xref: /freebsd/contrib/wpa/wpa_supplicant/pasn_supplicant.c (revision 6549718b70f0e660a15685369afb4f9caf2215ce)
1 /*
2  * wpa_supplicant - PASN processing
3  *
4  * Copyright (C) 2019 Intel Corporation
5  *
6  * This software may be distributed under the terms of the BSD license.
7  * See README for more details.
8  */
9 
10 #include "includes.h"
11 
12 #include "common/ieee802_11_defs.h"
13 #include "common/ieee802_11_common.h"
14 #include "common/dragonfly.h"
15 #include "common/ptksa_cache.h"
16 #include "utils/eloop.h"
17 #include "drivers/driver.h"
18 #include "crypto/crypto.h"
19 #include "crypto/random.h"
20 #include "eap_common/eap_defs.h"
21 #include "rsn_supp/wpa.h"
22 #include "rsn_supp/pmksa_cache.h"
23 #include "wpa_supplicant_i.h"
24 #include "driver_i.h"
25 #include "bss.h"
26 #include "scan.h"
27 #include "config.h"
28 
29 static const int dot11RSNAConfigPMKLifetime = 43200;
30 
31 struct wpa_pasn_auth_work {
32 	u8 own_addr[ETH_ALEN];
33 	u8 peer_addr[ETH_ALEN];
34 	int akmp;
35 	int cipher;
36 	u16 group;
37 	int network_id;
38 	struct wpabuf *comeback;
39 };
40 
41 
42 static int wpas_pasn_send_mlme(void *ctx, const u8 *data, size_t data_len,
43 			       int noack, unsigned int freq, unsigned int wait)
44 {
45 	struct wpa_supplicant *wpa_s = ctx;
46 
47 	return wpa_drv_send_mlme(wpa_s, data, data_len, noack, freq, wait);
48 }
49 
50 
51 static void wpas_pasn_free_auth_work(struct wpa_pasn_auth_work *awork)
52 {
53 	wpabuf_free(awork->comeback);
54 	awork->comeback = NULL;
55 	os_free(awork);
56 }
57 
58 
59 static void wpas_pasn_auth_work_timeout(void *eloop_ctx, void *timeout_ctx)
60 {
61 	struct wpa_supplicant *wpa_s = eloop_ctx;
62 
63 	wpa_printf(MSG_DEBUG, "PASN: Auth work timeout - stopping auth");
64 
65 	wpas_pasn_auth_stop(wpa_s);
66 
67 	wpas_pasn_auth_work_done(wpa_s, PASN_STATUS_FAILURE);
68 }
69 
70 
71 static void wpas_pasn_cancel_auth_work(struct wpa_supplicant *wpa_s)
72 {
73 	wpa_printf(MSG_DEBUG, "PASN: Cancel pasn-start-auth work");
74 
75 	/* Remove pending/started work */
76 	radio_remove_works(wpa_s, "pasn-start-auth", 0);
77 }
78 
79 
80 static void wpas_pasn_auth_status(struct wpa_supplicant *wpa_s,
81 				  const u8 *peer_addr,
82 				  int akmp, int cipher, u8 status,
83 				  struct wpabuf *comeback,
84 				  u16 comeback_after)
85 {
86 	if (comeback) {
87 		size_t comeback_len = wpabuf_len(comeback);
88 		size_t buflen = comeback_len * 2 + 1;
89 		char *comeback_txt = os_malloc(buflen);
90 
91 		if (comeback_txt) {
92 			wpa_snprintf_hex(comeback_txt, buflen,
93 					 wpabuf_head(comeback), comeback_len);
94 
95 			wpa_msg(wpa_s, MSG_INFO, PASN_AUTH_STATUS MACSTR
96 				" akmp=%s, status=%u comeback_after=%u comeback=%s",
97 				MAC2STR(peer_addr),
98 				wpa_key_mgmt_txt(akmp, WPA_PROTO_RSN),
99 				status, comeback_after, comeback_txt);
100 
101 			os_free(comeback_txt);
102 			return;
103 		}
104 	}
105 
106 	wpa_msg(wpa_s, MSG_INFO,
107 		PASN_AUTH_STATUS MACSTR " akmp=%s, status=%u",
108 		MAC2STR(peer_addr), wpa_key_mgmt_txt(akmp, WPA_PROTO_RSN),
109 		status);
110 }
111 
112 
113 #ifdef CONFIG_SAE
114 
115 static struct sae_pt *
116 wpas_pasn_sae_derive_pt(struct wpa_ssid *ssid, int group)
117 {
118 	const char *password = ssid->sae_password;
119 	int groups[2] = { group, 0 };
120 
121 	if (!password)
122 		password = ssid->passphrase;
123 
124 	if (!password) {
125 		wpa_printf(MSG_DEBUG, "PASN: SAE without a password");
126 		return NULL;
127 	}
128 
129 	return sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
130 			    (const u8 *) password, os_strlen(password),
131 			    ssid->sae_password_id);
132 }
133 
134 
135 static int wpas_pasn_sae_setup_pt(struct wpa_ssid *ssid, int group)
136 {
137 	if (!ssid->sae_password && !ssid->passphrase) {
138 		wpa_printf(MSG_DEBUG, "PASN: SAE without a password");
139 		return -1;
140 	}
141 
142 	if (ssid->pt)
143 		return 0; /* PT already derived */
144 
145 	ssid->pt = wpas_pasn_sae_derive_pt(ssid, group);
146 
147 	return ssid->pt ? 0 : -1;
148 }
149 
150 #endif /* CONFIG_SAE */
151 
152 
153 static int wpas_pasn_get_params_from_bss(struct wpa_supplicant *wpa_s,
154 					 struct pasn_peer *peer)
155 {
156 	int ret;
157 	const u8 *rsne, *rsnxe;
158 	struct wpa_bss *bss;
159 	struct wpa_ie_data rsne_data;
160 	int sel, key_mgmt, pairwise_cipher;
161 	int network_id = 0, group = 19;
162 	struct wpa_ssid *ssid = NULL;
163 	size_t ssid_str_len = 0;
164 	const u8 *ssid_str = NULL;
165 	const u8 *peer_addr = peer->peer_addr;
166 
167 	bss = wpa_bss_get_bssid(wpa_s, peer_addr);
168 	if (!bss) {
169 		wpa_supplicant_update_scan_results(wpa_s, peer_addr);
170 		bss = wpa_bss_get_bssid(wpa_s, peer_addr);
171 		if (!bss) {
172 			wpa_printf(MSG_DEBUG, "PASN: BSS not found");
173 			return -1;
174 		}
175 	}
176 
177 	rsne = wpa_bss_get_ie(bss, WLAN_EID_RSN);
178 	if (!rsne) {
179 		wpa_printf(MSG_DEBUG, "PASN: BSS without RSNE");
180 		return -1;
181 	}
182 
183 	ret = wpa_parse_wpa_ie(rsne, *(rsne + 1) + 2, &rsne_data);
184 	if (ret) {
185 		wpa_printf(MSG_DEBUG, "PASN: Failed parsing RSNE data");
186 		return -1;
187 	}
188 
189 	rsnxe = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
190 
191 	ssid_str_len = bss->ssid_len;
192 	ssid_str = bss->ssid;
193 
194 	/* Get the network configuration based on the obtained SSID */
195 	for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
196 		if (!wpas_network_disabled(wpa_s, ssid) &&
197 		    ssid_str_len == ssid->ssid_len &&
198 		    os_memcmp(ssid_str, ssid->ssid, ssid_str_len) == 0)
199 			break;
200 	}
201 
202 	if (ssid)
203 		network_id = ssid->id;
204 
205 	sel = rsne_data.pairwise_cipher;
206 	if (ssid && ssid->pairwise_cipher)
207 		sel &= ssid->pairwise_cipher;
208 
209 	wpa_printf(MSG_DEBUG, "PASN: peer pairwise 0x%x, select 0x%x",
210 		   rsne_data.pairwise_cipher, sel);
211 
212 	pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
213 	if (pairwise_cipher < 0) {
214 		wpa_msg(wpa_s, MSG_WARNING,
215 			"PASN: Failed to select pairwise cipher");
216 		return -1;
217 	}
218 
219 	sel = rsne_data.key_mgmt;
220 	if (ssid && ssid->key_mgmt)
221 		sel &= ssid->key_mgmt;
222 
223 	wpa_printf(MSG_DEBUG, "PASN: peer AKMP 0x%x, select 0x%x",
224 		   rsne_data.key_mgmt, sel);
225 #ifdef CONFIG_SAE
226 	if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE) || !ssid)
227 		sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY |
228 			 WPA_KEY_MGMT_FT_SAE | WPA_KEY_MGMT_FT_SAE_EXT_KEY);
229 #endif /* CONFIG_SAE */
230 #ifdef CONFIG_IEEE80211R
231 	if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME |
232 				  WPA_DRIVER_FLAGS_UPDATE_FT_IES)))
233 		sel &= ~WPA_KEY_MGMT_FT;
234 #endif /* CONFIG_IEEE80211R */
235 	if (0) {
236 #ifdef CONFIG_IEEE80211R
237 #ifdef CONFIG_SHA384
238 	} else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
239 		   os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
240 		key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
241 		wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FT/802.1X-SHA384");
242 		if (ssid && !ssid->ft_eap_pmksa_caching &&
243 		    pmksa_cache_get_current(wpa_s->wpa)) {
244 			/* PMKSA caching with FT may have interoperability
245 			 * issues, so disable that case by default for now.
246 			 */
247 			wpa_printf(MSG_DEBUG,
248 				   "PASN: Disable PMKSA caching for FT/802.1X connection");
249 			pmksa_cache_clear_current(wpa_s->wpa);
250 		}
251 #endif /* CONFIG_SHA384 */
252 #endif /* CONFIG_IEEE80211R */
253 #ifdef CONFIG_SAE
254 	} else if ((sel & WPA_KEY_MGMT_SAE_EXT_KEY) &&
255 		   (ieee802_11_rsnx_capab(rsnxe,
256 					   WLAN_RSNX_CAPAB_SAE_H2E)) &&
257 		   (wpas_pasn_sae_setup_pt(ssid, group) == 0)) {
258 		key_mgmt = WPA_KEY_MGMT_SAE_EXT_KEY;
259 		wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT SAE (ext key)");
260 	} else if ((sel & WPA_KEY_MGMT_SAE) &&
261 		   (ieee802_11_rsnx_capab(rsnxe,
262 					   WLAN_RSNX_CAPAB_SAE_H2E)) &&
263 		   (wpas_pasn_sae_setup_pt(ssid, group) == 0)) {
264 		key_mgmt = WPA_KEY_MGMT_SAE;
265 		wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT SAE");
266 #endif /* CONFIG_SAE */
267 #ifdef CONFIG_FILS
268 	} else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
269 		key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
270 		wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FILS-SHA384");
271 	} else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
272 		key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
273 		wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FILS-SHA256");
274 #endif /* CONFIG_FILS */
275 #ifdef CONFIG_IEEE80211R
276 	} else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
277 		   os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
278 		key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
279 		wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FT/802.1X");
280 		if (ssid && !ssid->ft_eap_pmksa_caching &&
281 		    pmksa_cache_get_current(wpa_s->wpa)) {
282 			/* PMKSA caching with FT may have interoperability
283 			 * issues, so disable that case by default for now.
284 			 */
285 			wpa_printf(MSG_DEBUG,
286 				   "PASN: Disable PMKSA caching for FT/802.1X connection");
287 			pmksa_cache_clear_current(wpa_s->wpa);
288 		}
289 	} else if (sel & WPA_KEY_MGMT_FT_PSK) {
290 		key_mgmt = WPA_KEY_MGMT_FT_PSK;
291 		wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FT/PSK");
292 #endif /* CONFIG_IEEE80211R */
293 	} else if (sel & WPA_KEY_MGMT_PASN) {
294 		key_mgmt = WPA_KEY_MGMT_PASN;
295 		wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT PASN");
296 	} else {
297 		wpa_printf(MSG_DEBUG, "PASN: invalid AKMP");
298 		return -1;
299 	}
300 
301 	peer->akmp = key_mgmt;
302 	peer->cipher = pairwise_cipher;
303 	peer->network_id = network_id;
304 	peer->group = group;
305 	return 0;
306 }
307 
308 
309 static int wpas_pasn_set_keys_from_cache(struct wpa_supplicant *wpa_s,
310 					 const u8 *own_addr,
311 					 const u8 *peer_addr,
312 					 int cipher, int akmp)
313 {
314 	struct ptksa_cache_entry *entry;
315 
316 	entry = ptksa_cache_get(wpa_s->ptksa, peer_addr, cipher);
317 	if (!entry) {
318 		wpa_printf(MSG_DEBUG, "PASN: peer " MACSTR
319 			   " not present in PTKSA cache", MAC2STR(peer_addr));
320 		return -1;
321 	}
322 
323 	if (!ether_addr_equal(entry->own_addr, own_addr)) {
324 		wpa_printf(MSG_DEBUG,
325 			   "PASN: own addr " MACSTR " and PTKSA entry own addr "
326 			   MACSTR " differ",
327 			   MAC2STR(own_addr), MAC2STR(entry->own_addr));
328 		return -1;
329 	}
330 
331 	wpa_printf(MSG_DEBUG, "PASN: " MACSTR " present in PTKSA cache",
332 		   MAC2STR(peer_addr));
333 	wpa_drv_set_secure_ranging_ctx(wpa_s, own_addr, peer_addr, cipher,
334 				       entry->ptk.tk_len,
335 				       entry->ptk.tk,
336 				       entry->ptk.ltf_keyseed_len,
337 				       entry->ptk.ltf_keyseed, 0);
338 	return 0;
339 }
340 
341 
342 static void wpas_pasn_configure_next_peer(struct wpa_supplicant *wpa_s,
343 					  struct pasn_auth *pasn_params)
344 {
345 	struct pasn_peer *peer;
346 	u8 comeback_len = 0;
347 	const u8 *comeback = NULL;
348 
349 	if (!pasn_params)
350 		return;
351 
352 	while (wpa_s->pasn_count < pasn_params->num_peers) {
353 		peer = &pasn_params->peer[wpa_s->pasn_count];
354 
355 		if (ether_addr_equal(wpa_s->bssid, peer->peer_addr)) {
356 			wpa_printf(MSG_DEBUG,
357 				   "PASN: Associated peer is not expected");
358 			peer->status = PASN_STATUS_FAILURE;
359 			wpa_s->pasn_count++;
360 			continue;
361 		}
362 
363 		if (wpas_pasn_set_keys_from_cache(wpa_s, peer->own_addr,
364 						  peer->peer_addr,
365 						  peer->cipher,
366 						  peer->akmp) == 0) {
367 			peer->status = PASN_STATUS_SUCCESS;
368 			wpa_s->pasn_count++;
369 			continue;
370 		}
371 
372 		if (wpas_pasn_get_params_from_bss(wpa_s, peer)) {
373 			peer->status = PASN_STATUS_FAILURE;
374 			wpa_s->pasn_count++;
375 			continue;
376 		}
377 
378 		if (wpas_pasn_auth_start(wpa_s, peer->own_addr,
379 					 peer->peer_addr, peer->akmp,
380 					 peer->cipher, peer->group,
381 					 peer->network_id,
382 					 comeback, comeback_len)) {
383 			peer->status = PASN_STATUS_FAILURE;
384 			wpa_s->pasn_count++;
385 			continue;
386 		}
387 		wpa_printf(MSG_DEBUG, "PASN: Sent PASN auth start for " MACSTR,
388 			   MAC2STR(peer->peer_addr));
389 		return;
390 	}
391 
392 	if (wpa_s->pasn_count == pasn_params->num_peers) {
393 		wpa_drv_send_pasn_resp(wpa_s, pasn_params);
394 		wpa_printf(MSG_DEBUG, "PASN: Response sent");
395 		os_free(wpa_s->pasn_params);
396 		wpa_s->pasn_params = NULL;
397 	}
398 }
399 
400 
401 void wpas_pasn_auth_work_done(struct wpa_supplicant *wpa_s, int status)
402 {
403 	if (!wpa_s->pasn_params)
404 		return;
405 
406 	wpa_s->pasn_params->peer[wpa_s->pasn_count].status = status;
407 	wpa_s->pasn_count++;
408 	wpas_pasn_configure_next_peer(wpa_s, wpa_s->pasn_params);
409 }
410 
411 
412 static void wpas_pasn_delete_peers(struct wpa_supplicant *wpa_s,
413 				   struct pasn_auth *pasn_params)
414 {
415 	struct pasn_peer *peer;
416 	unsigned int i;
417 
418 	if (!pasn_params)
419 		return;
420 
421 	for (i = 0; i < pasn_params->num_peers; i++) {
422 		peer = &pasn_params->peer[i];
423 		ptksa_cache_flush(wpa_s->ptksa, peer->peer_addr,
424 				  WPA_CIPHER_NONE);
425 	}
426 }
427 
428 
429 #ifdef CONFIG_FILS
430 static void wpas_pasn_initiate_eapol(struct pasn_data *pasn,
431 				     struct wpa_ssid *ssid)
432 {
433 	struct eapol_config eapol_conf;
434 
435 	wpa_printf(MSG_DEBUG, "PASN: FILS: Initiating EAPOL");
436 
437 	eapol_sm_notify_eap_success(pasn->eapol, false);
438 	eapol_sm_notify_eap_fail(pasn->eapol, false);
439 	eapol_sm_notify_portControl(pasn->eapol, Auto);
440 
441 	os_memset(&eapol_conf, 0, sizeof(eapol_conf));
442 	eapol_conf.fast_reauth = pasn->fast_reauth;
443 	eapol_conf.workaround = ssid->eap_workaround;
444 
445 	eapol_sm_notify_config(pasn->eapol, &ssid->eap, &eapol_conf);
446 }
447 #endif /* CONFIG_FILS */
448 
449 
450 static void wpas_pasn_reset(struct wpa_supplicant *wpa_s)
451 {
452 	struct pasn_data *pasn = &wpa_s->pasn;
453 
454 	wpas_pasn_cancel_auth_work(wpa_s);
455 	wpa_s->pasn_auth_work = NULL;
456 	eloop_cancel_timeout(wpas_pasn_auth_work_timeout, wpa_s, NULL);
457 
458 	wpa_pasn_reset(pasn);
459 }
460 
461 
462 static struct wpa_bss * wpas_pasn_allowed(struct wpa_supplicant *wpa_s,
463 					  const u8 *peer_addr, int akmp,
464 					  int cipher)
465 {
466 	struct wpa_bss *bss;
467 	const u8 *rsne;
468 	struct wpa_ie_data rsne_data;
469 	int ret;
470 
471 	if (ether_addr_equal(wpa_s->bssid, peer_addr)) {
472 		wpa_printf(MSG_DEBUG,
473 			   "PASN: Not doing authentication with current BSS");
474 		return NULL;
475 	}
476 
477 	bss = wpa_bss_get_bssid_latest(wpa_s, peer_addr);
478 	if (!bss) {
479 		wpa_printf(MSG_DEBUG, "PASN: BSS not found");
480 		return NULL;
481 	}
482 
483 	rsne = wpa_bss_get_ie(bss, WLAN_EID_RSN);
484 	if (!rsne) {
485 		wpa_printf(MSG_DEBUG, "PASN: BSS without RSNE");
486 		return NULL;
487 	}
488 
489 	ret = wpa_parse_wpa_ie(rsne, *(rsne + 1) + 2, &rsne_data);
490 	if (ret) {
491 		wpa_printf(MSG_DEBUG, "PASN: Failed parsing RSNE data");
492 		return NULL;
493 	}
494 
495 	if (!(rsne_data.key_mgmt & akmp) ||
496 	    !(rsne_data.pairwise_cipher & cipher)) {
497 		wpa_printf(MSG_DEBUG,
498 			   "PASN: AP does not support requested AKMP or cipher");
499 		return NULL;
500 	}
501 
502 	return bss;
503 }
504 
505 
506 static void wpas_pasn_auth_start_cb(struct wpa_radio_work *work, int deinit)
507 {
508 	struct wpa_supplicant *wpa_s = work->wpa_s;
509 	struct wpa_pasn_auth_work *awork = work->ctx;
510 	struct pasn_data *pasn = &wpa_s->pasn;
511 	struct wpa_ssid *ssid;
512 	struct wpa_bss *bss;
513 	const u8 *rsne, *rsnxe;
514 #ifdef CONFIG_FILS
515 	const u8 *indic;
516 	u16 fils_info;
517 #endif /* CONFIG_FILS */
518 	u16 capab = 0;
519 	bool derive_kdk;
520 	int ret;
521 
522 	wpa_printf(MSG_DEBUG, "PASN: auth_start_cb: deinit=%d", deinit);
523 
524 	if (deinit) {
525 		if (work->started) {
526 			eloop_cancel_timeout(wpas_pasn_auth_work_timeout,
527 					     wpa_s, NULL);
528 			wpa_s->pasn_auth_work = NULL;
529 		}
530 
531 		wpas_pasn_free_auth_work(awork);
532 		return;
533 	}
534 
535 	/*
536 	 * It is possible that by the time the callback is called, the PASN
537 	 * authentication is not allowed, e.g., a connection with the AP was
538 	 * established.
539 	 */
540 	bss = wpas_pasn_allowed(wpa_s, awork->peer_addr, awork->akmp,
541 				awork->cipher);
542 	if (!bss) {
543 		wpa_printf(MSG_DEBUG, "PASN: auth_start_cb: Not allowed");
544 		goto fail;
545 	}
546 
547 	rsne = wpa_bss_get_ie(bss, WLAN_EID_RSN);
548 	if (!rsne) {
549 		wpa_printf(MSG_DEBUG, "PASN: BSS without RSNE");
550 		goto fail;
551 	}
552 
553 	rsnxe = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
554 
555 	derive_kdk = (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF_STA) &&
556 		ieee802_11_rsnx_capab(rsnxe,
557 				      WLAN_RSNX_CAPAB_SECURE_LTF);
558 #ifdef CONFIG_TESTING_OPTIONS
559 	if (!derive_kdk)
560 		derive_kdk = wpa_s->conf->force_kdk_derivation;
561 #endif /* CONFIG_TESTING_OPTIONS */
562 	if (derive_kdk)
563 		pasn_enable_kdk_derivation(pasn);
564 	else
565 		pasn_disable_kdk_derivation(pasn);
566 
567 	wpa_printf(MSG_DEBUG, "PASN: kdk_len=%zu", pasn->kdk_len);
568 
569 	if ((wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF_STA) &&
570 	    ieee802_11_rsnx_capab(rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF))
571 		pasn->secure_ltf = true;
572 	else
573 		pasn->secure_ltf = false;
574 
575 #ifdef CONFIG_TESTING_OPTIONS
576 	pasn->corrupt_mic = wpa_s->conf->pasn_corrupt_mic;
577 #endif /* CONFIG_TESTING_OPTIONS */
578 
579 	capab |= BIT(WLAN_RSNX_CAPAB_SAE_H2E);
580 	if (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF_STA)
581 		capab |= BIT(WLAN_RSNX_CAPAB_SECURE_LTF);
582 	if (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_RTT_STA)
583 		capab |= BIT(WLAN_RSNX_CAPAB_SECURE_RTT);
584 	if (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_PROT_RANGE_NEG_STA)
585 		capab |= BIT(WLAN_RSNX_CAPAB_URNM_MFPR);
586 	pasn_set_rsnxe_caps(pasn, capab);
587 	pasn_register_callbacks(pasn, wpa_s, wpas_pasn_send_mlme, NULL);
588 	ssid = wpa_config_get_network(wpa_s->conf, awork->network_id);
589 
590 #ifdef CONFIG_SAE
591 	if (awork->akmp == WPA_KEY_MGMT_SAE) {
592 		if (!ssid) {
593 			wpa_printf(MSG_DEBUG,
594 				   "PASN: No network profile found for SAE");
595 			goto fail;
596 		}
597 		pasn_set_pt(pasn, wpas_pasn_sae_derive_pt(ssid, awork->group));
598 		if (!pasn->pt) {
599 			wpa_printf(MSG_DEBUG, "PASN: Failed to derive PT");
600 			goto fail;
601 		}
602 		pasn->network_id = ssid->id;
603 	}
604 #endif /* CONFIG_SAE */
605 
606 #ifdef CONFIG_FILS
607 	/* Prepare needed information for wpas_pasn_wd_fils_auth(). */
608 	if (awork->akmp == WPA_KEY_MGMT_FILS_SHA256 ||
609 	    awork->akmp == WPA_KEY_MGMT_FILS_SHA384) {
610 		indic = wpa_bss_get_ie(bss, WLAN_EID_FILS_INDICATION);
611 		if (!ssid) {
612 			wpa_printf(MSG_DEBUG, "PASN: FILS: No network block");
613 		} else if (!indic || indic[1] < 2) {
614 			wpa_printf(MSG_DEBUG,
615 				   "PASN: Missing FILS Indication IE");
616 		} else {
617 			fils_info = WPA_GET_LE16(indic + 2);
618 			if ((fils_info & BIT(9)) && ssid) {
619 				pasn->eapol = wpa_s->eapol;
620 				pasn->network_id = ssid->id;
621 				wpas_pasn_initiate_eapol(pasn, ssid);
622 				pasn->fils_eapol = true;
623 			} else {
624 				wpa_printf(MSG_DEBUG,
625 					   "PASN: FILS auth without PFS not supported");
626 			}
627 		}
628 		pasn->fast_reauth = wpa_s->conf->fast_reauth;
629 	}
630 #endif /* CONFIG_FILS */
631 
632 	pasn_set_initiator_pmksa(pasn, wpa_sm_get_pmksa_cache(wpa_s->wpa));
633 
634 	if (wpa_key_mgmt_ft(awork->akmp)) {
635 #ifdef CONFIG_IEEE80211R
636 		ret = wpa_pasn_ft_derive_pmk_r1(wpa_s->wpa, awork->akmp,
637 						awork->peer_addr,
638 						pasn->pmk_r1,
639 						&pasn->pmk_r1_len,
640 						pasn->pmk_r1_name);
641 		if (ret) {
642 			wpa_printf(MSG_DEBUG,
643 				   "PASN: FT: Failed to derive keys");
644 			goto fail;
645 		}
646 #else /* CONFIG_IEEE80211R */
647 		goto fail;
648 #endif /* CONFIG_IEEE80211R */
649 	}
650 
651 
652 	ret = wpas_pasn_start(pasn, awork->own_addr, awork->peer_addr,
653 			      awork->peer_addr, awork->akmp, awork->cipher,
654 			      awork->group, bss->freq, rsne, *(rsne + 1) + 2,
655 			      rsnxe, rsnxe ? *(rsnxe + 1) + 2 : 0,
656 			      awork->comeback);
657 	if (ret) {
658 		wpa_printf(MSG_DEBUG,
659 			   "PASN: Failed to start PASN authentication");
660 		goto fail;
661 	}
662 	eloop_register_timeout(2, 0, wpas_pasn_auth_work_timeout, wpa_s, NULL);
663 
664 	/* comeback token is no longer needed at this stage */
665 	wpabuf_free(awork->comeback);
666 	awork->comeback = NULL;
667 
668 	wpa_s->pasn_auth_work = work;
669 	return;
670 fail:
671 	wpas_pasn_free_auth_work(awork);
672 	work->ctx = NULL;
673 	radio_work_done(work);
674 }
675 
676 
677 int wpas_pasn_auth_start(struct wpa_supplicant *wpa_s,
678 			 const u8 *own_addr, const u8 *peer_addr,
679 			 int akmp, int cipher, u16 group, int network_id,
680 			 const u8 *comeback, size_t comeback_len)
681 {
682 	struct wpa_pasn_auth_work *awork;
683 	struct wpa_bss *bss;
684 
685 	wpa_printf(MSG_DEBUG, "PASN: Start: " MACSTR " akmp=0x%x, cipher=0x%x",
686 		   MAC2STR(peer_addr), akmp, cipher);
687 
688 	/*
689 	 * TODO: Consider modifying the offchannel logic to handle additional
690 	 * Management frames other then Action frames. For now allow PASN only
691 	 * with drivers that support off-channel TX.
692 	 */
693 	if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX)) {
694 		wpa_printf(MSG_DEBUG,
695 			   "PASN: Driver does not support offchannel TX");
696 		return -1;
697 	}
698 
699 	if (radio_work_pending(wpa_s, "pasn-start-auth")) {
700 		wpa_printf(MSG_DEBUG,
701 			   "PASN: send_auth: Work is already pending");
702 		return -1;
703 	}
704 
705 	if (wpa_s->pasn_auth_work) {
706 		wpa_printf(MSG_DEBUG, "PASN: send_auth: Already in progress");
707 		return -1;
708 	}
709 
710 	bss = wpas_pasn_allowed(wpa_s, peer_addr, akmp, cipher);
711 	if (!bss)
712 		return -1;
713 
714 	wpas_pasn_reset(wpa_s);
715 
716 	awork = os_zalloc(sizeof(*awork));
717 	if (!awork)
718 		return -1;
719 
720 	os_memcpy(awork->own_addr, own_addr, ETH_ALEN);
721 	os_memcpy(awork->peer_addr, peer_addr, ETH_ALEN);
722 	awork->akmp = akmp;
723 	awork->cipher = cipher;
724 	awork->group = group;
725 	awork->network_id = network_id;
726 
727 	if (comeback && comeback_len) {
728 		awork->comeback = wpabuf_alloc_copy(comeback, comeback_len);
729 		if (!awork->comeback) {
730 			wpas_pasn_free_auth_work(awork);
731 			return -1;
732 		}
733 	}
734 
735 	if (radio_add_work(wpa_s, bss->freq, "pasn-start-auth", 1,
736 			   wpas_pasn_auth_start_cb, awork) < 0) {
737 		wpas_pasn_free_auth_work(awork);
738 		return -1;
739 	}
740 
741 	wpa_printf(MSG_DEBUG, "PASN: Auth work successfully added");
742 	return 0;
743 }
744 
745 
746 void wpas_pasn_auth_stop(struct wpa_supplicant *wpa_s)
747 {
748 	struct pasn_data *pasn = &wpa_s->pasn;
749 
750 	if (!wpa_s->pasn.ecdh)
751 		return;
752 
753 	wpa_printf(MSG_DEBUG, "PASN: Stopping authentication");
754 
755 	wpas_pasn_auth_status(wpa_s, pasn->peer_addr, pasn_get_akmp(pasn),
756 			      pasn_get_cipher(pasn),
757 			      pasn->status, pasn->comeback,
758 			      pasn->comeback_after);
759 
760 	wpas_pasn_reset(wpa_s);
761 }
762 
763 
764 static int wpas_pasn_immediate_retry(struct wpa_supplicant *wpa_s,
765 				     struct pasn_data *pasn,
766 				     struct wpa_pasn_params_data *params)
767 {
768 	int akmp = pasn_get_akmp(pasn);
769 	int cipher = pasn_get_cipher(pasn);
770 	u16 group = pasn->group;
771 	u8 own_addr[ETH_ALEN];
772 	u8 peer_addr[ETH_ALEN];
773 
774 	wpa_printf(MSG_DEBUG, "PASN: Immediate retry");
775 	os_memcpy(own_addr, pasn->own_addr, ETH_ALEN);
776 	os_memcpy(peer_addr, pasn->peer_addr, ETH_ALEN);
777 	wpas_pasn_reset(wpa_s);
778 
779 	return wpas_pasn_auth_start(wpa_s, own_addr, peer_addr, akmp, cipher,
780 				    group, pasn->network_id,
781 				    params->comeback, params->comeback_len);
782 }
783 
784 
785 static void wpas_pasn_deauth_cb(struct ptksa_cache_entry *entry)
786 {
787 	struct wpa_supplicant *wpa_s = entry->ctx;
788 	u8 own_addr[ETH_ALEN];
789 	u8 peer_addr[ETH_ALEN];
790 
791 	/* Use a copy of the addresses from the entry to avoid issues with the
792 	 * entry getting freed during deauthentication processing. */
793 	os_memcpy(own_addr, entry->own_addr, ETH_ALEN);
794 	os_memcpy(peer_addr, entry->addr, ETH_ALEN);
795 	wpas_pasn_deauthenticate(wpa_s, own_addr, peer_addr);
796 }
797 
798 
799 int wpas_pasn_auth_rx(struct wpa_supplicant *wpa_s,
800 		      const struct ieee80211_mgmt *mgmt, size_t len)
801 {
802 	struct pasn_data *pasn = &wpa_s->pasn;
803 	struct wpa_pasn_params_data pasn_data;
804 	int ret;
805 
806 	if (!wpa_s->pasn_auth_work)
807 		return -2;
808 
809 	pasn_register_callbacks(pasn, wpa_s, wpas_pasn_send_mlme, NULL);
810 	ret = wpa_pasn_auth_rx(pasn, (const u8 *) mgmt, len, &pasn_data);
811 	if (ret == 0) {
812 		ptksa_cache_add(wpa_s->ptksa, pasn->own_addr, pasn->peer_addr,
813 				pasn_get_cipher(pasn),
814 				dot11RSNAConfigPMKLifetime,
815 				pasn_get_ptk(pasn),
816 				wpa_s->pasn_params ? wpas_pasn_deauth_cb : NULL,
817 				wpa_s->pasn_params ? wpa_s : NULL,
818 				pasn_get_akmp(pasn));
819 
820 		if (pasn->pmksa_entry)
821 			wpa_sm_set_cur_pmksa(wpa_s->wpa, pasn->pmksa_entry);
822 	}
823 
824 	forced_memzero(pasn_get_ptk(pasn), sizeof(pasn->ptk));
825 
826 	if (ret == -1) {
827 		wpas_pasn_auth_stop(wpa_s);
828 		wpas_pasn_auth_work_done(wpa_s, PASN_STATUS_FAILURE);
829 	}
830 
831 	if (ret == 1)
832 		ret = wpas_pasn_immediate_retry(wpa_s, pasn, &pasn_data);
833 
834 	return ret;
835 }
836 
837 
838 void wpas_pasn_auth_trigger(struct wpa_supplicant *wpa_s,
839 			    struct pasn_auth *pasn_auth)
840 {
841 	struct pasn_peer *src, *dst;
842 	unsigned int i, num_peers = pasn_auth->num_peers;
843 
844 	if (wpa_s->pasn_params) {
845 		wpa_printf(MSG_DEBUG,
846 			   "PASN: auth_trigger: Already in progress");
847 		return;
848 	}
849 
850 	if (!num_peers || num_peers > WPAS_MAX_PASN_PEERS) {
851 		wpa_printf(MSG_DEBUG,
852 			   "PASN: auth trigger: Invalid number of peers");
853 		return;
854 	}
855 
856 	wpa_s->pasn_params = os_zalloc(sizeof(struct pasn_auth));
857 	if (!wpa_s->pasn_params) {
858 		wpa_printf(MSG_DEBUG,
859 			   "PASN: auth trigger: Failed to allocate a buffer");
860 		return;
861 	}
862 
863 	wpa_s->pasn_count = 0;
864 	wpa_s->pasn_params->num_peers = num_peers;
865 
866 	for (i = 0; i < num_peers; i++) {
867 		dst = &wpa_s->pasn_params->peer[i];
868 		src = &pasn_auth->peer[i];
869 		os_memcpy(dst->own_addr, wpa_s->own_addr, ETH_ALEN);
870 		os_memcpy(dst->peer_addr, src->peer_addr, ETH_ALEN);
871 		dst->ltf_keyseed_required = src->ltf_keyseed_required;
872 		dst->status = PASN_STATUS_SUCCESS;
873 
874 		if (!is_zero_ether_addr(src->own_addr)) {
875 			os_memcpy(dst->own_addr, src->own_addr, ETH_ALEN);
876 			wpa_printf(MSG_DEBUG, "PASN: Own (source) MAC addr: "
877 				   MACSTR, MAC2STR(dst->own_addr));
878 		}
879 	}
880 
881 	if (pasn_auth->action == PASN_ACTION_DELETE_SECURE_RANGING_CONTEXT) {
882 		wpas_pasn_delete_peers(wpa_s, wpa_s->pasn_params);
883 		os_free(wpa_s->pasn_params);
884 		wpa_s->pasn_params = NULL;
885 	} else if (pasn_auth->action == PASN_ACTION_AUTH) {
886 		wpas_pasn_configure_next_peer(wpa_s, wpa_s->pasn_params);
887 	}
888 }
889 
890 
891 int wpas_pasn_auth_tx_status(struct wpa_supplicant *wpa_s,
892 			     const u8 *data, size_t data_len, u8 acked)
893 
894 {
895 	struct pasn_data *pasn = &wpa_s->pasn;
896 	int ret;
897 
898 	if (!wpa_s->pasn_auth_work) {
899 		wpa_printf(MSG_DEBUG,
900 			   "PASN: auth_tx_status: no work in progress");
901 		return -1;
902 	}
903 
904 	ret = wpa_pasn_auth_tx_status(pasn, data, data_len, acked);
905 	if (ret != 1)
906 		return ret;
907 
908 	if (!wpa_s->pasn_params) {
909 		wpas_pasn_auth_stop(wpa_s);
910 		return 0;
911 	}
912 
913 	wpas_pasn_set_keys_from_cache(wpa_s, pasn->own_addr, pasn->peer_addr,
914 				      pasn_get_cipher(pasn),
915 				      pasn_get_akmp(pasn));
916 	wpas_pasn_auth_stop(wpa_s);
917 	wpas_pasn_auth_work_done(wpa_s, PASN_STATUS_SUCCESS);
918 
919 	return 0;
920 }
921 
922 
923 int wpas_pasn_deauthenticate(struct wpa_supplicant *wpa_s, const u8 *own_addr,
924 			     const u8 *peer_addr)
925 {
926 	struct wpa_bss *bss;
927 	struct wpabuf *buf;
928 	struct ieee80211_mgmt *deauth;
929 	int ret;
930 
931 	if (ether_addr_equal(wpa_s->bssid, peer_addr)) {
932 		wpa_printf(MSG_DEBUG,
933 			   "PASN: Cannot deauthenticate from current BSS");
934 		return -1;
935 	}
936 
937 	wpa_drv_set_secure_ranging_ctx(wpa_s, own_addr, peer_addr, 0, 0, NULL,
938 				       0, NULL, 1);
939 
940 	wpa_printf(MSG_DEBUG, "PASN: deauth: Flushing all PTKSA entries for "
941 		   MACSTR, MAC2STR(peer_addr));
942 	ptksa_cache_flush(wpa_s->ptksa, peer_addr, WPA_CIPHER_NONE);
943 
944 	bss = wpa_bss_get_bssid(wpa_s, peer_addr);
945 	if (!bss) {
946 		wpa_printf(MSG_DEBUG, "PASN: deauth: BSS not found");
947 		return -1;
948 	}
949 
950 	buf = wpabuf_alloc(64);
951 	if (!buf) {
952 		wpa_printf(MSG_DEBUG, "PASN: deauth: Failed wpabuf allocate");
953 		return -1;
954 	}
955 
956 	deauth = wpabuf_put(buf, offsetof(struct ieee80211_mgmt,
957 					  u.deauth.variable));
958 
959 	deauth->frame_control = host_to_le16((WLAN_FC_TYPE_MGMT << 2) |
960 					     (WLAN_FC_STYPE_DEAUTH << 4));
961 
962 	os_memcpy(deauth->da, peer_addr, ETH_ALEN);
963 	os_memcpy(deauth->sa, own_addr, ETH_ALEN);
964 	os_memcpy(deauth->bssid, peer_addr, ETH_ALEN);
965 	deauth->u.deauth.reason_code =
966 		host_to_le16(WLAN_REASON_PREV_AUTH_NOT_VALID);
967 
968 	/*
969 	 * Since we do not expect any response from the AP, implement the
970 	 * Deauthentication frame transmission using direct call to the driver
971 	 * without a radio work.
972 	 */
973 	ret = wpa_drv_send_mlme(wpa_s, wpabuf_head(buf), wpabuf_len(buf), 1,
974 				bss->freq, 0);
975 
976 	wpabuf_free(buf);
977 	wpa_printf(MSG_DEBUG, "PASN: deauth: send_mlme ret=%d", ret);
978 
979 	return ret;
980 }
981