2 * Host AP (software wireless LAN access point) user space daemon for
3 * Host AP kernel driver / WPA Authenticator
4 * Copyright (c) 2004-2005, Jouni Malinen <jkmaline@cc.hut.fi>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
10 * Alternatively, this software may be distributed under the terms of BSD
13 * See README and COPYING for more details.
19 #include <netinet/in.h>
32 #include "ieee802_1x.h"
33 #include "ieee802_11.h"
36 #include "l2_packet.h"
37 #include "accounting.h"
38 #include "hostap_common.h"
41 static void wpa_send_eapol_timeout(void *eloop_ctx
, void *timeout_ctx
);
42 static void wpa_sm_step(struct wpa_state_machine
*sm
);
43 static int wpa_verify_key_mic(struct wpa_ptk
*PTK
, u8
*data
, size_t data_len
);
44 static void wpa_sm_call_step(void *eloop_ctx
, void *timeout_ctx
);
45 static void wpa_group_sm_step(struct hostapd_data
*hapd
);
46 static void pmksa_cache_free(struct hostapd_data
*hapd
);
47 static struct rsn_pmksa_cache
* pmksa_cache_get(struct hostapd_data
*hapd
,
51 /* Default timeouts are 100 ms, but this seems to be a bit too fast for most
52 * WPA Supplicants, so use a bit longer timeout. */
53 static const u32 dot11RSNAConfigGroupUpdateTimeOut
= 1000; /* ms */
54 static const u32 dot11RSNAConfigGroupUpdateCount
= 3;
55 static const u32 dot11RSNAConfigPairwiseUpdateTimeOut
= 1000; /* ms */
56 static const u32 dot11RSNAConfigPairwiseUpdateCount
= 3;
58 /* TODO: make these configurable */
59 static const int dot11RSNAConfigPMKLifetime
= 43200;
60 static const int dot11RSNAConfigPMKReauthThreshold
= 70;
61 static const int dot11RSNAConfigSATimeout
= 60;
62 static const int pmksa_cache_max_entries
= 1024;
65 static const int WPA_SELECTOR_LEN
= 4;
66 static const u8 WPA_OUI_TYPE
[] = { 0x00, 0x50, 0xf2, 1 };
67 static const u16 WPA_VERSION
= 1;
68 static const u8 WPA_AUTH_KEY_MGMT_UNSPEC_802_1X
[] = { 0x00, 0x50, 0xf2, 1 };
69 static const u8 WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X
[] = { 0x00, 0x50, 0xf2, 2 };
70 static const u8 WPA_CIPHER_SUITE_NONE
[] = { 0x00, 0x50, 0xf2, 0 };
71 static const u8 WPA_CIPHER_SUITE_WEP40
[] = { 0x00, 0x50, 0xf2, 1 };
72 static const u8 WPA_CIPHER_SUITE_TKIP
[] = { 0x00, 0x50, 0xf2, 2 };
73 static const u8 WPA_CIPHER_SUITE_WRAP
[] = { 0x00, 0x50, 0xf2, 3 };
74 static const u8 WPA_CIPHER_SUITE_CCMP
[] = { 0x00, 0x50, 0xf2, 4 };
75 static const u8 WPA_CIPHER_SUITE_WEP104
[] = { 0x00, 0x50, 0xf2, 5 };
77 static const int RSN_SELECTOR_LEN
= 4;
78 static const u16 RSN_VERSION
= 1;
79 static const u8 RSN_AUTH_KEY_MGMT_UNSPEC_802_1X
[] = { 0x00, 0x0f, 0xac, 1 };
80 static const u8 RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X
[] = { 0x00, 0x0f, 0xac, 2 };
81 static const u8 RSN_CIPHER_SUITE_NONE
[] = { 0x00, 0x0f, 0xac, 0 };
82 static const u8 RSN_CIPHER_SUITE_WEP40
[] = { 0x00, 0x0f, 0xac, 1 };
83 static const u8 RSN_CIPHER_SUITE_TKIP
[] = { 0x00, 0x0f, 0xac, 2 };
84 static const u8 RSN_CIPHER_SUITE_WRAP
[] = { 0x00, 0x0f, 0xac, 3 };
85 static const u8 RSN_CIPHER_SUITE_CCMP
[] = { 0x00, 0x0f, 0xac, 4 };
86 static const u8 RSN_CIPHER_SUITE_WEP104
[] = { 0x00, 0x0f, 0xac, 5 };
88 /* EAPOL-Key Key Data Encapsulation
89 * GroupKey and STAKey require encryption, otherwise, encryption is optional.
91 static const u8 RSN_KEY_DATA_GROUPKEY
[] = { 0x00, 0x0f, 0xac, 1 };
92 static const u8 RSN_KEY_DATA_STAKEY
[] = { 0x00, 0x0f, 0xac, 2 };
93 static const u8 RSN_KEY_DATA_MAC_ADDR
[] = { 0x00, 0x0f, 0xac, 3 };
94 static const u8 RSN_KEY_DATA_PMKID
[] = { 0x00, 0x0f, 0xac, 4 };
97 * 00-50-f2:1 (OUI:OUI type)
98 * 0x01 0x00 (version; little endian)
99 * (all following fields are optional:)
100 * Group Suite Selector (4 octets) (default: TKIP)
101 * Pairwise Suite Count (2 octets, little endian) (default: 1)
102 * Pairwise Suite List (4 * n octets) (default: TKIP)
103 * Authenticated Key Management Suite Count (2 octets, little endian)
105 * Authenticated Key Management Suite List (4 * n octets)
106 * (default: unspec 802.1X)
107 * WPA Capabilities (2 octets, little endian) (default: 0)
116 } __attribute__ ((packed
));
120 * 0x01 0x00 (version; little endian)
121 * (all following fields are optional:)
122 * Group Suite Selector (4 octets) (default: CCMP)
123 * Pairwise Suite Count (2 octets, little endian) (default: 1)
124 * Pairwise Suite List (4 * n octets) (default: CCMP)
125 * Authenticated Key Management Suite Count (2 octets, little endian)
127 * Authenticated Key Management Suite List (4 * n octets)
128 * (default: unspec 802.1X)
129 * RSN Capabilities (2 octets, little endian) (default: 0)
130 * PMKID Count (2 octets) (default: 0)
131 * PMKID List (16 * n octets)
135 u8 elem_id
; /* WLAN_EID_RSN */
138 } __attribute__ ((packed
));
141 static int wpa_write_wpa_ie(struct hostapd_data
*hapd
, u8
*buf
, size_t len
)
143 struct wpa_ie_hdr
*hdr
;
147 hdr
= (struct wpa_ie_hdr
*) buf
;
148 hdr
->elem_id
= WLAN_EID_GENERIC
;
149 memcpy(&hdr
->oui
, WPA_OUI_TYPE
, WPA_SELECTOR_LEN
);
150 hdr
->version
= host_to_le16(WPA_VERSION
);
151 pos
= (u8
*) (hdr
+ 1);
153 if (hapd
->conf
->wpa_group
== WPA_CIPHER_CCMP
) {
154 memcpy(pos
, WPA_CIPHER_SUITE_CCMP
, WPA_SELECTOR_LEN
);
155 } else if (hapd
->conf
->wpa_group
== WPA_CIPHER_TKIP
) {
156 memcpy(pos
, WPA_CIPHER_SUITE_TKIP
, WPA_SELECTOR_LEN
);
157 } else if (hapd
->conf
->wpa_group
== WPA_CIPHER_WEP104
) {
158 memcpy(pos
, WPA_CIPHER_SUITE_WEP104
, WPA_SELECTOR_LEN
);
159 } else if (hapd
->conf
->wpa_group
== WPA_CIPHER_WEP40
) {
160 memcpy(pos
, WPA_CIPHER_SUITE_WEP40
, WPA_SELECTOR_LEN
);
162 printf("Invalid group cipher (%d).\n", hapd
->conf
->wpa_group
);
165 pos
+= WPA_SELECTOR_LEN
;
171 if (hapd
->conf
->wpa_pairwise
& WPA_CIPHER_CCMP
) {
172 memcpy(pos
, WPA_CIPHER_SUITE_CCMP
, WPA_SELECTOR_LEN
);
173 pos
+= WPA_SELECTOR_LEN
;
176 if (hapd
->conf
->wpa_pairwise
& WPA_CIPHER_TKIP
) {
177 memcpy(pos
, WPA_CIPHER_SUITE_TKIP
, WPA_SELECTOR_LEN
);
178 pos
+= WPA_SELECTOR_LEN
;
181 if (hapd
->conf
->wpa_pairwise
& WPA_CIPHER_NONE
) {
182 memcpy(pos
, WPA_CIPHER_SUITE_NONE
, WPA_SELECTOR_LEN
);
183 pos
+= WPA_SELECTOR_LEN
;
187 if (num_suites
== 0) {
188 printf("Invalid pairwise cipher (%d).\n",
189 hapd
->conf
->wpa_pairwise
);
192 *count
++ = num_suites
& 0xff;
193 *count
= (num_suites
>> 8) & 0xff;
199 if (hapd
->conf
->wpa_key_mgmt
& WPA_KEY_MGMT_IEEE8021X
) {
200 memcpy(pos
, WPA_AUTH_KEY_MGMT_UNSPEC_802_1X
, WPA_SELECTOR_LEN
);
201 pos
+= WPA_SELECTOR_LEN
;
204 if (hapd
->conf
->wpa_key_mgmt
& WPA_KEY_MGMT_PSK
) {
205 memcpy(pos
, WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X
,
207 pos
+= WPA_SELECTOR_LEN
;
211 if (num_suites
== 0) {
212 printf("Invalid key management type (%d).\n",
213 hapd
->conf
->wpa_key_mgmt
);
216 *count
++ = num_suites
& 0xff;
217 *count
= (num_suites
>> 8) & 0xff;
219 /* WPA Capabilities; use defaults, so no need to include it */
221 hdr
->len
= (pos
- buf
) - 2;
227 static int wpa_write_rsn_ie(struct hostapd_data
*hapd
, u8
*buf
, size_t len
)
229 struct rsn_ie_hdr
*hdr
;
233 hdr
= (struct rsn_ie_hdr
*) buf
;
234 hdr
->elem_id
= WLAN_EID_RSN
;
235 pos
= (u8
*) &hdr
->version
;
236 *pos
++ = RSN_VERSION
& 0xff;
237 *pos
++ = RSN_VERSION
>> 8;
238 pos
= (u8
*) (hdr
+ 1);
240 if (hapd
->conf
->wpa_group
== WPA_CIPHER_CCMP
) {
241 memcpy(pos
, RSN_CIPHER_SUITE_CCMP
, RSN_SELECTOR_LEN
);
242 } else if (hapd
->conf
->wpa_group
== WPA_CIPHER_TKIP
) {
243 memcpy(pos
, RSN_CIPHER_SUITE_TKIP
, RSN_SELECTOR_LEN
);
244 } else if (hapd
->conf
->wpa_group
== WPA_CIPHER_WEP104
) {
245 memcpy(pos
, RSN_CIPHER_SUITE_WEP104
, RSN_SELECTOR_LEN
);
246 } else if (hapd
->conf
->wpa_group
== WPA_CIPHER_WEP40
) {
247 memcpy(pos
, RSN_CIPHER_SUITE_WEP40
, RSN_SELECTOR_LEN
);
249 printf("Invalid group cipher (%d).\n", hapd
->conf
->wpa_group
);
252 pos
+= RSN_SELECTOR_LEN
;
258 if (hapd
->conf
->wpa_pairwise
& WPA_CIPHER_CCMP
) {
259 memcpy(pos
, RSN_CIPHER_SUITE_CCMP
, RSN_SELECTOR_LEN
);
260 pos
+= RSN_SELECTOR_LEN
;
263 if (hapd
->conf
->wpa_pairwise
& WPA_CIPHER_TKIP
) {
264 memcpy(pos
, RSN_CIPHER_SUITE_TKIP
, RSN_SELECTOR_LEN
);
265 pos
+= RSN_SELECTOR_LEN
;
268 if (hapd
->conf
->wpa_pairwise
& WPA_CIPHER_NONE
) {
269 memcpy(pos
, RSN_CIPHER_SUITE_NONE
, RSN_SELECTOR_LEN
);
270 pos
+= RSN_SELECTOR_LEN
;
274 if (num_suites
== 0) {
275 printf("Invalid pairwise cipher (%d).\n",
276 hapd
->conf
->wpa_pairwise
);
279 *count
++ = num_suites
& 0xff;
280 *count
= (num_suites
>> 8) & 0xff;
286 if (hapd
->conf
->wpa_key_mgmt
& WPA_KEY_MGMT_IEEE8021X
) {
287 memcpy(pos
, RSN_AUTH_KEY_MGMT_UNSPEC_802_1X
, RSN_SELECTOR_LEN
);
288 pos
+= RSN_SELECTOR_LEN
;
291 if (hapd
->conf
->wpa_key_mgmt
& WPA_KEY_MGMT_PSK
) {
292 memcpy(pos
, RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X
,
294 pos
+= RSN_SELECTOR_LEN
;
298 if (num_suites
== 0) {
299 printf("Invalid key management type (%d).\n",
300 hapd
->conf
->wpa_key_mgmt
);
303 *count
++ = num_suites
& 0xff;
304 *count
= (num_suites
>> 8) & 0xff;
306 /* RSN Capabilities */
307 *pos
++ = hapd
->conf
->rsn_preauth
? BIT(0) : 0;
310 hdr
->len
= (pos
- buf
) - 2;
316 static int wpa_gen_wpa_ie(struct hostapd_data
*hapd
)
323 if (hapd
->conf
->wpa
& HOSTAPD_WPA_VERSION_WPA2
) {
324 res
= wpa_write_rsn_ie(hapd
, pos
, buf
+ sizeof(buf
) - pos
);
329 if (hapd
->conf
->wpa
& HOSTAPD_WPA_VERSION_WPA
) {
330 res
= wpa_write_wpa_ie(hapd
, pos
, buf
+ sizeof(buf
) - pos
);
337 hapd
->wpa_ie
= malloc(pos
- buf
);
338 if (hapd
->wpa_ie
== NULL
)
340 memcpy(hapd
->wpa_ie
, buf
, pos
- buf
);
341 hapd
->wpa_ie_len
= pos
- buf
;
347 static void wpa_sta_disconnect(struct hostapd_data
*hapd
, struct sta_info
*sta
)
349 hostapd_sta_deauth(hapd
, sta
->addr
, WLAN_REASON_PREV_AUTH_NOT_VALID
);
350 sta
->flags
&= ~(WLAN_STA_AUTH
| WLAN_STA_ASSOC
| WLAN_STA_AUTHORIZED
);
351 eloop_cancel_timeout(ap_handle_timer
, hapd
, sta
);
352 eloop_register_timeout(0, 0, ap_handle_timer
, hapd
, sta
);
353 sta
->timeout_next
= STA_REMOVE
;
357 static void wpa_rekey_gmk(void *eloop_ctx
, void *timeout_ctx
)
359 struct hostapd_data
*hapd
= eloop_ctx
;
361 if (hapd
->wpa_auth
) {
362 if (hostapd_get_rand(hapd
->wpa_auth
->GMK
, WPA_GMK_LEN
)) {
363 printf("Failed to get random data for WPA "
364 "initialization.\n");
366 hostapd_logger(hapd
, NULL
, HOSTAPD_MODULE_WPA
,
372 if (hapd
->conf
->wpa_gmk_rekey
) {
373 eloop_register_timeout(hapd
->conf
->wpa_gmk_rekey
, 0,
374 wpa_rekey_gmk
, hapd
, NULL
);
379 static void wpa_rekey_gtk(void *eloop_ctx
, void *timeout_ctx
)
381 struct hostapd_data
*hapd
= eloop_ctx
;
383 if (hapd
->wpa_auth
) {
384 hostapd_logger(hapd
, NULL
, HOSTAPD_MODULE_WPA
,
385 HOSTAPD_LEVEL_DEBUG
, "rekeying GTK");
386 hapd
->wpa_auth
->GTKReKey
= TRUE
;
388 hapd
->wpa_auth
->changed
= FALSE
;
389 wpa_group_sm_step(hapd
);
390 } while (hapd
->wpa_auth
->changed
);
392 if (hapd
->conf
->wpa_group_rekey
) {
393 eloop_register_timeout(hapd
->conf
->wpa_group_rekey
, 0,
394 wpa_rekey_gtk
, hapd
, NULL
);
399 #ifdef CONFIG_RSN_PREAUTH
401 static void rsn_preauth_receive(void *ctx
, const u8
*src_addr
,
402 const u8
*buf
, size_t len
)
404 struct rsn_preauth_interface
*piface
= ctx
;
405 struct hostapd_data
*hapd
= piface
->hapd
;
406 struct ieee802_1x_hdr
*hdr
;
407 struct sta_info
*sta
;
408 struct l2_ethhdr
*ethhdr
;
410 HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL
, "RSN: receive pre-auth packet "
411 "from interface '%s'\n", piface
->ifname
);
412 if (len
< sizeof(*ethhdr
) + sizeof(*hdr
)) {
413 HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL
, "RSN: too short pre-auth "
414 "packet (len=%lu)\n", (unsigned long) len
);
418 ethhdr
= (struct l2_ethhdr
*) buf
;
419 hdr
= (struct ieee802_1x_hdr
*) (ethhdr
+ 1);
421 if (memcmp(ethhdr
->h_dest
, hapd
->own_addr
, ETH_ALEN
) != 0) {
422 HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL
, "RSN: pre-auth for "
423 "foreign address " MACSTR
"\n",
424 MAC2STR(ethhdr
->h_dest
));
428 sta
= ap_get_sta(hapd
, ethhdr
->h_source
);
429 if (sta
&& (sta
->flags
& WLAN_STA_ASSOC
)) {
430 HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL
, "RSN: pre-auth for "
431 "already association STA " MACSTR
"\n",
435 if (!sta
&& hdr
->type
== IEEE802_1X_TYPE_EAPOL_START
) {
436 sta
= (struct sta_info
*) malloc(sizeof(struct sta_info
));
439 memset(sta
, 0, sizeof(*sta
));
440 memcpy(sta
->addr
, ethhdr
->h_source
, ETH_ALEN
);
441 sta
->flags
= WLAN_STA_PREAUTH
;
442 sta
->next
= hapd
->sta_list
;
443 sta
->wpa
= WPA_VERSION_WPA2
;
444 hapd
->sta_list
= sta
;
446 ap_sta_hash_add(hapd
, sta
);
448 ieee802_1x_new_station(hapd
, sta
);
449 if (sta
->eapol_sm
== NULL
) {
450 ap_free_sta(hapd
, sta
);
453 sta
->eapol_sm
->radius_identifier
= -1;
454 sta
->eapol_sm
->portValid
= TRUE
;
455 sta
->eapol_sm
->flags
|= EAPOL_SM_PREAUTH
;
460 sta
->preauth_iface
= piface
;
461 ieee802_1x_receive(hapd
, ethhdr
->h_source
, (u8
*) (ethhdr
+ 1),
462 len
- sizeof(*ethhdr
));
466 static int rsn_preauth_iface_add(struct hostapd_data
*hapd
, const char *ifname
)
468 struct rsn_preauth_interface
*piface
;
470 HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL
, "RSN pre-auth interface '%s'\n",
473 piface
= malloc(sizeof(*piface
));
476 memset(piface
, 0, sizeof(*piface
));
479 piface
->ifname
= strdup(ifname
);
480 if (piface
->ifname
== NULL
) {
484 piface
->l2
= l2_packet_init(piface
->ifname
, NULL
, ETH_P_PREAUTH
,
485 rsn_preauth_receive
, piface
, 1);
486 if (piface
->l2
== NULL
) {
487 printf("Failed to open register layer 2 access to "
492 piface
->next
= hapd
->preauth_iface
;
493 hapd
->preauth_iface
= piface
;
497 free(piface
->ifname
);
504 static void rsn_preauth_iface_deinit(struct hostapd_data
*hapd
)
506 struct rsn_preauth_interface
*piface
, *prev
;
508 piface
= hapd
->preauth_iface
;
509 hapd
->preauth_iface
= NULL
;
512 piface
= piface
->next
;
513 l2_packet_deinit(prev
->l2
);
520 static int rsn_preauth_iface_init(struct hostapd_data
*hapd
)
522 char *tmp
, *start
, *end
;
524 if (hapd
->conf
->rsn_preauth_interfaces
== NULL
)
527 tmp
= strdup(hapd
->conf
->rsn_preauth_interfaces
);
532 while (*start
== ' ')
536 end
= strchr(start
, ' ');
540 if (rsn_preauth_iface_add(hapd
, start
)) {
541 rsn_preauth_iface_deinit(hapd
);
555 static void rsn_preauth_finished_cb(void *eloop_ctx
, void *timeout_ctx
)
557 struct hostapd_data
*hapd
= eloop_ctx
;
558 struct sta_info
*sta
= timeout_ctx
;
559 wpa_printf(MSG_DEBUG
, "RSN: Removing pre-authentication STA entry for "
560 MACSTR
, MAC2STR(sta
->addr
));
561 ap_free_sta(hapd
, sta
);
565 void rsn_preauth_finished(struct hostapd_data
*hapd
, struct sta_info
*sta
,
570 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
571 HOSTAPD_LEVEL_INFO
, "pre-authentication %s",
572 success
? "succeeded" : "failed");
574 key
= ieee802_1x_get_key_crypt(sta
->eapol_sm
, &len
);
575 if (success
&& key
) {
576 pmksa_cache_add(hapd
, sta
, key
, dot11RSNAConfigPMKLifetime
);
580 * Finish STA entry removal from timeout in order to avoid freeing
581 * STA data before the caller has finished processing.
583 eloop_register_timeout(0, 0, rsn_preauth_finished_cb
, hapd
, sta
);
587 void rsn_preauth_send(struct hostapd_data
*hapd
, struct sta_info
*sta
,
590 struct rsn_preauth_interface
*piface
;
591 struct l2_ethhdr
*ethhdr
;
593 piface
= hapd
->preauth_iface
;
595 if (piface
== sta
->preauth_iface
)
597 piface
= piface
->next
;
600 if (piface
== NULL
) {
601 HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL
, "RSN: Could not find "
602 "pre-authentication interface for " MACSTR
"\n",
607 ethhdr
= malloc(sizeof(*ethhdr
) + len
);
611 memcpy(ethhdr
->h_dest
, sta
->addr
, ETH_ALEN
);
612 memcpy(ethhdr
->h_source
, hapd
->own_addr
, ETH_ALEN
);
613 ethhdr
->h_proto
= htons(ETH_P_PREAUTH
);
614 memcpy(ethhdr
+ 1, buf
, len
);
616 if (l2_packet_send(piface
->l2
, sta
->addr
, ETH_P_PREAUTH
, (u8
*) ethhdr
,
617 sizeof(*ethhdr
) + len
) < 0) {
618 printf("Failed to send preauth packet using l2_packet_send\n");
623 #else /* CONFIG_RSN_PREAUTH */
625 static inline int rsn_preauth_iface_init(struct hostapd_data
*hapd
)
630 static inline void rsn_preauth_iface_deinit(struct hostapd_data
*hapd
)
634 static void rsn_preauth_finished_cb(void *eloop_ctx
, void *timeout_ctx
)
638 void rsn_preauth_finished(struct hostapd_data
*hapd
, struct sta_info
*sta
,
643 void rsn_preauth_send(struct hostapd_data
*hapd
, struct sta_info
*sta
,
648 #endif /* CONFIG_RSN_PREAUTH */
651 int wpa_init(struct hostapd_data
*hapd
)
654 u8 buf
[ETH_ALEN
+ 8];
656 if (rsn_preauth_iface_init(hapd
))
659 if (hostapd_set_privacy(hapd
, 1)) {
660 printf("Could not set PrivacyInvoked for interface %s\n",
665 if (wpa_gen_wpa_ie(hapd
)) {
666 printf("Could not generate WPA IE.\n");
670 if (hostapd_set_generic_elem(hapd
, hapd
->wpa_ie
, hapd
->wpa_ie_len
)) {
671 printf("Failed to configure WPA IE for the kernel driver.\n");
675 hapd
->wpa_auth
= malloc(sizeof(struct wpa_authenticator
));
676 if (hapd
->wpa_auth
== NULL
)
678 memset(hapd
->wpa_auth
, 0, sizeof(struct wpa_authenticator
));
679 hapd
->wpa_auth
->GTKAuthenticator
= TRUE
;
680 switch (hapd
->conf
->wpa_group
) {
681 case WPA_CIPHER_CCMP
:
682 hapd
->wpa_auth
->GTK_len
= 16;
684 case WPA_CIPHER_TKIP
:
685 hapd
->wpa_auth
->GTK_len
= 32;
687 case WPA_CIPHER_WEP104
:
688 hapd
->wpa_auth
->GTK_len
= 13;
690 case WPA_CIPHER_WEP40
:
691 hapd
->wpa_auth
->GTK_len
= 5;
695 /* Counter = PRF-256(Random number, "Init Counter",
696 * Local MAC Address || Time)
698 memcpy(buf
, hapd
->own_addr
, ETH_ALEN
);
699 hostapd_get_ntp_timestamp(buf
+ ETH_ALEN
);
700 if (hostapd_get_rand(rkey
, sizeof(rkey
)) ||
701 hostapd_get_rand(hapd
->wpa_auth
->GMK
, WPA_GMK_LEN
)) {
702 printf("Failed to get random data for WPA initialization.\n");
703 free(hapd
->wpa_auth
);
704 hapd
->wpa_auth
= NULL
;
708 sha1_prf(rkey
, sizeof(rkey
), "Init Counter", buf
, sizeof(buf
),
709 hapd
->wpa_auth
->Counter
, WPA_NONCE_LEN
);
711 if (hapd
->conf
->wpa_gmk_rekey
) {
712 eloop_register_timeout(hapd
->conf
->wpa_gmk_rekey
, 0,
713 wpa_rekey_gmk
, hapd
, NULL
);
716 if (hapd
->conf
->wpa_group_rekey
) {
717 eloop_register_timeout(hapd
->conf
->wpa_group_rekey
, 0,
718 wpa_rekey_gtk
, hapd
, NULL
);
721 hapd
->wpa_auth
->GInit
= TRUE
;
722 wpa_group_sm_step(hapd
);
723 hapd
->wpa_auth
->GInit
= FALSE
;
724 wpa_group_sm_step(hapd
);
730 void wpa_deinit(struct hostapd_data
*hapd
)
732 rsn_preauth_iface_deinit(hapd
);
734 eloop_cancel_timeout(wpa_rekey_gmk
, hapd
, NULL
);
735 eloop_cancel_timeout(wpa_rekey_gtk
, hapd
, NULL
);
737 if (hostapd_set_privacy(hapd
, 0)) {
738 printf("Could not disable PrivacyInvoked for interface %s\n",
742 if (hostapd_set_generic_elem(hapd
, (u8
*) "", 0)) {
743 printf("Could not remove generic information element from "
744 "interface %s\n", hapd
->conf
->iface
);
749 free(hapd
->wpa_auth
);
750 hapd
->wpa_auth
= NULL
;
752 pmksa_cache_free(hapd
);
756 static int wpa_selector_to_bitfield(u8
*s
)
758 if (memcmp(s
, WPA_CIPHER_SUITE_NONE
, WPA_SELECTOR_LEN
) == 0)
759 return WPA_CIPHER_NONE
;
760 if (memcmp(s
, WPA_CIPHER_SUITE_WEP40
, WPA_SELECTOR_LEN
) == 0)
761 return WPA_CIPHER_WEP40
;
762 if (memcmp(s
, WPA_CIPHER_SUITE_TKIP
, WPA_SELECTOR_LEN
) == 0)
763 return WPA_CIPHER_TKIP
;
764 if (memcmp(s
, WPA_CIPHER_SUITE_CCMP
, WPA_SELECTOR_LEN
) == 0)
765 return WPA_CIPHER_CCMP
;
766 if (memcmp(s
, WPA_CIPHER_SUITE_WEP104
, WPA_SELECTOR_LEN
) == 0)
767 return WPA_CIPHER_WEP104
;
772 static int wpa_key_mgmt_to_bitfield(u8
*s
)
774 if (memcmp(s
, WPA_AUTH_KEY_MGMT_UNSPEC_802_1X
, WPA_SELECTOR_LEN
) == 0)
775 return WPA_KEY_MGMT_IEEE8021X
;
776 if (memcmp(s
, WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X
, WPA_SELECTOR_LEN
) ==
778 return WPA_KEY_MGMT_PSK
;
783 static int rsn_selector_to_bitfield(u8
*s
)
785 if (memcmp(s
, RSN_CIPHER_SUITE_NONE
, RSN_SELECTOR_LEN
) == 0)
786 return WPA_CIPHER_NONE
;
787 if (memcmp(s
, RSN_CIPHER_SUITE_WEP40
, RSN_SELECTOR_LEN
) == 0)
788 return WPA_CIPHER_WEP40
;
789 if (memcmp(s
, RSN_CIPHER_SUITE_TKIP
, RSN_SELECTOR_LEN
) == 0)
790 return WPA_CIPHER_TKIP
;
791 if (memcmp(s
, RSN_CIPHER_SUITE_CCMP
, RSN_SELECTOR_LEN
) == 0)
792 return WPA_CIPHER_CCMP
;
793 if (memcmp(s
, RSN_CIPHER_SUITE_WEP104
, RSN_SELECTOR_LEN
) == 0)
794 return WPA_CIPHER_WEP104
;
799 static int rsn_key_mgmt_to_bitfield(u8
*s
)
801 if (memcmp(s
, RSN_AUTH_KEY_MGMT_UNSPEC_802_1X
, RSN_SELECTOR_LEN
) == 0)
802 return WPA_KEY_MGMT_IEEE8021X
;
803 if (memcmp(s
, RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X
, RSN_SELECTOR_LEN
) ==
805 return WPA_KEY_MGMT_PSK
;
810 static void rsn_pmkid(const u8
*pmk
, const u8
*aa
, const u8
*spa
, u8
*pmkid
)
812 char *title
= "PMK Name";
814 const size_t len
[3] = { 8, ETH_ALEN
, ETH_ALEN
};
815 unsigned char hash
[SHA1_MAC_LEN
];
817 addr
[0] = (u8
*) title
;
821 hmac_sha1_vector(pmk
, PMK_LEN
, 3, addr
, len
, hash
);
822 memcpy(pmkid
, hash
, PMKID_LEN
);
826 static void pmksa_cache_set_expiration(struct hostapd_data
*hapd
);
829 static void _pmksa_cache_free_entry(struct rsn_pmksa_cache
*entry
)
833 free(entry
->identity
);
834 ieee802_1x_free_radius_class(&entry
->radius_class
);
839 static void pmksa_cache_free_entry(struct hostapd_data
*hapd
,
840 struct rsn_pmksa_cache
*entry
)
842 struct sta_info
*sta
;
843 struct rsn_pmksa_cache
*pos
, *prev
;
845 for (sta
= hapd
->sta_list
; sta
!= NULL
; sta
= sta
->next
) {
846 if (sta
->pmksa
== entry
)
849 pos
= hapd
->pmkid
[PMKID_HASH(entry
->pmkid
)];
854 prev
->hnext
= pos
->hnext
;
856 hapd
->pmkid
[PMKID_HASH(entry
->pmkid
)] =
870 prev
->next
= pos
->next
;
872 hapd
->pmksa
= pos
->next
;
878 _pmksa_cache_free_entry(entry
);
882 static void pmksa_cache_expire(void *eloop_ctx
, void *timeout_ctx
)
884 struct hostapd_data
*hapd
= eloop_ctx
;
888 while (hapd
->pmksa
&& hapd
->pmksa
->expiration
<= now
) {
889 struct rsn_pmksa_cache
*entry
= hapd
->pmksa
;
890 hapd
->pmksa
= entry
->next
;
891 HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL
,
892 "RSN: expired PMKSA cache entry for "
893 MACSTR
, MAC2STR(entry
->spa
));
894 pmksa_cache_free_entry(hapd
, entry
);
897 pmksa_cache_set_expiration(hapd
);
901 static void pmksa_cache_set_expiration(struct hostapd_data
*hapd
)
904 eloop_cancel_timeout(pmksa_cache_expire
, hapd
, NULL
);
905 if (hapd
->pmksa
== NULL
)
907 sec
= hapd
->pmksa
->expiration
- time(NULL
);
910 eloop_register_timeout(sec
+ 1, 0, pmksa_cache_expire
, hapd
, NULL
);
914 static void pmksa_cache_from_eapol_data(struct rsn_pmksa_cache
*entry
,
915 struct eapol_state_machine
*eapol
)
920 if (eapol
->identity
) {
921 entry
->identity
= malloc(eapol
->identity_len
);
922 if (entry
->identity
) {
923 entry
->identity_len
= eapol
->identity_len
;
924 memcpy(entry
->identity
, eapol
->identity
,
925 eapol
->identity_len
);
929 ieee802_1x_copy_radius_class(&entry
->radius_class
,
930 &eapol
->radius_class
);
934 static void pmksa_cache_to_eapol_data(struct rsn_pmksa_cache
*entry
,
935 struct eapol_state_machine
*eapol
)
937 if (entry
== NULL
|| eapol
== NULL
)
940 if (entry
->identity
) {
941 free(eapol
->identity
);
942 eapol
->identity
= malloc(entry
->identity_len
);
943 if (eapol
->identity
) {
944 eapol
->identity_len
= entry
->identity_len
;
945 memcpy(eapol
->identity
, entry
->identity
,
946 entry
->identity_len
);
948 wpa_hexdump_ascii(MSG_DEBUG
, "STA identity from PMKSA",
949 eapol
->identity
, eapol
->identity_len
);
952 ieee802_1x_free_radius_class(&eapol
->radius_class
);
953 ieee802_1x_copy_radius_class(&eapol
->radius_class
,
954 &entry
->radius_class
);
955 if (eapol
->radius_class
.attr
) {
956 wpa_printf(MSG_DEBUG
, "Copied %lu Class attribute(s) from "
957 "PMKSA", (unsigned long) eapol
->radius_class
.count
);
962 void pmksa_cache_add(struct hostapd_data
*hapd
, struct sta_info
*sta
, u8
*pmk
,
965 struct rsn_pmksa_cache
*entry
, *pos
, *prev
;
967 if (sta
->wpa
!= WPA_VERSION_WPA2
)
970 entry
= malloc(sizeof(*entry
));
973 memset(entry
, 0, sizeof(*entry
));
974 memcpy(entry
->pmk
, pmk
, PMK_LEN
);
975 rsn_pmkid(pmk
, hapd
->own_addr
, sta
->addr
, entry
->pmkid
);
976 time(&entry
->expiration
);
977 if (session_timeout
> 0)
978 entry
->expiration
+= session_timeout
;
980 entry
->expiration
+= dot11RSNAConfigPMKLifetime
;
981 entry
->akmp
= WPA_KEY_MGMT_IEEE8021X
;
982 memcpy(entry
->spa
, sta
->addr
, ETH_ALEN
);
983 pmksa_cache_from_eapol_data(entry
, sta
->eapol_sm
);
985 /* Replace an old entry for the same STA (if found) with the new entry
987 pos
= pmksa_cache_get(hapd
, sta
->addr
, NULL
);
989 pmksa_cache_free_entry(hapd
, pos
);
991 if (hapd
->pmksa_count
>= pmksa_cache_max_entries
&& hapd
->pmksa
) {
992 /* Remove the oldest entry to make room for the new entry */
993 HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL
,
994 "RSN: removed the oldest PMKSA cache entry (for "
995 MACSTR
") to make room for new one",
996 MAC2STR(hapd
->pmksa
->spa
));
997 pmksa_cache_free_entry(hapd
, hapd
->pmksa
);
1000 /* Add the new entry; order by expiration time */
1004 if (pos
->expiration
> entry
->expiration
)
1010 entry
->next
= hapd
->pmksa
;
1011 hapd
->pmksa
= entry
;
1013 entry
->next
= prev
->next
;
1016 entry
->hnext
= hapd
->pmkid
[PMKID_HASH(entry
->pmkid
)];
1017 hapd
->pmkid
[PMKID_HASH(entry
->pmkid
)] = entry
;
1019 hapd
->pmksa_count
++;
1020 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1021 HOSTAPD_LEVEL_DEBUG
,
1022 "added PMKSA cache entry");
1023 if (HOSTAPD_DEBUG_COND(HOSTAPD_DEBUG_MINIMAL
)) {
1024 hostapd_hexdump("RSN: added PMKID", entry
->pmkid
, PMKID_LEN
);
1029 static void pmksa_cache_free(struct hostapd_data
*hapd
)
1031 struct rsn_pmksa_cache
*entry
, *prev
;
1033 struct sta_info
*sta
;
1035 entry
= hapd
->pmksa
;
1039 entry
= entry
->next
;
1040 _pmksa_cache_free_entry(prev
);
1042 eloop_cancel_timeout(pmksa_cache_expire
, hapd
, NULL
);
1043 for (i
= 0; i
< PMKID_HASH_SIZE
; i
++)
1044 hapd
->pmkid
[i
] = NULL
;
1045 for (sta
= hapd
->sta_list
; sta
; sta
= sta
->next
)
1050 static struct rsn_pmksa_cache
* pmksa_cache_get(struct hostapd_data
*hapd
,
1053 struct rsn_pmksa_cache
*entry
;
1056 entry
= hapd
->pmkid
[PMKID_HASH(pmkid
)];
1058 entry
= hapd
->pmksa
;
1060 if ((spa
== NULL
|| memcmp(entry
->spa
, spa
, ETH_ALEN
) == 0) &&
1062 memcmp(entry
->pmkid
, pmkid
, PMKID_LEN
) == 0))
1064 entry
= pmkid
? entry
->hnext
: entry
->next
;
1070 struct wpa_ie_data
{
1071 int pairwise_cipher
;
1080 static int wpa_parse_wpa_ie_wpa(const u8
*wpa_ie
, size_t wpa_ie_len
,
1081 struct wpa_ie_data
*data
)
1083 struct wpa_ie_hdr
*hdr
;
1088 memset(data
, 0, sizeof(*data
));
1089 data
->pairwise_cipher
= WPA_CIPHER_TKIP
;
1090 data
->group_cipher
= WPA_CIPHER_TKIP
;
1091 data
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1093 if (wpa_ie_len
< sizeof(struct wpa_ie_hdr
))
1096 hdr
= (struct wpa_ie_hdr
*) wpa_ie
;
1098 if (hdr
->elem_id
!= WLAN_EID_GENERIC
||
1099 hdr
->len
!= wpa_ie_len
- 2 ||
1100 memcmp(&hdr
->oui
, WPA_OUI_TYPE
, WPA_SELECTOR_LEN
) != 0 ||
1101 le_to_host16(hdr
->version
) != WPA_VERSION
) {
1105 pos
= (u8
*) (hdr
+ 1);
1106 left
= wpa_ie_len
- sizeof(*hdr
);
1108 if (left
>= WPA_SELECTOR_LEN
) {
1109 data
->group_cipher
= wpa_selector_to_bitfield(pos
);
1110 pos
+= WPA_SELECTOR_LEN
;
1111 left
-= WPA_SELECTOR_LEN
;
1112 } else if (left
> 0)
1116 data
->pairwise_cipher
= 0;
1117 count
= pos
[0] | (pos
[1] << 8);
1120 if (count
== 0 || left
< count
* WPA_SELECTOR_LEN
)
1122 for (i
= 0; i
< count
; i
++) {
1123 data
->pairwise_cipher
|= wpa_selector_to_bitfield(pos
);
1124 pos
+= WPA_SELECTOR_LEN
;
1125 left
-= WPA_SELECTOR_LEN
;
1127 } else if (left
== 1)
1132 count
= pos
[0] | (pos
[1] << 8);
1135 if (count
== 0 || left
< count
* WPA_SELECTOR_LEN
)
1137 for (i
= 0; i
< count
; i
++) {
1138 data
->key_mgmt
|= wpa_key_mgmt_to_bitfield(pos
);
1139 pos
+= WPA_SELECTOR_LEN
;
1140 left
-= WPA_SELECTOR_LEN
;
1142 } else if (left
== 1)
1146 data
->capabilities
= pos
[0] | (pos
[1] << 8);
1159 static int wpa_parse_wpa_ie_rsn(const u8
*rsn_ie
, size_t rsn_ie_len
,
1160 struct wpa_ie_data
*data
)
1162 struct rsn_ie_hdr
*hdr
;
1167 memset(data
, 0, sizeof(*data
));
1168 data
->pairwise_cipher
= WPA_CIPHER_CCMP
;
1169 data
->group_cipher
= WPA_CIPHER_CCMP
;
1170 data
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1172 if (rsn_ie_len
< sizeof(struct rsn_ie_hdr
))
1175 hdr
= (struct rsn_ie_hdr
*) rsn_ie
;
1177 if (hdr
->elem_id
!= WLAN_EID_RSN
||
1178 hdr
->len
!= rsn_ie_len
- 2 ||
1179 le_to_host16(hdr
->version
) != RSN_VERSION
) {
1183 pos
= (u8
*) (hdr
+ 1);
1184 left
= rsn_ie_len
- sizeof(*hdr
);
1186 if (left
>= RSN_SELECTOR_LEN
) {
1187 data
->group_cipher
= rsn_selector_to_bitfield(pos
);
1188 pos
+= RSN_SELECTOR_LEN
;
1189 left
-= RSN_SELECTOR_LEN
;
1190 } else if (left
> 0)
1194 data
->pairwise_cipher
= 0;
1195 count
= pos
[0] | (pos
[1] << 8);
1198 if (count
== 0 || left
< count
* RSN_SELECTOR_LEN
)
1200 for (i
= 0; i
< count
; i
++) {
1201 data
->pairwise_cipher
|= rsn_selector_to_bitfield(pos
);
1202 pos
+= RSN_SELECTOR_LEN
;
1203 left
-= RSN_SELECTOR_LEN
;
1205 } else if (left
== 1)
1210 count
= pos
[0] | (pos
[1] << 8);
1213 if (count
== 0 || left
< count
* RSN_SELECTOR_LEN
)
1215 for (i
= 0; i
< count
; i
++) {
1216 data
->key_mgmt
|= rsn_key_mgmt_to_bitfield(pos
);
1217 pos
+= RSN_SELECTOR_LEN
;
1218 left
-= RSN_SELECTOR_LEN
;
1220 } else if (left
== 1)
1224 data
->capabilities
= pos
[0] | (pos
[1] << 8);
1230 data
->num_pmkid
= pos
[0] | (pos
[1] << 8);
1233 if (left
< data
->num_pmkid
* PMKID_LEN
) {
1234 printf("RSN: too short RSN IE for PMKIDs "
1235 "(num=%lu, left=%d)\n",
1236 (unsigned long) data
->num_pmkid
, left
);
1240 pos
+= data
->num_pmkid
* PMKID_LEN
;
1241 left
-= data
->num_pmkid
* PMKID_LEN
;
1252 int wpa_validate_wpa_ie(struct hostapd_data
*hapd
, struct sta_info
*sta
,
1253 const u8
*wpa_ie
, size_t wpa_ie_len
, int version
)
1255 struct wpa_ie_data data
;
1256 int ciphers
, key_mgmt
, res
, i
;
1259 if (version
== HOSTAPD_WPA_VERSION_WPA2
) {
1260 res
= wpa_parse_wpa_ie_rsn(wpa_ie
, wpa_ie_len
, &data
);
1262 selector
= RSN_AUTH_KEY_MGMT_UNSPEC_802_1X
;
1263 if (data
.key_mgmt
& WPA_KEY_MGMT_IEEE8021X
)
1264 selector
= RSN_AUTH_KEY_MGMT_UNSPEC_802_1X
;
1265 else if (data
.key_mgmt
& WPA_KEY_MGMT_PSK
)
1266 selector
= RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X
;
1267 memcpy(hapd
->wpa_auth
->dot11RSNAAuthenticationSuiteSelected
,
1268 selector
, RSN_SELECTOR_LEN
);
1270 selector
= RSN_CIPHER_SUITE_CCMP
;
1271 if (data
.pairwise_cipher
& WPA_CIPHER_CCMP
)
1272 selector
= RSN_CIPHER_SUITE_CCMP
;
1273 else if (data
.pairwise_cipher
& WPA_CIPHER_TKIP
)
1274 selector
= RSN_CIPHER_SUITE_TKIP
;
1275 else if (data
.pairwise_cipher
& WPA_CIPHER_WEP104
)
1276 selector
= RSN_CIPHER_SUITE_WEP104
;
1277 else if (data
.pairwise_cipher
& WPA_CIPHER_WEP40
)
1278 selector
= RSN_CIPHER_SUITE_WEP40
;
1279 else if (data
.pairwise_cipher
& WPA_CIPHER_NONE
)
1280 selector
= RSN_CIPHER_SUITE_NONE
;
1281 memcpy(hapd
->wpa_auth
->dot11RSNAPairwiseCipherSelected
,
1282 selector
, RSN_SELECTOR_LEN
);
1284 selector
= RSN_CIPHER_SUITE_CCMP
;
1285 if (data
.group_cipher
& WPA_CIPHER_CCMP
)
1286 selector
= RSN_CIPHER_SUITE_CCMP
;
1287 else if (data
.group_cipher
& WPA_CIPHER_TKIP
)
1288 selector
= RSN_CIPHER_SUITE_TKIP
;
1289 else if (data
.group_cipher
& WPA_CIPHER_WEP104
)
1290 selector
= RSN_CIPHER_SUITE_WEP104
;
1291 else if (data
.group_cipher
& WPA_CIPHER_WEP40
)
1292 selector
= RSN_CIPHER_SUITE_WEP40
;
1293 else if (data
.group_cipher
& WPA_CIPHER_NONE
)
1294 selector
= RSN_CIPHER_SUITE_NONE
;
1295 memcpy(hapd
->wpa_auth
->dot11RSNAGroupCipherSelected
,
1296 selector
, RSN_SELECTOR_LEN
);
1298 res
= wpa_parse_wpa_ie_wpa(wpa_ie
, wpa_ie_len
, &data
);
1300 selector
= WPA_AUTH_KEY_MGMT_UNSPEC_802_1X
;
1301 if (data
.key_mgmt
& WPA_KEY_MGMT_IEEE8021X
)
1302 selector
= WPA_AUTH_KEY_MGMT_UNSPEC_802_1X
;
1303 else if (data
.key_mgmt
& WPA_KEY_MGMT_PSK
)
1304 selector
= WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X
;
1305 memcpy(hapd
->wpa_auth
->dot11RSNAAuthenticationSuiteSelected
,
1306 selector
, WPA_SELECTOR_LEN
);
1308 selector
= WPA_CIPHER_SUITE_TKIP
;
1309 if (data
.pairwise_cipher
& WPA_CIPHER_CCMP
)
1310 selector
= WPA_CIPHER_SUITE_CCMP
;
1311 else if (data
.pairwise_cipher
& WPA_CIPHER_TKIP
)
1312 selector
= WPA_CIPHER_SUITE_TKIP
;
1313 else if (data
.pairwise_cipher
& WPA_CIPHER_WEP104
)
1314 selector
= WPA_CIPHER_SUITE_WEP104
;
1315 else if (data
.pairwise_cipher
& WPA_CIPHER_WEP40
)
1316 selector
= WPA_CIPHER_SUITE_WEP40
;
1317 else if (data
.pairwise_cipher
& WPA_CIPHER_NONE
)
1318 selector
= WPA_CIPHER_SUITE_NONE
;
1319 memcpy(hapd
->wpa_auth
->dot11RSNAPairwiseCipherSelected
,
1320 selector
, WPA_SELECTOR_LEN
);
1322 selector
= WPA_CIPHER_SUITE_TKIP
;
1323 if (data
.group_cipher
& WPA_CIPHER_CCMP
)
1324 selector
= WPA_CIPHER_SUITE_CCMP
;
1325 else if (data
.group_cipher
& WPA_CIPHER_TKIP
)
1326 selector
= WPA_CIPHER_SUITE_TKIP
;
1327 else if (data
.group_cipher
& WPA_CIPHER_WEP104
)
1328 selector
= WPA_CIPHER_SUITE_WEP104
;
1329 else if (data
.group_cipher
& WPA_CIPHER_WEP40
)
1330 selector
= WPA_CIPHER_SUITE_WEP40
;
1331 else if (data
.group_cipher
& WPA_CIPHER_NONE
)
1332 selector
= WPA_CIPHER_SUITE_NONE
;
1333 memcpy(hapd
->wpa_auth
->dot11RSNAGroupCipherSelected
,
1334 selector
, WPA_SELECTOR_LEN
);
1337 printf("Failed to parse WPA/RSN IE from " MACSTR
" (res=%d)\n",
1338 MAC2STR(sta
->addr
), res
);
1339 hostapd_hexdump("WPA/RSN IE", wpa_ie
, wpa_ie_len
);
1340 return WPA_INVALID_IE
;
1343 if (data
.group_cipher
!= hapd
->conf
->wpa_group
) {
1344 printf("Invalid WPA group cipher (0x%x) from " MACSTR
"\n",
1345 data
.group_cipher
, MAC2STR(sta
->addr
));
1346 return WPA_INVALID_GROUP
;
1349 key_mgmt
= data
.key_mgmt
& hapd
->conf
->wpa_key_mgmt
;
1351 printf("Invalid WPA key mgmt (0x%x) from " MACSTR
"\n",
1352 data
.key_mgmt
, MAC2STR(sta
->addr
));
1353 return WPA_INVALID_AKMP
;
1355 if (key_mgmt
& WPA_KEY_MGMT_IEEE8021X
)
1356 sta
->wpa_key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1358 sta
->wpa_key_mgmt
= WPA_KEY_MGMT_PSK
;
1360 ciphers
= data
.pairwise_cipher
& hapd
->conf
->wpa_pairwise
;
1362 printf("Invalid WPA pairwise cipher (0x%x) from " MACSTR
"\n",
1363 data
.pairwise_cipher
, MAC2STR(sta
->addr
));
1364 return WPA_INVALID_PAIRWISE
;
1367 if (ciphers
& WPA_CIPHER_CCMP
)
1368 sta
->pairwise
= WPA_CIPHER_CCMP
;
1370 sta
->pairwise
= WPA_CIPHER_TKIP
;
1372 /* TODO: clear WPA/WPA2 state if STA changes from one to another */
1373 if (wpa_ie
[0] == WLAN_EID_RSN
)
1374 sta
->wpa
= WPA_VERSION_WPA2
;
1376 sta
->wpa
= WPA_VERSION_WPA
;
1378 for (i
= 0; i
< data
.num_pmkid
; i
++) {
1379 if (HOSTAPD_DEBUG_COND(HOSTAPD_DEBUG_MINIMAL
)) {
1380 hostapd_hexdump("RSN IE: STA PMKID",
1381 &data
.pmkid
[i
* PMKID_LEN
], PMKID_LEN
);
1383 sta
->pmksa
= pmksa_cache_get(hapd
, sta
->addr
,
1384 &data
.pmkid
[i
* PMKID_LEN
]);
1386 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1387 HOSTAPD_LEVEL_DEBUG
,
1388 "PMKID found from PMKSA cache");
1389 if (hapd
->wpa_auth
) {
1390 memcpy(hapd
->wpa_auth
->dot11RSNAPMKIDUsed
,
1391 sta
->pmksa
->pmkid
, PMKID_LEN
);
1401 void wpa_new_station(struct hostapd_data
*hapd
, struct sta_info
*sta
)
1403 struct wpa_state_machine
*sm
;
1405 if (!hapd
->conf
->wpa
)
1410 memset(sm
->key_replay_counter
, 0, WPA_REPLAY_COUNTER_LEN
);
1411 sm
->ReAuthenticationRequest
= TRUE
;
1416 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1417 HOSTAPD_LEVEL_DEBUG
, "start authentication");
1418 sm
= malloc(sizeof(struct wpa_state_machine
));
1421 memset(sm
, 0, sizeof(struct wpa_state_machine
));
1430 sm
->AuthenticationRequest
= TRUE
;
1435 void wpa_free_station(struct sta_info
*sta
)
1437 struct wpa_state_machine
*sm
= sta
->wpa_sm
;
1442 if (sm
->hapd
->conf
->wpa_strict_rekey
&& sm
->has_GTK
) {
1443 hostapd_logger(sm
->hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1444 HOSTAPD_LEVEL_DEBUG
, "strict rekeying - force "
1445 "GTK rekey since STA is leaving");
1446 eloop_cancel_timeout(wpa_rekey_gtk
, sm
->hapd
, NULL
);
1447 eloop_register_timeout(0, 500000, wpa_rekey_gtk
, sm
->hapd
,
1451 eloop_cancel_timeout(wpa_send_eapol_timeout
, sm
->hapd
, sta
);
1452 eloop_cancel_timeout(wpa_sm_call_step
, sm
->hapd
, sta
->wpa_sm
);
1453 eloop_cancel_timeout(rsn_preauth_finished_cb
, sm
->hapd
, sta
);
1454 free(sm
->last_rx_eapol_key
);
1460 static void wpa_request_new_ptk(struct hostapd_data
*hapd
,
1461 struct sta_info
*sta
)
1463 struct wpa_state_machine
*sm
= sta
->wpa_sm
;
1468 sm
->PTKRequest
= TRUE
;
1473 void wpa_receive(struct hostapd_data
*hapd
, struct sta_info
*sta
,
1474 u8
*data
, size_t data_len
)
1476 struct wpa_state_machine
*sm
= sta
->wpa_sm
;
1477 struct ieee802_1x_hdr
*hdr
;
1478 struct wpa_eapol_key
*key
;
1479 u16 key_info
, key_data_length
;
1480 enum { PAIRWISE_2
, PAIRWISE_4
, GROUP_2
, REQUEST
} msg
;
1483 if (!hapd
->conf
->wpa
)
1489 if (data_len
< sizeof(*hdr
) + sizeof(*key
))
1492 hdr
= (struct ieee802_1x_hdr
*) data
;
1493 key
= (struct wpa_eapol_key
*) (hdr
+ 1);
1494 key_info
= ntohs(key
->key_info
);
1495 key_data_length
= ntohs(key
->key_data_length
);
1496 if (key_data_length
> data_len
- sizeof(*hdr
) - sizeof(*key
)) {
1497 wpa_printf(MSG_INFO
, "WPA: Invalid EAPOL-Key frame - "
1498 "key_data overflow (%d > %lu)",
1500 (unsigned long) (data_len
- sizeof(*hdr
) -
1505 /* FIX: verify that the EAPOL-Key frame was encrypted if pairwise keys
1508 if (key_info
& WPA_KEY_INFO_REQUEST
) {
1511 } else if (!(key_info
& WPA_KEY_INFO_KEY_TYPE
)) {
1513 msgtxt
= "2/2 Group";
1514 } else if (key_data_length
== 0) {
1516 msgtxt
= "4/4 Pairwise";
1519 msgtxt
= "2/4 Pairwise";
1522 if (key_info
& WPA_KEY_INFO_REQUEST
) {
1523 if (sta
->req_replay_counter_used
&&
1524 memcmp(key
->replay_counter
, sta
->req_replay_counter
,
1525 WPA_REPLAY_COUNTER_LEN
) <= 0) {
1526 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1527 HOSTAPD_LEVEL_WARNING
,
1528 "received EAPOL-Key request with "
1529 "replayed counter");
1534 if (!(key_info
& WPA_KEY_INFO_REQUEST
) &&
1535 (!sm
->key_replay_counter_valid
||
1536 memcmp(key
->replay_counter
, sm
->key_replay_counter
,
1537 WPA_REPLAY_COUNTER_LEN
) != 0)) {
1538 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1540 "received EAPOL-Key %s with unexpected replay "
1542 if (HOSTAPD_DEBUG_COND(HOSTAPD_DEBUG_MINIMAL
)) {
1543 hostapd_hexdump("expected replay counter",
1544 sm
->key_replay_counter
,
1545 WPA_REPLAY_COUNTER_LEN
);
1546 hostapd_hexdump("received replay counter",
1547 key
->replay_counter
,
1548 WPA_REPLAY_COUNTER_LEN
);
1555 if (sm
->wpa_ptk_state
!= WPA_PTK_PTKSTART
&&
1556 sm
->wpa_ptk_state
!= WPA_PTK_PTKCALCNEGOTIATING
) {
1557 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1559 "received EAPOL-Key msg 2/4 in invalid"
1560 " state (%d) - dropped",
1564 if (sta
->wpa_ie
== NULL
||
1565 sta
->wpa_ie_len
!= key_data_length
||
1566 memcmp(sta
->wpa_ie
, key
+ 1, key_data_length
) != 0) {
1567 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1569 "WPA IE from (Re)AssocReq did not match"
1571 if (HOSTAPD_DEBUG_COND(HOSTAPD_DEBUG_MINIMAL
)) {
1573 hostapd_hexdump("WPA IE in AssocReq",
1577 hostapd_hexdump("WPA IE in msg 2/4",
1581 /* MLME-DEAUTHENTICATE.request */
1582 wpa_sta_disconnect(hapd
, sta
);
1587 if (sm
->wpa_ptk_state
!= WPA_PTK_PTKINITNEGOTIATING
||
1589 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1591 "received EAPOL-Key msg 4/4 in invalid"
1592 " state (%d) - dropped",
1598 if (sm
->wpa_ptk_group_state
!= WPA_PTK_GROUP_REKEYNEGOTIATING
1599 || !sm
->PTK_valid
) {
1600 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1602 "received EAPOL-Key msg 2/2 in invalid"
1603 " state (%d) - dropped",
1604 sm
->wpa_ptk_group_state
);
1612 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1613 HOSTAPD_LEVEL_DEBUG
, "received EAPOL-Key frame (%s)",
1616 if (key_info
& WPA_KEY_INFO_ACK
) {
1617 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1619 "received invalid EAPOL-Key: Key Ack set");
1623 if (!(key_info
& WPA_KEY_INFO_MIC
)) {
1624 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1626 "received invalid EAPOL-Key: Key MIC not set");
1630 sm
->MICVerified
= FALSE
;
1631 if (sm
->PTK_valid
) {
1632 if (wpa_verify_key_mic(&sm
->PTK
, data
, data_len
)) {
1633 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1635 "received EAPOL-Key with invalid MIC");
1638 sm
->MICVerified
= TRUE
;
1639 eloop_cancel_timeout(wpa_send_eapol_timeout
, sta
->wpa_sm
->hapd
,
1643 if (key_info
& WPA_KEY_INFO_REQUEST
) {
1644 if (sm
->MICVerified
) {
1645 sta
->req_replay_counter_used
= 1;
1646 memcpy(sta
->req_replay_counter
, key
->replay_counter
,
1647 WPA_REPLAY_COUNTER_LEN
);
1649 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1651 "received EAPOL-Key request with "
1656 if (key_info
& WPA_KEY_INFO_ERROR
) {
1657 /* Supplicant reported a Michael MIC error */
1658 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1660 "received EAPOL-Key Error Request "
1661 "(STA detected Michael MIC failure)");
1662 ieee80211_michael_mic_failure(hapd
, sta
->addr
, 0);
1663 sta
->dot11RSNAStatsTKIPRemoteMICFailures
++;
1664 hapd
->wpa_auth
->dot11RSNAStatsTKIPRemoteMICFailures
++;
1665 /* Error report is not a request for a new key
1666 * handshake, but since Authenticator may do it, let's
1667 * change the keys now anyway. */
1668 wpa_request_new_ptk(hapd
, sta
);
1669 } else if (key_info
& WPA_KEY_INFO_KEY_TYPE
) {
1670 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1672 "received EAPOL-Key Request for new "
1674 wpa_request_new_ptk(hapd
, sta
);
1676 /* TODO: this could also be a request for STAKey
1677 * if Key Data fields contains peer MAC address KDE.
1678 * STAKey request should have 0xdd <len> 00-0F-AC:2 in
1679 * the beginning of Key Data */
1680 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1682 "received EAPOL-Key Request for GTK "
1684 wpa_request_new_ptk(hapd
, sta
);
1685 eloop_cancel_timeout(wpa_rekey_gtk
, hapd
, NULL
);
1686 wpa_rekey_gtk(hapd
, NULL
);
1689 /* Do not allow the same key replay counter to be reused. */
1690 sm
->key_replay_counter_valid
= FALSE
;
1693 free(sm
->last_rx_eapol_key
);
1694 sm
->last_rx_eapol_key
= malloc(data_len
);
1695 if (sm
->last_rx_eapol_key
== NULL
)
1697 memcpy(sm
->last_rx_eapol_key
, data
, data_len
);
1698 sm
->last_rx_eapol_key_len
= data_len
;
1700 sm
->EAPOLKeyReceived
= TRUE
;
1701 sm
->EAPOLKeyPairwise
= !!(key_info
& WPA_KEY_INFO_KEY_TYPE
);
1702 sm
->EAPOLKeyRequest
= !!(key_info
& WPA_KEY_INFO_REQUEST
);
1703 memcpy(sm
->SNonce
, key
->key_nonce
, WPA_NONCE_LEN
);
1708 static void wpa_pmk_to_ptk(struct hostapd_data
*hapd
, const u8
*pmk
,
1709 const u8
*addr1
, const u8
*addr2
,
1710 const u8
*nonce1
, const u8
*nonce2
,
1711 u8
*ptk
, size_t ptk_len
)
1713 u8 data
[2 * ETH_ALEN
+ 2 * WPA_NONCE_LEN
];
1715 /* PTK = PRF-X(PMK, "Pairwise key expansion",
1716 * Min(AA, SA) || Max(AA, SA) ||
1717 * Min(ANonce, SNonce) || Max(ANonce, SNonce)) */
1719 if (memcmp(addr1
, addr2
, ETH_ALEN
) < 0) {
1720 memcpy(data
, addr1
, ETH_ALEN
);
1721 memcpy(data
+ ETH_ALEN
, addr2
, ETH_ALEN
);
1723 memcpy(data
, addr2
, ETH_ALEN
);
1724 memcpy(data
+ ETH_ALEN
, addr1
, ETH_ALEN
);
1727 if (memcmp(nonce1
, nonce2
, WPA_NONCE_LEN
) < 0) {
1728 memcpy(data
+ 2 * ETH_ALEN
, nonce1
, WPA_NONCE_LEN
);
1729 memcpy(data
+ 2 * ETH_ALEN
+ WPA_NONCE_LEN
, nonce2
,
1732 memcpy(data
+ 2 * ETH_ALEN
, nonce2
, WPA_NONCE_LEN
);
1733 memcpy(data
+ 2 * ETH_ALEN
+ WPA_NONCE_LEN
, nonce1
,
1737 sha1_prf(pmk
, WPA_PMK_LEN
, "Pairwise key expansion",
1738 data
, sizeof(data
), ptk
, ptk_len
);
1740 if (HOSTAPD_DEBUG_COND(HOSTAPD_DEBUG_MINIMAL
)) {
1741 hostapd_hexdump("PMK", pmk
, WPA_PMK_LEN
);
1742 hostapd_hexdump("PTK", ptk
, ptk_len
);
1747 static void wpa_gmk_to_gtk(struct hostapd_data
*hapd
, u8
*gmk
,
1748 u8
*addr
, u8
*gnonce
, u8
*gtk
, size_t gtk_len
)
1750 u8 data
[ETH_ALEN
+ WPA_NONCE_LEN
];
1752 /* GTK = PRF-X(GMK, "Group key expansion", AA || GNonce) */
1753 memcpy(data
, addr
, ETH_ALEN
);
1754 memcpy(data
+ ETH_ALEN
, gnonce
, WPA_NONCE_LEN
);
1756 sha1_prf(gmk
, WPA_GMK_LEN
, "Group key expansion",
1757 data
, sizeof(data
), gtk
, gtk_len
);
1759 if (HOSTAPD_DEBUG_COND(HOSTAPD_DEBUG_MINIMAL
)) {
1760 hostapd_hexdump("GMK", gmk
, WPA_GMK_LEN
);
1761 hostapd_hexdump("GTK", gtk
, gtk_len
);
1766 static void wpa_send_eapol_timeout(void *eloop_ctx
, void *timeout_ctx
)
1768 struct hostapd_data
*hapd
= eloop_ctx
;
1769 struct sta_info
*sta
= timeout_ctx
;
1771 if (!sta
->wpa_sm
|| !(sta
->flags
& WLAN_STA_ASSOC
))
1774 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1775 HOSTAPD_LEVEL_DEBUG
, "EAPOL-Key timeout");
1776 sta
->wpa_sm
->TimeoutEvt
= TRUE
;
1777 wpa_sm_step(sta
->wpa_sm
);
1781 static int wpa_calc_eapol_key_mic(int ver
, u8
*key
, u8
*data
, size_t len
,
1784 u8 hash
[SHA1_MAC_LEN
];
1787 case WPA_KEY_INFO_TYPE_HMAC_MD5_RC4
:
1788 hmac_md5(key
, 16, data
, len
, mic
);
1790 case WPA_KEY_INFO_TYPE_HMAC_SHA1_AES
:
1791 hmac_sha1(key
, 16, data
, len
, hash
);
1792 memcpy(mic
, hash
, MD5_MAC_LEN
);
1801 static void wpa_send_eapol(struct hostapd_data
*hapd
, struct sta_info
*sta
,
1802 int secure
, int mic
, int ack
, int install
,
1803 int pairwise
, u8
*key_rsc
, u8
*nonce
,
1804 u8
*ie
, size_t ie_len
, u8
*gtk
, size_t gtk_len
,
1807 struct wpa_state_machine
*sm
= sta
->wpa_sm
;
1808 struct ieee802_1x_hdr
*hdr
;
1809 struct wpa_eapol_key
*key
;
1813 int key_data_len
, pad_len
= 0;
1819 len
= sizeof(struct ieee802_1x_hdr
) + sizeof(struct wpa_eapol_key
);
1821 if (sta
->wpa
== WPA_VERSION_WPA2
) {
1822 key_data_len
= ie_len
+ gtk_len
;
1824 key_data_len
+= 2 + RSN_SELECTOR_LEN
+ 2;
1827 /* WPA does not include GTK in 4-Way Handshake */
1831 /* key_rsc is for group key, so mask it out in case of
1832 * WPA Pairwise key negotiation. */
1835 key_data_len
= ie_len
+ gtk_len
;
1838 if (sta
->pairwise
== WPA_CIPHER_CCMP
) {
1839 key_info
= WPA_KEY_INFO_TYPE_HMAC_SHA1_AES
;
1841 pad_len
= key_data_len
% 8;
1843 pad_len
= 8 - pad_len
;
1844 key_data_len
+= pad_len
+ 8;
1847 key_info
= WPA_KEY_INFO_TYPE_HMAC_MD5_RC4
;
1850 len
+= key_data_len
;
1855 memset(hdr
, 0, len
);
1856 hdr
->version
= hapd
->conf
->eapol_version
;
1857 hdr
->type
= IEEE802_1X_TYPE_EAPOL_KEY
;
1858 hdr
->length
= htons(len
- sizeof(*hdr
));
1859 key
= (struct wpa_eapol_key
*) (hdr
+ 1);
1861 key
->type
= sta
->wpa
== WPA_VERSION_WPA2
?
1862 EAPOL_KEY_TYPE_RSN
: EAPOL_KEY_TYPE_WPA
;
1864 key_info
|= WPA_KEY_INFO_SECURE
;
1866 key_info
|= WPA_KEY_INFO_MIC
;
1868 key_info
|= WPA_KEY_INFO_ACK
;
1870 key_info
|= WPA_KEY_INFO_INSTALL
;
1872 key_info
|= WPA_KEY_INFO_KEY_TYPE
;
1873 if (gtk
&& sta
->wpa
== WPA_VERSION_WPA2
)
1874 key_info
|= WPA_KEY_INFO_ENCR_KEY_DATA
;
1875 if (sta
->wpa
!= WPA_VERSION_WPA2
) {
1878 key_info
|= keyidx
<< WPA_KEY_INFO_KEY_INDEX_SHIFT
;
1880 key
->key_info
= htons(key_info
);
1882 alg
= pairwise
? sta
->pairwise
: hapd
->conf
->wpa_group
;
1884 case WPA_CIPHER_CCMP
:
1885 key
->key_length
= htons(16);
1887 case WPA_CIPHER_TKIP
:
1888 key
->key_length
= htons(32);
1890 case WPA_CIPHER_WEP40
:
1891 key
->key_length
= htons(5);
1893 case WPA_CIPHER_WEP104
:
1894 key
->key_length
= htons(13);
1898 inc_byte_array(sm
->key_replay_counter
, WPA_REPLAY_COUNTER_LEN
);
1899 memcpy(key
->replay_counter
, sm
->key_replay_counter
,
1900 WPA_REPLAY_COUNTER_LEN
);
1901 sm
->key_replay_counter_valid
= TRUE
;
1904 memcpy(key
->key_nonce
, nonce
, WPA_NONCE_LEN
);
1907 memcpy(key
->key_rsc
, key_rsc
, WPA_KEY_RSC_LEN
);
1910 memcpy(key
+ 1, ie
, ie_len
);
1911 key
->key_data_length
= htons(ie_len
);
1913 buf
= malloc(key_data_len
);
1918 memset(buf
, 0, key_data_len
);
1921 memcpy(pos
, ie
, ie_len
);
1924 if (sta
->wpa
== WPA_VERSION_WPA2
) {
1925 *pos
++ = WLAN_EID_GENERIC
;
1926 *pos
++ = RSN_SELECTOR_LEN
+ 2 + gtk_len
;
1927 memcpy(pos
, RSN_KEY_DATA_GROUPKEY
, RSN_SELECTOR_LEN
);
1928 pos
+= RSN_SELECTOR_LEN
;
1929 *pos
++ = keyidx
& 0x03;
1932 memcpy(pos
, gtk
, gtk_len
);
1937 if (HOSTAPD_DEBUG_COND(HOSTAPD_DEBUG_MINIMAL
)) {
1938 hostapd_hexdump("Plaintext EAPOL-Key Key Data",
1941 if (key_info
& WPA_KEY_INFO_TYPE_HMAC_SHA1_AES
) {
1942 aes_wrap(sm
->PTK
.encr_key
, (key_data_len
- 8) / 8, buf
,
1944 key
->key_data_length
= htons(key_data_len
);
1948 hapd
->wpa_auth
->Counter
+ WPA_NONCE_LEN
- 16,
1950 inc_byte_array(hapd
->wpa_auth
->Counter
, WPA_NONCE_LEN
);
1951 memcpy(ek
, key
->key_iv
, 16);
1952 memcpy(ek
+ 16, sm
->PTK
.encr_key
, 16);
1953 memcpy(key
+ 1, buf
, key_data_len
);
1954 rc4_skip(ek
, 32, 256, (u8
*) (key
+ 1), key_data_len
);
1955 key
->key_data_length
= htons(key_data_len
);
1961 if (!sm
->PTK_valid
) {
1962 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
1963 HOSTAPD_LEVEL_DEBUG
, "PTK not valid "
1964 "when sending EAPOL-Key frame");
1968 wpa_calc_eapol_key_mic(key_info
& WPA_KEY_INFO_TYPE_MASK
,
1969 sm
->PTK
.mic_key
, (u8
*) hdr
, len
,
1974 sta
->eapol_sm
->dot1xAuthEapolFramesTx
++;
1975 hostapd_send_eapol(hapd
, sta
->addr
, (u8
*) hdr
, len
, sm
->pairwise_set
);
1978 timeout_ms
= pairwise
? dot11RSNAConfigPairwiseUpdateTimeOut
:
1979 dot11RSNAConfigGroupUpdateTimeOut
;
1980 eloop_register_timeout(timeout_ms
/ 1000, (timeout_ms
% 1000) * 1000,
1981 wpa_send_eapol_timeout
, hapd
, sta
);
1985 static int wpa_verify_key_mic(struct wpa_ptk
*PTK
, u8
*data
, size_t data_len
)
1987 struct ieee802_1x_hdr
*hdr
;
1988 struct wpa_eapol_key
*key
;
1993 if (data_len
< sizeof(*hdr
) + sizeof(*key
))
1996 hdr
= (struct ieee802_1x_hdr
*) data
;
1997 key
= (struct wpa_eapol_key
*) (hdr
+ 1);
1998 key_info
= ntohs(key
->key_info
);
1999 type
= key_info
& WPA_KEY_INFO_TYPE_MASK
;
2000 memcpy(mic
, key
->key_mic
, 16);
2001 memset(key
->key_mic
, 0, 16);
2002 if (wpa_calc_eapol_key_mic(key_info
& WPA_KEY_INFO_TYPE_MASK
,
2003 PTK
->mic_key
, data
, data_len
, key
->key_mic
)
2004 || memcmp(mic
, key
->key_mic
, 16) != 0)
2006 memcpy(key
->key_mic
, mic
, 16);
2011 void wpa_sm_event(struct hostapd_data
*hapd
, struct sta_info
*sta
,
2014 struct wpa_state_machine
*sm
= sta
->wpa_sm
;
2015 hostapd_logger(hapd
, sta
->addr
, HOSTAPD_MODULE_WPA
,
2016 HOSTAPD_LEVEL_DEBUG
,
2017 "event %d notification", event
);
2027 sm
->DeauthenticationRequest
= TRUE
;
2030 case WPA_REAUTH_EAPOL
:
2031 sm
->ReAuthenticationRequest
= TRUE
;
2035 sm
->PTK_valid
= FALSE
;
2036 memset(&sm
->PTK
, 0, sizeof(sm
->PTK
));
2038 if (event
!= WPA_REAUTH_EAPOL
) {
2039 sm
->pairwise_set
= FALSE
;
2040 hostapd_set_encryption(sm
->hapd
, "none", sm
->sta
->addr
, 0,
2048 static const char * wpa_alg_txt(int alg
)
2051 case WPA_CIPHER_CCMP
:
2053 case WPA_CIPHER_TKIP
:
2055 case WPA_CIPHER_WEP104
:
2056 case WPA_CIPHER_WEP40
:
2064 /* Definitions for clarifying state machine implementation */
2065 #define SM_STATE(machine, state) \
2066 static void sm_ ## machine ## _ ## state ## _Enter(struct wpa_state_machine \
2069 #define SM_ENTRY(machine, _state, _data) \
2070 sm->changed = TRUE; \
2071 sm->_data ## _ ## state = machine ## _ ## _state; \
2072 if (sm->hapd->conf->debug >= HOSTAPD_DEBUG_MINIMAL) \
2073 printf("WPA: " MACSTR " " #machine " entering state " #_state \
2074 "\n", MAC2STR(sm->sta->addr));
2076 #define SM_ENTER(machine, state) sm_ ## machine ## _ ## state ## _Enter(sm)
2078 #define SM_STEP(machine) \
2079 static void sm_ ## machine ## _Step(struct wpa_state_machine *sm)
2081 #define SM_STEP_RUN(machine) sm_ ## machine ## _Step(sm)
2084 SM_STATE(WPA_PTK
, INITIALIZE
)
2086 struct hostapd_data
*hapd
= sm
->hapd
;
2088 SM_ENTRY(WPA_PTK
, INITIALIZE
, wpa_ptk
);
2090 /* Init flag is not cleared here, so avoid busy
2091 * loop by claiming nothing changed. */
2092 sm
->changed
= FALSE
;
2096 if (sm
->GUpdateStationKeys
)
2097 hapd
->wpa_auth
->GKeyDoneStations
--;
2098 sm
->GUpdateStationKeys
= FALSE
;
2099 if (sm
->sta
->wpa
== WPA_VERSION_WPA
)
2100 sm
->PInitAKeys
= FALSE
;
2101 if (1 /* Unicast cipher supported AND (ESS OR ((IBSS or WDS) and
2102 * Local AA > Remote AA)) */) {
2105 ieee802_1x_notify_port_enabled(sm
->sta
->eapol_sm
, 0);
2106 hostapd_set_encryption(sm
->hapd
, "none", sm
->sta
->addr
, 0, (u8
*) "",
2108 sm
->pairwise_set
= FALSE
;
2109 sm
->PTK_valid
= FALSE
;
2110 memset(&sm
->PTK
, 0, sizeof(sm
->PTK
));
2111 ieee802_1x_notify_port_valid(sm
->sta
->eapol_sm
, 0);
2113 if (sm
->sta
->wpa_key_mgmt
== WPA_KEY_MGMT_PSK
)
2114 ieee802_1x_set_sta_authorized(sm
->hapd
, sm
->sta
, 0);
2118 SM_STATE(WPA_PTK
, DISCONNECT
)
2120 SM_ENTRY(WPA_PTK
, DISCONNECT
, wpa_ptk
);
2121 sm
->Disconnect
= FALSE
;
2122 wpa_sta_disconnect(sm
->hapd
, sm
->sta
);
2126 SM_STATE(WPA_PTK
, DISCONNECTED
)
2128 SM_ENTRY(WPA_PTK
, DISCONNECTED
, wpa_ptk
);
2129 sm
->hapd
->wpa_auth
->GNoStations
--;
2130 sm
->DeauthenticationRequest
= FALSE
;
2134 SM_STATE(WPA_PTK
, AUTHENTICATION
)
2136 SM_ENTRY(WPA_PTK
, AUTHENTICATION
, wpa_ptk
);
2137 sm
->hapd
->wpa_auth
->GNoStations
++;
2138 memset(&sm
->PTK
, 0, sizeof(sm
->PTK
));
2139 sm
->PTK_valid
= FALSE
;
2140 if (sm
->sta
->eapol_sm
) {
2141 sm
->sta
->eapol_sm
->portControl
= Auto
;
2142 sm
->sta
->eapol_sm
->portEnabled
= TRUE
;
2144 sm
->AuthenticationRequest
= FALSE
;
2148 SM_STATE(WPA_PTK
, AUTHENTICATION2
)
2150 SM_ENTRY(WPA_PTK
, AUTHENTICATION2
, wpa_ptk
);
2151 memcpy(sm
->ANonce
, sm
->hapd
->wpa_auth
->Counter
, WPA_NONCE_LEN
);
2152 inc_byte_array(sm
->hapd
->wpa_auth
->Counter
, WPA_NONCE_LEN
);
2153 sm
->ReAuthenticationRequest
= FALSE
;
2154 /* IEEE 802.11i/D9.0 does not clear TimeoutCtr here, but this is more
2155 * logical place than INITIALIZE since AUTHENTICATION2 can be
2156 * re-entered on ReAuthenticationRequest without going through
2162 SM_STATE(WPA_PTK
, INITPMK
)
2166 SM_ENTRY(WPA_PTK
, INITPMK
, wpa_ptk
);
2167 if (sm
->sta
->pmksa
) {
2168 wpa_printf(MSG_DEBUG
, "WPA: PMK from PMKSA cache");
2169 memcpy(sm
->PMK
, sm
->sta
->pmksa
->pmk
, WPA_PMK_LEN
);
2170 pmksa_cache_to_eapol_data(sm
->sta
->pmksa
, sm
->sta
->eapol_sm
);
2171 } else if ((key
= ieee802_1x_get_key_crypt(sm
->sta
->eapol_sm
, &len
))) {
2172 wpa_printf(MSG_DEBUG
, "WPA: PMK from EAPOL state machine "
2173 "(len=%lu)", (unsigned long) len
);
2174 if (len
> WPA_PMK_LEN
)
2176 memcpy(sm
->PMK
, key
, len
);
2178 wpa_printf(MSG_DEBUG
, "WPA: Could not get PMK");
2180 sm
->sta
->req_replay_counter_used
= 0;
2181 /* IEEE 802.11i/D9.0 does not set keyRun to FALSE, but not doing this
2182 * will break reauthentication since EAPOL state machines may not be
2183 * get into AUTHENTICATING state that clears keyRun before WPA state
2184 * machine enters AUTHENTICATION2 state and goes immediately to INITPMK
2185 * state and takes PMK from the previously used AAA Key. This will
2186 * eventually fail in 4-Way Handshake because Supplicant uses PMK
2187 * derived from the new AAA Key. Setting keyRun = FALSE here seems to
2188 * be good workaround for this issue. */
2189 if (sm
->sta
->eapol_sm
)
2190 sm
->sta
->eapol_sm
->keyRun
= FALSE
;
2194 SM_STATE(WPA_PTK
, INITPSK
)
2197 SM_ENTRY(WPA_PTK
, INITPSK
, wpa_ptk
);
2198 psk
= hostapd_get_psk(sm
->hapd
->conf
, sm
->sta
->addr
, NULL
);
2200 memcpy(sm
->PMK
, psk
, WPA_PMK_LEN
);
2201 sm
->sta
->req_replay_counter_used
= 0;
2205 SM_STATE(WPA_PTK
, PTKSTART
)
2208 size_t pmkid_len
= 0;
2210 SM_ENTRY(WPA_PTK
, PTKSTART
, wpa_ptk
);
2211 sm
->PTKRequest
= FALSE
;
2212 sm
->TimeoutEvt
= FALSE
;
2213 hostapd_logger(sm
->hapd
, sm
->sta
->addr
, HOSTAPD_MODULE_WPA
,
2214 HOSTAPD_LEVEL_DEBUG
,
2215 "sending 1/4 msg of 4-Way Handshake");
2216 if (sm
->sta
->pmksa
&&
2217 (pmkid
= malloc(2 + RSN_SELECTOR_LEN
+ PMKID_LEN
))) {
2218 pmkid_len
= 2 + RSN_SELECTOR_LEN
+ PMKID_LEN
;
2219 pmkid
[0] = WLAN_EID_GENERIC
;
2220 pmkid
[1] = RSN_SELECTOR_LEN
+ PMKID_LEN
;
2221 memcpy(&pmkid
[2], RSN_KEY_DATA_PMKID
, RSN_SELECTOR_LEN
);
2222 memcpy(&pmkid
[2 + RSN_SELECTOR_LEN
], sm
->sta
->pmksa
->pmkid
,
2225 wpa_send_eapol(sm
->hapd
, sm
->sta
, 0, 0, 1, 0, 1, NULL
, sm
->ANonce
,
2226 pmkid
, pmkid_len
, NULL
, 0, 0);
2232 SM_STATE(WPA_PTK
, PTKCALCNEGOTIATING
)
2236 const u8
*pmk
= NULL
;
2238 SM_ENTRY(WPA_PTK
, PTKCALCNEGOTIATING
, wpa_ptk
);
2239 sm
->EAPOLKeyReceived
= FALSE
;
2241 /* WPA with IEEE 802.1X: use the derived PMK from EAP
2242 * WPA-PSK: iterate through possible PSKs and select the one matching
2245 if (sm
->sta
->wpa_key_mgmt
== WPA_KEY_MGMT_PSK
) {
2246 pmk
= hostapd_get_psk(sm
->hapd
->conf
, sm
->sta
->addr
,
2253 wpa_pmk_to_ptk(sm
->hapd
, pmk
, sm
->hapd
->own_addr
,
2254 sm
->sta
->addr
, sm
->ANonce
, sm
->SNonce
,
2255 (u8
*) &PTK
, sizeof(PTK
));
2257 if (wpa_verify_key_mic(&PTK
, sm
->last_rx_eapol_key
,
2258 sm
->last_rx_eapol_key_len
) == 0) {
2263 if (sm
->sta
->wpa_key_mgmt
!= WPA_KEY_MGMT_PSK
)
2268 hostapd_logger(sm
->hapd
, sm
->sta
->addr
, HOSTAPD_MODULE_WPA
,
2269 HOSTAPD_LEVEL_DEBUG
, "invalid MIC in msg 2/4 "
2270 "of 4-Way Handshake");
2274 eloop_cancel_timeout(wpa_send_eapol_timeout
, sm
->hapd
, sm
->sta
);
2276 if (sm
->sta
->wpa_key_mgmt
== WPA_KEY_MGMT_PSK
) {
2277 /* PSK may have changed from the previous choice, so update
2278 * state machine data based on whatever PSK was selected here.
2280 memcpy(sm
->PMK
, pmk
, WPA_PMK_LEN
);
2283 sm
->MICVerified
= TRUE
;
2285 memcpy(&sm
->PTK
, &PTK
, sizeof(PTK
));
2286 sm
->PTK_valid
= TRUE
;
2290 SM_STATE(WPA_PTK
, PTKCALCNEGOTIATING2
)
2292 SM_ENTRY(WPA_PTK
, PTKCALCNEGOTIATING2
, wpa_ptk
);
2297 SM_STATE(WPA_PTK
, PTKINITNEGOTIATING
)
2299 u8 rsc
[WPA_KEY_RSC_LEN
];
2300 struct wpa_authenticator
*gsm
= sm
->hapd
->wpa_auth
;
2304 SM_ENTRY(WPA_PTK
, PTKINITNEGOTIATING
, wpa_ptk
);
2305 sm
->TimeoutEvt
= FALSE
;
2306 /* Send EAPOL(1, 1, 1, Pair, P, RSC, ANonce, MIC(PTK), RSNIE, GTK[GN])
2308 memset(rsc
, 0, WPA_KEY_RSC_LEN
);
2309 hostapd_get_seqnum(sm
->hapd
, NULL
, gsm
->GN
, rsc
);
2310 wpa_ie
= sm
->hapd
->wpa_ie
;
2311 wpa_ie_len
= sm
->hapd
->wpa_ie_len
;
2312 if (sm
->sta
->wpa
== WPA_VERSION_WPA
&&
2313 (sm
->hapd
->conf
->wpa
& HOSTAPD_WPA_VERSION_WPA2
) &&
2314 wpa_ie_len
> wpa_ie
[1] + 2 && wpa_ie
[0] == WLAN_EID_RSN
) {
2315 /* WPA-only STA, remove RSN IE */
2316 wpa_ie
= wpa_ie
+ wpa_ie
[1] + 2;
2317 wpa_ie_len
= wpa_ie
[1] + 2;
2319 hostapd_logger(sm
->hapd
, sm
->sta
->addr
, HOSTAPD_MODULE_WPA
,
2320 HOSTAPD_LEVEL_DEBUG
,
2321 "sending 3/4 msg of 4-Way Handshake");
2322 wpa_send_eapol(sm
->hapd
, sm
->sta
,
2323 sm
->sta
->wpa
== WPA_VERSION_WPA2
? 1 : 0,
2324 1, 1, 1, 1, rsc
, sm
->ANonce
,
2326 gsm
->GTK
[gsm
->GN
- 1], gsm
->GTK_len
, gsm
->GN
);
2331 SM_STATE(WPA_PTK
, PTKINITDONE
)
2333 SM_ENTRY(WPA_PTK
, PTKINITDONE
, wpa_ptk
);
2334 sm
->EAPOLKeyReceived
= FALSE
;
2338 if (sm
->sta
->pairwise
== WPA_CIPHER_TKIP
) {
2345 if (hostapd_set_encryption(sm
->hapd
, alg
, sm
->sta
->addr
, 0,
2346 sm
->PTK
.tk1
, klen
)) {
2347 wpa_sta_disconnect(sm
->hapd
, sm
->sta
);
2350 /* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */
2351 sm
->pairwise_set
= TRUE
;
2353 if (sm
->sta
->wpa_key_mgmt
== WPA_KEY_MGMT_PSK
)
2354 ieee802_1x_set_sta_authorized(sm
->hapd
, sm
->sta
, 1);
2357 if (0 /* IBSS == TRUE */) {
2359 if (sm
->keycount
== 2) {
2360 ieee802_1x_notify_port_valid(sm
->sta
->eapol_sm
, 1);
2363 ieee802_1x_notify_port_valid(sm
->sta
->eapol_sm
, 1);
2365 if (sm
->sta
->eapol_sm
) {
2366 sm
->sta
->eapol_sm
->keyAvailable
= FALSE
;
2367 sm
->sta
->eapol_sm
->keyDone
= TRUE
;
2369 if (sm
->sta
->wpa
== WPA_VERSION_WPA
)
2370 sm
->PInitAKeys
= TRUE
;
2373 hostapd_logger(sm
->hapd
, sm
->sta
->addr
, HOSTAPD_MODULE_WPA
,
2374 HOSTAPD_LEVEL_INFO
, "pairwise key handshake completed "
2376 sm
->sta
->wpa
== WPA_VERSION_WPA
? "WPA" : "RSN");
2377 if (sm
->sta
->wpa_key_mgmt
== WPA_KEY_MGMT_PSK
)
2378 accounting_sta_start(sm
->hapd
, sm
->sta
);
2384 struct wpa_authenticator
*wpa_auth
= sm
->hapd
->wpa_auth
;
2387 SM_ENTER(WPA_PTK
, INITIALIZE
);
2388 else if (sm
->Disconnect
2389 /* || FIX: dot11RSNAConfigSALifetime timeout */)
2390 SM_ENTER(WPA_PTK
, DISCONNECT
);
2391 else if (sm
->DeauthenticationRequest
)
2392 SM_ENTER(WPA_PTK
, DISCONNECTED
);
2393 else if (sm
->AuthenticationRequest
)
2394 SM_ENTER(WPA_PTK
, AUTHENTICATION
);
2395 else if (sm
->ReAuthenticationRequest
)
2396 SM_ENTER(WPA_PTK
, AUTHENTICATION2
);
2397 else if (sm
->PTKRequest
)
2398 SM_ENTER(WPA_PTK
, PTKSTART
);
2399 else switch (sm
->wpa_ptk_state
) {
2400 case WPA_PTK_INITIALIZE
:
2402 case WPA_PTK_DISCONNECT
:
2403 SM_ENTER(WPA_PTK
, DISCONNECTED
);
2405 case WPA_PTK_DISCONNECTED
:
2406 SM_ENTER(WPA_PTK
, INITIALIZE
);
2408 case WPA_PTK_AUTHENTICATION
:
2409 SM_ENTER(WPA_PTK
, AUTHENTICATION2
);
2411 case WPA_PTK_AUTHENTICATION2
:
2412 if ((sm
->sta
->wpa_key_mgmt
== WPA_KEY_MGMT_IEEE8021X
) &&
2413 sm
->sta
->eapol_sm
&& sm
->sta
->eapol_sm
->keyRun
)
2414 SM_ENTER(WPA_PTK
, INITPMK
);
2415 else if ((sm
->sta
->wpa_key_mgmt
== WPA_KEY_MGMT_PSK
)
2416 /* FIX: && 802.1X::keyRun */)
2417 SM_ENTER(WPA_PTK
, INITPSK
);
2419 case WPA_PTK_INITPMK
:
2420 if (sm
->sta
->eapol_sm
&& sm
->sta
->eapol_sm
->keyAvailable
)
2421 SM_ENTER(WPA_PTK
, PTKSTART
);
2423 wpa_auth
->dot11RSNA4WayHandshakeFailures
++;
2424 SM_ENTER(WPA_PTK
, DISCONNECT
);
2427 case WPA_PTK_INITPSK
:
2428 if (hostapd_get_psk(sm
->hapd
->conf
, sm
->sta
->addr
, NULL
))
2429 SM_ENTER(WPA_PTK
, PTKSTART
);
2431 hostapd_logger(sm
->hapd
, sm
->sta
->addr
,
2434 "no PSK configured for the STA");
2435 wpa_auth
->dot11RSNA4WayHandshakeFailures
++;
2436 SM_ENTER(WPA_PTK
, DISCONNECT
);
2439 case WPA_PTK_PTKSTART
:
2440 if (sm
->EAPOLKeyReceived
&& !sm
->EAPOLKeyRequest
&&
2441 sm
->EAPOLKeyPairwise
)
2442 SM_ENTER(WPA_PTK
, PTKCALCNEGOTIATING
);
2443 else if (sm
->TimeoutCtr
> dot11RSNAConfigPairwiseUpdateCount
) {
2444 wpa_auth
->dot11RSNA4WayHandshakeFailures
++;
2445 SM_ENTER(WPA_PTK
, DISCONNECT
);
2446 } else if (sm
->TimeoutEvt
)
2447 SM_ENTER(WPA_PTK
, PTKSTART
);
2449 case WPA_PTK_PTKCALCNEGOTIATING
:
2450 if (sm
->MICVerified
)
2451 SM_ENTER(WPA_PTK
, PTKCALCNEGOTIATING2
);
2452 else if (sm
->EAPOLKeyReceived
&& !sm
->EAPOLKeyRequest
&&
2453 sm
->EAPOLKeyPairwise
)
2454 SM_ENTER(WPA_PTK
, PTKCALCNEGOTIATING
);
2455 else if (sm
->TimeoutEvt
)
2456 SM_ENTER(WPA_PTK
, PTKSTART
);
2458 case WPA_PTK_PTKCALCNEGOTIATING2
:
2459 SM_ENTER(WPA_PTK
, PTKINITNEGOTIATING
);
2461 case WPA_PTK_PTKINITNEGOTIATING
:
2462 if (sm
->EAPOLKeyReceived
&& !sm
->EAPOLKeyRequest
&&
2463 sm
->EAPOLKeyPairwise
&& sm
->MICVerified
)
2464 SM_ENTER(WPA_PTK
, PTKINITDONE
);
2465 else if (sm
->TimeoutCtr
> dot11RSNAConfigPairwiseUpdateCount
) {
2466 wpa_auth
->dot11RSNA4WayHandshakeFailures
++;
2467 SM_ENTER(WPA_PTK
, DISCONNECT
);
2468 } else if (sm
->TimeoutEvt
)
2469 SM_ENTER(WPA_PTK
, PTKINITNEGOTIATING
);
2471 case WPA_PTK_PTKINITDONE
:
2477 SM_STATE(WPA_PTK_GROUP
, IDLE
)
2479 SM_ENTRY(WPA_PTK_GROUP
, IDLE
, wpa_ptk_group
);
2481 /* Init flag is not cleared here, so avoid busy
2482 * loop by claiming nothing changed. */
2483 sm
->changed
= FALSE
;
2485 sm
->GTimeoutCtr
= 0;
2489 SM_STATE(WPA_PTK_GROUP
, REKEYNEGOTIATING
)
2491 u8 rsc
[WPA_KEY_RSC_LEN
];
2492 struct wpa_authenticator
*gsm
= sm
->hapd
->wpa_auth
;
2494 SM_ENTRY(WPA_PTK_GROUP
, REKEYNEGOTIATING
, wpa_ptk_group
);
2495 if (sm
->sta
->wpa
== WPA_VERSION_WPA
)
2496 sm
->PInitAKeys
= FALSE
;
2497 sm
->TimeoutEvt
= FALSE
;
2498 /* Send EAPOL(1, 1, 1, !Pair, G, RSC, GNonce, MIC(PTK), GTK[GN]) */
2499 memset(rsc
, 0, WPA_KEY_RSC_LEN
);
2500 if (gsm
->wpa_group_state
== WPA_GROUP_SETKEYSDONE
)
2501 hostapd_get_seqnum(sm
->hapd
, NULL
, gsm
->GN
, rsc
);
2502 hostapd_logger(sm
->hapd
, sm
->sta
->addr
, HOSTAPD_MODULE_WPA
,
2503 HOSTAPD_LEVEL_DEBUG
,
2504 "sending 1/2 msg of Group Key Handshake");
2505 wpa_send_eapol(sm
->hapd
, sm
->sta
, 1, 1, 1, !sm
->Pair
, 0, rsc
,
2506 gsm
->GNonce
, NULL
, 0,
2507 gsm
->GTK
[gsm
->GN
- 1], gsm
->GTK_len
, gsm
->GN
);
2512 SM_STATE(WPA_PTK_GROUP
, REKEYESTABLISHED
)
2514 SM_ENTRY(WPA_PTK_GROUP
, REKEYESTABLISHED
, wpa_ptk_group
);
2515 sm
->EAPOLKeyReceived
= FALSE
;
2516 sm
->GUpdateStationKeys
= FALSE
;
2517 sm
->hapd
->wpa_auth
->GKeyDoneStations
--;
2518 sm
->GTimeoutCtr
= 0;
2519 /* FIX: MLME.SetProtection.Request(TA, Tx_Rx) */
2520 hostapd_logger(sm
->hapd
, sm
->sta
->addr
, HOSTAPD_MODULE_WPA
,
2521 HOSTAPD_LEVEL_INFO
, "group key handshake completed "
2523 sm
->sta
->wpa
== WPA_VERSION_WPA
? "WPA" : "RSN");
2528 SM_STATE(WPA_PTK_GROUP
, KEYERROR
)
2530 SM_ENTRY(WPA_PTK_GROUP
, KEYERROR
, wpa_ptk_group
);
2531 sm
->hapd
->wpa_auth
->GKeyDoneStations
--;
2532 sm
->GUpdateStationKeys
= FALSE
;
2533 sm
->Disconnect
= TRUE
;
2537 SM_STEP(WPA_PTK_GROUP
)
2540 SM_ENTER(WPA_PTK_GROUP
, IDLE
);
2541 else switch (sm
->wpa_ptk_group_state
) {
2542 case WPA_PTK_GROUP_IDLE
:
2543 if (sm
->GUpdateStationKeys
||
2544 (sm
->sta
->wpa
== WPA_VERSION_WPA
&& sm
->PInitAKeys
))
2545 SM_ENTER(WPA_PTK_GROUP
, REKEYNEGOTIATING
);
2547 case WPA_PTK_GROUP_REKEYNEGOTIATING
:
2548 if (sm
->EAPOLKeyReceived
&& !sm
->EAPOLKeyRequest
&&
2549 !sm
->EAPOLKeyPairwise
&& sm
->MICVerified
)
2550 SM_ENTER(WPA_PTK_GROUP
, REKEYESTABLISHED
);
2551 else if (sm
->GTimeoutCtr
> dot11RSNAConfigGroupUpdateCount
)
2552 SM_ENTER(WPA_PTK_GROUP
, KEYERROR
);
2553 else if (sm
->TimeoutEvt
)
2554 SM_ENTER(WPA_PTK_GROUP
, REKEYNEGOTIATING
);
2556 case WPA_PTK_GROUP_KEYERROR
:
2557 SM_ENTER(WPA_PTK_GROUP
, IDLE
);
2559 case WPA_PTK_GROUP_REKEYESTABLISHED
:
2560 SM_ENTER(WPA_PTK_GROUP
, IDLE
);
2566 static void wpa_group_gtk_init(struct hostapd_data
*hapd
)
2568 struct wpa_authenticator
*sm
= hapd
->wpa_auth
;
2569 HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL
, "WPA: group state machine "
2570 "entering state GTK_INIT\n");
2571 sm
->changed
= FALSE
; /* GInit is not cleared here; avoid loop */
2572 sm
->wpa_group_state
= WPA_GROUP_GTK_INIT
;
2575 memset(sm
->GTK
, 0, sizeof(sm
->GTK
));
2578 /* GTK[GN] = CalcGTK() */
2579 /* FIX: is this the correct way of getting GNonce? */
2580 memcpy(sm
->GNonce
, sm
->Counter
, WPA_NONCE_LEN
);
2581 inc_byte_array(sm
->Counter
, WPA_NONCE_LEN
);
2582 wpa_gmk_to_gtk(hapd
, sm
->GMK
, hapd
->own_addr
, sm
->GNonce
,
2583 sm
->GTK
[sm
->GN
- 1], sm
->GTK_len
);
2587 static void wpa_group_setkeys(struct hostapd_data
*hapd
)
2589 struct wpa_authenticator
*sm
= hapd
->wpa_auth
;
2590 struct sta_info
*sta
;
2593 HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL
, "WPA: group state machine "
2594 "entering state SETKEYS\n");
2596 sm
->wpa_group_state
= WPA_GROUP_SETKEYS
;
2597 sm
->GTKReKey
= FALSE
;
2601 sm
->GKeyDoneStations
= sm
->GNoStations
;
2602 /* FIX: is this the correct way of getting GNonce? */
2603 memcpy(sm
->GNonce
, sm
->Counter
, WPA_NONCE_LEN
);
2604 inc_byte_array(sm
->Counter
, WPA_NONCE_LEN
);
2605 wpa_gmk_to_gtk(hapd
, sm
->GMK
, hapd
->own_addr
, sm
->GNonce
,
2606 sm
->GTK
[sm
->GN
- 1], sm
->GTK_len
);
2608 sta
= hapd
->sta_list
;
2611 sta
->wpa_sm
->GUpdateStationKeys
= TRUE
;
2612 wpa_sm_step(sta
->wpa_sm
);
2619 static void wpa_group_setkeysdone(struct hostapd_data
*hapd
)
2621 struct wpa_authenticator
*sm
= hapd
->wpa_auth
;
2623 HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL
, "WPA: group state machine "
2624 "entering state SETKEYSDONE\n");
2626 sm
->wpa_group_state
= WPA_GROUP_SETKEYSDONE
;
2627 hostapd_set_encryption(hapd
, wpa_alg_txt(hapd
->conf
->wpa_group
),
2628 NULL
, sm
->GN
, sm
->GTK
[sm
->GN
- 1], sm
->GTK_len
);
2632 static void wpa_group_sm_step(struct hostapd_data
*hapd
)
2634 struct wpa_authenticator
*sm
= hapd
->wpa_auth
;
2637 wpa_group_gtk_init(hapd
);
2638 } else if (sm
->wpa_group_state
== WPA_GROUP_GTK_INIT
&&
2639 sm
->GTKAuthenticator
) {
2640 wpa_group_setkeysdone(hapd
);
2641 } else if (sm
->wpa_group_state
== WPA_GROUP_SETKEYSDONE
&&
2643 wpa_group_setkeys(hapd
);
2644 } else if (sm
->wpa_group_state
== WPA_GROUP_SETKEYS
) {
2645 if (sm
->GKeyDoneStations
== 0)
2646 wpa_group_setkeysdone(hapd
);
2647 else if (sm
->GTKReKey
)
2648 wpa_group_setkeys(hapd
);
2653 static int wpa_sm_sta_entry_alive(struct hostapd_data
*hapd
, u8
*addr
)
2655 struct sta_info
*sta
;
2656 sta
= ap_get_sta(hapd
, addr
);
2657 if (sta
== NULL
|| sta
->wpa_sm
== NULL
)
2663 static void wpa_sm_step(struct wpa_state_machine
*sm
)
2665 struct hostapd_data
*hapd
;
2667 if (sm
== NULL
|| sm
->sta
== NULL
|| sm
->sta
->wpa_sm
== NULL
)
2671 memcpy(addr
, sm
->sta
->addr
, 6);
2673 sm
->changed
= FALSE
;
2674 sm
->hapd
->wpa_auth
->changed
= FALSE
;
2676 SM_STEP_RUN(WPA_PTK
);
2677 if (!wpa_sm_sta_entry_alive(hapd
, addr
))
2679 SM_STEP_RUN(WPA_PTK_GROUP
);
2680 if (!wpa_sm_sta_entry_alive(hapd
, addr
))
2682 wpa_group_sm_step(sm
->hapd
);
2683 if (!wpa_sm_sta_entry_alive(hapd
, addr
))
2685 } while (sm
->changed
|| sm
->hapd
->wpa_auth
->changed
);
2689 static void wpa_sm_call_step(void *eloop_ctx
, void *timeout_ctx
)
2691 struct wpa_state_machine
*sm
= timeout_ctx
;
2696 void wpa_sm_notify(struct hostapd_data
*hapd
, struct sta_info
*sta
)
2698 if (sta
->wpa_sm
== NULL
)
2700 eloop_register_timeout(0, 0, wpa_sm_call_step
, hapd
, sta
->wpa_sm
);
2704 void wpa_gtk_rekey(struct hostapd_data
*hapd
)
2706 struct wpa_authenticator
*sm
= hapd
->wpa_auth
;
2712 for (i
= 0; i
< 2; i
++) {
2716 memcpy(sm
->GNonce
, sm
->Counter
, WPA_NONCE_LEN
);
2717 inc_byte_array(sm
->Counter
, WPA_NONCE_LEN
);
2718 wpa_gmk_to_gtk(hapd
, sm
->GMK
, hapd
->own_addr
, sm
->GNonce
,
2719 sm
->GTK
[sm
->GN
- 1], sm
->GTK_len
);
2724 static const char * wpa_bool_txt(int bool)
2726 return bool ? "TRUE" : "FALSE";
2730 static int wpa_cipher_bits(int cipher
)
2733 case WPA_CIPHER_CCMP
:
2735 case WPA_CIPHER_TKIP
:
2737 case WPA_CIPHER_WEP104
:
2739 case WPA_CIPHER_WEP40
:
2747 #define RSN_SUITE "%02x-%02x-%02x-%d"
2748 #define RSN_SUITE_ARG(s) (s)[0], (s)[1], (s)[2], (s)[3]
2750 int wpa_get_mib(struct hostapd_data
*hapd
, char *buf
, size_t buflen
)
2753 char pmkid_txt
[PMKID_LEN
* 2 + 1], *pos
;
2755 len
+= snprintf(buf
+ len
, buflen
- len
,
2756 "dot11RSNAOptionImplemented=TRUE\n"
2757 "dot11RSNAPreauthenticationImplemented=TRUE\n"
2758 "dot11RSNAEnabled=%s\n"
2759 "dot11RSNAPreauthenticationEnabled=%s\n",
2760 wpa_bool_txt(hapd
->conf
->wpa
&
2761 HOSTAPD_WPA_VERSION_WPA2
),
2762 wpa_bool_txt(hapd
->conf
->rsn_preauth
));
2764 if (hapd
->wpa_auth
== NULL
)
2768 for (i
= 0; i
< PMKID_LEN
; i
++) {
2769 pos
+= sprintf(pos
, "%02x",
2770 hapd
->wpa_auth
->dot11RSNAPMKIDUsed
[i
]);
2773 len
+= snprintf(buf
+ len
, buflen
- len
,
2774 "dot11RSNAConfigVersion=%u\n"
2775 "dot11RSNAConfigPairwiseKeysSupported=9999\n"
2776 /* FIX: dot11RSNAConfigGroupCipher */
2777 /* FIX: dot11RSNAConfigGroupRekeyMethod */
2778 /* FIX: dot11RSNAConfigGroupRekeyTime */
2779 /* FIX: dot11RSNAConfigGroupRekeyPackets */
2780 "dot11RSNAConfigGroupRekeyStrict=%u\n"
2781 "dot11RSNAConfigGroupUpdateCount=%u\n"
2782 "dot11RSNAConfigPairwiseUpdateCount=%u\n"
2783 "dot11RSNAConfigGroupCipherSize=%u\n"
2784 "dot11RSNAConfigPMKLifetime=%u\n"
2785 "dot11RSNAConfigPMKReauthThreshold=%u\n"
2786 "dot11RSNAConfigNumberOfPTKSAReplayCounters=0\n"
2787 "dot11RSNAConfigSATimeout=%u\n"
2788 "dot11RSNAAuthenticationSuiteSelected=" RSN_SUITE
"\n"
2789 "dot11RSNAPairwiseCipherSelected=" RSN_SUITE
"\n"
2790 "dot11RSNAGroupCipherSelected=" RSN_SUITE
"\n"
2791 "dot11RSNAPMKIDUsed=%s\n"
2792 "dot11RSNAAuthenticationSuiteRequested=" RSN_SUITE
"\n"
2793 "dot11RSNAPairwiseCipherRequested=" RSN_SUITE
"\n"
2794 "dot11RSNAGroupCipherRequested=" RSN_SUITE
"\n"
2795 "dot11RSNATKIPCounterMeasuresInvoked=%u\n"
2796 "dot11RSNA4WayHandshakeFailures=%u\n"
2797 "dot11RSNAConfigNumberOfGTKSAReplayCounters=0\n",
2799 !!hapd
->conf
->wpa_strict_rekey
,
2800 dot11RSNAConfigGroupUpdateCount
,
2801 dot11RSNAConfigPairwiseUpdateCount
,
2802 wpa_cipher_bits(hapd
->conf
->wpa_group
),
2803 dot11RSNAConfigPMKLifetime
,
2804 dot11RSNAConfigPMKReauthThreshold
,
2805 dot11RSNAConfigSATimeout
,
2806 RSN_SUITE_ARG(hapd
->wpa_auth
->
2807 dot11RSNAAuthenticationSuiteSelected
),
2808 RSN_SUITE_ARG(hapd
->wpa_auth
->
2809 dot11RSNAPairwiseCipherSelected
),
2810 RSN_SUITE_ARG(hapd
->wpa_auth
->
2811 dot11RSNAGroupCipherSelected
),
2813 RSN_SUITE_ARG(hapd
->wpa_auth
->
2814 dot11RSNAAuthenticationSuiteRequested
),
2815 RSN_SUITE_ARG(hapd
->wpa_auth
->
2816 dot11RSNAPairwiseCipherRequested
),
2817 RSN_SUITE_ARG(hapd
->wpa_auth
->
2818 dot11RSNAGroupCipherRequested
),
2819 hapd
->wpa_auth
->dot11RSNATKIPCounterMeasuresInvoked
,
2820 hapd
->wpa_auth
->dot11RSNA4WayHandshakeFailures
);
2822 /* TODO: dot11RSNAConfigPairwiseCiphersTable */
2823 /* TODO: dot11RSNAConfigAuthenticationSuitesTable */
2826 len
+= snprintf(buf
+ len
, buflen
- len
,
2827 "hostapdWPAGroupState=%d\n",
2828 hapd
->wpa_auth
->wpa_group_state
);
2834 int wpa_get_mib_sta(struct hostapd_data
*hapd
, struct sta_info
*sta
,
2835 char *buf
, size_t buflen
)
2838 u8 not_used
[4] = { 0, 0, 0, 0 };
2839 const u8
*pairwise
= not_used
;
2841 /* TODO: FF-FF-FF-FF-FF-FF entry for broadcast/multicast stats */
2843 /* dot11RSNAStatsEntry */
2845 if (sta
->wpa
== WPA_VERSION_WPA
) {
2846 if (sta
->pairwise
== WPA_CIPHER_CCMP
)
2847 pairwise
= WPA_CIPHER_SUITE_CCMP
;
2848 else if (sta
->pairwise
== WPA_CIPHER_TKIP
)
2849 pairwise
= WPA_CIPHER_SUITE_TKIP
;
2850 else if (sta
->pairwise
== WPA_CIPHER_WEP104
)
2851 pairwise
= WPA_CIPHER_SUITE_WEP104
;
2852 else if (sta
->pairwise
== WPA_CIPHER_WEP40
)
2853 pairwise
= WPA_CIPHER_SUITE_WEP40
;
2854 else if (sta
->pairwise
== WPA_CIPHER_NONE
)
2855 pairwise
= WPA_CIPHER_SUITE_NONE
;
2856 } else if (sta
->wpa
== WPA_VERSION_WPA2
) {
2857 if (sta
->pairwise
== WPA_CIPHER_CCMP
)
2858 pairwise
= RSN_CIPHER_SUITE_CCMP
;
2859 else if (sta
->pairwise
== WPA_CIPHER_TKIP
)
2860 pairwise
= RSN_CIPHER_SUITE_TKIP
;
2861 else if (sta
->pairwise
== WPA_CIPHER_WEP104
)
2862 pairwise
= RSN_CIPHER_SUITE_WEP104
;
2863 else if (sta
->pairwise
== WPA_CIPHER_WEP40
)
2864 pairwise
= RSN_CIPHER_SUITE_WEP40
;
2865 else if (sta
->pairwise
== WPA_CIPHER_NONE
)
2866 pairwise
= RSN_CIPHER_SUITE_NONE
;
2870 len
+= snprintf(buf
+ len
, buflen
- len
,
2871 /* TODO: dot11RSNAStatsIndex */
2872 "dot11RSNAStatsSTAAddress=" MACSTR
"\n"
2873 "dot11RSNAStatsVersion=1\n"
2874 "dot11RSNAStatsSelectedPairwiseCipher=" RSN_SUITE
"\n"
2875 /* TODO: dot11RSNAStatsTKIPICVErrors */
2876 "dot11RSNAStatsTKIPLocalMICFailures=%u\n"
2877 "dot11RSNAStatsTKIPRemoveMICFailures=%u\n"
2878 /* TODO: dot11RSNAStatsCCMPReplays */
2879 /* TODO: dot11RSNAStatsCCMPDecryptErrors */
2880 /* TODO: dot11RSNAStatsTKIPReplays */,
2882 RSN_SUITE_ARG(pairwise
),
2883 sta
->dot11RSNAStatsTKIPLocalMICFailures
,
2884 sta
->dot11RSNAStatsTKIPRemoteMICFailures
);
2886 if (sta
->wpa_sm
== NULL
)
2890 len
+= snprintf(buf
+ len
, buflen
- len
,
2891 "hostapdWPAPTKState=%d\n"
2892 "hostapdWPAPTKGroupState=%d\n",
2893 sta
->wpa_sm
->wpa_ptk_state
,
2894 sta
->wpa_sm
->wpa_ptk_group_state
);