1/*
2 * hostapd - WPA/RSN IE and KDE definitions
3 * Copyright (c) 2004-2008, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9#include "utils/includes.h"
10
11#include "utils/common.h"
12#include "common/ieee802_11_defs.h"
13#include "eapol_auth/eapol_auth_sm.h"
14#include "ap_config.h"
15#include "ieee802_11.h"
16#include "wpa_auth.h"
17#include "pmksa_cache_auth.h"
18#include "wpa_auth_ie.h"
19#include "wpa_auth_i.h"
20
21
22#ifdef CONFIG_RSN_TESTING
23int rsn_testing = 0;
24#endif /* CONFIG_RSN_TESTING */
25
26
27static int wpa_write_wpa_ie(struct wpa_auth_config *conf, u8 *buf, size_t len)
28{
29	struct wpa_ie_hdr *hdr;
30	int num_suites;
31	u8 *pos, *count;
32	u32 suite;
33
34	hdr = (struct wpa_ie_hdr *) buf;
35	hdr->elem_id = WLAN_EID_VENDOR_SPECIFIC;
36	RSN_SELECTOR_PUT(hdr->oui, WPA_OUI_TYPE);
37	WPA_PUT_LE16(hdr->version, WPA_VERSION);
38	pos = (u8 *) (hdr + 1);
39
40	suite = wpa_cipher_to_suite(WPA_PROTO_WPA, conf->wpa_group);
41	if (suite == 0) {
42		wpa_printf(MSG_DEBUG, "Invalid group cipher (%d).",
43			   conf->wpa_group);
44		return -1;
45	}
46	RSN_SELECTOR_PUT(pos, suite);
47	pos += WPA_SELECTOR_LEN;
48
49	count = pos;
50	pos += 2;
51
52	num_suites = wpa_cipher_put_suites(pos, conf->wpa_pairwise);
53	if (num_suites == 0) {
54		wpa_printf(MSG_DEBUG, "Invalid pairwise cipher (%d).",
55			   conf->wpa_pairwise);
56		return -1;
57	}
58	pos += num_suites * WPA_SELECTOR_LEN;
59	WPA_PUT_LE16(count, num_suites);
60
61	num_suites = 0;
62	count = pos;
63	pos += 2;
64
65	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
66		RSN_SELECTOR_PUT(pos, WPA_AUTH_KEY_MGMT_UNSPEC_802_1X);
67		pos += WPA_SELECTOR_LEN;
68		num_suites++;
69	}
70	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
71		RSN_SELECTOR_PUT(pos, WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X);
72		pos += WPA_SELECTOR_LEN;
73		num_suites++;
74	}
75
76	if (num_suites == 0) {
77		wpa_printf(MSG_DEBUG, "Invalid key management type (%d).",
78			   conf->wpa_key_mgmt);
79		return -1;
80	}
81	WPA_PUT_LE16(count, num_suites);
82
83	/* WPA Capabilities; use defaults, so no need to include it */
84
85	hdr->len = (pos - buf) - 2;
86
87	return pos - buf;
88}
89
90
91int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
92		     const u8 *pmkid)
93{
94	struct rsn_ie_hdr *hdr;
95	int num_suites, res;
96	u8 *pos, *count;
97	u16 capab;
98	u32 suite;
99
100	hdr = (struct rsn_ie_hdr *) buf;
101	hdr->elem_id = WLAN_EID_RSN;
102	WPA_PUT_LE16(hdr->version, RSN_VERSION);
103	pos = (u8 *) (hdr + 1);
104
105	suite = wpa_cipher_to_suite(WPA_PROTO_RSN, conf->wpa_group);
106	if (suite == 0) {
107		wpa_printf(MSG_DEBUG, "Invalid group cipher (%d).",
108			   conf->wpa_group);
109		return -1;
110	}
111	RSN_SELECTOR_PUT(pos, suite);
112	pos += RSN_SELECTOR_LEN;
113
114	num_suites = 0;
115	count = pos;
116	pos += 2;
117
118#ifdef CONFIG_RSN_TESTING
119	if (rsn_testing) {
120		RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 1));
121		pos += RSN_SELECTOR_LEN;
122		num_suites++;
123	}
124#endif /* CONFIG_RSN_TESTING */
125
126	res = rsn_cipher_put_suites(pos, conf->rsn_pairwise);
127	num_suites += res;
128	pos += res * RSN_SELECTOR_LEN;
129
130#ifdef CONFIG_RSN_TESTING
131	if (rsn_testing) {
132		RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 2));
133		pos += RSN_SELECTOR_LEN;
134		num_suites++;
135	}
136#endif /* CONFIG_RSN_TESTING */
137
138	if (num_suites == 0) {
139		wpa_printf(MSG_DEBUG, "Invalid pairwise cipher (%d).",
140			   conf->rsn_pairwise);
141		return -1;
142	}
143	WPA_PUT_LE16(count, num_suites);
144
145	num_suites = 0;
146	count = pos;
147	pos += 2;
148
149#ifdef CONFIG_RSN_TESTING
150	if (rsn_testing) {
151		RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 1));
152		pos += RSN_SELECTOR_LEN;
153		num_suites++;
154	}
155#endif /* CONFIG_RSN_TESTING */
156
157	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
158		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_UNSPEC_802_1X);
159		pos += RSN_SELECTOR_LEN;
160		num_suites++;
161	}
162	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
163		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X);
164		pos += RSN_SELECTOR_LEN;
165		num_suites++;
166	}
167#ifdef CONFIG_IEEE80211R
168	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
169		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_802_1X);
170		pos += RSN_SELECTOR_LEN;
171		num_suites++;
172	}
173	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) {
174		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_PSK);
175		pos += RSN_SELECTOR_LEN;
176		num_suites++;
177	}
178#endif /* CONFIG_IEEE80211R */
179#ifdef CONFIG_IEEE80211W
180	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
181		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SHA256);
182		pos += RSN_SELECTOR_LEN;
183		num_suites++;
184	}
185	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
186		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_SHA256);
187		pos += RSN_SELECTOR_LEN;
188		num_suites++;
189	}
190#endif /* CONFIG_IEEE80211W */
191#ifdef CONFIG_SAE
192	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) {
193		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_SAE);
194		pos += RSN_SELECTOR_LEN;
195		num_suites++;
196	}
197	if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) {
198		RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_SAE);
199		pos += RSN_SELECTOR_LEN;
200		num_suites++;
201	}
202#endif /* CONFIG_SAE */
203
204#ifdef CONFIG_RSN_TESTING
205	if (rsn_testing) {
206		RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 2));
207		pos += RSN_SELECTOR_LEN;
208		num_suites++;
209	}
210#endif /* CONFIG_RSN_TESTING */
211
212	if (num_suites == 0) {
213		wpa_printf(MSG_DEBUG, "Invalid key management type (%d).",
214			   conf->wpa_key_mgmt);
215		return -1;
216	}
217	WPA_PUT_LE16(count, num_suites);
218
219	/* RSN Capabilities */
220	capab = 0;
221	if (conf->rsn_preauth)
222		capab |= WPA_CAPABILITY_PREAUTH;
223	if (conf->peerkey)
224		capab |= WPA_CAPABILITY_PEERKEY_ENABLED;
225	if (conf->wmm_enabled) {
226		/* 4 PTKSA replay counters when using WMM */
227		capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
228	}
229#ifdef CONFIG_IEEE80211W
230	if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
231		capab |= WPA_CAPABILITY_MFPC;
232		if (conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED)
233			capab |= WPA_CAPABILITY_MFPR;
234	}
235#endif /* CONFIG_IEEE80211W */
236#ifdef CONFIG_RSN_TESTING
237	if (rsn_testing)
238		capab |= BIT(8) | BIT(14) | BIT(15);
239#endif /* CONFIG_RSN_TESTING */
240	WPA_PUT_LE16(pos, capab);
241	pos += 2;
242
243	if (pmkid) {
244		if (pos + 2 + PMKID_LEN > buf + len)
245			return -1;
246		/* PMKID Count */
247		WPA_PUT_LE16(pos, 1);
248		pos += 2;
249		os_memcpy(pos, pmkid, PMKID_LEN);
250		pos += PMKID_LEN;
251	}
252
253#ifdef CONFIG_IEEE80211W
254	if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
255		if (pos + 2 + 4 > buf + len)
256			return -1;
257		if (pmkid == NULL) {
258			/* PMKID Count */
259			WPA_PUT_LE16(pos, 0);
260			pos += 2;
261		}
262
263		/* Management Group Cipher Suite */
264		RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC);
265		pos += RSN_SELECTOR_LEN;
266	}
267#endif /* CONFIG_IEEE80211W */
268
269#ifdef CONFIG_RSN_TESTING
270	if (rsn_testing) {
271		/*
272		 * Fill in any defined fields and add extra data to the end of
273		 * the element.
274		 */
275		int pmkid_count_set = pmkid != NULL;
276		if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION)
277			pmkid_count_set = 1;
278		/* PMKID Count */
279		WPA_PUT_LE16(pos, 0);
280		pos += 2;
281		if (conf->ieee80211w == NO_MGMT_FRAME_PROTECTION) {
282			/* Management Group Cipher Suite */
283			RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC);
284			pos += RSN_SELECTOR_LEN;
285		}
286
287		os_memset(pos, 0x12, 17);
288		pos += 17;
289	}
290#endif /* CONFIG_RSN_TESTING */
291
292	hdr->len = (pos - buf) - 2;
293
294	return pos - buf;
295}
296
297
298int wpa_auth_gen_wpa_ie(struct wpa_authenticator *wpa_auth)
299{
300	u8 *pos, buf[128];
301	int res;
302
303	pos = buf;
304
305	if (wpa_auth->conf.wpa & WPA_PROTO_RSN) {
306		res = wpa_write_rsn_ie(&wpa_auth->conf,
307				       pos, buf + sizeof(buf) - pos, NULL);
308		if (res < 0)
309			return res;
310		pos += res;
311	}
312#ifdef CONFIG_IEEE80211R
313	if (wpa_key_mgmt_ft(wpa_auth->conf.wpa_key_mgmt)) {
314		res = wpa_write_mdie(&wpa_auth->conf, pos,
315				     buf + sizeof(buf) - pos);
316		if (res < 0)
317			return res;
318		pos += res;
319	}
320#endif /* CONFIG_IEEE80211R */
321	if (wpa_auth->conf.wpa & WPA_PROTO_WPA) {
322		res = wpa_write_wpa_ie(&wpa_auth->conf,
323				       pos, buf + sizeof(buf) - pos);
324		if (res < 0)
325			return res;
326		pos += res;
327	}
328
329	os_free(wpa_auth->wpa_ie);
330	wpa_auth->wpa_ie = os_malloc(pos - buf);
331	if (wpa_auth->wpa_ie == NULL)
332		return -1;
333	os_memcpy(wpa_auth->wpa_ie, buf, pos - buf);
334	wpa_auth->wpa_ie_len = pos - buf;
335
336	return 0;
337}
338
339
340u8 * wpa_add_kde(u8 *pos, u32 kde, const u8 *data, size_t data_len,
341		 const u8 *data2, size_t data2_len)
342{
343	*pos++ = WLAN_EID_VENDOR_SPECIFIC;
344	*pos++ = RSN_SELECTOR_LEN + data_len + data2_len;
345	RSN_SELECTOR_PUT(pos, kde);
346	pos += RSN_SELECTOR_LEN;
347	os_memcpy(pos, data, data_len);
348	pos += data_len;
349	if (data2) {
350		os_memcpy(pos, data2, data2_len);
351		pos += data2_len;
352	}
353	return pos;
354}
355
356
357struct wpa_auth_okc_iter_data {
358	struct rsn_pmksa_cache_entry *pmksa;
359	const u8 *aa;
360	const u8 *spa;
361	const u8 *pmkid;
362};
363
364
365static int wpa_auth_okc_iter(struct wpa_authenticator *a, void *ctx)
366{
367	struct wpa_auth_okc_iter_data *data = ctx;
368	data->pmksa = pmksa_cache_get_okc(a->pmksa, data->aa, data->spa,
369					  data->pmkid);
370	if (data->pmksa)
371		return 1;
372	return 0;
373}
374
375
376int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
377			struct wpa_state_machine *sm,
378			const u8 *wpa_ie, size_t wpa_ie_len,
379			const u8 *mdie, size_t mdie_len)
380{
381	struct wpa_ie_data data;
382	int ciphers, key_mgmt, res, version;
383	u32 selector;
384	size_t i;
385	const u8 *pmkid = NULL;
386
387	if (wpa_auth == NULL || sm == NULL)
388		return WPA_NOT_ENABLED;
389
390	if (wpa_ie == NULL || wpa_ie_len < 1)
391		return WPA_INVALID_IE;
392
393	if (wpa_ie[0] == WLAN_EID_RSN)
394		version = WPA_PROTO_RSN;
395	else
396		version = WPA_PROTO_WPA;
397
398	if (!(wpa_auth->conf.wpa & version)) {
399		wpa_printf(MSG_DEBUG, "Invalid WPA proto (%d) from " MACSTR,
400			   version, MAC2STR(sm->addr));
401		return WPA_INVALID_PROTO;
402	}
403
404	if (version == WPA_PROTO_RSN) {
405		res = wpa_parse_wpa_ie_rsn(wpa_ie, wpa_ie_len, &data);
406
407		selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
408		if (0) {
409		}
410#ifdef CONFIG_IEEE80211R
411		else if (data.key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
412			selector = RSN_AUTH_KEY_MGMT_FT_802_1X;
413		else if (data.key_mgmt & WPA_KEY_MGMT_FT_PSK)
414			selector = RSN_AUTH_KEY_MGMT_FT_PSK;
415#endif /* CONFIG_IEEE80211R */
416#ifdef CONFIG_IEEE80211W
417		else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
418			selector = RSN_AUTH_KEY_MGMT_802_1X_SHA256;
419		else if (data.key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
420			selector = RSN_AUTH_KEY_MGMT_PSK_SHA256;
421#endif /* CONFIG_IEEE80211W */
422#ifdef CONFIG_SAE
423		else if (data.key_mgmt & WPA_KEY_MGMT_SAE)
424			selector = RSN_AUTH_KEY_MGMT_SAE;
425		else if (data.key_mgmt & WPA_KEY_MGMT_FT_SAE)
426			selector = RSN_AUTH_KEY_MGMT_FT_SAE;
427#endif /* CONFIG_SAE */
428		else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
429			selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
430		else if (data.key_mgmt & WPA_KEY_MGMT_PSK)
431			selector = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X;
432		wpa_auth->dot11RSNAAuthenticationSuiteSelected = selector;
433
434		selector = wpa_cipher_to_suite(WPA_PROTO_RSN,
435					       data.pairwise_cipher);
436		if (!selector)
437			selector = RSN_CIPHER_SUITE_CCMP;
438		wpa_auth->dot11RSNAPairwiseCipherSelected = selector;
439
440		selector = wpa_cipher_to_suite(WPA_PROTO_RSN,
441					       data.group_cipher);
442		if (!selector)
443			selector = RSN_CIPHER_SUITE_CCMP;
444		wpa_auth->dot11RSNAGroupCipherSelected = selector;
445	} else {
446		res = wpa_parse_wpa_ie_wpa(wpa_ie, wpa_ie_len, &data);
447
448		selector = WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
449		if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
450			selector = WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
451		else if (data.key_mgmt & WPA_KEY_MGMT_PSK)
452			selector = WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X;
453		wpa_auth->dot11RSNAAuthenticationSuiteSelected = selector;
454
455		selector = wpa_cipher_to_suite(WPA_PROTO_WPA,
456					       data.pairwise_cipher);
457		if (!selector)
458			selector = RSN_CIPHER_SUITE_TKIP;
459		wpa_auth->dot11RSNAPairwiseCipherSelected = selector;
460
461		selector = wpa_cipher_to_suite(WPA_PROTO_WPA,
462					       data.group_cipher);
463		if (!selector)
464			selector = WPA_CIPHER_SUITE_TKIP;
465		wpa_auth->dot11RSNAGroupCipherSelected = selector;
466	}
467	if (res) {
468		wpa_printf(MSG_DEBUG, "Failed to parse WPA/RSN IE from "
469			   MACSTR " (res=%d)", MAC2STR(sm->addr), res);
470		wpa_hexdump(MSG_DEBUG, "WPA/RSN IE", wpa_ie, wpa_ie_len);
471		return WPA_INVALID_IE;
472	}
473
474	if (data.group_cipher != wpa_auth->conf.wpa_group) {
475		wpa_printf(MSG_DEBUG, "Invalid WPA group cipher (0x%x) from "
476			   MACSTR, data.group_cipher, MAC2STR(sm->addr));
477		return WPA_INVALID_GROUP;
478	}
479
480	key_mgmt = data.key_mgmt & wpa_auth->conf.wpa_key_mgmt;
481	if (!key_mgmt) {
482		wpa_printf(MSG_DEBUG, "Invalid WPA key mgmt (0x%x) from "
483			   MACSTR, data.key_mgmt, MAC2STR(sm->addr));
484		return WPA_INVALID_AKMP;
485	}
486	if (0) {
487	}
488#ifdef CONFIG_IEEE80211R
489	else if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
490		sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
491	else if (key_mgmt & WPA_KEY_MGMT_FT_PSK)
492		sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_PSK;
493#endif /* CONFIG_IEEE80211R */
494#ifdef CONFIG_IEEE80211W
495	else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
496		sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
497	else if (key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
498		sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
499#endif /* CONFIG_IEEE80211W */
500#ifdef CONFIG_SAE
501	else if (key_mgmt & WPA_KEY_MGMT_SAE)
502		sm->wpa_key_mgmt = WPA_KEY_MGMT_SAE;
503	else if (key_mgmt & WPA_KEY_MGMT_FT_SAE)
504		sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_SAE;
505#endif /* CONFIG_SAE */
506	else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X)
507		sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X;
508	else
509		sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK;
510
511	if (version == WPA_PROTO_RSN)
512		ciphers = data.pairwise_cipher & wpa_auth->conf.rsn_pairwise;
513	else
514		ciphers = data.pairwise_cipher & wpa_auth->conf.wpa_pairwise;
515	if (!ciphers) {
516		wpa_printf(MSG_DEBUG, "Invalid %s pairwise cipher (0x%x) "
517			   "from " MACSTR,
518			   version == WPA_PROTO_RSN ? "RSN" : "WPA",
519			   data.pairwise_cipher, MAC2STR(sm->addr));
520		return WPA_INVALID_PAIRWISE;
521	}
522
523#ifdef CONFIG_IEEE80211W
524	if (wpa_auth->conf.ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
525		if (!(data.capabilities & WPA_CAPABILITY_MFPC)) {
526			wpa_printf(MSG_DEBUG, "Management frame protection "
527				   "required, but client did not enable it");
528			return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
529		}
530
531		if (ciphers & WPA_CIPHER_TKIP) {
532			wpa_printf(MSG_DEBUG, "Management frame protection "
533				   "cannot use TKIP");
534			return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
535		}
536
537		if (data.mgmt_group_cipher != WPA_CIPHER_AES_128_CMAC) {
538			wpa_printf(MSG_DEBUG, "Unsupported management group "
539				   "cipher %d", data.mgmt_group_cipher);
540			return WPA_INVALID_MGMT_GROUP_CIPHER;
541		}
542	}
543
544	if (wpa_auth->conf.ieee80211w == NO_MGMT_FRAME_PROTECTION ||
545	    !(data.capabilities & WPA_CAPABILITY_MFPC))
546		sm->mgmt_frame_prot = 0;
547	else
548		sm->mgmt_frame_prot = 1;
549#endif /* CONFIG_IEEE80211W */
550
551#ifdef CONFIG_IEEE80211R
552	if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
553		if (mdie == NULL || mdie_len < MOBILITY_DOMAIN_ID_LEN + 1) {
554			wpa_printf(MSG_DEBUG, "RSN: Trying to use FT, but "
555				   "MDIE not included");
556			return WPA_INVALID_MDIE;
557		}
558		if (os_memcmp(mdie, wpa_auth->conf.mobility_domain,
559			      MOBILITY_DOMAIN_ID_LEN) != 0) {
560			wpa_hexdump(MSG_DEBUG, "RSN: Attempted to use unknown "
561				    "MDIE", mdie, MOBILITY_DOMAIN_ID_LEN);
562			return WPA_INVALID_MDIE;
563		}
564	}
565#endif /* CONFIG_IEEE80211R */
566
567	sm->pairwise = wpa_pick_pairwise_cipher(ciphers, 0);
568	if (sm->pairwise < 0)
569		return WPA_INVALID_PAIRWISE;
570
571	/* TODO: clear WPA/WPA2 state if STA changes from one to another */
572	if (wpa_ie[0] == WLAN_EID_RSN)
573		sm->wpa = WPA_VERSION_WPA2;
574	else
575		sm->wpa = WPA_VERSION_WPA;
576
577	sm->pmksa = NULL;
578	for (i = 0; i < data.num_pmkid; i++) {
579		wpa_hexdump(MSG_DEBUG, "RSN IE: STA PMKID",
580			    &data.pmkid[i * PMKID_LEN], PMKID_LEN);
581		sm->pmksa = pmksa_cache_auth_get(wpa_auth->pmksa, sm->addr,
582						 &data.pmkid[i * PMKID_LEN]);
583		if (sm->pmksa) {
584			pmkid = sm->pmksa->pmkid;
585			break;
586		}
587	}
588	for (i = 0; sm->pmksa == NULL && wpa_auth->conf.okc &&
589		     i < data.num_pmkid; i++) {
590		struct wpa_auth_okc_iter_data idata;
591		idata.pmksa = NULL;
592		idata.aa = wpa_auth->addr;
593		idata.spa = sm->addr;
594		idata.pmkid = &data.pmkid[i * PMKID_LEN];
595		wpa_auth_for_each_auth(wpa_auth, wpa_auth_okc_iter, &idata);
596		if (idata.pmksa) {
597			wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
598					 "OKC match for PMKID");
599			sm->pmksa = pmksa_cache_add_okc(wpa_auth->pmksa,
600							idata.pmksa,
601							wpa_auth->addr,
602							idata.pmkid);
603			pmkid = idata.pmkid;
604			break;
605		}
606	}
607	if (sm->pmksa) {
608		wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
609				 "PMKID found from PMKSA cache "
610				 "eap_type=%d vlan_id=%d",
611				 sm->pmksa->eap_type_authsrv,
612				 sm->pmksa->vlan_id);
613		os_memcpy(wpa_auth->dot11RSNAPMKIDUsed, pmkid, PMKID_LEN);
614	}
615
616	if (sm->wpa_ie == NULL || sm->wpa_ie_len < wpa_ie_len) {
617		os_free(sm->wpa_ie);
618		sm->wpa_ie = os_malloc(wpa_ie_len);
619		if (sm->wpa_ie == NULL)
620			return WPA_ALLOC_FAIL;
621	}
622	os_memcpy(sm->wpa_ie, wpa_ie, wpa_ie_len);
623	sm->wpa_ie_len = wpa_ie_len;
624
625	return WPA_IE_OK;
626}
627
628
629/**
630 * wpa_parse_generic - Parse EAPOL-Key Key Data Generic IEs
631 * @pos: Pointer to the IE header
632 * @end: Pointer to the end of the Key Data buffer
633 * @ie: Pointer to parsed IE data
634 * Returns: 0 on success, 1 if end mark is found, -1 on failure
635 */
636static int wpa_parse_generic(const u8 *pos, const u8 *end,
637			     struct wpa_eapol_ie_parse *ie)
638{
639	if (pos[1] == 0)
640		return 1;
641
642	if (pos[1] >= 6 &&
643	    RSN_SELECTOR_GET(pos + 2) == WPA_OUI_TYPE &&
644	    pos[2 + WPA_SELECTOR_LEN] == 1 &&
645	    pos[2 + WPA_SELECTOR_LEN + 1] == 0) {
646		ie->wpa_ie = pos;
647		ie->wpa_ie_len = pos[1] + 2;
648		return 0;
649	}
650
651	if (pos + 1 + RSN_SELECTOR_LEN < end &&
652	    pos[1] >= RSN_SELECTOR_LEN + PMKID_LEN &&
653	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_PMKID) {
654		ie->pmkid = pos + 2 + RSN_SELECTOR_LEN;
655		return 0;
656	}
657
658	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
659	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_GROUPKEY) {
660		ie->gtk = pos + 2 + RSN_SELECTOR_LEN;
661		ie->gtk_len = pos[1] - RSN_SELECTOR_LEN;
662		return 0;
663	}
664
665	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
666	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_MAC_ADDR) {
667		ie->mac_addr = pos + 2 + RSN_SELECTOR_LEN;
668		ie->mac_addr_len = pos[1] - RSN_SELECTOR_LEN;
669		return 0;
670	}
671
672#ifdef CONFIG_PEERKEY
673	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
674	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_SMK) {
675		ie->smk = pos + 2 + RSN_SELECTOR_LEN;
676		ie->smk_len = pos[1] - RSN_SELECTOR_LEN;
677		return 0;
678	}
679
680	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
681	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_NONCE) {
682		ie->nonce = pos + 2 + RSN_SELECTOR_LEN;
683		ie->nonce_len = pos[1] - RSN_SELECTOR_LEN;
684		return 0;
685	}
686
687	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
688	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_LIFETIME) {
689		ie->lifetime = pos + 2 + RSN_SELECTOR_LEN;
690		ie->lifetime_len = pos[1] - RSN_SELECTOR_LEN;
691		return 0;
692	}
693
694	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
695	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_ERROR) {
696		ie->error = pos + 2 + RSN_SELECTOR_LEN;
697		ie->error_len = pos[1] - RSN_SELECTOR_LEN;
698		return 0;
699	}
700#endif /* CONFIG_PEERKEY */
701
702#ifdef CONFIG_IEEE80211W
703	if (pos[1] > RSN_SELECTOR_LEN + 2 &&
704	    RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_IGTK) {
705		ie->igtk = pos + 2 + RSN_SELECTOR_LEN;
706		ie->igtk_len = pos[1] - RSN_SELECTOR_LEN;
707		return 0;
708	}
709#endif /* CONFIG_IEEE80211W */
710
711	return 0;
712}
713
714
715/**
716 * wpa_parse_kde_ies - Parse EAPOL-Key Key Data IEs
717 * @buf: Pointer to the Key Data buffer
718 * @len: Key Data Length
719 * @ie: Pointer to parsed IE data
720 * Returns: 0 on success, -1 on failure
721 */
722int wpa_parse_kde_ies(const u8 *buf, size_t len, struct wpa_eapol_ie_parse *ie)
723{
724	const u8 *pos, *end;
725	int ret = 0;
726
727	os_memset(ie, 0, sizeof(*ie));
728	for (pos = buf, end = pos + len; pos + 1 < end; pos += 2 + pos[1]) {
729		if (pos[0] == 0xdd &&
730		    ((pos == buf + len - 1) || pos[1] == 0)) {
731			/* Ignore padding */
732			break;
733		}
734		if (pos + 2 + pos[1] > end) {
735			wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key Key Data "
736				   "underflow (ie=%d len=%d pos=%d)",
737				   pos[0], pos[1], (int) (pos - buf));
738			wpa_hexdump_key(MSG_DEBUG, "WPA: Key Data",
739					buf, len);
740			ret = -1;
741			break;
742		}
743		if (*pos == WLAN_EID_RSN) {
744			ie->rsn_ie = pos;
745			ie->rsn_ie_len = pos[1] + 2;
746#ifdef CONFIG_IEEE80211R
747		} else if (*pos == WLAN_EID_MOBILITY_DOMAIN) {
748			ie->mdie = pos;
749			ie->mdie_len = pos[1] + 2;
750		} else if (*pos == WLAN_EID_FAST_BSS_TRANSITION) {
751			ie->ftie = pos;
752			ie->ftie_len = pos[1] + 2;
753#endif /* CONFIG_IEEE80211R */
754		} else if (*pos == WLAN_EID_VENDOR_SPECIFIC) {
755			ret = wpa_parse_generic(pos, end, ie);
756			if (ret < 0)
757				break;
758			if (ret > 0) {
759				ret = 0;
760				break;
761			}
762		} else {
763			wpa_hexdump(MSG_DEBUG, "WPA: Unrecognized EAPOL-Key "
764				    "Key Data IE", pos, 2 + pos[1]);
765		}
766	}
767
768	return ret;
769}
770
771
772int wpa_auth_uses_mfp(struct wpa_state_machine *sm)
773{
774	return sm ? sm->mgmt_frame_prot : 0;
775}
776