Lines Matching refs:wps
19 static int wps_build_wps_state(struct wps_data *wps, struct wpabuf *msg)
22 if (wps->wps->ap)
23 state = wps->wps->wps_state;
35 static int wps_build_e_hash(struct wps_data *wps, struct wpabuf *msg)
41 if (random_get_bytes(wps->snonce, 2 * WPS_SECRET_NONCE_LEN) < 0)
43 wpa_hexdump(MSG_DEBUG, "WPS: E-S1", wps->snonce, WPS_SECRET_NONCE_LEN);
45 wps->snonce + WPS_SECRET_NONCE_LEN, WPS_SECRET_NONCE_LEN);
47 if (wps->dh_pubkey_e == NULL || wps->dh_pubkey_r == NULL) {
58 addr[0] = wps->snonce;
60 addr[1] = wps->psk1;
62 addr[2] = wpabuf_head(wps->dh_pubkey_e);
63 len[2] = wpabuf_len(wps->dh_pubkey_e);
64 addr[3] = wpabuf_head(wps->dh_pubkey_r);
65 len[3] = wpabuf_len(wps->dh_pubkey_r);
66 hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 4, addr, len, hash);
74 addr[0] = wps->snonce + WPS_SECRET_NONCE_LEN;
75 addr[1] = wps->psk2;
76 hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 4, addr, len, hash);
83 static int wps_build_e_snonce1(struct wps_data *wps, struct wpabuf *msg)
88 wpabuf_put_data(msg, wps->snonce, WPS_SECRET_NONCE_LEN);
93 static int wps_build_e_snonce2(struct wps_data *wps, struct wpabuf *msg)
98 wpabuf_put_data(msg, wps->snonce + WPS_SECRET_NONCE_LEN,
104 static struct wpabuf * wps_build_m1(struct wps_data *wps)
109 if (random_get_bytes(wps->nonce_e, WPS_NONCE_LEN) < 0)
112 wps->nonce_e, WPS_NONCE_LEN);
119 config_methods = wps->wps->config_methods;
120 if (wps->wps->ap && !wps->pbc_in_m1 &&
121 (wps->dev_password_len != 0 ||
141 wps_build_uuid_e(msg, wps->uuid_e) ||
142 wps_build_mac_addr(msg, wps->mac_addr_e) ||
143 wps_build_enrollee_nonce(wps, msg) ||
144 wps_build_public_key(wps, msg) ||
145 wps_build_auth_type_flags(wps, msg) ||
146 wps_build_encr_type_flags(wps, msg) ||
147 wps_build_conn_type_flags(wps, msg) ||
149 wps_build_wps_state(wps, msg) ||
150 wps_build_device_attrs(&wps->wps->dev, msg) ||
151 wps_build_rf_bands(&wps->wps->dev, msg,
152 wps->wps->rf_band_cb(wps->wps->cb_ctx)) ||
153 wps_build_assoc_state(wps, msg) ||
154 wps_build_dev_password_id(msg, wps->dev_pw_id) ||
156 wps_build_os_version(&wps->wps->dev, msg) ||
158 wps_build_vendor_ext_m1(&wps->wps->dev, msg)) {
163 wps->state = RECV_M2;
168 static struct wpabuf * wps_build_m3(struct wps_data *wps)
174 if (wps->dev_password == NULL) {
178 wps_derive_psk(wps, wps->dev_password, wps->dev_password_len);
186 wps_build_registrar_nonce(wps, msg) ||
187 wps_build_e_hash(wps, msg) ||
189 wps_build_authenticator(wps, msg)) {
194 wps->state = RECV_M4;
199 static struct wpabuf * wps_build_m5(struct wps_data *wps)
217 wps_build_registrar_nonce(wps, msg) ||
218 wps_build_e_snonce1(wps, plain) ||
219 wps_build_key_wrap_auth(wps, plain) ||
220 wps_build_encr_settings(wps, msg, plain) ||
222 wps_build_authenticator(wps, msg)) {
229 wps->state = RECV_M6;
234 static int wps_build_cred_ssid(struct wps_data *wps, struct wpabuf *msg)
238 wpabuf_put_be16(msg, wps->wps->ssid_len);
239 wpabuf_put_data(msg, wps->wps->ssid, wps->wps->ssid_len);
244 static int wps_build_cred_auth_type(struct wps_data *wps, struct wpabuf *msg)
246 u16 auth_type = wps->wps->auth_types;
266 static int wps_build_cred_encr_type(struct wps_data *wps, struct wpabuf *msg)
268 u16 encr_type = wps->wps->encr_types;
271 if (wps->wps->auth_types & (WPS_AUTH_WPA2PSK | WPS_AUTH_WPAPSK)) {
291 static int wps_build_cred_network_key(struct wps_data *wps, struct wpabuf *msg)
295 wpabuf_put_be16(msg, wps->wps->network_key_len);
296 wpabuf_put_data(msg, wps->wps->network_key, wps->wps->network_key_len);
301 static int wps_build_cred_mac_addr(struct wps_data *wps, struct wpabuf *msg)
306 wpabuf_put_data(msg, wps->wps->dev.mac_addr, ETH_ALEN);
311 static int wps_build_ap_settings(struct wps_data *wps, struct wpabuf *plain)
313 if (wps->wps->ap_settings) {
315 wpabuf_put_data(plain, wps->wps->ap_settings,
316 wps->wps->ap_settings_len);
320 return wps_build_cred_ssid(wps, plain) ||
321 wps_build_cred_mac_addr(wps, plain) ||
322 wps_build_cred_auth_type(wps, plain) ||
323 wps_build_cred_encr_type(wps, plain) ||
324 wps_build_cred_network_key(wps, plain);
328 static struct wpabuf * wps_build_m7(struct wps_data *wps)
334 plain = wpabuf_alloc(500 + wps->wps->ap_settings_len);
338 msg = wpabuf_alloc(1000 + wps->wps->ap_settings_len);
346 wps_build_registrar_nonce(wps, msg) ||
347 wps_build_e_snonce2(wps, plain) ||
348 (wps->wps->ap && wps_build_ap_settings(wps, plain)) ||
349 wps_build_key_wrap_auth(wps, plain) ||
350 wps_build_encr_settings(wps, msg, plain) ||
352 wps_build_authenticator(wps, msg)) {
359 if (wps->wps->ap && wps->wps->registrar) {
365 wps_device_store(wps->wps->registrar, &wps->peer_dev,
366 wps->uuid_r);
369 wps->state = RECV_M8;
374 static struct wpabuf * wps_build_wsc_done(struct wps_data *wps)
386 wps_build_enrollee_nonce(wps, msg) ||
387 wps_build_registrar_nonce(wps, msg) ||
393 if (wps->wps->ap)
394 wps->state = RECV_ACK;
396 wps_success_event(wps->wps, wps->peer_dev.mac_addr);
397 wps->state = WPS_FINISHED;
403 struct wpabuf * wps_enrollee_get_msg(struct wps_data *wps,
408 switch (wps->state) {
410 msg = wps_build_m1(wps);
414 msg = wps_build_m3(wps);
418 msg = wps_build_m5(wps);
422 msg = wps_build_m7(wps);
426 if (wps->wps->ap) {
427 msg = wps_build_wsc_nack(wps);
431 msg = wps_build_wsc_ack(wps);
435 wps->state = RECV_M2;
439 msg = wps_build_wsc_nack(wps);
443 msg = wps_build_wsc_done(wps);
448 "a message", wps->state);
456 wpabuf_free(wps->last_msg);
457 wps->last_msg = wpabuf_dup(msg);
464 static int wps_process_registrar_nonce(struct wps_data *wps, const u8 *r_nonce)
471 os_memcpy(wps->nonce_r, r_nonce, WPS_NONCE_LEN);
473 wps->nonce_r, WPS_NONCE_LEN);
479 static int wps_process_enrollee_nonce(struct wps_data *wps, const u8 *e_nonce)
486 if (os_memcmp(wps->nonce_e, e_nonce, WPS_NONCE_LEN) != 0) {
495 static int wps_process_uuid_r(struct wps_data *wps, const u8 *uuid_r)
502 os_memcpy(wps->uuid_r, uuid_r, WPS_UUID_LEN);
503 wpa_hexdump(MSG_DEBUG, "WPS: UUID-R", wps->uuid_r, WPS_UUID_LEN);
509 static int wps_process_pubkey(struct wps_data *wps, const u8 *pk,
517 wpabuf_free(wps->dh_pubkey_r);
518 wps->dh_pubkey_r = wpabuf_alloc_copy(pk, pk_len);
519 if (wps->dh_pubkey_r == NULL)
522 if (wps_derive_keys(wps) < 0)
529 static int wps_process_r_hash1(struct wps_data *wps, const u8 *r_hash1)
536 os_memcpy(wps->peer_hash1, r_hash1, WPS_HASH_LEN);
537 wpa_hexdump(MSG_DEBUG, "WPS: R-Hash1", wps->peer_hash1, WPS_HASH_LEN);
543 static int wps_process_r_hash2(struct wps_data *wps, const u8 *r_hash2)
550 os_memcpy(wps->peer_hash2, r_hash2, WPS_HASH_LEN);
551 wpa_hexdump(MSG_DEBUG, "WPS: R-Hash2", wps->peer_hash2, WPS_HASH_LEN);
557 static int wps_process_r_snonce1(struct wps_data *wps, const u8 *r_snonce1)
574 addr[1] = wps->psk1;
576 addr[2] = wpabuf_head(wps->dh_pubkey_e);
577 len[2] = wpabuf_len(wps->dh_pubkey_e);
578 addr[3] = wpabuf_head(wps->dh_pubkey_r);
579 len[3] = wpabuf_len(wps->dh_pubkey_r);
580 hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 4, addr, len, hash);
582 if (os_memcmp(wps->peer_hash1, hash, WPS_HASH_LEN) != 0) {
585 wps->config_error = WPS_CFG_DEV_PASSWORD_AUTH_FAILURE;
586 wps_pwd_auth_fail_event(wps->wps, 1, 1, wps->peer_dev.mac_addr);
597 static int wps_process_r_snonce2(struct wps_data *wps, const u8 *r_snonce2)
614 addr[1] = wps->psk2;
616 addr[2] = wpabuf_head(wps->dh_pubkey_e);
617 len[2] = wpabuf_len(wps->dh_pubkey_e);
618 addr[3] = wpabuf_head(wps->dh_pubkey_r);
619 len[3] = wpabuf_len(wps->dh_pubkey_r);
620 hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 4, addr, len, hash);
622 if (os_memcmp(wps->peer_hash2, hash, WPS_HASH_LEN) != 0) {
625 wps->config_error = WPS_CFG_DEV_PASSWORD_AUTH_FAILURE;
626 wps_pwd_auth_fail_event(wps->wps, 1, 2, wps->peer_dev.mac_addr);
637 static int wps_process_cred_e(struct wps_data *wps, const u8 *cred,
645 os_memset(&wps->cred, 0, sizeof(wps->cred));
648 wps_process_cred(&attr, &wps->cred))
651 if (os_memcmp(wps->cred.mac_addr, wps->wps->dev.mac_addr, ETH_ALEN) !=
655 ")", MAC2STR(wps->cred.mac_addr),
656 MAC2STR(wps->wps->dev.mac_addr));
674 if (!(wps->cred.encr_type &
676 if (wps->cred.encr_type & WPS_ENCR_WEP) {
679 wps->error_indication = WPS_EI_SECURITY_WEP_PROHIBITED;
684 "invalid encr_type 0x%x", wps->cred.encr_type);
689 if (wps->wps->cred_cb) {
690 wps->cred.cred_attr = cred - 4;
691 wps->cred.cred_attr_len = cred_len + 4;
692 ret = wps->wps->cred_cb(wps->wps->cb_ctx, &wps->cred);
693 wps->cred.cred_attr = NULL;
694 wps->cred.cred_attr_len = 0;
701 static int wps_process_creds(struct wps_data *wps, const u8 *cred[],
707 if (wps->wps->ap)
718 res = wps_process_cred_e(wps, cred[i], cred_len[i], wps2);
737 static int wps_process_ap_settings_e(struct wps_data *wps,
743 if (!wps->wps->ap)
752 if (os_memcmp(cred.mac_addr, wps->wps->dev.mac_addr, ETH_ALEN) !=
757 MAC2STR(wps->wps->dev.mac_addr));
780 wps->error_indication = WPS_EI_SECURITY_WEP_PROHIBITED;
798 wps->error_indication =
821 if (wps->wps->cred_cb) {
824 wps->wps->cred_cb(wps->wps->cb_ctx, &cred);
831 static int wps_process_dev_pw_id(struct wps_data *wps, const u8 *dev_pw_id)
841 if (wps->dev_pw_id == id) {
848 wps->dev_pw_id == DEV_PW_REGISTRAR_SPECIFIED) ||
850 wps->dev_pw_id == DEV_PW_DEFAULT)) {
865 "ID from %u to %u", wps->dev_pw_id, id);
867 if (wps->alt_dev_password && wps->alt_dev_pw_id == id) {
869 os_free(wps->dev_password);
870 wps->dev_pw_id = wps->alt_dev_pw_id;
871 wps->dev_password = wps->alt_dev_password;
872 wps->dev_password_len = wps->alt_dev_password_len;
873 wps->alt_dev_password = NULL;
874 wps->alt_dev_password_len = 0;
882 static enum wps_process_res wps_process_m2(struct wps_data *wps,
888 if (wps->state != RECV_M2) {
890 "receiving M2", wps->state);
891 wps->state = SEND_WSC_NACK;
895 if (wps_process_registrar_nonce(wps, attr->registrar_nonce) ||
896 wps_process_enrollee_nonce(wps, attr->enrollee_nonce) ||
897 wps_process_uuid_r(wps, attr->uuid_r) ||
898 wps_process_dev_pw_id(wps, attr->dev_password_id)) {
899 wps->state = SEND_WSC_NACK;
909 if (wps->wps->ap &&
910 ((wps->wps->ap_setup_locked && wps->wps->ap_setup_locked != 2) ||
911 wps->dev_password == NULL)) {
914 wps->config_error = WPS_CFG_SETUP_LOCKED;
915 wps->state = SEND_WSC_NACK;
919 if (wps_process_pubkey(wps, attr->public_key, attr->public_key_len) ||
920 wps_process_authenticator(wps, attr->authenticator, msg) ||
921 wps_process_device_attrs(&wps->peer_dev, attr)) {
922 wps->state = SEND_WSC_NACK;
926 wps->state = SEND_M3;
931 static enum wps_process_res wps_process_m2d(struct wps_data *wps,
936 if (wps->state != RECV_M2) {
938 "receiving M2D", wps->state);
939 wps->state = SEND_WSC_NACK;
954 if (wps->wps->event_cb) {
978 wps->wps->event_cb(wps->wps->cb_ctx, WPS_EV_M2D, &data);
981 wps->state = RECEIVED_M2D;
986 static enum wps_process_res wps_process_m4(struct wps_data *wps,
995 if (wps->state != RECV_M4) {
997 "receiving M4", wps->state);
998 wps->state = SEND_WSC_NACK;
1002 if (wps_process_enrollee_nonce(wps, attr->enrollee_nonce) ||
1003 wps_process_authenticator(wps, attr->authenticator, msg) ||
1004 wps_process_r_hash1(wps, attr->r_hash1) ||
1005 wps_process_r_hash2(wps, attr->r_hash2)) {
1006 wps->state = SEND_WSC_NACK;
1010 decrypted = wps_decrypt_encr_settings(wps, attr->encr_settings,
1015 wps->state = SEND_WSC_NACK;
1021 wps->state = SEND_WSC_NACK;
1028 wps_process_key_wrap_auth(wps, decrypted, eattr.key_wrap_auth) ||
1029 wps_process_r_snonce1(wps, eattr.r_snonce1)) {
1031 wps->state = SEND_WSC_NACK;
1036 wps->state = SEND_M5;
1041 static enum wps_process_res wps_process_m6(struct wps_data *wps,
1050 if (wps->state != RECV_M6) {
1052 "receiving M6", wps->state);
1053 wps->state = SEND_WSC_NACK;
1057 if (wps_process_enrollee_nonce(wps, attr->enrollee_nonce) ||
1058 wps_process_authenticator(wps, attr->authenticator, msg)) {
1059 wps->state = SEND_WSC_NACK;
1063 decrypted = wps_decrypt_encr_settings(wps, attr->encr_settings,
1068 wps->state = SEND_WSC_NACK;
1074 wps->state = SEND_WSC_NACK;
1081 wps_process_key_wrap_auth(wps, decrypted, eattr.key_wrap_auth) ||
1082 wps_process_r_snonce2(wps, eattr.r_snonce2)) {
1084 wps->state = SEND_WSC_NACK;
1089 if (wps->wps->ap)
1090 wps->wps->event_cb(wps->wps->cb_ctx, WPS_EV_AP_PIN_SUCCESS,
1093 wps->state = SEND_M7;
1098 static enum wps_process_res wps_process_m8(struct wps_data *wps,
1107 if (wps->state != RECV_M8) {
1109 "receiving M8", wps->state);
1110 wps->state = SEND_WSC_NACK;
1114 if (wps_process_enrollee_nonce(wps, attr->enrollee_nonce) ||
1115 wps_process_authenticator(wps, attr->authenticator, msg)) {
1116 wps->state = SEND_WSC_NACK;
1120 if (wps->wps->ap && wps->wps->ap_setup_locked) {
1128 wps->config_error = WPS_CFG_SETUP_LOCKED;
1129 wps->state = SEND_WSC_NACK;
1133 decrypted = wps_decrypt_encr_settings(wps, attr->encr_settings,
1138 wps->state = SEND_WSC_NACK;
1142 if (wps_validate_m8_encr(decrypted, wps->wps->ap,
1145 wps->state = SEND_WSC_NACK;
1152 wps_process_key_wrap_auth(wps, decrypted, eattr.key_wrap_auth) ||
1153 wps_process_creds(wps, eattr.cred, eattr.cred_len,
1155 wps_process_ap_settings_e(wps, &eattr, decrypted,
1158 wps->state = SEND_WSC_NACK;
1163 wps->state = WPS_MSG_DONE;
1168 static enum wps_process_res wps_process_wsc_msg(struct wps_data *wps,
1180 os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
1187 wps->state = SEND_WSC_NACK;
1195 ret = wps_process_m2(wps, msg, &attr);
1200 ret = wps_process_m2d(wps, &attr);
1205 ret = wps_process_m4(wps, msg, &attr);
1206 if (ret == WPS_FAILURE || wps->state == SEND_WSC_NACK)
1207 wps_fail_event(wps->wps, WPS_M4, wps->config_error,
1208 wps->error_indication,
1209 wps->peer_dev.mac_addr);
1214 ret = wps_process_m6(wps, msg, &attr);
1215 if (ret == WPS_FAILURE || wps->state == SEND_WSC_NACK)
1216 wps_fail_event(wps->wps, WPS_M6, wps->config_error,
1217 wps->error_indication,
1218 wps->peer_dev.mac_addr);
1223 ret = wps_process_m8(wps, msg, &attr);
1224 if (ret == WPS_FAILURE || wps->state == SEND_WSC_NACK)
1225 wps_fail_event(wps->wps, WPS_M8, wps->config_error,
1226 wps->error_indication,
1227 wps->peer_dev.mac_addr);
1245 wpabuf_free(wps->last_msg);
1246 wps->last_msg = wpabuf_dup(msg);
1253 static enum wps_process_res wps_process_wsc_ack(struct wps_data *wps,
1275 os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0)
1282 os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
1287 if (wps->state == RECV_ACK && wps->wps->ap) {
1290 wps_success_event(wps->wps, wps->peer_dev.mac_addr);
1291 wps->state = WPS_FINISHED;
1299 static enum wps_process_res wps_process_wsc_nack(struct wps_data *wps,
1322 os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0)
1328 wps->nonce_r, WPS_NONCE_LEN);
1333 os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
1338 wps->nonce_e, WPS_NONCE_LEN);
1352 switch (wps->state) {
1354 wps_fail_event(wps->wps, WPS_M3, config_error,
1355 wps->error_indication, wps->peer_dev.mac_addr);
1358 wps_fail_event(wps->wps, WPS_M5, config_error,
1359 wps->error_indication, wps->peer_dev.mac_addr);
1362 wps_fail_event(wps->wps, WPS_M7, config_error,
1363 wps->error_indication, wps->peer_dev.mac_addr);
1371 wps->state = SEND_WSC_NACK;
1377 enum wps_process_res wps_enrollee_process_msg(struct wps_data *wps,
1400 return wps_process_wsc_msg(wps, msg);
1404 return wps_process_wsc_ack(wps, msg);
1408 return wps_process_wsc_nack(wps, msg);