2 * Internal WPA/RSN supplicant state machine definitions
3 * Copyright (c) 2004-2010, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
18 #include "utils/list.h"
25 * struct wpa_sm - Internal WPA state machine data
30 struct wpa_ptk ptk, tptk;
31 int ptk_set, tptk_set;
32 u8 snonce[WPA_NONCE_LEN];
33 u8 anonce[WPA_NONCE_LEN]; /* ANonce from the last 1/4 msg */
35 u8 rx_replay_counter[WPA_REPLAY_COUNTER_LEN];
36 int rx_replay_counter_set;
37 u8 request_counter[WPA_REPLAY_COUNTER_LEN];
39 struct eapol_sm *eapol; /* EAPOL state machine from upper level code */
41 struct rsn_pmksa_cache *pmksa; /* PMKSA cache */
42 struct rsn_pmksa_cache_entry *cur_pmksa; /* current PMKSA entry */
43 struct dl_list pmksa_candidates;
45 struct l2_packet_data *l2_preauth;
46 struct l2_packet_data *l2_preauth_br;
47 struct l2_packet_data *l2_tdls;
48 u8 preauth_bssid[ETH_ALEN]; /* current RSN pre-auth peer or
49 * 00:00:00:00:00:00 if no pre-auth is
51 struct eapol_sm *preauth_eapol;
53 struct wpa_sm_ctx *ctx;
55 void *scard_ctx; /* context for smartcard callbacks */
56 int fast_reauth; /* whether EAP fast re-authentication is enabled */
60 int allowed_pairwise_cipher; /* bitfield of WPA_CIPHER_* */
61 int proactive_key_caching;
68 u8 own_addr[ETH_ALEN];
70 const char *bridge_ifname;
73 unsigned int dot11RSNAConfigPMKLifetime;
74 unsigned int dot11RSNAConfigPMKReauthThreshold;
75 unsigned int dot11RSNAConfigSATimeout;
77 unsigned int dot11RSNA4WayHandshakeFailures;
79 /* Selected configuration (based on Beacon/ProbeResp WPA IE) */
81 unsigned int pairwise_cipher;
82 unsigned int group_cipher;
83 unsigned int key_mgmt;
84 unsigned int mgmt_group_cipher;
86 int rsn_enabled; /* Whether RSN is enabled in configuration */
87 int mfp; /* 0 = disabled, 1 = optional, 2 = mandatory */
89 u8 *assoc_wpa_ie; /* Own WPA/RSN IE from (Re)AssocReq */
90 size_t assoc_wpa_ie_len;
91 u8 *ap_wpa_ie, *ap_rsn_ie;
92 size_t ap_wpa_ie_len, ap_rsn_ie_len;
95 struct wpa_peerkey *peerkey;
96 #endif /* CONFIG_PEERKEY */
98 struct wpa_tdls_peer *tdls;
101 #endif /* CONFIG_TDLS */
103 #ifdef CONFIG_IEEE80211R
104 u8 xxkey[PMK_LEN]; /* PSK or the second 256 bits of MSK */
107 u8 pmk_r0_name[WPA_PMK_NAME_LEN];
109 u8 pmk_r1_name[WPA_PMK_NAME_LEN];
110 u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN];
111 u8 r0kh_id[FT_R0KH_ID_MAX_LEN];
113 u8 r1kh_id[FT_R1KH_ID_LEN];
115 int over_the_ds_in_progress;
116 u8 target_ap[ETH_ALEN]; /* over-the-DS target AP */
117 int set_ptk_after_assoc;
118 u8 mdie_ft_capab; /* FT Capability and Policy from target AP MDIE */
119 u8 *assoc_resp_ies; /* MDIE and FTIE from (Re)Association Response */
120 size_t assoc_resp_ies_len;
121 #endif /* CONFIG_IEEE80211R */
125 static inline void wpa_sm_set_state(struct wpa_sm *sm, enum wpa_states state)
127 WPA_ASSERT(sm->ctx->set_state);
128 sm->ctx->set_state(sm->ctx->ctx, state);
131 static inline enum wpa_states wpa_sm_get_state(struct wpa_sm *sm)
133 WPA_ASSERT(sm->ctx->get_state);
134 return sm->ctx->get_state(sm->ctx->ctx);
137 static inline void wpa_sm_deauthenticate(struct wpa_sm *sm, int reason_code)
139 WPA_ASSERT(sm->ctx->deauthenticate);
140 sm->ctx->deauthenticate(sm->ctx->ctx, reason_code);
143 static inline void wpa_sm_disassociate(struct wpa_sm *sm, int reason_code)
145 WPA_ASSERT(sm->ctx->disassociate);
146 sm->ctx->disassociate(sm->ctx->ctx, reason_code);
149 static inline int wpa_sm_set_key(struct wpa_sm *sm, enum wpa_alg alg,
150 const u8 *addr, int key_idx, int set_tx,
151 const u8 *seq, size_t seq_len,
152 const u8 *key, size_t key_len)
154 WPA_ASSERT(sm->ctx->set_key);
155 return sm->ctx->set_key(sm->ctx->ctx, alg, addr, key_idx, set_tx,
156 seq, seq_len, key, key_len);
159 static inline void * wpa_sm_get_network_ctx(struct wpa_sm *sm)
161 WPA_ASSERT(sm->ctx->get_network_ctx);
162 return sm->ctx->get_network_ctx(sm->ctx->ctx);
165 static inline int wpa_sm_get_bssid(struct wpa_sm *sm, u8 *bssid)
167 WPA_ASSERT(sm->ctx->get_bssid);
168 return sm->ctx->get_bssid(sm->ctx->ctx, bssid);
171 static inline int wpa_sm_ether_send(struct wpa_sm *sm, const u8 *dest,
172 u16 proto, const u8 *buf, size_t len)
174 WPA_ASSERT(sm->ctx->ether_send);
175 return sm->ctx->ether_send(sm->ctx->ctx, dest, proto, buf, len);
178 static inline int wpa_sm_get_beacon_ie(struct wpa_sm *sm)
180 WPA_ASSERT(sm->ctx->get_beacon_ie);
181 return sm->ctx->get_beacon_ie(sm->ctx->ctx);
184 static inline void wpa_sm_cancel_auth_timeout(struct wpa_sm *sm)
186 WPA_ASSERT(sm->ctx->cancel_auth_timeout);
187 sm->ctx->cancel_auth_timeout(sm->ctx->ctx);
190 static inline u8 * wpa_sm_alloc_eapol(struct wpa_sm *sm, u8 type,
191 const void *data, u16 data_len,
192 size_t *msg_len, void **data_pos)
194 WPA_ASSERT(sm->ctx->alloc_eapol);
195 return sm->ctx->alloc_eapol(sm->ctx->ctx, type, data, data_len,
199 static inline int wpa_sm_add_pmkid(struct wpa_sm *sm, const u8 *bssid,
202 WPA_ASSERT(sm->ctx->add_pmkid);
203 return sm->ctx->add_pmkid(sm->ctx->ctx, bssid, pmkid);
206 static inline int wpa_sm_remove_pmkid(struct wpa_sm *sm, const u8 *bssid,
209 WPA_ASSERT(sm->ctx->remove_pmkid);
210 return sm->ctx->remove_pmkid(sm->ctx->ctx, bssid, pmkid);
213 static inline int wpa_sm_mlme_setprotection(struct wpa_sm *sm, const u8 *addr,
214 int protect_type, int key_type)
216 WPA_ASSERT(sm->ctx->mlme_setprotection);
217 return sm->ctx->mlme_setprotection(sm->ctx->ctx, addr, protect_type,
221 static inline int wpa_sm_update_ft_ies(struct wpa_sm *sm, const u8 *md,
222 const u8 *ies, size_t ies_len)
224 if (sm->ctx->update_ft_ies)
225 return sm->ctx->update_ft_ies(sm->ctx->ctx, md, ies, ies_len);
229 static inline int wpa_sm_send_ft_action(struct wpa_sm *sm, u8 action,
231 const u8 *ies, size_t ies_len)
233 if (sm->ctx->send_ft_action)
234 return sm->ctx->send_ft_action(sm->ctx->ctx, action, target_ap,
239 static inline int wpa_sm_mark_authenticated(struct wpa_sm *sm,
242 if (sm->ctx->mark_authenticated)
243 return sm->ctx->mark_authenticated(sm->ctx->ctx, target_ap);
248 static inline int wpa_sm_send_tdls_mgmt(struct wpa_sm *sm, const u8 *dst,
249 u8 action_code, u8 dialog_token,
250 u16 status_code, const u8 *buf,
253 if (sm->ctx->send_tdls_mgmt)
254 return sm->ctx->send_tdls_mgmt(sm->ctx->ctx, dst, action_code,
255 dialog_token, status_code,
260 static inline int wpa_sm_tdls_oper(struct wpa_sm *sm, int oper,
263 if (sm->ctx->tdls_oper)
264 return sm->ctx->tdls_oper(sm->ctx->ctx, oper, peer);
267 #endif /* CONFIG_TDLS */
269 void wpa_eapol_key_send(struct wpa_sm *sm, const u8 *kck,
270 int ver, const u8 *dest, u16 proto,
271 u8 *msg, size_t msg_len, u8 *key_mic);
272 int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst,
273 const struct wpa_eapol_key *key,
274 int ver, const u8 *nonce,
275 const u8 *wpa_ie, size_t wpa_ie_len,
276 struct wpa_ptk *ptk);
277 int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst,
278 const struct wpa_eapol_key *key,
279 u16 ver, u16 key_info,
280 const u8 *kde, size_t kde_len,
281 struct wpa_ptk *ptk);
283 int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr,
284 const struct wpa_eapol_key *key,
285 struct wpa_ptk *ptk, size_t ptk_len);
287 void wpa_tdls_assoc(struct wpa_sm *sm);
288 void wpa_tdls_disassoc(struct wpa_sm *sm);