2 * Internal WPA/RSN supplicant state machine definitions
3 * Copyright (c) 2004-2010, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
12 #include "utils/list.h"
19 * struct wpa_sm - Internal WPA state machine data
24 struct wpa_ptk ptk, tptk;
25 int ptk_set, tptk_set;
27 u8 snonce[WPA_NONCE_LEN];
28 u8 anonce[WPA_NONCE_LEN]; /* ANonce from the last 1/4 msg */
30 u8 rx_replay_counter[WPA_REPLAY_COUNTER_LEN];
31 int rx_replay_counter_set;
32 u8 request_counter[WPA_REPLAY_COUNTER_LEN];
34 struct wpa_gtk gtk_wnm_sleep;
35 #ifdef CONFIG_IEEE80211W
37 struct wpa_igtk igtk_wnm_sleep;
38 #endif /* CONFIG_IEEE80211W */
40 struct eapol_sm *eapol; /* EAPOL state machine from upper level code */
42 struct rsn_pmksa_cache *pmksa; /* PMKSA cache */
43 struct rsn_pmksa_cache_entry *cur_pmksa; /* current PMKSA entry */
44 struct dl_list pmksa_candidates;
46 struct l2_packet_data *l2_preauth;
47 struct l2_packet_data *l2_preauth_br;
48 struct l2_packet_data *l2_tdls;
49 u8 preauth_bssid[ETH_ALEN]; /* current RSN pre-auth peer or
50 * 00:00:00:00:00:00 if no pre-auth is
52 struct eapol_sm *preauth_eapol;
54 struct wpa_sm_ctx *ctx;
56 void *scard_ctx; /* context for smartcard callbacks */
57 int fast_reauth; /* whether EAP fast re-authentication is enabled */
61 int allowed_pairwise_cipher; /* bitfield of WPA_CIPHER_* */
62 int proactive_key_caching;
69 u8 own_addr[ETH_ALEN];
71 const char *bridge_ifname;
74 unsigned int dot11RSNAConfigPMKLifetime;
75 unsigned int dot11RSNAConfigPMKReauthThreshold;
76 unsigned int dot11RSNAConfigSATimeout;
78 unsigned int dot11RSNA4WayHandshakeFailures;
80 /* Selected configuration (based on Beacon/ProbeResp WPA IE) */
82 unsigned int pairwise_cipher;
83 unsigned int group_cipher;
84 unsigned int key_mgmt;
85 unsigned int mgmt_group_cipher;
87 int rsn_enabled; /* Whether RSN is enabled in configuration */
88 int mfp; /* 0 = disabled, 1 = optional, 2 = mandatory */
90 u8 *assoc_wpa_ie; /* Own WPA/RSN IE from (Re)AssocReq */
91 size_t assoc_wpa_ie_len;
92 u8 *ap_wpa_ie, *ap_rsn_ie;
93 size_t ap_wpa_ie_len, ap_rsn_ie_len;
96 struct wpa_peerkey *peerkey;
97 #endif /* CONFIG_PEERKEY */
99 struct wpa_tdls_peer *tdls;
103 /* The driver supports TDLS */
107 * The driver requires explicit discovery/setup/teardown frames sent
108 * to it via tdls_mgmt.
110 int tdls_external_setup;
111 #endif /* CONFIG_TDLS */
113 #ifdef CONFIG_IEEE80211R
114 u8 xxkey[PMK_LEN]; /* PSK or the second 256 bits of MSK */
117 u8 pmk_r0_name[WPA_PMK_NAME_LEN];
119 u8 pmk_r1_name[WPA_PMK_NAME_LEN];
120 u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN];
121 u8 r0kh_id[FT_R0KH_ID_MAX_LEN];
123 u8 r1kh_id[FT_R1KH_ID_LEN];
125 int ft_reassoc_completed;
126 int over_the_ds_in_progress;
127 u8 target_ap[ETH_ALEN]; /* over-the-DS target AP */
128 int set_ptk_after_assoc;
129 u8 mdie_ft_capab; /* FT Capability and Policy from target AP MDIE */
130 u8 *assoc_resp_ies; /* MDIE and FTIE from (Re)Association Response */
131 size_t assoc_resp_ies_len;
132 #endif /* CONFIG_IEEE80211R */
136 static inline void wpa_sm_set_state(struct wpa_sm *sm, enum wpa_states state)
138 WPA_ASSERT(sm->ctx->set_state);
139 sm->ctx->set_state(sm->ctx->ctx, state);
142 static inline enum wpa_states wpa_sm_get_state(struct wpa_sm *sm)
144 WPA_ASSERT(sm->ctx->get_state);
145 return sm->ctx->get_state(sm->ctx->ctx);
148 static inline void wpa_sm_deauthenticate(struct wpa_sm *sm, int reason_code)
150 WPA_ASSERT(sm->ctx->deauthenticate);
151 sm->ctx->deauthenticate(sm->ctx->ctx, reason_code);
154 static inline int wpa_sm_set_key(struct wpa_sm *sm, enum wpa_alg alg,
155 const u8 *addr, int key_idx, int set_tx,
156 const u8 *seq, size_t seq_len,
157 const u8 *key, size_t key_len)
159 WPA_ASSERT(sm->ctx->set_key);
160 return sm->ctx->set_key(sm->ctx->ctx, alg, addr, key_idx, set_tx,
161 seq, seq_len, key, key_len);
164 static inline void * wpa_sm_get_network_ctx(struct wpa_sm *sm)
166 WPA_ASSERT(sm->ctx->get_network_ctx);
167 return sm->ctx->get_network_ctx(sm->ctx->ctx);
170 static inline int wpa_sm_get_bssid(struct wpa_sm *sm, u8 *bssid)
172 WPA_ASSERT(sm->ctx->get_bssid);
173 return sm->ctx->get_bssid(sm->ctx->ctx, bssid);
176 static inline int wpa_sm_ether_send(struct wpa_sm *sm, const u8 *dest,
177 u16 proto, const u8 *buf, size_t len)
179 WPA_ASSERT(sm->ctx->ether_send);
180 return sm->ctx->ether_send(sm->ctx->ctx, dest, proto, buf, len);
183 static inline int wpa_sm_get_beacon_ie(struct wpa_sm *sm)
185 WPA_ASSERT(sm->ctx->get_beacon_ie);
186 return sm->ctx->get_beacon_ie(sm->ctx->ctx);
189 static inline void wpa_sm_cancel_auth_timeout(struct wpa_sm *sm)
191 WPA_ASSERT(sm->ctx->cancel_auth_timeout);
192 sm->ctx->cancel_auth_timeout(sm->ctx->ctx);
195 static inline u8 * wpa_sm_alloc_eapol(struct wpa_sm *sm, u8 type,
196 const void *data, u16 data_len,
197 size_t *msg_len, void **data_pos)
199 WPA_ASSERT(sm->ctx->alloc_eapol);
200 return sm->ctx->alloc_eapol(sm->ctx->ctx, type, data, data_len,
204 static inline int wpa_sm_add_pmkid(struct wpa_sm *sm, const u8 *bssid,
207 WPA_ASSERT(sm->ctx->add_pmkid);
208 return sm->ctx->add_pmkid(sm->ctx->ctx, bssid, pmkid);
211 static inline int wpa_sm_remove_pmkid(struct wpa_sm *sm, const u8 *bssid,
214 WPA_ASSERT(sm->ctx->remove_pmkid);
215 return sm->ctx->remove_pmkid(sm->ctx->ctx, bssid, pmkid);
218 static inline int wpa_sm_mlme_setprotection(struct wpa_sm *sm, const u8 *addr,
219 int protect_type, int key_type)
221 WPA_ASSERT(sm->ctx->mlme_setprotection);
222 return sm->ctx->mlme_setprotection(sm->ctx->ctx, addr, protect_type,
226 static inline int wpa_sm_update_ft_ies(struct wpa_sm *sm, const u8 *md,
227 const u8 *ies, size_t ies_len)
229 if (sm->ctx->update_ft_ies)
230 return sm->ctx->update_ft_ies(sm->ctx->ctx, md, ies, ies_len);
234 static inline int wpa_sm_send_ft_action(struct wpa_sm *sm, u8 action,
236 const u8 *ies, size_t ies_len)
238 if (sm->ctx->send_ft_action)
239 return sm->ctx->send_ft_action(sm->ctx->ctx, action, target_ap,
244 static inline int wpa_sm_mark_authenticated(struct wpa_sm *sm,
247 if (sm->ctx->mark_authenticated)
248 return sm->ctx->mark_authenticated(sm->ctx->ctx, target_ap);
252 static inline void wpa_sm_set_rekey_offload(struct wpa_sm *sm)
254 if (!sm->ctx->set_rekey_offload)
256 sm->ctx->set_rekey_offload(sm->ctx->ctx, sm->ptk.kek,
257 sm->ptk.kck, sm->rx_replay_counter);
261 static inline int wpa_sm_tdls_get_capa(struct wpa_sm *sm,
265 if (sm->ctx->tdls_get_capa)
266 return sm->ctx->tdls_get_capa(sm->ctx->ctx, tdls_supported,
271 static inline int wpa_sm_send_tdls_mgmt(struct wpa_sm *sm, const u8 *dst,
272 u8 action_code, u8 dialog_token,
273 u16 status_code, const u8 *buf,
276 if (sm->ctx->send_tdls_mgmt)
277 return sm->ctx->send_tdls_mgmt(sm->ctx->ctx, dst, action_code,
278 dialog_token, status_code,
283 static inline int wpa_sm_tdls_oper(struct wpa_sm *sm, int oper,
286 if (sm->ctx->tdls_oper)
287 return sm->ctx->tdls_oper(sm->ctx->ctx, oper, peer);
292 wpa_sm_tdls_peer_addset(struct wpa_sm *sm, const u8 *addr, int add,
293 u16 capability, const u8 *supp_rates,
294 size_t supp_rates_len)
296 if (sm->ctx->tdls_peer_addset)
297 return sm->ctx->tdls_peer_addset(sm->ctx->ctx, addr, add,
298 capability, supp_rates,
302 #endif /* CONFIG_TDLS */
304 void wpa_eapol_key_send(struct wpa_sm *sm, const u8 *kck,
305 int ver, const u8 *dest, u16 proto,
306 u8 *msg, size_t msg_len, u8 *key_mic);
307 int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst,
308 const struct wpa_eapol_key *key,
309 int ver, const u8 *nonce,
310 const u8 *wpa_ie, size_t wpa_ie_len,
311 struct wpa_ptk *ptk);
312 int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst,
313 const struct wpa_eapol_key *key,
314 u16 ver, u16 key_info,
315 const u8 *kde, size_t kde_len,
316 struct wpa_ptk *ptk);
318 int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr,
319 const struct wpa_eapol_key *key,
320 struct wpa_ptk *ptk, size_t ptk_len);
322 void wpa_tdls_assoc(struct wpa_sm *sm);
323 void wpa_tdls_disassoc(struct wpa_sm *sm);