1 /* 2 * Wi-Fi Protected Setup 3 * Copyright (c) 2007-2016, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #ifndef WPS_H 10 #define WPS_H 11 12 #include "common/ieee802_11_defs.h" 13 #include "wps_defs.h" 14 15 /** 16 * enum wsc_op_code - EAP-WSC OP-Code values 17 */ 18 enum wsc_op_code { 19 WSC_UPnP = 0 /* No OP Code in UPnP transport */, 20 WSC_Start = 0x01, 21 WSC_ACK = 0x02, 22 WSC_NACK = 0x03, 23 WSC_MSG = 0x04, 24 WSC_Done = 0x05, 25 WSC_FRAG_ACK = 0x06 26 }; 27 28 struct wps_registrar; 29 struct upnp_wps_device_sm; 30 struct wps_er; 31 struct wps_parse_attr; 32 33 /** 34 * struct wps_credential - WPS Credential 35 * @ssid: SSID 36 * @ssid_len: Length of SSID 37 * @auth_type: Authentication Type (WPS_AUTH_OPEN, .. flags) 38 * @encr_type: Encryption Type (WPS_ENCR_NONE, .. flags) 39 * @key_idx: Key index 40 * @key: Key 41 * @key_len: Key length in octets 42 * @mac_addr: MAC address of the Credential receiver 43 * @cred_attr: Unparsed Credential attribute data (used only in cred_cb()); 44 * this may be %NULL, if not used 45 * @cred_attr_len: Length of cred_attr in octets 46 */ 47 struct wps_credential { 48 u8 ssid[SSID_MAX_LEN]; 49 size_t ssid_len; 50 u16 auth_type; 51 u16 encr_type; 52 u8 key_idx; 53 u8 key[64]; 54 size_t key_len; 55 u8 mac_addr[ETH_ALEN]; 56 const u8 *cred_attr; 57 size_t cred_attr_len; 58 }; 59 60 #define WPS_DEV_TYPE_LEN 8 61 #define WPS_DEV_TYPE_BUFSIZE 21 62 #define WPS_SEC_DEV_TYPE_MAX_LEN 128 63 /* maximum number of advertised WPS vendor extension attributes */ 64 #define MAX_WPS_VENDOR_EXTENSIONS 10 65 /* maximum size of WPS Vendor extension attribute */ 66 #define WPS_MAX_VENDOR_EXT_LEN 1024 67 /* maximum number of parsed WPS vendor extension attributes */ 68 #define MAX_WPS_PARSE_VENDOR_EXT 10 69 70 /** 71 * struct wps_device_data - WPS Device Data 72 * @mac_addr: Device MAC address 73 * @device_name: Device Name (0..32 octets encoded in UTF-8) 74 * @manufacturer: Manufacturer (0..64 octets encoded in UTF-8) 75 * @model_name: Model Name (0..32 octets encoded in UTF-8) 76 * @model_number: Model Number (0..32 octets encoded in UTF-8) 77 * @serial_number: Serial Number (0..32 octets encoded in UTF-8) 78 * @pri_dev_type: Primary Device Type 79 * @sec_dev_type: Array of secondary device types 80 * @num_sec_dev_type: Number of secondary device types 81 * @os_version: OS Version 82 * @rf_bands: RF bands (WPS_RF_24GHZ, WPS_RF_50GHZ, WPS_RF_60GHZ flags) 83 * @p2p: Whether the device is a P2P device 84 */ 85 struct wps_device_data { 86 u8 mac_addr[ETH_ALEN]; 87 char *device_name; 88 char *manufacturer; 89 char *model_name; 90 char *model_number; 91 char *serial_number; 92 u8 pri_dev_type[WPS_DEV_TYPE_LEN]; 93 #define WPS_SEC_DEVICE_TYPES 5 94 u8 sec_dev_type[WPS_SEC_DEVICE_TYPES][WPS_DEV_TYPE_LEN]; 95 u8 num_sec_dev_types; 96 u32 os_version; 97 u8 rf_bands; 98 u16 config_methods; 99 struct wpabuf *vendor_ext_m1; 100 struct wpabuf *vendor_ext[MAX_WPS_VENDOR_EXTENSIONS]; 101 struct wpabuf *application_ext; 102 103 int p2p; 104 u8 multi_ap_ext; 105 }; 106 107 /** 108 * struct wps_config - WPS configuration for a single registration protocol run 109 */ 110 struct wps_config { 111 /** 112 * wps - Pointer to long term WPS context 113 */ 114 struct wps_context *wps; 115 116 /** 117 * registrar - Whether this end is a Registrar 118 */ 119 int registrar; 120 121 /** 122 * pin - Enrollee Device Password (%NULL for Registrar or PBC) 123 */ 124 const u8 *pin; 125 126 /** 127 * pin_len - Length on pin in octets 128 */ 129 size_t pin_len; 130 131 /** 132 * pbc - Whether this is protocol run uses PBC 133 */ 134 int pbc; 135 136 /** 137 * assoc_wps_ie: (Re)AssocReq WPS IE (in AP; %NULL if not AP) 138 */ 139 const struct wpabuf *assoc_wps_ie; 140 141 /** 142 * new_ap_settings - New AP settings (%NULL if not used) 143 * 144 * This parameter provides new AP settings when using a wireless 145 * stations as a Registrar to configure the AP. %NULL means that AP 146 * will not be reconfigured, i.e., the station will only learn the 147 * current AP settings by using AP PIN. 148 */ 149 const struct wps_credential *new_ap_settings; 150 151 /** 152 * peer_addr: MAC address of the peer in AP; %NULL if not AP 153 */ 154 const u8 *peer_addr; 155 156 /** 157 * use_psk_key - Use PSK format key in Credential 158 * 159 * Force PSK format to be used instead of ASCII passphrase when 160 * building Credential for an Enrollee. The PSK value is set in 161 * struct wpa_context::psk. 162 */ 163 int use_psk_key; 164 165 /** 166 * dev_pw_id - Device Password ID for Enrollee when PIN is used 167 */ 168 u16 dev_pw_id; 169 170 /** 171 * p2p_dev_addr - P2P Device Address from (Re)Association Request 172 * 173 * On AP/GO, this is set to the P2P Device Address of the associating 174 * P2P client if a P2P IE is included in the (Re)Association Request 175 * frame and the P2P Device Address is included. Otherwise, this is set 176 * to %NULL to indicate the station does not have a P2P Device Address. 177 */ 178 const u8 *p2p_dev_addr; 179 180 /** 181 * pbc_in_m1 - Do not remove PushButton config method in M1 (AP) 182 * 183 * This can be used to enable a workaround to allow Windows 7 to use 184 * PBC with the AP. 185 */ 186 int pbc_in_m1; 187 188 /** 189 * peer_pubkey_hash - Peer public key hash or %NULL if not known 190 */ 191 const u8 *peer_pubkey_hash; 192 193 /** 194 * multi_ap_backhaul_sta - Whether this is a Multi-AP backhaul STA 195 * enrollee 196 */ 197 int multi_ap_backhaul_sta; 198 199 /* 200 * multi_ap_profile - Get the Multi-AP Profile 201 */ 202 int multi_ap_profile; 203 }; 204 205 struct wps_data * wps_init(const struct wps_config *cfg); 206 207 void wps_deinit(struct wps_data *data); 208 209 /** 210 * enum wps_process_res - WPS message processing result 211 */ 212 enum wps_process_res { 213 /** 214 * WPS_DONE - Processing done 215 */ 216 WPS_DONE, 217 218 /** 219 * WPS_CONTINUE - Processing continues 220 */ 221 WPS_CONTINUE, 222 223 /** 224 * WPS_FAILURE - Processing failed 225 */ 226 WPS_FAILURE, 227 228 /** 229 * WPS_PENDING - Processing continues, but waiting for an external 230 * event (e.g., UPnP message from an external Registrar) 231 */ 232 WPS_PENDING 233 }; 234 enum wps_process_res wps_process_msg(struct wps_data *wps, 235 enum wsc_op_code op_code, 236 const struct wpabuf *msg); 237 238 struct wpabuf * wps_get_msg(struct wps_data *wps, enum wsc_op_code *op_code); 239 240 int wps_is_selected_pbc_registrar(const struct wpabuf *msg); 241 int wps_is_selected_pin_registrar(const struct wpabuf *msg); 242 int wps_ap_priority_compar(const struct wpabuf *wps_a, 243 const struct wpabuf *wps_b); 244 int wps_is_addr_authorized(const struct wpabuf *msg, const u8 *addr, 245 int ver1_compat); 246 const u8 * wps_get_uuid_e(const struct wpabuf *msg); 247 int wps_is_20(const struct wpabuf *msg); 248 249 struct wpabuf * wps_build_assoc_req_ie(enum wps_request_type req_type); 250 struct wpabuf * wps_build_assoc_resp_ie(void); 251 struct wpabuf * wps_build_probe_req_ie(u16 pw_id, struct wps_device_data *dev, 252 const u8 *uuid, 253 enum wps_request_type req_type, 254 unsigned int num_req_dev_types, 255 const u8 *req_dev_types); 256 257 258 /** 259 * struct wps_registrar_config - WPS Registrar configuration 260 */ 261 struct wps_registrar_config { 262 /** 263 * new_psk_cb - Callback for new PSK 264 * @ctx: Higher layer context data (cb_ctx) 265 * @mac_addr: MAC address of the Enrollee 266 * @p2p_dev_addr: P2P Device Address of the Enrollee or all zeros if not 267 * @psk: The new PSK 268 * @psk_len: The length of psk in octets 269 * Returns: 0 on success, -1 on failure 270 * 271 * This callback is called when a new per-device PSK is provisioned. 272 */ 273 int (*new_psk_cb)(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr, 274 const u8 *psk, size_t psk_len); 275 276 /** 277 * set_ie_cb - Callback for WPS IE changes 278 * @ctx: Higher layer context data (cb_ctx) 279 * @beacon_ie: WPS IE for Beacon 280 * @probe_resp_ie: WPS IE for Probe Response 281 * Returns: 0 on success, -1 on failure 282 * 283 * This callback is called whenever the WPS IE in Beacon or Probe 284 * Response frames needs to be changed (AP only). Callee is responsible 285 * for freeing the buffers. 286 */ 287 int (*set_ie_cb)(void *ctx, struct wpabuf *beacon_ie, 288 struct wpabuf *probe_resp_ie); 289 290 /** 291 * pin_needed_cb - Callback for requesting a PIN 292 * @ctx: Higher layer context data (cb_ctx) 293 * @uuid_e: UUID-E of the unknown Enrollee 294 * @dev: Device Data from the unknown Enrollee 295 * 296 * This callback is called whenever an unknown Enrollee requests to use 297 * PIN method and a matching PIN (Device Password) is not found in 298 * Registrar data. 299 */ 300 void (*pin_needed_cb)(void *ctx, const u8 *uuid_e, 301 const struct wps_device_data *dev); 302 303 /** 304 * reg_success_cb - Callback for reporting successful registration 305 * @ctx: Higher layer context data (cb_ctx) 306 * @mac_addr: MAC address of the Enrollee 307 * @uuid_e: UUID-E of the Enrollee 308 * @dev_pw: Device Password (PIN) used during registration 309 * @dev_pw_len: Length of dev_pw in octets 310 * 311 * This callback is called whenever an Enrollee completes registration 312 * successfully. 313 */ 314 void (*reg_success_cb)(void *ctx, const u8 *mac_addr, 315 const u8 *uuid_e, const u8 *dev_pw, 316 size_t dev_pw_len); 317 318 /** 319 * set_sel_reg_cb - Callback for reporting selected registrar changes 320 * @ctx: Higher layer context data (cb_ctx) 321 * @sel_reg: Whether the Registrar is selected 322 * @dev_passwd_id: Device Password ID to indicate with method or 323 * specific password the Registrar intends to use 324 * @sel_reg_config_methods: Bit field of active config methods 325 * 326 * This callback is called whenever the Selected Registrar state 327 * changes (e.g., a new PIN becomes available or PBC is invoked). This 328 * callback is only used by External Registrar implementation; 329 * set_ie_cb() is used by AP implementation in similar caes, but it 330 * provides the full WPS IE data instead of just the minimal Registrar 331 * state information. 332 */ 333 void (*set_sel_reg_cb)(void *ctx, int sel_reg, u16 dev_passwd_id, 334 u16 sel_reg_config_methods); 335 336 /** 337 * enrollee_seen_cb - Callback for reporting Enrollee based on ProbeReq 338 * @ctx: Higher layer context data (cb_ctx) 339 * @addr: MAC address of the Enrollee 340 * @uuid_e: UUID of the Enrollee 341 * @pri_dev_type: Primary device type 342 * @config_methods: Config Methods 343 * @dev_password_id: Device Password ID 344 * @request_type: Request Type 345 * @dev_name: Device Name (if available) 346 */ 347 void (*enrollee_seen_cb)(void *ctx, const u8 *addr, const u8 *uuid_e, 348 const u8 *pri_dev_type, u16 config_methods, 349 u16 dev_password_id, u8 request_type, 350 const char *dev_name); 351 352 /** 353 * lookup_pskfile_cb - Callback for searching for PSK in wpa_psk_file 354 * @ctx: Higher layer context data (cb_ctx) 355 * @addr: Enrollee's MAC address 356 * @psk: Pointer to found PSK (output arg) 357 */ 358 int (*lookup_pskfile_cb)(void *ctx, const u8 *mac_addr, const u8 **psk); 359 360 /** 361 * cb_ctx: Higher layer context data for Registrar callbacks 362 */ 363 void *cb_ctx; 364 365 /** 366 * skip_cred_build: Do not build credential 367 * 368 * This option can be used to disable internal code that builds 369 * Credential attribute into M8 based on the current network 370 * configuration and Enrollee capabilities. The extra_cred data will 371 * then be used as the Credential(s). 372 */ 373 int skip_cred_build; 374 375 /** 376 * extra_cred: Additional Credential attribute(s) 377 * 378 * This optional data (set to %NULL to disable) can be used to add 379 * Credential attribute(s) for other networks into M8. If 380 * skip_cred_build is set, this will also override the automatically 381 * generated Credential attribute. 382 */ 383 const u8 *extra_cred; 384 385 /** 386 * extra_cred_len: Length of extra_cred in octets 387 */ 388 size_t extra_cred_len; 389 390 /** 391 * disable_auto_conf - Disable auto-configuration on first registration 392 * 393 * By default, the AP that is started in not configured state will 394 * generate a random PSK and move to configured state when the first 395 * registration protocol run is completed successfully. This option can 396 * be used to disable this functionality and leave it up to an external 397 * program to take care of configuration. This requires the extra_cred 398 * to be set with a suitable Credential and skip_cred_build being used. 399 */ 400 int disable_auto_conf; 401 402 /** 403 * dualband - Whether this is a concurrent dualband AP 404 */ 405 int dualband; 406 407 /** 408 * force_per_enrollee_psk - Force per-Enrollee random PSK 409 * 410 * This forces per-Enrollee random PSK to be generated even if a default 411 * PSK is set for a network. 412 */ 413 int force_per_enrollee_psk; 414 415 /** 416 * multi_ap_backhaul_ssid - SSID to supply to a Multi-AP backhaul 417 * enrollee 418 * 419 * This SSID is used by the Registrar to fill in information for 420 * Credentials when the enrollee advertises it is a Multi-AP backhaul 421 * STA. 422 */ 423 const u8 *multi_ap_backhaul_ssid; 424 425 /** 426 * multi_ap_backhaul_ssid_len - Length of multi_ap_backhaul_ssid in 427 * octets 428 */ 429 size_t multi_ap_backhaul_ssid_len; 430 431 /** 432 * multi_ap_backhaul_network_key - The Network Key (PSK) for the 433 * Multi-AP backhaul enrollee. 434 * 435 * This key can be either the ASCII passphrase (8..63 characters) or the 436 * 32-octet PSK (64 hex characters). 437 */ 438 const u8 *multi_ap_backhaul_network_key; 439 440 /** 441 * multi_ap_backhaul_network_key_len - Length of 442 * multi_ap_backhaul_network_key in octets 443 */ 444 size_t multi_ap_backhaul_network_key_len; 445 }; 446 447 448 /** 449 * enum wps_event - WPS event types 450 */ 451 enum wps_event { 452 /** 453 * WPS_EV_M2D - M2D received (Registrar did not know us) 454 */ 455 WPS_EV_M2D, 456 457 /** 458 * WPS_EV_FAIL - Registration failed 459 */ 460 WPS_EV_FAIL, 461 462 /** 463 * WPS_EV_SUCCESS - Registration succeeded 464 */ 465 WPS_EV_SUCCESS, 466 467 /** 468 * WPS_EV_PWD_AUTH_FAIL - Password authentication failed 469 */ 470 WPS_EV_PWD_AUTH_FAIL, 471 472 /** 473 * WPS_EV_PBC_OVERLAP - PBC session overlap detected 474 */ 475 WPS_EV_PBC_OVERLAP, 476 477 /** 478 * WPS_EV_PBC_TIMEOUT - PBC walktime expired before protocol run start 479 */ 480 WPS_EV_PBC_TIMEOUT, 481 482 /** 483 * WPS_EV_PBC_ACTIVE - PBC mode was activated 484 */ 485 WPS_EV_PBC_ACTIVE, 486 487 /** 488 * WPS_EV_PBC_DISABLE - PBC mode was disabled 489 */ 490 WPS_EV_PBC_DISABLE, 491 492 /** 493 * WPS_EV_ER_AP_ADD - ER: AP added 494 */ 495 WPS_EV_ER_AP_ADD, 496 497 /** 498 * WPS_EV_ER_AP_REMOVE - ER: AP removed 499 */ 500 WPS_EV_ER_AP_REMOVE, 501 502 /** 503 * WPS_EV_ER_ENROLLEE_ADD - ER: Enrollee added 504 */ 505 WPS_EV_ER_ENROLLEE_ADD, 506 507 /** 508 * WPS_EV_ER_ENROLLEE_REMOVE - ER: Enrollee removed 509 */ 510 WPS_EV_ER_ENROLLEE_REMOVE, 511 512 /** 513 * WPS_EV_ER_AP_SETTINGS - ER: AP Settings learned 514 */ 515 WPS_EV_ER_AP_SETTINGS, 516 517 /** 518 * WPS_EV_ER_SET_SELECTED_REGISTRAR - ER: SetSelectedRegistrar event 519 */ 520 WPS_EV_ER_SET_SELECTED_REGISTRAR, 521 522 /** 523 * WPS_EV_AP_PIN_SUCCESS - External Registrar used correct AP PIN 524 */ 525 WPS_EV_AP_PIN_SUCCESS 526 }; 527 528 /** 529 * union wps_event_data - WPS event data 530 */ 531 union wps_event_data { 532 /** 533 * struct wps_event_m2d - M2D event data 534 */ 535 struct wps_event_m2d { 536 u16 config_methods; 537 const u8 *manufacturer; 538 size_t manufacturer_len; 539 const u8 *model_name; 540 size_t model_name_len; 541 const u8 *model_number; 542 size_t model_number_len; 543 const u8 *serial_number; 544 size_t serial_number_len; 545 const u8 *dev_name; 546 size_t dev_name_len; 547 const u8 *primary_dev_type; /* 8 octets */ 548 u16 config_error; 549 u16 dev_password_id; 550 } m2d; 551 552 /** 553 * struct wps_event_fail - Registration failure information 554 * @msg: enum wps_msg_type 555 */ 556 struct wps_event_fail { 557 int msg; 558 u16 config_error; 559 u16 error_indication; 560 u8 peer_macaddr[ETH_ALEN]; 561 } fail; 562 563 struct wps_event_success { 564 u8 peer_macaddr[ETH_ALEN]; 565 } success; 566 567 struct wps_event_pwd_auth_fail { 568 int enrollee; 569 int part; 570 u8 peer_macaddr[ETH_ALEN]; 571 } pwd_auth_fail; 572 573 struct wps_event_er_ap { 574 const u8 *uuid; 575 const u8 *mac_addr; 576 const char *friendly_name; 577 const char *manufacturer; 578 const char *manufacturer_url; 579 const char *model_description; 580 const char *model_name; 581 const char *model_number; 582 const char *model_url; 583 const char *serial_number; 584 const char *upc; 585 const u8 *pri_dev_type; 586 u8 wps_state; 587 } ap; 588 589 struct wps_event_er_enrollee { 590 const u8 *uuid; 591 const u8 *mac_addr; 592 int m1_received; 593 u16 config_methods; 594 u16 dev_passwd_id; 595 const u8 *pri_dev_type; 596 const char *dev_name; 597 const char *manufacturer; 598 const char *model_name; 599 const char *model_number; 600 const char *serial_number; 601 } enrollee; 602 603 struct wps_event_er_ap_settings { 604 const u8 *uuid; 605 const struct wps_credential *cred; 606 } ap_settings; 607 608 struct wps_event_er_set_selected_registrar { 609 const u8 *uuid; 610 int sel_reg; 611 u16 dev_passwd_id; 612 u16 sel_reg_config_methods; 613 enum { 614 WPS_ER_SET_SEL_REG_START, 615 WPS_ER_SET_SEL_REG_DONE, 616 WPS_ER_SET_SEL_REG_FAILED 617 } state; 618 } set_sel_reg; 619 }; 620 621 /** 622 * struct upnp_pending_message - Pending PutWLANResponse messages 623 * @next: Pointer to next pending message or %NULL 624 * @addr: NewWLANEventMAC 625 * @msg: NewMessage 626 * @type: Message Type 627 */ 628 struct upnp_pending_message { 629 struct upnp_pending_message *next; 630 u8 addr[ETH_ALEN]; 631 struct wpabuf *msg; 632 enum wps_msg_type type; 633 }; 634 635 /** 636 * struct wps_context - Long term WPS context data 637 * 638 * This data is stored at the higher layer Authenticator or Supplicant data 639 * structures and it is maintained over multiple registration protocol runs. 640 */ 641 struct wps_context { 642 /** 643 * ap - Whether the local end is an access point 644 */ 645 int ap; 646 647 /** 648 * registrar - Pointer to WPS registrar data from wps_registrar_init() 649 */ 650 struct wps_registrar *registrar; 651 652 /** 653 * wps_state - Current WPS state 654 */ 655 enum wps_state wps_state; 656 657 /** 658 * ap_setup_locked - Whether AP setup is locked (only used at AP) 659 */ 660 int ap_setup_locked; 661 662 /** 663 * uuid - Own UUID 664 */ 665 u8 uuid[16]; 666 667 /** 668 * ssid - SSID 669 * 670 * This SSID is used by the Registrar to fill in information for 671 * Credentials. In addition, AP uses it when acting as an Enrollee to 672 * notify Registrar of the current configuration. 673 */ 674 u8 ssid[SSID_MAX_LEN]; 675 676 /** 677 * ssid_len - Length of ssid in octets 678 */ 679 size_t ssid_len; 680 681 /** 682 * dev - Own WPS device data 683 */ 684 struct wps_device_data dev; 685 686 /** 687 * dh_ctx - Context data for Diffie-Hellman operation 688 */ 689 void *dh_ctx; 690 691 /** 692 * dh_privkey - Diffie-Hellman private key 693 */ 694 struct wpabuf *dh_privkey; 695 696 /** 697 * dh_pubkey_oob - Diffie-Hellman public key 698 */ 699 struct wpabuf *dh_pubkey; 700 701 /** 702 * config_methods - Enabled configuration methods 703 * 704 * Bit field of WPS_CONFIG_* 705 */ 706 u16 config_methods; 707 708 /** 709 * encr_types - Enabled encryption types (bit field of WPS_ENCR_*) 710 */ 711 u16 encr_types; 712 713 /** 714 * encr_types_rsn - Enabled encryption types for RSN (WPS_ENCR_*) 715 */ 716 u16 encr_types_rsn; 717 718 /** 719 * encr_types_wpa - Enabled encryption types for WPA (WPS_ENCR_*) 720 */ 721 u16 encr_types_wpa; 722 723 /** 724 * auth_types - Authentication types (bit field of WPS_AUTH_*) 725 */ 726 u16 auth_types; 727 728 /** 729 * encr_types - Current AP encryption type (WPS_ENCR_*) 730 */ 731 u16 ap_encr_type; 732 733 /** 734 * ap_auth_type - Current AP authentication types (WPS_AUTH_*) 735 */ 736 u16 ap_auth_type; 737 738 /** 739 * network_key - The current Network Key (PSK) or %NULL to generate new 740 * 741 * If %NULL, Registrar will generate per-device PSK. In addition, AP 742 * uses this when acting as an Enrollee to notify Registrar of the 743 * current configuration. 744 * 745 * When using WPA/WPA2-Personal, this key can be either the ASCII 746 * passphrase (8..63 characters) or the 32-octet PSK (64 hex 747 * characters). When this is set to the ASCII passphrase, the PSK can 748 * be provided in the psk buffer and used per-Enrollee to control which 749 * key type is included in the Credential (e.g., to reduce calculation 750 * need on low-powered devices by provisioning PSK while still allowing 751 * other devices to get the passphrase). 752 */ 753 u8 *network_key; 754 755 /** 756 * network_key_len - Length of network_key in octets 757 */ 758 size_t network_key_len; 759 760 /** 761 * psk - The current network PSK 762 * 763 * This optional value can be used to provide the current PSK if 764 * network_key is set to the ASCII passphrase. 765 */ 766 u8 psk[32]; 767 768 /** 769 * psk_set - Whether psk value is set 770 */ 771 int psk_set; 772 773 /** 774 * ap_settings - AP Settings override for M7 (only used at AP) 775 * 776 * If %NULL, AP Settings attributes will be generated based on the 777 * current network configuration. 778 */ 779 u8 *ap_settings; 780 781 /** 782 * ap_settings_len - Length of ap_settings in octets 783 */ 784 size_t ap_settings_len; 785 786 /** 787 * friendly_name - Friendly Name (required for UPnP) 788 */ 789 char *friendly_name; 790 791 /** 792 * manufacturer_url - Manufacturer URL (optional for UPnP) 793 */ 794 char *manufacturer_url; 795 796 /** 797 * model_description - Model Description (recommended for UPnP) 798 */ 799 char *model_description; 800 801 /** 802 * model_url - Model URL (optional for UPnP) 803 */ 804 char *model_url; 805 806 /** 807 * upc - Universal Product Code (optional for UPnP) 808 */ 809 char *upc; 810 811 /** 812 * cred_cb - Callback to notify that new Credentials were received 813 * @ctx: Higher layer context data (cb_ctx) 814 * @cred: The received Credential 815 * Return: 0 on success, -1 on failure 816 */ 817 int (*cred_cb)(void *ctx, const struct wps_credential *cred); 818 819 /** 820 * event_cb - Event callback (state information about progress) 821 * @ctx: Higher layer context data (cb_ctx) 822 * @event: Event type 823 * @data: Event data 824 */ 825 void (*event_cb)(void *ctx, enum wps_event event, 826 union wps_event_data *data); 827 828 /** 829 * rf_band_cb - Fetch currently used RF band 830 * @ctx: Higher layer context data (cb_ctx) 831 * Return: Current used RF band or 0 if not known 832 */ 833 int (*rf_band_cb)(void *ctx); 834 835 /** 836 * cb_ctx: Higher layer context data for callbacks 837 */ 838 void *cb_ctx; 839 840 struct upnp_wps_device_sm *wps_upnp; 841 842 /* Pending messages from UPnP PutWLANResponse */ 843 struct upnp_pending_message *upnp_msgs; 844 845 u16 ap_nfc_dev_pw_id; 846 struct wpabuf *ap_nfc_dh_pubkey; 847 struct wpabuf *ap_nfc_dh_privkey; 848 struct wpabuf *ap_nfc_dev_pw; 849 850 /* Whether to send WPA2-PSK passphrase as a passphrase instead of PSK 851 * for WPA3-Personal transition mode needs. */ 852 bool use_passphrase; 853 }; 854 855 struct wps_registrar * 856 wps_registrar_init(struct wps_context *wps, 857 const struct wps_registrar_config *cfg); 858 void wps_registrar_deinit(struct wps_registrar *reg); 859 int wps_registrar_add_pin(struct wps_registrar *reg, const u8 *addr, 860 const u8 *uuid, const u8 *pin, size_t pin_len, 861 int timeout); 862 int wps_registrar_invalidate_pin(struct wps_registrar *reg, const u8 *uuid); 863 int wps_registrar_wps_cancel(struct wps_registrar *reg); 864 int wps_registrar_unlock_pin(struct wps_registrar *reg, const u8 *uuid); 865 int wps_registrar_button_pushed(struct wps_registrar *reg, 866 const u8 *p2p_dev_addr); 867 void wps_registrar_complete(struct wps_registrar *registrar, const u8 *uuid_e, 868 const u8 *dev_pw, size_t dev_pw_len); 869 void wps_registrar_probe_req_rx(struct wps_registrar *reg, const u8 *addr, 870 const struct wpabuf *wps_data, 871 int p2p_wildcard); 872 int wps_registrar_update_ie(struct wps_registrar *reg); 873 int wps_registrar_get_info(struct wps_registrar *reg, const u8 *addr, 874 char *buf, size_t buflen); 875 int wps_registrar_config_ap(struct wps_registrar *reg, 876 struct wps_credential *cred); 877 int wps_registrar_add_nfc_pw_token(struct wps_registrar *reg, 878 const u8 *pubkey_hash, u16 pw_id, 879 const u8 *dev_pw, size_t dev_pw_len, 880 int pk_hash_provided_oob); 881 int wps_registrar_add_nfc_password_token(struct wps_registrar *reg, 882 const u8 *oob_dev_pw, 883 size_t oob_dev_pw_len); 884 void wps_registrar_flush(struct wps_registrar *reg); 885 int wps_registrar_update_multi_ap(struct wps_registrar *reg, 886 const u8 *multi_ap_backhaul_ssid, 887 size_t multi_ap_backhaul_ssid_len, 888 const u8 *multi_ap_backhaul_network_key, 889 size_t multi_ap_backhaul_network_key_len); 890 891 int wps_build_credential_wrap(struct wpabuf *msg, 892 const struct wps_credential *cred); 893 894 unsigned int wps_pin_checksum(unsigned int pin); 895 unsigned int wps_pin_valid(unsigned int pin); 896 int wps_generate_pin(unsigned int *pin); 897 int wps_pin_str_valid(const char *pin); 898 void wps_free_pending_msgs(struct upnp_pending_message *msgs); 899 900 struct wpabuf * wps_get_oob_cred(struct wps_context *wps, int rf_band, 901 int channel); 902 int wps_oob_use_cred(struct wps_context *wps, struct wps_parse_attr *attr); 903 int wps_attr_text(struct wpabuf *data, char *buf, char *end); 904 const char * wps_ei_str(enum wps_error_indication ei); 905 906 struct wps_er * wps_er_init(struct wps_context *wps, const char *ifname, 907 const char *filter); 908 void wps_er_refresh(struct wps_er *er); 909 void wps_er_deinit(struct wps_er *er, void (*cb)(void *ctx), void *ctx); 910 void wps_er_set_sel_reg(struct wps_er *er, int sel_reg, u16 dev_passwd_id, 911 u16 sel_reg_config_methods); 912 int wps_er_pbc(struct wps_er *er, const u8 *uuid, const u8 *addr); 913 const u8 * wps_er_get_sta_uuid(struct wps_er *er, const u8 *addr); 914 int wps_er_learn(struct wps_er *er, const u8 *uuid, const u8 *addr, 915 const u8 *pin, size_t pin_len); 916 int wps_er_set_config(struct wps_er *er, const u8 *uuid, const u8 *addr, 917 const struct wps_credential *cred); 918 int wps_er_config(struct wps_er *er, const u8 *uuid, const u8 *addr, 919 const u8 *pin, size_t pin_len, 920 const struct wps_credential *cred); 921 struct wpabuf * wps_er_config_token_from_cred(struct wps_context *wps, 922 struct wps_credential *cred); 923 struct wpabuf * wps_er_nfc_config_token(struct wps_er *er, const u8 *uuid, 924 const u8 *addr); 925 struct wpabuf * wps_er_nfc_handover_sel(struct wps_er *er, 926 struct wps_context *wps, const u8 *uuid, 927 const u8 *addr, struct wpabuf *pubkey); 928 929 int wps_dev_type_str2bin(const char *str, u8 dev_type[WPS_DEV_TYPE_LEN]); 930 char * wps_dev_type_bin2str(const u8 dev_type[WPS_DEV_TYPE_LEN], char *buf, 931 size_t buf_len); 932 void uuid_gen_mac_addr(const u8 *mac_addr, u8 *uuid); 933 u16 wps_config_methods_str2bin(const char *str); 934 struct wpabuf * wps_build_nfc_pw_token(u16 dev_pw_id, 935 const struct wpabuf *pubkey, 936 const struct wpabuf *dev_pw); 937 struct wpabuf * wps_nfc_token_build(int ndef, int id, struct wpabuf *pubkey, 938 struct wpabuf *dev_pw); 939 int wps_nfc_gen_dh(struct wpabuf **pubkey, struct wpabuf **privkey); 940 struct wpabuf * wps_nfc_token_gen(int ndef, int *id, struct wpabuf **pubkey, 941 struct wpabuf **privkey, 942 struct wpabuf **dev_pw); 943 struct wpabuf * wps_build_nfc_handover_req(struct wps_context *ctx, 944 struct wpabuf *nfc_dh_pubkey); 945 struct wpabuf * wps_build_nfc_handover_sel(struct wps_context *ctx, 946 struct wpabuf *nfc_dh_pubkey, 947 const u8 *bssid, int freq); 948 struct wpabuf * wps_build_nfc_handover_req_p2p(struct wps_context *ctx, 949 struct wpabuf *nfc_dh_pubkey); 950 struct wpabuf * wps_build_nfc_handover_sel_p2p(struct wps_context *ctx, 951 int nfc_dev_pw_id, 952 struct wpabuf *nfc_dh_pubkey, 953 struct wpabuf *nfc_dev_pw); 954 955 /* ndef.c */ 956 struct wpabuf * ndef_parse_wifi(const struct wpabuf *buf); 957 struct wpabuf * ndef_build_wifi(const struct wpabuf *buf); 958 struct wpabuf * ndef_parse_p2p(const struct wpabuf *buf); 959 struct wpabuf * ndef_build_p2p(const struct wpabuf *buf); 960 961 #ifdef CONFIG_WPS_STRICT 962 int wps_validate_beacon(const struct wpabuf *wps_ie); 963 int wps_validate_beacon_probe_resp(const struct wpabuf *wps_ie, int probe, 964 const u8 *addr); 965 int wps_validate_probe_req(const struct wpabuf *wps_ie, const u8 *addr); 966 int wps_validate_assoc_req(const struct wpabuf *wps_ie); 967 int wps_validate_assoc_resp(const struct wpabuf *wps_ie); 968 int wps_validate_m1(const struct wpabuf *tlvs); 969 int wps_validate_m2(const struct wpabuf *tlvs); 970 int wps_validate_m2d(const struct wpabuf *tlvs); 971 int wps_validate_m3(const struct wpabuf *tlvs); 972 int wps_validate_m4(const struct wpabuf *tlvs); 973 int wps_validate_m4_encr(const struct wpabuf *tlvs, int wps2); 974 int wps_validate_m5(const struct wpabuf *tlvs); 975 int wps_validate_m5_encr(const struct wpabuf *tlvs, int wps2); 976 int wps_validate_m6(const struct wpabuf *tlvs); 977 int wps_validate_m6_encr(const struct wpabuf *tlvs, int wps2); 978 int wps_validate_m7(const struct wpabuf *tlvs); 979 int wps_validate_m7_encr(const struct wpabuf *tlvs, int ap, int wps2); 980 int wps_validate_m8(const struct wpabuf *tlvs); 981 int wps_validate_m8_encr(const struct wpabuf *tlvs, int ap, int wps2); 982 int wps_validate_wsc_ack(const struct wpabuf *tlvs); 983 int wps_validate_wsc_nack(const struct wpabuf *tlvs); 984 int wps_validate_wsc_done(const struct wpabuf *tlvs); 985 int wps_validate_upnp_set_selected_registrar(const struct wpabuf *tlvs); 986 #else /* CONFIG_WPS_STRICT */ 987 static inline int wps_validate_beacon(const struct wpabuf *wps_ie){ 988 return 0; 989 } 990 991 static inline int wps_validate_beacon_probe_resp(const struct wpabuf *wps_ie, 992 int probe, const u8 *addr) 993 { 994 return 0; 995 } 996 997 static inline int wps_validate_probe_req(const struct wpabuf *wps_ie, 998 const u8 *addr) 999 { 1000 return 0; 1001 } 1002 1003 static inline int wps_validate_assoc_req(const struct wpabuf *wps_ie) 1004 { 1005 return 0; 1006 } 1007 1008 static inline int wps_validate_assoc_resp(const struct wpabuf *wps_ie) 1009 { 1010 return 0; 1011 } 1012 1013 static inline int wps_validate_m1(const struct wpabuf *tlvs) 1014 { 1015 return 0; 1016 } 1017 1018 static inline int wps_validate_m2(const struct wpabuf *tlvs) 1019 { 1020 return 0; 1021 } 1022 1023 static inline int wps_validate_m2d(const struct wpabuf *tlvs) 1024 { 1025 return 0; 1026 } 1027 1028 static inline int wps_validate_m3(const struct wpabuf *tlvs) 1029 { 1030 return 0; 1031 } 1032 1033 static inline int wps_validate_m4(const struct wpabuf *tlvs) 1034 { 1035 return 0; 1036 } 1037 1038 static inline int wps_validate_m4_encr(const struct wpabuf *tlvs, int wps2) 1039 { 1040 return 0; 1041 } 1042 1043 static inline int wps_validate_m5(const struct wpabuf *tlvs) 1044 { 1045 return 0; 1046 } 1047 1048 static inline int wps_validate_m5_encr(const struct wpabuf *tlvs, int wps2) 1049 { 1050 return 0; 1051 } 1052 1053 static inline int wps_validate_m6(const struct wpabuf *tlvs) 1054 { 1055 return 0; 1056 } 1057 1058 static inline int wps_validate_m6_encr(const struct wpabuf *tlvs, int wps2) 1059 { 1060 return 0; 1061 } 1062 1063 static inline int wps_validate_m7(const struct wpabuf *tlvs) 1064 { 1065 return 0; 1066 } 1067 1068 static inline int wps_validate_m7_encr(const struct wpabuf *tlvs, int ap, 1069 int wps2) 1070 { 1071 return 0; 1072 } 1073 1074 static inline int wps_validate_m8(const struct wpabuf *tlvs) 1075 { 1076 return 0; 1077 } 1078 1079 static inline int wps_validate_m8_encr(const struct wpabuf *tlvs, int ap, 1080 int wps2) 1081 { 1082 return 0; 1083 } 1084 1085 static inline int wps_validate_wsc_ack(const struct wpabuf *tlvs) 1086 { 1087 return 0; 1088 } 1089 1090 static inline int wps_validate_wsc_nack(const struct wpabuf *tlvs) 1091 { 1092 return 0; 1093 } 1094 1095 static inline int wps_validate_wsc_done(const struct wpabuf *tlvs) 1096 { 1097 return 0; 1098 } 1099 1100 static inline int wps_validate_upnp_set_selected_registrar( 1101 const struct wpabuf *tlvs) 1102 { 1103 return 0; 1104 } 1105 #endif /* CONFIG_WPS_STRICT */ 1106 1107 #endif /* WPS_H */ 1108