xref: /freebsd/contrib/wpa/src/wps/wps.h (revision b740c88bfb6453416926271c089262e7164dace3)
1 /*
2  * Wi-Fi Protected Setup
3  * Copyright (c) 2007-2013, Jouni Malinen <j@w1.fi>
4  *
5  * This software may be distributed under the terms of the BSD license.
6  * See README for more details.
7  */
8 
9 #ifndef WPS_H
10 #define WPS_H
11 
12 #include "wps_defs.h"
13 
14 /**
15  * enum wsc_op_code - EAP-WSC OP-Code values
16  */
17 enum wsc_op_code {
18 	WSC_UPnP = 0 /* No OP Code in UPnP transport */,
19 	WSC_Start = 0x01,
20 	WSC_ACK = 0x02,
21 	WSC_NACK = 0x03,
22 	WSC_MSG = 0x04,
23 	WSC_Done = 0x05,
24 	WSC_FRAG_ACK = 0x06
25 };
26 
27 struct wps_registrar;
28 struct upnp_wps_device_sm;
29 struct wps_er;
30 struct wps_parse_attr;
31 
32 /**
33  * struct wps_credential - WPS Credential
34  * @ssid: SSID
35  * @ssid_len: Length of SSID
36  * @auth_type: Authentication Type (WPS_AUTH_OPEN, .. flags)
37  * @encr_type: Encryption Type (WPS_ENCR_NONE, .. flags)
38  * @key_idx: Key index
39  * @key: Key
40  * @key_len: Key length in octets
41  * @mac_addr: MAC address of the Credential receiver
42  * @cred_attr: Unparsed Credential attribute data (used only in cred_cb());
43  *	this may be %NULL, if not used
44  * @cred_attr_len: Length of cred_attr in octets
45  */
46 struct wps_credential {
47 	u8 ssid[32];
48 	size_t ssid_len;
49 	u16 auth_type;
50 	u16 encr_type;
51 	u8 key_idx;
52 	u8 key[64];
53 	size_t key_len;
54 	u8 mac_addr[ETH_ALEN];
55 	const u8 *cred_attr;
56 	size_t cred_attr_len;
57 };
58 
59 #define WPS_DEV_TYPE_LEN 8
60 #define WPS_DEV_TYPE_BUFSIZE 21
61 #define WPS_SEC_DEV_TYPE_MAX_LEN 128
62 /* maximum number of advertised WPS vendor extension attributes */
63 #define MAX_WPS_VENDOR_EXTENSIONS 10
64 /* maximum size of WPS Vendor extension attribute */
65 #define WPS_MAX_VENDOR_EXT_LEN 1024
66 /* maximum number of parsed WPS vendor extension attributes */
67 #define MAX_WPS_PARSE_VENDOR_EXT 10
68 
69 /**
70  * struct wps_device_data - WPS Device Data
71  * @mac_addr: Device MAC address
72  * @device_name: Device Name (0..32 octets encoded in UTF-8)
73  * @manufacturer: Manufacturer (0..64 octets encoded in UTF-8)
74  * @model_name: Model Name (0..32 octets encoded in UTF-8)
75  * @model_number: Model Number (0..32 octets encoded in UTF-8)
76  * @serial_number: Serial Number (0..32 octets encoded in UTF-8)
77  * @pri_dev_type: Primary Device Type
78  * @sec_dev_type: Array of secondary device types
79  * @num_sec_dev_type: Number of secondary device types
80  * @os_version: OS Version
81  * @rf_bands: RF bands (WPS_RF_24GHZ, WPS_RF_50GHZ flags)
82  * @p2p: Whether the device is a P2P device
83  */
84 struct wps_device_data {
85 	u8 mac_addr[ETH_ALEN];
86 	char *device_name;
87 	char *manufacturer;
88 	char *model_name;
89 	char *model_number;
90 	char *serial_number;
91 	u8 pri_dev_type[WPS_DEV_TYPE_LEN];
92 #define WPS_SEC_DEVICE_TYPES 5
93 	u8 sec_dev_type[WPS_SEC_DEVICE_TYPES][WPS_DEV_TYPE_LEN];
94 	u8 num_sec_dev_types;
95 	u32 os_version;
96 	u8 rf_bands;
97 	u16 config_methods;
98 	struct wpabuf *vendor_ext_m1;
99 	struct wpabuf *vendor_ext[MAX_WPS_VENDOR_EXTENSIONS];
100 
101 	int p2p;
102 };
103 
104 /**
105  * struct wps_config - WPS configuration for a single registration protocol run
106  */
107 struct wps_config {
108 	/**
109 	 * wps - Pointer to long term WPS context
110 	 */
111 	struct wps_context *wps;
112 
113 	/**
114 	 * registrar - Whether this end is a Registrar
115 	 */
116 	int registrar;
117 
118 	/**
119 	 * pin - Enrollee Device Password (%NULL for Registrar or PBC)
120 	 */
121 	const u8 *pin;
122 
123 	/**
124 	 * pin_len - Length on pin in octets
125 	 */
126 	size_t pin_len;
127 
128 	/**
129 	 * pbc - Whether this is protocol run uses PBC
130 	 */
131 	int pbc;
132 
133 	/**
134 	 * assoc_wps_ie: (Re)AssocReq WPS IE (in AP; %NULL if not AP)
135 	 */
136 	const struct wpabuf *assoc_wps_ie;
137 
138 	/**
139 	 * new_ap_settings - New AP settings (%NULL if not used)
140 	 *
141 	 * This parameter provides new AP settings when using a wireless
142 	 * stations as a Registrar to configure the AP. %NULL means that AP
143 	 * will not be reconfigured, i.e., the station will only learn the
144 	 * current AP settings by using AP PIN.
145 	 */
146 	const struct wps_credential *new_ap_settings;
147 
148 	/**
149 	 * peer_addr: MAC address of the peer in AP; %NULL if not AP
150 	 */
151 	const u8 *peer_addr;
152 
153 	/**
154 	 * use_psk_key - Use PSK format key in Credential
155 	 *
156 	 * Force PSK format to be used instead of ASCII passphrase when
157 	 * building Credential for an Enrollee. The PSK value is set in
158 	 * struct wpa_context::psk.
159 	 */
160 	int use_psk_key;
161 
162 	/**
163 	 * dev_pw_id - Device Password ID for Enrollee when PIN is used
164 	 */
165 	u16 dev_pw_id;
166 
167 	/**
168 	 * p2p_dev_addr - P2P Device Address from (Re)Association Request
169 	 *
170 	 * On AP/GO, this is set to the P2P Device Address of the associating
171 	 * P2P client if a P2P IE is included in the (Re)Association Request
172 	 * frame and the P2P Device Address is included. Otherwise, this is set
173 	 * to %NULL to indicate the station does not have a P2P Device Address.
174 	 */
175 	const u8 *p2p_dev_addr;
176 
177 	/**
178 	 * pbc_in_m1 - Do not remove PushButton config method in M1 (AP)
179 	 *
180 	 * This can be used to enable a workaround to allow Windows 7 to use
181 	 * PBC with the AP.
182 	 */
183 	int pbc_in_m1;
184 
185 	/**
186 	 * peer_pubkey_hash - Peer public key hash or %NULL if not known
187 	 */
188 	const u8 *peer_pubkey_hash;
189 };
190 
191 struct wps_data * wps_init(const struct wps_config *cfg);
192 
193 void wps_deinit(struct wps_data *data);
194 
195 /**
196  * enum wps_process_res - WPS message processing result
197  */
198 enum wps_process_res {
199 	/**
200 	 * WPS_DONE - Processing done
201 	 */
202 	WPS_DONE,
203 
204 	/**
205 	 * WPS_CONTINUE - Processing continues
206 	 */
207 	WPS_CONTINUE,
208 
209 	/**
210 	 * WPS_FAILURE - Processing failed
211 	 */
212 	WPS_FAILURE,
213 
214 	/**
215 	 * WPS_PENDING - Processing continues, but waiting for an external
216 	 *	event (e.g., UPnP message from an external Registrar)
217 	 */
218 	WPS_PENDING
219 };
220 enum wps_process_res wps_process_msg(struct wps_data *wps,
221 				     enum wsc_op_code op_code,
222 				     const struct wpabuf *msg);
223 
224 struct wpabuf * wps_get_msg(struct wps_data *wps, enum wsc_op_code *op_code);
225 
226 int wps_is_selected_pbc_registrar(const struct wpabuf *msg);
227 int wps_is_selected_pin_registrar(const struct wpabuf *msg);
228 int wps_ap_priority_compar(const struct wpabuf *wps_a,
229 			   const struct wpabuf *wps_b);
230 int wps_is_addr_authorized(const struct wpabuf *msg, const u8 *addr,
231 			   int ver1_compat);
232 const u8 * wps_get_uuid_e(const struct wpabuf *msg);
233 int wps_is_20(const struct wpabuf *msg);
234 
235 struct wpabuf * wps_build_assoc_req_ie(enum wps_request_type req_type);
236 struct wpabuf * wps_build_assoc_resp_ie(void);
237 struct wpabuf * wps_build_probe_req_ie(u16 pw_id, struct wps_device_data *dev,
238 				       const u8 *uuid,
239 				       enum wps_request_type req_type,
240 				       unsigned int num_req_dev_types,
241 				       const u8 *req_dev_types);
242 
243 
244 /**
245  * struct wps_registrar_config - WPS Registrar configuration
246  */
247 struct wps_registrar_config {
248 	/**
249 	 * new_psk_cb - Callback for new PSK
250 	 * @ctx: Higher layer context data (cb_ctx)
251 	 * @mac_addr: MAC address of the Enrollee
252 	 * @p2p_dev_addr: P2P Device Address of the Enrollee or all zeros if not
253 	 * @psk: The new PSK
254 	 * @psk_len: The length of psk in octets
255 	 * Returns: 0 on success, -1 on failure
256 	 *
257 	 * This callback is called when a new per-device PSK is provisioned.
258 	 */
259 	int (*new_psk_cb)(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr,
260 			  const u8 *psk, size_t psk_len);
261 
262 	/**
263 	 * set_ie_cb - Callback for WPS IE changes
264 	 * @ctx: Higher layer context data (cb_ctx)
265 	 * @beacon_ie: WPS IE for Beacon
266 	 * @probe_resp_ie: WPS IE for Probe Response
267 	 * Returns: 0 on success, -1 on failure
268 	 *
269 	 * This callback is called whenever the WPS IE in Beacon or Probe
270 	 * Response frames needs to be changed (AP only). Callee is responsible
271 	 * for freeing the buffers.
272 	 */
273 	int (*set_ie_cb)(void *ctx, struct wpabuf *beacon_ie,
274 			 struct wpabuf *probe_resp_ie);
275 
276 	/**
277 	 * pin_needed_cb - Callback for requesting a PIN
278 	 * @ctx: Higher layer context data (cb_ctx)
279 	 * @uuid_e: UUID-E of the unknown Enrollee
280 	 * @dev: Device Data from the unknown Enrollee
281 	 *
282 	 * This callback is called whenever an unknown Enrollee requests to use
283 	 * PIN method and a matching PIN (Device Password) is not found in
284 	 * Registrar data.
285 	 */
286 	void (*pin_needed_cb)(void *ctx, const u8 *uuid_e,
287 			      const struct wps_device_data *dev);
288 
289 	/**
290 	 * reg_success_cb - Callback for reporting successful registration
291 	 * @ctx: Higher layer context data (cb_ctx)
292 	 * @mac_addr: MAC address of the Enrollee
293 	 * @uuid_e: UUID-E of the Enrollee
294 	 * @dev_pw: Device Password (PIN) used during registration
295 	 * @dev_pw_len: Length of dev_pw in octets
296 	 *
297 	 * This callback is called whenever an Enrollee completes registration
298 	 * successfully.
299 	 */
300 	void (*reg_success_cb)(void *ctx, const u8 *mac_addr,
301 			       const u8 *uuid_e, const u8 *dev_pw,
302 			       size_t dev_pw_len);
303 
304 	/**
305 	 * set_sel_reg_cb - Callback for reporting selected registrar changes
306 	 * @ctx: Higher layer context data (cb_ctx)
307 	 * @sel_reg: Whether the Registrar is selected
308 	 * @dev_passwd_id: Device Password ID to indicate with method or
309 	 *	specific password the Registrar intends to use
310 	 * @sel_reg_config_methods: Bit field of active config methods
311 	 *
312 	 * This callback is called whenever the Selected Registrar state
313 	 * changes (e.g., a new PIN becomes available or PBC is invoked). This
314 	 * callback is only used by External Registrar implementation;
315 	 * set_ie_cb() is used by AP implementation in similar caes, but it
316 	 * provides the full WPS IE data instead of just the minimal Registrar
317 	 * state information.
318 	 */
319 	void (*set_sel_reg_cb)(void *ctx, int sel_reg, u16 dev_passwd_id,
320 			       u16 sel_reg_config_methods);
321 
322 	/**
323 	 * enrollee_seen_cb - Callback for reporting Enrollee based on ProbeReq
324 	 * @ctx: Higher layer context data (cb_ctx)
325 	 * @addr: MAC address of the Enrollee
326 	 * @uuid_e: UUID of the Enrollee
327 	 * @pri_dev_type: Primary device type
328 	 * @config_methods: Config Methods
329 	 * @dev_password_id: Device Password ID
330 	 * @request_type: Request Type
331 	 * @dev_name: Device Name (if available)
332 	 */
333 	void (*enrollee_seen_cb)(void *ctx, const u8 *addr, const u8 *uuid_e,
334 				 const u8 *pri_dev_type, u16 config_methods,
335 				 u16 dev_password_id, u8 request_type,
336 				 const char *dev_name);
337 
338 	/**
339 	 * cb_ctx: Higher layer context data for Registrar callbacks
340 	 */
341 	void *cb_ctx;
342 
343 	/**
344 	 * skip_cred_build: Do not build credential
345 	 *
346 	 * This option can be used to disable internal code that builds
347 	 * Credential attribute into M8 based on the current network
348 	 * configuration and Enrollee capabilities. The extra_cred data will
349 	 * then be used as the Credential(s).
350 	 */
351 	int skip_cred_build;
352 
353 	/**
354 	 * extra_cred: Additional Credential attribute(s)
355 	 *
356 	 * This optional data (set to %NULL to disable) can be used to add
357 	 * Credential attribute(s) for other networks into M8. If
358 	 * skip_cred_build is set, this will also override the automatically
359 	 * generated Credential attribute.
360 	 */
361 	const u8 *extra_cred;
362 
363 	/**
364 	 * extra_cred_len: Length of extra_cred in octets
365 	 */
366 	size_t extra_cred_len;
367 
368 	/**
369 	 * disable_auto_conf - Disable auto-configuration on first registration
370 	 *
371 	 * By default, the AP that is started in not configured state will
372 	 * generate a random PSK and move to configured state when the first
373 	 * registration protocol run is completed successfully. This option can
374 	 * be used to disable this functionality and leave it up to an external
375 	 * program to take care of configuration. This requires the extra_cred
376 	 * to be set with a suitable Credential and skip_cred_build being used.
377 	 */
378 	int disable_auto_conf;
379 
380 	/**
381 	 * static_wep_only - Whether the BSS supports only static WEP
382 	 */
383 	int static_wep_only;
384 
385 	/**
386 	 * dualband - Whether this is a concurrent dualband AP
387 	 */
388 	int dualband;
389 
390 	/**
391 	 * force_per_enrollee_psk - Force per-Enrollee random PSK
392 	 *
393 	 * This forces per-Enrollee random PSK to be generated even if a default
394 	 * PSK is set for a network.
395 	 */
396 	int force_per_enrollee_psk;
397 };
398 
399 
400 /**
401  * enum wps_event - WPS event types
402  */
403 enum wps_event {
404 	/**
405 	 * WPS_EV_M2D - M2D received (Registrar did not know us)
406 	 */
407 	WPS_EV_M2D,
408 
409 	/**
410 	 * WPS_EV_FAIL - Registration failed
411 	 */
412 	WPS_EV_FAIL,
413 
414 	/**
415 	 * WPS_EV_SUCCESS - Registration succeeded
416 	 */
417 	WPS_EV_SUCCESS,
418 
419 	/**
420 	 * WPS_EV_PWD_AUTH_FAIL - Password authentication failed
421 	 */
422 	WPS_EV_PWD_AUTH_FAIL,
423 
424 	/**
425 	 * WPS_EV_PBC_OVERLAP - PBC session overlap detected
426 	 */
427 	WPS_EV_PBC_OVERLAP,
428 
429 	/**
430 	 * WPS_EV_PBC_TIMEOUT - PBC walktime expired before protocol run start
431 	 */
432 	WPS_EV_PBC_TIMEOUT,
433 
434 	/**
435 	 * WPS_EV_PBC_ACTIVE - PBC mode was activated
436 	 */
437 	WPS_EV_PBC_ACTIVE,
438 
439 	/**
440 	 * WPS_EV_PBC_DISABLE - PBC mode was disabled
441 	 */
442 	WPS_EV_PBC_DISABLE,
443 
444 	/**
445 	 * WPS_EV_ER_AP_ADD - ER: AP added
446 	 */
447 	WPS_EV_ER_AP_ADD,
448 
449 	/**
450 	 * WPS_EV_ER_AP_REMOVE - ER: AP removed
451 	 */
452 	WPS_EV_ER_AP_REMOVE,
453 
454 	/**
455 	 * WPS_EV_ER_ENROLLEE_ADD - ER: Enrollee added
456 	 */
457 	WPS_EV_ER_ENROLLEE_ADD,
458 
459 	/**
460 	 * WPS_EV_ER_ENROLLEE_REMOVE - ER: Enrollee removed
461 	 */
462 	WPS_EV_ER_ENROLLEE_REMOVE,
463 
464 	/**
465 	 * WPS_EV_ER_AP_SETTINGS - ER: AP Settings learned
466 	 */
467 	WPS_EV_ER_AP_SETTINGS,
468 
469 	/**
470 	 * WPS_EV_ER_SET_SELECTED_REGISTRAR - ER: SetSelectedRegistrar event
471 	 */
472 	WPS_EV_ER_SET_SELECTED_REGISTRAR,
473 
474 	/**
475 	 * WPS_EV_AP_PIN_SUCCESS - External Registrar used correct AP PIN
476 	 */
477 	WPS_EV_AP_PIN_SUCCESS
478 };
479 
480 /**
481  * union wps_event_data - WPS event data
482  */
483 union wps_event_data {
484 	/**
485 	 * struct wps_event_m2d - M2D event data
486 	 */
487 	struct wps_event_m2d {
488 		u16 config_methods;
489 		const u8 *manufacturer;
490 		size_t manufacturer_len;
491 		const u8 *model_name;
492 		size_t model_name_len;
493 		const u8 *model_number;
494 		size_t model_number_len;
495 		const u8 *serial_number;
496 		size_t serial_number_len;
497 		const u8 *dev_name;
498 		size_t dev_name_len;
499 		const u8 *primary_dev_type; /* 8 octets */
500 		u16 config_error;
501 		u16 dev_password_id;
502 	} m2d;
503 
504 	/**
505 	 * struct wps_event_fail - Registration failure information
506 	 * @msg: enum wps_msg_type
507 	 */
508 	struct wps_event_fail {
509 		int msg;
510 		u16 config_error;
511 		u16 error_indication;
512 		u8 peer_macaddr[ETH_ALEN];
513 	} fail;
514 
515 	struct wps_event_success {
516 		u8 peer_macaddr[ETH_ALEN];
517 	} success;
518 
519 	struct wps_event_pwd_auth_fail {
520 		int enrollee;
521 		int part;
522 		u8 peer_macaddr[ETH_ALEN];
523 	} pwd_auth_fail;
524 
525 	struct wps_event_er_ap {
526 		const u8 *uuid;
527 		const u8 *mac_addr;
528 		const char *friendly_name;
529 		const char *manufacturer;
530 		const char *manufacturer_url;
531 		const char *model_description;
532 		const char *model_name;
533 		const char *model_number;
534 		const char *model_url;
535 		const char *serial_number;
536 		const char *upc;
537 		const u8 *pri_dev_type;
538 		u8 wps_state;
539 	} ap;
540 
541 	struct wps_event_er_enrollee {
542 		const u8 *uuid;
543 		const u8 *mac_addr;
544 		int m1_received;
545 		u16 config_methods;
546 		u16 dev_passwd_id;
547 		const u8 *pri_dev_type;
548 		const char *dev_name;
549 		const char *manufacturer;
550 		const char *model_name;
551 		const char *model_number;
552 		const char *serial_number;
553 	} enrollee;
554 
555 	struct wps_event_er_ap_settings {
556 		const u8 *uuid;
557 		const struct wps_credential *cred;
558 	} ap_settings;
559 
560 	struct wps_event_er_set_selected_registrar {
561 		const u8 *uuid;
562 		int sel_reg;
563 		u16 dev_passwd_id;
564 		u16 sel_reg_config_methods;
565 		enum {
566 			WPS_ER_SET_SEL_REG_START,
567 			WPS_ER_SET_SEL_REG_DONE,
568 			WPS_ER_SET_SEL_REG_FAILED
569 		} state;
570 	} set_sel_reg;
571 };
572 
573 /**
574  * struct upnp_pending_message - Pending PutWLANResponse messages
575  * @next: Pointer to next pending message or %NULL
576  * @addr: NewWLANEventMAC
577  * @msg: NewMessage
578  * @type: Message Type
579  */
580 struct upnp_pending_message {
581 	struct upnp_pending_message *next;
582 	u8 addr[ETH_ALEN];
583 	struct wpabuf *msg;
584 	enum wps_msg_type type;
585 };
586 
587 /**
588  * struct wps_context - Long term WPS context data
589  *
590  * This data is stored at the higher layer Authenticator or Supplicant data
591  * structures and it is maintained over multiple registration protocol runs.
592  */
593 struct wps_context {
594 	/**
595 	 * ap - Whether the local end is an access point
596 	 */
597 	int ap;
598 
599 	/**
600 	 * registrar - Pointer to WPS registrar data from wps_registrar_init()
601 	 */
602 	struct wps_registrar *registrar;
603 
604 	/**
605 	 * wps_state - Current WPS state
606 	 */
607 	enum wps_state wps_state;
608 
609 	/**
610 	 * ap_setup_locked - Whether AP setup is locked (only used at AP)
611 	 */
612 	int ap_setup_locked;
613 
614 	/**
615 	 * uuid - Own UUID
616 	 */
617 	u8 uuid[16];
618 
619 	/**
620 	 * ssid - SSID
621 	 *
622 	 * This SSID is used by the Registrar to fill in information for
623 	 * Credentials. In addition, AP uses it when acting as an Enrollee to
624 	 * notify Registrar of the current configuration.
625 	 */
626 	u8 ssid[32];
627 
628 	/**
629 	 * ssid_len - Length of ssid in octets
630 	 */
631 	size_t ssid_len;
632 
633 	/**
634 	 * dev - Own WPS device data
635 	 */
636 	struct wps_device_data dev;
637 
638 	/**
639 	 * dh_ctx - Context data for Diffie-Hellman operation
640 	 */
641 	void *dh_ctx;
642 
643 	/**
644 	 * dh_privkey - Diffie-Hellman private key
645 	 */
646 	struct wpabuf *dh_privkey;
647 
648 	/**
649 	 * dh_pubkey_oob - Diffie-Hellman public key
650 	 */
651 	struct wpabuf *dh_pubkey;
652 
653 	/**
654 	 * config_methods - Enabled configuration methods
655 	 *
656 	 * Bit field of WPS_CONFIG_*
657 	 */
658 	u16 config_methods;
659 
660 	/**
661 	 * encr_types - Enabled encryption types (bit field of WPS_ENCR_*)
662 	 */
663 	u16 encr_types;
664 
665 	/**
666 	 * auth_types - Authentication types (bit field of WPS_AUTH_*)
667 	 */
668 	u16 auth_types;
669 
670 	/**
671 	 * encr_types - Current AP encryption type (WPS_ENCR_*)
672 	 */
673 	u16 ap_encr_type;
674 
675 	/**
676 	 * ap_auth_type - Current AP authentication types (WPS_AUTH_*)
677 	 */
678 	u16 ap_auth_type;
679 
680 	/**
681 	 * network_key - The current Network Key (PSK) or %NULL to generate new
682 	 *
683 	 * If %NULL, Registrar will generate per-device PSK. In addition, AP
684 	 * uses this when acting as an Enrollee to notify Registrar of the
685 	 * current configuration.
686 	 *
687 	 * When using WPA/WPA2-Person, this key can be either the ASCII
688 	 * passphrase (8..63 characters) or the 32-octet PSK (64 hex
689 	 * characters). When this is set to the ASCII passphrase, the PSK can
690 	 * be provided in the psk buffer and used per-Enrollee to control which
691 	 * key type is included in the Credential (e.g., to reduce calculation
692 	 * need on low-powered devices by provisioning PSK while still allowing
693 	 * other devices to get the passphrase).
694 	 */
695 	u8 *network_key;
696 
697 	/**
698 	 * network_key_len - Length of network_key in octets
699 	 */
700 	size_t network_key_len;
701 
702 	/**
703 	 * psk - The current network PSK
704 	 *
705 	 * This optional value can be used to provide the current PSK if
706 	 * network_key is set to the ASCII passphrase.
707 	 */
708 	u8 psk[32];
709 
710 	/**
711 	 * psk_set - Whether psk value is set
712 	 */
713 	int psk_set;
714 
715 	/**
716 	 * ap_settings - AP Settings override for M7 (only used at AP)
717 	 *
718 	 * If %NULL, AP Settings attributes will be generated based on the
719 	 * current network configuration.
720 	 */
721 	u8 *ap_settings;
722 
723 	/**
724 	 * ap_settings_len - Length of ap_settings in octets
725 	 */
726 	size_t ap_settings_len;
727 
728 	/**
729 	 * friendly_name - Friendly Name (required for UPnP)
730 	 */
731 	char *friendly_name;
732 
733 	/**
734 	 * manufacturer_url - Manufacturer URL (optional for UPnP)
735 	 */
736 	char *manufacturer_url;
737 
738 	/**
739 	 * model_description - Model Description (recommended for UPnP)
740 	 */
741 	char *model_description;
742 
743 	/**
744 	 * model_url - Model URL (optional for UPnP)
745 	 */
746 	char *model_url;
747 
748 	/**
749 	 * upc - Universal Product Code (optional for UPnP)
750 	 */
751 	char *upc;
752 
753 	/**
754 	 * cred_cb - Callback to notify that new Credentials were received
755 	 * @ctx: Higher layer context data (cb_ctx)
756 	 * @cred: The received Credential
757 	 * Return: 0 on success, -1 on failure
758 	 */
759 	int (*cred_cb)(void *ctx, const struct wps_credential *cred);
760 
761 	/**
762 	 * event_cb - Event callback (state information about progress)
763 	 * @ctx: Higher layer context data (cb_ctx)
764 	 * @event: Event type
765 	 * @data: Event data
766 	 */
767 	void (*event_cb)(void *ctx, enum wps_event event,
768 			 union wps_event_data *data);
769 
770 	/**
771 	 * rf_band_cb - Fetch currently used RF band
772 	 * @ctx: Higher layer context data (cb_ctx)
773 	 * Return: Current used RF band or 0 if not known
774 	 */
775 	int (*rf_band_cb)(void *ctx);
776 
777 	/**
778 	 * cb_ctx: Higher layer context data for callbacks
779 	 */
780 	void *cb_ctx;
781 
782 	struct upnp_wps_device_sm *wps_upnp;
783 
784 	/* Pending messages from UPnP PutWLANResponse */
785 	struct upnp_pending_message *upnp_msgs;
786 
787 	u16 ap_nfc_dev_pw_id;
788 	struct wpabuf *ap_nfc_dh_pubkey;
789 	struct wpabuf *ap_nfc_dh_privkey;
790 	struct wpabuf *ap_nfc_dev_pw;
791 };
792 
793 struct wps_registrar *
794 wps_registrar_init(struct wps_context *wps,
795 		   const struct wps_registrar_config *cfg);
796 void wps_registrar_deinit(struct wps_registrar *reg);
797 int wps_registrar_add_pin(struct wps_registrar *reg, const u8 *addr,
798 			  const u8 *uuid, const u8 *pin, size_t pin_len,
799 			  int timeout);
800 int wps_registrar_invalidate_pin(struct wps_registrar *reg, const u8 *uuid);
801 int wps_registrar_wps_cancel(struct wps_registrar *reg);
802 int wps_registrar_unlock_pin(struct wps_registrar *reg, const u8 *uuid);
803 int wps_registrar_button_pushed(struct wps_registrar *reg,
804 				const u8 *p2p_dev_addr);
805 void wps_registrar_complete(struct wps_registrar *registrar, const u8 *uuid_e,
806 			    const u8 *dev_pw, size_t dev_pw_len);
807 void wps_registrar_probe_req_rx(struct wps_registrar *reg, const u8 *addr,
808 				const struct wpabuf *wps_data,
809 				int p2p_wildcard);
810 int wps_registrar_update_ie(struct wps_registrar *reg);
811 int wps_registrar_get_info(struct wps_registrar *reg, const u8 *addr,
812 			   char *buf, size_t buflen);
813 int wps_registrar_config_ap(struct wps_registrar *reg,
814 			    struct wps_credential *cred);
815 int wps_registrar_add_nfc_pw_token(struct wps_registrar *reg,
816 				   const u8 *pubkey_hash, u16 pw_id,
817 				   const u8 *dev_pw, size_t dev_pw_len,
818 				   int pk_hash_provided_oob);
819 int wps_registrar_add_nfc_password_token(struct wps_registrar *reg,
820 					 const u8 *oob_dev_pw,
821 					 size_t oob_dev_pw_len);
822 void wps_registrar_flush(struct wps_registrar *reg);
823 
824 int wps_build_credential_wrap(struct wpabuf *msg,
825 			      const struct wps_credential *cred);
826 
827 unsigned int wps_pin_checksum(unsigned int pin);
828 unsigned int wps_pin_valid(unsigned int pin);
829 unsigned int wps_generate_pin(void);
830 int wps_pin_str_valid(const char *pin);
831 void wps_free_pending_msgs(struct upnp_pending_message *msgs);
832 
833 struct wpabuf * wps_get_oob_cred(struct wps_context *wps, int rf_band,
834 				 int channel);
835 int wps_oob_use_cred(struct wps_context *wps, struct wps_parse_attr *attr);
836 int wps_attr_text(struct wpabuf *data, char *buf, char *end);
837 const char * wps_ei_str(enum wps_error_indication ei);
838 
839 struct wps_er * wps_er_init(struct wps_context *wps, const char *ifname,
840 			    const char *filter);
841 void wps_er_refresh(struct wps_er *er);
842 void wps_er_deinit(struct wps_er *er, void (*cb)(void *ctx), void *ctx);
843 void wps_er_set_sel_reg(struct wps_er *er, int sel_reg, u16 dev_passwd_id,
844 			u16 sel_reg_config_methods);
845 int wps_er_pbc(struct wps_er *er, const u8 *uuid, const u8 *addr);
846 const u8 * wps_er_get_sta_uuid(struct wps_er *er, const u8 *addr);
847 int wps_er_learn(struct wps_er *er, const u8 *uuid, const u8 *addr,
848 		 const u8 *pin, size_t pin_len);
849 int wps_er_set_config(struct wps_er *er, const u8 *uuid, const u8 *addr,
850 		      const struct wps_credential *cred);
851 int wps_er_config(struct wps_er *er, const u8 *uuid, const u8 *addr,
852 		  const u8 *pin, size_t pin_len,
853 		  const struct wps_credential *cred);
854 struct wpabuf * wps_er_config_token_from_cred(struct wps_context *wps,
855 					      struct wps_credential *cred);
856 struct wpabuf * wps_er_nfc_config_token(struct wps_er *er, const u8 *uuid,
857 					const u8 *addr);
858 struct wpabuf * wps_er_nfc_handover_sel(struct wps_er *er,
859 					struct wps_context *wps, const u8 *uuid,
860 					const u8 *addr, struct wpabuf *pubkey);
861 
862 int wps_dev_type_str2bin(const char *str, u8 dev_type[WPS_DEV_TYPE_LEN]);
863 char * wps_dev_type_bin2str(const u8 dev_type[WPS_DEV_TYPE_LEN], char *buf,
864 			    size_t buf_len);
865 void uuid_gen_mac_addr(const u8 *mac_addr, u8 *uuid);
866 u16 wps_config_methods_str2bin(const char *str);
867 struct wpabuf * wps_build_nfc_pw_token(u16 dev_pw_id,
868 				       const struct wpabuf *pubkey,
869 				       const struct wpabuf *dev_pw);
870 struct wpabuf * wps_nfc_token_build(int ndef, int id, struct wpabuf *pubkey,
871 				    struct wpabuf *dev_pw);
872 int wps_nfc_gen_dh(struct wpabuf **pubkey, struct wpabuf **privkey);
873 struct wpabuf * wps_nfc_token_gen(int ndef, int *id, struct wpabuf **pubkey,
874 				  struct wpabuf **privkey,
875 				  struct wpabuf **dev_pw);
876 struct wpabuf * wps_build_nfc_handover_req(struct wps_context *ctx,
877 					   struct wpabuf *nfc_dh_pubkey);
878 struct wpabuf * wps_build_nfc_handover_sel(struct wps_context *ctx,
879 					   struct wpabuf *nfc_dh_pubkey,
880 					   const u8 *bssid, int freq);
881 struct wpabuf * wps_build_nfc_handover_req_p2p(struct wps_context *ctx,
882 					       struct wpabuf *nfc_dh_pubkey);
883 struct wpabuf * wps_build_nfc_handover_sel_p2p(struct wps_context *ctx,
884 					       int nfc_dev_pw_id,
885 					       struct wpabuf *nfc_dh_pubkey,
886 					       struct wpabuf *nfc_dev_pw);
887 
888 /* ndef.c */
889 struct wpabuf * ndef_parse_wifi(const struct wpabuf *buf);
890 struct wpabuf * ndef_build_wifi(const struct wpabuf *buf);
891 struct wpabuf * ndef_parse_p2p(const struct wpabuf *buf);
892 struct wpabuf * ndef_build_p2p(const struct wpabuf *buf);
893 
894 #ifdef CONFIG_WPS_STRICT
895 int wps_validate_beacon(const struct wpabuf *wps_ie);
896 int wps_validate_beacon_probe_resp(const struct wpabuf *wps_ie, int probe,
897 				   const u8 *addr);
898 int wps_validate_probe_req(const struct wpabuf *wps_ie, const u8 *addr);
899 int wps_validate_assoc_req(const struct wpabuf *wps_ie);
900 int wps_validate_assoc_resp(const struct wpabuf *wps_ie);
901 int wps_validate_m1(const struct wpabuf *tlvs);
902 int wps_validate_m2(const struct wpabuf *tlvs);
903 int wps_validate_m2d(const struct wpabuf *tlvs);
904 int wps_validate_m3(const struct wpabuf *tlvs);
905 int wps_validate_m4(const struct wpabuf *tlvs);
906 int wps_validate_m4_encr(const struct wpabuf *tlvs, int wps2);
907 int wps_validate_m5(const struct wpabuf *tlvs);
908 int wps_validate_m5_encr(const struct wpabuf *tlvs, int wps2);
909 int wps_validate_m6(const struct wpabuf *tlvs);
910 int wps_validate_m6_encr(const struct wpabuf *tlvs, int wps2);
911 int wps_validate_m7(const struct wpabuf *tlvs);
912 int wps_validate_m7_encr(const struct wpabuf *tlvs, int ap, int wps2);
913 int wps_validate_m8(const struct wpabuf *tlvs);
914 int wps_validate_m8_encr(const struct wpabuf *tlvs, int ap, int wps2);
915 int wps_validate_wsc_ack(const struct wpabuf *tlvs);
916 int wps_validate_wsc_nack(const struct wpabuf *tlvs);
917 int wps_validate_wsc_done(const struct wpabuf *tlvs);
918 int wps_validate_upnp_set_selected_registrar(const struct wpabuf *tlvs);
919 #else /* CONFIG_WPS_STRICT */
920 static inline int wps_validate_beacon(const struct wpabuf *wps_ie){
921 	return 0;
922 }
923 
924 static inline int wps_validate_beacon_probe_resp(const struct wpabuf *wps_ie,
925 						 int probe, const u8 *addr)
926 {
927 	return 0;
928 }
929 
930 static inline int wps_validate_probe_req(const struct wpabuf *wps_ie,
931 					 const u8 *addr)
932 {
933 	return 0;
934 }
935 
936 static inline int wps_validate_assoc_req(const struct wpabuf *wps_ie)
937 {
938 	return 0;
939 }
940 
941 static inline int wps_validate_assoc_resp(const struct wpabuf *wps_ie)
942 {
943 	return 0;
944 }
945 
946 static inline int wps_validate_m1(const struct wpabuf *tlvs)
947 {
948 	return 0;
949 }
950 
951 static inline int wps_validate_m2(const struct wpabuf *tlvs)
952 {
953 	return 0;
954 }
955 
956 static inline int wps_validate_m2d(const struct wpabuf *tlvs)
957 {
958 	return 0;
959 }
960 
961 static inline int wps_validate_m3(const struct wpabuf *tlvs)
962 {
963 	return 0;
964 }
965 
966 static inline int wps_validate_m4(const struct wpabuf *tlvs)
967 {
968 	return 0;
969 }
970 
971 static inline int wps_validate_m4_encr(const struct wpabuf *tlvs, int wps2)
972 {
973 	return 0;
974 }
975 
976 static inline int wps_validate_m5(const struct wpabuf *tlvs)
977 {
978 	return 0;
979 }
980 
981 static inline int wps_validate_m5_encr(const struct wpabuf *tlvs, int wps2)
982 {
983 	return 0;
984 }
985 
986 static inline int wps_validate_m6(const struct wpabuf *tlvs)
987 {
988 	return 0;
989 }
990 
991 static inline int wps_validate_m6_encr(const struct wpabuf *tlvs, int wps2)
992 {
993 	return 0;
994 }
995 
996 static inline int wps_validate_m7(const struct wpabuf *tlvs)
997 {
998 	return 0;
999 }
1000 
1001 static inline int wps_validate_m7_encr(const struct wpabuf *tlvs, int ap,
1002 				       int wps2)
1003 {
1004 	return 0;
1005 }
1006 
1007 static inline int wps_validate_m8(const struct wpabuf *tlvs)
1008 {
1009 	return 0;
1010 }
1011 
1012 static inline int wps_validate_m8_encr(const struct wpabuf *tlvs, int ap,
1013 				       int wps2)
1014 {
1015 	return 0;
1016 }
1017 
1018 static inline int wps_validate_wsc_ack(const struct wpabuf *tlvs)
1019 {
1020 	return 0;
1021 }
1022 
1023 static inline int wps_validate_wsc_nack(const struct wpabuf *tlvs)
1024 {
1025 	return 0;
1026 }
1027 
1028 static inline int wps_validate_wsc_done(const struct wpabuf *tlvs)
1029 {
1030 	return 0;
1031 }
1032 
1033 static inline int wps_validate_upnp_set_selected_registrar(
1034 	const struct wpabuf *tlvs)
1035 {
1036 	return 0;
1037 }
1038 #endif /* CONFIG_WPS_STRICT */
1039 
1040 #endif /* WPS_H */
1041