xref: /freebsd/contrib/wpa/src/wps/wps.h (revision 49b49cda41feabe3439f7318e8bf40e3896c7bf4)
1 /*
2  * Wi-Fi Protected Setup
3  * Copyright (c) 2007-2013, Jouni Malinen <j@w1.fi>
4  *
5  * This software may be distributed under the terms of the BSD license.
6  * See README for more details.
7  */
8 
9 #ifndef WPS_H
10 #define WPS_H
11 
12 #include "common/ieee802_11_defs.h"
13 #include "wps_defs.h"
14 
15 /**
16  * enum wsc_op_code - EAP-WSC OP-Code values
17  */
18 enum wsc_op_code {
19 	WSC_UPnP = 0 /* No OP Code in UPnP transport */,
20 	WSC_Start = 0x01,
21 	WSC_ACK = 0x02,
22 	WSC_NACK = 0x03,
23 	WSC_MSG = 0x04,
24 	WSC_Done = 0x05,
25 	WSC_FRAG_ACK = 0x06
26 };
27 
28 struct wps_registrar;
29 struct upnp_wps_device_sm;
30 struct wps_er;
31 struct wps_parse_attr;
32 
33 /**
34  * struct wps_credential - WPS Credential
35  * @ssid: SSID
36  * @ssid_len: Length of SSID
37  * @auth_type: Authentication Type (WPS_AUTH_OPEN, .. flags)
38  * @encr_type: Encryption Type (WPS_ENCR_NONE, .. flags)
39  * @key_idx: Key index
40  * @key: Key
41  * @key_len: Key length in octets
42  * @mac_addr: MAC address of the Credential receiver
43  * @cred_attr: Unparsed Credential attribute data (used only in cred_cb());
44  *	this may be %NULL, if not used
45  * @cred_attr_len: Length of cred_attr in octets
46  */
47 struct wps_credential {
48 	u8 ssid[SSID_MAX_LEN];
49 	size_t ssid_len;
50 	u16 auth_type;
51 	u16 encr_type;
52 	u8 key_idx;
53 	u8 key[64];
54 	size_t key_len;
55 	u8 mac_addr[ETH_ALEN];
56 	const u8 *cred_attr;
57 	size_t cred_attr_len;
58 };
59 
60 #define WPS_DEV_TYPE_LEN 8
61 #define WPS_DEV_TYPE_BUFSIZE 21
62 #define WPS_SEC_DEV_TYPE_MAX_LEN 128
63 /* maximum number of advertised WPS vendor extension attributes */
64 #define MAX_WPS_VENDOR_EXTENSIONS 10
65 /* maximum size of WPS Vendor extension attribute */
66 #define WPS_MAX_VENDOR_EXT_LEN 1024
67 /* maximum number of parsed WPS vendor extension attributes */
68 #define MAX_WPS_PARSE_VENDOR_EXT 10
69 
70 /**
71  * struct wps_device_data - WPS Device Data
72  * @mac_addr: Device MAC address
73  * @device_name: Device Name (0..32 octets encoded in UTF-8)
74  * @manufacturer: Manufacturer (0..64 octets encoded in UTF-8)
75  * @model_name: Model Name (0..32 octets encoded in UTF-8)
76  * @model_number: Model Number (0..32 octets encoded in UTF-8)
77  * @serial_number: Serial Number (0..32 octets encoded in UTF-8)
78  * @pri_dev_type: Primary Device Type
79  * @sec_dev_type: Array of secondary device types
80  * @num_sec_dev_type: Number of secondary device types
81  * @os_version: OS Version
82  * @rf_bands: RF bands (WPS_RF_24GHZ, WPS_RF_50GHZ, WPS_RF_60GHZ flags)
83  * @p2p: Whether the device is a P2P device
84  */
85 struct wps_device_data {
86 	u8 mac_addr[ETH_ALEN];
87 	char *device_name;
88 	char *manufacturer;
89 	char *model_name;
90 	char *model_number;
91 	char *serial_number;
92 	u8 pri_dev_type[WPS_DEV_TYPE_LEN];
93 #define WPS_SEC_DEVICE_TYPES 5
94 	u8 sec_dev_type[WPS_SEC_DEVICE_TYPES][WPS_DEV_TYPE_LEN];
95 	u8 num_sec_dev_types;
96 	u32 os_version;
97 	u8 rf_bands;
98 	u16 config_methods;
99 	struct wpabuf *vendor_ext_m1;
100 	struct wpabuf *vendor_ext[MAX_WPS_VENDOR_EXTENSIONS];
101 
102 	int p2p;
103 };
104 
105 /**
106  * struct wps_config - WPS configuration for a single registration protocol run
107  */
108 struct wps_config {
109 	/**
110 	 * wps - Pointer to long term WPS context
111 	 */
112 	struct wps_context *wps;
113 
114 	/**
115 	 * registrar - Whether this end is a Registrar
116 	 */
117 	int registrar;
118 
119 	/**
120 	 * pin - Enrollee Device Password (%NULL for Registrar or PBC)
121 	 */
122 	const u8 *pin;
123 
124 	/**
125 	 * pin_len - Length on pin in octets
126 	 */
127 	size_t pin_len;
128 
129 	/**
130 	 * pbc - Whether this is protocol run uses PBC
131 	 */
132 	int pbc;
133 
134 	/**
135 	 * assoc_wps_ie: (Re)AssocReq WPS IE (in AP; %NULL if not AP)
136 	 */
137 	const struct wpabuf *assoc_wps_ie;
138 
139 	/**
140 	 * new_ap_settings - New AP settings (%NULL if not used)
141 	 *
142 	 * This parameter provides new AP settings when using a wireless
143 	 * stations as a Registrar to configure the AP. %NULL means that AP
144 	 * will not be reconfigured, i.e., the station will only learn the
145 	 * current AP settings by using AP PIN.
146 	 */
147 	const struct wps_credential *new_ap_settings;
148 
149 	/**
150 	 * peer_addr: MAC address of the peer in AP; %NULL if not AP
151 	 */
152 	const u8 *peer_addr;
153 
154 	/**
155 	 * use_psk_key - Use PSK format key in Credential
156 	 *
157 	 * Force PSK format to be used instead of ASCII passphrase when
158 	 * building Credential for an Enrollee. The PSK value is set in
159 	 * struct wpa_context::psk.
160 	 */
161 	int use_psk_key;
162 
163 	/**
164 	 * dev_pw_id - Device Password ID for Enrollee when PIN is used
165 	 */
166 	u16 dev_pw_id;
167 
168 	/**
169 	 * p2p_dev_addr - P2P Device Address from (Re)Association Request
170 	 *
171 	 * On AP/GO, this is set to the P2P Device Address of the associating
172 	 * P2P client if a P2P IE is included in the (Re)Association Request
173 	 * frame and the P2P Device Address is included. Otherwise, this is set
174 	 * to %NULL to indicate the station does not have a P2P Device Address.
175 	 */
176 	const u8 *p2p_dev_addr;
177 
178 	/**
179 	 * pbc_in_m1 - Do not remove PushButton config method in M1 (AP)
180 	 *
181 	 * This can be used to enable a workaround to allow Windows 7 to use
182 	 * PBC with the AP.
183 	 */
184 	int pbc_in_m1;
185 
186 	/**
187 	 * peer_pubkey_hash - Peer public key hash or %NULL if not known
188 	 */
189 	const u8 *peer_pubkey_hash;
190 };
191 
192 struct wps_data * wps_init(const struct wps_config *cfg);
193 
194 void wps_deinit(struct wps_data *data);
195 
196 /**
197  * enum wps_process_res - WPS message processing result
198  */
199 enum wps_process_res {
200 	/**
201 	 * WPS_DONE - Processing done
202 	 */
203 	WPS_DONE,
204 
205 	/**
206 	 * WPS_CONTINUE - Processing continues
207 	 */
208 	WPS_CONTINUE,
209 
210 	/**
211 	 * WPS_FAILURE - Processing failed
212 	 */
213 	WPS_FAILURE,
214 
215 	/**
216 	 * WPS_PENDING - Processing continues, but waiting for an external
217 	 *	event (e.g., UPnP message from an external Registrar)
218 	 */
219 	WPS_PENDING
220 };
221 enum wps_process_res wps_process_msg(struct wps_data *wps,
222 				     enum wsc_op_code op_code,
223 				     const struct wpabuf *msg);
224 
225 struct wpabuf * wps_get_msg(struct wps_data *wps, enum wsc_op_code *op_code);
226 
227 int wps_is_selected_pbc_registrar(const struct wpabuf *msg);
228 int wps_is_selected_pin_registrar(const struct wpabuf *msg);
229 int wps_ap_priority_compar(const struct wpabuf *wps_a,
230 			   const struct wpabuf *wps_b);
231 int wps_is_addr_authorized(const struct wpabuf *msg, const u8 *addr,
232 			   int ver1_compat);
233 const u8 * wps_get_uuid_e(const struct wpabuf *msg);
234 int wps_is_20(const struct wpabuf *msg);
235 
236 struct wpabuf * wps_build_assoc_req_ie(enum wps_request_type req_type);
237 struct wpabuf * wps_build_assoc_resp_ie(void);
238 struct wpabuf * wps_build_probe_req_ie(u16 pw_id, struct wps_device_data *dev,
239 				       const u8 *uuid,
240 				       enum wps_request_type req_type,
241 				       unsigned int num_req_dev_types,
242 				       const u8 *req_dev_types);
243 
244 
245 /**
246  * struct wps_registrar_config - WPS Registrar configuration
247  */
248 struct wps_registrar_config {
249 	/**
250 	 * new_psk_cb - Callback for new PSK
251 	 * @ctx: Higher layer context data (cb_ctx)
252 	 * @mac_addr: MAC address of the Enrollee
253 	 * @p2p_dev_addr: P2P Device Address of the Enrollee or all zeros if not
254 	 * @psk: The new PSK
255 	 * @psk_len: The length of psk in octets
256 	 * Returns: 0 on success, -1 on failure
257 	 *
258 	 * This callback is called when a new per-device PSK is provisioned.
259 	 */
260 	int (*new_psk_cb)(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr,
261 			  const u8 *psk, size_t psk_len);
262 
263 	/**
264 	 * set_ie_cb - Callback for WPS IE changes
265 	 * @ctx: Higher layer context data (cb_ctx)
266 	 * @beacon_ie: WPS IE for Beacon
267 	 * @probe_resp_ie: WPS IE for Probe Response
268 	 * Returns: 0 on success, -1 on failure
269 	 *
270 	 * This callback is called whenever the WPS IE in Beacon or Probe
271 	 * Response frames needs to be changed (AP only). Callee is responsible
272 	 * for freeing the buffers.
273 	 */
274 	int (*set_ie_cb)(void *ctx, struct wpabuf *beacon_ie,
275 			 struct wpabuf *probe_resp_ie);
276 
277 	/**
278 	 * pin_needed_cb - Callback for requesting a PIN
279 	 * @ctx: Higher layer context data (cb_ctx)
280 	 * @uuid_e: UUID-E of the unknown Enrollee
281 	 * @dev: Device Data from the unknown Enrollee
282 	 *
283 	 * This callback is called whenever an unknown Enrollee requests to use
284 	 * PIN method and a matching PIN (Device Password) is not found in
285 	 * Registrar data.
286 	 */
287 	void (*pin_needed_cb)(void *ctx, const u8 *uuid_e,
288 			      const struct wps_device_data *dev);
289 
290 	/**
291 	 * reg_success_cb - Callback for reporting successful registration
292 	 * @ctx: Higher layer context data (cb_ctx)
293 	 * @mac_addr: MAC address of the Enrollee
294 	 * @uuid_e: UUID-E of the Enrollee
295 	 * @dev_pw: Device Password (PIN) used during registration
296 	 * @dev_pw_len: Length of dev_pw in octets
297 	 *
298 	 * This callback is called whenever an Enrollee completes registration
299 	 * successfully.
300 	 */
301 	void (*reg_success_cb)(void *ctx, const u8 *mac_addr,
302 			       const u8 *uuid_e, const u8 *dev_pw,
303 			       size_t dev_pw_len);
304 
305 	/**
306 	 * set_sel_reg_cb - Callback for reporting selected registrar changes
307 	 * @ctx: Higher layer context data (cb_ctx)
308 	 * @sel_reg: Whether the Registrar is selected
309 	 * @dev_passwd_id: Device Password ID to indicate with method or
310 	 *	specific password the Registrar intends to use
311 	 * @sel_reg_config_methods: Bit field of active config methods
312 	 *
313 	 * This callback is called whenever the Selected Registrar state
314 	 * changes (e.g., a new PIN becomes available or PBC is invoked). This
315 	 * callback is only used by External Registrar implementation;
316 	 * set_ie_cb() is used by AP implementation in similar caes, but it
317 	 * provides the full WPS IE data instead of just the minimal Registrar
318 	 * state information.
319 	 */
320 	void (*set_sel_reg_cb)(void *ctx, int sel_reg, u16 dev_passwd_id,
321 			       u16 sel_reg_config_methods);
322 
323 	/**
324 	 * enrollee_seen_cb - Callback for reporting Enrollee based on ProbeReq
325 	 * @ctx: Higher layer context data (cb_ctx)
326 	 * @addr: MAC address of the Enrollee
327 	 * @uuid_e: UUID of the Enrollee
328 	 * @pri_dev_type: Primary device type
329 	 * @config_methods: Config Methods
330 	 * @dev_password_id: Device Password ID
331 	 * @request_type: Request Type
332 	 * @dev_name: Device Name (if available)
333 	 */
334 	void (*enrollee_seen_cb)(void *ctx, const u8 *addr, const u8 *uuid_e,
335 				 const u8 *pri_dev_type, u16 config_methods,
336 				 u16 dev_password_id, u8 request_type,
337 				 const char *dev_name);
338 
339 	/**
340 	 * cb_ctx: Higher layer context data for Registrar callbacks
341 	 */
342 	void *cb_ctx;
343 
344 	/**
345 	 * skip_cred_build: Do not build credential
346 	 *
347 	 * This option can be used to disable internal code that builds
348 	 * Credential attribute into M8 based on the current network
349 	 * configuration and Enrollee capabilities. The extra_cred data will
350 	 * then be used as the Credential(s).
351 	 */
352 	int skip_cred_build;
353 
354 	/**
355 	 * extra_cred: Additional Credential attribute(s)
356 	 *
357 	 * This optional data (set to %NULL to disable) can be used to add
358 	 * Credential attribute(s) for other networks into M8. If
359 	 * skip_cred_build is set, this will also override the automatically
360 	 * generated Credential attribute.
361 	 */
362 	const u8 *extra_cred;
363 
364 	/**
365 	 * extra_cred_len: Length of extra_cred in octets
366 	 */
367 	size_t extra_cred_len;
368 
369 	/**
370 	 * disable_auto_conf - Disable auto-configuration on first registration
371 	 *
372 	 * By default, the AP that is started in not configured state will
373 	 * generate a random PSK and move to configured state when the first
374 	 * registration protocol run is completed successfully. This option can
375 	 * be used to disable this functionality and leave it up to an external
376 	 * program to take care of configuration. This requires the extra_cred
377 	 * to be set with a suitable Credential and skip_cred_build being used.
378 	 */
379 	int disable_auto_conf;
380 
381 	/**
382 	 * static_wep_only - Whether the BSS supports only static WEP
383 	 */
384 	int static_wep_only;
385 
386 	/**
387 	 * dualband - Whether this is a concurrent dualband AP
388 	 */
389 	int dualband;
390 
391 	/**
392 	 * force_per_enrollee_psk - Force per-Enrollee random PSK
393 	 *
394 	 * This forces per-Enrollee random PSK to be generated even if a default
395 	 * PSK is set for a network.
396 	 */
397 	int force_per_enrollee_psk;
398 };
399 
400 
401 /**
402  * enum wps_event - WPS event types
403  */
404 enum wps_event {
405 	/**
406 	 * WPS_EV_M2D - M2D received (Registrar did not know us)
407 	 */
408 	WPS_EV_M2D,
409 
410 	/**
411 	 * WPS_EV_FAIL - Registration failed
412 	 */
413 	WPS_EV_FAIL,
414 
415 	/**
416 	 * WPS_EV_SUCCESS - Registration succeeded
417 	 */
418 	WPS_EV_SUCCESS,
419 
420 	/**
421 	 * WPS_EV_PWD_AUTH_FAIL - Password authentication failed
422 	 */
423 	WPS_EV_PWD_AUTH_FAIL,
424 
425 	/**
426 	 * WPS_EV_PBC_OVERLAP - PBC session overlap detected
427 	 */
428 	WPS_EV_PBC_OVERLAP,
429 
430 	/**
431 	 * WPS_EV_PBC_TIMEOUT - PBC walktime expired before protocol run start
432 	 */
433 	WPS_EV_PBC_TIMEOUT,
434 
435 	/**
436 	 * WPS_EV_PBC_ACTIVE - PBC mode was activated
437 	 */
438 	WPS_EV_PBC_ACTIVE,
439 
440 	/**
441 	 * WPS_EV_PBC_DISABLE - PBC mode was disabled
442 	 */
443 	WPS_EV_PBC_DISABLE,
444 
445 	/**
446 	 * WPS_EV_ER_AP_ADD - ER: AP added
447 	 */
448 	WPS_EV_ER_AP_ADD,
449 
450 	/**
451 	 * WPS_EV_ER_AP_REMOVE - ER: AP removed
452 	 */
453 	WPS_EV_ER_AP_REMOVE,
454 
455 	/**
456 	 * WPS_EV_ER_ENROLLEE_ADD - ER: Enrollee added
457 	 */
458 	WPS_EV_ER_ENROLLEE_ADD,
459 
460 	/**
461 	 * WPS_EV_ER_ENROLLEE_REMOVE - ER: Enrollee removed
462 	 */
463 	WPS_EV_ER_ENROLLEE_REMOVE,
464 
465 	/**
466 	 * WPS_EV_ER_AP_SETTINGS - ER: AP Settings learned
467 	 */
468 	WPS_EV_ER_AP_SETTINGS,
469 
470 	/**
471 	 * WPS_EV_ER_SET_SELECTED_REGISTRAR - ER: SetSelectedRegistrar event
472 	 */
473 	WPS_EV_ER_SET_SELECTED_REGISTRAR,
474 
475 	/**
476 	 * WPS_EV_AP_PIN_SUCCESS - External Registrar used correct AP PIN
477 	 */
478 	WPS_EV_AP_PIN_SUCCESS
479 };
480 
481 /**
482  * union wps_event_data - WPS event data
483  */
484 union wps_event_data {
485 	/**
486 	 * struct wps_event_m2d - M2D event data
487 	 */
488 	struct wps_event_m2d {
489 		u16 config_methods;
490 		const u8 *manufacturer;
491 		size_t manufacturer_len;
492 		const u8 *model_name;
493 		size_t model_name_len;
494 		const u8 *model_number;
495 		size_t model_number_len;
496 		const u8 *serial_number;
497 		size_t serial_number_len;
498 		const u8 *dev_name;
499 		size_t dev_name_len;
500 		const u8 *primary_dev_type; /* 8 octets */
501 		u16 config_error;
502 		u16 dev_password_id;
503 	} m2d;
504 
505 	/**
506 	 * struct wps_event_fail - Registration failure information
507 	 * @msg: enum wps_msg_type
508 	 */
509 	struct wps_event_fail {
510 		int msg;
511 		u16 config_error;
512 		u16 error_indication;
513 		u8 peer_macaddr[ETH_ALEN];
514 	} fail;
515 
516 	struct wps_event_success {
517 		u8 peer_macaddr[ETH_ALEN];
518 	} success;
519 
520 	struct wps_event_pwd_auth_fail {
521 		int enrollee;
522 		int part;
523 		u8 peer_macaddr[ETH_ALEN];
524 	} pwd_auth_fail;
525 
526 	struct wps_event_er_ap {
527 		const u8 *uuid;
528 		const u8 *mac_addr;
529 		const char *friendly_name;
530 		const char *manufacturer;
531 		const char *manufacturer_url;
532 		const char *model_description;
533 		const char *model_name;
534 		const char *model_number;
535 		const char *model_url;
536 		const char *serial_number;
537 		const char *upc;
538 		const u8 *pri_dev_type;
539 		u8 wps_state;
540 	} ap;
541 
542 	struct wps_event_er_enrollee {
543 		const u8 *uuid;
544 		const u8 *mac_addr;
545 		int m1_received;
546 		u16 config_methods;
547 		u16 dev_passwd_id;
548 		const u8 *pri_dev_type;
549 		const char *dev_name;
550 		const char *manufacturer;
551 		const char *model_name;
552 		const char *model_number;
553 		const char *serial_number;
554 	} enrollee;
555 
556 	struct wps_event_er_ap_settings {
557 		const u8 *uuid;
558 		const struct wps_credential *cred;
559 	} ap_settings;
560 
561 	struct wps_event_er_set_selected_registrar {
562 		const u8 *uuid;
563 		int sel_reg;
564 		u16 dev_passwd_id;
565 		u16 sel_reg_config_methods;
566 		enum {
567 			WPS_ER_SET_SEL_REG_START,
568 			WPS_ER_SET_SEL_REG_DONE,
569 			WPS_ER_SET_SEL_REG_FAILED
570 		} state;
571 	} set_sel_reg;
572 };
573 
574 /**
575  * struct upnp_pending_message - Pending PutWLANResponse messages
576  * @next: Pointer to next pending message or %NULL
577  * @addr: NewWLANEventMAC
578  * @msg: NewMessage
579  * @type: Message Type
580  */
581 struct upnp_pending_message {
582 	struct upnp_pending_message *next;
583 	u8 addr[ETH_ALEN];
584 	struct wpabuf *msg;
585 	enum wps_msg_type type;
586 };
587 
588 /**
589  * struct wps_context - Long term WPS context data
590  *
591  * This data is stored at the higher layer Authenticator or Supplicant data
592  * structures and it is maintained over multiple registration protocol runs.
593  */
594 struct wps_context {
595 	/**
596 	 * ap - Whether the local end is an access point
597 	 */
598 	int ap;
599 
600 	/**
601 	 * registrar - Pointer to WPS registrar data from wps_registrar_init()
602 	 */
603 	struct wps_registrar *registrar;
604 
605 	/**
606 	 * wps_state - Current WPS state
607 	 */
608 	enum wps_state wps_state;
609 
610 	/**
611 	 * ap_setup_locked - Whether AP setup is locked (only used at AP)
612 	 */
613 	int ap_setup_locked;
614 
615 	/**
616 	 * uuid - Own UUID
617 	 */
618 	u8 uuid[16];
619 
620 	/**
621 	 * ssid - SSID
622 	 *
623 	 * This SSID is used by the Registrar to fill in information for
624 	 * Credentials. In addition, AP uses it when acting as an Enrollee to
625 	 * notify Registrar of the current configuration.
626 	 */
627 	u8 ssid[SSID_MAX_LEN];
628 
629 	/**
630 	 * ssid_len - Length of ssid in octets
631 	 */
632 	size_t ssid_len;
633 
634 	/**
635 	 * dev - Own WPS device data
636 	 */
637 	struct wps_device_data dev;
638 
639 	/**
640 	 * dh_ctx - Context data for Diffie-Hellman operation
641 	 */
642 	void *dh_ctx;
643 
644 	/**
645 	 * dh_privkey - Diffie-Hellman private key
646 	 */
647 	struct wpabuf *dh_privkey;
648 
649 	/**
650 	 * dh_pubkey_oob - Diffie-Hellman public key
651 	 */
652 	struct wpabuf *dh_pubkey;
653 
654 	/**
655 	 * config_methods - Enabled configuration methods
656 	 *
657 	 * Bit field of WPS_CONFIG_*
658 	 */
659 	u16 config_methods;
660 
661 	/**
662 	 * encr_types - Enabled encryption types (bit field of WPS_ENCR_*)
663 	 */
664 	u16 encr_types;
665 
666 	/**
667 	 * auth_types - Authentication types (bit field of WPS_AUTH_*)
668 	 */
669 	u16 auth_types;
670 
671 	/**
672 	 * encr_types - Current AP encryption type (WPS_ENCR_*)
673 	 */
674 	u16 ap_encr_type;
675 
676 	/**
677 	 * ap_auth_type - Current AP authentication types (WPS_AUTH_*)
678 	 */
679 	u16 ap_auth_type;
680 
681 	/**
682 	 * network_key - The current Network Key (PSK) or %NULL to generate new
683 	 *
684 	 * If %NULL, Registrar will generate per-device PSK. In addition, AP
685 	 * uses this when acting as an Enrollee to notify Registrar of the
686 	 * current configuration.
687 	 *
688 	 * When using WPA/WPA2-Person, this key can be either the ASCII
689 	 * passphrase (8..63 characters) or the 32-octet PSK (64 hex
690 	 * characters). When this is set to the ASCII passphrase, the PSK can
691 	 * be provided in the psk buffer and used per-Enrollee to control which
692 	 * key type is included in the Credential (e.g., to reduce calculation
693 	 * need on low-powered devices by provisioning PSK while still allowing
694 	 * other devices to get the passphrase).
695 	 */
696 	u8 *network_key;
697 
698 	/**
699 	 * network_key_len - Length of network_key in octets
700 	 */
701 	size_t network_key_len;
702 
703 	/**
704 	 * psk - The current network PSK
705 	 *
706 	 * This optional value can be used to provide the current PSK if
707 	 * network_key is set to the ASCII passphrase.
708 	 */
709 	u8 psk[32];
710 
711 	/**
712 	 * psk_set - Whether psk value is set
713 	 */
714 	int psk_set;
715 
716 	/**
717 	 * ap_settings - AP Settings override for M7 (only used at AP)
718 	 *
719 	 * If %NULL, AP Settings attributes will be generated based on the
720 	 * current network configuration.
721 	 */
722 	u8 *ap_settings;
723 
724 	/**
725 	 * ap_settings_len - Length of ap_settings in octets
726 	 */
727 	size_t ap_settings_len;
728 
729 	/**
730 	 * friendly_name - Friendly Name (required for UPnP)
731 	 */
732 	char *friendly_name;
733 
734 	/**
735 	 * manufacturer_url - Manufacturer URL (optional for UPnP)
736 	 */
737 	char *manufacturer_url;
738 
739 	/**
740 	 * model_description - Model Description (recommended for UPnP)
741 	 */
742 	char *model_description;
743 
744 	/**
745 	 * model_url - Model URL (optional for UPnP)
746 	 */
747 	char *model_url;
748 
749 	/**
750 	 * upc - Universal Product Code (optional for UPnP)
751 	 */
752 	char *upc;
753 
754 	/**
755 	 * cred_cb - Callback to notify that new Credentials were received
756 	 * @ctx: Higher layer context data (cb_ctx)
757 	 * @cred: The received Credential
758 	 * Return: 0 on success, -1 on failure
759 	 */
760 	int (*cred_cb)(void *ctx, const struct wps_credential *cred);
761 
762 	/**
763 	 * event_cb - Event callback (state information about progress)
764 	 * @ctx: Higher layer context data (cb_ctx)
765 	 * @event: Event type
766 	 * @data: Event data
767 	 */
768 	void (*event_cb)(void *ctx, enum wps_event event,
769 			 union wps_event_data *data);
770 
771 	/**
772 	 * rf_band_cb - Fetch currently used RF band
773 	 * @ctx: Higher layer context data (cb_ctx)
774 	 * Return: Current used RF band or 0 if not known
775 	 */
776 	int (*rf_band_cb)(void *ctx);
777 
778 	/**
779 	 * cb_ctx: Higher layer context data for callbacks
780 	 */
781 	void *cb_ctx;
782 
783 	struct upnp_wps_device_sm *wps_upnp;
784 
785 	/* Pending messages from UPnP PutWLANResponse */
786 	struct upnp_pending_message *upnp_msgs;
787 
788 	u16 ap_nfc_dev_pw_id;
789 	struct wpabuf *ap_nfc_dh_pubkey;
790 	struct wpabuf *ap_nfc_dh_privkey;
791 	struct wpabuf *ap_nfc_dev_pw;
792 };
793 
794 struct wps_registrar *
795 wps_registrar_init(struct wps_context *wps,
796 		   const struct wps_registrar_config *cfg);
797 void wps_registrar_deinit(struct wps_registrar *reg);
798 int wps_registrar_add_pin(struct wps_registrar *reg, const u8 *addr,
799 			  const u8 *uuid, const u8 *pin, size_t pin_len,
800 			  int timeout);
801 int wps_registrar_invalidate_pin(struct wps_registrar *reg, const u8 *uuid);
802 int wps_registrar_wps_cancel(struct wps_registrar *reg);
803 int wps_registrar_unlock_pin(struct wps_registrar *reg, const u8 *uuid);
804 int wps_registrar_button_pushed(struct wps_registrar *reg,
805 				const u8 *p2p_dev_addr);
806 void wps_registrar_complete(struct wps_registrar *registrar, const u8 *uuid_e,
807 			    const u8 *dev_pw, size_t dev_pw_len);
808 void wps_registrar_probe_req_rx(struct wps_registrar *reg, const u8 *addr,
809 				const struct wpabuf *wps_data,
810 				int p2p_wildcard);
811 int wps_registrar_update_ie(struct wps_registrar *reg);
812 int wps_registrar_get_info(struct wps_registrar *reg, const u8 *addr,
813 			   char *buf, size_t buflen);
814 int wps_registrar_config_ap(struct wps_registrar *reg,
815 			    struct wps_credential *cred);
816 int wps_registrar_add_nfc_pw_token(struct wps_registrar *reg,
817 				   const u8 *pubkey_hash, u16 pw_id,
818 				   const u8 *dev_pw, size_t dev_pw_len,
819 				   int pk_hash_provided_oob);
820 int wps_registrar_add_nfc_password_token(struct wps_registrar *reg,
821 					 const u8 *oob_dev_pw,
822 					 size_t oob_dev_pw_len);
823 void wps_registrar_flush(struct wps_registrar *reg);
824 
825 int wps_build_credential_wrap(struct wpabuf *msg,
826 			      const struct wps_credential *cred);
827 
828 unsigned int wps_pin_checksum(unsigned int pin);
829 unsigned int wps_pin_valid(unsigned int pin);
830 unsigned int wps_generate_pin(void);
831 int wps_pin_str_valid(const char *pin);
832 void wps_free_pending_msgs(struct upnp_pending_message *msgs);
833 
834 struct wpabuf * wps_get_oob_cred(struct wps_context *wps, int rf_band,
835 				 int channel);
836 int wps_oob_use_cred(struct wps_context *wps, struct wps_parse_attr *attr);
837 int wps_attr_text(struct wpabuf *data, char *buf, char *end);
838 const char * wps_ei_str(enum wps_error_indication ei);
839 
840 struct wps_er * wps_er_init(struct wps_context *wps, const char *ifname,
841 			    const char *filter);
842 void wps_er_refresh(struct wps_er *er);
843 void wps_er_deinit(struct wps_er *er, void (*cb)(void *ctx), void *ctx);
844 void wps_er_set_sel_reg(struct wps_er *er, int sel_reg, u16 dev_passwd_id,
845 			u16 sel_reg_config_methods);
846 int wps_er_pbc(struct wps_er *er, const u8 *uuid, const u8 *addr);
847 const u8 * wps_er_get_sta_uuid(struct wps_er *er, const u8 *addr);
848 int wps_er_learn(struct wps_er *er, const u8 *uuid, const u8 *addr,
849 		 const u8 *pin, size_t pin_len);
850 int wps_er_set_config(struct wps_er *er, const u8 *uuid, const u8 *addr,
851 		      const struct wps_credential *cred);
852 int wps_er_config(struct wps_er *er, const u8 *uuid, const u8 *addr,
853 		  const u8 *pin, size_t pin_len,
854 		  const struct wps_credential *cred);
855 struct wpabuf * wps_er_config_token_from_cred(struct wps_context *wps,
856 					      struct wps_credential *cred);
857 struct wpabuf * wps_er_nfc_config_token(struct wps_er *er, const u8 *uuid,
858 					const u8 *addr);
859 struct wpabuf * wps_er_nfc_handover_sel(struct wps_er *er,
860 					struct wps_context *wps, const u8 *uuid,
861 					const u8 *addr, struct wpabuf *pubkey);
862 
863 int wps_dev_type_str2bin(const char *str, u8 dev_type[WPS_DEV_TYPE_LEN]);
864 char * wps_dev_type_bin2str(const u8 dev_type[WPS_DEV_TYPE_LEN], char *buf,
865 			    size_t buf_len);
866 void uuid_gen_mac_addr(const u8 *mac_addr, u8 *uuid);
867 u16 wps_config_methods_str2bin(const char *str);
868 struct wpabuf * wps_build_nfc_pw_token(u16 dev_pw_id,
869 				       const struct wpabuf *pubkey,
870 				       const struct wpabuf *dev_pw);
871 struct wpabuf * wps_nfc_token_build(int ndef, int id, struct wpabuf *pubkey,
872 				    struct wpabuf *dev_pw);
873 int wps_nfc_gen_dh(struct wpabuf **pubkey, struct wpabuf **privkey);
874 struct wpabuf * wps_nfc_token_gen(int ndef, int *id, struct wpabuf **pubkey,
875 				  struct wpabuf **privkey,
876 				  struct wpabuf **dev_pw);
877 struct wpabuf * wps_build_nfc_handover_req(struct wps_context *ctx,
878 					   struct wpabuf *nfc_dh_pubkey);
879 struct wpabuf * wps_build_nfc_handover_sel(struct wps_context *ctx,
880 					   struct wpabuf *nfc_dh_pubkey,
881 					   const u8 *bssid, int freq);
882 struct wpabuf * wps_build_nfc_handover_req_p2p(struct wps_context *ctx,
883 					       struct wpabuf *nfc_dh_pubkey);
884 struct wpabuf * wps_build_nfc_handover_sel_p2p(struct wps_context *ctx,
885 					       int nfc_dev_pw_id,
886 					       struct wpabuf *nfc_dh_pubkey,
887 					       struct wpabuf *nfc_dev_pw);
888 
889 /* ndef.c */
890 struct wpabuf * ndef_parse_wifi(const struct wpabuf *buf);
891 struct wpabuf * ndef_build_wifi(const struct wpabuf *buf);
892 struct wpabuf * ndef_parse_p2p(const struct wpabuf *buf);
893 struct wpabuf * ndef_build_p2p(const struct wpabuf *buf);
894 
895 #ifdef CONFIG_WPS_STRICT
896 int wps_validate_beacon(const struct wpabuf *wps_ie);
897 int wps_validate_beacon_probe_resp(const struct wpabuf *wps_ie, int probe,
898 				   const u8 *addr);
899 int wps_validate_probe_req(const struct wpabuf *wps_ie, const u8 *addr);
900 int wps_validate_assoc_req(const struct wpabuf *wps_ie);
901 int wps_validate_assoc_resp(const struct wpabuf *wps_ie);
902 int wps_validate_m1(const struct wpabuf *tlvs);
903 int wps_validate_m2(const struct wpabuf *tlvs);
904 int wps_validate_m2d(const struct wpabuf *tlvs);
905 int wps_validate_m3(const struct wpabuf *tlvs);
906 int wps_validate_m4(const struct wpabuf *tlvs);
907 int wps_validate_m4_encr(const struct wpabuf *tlvs, int wps2);
908 int wps_validate_m5(const struct wpabuf *tlvs);
909 int wps_validate_m5_encr(const struct wpabuf *tlvs, int wps2);
910 int wps_validate_m6(const struct wpabuf *tlvs);
911 int wps_validate_m6_encr(const struct wpabuf *tlvs, int wps2);
912 int wps_validate_m7(const struct wpabuf *tlvs);
913 int wps_validate_m7_encr(const struct wpabuf *tlvs, int ap, int wps2);
914 int wps_validate_m8(const struct wpabuf *tlvs);
915 int wps_validate_m8_encr(const struct wpabuf *tlvs, int ap, int wps2);
916 int wps_validate_wsc_ack(const struct wpabuf *tlvs);
917 int wps_validate_wsc_nack(const struct wpabuf *tlvs);
918 int wps_validate_wsc_done(const struct wpabuf *tlvs);
919 int wps_validate_upnp_set_selected_registrar(const struct wpabuf *tlvs);
920 #else /* CONFIG_WPS_STRICT */
921 static inline int wps_validate_beacon(const struct wpabuf *wps_ie){
922 	return 0;
923 }
924 
925 static inline int wps_validate_beacon_probe_resp(const struct wpabuf *wps_ie,
926 						 int probe, const u8 *addr)
927 {
928 	return 0;
929 }
930 
931 static inline int wps_validate_probe_req(const struct wpabuf *wps_ie,
932 					 const u8 *addr)
933 {
934 	return 0;
935 }
936 
937 static inline int wps_validate_assoc_req(const struct wpabuf *wps_ie)
938 {
939 	return 0;
940 }
941 
942 static inline int wps_validate_assoc_resp(const struct wpabuf *wps_ie)
943 {
944 	return 0;
945 }
946 
947 static inline int wps_validate_m1(const struct wpabuf *tlvs)
948 {
949 	return 0;
950 }
951 
952 static inline int wps_validate_m2(const struct wpabuf *tlvs)
953 {
954 	return 0;
955 }
956 
957 static inline int wps_validate_m2d(const struct wpabuf *tlvs)
958 {
959 	return 0;
960 }
961 
962 static inline int wps_validate_m3(const struct wpabuf *tlvs)
963 {
964 	return 0;
965 }
966 
967 static inline int wps_validate_m4(const struct wpabuf *tlvs)
968 {
969 	return 0;
970 }
971 
972 static inline int wps_validate_m4_encr(const struct wpabuf *tlvs, int wps2)
973 {
974 	return 0;
975 }
976 
977 static inline int wps_validate_m5(const struct wpabuf *tlvs)
978 {
979 	return 0;
980 }
981 
982 static inline int wps_validate_m5_encr(const struct wpabuf *tlvs, int wps2)
983 {
984 	return 0;
985 }
986 
987 static inline int wps_validate_m6(const struct wpabuf *tlvs)
988 {
989 	return 0;
990 }
991 
992 static inline int wps_validate_m6_encr(const struct wpabuf *tlvs, int wps2)
993 {
994 	return 0;
995 }
996 
997 static inline int wps_validate_m7(const struct wpabuf *tlvs)
998 {
999 	return 0;
1000 }
1001 
1002 static inline int wps_validate_m7_encr(const struct wpabuf *tlvs, int ap,
1003 				       int wps2)
1004 {
1005 	return 0;
1006 }
1007 
1008 static inline int wps_validate_m8(const struct wpabuf *tlvs)
1009 {
1010 	return 0;
1011 }
1012 
1013 static inline int wps_validate_m8_encr(const struct wpabuf *tlvs, int ap,
1014 				       int wps2)
1015 {
1016 	return 0;
1017 }
1018 
1019 static inline int wps_validate_wsc_ack(const struct wpabuf *tlvs)
1020 {
1021 	return 0;
1022 }
1023 
1024 static inline int wps_validate_wsc_nack(const struct wpabuf *tlvs)
1025 {
1026 	return 0;
1027 }
1028 
1029 static inline int wps_validate_wsc_done(const struct wpabuf *tlvs)
1030 {
1031 	return 0;
1032 }
1033 
1034 static inline int wps_validate_upnp_set_selected_registrar(
1035 	const struct wpabuf *tlvs)
1036 {
1037 	return 0;
1038 }
1039 #endif /* CONFIG_WPS_STRICT */
1040 
1041 #endif /* WPS_H */
1042