1f05cddf9SRui Paulo /*
2f05cddf9SRui Paulo * Wi-Fi Protected Setup - Strict protocol validation routines
3f05cddf9SRui Paulo * Copyright (c) 2010, Atheros Communications, Inc.
4f05cddf9SRui Paulo *
5f05cddf9SRui Paulo * This software may be distributed under the terms of the BSD license.
6f05cddf9SRui Paulo * See README for more details.
7f05cddf9SRui Paulo */
8f05cddf9SRui Paulo
9f05cddf9SRui Paulo #include "utils/includes.h"
10f05cddf9SRui Paulo
11f05cddf9SRui Paulo #include "utils/common.h"
12f05cddf9SRui Paulo #include "wps_i.h"
13f05cddf9SRui Paulo #include "wps.h"
14f05cddf9SRui Paulo
15f05cddf9SRui Paulo
16f05cddf9SRui Paulo #ifndef WPS_STRICT_ALL
17f05cddf9SRui Paulo #define WPS_STRICT_WPS2
18f05cddf9SRui Paulo #endif /* WPS_STRICT_ALL */
19f05cddf9SRui Paulo
20f05cddf9SRui Paulo
wps_validate_version(const u8 * version,int mandatory)21f05cddf9SRui Paulo static int wps_validate_version(const u8 *version, int mandatory)
22f05cddf9SRui Paulo {
23f05cddf9SRui Paulo if (version == NULL) {
24f05cddf9SRui Paulo if (mandatory) {
25f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Version attribute "
26f05cddf9SRui Paulo "missing");
27f05cddf9SRui Paulo return -1;
28f05cddf9SRui Paulo }
29f05cddf9SRui Paulo return 0;
30f05cddf9SRui Paulo }
31f05cddf9SRui Paulo if (*version != 0x10) {
32f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Version attribute "
33f05cddf9SRui Paulo "value 0x%x", *version);
34f05cddf9SRui Paulo return -1;
35f05cddf9SRui Paulo }
36f05cddf9SRui Paulo return 0;
37f05cddf9SRui Paulo }
38f05cddf9SRui Paulo
39f05cddf9SRui Paulo
wps_validate_version2(const u8 * version2,int mandatory)40f05cddf9SRui Paulo static int wps_validate_version2(const u8 *version2, int mandatory)
41f05cddf9SRui Paulo {
42f05cddf9SRui Paulo if (version2 == NULL) {
43f05cddf9SRui Paulo if (mandatory) {
44f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Version2 attribute "
45f05cddf9SRui Paulo "missing");
46f05cddf9SRui Paulo return -1;
47f05cddf9SRui Paulo }
48f05cddf9SRui Paulo return 0;
49f05cddf9SRui Paulo }
50f05cddf9SRui Paulo if (*version2 < 0x20) {
51f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Version2 attribute "
52f05cddf9SRui Paulo "value 0x%x", *version2);
53f05cddf9SRui Paulo return -1;
54f05cddf9SRui Paulo }
55f05cddf9SRui Paulo return 0;
56f05cddf9SRui Paulo }
57f05cddf9SRui Paulo
58f05cddf9SRui Paulo
wps_validate_request_type(const u8 * request_type,int mandatory)59f05cddf9SRui Paulo static int wps_validate_request_type(const u8 *request_type, int mandatory)
60f05cddf9SRui Paulo {
61f05cddf9SRui Paulo if (request_type == NULL) {
62f05cddf9SRui Paulo if (mandatory) {
63f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Request Type "
64f05cddf9SRui Paulo "attribute missing");
65f05cddf9SRui Paulo return -1;
66f05cddf9SRui Paulo }
67f05cddf9SRui Paulo return 0;
68f05cddf9SRui Paulo }
69f05cddf9SRui Paulo if (*request_type > 0x03) {
70f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Request Type "
71f05cddf9SRui Paulo "attribute value 0x%x", *request_type);
72f05cddf9SRui Paulo return -1;
73f05cddf9SRui Paulo }
74f05cddf9SRui Paulo return 0;
75f05cddf9SRui Paulo }
76f05cddf9SRui Paulo
77f05cddf9SRui Paulo
wps_validate_response_type(const u8 * response_type,int mandatory)78f05cddf9SRui Paulo static int wps_validate_response_type(const u8 *response_type, int mandatory)
79f05cddf9SRui Paulo {
80f05cddf9SRui Paulo if (response_type == NULL) {
81f05cddf9SRui Paulo if (mandatory) {
82f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Response Type "
83f05cddf9SRui Paulo "attribute missing");
84f05cddf9SRui Paulo return -1;
85f05cddf9SRui Paulo }
86f05cddf9SRui Paulo return 0;
87f05cddf9SRui Paulo }
88f05cddf9SRui Paulo if (*response_type > 0x03) {
89f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Response Type "
90f05cddf9SRui Paulo "attribute value 0x%x", *response_type);
91f05cddf9SRui Paulo return -1;
92f05cddf9SRui Paulo }
93f05cddf9SRui Paulo return 0;
94f05cddf9SRui Paulo }
95f05cddf9SRui Paulo
96f05cddf9SRui Paulo
valid_config_methods(u16 val,int wps2)97f05cddf9SRui Paulo static int valid_config_methods(u16 val, int wps2)
98f05cddf9SRui Paulo {
99f05cddf9SRui Paulo if (wps2) {
100f05cddf9SRui Paulo if ((val & 0x6000) && !(val & WPS_CONFIG_DISPLAY)) {
101f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Physical/Virtual "
102f05cddf9SRui Paulo "Display flag without old Display flag "
103f05cddf9SRui Paulo "set");
104f05cddf9SRui Paulo return 0;
105f05cddf9SRui Paulo }
106f05cddf9SRui Paulo if (!(val & 0x6000) && (val & WPS_CONFIG_DISPLAY)) {
107f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Display flag "
108f05cddf9SRui Paulo "without Physical/Virtual Display flag");
109f05cddf9SRui Paulo return 0;
110f05cddf9SRui Paulo }
111f05cddf9SRui Paulo if ((val & 0x0600) && !(val & WPS_CONFIG_PUSHBUTTON)) {
112f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Physical/Virtual "
113f05cddf9SRui Paulo "PushButton flag without old PushButton "
114f05cddf9SRui Paulo "flag set");
115f05cddf9SRui Paulo return 0;
116f05cddf9SRui Paulo }
117f05cddf9SRui Paulo if (!(val & 0x0600) && (val & WPS_CONFIG_PUSHBUTTON)) {
118f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: PushButton flag "
119f05cddf9SRui Paulo "without Physical/Virtual PushButton flag");
120f05cddf9SRui Paulo return 0;
121f05cddf9SRui Paulo }
122f05cddf9SRui Paulo }
123f05cddf9SRui Paulo
124f05cddf9SRui Paulo return 1;
125f05cddf9SRui Paulo }
126f05cddf9SRui Paulo
127f05cddf9SRui Paulo
wps_validate_config_methods(const u8 * config_methods,int wps2,int mandatory)128f05cddf9SRui Paulo static int wps_validate_config_methods(const u8 *config_methods, int wps2,
129f05cddf9SRui Paulo int mandatory)
130f05cddf9SRui Paulo {
131f05cddf9SRui Paulo u16 val;
132f05cddf9SRui Paulo
133f05cddf9SRui Paulo if (config_methods == NULL) {
134f05cddf9SRui Paulo if (mandatory) {
135f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Configuration "
136f05cddf9SRui Paulo "Methods attribute missing");
137f05cddf9SRui Paulo return -1;
138f05cddf9SRui Paulo }
139f05cddf9SRui Paulo return 0;
140f05cddf9SRui Paulo }
141f05cddf9SRui Paulo
142f05cddf9SRui Paulo val = WPA_GET_BE16(config_methods);
143f05cddf9SRui Paulo if (!valid_config_methods(val, wps2)) {
144f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Configuration "
145f05cddf9SRui Paulo "Methods attribute value 0x%04x", val);
146f05cddf9SRui Paulo return -1;
147f05cddf9SRui Paulo }
148f05cddf9SRui Paulo return 0;
149f05cddf9SRui Paulo }
150f05cddf9SRui Paulo
151f05cddf9SRui Paulo
wps_validate_ap_config_methods(const u8 * config_methods,int wps2,int mandatory)152f05cddf9SRui Paulo static int wps_validate_ap_config_methods(const u8 *config_methods, int wps2,
153f05cddf9SRui Paulo int mandatory)
154f05cddf9SRui Paulo {
155f05cddf9SRui Paulo u16 val;
156f05cddf9SRui Paulo
157f05cddf9SRui Paulo if (wps_validate_config_methods(config_methods, wps2, mandatory) < 0)
158f05cddf9SRui Paulo return -1;
159f05cddf9SRui Paulo if (config_methods == NULL)
160f05cddf9SRui Paulo return 0;
161f05cddf9SRui Paulo val = WPA_GET_BE16(config_methods);
162f05cddf9SRui Paulo if (val & WPS_CONFIG_PUSHBUTTON) {
163f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Configuration "
164f05cddf9SRui Paulo "Methods attribute value 0x%04x in AP info "
165f05cddf9SRui Paulo "(PushButton not allowed for registering new ER)",
166f05cddf9SRui Paulo val);
167f05cddf9SRui Paulo return -1;
168f05cddf9SRui Paulo }
169f05cddf9SRui Paulo return 0;
170f05cddf9SRui Paulo }
171f05cddf9SRui Paulo
172f05cddf9SRui Paulo
wps_validate_uuid_e(const u8 * uuid_e,int mandatory)173f05cddf9SRui Paulo static int wps_validate_uuid_e(const u8 *uuid_e, int mandatory)
174f05cddf9SRui Paulo {
175f05cddf9SRui Paulo if (uuid_e == NULL) {
176f05cddf9SRui Paulo if (mandatory) {
177f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: UUID-E "
178f05cddf9SRui Paulo "attribute missing");
179f05cddf9SRui Paulo return -1;
180f05cddf9SRui Paulo }
181f05cddf9SRui Paulo return 0;
182f05cddf9SRui Paulo }
183f05cddf9SRui Paulo return 0;
184f05cddf9SRui Paulo }
185f05cddf9SRui Paulo
186f05cddf9SRui Paulo
wps_validate_uuid_r(const u8 * uuid_r,int mandatory)187f05cddf9SRui Paulo static int wps_validate_uuid_r(const u8 *uuid_r, int mandatory)
188f05cddf9SRui Paulo {
189f05cddf9SRui Paulo if (uuid_r == NULL) {
190f05cddf9SRui Paulo if (mandatory) {
191f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: UUID-R "
192f05cddf9SRui Paulo "attribute missing");
193f05cddf9SRui Paulo return -1;
194f05cddf9SRui Paulo }
195f05cddf9SRui Paulo return 0;
196f05cddf9SRui Paulo }
197f05cddf9SRui Paulo return 0;
198f05cddf9SRui Paulo }
199f05cddf9SRui Paulo
200f05cddf9SRui Paulo
wps_validate_primary_dev_type(const u8 * primary_dev_type,int mandatory)201f05cddf9SRui Paulo static int wps_validate_primary_dev_type(const u8 *primary_dev_type,
202f05cddf9SRui Paulo int mandatory)
203f05cddf9SRui Paulo {
204f05cddf9SRui Paulo if (primary_dev_type == NULL) {
205f05cddf9SRui Paulo if (mandatory) {
206f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Primary Device Type "
207f05cddf9SRui Paulo "attribute missing");
208f05cddf9SRui Paulo return -1;
209f05cddf9SRui Paulo }
210f05cddf9SRui Paulo return 0;
211f05cddf9SRui Paulo }
212f05cddf9SRui Paulo return 0;
213f05cddf9SRui Paulo }
214f05cddf9SRui Paulo
215f05cddf9SRui Paulo
wps_validate_rf_bands(const u8 * rf_bands,int mandatory)216f05cddf9SRui Paulo static int wps_validate_rf_bands(const u8 *rf_bands, int mandatory)
217f05cddf9SRui Paulo {
218f05cddf9SRui Paulo if (rf_bands == NULL) {
219f05cddf9SRui Paulo if (mandatory) {
220f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: RF Bands "
221f05cddf9SRui Paulo "attribute missing");
222f05cddf9SRui Paulo return -1;
223f05cddf9SRui Paulo }
224f05cddf9SRui Paulo return 0;
225f05cddf9SRui Paulo }
226f05cddf9SRui Paulo if (*rf_bands != WPS_RF_24GHZ && *rf_bands != WPS_RF_50GHZ &&
227325151a3SRui Paulo *rf_bands != WPS_RF_60GHZ &&
228325151a3SRui Paulo *rf_bands != (WPS_RF_24GHZ | WPS_RF_50GHZ | WPS_RF_60GHZ) &&
229f05cddf9SRui Paulo *rf_bands != (WPS_RF_24GHZ | WPS_RF_50GHZ)) {
230f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Rf Bands "
231f05cddf9SRui Paulo "attribute value 0x%x", *rf_bands);
232f05cddf9SRui Paulo return -1;
233f05cddf9SRui Paulo }
234f05cddf9SRui Paulo return 0;
235f05cddf9SRui Paulo }
236f05cddf9SRui Paulo
237f05cddf9SRui Paulo
wps_validate_assoc_state(const u8 * assoc_state,int mandatory)238f05cddf9SRui Paulo static int wps_validate_assoc_state(const u8 *assoc_state, int mandatory)
239f05cddf9SRui Paulo {
240f05cddf9SRui Paulo u16 val;
241f05cddf9SRui Paulo if (assoc_state == NULL) {
242f05cddf9SRui Paulo if (mandatory) {
243f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Association State "
244f05cddf9SRui Paulo "attribute missing");
245f05cddf9SRui Paulo return -1;
246f05cddf9SRui Paulo }
247f05cddf9SRui Paulo return 0;
248f05cddf9SRui Paulo }
249f05cddf9SRui Paulo val = WPA_GET_BE16(assoc_state);
250f05cddf9SRui Paulo if (val > 4) {
251f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Association State "
252f05cddf9SRui Paulo "attribute value 0x%04x", val);
253f05cddf9SRui Paulo return -1;
254f05cddf9SRui Paulo }
255f05cddf9SRui Paulo return 0;
256f05cddf9SRui Paulo }
257f05cddf9SRui Paulo
258f05cddf9SRui Paulo
wps_validate_config_error(const u8 * config_error,int mandatory)259f05cddf9SRui Paulo static int wps_validate_config_error(const u8 *config_error, int mandatory)
260f05cddf9SRui Paulo {
261f05cddf9SRui Paulo u16 val;
262f05cddf9SRui Paulo
263f05cddf9SRui Paulo if (config_error == NULL) {
264f05cddf9SRui Paulo if (mandatory) {
265f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Configuration Error "
266f05cddf9SRui Paulo "attribute missing");
267f05cddf9SRui Paulo return -1;
268f05cddf9SRui Paulo }
269f05cddf9SRui Paulo return 0;
270f05cddf9SRui Paulo }
271f05cddf9SRui Paulo val = WPA_GET_BE16(config_error);
2725b9c547cSRui Paulo if (val > 20) {
273f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Configuration Error "
274f05cddf9SRui Paulo "attribute value 0x%04x", val);
275f05cddf9SRui Paulo return -1;
276f05cddf9SRui Paulo }
277f05cddf9SRui Paulo return 0;
278f05cddf9SRui Paulo }
279f05cddf9SRui Paulo
280f05cddf9SRui Paulo
wps_validate_dev_password_id(const u8 * dev_password_id,int mandatory)281f05cddf9SRui Paulo static int wps_validate_dev_password_id(const u8 *dev_password_id,
282f05cddf9SRui Paulo int mandatory)
283f05cddf9SRui Paulo {
284f05cddf9SRui Paulo u16 val;
285f05cddf9SRui Paulo
286f05cddf9SRui Paulo if (dev_password_id == NULL) {
287f05cddf9SRui Paulo if (mandatory) {
288f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Device Password ID "
289f05cddf9SRui Paulo "attribute missing");
290f05cddf9SRui Paulo return -1;
291f05cddf9SRui Paulo }
292f05cddf9SRui Paulo return 0;
293f05cddf9SRui Paulo }
294f05cddf9SRui Paulo val = WPA_GET_BE16(dev_password_id);
2955b9c547cSRui Paulo if (val >= 0x0008 && val <= 0x000f) {
296f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Device Password ID "
297f05cddf9SRui Paulo "attribute value 0x%04x", val);
298f05cddf9SRui Paulo return -1;
299f05cddf9SRui Paulo }
300f05cddf9SRui Paulo return 0;
301f05cddf9SRui Paulo }
302f05cddf9SRui Paulo
303f05cddf9SRui Paulo
wps_validate_manufacturer(const u8 * manufacturer,size_t len,int mandatory)304f05cddf9SRui Paulo static int wps_validate_manufacturer(const u8 *manufacturer, size_t len,
305f05cddf9SRui Paulo int mandatory)
306f05cddf9SRui Paulo {
307f05cddf9SRui Paulo if (manufacturer == NULL) {
308f05cddf9SRui Paulo if (mandatory) {
309f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Manufacturer "
310f05cddf9SRui Paulo "attribute missing");
311f05cddf9SRui Paulo return -1;
312f05cddf9SRui Paulo }
313f05cddf9SRui Paulo return 0;
314f05cddf9SRui Paulo }
315f05cddf9SRui Paulo if (len > 0 && manufacturer[len - 1] == 0) {
316f05cddf9SRui Paulo wpa_hexdump_ascii(MSG_INFO, "WPS-STRICT: Invalid Manufacturer "
317f05cddf9SRui Paulo "attribute value", manufacturer, len);
318f05cddf9SRui Paulo return -1;
319f05cddf9SRui Paulo }
320f05cddf9SRui Paulo return 0;
321f05cddf9SRui Paulo }
322f05cddf9SRui Paulo
323f05cddf9SRui Paulo
wps_validate_model_name(const u8 * model_name,size_t len,int mandatory)324f05cddf9SRui Paulo static int wps_validate_model_name(const u8 *model_name, size_t len,
325f05cddf9SRui Paulo int mandatory)
326f05cddf9SRui Paulo {
327f05cddf9SRui Paulo if (model_name == NULL) {
328f05cddf9SRui Paulo if (mandatory) {
329f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Model Name "
330f05cddf9SRui Paulo "attribute missing");
331f05cddf9SRui Paulo return -1;
332f05cddf9SRui Paulo }
333f05cddf9SRui Paulo return 0;
334f05cddf9SRui Paulo }
335f05cddf9SRui Paulo if (len > 0 && model_name[len - 1] == 0) {
336f05cddf9SRui Paulo wpa_hexdump_ascii(MSG_INFO, "WPS-STRICT: Invalid Model Name "
337f05cddf9SRui Paulo "attribute value", model_name, len);
338f05cddf9SRui Paulo return -1;
339f05cddf9SRui Paulo }
340f05cddf9SRui Paulo return 0;
341f05cddf9SRui Paulo }
342f05cddf9SRui Paulo
343f05cddf9SRui Paulo
wps_validate_model_number(const u8 * model_number,size_t len,int mandatory)344f05cddf9SRui Paulo static int wps_validate_model_number(const u8 *model_number, size_t len,
345f05cddf9SRui Paulo int mandatory)
346f05cddf9SRui Paulo {
347f05cddf9SRui Paulo if (model_number == NULL) {
348f05cddf9SRui Paulo if (mandatory) {
349f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Model Number "
350f05cddf9SRui Paulo "attribute missing");
351f05cddf9SRui Paulo return -1;
352f05cddf9SRui Paulo }
353f05cddf9SRui Paulo return 0;
354f05cddf9SRui Paulo }
355f05cddf9SRui Paulo if (len > 0 && model_number[len - 1] == 0) {
356f05cddf9SRui Paulo wpa_hexdump_ascii(MSG_INFO, "WPS-STRICT: Invalid Model Number "
357f05cddf9SRui Paulo "attribute value", model_number, len);
358f05cddf9SRui Paulo return -1;
359f05cddf9SRui Paulo }
360f05cddf9SRui Paulo return 0;
361f05cddf9SRui Paulo }
362f05cddf9SRui Paulo
363f05cddf9SRui Paulo
wps_validate_serial_number(const u8 * serial_number,size_t len,int mandatory)364f05cddf9SRui Paulo static int wps_validate_serial_number(const u8 *serial_number, size_t len,
365f05cddf9SRui Paulo int mandatory)
366f05cddf9SRui Paulo {
367f05cddf9SRui Paulo if (serial_number == NULL) {
368f05cddf9SRui Paulo if (mandatory) {
369f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Serial Number "
370f05cddf9SRui Paulo "attribute missing");
371f05cddf9SRui Paulo return -1;
372f05cddf9SRui Paulo }
373f05cddf9SRui Paulo return 0;
374f05cddf9SRui Paulo }
375f05cddf9SRui Paulo if (len > 0 && serial_number[len - 1] == 0) {
376f05cddf9SRui Paulo wpa_hexdump_ascii(MSG_INFO, "WPS-STRICT: Invalid Serial "
377f05cddf9SRui Paulo "Number attribute value",
378f05cddf9SRui Paulo serial_number, len);
379f05cddf9SRui Paulo return -1;
380f05cddf9SRui Paulo }
381f05cddf9SRui Paulo return 0;
382f05cddf9SRui Paulo }
383f05cddf9SRui Paulo
384f05cddf9SRui Paulo
wps_validate_dev_name(const u8 * dev_name,size_t len,int mandatory)385f05cddf9SRui Paulo static int wps_validate_dev_name(const u8 *dev_name, size_t len,
386f05cddf9SRui Paulo int mandatory)
387f05cddf9SRui Paulo {
388f05cddf9SRui Paulo if (dev_name == NULL) {
389f05cddf9SRui Paulo if (mandatory) {
390f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Device Name "
391f05cddf9SRui Paulo "attribute missing");
392f05cddf9SRui Paulo return -1;
393f05cddf9SRui Paulo }
394f05cddf9SRui Paulo return 0;
395f05cddf9SRui Paulo }
396f05cddf9SRui Paulo if (len > 0 && dev_name[len - 1] == 0) {
397f05cddf9SRui Paulo wpa_hexdump_ascii(MSG_INFO, "WPS-STRICT: Invalid Device Name "
398f05cddf9SRui Paulo "attribute value", dev_name, len);
399f05cddf9SRui Paulo return -1;
400f05cddf9SRui Paulo }
401f05cddf9SRui Paulo return 0;
402f05cddf9SRui Paulo }
403f05cddf9SRui Paulo
404f05cddf9SRui Paulo
wps_validate_request_to_enroll(const u8 * request_to_enroll,int mandatory)405f05cddf9SRui Paulo static int wps_validate_request_to_enroll(const u8 *request_to_enroll,
406f05cddf9SRui Paulo int mandatory)
407f05cddf9SRui Paulo {
408f05cddf9SRui Paulo if (request_to_enroll == NULL) {
409f05cddf9SRui Paulo if (mandatory) {
410f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Request to Enroll "
411f05cddf9SRui Paulo "attribute missing");
412f05cddf9SRui Paulo return -1;
413f05cddf9SRui Paulo }
414f05cddf9SRui Paulo return 0;
415f05cddf9SRui Paulo }
416f05cddf9SRui Paulo if (*request_to_enroll > 0x01) {
417f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Request to Enroll "
418f05cddf9SRui Paulo "attribute value 0x%x", *request_to_enroll);
419f05cddf9SRui Paulo return -1;
420f05cddf9SRui Paulo }
421f05cddf9SRui Paulo return 0;
422f05cddf9SRui Paulo }
423f05cddf9SRui Paulo
424f05cddf9SRui Paulo
wps_validate_req_dev_type(const u8 * req_dev_type[],size_t num,int mandatory)425f05cddf9SRui Paulo static int wps_validate_req_dev_type(const u8 *req_dev_type[], size_t num,
426f05cddf9SRui Paulo int mandatory)
427f05cddf9SRui Paulo {
428f05cddf9SRui Paulo if (num == 0) {
429f05cddf9SRui Paulo if (mandatory) {
430f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Requested Device "
431f05cddf9SRui Paulo "Type attribute missing");
432f05cddf9SRui Paulo return -1;
433f05cddf9SRui Paulo }
434f05cddf9SRui Paulo return 0;
435f05cddf9SRui Paulo }
436f05cddf9SRui Paulo return 0;
437f05cddf9SRui Paulo }
438f05cddf9SRui Paulo
439f05cddf9SRui Paulo
wps_validate_wps_state(const u8 * wps_state,int mandatory)440f05cddf9SRui Paulo static int wps_validate_wps_state(const u8 *wps_state, int mandatory)
441f05cddf9SRui Paulo {
442f05cddf9SRui Paulo if (wps_state == NULL) {
443f05cddf9SRui Paulo if (mandatory) {
444f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Wi-Fi Protected "
445f05cddf9SRui Paulo "Setup State attribute missing");
446f05cddf9SRui Paulo return -1;
447f05cddf9SRui Paulo }
448f05cddf9SRui Paulo return 0;
449f05cddf9SRui Paulo }
450f05cddf9SRui Paulo if (*wps_state != WPS_STATE_NOT_CONFIGURED &&
451f05cddf9SRui Paulo *wps_state != WPS_STATE_CONFIGURED) {
452f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Wi-Fi Protected "
453f05cddf9SRui Paulo "Setup State attribute value 0x%x", *wps_state);
454f05cddf9SRui Paulo return -1;
455f05cddf9SRui Paulo }
456f05cddf9SRui Paulo return 0;
457f05cddf9SRui Paulo }
458f05cddf9SRui Paulo
459f05cddf9SRui Paulo
wps_validate_ap_setup_locked(const u8 * ap_setup_locked,int mandatory)460f05cddf9SRui Paulo static int wps_validate_ap_setup_locked(const u8 *ap_setup_locked,
461f05cddf9SRui Paulo int mandatory)
462f05cddf9SRui Paulo {
463f05cddf9SRui Paulo if (ap_setup_locked == NULL) {
464f05cddf9SRui Paulo if (mandatory) {
465f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: AP Setup Locked "
466f05cddf9SRui Paulo "attribute missing");
467f05cddf9SRui Paulo return -1;
468f05cddf9SRui Paulo }
469f05cddf9SRui Paulo return 0;
470f05cddf9SRui Paulo }
471f05cddf9SRui Paulo if (*ap_setup_locked > 1) {
472f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid AP Setup Locked "
473f05cddf9SRui Paulo "attribute value 0x%x", *ap_setup_locked);
474f05cddf9SRui Paulo return -1;
475f05cddf9SRui Paulo }
476f05cddf9SRui Paulo return 0;
477f05cddf9SRui Paulo }
478f05cddf9SRui Paulo
479f05cddf9SRui Paulo
wps_validate_selected_registrar(const u8 * selected_registrar,int mandatory)480f05cddf9SRui Paulo static int wps_validate_selected_registrar(const u8 *selected_registrar,
481f05cddf9SRui Paulo int mandatory)
482f05cddf9SRui Paulo {
483f05cddf9SRui Paulo if (selected_registrar == NULL) {
484f05cddf9SRui Paulo if (mandatory) {
485f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Selected Registrar "
486f05cddf9SRui Paulo "attribute missing");
487f05cddf9SRui Paulo return -1;
488f05cddf9SRui Paulo }
489f05cddf9SRui Paulo return 0;
490f05cddf9SRui Paulo }
491f05cddf9SRui Paulo if (*selected_registrar > 1) {
492f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Selected Registrar "
493f05cddf9SRui Paulo "attribute value 0x%x", *selected_registrar);
494f05cddf9SRui Paulo return -1;
495f05cddf9SRui Paulo }
496f05cddf9SRui Paulo return 0;
497f05cddf9SRui Paulo }
498f05cddf9SRui Paulo
499f05cddf9SRui Paulo
wps_validate_sel_reg_config_methods(const u8 * config_methods,int wps2,int mandatory)500f05cddf9SRui Paulo static int wps_validate_sel_reg_config_methods(const u8 *config_methods,
501f05cddf9SRui Paulo int wps2, int mandatory)
502f05cddf9SRui Paulo {
503f05cddf9SRui Paulo u16 val;
504f05cddf9SRui Paulo
505f05cddf9SRui Paulo if (config_methods == NULL) {
506f05cddf9SRui Paulo if (mandatory) {
507f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Selected Registrar "
508f05cddf9SRui Paulo "Configuration Methods attribute missing");
509f05cddf9SRui Paulo return -1;
510f05cddf9SRui Paulo }
511f05cddf9SRui Paulo return 0;
512f05cddf9SRui Paulo }
513f05cddf9SRui Paulo
514f05cddf9SRui Paulo val = WPA_GET_BE16(config_methods);
515f05cddf9SRui Paulo if (!valid_config_methods(val, wps2)) {
516f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Selected Registrar "
517f05cddf9SRui Paulo "Configuration Methods attribute value 0x%04x",
518f05cddf9SRui Paulo val);
519f05cddf9SRui Paulo return -1;
520f05cddf9SRui Paulo }
521f05cddf9SRui Paulo return 0;
522f05cddf9SRui Paulo }
523f05cddf9SRui Paulo
524f05cddf9SRui Paulo
wps_validate_authorized_macs(const u8 * authorized_macs,size_t len,int mandatory)525f05cddf9SRui Paulo static int wps_validate_authorized_macs(const u8 *authorized_macs, size_t len,
526f05cddf9SRui Paulo int mandatory)
527f05cddf9SRui Paulo {
528f05cddf9SRui Paulo if (authorized_macs == NULL) {
529f05cddf9SRui Paulo if (mandatory) {
530f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Authorized MACs "
531f05cddf9SRui Paulo "attribute missing");
532f05cddf9SRui Paulo return -1;
533f05cddf9SRui Paulo }
534f05cddf9SRui Paulo return 0;
535f05cddf9SRui Paulo }
536f05cddf9SRui Paulo if (len > 30 && (len % ETH_ALEN) != 0) {
537f05cddf9SRui Paulo wpa_hexdump(MSG_INFO, "WPS-STRICT: Invalid Authorized "
538f05cddf9SRui Paulo "MACs attribute value", authorized_macs, len);
539f05cddf9SRui Paulo return -1;
540f05cddf9SRui Paulo }
541f05cddf9SRui Paulo return 0;
542f05cddf9SRui Paulo }
543f05cddf9SRui Paulo
544f05cddf9SRui Paulo
wps_validate_msg_type(const u8 * msg_type,int mandatory)545f05cddf9SRui Paulo static int wps_validate_msg_type(const u8 *msg_type, int mandatory)
546f05cddf9SRui Paulo {
547f05cddf9SRui Paulo if (msg_type == NULL) {
548f05cddf9SRui Paulo if (mandatory) {
549f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Message Type "
550f05cddf9SRui Paulo "attribute missing");
551f05cddf9SRui Paulo return -1;
552f05cddf9SRui Paulo }
553f05cddf9SRui Paulo return 0;
554f05cddf9SRui Paulo }
555f05cddf9SRui Paulo if (*msg_type < WPS_Beacon || *msg_type > WPS_WSC_DONE) {
556f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Message Type "
557f05cddf9SRui Paulo "attribute value 0x%x", *msg_type);
558f05cddf9SRui Paulo return -1;
559f05cddf9SRui Paulo }
560f05cddf9SRui Paulo return 0;
561f05cddf9SRui Paulo }
562f05cddf9SRui Paulo
563f05cddf9SRui Paulo
wps_validate_mac_addr(const u8 * mac_addr,int mandatory)564f05cddf9SRui Paulo static int wps_validate_mac_addr(const u8 *mac_addr, int mandatory)
565f05cddf9SRui Paulo {
566f05cddf9SRui Paulo if (mac_addr == NULL) {
567f05cddf9SRui Paulo if (mandatory) {
568f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: MAC Address "
569f05cddf9SRui Paulo "attribute missing");
570f05cddf9SRui Paulo return -1;
571f05cddf9SRui Paulo }
572f05cddf9SRui Paulo return 0;
573f05cddf9SRui Paulo }
574f05cddf9SRui Paulo if (mac_addr[0] & 0x01) {
575f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid MAC Address "
576f05cddf9SRui Paulo "attribute value " MACSTR, MAC2STR(mac_addr));
577f05cddf9SRui Paulo return -1;
578f05cddf9SRui Paulo }
579f05cddf9SRui Paulo return 0;
580f05cddf9SRui Paulo }
581f05cddf9SRui Paulo
582f05cddf9SRui Paulo
wps_validate_enrollee_nonce(const u8 * enrollee_nonce,int mandatory)583f05cddf9SRui Paulo static int wps_validate_enrollee_nonce(const u8 *enrollee_nonce, int mandatory)
584f05cddf9SRui Paulo {
585f05cddf9SRui Paulo if (enrollee_nonce == NULL) {
586f05cddf9SRui Paulo if (mandatory) {
587f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Enrollee Nonce "
588f05cddf9SRui Paulo "attribute missing");
589f05cddf9SRui Paulo return -1;
590f05cddf9SRui Paulo }
591f05cddf9SRui Paulo return 0;
592f05cddf9SRui Paulo }
593f05cddf9SRui Paulo return 0;
594f05cddf9SRui Paulo }
595f05cddf9SRui Paulo
596f05cddf9SRui Paulo
wps_validate_registrar_nonce(const u8 * registrar_nonce,int mandatory)597f05cddf9SRui Paulo static int wps_validate_registrar_nonce(const u8 *registrar_nonce,
598f05cddf9SRui Paulo int mandatory)
599f05cddf9SRui Paulo {
600f05cddf9SRui Paulo if (registrar_nonce == NULL) {
601f05cddf9SRui Paulo if (mandatory) {
602f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Registrar Nonce "
603f05cddf9SRui Paulo "attribute missing");
604f05cddf9SRui Paulo return -1;
605f05cddf9SRui Paulo }
606f05cddf9SRui Paulo return 0;
607f05cddf9SRui Paulo }
608f05cddf9SRui Paulo return 0;
609f05cddf9SRui Paulo }
610f05cddf9SRui Paulo
611f05cddf9SRui Paulo
wps_validate_public_key(const u8 * public_key,size_t len,int mandatory)612f05cddf9SRui Paulo static int wps_validate_public_key(const u8 *public_key, size_t len,
613f05cddf9SRui Paulo int mandatory)
614f05cddf9SRui Paulo {
615f05cddf9SRui Paulo if (public_key == NULL) {
616f05cddf9SRui Paulo if (mandatory) {
617f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Public Key "
618f05cddf9SRui Paulo "attribute missing");
619f05cddf9SRui Paulo return -1;
620f05cddf9SRui Paulo }
621f05cddf9SRui Paulo return 0;
622f05cddf9SRui Paulo }
623f05cddf9SRui Paulo if (len != 192) {
624f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Public Key "
625f05cddf9SRui Paulo "attribute length %d", (int) len);
626f05cddf9SRui Paulo return -1;
627f05cddf9SRui Paulo }
628f05cddf9SRui Paulo return 0;
629f05cddf9SRui Paulo }
630f05cddf9SRui Paulo
631f05cddf9SRui Paulo
num_bits_set(u16 val)632f05cddf9SRui Paulo static int num_bits_set(u16 val)
633f05cddf9SRui Paulo {
634f05cddf9SRui Paulo int c;
635f05cddf9SRui Paulo for (c = 0; val; c++)
636f05cddf9SRui Paulo val &= val - 1;
637f05cddf9SRui Paulo return c;
638f05cddf9SRui Paulo }
639f05cddf9SRui Paulo
640f05cddf9SRui Paulo
wps_validate_auth_type_flags(const u8 * flags,int mandatory)641f05cddf9SRui Paulo static int wps_validate_auth_type_flags(const u8 *flags, int mandatory)
642f05cddf9SRui Paulo {
643f05cddf9SRui Paulo u16 val;
644f05cddf9SRui Paulo
645f05cddf9SRui Paulo if (flags == NULL) {
646f05cddf9SRui Paulo if (mandatory) {
647f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Authentication Type "
648f05cddf9SRui Paulo "Flags attribute missing");
649f05cddf9SRui Paulo return -1;
650f05cddf9SRui Paulo }
651f05cddf9SRui Paulo return 0;
652f05cddf9SRui Paulo }
653f05cddf9SRui Paulo val = WPA_GET_BE16(flags);
654f05cddf9SRui Paulo if ((val & ~WPS_AUTH_TYPES) || !(val & WPS_AUTH_WPA2PSK)) {
655f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Authentication Type "
656f05cddf9SRui Paulo "Flags attribute value 0x%04x", val);
657f05cddf9SRui Paulo return -1;
658f05cddf9SRui Paulo }
659f05cddf9SRui Paulo return 0;
660f05cddf9SRui Paulo }
661f05cddf9SRui Paulo
662f05cddf9SRui Paulo
wps_validate_auth_type(const u8 * type,int mandatory)663f05cddf9SRui Paulo static int wps_validate_auth_type(const u8 *type, int mandatory)
664f05cddf9SRui Paulo {
665f05cddf9SRui Paulo u16 val;
666f05cddf9SRui Paulo
667f05cddf9SRui Paulo if (type == NULL) {
668f05cddf9SRui Paulo if (mandatory) {
669f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Authentication Type "
670f05cddf9SRui Paulo "attribute missing");
671f05cddf9SRui Paulo return -1;
672f05cddf9SRui Paulo }
673f05cddf9SRui Paulo return 0;
674f05cddf9SRui Paulo }
675f05cddf9SRui Paulo val = WPA_GET_BE16(type);
676f05cddf9SRui Paulo if ((val & ~WPS_AUTH_TYPES) || val == 0 ||
677f05cddf9SRui Paulo (num_bits_set(val) > 1 &&
678f05cddf9SRui Paulo val != (WPS_AUTH_WPAPSK | WPS_AUTH_WPA2PSK))) {
679f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Authentication Type "
680f05cddf9SRui Paulo "attribute value 0x%04x", val);
681f05cddf9SRui Paulo return -1;
682f05cddf9SRui Paulo }
683f05cddf9SRui Paulo return 0;
684f05cddf9SRui Paulo }
685f05cddf9SRui Paulo
686f05cddf9SRui Paulo
wps_validate_encr_type_flags(const u8 * flags,int mandatory)687f05cddf9SRui Paulo static int wps_validate_encr_type_flags(const u8 *flags, int mandatory)
688f05cddf9SRui Paulo {
689f05cddf9SRui Paulo u16 val;
690f05cddf9SRui Paulo
691f05cddf9SRui Paulo if (flags == NULL) {
692f05cddf9SRui Paulo if (mandatory) {
693f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Encryption Type "
694f05cddf9SRui Paulo "Flags attribute missing");
695f05cddf9SRui Paulo return -1;
696f05cddf9SRui Paulo }
697f05cddf9SRui Paulo return 0;
698f05cddf9SRui Paulo }
699f05cddf9SRui Paulo val = WPA_GET_BE16(flags);
700f05cddf9SRui Paulo if ((val & ~WPS_ENCR_TYPES) || !(val & WPS_ENCR_AES)) {
701f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Encryption Type "
702f05cddf9SRui Paulo "Flags attribute value 0x%04x", val);
703f05cddf9SRui Paulo return -1;
704f05cddf9SRui Paulo }
705f05cddf9SRui Paulo return 0;
706f05cddf9SRui Paulo }
707f05cddf9SRui Paulo
708f05cddf9SRui Paulo
wps_validate_encr_type(const u8 * type,int mandatory)709f05cddf9SRui Paulo static int wps_validate_encr_type(const u8 *type, int mandatory)
710f05cddf9SRui Paulo {
711f05cddf9SRui Paulo u16 val;
712f05cddf9SRui Paulo
713f05cddf9SRui Paulo if (type == NULL) {
714f05cddf9SRui Paulo if (mandatory) {
715f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Encryption Type "
716f05cddf9SRui Paulo "attribute missing");
717f05cddf9SRui Paulo return -1;
718f05cddf9SRui Paulo }
719f05cddf9SRui Paulo return 0;
720f05cddf9SRui Paulo }
721f05cddf9SRui Paulo val = WPA_GET_BE16(type);
722f05cddf9SRui Paulo if ((val & ~WPS_ENCR_TYPES) || val == 0 ||
723f05cddf9SRui Paulo (num_bits_set(val) > 1 && val != (WPS_ENCR_TKIP | WPS_ENCR_AES))) {
724f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Encryption Type "
725f05cddf9SRui Paulo "attribute value 0x%04x", val);
726f05cddf9SRui Paulo return -1;
727f05cddf9SRui Paulo }
728f05cddf9SRui Paulo return 0;
729f05cddf9SRui Paulo }
730f05cddf9SRui Paulo
731f05cddf9SRui Paulo
wps_validate_conn_type_flags(const u8 * flags,int mandatory)732f05cddf9SRui Paulo static int wps_validate_conn_type_flags(const u8 *flags, int mandatory)
733f05cddf9SRui Paulo {
734f05cddf9SRui Paulo if (flags == NULL) {
735f05cddf9SRui Paulo if (mandatory) {
736f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Connection Type "
737f05cddf9SRui Paulo "Flags attribute missing");
738f05cddf9SRui Paulo return -1;
739f05cddf9SRui Paulo }
740f05cddf9SRui Paulo return 0;
741f05cddf9SRui Paulo }
742f05cddf9SRui Paulo if ((*flags & ~(WPS_CONN_ESS | WPS_CONN_IBSS)) ||
743f05cddf9SRui Paulo !(*flags & WPS_CONN_ESS)) {
744f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Connection Type "
745f05cddf9SRui Paulo "Flags attribute value 0x%02x", *flags);
746f05cddf9SRui Paulo return -1;
747f05cddf9SRui Paulo }
748f05cddf9SRui Paulo return 0;
749f05cddf9SRui Paulo }
750f05cddf9SRui Paulo
751f05cddf9SRui Paulo
wps_validate_os_version(const u8 * os_version,int mandatory)752f05cddf9SRui Paulo static int wps_validate_os_version(const u8 *os_version, int mandatory)
753f05cddf9SRui Paulo {
754f05cddf9SRui Paulo if (os_version == NULL) {
755f05cddf9SRui Paulo if (mandatory) {
756f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: OS Version "
757f05cddf9SRui Paulo "attribute missing");
758f05cddf9SRui Paulo return -1;
759f05cddf9SRui Paulo }
760f05cddf9SRui Paulo return 0;
761f05cddf9SRui Paulo }
762f05cddf9SRui Paulo return 0;
763f05cddf9SRui Paulo }
764f05cddf9SRui Paulo
765f05cddf9SRui Paulo
wps_validate_authenticator(const u8 * authenticator,int mandatory)766f05cddf9SRui Paulo static int wps_validate_authenticator(const u8 *authenticator, int mandatory)
767f05cddf9SRui Paulo {
768f05cddf9SRui Paulo if (authenticator == NULL) {
769f05cddf9SRui Paulo if (mandatory) {
770f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Authenticator "
771f05cddf9SRui Paulo "attribute missing");
772f05cddf9SRui Paulo return -1;
773f05cddf9SRui Paulo }
774f05cddf9SRui Paulo return 0;
775f05cddf9SRui Paulo }
776f05cddf9SRui Paulo return 0;
777f05cddf9SRui Paulo }
778f05cddf9SRui Paulo
779f05cddf9SRui Paulo
wps_validate_e_hash1(const u8 * hash,int mandatory)780f05cddf9SRui Paulo static int wps_validate_e_hash1(const u8 *hash, int mandatory)
781f05cddf9SRui Paulo {
782f05cddf9SRui Paulo if (hash == NULL) {
783f05cddf9SRui Paulo if (mandatory) {
784f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: E-Hash1 "
785f05cddf9SRui Paulo "attribute missing");
786f05cddf9SRui Paulo return -1;
787f05cddf9SRui Paulo }
788f05cddf9SRui Paulo return 0;
789f05cddf9SRui Paulo }
790f05cddf9SRui Paulo return 0;
791f05cddf9SRui Paulo }
792f05cddf9SRui Paulo
793f05cddf9SRui Paulo
wps_validate_e_hash2(const u8 * hash,int mandatory)794f05cddf9SRui Paulo static int wps_validate_e_hash2(const u8 *hash, int mandatory)
795f05cddf9SRui Paulo {
796f05cddf9SRui Paulo if (hash == NULL) {
797f05cddf9SRui Paulo if (mandatory) {
798f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: E-Hash2 "
799f05cddf9SRui Paulo "attribute missing");
800f05cddf9SRui Paulo return -1;
801f05cddf9SRui Paulo }
802f05cddf9SRui Paulo return 0;
803f05cddf9SRui Paulo }
804f05cddf9SRui Paulo return 0;
805f05cddf9SRui Paulo }
806f05cddf9SRui Paulo
807f05cddf9SRui Paulo
wps_validate_r_hash1(const u8 * hash,int mandatory)808f05cddf9SRui Paulo static int wps_validate_r_hash1(const u8 *hash, int mandatory)
809f05cddf9SRui Paulo {
810f05cddf9SRui Paulo if (hash == NULL) {
811f05cddf9SRui Paulo if (mandatory) {
812f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: R-Hash1 "
813f05cddf9SRui Paulo "attribute missing");
814f05cddf9SRui Paulo return -1;
815f05cddf9SRui Paulo }
816f05cddf9SRui Paulo return 0;
817f05cddf9SRui Paulo }
818f05cddf9SRui Paulo return 0;
819f05cddf9SRui Paulo }
820f05cddf9SRui Paulo
821f05cddf9SRui Paulo
wps_validate_r_hash2(const u8 * hash,int mandatory)822f05cddf9SRui Paulo static int wps_validate_r_hash2(const u8 *hash, int mandatory)
823f05cddf9SRui Paulo {
824f05cddf9SRui Paulo if (hash == NULL) {
825f05cddf9SRui Paulo if (mandatory) {
826f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: R-Hash2 "
827f05cddf9SRui Paulo "attribute missing");
828f05cddf9SRui Paulo return -1;
829f05cddf9SRui Paulo }
830f05cddf9SRui Paulo return 0;
831f05cddf9SRui Paulo }
832f05cddf9SRui Paulo return 0;
833f05cddf9SRui Paulo }
834f05cddf9SRui Paulo
835f05cddf9SRui Paulo
wps_validate_encr_settings(const u8 * encr_settings,size_t len,int mandatory)836f05cddf9SRui Paulo static int wps_validate_encr_settings(const u8 *encr_settings, size_t len,
837f05cddf9SRui Paulo int mandatory)
838f05cddf9SRui Paulo {
839f05cddf9SRui Paulo if (encr_settings == NULL) {
840f05cddf9SRui Paulo if (mandatory) {
841f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Encrypted Settings "
842f05cddf9SRui Paulo "attribute missing");
843f05cddf9SRui Paulo return -1;
844f05cddf9SRui Paulo }
845f05cddf9SRui Paulo return 0;
846f05cddf9SRui Paulo }
847f05cddf9SRui Paulo if (len < 16) {
848f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Encrypted Settings "
849f05cddf9SRui Paulo "attribute length %d", (int) len);
850f05cddf9SRui Paulo return -1;
851f05cddf9SRui Paulo }
852f05cddf9SRui Paulo return 0;
853f05cddf9SRui Paulo }
854f05cddf9SRui Paulo
855f05cddf9SRui Paulo
wps_validate_settings_delay_time(const u8 * delay,int mandatory)856f05cddf9SRui Paulo static int wps_validate_settings_delay_time(const u8 *delay, int mandatory)
857f05cddf9SRui Paulo {
858f05cddf9SRui Paulo if (delay == NULL) {
859f05cddf9SRui Paulo if (mandatory) {
860f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Settings Delay Time "
861f05cddf9SRui Paulo "attribute missing");
862f05cddf9SRui Paulo return -1;
863f05cddf9SRui Paulo }
864f05cddf9SRui Paulo return 0;
865f05cddf9SRui Paulo }
866f05cddf9SRui Paulo return 0;
867f05cddf9SRui Paulo }
868f05cddf9SRui Paulo
869f05cddf9SRui Paulo
wps_validate_r_snonce1(const u8 * nonce,int mandatory)870f05cddf9SRui Paulo static int wps_validate_r_snonce1(const u8 *nonce, int mandatory)
871f05cddf9SRui Paulo {
872f05cddf9SRui Paulo if (nonce == NULL) {
873f05cddf9SRui Paulo if (mandatory) {
874f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: R-SNonce1 "
875f05cddf9SRui Paulo "attribute missing");
876f05cddf9SRui Paulo return -1;
877f05cddf9SRui Paulo }
878f05cddf9SRui Paulo return 0;
879f05cddf9SRui Paulo }
880f05cddf9SRui Paulo return 0;
881f05cddf9SRui Paulo }
882f05cddf9SRui Paulo
883f05cddf9SRui Paulo
wps_validate_r_snonce2(const u8 * nonce,int mandatory)884f05cddf9SRui Paulo static int wps_validate_r_snonce2(const u8 *nonce, int mandatory)
885f05cddf9SRui Paulo {
886f05cddf9SRui Paulo if (nonce == NULL) {
887f05cddf9SRui Paulo if (mandatory) {
888f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: R-SNonce2 "
889f05cddf9SRui Paulo "attribute missing");
890f05cddf9SRui Paulo return -1;
891f05cddf9SRui Paulo }
892f05cddf9SRui Paulo return 0;
893f05cddf9SRui Paulo }
894f05cddf9SRui Paulo return 0;
895f05cddf9SRui Paulo }
896f05cddf9SRui Paulo
897f05cddf9SRui Paulo
wps_validate_e_snonce1(const u8 * nonce,int mandatory)898f05cddf9SRui Paulo static int wps_validate_e_snonce1(const u8 *nonce, int mandatory)
899f05cddf9SRui Paulo {
900f05cddf9SRui Paulo if (nonce == NULL) {
901f05cddf9SRui Paulo if (mandatory) {
902f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: E-SNonce1 "
903f05cddf9SRui Paulo "attribute missing");
904f05cddf9SRui Paulo return -1;
905f05cddf9SRui Paulo }
906f05cddf9SRui Paulo return 0;
907f05cddf9SRui Paulo }
908f05cddf9SRui Paulo return 0;
909f05cddf9SRui Paulo }
910f05cddf9SRui Paulo
911f05cddf9SRui Paulo
wps_validate_e_snonce2(const u8 * nonce,int mandatory)912f05cddf9SRui Paulo static int wps_validate_e_snonce2(const u8 *nonce, int mandatory)
913f05cddf9SRui Paulo {
914f05cddf9SRui Paulo if (nonce == NULL) {
915f05cddf9SRui Paulo if (mandatory) {
916f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: E-SNonce2 "
917f05cddf9SRui Paulo "attribute missing");
918f05cddf9SRui Paulo return -1;
919f05cddf9SRui Paulo }
920f05cddf9SRui Paulo return 0;
921f05cddf9SRui Paulo }
922f05cddf9SRui Paulo return 0;
923f05cddf9SRui Paulo }
924f05cddf9SRui Paulo
925f05cddf9SRui Paulo
wps_validate_key_wrap_auth(const u8 * auth,int mandatory)926f05cddf9SRui Paulo static int wps_validate_key_wrap_auth(const u8 *auth, int mandatory)
927f05cddf9SRui Paulo {
928f05cddf9SRui Paulo if (auth == NULL) {
929f05cddf9SRui Paulo if (mandatory) {
930f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Key Wrap "
931f05cddf9SRui Paulo "Authenticator attribute missing");
932f05cddf9SRui Paulo return -1;
933f05cddf9SRui Paulo }
934f05cddf9SRui Paulo return 0;
935f05cddf9SRui Paulo }
936f05cddf9SRui Paulo return 0;
937f05cddf9SRui Paulo }
938f05cddf9SRui Paulo
939f05cddf9SRui Paulo
wps_validate_ssid(const u8 * ssid,size_t ssid_len,int mandatory)940f05cddf9SRui Paulo static int wps_validate_ssid(const u8 *ssid, size_t ssid_len, int mandatory)
941f05cddf9SRui Paulo {
942f05cddf9SRui Paulo if (ssid == NULL) {
943f05cddf9SRui Paulo if (mandatory) {
944f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: SSID "
945f05cddf9SRui Paulo "attribute missing");
946f05cddf9SRui Paulo return -1;
947f05cddf9SRui Paulo }
948f05cddf9SRui Paulo return 0;
949f05cddf9SRui Paulo }
950f05cddf9SRui Paulo if (ssid_len == 0 || ssid[ssid_len - 1] == 0) {
951f05cddf9SRui Paulo wpa_hexdump_ascii(MSG_INFO, "WPS-STRICT: Invalid SSID "
952f05cddf9SRui Paulo "attribute value", ssid, ssid_len);
953f05cddf9SRui Paulo return -1;
954f05cddf9SRui Paulo }
955f05cddf9SRui Paulo return 0;
956f05cddf9SRui Paulo }
957f05cddf9SRui Paulo
958f05cddf9SRui Paulo
wps_validate_network_key_index(const u8 * idx,int mandatory)959f05cddf9SRui Paulo static int wps_validate_network_key_index(const u8 *idx, int mandatory)
960f05cddf9SRui Paulo {
961f05cddf9SRui Paulo if (idx == NULL) {
962f05cddf9SRui Paulo if (mandatory) {
963f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Network Key Index "
964f05cddf9SRui Paulo "attribute missing");
965f05cddf9SRui Paulo return -1;
966f05cddf9SRui Paulo }
967f05cddf9SRui Paulo return 0;
968f05cddf9SRui Paulo }
969f05cddf9SRui Paulo return 0;
970f05cddf9SRui Paulo }
971f05cddf9SRui Paulo
972f05cddf9SRui Paulo
wps_validate_network_idx(const u8 * idx,int mandatory)973f05cddf9SRui Paulo static int wps_validate_network_idx(const u8 *idx, int mandatory)
974f05cddf9SRui Paulo {
975f05cddf9SRui Paulo if (idx == NULL) {
976f05cddf9SRui Paulo if (mandatory) {
977f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Network Index "
978f05cddf9SRui Paulo "attribute missing");
979f05cddf9SRui Paulo return -1;
980f05cddf9SRui Paulo }
981f05cddf9SRui Paulo return 0;
982f05cddf9SRui Paulo }
983f05cddf9SRui Paulo return 0;
984f05cddf9SRui Paulo }
985f05cddf9SRui Paulo
986f05cddf9SRui Paulo
wps_validate_network_key(const u8 * key,size_t key_len,const u8 * encr_type,int mandatory)987f05cddf9SRui Paulo static int wps_validate_network_key(const u8 *key, size_t key_len,
988f05cddf9SRui Paulo const u8 *encr_type, int mandatory)
989f05cddf9SRui Paulo {
990f05cddf9SRui Paulo if (key == NULL) {
991f05cddf9SRui Paulo if (mandatory) {
992f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Network Key "
993f05cddf9SRui Paulo "attribute missing");
994f05cddf9SRui Paulo return -1;
995f05cddf9SRui Paulo }
996f05cddf9SRui Paulo return 0;
997f05cddf9SRui Paulo }
998f05cddf9SRui Paulo if (((encr_type == NULL || WPA_GET_BE16(encr_type) != WPS_ENCR_WEP) &&
999f05cddf9SRui Paulo key_len > 8 && key_len < 64 && key[key_len - 1] == 0) ||
1000f05cddf9SRui Paulo key_len > 64) {
1001f05cddf9SRui Paulo wpa_hexdump_ascii_key(MSG_INFO, "WPS-STRICT: Invalid Network "
1002f05cddf9SRui Paulo "Key attribute value", key, key_len);
1003f05cddf9SRui Paulo return -1;
1004f05cddf9SRui Paulo }
1005f05cddf9SRui Paulo return 0;
1006f05cddf9SRui Paulo }
1007f05cddf9SRui Paulo
1008f05cddf9SRui Paulo
wps_validate_network_key_shareable(const u8 * val,int mandatory)1009f05cddf9SRui Paulo static int wps_validate_network_key_shareable(const u8 *val, int mandatory)
1010f05cddf9SRui Paulo {
1011f05cddf9SRui Paulo if (val == NULL) {
1012f05cddf9SRui Paulo if (mandatory) {
1013f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Network Key "
1014f05cddf9SRui Paulo "Shareable attribute missing");
1015f05cddf9SRui Paulo return -1;
1016f05cddf9SRui Paulo }
1017f05cddf9SRui Paulo return 0;
1018f05cddf9SRui Paulo }
1019f05cddf9SRui Paulo if (*val > 1) {
1020f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Network Key "
1021f05cddf9SRui Paulo "Shareable attribute value 0x%x", *val);
1022f05cddf9SRui Paulo return -1;
1023f05cddf9SRui Paulo }
1024f05cddf9SRui Paulo return 0;
1025f05cddf9SRui Paulo }
1026f05cddf9SRui Paulo
1027f05cddf9SRui Paulo
wps_validate_cred(const u8 * cred,size_t len)1028f05cddf9SRui Paulo static int wps_validate_cred(const u8 *cred, size_t len)
1029f05cddf9SRui Paulo {
1030f05cddf9SRui Paulo struct wps_parse_attr attr;
1031f05cddf9SRui Paulo struct wpabuf buf;
1032f05cddf9SRui Paulo
1033f05cddf9SRui Paulo if (cred == NULL)
1034f05cddf9SRui Paulo return -1;
1035f05cddf9SRui Paulo wpabuf_set(&buf, cred, len);
1036f05cddf9SRui Paulo if (wps_parse_msg(&buf, &attr) < 0) {
1037f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse Credential");
1038f05cddf9SRui Paulo return -1;
1039f05cddf9SRui Paulo }
1040f05cddf9SRui Paulo
1041f05cddf9SRui Paulo if (wps_validate_network_idx(attr.network_idx, 1) ||
1042f05cddf9SRui Paulo wps_validate_ssid(attr.ssid, attr.ssid_len, 1) ||
1043f05cddf9SRui Paulo wps_validate_auth_type(attr.auth_type, 1) ||
1044f05cddf9SRui Paulo wps_validate_encr_type(attr.encr_type, 1) ||
1045f05cddf9SRui Paulo wps_validate_network_key_index(attr.network_key_idx, 0) ||
1046f05cddf9SRui Paulo wps_validate_network_key(attr.network_key, attr.network_key_len,
1047f05cddf9SRui Paulo attr.encr_type, 1) ||
1048f05cddf9SRui Paulo wps_validate_mac_addr(attr.mac_addr, 1) ||
1049f05cddf9SRui Paulo wps_validate_network_key_shareable(attr.network_key_shareable, 0))
1050f05cddf9SRui Paulo {
1051f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Credential");
1052f05cddf9SRui Paulo return -1;
1053f05cddf9SRui Paulo }
1054f05cddf9SRui Paulo
1055f05cddf9SRui Paulo
1056f05cddf9SRui Paulo return 0;
1057f05cddf9SRui Paulo }
1058f05cddf9SRui Paulo
1059f05cddf9SRui Paulo
wps_validate_credential(const u8 * cred[],u16 len[],size_t num,int mandatory)1060*4bc52338SCy Schubert static int wps_validate_credential(const u8 *cred[], u16 len[], size_t num,
1061f05cddf9SRui Paulo int mandatory)
1062f05cddf9SRui Paulo {
1063f05cddf9SRui Paulo size_t i;
1064f05cddf9SRui Paulo
1065f05cddf9SRui Paulo if (num == 0) {
1066f05cddf9SRui Paulo if (mandatory) {
1067f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Credential "
1068f05cddf9SRui Paulo "attribute missing");
1069f05cddf9SRui Paulo return -1;
1070f05cddf9SRui Paulo }
1071f05cddf9SRui Paulo return 0;
1072f05cddf9SRui Paulo }
1073f05cddf9SRui Paulo
1074f05cddf9SRui Paulo for (i = 0; i < num; i++) {
1075f05cddf9SRui Paulo if (wps_validate_cred(cred[i], len[i]) < 0)
1076f05cddf9SRui Paulo return -1;
1077f05cddf9SRui Paulo }
1078f05cddf9SRui Paulo
1079f05cddf9SRui Paulo return 0;
1080f05cddf9SRui Paulo }
1081f05cddf9SRui Paulo
1082f05cddf9SRui Paulo
wps_validate_beacon(const struct wpabuf * wps_ie)1083f05cddf9SRui Paulo int wps_validate_beacon(const struct wpabuf *wps_ie)
1084f05cddf9SRui Paulo {
1085f05cddf9SRui Paulo struct wps_parse_attr attr;
1086f05cddf9SRui Paulo int wps2, sel_reg;
1087f05cddf9SRui Paulo
1088f05cddf9SRui Paulo if (wps_ie == NULL) {
1089f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No WPS IE in Beacon frame");
1090f05cddf9SRui Paulo return -1;
1091f05cddf9SRui Paulo }
1092f05cddf9SRui Paulo if (wps_parse_msg(wps_ie, &attr) < 0) {
1093f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse WPS IE in "
1094f05cddf9SRui Paulo "Beacon frame");
1095f05cddf9SRui Paulo return -1;
1096f05cddf9SRui Paulo }
1097f05cddf9SRui Paulo
1098f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1099f05cddf9SRui Paulo sel_reg = attr.selected_registrar != NULL &&
1100f05cddf9SRui Paulo *attr.selected_registrar != 0;
1101f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1102f05cddf9SRui Paulo wps_validate_wps_state(attr.wps_state, 1) ||
1103f05cddf9SRui Paulo wps_validate_ap_setup_locked(attr.ap_setup_locked, 0) ||
1104f05cddf9SRui Paulo wps_validate_selected_registrar(attr.selected_registrar, 0) ||
1105f05cddf9SRui Paulo wps_validate_dev_password_id(attr.dev_password_id, sel_reg) ||
1106f05cddf9SRui Paulo wps_validate_sel_reg_config_methods(attr.sel_reg_config_methods,
1107f05cddf9SRui Paulo wps2, sel_reg) ||
1108f05cddf9SRui Paulo wps_validate_uuid_e(attr.uuid_e, 0) ||
1109f05cddf9SRui Paulo wps_validate_rf_bands(attr.rf_bands, 0) ||
1110f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2) ||
1111f05cddf9SRui Paulo wps_validate_authorized_macs(attr.authorized_macs,
1112f05cddf9SRui Paulo attr.authorized_macs_len, 0)) {
1113f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Beacon frame");
1114f05cddf9SRui Paulo return -1;
1115f05cddf9SRui Paulo }
1116f05cddf9SRui Paulo
1117f05cddf9SRui Paulo return 0;
1118f05cddf9SRui Paulo }
1119f05cddf9SRui Paulo
1120f05cddf9SRui Paulo
wps_validate_beacon_probe_resp(const struct wpabuf * wps_ie,int probe,const u8 * addr)1121f05cddf9SRui Paulo int wps_validate_beacon_probe_resp(const struct wpabuf *wps_ie, int probe,
1122f05cddf9SRui Paulo const u8 *addr)
1123f05cddf9SRui Paulo {
1124f05cddf9SRui Paulo struct wps_parse_attr attr;
1125f05cddf9SRui Paulo int wps2, sel_reg;
1126f05cddf9SRui Paulo
1127f05cddf9SRui Paulo if (wps_ie == NULL) {
1128f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No WPS IE in "
1129f05cddf9SRui Paulo "%sProbe Response frame", probe ? "" : "Beacon/");
1130f05cddf9SRui Paulo return -1;
1131f05cddf9SRui Paulo }
1132f05cddf9SRui Paulo if (wps_parse_msg(wps_ie, &attr) < 0) {
1133f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse WPS IE in "
1134f05cddf9SRui Paulo "%sProbe Response frame", probe ? "" : "Beacon/");
1135f05cddf9SRui Paulo return -1;
1136f05cddf9SRui Paulo }
1137f05cddf9SRui Paulo
1138f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1139f05cddf9SRui Paulo sel_reg = attr.selected_registrar != NULL &&
1140f05cddf9SRui Paulo *attr.selected_registrar != 0;
1141f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1142f05cddf9SRui Paulo wps_validate_wps_state(attr.wps_state, 1) ||
1143f05cddf9SRui Paulo wps_validate_ap_setup_locked(attr.ap_setup_locked, 0) ||
1144f05cddf9SRui Paulo wps_validate_selected_registrar(attr.selected_registrar, 0) ||
1145f05cddf9SRui Paulo wps_validate_dev_password_id(attr.dev_password_id, sel_reg) ||
1146f05cddf9SRui Paulo wps_validate_sel_reg_config_methods(attr.sel_reg_config_methods,
1147f05cddf9SRui Paulo wps2, sel_reg) ||
1148f05cddf9SRui Paulo wps_validate_response_type(attr.response_type, probe) ||
1149f05cddf9SRui Paulo wps_validate_uuid_e(attr.uuid_e, probe) ||
1150f05cddf9SRui Paulo wps_validate_manufacturer(attr.manufacturer, attr.manufacturer_len,
1151f05cddf9SRui Paulo probe) ||
1152f05cddf9SRui Paulo wps_validate_model_name(attr.model_name, attr.model_name_len,
1153f05cddf9SRui Paulo probe) ||
1154f05cddf9SRui Paulo wps_validate_model_number(attr.model_number, attr.model_number_len,
1155f05cddf9SRui Paulo probe) ||
1156f05cddf9SRui Paulo wps_validate_serial_number(attr.serial_number,
1157f05cddf9SRui Paulo attr.serial_number_len, probe) ||
1158f05cddf9SRui Paulo wps_validate_primary_dev_type(attr.primary_dev_type, probe) ||
1159f05cddf9SRui Paulo wps_validate_dev_name(attr.dev_name, attr.dev_name_len, probe) ||
1160f05cddf9SRui Paulo wps_validate_ap_config_methods(attr.config_methods, wps2, probe) ||
1161f05cddf9SRui Paulo wps_validate_rf_bands(attr.rf_bands, 0) ||
1162f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2) ||
1163f05cddf9SRui Paulo wps_validate_authorized_macs(attr.authorized_macs,
1164f05cddf9SRui Paulo attr.authorized_macs_len, 0)) {
1165f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid %sProbe Response "
1166f05cddf9SRui Paulo "frame from " MACSTR, probe ? "" : "Beacon/",
1167f05cddf9SRui Paulo MAC2STR(addr));
1168f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1169f05cddf9SRui Paulo if (wps2)
1170f05cddf9SRui Paulo return -1;
1171f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1172f05cddf9SRui Paulo return -1;
1173f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1174f05cddf9SRui Paulo }
1175f05cddf9SRui Paulo
1176f05cddf9SRui Paulo return 0;
1177f05cddf9SRui Paulo }
1178f05cddf9SRui Paulo
1179f05cddf9SRui Paulo
wps_validate_probe_req(const struct wpabuf * wps_ie,const u8 * addr)1180f05cddf9SRui Paulo int wps_validate_probe_req(const struct wpabuf *wps_ie, const u8 *addr)
1181f05cddf9SRui Paulo {
1182f05cddf9SRui Paulo struct wps_parse_attr attr;
1183f05cddf9SRui Paulo int wps2;
1184f05cddf9SRui Paulo
1185f05cddf9SRui Paulo if (wps_ie == NULL) {
1186f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No WPS IE in "
1187f05cddf9SRui Paulo "Probe Request frame");
1188f05cddf9SRui Paulo return -1;
1189f05cddf9SRui Paulo }
1190f05cddf9SRui Paulo if (wps_parse_msg(wps_ie, &attr) < 0) {
1191f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse WPS IE in "
1192f05cddf9SRui Paulo "Probe Request frame");
1193f05cddf9SRui Paulo return -1;
1194f05cddf9SRui Paulo }
1195f05cddf9SRui Paulo
1196f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1197f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1198f05cddf9SRui Paulo wps_validate_request_type(attr.request_type, 1) ||
1199f05cddf9SRui Paulo wps_validate_config_methods(attr.config_methods, wps2, 1) ||
1200f05cddf9SRui Paulo wps_validate_uuid_e(attr.uuid_e, attr.uuid_r == NULL) ||
1201f05cddf9SRui Paulo wps_validate_uuid_r(attr.uuid_r, attr.uuid_e == NULL) ||
1202f05cddf9SRui Paulo wps_validate_primary_dev_type(attr.primary_dev_type, 1) ||
1203f05cddf9SRui Paulo wps_validate_rf_bands(attr.rf_bands, 1) ||
1204f05cddf9SRui Paulo wps_validate_assoc_state(attr.assoc_state, 1) ||
1205f05cddf9SRui Paulo wps_validate_config_error(attr.config_error, 1) ||
1206f05cddf9SRui Paulo wps_validate_dev_password_id(attr.dev_password_id, 1) ||
1207f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2) ||
1208f05cddf9SRui Paulo wps_validate_manufacturer(attr.manufacturer, attr.manufacturer_len,
1209f05cddf9SRui Paulo wps2) ||
1210f05cddf9SRui Paulo wps_validate_model_name(attr.model_name, attr.model_name_len,
1211f05cddf9SRui Paulo wps2) ||
1212f05cddf9SRui Paulo wps_validate_model_number(attr.model_number, attr.model_number_len,
1213f05cddf9SRui Paulo wps2) ||
1214f05cddf9SRui Paulo wps_validate_dev_name(attr.dev_name, attr.dev_name_len, wps2) ||
1215f05cddf9SRui Paulo wps_validate_request_to_enroll(attr.request_to_enroll, 0) ||
1216f05cddf9SRui Paulo wps_validate_req_dev_type(attr.req_dev_type, attr.num_req_dev_type,
1217f05cddf9SRui Paulo 0)) {
1218f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Probe Request "
1219f05cddf9SRui Paulo "frame from " MACSTR, MAC2STR(addr));
1220f05cddf9SRui Paulo return -1;
1221f05cddf9SRui Paulo }
1222f05cddf9SRui Paulo
1223f05cddf9SRui Paulo return 0;
1224f05cddf9SRui Paulo }
1225f05cddf9SRui Paulo
1226f05cddf9SRui Paulo
wps_validate_assoc_req(const struct wpabuf * wps_ie)1227f05cddf9SRui Paulo int wps_validate_assoc_req(const struct wpabuf *wps_ie)
1228f05cddf9SRui Paulo {
1229f05cddf9SRui Paulo struct wps_parse_attr attr;
1230f05cddf9SRui Paulo int wps2;
1231f05cddf9SRui Paulo
1232f05cddf9SRui Paulo if (wps_ie == NULL) {
1233f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No WPS IE in "
1234f05cddf9SRui Paulo "(Re)Association Request frame");
1235f05cddf9SRui Paulo return -1;
1236f05cddf9SRui Paulo }
1237f05cddf9SRui Paulo if (wps_parse_msg(wps_ie, &attr) < 0) {
1238f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse WPS IE in "
1239f05cddf9SRui Paulo "(Re)Association Request frame");
1240f05cddf9SRui Paulo return -1;
1241f05cddf9SRui Paulo }
1242f05cddf9SRui Paulo
1243f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1244f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1245f05cddf9SRui Paulo wps_validate_request_type(attr.request_type, 1) ||
1246f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2)) {
1247f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid (Re)Association "
1248f05cddf9SRui Paulo "Request frame");
1249f05cddf9SRui Paulo return -1;
1250f05cddf9SRui Paulo }
1251f05cddf9SRui Paulo
1252f05cddf9SRui Paulo return 0;
1253f05cddf9SRui Paulo }
1254f05cddf9SRui Paulo
1255f05cddf9SRui Paulo
wps_validate_assoc_resp(const struct wpabuf * wps_ie)1256f05cddf9SRui Paulo int wps_validate_assoc_resp(const struct wpabuf *wps_ie)
1257f05cddf9SRui Paulo {
1258f05cddf9SRui Paulo struct wps_parse_attr attr;
1259f05cddf9SRui Paulo int wps2;
1260f05cddf9SRui Paulo
1261f05cddf9SRui Paulo if (wps_ie == NULL) {
1262f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No WPS IE in "
1263f05cddf9SRui Paulo "(Re)Association Response frame");
1264f05cddf9SRui Paulo return -1;
1265f05cddf9SRui Paulo }
1266f05cddf9SRui Paulo if (wps_parse_msg(wps_ie, &attr) < 0) {
1267f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse WPS IE in "
1268f05cddf9SRui Paulo "(Re)Association Response frame");
1269f05cddf9SRui Paulo return -1;
1270f05cddf9SRui Paulo }
1271f05cddf9SRui Paulo
1272f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1273f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1274f05cddf9SRui Paulo wps_validate_response_type(attr.response_type, 1) ||
1275f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2)) {
1276f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid (Re)Association "
1277f05cddf9SRui Paulo "Response frame");
1278f05cddf9SRui Paulo return -1;
1279f05cddf9SRui Paulo }
1280f05cddf9SRui Paulo
1281f05cddf9SRui Paulo return 0;
1282f05cddf9SRui Paulo }
1283f05cddf9SRui Paulo
1284f05cddf9SRui Paulo
wps_validate_m1(const struct wpabuf * tlvs)1285f05cddf9SRui Paulo int wps_validate_m1(const struct wpabuf *tlvs)
1286f05cddf9SRui Paulo {
1287f05cddf9SRui Paulo struct wps_parse_attr attr;
1288f05cddf9SRui Paulo int wps2;
1289f05cddf9SRui Paulo
1290f05cddf9SRui Paulo if (tlvs == NULL) {
1291f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M1");
1292f05cddf9SRui Paulo return -1;
1293f05cddf9SRui Paulo }
1294f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1295f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1296f05cddf9SRui Paulo "in M1");
1297f05cddf9SRui Paulo return -1;
1298f05cddf9SRui Paulo }
1299f05cddf9SRui Paulo
1300f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1301f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1302f05cddf9SRui Paulo wps_validate_msg_type(attr.msg_type, 1) ||
1303f05cddf9SRui Paulo wps_validate_uuid_e(attr.uuid_e, 1) ||
1304f05cddf9SRui Paulo wps_validate_mac_addr(attr.mac_addr, 1) ||
1305f05cddf9SRui Paulo wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
1306f05cddf9SRui Paulo wps_validate_public_key(attr.public_key, attr.public_key_len, 1) ||
1307f05cddf9SRui Paulo wps_validate_auth_type_flags(attr.auth_type_flags, 1) ||
1308f05cddf9SRui Paulo wps_validate_encr_type_flags(attr.encr_type_flags, 1) ||
1309f05cddf9SRui Paulo wps_validate_conn_type_flags(attr.conn_type_flags, 1) ||
1310f05cddf9SRui Paulo wps_validate_config_methods(attr.config_methods, wps2, 1) ||
1311f05cddf9SRui Paulo wps_validate_wps_state(attr.wps_state, 1) ||
1312f05cddf9SRui Paulo wps_validate_manufacturer(attr.manufacturer, attr.manufacturer_len,
1313f05cddf9SRui Paulo 1) ||
1314f05cddf9SRui Paulo wps_validate_model_name(attr.model_name, attr.model_name_len, 1) ||
1315f05cddf9SRui Paulo wps_validate_model_number(attr.model_number, attr.model_number_len,
1316f05cddf9SRui Paulo 1) ||
1317f05cddf9SRui Paulo wps_validate_serial_number(attr.serial_number,
1318f05cddf9SRui Paulo attr.serial_number_len, 1) ||
1319f05cddf9SRui Paulo wps_validate_primary_dev_type(attr.primary_dev_type, 1) ||
1320f05cddf9SRui Paulo wps_validate_dev_name(attr.dev_name, attr.dev_name_len, 1) ||
1321f05cddf9SRui Paulo wps_validate_rf_bands(attr.rf_bands, 1) ||
1322f05cddf9SRui Paulo wps_validate_assoc_state(attr.assoc_state, 1) ||
1323f05cddf9SRui Paulo wps_validate_dev_password_id(attr.dev_password_id, 1) ||
1324f05cddf9SRui Paulo wps_validate_config_error(attr.config_error, 1) ||
1325f05cddf9SRui Paulo wps_validate_os_version(attr.os_version, 1) ||
1326f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2) ||
1327f05cddf9SRui Paulo wps_validate_request_to_enroll(attr.request_to_enroll, 0)) {
1328f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M1");
1329f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1330f05cddf9SRui Paulo if (wps2)
1331f05cddf9SRui Paulo return -1;
1332f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1333f05cddf9SRui Paulo return -1;
1334f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1335f05cddf9SRui Paulo }
1336f05cddf9SRui Paulo
1337f05cddf9SRui Paulo return 0;
1338f05cddf9SRui Paulo }
1339f05cddf9SRui Paulo
1340f05cddf9SRui Paulo
wps_validate_m2(const struct wpabuf * tlvs)1341f05cddf9SRui Paulo int wps_validate_m2(const struct wpabuf *tlvs)
1342f05cddf9SRui Paulo {
1343f05cddf9SRui Paulo struct wps_parse_attr attr;
1344f05cddf9SRui Paulo int wps2;
1345f05cddf9SRui Paulo
1346f05cddf9SRui Paulo if (tlvs == NULL) {
1347f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M2");
1348f05cddf9SRui Paulo return -1;
1349f05cddf9SRui Paulo }
1350f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1351f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1352f05cddf9SRui Paulo "in M2");
1353f05cddf9SRui Paulo return -1;
1354f05cddf9SRui Paulo }
1355f05cddf9SRui Paulo
1356f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1357f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1358f05cddf9SRui Paulo wps_validate_msg_type(attr.msg_type, 1) ||
1359f05cddf9SRui Paulo wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
1360f05cddf9SRui Paulo wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
1361f05cddf9SRui Paulo wps_validate_uuid_r(attr.uuid_r, 1) ||
1362f05cddf9SRui Paulo wps_validate_public_key(attr.public_key, attr.public_key_len, 1) ||
1363f05cddf9SRui Paulo wps_validate_auth_type_flags(attr.auth_type_flags, 1) ||
1364f05cddf9SRui Paulo wps_validate_encr_type_flags(attr.encr_type_flags, 1) ||
1365f05cddf9SRui Paulo wps_validate_conn_type_flags(attr.conn_type_flags, 1) ||
1366f05cddf9SRui Paulo wps_validate_config_methods(attr.config_methods, wps2, 1) ||
1367f05cddf9SRui Paulo wps_validate_manufacturer(attr.manufacturer, attr.manufacturer_len,
1368f05cddf9SRui Paulo 1) ||
1369f05cddf9SRui Paulo wps_validate_model_name(attr.model_name, attr.model_name_len, 1) ||
1370f05cddf9SRui Paulo wps_validate_model_number(attr.model_number, attr.model_number_len,
1371f05cddf9SRui Paulo 1) ||
1372f05cddf9SRui Paulo wps_validate_serial_number(attr.serial_number,
1373f05cddf9SRui Paulo attr.serial_number_len, 1) ||
1374f05cddf9SRui Paulo wps_validate_primary_dev_type(attr.primary_dev_type, 1) ||
1375f05cddf9SRui Paulo wps_validate_dev_name(attr.dev_name, attr.dev_name_len, 1) ||
1376f05cddf9SRui Paulo wps_validate_rf_bands(attr.rf_bands, 1) ||
1377f05cddf9SRui Paulo wps_validate_assoc_state(attr.assoc_state, 1) ||
1378f05cddf9SRui Paulo wps_validate_config_error(attr.config_error, 1) ||
1379f05cddf9SRui Paulo wps_validate_dev_password_id(attr.dev_password_id, 1) ||
1380f05cddf9SRui Paulo wps_validate_os_version(attr.os_version, 1) ||
1381f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2) ||
1382f05cddf9SRui Paulo wps_validate_authenticator(attr.authenticator, 1)) {
1383f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M2");
1384f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1385f05cddf9SRui Paulo if (wps2)
1386f05cddf9SRui Paulo return -1;
1387f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1388f05cddf9SRui Paulo return -1;
1389f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1390f05cddf9SRui Paulo }
1391f05cddf9SRui Paulo
1392f05cddf9SRui Paulo return 0;
1393f05cddf9SRui Paulo }
1394f05cddf9SRui Paulo
1395f05cddf9SRui Paulo
wps_validate_m2d(const struct wpabuf * tlvs)1396f05cddf9SRui Paulo int wps_validate_m2d(const struct wpabuf *tlvs)
1397f05cddf9SRui Paulo {
1398f05cddf9SRui Paulo struct wps_parse_attr attr;
1399f05cddf9SRui Paulo int wps2;
1400f05cddf9SRui Paulo
1401f05cddf9SRui Paulo if (tlvs == NULL) {
1402f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M2D");
1403f05cddf9SRui Paulo return -1;
1404f05cddf9SRui Paulo }
1405f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1406f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1407f05cddf9SRui Paulo "in M2D");
1408f05cddf9SRui Paulo return -1;
1409f05cddf9SRui Paulo }
1410f05cddf9SRui Paulo
1411f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1412f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1413f05cddf9SRui Paulo wps_validate_msg_type(attr.msg_type, 1) ||
1414f05cddf9SRui Paulo wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
1415f05cddf9SRui Paulo wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
1416f05cddf9SRui Paulo wps_validate_uuid_r(attr.uuid_r, 1) ||
1417f05cddf9SRui Paulo wps_validate_auth_type_flags(attr.auth_type_flags, 1) ||
1418f05cddf9SRui Paulo wps_validate_encr_type_flags(attr.encr_type_flags, 1) ||
1419f05cddf9SRui Paulo wps_validate_conn_type_flags(attr.conn_type_flags, 1) ||
1420f05cddf9SRui Paulo wps_validate_config_methods(attr.config_methods, wps2, 1) ||
1421f05cddf9SRui Paulo wps_validate_manufacturer(attr.manufacturer, attr.manufacturer_len,
1422f05cddf9SRui Paulo 1) ||
1423f05cddf9SRui Paulo wps_validate_model_name(attr.model_name, attr.model_name_len, 1) ||
1424f05cddf9SRui Paulo wps_validate_model_number(attr.model_number, attr.model_number_len,
1425f05cddf9SRui Paulo 1) ||
1426f05cddf9SRui Paulo wps_validate_serial_number(attr.serial_number,
1427f05cddf9SRui Paulo attr.serial_number_len, 1) ||
1428f05cddf9SRui Paulo wps_validate_primary_dev_type(attr.primary_dev_type, 1) ||
1429f05cddf9SRui Paulo wps_validate_dev_name(attr.dev_name, attr.dev_name_len, 1) ||
1430f05cddf9SRui Paulo wps_validate_rf_bands(attr.rf_bands, 1) ||
1431f05cddf9SRui Paulo wps_validate_assoc_state(attr.assoc_state, 1) ||
1432f05cddf9SRui Paulo wps_validate_config_error(attr.config_error, 1) ||
1433f05cddf9SRui Paulo wps_validate_os_version(attr.os_version, 1) ||
1434f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2)) {
1435f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M2D");
1436f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1437f05cddf9SRui Paulo if (wps2)
1438f05cddf9SRui Paulo return -1;
1439f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1440f05cddf9SRui Paulo return -1;
1441f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1442f05cddf9SRui Paulo }
1443f05cddf9SRui Paulo
1444f05cddf9SRui Paulo return 0;
1445f05cddf9SRui Paulo }
1446f05cddf9SRui Paulo
1447f05cddf9SRui Paulo
wps_validate_m3(const struct wpabuf * tlvs)1448f05cddf9SRui Paulo int wps_validate_m3(const struct wpabuf *tlvs)
1449f05cddf9SRui Paulo {
1450f05cddf9SRui Paulo struct wps_parse_attr attr;
1451f05cddf9SRui Paulo int wps2;
1452f05cddf9SRui Paulo
1453f05cddf9SRui Paulo if (tlvs == NULL) {
1454f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M3");
1455f05cddf9SRui Paulo return -1;
1456f05cddf9SRui Paulo }
1457f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1458f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1459f05cddf9SRui Paulo "in M3");
1460f05cddf9SRui Paulo return -1;
1461f05cddf9SRui Paulo }
1462f05cddf9SRui Paulo
1463f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1464f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1465f05cddf9SRui Paulo wps_validate_msg_type(attr.msg_type, 1) ||
1466f05cddf9SRui Paulo wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
1467f05cddf9SRui Paulo wps_validate_e_hash1(attr.e_hash1, 1) ||
1468f05cddf9SRui Paulo wps_validate_e_hash2(attr.e_hash2, 1) ||
1469f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2) ||
1470f05cddf9SRui Paulo wps_validate_authenticator(attr.authenticator, 1)) {
1471f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M3");
1472f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1473f05cddf9SRui Paulo if (wps2)
1474f05cddf9SRui Paulo return -1;
1475f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1476f05cddf9SRui Paulo return -1;
1477f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1478f05cddf9SRui Paulo }
1479f05cddf9SRui Paulo
1480f05cddf9SRui Paulo return 0;
1481f05cddf9SRui Paulo }
1482f05cddf9SRui Paulo
1483f05cddf9SRui Paulo
wps_validate_m4(const struct wpabuf * tlvs)1484f05cddf9SRui Paulo int wps_validate_m4(const struct wpabuf *tlvs)
1485f05cddf9SRui Paulo {
1486f05cddf9SRui Paulo struct wps_parse_attr attr;
1487f05cddf9SRui Paulo int wps2;
1488f05cddf9SRui Paulo
1489f05cddf9SRui Paulo if (tlvs == NULL) {
1490f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M4");
1491f05cddf9SRui Paulo return -1;
1492f05cddf9SRui Paulo }
1493f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1494f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1495f05cddf9SRui Paulo "in M4");
1496f05cddf9SRui Paulo return -1;
1497f05cddf9SRui Paulo }
1498f05cddf9SRui Paulo
1499f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1500f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1501f05cddf9SRui Paulo wps_validate_msg_type(attr.msg_type, 1) ||
1502f05cddf9SRui Paulo wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
1503f05cddf9SRui Paulo wps_validate_r_hash1(attr.r_hash1, 1) ||
1504f05cddf9SRui Paulo wps_validate_r_hash2(attr.r_hash2, 1) ||
1505f05cddf9SRui Paulo wps_validate_encr_settings(attr.encr_settings,
1506f05cddf9SRui Paulo attr.encr_settings_len, 1) ||
1507f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2) ||
1508f05cddf9SRui Paulo wps_validate_authenticator(attr.authenticator, 1)) {
1509f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M4");
1510f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1511f05cddf9SRui Paulo if (wps2)
1512f05cddf9SRui Paulo return -1;
1513f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1514f05cddf9SRui Paulo return -1;
1515f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1516f05cddf9SRui Paulo }
1517f05cddf9SRui Paulo
1518f05cddf9SRui Paulo return 0;
1519f05cddf9SRui Paulo }
1520f05cddf9SRui Paulo
1521f05cddf9SRui Paulo
wps_validate_m4_encr(const struct wpabuf * tlvs,int wps2)1522f05cddf9SRui Paulo int wps_validate_m4_encr(const struct wpabuf *tlvs, int wps2)
1523f05cddf9SRui Paulo {
1524f05cddf9SRui Paulo struct wps_parse_attr attr;
1525f05cddf9SRui Paulo
1526f05cddf9SRui Paulo if (tlvs == NULL) {
1527f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M4 encrypted "
1528f05cddf9SRui Paulo "settings");
1529f05cddf9SRui Paulo return -1;
1530f05cddf9SRui Paulo }
1531f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1532f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1533f05cddf9SRui Paulo "in M4 encrypted settings");
1534f05cddf9SRui Paulo return -1;
1535f05cddf9SRui Paulo }
1536f05cddf9SRui Paulo
1537f05cddf9SRui Paulo if (wps_validate_r_snonce1(attr.r_snonce1, 1) ||
1538f05cddf9SRui Paulo wps_validate_key_wrap_auth(attr.key_wrap_auth, 1)) {
1539f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M4 encrypted "
1540f05cddf9SRui Paulo "settings");
1541f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1542f05cddf9SRui Paulo if (wps2)
1543f05cddf9SRui Paulo return -1;
1544f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1545f05cddf9SRui Paulo return -1;
1546f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1547f05cddf9SRui Paulo }
1548f05cddf9SRui Paulo
1549f05cddf9SRui Paulo return 0;
1550f05cddf9SRui Paulo }
1551f05cddf9SRui Paulo
1552f05cddf9SRui Paulo
wps_validate_m5(const struct wpabuf * tlvs)1553f05cddf9SRui Paulo int wps_validate_m5(const struct wpabuf *tlvs)
1554f05cddf9SRui Paulo {
1555f05cddf9SRui Paulo struct wps_parse_attr attr;
1556f05cddf9SRui Paulo int wps2;
1557f05cddf9SRui Paulo
1558f05cddf9SRui Paulo if (tlvs == NULL) {
1559f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M5");
1560f05cddf9SRui Paulo return -1;
1561f05cddf9SRui Paulo }
1562f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1563f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1564f05cddf9SRui Paulo "in M5");
1565f05cddf9SRui Paulo return -1;
1566f05cddf9SRui Paulo }
1567f05cddf9SRui Paulo
1568f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1569f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1570f05cddf9SRui Paulo wps_validate_msg_type(attr.msg_type, 1) ||
1571f05cddf9SRui Paulo wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
1572f05cddf9SRui Paulo wps_validate_encr_settings(attr.encr_settings,
1573f05cddf9SRui Paulo attr.encr_settings_len, 1) ||
1574f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2) ||
1575f05cddf9SRui Paulo wps_validate_authenticator(attr.authenticator, 1)) {
1576f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M5");
1577f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1578f05cddf9SRui Paulo if (wps2)
1579f05cddf9SRui Paulo return -1;
1580f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1581f05cddf9SRui Paulo return -1;
1582f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1583f05cddf9SRui Paulo }
1584f05cddf9SRui Paulo
1585f05cddf9SRui Paulo return 0;
1586f05cddf9SRui Paulo }
1587f05cddf9SRui Paulo
1588f05cddf9SRui Paulo
wps_validate_m5_encr(const struct wpabuf * tlvs,int wps2)1589f05cddf9SRui Paulo int wps_validate_m5_encr(const struct wpabuf *tlvs, int wps2)
1590f05cddf9SRui Paulo {
1591f05cddf9SRui Paulo struct wps_parse_attr attr;
1592f05cddf9SRui Paulo
1593f05cddf9SRui Paulo if (tlvs == NULL) {
1594f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M5 encrypted "
1595f05cddf9SRui Paulo "settings");
1596f05cddf9SRui Paulo return -1;
1597f05cddf9SRui Paulo }
1598f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1599f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1600f05cddf9SRui Paulo "in M5 encrypted settings");
1601f05cddf9SRui Paulo return -1;
1602f05cddf9SRui Paulo }
1603f05cddf9SRui Paulo
1604f05cddf9SRui Paulo if (wps_validate_e_snonce1(attr.e_snonce1, 1) ||
1605f05cddf9SRui Paulo wps_validate_key_wrap_auth(attr.key_wrap_auth, 1)) {
1606f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M5 encrypted "
1607f05cddf9SRui Paulo "settings");
1608f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1609f05cddf9SRui Paulo if (wps2)
1610f05cddf9SRui Paulo return -1;
1611f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1612f05cddf9SRui Paulo return -1;
1613f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1614f05cddf9SRui Paulo }
1615f05cddf9SRui Paulo
1616f05cddf9SRui Paulo return 0;
1617f05cddf9SRui Paulo }
1618f05cddf9SRui Paulo
1619f05cddf9SRui Paulo
wps_validate_m6(const struct wpabuf * tlvs)1620f05cddf9SRui Paulo int wps_validate_m6(const struct wpabuf *tlvs)
1621f05cddf9SRui Paulo {
1622f05cddf9SRui Paulo struct wps_parse_attr attr;
1623f05cddf9SRui Paulo int wps2;
1624f05cddf9SRui Paulo
1625f05cddf9SRui Paulo if (tlvs == NULL) {
1626f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M6");
1627f05cddf9SRui Paulo return -1;
1628f05cddf9SRui Paulo }
1629f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1630f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1631f05cddf9SRui Paulo "in M6");
1632f05cddf9SRui Paulo return -1;
1633f05cddf9SRui Paulo }
1634f05cddf9SRui Paulo
1635f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1636f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1637f05cddf9SRui Paulo wps_validate_msg_type(attr.msg_type, 1) ||
1638f05cddf9SRui Paulo wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
1639f05cddf9SRui Paulo wps_validate_encr_settings(attr.encr_settings,
1640f05cddf9SRui Paulo attr.encr_settings_len, 1) ||
1641f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2) ||
1642f05cddf9SRui Paulo wps_validate_authenticator(attr.authenticator, 1)) {
1643f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M6");
1644f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1645f05cddf9SRui Paulo if (wps2)
1646f05cddf9SRui Paulo return -1;
1647f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1648f05cddf9SRui Paulo return -1;
1649f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1650f05cddf9SRui Paulo }
1651f05cddf9SRui Paulo
1652f05cddf9SRui Paulo return 0;
1653f05cddf9SRui Paulo }
1654f05cddf9SRui Paulo
1655f05cddf9SRui Paulo
wps_validate_m6_encr(const struct wpabuf * tlvs,int wps2)1656f05cddf9SRui Paulo int wps_validate_m6_encr(const struct wpabuf *tlvs, int wps2)
1657f05cddf9SRui Paulo {
1658f05cddf9SRui Paulo struct wps_parse_attr attr;
1659f05cddf9SRui Paulo
1660f05cddf9SRui Paulo if (tlvs == NULL) {
1661f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M6 encrypted "
1662f05cddf9SRui Paulo "settings");
1663f05cddf9SRui Paulo return -1;
1664f05cddf9SRui Paulo }
1665f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1666f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1667f05cddf9SRui Paulo "in M6 encrypted settings");
1668f05cddf9SRui Paulo return -1;
1669f05cddf9SRui Paulo }
1670f05cddf9SRui Paulo
1671f05cddf9SRui Paulo if (wps_validate_r_snonce2(attr.r_snonce2, 1) ||
1672f05cddf9SRui Paulo wps_validate_key_wrap_auth(attr.key_wrap_auth, 1)) {
1673f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M6 encrypted "
1674f05cddf9SRui Paulo "settings");
1675f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1676f05cddf9SRui Paulo if (wps2)
1677f05cddf9SRui Paulo return -1;
1678f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1679f05cddf9SRui Paulo return -1;
1680f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1681f05cddf9SRui Paulo }
1682f05cddf9SRui Paulo
1683f05cddf9SRui Paulo return 0;
1684f05cddf9SRui Paulo }
1685f05cddf9SRui Paulo
1686f05cddf9SRui Paulo
wps_validate_m7(const struct wpabuf * tlvs)1687f05cddf9SRui Paulo int wps_validate_m7(const struct wpabuf *tlvs)
1688f05cddf9SRui Paulo {
1689f05cddf9SRui Paulo struct wps_parse_attr attr;
1690f05cddf9SRui Paulo int wps2;
1691f05cddf9SRui Paulo
1692f05cddf9SRui Paulo if (tlvs == NULL) {
1693f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M7");
1694f05cddf9SRui Paulo return -1;
1695f05cddf9SRui Paulo }
1696f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1697f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1698f05cddf9SRui Paulo "in M7");
1699f05cddf9SRui Paulo return -1;
1700f05cddf9SRui Paulo }
1701f05cddf9SRui Paulo
1702f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1703f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1704f05cddf9SRui Paulo wps_validate_msg_type(attr.msg_type, 1) ||
1705f05cddf9SRui Paulo wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
1706f05cddf9SRui Paulo wps_validate_encr_settings(attr.encr_settings,
1707f05cddf9SRui Paulo attr.encr_settings_len, 1) ||
1708f05cddf9SRui Paulo wps_validate_settings_delay_time(attr.settings_delay_time, 0) ||
1709f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2) ||
1710f05cddf9SRui Paulo wps_validate_authenticator(attr.authenticator, 1)) {
1711f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M7");
1712f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1713f05cddf9SRui Paulo if (wps2)
1714f05cddf9SRui Paulo return -1;
1715f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1716f05cddf9SRui Paulo return -1;
1717f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1718f05cddf9SRui Paulo }
1719f05cddf9SRui Paulo
1720f05cddf9SRui Paulo return 0;
1721f05cddf9SRui Paulo }
1722f05cddf9SRui Paulo
1723f05cddf9SRui Paulo
wps_validate_m7_encr(const struct wpabuf * tlvs,int ap,int wps2)1724f05cddf9SRui Paulo int wps_validate_m7_encr(const struct wpabuf *tlvs, int ap, int wps2)
1725f05cddf9SRui Paulo {
1726f05cddf9SRui Paulo struct wps_parse_attr attr;
1727f05cddf9SRui Paulo
1728f05cddf9SRui Paulo if (tlvs == NULL) {
1729f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M7 encrypted "
1730f05cddf9SRui Paulo "settings");
1731f05cddf9SRui Paulo return -1;
1732f05cddf9SRui Paulo }
1733f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1734f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1735f05cddf9SRui Paulo "in M7 encrypted settings");
1736f05cddf9SRui Paulo return -1;
1737f05cddf9SRui Paulo }
1738f05cddf9SRui Paulo
1739f05cddf9SRui Paulo if (wps_validate_e_snonce2(attr.e_snonce2, 1) ||
1740f05cddf9SRui Paulo wps_validate_ssid(attr.ssid, attr.ssid_len, !ap) ||
1741f05cddf9SRui Paulo wps_validate_mac_addr(attr.mac_addr, !ap) ||
1742f05cddf9SRui Paulo wps_validate_auth_type(attr.auth_type, !ap) ||
1743f05cddf9SRui Paulo wps_validate_encr_type(attr.encr_type, !ap) ||
1744f05cddf9SRui Paulo wps_validate_network_key_index(attr.network_key_idx, 0) ||
1745f05cddf9SRui Paulo wps_validate_network_key(attr.network_key, attr.network_key_len,
1746f05cddf9SRui Paulo attr.encr_type, !ap) ||
1747f05cddf9SRui Paulo wps_validate_key_wrap_auth(attr.key_wrap_auth, 1)) {
1748f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M7 encrypted "
1749f05cddf9SRui Paulo "settings");
1750f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1751f05cddf9SRui Paulo if (wps2)
1752f05cddf9SRui Paulo return -1;
1753f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1754f05cddf9SRui Paulo return -1;
1755f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1756f05cddf9SRui Paulo }
1757f05cddf9SRui Paulo
1758f05cddf9SRui Paulo return 0;
1759f05cddf9SRui Paulo }
1760f05cddf9SRui Paulo
1761f05cddf9SRui Paulo
wps_validate_m8(const struct wpabuf * tlvs)1762f05cddf9SRui Paulo int wps_validate_m8(const struct wpabuf *tlvs)
1763f05cddf9SRui Paulo {
1764f05cddf9SRui Paulo struct wps_parse_attr attr;
1765f05cddf9SRui Paulo int wps2;
1766f05cddf9SRui Paulo
1767f05cddf9SRui Paulo if (tlvs == NULL) {
1768f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M8");
1769f05cddf9SRui Paulo return -1;
1770f05cddf9SRui Paulo }
1771f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1772f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1773f05cddf9SRui Paulo "in M8");
1774f05cddf9SRui Paulo return -1;
1775f05cddf9SRui Paulo }
1776f05cddf9SRui Paulo
1777f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1778f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1779f05cddf9SRui Paulo wps_validate_msg_type(attr.msg_type, 1) ||
1780f05cddf9SRui Paulo wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
1781f05cddf9SRui Paulo wps_validate_encr_settings(attr.encr_settings,
1782f05cddf9SRui Paulo attr.encr_settings_len, 1) ||
1783f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2) ||
1784f05cddf9SRui Paulo wps_validate_authenticator(attr.authenticator, 1)) {
1785f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M8");
1786f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1787f05cddf9SRui Paulo if (wps2)
1788f05cddf9SRui Paulo return -1;
1789f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1790f05cddf9SRui Paulo return -1;
1791f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1792f05cddf9SRui Paulo }
1793f05cddf9SRui Paulo
1794f05cddf9SRui Paulo return 0;
1795f05cddf9SRui Paulo }
1796f05cddf9SRui Paulo
1797f05cddf9SRui Paulo
wps_validate_m8_encr(const struct wpabuf * tlvs,int ap,int wps2)1798f05cddf9SRui Paulo int wps_validate_m8_encr(const struct wpabuf *tlvs, int ap, int wps2)
1799f05cddf9SRui Paulo {
1800f05cddf9SRui Paulo struct wps_parse_attr attr;
1801f05cddf9SRui Paulo
1802f05cddf9SRui Paulo if (tlvs == NULL) {
1803f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in M8 encrypted "
1804f05cddf9SRui Paulo "settings");
1805f05cddf9SRui Paulo return -1;
1806f05cddf9SRui Paulo }
1807f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1808f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1809f05cddf9SRui Paulo "in M8 encrypted settings");
1810f05cddf9SRui Paulo return -1;
1811f05cddf9SRui Paulo }
1812f05cddf9SRui Paulo
1813f05cddf9SRui Paulo if (wps_validate_ssid(attr.ssid, attr.ssid_len, ap) ||
1814f05cddf9SRui Paulo wps_validate_auth_type(attr.auth_type, ap) ||
1815f05cddf9SRui Paulo wps_validate_encr_type(attr.encr_type, ap) ||
1816f05cddf9SRui Paulo wps_validate_network_key_index(attr.network_key_idx, 0) ||
1817f05cddf9SRui Paulo wps_validate_mac_addr(attr.mac_addr, ap) ||
1818f05cddf9SRui Paulo wps_validate_credential(attr.cred, attr.cred_len, attr.num_cred,
1819f05cddf9SRui Paulo !ap) ||
1820f05cddf9SRui Paulo wps_validate_key_wrap_auth(attr.key_wrap_auth, 1)) {
1821f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M8 encrypted "
1822f05cddf9SRui Paulo "settings");
1823f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1824f05cddf9SRui Paulo if (wps2)
1825f05cddf9SRui Paulo return -1;
1826f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1827f05cddf9SRui Paulo return -1;
1828f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1829f05cddf9SRui Paulo }
1830f05cddf9SRui Paulo
1831f05cddf9SRui Paulo return 0;
1832f05cddf9SRui Paulo }
1833f05cddf9SRui Paulo
1834f05cddf9SRui Paulo
wps_validate_wsc_ack(const struct wpabuf * tlvs)1835f05cddf9SRui Paulo int wps_validate_wsc_ack(const struct wpabuf *tlvs)
1836f05cddf9SRui Paulo {
1837f05cddf9SRui Paulo struct wps_parse_attr attr;
1838f05cddf9SRui Paulo int wps2;
1839f05cddf9SRui Paulo
1840f05cddf9SRui Paulo if (tlvs == NULL) {
1841f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in WSC_ACK");
1842f05cddf9SRui Paulo return -1;
1843f05cddf9SRui Paulo }
1844f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1845f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1846f05cddf9SRui Paulo "in WSC_ACK");
1847f05cddf9SRui Paulo return -1;
1848f05cddf9SRui Paulo }
1849f05cddf9SRui Paulo
1850f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1851f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1852f05cddf9SRui Paulo wps_validate_msg_type(attr.msg_type, 1) ||
1853f05cddf9SRui Paulo wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
1854f05cddf9SRui Paulo wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
1855f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2)) {
1856f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid WSC_ACK");
1857f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1858f05cddf9SRui Paulo if (wps2)
1859f05cddf9SRui Paulo return -1;
1860f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1861f05cddf9SRui Paulo return -1;
1862f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1863f05cddf9SRui Paulo }
1864f05cddf9SRui Paulo
1865f05cddf9SRui Paulo return 0;
1866f05cddf9SRui Paulo }
1867f05cddf9SRui Paulo
1868f05cddf9SRui Paulo
wps_validate_wsc_nack(const struct wpabuf * tlvs)1869f05cddf9SRui Paulo int wps_validate_wsc_nack(const struct wpabuf *tlvs)
1870f05cddf9SRui Paulo {
1871f05cddf9SRui Paulo struct wps_parse_attr attr;
1872f05cddf9SRui Paulo int wps2;
1873f05cddf9SRui Paulo
1874f05cddf9SRui Paulo if (tlvs == NULL) {
1875f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in WSC_NACK");
1876f05cddf9SRui Paulo return -1;
1877f05cddf9SRui Paulo }
1878f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1879f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1880f05cddf9SRui Paulo "in WSC_NACK");
1881f05cddf9SRui Paulo return -1;
1882f05cddf9SRui Paulo }
1883f05cddf9SRui Paulo
1884f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1885f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1886f05cddf9SRui Paulo wps_validate_msg_type(attr.msg_type, 1) ||
1887f05cddf9SRui Paulo wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
1888f05cddf9SRui Paulo wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
1889f05cddf9SRui Paulo wps_validate_config_error(attr.config_error, 1) ||
1890f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2)) {
1891f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid WSC_NACK");
1892f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1893f05cddf9SRui Paulo if (wps2)
1894f05cddf9SRui Paulo return -1;
1895f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1896f05cddf9SRui Paulo return -1;
1897f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1898f05cddf9SRui Paulo }
1899f05cddf9SRui Paulo
1900f05cddf9SRui Paulo return 0;
1901f05cddf9SRui Paulo }
1902f05cddf9SRui Paulo
1903f05cddf9SRui Paulo
wps_validate_wsc_done(const struct wpabuf * tlvs)1904f05cddf9SRui Paulo int wps_validate_wsc_done(const struct wpabuf *tlvs)
1905f05cddf9SRui Paulo {
1906f05cddf9SRui Paulo struct wps_parse_attr attr;
1907f05cddf9SRui Paulo int wps2;
1908f05cddf9SRui Paulo
1909f05cddf9SRui Paulo if (tlvs == NULL) {
1910f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in WSC_Done");
1911f05cddf9SRui Paulo return -1;
1912f05cddf9SRui Paulo }
1913f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1914f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1915f05cddf9SRui Paulo "in WSC_Done");
1916f05cddf9SRui Paulo return -1;
1917f05cddf9SRui Paulo }
1918f05cddf9SRui Paulo
1919f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1920f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1921f05cddf9SRui Paulo wps_validate_msg_type(attr.msg_type, 1) ||
1922f05cddf9SRui Paulo wps_validate_enrollee_nonce(attr.enrollee_nonce, 1) ||
1923f05cddf9SRui Paulo wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
1924f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2)) {
1925f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid WSC_Done");
1926f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1927f05cddf9SRui Paulo if (wps2)
1928f05cddf9SRui Paulo return -1;
1929f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1930f05cddf9SRui Paulo return -1;
1931f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1932f05cddf9SRui Paulo }
1933f05cddf9SRui Paulo
1934f05cddf9SRui Paulo return 0;
1935f05cddf9SRui Paulo }
1936f05cddf9SRui Paulo
1937f05cddf9SRui Paulo
wps_validate_upnp_set_selected_registrar(const struct wpabuf * tlvs)1938f05cddf9SRui Paulo int wps_validate_upnp_set_selected_registrar(const struct wpabuf *tlvs)
1939f05cddf9SRui Paulo {
1940f05cddf9SRui Paulo struct wps_parse_attr attr;
1941f05cddf9SRui Paulo int wps2;
1942f05cddf9SRui Paulo int sel_reg;
1943f05cddf9SRui Paulo
1944f05cddf9SRui Paulo if (tlvs == NULL) {
1945f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in "
1946f05cddf9SRui Paulo "SetSelectedRegistrar");
1947f05cddf9SRui Paulo return -1;
1948f05cddf9SRui Paulo }
1949f05cddf9SRui Paulo if (wps_parse_msg(tlvs, &attr) < 0) {
1950f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
1951f05cddf9SRui Paulo "in SetSelectedRegistrar");
1952f05cddf9SRui Paulo return -1;
1953f05cddf9SRui Paulo }
1954f05cddf9SRui Paulo
1955f05cddf9SRui Paulo wps2 = attr.version2 != NULL;
1956f05cddf9SRui Paulo sel_reg = attr.selected_registrar != NULL &&
1957f05cddf9SRui Paulo *attr.selected_registrar != 0;
1958f05cddf9SRui Paulo if (wps_validate_version(attr.version, 1) ||
1959f05cddf9SRui Paulo wps_validate_dev_password_id(attr.dev_password_id, sel_reg) ||
1960f05cddf9SRui Paulo wps_validate_sel_reg_config_methods(attr.sel_reg_config_methods,
1961f05cddf9SRui Paulo wps2, sel_reg) ||
1962f05cddf9SRui Paulo wps_validate_version2(attr.version2, wps2) ||
1963f05cddf9SRui Paulo wps_validate_authorized_macs(attr.authorized_macs,
1964f05cddf9SRui Paulo attr.authorized_macs_len, wps2) ||
1965f05cddf9SRui Paulo wps_validate_uuid_r(attr.uuid_r, wps2)) {
1966f05cddf9SRui Paulo wpa_printf(MSG_INFO, "WPS-STRICT: Invalid "
1967f05cddf9SRui Paulo "SetSelectedRegistrar");
1968f05cddf9SRui Paulo #ifdef WPS_STRICT_WPS2
1969f05cddf9SRui Paulo if (wps2)
1970f05cddf9SRui Paulo return -1;
1971f05cddf9SRui Paulo #else /* WPS_STRICT_WPS2 */
1972f05cddf9SRui Paulo return -1;
1973f05cddf9SRui Paulo #endif /* WPS_STRICT_WPS2 */
1974f05cddf9SRui Paulo }
1975f05cddf9SRui Paulo
1976f05cddf9SRui Paulo return 0;
1977f05cddf9SRui Paulo }
1978