len); in wpa_pmk_r1_to_ptk()
2474 ptk->kek2_len = wpa_kek2_len(akmp); in wpa_pmk_r1_to_ptk()
2475 ptk->tk_len = wpa_cipher_key_len(cipher); in wpa_pmk_r1_to_ptk()
2476 ptk->kdk_len = kdk_len; in wpa_pmk_r1_to_ptk()
2477 ptk_len = ptk->kck_len + ptk->kek_len + ptk->tk_len + in wpa_pmk_r1_to_ptk()
2478 ptk->kck2_len + ptk->kek2_len + ptk->kdk_len; in wpa_pmk_r1_to_ptk()
2480 res = -1; in wpa_pmk_r1_to_ptk()
2485 "FT: Unexpected PMK-R1 length %d (expected %d)", in wpa_pmk_r1_to_ptk()
2487 return -1; in wpa_pmk_r1_to_ptk()
2489 res = sha512_prf(pmk_r1, pmk_r1_len, "FT-PTK", in wpa_pmk_r1_to_ptk()
2490 buf, pos - buf, tmp, ptk_len); in wpa_pmk_r1_to_ptk()
2497 "FT: Unexpected PMK-R1 length %d (expected %d)", in wpa_pmk_r1_to_ptk()
2499 return -1; in wpa_pmk_r1_to_ptk()
2501 res = sha384_prf(pmk_r1, pmk_r1_len, "FT-PTK", in wpa_pmk_r1_to_ptk()
2502 buf, pos - buf, tmp, ptk_len); in wpa_pmk_r1_to_ptk()
2508 "FT: Unexpected PMK-R1 length %d (expected %d)", in wpa_pmk_r1_to_ptk()
2510 return -1; in wpa_pmk_r1_to_ptk()
2512 res = sha256_prf(pmk_r1, pmk_r1_len, "FT-PTK", in wpa_pmk_r1_to_ptk()
2513 buf, pos - buf, tmp, ptk_len); in wpa_pmk_r1_to_ptk()
2516 return -1; in wpa_pmk_r1_to_ptk()
2520 * PTKName = Truncate-128(SHA-256(PMKR1Name || "FT-PTKN" || SNonce || in wpa_pmk_r1_to_ptk()
2521 * ANonce || BSSID || STA-ADDR)) in wpa_pmk_r1_to_ptk()
2526 addr[1] = (const u8 *) "FT-PTKN"; in wpa_pmk_r1_to_ptk()
2538 return -1; in wpa_pmk_r1_to_ptk()
2541 os_memcpy(ptk->kck, tmp, ptk->kck_len); in wpa_pmk_r1_to_ptk()
2542 offset = ptk->kck_len; in wpa_pmk_r1_to_ptk()
2543 os_memcpy(ptk->kek, tmp + offset, ptk->kek_len); in wpa_pmk_r1_to_ptk()
2544 offset += ptk->kek_len; in wpa_pmk_r1_to_ptk()
2545 os_memcpy(ptk->tk, tmp + offset, ptk->tk_len); in wpa_pmk_r1_to_ptk()
2546 offset += ptk->tk_len; in wpa_pmk_r1_to_ptk()
2547 os_memcpy(ptk->kck2, tmp + offset, ptk->kck2_len); in wpa_pmk_r1_to_ptk()
2548 offset += ptk->kck2_len; in wpa_pmk_r1_to_ptk()
2549 os_memcpy(ptk->kek2, tmp + offset, ptk->kek2_len); in wpa_pmk_r1_to_ptk()
2550 offset += ptk->kek2_len; in wpa_pmk_r1_to_ptk()
2551 os_memcpy(ptk->kdk, tmp + offset, ptk->kdk_len); in wpa_pmk_r1_to_ptk()
2553 wpa_hexdump_key(MSG_DEBUG, "FT: KCK", ptk->kck, ptk->kck_len); in wpa_pmk_r1_to_ptk()
2554 wpa_hexdump_key(MSG_DEBUG, "FT: KEK", ptk->kek, ptk->kek_len); in wpa_pmk_r1_to_ptk()
2555 if (ptk->kck2_len) in wpa_pmk_r1_to_ptk()
2557 ptk->kck2, ptk->kck2_len); in wpa_pmk_r1_to_ptk()
2558 if (ptk->kek2_len) in wpa_pmk_r1_to_ptk()
2560 ptk->kek2, ptk->kek2_len); in wpa_pmk_r1_to_ptk()
2561 if (ptk->kdk_len) in wpa_pmk_r1_to_ptk()
2562 wpa_hexdump_key(MSG_DEBUG, "FT: KDK", ptk->kdk, ptk->kdk_len); in wpa_pmk_r1_to_ptk()
2564 wpa_hexdump_key(MSG_DEBUG, "FT: TK", ptk->tk, ptk->tk_len); in wpa_pmk_r1_to_ptk()
2576 * rsn_pmkid - Calculate PMK identifier
2584 * IEEE Std 802.11-2016 - 12.7.1.3 Pairwise key hierarchy
2585 * AKM: 00-0F-AC:3, 00-0F-AC:5, 00-0F-AC:6, 00-0F-AC:14, 00-0F-AC:16
2586 * PMKID = Truncate-128(HMAC-SHA-256(PMK, "PMK Name" || AA || SPA))
2587 * AKM: 00-0F-AC:11
2589 * AKM: 00-0F-AC:12
2591 * AKM: 00-0F-AC:13, 00-0F-AC:15, 00-0F-AC:17
2592 * PMKID = Truncate-128(HMAC-SHA-384(PMK, "PMK Name" || AA || SPA))
2594 * PMKID = Truncate-128(HMAC-SHA-1(PMK, "PMK Name" || AA || SPA))
2611 wpa_printf(MSG_DEBUG, "RSN: Derive PMKID using HMAC-SHA-384"); in rsn_pmkid()
2615 wpa_printf(MSG_DEBUG, "RSN: Derive PMKID using HMAC-SHA-256"); in rsn_pmkid()
2618 wpa_printf(MSG_DEBUG, "RSN: Derive PMKID using HMAC-SHA-1"); in rsn_pmkid()
2628 * rsn_pmkid_suite_b - Calculate PMK identifier for Suite B AKM
2634 * Returns: 0 on success, -1 on failure
2636 * IEEE Std 802.11ac-2013 - 11.6.1.3 Pairwise key hierarchy
2637 * PMKID = Truncate(HMAC-SHA-256(KCK, "PMK Name" || AA || SPA))
2652 return -1; in rsn_pmkid_suite_b()
2661 * rsn_pmkid_suite_b_192 - Calculate PMK identifier for Suite B AKM
2667 * Returns: 0 on success, -1 on failure
2669 * IEEE Std 802.11ac-2013 - 11.6.1.3 Pairwise key hierarchy
2670 * PMKID = Truncate(HMAC-SHA-384(KCK, "PMK Name" || AA || SPA))
2685 return -1; in rsn_pmkid_suite_b_192()
2693 * wpa_cipher_txt - Convert cipher suite to a text string
2704 return "WEP-40"; in wpa_cipher_txt()
2706 return "WEP-104"; in wpa_cipher_txt()
2717 return "GCMP-256"; in wpa_cipher_txt()
2719 return "CCMP-256"; in wpa_cipher_txt()
2723 return "BIP-GMAC-128"; in wpa_cipher_txt()
2725 return "BIP-GMAC-256"; in wpa_cipher_txt()
2727 return "BIP-CMAC-256"; in wpa_cipher_txt()
2737 * wpa_key_mgmt_txt - Convert key management suite to a text string
2752 return "WPA2-PSK+WPA-PSK"; in wpa_key_mgmt_txt()
2754 "WPA2-PSK" : "WPA-PSK"; in wpa_key_mgmt_txt()
2758 return "WPA-NONE"; in wpa_key_mgmt_txt()
2763 return "FT-EAP"; in wpa_key_mgmt_txt()
2765 return "FT-EAP-SHA384"; in wpa_key_mgmt_txt()
2767 return "FT-PSK"; in wpa_key_mgmt_txt()
2770 return "WPA2-EAP-SHA256"; in wpa_key_mgmt_txt()
2772 return "WPA2-PSK-SHA256"; in wpa_key_mgmt_txt()
2778 return "SAE-EXT-KEY"; in wpa_key_mgmt_txt()
2780 return "FT-SAE"; in wpa_key_mgmt_txt()
2782 return "FT-SAE-EXT-KEY"; in wpa_key_mgmt_txt()
2786 return "WPA2-EAP-SUITE-B"; in wpa_key_mgmt_txt()
2788 return "WPA2-EAP-SUITE-B-192"; in wpa_key_mgmt_txt()
2790 return "FILS-SHA256"; in wpa_key_mgmt_txt()
2792 return "FILS-SHA384"; in wpa_key_mgmt_txt()
2794 return "FT-FILS-SHA256"; in wpa_key_mgmt_txt()
2796 return "FT-FILS-SHA384"; in wpa_key_mgmt_txt()
2804 return "WPA2-EAP-SHA384"; in wpa_key_mgmt_txt()
2866 return -1; in wpa_compare_rsn_ie()
2875 * The PMKID-List in RSN IE is different between Beacon/Probe in wpa_compare_rsn_ie()
2876 * Response/(Re)Association Request frames and EAPOL-Key in wpa_compare_rsn_ie()
2883 return -1; in wpa_compare_rsn_ie()
2894 return -1; in wpa_compare_rsn_ie()
2913 return -1; in wpa_insert_pmkid()
2918 /* Find start of PMKID-Count */ in wpa_insert_pmkid()
2931 os_memmove(rpos + 2, rpos, end - rpos); in wpa_insert_pmkid()
2943 return -1; in wpa_insert_pmkid()
2948 /* No PMKID-Count field included; add it */ in wpa_insert_pmkid()
2949 os_memmove(rpos + 2 + PMKID_LEN, rpos, end + added - rpos); in wpa_insert_pmkid()
2958 if (rend - rpos < 2) in wpa_insert_pmkid()
2959 return -1; in wpa_insert_pmkid()
2961 if (num_pmkid * PMKID_LEN > rend - rpos - 2) in wpa_insert_pmkid()
2962 return -1; in wpa_insert_pmkid()
2963 /* PMKID-Count was included; use it */ in wpa_insert_pmkid()
2976 os_memmove(rpos + 2, after, end - after); in wpa_insert_pmkid()
2977 start[1] -= num_pmkid * PMKID_LEN; in wpa_insert_pmkid()
2978 added -= num_pmkid * PMKID_LEN; in wpa_insert_pmkid()
2983 os_memmove(rpos + PMKID_LEN, rpos, end + added - rpos); in wpa_insert_pmkid()
3138 return (pos - start) / RSN_SELECTOR_LEN; in rsn_cipher_put_suites()
3159 return (pos - start) / RSN_SELECTOR_LEN; in wpa_cipher_put_suites()
3177 return -1; in wpa_pick_pairwise_cipher()
3195 return -1; in wpa_pick_group_cipher()
3206 return -1; in wpa_parse_cipher()
3219 if (os_strcmp(start, "CCMP-256") == 0) in wpa_parse_cipher()
3221 else if (os_strcmp(start, "GCMP-256") == 0) in wpa_parse_cipher()
3241 else if (os_strcmp(start, "AES-128-CMAC") == 0) in wpa_parse_cipher()
3243 else if (os_strcmp(start, "BIP-GMAC-128") == 0) in wpa_parse_cipher()
3245 else if (os_strcmp(start, "BIP-GMAC-256") == 0) in wpa_parse_cipher()
3247 else if (os_strcmp(start, "BIP-CMAC-256") == 0) in wpa_parse_cipher()
3251 return -1; in wpa_parse_cipher()
3270 ret = os_snprintf(pos, end - pos, "%sCCMP-256", in wpa_write_ciphers()
3272 if (os_snprintf_error(end - pos, ret)) in wpa_write_ciphers()
3273 return -1; in wpa_write_ciphers()
3277 ret = os_snprintf(pos, end - pos, "%sGCMP-256", in wpa_write_ciphers()
3279 if (os_snprintf_error(end - pos, ret)) in wpa_write_ciphers()
3280 return -1; in wpa_write_ciphers()
3284 ret = os_snprintf(pos, end - pos, "%sCCMP", in wpa_write_ciphers()
3286 if (os_snprintf_error(end - pos, ret)) in wpa_write_ciphers()
3287 return -1; in wpa_write_ciphers()
3291 ret = os_snprintf(pos, end - pos, "%sGCMP", in wpa_write_ciphers()
3293 if (os_snprintf_error(end - pos, ret)) in wpa_write_ciphers()
3294 return -1; in wpa_write_ciphers()
3298 ret = os_snprintf(pos, end - pos, "%sTKIP", in wpa_write_ciphers()
3300 if (os_snprintf_error(end - pos, ret)) in wpa_write_ciphers()
3301 return -1; in wpa_write_ciphers()
3305 ret = os_snprintf(pos, end - pos, "%sAES-128-CMAC", in wpa_write_ciphers()
3307 if (os_snprintf_error(end - pos, ret)) in wpa_write_ciphers()
3308 return -1; in wpa_write_ciphers()
3312 ret = os_snprintf(pos, end - pos, "%sBIP-GMAC-128", in wpa_write_ciphers()
3314 if (os_snprintf_error(end - pos, ret)) in wpa_write_ciphers()
3315 return -1; in wpa_write_ciphers()
3319 ret = os_snprintf(pos, end - pos, "%sBIP-GMAC-256", in wpa_write_ciphers()
3321 if (os_snprintf_error(end - pos, ret)) in wpa_write_ciphers()
3322 return -1; in wpa_write_ciphers()
3326 ret = os_snprintf(pos, end - pos, "%sBIP-CMAC-256", in wpa_write_ciphers()
3328 if (os_snprintf_error(end - pos, ret)) in wpa_write_ciphers()
3329 return -1; in wpa_write_ciphers()
3333 ret = os_snprintf(pos, end - pos, "%sNONE", in wpa_write_ciphers()
3335 if (os_snprintf_error(end - pos, ret)) in wpa_write_ciphers()
3336 return -1; in wpa_write_ciphers()
3340 return pos - start; in wpa_write_ciphers()
3387 return -1; in fils_domain_name_hash()
3395 * wpa_parse_vendor_specific - Parse Vendor Specific IEs
3415 ie->wmm = &pos[2]; in wpa_parse_vendor_specific()
3416 ie->wmm_len = pos[1]; in wpa_parse_vendor_specific()
3418 ie->wmm, ie->wmm_len); in wpa_parse_vendor_specific()
3420 ie->wmm = &pos[2]; in wpa_parse_vendor_specific()
3421 ie->wmm_len = pos[1]; in wpa_parse_vendor_specific()
3423 ie->wmm, ie->wmm_len); in wpa_parse_vendor_specific()
3430 * wpa_parse_generic - Parse EAPOL-Key Key Data Generic IEs
3455 left = len - RSN_SELECTOR_LEN; in wpa_parse_generic()
3458 ie->wpa_ie = pos; in wpa_parse_generic()
3459 ie->wpa_ie_len = dlen; in wpa_parse_generic()
3460 wpa_hexdump(MSG_DEBUG, "WPA: WPA IE in EAPOL-Key", in wpa_parse_generic()
3461 ie->wpa_ie, ie->wpa_ie_len); in wpa_parse_generic()
3466 ie->osen = pos; in wpa_parse_generic()
3467 ie->osen_len = dlen; in wpa_parse_generic()
3472 ie->pmkid = p; in wpa_parse_generic()
3473 wpa_hexdump(MSG_DEBUG, "WPA: PMKID in EAPOL-Key", pos, dlen); in wpa_parse_generic()
3478 ie->key_id = p; in wpa_parse_generic()
3479 wpa_hexdump(MSG_DEBUG, "WPA: KeyID in EAPOL-Key", pos, dlen); in wpa_parse_generic()
3484 ie->gtk = p; in wpa_parse_generic()
3485 ie->gtk_len = left; in wpa_parse_generic()
3486 wpa_hexdump_key(MSG_DEBUG, "WPA: GTK in EAPOL-Key", pos, dlen); in wpa_parse_generic()
3491 ie->mac_addr = p; in wpa_parse_generic()
3492 wpa_printf(MSG_DEBUG, "WPA: MAC Address in EAPOL-Key: " MACSTR, in wpa_parse_generic()
3493 MAC2STR(ie->mac_addr)); in wpa_parse_generic()
3498 ie->igtk = p; in wpa_parse_generic()
3499 ie->igtk_len = left; in wpa_parse_generic()
3500 wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK in EAPOL-Key", in wpa_parse_generic()
3506 ie->bigtk = p; in wpa_parse_generic()
3507 ie->bigtk_len = left; in wpa_parse_generic()
3508 wpa_hexdump_key(MSG_DEBUG, "WPA: BIGTK in EAPOL-Key", in wpa_parse_generic()
3514 ie->ip_addr_req = p; in wpa_parse_generic()
3515 wpa_hexdump(MSG_DEBUG, "WPA: IP Address Request in EAPOL-Key", in wpa_parse_generic()
3516 ie->ip_addr_req, left); in wpa_parse_generic()
3521 ie->ip_addr_alloc = p; in wpa_parse_generic()
3523 "WPA: IP Address Allocation in EAPOL-Key", in wpa_parse_generic()
3524 ie->ip_addr_alloc, left); in wpa_parse_generic()
3529 ie->oci = p; in wpa_parse_generic()
3530 ie->oci_len = left; in wpa_parse_generic()
3531 wpa_hexdump(MSG_DEBUG, "WPA: OCI KDE in EAPOL-Key", in wpa_parse_generic()
3537 ie->transition_disable = p; in wpa_parse_generic()
3538 ie->transition_disable_len = left; in wpa_parse_generic()
3540 "WPA: Transition Disable KDE in EAPOL-Key", in wpa_parse_generic()
3546 ie->dpp_kde = p; in wpa_parse_generic()
3547 ie->dpp_kde_len = left; in wpa_parse_generic()
3548 wpa_hexdump(MSG_DEBUG, "WPA: DPP KDE in EAPOL-Key", pos, dlen); in wpa_parse_generic()
3559 ie->valid_mlo_gtks |= BIT(link_id); in wpa_parse_generic()
3560 ie->mlo_gtk[link_id] = p; in wpa_parse_generic()
3561 ie->mlo_gtk_len[link_id] = left; in wpa_parse_generic()
3563 "RSN: Link ID %u - MLO GTK KDE in EAPOL-Key", in wpa_parse_generic()
3577 ie->valid_mlo_igtks |= BIT(link_id); in wpa_parse_generic()
3578 ie->mlo_igtk[link_id] = p; in wpa_parse_generic()
3579 ie->mlo_igtk_len[link_id] = left; in wpa_parse_generic()
3581 "RSN: Link ID %u - MLO IGTK KDE in EAPOL-Key", in wpa_parse_generic()
3595 ie->valid_mlo_bigtks |= BIT(link_id); in wpa_parse_generic()
3596 ie->mlo_bigtk[link_id] = p; in wpa_parse_generic()
3597 ie->mlo_bigtk_len[link_id] = left; in wpa_parse_generic()
3599 "RSN: Link ID %u - MLO BIGTK KDE in EAPOL-Key", in wpa_parse_generic()
3613 ie->valid_mlo_links |= BIT(link_id); in wpa_parse_generic()
3614 ie->mlo_link[link_id] = p; in wpa_parse_generic()
3615 ie->mlo_link_len[link_id] = left; in wpa_parse_generic()
3617 "RSN: Link ID %u - MLO Link KDE in EAPOL-Key", in wpa_parse_generic()
3629 * wpa_parse_kde_ies - Parse EAPOL-Key Key Data IEs
3633 * Returns: 0 on success, -1 on failure
3642 for (pos = buf, end = pos + len; end - pos > 1; pos += dlen) { in wpa_parse_kde_ies()
3644 ((pos == buf + len - 1) || pos[1] == 0)) { in wpa_parse_kde_ies()
3649 if ((int) dlen > end - pos) { in wpa_parse_kde_ies()
3651 "WPA: EAPOL-Key Key Data underflow (ie=%d len=%d pos=%d)", in wpa_parse_kde_ies()
3652 pos[0], pos[1], (int) (pos - buf)); in wpa_parse_kde_ies()
3654 ret = -1; in wpa_parse_kde_ies()
3658 ie->rsn_ie = pos; in wpa_parse_kde_ies()
3659 ie->rsn_ie_len = dlen; in wpa_parse_kde_ies()
3660 wpa_hexdump(MSG_DEBUG, "WPA: RSN IE in EAPOL-Key", in wpa_parse_kde_ies()
3661 ie->rsn_ie, ie->rsn_ie_len); in wpa_parse_kde_ies()
3663 ie->rsnxe = pos; in wpa_parse_kde_ies()
3664 ie->rsnxe_len = dlen; in wpa_parse_kde_ies()
3665 wpa_hexdump(MSG_DEBUG, "WPA: RSNXE in EAPOL-Key", in wpa_parse_kde_ies()
3666 ie->rsnxe, ie->rsnxe_len); in wpa_parse_kde_ies()
3668 ie->mdie = pos; in wpa_parse_kde_ies()
3669 ie->mdie_len = dlen; in wpa_parse_kde_ies()
3670 wpa_hexdump(MSG_DEBUG, "WPA: MDIE in EAPOL-Key", in wpa_parse_kde_ies()
3671 ie->mdie, ie->mdie_len); in wpa_parse_kde_ies()
3673 ie->ftie = pos; in wpa_parse_kde_ies()
3674 ie->ftie_len = dlen; in wpa_parse_kde_ies()
3675 wpa_hexdump(MSG_DEBUG, "WPA: FTIE in EAPOL-Key", in wpa_parse_kde_ies()
3676 ie->ftie, ie->ftie_len); in wpa_parse_kde_ies()
3679 ie->reassoc_deadline = pos; in wpa_parse_kde_ies()
3681 "in EAPOL-Key", in wpa_parse_kde_ies()
3682 ie->reassoc_deadline, dlen); in wpa_parse_kde_ies()
3684 ie->key_lifetime = pos; in wpa_parse_kde_ies()
3686 "in EAPOL-Key", in wpa_parse_kde_ies()
3687 ie->key_lifetime, dlen); in wpa_parse_kde_ies()
3690 "EAPOL-Key Key Data IE", in wpa_parse_kde_ies()
3695 ie->lnkid = pos; in wpa_parse_kde_ies()
3696 ie->lnkid_len = dlen; in wpa_parse_kde_ies()
3699 ie->ext_capab = pos; in wpa_parse_kde_ies()
3700 ie->ext_capab_len = dlen; in wpa_parse_kde_ies()
3702 ie->supp_rates = pos; in wpa_parse_kde_ies()
3703 ie->supp_rates_len = dlen; in wpa_parse_kde_ies()
3705 ie->ext_supp_rates = pos; in wpa_parse_kde_ies()
3706 ie->ext_supp_rates_len = dlen; in wpa_parse_kde_ies()
3709 ie->ht_capabilities = pos + 2; in wpa_parse_kde_ies()
3712 ie->aid = WPA_GET_LE16(pos + 2) & 0x3fff; in wpa_parse_kde_ies()
3716 ie->vht_capabilities = pos + 2; in wpa_parse_kde_ies()
3720 ie->he_capabilities = pos + 3; in wpa_parse_kde_ies()
3721 ie->he_capab_len = pos[1] - 1; in wpa_parse_kde_ies()
3726 ie->he_6ghz_capabilities = pos + 3; in wpa_parse_kde_ies()
3730 ie->eht_capabilities = pos + 3; in wpa_parse_kde_ies()
3731 ie->eht_capab_len = pos[1] - 1; in wpa_parse_kde_ies()
3733 ie->qosinfo = pos[2]; in wpa_parse_kde_ies()
3735 ie->supp_channels = pos + 2; in wpa_parse_kde_ies()
3736 ie->supp_channels_len = pos[1]; in wpa_parse_kde_ies()
3745 ie->supp_oper_classes = pos + 2; in wpa_parse_kde_ies()
3746 ie->supp_oper_classes_len = pos[1]; in wpa_parse_kde_ies()
3749 ie->ssid = pos + 2; in wpa_parse_kde_ies()
3750 ie->ssid_len = pos[1]; in wpa_parse_kde_ies()
3751 wpa_hexdump_ascii(MSG_DEBUG, "RSN: SSID in EAPOL-Key", in wpa_parse_kde_ies()
3752 ie->ssid, ie->ssid_len); in wpa_parse_kde_ies()
3769 "WPA: Unrecognized EAPOL-Key Key Data IE", in wpa_parse_kde_ies()
3781 * wpa_pasn_build_auth_header - Add the MAC header and initialize Authentication
3803 auth->frame_control = host_to_le16((WLAN_FC_TYPE_MGMT << 2) | in wpa_pasn_build_auth_header()
3806 os_memcpy(auth->da, dst, ETH_ALEN); in wpa_pasn_build_auth_header()
3807 os_memcpy(auth->sa, src, ETH_ALEN); in wpa_pasn_build_auth_header()
3808 os_memcpy(auth->bssid, bssid, ETH_ALEN); in wpa_pasn_build_auth_header()
3809 auth->seq_ctrl = 0; in wpa_pasn_build_auth_header()
3811 auth->u.auth.auth_alg = host_to_le16(WLAN_AUTH_PASN); in wpa_pasn_build_auth_header()
3812 auth->u.auth.auth_transaction = host_to_le16(trans_seq); in wpa_pasn_build_auth_header()
3813 auth->u.auth.status_code = host_to_le16(status); in wpa_pasn_build_auth_header()
3818 * wpa_pasn_add_rsne - Add an RSNE for PASN authentication
3839 return -1; in wpa_pasn_add_rsne()
3841 hdr->elem_id = WLAN_EID_RSN; in wpa_pasn_add_rsne()
3842 hdr->len = rsne_len - 2; in wpa_pasn_add_rsne()
3843 WPA_PUT_LE16(hdr->version, RSN_VERSION); in wpa_pasn_add_rsne()
3894 return -1; in wpa_pasn_add_rsne()
3923 * wpa_pasn_add_parameter_ie - Add PASN Parameters IE for PASN authentication
3932 * @after: If comeback is set, defined the comeback time in seconds. -1 to not
3933 * include the Comeback After field (frames from non-AP STA).
3946 params->id = WLAN_EID_EXTENSION; in wpa_pasn_add_parameter_ie()
3947 params->len = sizeof(*params) - 2; in wpa_pasn_add_parameter_ie()
3948 params->id_ext = WLAN_EID_EXT_PASN_PARAMS; in wpa_pasn_add_parameter_ie()
3949 params->control = 0; in wpa_pasn_add_parameter_ie()
3950 params->wrapped_data_format = wrapped_data_format; in wpa_pasn_add_parameter_ie()
3960 params->len += 2; in wpa_pasn_add_parameter_ie()
3961 params->len += 1 + wpabuf_len(comeback); in wpa_pasn_add_parameter_ie()
3962 params->control |= WPA_PASN_CTRL_COMEBACK_INFO_PRESENT; in wpa_pasn_add_parameter_ie()
3980 params->len += 2 + 1 + 1 + wpabuf_len(pubkey); in wpa_pasn_add_parameter_ie()
3981 params->control |= WPA_PASN_CTRL_GROUP_AND_KEY_PRESENT; in wpa_pasn_add_parameter_ie()
3998 * wpa_pasn_add_wrapped_data - Add a Wrapped Data IE to PASN Authentication
4029 return -1; in wpa_pasn_add_wrapped_data()
4034 wpabuf_put_data(buf, data, len - 1); in wpa_pasn_add_wrapped_data()
4036 data += len - 1; in wpa_pasn_add_wrapped_data()
4037 data_len -= len - 1; in wpa_pasn_add_wrapped_data()
4041 return -1; in wpa_pasn_add_wrapped_data()
4047 data_len -= len; in wpa_pasn_add_wrapped_data()
4055 * wpa_pasn_validate_rsne - Validate PSAN specific data of RSNE
4057 * Returns -1 for invalid data; otherwise 0
4063 if (data->proto != WPA_PROTO_RSN) in wpa_pasn_validate_rsne()
4064 return -1; in wpa_pasn_validate_rsne()
4066 if ((data->capabilities & capab) != capab) { in wpa_pasn_validate_rsne()
4068 return -1; in wpa_pasn_validate_rsne()
4071 if (!data->has_group || data->group_cipher != WPA_CIPHER_GTK_NOT_USED) { in wpa_pasn_validate_rsne()
4073 return -1; in wpa_pasn_validate_rsne()
4076 if (!data->has_pairwise || !data->pairwise_cipher || in wpa_pasn_validate_rsne()
4077 (data->pairwise_cipher & (data->pairwise_cipher - 1))) { in wpa_pasn_validate_rsne()
4079 return -1; in wpa_pasn_validate_rsne()
4082 switch (data->key_mgmt) { in wpa_pasn_validate_rsne()
4103 data->key_mgmt); in wpa_pasn_validate_rsne()
4104 return -1; in wpa_pasn_validate_rsne()
4107 if (data->mgmt_group_cipher != WPA_CIPHER_GTK_NOT_USED) { in wpa_pasn_validate_rsne()
4109 return -1; in wpa_pasn_validate_rsne()
4112 if (data->num_pmkid > 1) { in wpa_pasn_validate_rsne()
4114 return -1; in wpa_pasn_validate_rsne()
4122 * wpa_pasn_parse_parameter_ie - Validates PASN Parameters IE
4127 * Returns: -1 for invalid data; otherwise 0
4140 return -1; in wpa_pasn_parse_parameter_ie()
4143 if (!params || ((size_t) (params->len + 2) < sizeof(*params)) || in wpa_pasn_parse_parameter_ie()
4144 len < sizeof(*params) || params->len + 2 != len) { in wpa_pasn_parse_parameter_ie()
4147 params ? params->len : 0, len); in wpa_pasn_parse_parameter_ie()
4148 return -1; in wpa_pasn_parse_parameter_ie()
4153 switch (params->wrapped_data_format) { in wpa_pasn_parse_parameter_ie()
4161 return -1; in wpa_pasn_parse_parameter_ie()
4164 pasn_params->wrapped_data_format = params->wrapped_data_format; in wpa_pasn_parse_parameter_ie()
4166 len -= sizeof(*params); in wpa_pasn_parse_parameter_ie()
4168 if (params->control & WPA_PASN_CTRL_COMEBACK_INFO_PRESENT) { in wpa_pasn_parse_parameter_ie()
4173 return -1; in wpa_pasn_parse_parameter_ie()
4175 pasn_params->after = WPA_GET_LE16(pos); in wpa_pasn_parse_parameter_ie()
4177 len -= 2; in wpa_pasn_parse_parameter_ie()
4183 return -1; in wpa_pasn_parse_parameter_ie()
4186 pasn_params->comeback_len = *pos++; in wpa_pasn_parse_parameter_ie()
4187 len--; in wpa_pasn_parse_parameter_ie()
4188 pasn_params->comeback = pos; in wpa_pasn_parse_parameter_ie()
4189 len -= pasn_params->comeback_len; in wpa_pasn_parse_parameter_ie()
4190 pos += pasn_params->comeback_len; in wpa_pasn_parse_parameter_ie()
4193 if (params->control & WPA_PASN_CTRL_GROUP_AND_KEY_PRESENT) { in wpa_pasn_parse_parameter_ie()
4197 return -1; in wpa_pasn_parse_parameter_ie()
4200 pasn_params->group = WPA_GET_LE16(pos); in wpa_pasn_parse_parameter_ie()
4202 len -= 2; in wpa_pasn_parse_parameter_ie()
4203 pasn_params->pubkey_len = *pos++; in wpa_pasn_parse_parameter_ie()
4204 len--; in wpa_pasn_parse_parameter_ie()
4205 pasn_params->pubkey = pos; in wpa_pasn_parse_parameter_ie()
4206 len -= pasn_params->pubkey_len; in wpa_pasn_parse_parameter_ie()
4207 pos += pasn_params->pubkey_len; in wpa_pasn_parse_parameter_ie()
4213 return -1; in wpa_pasn_parse_parameter_ie()
4229 capab |= flen - 1; /* bit 0-3 = Field length (n - 1) */ in wpa_pasn_add_rsnxe()
4241 * wpa_pasn_add_extra_ies - Add protocol specific IEs in Authentication
4247 * Returns: 0 on success, -1 on failure
4256 return -1; in wpa_pasn_add_extra_ies()