src/pasn/pasn_common.h - platform/external/wpa_supplicant_8 - Gitiles

 /*
  * PASN info for initiator and responder
  *
  * Copyright (C) 2019, Intel Corporation
  * Copyright (c) 2022, Jouni Malinen <j@w1.fi>
  * Copyright (C) 2022, Qualcomm Innovation Center, Inc.
  *
  * This software may be distributed under the terms of the BSD license.
  * See README for more details.
  */

 #ifndef PASN_COMMON_H
 #define PASN_COMMON_H

 #ifdef __cplusplus
 extern "C" {
 #endif

 #ifdef CONFIG_PASN

 enum pasn_fils_state {
 	PASN_FILS_STATE_NONE = 0,
 	PASN_FILS_STATE_PENDING_AS,
 	PASN_FILS_STATE_COMPLETE
 };

 struct pasn_fils {
 	u8 state;
 	u8 nonce[FILS_NONCE_LEN];
 	u8 anonce[FILS_NONCE_LEN];
 	u8 session[FILS_SESSION_LEN];
 	u8 erp_pmkid[PMKID_LEN];
 	bool completed;
 	struct wpabuf *erp_resp;
 };

 struct pasn_data {
 	int akmp;
 	int cipher;
 	u16 group;
 	bool secure_ltf;
 	int freq;
 	size_t kdk_len;

 	u8 trans_seq;
 	u8 status;

 	u8 own_addr[ETH_ALEN];
 	u8 peer_addr[ETH_ALEN];
 	u8 bssid[ETH_ALEN];
 	size_t pmk_len;
 	u8 pmk[PMK_LEN_MAX];
 	bool using_pmksa;

 	u8 hash[SHA384_MAC_LEN];

 	struct wpabuf *beacon_rsne_rsnxe;
 	struct wpa_ptk ptk;
 	struct crypto_ecdh *ecdh;

 	struct wpabuf *comeback;
 	u16 comeback_after;

 #ifdef CONFIG_SAE
 	struct sae_data sae;
 	struct sae_pt *pt;
 #endif /* CONFIG_SAE */

 #ifdef CONFIG_FILS
 	bool fils_eapol;
 	bool fils_wd_valid;
 	struct pasn_fils fils;
 #endif /* CONFIG_FILS */

 #ifdef CONFIG_IEEE80211R
 	u8 pmk_r1[PMK_LEN_MAX];
 	size_t pmk_r1_len;
 	u8 pmk_r1_name[WPA_PMK_NAME_LEN];
 #endif /* CONFIG_IEEE80211R */
 	/* Note that this pointers to RSN PMKSA cache are actually defined
 	 * differently for the PASN initiator (using RSN Supplicant
 	 * implementation) and PASN responser (using RSN Authenticator
 	 * implementation). Functions cannot be mixed between those cases. */
 	struct rsn_pmksa_cache *pmksa;
 	struct rsn_pmksa_cache_entry *pmksa_entry;
 	struct eapol_sm *eapol;
 	int fast_reauth;
 #ifdef CONFIG_TESTING_OPTIONS
 	int corrupt_mic;
 #endif /* CONFIG_TESTING_OPTIONS */
 	void *cb_ctx;
 	u16 rsnxe_capab;
 	int network_id;

 	u8 wrapped_data_format;
 	struct wpabuf *secret;

 	/* Reponder */
 	int wpa_key_mgmt;
 	int rsn_pairwise;
 	bool derive_kdk;
 	const char *password;
 	int disable_pmksa_caching;
 	int *pasn_groups;
 	struct wpabuf *wrapped_data;
 	int use_anti_clogging;
 	const u8 *rsn_ie;
 	const u8 *rsnxe_ie;
 	size_t rsn_ie_len;

 	u8 *comeback_key;
 	struct os_reltime last_comeback_key_update;
 	u16 comeback_idx;
 	u16 *comeback_pending_idx;

 	bool custom_pmkid_valid;
 	u8 custom_pmkid[PMKID_LEN];

 	/**
 	 * Extra elements to add into Authentication frames. These can be used,
 	 * e.g., for Wi-Fi Aware use cases.
 	 */
 	const u8 *extra_ies;
 	size_t extra_ies_len;

 	/**
 	 * send_mgmt - Function handler to transmit a Management frame
 	 * @ctx: Callback context from cb_ctx
 	 * @frame_buf : Frame to transmit
 	 * @frame_len: Length of frame to transmit
 	 * @freq: Frequency in MHz for the channel on which to transmit
 	 * @wait_dur: How many milliseconds to wait for a response frame
 	 * Returns: 0 on success, -1 on failure
 	 */
 	int (*send_mgmt)(void *ctx, const u8 *data, size_t data_len, int noack,
 			 unsigned int freq, unsigned int wait);
 	/**
 	 * validate_custom_pmkid - Handler to validate vendor specific PMKID
 	 * @ctx: Callback context from cb_ctx
 	 * @addr : MAC address of the peer
 	 * @pmkid: Custom PMKID
 	 * Returns: 0 on success (valid PMKID), -1 on failure
 	 */
 	int (*validate_custom_pmkid)(void *ctx, const u8 *addr,
 				     const u8 *pmkid);
 };

 /* Initiator */

 void wpa_pasn_reset(struct pasn_data *pasn);
 int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr,
 		    const u8 *peer_addr, const u8 *bssid,
 		    int akmp, int cipher, u16 group,
 		    int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
 		    const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
 		    const struct wpabuf *comeback);
 int wpa_pasn_verify(struct pasn_data *pasn, const u8 *own_addr,
 		    const u8 *peer_addr, const u8 *bssid,
 		    int akmp, int cipher, u16 group,
 		    int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
 		    const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
 		    const struct wpabuf *comeback);
 int wpa_pasn_auth_rx(struct pasn_data *pasn, const u8 *data, size_t len,
 		     struct wpa_pasn_params_data *pasn_params);
 int wpa_pasn_auth_tx_status(struct pasn_data *pasn,
 			    const u8 *data, size_t data_len, u8 acked);

 /* Responder */
 int handle_auth_pasn_1(struct pasn_data *pasn,
 		       const u8 *own_addr, const u8 *peer_addr,
 		       const struct ieee80211_mgmt *mgmt, size_t len);
 int handle_auth_pasn_3(struct pasn_data *pasn, const u8 *own_addr,
 		       const u8 *peer_addr,
 		       const struct ieee80211_mgmt *mgmt, size_t len);
 int handle_auth_pasn_resp(struct pasn_data *pasn, const u8 *own_addr,
 			  const u8 *peer_addr,
 			  struct rsn_pmksa_cache_entry *pmksa, u16 status);

 #endif /* CONFIG_PASN */

 #ifdef __cplusplus
 }
 #endif
 #endif /* PASN_COMMON_H */
	/*
	* PASN info for initiator and responder
	*
	* Copyright (C) 2019, Intel Corporation
	* Copyright (c) 2022, Jouni Malinen <j@w1.fi>
	* Copyright (C) 2022, Qualcomm Innovation Center, Inc.
	*
	* This software may be distributed under the terms of the BSD license.
	* See README for more details.
	*/

	#ifndef PASN_COMMON_H
	#define PASN_COMMON_H

	#ifdef __cplusplus
	extern "C" {
	#endif

	#ifdef CONFIG_PASN

	enum pasn_fils_state {
	PASN_FILS_STATE_NONE = 0,
	PASN_FILS_STATE_PENDING_AS,
	PASN_FILS_STATE_COMPLETE
	};

	struct pasn_fils {
	u8 state;
	u8 nonce[FILS_NONCE_LEN];
	u8 anonce[FILS_NONCE_LEN];
	u8 session[FILS_SESSION_LEN];
	u8 erp_pmkid[PMKID_LEN];
	bool completed;
	struct wpabuf *erp_resp;
	};

	struct pasn_data {
	int akmp;
	int cipher;
	u16 group;
	bool secure_ltf;
	int freq;
	size_t kdk_len;

	u8 trans_seq;
	u8 status;

	u8 own_addr[ETH_ALEN];
	u8 peer_addr[ETH_ALEN];
	u8 bssid[ETH_ALEN];
	size_t pmk_len;
	u8 pmk[PMK_LEN_MAX];
	bool using_pmksa;

	u8 hash[SHA384_MAC_LEN];

	struct wpabuf *beacon_rsne_rsnxe;
	struct wpa_ptk ptk;
	struct crypto_ecdh *ecdh;

	struct wpabuf *comeback;
	u16 comeback_after;

	#ifdef CONFIG_SAE
	struct sae_data sae;
	struct sae_pt *pt;
	#endif /* CONFIG_SAE */

	#ifdef CONFIG_FILS
	bool fils_eapol;
	bool fils_wd_valid;
	struct pasn_fils fils;
	#endif /* CONFIG_FILS */

	#ifdef CONFIG_IEEE80211R
	u8 pmk_r1[PMK_LEN_MAX];
	size_t pmk_r1_len;
	u8 pmk_r1_name[WPA_PMK_NAME_LEN];
	#endif /* CONFIG_IEEE80211R */
	/* Note that this pointers to RSN PMKSA cache are actually defined
	* differently for the PASN initiator (using RSN Supplicant
	* implementation) and PASN responser (using RSN Authenticator
	* implementation). Functions cannot be mixed between those cases. */
	struct rsn_pmksa_cache *pmksa;
	struct rsn_pmksa_cache_entry *pmksa_entry;
	struct eapol_sm *eapol;
	int fast_reauth;
	#ifdef CONFIG_TESTING_OPTIONS
	int corrupt_mic;
	#endif /* CONFIG_TESTING_OPTIONS */
	void *cb_ctx;
	u16 rsnxe_capab;
	int network_id;

	u8 wrapped_data_format;
	struct wpabuf *secret;

	/* Reponder */
	int wpa_key_mgmt;
	int rsn_pairwise;
	bool derive_kdk;
	const char *password;
	int disable_pmksa_caching;
	int *pasn_groups;
	struct wpabuf *wrapped_data;
	int use_anti_clogging;
	const u8 *rsn_ie;
	const u8 *rsnxe_ie;
	size_t rsn_ie_len;

	u8 *comeback_key;
	struct os_reltime last_comeback_key_update;
	u16 comeback_idx;
	u16 *comeback_pending_idx;

	bool custom_pmkid_valid;
	u8 custom_pmkid[PMKID_LEN];

	/**
	* Extra elements to add into Authentication frames. These can be used,
	* e.g., for Wi-Fi Aware use cases.
	*/
	const u8 *extra_ies;
	size_t extra_ies_len;

	/**
	* send_mgmt - Function handler to transmit a Management frame
	* @ctx: Callback context from cb_ctx
	* @frame_buf : Frame to transmit
	* @frame_len: Length of frame to transmit
	* @freq: Frequency in MHz for the channel on which to transmit
	* @wait_dur: How many milliseconds to wait for a response frame
	* Returns: 0 on success, -1 on failure
	*/
	int (send_mgmt)(void ctx, const u8 *data, size_t data_len, int noack,
	unsigned int freq, unsigned int wait);
	/**
	* validate_custom_pmkid - Handler to validate vendor specific PMKID
	* @ctx: Callback context from cb_ctx
	* @addr : MAC address of the peer
	* @pmkid: Custom PMKID
	* Returns: 0 on success (valid PMKID), -1 on failure
	*/
	int (validate_custom_pmkid)(void ctx, const u8 *addr,
	const u8 *pmkid);
	};

	/* Initiator */

	void wpa_pasn_reset(struct pasn_data *pasn);
	int wpas_pasn_start(struct pasn_data pasn, const u8 own_addr,
	const u8 peer_addr, const u8 bssid,
	int akmp, int cipher, u16 group,
	int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
	const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
	const struct wpabuf *comeback);
	int wpa_pasn_verify(struct pasn_data pasn, const u8 own_addr,
	const u8 peer_addr, const u8 bssid,
	int akmp, int cipher, u16 group,
	int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
	const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
	const struct wpabuf *comeback);
	int wpa_pasn_auth_rx(struct pasn_data pasn, const u8 data, size_t len,
	struct wpa_pasn_params_data *pasn_params);
	int wpa_pasn_auth_tx_status(struct pasn_data *pasn,
	const u8 *data, size_t data_len, u8 acked);

	/* Responder */
	int handle_auth_pasn_1(struct pasn_data *pasn,
	const u8 own_addr, const u8 peer_addr,
	const struct ieee80211_mgmt *mgmt, size_t len);
	int handle_auth_pasn_3(struct pasn_data pasn, const u8 own_addr,
	const u8 *peer_addr,
	const struct ieee80211_mgmt *mgmt, size_t len);
	int handle_auth_pasn_resp(struct pasn_data pasn, const u8 own_addr,
	const u8 *peer_addr,
	struct rsn_pmksa_cache_entry *pmksa, u16 status);

	#endif /* CONFIG_PASN */

	#ifdef __cplusplus
	}
	#endif
	#endif /* PASN_COMMON_H */