Lines Matching +full:m3 +full:- +full:dump
2 * WPA Supplicant - WPA state machine and EAPOL-Key processing
3 * Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi>
80 * wpa_eapol_key_send - Send WPA/RSN EAPOL-Key message
86 * @msg: EAPOL-Key message
88 * @key_mic: Pointer to the buffer to which the EAPOL-Key MIC is written
95 int ret = -1; in wpa_eapol_key_send()
96 size_t mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); in wpa_eapol_key_send()
98 wpa_printf(MSG_DEBUG, "WPA: Send EAPOL-Key frame to " MACSTR in wpa_eapol_key_send()
100 MAC2STR(dest), ver, (int) mic_len, sm->key_mgmt); in wpa_eapol_key_send()
101 if (is_zero_ether_addr(dest) && is_zero_ether_addr(sm->bssid)) { in wpa_eapol_key_send()
106 if (wpa_sm_get_bssid(sm, sm->bssid) < 0) { in wpa_eapol_key_send()
107 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_eapol_key_send()
109 "EAPOL-Key destination address"); in wpa_eapol_key_send()
111 dest = sm->bssid; in wpa_eapol_key_send()
112 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_eapol_key_send()
114 ") as the destination for EAPOL-Key", in wpa_eapol_key_send()
120 if (key_mic && (!ptk || !ptk->kck_len)) in wpa_eapol_key_send()
124 wpa_eapol_key_mic(ptk->kck, ptk->kck_len, sm->key_mgmt, ver, in wpa_eapol_key_send()
126 wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, in wpa_eapol_key_send()
127 "WPA: Failed to generate EAPOL-Key version %d key_mgmt 0x%x MIC", in wpa_eapol_key_send()
128 ver, sm->key_mgmt); in wpa_eapol_key_send()
133 ptk->kck, ptk->kck_len); in wpa_eapol_key_send()
138 /* AEAD cipher - Key MIC field not used */ in wpa_eapol_key_send()
148 if (!ptk || !ptk->kek_len) in wpa_eapol_key_send()
151 key_data_len = msg_len - sizeof(struct ieee802_1x_hdr) - in wpa_eapol_key_send()
152 sizeof(struct wpa_eapol_key) - 2; in wpa_eapol_key_send()
163 /* Update EAPOL header to include AES-SIV overhead */ in wpa_eapol_key_send()
164 eapol_len = be_to_host16(hdr->length); in wpa_eapol_key_send()
166 hdr->length = host_to_be16(eapol_len); in wpa_eapol_key_send()
168 /* Update Key Data Length field to include AES-SIV overhead */ in wpa_eapol_key_send()
178 wpa_hexdump_key(MSG_DEBUG, "WPA: KEK", ptk->kek, ptk->kek_len); in wpa_eapol_key_send()
179 /* AES-SIV AAD from EAPOL protocol version field (inclusive) to in wpa_eapol_key_send()
182 aad_len[0] = key_data - buf; in wpa_eapol_key_send()
183 if (aes_siv_encrypt(ptk->kek, ptk->kek_len, in wpa_eapol_key_send()
201 wpa_hexdump(MSG_MSGDUMP, "WPA: TX EAPOL-Key", msg, msg_len); in wpa_eapol_key_send()
203 eapol_sm_notify_tx_eapol_key(sm->eapol); in wpa_eapol_key_send()
211 * wpa_sm_key_request - Send EAPOL-Key Request
216 * Send an EAPOL-Key Request to the current authenticator. This function is
227 if (pairwise && sm->wpa_deny_ptk0_rekey && !sm->use_ext_key_id && in wpa_sm_key_request()
229 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_key_request()
235 if (!sm->ptk_set) { in wpa_sm_key_request()
237 "WPA: No PTK derived yet - cannot send EAPOL-Key Request"); in wpa_sm_key_request()
241 if (wpa_use_akm_defined(sm->key_mgmt)) in wpa_sm_key_request()
243 else if (wpa_key_mgmt_ft(sm->key_mgmt) || in wpa_sm_key_request()
244 wpa_key_mgmt_sha256(sm->key_mgmt)) in wpa_sm_key_request()
246 else if (sm->pairwise_cipher != WPA_CIPHER_TKIP) in wpa_sm_key_request()
251 mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); in wpa_sm_key_request()
258 reply->type = (sm->proto == WPA_PROTO_RSN || in wpa_sm_key_request()
259 sm->proto == WPA_PROTO_OSEN) ? in wpa_sm_key_request()
271 WPA_PUT_BE16(reply->key_info, key_info); in wpa_sm_key_request()
272 WPA_PUT_BE16(reply->key_length, 0); in wpa_sm_key_request()
273 os_memcpy(reply->replay_counter, sm->request_counter, in wpa_sm_key_request()
275 inc_byte_array(sm->request_counter, WPA_REPLAY_COUNTER_LEN); in wpa_sm_key_request()
284 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_key_request()
285 "WPA: Sending EAPOL-Key Request (error=%d " in wpa_sm_key_request()
287 error, pairwise, sm->ptk_set, (unsigned long) rlen); in wpa_sm_key_request()
288 wpa_eapol_key_send(sm, &sm->ptk, ver, wpa_sm_get_auth_addr(sm), in wpa_sm_key_request()
296 if (sm->key_mgmt == WPA_KEY_MGMT_FT_IEEE8021X) { in wpa_supplicant_key_mgmt_set_pmk()
297 if (wpa_sm_key_mgmt_set_pmk(sm, sm->xxkey, sm->xxkey_len)) in wpa_supplicant_key_mgmt_set_pmk()
298 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_key_mgmt_set_pmk()
302 if (wpa_sm_key_mgmt_set_pmk(sm, sm->pmk, sm->pmk_len)) in wpa_supplicant_key_mgmt_set_pmk()
303 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_key_mgmt_set_pmk()
317 if (pmkid && !sm->cur_pmksa) { in wpa_supplicant_get_pmk()
322 sm->cur_pmksa = pmksa_cache_get(sm->pmksa, src_addr, in wpa_supplicant_get_pmk()
323 sm->own_addr, pmkid, in wpa_supplicant_get_pmk()
325 if (sm->cur_pmksa) { in wpa_supplicant_get_pmk()
326 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_get_pmk()
329 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_get_pmk()
335 if (pmkid && sm->cur_pmksa && in wpa_supplicant_get_pmk()
336 os_memcmp_const(pmkid, sm->cur_pmksa->pmkid, PMKID_LEN) == 0) { in wpa_supplicant_get_pmk()
340 sm->pmk, sm->pmk_len); in wpa_supplicant_get_pmk()
341 eapol_sm_notify_cached(sm->eapol); in wpa_supplicant_get_pmk()
343 sm->xxkey_len = 0; in wpa_supplicant_get_pmk()
345 if ((sm->key_mgmt == WPA_KEY_MGMT_FT_SAE || in wpa_supplicant_get_pmk()
346 sm->key_mgmt == WPA_KEY_MGMT_FT_SAE_EXT_KEY) && in wpa_supplicant_get_pmk()
347 sm->pmk_len == PMK_LEN) { in wpa_supplicant_get_pmk()
353 os_memcpy(sm->xxkey, sm->pmk, sm->pmk_len); in wpa_supplicant_get_pmk()
354 sm->xxkey_len = sm->pmk_len; in wpa_supplicant_get_pmk()
358 } else if (wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt) && sm->eapol) { in wpa_supplicant_get_pmk()
364 if (wpa_key_mgmt_sha384(sm->key_mgmt)) in wpa_supplicant_get_pmk()
368 res = eapol_sm_get_key(sm->eapol, sm->pmk, pmk_len); in wpa_supplicant_get_pmk()
372 * EAP-LEAP is an exception from other EAP in wpa_supplicant_get_pmk()
373 * methods: it uses only 16-byte PMK. in wpa_supplicant_get_pmk()
375 res = eapol_sm_get_key(sm->eapol, sm->pmk, 16); in wpa_supplicant_get_pmk()
381 eapol_sm_get_key(sm->eapol, buf, 2 * PMK_LEN) == 0) { in wpa_supplicant_get_pmk()
382 if (wpa_key_mgmt_sha384(sm->key_mgmt)) { in wpa_supplicant_get_pmk()
383 os_memcpy(sm->xxkey, buf, SHA384_MAC_LEN); in wpa_supplicant_get_pmk()
384 sm->xxkey_len = SHA384_MAC_LEN; in wpa_supplicant_get_pmk()
386 os_memcpy(sm->xxkey, buf + PMK_LEN, PMK_LEN); in wpa_supplicant_get_pmk()
387 sm->xxkey_len = PMK_LEN; in wpa_supplicant_get_pmk()
390 if (sm->proto == WPA_PROTO_RSN && in wpa_supplicant_get_pmk()
391 wpa_key_mgmt_ft(sm->key_mgmt)) { in wpa_supplicant_get_pmk()
396 if (sm->fils_cache_id_set) in wpa_supplicant_get_pmk()
397 fils_cache_id = sm->fils_cache_id; in wpa_supplicant_get_pmk()
401 sm->xxkey, sm->xxkey_len); in wpa_supplicant_get_pmk()
402 sa = pmksa_cache_add(sm->pmksa, in wpa_supplicant_get_pmk()
403 sm->xxkey, sm->xxkey_len, in wpa_supplicant_get_pmk()
405 src_addr, sm->own_addr, in wpa_supplicant_get_pmk()
406 sm->network_ctx, in wpa_supplicant_get_pmk()
407 sm->key_mgmt, in wpa_supplicant_get_pmk()
409 if (!sm->cur_pmksa) in wpa_supplicant_get_pmk()
410 sm->cur_pmksa = sa; in wpa_supplicant_get_pmk()
419 if (sm->fils_cache_id_set) in wpa_supplicant_get_pmk()
420 fils_cache_id = sm->fils_cache_id; in wpa_supplicant_get_pmk()
424 "machines", sm->pmk, pmk_len); in wpa_supplicant_get_pmk()
425 sm->pmk_len = pmk_len; in wpa_supplicant_get_pmk()
427 if (sm->proto == WPA_PROTO_RSN && in wpa_supplicant_get_pmk()
428 !wpa_key_mgmt_suite_b(sm->key_mgmt) && in wpa_supplicant_get_pmk()
429 !wpa_key_mgmt_ft(sm->key_mgmt)) { in wpa_supplicant_get_pmk()
430 sa = pmksa_cache_add(sm->pmksa, in wpa_supplicant_get_pmk()
431 sm->pmk, pmk_len, NULL, in wpa_supplicant_get_pmk()
433 src_addr, sm->own_addr, in wpa_supplicant_get_pmk()
434 sm->network_ctx, in wpa_supplicant_get_pmk()
435 sm->key_mgmt, in wpa_supplicant_get_pmk()
438 if (!sm->cur_pmksa && pmkid && in wpa_supplicant_get_pmk()
439 pmksa_cache_get(sm->pmksa, src_addr, sm->own_addr, in wpa_supplicant_get_pmk()
441 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_get_pmk()
445 } else if (sa && !sm->cur_pmksa && pmkid) { in wpa_supplicant_get_pmk()
453 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_get_pmk()
454 "RSN: PMKID mismatch - authentication server may have derived different MSK?!"); in wpa_supplicant_get_pmk()
455 return -1; in wpa_supplicant_get_pmk()
458 if (!sm->cur_pmksa) in wpa_supplicant_get_pmk()
459 sm->cur_pmksa = sa; in wpa_supplicant_get_pmk()
461 } else if (wpa_key_mgmt_ft(sm->key_mgmt) && sm->ft_protocol) { in wpa_supplicant_get_pmk()
463 "FT: Continue 4-way handshake without PMK/PMKID for association using FT protocol"); in wpa_supplicant_get_pmk()
466 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_get_pmk()
468 "EAPOL state machines - key handshake " in wpa_supplicant_get_pmk()
470 if (sm->cur_pmksa) { in wpa_supplicant_get_pmk()
471 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_get_pmk()
474 sm->cur_pmksa = NULL; in wpa_supplicant_get_pmk()
477 return -1; in wpa_supplicant_get_pmk()
482 if (abort_cached && wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt) && in wpa_supplicant_get_pmk()
483 !wpa_key_mgmt_suite_b(sm->key_mgmt) && in wpa_supplicant_get_pmk()
484 !wpa_key_mgmt_ft(sm->key_mgmt) && sm->key_mgmt != WPA_KEY_MGMT_OSEN) in wpa_supplicant_get_pmk()
486 /* Send EAPOL-Start to trigger full EAP authentication. */ in wpa_supplicant_get_pmk()
490 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_get_pmk()
491 "RSN: no PMKSA entry found - trigger " in wpa_supplicant_get_pmk()
498 eapol_sm_notify_eap_fail(sm->eapol, true); in wpa_supplicant_get_pmk()
499 eapol_sm_notify_eap_fail(sm->eapol, false); in wpa_supplicant_get_pmk()
500 wpa_sm_ether_send(sm, sm->bssid, ETH_P_EAPOL, in wpa_supplicant_get_pmk()
503 return -2; in wpa_supplicant_get_pmk()
506 return -1; in wpa_supplicant_get_pmk()
514 * wpa_supplicant_send_2_of_4 - Send message 2 of WPA/RSN 4-Way Handshake
517 * @key: Pointer to the EAPOL-Key frame header
518 * @ver: Version bits from EAPOL-Key Key Info
519 * @nonce: Nonce value for the EAPOL-Key frame
541 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: No wpa_ie set - " in wpa_supplicant_send_2_of_4()
543 return -1; in wpa_supplicant_send_2_of_4()
547 if (wpa_key_mgmt_ft(sm->key_mgmt)) { in wpa_supplicant_send_2_of_4()
553 * Add PMKR1Name into RSN IE (PMKID-List) and add MDIE and in wpa_supplicant_send_2_of_4()
557 sm->assoc_resp_ies_len); in wpa_supplicant_send_2_of_4()
559 return -1; in wpa_supplicant_send_2_of_4()
562 sm->pmk_r1_name, !sm->ft_prepend_pmkid); in wpa_supplicant_send_2_of_4()
565 return -1; in wpa_supplicant_send_2_of_4()
571 if (sm->assoc_resp_ies) { in wpa_supplicant_send_2_of_4()
573 sm->assoc_resp_ies, in wpa_supplicant_send_2_of_4()
574 sm->assoc_resp_ies_len); in wpa_supplicant_send_2_of_4()
575 os_memcpy(rsn_ie_buf + wpa_ie_len, sm->assoc_resp_ies, in wpa_supplicant_send_2_of_4()
576 sm->assoc_resp_ies_len); in wpa_supplicant_send_2_of_4()
577 wpa_ie_len += sm->assoc_resp_ies_len; in wpa_supplicant_send_2_of_4()
587 if (sm->test_eapol_m2_elems) in wpa_supplicant_send_2_of_4()
588 extra_len = wpabuf_len(sm->test_eapol_m2_elems); in wpa_supplicant_send_2_of_4()
589 if (sm->encrypt_eapol_m2) { in wpa_supplicant_send_2_of_4()
592 pad_len = 8 - pad_len; in wpa_supplicant_send_2_of_4()
597 mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); in wpa_supplicant_send_2_of_4()
604 return -1; in wpa_supplicant_send_2_of_4()
607 reply->type = (sm->proto == WPA_PROTO_RSN || in wpa_supplicant_send_2_of_4()
608 sm->proto == WPA_PROTO_OSEN) ? in wpa_supplicant_send_2_of_4()
611 if (sm->ptk_set && sm->proto != WPA_PROTO_WPA) in wpa_supplicant_send_2_of_4()
618 if (sm->encrypt_eapol_m2) in wpa_supplicant_send_2_of_4()
621 WPA_PUT_BE16(reply->key_info, key_info); in wpa_supplicant_send_2_of_4()
622 if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) in wpa_supplicant_send_2_of_4()
623 WPA_PUT_BE16(reply->key_length, 0); in wpa_supplicant_send_2_of_4()
625 os_memcpy(reply->key_length, key->key_length, 2); in wpa_supplicant_send_2_of_4()
626 os_memcpy(reply->replay_counter, key->replay_counter, in wpa_supplicant_send_2_of_4()
628 wpa_hexdump(MSG_DEBUG, "WPA: Replay Counter", reply->replay_counter, in wpa_supplicant_send_2_of_4()
637 if (sm->test_eapol_m2_elems) { in wpa_supplicant_send_2_of_4()
639 wpabuf_head(sm->test_eapol_m2_elems), in wpa_supplicant_send_2_of_4()
640 wpabuf_len(sm->test_eapol_m2_elems)); in wpa_supplicant_send_2_of_4()
643 if (sm->encrypt_eapol_m2) { in wpa_supplicant_send_2_of_4()
647 if (sm->test_eapol_m2_elems) in wpa_supplicant_send_2_of_4()
648 extra_len = wpabuf_len(sm->test_eapol_m2_elems); in wpa_supplicant_send_2_of_4()
655 return -1; in wpa_supplicant_send_2_of_4()
658 plain[plain_len - pad_len] = 0xdd; in wpa_supplicant_send_2_of_4()
660 wpa_hexdump_key(MSG_DEBUG, "RSN: AES-WRAP using KEK", in wpa_supplicant_send_2_of_4()
661 ptk->kek, ptk->kek_len); in wpa_supplicant_send_2_of_4()
662 if (aes_wrap(ptk->kek, ptk->kek_len, plain_len / 8, plain, in wpa_supplicant_send_2_of_4()
666 return -1; in wpa_supplicant_send_2_of_4()
669 "RSN: Encrypted Key Data from AES-WRAP", in wpa_supplicant_send_2_of_4()
675 os_memcpy(reply->key_nonce, nonce, WPA_NONCE_LEN); in wpa_supplicant_send_2_of_4()
677 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Sending EAPOL-Key 2/4"); in wpa_supplicant_send_2_of_4()
692 if (wpa_key_mgmt_ft(sm->key_mgmt)) in wpa_derive_ptk()
697 if (sm->key_mgmt == WPA_KEY_MGMT_DPP && sm->dpp_z) { in wpa_derive_ptk()
698 z = wpabuf_head(sm->dpp_z); in wpa_derive_ptk()
699 z_len = wpabuf_len(sm->dpp_z); in wpa_derive_ptk()
703 akmp = sm->key_mgmt; in wpa_derive_ptk()
705 if (sm->owe_ptk_workaround && akmp == WPA_KEY_MGMT_OWE && in wpa_derive_ptk()
706 sm->pmk_len > 32) { in wpa_derive_ptk()
713 if (sm->force_kdk_derivation || in wpa_derive_ptk()
714 (sm->secure_ltf && in wpa_derive_ptk()
715 ieee802_11_rsnx_capab(sm->ap_rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF))) in wpa_derive_ptk()
720 ret = wpa_pmk_to_ptk(sm->pmk, sm->pmk_len, "Pairwise key expansion", in wpa_derive_ptk()
721 sm->own_addr, wpa_sm_get_auth_addr(sm), sm->snonce, in wpa_derive_ptk()
722 key->key_nonce, ptk, akmp, in wpa_derive_ptk()
723 sm->pairwise_cipher, z, z_len, in wpa_derive_ptk()
731 if (sm->secure_ltf && in wpa_derive_ptk()
732 ieee802_11_rsnx_capab(sm->ap_rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF)) in wpa_derive_ptk()
733 ret = wpa_ltf_keyseed(ptk, akmp, sm->pairwise_cipher); in wpa_derive_ptk()
743 if (sm->ext_key_id) { in wpa_handle_ext_key_id()
746 if (!kde->key_id) { in wpa_handle_ext_key_id()
747 wpa_msg(sm->ctx->msg_ctx, in wpa_handle_ext_key_id()
748 sm->use_ext_key_id ? MSG_INFO : MSG_DEBUG, in wpa_handle_ext_key_id()
750 sm->keyidx_active = 0; in wpa_handle_ext_key_id()
751 return sm->use_ext_key_id ? -1 : 0; in wpa_handle_ext_key_id()
754 key_id = kde->key_id[0] & 0x03; in wpa_handle_ext_key_id()
756 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_handle_ext_key_id()
758 return -1; in wpa_handle_ext_key_id()
760 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_handle_ext_key_id()
762 sm->keyidx_active = key_id; in wpa_handle_ext_key_id()
763 sm->use_ext_key_id = 1; in wpa_handle_ext_key_id()
765 if (kde->key_id && (kde->key_id[0] & 0x03)) { in wpa_handle_ext_key_id()
766 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_handle_ext_key_id()
767 "RSN: Non-zero Extended Key ID Key ID in PTK0 handshake"); in wpa_handle_ext_key_id()
768 return -1; in wpa_handle_ext_key_id()
771 if (kde->key_id) { in wpa_handle_ext_key_id()
774 wpa_msg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_handle_ext_key_id()
777 sm->keyidx_active = 0; in wpa_handle_ext_key_id()
778 sm->use_ext_key_id = 0; in wpa_handle_ext_key_id()
803 for_each_link(sm->mlo.req_links, i) { in wpa_mlo_link_kde_len()
804 if (sm->mlo.assoc_link_id != i) in wpa_mlo_link_kde_len()
817 for_each_link(sm->mlo.req_links, i) { in wpa_mlo_link_kde()
818 if (sm->mlo.assoc_link_id == i) in wpa_mlo_link_kde()
822 "MLO: Add MLO Link %d KDE in EAPOL-Key 2/4", i); in wpa_mlo_link_kde()
824 os_memcpy(&hdr[1], sm->mlo.links[i].addr, ETH_ALEN); in wpa_mlo_link_kde()
835 ether_addr_equal(mac_kde, sm->mlo.ap_mld_addr); in is_valid_ap_mld_mac_kde()
844 os_memcpy(buf, &ptk->tk[16], 8); in wpas_swap_tkip_mic_keys()
845 os_memcpy(&ptk->tk[16], &ptk->tk[24], 8); in wpas_swap_tkip_mic_keys()
846 os_memcpy(&ptk->tk[24], buf, 8); in wpas_swap_tkip_mic_keys()
863 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_4_wpa()
868 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_process_1_of_4_wpa()
869 "WPA: RX message 1 of 4-Way Handshake from " MACSTR in wpa_supplicant_process_1_of_4_wpa()
875 if (res == -2) { in wpa_supplicant_process_1_of_4_wpa()
876 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_process_1_of_4_wpa()
877 "WPA: Do not reply to msg 1/4 - requesting full EAP authentication"); in wpa_supplicant_process_1_of_4_wpa()
885 if (sm->renew_snonce) { in wpa_supplicant_process_1_of_4_wpa()
886 if (random_get_bytes(sm->snonce, WPA_NONCE_LEN)) { in wpa_supplicant_process_1_of_4_wpa()
887 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_4_wpa()
891 sm->renew_snonce = 0; in wpa_supplicant_process_1_of_4_wpa()
893 sm->snonce, WPA_NONCE_LEN); in wpa_supplicant_process_1_of_4_wpa()
898 ptk = &sm->tptk; in wpa_supplicant_process_1_of_4_wpa()
901 if (sm->pairwise_cipher == WPA_CIPHER_TKIP) in wpa_supplicant_process_1_of_4_wpa()
903 sm->tptk_set = 1; in wpa_supplicant_process_1_of_4_wpa()
906 sm->snonce, sm->assoc_wpa_ie, in wpa_supplicant_process_1_of_4_wpa()
907 sm->assoc_wpa_ie_len, ptk) < 0) in wpa_supplicant_process_1_of_4_wpa()
910 os_memcpy(sm->anonce, key->key_nonce, WPA_NONCE_LEN); in wpa_supplicant_process_1_of_4_wpa()
932 if (encrypted == FRAME_NOT_ENCRYPTED && sm->tk_set && in wpa_supplicant_process_1_of_4()
935 "RSN: Discard unencrypted EAPOL-Key msg 1/4 when TK is set and PMF is enabled"); in wpa_supplicant_process_1_of_4()
940 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: No SSID info " in wpa_supplicant_process_1_of_4()
945 if (sm->wpa_deny_ptk0_rekey && !sm->use_ext_key_id && in wpa_supplicant_process_1_of_4()
947 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_4()
953 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: RX message 1 of 4-Way " in wpa_supplicant_process_1_of_4()
962 "RSN: Discard EAPOL-Key msg 1/4 with invalid IEs/KDEs"); in wpa_supplicant_process_1_of_4()
970 if (sm->mlo.valid_links && !is_valid_ap_mld_mac_kde(sm, ie.mac_addr)) { in wpa_supplicant_process_1_of_4()
972 "RSN: Discard EAPOL-Key msg 1/4 with invalid AP MLD MAC address KDE"); in wpa_supplicant_process_1_of_4()
977 if (res == -2) { in wpa_supplicant_process_1_of_4()
978 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "RSN: Do not reply to " in wpa_supplicant_process_1_of_4()
979 "msg 1/4 - requesting full EAP authentication"); in wpa_supplicant_process_1_of_4()
987 if (sm->renew_snonce) { in wpa_supplicant_process_1_of_4()
988 if (random_get_bytes(sm->snonce, WPA_NONCE_LEN)) { in wpa_supplicant_process_1_of_4()
989 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_4()
993 sm->renew_snonce = 0; in wpa_supplicant_process_1_of_4()
995 sm->snonce, WPA_NONCE_LEN); in wpa_supplicant_process_1_of_4()
1000 ptk = &sm->tptk; in wpa_supplicant_process_1_of_4()
1003 if (sm->pairwise_cipher == WPA_CIPHER_TKIP) in wpa_supplicant_process_1_of_4()
1005 sm->tptk_set = 1; in wpa_supplicant_process_1_of_4()
1008 if (sm->mlo.valid_links) in wpa_supplicant_process_1_of_4()
1012 kde = sm->assoc_wpa_ie; in wpa_supplicant_process_1_of_4()
1013 kde_len = sm->assoc_wpa_ie_len; in wpa_supplicant_process_1_of_4()
1016 sm->assoc_rsnxe_len + in wpa_supplicant_process_1_of_4()
1033 "Failed to get channel info for OCI element in EAPOL-Key 2/4"); in wpa_supplicant_process_1_of_4()
1037 if (sm->oci_freq_override_eapol) { in wpa_supplicant_process_1_of_4()
1039 "TEST: Override OCI KDE frequency %d -> %d MHz", in wpa_supplicant_process_1_of_4()
1040 ci.frequency, sm->oci_freq_override_eapol); in wpa_supplicant_process_1_of_4()
1041 ci.frequency = sm->oci_freq_override_eapol; in wpa_supplicant_process_1_of_4()
1047 kde_len = pos - kde; in wpa_supplicant_process_1_of_4()
1051 if (sm->assoc_rsnxe && sm->assoc_rsnxe_len) { in wpa_supplicant_process_1_of_4()
1052 os_memcpy(kde + kde_len, sm->assoc_rsnxe, sm->assoc_rsnxe_len); in wpa_supplicant_process_1_of_4()
1053 kde_len += sm->assoc_rsnxe_len; in wpa_supplicant_process_1_of_4()
1057 if (sm->p2p) { in wpa_supplicant_process_1_of_4()
1061 "P2P: Add IP Address Request KDE into EAPOL-Key 2/4"); in wpa_supplicant_process_1_of_4()
1068 kde_len = pos - kde; in wpa_supplicant_process_1_of_4()
1073 if (DPP_VERSION > 1 && sm->key_mgmt == WPA_KEY_MGMT_DPP) { in wpa_supplicant_process_1_of_4()
1076 wpa_printf(MSG_DEBUG, "DPP: Add DPP KDE into EAPOL-Key 2/4"); in wpa_supplicant_process_1_of_4()
1084 if (sm->dpp_pfs == 0) in wpa_supplicant_process_1_of_4()
1086 else if (sm->dpp_pfs == 1) in wpa_supplicant_process_1_of_4()
1089 kde_len = pos - kde; in wpa_supplicant_process_1_of_4()
1093 if (sm->mlo.valid_links) { in wpa_supplicant_process_1_of_4()
1097 wpa_printf(MSG_DEBUG, "MLO: Add MAC KDE into EAPOL-Key 2/4"); in wpa_supplicant_process_1_of_4()
1099 pos = rsn_add_kde(pos, RSN_KEY_DATA_MAC_ADDR, sm->own_addr, in wpa_supplicant_process_1_of_4()
1103 wpa_printf(MSG_DEBUG, "Add MLO Link KDE(s) into EAPOL-Key 2/4"); in wpa_supplicant_process_1_of_4()
1105 kde_len = pos - kde; in wpa_supplicant_process_1_of_4()
1109 sm->snonce, kde, kde_len, ptk) < 0) in wpa_supplicant_process_1_of_4()
1113 os_memcpy(sm->anonce, key->key_nonce, WPA_NONCE_LEN); in wpa_supplicant_process_1_of_4()
1132 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_key_neg_complete()
1135 wpa_cipher_txt(sm->pairwise_cipher), in wpa_supplicant_key_neg_complete()
1136 wpa_cipher_txt(sm->group_cipher)); in wpa_supplicant_key_neg_complete()
1144 eapol_sm_notify_portValid(sm->eapol, true); in wpa_supplicant_key_neg_complete()
1145 if (wpa_key_mgmt_wpa_psk(sm->key_mgmt) || in wpa_supplicant_key_neg_complete()
1146 sm->key_mgmt == WPA_KEY_MGMT_DPP || in wpa_supplicant_key_neg_complete()
1147 sm->key_mgmt == WPA_KEY_MGMT_OWE) in wpa_supplicant_key_neg_complete()
1148 eapol_sm_notify_eap_success(sm->eapol, true); in wpa_supplicant_key_neg_complete()
1152 * configuration after the 4-Way Handshake. This increases the in wpa_supplicant_key_neg_complete()
1153 * likelihood of the first preauth EAPOL-Start frame getting to in wpa_supplicant_key_neg_complete()
1156 if (!dl_list_empty(&sm->pmksa_candidates)) in wpa_supplicant_key_neg_complete()
1161 if (sm->cur_pmksa && sm->cur_pmksa->opportunistic) { in wpa_supplicant_key_neg_complete()
1162 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_key_neg_complete()
1164 "opportunistic PMKSA entry - marking it valid"); in wpa_supplicant_key_neg_complete()
1165 sm->cur_pmksa->opportunistic = 0; in wpa_supplicant_key_neg_complete()
1169 if (wpa_key_mgmt_ft(sm->key_mgmt)) { in wpa_supplicant_key_neg_complete()
1180 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Request PTK rekeying"); in wpa_sm_rekey_ptk()
1193 if (sm->ptk.installed) { in wpa_supplicant_install_ptk()
1194 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_ptk()
1195 "WPA: Do not re-install same PTK to the driver"); in wpa_supplicant_install_ptk()
1199 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_ptk()
1202 if (sm->pairwise_cipher == WPA_CIPHER_NONE) { in wpa_supplicant_install_ptk()
1203 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Pairwise Cipher " in wpa_supplicant_install_ptk()
1204 "Suite: NONE - do not use pairwise keys"); in wpa_supplicant_install_ptk()
1208 if (!wpa_cipher_valid_pairwise(sm->pairwise_cipher)) { in wpa_supplicant_install_ptk()
1209 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_ptk()
1211 sm->pairwise_cipher); in wpa_supplicant_install_ptk()
1212 return -1; in wpa_supplicant_install_ptk()
1215 alg = wpa_cipher_to_alg(sm->pairwise_cipher); in wpa_supplicant_install_ptk()
1216 keylen = wpa_cipher_key_len(sm->pairwise_cipher); in wpa_supplicant_install_ptk()
1217 if (keylen <= 0 || (unsigned int) keylen != sm->ptk.tk_len) { in wpa_supplicant_install_ptk()
1219 keylen, (long unsigned int) sm->ptk.tk_len); in wpa_supplicant_install_ptk()
1220 return -1; in wpa_supplicant_install_ptk()
1222 rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher); in wpa_supplicant_install_ptk()
1224 if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) { in wpa_supplicant_install_ptk()
1227 key_rsc = key->key_rsc; in wpa_supplicant_install_ptk()
1231 if (wpa_sm_set_key(sm, -1, alg, wpa_sm_get_auth_addr(sm), in wpa_supplicant_install_ptk()
1232 sm->keyidx_active, 1, key_rsc, rsclen, sm->ptk.tk, in wpa_supplicant_install_ptk()
1234 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_ptk()
1238 sm->keyidx_active, key_flag); in wpa_supplicant_install_ptk()
1239 return -1; in wpa_supplicant_install_ptk()
1243 if (sm->secure_ltf && in wpa_supplicant_install_ptk()
1244 ieee802_11_rsnx_capab(sm->ap_rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF) && in wpa_supplicant_install_ptk()
1245 wpa_sm_set_ltf_keyseed(sm, sm->own_addr, sm->bssid, in wpa_supplicant_install_ptk()
1246 sm->ptk.ltf_keyseed_len, in wpa_supplicant_install_ptk()
1247 sm->ptk.ltf_keyseed) < 0) { in wpa_supplicant_install_ptk()
1248 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_ptk()
1250 MACSTR ")", sm->ptk.ltf_keyseed_len, in wpa_supplicant_install_ptk()
1251 MAC2STR(sm->bssid)); in wpa_supplicant_install_ptk()
1252 return -1; in wpa_supplicant_install_ptk()
1256 wpa_sm_store_ptk(sm, sm->bssid, sm->pairwise_cipher, in wpa_supplicant_install_ptk()
1257 sm->dot11RSNAConfigPMKLifetime, &sm->ptk); in wpa_supplicant_install_ptk()
1260 os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN); in wpa_supplicant_install_ptk()
1261 sm->ptk.tk_len = 0; in wpa_supplicant_install_ptk()
1262 sm->ptk.installed = 1; in wpa_supplicant_install_ptk()
1263 sm->tk_set = true; in wpa_supplicant_install_ptk()
1265 if (sm->wpa_ptk_rekey) { in wpa_supplicant_install_ptk()
1267 eloop_register_timeout(sm->wpa_ptk_rekey, 0, wpa_sm_rekey_ptk, in wpa_supplicant_install_ptk()
1276 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_activate_ptk()
1278 sm->keyidx_active, MAC2STR(wpa_sm_get_auth_addr(sm))); in wpa_supplicant_activate_ptk()
1280 if (wpa_sm_set_key(sm, -1, 0, wpa_sm_get_auth_addr(sm), in wpa_supplicant_activate_ptk()
1281 sm->keyidx_active, 0, NULL, 0, NULL, 0, in wpa_supplicant_activate_ptk()
1283 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_activate_ptk()
1285 MACSTR ")", sm->keyidx_active, in wpa_supplicant_activate_ptk()
1287 return -1; in wpa_supplicant_activate_ptk()
1303 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_check_group_cipher()
1306 return -1; in wpa_supplicant_check_group_cipher()
1312 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_check_group_cipher()
1315 return -1; in wpa_supplicant_check_group_cipher()
1333 const u8 *_gtk = gd->gtk; in wpa_supplicant_install_gtk()
1337 if ((sm->gtk.gtk_len == (size_t) gd->gtk_len && in wpa_supplicant_install_gtk()
1338 os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) || in wpa_supplicant_install_gtk()
1339 (sm->gtk_wnm_sleep.gtk_len == (size_t) gd->gtk_len && in wpa_supplicant_install_gtk()
1340 os_memcmp(sm->gtk_wnm_sleep.gtk, gd->gtk, in wpa_supplicant_install_gtk()
1341 sm->gtk_wnm_sleep.gtk_len) == 0)) { in wpa_supplicant_install_gtk()
1342 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_gtk()
1343 "WPA: Not reinstalling already in-use GTK to the driver (keyidx=%d tx=%d len=%d)", in wpa_supplicant_install_gtk()
1344 gd->keyidx, gd->tx, gd->gtk_len); in wpa_supplicant_install_gtk()
1348 wpa_hexdump_key(MSG_DEBUG, "WPA: Group Key", gd->gtk, gd->gtk_len); in wpa_supplicant_install_gtk()
1349 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_gtk()
1351 gd->keyidx, gd->tx, gd->gtk_len); in wpa_supplicant_install_gtk()
1352 wpa_hexdump(MSG_DEBUG, "WPA: RSC", key_rsc, gd->key_rsc_len); in wpa_supplicant_install_gtk()
1353 if (sm->group_cipher == WPA_CIPHER_TKIP) { in wpa_supplicant_install_gtk()
1355 os_memcpy(gtk_buf, gd->gtk, 16); in wpa_supplicant_install_gtk()
1356 os_memcpy(gtk_buf + 16, gd->gtk + 24, 8); in wpa_supplicant_install_gtk()
1357 os_memcpy(gtk_buf + 24, gd->gtk + 16, 8); in wpa_supplicant_install_gtk()
1360 if (sm->pairwise_cipher == WPA_CIPHER_NONE) { in wpa_supplicant_install_gtk()
1361 if (wpa_sm_set_key(sm, -1, gd->alg, NULL, in wpa_supplicant_install_gtk()
1362 gd->keyidx, 1, key_rsc, gd->key_rsc_len, in wpa_supplicant_install_gtk()
1363 _gtk, gd->gtk_len, in wpa_supplicant_install_gtk()
1365 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_gtk()
1369 return -1; in wpa_supplicant_install_gtk()
1371 } else if (wpa_sm_set_key(sm, -1, gd->alg, broadcast_ether_addr, in wpa_supplicant_install_gtk()
1372 gd->keyidx, gd->tx, key_rsc, gd->key_rsc_len, in wpa_supplicant_install_gtk()
1373 _gtk, gd->gtk_len, KEY_FLAG_GROUP_RX) < 0) { in wpa_supplicant_install_gtk()
1374 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_gtk()
1377 gd->alg, gd->gtk_len, gd->keyidx); in wpa_supplicant_install_gtk()
1379 return -1; in wpa_supplicant_install_gtk()
1384 sm->gtk_wnm_sleep.gtk_len = gd->gtk_len; in wpa_supplicant_install_gtk()
1385 os_memcpy(sm->gtk_wnm_sleep.gtk, gd->gtk, in wpa_supplicant_install_gtk()
1386 sm->gtk_wnm_sleep.gtk_len); in wpa_supplicant_install_gtk()
1388 sm->gtk.gtk_len = gd->gtk_len; in wpa_supplicant_install_gtk()
1389 os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len); in wpa_supplicant_install_gtk()
1400 const u8 *gtk = gd->gtk; in wpa_supplicant_install_mlo_gtk()
1404 if ((sm->mlo.links[link_id].gtk.gtk_len == (size_t) gd->gtk_len && in wpa_supplicant_install_mlo_gtk()
1405 os_memcmp(sm->mlo.links[link_id].gtk.gtk, gd->gtk, in wpa_supplicant_install_mlo_gtk()
1406 sm->mlo.links[link_id].gtk.gtk_len) == 0) || in wpa_supplicant_install_mlo_gtk()
1407 (sm->mlo.links[link_id].gtk_wnm_sleep.gtk_len == in wpa_supplicant_install_mlo_gtk()
1408 (size_t) gd->gtk_len && in wpa_supplicant_install_mlo_gtk()
1409 os_memcmp(sm->mlo.links[link_id].gtk_wnm_sleep.gtk, gd->gtk, in wpa_supplicant_install_mlo_gtk()
1410 sm->mlo.links[link_id].gtk_wnm_sleep.gtk_len) == 0)) { in wpa_supplicant_install_mlo_gtk()
1411 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_mlo_gtk()
1412 "RSN: Not reinstalling already in-use GTK to the driver (link_id=%d keyidx=%d tx=%d len=%d)", in wpa_supplicant_install_mlo_gtk()
1413 link_id, gd->keyidx, gd->tx, gd->gtk_len); in wpa_supplicant_install_mlo_gtk()
1417 wpa_hexdump_link_key(MSG_DEBUG, link_id, "RSN: Group Key", gd->gtk, in wpa_supplicant_install_mlo_gtk()
1418 gd->gtk_len); in wpa_supplicant_install_mlo_gtk()
1419 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_mlo_gtk()
1421 link_id, gd->keyidx, gd->tx, gd->gtk_len); in wpa_supplicant_install_mlo_gtk()
1423 key_rsc, gd->key_rsc_len); in wpa_supplicant_install_mlo_gtk()
1424 if (sm->group_cipher == WPA_CIPHER_TKIP) { in wpa_supplicant_install_mlo_gtk()
1426 os_memcpy(gtk_buf, gd->gtk, 16); in wpa_supplicant_install_mlo_gtk()
1427 os_memcpy(gtk_buf + 16, gd->gtk + 24, 8); in wpa_supplicant_install_mlo_gtk()
1428 os_memcpy(gtk_buf + 24, gd->gtk + 16, 8); in wpa_supplicant_install_mlo_gtk()
1431 if (wpa_sm_set_key(sm, link_id, gd->alg, broadcast_ether_addr, in wpa_supplicant_install_mlo_gtk()
1432 gd->keyidx, gd->tx, key_rsc, gd->key_rsc_len, gtk, in wpa_supplicant_install_mlo_gtk()
1433 gd->gtk_len, KEY_FLAG_GROUP_RX) < 0) { in wpa_supplicant_install_mlo_gtk()
1434 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_mlo_gtk()
1436 link_id, gd->alg, gd->gtk_len, gd->keyidx); in wpa_supplicant_install_mlo_gtk()
1438 return -1; in wpa_supplicant_install_mlo_gtk()
1443 sm->mlo.links[link_id].gtk_wnm_sleep.gtk_len = gd->gtk_len; in wpa_supplicant_install_mlo_gtk()
1444 os_memcpy(sm->mlo.links[link_id].gtk_wnm_sleep.gtk, gd->gtk, in wpa_supplicant_install_mlo_gtk()
1445 sm->mlo.links[link_id].gtk_wnm_sleep.gtk_len); in wpa_supplicant_install_mlo_gtk()
1447 sm->mlo.links[link_id].gtk.gtk_len = gd->gtk_len; in wpa_supplicant_install_mlo_gtk()
1448 os_memcpy(sm->mlo.links[link_id].gtk.gtk, gd->gtk, in wpa_supplicant_install_mlo_gtk()
1449 sm->mlo.links[link_id].gtk.gtk_len); in wpa_supplicant_install_mlo_gtk()
1459 if (tx && sm->pairwise_cipher != WPA_CIPHER_NONE) { in wpa_supplicant_gtk_tx_bit_workaround()
1464 * configured non-zero keyidx to be used for unicast. */ in wpa_supplicant_gtk_tx_bit_workaround()
1465 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_gtk_tx_bit_workaround()
1467 "keys are used - ignore Tx bit"); in wpa_supplicant_gtk_tx_bit_workaround()
1479 if (!sm->wpa_rsc_relaxation) in wpa_supplicant_rsc_relaxation()
1482 rsclen = wpa_cipher_rsc_len(sm->group_cipher); in wpa_supplicant_rsc_relaxation()
1486 * the RSC bytes in EAPOL-Key message in the wrong order, both if in wpa_supplicant_rsc_relaxation()
1487 * it's actually a 6-byte field (as it should be) and if it treats in wpa_supplicant_rsc_relaxation()
1488 * it as an 8-byte field. in wpa_supplicant_rsc_relaxation()
1489 * An AP model known to have this bug is the Sapido RB-1632. in wpa_supplicant_rsc_relaxation()
1492 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_rsc_relaxation()
1513 * KeyID[bits 0-1], Tx [bit 2], Reserved [bit 3], link id [4-7] in wpa_supplicant_mlo_gtk()
1523 gtk_len - RSN_MLO_GTK_KDE_PREFIX_LENGTH > sizeof(gd.gtk)) in wpa_supplicant_mlo_gtk()
1524 return -1; in wpa_supplicant_mlo_gtk()
1528 gtk_len -= 1; in wpa_supplicant_mlo_gtk()
1533 gtk_len -= 6; in wpa_supplicant_mlo_gtk()
1539 if (wpa_supplicant_check_group_cipher(sm, sm->group_cipher, gtk_len, in wpa_supplicant_mlo_gtk()
1543 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_mlo_gtk()
1546 ret = -1; in wpa_supplicant_mlo_gtk()
1563 for_each_link(sm->mlo.valid_links, i) { in wpa_supplicant_pairwise_mlo_gtk()
1564 if (!ie->mlo_gtk[i]) { in wpa_supplicant_pairwise_mlo_gtk()
1565 wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, in wpa_supplicant_pairwise_mlo_gtk()
1567 return -1; in wpa_supplicant_pairwise_mlo_gtk()
1570 if (wpa_supplicant_mlo_gtk(sm, i, ie->mlo_gtk[i], in wpa_supplicant_pairwise_mlo_gtk()
1571 ie->mlo_gtk_len[i], key_info)) in wpa_supplicant_pairwise_mlo_gtk()
1572 return -1; in wpa_supplicant_pairwise_mlo_gtk()
1588 * IEEE Std 802.11i-2004 - 8.5.2 EAPOL-Key frames - Figure 43x in wpa_supplicant_pairwise_gtk()
1590 * KeyID[bits 0-1], Tx [bit 2], Reserved [bits 3-7] in wpa_supplicant_pairwise_gtk()
1591 * Reserved [bits 0-7] in wpa_supplicant_pairwise_gtk()
1599 if (gtk_len < 2 || gtk_len - 2 > sizeof(gd.gtk)) in wpa_supplicant_pairwise_gtk()
1600 return -1; in wpa_supplicant_pairwise_gtk()
1606 gtk_len -= 2; in wpa_supplicant_pairwise_gtk()
1611 key_rsc = key->key_rsc; in wpa_supplicant_pairwise_gtk()
1612 if (wpa_supplicant_rsc_relaxation(sm, key->key_rsc)) in wpa_supplicant_pairwise_gtk()
1615 if (sm->group_cipher != WPA_CIPHER_GTK_NOT_USED && in wpa_supplicant_pairwise_gtk()
1616 (wpa_supplicant_check_group_cipher(sm, sm->group_cipher, in wpa_supplicant_pairwise_gtk()
1620 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_pairwise_gtk()
1623 return -1; in wpa_supplicant_pairwise_gtk()
1635 size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher); in wpa_supplicant_install_igtk()
1636 u16 keyidx = WPA_GET_LE16(igtk->keyid); in wpa_supplicant_install_igtk()
1639 if ((sm->igtk.igtk_len == len && in wpa_supplicant_install_igtk()
1640 os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) || in wpa_supplicant_install_igtk()
1641 (sm->igtk_wnm_sleep.igtk_len == len && in wpa_supplicant_install_igtk()
1642 os_memcmp(sm->igtk_wnm_sleep.igtk, igtk->igtk, in wpa_supplicant_install_igtk()
1643 sm->igtk_wnm_sleep.igtk_len) == 0)) { in wpa_supplicant_install_igtk()
1644 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_igtk()
1645 "WPA: Not reinstalling already in-use IGTK to the driver (keyidx=%d)", in wpa_supplicant_install_igtk()
1650 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_igtk()
1652 keyidx, MAC2STR(igtk->pn)); in wpa_supplicant_install_igtk()
1653 wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK", igtk->igtk, len); in wpa_supplicant_install_igtk()
1655 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_igtk()
1657 return -1; in wpa_supplicant_install_igtk()
1659 if (wpa_sm_set_key(sm, -1, wpa_cipher_to_alg(sm->mgmt_group_cipher), in wpa_supplicant_install_igtk()
1661 keyidx, 0, igtk->pn, sizeof(igtk->pn), in wpa_supplicant_install_igtk()
1662 igtk->igtk, len, KEY_FLAG_GROUP_RX) < 0) { in wpa_supplicant_install_igtk()
1670 * received group-addressed robust management frames due in wpa_supplicant_install_igtk()
1677 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_install_igtk()
1680 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_igtk()
1682 return -1; in wpa_supplicant_install_igtk()
1687 sm->igtk_wnm_sleep.igtk_len = len; in wpa_supplicant_install_igtk()
1688 os_memcpy(sm->igtk_wnm_sleep.igtk, igtk->igtk, in wpa_supplicant_install_igtk()
1689 sm->igtk_wnm_sleep.igtk_len); in wpa_supplicant_install_igtk()
1691 sm->igtk.igtk_len = len; in wpa_supplicant_install_igtk()
1692 os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len); in wpa_supplicant_install_igtk()
1703 size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher); in wpa_supplicant_install_bigtk()
1704 u16 keyidx = WPA_GET_LE16(bigtk->keyid); in wpa_supplicant_install_bigtk()
1707 if ((sm->bigtk.bigtk_len == len && in wpa_supplicant_install_bigtk()
1708 os_memcmp(sm->bigtk.bigtk, bigtk->bigtk, in wpa_supplicant_install_bigtk()
1709 sm->bigtk.bigtk_len) == 0) || in wpa_supplicant_install_bigtk()
1710 (sm->bigtk_wnm_sleep.bigtk_len == len && in wpa_supplicant_install_bigtk()
1711 os_memcmp(sm->bigtk_wnm_sleep.bigtk, bigtk->bigtk, in wpa_supplicant_install_bigtk()
1712 sm->bigtk_wnm_sleep.bigtk_len) == 0)) { in wpa_supplicant_install_bigtk()
1713 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_bigtk()
1714 "WPA: Not reinstalling already in-use BIGTK to the driver (keyidx=%d)", in wpa_supplicant_install_bigtk()
1719 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_bigtk()
1721 keyidx, MAC2STR(bigtk->pn)); in wpa_supplicant_install_bigtk()
1722 wpa_hexdump_key(MSG_DEBUG, "WPA: BIGTK", bigtk->bigtk, len); in wpa_supplicant_install_bigtk()
1724 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_bigtk()
1726 return -1; in wpa_supplicant_install_bigtk()
1728 if (wpa_sm_set_key(sm, -1, wpa_cipher_to_alg(sm->mgmt_group_cipher), in wpa_supplicant_install_bigtk()
1730 keyidx, 0, bigtk->pn, sizeof(bigtk->pn), in wpa_supplicant_install_bigtk()
1731 bigtk->bigtk, len, KEY_FLAG_GROUP_RX) < 0) { in wpa_supplicant_install_bigtk()
1732 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_bigtk()
1734 return -1; in wpa_supplicant_install_bigtk()
1738 sm->bigtk_wnm_sleep.bigtk_len = len; in wpa_supplicant_install_bigtk()
1739 os_memcpy(sm->bigtk_wnm_sleep.bigtk, bigtk->bigtk, in wpa_supplicant_install_bigtk()
1740 sm->bigtk_wnm_sleep.bigtk_len); in wpa_supplicant_install_bigtk()
1742 sm->bigtk.bigtk_len = len; in wpa_supplicant_install_bigtk()
1743 os_memcpy(sm->bigtk.bigtk, bigtk->bigtk, sm->bigtk.bigtk_len); in wpa_supplicant_install_bigtk()
1754 size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher); in wpa_supplicant_install_mlo_igtk()
1755 u16 keyidx = WPA_GET_LE16(igtk->keyid); in wpa_supplicant_install_mlo_igtk()
1758 if ((sm->mlo.links[link_id].igtk.igtk_len == len && in wpa_supplicant_install_mlo_igtk()
1759 os_memcmp(sm->mlo.links[link_id].igtk.igtk, igtk->igtk, in wpa_supplicant_install_mlo_igtk()
1760 sm->mlo.links[link_id].igtk.igtk_len) == 0) || in wpa_supplicant_install_mlo_igtk()
1761 (sm->mlo.links[link_id].igtk_wnm_sleep.igtk_len == len && in wpa_supplicant_install_mlo_igtk()
1762 os_memcmp(sm->mlo.links[link_id].igtk_wnm_sleep.igtk, igtk->igtk, in wpa_supplicant_install_mlo_igtk()
1763 sm->mlo.links[link_id].igtk_wnm_sleep.igtk_len) == 0)) { in wpa_supplicant_install_mlo_igtk()
1764 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_mlo_igtk()
1765 "RSN: Not reinstalling already in-use IGTK to the driver (link_id=%d keyidx=%d)", in wpa_supplicant_install_mlo_igtk()
1770 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_mlo_igtk()
1772 link_id, keyidx, MAC2STR(igtk->pn)); in wpa_supplicant_install_mlo_igtk()
1773 wpa_hexdump_link_key(MSG_DEBUG, link_id, "RSN: IGTK", igtk->igtk, len); in wpa_supplicant_install_mlo_igtk()
1775 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_mlo_igtk()
1778 return -1; in wpa_supplicant_install_mlo_igtk()
1781 wpa_cipher_to_alg(sm->mgmt_group_cipher), in wpa_supplicant_install_mlo_igtk()
1782 broadcast_ether_addr, keyidx, 0, igtk->pn, in wpa_supplicant_install_mlo_igtk()
1783 sizeof(igtk->pn), igtk->igtk, len, in wpa_supplicant_install_mlo_igtk()
1785 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_mlo_igtk()
1788 return -1; in wpa_supplicant_install_mlo_igtk()
1792 sm->mlo.links[link_id].igtk_wnm_sleep.igtk_len = len; in wpa_supplicant_install_mlo_igtk()
1793 os_memcpy(sm->mlo.links[link_id].igtk_wnm_sleep.igtk, in wpa_supplicant_install_mlo_igtk()
1794 igtk->igtk, in wpa_supplicant_install_mlo_igtk()
1795 sm->mlo.links[link_id].igtk_wnm_sleep.igtk_len); in wpa_supplicant_install_mlo_igtk()
1797 sm->mlo.links[link_id].igtk.igtk_len = len; in wpa_supplicant_install_mlo_igtk()
1798 os_memcpy(sm->mlo.links[link_id].igtk.igtk, igtk->igtk, in wpa_supplicant_install_mlo_igtk()
1799 sm->mlo.links[link_id].igtk.igtk_len); in wpa_supplicant_install_mlo_igtk()
1811 size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher); in wpa_supplicant_install_mlo_bigtk()
1812 u16 keyidx = WPA_GET_LE16(bigtk->keyid); in wpa_supplicant_install_mlo_bigtk()
1815 if ((sm->mlo.links[link_id].bigtk.bigtk_len == len && in wpa_supplicant_install_mlo_bigtk()
1816 os_memcmp(sm->mlo.links[link_id].bigtk.bigtk, bigtk->bigtk, in wpa_supplicant_install_mlo_bigtk()
1817 sm->mlo.links[link_id].bigtk.bigtk_len) == 0) || in wpa_supplicant_install_mlo_bigtk()
1818 (sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk_len == len && in wpa_supplicant_install_mlo_bigtk()
1819 os_memcmp(sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk, in wpa_supplicant_install_mlo_bigtk()
1820 bigtk->bigtk, in wpa_supplicant_install_mlo_bigtk()
1821 sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk_len) == in wpa_supplicant_install_mlo_bigtk()
1823 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_mlo_bigtk()
1824 "RSN: Not reinstalling already in-use BIGTK to the driver (link_id=%d keyidx=%d)", in wpa_supplicant_install_mlo_bigtk()
1829 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_mlo_bigtk()
1831 link_id, keyidx, MAC2STR(bigtk->pn)); in wpa_supplicant_install_mlo_bigtk()
1832 wpa_hexdump_link_key(MSG_DEBUG, link_id, "RSN: BIGTK", bigtk->bigtk, in wpa_supplicant_install_mlo_bigtk()
1835 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_mlo_bigtk()
1838 return -1; in wpa_supplicant_install_mlo_bigtk()
1841 wpa_cipher_to_alg(sm->mgmt_group_cipher), in wpa_supplicant_install_mlo_bigtk()
1842 broadcast_ether_addr, keyidx, 0, bigtk->pn, in wpa_supplicant_install_mlo_bigtk()
1843 sizeof(bigtk->pn), bigtk->bigtk, len, in wpa_supplicant_install_mlo_bigtk()
1845 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_mlo_bigtk()
1848 return -1; in wpa_supplicant_install_mlo_bigtk()
1852 sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk_len = len; in wpa_supplicant_install_mlo_bigtk()
1853 os_memcpy(sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk, in wpa_supplicant_install_mlo_bigtk()
1854 bigtk->bigtk, in wpa_supplicant_install_mlo_bigtk()
1855 sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk_len); in wpa_supplicant_install_mlo_bigtk()
1857 sm->mlo.links[link_id].bigtk.bigtk_len = len; in wpa_supplicant_install_mlo_bigtk()
1858 os_memcpy(sm->mlo.links[link_id].bigtk.bigtk, bigtk->bigtk, in wpa_supplicant_install_mlo_bigtk()
1859 sm->mlo.links[link_id].bigtk.bigtk_len); in wpa_supplicant_install_mlo_bigtk()
1871 if (ie->mlo_igtk[link_id]) { in _mlo_ieee80211w_set_keys()
1872 len = wpa_cipher_key_len(sm->mgmt_group_cipher); in _mlo_ieee80211w_set_keys()
1873 if (ie->mlo_igtk_len[link_id] != in _mlo_ieee80211w_set_keys()
1875 return -1; in _mlo_ieee80211w_set_keys()
1880 ie->mlo_igtk[link_id], in _mlo_ieee80211w_set_keys()
1882 return -1; in _mlo_ieee80211w_set_keys()
1885 if (ie->mlo_bigtk[link_id] && sm->beacon_prot) { in _mlo_ieee80211w_set_keys()
1886 len = wpa_cipher_key_len(sm->mgmt_group_cipher); in _mlo_ieee80211w_set_keys()
1887 if (ie->mlo_bigtk_len[link_id] != in _mlo_ieee80211w_set_keys()
1889 return -1; in _mlo_ieee80211w_set_keys()
1894 ie->mlo_bigtk[link_id], in _mlo_ieee80211w_set_keys()
1896 return -1; in _mlo_ieee80211w_set_keys()
1908 if (!wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher) || in mlo_ieee80211w_set_keys()
1909 sm->mgmt_group_cipher == WPA_CIPHER_GTK_NOT_USED) in mlo_ieee80211w_set_keys()
1912 for_each_link(sm->mlo.valid_links, i) { in mlo_ieee80211w_set_keys()
1914 return -1; in mlo_ieee80211w_set_keys()
1926 if (!wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher) || in ieee80211w_set_keys()
1927 sm->mgmt_group_cipher == WPA_CIPHER_GTK_NOT_USED) in ieee80211w_set_keys()
1930 if (ie->igtk) { in ieee80211w_set_keys()
1933 len = wpa_cipher_key_len(sm->mgmt_group_cipher); in ieee80211w_set_keys()
1934 if (ie->igtk_len != WPA_IGTK_KDE_PREFIX_LEN + len) in ieee80211w_set_keys()
1935 return -1; in ieee80211w_set_keys()
1937 igtk = (const struct wpa_igtk_kde *) ie->igtk; in ieee80211w_set_keys()
1939 return -1; in ieee80211w_set_keys()
1942 if (ie->bigtk && sm->beacon_prot) { in ieee80211w_set_keys()
1945 len = wpa_cipher_key_len(sm->mgmt_group_cipher); in ieee80211w_set_keys()
1946 if (ie->bigtk_len != WPA_BIGTK_KDE_PREFIX_LEN + len) in ieee80211w_set_keys()
1947 return -1; in ieee80211w_set_keys()
1949 bigtk = (const struct wpa_bigtk_kde *) ie->bigtk; in ieee80211w_set_keys()
1951 return -1; in ieee80211w_set_keys()
1963 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: %s (src=" MACSTR ")", in wpa_report_ie_mismatch()
1966 if (sm->ap_wpa_ie) { in wpa_report_ie_mismatch()
1968 sm->ap_wpa_ie, sm->ap_wpa_ie_len); in wpa_report_ie_mismatch()
1971 if (!sm->ap_wpa_ie) { in wpa_report_ie_mismatch()
1972 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_report_ie_mismatch()
1979 if (sm->ap_rsn_ie) { in wpa_report_ie_mismatch()
1981 sm->ap_rsn_ie, sm->ap_rsn_ie_len); in wpa_report_ie_mismatch()
1984 if (!sm->ap_rsn_ie) { in wpa_report_ie_mismatch()
1985 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_report_ie_mismatch()
2005 mdie = (struct rsn_mdie *) (ie->mdie + 2); in ft_validate_mdie()
2006 if (ie->mdie == NULL || ie->mdie_len < 2 + sizeof(*mdie) || in ft_validate_mdie()
2007 os_memcmp(mdie->mobility_domain, sm->mobility_domain, in ft_validate_mdie()
2009 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "FT: MDIE in msg 3/4 did " in ft_validate_mdie()
2011 return -1; in ft_validate_mdie()
2015 (assoc_resp_mdie[1] != ie->mdie[1] || in ft_validate_mdie()
2016 os_memcmp(assoc_resp_mdie, ie->mdie, 2 + ie->mdie[1]) != 0)) { in ft_validate_mdie()
2017 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "FT: MDIE mismatch"); in ft_validate_mdie()
2018 wpa_hexdump(MSG_DEBUG, "FT: MDIE in EAPOL-Key msg 3/4", in ft_validate_mdie()
2019 ie->mdie, 2 + ie->mdie[1]); in ft_validate_mdie()
2022 return -1; in ft_validate_mdie()
2034 if (ie->ftie == NULL) { in ft_validate_ftie()
2035 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in ft_validate_ftie()
2036 "FT: No FTIE in EAPOL-Key msg 3/4"); in ft_validate_ftie()
2037 return -1; in ft_validate_ftie()
2043 if (assoc_resp_ftie[1] != ie->ftie[1] || in ft_validate_ftie()
2044 os_memcmp(assoc_resp_ftie, ie->ftie, 2 + ie->ftie[1]) != 0) { in ft_validate_ftie()
2045 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "FT: FTIE mismatch"); in ft_validate_ftie()
2046 wpa_hexdump(MSG_DEBUG, "FT: FTIE in EAPOL-Key msg 3/4", in ft_validate_ftie()
2047 ie->ftie, 2 + ie->ftie[1]); in ft_validate_ftie()
2050 return -1; in ft_validate_ftie()
2063 if (!ie->rsn_ie) in ft_validate_rsnie()
2067 * Verify that PMKR1Name from EAPOL-Key message 3/4 in ft_validate_rsnie()
2070 if (wpa_parse_wpa_ie_rsn(ie->rsn_ie, ie->rsn_ie_len, &rsn) < 0 || in ft_validate_rsnie()
2072 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "FT: No PMKR1Name in " in ft_validate_rsnie()
2073 "FT 4-way handshake message 3/4"); in ft_validate_rsnie()
2074 return -1; in ft_validate_rsnie()
2077 if (os_memcmp_const(rsn.pmkid, sm->pmk_r1_name, WPA_PMK_NAME_LEN) != 0) in ft_validate_rsnie()
2079 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in ft_validate_rsnie()
2081 "FT 4-way handshake message 3/4"); in ft_validate_rsnie()
2085 sm->pmk_r1_name, WPA_PMK_NAME_LEN); in ft_validate_rsnie()
2086 return -1; in ft_validate_rsnie()
2099 if (sm->assoc_resp_ies) { in wpa_supplicant_validate_ie_ft()
2100 pos = sm->assoc_resp_ies; in wpa_supplicant_validate_ie_ft()
2101 end = pos + sm->assoc_resp_ies_len; in wpa_supplicant_validate_ie_ft()
2102 while (end - pos > 2) { in wpa_supplicant_validate_ie_ft()
2103 if (2 + pos[1] > end - pos) in wpa_supplicant_validate_ie_ft()
2120 return -1; in wpa_supplicant_validate_ie_ft()
2132 if (sm->ap_wpa_ie == NULL && sm->ap_rsn_ie == NULL) { in wpa_supplicant_validate_ie()
2133 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_validate_ie()
2137 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_validate_ie()
2140 return -1; in wpa_supplicant_validate_ie()
2142 wpa_msg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_validate_ie()
2146 if (ie->wpa_ie == NULL && ie->rsn_ie == NULL && in wpa_supplicant_validate_ie()
2147 (sm->ap_wpa_ie || sm->ap_rsn_ie)) { in wpa_supplicant_validate_ie()
2150 src_addr, ie->wpa_ie, ie->wpa_ie_len, in wpa_supplicant_validate_ie()
2151 ie->rsn_ie, ie->rsn_ie_len); in wpa_supplicant_validate_ie()
2152 return -1; in wpa_supplicant_validate_ie()
2155 if ((ie->wpa_ie && sm->ap_wpa_ie && in wpa_supplicant_validate_ie()
2156 (ie->wpa_ie_len != sm->ap_wpa_ie_len || in wpa_supplicant_validate_ie()
2157 os_memcmp(ie->wpa_ie, sm->ap_wpa_ie, ie->wpa_ie_len) != 0)) || in wpa_supplicant_validate_ie()
2158 (ie->rsn_ie && sm->ap_rsn_ie && in wpa_supplicant_validate_ie()
2159 wpa_compare_rsn_ie(wpa_key_mgmt_ft(sm->key_mgmt), in wpa_supplicant_validate_ie()
2160 sm->ap_rsn_ie, sm->ap_rsn_ie_len, in wpa_supplicant_validate_ie()
2161 ie->rsn_ie, ie->rsn_ie_len))) { in wpa_supplicant_validate_ie()
2164 src_addr, ie->wpa_ie, ie->wpa_ie_len, in wpa_supplicant_validate_ie()
2165 ie->rsn_ie, ie->rsn_ie_len); in wpa_supplicant_validate_ie()
2166 return -1; in wpa_supplicant_validate_ie()
2169 if (sm->proto == WPA_PROTO_WPA && in wpa_supplicant_validate_ie()
2170 ie->rsn_ie && sm->ap_rsn_ie == NULL && sm->rsn_enabled) { in wpa_supplicant_validate_ie()
2172 "detected - RSN was enabled and RSN IE " in wpa_supplicant_validate_ie()
2175 src_addr, ie->wpa_ie, ie->wpa_ie_len, in wpa_supplicant_validate_ie()
2176 ie->rsn_ie, ie->rsn_ie_len); in wpa_supplicant_validate_ie()
2177 return -1; in wpa_supplicant_validate_ie()
2180 if (sm->proto == WPA_PROTO_RSN && in wpa_supplicant_validate_ie()
2181 ((sm->ap_rsnxe && !ie->rsnxe) || in wpa_supplicant_validate_ie()
2182 (!sm->ap_rsnxe && ie->rsnxe) || in wpa_supplicant_validate_ie()
2183 (sm->ap_rsnxe && ie->rsnxe && in wpa_supplicant_validate_ie()
2184 (sm->ap_rsnxe_len != ie->rsnxe_len || in wpa_supplicant_validate_ie()
2185 os_memcmp(sm->ap_rsnxe, ie->rsnxe, sm->ap_rsnxe_len) != 0)))) { in wpa_supplicant_validate_ie()
2186 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_ie()
2187 "WPA: RSNXE mismatch between Beacon/ProbeResp and EAPOL-Key msg 3/4"); in wpa_supplicant_validate_ie()
2189 sm->ap_rsnxe, sm->ap_rsnxe_len); in wpa_supplicant_validate_ie()
2190 wpa_hexdump(MSG_INFO, "RSNXE in EAPOL-Key msg 3/4", in wpa_supplicant_validate_ie()
2191 ie->rsnxe, ie->rsnxe_len); in wpa_supplicant_validate_ie()
2193 return -1; in wpa_supplicant_validate_ie()
2197 if (wpa_key_mgmt_ft(sm->key_mgmt) && in wpa_supplicant_validate_ie()
2199 return -1; in wpa_supplicant_validate_ie()
2207 * wpa_supplicant_send_4_of_4 - Send message 4 of WPA/RSN 4-Way Handshake
2210 * @key: Pointer to the EAPOL-Key frame header
2211 * @ver: Version bits from EAPOL-Key Key Info
2230 if (sm->mlo.valid_links) { in wpa_supplicant_send_4_of_4()
2235 return -1; in wpa_supplicant_send_4_of_4()
2238 wpa_printf(MSG_DEBUG, "MLO: Add MAC KDE into EAPOL-Key 4/4"); in wpa_supplicant_send_4_of_4()
2240 pos = rsn_add_kde(pos, RSN_KEY_DATA_MAC_ADDR, sm->own_addr, in wpa_supplicant_send_4_of_4()
2242 kde_len = pos - kde; in wpa_supplicant_send_4_of_4()
2246 if (sm->test_eapol_m4_elems) in wpa_supplicant_send_4_of_4()
2247 extra_len = wpabuf_len(sm->test_eapol_m4_elems); in wpa_supplicant_send_4_of_4()
2248 if (sm->encrypt_eapol_m4) { in wpa_supplicant_send_4_of_4()
2251 pad_len = 8 - pad_len; in wpa_supplicant_send_4_of_4()
2256 mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); in wpa_supplicant_send_4_of_4()
2263 return -1; in wpa_supplicant_send_4_of_4()
2266 reply->type = (sm->proto == WPA_PROTO_RSN || in wpa_supplicant_send_4_of_4()
2267 sm->proto == WPA_PROTO_OSEN) ? in wpa_supplicant_send_4_of_4()
2276 if (sm->encrypt_eapol_m4) in wpa_supplicant_send_4_of_4()
2279 WPA_PUT_BE16(reply->key_info, key_info); in wpa_supplicant_send_4_of_4()
2280 if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) in wpa_supplicant_send_4_of_4()
2281 WPA_PUT_BE16(reply->key_length, 0); in wpa_supplicant_send_4_of_4()
2283 os_memcpy(reply->key_length, key->key_length, 2); in wpa_supplicant_send_4_of_4()
2284 os_memcpy(reply->replay_counter, key->replay_counter, in wpa_supplicant_send_4_of_4()
2296 if (sm->test_eapol_m4_elems) { in wpa_supplicant_send_4_of_4()
2298 wpabuf_head(sm->test_eapol_m4_elems), in wpa_supplicant_send_4_of_4()
2299 wpabuf_len(sm->test_eapol_m4_elems)); in wpa_supplicant_send_4_of_4()
2302 if (sm->encrypt_eapol_m4) { in wpa_supplicant_send_4_of_4()
2306 if (sm->test_eapol_m4_elems) in wpa_supplicant_send_4_of_4()
2307 extra_len = wpabuf_len(sm->test_eapol_m4_elems); in wpa_supplicant_send_4_of_4()
2314 return -1; in wpa_supplicant_send_4_of_4()
2317 plain[plain_len - pad_len] = 0xdd; in wpa_supplicant_send_4_of_4()
2319 wpa_hexdump_key(MSG_DEBUG, "RSN: AES-WRAP using KEK", in wpa_supplicant_send_4_of_4()
2320 ptk->kek, ptk->kek_len); in wpa_supplicant_send_4_of_4()
2321 if (aes_wrap(ptk->kek, ptk->kek_len, plain_len / 8, plain, in wpa_supplicant_send_4_of_4()
2325 return -1; in wpa_supplicant_send_4_of_4()
2328 "RSN: Encrypted Key Data from AES-WRAP", in wpa_supplicant_send_4_of_4()
2334 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Sending EAPOL-Key 4/4"); in wpa_supplicant_send_4_of_4()
2349 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2352 return -1; in wpa_supplicant_validate_link_kde()
2355 if (!ether_addr_equal(sm->mlo.links[link_id].bssid, in wpa_supplicant_validate_link_kde()
2357 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2362 MAC2STR(sm->mlo.links[link_id].bssid)); in wpa_supplicant_validate_link_kde()
2363 return -1; in wpa_supplicant_validate_link_kde()
2371 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2374 return -1; in wpa_supplicant_validate_link_kde()
2381 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2383 return -1; in wpa_supplicant_validate_link_kde()
2392 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2395 return -1; in wpa_supplicant_validate_link_kde()
2401 if (wpa_compare_rsn_ie(wpa_key_mgmt_ft(sm->key_mgmt), in wpa_supplicant_validate_link_kde()
2402 sm->mlo.links[link_id].ap_rsne, in wpa_supplicant_validate_link_kde()
2403 sm->mlo.links[link_id].ap_rsne_len, in wpa_supplicant_validate_link_kde()
2405 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2409 sm->mlo.links[link_id].ap_rsne, in wpa_supplicant_validate_link_kde()
2410 sm->mlo.links[link_id].ap_rsne_len); in wpa_supplicant_validate_link_kde()
2411 wpa_hexdump(MSG_INFO, "RSNE in EAPOL-Key msg 3/4", in wpa_supplicant_validate_link_kde()
2413 return -1; in wpa_supplicant_validate_link_kde()
2416 if ((sm->mlo.links[link_id].ap_rsnxe && !rsnxe) || in wpa_supplicant_validate_link_kde()
2417 (!sm->mlo.links[link_id].ap_rsnxe && rsnxe) || in wpa_supplicant_validate_link_kde()
2418 (sm->mlo.links[link_id].ap_rsnxe && rsnxe && in wpa_supplicant_validate_link_kde()
2419 (sm->mlo.links[link_id].ap_rsnxe_len != rsnxe_len || in wpa_supplicant_validate_link_kde()
2420 os_memcmp(sm->mlo.links[link_id].ap_rsnxe, rsnxe, in wpa_supplicant_validate_link_kde()
2421 sm->mlo.links[link_id].ap_rsnxe_len) != 0))) { in wpa_supplicant_validate_link_kde()
2422 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2423 "RSN MLO: RSNXE mismatch between Beacon/ProbeResp and EAPOL-Key msg 3/4 for link ID %u", in wpa_supplicant_validate_link_kde()
2426 sm->mlo.links[link_id].ap_rsnxe, in wpa_supplicant_validate_link_kde()
2427 sm->mlo.links[link_id].ap_rsnxe_len); in wpa_supplicant_validate_link_kde()
2428 wpa_hexdump(MSG_INFO, "RSNXE in EAPOL-Key msg 3/4", in wpa_supplicant_validate_link_kde()
2431 return -1; in wpa_supplicant_validate_link_kde()
2442 if (ie->mlo_igtk[link_id] && in wpa_validate_mlo_ieee80211w_kdes()
2443 ie->mlo_igtk_len[link_id] != RSN_MLO_IGTK_KDE_PREFIX_LENGTH + in wpa_validate_mlo_ieee80211w_kdes()
2444 (unsigned int) wpa_cipher_key_len(sm->mgmt_group_cipher)) { in wpa_validate_mlo_ieee80211w_kdes()
2445 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_validate_mlo_ieee80211w_kdes()
2447 (unsigned long) ie->mlo_igtk_len[link_id], link_id); in wpa_validate_mlo_ieee80211w_kdes()
2448 return -1; in wpa_validate_mlo_ieee80211w_kdes()
2451 if (!sm->beacon_prot) in wpa_validate_mlo_ieee80211w_kdes()
2454 if (ie->mlo_bigtk[link_id] && in wpa_validate_mlo_ieee80211w_kdes()
2455 ie->mlo_bigtk_len[link_id] != RSN_MLO_BIGTK_KDE_PREFIX_LENGTH + in wpa_validate_mlo_ieee80211w_kdes()
2456 (unsigned int) wpa_cipher_key_len(sm->mgmt_group_cipher)) { in wpa_validate_mlo_ieee80211w_kdes()
2457 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_validate_mlo_ieee80211w_kdes()
2459 (unsigned long) ie->mlo_bigtk_len[link_id], link_id); in wpa_validate_mlo_ieee80211w_kdes()
2460 return -1; in wpa_validate_mlo_ieee80211w_kdes()
2476 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_process_3_of_4_wpa()
2477 "WPA: RX message 3 of 4-Way Handshake from " MACSTR in wpa_supplicant_process_3_of_4_wpa()
2478 " (ver=%d)", MAC2STR(sm->bssid), ver); in wpa_supplicant_process_3_of_4_wpa()
2480 key_info = WPA_GET_BE16(key->key_info); in wpa_supplicant_process_3_of_4_wpa()
2486 if (wpa_supplicant_validate_ie(sm, sm->bssid, &ie) < 0) in wpa_supplicant_process_3_of_4_wpa()
2489 if (os_memcmp(sm->anonce, key->key_nonce, WPA_NONCE_LEN) != 0) { in wpa_supplicant_process_3_of_4_wpa()
2490 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4_wpa()
2491 …"WPA: ANonce from message 1 of 4-Way Handshake differs from 3 of 4-Way Handshake - drop packet (sr… in wpa_supplicant_process_3_of_4_wpa()
2492 MACSTR ")", MAC2STR(sm->bssid)); in wpa_supplicant_process_3_of_4_wpa()
2496 keylen = WPA_GET_BE16(key->key_length); in wpa_supplicant_process_3_of_4_wpa()
2497 if (keylen != wpa_cipher_key_len(sm->pairwise_cipher)) { in wpa_supplicant_process_3_of_4_wpa()
2498 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4_wpa()
2500 wpa_cipher_txt(sm->pairwise_cipher), keylen, in wpa_supplicant_process_3_of_4_wpa()
2501 MAC2STR(sm->bssid)); in wpa_supplicant_process_3_of_4_wpa()
2506 key_info, &sm->ptk) < 0) in wpa_supplicant_process_3_of_4_wpa()
2510 * for the next 4-Way Handshake. If msg 3 is received again, the old in wpa_supplicant_process_3_of_4_wpa()
2512 sm->renew_snonce = 1; in wpa_supplicant_process_3_of_4_wpa()
2520 sm, sm->bssid, MLME_SETPROTECTION_PROTECT_TYPE_RX, in wpa_supplicant_process_3_of_4_wpa()
2522 eapol_sm_notify_portValid(sm->eapol, true); in wpa_supplicant_process_3_of_4_wpa()
2526 sm->msg_3_of_4_ok = 1; in wpa_supplicant_process_3_of_4_wpa()
2541 bool mlo = sm->mlo.valid_links; in wpa_supplicant_process_3_of_4()
2545 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_process_3_of_4()
2546 "RSN: RX message 3 of 4-Way Handshake from " MACSTR in wpa_supplicant_process_3_of_4()
2547 " (ver=%d)%s", MAC2STR(sm->bssid), ver, mlo ? " (MLO)" : ""); in wpa_supplicant_process_3_of_4()
2549 key_info = WPA_GET_BE16(key->key_info); in wpa_supplicant_process_3_of_4()
2555 if (sm->ssid_protection) { in wpa_supplicant_process_3_of_4()
2557 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_3_of_4()
2558 "RSN: No SSID included in EAPOL-Key msg 3/4"); in wpa_supplicant_process_3_of_4()
2562 if (ie.ssid_len != sm->ssid_len || in wpa_supplicant_process_3_of_4()
2563 os_memcmp(ie.ssid, sm->ssid, sm->ssid_len) != 0) { in wpa_supplicant_process_3_of_4()
2564 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_3_of_4()
2565 "RSN: SSID mismatch in EAPOL-Key msg 3/4"); in wpa_supplicant_process_3_of_4()
2569 sm->ssid, sm->ssid_len); in wpa_supplicant_process_3_of_4()
2577 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_3_of_4()
2578 "MLO RSN: No GTK KDE included in EAPOL-Key msg 3/4"); in wpa_supplicant_process_3_of_4()
2587 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4()
2588 "RSN MLO: Invalid key info (0x%x) in EAPOL-Key msg 3/4", in wpa_supplicant_process_3_of_4()
2599 if (!(sm->mlo.req_links & BIT(i))) in wpa_supplicant_process_3_of_4()
2606 if (!(sm->mlo.valid_links & BIT(i))) in wpa_supplicant_process_3_of_4()
2610 wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, in wpa_supplicant_process_3_of_4()
2615 if (sm->mgmt_group_cipher != WPA_CIPHER_GTK_NOT_USED && in wpa_supplicant_process_3_of_4()
2616 wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher) && in wpa_supplicant_process_3_of_4()
2622 if (mlo && wpa_key_mgmt_ft(sm->key_mgmt) && in wpa_supplicant_process_3_of_4()
2623 wpa_supplicant_validate_ie_ft(sm, sm->bssid, &ie) < 0) in wpa_supplicant_process_3_of_4()
2628 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4()
2633 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4()
2639 sm->mgmt_group_cipher != WPA_CIPHER_GTK_NOT_USED && in wpa_supplicant_process_3_of_4()
2640 wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher) && in wpa_supplicant_process_3_of_4()
2642 (unsigned int) wpa_cipher_key_len(sm->mgmt_group_cipher)) { in wpa_supplicant_process_3_of_4()
2643 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4()
2649 if (!mlo && wpa_supplicant_validate_ie(sm, sm->bssid, &ie) < 0) in wpa_supplicant_process_3_of_4()
2655 if (os_memcmp(sm->anonce, key->key_nonce, WPA_NONCE_LEN) != 0) { in wpa_supplicant_process_3_of_4()
2656 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4()
2657 "WPA: ANonce from message 1 of 4-Way Handshake " in wpa_supplicant_process_3_of_4()
2658 "differs from 3 of 4-Way Handshake - drop packet (src=" in wpa_supplicant_process_3_of_4()
2659 MACSTR ")", MAC2STR(sm->bssid)); in wpa_supplicant_process_3_of_4()
2663 keylen = WPA_GET_BE16(key->key_length); in wpa_supplicant_process_3_of_4()
2664 if (keylen != wpa_cipher_key_len(sm->pairwise_cipher)) { in wpa_supplicant_process_3_of_4()
2665 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4()
2667 ")", wpa_cipher_txt(sm->pairwise_cipher), keylen, in wpa_supplicant_process_3_of_4()
2668 MAC2STR(sm->bssid)); in wpa_supplicant_process_3_of_4()
2674 os_memcpy(sm->p2p_ip_addr, ie.ip_addr_alloc, 3 * 4); in wpa_supplicant_process_3_of_4()
2676 sm->p2p_ip_addr, sizeof(sm->p2p_ip_addr)); in wpa_supplicant_process_3_of_4()
2685 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4()
2686 "Failed to get channel info to validate received OCI in EAPOL-Key 3/4"); in wpa_supplicant_process_3_of_4()
2693 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, OCV_FAILURE in wpa_supplicant_process_3_of_4()
2694 "addr=" MACSTR " frame=eapol-key-m3 error=%s", in wpa_supplicant_process_3_of_4()
2695 MAC2STR(sm->bssid), ocv_errorstr); in wpa_supplicant_process_3_of_4()
2706 if (sm->key_mgmt == WPA_KEY_MGMT_DPP && sm->dpp_pfs != 2 && in wpa_supplicant_process_3_of_4()
2707 (ie.dpp_kde[1] & DPP_KDE_PFS_ALLOWED) && !sm->dpp_z) { in wpa_supplicant_process_3_of_4()
2715 if (sm->use_ext_key_id && in wpa_supplicant_process_3_of_4()
2720 key_info, &sm->ptk) < 0) in wpa_supplicant_process_3_of_4()
2724 * for the next 4-Way Handshake. If msg 3 is received again, the old in wpa_supplicant_process_3_of_4()
2726 sm->renew_snonce = 1; in wpa_supplicant_process_3_of_4()
2731 if (sm->use_ext_key_id) in wpa_supplicant_process_3_of_4()
2742 sm, sm->bssid, MLME_SETPROTECTION_PROTECT_TYPE_RX, in wpa_supplicant_process_3_of_4()
2744 eapol_sm_notify_portValid(sm->eapol, true); in wpa_supplicant_process_3_of_4()
2751 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_3_of_4()
2755 } else if (sm->group_cipher == WPA_CIPHER_GTK_NOT_USED) { in wpa_supplicant_process_3_of_4()
2757 } else if (!ie.gtk && sm->proto == WPA_PROTO_RSN) { in wpa_supplicant_process_3_of_4()
2758 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_3_of_4()
2759 "RSN: No GTK KDE included in EAPOL-Key msg 3/4"); in wpa_supplicant_process_3_of_4()
2764 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_3_of_4()
2771 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_3_of_4()
2776 if (mlo || sm->group_cipher == WPA_CIPHER_GTK_NOT_USED || ie.gtk) in wpa_supplicant_process_3_of_4()
2777 wpa_supplicant_key_neg_complete(sm, sm->bssid, in wpa_supplicant_process_3_of_4()
2785 * existing PMKSA entry after each 4-way handshake (i.e., new KCK/PMKID) in wpa_supplicant_process_3_of_4()
2788 if (sm->proto == WPA_PROTO_RSN && wpa_key_mgmt_suite_b(sm->key_mgmt) && in wpa_supplicant_process_3_of_4()
2789 !sm->cur_pmksa) { in wpa_supplicant_process_3_of_4()
2792 sa = pmksa_cache_add(sm->pmksa, sm->pmk, sm->pmk_len, NULL, in wpa_supplicant_process_3_of_4()
2793 sm->ptk.kck, sm->ptk.kck_len, in wpa_supplicant_process_3_of_4()
2794 wpa_sm_get_auth_addr(sm), sm->own_addr, in wpa_supplicant_process_3_of_4()
2795 sm->network_ctx, sm->key_mgmt, NULL); in wpa_supplicant_process_3_of_4()
2796 if (!sm->cur_pmksa) in wpa_supplicant_process_3_of_4()
2797 sm->cur_pmksa = sa; in wpa_supplicant_process_3_of_4()
2802 sm->msg_3_of_4_ok = 1; in wpa_supplicant_process_3_of_4()
2820 if (sm->disable_eapol_g2_tx) { in wpa_supplicant_send_2_of_2()
2821 wpa_printf(MSG_INFO, "TEST: Disable sending EAPOL-Key 2/2"); in wpa_supplicant_send_2_of_2()
2831 mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); in wpa_supplicant_send_2_of_2()
2836 return -1; in wpa_supplicant_send_2_of_2()
2838 reply->type = (sm->proto == WPA_PROTO_RSN || in wpa_supplicant_send_2_of_2()
2839 sm->proto == WPA_PROTO_OSEN) ? in wpa_supplicant_send_2_of_2()
2847 WPA_PUT_BE16(reply->key_info, key_info); in wpa_supplicant_send_2_of_2()
2848 if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) in wpa_supplicant_send_2_of_2()
2849 WPA_PUT_BE16(reply->key_length, 0); in wpa_supplicant_send_2_of_2()
2851 os_memcpy(reply->key_length, key->key_length, 2); in wpa_supplicant_send_2_of_2()
2852 os_memcpy(reply->replay_counter, key->replay_counter, in wpa_supplicant_send_2_of_2()
2865 "Failed to get channel info for OCI element in EAPOL-Key 2/2"); in wpa_supplicant_send_2_of_2()
2867 return -1; in wpa_supplicant_send_2_of_2()
2870 if (sm->oci_freq_override_eapol_g2) { in wpa_supplicant_send_2_of_2()
2872 "TEST: Override OCI KDE frequency %d -> %d MHz", in wpa_supplicant_send_2_of_2()
2874 sm->oci_freq_override_eapol_g2); in wpa_supplicant_send_2_of_2()
2875 ci.frequency = sm->oci_freq_override_eapol_g2; in wpa_supplicant_send_2_of_2()
2882 return -1; in wpa_supplicant_send_2_of_2()
2887 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Sending EAPOL-Key 2/2"); in wpa_supplicant_send_2_of_2()
2888 return wpa_eapol_key_send(sm, &sm->ptk, ver, wpa_sm_get_auth_addr(sm), in wpa_supplicant_send_2_of_2()
2903 if (!sm->msg_3_of_4_ok && !wpa_fils_is_completed(sm)) { in wpa_supplicant_process_mlo_1_of_2()
2904 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_mlo_1_of_2()
2905 "MLO RSN: Group Key Handshake started prior to completion of 4-way handshake"); in wpa_supplicant_process_mlo_1_of_2()
2909 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "MLO RSN: RX message 1 of Group " in wpa_supplicant_process_mlo_1_of_2()
2913 key_info = WPA_GET_BE16(key->key_info); in wpa_supplicant_process_mlo_1_of_2()
2923 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_mlo_1_of_2()
2929 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_mlo_1_of_2()
2939 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_mlo_1_of_2()
2940 "Failed to get channel info to validate received OCI in EAPOL-Key group msg 1/2"); in wpa_supplicant_process_mlo_1_of_2()
2947 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, OCV_FAILURE in wpa_supplicant_process_mlo_1_of_2()
2948 "addr=" MACSTR " frame=eapol-key-g1 error=%s", in wpa_supplicant_process_mlo_1_of_2()
2949 MAC2STR(sm->bssid), ocv_errorstr); in wpa_supplicant_process_mlo_1_of_2()
2956 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_mlo_1_of_2()
2959 for_each_link(sm->mlo.valid_links, i) { in wpa_supplicant_process_mlo_1_of_2()
2975 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "MLO RSN: Group rekeying completed " in wpa_supplicant_process_mlo_1_of_2()
2976 "with " MACSTR " [GTK=%s]", MAC2STR(sm->mlo.ap_mld_addr), in wpa_supplicant_process_mlo_1_of_2()
2977 wpa_cipher_txt(sm->group_cipher)); in wpa_supplicant_process_mlo_1_of_2()
3003 if (!sm->msg_3_of_4_ok) { in wpa_supplicant_process_1_of_2_wpa()
3004 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2_wpa()
3005 "WPA: Group Key Handshake started prior to completion of 4-way handshake"); in wpa_supplicant_process_1_of_2_wpa()
3012 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_process_1_of_2_wpa()
3016 key_info = WPA_GET_BE16(key->key_info); in wpa_supplicant_process_1_of_2_wpa()
3018 gtk_len = WPA_GET_BE16(key->key_length); in wpa_supplicant_process_1_of_2_wpa()
3022 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2_wpa()
3027 maxkeylen -= 8; in wpa_supplicant_process_1_of_2_wpa()
3031 wpa_supplicant_check_group_cipher(sm, sm->group_cipher, in wpa_supplicant_process_1_of_2_wpa()
3041 if (ver == WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 && sm->ptk.kek_len == 16) { in wpa_supplicant_process_1_of_2_wpa()
3043 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_2_wpa()
3049 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_2_wpa()
3054 os_memcpy(ek, key->key_iv, 16); in wpa_supplicant_process_1_of_2_wpa()
3055 os_memcpy(ek + 16, sm->ptk.kek, sm->ptk.kek_len); in wpa_supplicant_process_1_of_2_wpa()
3059 wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, in wpa_supplicant_process_1_of_2_wpa()
3067 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_2_wpa()
3068 "WPA: Unsupported AES-WRAP len %lu", in wpa_supplicant_process_1_of_2_wpa()
3073 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_2_wpa()
3074 "WPA: AES-WRAP key data " in wpa_supplicant_process_1_of_2_wpa()
3080 if (aes_unwrap(sm->ptk.kek, sm->ptk.kek_len, maxkeylen / 8, in wpa_supplicant_process_1_of_2_wpa()
3082 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_2_wpa()
3083 "WPA: AES unwrap failed - could not decrypt " in wpa_supplicant_process_1_of_2_wpa()
3088 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_2_wpa()
3095 key_rsc = key->key_rsc; in wpa_supplicant_process_1_of_2_wpa()
3096 if (wpa_supplicant_rsc_relaxation(sm, key->key_rsc)) in wpa_supplicant_process_1_of_2_wpa()
3105 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2_wpa()
3108 MAC2STR(sm->bssid), wpa_cipher_txt(sm->group_cipher)); in wpa_supplicant_process_1_of_2_wpa()
3112 wpa_supplicant_key_neg_complete(sm, sm->bssid, in wpa_supplicant_process_1_of_2_wpa()
3139 if (!sm->msg_3_of_4_ok && !wpa_fils_is_completed(sm)) { in wpa_supplicant_process_1_of_2()
3140 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2()
3141 "RSN: Group Key Handshake started prior to completion of 4-way handshake"); in wpa_supplicant_process_1_of_2()
3147 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_process_1_of_2()
3151 key_info = WPA_GET_BE16(key->key_info); in wpa_supplicant_process_1_of_2()
3161 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_2()
3166 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2()
3172 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2()
3177 gtk_len -= 2; in wpa_supplicant_process_1_of_2()
3179 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2()
3190 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_2()
3191 "Failed to get channel info to validate received OCI in EAPOL-Key group msg 1/2"); in wpa_supplicant_process_1_of_2()
3198 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, OCV_FAILURE in wpa_supplicant_process_1_of_2()
3199 "addr=" MACSTR " frame=eapol-key-g1 error=%s", in wpa_supplicant_process_1_of_2()
3200 MAC2STR(sm->bssid), ocv_errorstr); in wpa_supplicant_process_1_of_2()
3206 if (wpa_supplicant_check_group_cipher(sm, sm->group_cipher, in wpa_supplicant_process_1_of_2()
3219 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2()
3222 key_rsc = key->key_rsc; in wpa_supplicant_process_1_of_2()
3223 if (wpa_supplicant_rsc_relaxation(sm, key->key_rsc)) in wpa_supplicant_process_1_of_2()
3231 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2()
3233 MAC2STR(sm->bssid), wpa_cipher_txt(sm->group_cipher)); in wpa_supplicant_process_1_of_2()
3254 size_t mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); in wpa_supplicant_verify_eapol_key_mic()
3257 if (sm->tptk_set) { in wpa_supplicant_verify_eapol_key_mic()
3259 if (wpa_eapol_key_mic(sm->tptk.kck, sm->tptk.kck_len, in wpa_supplicant_verify_eapol_key_mic()
3260 sm->key_mgmt, in wpa_supplicant_verify_eapol_key_mic()
3263 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_verify_eapol_key_mic()
3264 "WPA: Invalid EAPOL-Key MIC " in wpa_supplicant_verify_eapol_key_mic()
3265 "when using TPTK - ignoring TPTK"); in wpa_supplicant_verify_eapol_key_mic()
3276 sm->tptk_set = 0; in wpa_supplicant_verify_eapol_key_mic()
3277 sm->ptk_set = 1; in wpa_supplicant_verify_eapol_key_mic()
3278 os_memcpy(&sm->ptk, &sm->tptk, sizeof(sm->ptk)); in wpa_supplicant_verify_eapol_key_mic()
3279 os_memset(&sm->tptk, 0, sizeof(sm->tptk)); in wpa_supplicant_verify_eapol_key_mic()
3281 * This assures the same TPTK in sm->tptk can never be in wpa_supplicant_verify_eapol_key_mic()
3282 * copied twice to sm->ptk as the new PTK. In in wpa_supplicant_verify_eapol_key_mic()
3287 sm->renew_snonce = 1; in wpa_supplicant_verify_eapol_key_mic()
3291 if (!ok && sm->ptk_set) { in wpa_supplicant_verify_eapol_key_mic()
3293 if (wpa_eapol_key_mic(sm->ptk.kck, sm->ptk.kck_len, in wpa_supplicant_verify_eapol_key_mic()
3294 sm->key_mgmt, in wpa_supplicant_verify_eapol_key_mic()
3297 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_verify_eapol_key_mic()
3298 "WPA: Invalid EAPOL-Key MIC - " in wpa_supplicant_verify_eapol_key_mic()
3305 return -1; in wpa_supplicant_verify_eapol_key_mic()
3314 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_verify_eapol_key_mic()
3315 "WPA: Could not verify EAPOL-Key MIC - " in wpa_supplicant_verify_eapol_key_mic()
3317 return -1; in wpa_supplicant_verify_eapol_key_mic()
3320 os_memcpy(sm->rx_replay_counter, key->replay_counter, in wpa_supplicant_verify_eapol_key_mic()
3322 sm->rx_replay_counter_set = 1; in wpa_supplicant_verify_eapol_key_mic()
3327 /* Decrypt RSN EAPOL-Key key data (RC4 or AES-WRAP) */
3335 if (!sm->ptk_set) { in wpa_supplicant_decrypt_key_data()
3336 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_decrypt_key_data()
3337 "WPA: PTK not available, cannot decrypt EAPOL-Key Key " in wpa_supplicant_decrypt_key_data()
3339 return -1; in wpa_supplicant_decrypt_key_data()
3344 if (ver == WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 && sm->ptk.kek_len == 16) { in wpa_supplicant_decrypt_key_data()
3346 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_decrypt_key_data()
3348 return -1; in wpa_supplicant_decrypt_key_data()
3353 os_memcpy(ek, key->key_iv, 16); in wpa_supplicant_decrypt_key_data()
3354 os_memcpy(ek + 16, sm->ptk.kek, sm->ptk.kek_len); in wpa_supplicant_decrypt_key_data()
3357 wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, in wpa_supplicant_decrypt_key_data()
3359 return -1; in wpa_supplicant_decrypt_key_data()
3365 wpa_use_aes_key_wrap(sm->key_mgmt)) { in wpa_supplicant_decrypt_key_data()
3369 "WPA: Decrypt Key Data using AES-UNWRAP (KEK length %u)", in wpa_supplicant_decrypt_key_data()
3370 (unsigned int) sm->ptk.kek_len); in wpa_supplicant_decrypt_key_data()
3372 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_decrypt_key_data()
3373 "WPA: Unsupported AES-WRAP len %u", in wpa_supplicant_decrypt_key_data()
3375 return -1; in wpa_supplicant_decrypt_key_data()
3377 *key_data_len -= 8; /* AES-WRAP adds 8 bytes */ in wpa_supplicant_decrypt_key_data()
3380 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_decrypt_key_data()
3381 "WPA: No memory for AES-UNWRAP buffer"); in wpa_supplicant_decrypt_key_data()
3382 return -1; in wpa_supplicant_decrypt_key_data()
3387 if (aes_unwrap(sm->ptk.kek, sm->ptk.kek_len, *key_data_len / 8, in wpa_supplicant_decrypt_key_data()
3395 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_decrypt_key_data()
3396 "WPA: AES unwrap failed - " in wpa_supplicant_decrypt_key_data()
3397 "could not decrypt EAPOL-Key key data"); in wpa_supplicant_decrypt_key_data()
3398 return -1; in wpa_supplicant_decrypt_key_data()
3407 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_decrypt_key_data()
3409 return -1; in wpa_supplicant_decrypt_key_data()
3411 wpa_hexdump_key(MSG_DEBUG, "WPA: decrypted EAPOL-Key key data", in wpa_supplicant_decrypt_key_data()
3418 * wpa_sm_aborted_cached - Notify WPA that PMKSA caching was aborted
3423 if (sm && sm->cur_pmksa) { in wpa_sm_aborted_cached()
3424 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_aborted_cached()
3426 sm->cur_pmksa = NULL; in wpa_sm_aborted_cached()
3433 if (sm && sm->cur_pmksa && sm->cur_pmksa->external) { in wpa_sm_aborted_external_cached()
3434 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_aborted_external_cached()
3436 sm->cur_pmksa = NULL; in wpa_sm_aborted_external_cached()
3447 u16 key_info = WPA_GET_BE16(key->key_info); in wpa_eapol_key_dump()
3449 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, " EAPOL-Key type=%d", key->type); in wpa_eapol_key_dump()
3450 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_eapol_key_dump()
3464 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_eapol_key_dump()
3466 WPA_GET_BE16(key->key_length), key_data_len); in wpa_eapol_key_dump()
3468 key->replay_counter, WPA_REPLAY_COUNTER_LEN); in wpa_eapol_key_dump()
3469 wpa_hexdump(MSG_DEBUG, " key_nonce", key->key_nonce, WPA_NONCE_LEN); in wpa_eapol_key_dump()
3470 wpa_hexdump(MSG_DEBUG, " key_iv", key->key_iv, 16); in wpa_eapol_key_dump()
3471 wpa_hexdump(MSG_DEBUG, " key_rsc", key->key_rsc, 8); in wpa_eapol_key_dump()
3472 wpa_hexdump(MSG_DEBUG, " key_id (reserved)", key->key_id, 8); in wpa_eapol_key_dump()
3490 wpa_printf(MSG_INFO, "No room for AES-SIV data in the frame"); in wpa_supp_aead_decrypt()
3491 return -1; in wpa_supp_aead_decrypt()
3494 if (sm->tptk_set) in wpa_supp_aead_decrypt()
3495 ptk = &sm->tptk; in wpa_supp_aead_decrypt()
3496 else if (sm->ptk_set) in wpa_supp_aead_decrypt()
3497 ptk = &sm->ptk; in wpa_supp_aead_decrypt()
3499 return -1; in wpa_supp_aead_decrypt()
3508 return -1; in wpa_supp_aead_decrypt()
3510 /* AES-SIV AAD from EAPOL protocol version field (inclusive) to in wpa_supp_aead_decrypt()
3513 aad_len[0] = pos - buf; in wpa_supp_aead_decrypt()
3514 if (aes_siv_decrypt(ptk->kek, ptk->kek_len, pos, *key_data_len, in wpa_supp_aead_decrypt()
3516 wpa_printf(MSG_INFO, "Invalid AES-SIV data in the frame"); in wpa_supp_aead_decrypt()
3518 return -1; in wpa_supp_aead_decrypt()
3522 (*key_data_len) -= AES_BLOCK_SIZE; in wpa_supp_aead_decrypt()
3528 pos -= 2; /* Key Data Length field */ in wpa_supp_aead_decrypt()
3532 if (sm->tptk_set) { in wpa_supp_aead_decrypt()
3533 sm->tptk_set = 0; in wpa_supp_aead_decrypt()
3534 sm->ptk_set = 1; in wpa_supp_aead_decrypt()
3535 os_memcpy(&sm->ptk, &sm->tptk, sizeof(sm->ptk)); in wpa_supp_aead_decrypt()
3536 os_memset(&sm->tptk, 0, sizeof(sm->tptk)); in wpa_supp_aead_decrypt()
3539 os_memcpy(sm->rx_replay_counter, key->replay_counter, in wpa_supp_aead_decrypt()
3541 sm->rx_replay_counter_set = 1; in wpa_supp_aead_decrypt()
3556 key_info = WPA_GET_BE16(key->key_info); in wpa_sm_rx_eapol_wpa()
3558 if (key->type != EAPOL_KEY_TYPE_WPA) { in wpa_sm_rx_eapol_wpa()
3559 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol_wpa()
3560 "WPA: Unsupported EAPOL-Key type %d", key->type); in wpa_sm_rx_eapol_wpa()
3561 return -1; in wpa_sm_rx_eapol_wpa()
3567 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol_wpa()
3568 "WPA: Unsupported EAPOL-Key descriptor version %d", in wpa_sm_rx_eapol_wpa()
3570 return -1; in wpa_sm_rx_eapol_wpa()
3573 if (sm->pairwise_cipher == WPA_CIPHER_CCMP && in wpa_sm_rx_eapol_wpa()
3575 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol_wpa()
3576 "WPA: CCMP is used, but EAPOL-Key descriptor version (%d) is not 2", in wpa_sm_rx_eapol_wpa()
3578 if (sm->group_cipher != WPA_CIPHER_CCMP && in wpa_sm_rx_eapol_wpa()
3581 * require version 2 descriptor for all EAPOL-Key in wpa_sm_rx_eapol_wpa()
3584 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol_wpa()
3585 "WPA: Backwards compatibility: allow invalid version for non-CCMP group keys"); in wpa_sm_rx_eapol_wpa()
3587 return -1; in wpa_sm_rx_eapol_wpa()
3592 return -1; in wpa_sm_rx_eapol_wpa()
3596 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_sm_rx_eapol_wpa()
3597 "WPA: Ignored EAPOL-Key (Pairwise) with non-zero key index"); in wpa_sm_rx_eapol_wpa()
3598 return -1; in wpa_sm_rx_eapol_wpa()
3602 /* 3/4 4-Way Handshake */ in wpa_sm_rx_eapol_wpa()
3607 /* 1/4 4-Way Handshake */ in wpa_sm_rx_eapol_wpa()
3621 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_sm_rx_eapol_wpa()
3622 "WPA: EAPOL-Key (Group) without Mic/Encr bit - dropped"); in wpa_sm_rx_eapol_wpa()
3631 * wpa_sm_rx_eapol - Process received WPA EAPOL frames
3637 * Returns: 1 = WPA EAPOL-Key processed, 0 = not a WPA EAPOL-Key, -1 failure
3639 * This function is called for each received EAPOL frame. Other than EAPOL-Key
3641 * only processing WPA and WPA2 EAPOL-Key frames.
3643 * The received EAPOL-Key packets are validated and valid packets are replied
3655 int ret = -1; in wpa_sm_rx_eapol()
3660 sm->ft_completed = 0; in wpa_sm_rx_eapol()
3663 pmk_len = sm->pmk_len; in wpa_sm_rx_eapol()
3664 if (!pmk_len && sm->cur_pmksa) in wpa_sm_rx_eapol()
3665 pmk_len = sm->cur_pmksa->pmk_len; in wpa_sm_rx_eapol()
3666 mic_len = wpa_mic_len(sm->key_mgmt, pmk_len); in wpa_sm_rx_eapol()
3670 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_rx_eapol()
3672 "EAPOL-Key (len %lu, expecting at least %lu)", in wpa_sm_rx_eapol()
3679 plen = be_to_host16(hdr->length); in wpa_sm_rx_eapol()
3681 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_rx_eapol()
3683 hdr->version, hdr->type, (unsigned long) plen); in wpa_sm_rx_eapol()
3685 if (hdr->version < EAPOL_VERSION) { in wpa_sm_rx_eapol()
3688 if (hdr->type != IEEE802_1X_TYPE_EAPOL_KEY) { in wpa_sm_rx_eapol()
3689 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_rx_eapol()
3691 "not a Key frame", hdr->type); in wpa_sm_rx_eapol()
3695 wpa_hexdump(MSG_MSGDUMP, "WPA: RX EAPOL-Key", buf, len); in wpa_sm_rx_eapol()
3696 if (plen > len - sizeof(*hdr) || plen < keyhdrlen) { in wpa_sm_rx_eapol()
3697 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_rx_eapol()
3705 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_rx_eapol()
3707 (unsigned long) len - data_len); in wpa_sm_rx_eapol()
3721 if (key->type != EAPOL_KEY_TYPE_WPA && key->type != EAPOL_KEY_TYPE_RSN) in wpa_sm_rx_eapol()
3723 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_rx_eapol()
3724 "WPA: EAPOL-Key type (%d) unknown, discarded", in wpa_sm_rx_eapol()
3725 key->type); in wpa_sm_rx_eapol()
3733 if (key_data_len > plen - keyhdrlen) { in wpa_sm_rx_eapol()
3734 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: Invalid EAPOL-Key " in wpa_sm_rx_eapol()
3735 "frame - key_data overflow (%u > %u)", in wpa_sm_rx_eapol()
3737 (unsigned int) (plen - keyhdrlen)); in wpa_sm_rx_eapol()
3741 if (sm->rx_replay_counter_set && in wpa_sm_rx_eapol()
3742 os_memcmp(key->replay_counter, sm->rx_replay_counter, in wpa_sm_rx_eapol()
3744 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_sm_rx_eapol()
3745 "WPA: EAPOL-Key Replay Counter did not increase - dropping packet"); in wpa_sm_rx_eapol()
3749 eapol_sm_notify_lower_layer_success(sm->eapol, 0); in wpa_sm_rx_eapol()
3751 key_info = WPA_GET_BE16(key->key_info); in wpa_sm_rx_eapol()
3754 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3760 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3766 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3767 "WPA: EAPOL-Key with Request bit - dropped"); in wpa_sm_rx_eapol()
3771 if (sm->proto == WPA_PROTO_WPA) { in wpa_sm_rx_eapol()
3778 if (key->type != EAPOL_KEY_TYPE_RSN) { in wpa_sm_rx_eapol()
3779 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3780 "RSN: Unsupported EAPOL-Key type %d", key->type); in wpa_sm_rx_eapol()
3788 !wpa_use_akm_defined(sm->key_mgmt)) { in wpa_sm_rx_eapol()
3789 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3790 "RSN: Unsupported EAPOL-Key descriptor version %d", in wpa_sm_rx_eapol()
3796 sm->pairwise_cipher != WPA_CIPHER_TKIP) { in wpa_sm_rx_eapol()
3797 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3798 "RSN: EAPOL-Key descriptor version %d not allowed without TKIP as the pairwise cipher", in wpa_sm_rx_eapol()
3804 (sm->key_mgmt != WPA_KEY_MGMT_IEEE8021X && in wpa_sm_rx_eapol()
3805 sm->key_mgmt != WPA_KEY_MGMT_PSK)) { in wpa_sm_rx_eapol()
3806 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3807 "RSN: EAPOL-Key descriptor version %d not allowed due to negotiated AKM (0x%x)", in wpa_sm_rx_eapol()
3808 ver, sm->key_mgmt); in wpa_sm_rx_eapol()
3812 if (wpa_use_akm_defined(sm->key_mgmt) && in wpa_sm_rx_eapol()
3814 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3815 "RSN: Unsupported EAPOL-Key descriptor version %d (expected AKM defined = 0)", in wpa_sm_rx_eapol()
3821 if (wpa_key_mgmt_ft(sm->key_mgmt)) { in wpa_sm_rx_eapol()
3822 /* IEEE 802.11r uses a new key_info type (AES-128-CMAC). */ in wpa_sm_rx_eapol()
3824 !wpa_use_akm_defined(sm->key_mgmt)) { in wpa_sm_rx_eapol()
3825 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3826 "FT: AP did not use AES-128-CMAC"); in wpa_sm_rx_eapol()
3831 if (wpa_key_mgmt_sha256(sm->key_mgmt)) { in wpa_sm_rx_eapol()
3833 !wpa_use_akm_defined(sm->key_mgmt)) { in wpa_sm_rx_eapol()
3834 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3835 "RSN: AP did not use the negotiated AES-128-CMAC"); in wpa_sm_rx_eapol()
3838 } else if (sm->pairwise_cipher == WPA_CIPHER_CCMP && in wpa_sm_rx_eapol()
3839 !wpa_use_akm_defined(sm->key_mgmt) && in wpa_sm_rx_eapol()
3841 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3842 "RSN: CCMP is used, but EAPOL-Key descriptor version (%d) is not 2", ver); in wpa_sm_rx_eapol()
3844 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3845 …erability workaround: allow incorrect (should have been HMAC-SHA1), but stronger (is AES-128-CMAC)… in wpa_sm_rx_eapol()
3847 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3851 } else if (sm->pairwise_cipher == WPA_CIPHER_GCMP && in wpa_sm_rx_eapol()
3852 !wpa_use_akm_defined(sm->key_mgmt) && in wpa_sm_rx_eapol()
3854 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3855 "RSN: GCMP is used, but EAPOL-Key descriptor version (%d) is not 2", in wpa_sm_rx_eapol()
3871 if ((sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) && in wpa_sm_rx_eapol()
3875 * was verified. When using AES-SIV (FILS), the MIC flag is not in wpa_sm_rx_eapol()
3880 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_sm_rx_eapol()
3881 "WPA: Ignore EAPOL-Key with encrypted but unauthenticated data"); in wpa_sm_rx_eapol()
3892 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_sm_rx_eapol()
3893 "RSN: Ignored EAPOL-Key (Pairwise) with non-zero key index"); in wpa_sm_rx_eapol()
3898 /* 3/4 4-Way Handshake */ in wpa_sm_rx_eapol()
3902 /* 1/4 4-Way Handshake */ in wpa_sm_rx_eapol()
3912 if (sm->mlo.valid_links) in wpa_sm_rx_eapol()
3923 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_sm_rx_eapol()
3924 "RSN: EAPOL-Key (Group) without Mic/Encr bit - dropped"); in wpa_sm_rx_eapol()
3939 switch (sm->key_mgmt) { in wpa_key_mgmt_suite()
3941 return ((sm->proto == WPA_PROTO_RSN || in wpa_key_mgmt_suite()
3942 sm->proto == WPA_PROTO_OSEN) ? in wpa_key_mgmt_suite()
3946 return (sm->proto == WPA_PROTO_RSN ? in wpa_key_mgmt_suite()
3960 return (sm->proto == WPA_PROTO_RSN ? in wpa_key_mgmt_suite()
3977 #define RSN_SUITE "%02x-%02x-%02x-%d"
3982 * wpa_sm_get_mib - Dump text list of MIB entries
3997 if (sm->cur_pmksa) { in wpa_sm_get_mib()
3999 sm->cur_pmksa->pmkid, PMKID_LEN); in wpa_sm_get_mib()
4003 rsna = (wpa_key_mgmt_wpa_psk(sm->key_mgmt) || in wpa_sm_get_mib()
4004 wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt)) && in wpa_sm_get_mib()
4005 sm->proto == WPA_PROTO_RSN; in wpa_sm_get_mib()
4022 wpa_cipher_key_len(sm->group_cipher) * 8, in wpa_sm_get_mib()
4023 sm->dot11RSNAConfigPMKLifetime, in wpa_sm_get_mib()
4024 sm->dot11RSNAConfigPMKReauthThreshold, in wpa_sm_get_mib()
4025 sm->dot11RSNAConfigSATimeout); in wpa_sm_get_mib()
4031 buf + len, buflen - len, in wpa_sm_get_mib()
4042 RSN_SUITE_ARG(wpa_cipher_to_suite(sm->proto, in wpa_sm_get_mib()
4043 sm->pairwise_cipher)), in wpa_sm_get_mib()
4044 RSN_SUITE_ARG(wpa_cipher_to_suite(sm->proto, in wpa_sm_get_mib()
4045 sm->group_cipher)), in wpa_sm_get_mib()
4048 RSN_SUITE_ARG(wpa_cipher_to_suite(sm->proto, in wpa_sm_get_mib()
4049 sm->pairwise_cipher)), in wpa_sm_get_mib()
4050 RSN_SUITE_ARG(wpa_cipher_to_suite(sm->proto, in wpa_sm_get_mib()
4051 sm->group_cipher)), in wpa_sm_get_mib()
4052 sm->dot11RSNA4WayHandshakeFailures); in wpa_sm_get_mib()
4053 if (!os_snprintf_error(buflen - len, ret)) in wpa_sm_get_mib()
4067 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "RSN: PMKSA cache entry free_cb: " in wpa_sm_pmksa_free_cb()
4068 MACSTR " reason=%d", MAC2STR(entry->aa), reason); in wpa_sm_pmksa_free_cb()
4070 if (sm->cur_pmksa == entry) { in wpa_sm_pmksa_free_cb()
4071 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_pmksa_free_cb()
4078 * deauthenticate because it will be immediately re-added. in wpa_sm_pmksa_free_cb()
4087 (sm->pmk_len == entry->pmk_len && in wpa_sm_pmksa_free_cb()
4088 os_memcmp(sm->pmk, entry->pmk, sm->pmk_len) == 0)) { in wpa_sm_pmksa_free_cb()
4089 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_pmksa_free_cb()
4096 sm->pmk_len = 0; in wpa_sm_pmksa_free_cb()
4097 os_memset(sm->pmk, 0, sizeof(sm->pmk)); in wpa_sm_pmksa_free_cb()
4108 return sm->cur_pmksa == entry; in wpa_sm_pmksa_is_current_cb()
4122 * wpa_sm_init - Initialize WPA state machine
4136 dl_list_init(&sm->pmksa_candidates); in wpa_sm_init()
4137 sm->renew_snonce = 1; in wpa_sm_init()
4138 sm->ctx = ctx; in wpa_sm_init()
4140 sm->dot11RSNAConfigPMKLifetime = 43200; in wpa_sm_init()
4141 sm->dot11RSNAConfigPMKReauthThreshold = 70; in wpa_sm_init()
4142 sm->dot11RSNAConfigSATimeout = 60; in wpa_sm_init()
4144 sm->pmksa = pmksa_cache_init(wpa_sm_pmksa_free_cb, in wpa_sm_init()
4147 if (sm->pmksa == NULL) { in wpa_sm_init()
4148 wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, in wpa_sm_init()
4159 * wpa_sm_deinit - Deinitialize WPA state machine
4168 pmksa_cache_deinit(sm->pmksa); in wpa_sm_deinit()
4171 os_free(sm->assoc_wpa_ie); in wpa_sm_deinit()
4172 os_free(sm->assoc_rsnxe); in wpa_sm_deinit()
4173 os_free(sm->ap_wpa_ie); in wpa_sm_deinit()
4174 os_free(sm->ap_rsn_ie); in wpa_sm_deinit()
4175 os_free(sm->ap_rsnxe); in wpa_sm_deinit()
4177 os_free(sm->mlo.links[i].ap_rsne); in wpa_sm_deinit()
4178 os_free(sm->mlo.links[i].ap_rsnxe); in wpa_sm_deinit()
4181 os_free(sm->ctx); in wpa_sm_deinit()
4183 os_free(sm->assoc_resp_ies); in wpa_sm_deinit()
4186 wpabuf_free(sm->test_assoc_ie); in wpa_sm_deinit()
4187 wpabuf_free(sm->test_eapol_m2_elems); in wpa_sm_deinit()
4188 wpabuf_free(sm->test_eapol_m4_elems); in wpa_sm_deinit()
4191 crypto_ecdh_deinit(sm->fils_ecdh); in wpa_sm_deinit()
4194 wpabuf_free(sm->fils_ft_ies); in wpa_sm_deinit()
4197 crypto_ecdh_deinit(sm->owe_ecdh); in wpa_sm_deinit()
4200 wpabuf_clear_free(sm->dpp_z); in wpa_sm_deinit()
4210 sm->ptk_set = 0; in wpa_sm_clear_ptk()
4211 os_memset(&sm->ptk, 0, sizeof(sm->ptk)); in wpa_sm_clear_ptk()
4212 sm->tptk_set = 0; in wpa_sm_clear_ptk()
4213 os_memset(&sm->tptk, 0, sizeof(sm->tptk)); in wpa_sm_clear_ptk()
4214 os_memset(&sm->gtk, 0, sizeof(sm->gtk)); in wpa_sm_clear_ptk()
4215 os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep)); in wpa_sm_clear_ptk()
4216 os_memset(&sm->igtk, 0, sizeof(sm->igtk)); in wpa_sm_clear_ptk()
4217 os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep)); in wpa_sm_clear_ptk()
4218 os_memset(&sm->bigtk, 0, sizeof(sm->bigtk)); in wpa_sm_clear_ptk()
4219 os_memset(&sm->bigtk_wnm_sleep, 0, sizeof(sm->bigtk_wnm_sleep)); in wpa_sm_clear_ptk()
4220 sm->tk_set = false; in wpa_sm_clear_ptk()
4222 os_memset(&sm->mlo.links[i].gtk, 0, in wpa_sm_clear_ptk()
4223 sizeof(sm->mlo.links[i].gtk)); in wpa_sm_clear_ptk()
4224 os_memset(&sm->mlo.links[i].gtk_wnm_sleep, 0, in wpa_sm_clear_ptk()
4225 sizeof(sm->mlo.links[i].gtk_wnm_sleep)); in wpa_sm_clear_ptk()
4226 os_memset(&sm->mlo.links[i].igtk, 0, in wpa_sm_clear_ptk()
4227 sizeof(sm->mlo.links[i].igtk)); in wpa_sm_clear_ptk()
4228 os_memset(&sm->mlo.links[i].igtk_wnm_sleep, 0, in wpa_sm_clear_ptk()
4229 sizeof(sm->mlo.links[i].igtk_wnm_sleep)); in wpa_sm_clear_ptk()
4230 os_memset(&sm->mlo.links[i].bigtk, 0, in wpa_sm_clear_ptk()
4231 sizeof(sm->mlo.links[i].bigtk)); in wpa_sm_clear_ptk()
4232 os_memset(&sm->mlo.links[i].bigtk_wnm_sleep, 0, in wpa_sm_clear_ptk()
4233 sizeof(sm->mlo.links[i].bigtk_wnm_sleep)); in wpa_sm_clear_ptk()
4239 * wpa_sm_notify_assoc - Notify WPA state machine about association
4253 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_notify_assoc()
4254 "WPA: Association event - clear replay counter"); in wpa_sm_notify_assoc()
4255 os_memcpy(sm->bssid, bssid, ETH_ALEN); in wpa_sm_notify_assoc()
4256 os_memset(sm->rx_replay_counter, 0, WPA_REPLAY_COUNTER_LEN); in wpa_sm_notify_assoc()
4257 sm->rx_replay_counter_set = 0; in wpa_sm_notify_assoc()
4258 sm->renew_snonce = 1; in wpa_sm_notify_assoc()
4259 if (ether_addr_equal(sm->preauth_bssid, bssid)) in wpa_sm_notify_assoc()
4265 * Clear portValid to kick EAPOL state machine to re-enter in wpa_sm_notify_assoc()
4268 eapol_sm_notify_portValid(sm->eapol, false); in wpa_sm_notify_assoc()
4269 wpa_supplicant_key_neg_complete(sm, sm->bssid, 1); in wpa_sm_notify_assoc()
4275 sm->ft_protocol = 1; in wpa_sm_notify_assoc()
4277 sm->ft_protocol = 0; in wpa_sm_notify_assoc()
4281 if (sm->fils_completed) { in wpa_sm_notify_assoc()
4283 * Clear portValid to kick EAPOL state machine to re-enter in wpa_sm_notify_assoc()
4286 wpa_supplicant_key_neg_complete(sm, sm->bssid, 1); in wpa_sm_notify_assoc()
4296 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Clear old PTK"); in wpa_sm_notify_assoc()
4305 os_memset(sm->p2p_ip_addr, 0, sizeof(sm->p2p_ip_addr)); in wpa_sm_notify_assoc()
4308 sm->keyidx_active = 0; in wpa_sm_notify_assoc()
4313 * wpa_sm_notify_disassoc - Notify WPA state machine about disassociation
4317 * was lost. This will abort any existing pre-authentication session.
4326 sm->dot11RSNA4WayHandshakeFailures++; in wpa_sm_notify_disassoc()
4331 sm->fils_completed = 0; in wpa_sm_notify_disassoc()
4334 sm->ft_reassoc_completed = 0; in wpa_sm_notify_disassoc()
4335 sm->ft_protocol = 0; in wpa_sm_notify_disassoc()
4340 sm->keyidx_active = 0; in wpa_sm_notify_disassoc()
4342 sm->msg_3_of_4_ok = 0; in wpa_sm_notify_disassoc()
4343 os_memset(sm->bssid, 0, ETH_ALEN); in wpa_sm_notify_disassoc()
4348 * wpa_sm_set_pmk - Set PMK
4365 sm->pmk_len = pmk_len; in wpa_sm_set_pmk()
4366 os_memcpy(sm->pmk, pmk, pmk_len); in wpa_sm_set_pmk()
4370 sm->xxkey_len = pmk_len; in wpa_sm_set_pmk()
4371 os_memcpy(sm->xxkey, pmk, pmk_len); in wpa_sm_set_pmk()
4375 sm->cur_pmksa = pmksa_cache_add(sm->pmksa, pmk, pmk_len, in wpa_sm_set_pmk()
4377 sm->own_addr, in wpa_sm_set_pmk()
4378 sm->network_ctx, sm->key_mgmt, in wpa_sm_set_pmk()
4385 * wpa_sm_set_pmk_from_pmksa - Set PMK based on the current PMKSA
4396 if (sm->cur_pmksa) { in wpa_sm_set_pmk_from_pmksa()
4399 sm->cur_pmksa->pmk, sm->cur_pmksa->pmk_len); in wpa_sm_set_pmk_from_pmksa()
4400 sm->pmk_len = sm->cur_pmksa->pmk_len; in wpa_sm_set_pmk_from_pmksa()
4401 os_memcpy(sm->pmk, sm->cur_pmksa->pmk, sm->pmk_len); in wpa_sm_set_pmk_from_pmksa()
4403 wpa_printf(MSG_DEBUG, "WPA: No current PMKSA - clear PMK"); in wpa_sm_set_pmk_from_pmksa()
4404 sm->pmk_len = 0; in wpa_sm_set_pmk_from_pmksa()
4405 os_memset(sm->pmk, 0, PMK_LEN_MAX); in wpa_sm_set_pmk_from_pmksa()
4411 * wpa_sm_set_fast_reauth - Set fast reauthentication (EAP) enabled/disabled
4418 sm->fast_reauth = fast_reauth; in wpa_sm_set_fast_reauth()
4423 * wpa_sm_set_scard_ctx - Set context pointer for smartcard callbacks
4431 sm->scard_ctx = scard_ctx; in wpa_sm_set_scard_ctx()
4432 if (sm->preauth_eapol) in wpa_sm_set_scard_ctx()
4433 eapol_sm_register_scard_ctx(sm->preauth_eapol, scard_ctx); in wpa_sm_set_scard_ctx()
4438 * wpa_sm_set_config - Notification of current configuration change
4452 sm->network_ctx = config->network_ctx; in wpa_sm_set_config()
4453 sm->allowed_pairwise_cipher = config->allowed_pairwise_cipher; in wpa_sm_set_config()
4454 sm->proactive_key_caching = config->proactive_key_caching; in wpa_sm_set_config()
4455 sm->eap_workaround = config->eap_workaround; in wpa_sm_set_config()
4456 sm->eap_conf_ctx = config->eap_conf_ctx; in wpa_sm_set_config()
4457 if (config->ssid) { in wpa_sm_set_config()
4458 os_memcpy(sm->ssid, config->ssid, config->ssid_len); in wpa_sm_set_config()
4459 sm->ssid_len = config->ssid_len; in wpa_sm_set_config()
4461 sm->ssid_len = 0; in wpa_sm_set_config()
4462 sm->wpa_ptk_rekey = config->wpa_ptk_rekey; in wpa_sm_set_config()
4463 sm->p2p = config->p2p; in wpa_sm_set_config()
4464 sm->wpa_rsc_relaxation = config->wpa_rsc_relaxation; in wpa_sm_set_config()
4465 sm->owe_ptk_workaround = config->owe_ptk_workaround; in wpa_sm_set_config()
4466 sm->force_kdk_derivation = config->force_kdk_derivation; in wpa_sm_set_config()
4468 if (config->fils_cache_id) { in wpa_sm_set_config()
4469 sm->fils_cache_id_set = 1; in wpa_sm_set_config()
4470 os_memcpy(sm->fils_cache_id, config->fils_cache_id, in wpa_sm_set_config()
4473 sm->fils_cache_id_set = 0; in wpa_sm_set_config()
4476 sm->beacon_prot = config->beacon_prot; in wpa_sm_set_config()
4478 sm->network_ctx = NULL; in wpa_sm_set_config()
4479 sm->allowed_pairwise_cipher = 0; in wpa_sm_set_config()
4480 sm->proactive_key_caching = 0; in wpa_sm_set_config()
4481 sm->eap_workaround = 0; in wpa_sm_set_config()
4482 sm->eap_conf_ctx = NULL; in wpa_sm_set_config()
4483 sm->ssid_len = 0; in wpa_sm_set_config()
4484 sm->wpa_ptk_rekey = 0; in wpa_sm_set_config()
4485 sm->p2p = 0; in wpa_sm_set_config()
4486 sm->wpa_rsc_relaxation = 0; in wpa_sm_set_config()
4487 sm->owe_ptk_workaround = 0; in wpa_sm_set_config()
4488 sm->beacon_prot = 0; in wpa_sm_set_config()
4489 sm->force_kdk_derivation = false; in wpa_sm_set_config()
4500 os_memcpy(sm->ssid, ssid, ssid_len); in wpa_sm_set_ssid()
4501 sm->ssid_len = ssid_len; in wpa_sm_set_ssid()
4503 sm->ssid_len = 0; in wpa_sm_set_ssid()
4513 return -1; in wpa_sm_set_mlo_params()
4515 os_memcpy(sm->mlo.ap_mld_addr, mlo->ap_mld_addr, ETH_ALEN); in wpa_sm_set_mlo_params()
4516 sm->mlo.assoc_link_id = mlo->assoc_link_id; in wpa_sm_set_mlo_params()
4517 sm->mlo.valid_links = mlo->valid_links; in wpa_sm_set_mlo_params()
4518 sm->mlo.req_links = mlo->req_links; in wpa_sm_set_mlo_params()
4524 if (sm->mlo.req_links & BIT(i)) { in wpa_sm_set_mlo_params()
4525 if (!mlo->links[i].ap_rsne || in wpa_sm_set_mlo_params()
4526 mlo->links[i].ap_rsne_len == 0) { in wpa_sm_set_mlo_params()
4527 wpa_dbg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_set_mlo_params()
4530 i, MAC2STR(mlo->links[i].bssid)); in wpa_sm_set_mlo_params()
4531 return -1; in wpa_sm_set_mlo_params()
4534 os_memcpy(sm->mlo.links[i].addr, mlo->links[i].addr, in wpa_sm_set_mlo_params()
4536 os_memcpy(sm->mlo.links[i].bssid, mlo->links[i].bssid, in wpa_sm_set_mlo_params()
4540 ie = mlo->links[i].ap_rsne; in wpa_sm_set_mlo_params()
4541 len = mlo->links[i].ap_rsne_len; in wpa_sm_set_mlo_params()
4542 os_free(sm->mlo.links[i].ap_rsne); in wpa_sm_set_mlo_params()
4544 if (sm->mlo.links[i].ap_rsne) in wpa_sm_set_mlo_params()
4545 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_mlo_params()
4548 sm->mlo.links[i].ap_rsne = NULL; in wpa_sm_set_mlo_params()
4549 sm->mlo.links[i].ap_rsne_len = 0; in wpa_sm_set_mlo_params()
4553 sm->mlo.links[i].ap_rsne = os_memdup(ie, len); in wpa_sm_set_mlo_params()
4554 if (!sm->mlo.links[i].ap_rsne) { in wpa_sm_set_mlo_params()
4555 sm->mlo.links[i].ap_rsne_len = 0; in wpa_sm_set_mlo_params()
4556 return -1; in wpa_sm_set_mlo_params()
4558 sm->mlo.links[i].ap_rsne_len = len; in wpa_sm_set_mlo_params()
4561 ie = mlo->links[i].ap_rsnxe; in wpa_sm_set_mlo_params()
4562 len = mlo->links[i].ap_rsnxe_len; in wpa_sm_set_mlo_params()
4563 os_free(sm->mlo.links[i].ap_rsnxe); in wpa_sm_set_mlo_params()
4565 if (sm->mlo.links[i].ap_rsnxe) in wpa_sm_set_mlo_params()
4566 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_mlo_params()
4569 sm->mlo.links[i].ap_rsnxe = NULL; in wpa_sm_set_mlo_params()
4570 sm->mlo.links[i].ap_rsnxe_len = 0; in wpa_sm_set_mlo_params()
4574 sm->mlo.links[i].ap_rsnxe = os_memdup(ie, len); in wpa_sm_set_mlo_params()
4575 if (!sm->mlo.links[i].ap_rsnxe) { in wpa_sm_set_mlo_params()
4576 sm->mlo.links[i].ap_rsnxe_len = 0; in wpa_sm_set_mlo_params()
4577 return -1; in wpa_sm_set_mlo_params()
4579 sm->mlo.links[i].ap_rsnxe_len = len; in wpa_sm_set_mlo_params()
4588 * wpa_sm_set_own_addr - Set own MAC address
4595 os_memcpy(sm->own_addr, addr, ETH_ALEN); in wpa_sm_set_own_addr()
4600 * wpa_sm_set_ifname - Set network interface name
4603 * @bridge_ifname: Optional bridge interface name (for pre-auth)
4609 sm->ifname = ifname; in wpa_sm_set_ifname()
4610 sm->bridge_ifname = bridge_ifname; in wpa_sm_set_ifname()
4616 * wpa_sm_set_eapol - Set EAPOL state machine pointer
4623 sm->eapol = eapol; in wpa_sm_set_eapol()
4628 * wpa_sm_set_param - Set WPA state machine parameters
4632 * Returns: 0 on success, -1 on failure
4640 return -1; in wpa_sm_set_param()
4645 sm->dot11RSNAConfigPMKLifetime = value; in wpa_sm_set_param()
4647 ret = -1; in wpa_sm_set_param()
4651 sm->dot11RSNAConfigPMKReauthThreshold = value; in wpa_sm_set_param()
4653 ret = -1; in wpa_sm_set_param()
4657 sm->dot11RSNAConfigSATimeout = value; in wpa_sm_set_param()
4659 ret = -1; in wpa_sm_set_param()
4662 sm->proto = value; in wpa_sm_set_param()
4665 sm->pairwise_cipher = value; in wpa_sm_set_param()
4668 sm->group_cipher = value; in wpa_sm_set_param()
4671 sm->key_mgmt = value; in wpa_sm_set_param()
4674 sm->mgmt_group_cipher = value; in wpa_sm_set_param()
4677 sm->rsn_enabled = value; in wpa_sm_set_param()
4680 sm->mfp = value; in wpa_sm_set_param()
4683 sm->ocv = value; in wpa_sm_set_param()
4686 sm->sae_pwe = value; in wpa_sm_set_param()
4689 sm->sae_pk = value; in wpa_sm_set_param()
4692 sm->wpa_deny_ptk0_rekey = value; in wpa_sm_set_param()
4695 sm->ext_key_id = value; in wpa_sm_set_param()
4698 sm->use_ext_key_id = value; in wpa_sm_set_param()
4702 sm->ft_rsnxe_used = value; in wpa_sm_set_param()
4705 sm->oci_freq_override_eapol = value; in wpa_sm_set_param()
4708 sm->oci_freq_override_eapol_g2 = value; in wpa_sm_set_param()
4711 sm->oci_freq_override_ft_assoc = value; in wpa_sm_set_param()
4714 sm->oci_freq_override_fils_assoc = value; in wpa_sm_set_param()
4717 sm->disable_eapol_g2_tx = value; in wpa_sm_set_param()
4720 sm->encrypt_eapol_m2 = value; in wpa_sm_set_param()
4723 sm->encrypt_eapol_m4 = value; in wpa_sm_set_param()
4728 sm->dpp_pfs = value; in wpa_sm_set_param()
4732 sm->wmm_enabled = value; in wpa_sm_set_param()
4735 sm->ft_prepend_pmkid = value; in wpa_sm_set_param()
4738 sm->ssid_protection = value; in wpa_sm_set_param()
4749 * wpa_sm_get_status - Get WPA state machine
4766 ret = os_snprintf(pos, end - pos, in wpa_sm_get_status()
4770 wpa_cipher_txt(sm->pairwise_cipher), in wpa_sm_get_status()
4771 wpa_cipher_txt(sm->group_cipher), in wpa_sm_get_status()
4772 wpa_key_mgmt_txt(sm->key_mgmt, sm->proto)); in wpa_sm_get_status()
4773 if (os_snprintf_error(end - pos, ret)) in wpa_sm_get_status()
4774 return pos - buf; in wpa_sm_get_status()
4778 if (sm->key_mgmt == WPA_KEY_MGMT_DPP && sm->dpp_z) { in wpa_sm_get_status()
4779 ret = os_snprintf(pos, end - pos, "dpp_pfs=1\n"); in wpa_sm_get_status()
4780 if (os_snprintf_error(end - pos, ret)) in wpa_sm_get_status()
4781 return pos - buf; in wpa_sm_get_status()
4786 if (sm->mfp != NO_MGMT_FRAME_PROTECTION && sm->ap_rsn_ie) { in wpa_sm_get_status()
4788 if (wpa_parse_wpa_ie_rsn(sm->ap_rsn_ie, sm->ap_rsn_ie_len, &rsn) in wpa_sm_get_status()
4792 ret = os_snprintf(pos, end - pos, "pmf=%d\n" in wpa_sm_get_status()
4797 sm->mgmt_group_cipher)); in wpa_sm_get_status()
4798 if (os_snprintf_error(end - pos, ret)) in wpa_sm_get_status()
4799 return pos - buf; in wpa_sm_get_status()
4804 return pos - buf; in wpa_sm_get_status()
4812 if (sm->mfp == NO_MGMT_FRAME_PROTECTION || !sm->ap_rsn_ie) in wpa_sm_pmf_enabled()
4815 if (wpa_parse_wpa_ie_rsn(sm->ap_rsn_ie, sm->ap_rsn_ie_len, &rsn) >= 0 && in wpa_sm_pmf_enabled()
4825 return sm ? sm->ext_key_id : 0; in wpa_sm_ext_key_id()
4831 return sm ? sm->use_ext_key_id : 0; in wpa_sm_ext_key_id_active()
4839 if (!sm->ocv || !sm->ap_rsn_ie) in wpa_sm_ocv_enabled()
4842 return wpa_parse_wpa_ie_rsn(sm->ap_rsn_ie, sm->ap_rsn_ie_len, in wpa_sm_ocv_enabled()
4849 * wpa_sm_set_assoc_wpa_ie_default - Generate own WPA/RSN IE from configuration
4853 * Returns: 0 on success, -1 on failure
4861 return -1; in wpa_sm_set_assoc_wpa_ie_default()
4864 if (sm->test_assoc_ie) { in wpa_sm_set_assoc_wpa_ie_default()
4867 if (*wpa_ie_len < wpabuf_len(sm->test_assoc_ie)) in wpa_sm_set_assoc_wpa_ie_default()
4868 return -1; in wpa_sm_set_assoc_wpa_ie_default()
4869 os_memcpy(wpa_ie, wpabuf_head(sm->test_assoc_ie), in wpa_sm_set_assoc_wpa_ie_default()
4870 wpabuf_len(sm->test_assoc_ie)); in wpa_sm_set_assoc_wpa_ie_default()
4871 res = wpabuf_len(sm->test_assoc_ie); in wpa_sm_set_assoc_wpa_ie_default()
4876 return -1; in wpa_sm_set_assoc_wpa_ie_default()
4882 if (sm->assoc_wpa_ie == NULL) { in wpa_sm_set_assoc_wpa_ie_default()
4884 * Make a copy of the WPA/RSN IE so that 4-Way Handshake gets in wpa_sm_set_assoc_wpa_ie_default()
4888 sm->assoc_wpa_ie = os_memdup(wpa_ie, *wpa_ie_len); in wpa_sm_set_assoc_wpa_ie_default()
4889 if (sm->assoc_wpa_ie == NULL) in wpa_sm_set_assoc_wpa_ie_default()
4890 return -1; in wpa_sm_set_assoc_wpa_ie_default()
4892 sm->assoc_wpa_ie_len = *wpa_ie_len; in wpa_sm_set_assoc_wpa_ie_default()
4896 sm->assoc_wpa_ie, sm->assoc_wpa_ie_len); in wpa_sm_set_assoc_wpa_ie_default()
4904 * wpa_sm_set_assoc_wpa_ie - Set own WPA/RSN IE from (Re)AssocReq
4908 * Returns: 0 on success, -1 on failure
4917 return -1; in wpa_sm_set_assoc_wpa_ie()
4919 os_free(sm->assoc_wpa_ie); in wpa_sm_set_assoc_wpa_ie()
4921 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_assoc_wpa_ie()
4923 sm->assoc_wpa_ie = NULL; in wpa_sm_set_assoc_wpa_ie()
4924 sm->assoc_wpa_ie_len = 0; in wpa_sm_set_assoc_wpa_ie()
4927 sm->assoc_wpa_ie = os_memdup(ie, len); in wpa_sm_set_assoc_wpa_ie()
4928 if (sm->assoc_wpa_ie == NULL) in wpa_sm_set_assoc_wpa_ie()
4929 return -1; in wpa_sm_set_assoc_wpa_ie()
4931 sm->assoc_wpa_ie_len = len; in wpa_sm_set_assoc_wpa_ie()
4939 * wpa_sm_set_assoc_rsnxe_default - Generate own RSNXE from configuration
4943 * Returns: 0 on success, -1 on failure
4951 return -1; in wpa_sm_set_assoc_rsnxe_default()
4955 return -1; in wpa_sm_set_assoc_rsnxe_default()
4960 if (sm->assoc_rsnxe) { in wpa_sm_set_assoc_rsnxe_default()
4963 sm->assoc_rsnxe, sm->assoc_rsnxe_len); in wpa_sm_set_assoc_rsnxe_default()
4966 * Make a copy of the RSNXE so that 4-Way Handshake gets the in wpa_sm_set_assoc_rsnxe_default()
4969 sm->assoc_rsnxe = os_memdup(rsnxe, *rsnxe_len); in wpa_sm_set_assoc_rsnxe_default()
4970 if (!sm->assoc_rsnxe) in wpa_sm_set_assoc_rsnxe_default()
4971 return -1; in wpa_sm_set_assoc_rsnxe_default()
4973 sm->assoc_rsnxe_len = *rsnxe_len; in wpa_sm_set_assoc_rsnxe_default()
4981 * wpa_sm_set_assoc_rsnxe - Set own RSNXE from (Re)AssocReq
4985 * Returns: 0 on success, -1 on failure
4994 return -1; in wpa_sm_set_assoc_rsnxe()
4996 os_free(sm->assoc_rsnxe); in wpa_sm_set_assoc_rsnxe()
4998 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_assoc_rsnxe()
5000 sm->assoc_rsnxe = NULL; in wpa_sm_set_assoc_rsnxe()
5001 sm->assoc_rsnxe_len = 0; in wpa_sm_set_assoc_rsnxe()
5004 sm->assoc_rsnxe = os_memdup(ie, len); in wpa_sm_set_assoc_rsnxe()
5005 if (!sm->assoc_rsnxe) in wpa_sm_set_assoc_rsnxe()
5006 return -1; in wpa_sm_set_assoc_rsnxe()
5008 sm->assoc_rsnxe_len = len; in wpa_sm_set_assoc_rsnxe()
5011 if (sm->ssid_protection && in wpa_sm_set_assoc_rsnxe()
5012 !ieee802_11_rsnx_capab(sm->assoc_rsnxe, in wpa_sm_set_assoc_rsnxe()
5014 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_assoc_rsnxe()
5016 sm->ssid_protection = 0; in wpa_sm_set_assoc_rsnxe()
5024 * wpa_sm_set_ap_wpa_ie - Set AP WPA IE from Beacon/ProbeResp
5028 * Returns: 0 on success, -1 on failure
5036 return -1; in wpa_sm_set_ap_wpa_ie()
5038 os_free(sm->ap_wpa_ie); in wpa_sm_set_ap_wpa_ie()
5040 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_ap_wpa_ie()
5042 sm->ap_wpa_ie = NULL; in wpa_sm_set_ap_wpa_ie()
5043 sm->ap_wpa_ie_len = 0; in wpa_sm_set_ap_wpa_ie()
5046 sm->ap_wpa_ie = os_memdup(ie, len); in wpa_sm_set_ap_wpa_ie()
5047 if (sm->ap_wpa_ie == NULL) in wpa_sm_set_ap_wpa_ie()
5048 return -1; in wpa_sm_set_ap_wpa_ie()
5050 sm->ap_wpa_ie_len = len; in wpa_sm_set_ap_wpa_ie()
5058 * wpa_sm_set_ap_rsn_ie - Set AP RSN IE from Beacon/ProbeResp
5062 * Returns: 0 on success, -1 on failure
5070 return -1; in wpa_sm_set_ap_rsn_ie()
5072 os_free(sm->ap_rsn_ie); in wpa_sm_set_ap_rsn_ie()
5074 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_ap_rsn_ie()
5076 sm->ap_rsn_ie = NULL; in wpa_sm_set_ap_rsn_ie()
5077 sm->ap_rsn_ie_len = 0; in wpa_sm_set_ap_rsn_ie()
5080 sm->ap_rsn_ie = os_memdup(ie, len); in wpa_sm_set_ap_rsn_ie()
5081 if (sm->ap_rsn_ie == NULL) in wpa_sm_set_ap_rsn_ie()
5082 return -1; in wpa_sm_set_ap_rsn_ie()
5084 sm->ap_rsn_ie_len = len; in wpa_sm_set_ap_rsn_ie()
5092 * wpa_sm_set_ap_rsnxe - Set AP RSNXE from Beacon/ProbeResp
5096 * Returns: 0 on success, -1 on failure
5104 return -1; in wpa_sm_set_ap_rsnxe()
5106 os_free(sm->ap_rsnxe); in wpa_sm_set_ap_rsnxe()
5108 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: clearing AP RSNXE"); in wpa_sm_set_ap_rsnxe()
5109 sm->ap_rsnxe = NULL; in wpa_sm_set_ap_rsnxe()
5110 sm->ap_rsnxe_len = 0; in wpa_sm_set_ap_rsnxe()
5113 sm->ap_rsnxe = os_memdup(ie, len); in wpa_sm_set_ap_rsnxe()
5114 if (!sm->ap_rsnxe) in wpa_sm_set_ap_rsnxe()
5115 return -1; in wpa_sm_set_ap_rsnxe()
5117 sm->ap_rsnxe_len = len; in wpa_sm_set_ap_rsnxe()
5125 * wpa_sm_parse_own_wpa_ie - Parse own WPA/RSN IE
5128 * Returns: 0 on success, -1 if IE is not known, or -2 on parsing failure
5136 return -1; in wpa_sm_parse_own_wpa_ie()
5138 if (sm->assoc_wpa_ie == NULL) { in wpa_sm_parse_own_wpa_ie()
5139 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_parse_own_wpa_ie()
5141 return -1; in wpa_sm_parse_own_wpa_ie()
5143 if (wpa_parse_wpa_ie(sm->assoc_wpa_ie, sm->assoc_wpa_ie_len, data)) in wpa_sm_parse_own_wpa_ie()
5144 return -2; in wpa_sm_parse_own_wpa_ie()
5151 return pmksa_cache_list(sm->pmksa, buf, len); in wpa_sm_pmksa_cache_list()
5157 return pmksa_cache_head(sm->pmksa); in wpa_sm_pmksa_cache_head()
5165 return pmksa_cache_add_entry(sm->pmksa, entry); in wpa_sm_pmksa_cache_add_entry()
5173 sm->cur_pmksa = pmksa_cache_add(sm->pmksa, pmk, pmk_len, pmkid, NULL, 0, in wpa_sm_pmksa_cache_add()
5174 bssid, sm->own_addr, sm->network_ctx, in wpa_sm_pmksa_cache_add()
5175 sm->key_mgmt, fils_cache_id); in wpa_sm_pmksa_cache_add()
5182 return pmksa_cache_get(sm->pmksa, bssid, own_addr, NULL, network_ctx, in wpa_sm_pmksa_exists()
5193 return pmksa_cache_get(sm->pmksa, aa, sm->own_addr, pmkid, network_ctx, in wpa_sm_pmksa_cache_get()
5201 if (sm && sm->pmksa) in wpa_sm_pmksa_cache_remove()
5202 pmksa_cache_remove(sm->pmksa, entry); in wpa_sm_pmksa_cache_remove()
5208 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Clear old PMK and PTK"); in wpa_sm_drop_sa()
5210 sm->pmk_len = 0; in wpa_sm_drop_sa()
5211 os_memset(sm->pmk, 0, sizeof(sm->pmk)); in wpa_sm_drop_sa()
5213 os_memset(sm->xxkey, 0, sizeof(sm->xxkey)); in wpa_sm_drop_sa()
5214 sm->xxkey_len = 0; in wpa_sm_drop_sa()
5215 os_memset(sm->pmk_r0, 0, sizeof(sm->pmk_r0)); in wpa_sm_drop_sa()
5216 sm->pmk_r0_len = 0; in wpa_sm_drop_sa()
5217 os_memset(sm->pmk_r1, 0, sizeof(sm->pmk_r1)); in wpa_sm_drop_sa()
5218 sm->pmk_r1_len = 0; in wpa_sm_drop_sa()
5220 os_free(sm->pasn_r1kh); in wpa_sm_drop_sa()
5221 sm->pasn_r1kh = NULL; in wpa_sm_drop_sa()
5222 sm->n_pasn_r1kh = 0; in wpa_sm_drop_sa()
5233 if (!wpa_key_mgmt_ft(sm->key_mgmt) || in wpa_sm_has_ft_keys()
5234 os_memcmp(md, sm->key_mobility_domain, in wpa_sm_has_ft_keys()
5240 return sm->ptk_set; in wpa_sm_has_ft_keys()
5249 return sm->tk_set || sm->ptk.installed; in wpa_sm_has_ptk_installed()
5255 os_memcpy(sm->rx_replay_counter, replay_ctr, WPA_REPLAY_COUNTER_LEN); in wpa_sm_update_replay_ctr()
5261 pmksa_cache_flush(sm->pmksa, network_ctx, NULL, 0, false); in wpa_sm_pmksa_cache_flush()
5267 pmksa_cache_flush(sm->pmksa, network_ctx, NULL, 0, true); in wpa_sm_external_pmksa_cache_flush()
5282 keylen = wpa_cipher_key_len(sm->group_cipher); in wpa_wnmsleep_install_key()
5283 gd.key_rsc_len = wpa_cipher_rsc_len(sm->group_cipher); in wpa_wnmsleep_install_key()
5284 gd.alg = wpa_cipher_to_alg(sm->group_cipher); in wpa_wnmsleep_install_key()
5287 return -1; in wpa_wnmsleep_install_key()
5296 return -1; in wpa_wnmsleep_install_key()
5298 gd.keyidx = keyinfo & 0x03; /* B0 - B1 */ in wpa_wnmsleep_install_key()
5310 return -1; in wpa_wnmsleep_install_key()
5318 return -1; in wpa_wnmsleep_install_key()
5323 if (sm->beacon_prot && in wpa_wnmsleep_install_key()
5325 return -1; in wpa_wnmsleep_install_key()
5328 return -1; in wpa_wnmsleep_install_key()
5340 if (sm == NULL || WPA_GET_BE32(sm->p2p_ip_addr) == 0) in wpa_sm_get_p2p_ip_addr()
5341 return -1; in wpa_sm_get_p2p_ip_addr()
5342 os_memcpy(buf, sm->p2p_ip_addr, 3 * 4); in wpa_sm_get_p2p_ip_addr()
5354 os_memcpy(sm->rx_replay_counter, rx_replay_counter, in wpa_sm_set_rx_replay_ctr()
5356 sm->rx_replay_counter_set = 1; in wpa_sm_set_rx_replay_ctr()
5366 os_memcpy(sm->ptk.kck, ptk_kck, ptk_kck_len); in wpa_sm_set_ptk_kck_kek()
5367 sm->ptk.kck_len = ptk_kck_len; in wpa_sm_set_ptk_kck_kek()
5371 os_memcpy(sm->ptk.kek, ptk_kek, ptk_kek_len); in wpa_sm_set_ptk_kck_kek()
5372 sm->ptk.kek_len = ptk_kek_len; in wpa_sm_set_ptk_kck_kek()
5375 sm->ptk_set = 1; in wpa_sm_set_ptk_kck_kek()
5383 wpabuf_free(sm->test_assoc_ie); in wpa_sm_set_test_assoc_ie()
5384 sm->test_assoc_ie = buf; in wpa_sm_set_test_assoc_ie()
5390 wpabuf_free(sm->test_eapol_m2_elems); in wpa_sm_set_test_eapol_m2_elems()
5391 sm->test_eapol_m2_elems = buf; in wpa_sm_set_test_eapol_m2_elems()
5397 wpabuf_free(sm->test_eapol_m4_elems); in wpa_sm_set_test_eapol_m4_elems()
5398 sm->test_eapol_m4_elems = buf; in wpa_sm_set_test_eapol_m4_elems()
5404 return sm->anonce; in wpa_sm_get_anonce()
5412 return sm->key_mgmt; in wpa_sm_get_key_mgmt()
5418 return sm->mlo.valid_links ? sm->mlo.ap_mld_addr : sm->bssid; in wpa_sm_get_auth_addr()
5430 erp_msg = eapol_sm_build_erp_reauth_start(sm->eapol); in fils_build_auth()
5431 if (!erp_msg && !sm->cur_pmksa) { in fils_build_auth()
5433 "FILS: Neither ERP EAP-Initiate/Re-auth nor PMKSA cache entry is available - skip FILS"); in fils_build_auth()
5438 erp_msg != NULL, sm->cur_pmksa != NULL); in fils_build_auth()
5440 sm->fils_completed = 0; in fils_build_auth()
5442 if (!sm->assoc_wpa_ie) { in fils_build_auth()
5447 if (random_get_bytes(sm->fils_nonce, FILS_NONCE_LEN) < 0 || in fils_build_auth()
5448 random_get_bytes(sm->fils_session, FILS_SESSION_LEN) < 0) in fils_build_auth()
5452 sm->fils_nonce, FILS_NONCE_LEN); in fils_build_auth()
5454 sm->fils_session, FILS_SESSION_LEN); in fils_build_auth()
5457 sm->fils_dh_group = dh_group; in fils_build_auth()
5459 crypto_ecdh_deinit(sm->fils_ecdh); in fils_build_auth()
5460 sm->fils_ecdh = crypto_ecdh_init(dh_group); in fils_build_auth()
5461 if (!sm->fils_ecdh) { in fils_build_auth()
5467 pub = crypto_ecdh_get_pubkey(sm->fils_ecdh, 1); in fils_build_auth()
5472 sm->fils_dh_elem_len = wpabuf_len(pub); in fils_build_auth()
5476 buf = wpabuf_alloc(1000 + sm->assoc_wpa_ie_len + in fils_build_auth()
5501 sm->assoc_wpa_ie, sm->assoc_wpa_ie_len); in fils_build_auth()
5502 wpabuf_put_data(buf, sm->assoc_wpa_ie, sm->assoc_wpa_ie_len); in fils_build_auth()
5511 os_memcpy(mdie->mobility_domain, md, MOBILITY_DOMAIN_ID_LEN); in fils_build_auth()
5512 mdie->ft_capab = 0; in fils_build_auth()
5520 wpabuf_put_data(buf, sm->fils_nonce, FILS_NONCE_LEN); in fils_build_auth()
5527 wpabuf_put_data(buf, sm->fils_session, FILS_SESSION_LEN); in fils_build_auth()
5530 sm->fils_erp_pmkid_set = 0; in fils_build_auth()
5538 * maintain a copy of the EAP-Initiate/Reauth message. */ in fils_build_auth()
5539 if (fils_pmkid_erp(sm->key_mgmt, wpabuf_head(erp_msg), in fils_build_auth()
5541 sm->fils_erp_pmkid) == 0) in fils_build_auth()
5542 sm->fils_erp_pmkid_set = 1; in fils_build_auth()
5577 os_memcpy(sm->bssid, bssid, ETH_ALEN); in fils_process_auth()
5586 if (sm->fils_dh_group) { in fils_process_auth()
5592 if (end - pos < 2) { in fils_process_auth()
5599 if (group != sm->fils_dh_group) { in fils_process_auth()
5602 group, sm->fils_dh_group); in fils_process_auth()
5607 if ((size_t) (end - pos) < sm->fils_dh_elem_len) { in fils_process_auth()
5612 if (!sm->fils_ecdh) { in fils_process_auth()
5616 dh_ss = crypto_ecdh_set_peerkey(sm->fils_ecdh, 1, pos, in fils_process_auth()
5617 sm->fils_dh_elem_len); in fils_process_auth()
5624 g_ap_len = sm->fils_dh_elem_len; in fils_process_auth()
5625 pos += sm->fils_dh_elem_len; in fils_process_auth()
5629 wpa_hexdump(MSG_DEBUG, "FILS: Remaining IEs", pos, end - pos); in fils_process_auth()
5630 if (ieee802_11_parse_elems(pos, end - pos, &elems, 1) == ParseFailed) { in fils_process_auth()
5639 wpa_parse_wpa_ie_rsn(elems.rsn_ie - 2, elems.rsn_ie_len + 2, in fils_process_auth()
5649 os_memcpy(sm->fils_anonce, elems.fils_nonce, FILS_NONCE_LEN); in fils_process_auth()
5650 wpa_hexdump(MSG_DEBUG, "FILS: ANonce", sm->fils_anonce, FILS_NONCE_LEN); in fils_process_auth()
5653 if (wpa_key_mgmt_ft(sm->key_mgmt)) { in fils_process_auth()
5659 if (wpa_ft_parse_ies(pos, end - pos, &parse, in fils_process_auth()
5660 sm->key_mgmt, false) < 0) { in fils_process_auth()
5667 "FILS+FT: No R0KH-ID subelem in FTE"); in fils_process_auth()
5670 os_memcpy(sm->r0kh_id, parse.r0kh_id, parse.r0kh_id_len); in fils_process_auth()
5671 sm->r0kh_id_len = parse.r0kh_id_len; in fils_process_auth()
5672 wpa_hexdump_ascii(MSG_DEBUG, "FILS+FT: R0KH-ID", in fils_process_auth()
5673 sm->r0kh_id, sm->r0kh_id_len); in fils_process_auth()
5677 "FILS+FT: No R1KH-ID subelem in FTE"); in fils_process_auth()
5680 os_memcpy(sm->r1kh_id, parse.r1kh_id, FT_R1KH_ID_LEN); in fils_process_auth()
5681 wpa_hexdump(MSG_DEBUG, "FILS+FT: R1KH-ID", in fils_process_auth()
5682 sm->r1kh_id, FT_R1KH_ID_LEN); in fils_process_auth()
5686 wpabuf_free(sm->fils_ft_ies); in fils_process_auth()
5687 sm->fils_ft_ies = wpabuf_alloc(2 + elems.mdie_len + in fils_process_auth()
5689 if (!sm->fils_ft_ies) in fils_process_auth()
5691 wpabuf_put_data(sm->fils_ft_ies, elems.mdie - 2, in fils_process_auth()
5693 wpabuf_put_data(sm->fils_ft_ies, elems.ftie - 2, in fils_process_auth()
5696 wpabuf_free(sm->fils_ft_ies); in fils_process_auth()
5697 sm->fils_ft_ies = NULL; in fils_process_auth()
5711 if (os_memcmp(sm->cur_pmksa->pmkid, rsn.pmkid, PMKID_LEN) != 0) in fils_process_auth()
5715 sm->cur_pmksa->pmkid, PMKID_LEN); in fils_process_auth()
5719 "FILS: Matching PMKID - continue using PMKSA caching"); in fils_process_auth()
5722 if (!pmkid_match && sm->cur_pmksa) { in fils_process_auth()
5724 "FILS: No PMKID match - cannot use cached PMKSA entry"); in fils_process_auth()
5725 sm->cur_pmksa = NULL; in fils_process_auth()
5735 if (os_memcmp(sm->fils_session, elems.fils_session, FILS_SESSION_LEN) in fils_process_auth()
5739 sm->fils_session, FILS_SESSION_LEN); in fils_process_auth()
5744 if (!sm->cur_pmksa && elems.wrapped_data) { in fils_process_auth()
5751 eapol_sm_process_erp_finish(sm->eapol, elems.wrapped_data, in fils_process_auth()
5753 if (eapol_sm_failed(sm->eapol)) in fils_process_auth()
5757 res = eapol_sm_get_key(sm->eapol, rmsk, rmsk_len); in fils_process_auth()
5760 res = eapol_sm_get_key(sm->eapol, rmsk, rmsk_len); in fils_process_auth()
5765 res = fils_rmsk_to_pmk(sm->key_mgmt, rmsk, rmsk_len, in fils_process_auth()
5766 sm->fils_nonce, sm->fils_anonce, in fils_process_auth()
5769 sm->pmk, &sm->pmk_len); in fils_process_auth()
5780 if (!sm->fils_erp_pmkid_set) { in fils_process_auth()
5784 wpa_hexdump(MSG_DEBUG, "FILS: PMKID", sm->fils_erp_pmkid, in fils_process_auth()
5786 wpa_printf(MSG_DEBUG, "FILS: ERP processing succeeded - add PMKSA cache entry for the result"); in fils_process_auth()
5787 sm->cur_pmksa = pmksa_cache_add(sm->pmksa, sm->pmk, sm->pmk_len, in fils_process_auth()
5788 sm->fils_erp_pmkid, NULL, 0, in fils_process_auth()
5789 sm->bssid, sm->own_addr, in fils_process_auth()
5790 sm->network_ctx, sm->key_mgmt, in fils_process_auth()
5794 if (!sm->cur_pmksa) { in fils_process_auth()
5800 if (sm->force_kdk_derivation || in fils_process_auth()
5801 (sm->secure_ltf && in fils_process_auth()
5802 ieee802_11_rsnx_capab(sm->ap_rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF))) in fils_process_auth()
5807 if (fils_pmk_to_ptk(sm->pmk, sm->pmk_len, sm->own_addr, in fils_process_auth()
5809 sm->fils_nonce, sm->fils_anonce, in fils_process_auth()
5812 &sm->ptk, ick, &ick_len, in fils_process_auth()
5813 sm->key_mgmt, sm->pairwise_cipher, in fils_process_auth()
5814 sm->fils_ft, &sm->fils_ft_len, in fils_process_auth()
5821 if (sm->secure_ltf && in fils_process_auth()
5822 ieee802_11_rsnx_capab(sm->ap_rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF) && in fils_process_auth()
5823 wpa_ltf_keyseed(&sm->ptk, sm->key_mgmt, sm->pairwise_cipher)) { in fils_process_auth()
5832 sm->ptk_set = 1; in fils_process_auth()
5833 sm->tptk_set = 0; in fils_process_auth()
5834 os_memset(&sm->tptk, 0, sizeof(sm->tptk)); in fils_process_auth()
5837 if (sm->fils_dh_group) { in fils_process_auth()
5838 if (!sm->fils_ecdh) { in fils_process_auth()
5842 pub = crypto_ecdh_get_pubkey(sm->fils_ecdh, 1); in fils_process_auth()
5856 res = fils_key_auth_sk(ick, ick_len, sm->fils_nonce, in fils_process_auth()
5857 sm->fils_anonce, sm->own_addr, sm->bssid, in fils_process_auth()
5859 sm->key_mgmt, sm->fils_key_auth_sta, in fils_process_auth()
5860 sm->fils_key_auth_ap, in fils_process_auth()
5861 &sm->fils_key_auth_len); in fils_process_auth()
5874 return -1; in fils_process_auth()
5884 int use_sha384 = wpa_key_mgmt_sha384(sm->key_mgmt); in fils_ft_build_assoc_req_rsne()
5888 rsnie->elem_id = WLAN_EID_RSN; in fils_ft_build_assoc_req_rsne()
5889 WPA_PUT_LE16(rsnie->version, RSN_VERSION); in fils_ft_build_assoc_req_rsne()
5892 if (!wpa_cipher_valid_group(sm->group_cipher)) { in fils_ft_build_assoc_req_rsne()
5894 sm->group_cipher); in fils_ft_build_assoc_req_rsne()
5895 return -1; in fils_ft_build_assoc_req_rsne()
5899 sm->group_cipher)); in fils_ft_build_assoc_req_rsne()
5905 if (!wpa_cipher_valid_pairwise(sm->pairwise_cipher)) { in fils_ft_build_assoc_req_rsne()
5907 sm->pairwise_cipher); in fils_ft_build_assoc_req_rsne()
5908 return -1; in fils_ft_build_assoc_req_rsne()
5912 sm->pairwise_cipher)); in fils_ft_build_assoc_req_rsne()
5919 if (sm->key_mgmt == WPA_KEY_MGMT_FT_FILS_SHA256) in fils_ft_build_assoc_req_rsne()
5921 else if (sm->key_mgmt == WPA_KEY_MGMT_FT_FILS_SHA384) in fils_ft_build_assoc_req_rsne()
5926 sm->key_mgmt); in fils_ft_build_assoc_req_rsne()
5927 return -1; in fils_ft_build_assoc_req_rsne()
5932 if (sm->mfp) in fils_ft_build_assoc_req_rsne()
5934 if (sm->mfp == 2) in fils_ft_build_assoc_req_rsne()
5936 if (sm->ocv) in fils_ft_build_assoc_req_rsne()
5938 if (sm->ext_key_id) in fils_ft_build_assoc_req_rsne()
5946 wpa_hexdump_key(MSG_DEBUG, "FILS+FT: XXKey (FILS-FT)", in fils_ft_build_assoc_req_rsne()
5947 sm->fils_ft, sm->fils_ft_len); in fils_ft_build_assoc_req_rsne()
5948 wpa_hexdump_ascii(MSG_DEBUG, "FILS+FT: SSID", sm->ssid, sm->ssid_len); in fils_ft_build_assoc_req_rsne()
5950 sm->mobility_domain, MOBILITY_DOMAIN_ID_LEN); in fils_ft_build_assoc_req_rsne()
5951 wpa_hexdump_ascii(MSG_DEBUG, "FILS+FT: R0KH-ID", in fils_ft_build_assoc_req_rsne()
5952 sm->r0kh_id, sm->r0kh_id_len); in fils_ft_build_assoc_req_rsne()
5953 if (wpa_derive_pmk_r0(sm->fils_ft, sm->fils_ft_len, sm->ssid, in fils_ft_build_assoc_req_rsne()
5954 sm->ssid_len, sm->mobility_domain, in fils_ft_build_assoc_req_rsne()
5955 sm->r0kh_id, sm->r0kh_id_len, sm->own_addr, in fils_ft_build_assoc_req_rsne()
5956 sm->pmk_r0, sm->pmk_r0_name, sm->key_mgmt) < 0) { in fils_ft_build_assoc_req_rsne()
5957 wpa_printf(MSG_WARNING, "FILS+FT: Could not derive PMK-R0"); in fils_ft_build_assoc_req_rsne()
5958 return -1; in fils_ft_build_assoc_req_rsne()
5960 if (wpa_key_mgmt_sae_ext_key(sm->key_mgmt)) in fils_ft_build_assoc_req_rsne()
5961 sm->pmk_r0_len = sm->fils_ft_len; in fils_ft_build_assoc_req_rsne()
5963 sm->pmk_r0_len = use_sha384 ? SHA384_MAC_LEN : PMK_LEN; in fils_ft_build_assoc_req_rsne()
5964 wpa_printf(MSG_DEBUG, "FILS+FT: R1KH-ID: " MACSTR, in fils_ft_build_assoc_req_rsne()
5965 MAC2STR(sm->r1kh_id)); in fils_ft_build_assoc_req_rsne()
5967 if (wpa_derive_pmk_r1_name(sm->pmk_r0_name, sm->r1kh_id, sm->own_addr, in fils_ft_build_assoc_req_rsne()
5968 sm->pmk_r1_name, sm->fils_ft_len) < 0) { in fils_ft_build_assoc_req_rsne()
5970 return -1; in fils_ft_build_assoc_req_rsne()
5972 os_memcpy(pos, sm->pmk_r1_name, WPA_PMK_NAME_LEN); in fils_ft_build_assoc_req_rsne()
5974 os_memcpy(sm->key_mobility_domain, sm->mobility_domain, in fils_ft_build_assoc_req_rsne()
5977 if (sm->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC) { in fils_ft_build_assoc_req_rsne()
5983 rsnie->len = ((u8 *) wpabuf_put(buf, 0) - (u8 *) rsnie) - 2; in fils_ft_build_assoc_req_rsne()
6001 if (sm->fils_ft_ies) in fils_build_assoc_req()
6002 len += wpabuf_len(sm->fils_ft_ies); in fils_build_assoc_req()
6003 if (wpa_key_mgmt_ft(sm->key_mgmt)) in fils_build_assoc_req()
6013 if (wpa_key_mgmt_ft(sm->key_mgmt) && sm->fils_ft_ies) { in fils_build_assoc_req()
6015 wpabuf_put_buf(buf, sm->fils_ft_ies); in fils_build_assoc_req()
6029 wpabuf_put_data(buf, sm->fils_session, FILS_SESSION_LEN); in fils_build_assoc_req()
6038 wpabuf_put_u8(buf, 1 + sm->fils_key_auth_len); /* Length */ in fils_build_assoc_req()
6041 wpabuf_put_data(buf, sm->fils_key_auth_sta, sm->fils_key_auth_len); in fils_build_assoc_req()
6059 wpabuf_put_data(buf, pos, len - 1); in fils_build_assoc_req()
6060 pos += len - 1; in fils_build_assoc_req()
6061 left -= len - 1; in fils_build_assoc_req()
6068 left -= len; in fils_build_assoc_req()
6086 if (sm->oci_freq_override_fils_assoc) { in fils_build_assoc_req()
6088 "TEST: Override OCI KDE frequency %d -> %d MHz", in fils_build_assoc_req()
6090 sm->oci_freq_override_fils_assoc); in fils_build_assoc_req()
6091 ci.frequency = sm->oci_freq_override_fils_assoc; in fils_build_assoc_req()
6105 *kek = sm->ptk.kek; in fils_build_assoc_req()
6106 *kek_len = sm->ptk.kek_len; in fils_build_assoc_req()
6108 *snonce = sm->fils_nonce; in fils_build_assoc_req()
6111 *anonce = sm->fils_anonce; in fils_build_assoc_req()
6128 if (end - pos >= 6 && in fils_process_hlp_resp()
6131 wpa_sm_fils_hlp_rx(sm, resp, resp + ETH_ALEN, pos, end - pos); in fils_process_hlp_resp()
6142 while (end - pos >= 2) { in fils_process_hlp_container()
6143 if (2 + pos[1] > end - pos) in fils_process_hlp_container()
6151 if (end - pos < 2) in fils_process_hlp_container()
6154 tmp = os_malloc(end - pos); in fils_process_hlp_container()
6158 while (end - pos >= 2) { in fils_process_hlp_container()
6159 if (2 + pos[1] > end - pos || in fils_process_hlp_container()
6165 os_memcpy(tmp_pos, pos + 3, pos[1] - 1); in fils_process_hlp_container()
6166 tmp_pos += pos[1] - 1; in fils_process_hlp_container()
6170 while (end - pos >= 2 && pos[0] == WLAN_EID_FRAGMENT && in fils_process_hlp_container()
6171 2 + pos[1] <= end - pos) { in fils_process_hlp_container()
6177 fils_process_hlp_resp(sm, tmp, tmp_pos - tmp); in fils_process_hlp_container()
6195 if (!sm || !sm->ptk_set) { in fils_process_assoc_resp()
6197 return -1; in fils_process_assoc_resp()
6200 if (!wpa_key_mgmt_fils(sm->key_mgmt)) { in fils_process_assoc_resp()
6202 return -1; in fils_process_assoc_resp()
6205 if (sm->fils_completed) { in fils_process_assoc_resp()
6207 …"FILS: Association has already been completed for this FILS authentication - ignore unexpected ret… in fils_process_assoc_resp()
6208 return -1; in fils_process_assoc_resp()
6215 if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.assoc_resp)) in fils_process_assoc_resp()
6216 return -1; in fils_process_assoc_resp()
6220 ie_start = mgmt->u.assoc_resp.variable; in fils_process_assoc_resp()
6222 if (ieee802_11_parse_elems(ie_start, end - ie_start, &elems, 1) == in fils_process_assoc_resp()
6231 return -1; in fils_process_assoc_resp()
6233 if (os_memcmp(elems.fils_session, sm->fils_session, in fils_process_assoc_resp()
6239 sm->fils_session, FILS_SESSION_LEN); in fils_process_assoc_resp()
6246 * 802.11ai-2016 did not include all the needed changes to make in fils_process_assoc_resp()
6250 } else if (wpa_compare_rsn_ie(wpa_key_mgmt_ft(sm->key_mgmt), in fils_process_assoc_resp()
6251 sm->ap_rsn_ie, sm->ap_rsn_ie_len, in fils_process_assoc_resp()
6252 elems.rsn_ie - 2, elems.rsn_ie_len + 2)) { in fils_process_assoc_resp()
6253 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in fils_process_assoc_resp()
6256 sm->ap_rsn_ie, sm->ap_rsn_ie_len); in fils_process_assoc_resp()
6268 if (elems.fils_key_confirm_len != sm->fils_key_auth_len) { in fils_process_assoc_resp()
6270 "FILS: Unexpected Key-Auth length %d (expected %d)", in fils_process_assoc_resp()
6272 (int) sm->fils_key_auth_len); in fils_process_assoc_resp()
6275 if (os_memcmp(elems.fils_key_confirm, sm->fils_key_auth_ap, in fils_process_assoc_resp()
6276 sm->fils_key_auth_len) != 0) { in fils_process_assoc_resp()
6277 wpa_printf(MSG_DEBUG, "FILS: Key-Auth mismatch"); in fils_process_assoc_resp()
6278 wpa_hexdump(MSG_DEBUG, "FILS: Received Key-Auth", in fils_process_assoc_resp()
6281 wpa_hexdump(MSG_DEBUG, "FILS: Expected Key-Auth", in fils_process_assoc_resp()
6282 sm->fils_key_auth_ap, sm->fils_key_auth_len); in fils_process_assoc_resp()
6299 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, OCV_FAILURE in fils_process_assoc_resp()
6300 "addr=" MACSTR " frame=fils-assoc error=%s", in fils_process_assoc_resp()
6301 MAC2STR(sm->bssid), ocv_errorstr); in fils_process_assoc_resp()
6308 if (wpa_key_mgmt_ft(sm->key_mgmt) && sm->fils_ft_ies) { in fils_process_assoc_resp()
6313 wpa_parse_wpa_ie_rsn(elems.rsn_ie - 2, elems.rsn_ie_len + 2, in fils_process_assoc_resp()
6316 os_memcmp(rsn.pmkid, sm->pmk_r1_name, in fils_process_assoc_resp()
6334 elems.key_delivery_len - WPA_KEY_RSC_LEN, in fils_process_assoc_resp()
6343 maxkeylen = gd.gtk_len = kde.gtk_len - 2; in fils_process_assoc_resp()
6344 if (wpa_supplicant_check_group_cipher(sm, sm->group_cipher, in fils_process_assoc_resp()
6353 if (kde.gtk_len - 2 > sizeof(gd.gtk)) { in fils_process_assoc_resp()
6355 (unsigned long) kde.gtk_len - 2); in fils_process_assoc_resp()
6358 os_memcpy(gd.gtk, kde.gtk + 2, kde.gtk_len - 2); in fils_process_assoc_resp()
6371 alg = wpa_cipher_to_alg(sm->pairwise_cipher); in fils_process_assoc_resp()
6372 keylen = wpa_cipher_key_len(sm->pairwise_cipher); in fils_process_assoc_resp()
6373 if (keylen <= 0 || (unsigned int) keylen != sm->ptk.tk_len) { in fils_process_assoc_resp()
6375 keylen, (long unsigned int) sm->ptk.tk_len); in fils_process_assoc_resp()
6379 rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher); in fils_process_assoc_resp()
6381 sm->ptk.tk, keylen); in fils_process_assoc_resp()
6382 if (wpa_sm_set_key(sm, -1, alg, wpa_sm_get_auth_addr(sm), 0, 1, in fils_process_assoc_resp()
6384 sm->ptk.tk, keylen, KEY_FLAG_PAIRWISE_RX_TX) < 0) { in fils_process_assoc_resp()
6385 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in fils_process_assoc_resp()
6392 wpa_sm_store_ptk(sm, sm->bssid, sm->pairwise_cipher, in fils_process_assoc_resp()
6393 sm->dot11RSNAConfigPMKLifetime, &sm->ptk); in fils_process_assoc_resp()
6398 os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN); in fils_process_assoc_resp()
6399 sm->ptk.tk_len = 0; in fils_process_assoc_resp()
6400 sm->ptk.installed = 1; in fils_process_assoc_resp()
6401 sm->tk_set = true; in fils_process_assoc_resp()
6404 fils_process_hlp_container(sm, ie_start, end - ie_start); in fils_process_assoc_resp()
6409 sm->fils_completed = 1; in fils_process_assoc_resp()
6418 return -1; in fils_process_assoc_resp()
6425 sm->fils_completed = !!set; in wpa_sm_set_reset_fils_completed()
6434 return sm && sm->fils_completed; in wpa_fils_is_completed()
6457 crypto_ecdh_deinit(sm->owe_ecdh); in owe_build_assoc_req()
6458 sm->owe_ecdh = crypto_ecdh_init(group); in owe_build_assoc_req()
6459 if (!sm->owe_ecdh) in owe_build_assoc_req()
6461 sm->owe_group = group; in owe_build_assoc_req()
6462 pub = crypto_ecdh_get_pubkey(sm->owe_ecdh, 0); in owe_build_assoc_req()
6476 wpa_hexdump_buf(MSG_DEBUG, "OWE: Diffie-Hellman Parameter element", in owe_build_assoc_req()
6482 crypto_ecdh_deinit(sm->owe_ecdh); in owe_build_assoc_req()
6483 sm->owe_ecdh = NULL; in owe_build_assoc_req()
6507 return -1; in owe_process_assoc_resp()
6510 if (sm->cur_pmksa && elems.rsn_ie && in owe_process_assoc_resp()
6511 wpa_parse_wpa_ie_rsn(elems.rsn_ie - 2, 2 + elems.rsn_ie_len, in owe_process_assoc_resp()
6514 os_memcmp(sm->cur_pmksa->pmkid, data.pmkid, PMKID_LEN) == 0) { in owe_process_assoc_resp()
6522 "OWE: No Diffie-Hellman Parameter element found in Association Response frame"); in owe_process_assoc_resp()
6523 return -1; in owe_process_assoc_resp()
6527 if (group != sm->owe_group) { in owe_process_assoc_resp()
6529 "OWE: Unexpected Diffie-Hellman group in response: %u", in owe_process_assoc_resp()
6531 return -1; in owe_process_assoc_resp()
6534 if (!sm->owe_ecdh) { in owe_process_assoc_resp()
6536 return -1; in owe_process_assoc_resp()
6546 return -1; in owe_process_assoc_resp()
6548 secret = crypto_ecdh_set_peerkey(sm->owe_ecdh, 0, in owe_process_assoc_resp()
6550 elems.owe_dh_len - 2); in owe_process_assoc_resp()
6554 return -1; in owe_process_assoc_resp()
6558 /* prk = HKDF-extract(C | A | group, z) */ in owe_process_assoc_resp()
6560 pub = crypto_ecdh_get_pubkey(sm->owe_ecdh, 0); in owe_process_assoc_resp()
6563 return -1; in owe_process_assoc_resp()
6566 /* PMKID = Truncate-128(Hash(C | A)) */ in owe_process_assoc_resp()
6570 len[1] = elems.owe_dh_len - 2; in owe_process_assoc_resp()
6581 res = -1; in owe_process_assoc_resp()
6588 return -1; in owe_process_assoc_resp()
6591 hkey = wpabuf_alloc(wpabuf_len(pub) + elems.owe_dh_len - 2 + 2); in owe_process_assoc_resp()
6595 return -1; in owe_process_assoc_resp()
6600 wpabuf_put_data(hkey, elems.owe_dh + 2, elems.owe_dh_len - 2); /* A */ in owe_process_assoc_resp()
6601 wpabuf_put_le16(hkey, sm->owe_group); /* group */ in owe_process_assoc_resp()
6614 return -1; in owe_process_assoc_resp()
6618 /* PMK = HKDF-expand(prk, "OWE Key Generation", n) */ in owe_process_assoc_resp()
6622 os_strlen(info), sm->pmk, hash_len); in owe_process_assoc_resp()
6625 os_strlen(info), sm->pmk, hash_len); in owe_process_assoc_resp()
6628 os_strlen(info), sm->pmk, hash_len); in owe_process_assoc_resp()
6631 sm->pmk_len = 0; in owe_process_assoc_resp()
6632 return -1; in owe_process_assoc_resp()
6634 sm->pmk_len = hash_len; in owe_process_assoc_resp()
6636 wpa_hexdump_key(MSG_DEBUG, "OWE: PMK", sm->pmk, sm->pmk_len); in owe_process_assoc_resp()
6638 pmksa_cache_add(sm->pmksa, sm->pmk, sm->pmk_len, pmkid, NULL, 0, in owe_process_assoc_resp()
6639 bssid, sm->own_addr, sm->network_ctx, sm->key_mgmt, in owe_process_assoc_resp()
6652 sm->fils_cache_id_set = 1; in wpa_sm_set_fils_cache_id()
6653 os_memcpy(sm->fils_cache_id, fils_cache_id, FILS_CACHE_ID_LEN); in wpa_sm_set_fils_cache_id()
6663 wpabuf_clear_free(sm->dpp_z); in wpa_sm_set_dpp_z()
6664 sm->dpp_z = z ? wpabuf_dup(z) : NULL; in wpa_sm_set_dpp_z()
6675 sm->secure_ltf = 1; in wpa_pasn_sm_set_caps()
6677 sm->secure_rtt = 1; in wpa_pasn_sm_set_caps()
6679 sm->prot_range_neg = 1; in wpa_pasn_sm_set_caps()
6688 pmksa_cache_reconfig(sm->pmksa); in wpa_sm_pmksa_cache_reconfig()
6694 return sm ? sm->pmksa : NULL; in wpa_sm_get_pmksa_cache()
6702 sm->cur_pmksa = entry; in wpa_sm_set_cur_pmksa()
6710 sm->driver_bss_selection = driver_bss_selection; in wpa_sm_set_driver_bss_selection()