1/*
2 * sharedKeyAuthSm.c
3 *
4 * Copyright(c) 1998 - 2009 Texas Instruments. All rights reserved.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 *  * Redistributions of source code must retain the above copyright
12 *    notice, this list of conditions and the following disclaimer.
13 *  * Redistributions in binary form must reproduce the above copyright
14 *    notice, this list of conditions and the following disclaimer in
15 *    the documentation and/or other materials provided with the
16 *    distribution.
17 *  * Neither the name Texas Instruments nor the names of its
18 *    contributors may be used to endorse or promote products derived
19 *    from this software without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
24 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
25 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
26 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
27 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 */
33
34/** \file sharedKeyAuthSm.c
35 *  \brief shared key 802.11 authentication SM source
36 *
37 *  \see sharedKeyAuthSm.h
38 */
39
40
41/***************************************************************************/
42/*																		   */
43/*		MODULE:	sharedKeyAuthSm.c										   */
44/*    PURPOSE:	shared key 802.11 authentication SM source				   */
45/*																	 	   */
46/***************************************************************************/
47
48#define __FILE_ID__  FILE_ID_83
49#include "osApi.h"
50#include "paramOut.h"
51#include "timer.h"
52#include "fsm.h"
53#include "report.h"
54#include "mlmeApi.h"
55#include "authSm.h"
56#include "sharedKeyAuthSm.h"
57
58/* Constants */
59
60/** number of states in the state machine */
61#define	SHARED_KEY_AUTH_SM_NUM_STATES		4
62
63/** number of events in the state machine */
64#define	SHARED_KEY_AUTH_SM_NUM_EVENTS		8
65
66/* Enumerations */
67
68/* Typedefs */
69
70/* Structures */
71
72/* External data definitions */
73
74/* External functions definitions */
75
76/* Global variables */
77
78/* Local function prototypes */
79
80/* functions */
81
82/**
83*
84* sharedKeyAuth_smConfig - configure a new authentication SM
85*
86* \b Description:
87*
88* Configure a new authentication SM.
89*
90* \b ARGS:
91*
92*  I   - hAuth - Association SM context  \n
93*  I   - hMlme - MLME SM context  \n
94*  I   - hSiteMgr - Site manager context  \n
95*  I   - hCtrlData - Control data context  \n
96*  I   - hTxData - TX data context  \n
97*  I   - hHalCtrl - Hal control context  \n
98*  I   - hReport - Report context  \n
99*  I   - hOs - OS context  \n
100*  I   - authTimeout - Association SM timeout \n
101*  I   - authMaxCount - Max number of authentication requests to send  \n
102*
103* \b RETURNS:
104*
105*  TI_OK if successful, TI_NOK otherwise.
106*
107* \sa sharedKeyAuth_Create, sharedKeyAuth_Unload
108*/
109TI_STATUS sharedKeyAuth_Config(TI_HANDLE hAuth, TI_HANDLE hOs)
110{
111	auth_t		*pHandle;
112	TI_STATUS		status;
113	/** Main 802.1X State Machine matrix */
114	fsm_actionCell_t	sharedKeyAuth_smMatrix[SHARED_KEY_AUTH_SM_NUM_STATES][SHARED_KEY_AUTH_SM_NUM_EVENTS] =
115	{
116		/* next state and actions for IDLE state */
117		{{SHARED_KEY_AUTH_SM_STATE_WAIT_1, (fsm_Action_t)sharedKeyAuth_smStartIdle},
118		 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
119		 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
120		 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
121		 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
122		 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
123		 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
124		 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}
125		},
126		/* next state and actions for WAIT_1 state */
127		{{SHARED_KEY_AUTH_SM_STATE_WAIT_1, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
128		 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smStopWait},
129		 {SHARED_KEY_AUTH_SM_STATE_WAIT_2, (fsm_Action_t)sharedKeyAuth_smSuccess1Wait1},
130		 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smFailure1Wait1},
131		 {SHARED_KEY_AUTH_SM_STATE_WAIT_1, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
132		 {SHARED_KEY_AUTH_SM_STATE_WAIT_1, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
133		 {SHARED_KEY_AUTH_SM_STATE_WAIT_1, (fsm_Action_t)sharedKeyAuth_smTimeoutWait1},
134		 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smMaxRetryWait}
135		},
136		/* next state and actions for WAIT_2 state */
137		{{SHARED_KEY_AUTH_SM_STATE_WAIT_2, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
138		 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smStopWait},
139		 {SHARED_KEY_AUTH_SM_STATE_WAIT_2, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
140		 {SHARED_KEY_AUTH_SM_STATE_WAIT_2, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
141		 {SHARED_KEY_AUTH_SM_STATE_AUTH, (fsm_Action_t)sharedKeyAuth_smSuccess2Wait2},
142		 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smFailure2Wait2},
143		 {SHARED_KEY_AUTH_SM_STATE_WAIT_2, (fsm_Action_t)sharedKeyAuth_smTimeoutWait2},
144		 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smMaxRetryWait}
145		},
146		/* next state and actions for AUTH state */
147		{{SHARED_KEY_AUTH_SM_STATE_AUTH, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
148		 {SHARED_KEY_AUTH_SM_STATE_IDLE, (fsm_Action_t)sharedKeyAuth_smStopAuth},
149		 {SHARED_KEY_AUTH_SM_STATE_AUTH, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
150		 {SHARED_KEY_AUTH_SM_STATE_AUTH, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
151		 {SHARED_KEY_AUTH_SM_STATE_AUTH, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
152		 {SHARED_KEY_AUTH_SM_STATE_AUTH, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
153		 {SHARED_KEY_AUTH_SM_STATE_AUTH, (fsm_Action_t)sharedKeyAuth_smActionUnexpected},
154		 {SHARED_KEY_AUTH_SM_STATE_AUTH, (fsm_Action_t)sharedKeyAuth_smActionUnexpected}
155		}};
156
157
158	if (hAuth == NULL)
159	{
160		return TI_NOK;
161	}
162
163	pHandle = (auth_t*)hAuth;
164
165	status = fsm_Config(pHandle->pAuthSm, &sharedKeyAuth_smMatrix[0][0],
166						SHARED_KEY_AUTH_SM_NUM_STATES, SHARED_KEY_AUTH_SM_NUM_EVENTS, auth_skSMEvent, hOs);
167	if (status != TI_OK)
168	{
169		return TI_NOK;
170	}
171
172	pHandle->currentState = SHARED_KEY_AUTH_SM_STATE_IDLE;
173
174	return TI_OK;
175}
176
177
178TI_STATUS auth_skSMEvent(TI_UINT8 *currentState, TI_UINT8 event, TI_HANDLE hAuth)
179{
180   auth_t *pAuth = (auth_t *)hAuth;
181	TI_STATUS 		status;
182	TI_UINT8		nextState;
183
184	status = fsm_GetNextState(pAuth->pAuthSm, *currentState, event, &nextState);
185	if (status != TI_OK)
186	{
187		TRACE0(pAuth->hReport, REPORT_SEVERITY_SM, "State machine error, failed getting next state\n");
188		return(TI_NOK);
189	}
190
191	TRACE3(pAuth->hReport, REPORT_SEVERITY_INFORMATION, "auth_skSMEvent: <currentState = %d, event = %d> --> nextState = %d\n", *currentState, event, nextState);
192
193	status = fsm_Event(pAuth->pAuthSm, currentState, event, (void *)pAuth);
194
195	return status;
196}
197
198
199/**
200*
201* sharedKeyAuth_Recv - Recive a message from the AP
202*
203* \b Description:
204*
205* Parse a message form the AP and perform the appropriate event.
206*
207* \b ARGS:
208*
209*  I   - hAuth - Association SM context  \n
210*
211* \b RETURNS:
212*
213*  TI_OK if successful, TI_NOK otherwise.
214*
215* \sa sharedKeyAuth_Start, sharedKeyAuth_Stop
216*/
217TI_STATUS sharedKeyAuth_Recv(TI_HANDLE hAuth, mlmeFrameInfo_t *pFrame)
218{
219	TI_STATUS 			status = TI_NOK;
220	auth_t			*pHandle;
221	TI_UINT16			authAlgo;
222	TI_UINT16			rspSeq;
223
224	pHandle = (auth_t*)hAuth;
225
226	if (pHandle == NULL)
227	{
228		return TI_NOK;
229	}
230
231	/* check response status */
232	authAlgo = ENDIAN_HANDLE_WORD(pFrame->content.auth.authAlgo);
233	if (authAlgo != AUTH_LEGACY_SHARED_KEY)
234	{
235TRACE0(pHandle->hReport, REPORT_SEVERITY_SM, "SHARED_KEY_AUTH_SM: DEBUG recieved authentication message with wrong algorithm \n");
236		return TI_NOK;
237	}
238
239	/* check response status */
240	rspSeq  = pFrame->content.auth.seqNum;
241
242    pHandle->authData.status = pFrame->content.auth.status;
243    pHandle->authData.pChalange = (char *)(pFrame->content.auth.pChallenge->text);
244    pHandle->authData.challangeLen = pFrame->content.auth.pChallenge->hdr[1];
245
246	if (pHandle->authData.status == STATUS_SUCCESSFUL)
247	{
248		switch (rspSeq)
249		{
250		case 2:
251TRACE0(pHandle->hReport, REPORT_SEVERITY_SM, "SHARED_KEY_AUTH_SM: DEBUG Success authenticating to AP stage 1\n");
252
253			if (pFrame->content.auth.pChallenge->hdr[0] != CHALLANGE_TEXT_IE_ID)
254			{
255TRACE0(pHandle->hReport, REPORT_SEVERITY_ERROR, "SHARED_KEY_AUTH_SM: Wrong element ID for challange \n");
256				status = TI_NOK;
257				break;
258			}
259
260			status = auth_skSMEvent(&pHandle->currentState, SHARED_KEY_AUTH_SM_EVENT_SUCCESS_1, hAuth);
261			break;
262
263		case 4:
264TRACE0(pHandle->hReport, REPORT_SEVERITY_SM, "SHARED_KEY_AUTH_SM: DEBUG Success authenticating to AP stage 2\n");
265
266			status = auth_skSMEvent(&pHandle->currentState, SHARED_KEY_AUTH_SM_EVENT_SUCCESS_2, hAuth);
267			break;
268
269		default:
270TRACE0(pHandle->hReport, REPORT_SEVERITY_ERROR, "SHARED_KEY_AUTH_SM: Wrong sequence number \n");
271			status = TI_NOK;
272			break;
273		}
274	}
275
276	else
277	{
278		switch (rspSeq)
279		{
280		case 2:
281			status = auth_skSMEvent(&pHandle->currentState, SHARED_KEY_AUTH_SM_EVENT_FAIL_1, hAuth);
282			break;
283
284		case 4:
285			status = auth_skSMEvent(&pHandle->currentState, SHARED_KEY_AUTH_SM_EVENT_FAIL_2, hAuth);
286			break;
287
288		default:
289			status = TI_NOK;
290			break;
291		}
292	}
293
294	return status;
295}
296
297/* state machine functions */
298
299TI_STATUS sharedKeyAuth_smStartIdle(auth_t *hAuth)
300{
301	TI_STATUS		status;
302
303	status = sharedKeyAuth_smResetRetry(hAuth);
304	status = sharedKeyAuth_smSendAuth1(hAuth);
305	status = sharedKeyAuth_smStartTimer(hAuth);
306	status = sharedKeyAuth_smIncRetry(hAuth);
307
308	return status;
309}
310
311TI_STATUS sharedKeyAuth_smStopWait(auth_t *hAuth)
312{
313	TI_STATUS		status;
314
315	status = sharedKeyAuth_smStopTimer(hAuth);
316
317	return status;
318}
319
320TI_STATUS sharedKeyAuth_smSuccess1Wait1(auth_t *hAuth)
321{
322	TI_STATUS		status;
323
324	status = sharedKeyAuth_smResetRetry(hAuth);
325	if (status != TI_OK)
326		return status;
327	status = sharedKeyAuth_smStopTimer(hAuth);
328	if (status != TI_OK)
329		return status;
330	status = sharedKeyAuth_smSendAuth2(hAuth);
331	if (status != TI_OK)
332		return status;
333	status = sharedKeyAuth_smStartTimer(hAuth);
334	if (status != TI_OK)
335		return status;
336	status = sharedKeyAuth_smIncRetry(hAuth);
337
338	return status;
339}
340
341TI_STATUS sharedKeyAuth_smFailure1Wait1(auth_t *hAuth)
342{
343	TI_STATUS		status;
344
345	status = sharedKeyAuth_smStopTimer(hAuth);
346	status = sharedKeyAuth_smReportFailure(hAuth);
347
348	return status;
349}
350
351TI_STATUS sharedKeyAuth_smTimeoutWait1(auth_t *hAuth)
352{
353	TI_STATUS		status;
354
355	status = sharedKeyAuth_smSendAuth1(hAuth);
356	status = sharedKeyAuth_smStartTimer(hAuth);
357	status = sharedKeyAuth_smIncRetry(hAuth);
358
359	return status;
360}
361
362TI_STATUS sharedKeyAuth_smMaxRetryWait(auth_t *hAuth)
363{
364	TI_STATUS		status;
365
366	status = sharedKeyAuth_smReportFailure(hAuth);
367
368	return status;
369}
370
371TI_STATUS sharedKeyAuth_smSuccess2Wait2(auth_t *hAuth)
372{
373	TI_STATUS		status;
374
375	status = sharedKeyAuth_smStopTimer(hAuth);
376	status = sharedKeyAuth_smReportSuccess(hAuth);
377
378	return status;
379}
380
381TI_STATUS sharedKeyAuth_smFailure2Wait2(auth_t *hAuth)
382{
383	TI_STATUS		status;
384
385	status = sharedKeyAuth_smStopTimer(hAuth);
386	status = sharedKeyAuth_smReportFailure(hAuth);
387
388	return status;
389}
390
391TI_STATUS sharedKeyAuth_smTimeoutWait2(auth_t *hAuth)
392{
393	TI_STATUS		status;
394
395	status = sharedKeyAuth_smSendAuth2(hAuth);
396	status = sharedKeyAuth_smStartTimer(hAuth);
397	status = sharedKeyAuth_smIncRetry(hAuth);
398
399	return status;
400}
401
402/* action routines for authentication SM */
403
404TI_STATUS sharedKeyAuth_smSendAuth1(auth_t *hAuth)
405{
406	TI_STATUS		status;
407
408	status = auth_smMsgBuild(hAuth, 1, 0, NULL, 0);
409
410	return status;
411}
412
413TI_STATUS sharedKeyAuth_smSendAuth2(auth_t *hAuth)
414{
415	TI_STATUS		status;
416
417	/* GET SECRET  */
418
419	/* ENCRYPT CHALLANGE WITH SECRET */
420
421	status = auth_smMsgBuild(hAuth, 3, 0, (TI_UINT8 *)(hAuth->authData.pChalange), hAuth->authData.challangeLen);
422
423	return status;
424}
425
426TI_STATUS sharedKeyAuth_smStopAuth(auth_t *hAuth)
427{
428	return TI_OK;
429}
430
431TI_STATUS sharedKeyAuth_smActionUnexpected(auth_t *hAuth)
432{
433	return TI_OK;
434}
435
436/* local functions */
437
438
439TI_STATUS sharedKeyAuth_smResetRetry(auth_t *hAuth)
440{
441	if (hAuth == NULL)
442	{
443		return TI_NOK;
444	}
445
446	hAuth->retryCount = 0;
447
448	return TI_OK;
449}
450
451TI_STATUS sharedKeyAuth_smIncRetry(auth_t *hAuth)
452{
453	if (hAuth == NULL)
454	{
455		return TI_NOK;
456	}
457
458	hAuth->retryCount++;
459
460	return TI_OK;
461}
462
463TI_STATUS sharedKeyAuth_smReportSuccess(auth_t *hAuth)
464{
465	TI_STATUS 		status;
466
467	if (hAuth == NULL)
468	{
469		return TI_NOK;
470	}
471
472	status = mlme_reportAuthStatus(hAuth->hMlme, hAuth->authData.status);
473
474	return status;
475}
476
477TI_STATUS sharedKeyAuth_smReportFailure(auth_t *hAuth)
478{
479	TI_STATUS 		status;
480
481	if (hAuth == NULL)
482	{
483		return TI_NOK;
484	}
485
486	status = mlme_reportAuthStatus(hAuth->hMlme, hAuth->authData.status);
487
488	return status;
489}
490
491TI_STATUS sharedKeyAuth_smStartTimer(auth_t *hAuth)
492{
493	if (hAuth == NULL)
494	{
495		return TI_NOK;
496	}
497
498    tmr_StartTimer (hAuth->hAuthSmTimer,
499                    auth_smTimeout,
500                    (TI_HANDLE)hAuth,
501                    hAuth->timeout,
502                    TI_FALSE);
503
504	return TI_OK;
505}
506
507TI_STATUS sharedKeyAuth_smStopTimer(auth_t *hAuth)
508{
509	if (hAuth == NULL)
510	{
511		return TI_NOK;
512	}
513
514	tmr_StopTimer (hAuth->hAuthSmTimer);
515
516	return TI_OK;
517}
518
519TI_STATUS sharedKey_Timeout(auth_t *pAuth)
520{
521	if (pAuth->retryCount >= pAuth->maxCount)
522	{
523		pAuth->authData.status = STATUS_PACKET_REJ_TIMEOUT;
524		return auth_skSMEvent(&pAuth->currentState, SHARED_KEY_AUTH_SM_EVENT_MAX_RETRY, pAuth);
525	}
526
527	return auth_skSMEvent(&pAuth->currentState, SHARED_KEY_AUTH_SM_EVENT_TIMEOUT, pAuth);
528}
529
530
531