1 /* 2 * wpa_supplicant - PASN processing 3 * 4 * Copyright (C) 2019 Intel Corporation 5 * 6 * This software may be distributed under the terms of the BSD license. 7 * See README for more details. 8 */ 9 10 #include "includes.h" 11 12 #include "common/ieee802_11_defs.h" 13 #include "common/ieee802_11_common.h" 14 #include "common/dragonfly.h" 15 #include "common/ptksa_cache.h" 16 #include "utils/eloop.h" 17 #include "drivers/driver.h" 18 #include "crypto/crypto.h" 19 #include "crypto/random.h" 20 #include "eap_common/eap_defs.h" 21 #include "rsn_supp/wpa.h" 22 #include "rsn_supp/pmksa_cache.h" 23 #include "wpa_supplicant_i.h" 24 #include "driver_i.h" 25 #include "bss.h" 26 #include "scan.h" 27 #include "config.h" 28 29 static const int dot11RSNAConfigPMKLifetime = 43200; 30 31 struct wpa_pasn_auth_work { 32 u8 own_addr[ETH_ALEN]; 33 u8 peer_addr[ETH_ALEN]; 34 int akmp; 35 int cipher; 36 u16 group; 37 int network_id; 38 struct wpabuf *comeback; 39 }; 40 41 42 static int wpas_pasn_send_mlme(void *ctx, const u8 *data, size_t data_len, 43 int noack, unsigned int freq, unsigned int wait) 44 { 45 struct wpa_supplicant *wpa_s = ctx; 46 47 return wpa_drv_send_mlme(wpa_s, data, data_len, noack, freq, wait); 48 } 49 50 51 static void wpas_pasn_free_auth_work(struct wpa_pasn_auth_work *awork) 52 { 53 wpabuf_free(awork->comeback); 54 awork->comeback = NULL; 55 os_free(awork); 56 } 57 58 59 static void wpas_pasn_auth_work_timeout(void *eloop_ctx, void *timeout_ctx) 60 { 61 struct wpa_supplicant *wpa_s = eloop_ctx; 62 63 wpa_printf(MSG_DEBUG, "PASN: Auth work timeout - stopping auth"); 64 65 wpas_pasn_auth_stop(wpa_s); 66 67 wpas_pasn_auth_work_done(wpa_s, PASN_STATUS_FAILURE); 68 } 69 70 71 static void wpas_pasn_cancel_auth_work(struct wpa_supplicant *wpa_s) 72 { 73 wpa_printf(MSG_DEBUG, "PASN: Cancel pasn-start-auth work"); 74 75 /* Remove pending/started work */ 76 radio_remove_works(wpa_s, "pasn-start-auth", 0); 77 } 78 79 80 static void wpas_pasn_auth_status(struct wpa_supplicant *wpa_s, 81 const u8 *peer_addr, 82 int akmp, int cipher, u8 status, 83 struct wpabuf *comeback, 84 u16 comeback_after) 85 { 86 if (comeback) { 87 size_t comeback_len = wpabuf_len(comeback); 88 size_t buflen = comeback_len * 2 + 1; 89 char *comeback_txt = os_malloc(buflen); 90 91 if (comeback_txt) { 92 wpa_snprintf_hex(comeback_txt, buflen, 93 wpabuf_head(comeback), comeback_len); 94 95 wpa_msg(wpa_s, MSG_INFO, PASN_AUTH_STATUS MACSTR 96 " akmp=%s, status=%u comeback_after=%u comeback=%s", 97 MAC2STR(peer_addr), 98 wpa_key_mgmt_txt(akmp, WPA_PROTO_RSN), 99 status, comeback_after, comeback_txt); 100 101 os_free(comeback_txt); 102 return; 103 } 104 } 105 106 wpa_msg(wpa_s, MSG_INFO, 107 PASN_AUTH_STATUS MACSTR " akmp=%s, status=%u", 108 MAC2STR(peer_addr), wpa_key_mgmt_txt(akmp, WPA_PROTO_RSN), 109 status); 110 } 111 112 113 #ifdef CONFIG_SAE 114 115 static struct sae_pt * 116 wpas_pasn_sae_derive_pt(struct wpa_ssid *ssid, int group) 117 { 118 const char *password = ssid->sae_password; 119 int groups[2] = { group, 0 }; 120 121 if (!password) 122 password = ssid->passphrase; 123 124 if (!password) { 125 wpa_printf(MSG_DEBUG, "PASN: SAE without a password"); 126 return NULL; 127 } 128 129 return sae_derive_pt(groups, ssid->ssid, ssid->ssid_len, 130 (const u8 *) password, os_strlen(password), 131 ssid->sae_password_id); 132 } 133 134 135 static int wpas_pasn_sae_setup_pt(struct wpa_ssid *ssid, int group) 136 { 137 if (!ssid->sae_password && !ssid->passphrase) { 138 wpa_printf(MSG_DEBUG, "PASN: SAE without a password"); 139 return -1; 140 } 141 142 if (ssid->pt) 143 return 0; /* PT already derived */ 144 145 ssid->pt = wpas_pasn_sae_derive_pt(ssid, group); 146 147 return ssid->pt ? 0 : -1; 148 } 149 150 #endif /* CONFIG_SAE */ 151 152 153 static int wpas_pasn_get_params_from_bss(struct wpa_supplicant *wpa_s, 154 struct pasn_peer *peer) 155 { 156 int ret; 157 const u8 *rsne, *rsnxe; 158 struct wpa_bss *bss; 159 struct wpa_ie_data rsne_data; 160 int sel, key_mgmt, pairwise_cipher; 161 int network_id = 0, group = 19; 162 struct wpa_ssid *ssid = NULL; 163 size_t ssid_str_len = 0; 164 const u8 *ssid_str = NULL; 165 const u8 *peer_addr = peer->peer_addr; 166 167 bss = wpa_bss_get_bssid(wpa_s, peer_addr); 168 if (!bss) { 169 wpa_supplicant_update_scan_results(wpa_s, peer_addr); 170 bss = wpa_bss_get_bssid(wpa_s, peer_addr); 171 if (!bss) { 172 wpa_printf(MSG_DEBUG, "PASN: BSS not found"); 173 return -1; 174 } 175 } 176 177 rsne = wpa_bss_get_ie(bss, WLAN_EID_RSN); 178 if (!rsne) { 179 wpa_printf(MSG_DEBUG, "PASN: BSS without RSNE"); 180 return -1; 181 } 182 183 ret = wpa_parse_wpa_ie(rsne, *(rsne + 1) + 2, &rsne_data); 184 if (ret) { 185 wpa_printf(MSG_DEBUG, "PASN: Failed parsing RSNE data"); 186 return -1; 187 } 188 189 rsnxe = wpa_bss_get_ie(bss, WLAN_EID_RSNX); 190 191 ssid_str_len = bss->ssid_len; 192 ssid_str = bss->ssid; 193 194 /* Get the network configuration based on the obtained SSID */ 195 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { 196 if (!wpas_network_disabled(wpa_s, ssid) && 197 ssid_str_len == ssid->ssid_len && 198 os_memcmp(ssid_str, ssid->ssid, ssid_str_len) == 0) 199 break; 200 } 201 202 if (ssid) 203 network_id = ssid->id; 204 205 sel = rsne_data.pairwise_cipher; 206 if (ssid && ssid->pairwise_cipher) 207 sel &= ssid->pairwise_cipher; 208 209 wpa_printf(MSG_DEBUG, "PASN: peer pairwise 0x%x, select 0x%x", 210 rsne_data.pairwise_cipher, sel); 211 212 pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1); 213 if (pairwise_cipher < 0) { 214 wpa_msg(wpa_s, MSG_WARNING, 215 "PASN: Failed to select pairwise cipher"); 216 return -1; 217 } 218 219 sel = rsne_data.key_mgmt; 220 if (ssid && ssid->key_mgmt) 221 sel &= ssid->key_mgmt; 222 223 wpa_printf(MSG_DEBUG, "PASN: peer AKMP 0x%x, select 0x%x", 224 rsne_data.key_mgmt, sel); 225 #ifdef CONFIG_SAE 226 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE) || !ssid) 227 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY | 228 WPA_KEY_MGMT_FT_SAE | WPA_KEY_MGMT_FT_SAE_EXT_KEY); 229 #endif /* CONFIG_SAE */ 230 #ifdef CONFIG_IEEE80211R 231 if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME | 232 WPA_DRIVER_FLAGS_UPDATE_FT_IES))) 233 sel &= ~WPA_KEY_MGMT_FT; 234 #endif /* CONFIG_IEEE80211R */ 235 if (0) { 236 #ifdef CONFIG_IEEE80211R 237 #ifdef CONFIG_SHA384 238 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) && 239 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) { 240 key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384; 241 wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FT/802.1X-SHA384"); 242 if (ssid && !ssid->ft_eap_pmksa_caching && 243 pmksa_cache_get_current(wpa_s->wpa)) { 244 /* PMKSA caching with FT may have interoperability 245 * issues, so disable that case by default for now. 246 */ 247 wpa_printf(MSG_DEBUG, 248 "PASN: Disable PMKSA caching for FT/802.1X connection"); 249 pmksa_cache_clear_current(wpa_s->wpa); 250 } 251 #endif /* CONFIG_SHA384 */ 252 #endif /* CONFIG_IEEE80211R */ 253 #ifdef CONFIG_SAE 254 } else if ((sel & WPA_KEY_MGMT_SAE_EXT_KEY) && 255 (ieee802_11_rsnx_capab(rsnxe, 256 WLAN_RSNX_CAPAB_SAE_H2E)) && 257 (wpas_pasn_sae_setup_pt(ssid, group) == 0)) { 258 key_mgmt = WPA_KEY_MGMT_SAE_EXT_KEY; 259 wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT SAE (ext key)"); 260 } else if ((sel & WPA_KEY_MGMT_SAE) && 261 (ieee802_11_rsnx_capab(rsnxe, 262 WLAN_RSNX_CAPAB_SAE_H2E)) && 263 (wpas_pasn_sae_setup_pt(ssid, group) == 0)) { 264 key_mgmt = WPA_KEY_MGMT_SAE; 265 wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT SAE"); 266 #endif /* CONFIG_SAE */ 267 #ifdef CONFIG_FILS 268 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) { 269 key_mgmt = WPA_KEY_MGMT_FILS_SHA384; 270 wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FILS-SHA384"); 271 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) { 272 key_mgmt = WPA_KEY_MGMT_FILS_SHA256; 273 wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FILS-SHA256"); 274 #endif /* CONFIG_FILS */ 275 #ifdef CONFIG_IEEE80211R 276 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) && 277 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) { 278 key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X; 279 wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FT/802.1X"); 280 if (ssid && !ssid->ft_eap_pmksa_caching && 281 pmksa_cache_get_current(wpa_s->wpa)) { 282 /* PMKSA caching with FT may have interoperability 283 * issues, so disable that case by default for now. 284 */ 285 wpa_printf(MSG_DEBUG, 286 "PASN: Disable PMKSA caching for FT/802.1X connection"); 287 pmksa_cache_clear_current(wpa_s->wpa); 288 } 289 } else if (sel & WPA_KEY_MGMT_FT_PSK) { 290 key_mgmt = WPA_KEY_MGMT_FT_PSK; 291 wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FT/PSK"); 292 #endif /* CONFIG_IEEE80211R */ 293 } else if (sel & WPA_KEY_MGMT_PASN) { 294 key_mgmt = WPA_KEY_MGMT_PASN; 295 wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT PASN"); 296 } else { 297 wpa_printf(MSG_DEBUG, "PASN: invalid AKMP"); 298 return -1; 299 } 300 301 peer->akmp = key_mgmt; 302 peer->cipher = pairwise_cipher; 303 peer->network_id = network_id; 304 peer->group = group; 305 return 0; 306 } 307 308 309 static int wpas_pasn_set_keys_from_cache(struct wpa_supplicant *wpa_s, 310 const u8 *own_addr, 311 const u8 *peer_addr, 312 int cipher, int akmp) 313 { 314 struct ptksa_cache_entry *entry; 315 316 entry = ptksa_cache_get(wpa_s->ptksa, peer_addr, cipher); 317 if (!entry) { 318 wpa_printf(MSG_DEBUG, "PASN: peer " MACSTR 319 " not present in PTKSA cache", MAC2STR(peer_addr)); 320 return -1; 321 } 322 323 if (!ether_addr_equal(entry->own_addr, own_addr)) { 324 wpa_printf(MSG_DEBUG, 325 "PASN: own addr " MACSTR " and PTKSA entry own addr " 326 MACSTR " differ", 327 MAC2STR(own_addr), MAC2STR(entry->own_addr)); 328 return -1; 329 } 330 331 wpa_printf(MSG_DEBUG, "PASN: " MACSTR " present in PTKSA cache", 332 MAC2STR(peer_addr)); 333 wpa_drv_set_secure_ranging_ctx(wpa_s, own_addr, peer_addr, cipher, 334 entry->ptk.tk_len, 335 entry->ptk.tk, 336 entry->ptk.ltf_keyseed_len, 337 entry->ptk.ltf_keyseed, 0); 338 return 0; 339 } 340 341 342 static void wpas_pasn_configure_next_peer(struct wpa_supplicant *wpa_s, 343 struct pasn_auth *pasn_params) 344 { 345 struct pasn_peer *peer; 346 u8 comeback_len = 0; 347 const u8 *comeback = NULL; 348 349 if (!pasn_params) 350 return; 351 352 while (wpa_s->pasn_count < pasn_params->num_peers) { 353 peer = &pasn_params->peer[wpa_s->pasn_count]; 354 355 if (ether_addr_equal(wpa_s->bssid, peer->peer_addr)) { 356 wpa_printf(MSG_DEBUG, 357 "PASN: Associated peer is not expected"); 358 peer->status = PASN_STATUS_FAILURE; 359 wpa_s->pasn_count++; 360 continue; 361 } 362 363 if (wpas_pasn_set_keys_from_cache(wpa_s, peer->own_addr, 364 peer->peer_addr, 365 peer->cipher, 366 peer->akmp) == 0) { 367 peer->status = PASN_STATUS_SUCCESS; 368 wpa_s->pasn_count++; 369 continue; 370 } 371 372 if (wpas_pasn_get_params_from_bss(wpa_s, peer)) { 373 peer->status = PASN_STATUS_FAILURE; 374 wpa_s->pasn_count++; 375 continue; 376 } 377 378 if (wpas_pasn_auth_start(wpa_s, peer->own_addr, 379 peer->peer_addr, peer->akmp, 380 peer->cipher, peer->group, 381 peer->network_id, 382 comeback, comeback_len)) { 383 peer->status = PASN_STATUS_FAILURE; 384 wpa_s->pasn_count++; 385 continue; 386 } 387 wpa_printf(MSG_DEBUG, "PASN: Sent PASN auth start for " MACSTR, 388 MAC2STR(peer->peer_addr)); 389 return; 390 } 391 392 if (wpa_s->pasn_count == pasn_params->num_peers) { 393 wpa_drv_send_pasn_resp(wpa_s, pasn_params); 394 wpa_printf(MSG_DEBUG, "PASN: Response sent"); 395 os_free(wpa_s->pasn_params); 396 wpa_s->pasn_params = NULL; 397 } 398 } 399 400 401 void wpas_pasn_auth_work_done(struct wpa_supplicant *wpa_s, int status) 402 { 403 if (!wpa_s->pasn_params) 404 return; 405 406 wpa_s->pasn_params->peer[wpa_s->pasn_count].status = status; 407 wpa_s->pasn_count++; 408 wpas_pasn_configure_next_peer(wpa_s, wpa_s->pasn_params); 409 } 410 411 412 static void wpas_pasn_delete_peers(struct wpa_supplicant *wpa_s, 413 struct pasn_auth *pasn_params) 414 { 415 struct pasn_peer *peer; 416 unsigned int i; 417 418 if (!pasn_params) 419 return; 420 421 for (i = 0; i < pasn_params->num_peers; i++) { 422 peer = &pasn_params->peer[i]; 423 ptksa_cache_flush(wpa_s->ptksa, peer->peer_addr, 424 WPA_CIPHER_NONE); 425 } 426 } 427 428 429 #ifdef CONFIG_FILS 430 static void wpas_pasn_initiate_eapol(struct pasn_data *pasn, 431 struct wpa_ssid *ssid) 432 { 433 struct eapol_config eapol_conf; 434 435 wpa_printf(MSG_DEBUG, "PASN: FILS: Initiating EAPOL"); 436 437 eapol_sm_notify_eap_success(pasn->eapol, false); 438 eapol_sm_notify_eap_fail(pasn->eapol, false); 439 eapol_sm_notify_portControl(pasn->eapol, Auto); 440 441 os_memset(&eapol_conf, 0, sizeof(eapol_conf)); 442 eapol_conf.fast_reauth = pasn->fast_reauth; 443 eapol_conf.workaround = ssid->eap_workaround; 444 445 eapol_sm_notify_config(pasn->eapol, &ssid->eap, &eapol_conf); 446 } 447 #endif /* CONFIG_FILS */ 448 449 450 static void wpas_pasn_reset(struct wpa_supplicant *wpa_s) 451 { 452 struct pasn_data *pasn = &wpa_s->pasn; 453 454 wpas_pasn_cancel_auth_work(wpa_s); 455 wpa_s->pasn_auth_work = NULL; 456 eloop_cancel_timeout(wpas_pasn_auth_work_timeout, wpa_s, NULL); 457 458 wpa_pasn_reset(pasn); 459 } 460 461 462 static struct wpa_bss * wpas_pasn_allowed(struct wpa_supplicant *wpa_s, 463 const u8 *peer_addr, int akmp, 464 int cipher) 465 { 466 struct wpa_bss *bss; 467 const u8 *rsne; 468 struct wpa_ie_data rsne_data; 469 int ret; 470 471 if (ether_addr_equal(wpa_s->bssid, peer_addr)) { 472 wpa_printf(MSG_DEBUG, 473 "PASN: Not doing authentication with current BSS"); 474 return NULL; 475 } 476 477 bss = wpa_bss_get_bssid_latest(wpa_s, peer_addr); 478 if (!bss) { 479 wpa_printf(MSG_DEBUG, "PASN: BSS not found"); 480 return NULL; 481 } 482 483 rsne = wpa_bss_get_ie(bss, WLAN_EID_RSN); 484 if (!rsne) { 485 wpa_printf(MSG_DEBUG, "PASN: BSS without RSNE"); 486 return NULL; 487 } 488 489 ret = wpa_parse_wpa_ie(rsne, *(rsne + 1) + 2, &rsne_data); 490 if (ret) { 491 wpa_printf(MSG_DEBUG, "PASN: Failed parsing RSNE data"); 492 return NULL; 493 } 494 495 if (!(rsne_data.key_mgmt & akmp) || 496 !(rsne_data.pairwise_cipher & cipher)) { 497 wpa_printf(MSG_DEBUG, 498 "PASN: AP does not support requested AKMP or cipher"); 499 return NULL; 500 } 501 502 return bss; 503 } 504 505 506 static void wpas_pasn_auth_start_cb(struct wpa_radio_work *work, int deinit) 507 { 508 struct wpa_supplicant *wpa_s = work->wpa_s; 509 struct wpa_pasn_auth_work *awork = work->ctx; 510 struct pasn_data *pasn = &wpa_s->pasn; 511 struct wpa_ssid *ssid; 512 struct wpa_bss *bss; 513 const u8 *rsne, *rsnxe; 514 #ifdef CONFIG_FILS 515 const u8 *indic; 516 u16 fils_info; 517 #endif /* CONFIG_FILS */ 518 u16 capab = 0; 519 bool derive_kdk; 520 int ret; 521 522 wpa_printf(MSG_DEBUG, "PASN: auth_start_cb: deinit=%d", deinit); 523 524 if (deinit) { 525 if (work->started) { 526 eloop_cancel_timeout(wpas_pasn_auth_work_timeout, 527 wpa_s, NULL); 528 wpa_s->pasn_auth_work = NULL; 529 } 530 531 wpas_pasn_free_auth_work(awork); 532 return; 533 } 534 535 /* 536 * It is possible that by the time the callback is called, the PASN 537 * authentication is not allowed, e.g., a connection with the AP was 538 * established. 539 */ 540 bss = wpas_pasn_allowed(wpa_s, awork->peer_addr, awork->akmp, 541 awork->cipher); 542 if (!bss) { 543 wpa_printf(MSG_DEBUG, "PASN: auth_start_cb: Not allowed"); 544 goto fail; 545 } 546 547 rsne = wpa_bss_get_ie(bss, WLAN_EID_RSN); 548 if (!rsne) { 549 wpa_printf(MSG_DEBUG, "PASN: BSS without RSNE"); 550 goto fail; 551 } 552 553 rsnxe = wpa_bss_get_ie(bss, WLAN_EID_RSNX); 554 555 derive_kdk = (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF_STA) && 556 ieee802_11_rsnx_capab(rsnxe, 557 WLAN_RSNX_CAPAB_SECURE_LTF); 558 #ifdef CONFIG_TESTING_OPTIONS 559 if (!derive_kdk) 560 derive_kdk = wpa_s->conf->force_kdk_derivation; 561 #endif /* CONFIG_TESTING_OPTIONS */ 562 if (derive_kdk) 563 pasn_enable_kdk_derivation(pasn); 564 else 565 pasn_disable_kdk_derivation(pasn); 566 567 wpa_printf(MSG_DEBUG, "PASN: kdk_len=%zu", pasn->kdk_len); 568 569 if ((wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF_STA) && 570 ieee802_11_rsnx_capab(rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF)) 571 pasn->secure_ltf = true; 572 else 573 pasn->secure_ltf = false; 574 575 #ifdef CONFIG_TESTING_OPTIONS 576 pasn->corrupt_mic = wpa_s->conf->pasn_corrupt_mic; 577 #endif /* CONFIG_TESTING_OPTIONS */ 578 579 capab |= BIT(WLAN_RSNX_CAPAB_SAE_H2E); 580 if (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF_STA) 581 capab |= BIT(WLAN_RSNX_CAPAB_SECURE_LTF); 582 if (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_RTT_STA) 583 capab |= BIT(WLAN_RSNX_CAPAB_SECURE_RTT); 584 if (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_PROT_RANGE_NEG_STA) 585 capab |= BIT(WLAN_RSNX_CAPAB_URNM_MFPR); 586 pasn_set_rsnxe_caps(pasn, capab); 587 pasn_register_callbacks(pasn, wpa_s, wpas_pasn_send_mlme, NULL); 588 ssid = wpa_config_get_network(wpa_s->conf, awork->network_id); 589 590 #ifdef CONFIG_SAE 591 if (awork->akmp == WPA_KEY_MGMT_SAE) { 592 if (!ssid) { 593 wpa_printf(MSG_DEBUG, 594 "PASN: No network profile found for SAE"); 595 goto fail; 596 } 597 pasn_set_pt(pasn, wpas_pasn_sae_derive_pt(ssid, awork->group)); 598 if (!pasn->pt) { 599 wpa_printf(MSG_DEBUG, "PASN: Failed to derive PT"); 600 goto fail; 601 } 602 pasn->network_id = ssid->id; 603 } 604 #endif /* CONFIG_SAE */ 605 606 #ifdef CONFIG_FILS 607 /* Prepare needed information for wpas_pasn_wd_fils_auth(). */ 608 if (awork->akmp == WPA_KEY_MGMT_FILS_SHA256 || 609 awork->akmp == WPA_KEY_MGMT_FILS_SHA384) { 610 indic = wpa_bss_get_ie(bss, WLAN_EID_FILS_INDICATION); 611 if (!ssid) { 612 wpa_printf(MSG_DEBUG, "PASN: FILS: No network block"); 613 } else if (!indic || indic[1] < 2) { 614 wpa_printf(MSG_DEBUG, 615 "PASN: Missing FILS Indication IE"); 616 } else { 617 fils_info = WPA_GET_LE16(indic + 2); 618 if ((fils_info & BIT(9)) && ssid) { 619 pasn->eapol = wpa_s->eapol; 620 pasn->network_id = ssid->id; 621 wpas_pasn_initiate_eapol(pasn, ssid); 622 pasn->fils_eapol = true; 623 } else { 624 wpa_printf(MSG_DEBUG, 625 "PASN: FILS auth without PFS not supported"); 626 } 627 } 628 pasn->fast_reauth = wpa_s->conf->fast_reauth; 629 } 630 #endif /* CONFIG_FILS */ 631 632 pasn_set_initiator_pmksa(pasn, wpa_sm_get_pmksa_cache(wpa_s->wpa)); 633 634 if (wpa_key_mgmt_ft(awork->akmp)) { 635 #ifdef CONFIG_IEEE80211R 636 ret = wpa_pasn_ft_derive_pmk_r1(wpa_s->wpa, awork->akmp, 637 awork->peer_addr, 638 pasn->pmk_r1, 639 &pasn->pmk_r1_len, 640 pasn->pmk_r1_name); 641 if (ret) { 642 wpa_printf(MSG_DEBUG, 643 "PASN: FT: Failed to derive keys"); 644 goto fail; 645 } 646 #else /* CONFIG_IEEE80211R */ 647 goto fail; 648 #endif /* CONFIG_IEEE80211R */ 649 } 650 651 652 ret = wpas_pasn_start(pasn, awork->own_addr, awork->peer_addr, 653 awork->peer_addr, awork->akmp, awork->cipher, 654 awork->group, bss->freq, rsne, *(rsne + 1) + 2, 655 rsnxe, rsnxe ? *(rsnxe + 1) + 2 : 0, 656 awork->comeback); 657 if (ret) { 658 wpa_printf(MSG_DEBUG, 659 "PASN: Failed to start PASN authentication"); 660 goto fail; 661 } 662 eloop_register_timeout(2, 0, wpas_pasn_auth_work_timeout, wpa_s, NULL); 663 664 /* comeback token is no longer needed at this stage */ 665 wpabuf_free(awork->comeback); 666 awork->comeback = NULL; 667 668 wpa_s->pasn_auth_work = work; 669 return; 670 fail: 671 wpas_pasn_free_auth_work(awork); 672 work->ctx = NULL; 673 radio_work_done(work); 674 } 675 676 677 int wpas_pasn_auth_start(struct wpa_supplicant *wpa_s, 678 const u8 *own_addr, const u8 *peer_addr, 679 int akmp, int cipher, u16 group, int network_id, 680 const u8 *comeback, size_t comeback_len) 681 { 682 struct wpa_pasn_auth_work *awork; 683 struct wpa_bss *bss; 684 685 wpa_printf(MSG_DEBUG, "PASN: Start: " MACSTR " akmp=0x%x, cipher=0x%x", 686 MAC2STR(peer_addr), akmp, cipher); 687 688 /* 689 * TODO: Consider modifying the offchannel logic to handle additional 690 * Management frames other then Action frames. For now allow PASN only 691 * with drivers that support off-channel TX. 692 */ 693 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX)) { 694 wpa_printf(MSG_DEBUG, 695 "PASN: Driver does not support offchannel TX"); 696 return -1; 697 } 698 699 if (radio_work_pending(wpa_s, "pasn-start-auth")) { 700 wpa_printf(MSG_DEBUG, 701 "PASN: send_auth: Work is already pending"); 702 return -1; 703 } 704 705 if (wpa_s->pasn_auth_work) { 706 wpa_printf(MSG_DEBUG, "PASN: send_auth: Already in progress"); 707 return -1; 708 } 709 710 bss = wpas_pasn_allowed(wpa_s, peer_addr, akmp, cipher); 711 if (!bss) 712 return -1; 713 714 wpas_pasn_reset(wpa_s); 715 716 awork = os_zalloc(sizeof(*awork)); 717 if (!awork) 718 return -1; 719 720 os_memcpy(awork->own_addr, own_addr, ETH_ALEN); 721 os_memcpy(awork->peer_addr, peer_addr, ETH_ALEN); 722 awork->akmp = akmp; 723 awork->cipher = cipher; 724 awork->group = group; 725 awork->network_id = network_id; 726 727 if (comeback && comeback_len) { 728 awork->comeback = wpabuf_alloc_copy(comeback, comeback_len); 729 if (!awork->comeback) { 730 wpas_pasn_free_auth_work(awork); 731 return -1; 732 } 733 } 734 735 if (radio_add_work(wpa_s, bss->freq, "pasn-start-auth", 1, 736 wpas_pasn_auth_start_cb, awork) < 0) { 737 wpas_pasn_free_auth_work(awork); 738 return -1; 739 } 740 741 wpa_printf(MSG_DEBUG, "PASN: Auth work successfully added"); 742 return 0; 743 } 744 745 746 void wpas_pasn_auth_stop(struct wpa_supplicant *wpa_s) 747 { 748 struct pasn_data *pasn = &wpa_s->pasn; 749 750 if (!wpa_s->pasn.ecdh) 751 return; 752 753 wpa_printf(MSG_DEBUG, "PASN: Stopping authentication"); 754 755 wpas_pasn_auth_status(wpa_s, pasn->peer_addr, pasn_get_akmp(pasn), 756 pasn_get_cipher(pasn), 757 pasn->status, pasn->comeback, 758 pasn->comeback_after); 759 760 wpas_pasn_reset(wpa_s); 761 } 762 763 764 static int wpas_pasn_immediate_retry(struct wpa_supplicant *wpa_s, 765 struct pasn_data *pasn, 766 struct wpa_pasn_params_data *params) 767 { 768 int akmp = pasn_get_akmp(pasn); 769 int cipher = pasn_get_cipher(pasn); 770 u16 group = pasn->group; 771 u8 own_addr[ETH_ALEN]; 772 u8 peer_addr[ETH_ALEN]; 773 774 wpa_printf(MSG_DEBUG, "PASN: Immediate retry"); 775 os_memcpy(own_addr, pasn->own_addr, ETH_ALEN); 776 os_memcpy(peer_addr, pasn->peer_addr, ETH_ALEN); 777 wpas_pasn_reset(wpa_s); 778 779 return wpas_pasn_auth_start(wpa_s, own_addr, peer_addr, akmp, cipher, 780 group, pasn->network_id, 781 params->comeback, params->comeback_len); 782 } 783 784 785 static void wpas_pasn_deauth_cb(struct ptksa_cache_entry *entry) 786 { 787 struct wpa_supplicant *wpa_s = entry->ctx; 788 u8 own_addr[ETH_ALEN]; 789 u8 peer_addr[ETH_ALEN]; 790 791 /* Use a copy of the addresses from the entry to avoid issues with the 792 * entry getting freed during deauthentication processing. */ 793 os_memcpy(own_addr, entry->own_addr, ETH_ALEN); 794 os_memcpy(peer_addr, entry->addr, ETH_ALEN); 795 wpas_pasn_deauthenticate(wpa_s, own_addr, peer_addr); 796 } 797 798 799 int wpas_pasn_auth_rx(struct wpa_supplicant *wpa_s, 800 const struct ieee80211_mgmt *mgmt, size_t len) 801 { 802 struct pasn_data *pasn = &wpa_s->pasn; 803 struct wpa_pasn_params_data pasn_data; 804 int ret; 805 806 if (!wpa_s->pasn_auth_work) 807 return -2; 808 809 pasn_register_callbacks(pasn, wpa_s, wpas_pasn_send_mlme, NULL); 810 ret = wpa_pasn_auth_rx(pasn, (const u8 *) mgmt, len, &pasn_data); 811 if (ret == 0) { 812 ptksa_cache_add(wpa_s->ptksa, pasn->own_addr, pasn->peer_addr, 813 pasn_get_cipher(pasn), 814 dot11RSNAConfigPMKLifetime, 815 pasn_get_ptk(pasn), 816 wpa_s->pasn_params ? wpas_pasn_deauth_cb : NULL, 817 wpa_s->pasn_params ? wpa_s : NULL, 818 pasn_get_akmp(pasn)); 819 820 if (pasn->pmksa_entry) 821 wpa_sm_set_cur_pmksa(wpa_s->wpa, pasn->pmksa_entry); 822 } 823 824 forced_memzero(pasn_get_ptk(pasn), sizeof(pasn->ptk)); 825 826 if (ret == -1) { 827 wpas_pasn_auth_stop(wpa_s); 828 wpas_pasn_auth_work_done(wpa_s, PASN_STATUS_FAILURE); 829 } 830 831 if (ret == 1) 832 ret = wpas_pasn_immediate_retry(wpa_s, pasn, &pasn_data); 833 834 return ret; 835 } 836 837 838 void wpas_pasn_auth_trigger(struct wpa_supplicant *wpa_s, 839 struct pasn_auth *pasn_auth) 840 { 841 struct pasn_peer *src, *dst; 842 unsigned int i, num_peers = pasn_auth->num_peers; 843 844 if (wpa_s->pasn_params) { 845 wpa_printf(MSG_DEBUG, 846 "PASN: auth_trigger: Already in progress"); 847 return; 848 } 849 850 if (!num_peers || num_peers > WPAS_MAX_PASN_PEERS) { 851 wpa_printf(MSG_DEBUG, 852 "PASN: auth trigger: Invalid number of peers"); 853 return; 854 } 855 856 wpa_s->pasn_params = os_zalloc(sizeof(struct pasn_auth)); 857 if (!wpa_s->pasn_params) { 858 wpa_printf(MSG_DEBUG, 859 "PASN: auth trigger: Failed to allocate a buffer"); 860 return; 861 } 862 863 wpa_s->pasn_count = 0; 864 wpa_s->pasn_params->num_peers = num_peers; 865 866 for (i = 0; i < num_peers; i++) { 867 dst = &wpa_s->pasn_params->peer[i]; 868 src = &pasn_auth->peer[i]; 869 os_memcpy(dst->own_addr, wpa_s->own_addr, ETH_ALEN); 870 os_memcpy(dst->peer_addr, src->peer_addr, ETH_ALEN); 871 dst->ltf_keyseed_required = src->ltf_keyseed_required; 872 dst->status = PASN_STATUS_SUCCESS; 873 874 if (!is_zero_ether_addr(src->own_addr)) { 875 os_memcpy(dst->own_addr, src->own_addr, ETH_ALEN); 876 wpa_printf(MSG_DEBUG, "PASN: Own (source) MAC addr: " 877 MACSTR, MAC2STR(dst->own_addr)); 878 } 879 } 880 881 if (pasn_auth->action == PASN_ACTION_DELETE_SECURE_RANGING_CONTEXT) { 882 wpas_pasn_delete_peers(wpa_s, wpa_s->pasn_params); 883 os_free(wpa_s->pasn_params); 884 wpa_s->pasn_params = NULL; 885 } else if (pasn_auth->action == PASN_ACTION_AUTH) { 886 wpas_pasn_configure_next_peer(wpa_s, wpa_s->pasn_params); 887 } 888 } 889 890 891 int wpas_pasn_auth_tx_status(struct wpa_supplicant *wpa_s, 892 const u8 *data, size_t data_len, u8 acked) 893 894 { 895 struct pasn_data *pasn = &wpa_s->pasn; 896 int ret; 897 898 if (!wpa_s->pasn_auth_work) { 899 wpa_printf(MSG_DEBUG, 900 "PASN: auth_tx_status: no work in progress"); 901 return -1; 902 } 903 904 ret = wpa_pasn_auth_tx_status(pasn, data, data_len, acked); 905 if (ret != 1) 906 return ret; 907 908 if (!wpa_s->pasn_params) { 909 wpas_pasn_auth_stop(wpa_s); 910 return 0; 911 } 912 913 wpas_pasn_set_keys_from_cache(wpa_s, pasn->own_addr, pasn->peer_addr, 914 pasn_get_cipher(pasn), 915 pasn_get_akmp(pasn)); 916 wpas_pasn_auth_stop(wpa_s); 917 wpas_pasn_auth_work_done(wpa_s, PASN_STATUS_SUCCESS); 918 919 return 0; 920 } 921 922 923 int wpas_pasn_deauthenticate(struct wpa_supplicant *wpa_s, const u8 *own_addr, 924 const u8 *peer_addr) 925 { 926 struct wpa_bss *bss; 927 struct wpabuf *buf; 928 struct ieee80211_mgmt *deauth; 929 int ret; 930 931 if (ether_addr_equal(wpa_s->bssid, peer_addr)) { 932 wpa_printf(MSG_DEBUG, 933 "PASN: Cannot deauthenticate from current BSS"); 934 return -1; 935 } 936 937 wpa_drv_set_secure_ranging_ctx(wpa_s, own_addr, peer_addr, 0, 0, NULL, 938 0, NULL, 1); 939 940 wpa_printf(MSG_DEBUG, "PASN: deauth: Flushing all PTKSA entries for " 941 MACSTR, MAC2STR(peer_addr)); 942 ptksa_cache_flush(wpa_s->ptksa, peer_addr, WPA_CIPHER_NONE); 943 944 bss = wpa_bss_get_bssid(wpa_s, peer_addr); 945 if (!bss) { 946 wpa_printf(MSG_DEBUG, "PASN: deauth: BSS not found"); 947 return -1; 948 } 949 950 buf = wpabuf_alloc(64); 951 if (!buf) { 952 wpa_printf(MSG_DEBUG, "PASN: deauth: Failed wpabuf allocate"); 953 return -1; 954 } 955 956 deauth = wpabuf_put(buf, offsetof(struct ieee80211_mgmt, 957 u.deauth.variable)); 958 959 deauth->frame_control = host_to_le16((WLAN_FC_TYPE_MGMT << 2) | 960 (WLAN_FC_STYPE_DEAUTH << 4)); 961 962 os_memcpy(deauth->da, peer_addr, ETH_ALEN); 963 os_memcpy(deauth->sa, own_addr, ETH_ALEN); 964 os_memcpy(deauth->bssid, peer_addr, ETH_ALEN); 965 deauth->u.deauth.reason_code = 966 host_to_le16(WLAN_REASON_PREV_AUTH_NOT_VALID); 967 968 /* 969 * Since we do not expect any response from the AP, implement the 970 * Deauthentication frame transmission using direct call to the driver 971 * without a radio work. 972 */ 973 ret = wpa_drv_send_mlme(wpa_s, wpabuf_head(buf), wpabuf_len(buf), 1, 974 bss->freq, 0); 975 976 wpabuf_free(buf); 977 wpa_printf(MSG_DEBUG, "PASN: deauth: send_mlme ret=%d", ret); 978 979 return ret; 980 } 981