1 /* 2 * Wi-Fi Protected Setup 3 * Copyright (c) 2007-2009, Jouni Malinen <j@w1.fi> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * Alternatively, this software may be distributed under the terms of BSD 10 * license. 11 * 12 * See README and COPYING for more details. 13 */ 14 15 #ifndef WPS_H 16 #define WPS_H 17 18 #include "wps_defs.h" 19 20 /** 21 * enum wsc_op_code - EAP-WSC OP-Code values 22 */ 23 enum wsc_op_code { 24 WSC_UPnP = 0 /* No OP Code in UPnP transport */, 25 WSC_Start = 0x01, 26 WSC_ACK = 0x02, 27 WSC_NACK = 0x03, 28 WSC_MSG = 0x04, 29 WSC_Done = 0x05, 30 WSC_FRAG_ACK = 0x06 31 }; 32 33 struct wps_registrar; 34 struct upnp_wps_device_sm; 35 struct wps_er; 36 37 /** 38 * struct wps_credential - WPS Credential 39 * @ssid: SSID 40 * @ssid_len: Length of SSID 41 * @auth_type: Authentication Type (WPS_AUTH_OPEN, .. flags) 42 * @encr_type: Encryption Type (WPS_ENCR_NONE, .. flags) 43 * @key_idx: Key index 44 * @key: Key 45 * @key_len: Key length in octets 46 * @mac_addr: MAC address of the Credential receiver 47 * @cred_attr: Unparsed Credential attribute data (used only in cred_cb()); 48 * this may be %NULL, if not used 49 * @cred_attr_len: Length of cred_attr in octets 50 */ 51 struct wps_credential { 52 u8 ssid[32]; 53 size_t ssid_len; 54 u16 auth_type; 55 u16 encr_type; 56 u8 key_idx; 57 u8 key[64]; 58 size_t key_len; 59 u8 mac_addr[ETH_ALEN]; 60 const u8 *cred_attr; 61 size_t cred_attr_len; 62 }; 63 64 #define WPS_DEV_TYPE_LEN 8 65 #define WPS_DEV_TYPE_BUFSIZE 21 66 67 /** 68 * struct wps_device_data - WPS Device Data 69 * @mac_addr: Device MAC address 70 * @device_name: Device Name (0..32 octets encoded in UTF-8) 71 * @manufacturer: Manufacturer (0..64 octets encoded in UTF-8) 72 * @model_name: Model Name (0..32 octets encoded in UTF-8) 73 * @model_number: Model Number (0..32 octets encoded in UTF-8) 74 * @serial_number: Serial Number (0..32 octets encoded in UTF-8) 75 * @pri_dev_type: Primary Device Type 76 * @os_version: OS Version 77 * @rf_bands: RF bands (WPS_RF_24GHZ, WPS_RF_50GHZ flags) 78 */ 79 struct wps_device_data { 80 u8 mac_addr[ETH_ALEN]; 81 char *device_name; 82 char *manufacturer; 83 char *model_name; 84 char *model_number; 85 char *serial_number; 86 u8 pri_dev_type[WPS_DEV_TYPE_LEN]; 87 u32 os_version; 88 u8 rf_bands; 89 }; 90 91 struct oob_conf_data { 92 enum { 93 OOB_METHOD_UNKNOWN = 0, 94 OOB_METHOD_DEV_PWD_E, 95 OOB_METHOD_DEV_PWD_R, 96 OOB_METHOD_CRED, 97 } oob_method; 98 struct wpabuf *dev_password; 99 struct wpabuf *pubkey_hash; 100 }; 101 102 /** 103 * struct wps_config - WPS configuration for a single registration protocol run 104 */ 105 struct wps_config { 106 /** 107 * wps - Pointer to long term WPS context 108 */ 109 struct wps_context *wps; 110 111 /** 112 * registrar - Whether this end is a Registrar 113 */ 114 int registrar; 115 116 /** 117 * pin - Enrollee Device Password (%NULL for Registrar or PBC) 118 */ 119 const u8 *pin; 120 121 /** 122 * pin_len - Length on pin in octets 123 */ 124 size_t pin_len; 125 126 /** 127 * pbc - Whether this is protocol run uses PBC 128 */ 129 int pbc; 130 131 /** 132 * assoc_wps_ie: (Re)AssocReq WPS IE (in AP; %NULL if not AP) 133 */ 134 const struct wpabuf *assoc_wps_ie; 135 136 /** 137 * new_ap_settings - New AP settings (%NULL if not used) 138 * 139 * This parameter provides new AP settings when using a wireless 140 * stations as a Registrar to configure the AP. %NULL means that AP 141 * will not be reconfigured, i.e., the station will only learn the 142 * current AP settings by using AP PIN. 143 */ 144 const struct wps_credential *new_ap_settings; 145 146 /** 147 * peer_addr: MAC address of the peer in AP; %NULL if not AP 148 */ 149 const u8 *peer_addr; 150 151 /** 152 * use_psk_key - Use PSK format key in Credential 153 * 154 * Force PSK format to be used instead of ASCII passphrase when 155 * building Credential for an Enrollee. The PSK value is set in 156 * struct wpa_context::psk. 157 */ 158 int use_psk_key; 159 }; 160 161 struct wps_data * wps_init(const struct wps_config *cfg); 162 163 void wps_deinit(struct wps_data *data); 164 165 /** 166 * enum wps_process_res - WPS message processing result 167 */ 168 enum wps_process_res { 169 /** 170 * WPS_DONE - Processing done 171 */ 172 WPS_DONE, 173 174 /** 175 * WPS_CONTINUE - Processing continues 176 */ 177 WPS_CONTINUE, 178 179 /** 180 * WPS_FAILURE - Processing failed 181 */ 182 WPS_FAILURE, 183 184 /** 185 * WPS_PENDING - Processing continues, but waiting for an external 186 * event (e.g., UPnP message from an external Registrar) 187 */ 188 WPS_PENDING 189 }; 190 enum wps_process_res wps_process_msg(struct wps_data *wps, 191 enum wsc_op_code op_code, 192 const struct wpabuf *msg); 193 194 struct wpabuf * wps_get_msg(struct wps_data *wps, enum wsc_op_code *op_code); 195 196 int wps_is_selected_pbc_registrar(const struct wpabuf *msg); 197 int wps_is_selected_pin_registrar(const struct wpabuf *msg); 198 const u8 * wps_get_uuid_e(const struct wpabuf *msg); 199 200 struct wpabuf * wps_build_assoc_req_ie(enum wps_request_type req_type); 201 struct wpabuf * wps_build_assoc_resp_ie(void); 202 struct wpabuf * wps_build_probe_req_ie(int pbc, struct wps_device_data *dev, 203 const u8 *uuid, 204 enum wps_request_type req_type); 205 206 207 /** 208 * struct wps_registrar_config - WPS Registrar configuration 209 */ 210 struct wps_registrar_config { 211 /** 212 * new_psk_cb - Callback for new PSK 213 * @ctx: Higher layer context data (cb_ctx) 214 * @mac_addr: MAC address of the Enrollee 215 * @psk: The new PSK 216 * @psk_len: The length of psk in octets 217 * Returns: 0 on success, -1 on failure 218 * 219 * This callback is called when a new per-device PSK is provisioned. 220 */ 221 int (*new_psk_cb)(void *ctx, const u8 *mac_addr, const u8 *psk, 222 size_t psk_len); 223 224 /** 225 * set_ie_cb - Callback for WPS IE changes 226 * @ctx: Higher layer context data (cb_ctx) 227 * @beacon_ie: WPS IE for Beacon 228 * @probe_resp_ie: WPS IE for Probe Response 229 * Returns: 0 on success, -1 on failure 230 * 231 * This callback is called whenever the WPS IE in Beacon or Probe 232 * Response frames needs to be changed (AP only). Callee is responsible 233 * for freeing the buffers. 234 */ 235 int (*set_ie_cb)(void *ctx, struct wpabuf *beacon_ie, 236 struct wpabuf *probe_resp_ie); 237 238 /** 239 * pin_needed_cb - Callback for requesting a PIN 240 * @ctx: Higher layer context data (cb_ctx) 241 * @uuid_e: UUID-E of the unknown Enrollee 242 * @dev: Device Data from the unknown Enrollee 243 * 244 * This callback is called whenever an unknown Enrollee requests to use 245 * PIN method and a matching PIN (Device Password) is not found in 246 * Registrar data. 247 */ 248 void (*pin_needed_cb)(void *ctx, const u8 *uuid_e, 249 const struct wps_device_data *dev); 250 251 /** 252 * reg_success_cb - Callback for reporting successful registration 253 * @ctx: Higher layer context data (cb_ctx) 254 * @mac_addr: MAC address of the Enrollee 255 * @uuid_e: UUID-E of the Enrollee 256 * 257 * This callback is called whenever an Enrollee completes registration 258 * successfully. 259 */ 260 void (*reg_success_cb)(void *ctx, const u8 *mac_addr, 261 const u8 *uuid_e); 262 263 /** 264 * set_sel_reg_cb - Callback for reporting selected registrar changes 265 * @ctx: Higher layer context data (cb_ctx) 266 * @sel_reg: Whether the Registrar is selected 267 * @dev_passwd_id: Device Password ID to indicate with method or 268 * specific password the Registrar intends to use 269 * @sel_reg_config_methods: Bit field of active config methods 270 * 271 * This callback is called whenever the Selected Registrar state 272 * changes (e.g., a new PIN becomes available or PBC is invoked). This 273 * callback is only used by External Registrar implementation; 274 * set_ie_cb() is used by AP implementation in similar caes, but it 275 * provides the full WPS IE data instead of just the minimal Registrar 276 * state information. 277 */ 278 void (*set_sel_reg_cb)(void *ctx, int sel_reg, u16 dev_passwd_id, 279 u16 sel_reg_config_methods); 280 281 /** 282 * enrollee_seen_cb - Callback for reporting Enrollee based on ProbeReq 283 * @ctx: Higher layer context data (cb_ctx) 284 * @addr: MAC address of the Enrollee 285 * @uuid_e: UUID of the Enrollee 286 * @pri_dev_type: Primary device type 287 * @config_methods: Config Methods 288 * @dev_password_id: Device Password ID 289 * @request_type: Request Type 290 * @dev_name: Device Name (if available) 291 */ 292 void (*enrollee_seen_cb)(void *ctx, const u8 *addr, const u8 *uuid_e, 293 const u8 *pri_dev_type, u16 config_methods, 294 u16 dev_password_id, u8 request_type, 295 const char *dev_name); 296 297 /** 298 * cb_ctx: Higher layer context data for Registrar callbacks 299 */ 300 void *cb_ctx; 301 302 /** 303 * skip_cred_build: Do not build credential 304 * 305 * This option can be used to disable internal code that builds 306 * Credential attribute into M8 based on the current network 307 * configuration and Enrollee capabilities. The extra_cred data will 308 * then be used as the Credential(s). 309 */ 310 int skip_cred_build; 311 312 /** 313 * extra_cred: Additional Credential attribute(s) 314 * 315 * This optional data (set to %NULL to disable) can be used to add 316 * Credential attribute(s) for other networks into M8. If 317 * skip_cred_build is set, this will also override the automatically 318 * generated Credential attribute. 319 */ 320 const u8 *extra_cred; 321 322 /** 323 * extra_cred_len: Length of extra_cred in octets 324 */ 325 size_t extra_cred_len; 326 327 /** 328 * disable_auto_conf - Disable auto-configuration on first registration 329 * 330 * By default, the AP that is started in not configured state will 331 * generate a random PSK and move to configured state when the first 332 * registration protocol run is completed successfully. This option can 333 * be used to disable this functionality and leave it up to an external 334 * program to take care of configuration. This requires the extra_cred 335 * to be set with a suitable Credential and skip_cred_build being used. 336 */ 337 int disable_auto_conf; 338 339 /** 340 * static_wep_only - Whether the BSS supports only static WEP 341 */ 342 int static_wep_only; 343 }; 344 345 346 /** 347 * enum wps_event - WPS event types 348 */ 349 enum wps_event { 350 /** 351 * WPS_EV_M2D - M2D received (Registrar did not know us) 352 */ 353 WPS_EV_M2D, 354 355 /** 356 * WPS_EV_FAIL - Registration failed 357 */ 358 WPS_EV_FAIL, 359 360 /** 361 * WPS_EV_SUCCESS - Registration succeeded 362 */ 363 WPS_EV_SUCCESS, 364 365 /** 366 * WPS_EV_PWD_AUTH_FAIL - Password authentication failed 367 */ 368 WPS_EV_PWD_AUTH_FAIL, 369 370 /** 371 * WPS_EV_PBC_OVERLAP - PBC session overlap detected 372 */ 373 WPS_EV_PBC_OVERLAP, 374 375 /** 376 * WPS_EV_PBC_TIMEOUT - PBC walktime expired before protocol run start 377 */ 378 WPS_EV_PBC_TIMEOUT, 379 380 /** 381 * WPS_EV_ER_AP_ADD - ER: AP added 382 */ 383 WPS_EV_ER_AP_ADD, 384 385 /** 386 * WPS_EV_ER_AP_REMOVE - ER: AP removed 387 */ 388 WPS_EV_ER_AP_REMOVE, 389 390 /** 391 * WPS_EV_ER_ENROLLEE_ADD - ER: Enrollee added 392 */ 393 WPS_EV_ER_ENROLLEE_ADD, 394 395 /** 396 * WPS_EV_ER_ENROLLEE_REMOVE - ER: Enrollee removed 397 */ 398 WPS_EV_ER_ENROLLEE_REMOVE 399 }; 400 401 /** 402 * union wps_event_data - WPS event data 403 */ 404 union wps_event_data { 405 /** 406 * struct wps_event_m2d - M2D event data 407 */ 408 struct wps_event_m2d { 409 u16 config_methods; 410 const u8 *manufacturer; 411 size_t manufacturer_len; 412 const u8 *model_name; 413 size_t model_name_len; 414 const u8 *model_number; 415 size_t model_number_len; 416 const u8 *serial_number; 417 size_t serial_number_len; 418 const u8 *dev_name; 419 size_t dev_name_len; 420 const u8 *primary_dev_type; /* 8 octets */ 421 u16 config_error; 422 u16 dev_password_id; 423 } m2d; 424 425 /** 426 * struct wps_event_fail - Registration failure information 427 * @msg: enum wps_msg_type 428 */ 429 struct wps_event_fail { 430 int msg; 431 } fail; 432 433 struct wps_event_pwd_auth_fail { 434 int enrollee; 435 int part; 436 } pwd_auth_fail; 437 438 struct wps_event_er_ap { 439 const u8 *uuid; 440 const u8 *mac_addr; 441 const char *friendly_name; 442 const char *manufacturer; 443 const char *manufacturer_url; 444 const char *model_description; 445 const char *model_name; 446 const char *model_number; 447 const char *model_url; 448 const char *serial_number; 449 const char *upc; 450 const u8 *pri_dev_type; 451 u8 wps_state; 452 } ap; 453 454 struct wps_event_er_enrollee { 455 const u8 *uuid; 456 const u8 *mac_addr; 457 int m1_received; 458 u16 config_methods; 459 u16 dev_passwd_id; 460 const u8 *pri_dev_type; 461 const char *dev_name; 462 const char *manufacturer; 463 const char *model_name; 464 const char *model_number; 465 const char *serial_number; 466 } enrollee; 467 }; 468 469 /** 470 * struct upnp_pending_message - Pending PutWLANResponse messages 471 * @next: Pointer to next pending message or %NULL 472 * @addr: NewWLANEventMAC 473 * @msg: NewMessage 474 * @type: Message Type 475 */ 476 struct upnp_pending_message { 477 struct upnp_pending_message *next; 478 u8 addr[ETH_ALEN]; 479 struct wpabuf *msg; 480 enum wps_msg_type type; 481 }; 482 483 /** 484 * struct wps_context - Long term WPS context data 485 * 486 * This data is stored at the higher layer Authenticator or Supplicant data 487 * structures and it is maintained over multiple registration protocol runs. 488 */ 489 struct wps_context { 490 /** 491 * ap - Whether the local end is an access point 492 */ 493 int ap; 494 495 /** 496 * registrar - Pointer to WPS registrar data from wps_registrar_init() 497 */ 498 struct wps_registrar *registrar; 499 500 /** 501 * wps_state - Current WPS state 502 */ 503 enum wps_state wps_state; 504 505 /** 506 * ap_setup_locked - Whether AP setup is locked (only used at AP) 507 */ 508 int ap_setup_locked; 509 510 /** 511 * uuid - Own UUID 512 */ 513 u8 uuid[16]; 514 515 /** 516 * ssid - SSID 517 * 518 * This SSID is used by the Registrar to fill in information for 519 * Credentials. In addition, AP uses it when acting as an Enrollee to 520 * notify Registrar of the current configuration. 521 */ 522 u8 ssid[32]; 523 524 /** 525 * ssid_len - Length of ssid in octets 526 */ 527 size_t ssid_len; 528 529 /** 530 * dev - Own WPS device data 531 */ 532 struct wps_device_data dev; 533 534 /** 535 * oob_conf - OOB Config data 536 */ 537 struct oob_conf_data oob_conf; 538 539 /** 540 * oob_dev_pw_id - OOB Device password id 541 */ 542 u16 oob_dev_pw_id; 543 544 /** 545 * dh_ctx - Context data for Diffie-Hellman operation 546 */ 547 void *dh_ctx; 548 549 /** 550 * dh_privkey - Diffie-Hellman private key 551 */ 552 struct wpabuf *dh_privkey; 553 554 /** 555 * dh_pubkey_oob - Diffie-Hellman public key 556 */ 557 struct wpabuf *dh_pubkey; 558 559 /** 560 * config_methods - Enabled configuration methods 561 * 562 * Bit field of WPS_CONFIG_* 563 */ 564 u16 config_methods; 565 566 /** 567 * encr_types - Enabled encryption types (bit field of WPS_ENCR_*) 568 */ 569 u16 encr_types; 570 571 /** 572 * auth_types - Authentication types (bit field of WPS_AUTH_*) 573 */ 574 u16 auth_types; 575 576 /** 577 * network_key - The current Network Key (PSK) or %NULL to generate new 578 * 579 * If %NULL, Registrar will generate per-device PSK. In addition, AP 580 * uses this when acting as an Enrollee to notify Registrar of the 581 * current configuration. 582 * 583 * When using WPA/WPA2-Person, this key can be either the ASCII 584 * passphrase (8..63 characters) or the 32-octet PSK (64 hex 585 * characters). When this is set to the ASCII passphrase, the PSK can 586 * be provided in the psk buffer and used per-Enrollee to control which 587 * key type is included in the Credential (e.g., to reduce calculation 588 * need on low-powered devices by provisioning PSK while still allowing 589 * other devices to get the passphrase). 590 */ 591 u8 *network_key; 592 593 /** 594 * network_key_len - Length of network_key in octets 595 */ 596 size_t network_key_len; 597 598 /** 599 * psk - The current network PSK 600 * 601 * This optional value can be used to provide the current PSK if 602 * network_key is set to the ASCII passphrase. 603 */ 604 u8 psk[32]; 605 606 /** 607 * psk_set - Whether psk value is set 608 */ 609 int psk_set; 610 611 /** 612 * ap_settings - AP Settings override for M7 (only used at AP) 613 * 614 * If %NULL, AP Settings attributes will be generated based on the 615 * current network configuration. 616 */ 617 u8 *ap_settings; 618 619 /** 620 * ap_settings_len - Length of ap_settings in octets 621 */ 622 size_t ap_settings_len; 623 624 /** 625 * friendly_name - Friendly Name (required for UPnP) 626 */ 627 char *friendly_name; 628 629 /** 630 * manufacturer_url - Manufacturer URL (optional for UPnP) 631 */ 632 char *manufacturer_url; 633 634 /** 635 * model_description - Model Description (recommended for UPnP) 636 */ 637 char *model_description; 638 639 /** 640 * model_url - Model URL (optional for UPnP) 641 */ 642 char *model_url; 643 644 /** 645 * upc - Universal Product Code (optional for UPnP) 646 */ 647 char *upc; 648 649 /** 650 * cred_cb - Callback to notify that new Credentials were received 651 * @ctx: Higher layer context data (cb_ctx) 652 * @cred: The received Credential 653 * Return: 0 on success, -1 on failure 654 */ 655 int (*cred_cb)(void *ctx, const struct wps_credential *cred); 656 657 /** 658 * event_cb - Event callback (state information about progress) 659 * @ctx: Higher layer context data (cb_ctx) 660 * @event: Event type 661 * @data: Event data 662 */ 663 void (*event_cb)(void *ctx, enum wps_event event, 664 union wps_event_data *data); 665 666 /** 667 * cb_ctx: Higher layer context data for callbacks 668 */ 669 void *cb_ctx; 670 671 struct upnp_wps_device_sm *wps_upnp; 672 673 /* Pending messages from UPnP PutWLANResponse */ 674 struct upnp_pending_message *upnp_msgs; 675 }; 676 677 struct oob_device_data { 678 char *device_name; 679 char *device_path; 680 void * (*init_func)(struct wps_context *, struct oob_device_data *, 681 int); 682 struct wpabuf * (*read_func)(void *); 683 int (*write_func)(void *, struct wpabuf *); 684 void (*deinit_func)(void *); 685 }; 686 687 struct oob_nfc_device_data { 688 int (*init_func)(char *); 689 void * (*read_func)(size_t *); 690 int (*write_func)(void *, size_t); 691 void (*deinit_func)(void); 692 }; 693 694 struct wps_registrar * 695 wps_registrar_init(struct wps_context *wps, 696 const struct wps_registrar_config *cfg); 697 void wps_registrar_deinit(struct wps_registrar *reg); 698 int wps_registrar_add_pin(struct wps_registrar *reg, const u8 *uuid, 699 const u8 *pin, size_t pin_len, int timeout); 700 int wps_registrar_invalidate_pin(struct wps_registrar *reg, const u8 *uuid); 701 int wps_registrar_unlock_pin(struct wps_registrar *reg, const u8 *uuid); 702 int wps_registrar_button_pushed(struct wps_registrar *reg); 703 void wps_registrar_probe_req_rx(struct wps_registrar *reg, const u8 *addr, 704 const struct wpabuf *wps_data); 705 int wps_registrar_update_ie(struct wps_registrar *reg); 706 int wps_registrar_get_info(struct wps_registrar *reg, const u8 *addr, 707 char *buf, size_t buflen); 708 709 unsigned int wps_pin_checksum(unsigned int pin); 710 unsigned int wps_pin_valid(unsigned int pin); 711 unsigned int wps_generate_pin(void); 712 void wps_free_pending_msgs(struct upnp_pending_message *msgs); 713 714 struct oob_device_data * wps_get_oob_device(char *device_type); 715 struct oob_nfc_device_data * wps_get_oob_nfc_device(char *device_name); 716 int wps_get_oob_method(char *method); 717 int wps_process_oob(struct wps_context *wps, struct oob_device_data *oob_dev, 718 int registrar); 719 int wps_attr_text(struct wpabuf *data, char *buf, char *end); 720 721 struct wps_er * wps_er_init(struct wps_context *wps, const char *ifname); 722 void wps_er_refresh(struct wps_er *er); 723 void wps_er_deinit(struct wps_er *er, void (*cb)(void *ctx), void *ctx); 724 void wps_er_set_sel_reg(struct wps_er *er, int sel_reg, u16 dev_passwd_id, 725 u16 sel_reg_config_methods); 726 int wps_er_pbc(struct wps_er *er, const u8 *uuid); 727 int wps_er_learn(struct wps_er *er, const u8 *uuid, const u8 *pin, 728 size_t pin_len); 729 730 int wps_dev_type_str2bin(const char *str, u8 dev_type[WPS_DEV_TYPE_LEN]); 731 char * wps_dev_type_bin2str(const u8 dev_type[WPS_DEV_TYPE_LEN], char *buf, 732 size_t buf_len); 733 void uuid_gen_mac_addr(const u8 *mac_addr, u8 *uuid); 734 u16 wps_config_methods_str2bin(const char *str); 735 736 #endif /* WPS_H */ 737