Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_wpa_supplicant_8 / 45a41152cd82d5fd00f8ebaf930a377fd6c276db / . / src / pasn / pasn_common.h
blob: a4850a284ddc322aed0c021ae98d8b8531cdb419 [file] [log] [blame]
Sunil Ravi77d572f2023-01-17 23:58:31 +0000[diff] [blame]1/*
2 * PASN info for initiator and responder
3 *
4 * Copyright (C) 2019, Intel Corporation
5 * Copyright (c) 2022, Jouni Malinen <j@w1.fi>
6 * Copyright (C) 2022, Qualcomm Innovation Center, Inc.
7 *
8 * This software may be distributed under the terms of the BSD license.
9 * See README for more details.
10 */
11
12#ifndef PASN_COMMON_H
13#define PASN_COMMON_H
14
15#ifdef __cplusplus
16extern "C" {
17#endif
18
19#ifdef CONFIG_PASN
20
21enum pasn_fils_state {
22 PASN_FILS_STATE_NONE = 0,
23 PASN_FILS_STATE_PENDING_AS,
24 PASN_FILS_STATE_COMPLETE
25};
26
27struct pasn_fils {
28 u8 state;
29 u8 nonce[FILS_NONCE_LEN];
30 u8 anonce[FILS_NONCE_LEN];
31 u8 session[FILS_SESSION_LEN];
32 u8 erp_pmkid[PMKID_LEN];
33 bool completed;
34 struct wpabuf *erp_resp;
35};
36
37struct pasn_data {
38 int akmp;
39 int cipher;
40 u16 group;
41 bool secure_ltf;
42 int freq;
43 size_t kdk_len;
44
45 u8 trans_seq;
46 u8 status;
47
48 u8 own_addr[ETH_ALEN];
49 u8 peer_addr[ETH_ALEN];
50 u8 bssid[ETH_ALEN];
51 size_t pmk_len;
52 u8 pmk[PMK_LEN_MAX];
53 bool using_pmksa;
54
55 u8 hash[SHA384_MAC_LEN];
56
57 struct wpabuf *beacon_rsne_rsnxe;
58 struct wpa_ptk ptk;
59 struct crypto_ecdh *ecdh;
60
61 struct wpabuf *comeback;
62 u16 comeback_after;
63
64#ifdef CONFIG_SAE
65 struct sae_data sae;
66 struct sae_pt *pt;
67#endif /* CONFIG_SAE */
68
69#ifdef CONFIG_FILS
70 bool fils_eapol;
71 bool fils_wd_valid;
72 struct pasn_fils fils;
73#endif /* CONFIG_FILS */
74
75#ifdef CONFIG_IEEE80211R
76 u8 pmk_r1[PMK_LEN_MAX];
77 size_t pmk_r1_len;
78 u8 pmk_r1_name[WPA_PMK_NAME_LEN];
79#endif /* CONFIG_IEEE80211R */
80 /* Note that this pointers to RSN PMKSA cache are actually defined
81 * differently for the PASN initiator (using RSN Supplicant
82 * implementation) and PASN responser (using RSN Authenticator
83 * implementation). Functions cannot be mixed between those cases. */
84 struct rsn_pmksa_cache *pmksa;
85 struct rsn_pmksa_cache_entry *pmksa_entry;
86 struct eapol_sm *eapol;
87 int fast_reauth;
88#ifdef CONFIG_TESTING_OPTIONS
89 int corrupt_mic;
90#endif /* CONFIG_TESTING_OPTIONS */
91 void *cb_ctx;
92 u16 rsnxe_capab;
93 int network_id;
94
95 u8 wrapped_data_format;
96 struct wpabuf *secret;
97
Sunil Ravi640215c2023-06-28 23:08:09 +0000[diff] [blame]98 /* Responder */
99 bool noauth; /* Whether PASN without mutual authentication is enabled */
Sunil Ravi77d572f2023-01-17 23:58:31 +0000[diff] [blame]100 int wpa_key_mgmt;
101 int rsn_pairwise;
102 bool derive_kdk;
103 const char *password;
104 int disable_pmksa_caching;
105 int *pasn_groups;
106 struct wpabuf *wrapped_data;
107 int use_anti_clogging;
108 const u8 *rsn_ie;
109 const u8 *rsnxe_ie;
110 size_t rsn_ie_len;
111
112 u8 *comeback_key;
113 struct os_reltime last_comeback_key_update;
114 u16 comeback_idx;
115 u16 *comeback_pending_idx;
116
117 bool custom_pmkid_valid;
118 u8 custom_pmkid[PMKID_LEN];
119
120 /**
121 * Extra elements to add into Authentication frames. These can be used,
122 * e.g., for Wi-Fi Aware use cases.
123 */
124 const u8 *extra_ies;
125 size_t extra_ies_len;
126
127 /**
128 * send_mgmt - Function handler to transmit a Management frame
129 * @ctx: Callback context from cb_ctx
130 * @frame_buf : Frame to transmit
131 * @frame_len: Length of frame to transmit
132 * @freq: Frequency in MHz for the channel on which to transmit
133 * @wait_dur: How many milliseconds to wait for a response frame
134 * Returns: 0 on success, -1 on failure
135 */
136 int (*send_mgmt)(void *ctx, const u8 *data, size_t data_len, int noack,
137 unsigned int freq, unsigned int wait);
138 /**
139 * validate_custom_pmkid - Handler to validate vendor specific PMKID
140 * @ctx: Callback context from cb_ctx
141 * @addr : MAC address of the peer
142 * @pmkid: Custom PMKID
143 * Returns: 0 on success (valid PMKID), -1 on failure
144 */
145 int (*validate_custom_pmkid)(void *ctx, const u8 *addr,
146 const u8 *pmkid);
147};
148
149/* Initiator */
150
151void wpa_pasn_reset(struct pasn_data *pasn);
152int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr,
153 const u8 *peer_addr, const u8 *bssid,
154 int akmp, int cipher, u16 group,
155 int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
156 const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
157 const struct wpabuf *comeback);
158int wpa_pasn_verify(struct pasn_data *pasn, const u8 *own_addr,
159 const u8 *peer_addr, const u8 *bssid,
160 int akmp, int cipher, u16 group,
161 int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
162 const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
163 const struct wpabuf *comeback);
164int wpa_pasn_auth_rx(struct pasn_data *pasn, const u8 *data, size_t len,
165 struct wpa_pasn_params_data *pasn_params);
166int wpa_pasn_auth_tx_status(struct pasn_data *pasn,
167 const u8 *data, size_t data_len, u8 acked);
168
169/* Responder */
170int handle_auth_pasn_1(struct pasn_data *pasn,
171 const u8 *own_addr, const u8 *peer_addr,
172 const struct ieee80211_mgmt *mgmt, size_t len);
173int handle_auth_pasn_3(struct pasn_data *pasn, const u8 *own_addr,
174 const u8 *peer_addr,
175 const struct ieee80211_mgmt *mgmt, size_t len);
176int handle_auth_pasn_resp(struct pasn_data *pasn, const u8 *own_addr,
177 const u8 *peer_addr,
178 struct rsn_pmksa_cache_entry *pmksa, u16 status);
179
180#endif /* CONFIG_PASN */
181
182#ifdef __cplusplus
183}
184#endif
185#endif /* PASN_COMMON_H */