33 		pasn->pmksa = pmksa;  in pasn_set_initiator_pmksa()
42 	int ret;  in wpas_pasn_wd_sae_commit()
44 	ret = sae_set_group(&pasn->sae, pasn->group);  in wpas_pasn_wd_sae_commit()
50 	ret = sae_prepare_commit_pt(&pasn->sae, pasn->pt,  in wpas_pasn_wd_sae_commit()
51 				    pasn->own_addr, pasn->peer_addr,  in wpas_pasn_wd_sae_commit()
69 	sae_write_commit(&pasn->sae, buf, NULL, 0);  in wpas_pasn_wd_sae_commit()
70 	pasn->sae.state = SAE_COMMITTED;  in wpas_pasn_wd_sae_commit()
76 static int wpas_pasn_wd_sae_rx(struct pasn_data *pasn, struct wpabuf *wd)  in wpas_pasn_wd_sae_rx()
81 	int groups[] = { pasn->group, 0 };  in wpas_pasn_wd_sae_rx()
82 	int ret;  in wpas_pasn_wd_sae_rx()
85 		return -1;  in wpas_pasn_wd_sae_rx()
93 		return -1;  in wpas_pasn_wd_sae_rx()
97 	if (len < 6 || buf_len - 2 < len) {  in wpas_pasn_wd_sae_rx()
99 		return -1;  in wpas_pasn_wd_sae_rx()
102 	buf_len -= 2;  in wpas_pasn_wd_sae_rx()
115 		return -1;  in wpas_pasn_wd_sae_rx()
118 	res = sae_parse_commit(&pasn->sae, data + 6, len - 6, NULL, 0, groups,  in wpas_pasn_wd_sae_rx()
122 		return -1;  in wpas_pasn_wd_sae_rx()
126 	ret = sae_process_commit(&pasn->sae);  in wpas_pasn_wd_sae_rx()
129 		return -1;  in wpas_pasn_wd_sae_rx()
132 	buf_len -= len;  in wpas_pasn_wd_sae_rx()
138 		return -1;  in wpas_pasn_wd_sae_rx()
142 	if (len < 6 || buf_len - 2 < len) {  in wpas_pasn_wd_sae_rx()
144 		return -1;  in wpas_pasn_wd_sae_rx()
147 	buf_len -= 2;  in wpas_pasn_wd_sae_rx()
159 		return -1;  in wpas_pasn_wd_sae_rx()
162 	res = sae_check_confirm(&pasn->sae, data + 6, len - 6, NULL);  in wpas_pasn_wd_sae_rx()
165 		return -1;  in wpas_pasn_wd_sae_rx()
169 	pasn->sae.state = SAE_ACCEPTED;  in wpas_pasn_wd_sae_rx()
190 	sae_write_confirm(&pasn->sae, buf);  in wpas_pasn_wd_sae_confirm()
191 	pasn->sae.state = SAE_CONFIRMED;  in wpas_pasn_wd_sae_confirm()
205 	int ret;  in wpas_pasn_fils_build_auth()
207 	erp_msg = eapol_sm_build_erp_reauth_start(pasn->eapol);  in wpas_pasn_fils_build_auth()
210 			   "PASN: FILS: ERP EAP-Initiate/Re-auth unavailable");  in wpas_pasn_fils_build_auth()
214 	if (random_get_bytes(pasn->fils.nonce, FILS_NONCE_LEN) < 0 ||  in wpas_pasn_fils_build_auth()
215 	    random_get_bytes(pasn->fils.session, FILS_SESSION_LEN) < 0)  in wpas_pasn_fils_build_auth()
218 	wpa_hexdump(MSG_DEBUG, "PASN: FILS: Nonce", pasn->fils.nonce,  in wpas_pasn_fils_build_auth()
221 	wpa_hexdump(MSG_DEBUG, "PASN: FILS: Session", pasn->fils.session,  in wpas_pasn_fils_build_auth()
238 	wpa_pasn_add_rsne(buf, NULL, pasn->akmp, pasn->cipher);  in wpas_pasn_fils_build_auth()
244 	wpabuf_put_data(buf, pasn->fils.nonce, FILS_NONCE_LEN);  in wpas_pasn_fils_build_auth()
250 	wpabuf_put_data(buf, pasn->fils.session, FILS_SESSION_LEN);  in wpas_pasn_fils_build_auth()
260 	 * copy of the EAP-Initiate/Reauth message.  in wpas_pasn_fils_build_auth()
262 	ret = fils_pmkid_erp(pasn->akmp, wpabuf_head(erp_msg),  in wpas_pasn_fils_build_auth()
264 			     pasn->fils.erp_pmkid);  in wpas_pasn_fils_build_auth()
284 	wpa_printf(MSG_DEBUG, "PASN: FILS: wrapped data - completed=%u",  in wpas_pasn_wd_fils_auth()
285 		   pasn->fils.completed);  in wpas_pasn_wd_fils_auth()
288 	if (pasn->fils.completed)  in wpas_pasn_wd_fils_auth()
291 	if (!pasn->fils_eapol) {  in wpas_pasn_wd_fils_auth()
301 static int wpas_pasn_wd_fils_rx(struct pasn_data *pasn, struct wpabuf *wd)  in wpas_pasn_wd_fils_rx()
312 	int ret;  in wpas_pasn_wd_fils_rx()
315 		return -1;  in wpas_pasn_wd_fils_rx()
326 		return -1;  in wpas_pasn_wd_fils_rx()
340 		return -1;  in wpas_pasn_wd_fils_rx()
344 	buf_len -= 6;  in wpas_pasn_wd_fils_rx()
348 		return -1;  in wpas_pasn_wd_fils_rx()
354 		return -1;  in wpas_pasn_wd_fils_rx()
357 	ret = wpa_parse_wpa_ie(elems.rsn_ie - 2, elems.rsn_ie_len + 2,  in wpas_pasn_wd_fils_rx()
361 		return -1;  in wpas_pasn_wd_fils_rx()
367 		return -1;  in wpas_pasn_wd_fils_rx()
373 		return -1;  in wpas_pasn_wd_fils_rx()
383 	if (os_memcmp(pasn->fils.session, elems.fils_session,  in wpas_pasn_wd_fils_rx()
386 		return -1;  in wpas_pasn_wd_fils_rx()
395 		return -1;  in wpas_pasn_wd_fils_rx()
398 	eapol_sm_process_erp_finish(pasn->eapol, wpabuf_head(fils_wd),  in wpas_pasn_wd_fils_rx()
404 	if (eapol_sm_failed(pasn->eapol)) {  in wpas_pasn_wd_fils_rx()
406 		return -1;  in wpas_pasn_wd_fils_rx()
410 	ret = eapol_sm_get_key(pasn->eapol, rmsk, rmsk_len);  in wpas_pasn_wd_fils_rx()
414 		ret = eapol_sm_get_key(pasn->eapol, rmsk, rmsk_len);  in wpas_pasn_wd_fils_rx()
419 		return -1;  in wpas_pasn_wd_fils_rx()
422 	ret = fils_rmsk_to_pmk(pasn->akmp, rmsk, rmsk_len,  in wpas_pasn_wd_fils_rx()
423 			       pasn->fils.nonce, anonce, NULL, 0,  in wpas_pasn_wd_fils_rx()
424 			       pasn->pmk, &pasn->pmk_len);  in wpas_pasn_wd_fils_rx()
430 		return -1;  in wpas_pasn_wd_fils_rx()
433 	wpa_hexdump(MSG_DEBUG, "PASN: FILS: PMKID", pasn->fils.erp_pmkid,  in wpas_pasn_wd_fils_rx()
438 	pasn->pmksa_entry = pmksa_cache_add(pasn->pmksa, pasn->pmk,  in wpas_pasn_wd_fils_rx()
439 					    pasn->pmk_len, pasn->fils.erp_pmkid,  in wpas_pasn_wd_fils_rx()
440 					    NULL, 0, pasn->peer_addr,  in wpas_pasn_wd_fils_rx()
441 					    pasn->own_addr, NULL,  in wpas_pasn_wd_fils_rx()
442 					    pasn->akmp, 0);  in wpas_pasn_wd_fils_rx()
444 	pasn->fils.completed = true;  in wpas_pasn_wd_fils_rx()
453 	if (pasn->using_pmksa)  in wpas_pasn_get_wrapped_data()
456 	switch (pasn->akmp) {  in wpas_pasn_get_wrapped_data()
462 		if (pasn->trans_seq == 0)  in wpas_pasn_get_wrapped_data()
464 		if (pasn->trans_seq == 2)  in wpas_pasn_get_wrapped_data()
487 			   pasn->akmp);  in wpas_pasn_get_wrapped_data()
495 	if (pasn->using_pmksa)  in wpas_pasn_get_wrapped_data_format()
499 	switch (pasn->akmp) {  in wpas_pasn_get_wrapped_data_format()
528 	int ret;  in wpas_pasn_build_auth_1()
532 	if (pasn->trans_seq)  in wpas_pasn_build_auth_1()
540 	pubkey = crypto_ecdh_get_pubkey(pasn->ecdh, 0);  in wpas_pasn_build_auth_1()
541 	pubkey = wpabuf_zeropad(pubkey, crypto_ecdh_prime_len(pasn->ecdh));  in wpas_pasn_build_auth_1()
549 	wpa_pasn_build_auth_header(buf, pasn->bssid,  in wpas_pasn_build_auth_1()
550 				   pasn->own_addr, pasn->peer_addr,  in wpas_pasn_build_auth_1()
551 				   pasn->trans_seq + 1, WLAN_STATUS_SUCCESS);  in wpas_pasn_build_auth_1()
554 	if (wpa_key_mgmt_ft(pasn->akmp)) {  in wpas_pasn_build_auth_1()
556 		pmkid = pasn->pmk_r1_name;  in wpas_pasn_build_auth_1()
563 		pmksa = pmksa_cache_get(pasn->pmksa, pasn->peer_addr,  in wpas_pasn_build_auth_1()
564 					pasn->own_addr, NULL, NULL, pasn->akmp);  in wpas_pasn_build_auth_1()
565 		if (pmksa && pasn->custom_pmkid_valid)  in wpas_pasn_build_auth_1()
566 			pmkid = pasn->custom_pmkid;  in wpas_pasn_build_auth_1()
568 			pmkid = pmksa->pmkid;  in wpas_pasn_build_auth_1()
578 	if (wpa_pasn_add_rsne(buf, pmkid, pasn->akmp, pasn->cipher) < 0)  in wpas_pasn_build_auth_1()
584 	wpa_pasn_add_parameter_ie(buf, pasn->group, wrapped_data,  in wpas_pasn_build_auth_1()
585 				  pubkey, true, comeback, -1);  in wpas_pasn_build_auth_1()
590 	wpa_pasn_add_rsnxe(buf, pasn->rsnxe_capab);  in wpas_pasn_build_auth_1()
592 	wpa_pasn_add_extra_ies(buf, pasn->extra_ies, pasn->extra_ies_len);  in wpas_pasn_build_auth_1()
594 	ret = pasn_auth_frame_hash(pasn->akmp, pasn->cipher,  in wpas_pasn_build_auth_1()
596 				   wpabuf_len(buf) - IEEE80211_HDRLEN,  in wpas_pasn_build_auth_1()
597 				   pasn->hash);  in wpas_pasn_build_auth_1()
603 	pasn->trans_seq++;  in wpas_pasn_build_auth_1()
611 	pasn->status = WLAN_STATUS_UNSPECIFIED_FAILURE;  in wpas_pasn_build_auth_1()
622 	u8 mic[WPA_PASN_MAX_MIC_LEN];  in wpas_pasn_build_auth_3()  local
627 	int ret;  in wpas_pasn_build_auth_3()
631 	if (pasn->trans_seq != 2)  in wpas_pasn_build_auth_3()
640 	wpa_pasn_build_auth_header(buf, pasn->bssid,  in wpas_pasn_build_auth_3()
641 				   pasn->own_addr, pasn->peer_addr,  in wpas_pasn_build_auth_3()
642 				   pasn->trans_seq + 1, WLAN_STATUS_SUCCESS);  in wpas_pasn_build_auth_3()
649 	wpa_pasn_add_parameter_ie(buf, pasn->group, wrapped_data,  in wpas_pasn_build_auth_3()
650 				  NULL, false, NULL, -1);  in wpas_pasn_build_auth_3()
657 	/* Add the MIC */  in wpas_pasn_build_auth_3()
658 	mic_len = pasn_mic_len(pasn->akmp, pasn->cipher);  in wpas_pasn_build_auth_3()
666 	data_len = wpabuf_len(buf) - IEEE80211_HDRLEN;  in wpas_pasn_build_auth_3()
668 	ret = pasn_mic(pasn->ptk.kck, pasn->akmp, pasn->cipher,  in wpas_pasn_build_auth_3()
669 		       pasn->own_addr, pasn->peer_addr,  in wpas_pasn_build_auth_3()
670 		       pasn->hash, mic_len * 2, data, data_len, mic);  in wpas_pasn_build_auth_3()
672 		wpa_printf(MSG_DEBUG, "PASN: frame 3: Failed MIC calculation");  in wpas_pasn_build_auth_3()
677 	if (pasn->corrupt_mic) {  in wpas_pasn_build_auth_3()
678 		wpa_printf(MSG_DEBUG, "PASN: frame 3: Corrupt MIC");  in wpas_pasn_build_auth_3()
679 		mic[0] = ~mic[0];  in wpas_pasn_build_auth_3()
683 	os_memcpy(ptr, mic, mic_len);  in wpas_pasn_build_auth_3()
685 	pasn->trans_seq++;  in wpas_pasn_build_auth_3()
690 	pasn->status = WLAN_STATUS_UNSPECIFIED_FAILURE;  in wpas_pasn_build_auth_3()
701 	crypto_ecdh_deinit(pasn->ecdh);  in wpa_pasn_reset()
702 	pasn->ecdh = NULL;  in wpa_pasn_reset()
705 	pasn->akmp = 0;  in wpa_pasn_reset()
706 	pasn->cipher = 0;  in wpa_pasn_reset()
707 	pasn->group = 0;  in wpa_pasn_reset()
708 	pasn->trans_seq = 0;  in wpa_pasn_reset()
709 	pasn->pmk_len = 0;  in wpa_pasn_reset()
710 	pasn->using_pmksa = false;  in wpa_pasn_reset()
712 	forced_memzero(pasn->pmk, sizeof(pasn->pmk));  in wpa_pasn_reset()
713 	forced_memzero(&pasn->ptk, sizeof(pasn->ptk));  in wpa_pasn_reset()
714 	forced_memzero(&pasn->hash, sizeof(pasn->hash));  in wpa_pasn_reset()
716 	wpabuf_free(pasn->beacon_rsne_rsnxe);  in wpa_pasn_reset()
717 	pasn->beacon_rsne_rsnxe = NULL;  in wpa_pasn_reset()
719 	wpabuf_free(pasn->comeback);  in wpa_pasn_reset()
720 	pasn->comeback = NULL;  in wpa_pasn_reset()
721 	pasn->comeback_after = 0;  in wpa_pasn_reset()
724 	sae_clear_data(&pasn->sae);  in wpa_pasn_reset()
725 	if (pasn->pt) {  in wpa_pasn_reset()
726 		sae_deinit_pt(pasn->pt);  in wpa_pasn_reset()
727 		pasn->pt = NULL;  in wpa_pasn_reset()
732 	pasn->fils_eapol = false;  in wpa_pasn_reset()
733 	os_memset(&pasn->fils, 0, sizeof(pasn->fils));  in wpa_pasn_reset()
737 	forced_memzero(pasn->pmk_r1, sizeof(pasn->pmk_r1));  in wpa_pasn_reset()
738 	pasn->pmk_r1_len = 0;  in wpa_pasn_reset()
739 	os_memset(pasn->pmk_r1_name, 0, sizeof(pasn->pmk_r1_name));  in wpa_pasn_reset()
741 	pasn->status = WLAN_STATUS_UNSPECIFIED_FAILURE;  in wpa_pasn_reset()
742 	pasn->pmksa_entry = NULL;  in wpa_pasn_reset()
744 	pasn->corrupt_mic = 0;  in wpa_pasn_reset()
746 	pasn->network_id = 0;  in wpa_pasn_reset()
747 	pasn->derive_kdk = false;  in wpa_pasn_reset()
748 	pasn->rsn_ie = NULL;  in wpa_pasn_reset()
749 	pasn->rsn_ie_len = 0;  in wpa_pasn_reset()
750 	pasn->rsnxe_ie = NULL;  in wpa_pasn_reset()
751 	pasn->custom_pmkid_valid = false;  in wpa_pasn_reset()
753 	if (pasn->extra_ies) {  in wpa_pasn_reset()
754 		os_free((u8 *) pasn->extra_ies);  in wpa_pasn_reset()
755 		pasn->extra_ies = NULL;  in wpa_pasn_reset()
760 static int wpas_pasn_set_pmk(struct pasn_data *pasn,  in wpas_pasn_set_pmk()
767 	os_memset(pasn->pmk, 0, sizeof(pasn->pmk));  in wpas_pasn_set_pmk()
768 	pasn->pmk_len = 0;  in wpas_pasn_set_pmk()
770 	if (pasn->akmp == WPA_KEY_MGMT_PASN) {  in wpas_pasn_set_pmk()
773 		pasn->pmk_len = WPA_PASN_PMK_LEN;  in wpas_pasn_set_pmk()
774 		os_memcpy(pasn->pmk, pasn_default_pmk,  in wpas_pasn_set_pmk()
779 	if (wpa_key_mgmt_ft(pasn->akmp)) {  in wpas_pasn_set_pmk()
781 		wpa_printf(MSG_DEBUG, "PASN: FT: Using PMK-R1");  in wpas_pasn_set_pmk()
782 		pasn->pmk_len = pasn->pmk_r1_len;  in wpas_pasn_set_pmk()
783 		os_memcpy(pasn->pmk, pasn->pmk_r1, pasn->pmk_r1_len);  in wpas_pasn_set_pmk()
784 		pasn->using_pmksa = true;  in wpas_pasn_set_pmk()
788 		return -1;  in wpas_pasn_set_pmk()
792 	if (rsn_data->num_pmkid) {  in wpas_pasn_set_pmk()
793 		int ret;  in wpas_pasn_set_pmk()
797 		if (pasn->custom_pmkid_valid) {  in wpas_pasn_set_pmk()
798 			ret = pasn->validate_custom_pmkid(pasn->cb_ctx,  in wpas_pasn_set_pmk()
799 							  pasn->peer_addr,  in wpas_pasn_set_pmk()
800 							  rsn_data->pmkid);  in wpas_pasn_set_pmk()
804 				return -1;  in wpas_pasn_set_pmk()
807 			pmkid = rsn_data->pmkid;  in wpas_pasn_set_pmk()
810 		pmksa = pmksa_cache_get(pasn->pmksa, pasn->peer_addr,  in wpas_pasn_set_pmk()
811 					pasn->own_addr,  in wpas_pasn_set_pmk()
812 					pmkid, NULL, pasn->akmp);  in wpas_pasn_set_pmk()
816 			pasn->pmk_len = pmksa->pmk_len;  in wpas_pasn_set_pmk()
817 			os_memcpy(pasn->pmk, pmksa->pmk, pmksa->pmk_len);  in wpas_pasn_set_pmk()
818 			pasn->using_pmksa = true;  in wpas_pasn_set_pmk()
825 	if (pasn->akmp == WPA_KEY_MGMT_SAE) {  in wpas_pasn_set_pmk()
826 		int ret;  in wpas_pasn_set_pmk()
832 			pasn->status = WLAN_STATUS_UNSPECIFIED_FAILURE;  in wpas_pasn_set_pmk()
833 			return -1;  in wpas_pasn_set_pmk()
837 		pasn->pmk_len = PMK_LEN;  in wpas_pasn_set_pmk()
838 		os_memcpy(pasn->pmk, pasn->sae.pmk, PMK_LEN);  in wpas_pasn_set_pmk()
840 		pasn->pmksa_entry = pmksa_cache_add(pasn->pmksa, pasn->pmk,  in wpas_pasn_set_pmk()
841 						    pasn->pmk_len,  in wpas_pasn_set_pmk()
842 						    pasn->sae.pmkid,  in wpas_pasn_set_pmk()
843 						    NULL, 0, pasn->peer_addr,  in wpas_pasn_set_pmk()
844 						    pasn->own_addr, NULL,  in wpas_pasn_set_pmk()
845 						    pasn->akmp, 0);  in wpas_pasn_set_pmk()
851 	if (pasn->akmp == WPA_KEY_MGMT_FILS_SHA256 ||  in wpas_pasn_set_pmk()
852 	    pasn->akmp == WPA_KEY_MGMT_FILS_SHA384) {  in wpas_pasn_set_pmk()
853 		int ret;  in wpas_pasn_set_pmk()
859 			pasn->status = WLAN_STATUS_UNSPECIFIED_FAILURE;  in wpas_pasn_set_pmk()
860 			return -1;  in wpas_pasn_set_pmk()
869 	pasn->status = WLAN_STATUS_UNSPECIFIED_FAILURE;  in wpas_pasn_set_pmk()
870 	return -1;  in wpas_pasn_set_pmk()
874 static int wpas_pasn_send_auth_1(struct pasn_data *pasn, const u8 *own_addr,  in wpas_pasn_send_auth_1()
875 				 const u8 *peer_addr, const u8 *bssid, int akmp,  in wpas_pasn_send_auth_1()
876 				 int cipher, u16 group, int freq,  in wpas_pasn_send_auth_1()
882 	int ret;  in wpas_pasn_send_auth_1()
884 	pasn->ecdh = crypto_ecdh_init(group);  in wpas_pasn_send_auth_1()
885 	if (!pasn->ecdh) {  in wpas_pasn_send_auth_1()
891 		pasn->beacon_rsne_rsnxe = wpabuf_alloc(beacon_rsne_len +  in wpas_pasn_send_auth_1()
893 		if (!pasn->beacon_rsne_rsnxe) {  in wpas_pasn_send_auth_1()
899 		wpabuf_put_data(pasn->beacon_rsne_rsnxe, beacon_rsne,  in wpas_pasn_send_auth_1()
902 			wpabuf_put_data(pasn->beacon_rsne_rsnxe, beacon_rsnxe,  in wpas_pasn_send_auth_1()
906 	pasn->akmp = akmp;  in wpas_pasn_send_auth_1()
907 	pasn->cipher = cipher;  in wpas_pasn_send_auth_1()
908 	pasn->group = group;  in wpas_pasn_send_auth_1()
909 	pasn->freq = freq;  in wpas_pasn_send_auth_1()
911 	os_memcpy(pasn->own_addr, own_addr, ETH_ALEN);  in wpas_pasn_send_auth_1()
912 	os_memcpy(pasn->peer_addr, peer_addr, ETH_ALEN);  in wpas_pasn_send_auth_1()
913 	os_memcpy(pasn->bssid, bssid, ETH_ALEN);  in wpas_pasn_send_auth_1()
918 		   MAC2STR(pasn->peer_addr), pasn->akmp, pasn->cipher,  in wpas_pasn_send_auth_1()
919 		   pasn->group);  in wpas_pasn_send_auth_1()
927 	ret = pasn->send_mgmt(pasn->cb_ctx,  in wpas_pasn_send_auth_1()
929 			      pasn->freq, 1000);  in wpas_pasn_send_auth_1()
940 	return -1;  in wpas_pasn_send_auth_1()
944 int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr,  in wpas_pasn_start()
946 		    int akmp, int cipher, u16 group,  in wpas_pasn_start()
947 		    int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,  in wpas_pasn_start()
955 		return -1;  in wpas_pasn_start()
969 			return -1;  in wpas_pasn_start()
972 		pasn->sae.state = SAE_NOTHING;  in wpas_pasn_start()
973 		pasn->sae.send_confirm = 0;  in wpas_pasn_start()
989 		return -1;  in wpas_pasn_start()
1000  * Wi-Fi Aware uses PASN handshake to authenticate peer devices.
1004  * In pairing verification, Wi-Fi aware devices use PASN authentication
1005  * frames with a custom PMKID and Wi-Fi Aware R4 specific verification IEs.
1010 int wpa_pasn_verify(struct pasn_data *pasn, const u8 *own_addr,  in wpa_pasn_verify()
1012 		    int akmp, int cipher, u16 group,  in wpa_pasn_verify()
1013 		    int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,  in wpa_pasn_verify()
1034 	fc = le_to_host16(mgmt->frame_control);  in is_pasn_auth_frame()
1040 	if (!ether_addr_equal(mgmt->bssid, pasn->bssid))  in is_pasn_auth_frame()
1043 	if (rx && (!ether_addr_equal(mgmt->da, pasn->own_addr) ||  in is_pasn_auth_frame()
1044 		   !ether_addr_equal(mgmt->sa, pasn->peer_addr)))  in is_pasn_auth_frame()
1047 	if (!rx && (!ether_addr_equal(mgmt->sa, pasn->own_addr) ||  in is_pasn_auth_frame()
1048 		    !ether_addr_equal(mgmt->da, pasn->peer_addr)))  in is_pasn_auth_frame()
1052 	if (mgmt->u.auth.auth_alg != host_to_le16(WLAN_AUTH_PASN))  in is_pasn_auth_frame()
1059 int wpa_pasn_auth_rx(struct pasn_data *pasn, const u8 *data, size_t len,  in wpa_pasn_auth_rx()
1068 	u8 mic[WPA_PASN_MAX_MIC_LEN], out_mic[WPA_PASN_MAX_MIC_LEN];  in wpa_pasn_auth_rx()  local
1071 	int ret, inc_y;  in wpa_pasn_auth_rx()
1076 		return -2;  in wpa_pasn_auth_rx()
1078 	if (mgmt->u.auth.auth_transaction !=  in wpa_pasn_auth_rx()
1079 	    host_to_le16(pasn->trans_seq + 1)) {  in wpa_pasn_auth_rx()
1082 			   le_to_host16(mgmt->u.auth.auth_transaction),  in wpa_pasn_auth_rx()
1083 			   pasn->trans_seq + 1);  in wpa_pasn_auth_rx()
1084 		return -3;  in wpa_pasn_auth_rx()
1087 	status = le_to_host16(mgmt->u.auth.status_code);  in wpa_pasn_auth_rx()
1092 			   "PASN: Authentication rejected - status=%u", status);  in wpa_pasn_auth_rx()
1096 	if (ieee802_11_parse_elems(mgmt->u.auth.variable,  in wpa_pasn_auth_rx()
1097 				   len - offsetof(struct ieee80211_mgmt,  in wpa_pasn_auth_rx()
1105 	/* Check that the MIC IE exists. Save it and zero out the memory */  in wpa_pasn_auth_rx()
1106 	mic_len = pasn_mic_len(pasn->akmp, pasn->cipher);  in wpa_pasn_auth_rx()
1108 		if (!elems.mic || elems.mic_len != mic_len) {  in wpa_pasn_auth_rx()
1110 				   "PASN: Invalid MIC. Expecting len=%u",  in wpa_pasn_auth_rx()
1114 		os_memcpy(mic, elems.mic, mic_len);  in wpa_pasn_auth_rx()
1128 	ret = wpa_pasn_parse_parameter_ie(elems.pasn_params - 3,  in wpa_pasn_auth_rx()
1141 		if (pasn_params->comeback && pasn_params->comeback_len) {  in wpa_pasn_auth_rx()
1144 				   pasn_params->after);  in wpa_pasn_auth_rx()
1146 			if (!pasn_params->after)  in wpa_pasn_auth_rx()
1149 			pasn->comeback = wpabuf_alloc_copy(  in wpa_pasn_auth_rx()
1150 				pasn_params->comeback,  in wpa_pasn_auth_rx()
1151 				pasn_params->comeback_len);  in wpa_pasn_auth_rx()
1152 			if (pasn->comeback)  in wpa_pasn_auth_rx()
1153 				pasn->comeback_after = pasn_params->after;  in wpa_pasn_auth_rx()
1156 		pasn->status = status;  in wpa_pasn_auth_rx()
1165 	ret = wpa_parse_wpa_ie(elems.rsn_ie - 2, elems.rsn_ie_len + 2,  in wpa_pasn_auth_rx()
1178 	if (pasn->akmp != rsn_data.key_mgmt ||  in wpa_pasn_auth_rx()
1179 	    pasn->cipher != rsn_data.pairwise_cipher) {  in wpa_pasn_auth_rx()
1184 	if (pasn->group != pasn_params->group) {  in wpa_pasn_auth_rx()
1189 	if (!pasn_params->pubkey || !pasn_params->pubkey_len) {  in wpa_pasn_auth_rx()
1194 	if (pasn_params->pubkey[0] == WPA_PASN_PUBKEY_UNCOMPRESSED) {  in wpa_pasn_auth_rx()
1196 	} else if (pasn_params->pubkey[0] == WPA_PASN_PUBKEY_COMPRESSED_0 ||  in wpa_pasn_auth_rx()
1197 		   pasn_params->pubkey[0] == WPA_PASN_PUBKEY_COMPRESSED_1) {  in wpa_pasn_auth_rx()
1202 			   pasn_params->pubkey[0]);  in wpa_pasn_auth_rx()
1206 	secret = crypto_ecdh_set_peerkey(pasn->ecdh, inc_y,  in wpa_pasn_auth_rx()
1207 					 pasn_params->pubkey + 1,  in wpa_pasn_auth_rx()
1208 					 pasn_params->pubkey_len - 1);  in wpa_pasn_auth_rx()
1215 	if (pasn_params->wrapped_data_format != WPA_PASN_WRAPPED_DATA_NO) {  in wpa_pasn_auth_rx()
1232 	ret = pasn_pmk_to_ptk(pasn->pmk, pasn->pmk_len,  in wpa_pasn_auth_rx()
1233 			      pasn->own_addr, pasn->peer_addr,  in wpa_pasn_auth_rx()
1235 			      &pasn->ptk, pasn->akmp, pasn->cipher,  in wpa_pasn_auth_rx()
1236 			      pasn->kdk_len);  in wpa_pasn_auth_rx()
1242 	if (pasn->secure_ltf) {  in wpa_pasn_auth_rx()
1243 		ret = wpa_ltf_keyseed(&pasn->ptk, pasn->akmp, pasn->cipher);  in wpa_pasn_auth_rx()
1256 	/* Use a copy of the message since we need to clear the MIC field */  in wpa_pasn_auth_rx()
1257 	if (!elems.mic)  in wpa_pasn_auth_rx()
1259 	mic_offset = elems.mic - (const u8 *) &mgmt->u.auth;  in wpa_pasn_auth_rx()
1260 	copy_len = len - offsetof(struct ieee80211_mgmt, u.auth);  in wpa_pasn_auth_rx()
1263 	copy = os_memdup(&mgmt->u.auth, copy_len);  in wpa_pasn_auth_rx()
1268 	if (pasn->beacon_rsne_rsnxe) {  in wpa_pasn_auth_rx()
1269 		/* Verify the MIC */  in wpa_pasn_auth_rx()
1270 		ret = pasn_mic(pasn->ptk.kck, pasn->akmp, pasn->cipher,  in wpa_pasn_auth_rx()
1271 			       pasn->peer_addr, pasn->own_addr,  in wpa_pasn_auth_rx()
1272 			       wpabuf_head(pasn->beacon_rsne_rsnxe),  in wpa_pasn_auth_rx()
1273 			       wpabuf_len(pasn->beacon_rsne_rsnxe),  in wpa_pasn_auth_rx()
1281 		 * that this is for Wi-Fi Aware using PASN handshake for which  in wpa_pasn_auth_rx()
1295 			os_memcpy(rsne_rsnxe, elems.rsn_ie - 2,  in wpa_pasn_auth_rx()
1299 				  elems.rsnxe - 2, elems.rsnxe_len + 2);  in wpa_pasn_auth_rx()
1304 		/* Verify the MIC */  in wpa_pasn_auth_rx()
1305 		ret = pasn_mic(pasn->ptk.kck, pasn->akmp, pasn->cipher,  in wpa_pasn_auth_rx()
1306 			       pasn->peer_addr, pasn->own_addr,  in wpa_pasn_auth_rx()
1316 	wpa_hexdump_key(MSG_DEBUG, "PASN: Frame MIC", mic, mic_len);  in wpa_pasn_auth_rx()
1317 	if (ret || os_memcmp(mic, out_mic, mic_len) != 0) {  in wpa_pasn_auth_rx()
1318 		wpa_printf(MSG_DEBUG, "PASN: Failed MIC verification");  in wpa_pasn_auth_rx()
1322 	pasn->trans_seq++;  in wpa_pasn_auth_rx()
1332 	ret = pasn->send_mgmt(pasn->cb_ctx,  in wpa_pasn_auth_rx()
1334 			      pasn->freq, 100);  in wpa_pasn_auth_rx()
1343 	pasn->status = WLAN_STATUS_SUCCESS;  in wpa_pasn_auth_rx()
1347 	wpa_printf(MSG_DEBUG, "PASN: Failed RX processing - terminating");  in wpa_pasn_auth_rx()
1358 		pasn->status = WLAN_STATUS_UNSPECIFIED_FAILURE;  in wpa_pasn_auth_rx()
1360 		pasn->status = status;  in wpa_pasn_auth_rx()
1362 	return -1;  in wpa_pasn_auth_rx()
1366 int wpa_pasn_auth_tx_status(struct pasn_data *pasn,  in wpa_pasn_auth_tx_status()
1376 		return -1;  in wpa_pasn_auth_tx_status()
1378 	if (mgmt->u.auth.auth_transaction != host_to_le16(pasn->trans_seq)) {  in wpa_pasn_auth_tx_status()
1381 			   pasn->trans_seq,  in wpa_pasn_auth_tx_status()
1382 			   le_to_host16(mgmt->u.auth.auth_transaction));  in wpa_pasn_auth_tx_status()
1387 		   "PASN: auth with trans_seq=%u, acked=%u", pasn->trans_seq,  in wpa_pasn_auth_tx_status()
1395 	if (pasn->trans_seq == 3) {  in wpa_pasn_auth_tx_status()
1397 			   MAC2STR(pasn->peer_addr));  in wpa_pasn_auth_tx_status()