4 #define WPA_NONCE_LEN 32
5 #define WPA_PMK_LEN PMK_LEN
6 #define WPA_REPLAY_COUNTER_LEN 8
8 #define WPA_GTK_MAX_LEN 32
9 #define WPA_KEY_RSC_LEN 8
12 struct rsn_pmksa_cache
{
13 struct rsn_pmksa_cache
*next
, *hnext
;
17 int akmp
; /* WPA_KEY_MGMT_* */
21 struct radius_class_data radius_class
;
24 struct rsn_preauth_interface
{
25 struct rsn_preauth_interface
*next
;
26 struct hostapd_data
*hapd
;
27 struct l2_packet_data
*l2
;
32 struct wpa_eapol_key
{
36 u8 replay_counter
[WPA_REPLAY_COUNTER_LEN
];
37 u8 key_nonce
[WPA_NONCE_LEN
];
39 u8 key_rsc
[WPA_KEY_RSC_LEN
];
40 u8 key_id
[8]; /* Reserved */
43 /* followed by key_data_length bytes of key_data */
44 } __attribute__ ((packed
));
46 #define WPA_KEY_INFO_TYPE_MASK (BIT(0) | BIT(1) | BIT(2))
47 #define WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 BIT(0)
48 #define WPA_KEY_INFO_TYPE_HMAC_SHA1_AES BIT(1)
49 #define WPA_KEY_INFO_KEY_TYPE BIT(3) /* 1 = Pairwise, 0 = Group key */
50 /* bit4..5 is used in WPA, but is reserved in IEEE 802.11i/RSN */
51 #define WPA_KEY_INFO_KEY_INDEX_MASK (BIT(4) | BIT(5))
52 #define WPA_KEY_INFO_KEY_INDEX_SHIFT 4
53 #define WPA_KEY_INFO_INSTALL BIT(6) /* pairwise */
54 #define WPA_KEY_INFO_TXRX BIT(6) /* group */
55 #define WPA_KEY_INFO_ACK BIT(7)
56 #define WPA_KEY_INFO_MIC BIT(8)
57 #define WPA_KEY_INFO_SECURE BIT(9)
58 #define WPA_KEY_INFO_ERROR BIT(10)
59 #define WPA_KEY_INFO_REQUEST BIT(11)
60 #define WPA_KEY_INFO_ENCR_KEY_DATA BIT(12)
63 /* per STA state machine data */
66 u8 mic_key
[16]; /* EAPOL-Key MIC Key (MK) */
67 u8 encr_key
[16]; /* EAPOL-Key Encryption Key (EK) */
68 u8 tk1
[16]; /* Temporal Key 1 (TK1) */
70 u8 tk2
[16]; /* Temporal Key 2 (TK2) */
76 } __attribute__ ((packed
));
78 struct wpa_state_machine
{
79 struct hostapd_data
*hapd
;
83 WPA_PTK_INITIALIZE
, WPA_PTK_DISCONNECT
, WPA_PTK_DISCONNECTED
,
84 WPA_PTK_AUTHENTICATION
, WPA_PTK_AUTHENTICATION2
,
85 WPA_PTK_INITPMK
, WPA_PTK_INITPSK
, WPA_PTK_PTKSTART
,
86 WPA_PTK_PTKCALCNEGOTIATING
, WPA_PTK_PTKCALCNEGOTIATING2
,
87 WPA_PTK_PTKINITNEGOTIATING
, WPA_PTK_PTKINITDONE
91 WPA_PTK_GROUP_IDLE
= 0,
92 WPA_PTK_GROUP_REKEYNEGOTIATING
,
93 WPA_PTK_GROUP_REKEYESTABLISHED
,
94 WPA_PTK_GROUP_KEYERROR
95 } wpa_ptk_group_state
;
98 Boolean DeauthenticationRequest
;
99 Boolean AuthenticationRequest
;
100 Boolean ReAuthenticationRequest
;
105 Boolean EAPOLKeyReceived
;
106 Boolean EAPOLKeyPairwise
;
107 Boolean EAPOLKeyRequest
;
109 Boolean GUpdateStationKeys
;
110 u8 ANonce
[WPA_NONCE_LEN
];
111 u8 SNonce
[WPA_NONCE_LEN
];
115 Boolean pairwise_set
;
118 u8 key_replay_counter
[WPA_REPLAY_COUNTER_LEN
];
119 Boolean key_replay_counter_valid
;
120 Boolean PInitAKeys
; /* WPA only, not in IEEE 802.11i/D8 */
121 Boolean PTKRequest
; /* not in IEEE 802.11i state machine */
124 u8
*last_rx_eapol_key
; /* starting from IEEE 802.1X header */
125 size_t last_rx_eapol_key_len
;
130 /* per authenticator data */
131 struct wpa_authenticator
{
134 int GKeyDoneStations
;
138 Boolean GTKAuthenticator
;
139 u8 Counter
[WPA_NONCE_LEN
];
142 WPA_GROUP_GTK_INIT
= 0,
143 WPA_GROUP_SETKEYS
, WPA_GROUP_SETKEYSDONE
147 u8 GTK
[2][WPA_GTK_MAX_LEN
];
148 u8 GNonce
[WPA_NONCE_LEN
];
151 unsigned int dot11RSNAStatsTKIPRemoteMICFailures
;
152 u8 dot11RSNAAuthenticationSuiteSelected
[4];
153 u8 dot11RSNAPairwiseCipherSelected
[4];
154 u8 dot11RSNAGroupCipherSelected
[4];
155 u8 dot11RSNAPMKIDUsed
[PMKID_LEN
];
156 u8 dot11RSNAAuthenticationSuiteRequested
[4]; /* FIX: update */
157 u8 dot11RSNAPairwiseCipherRequested
[4]; /* FIX: update */
158 u8 dot11RSNAGroupCipherRequested
[4]; /* FIX: update */
159 unsigned int dot11RSNATKIPCounterMeasuresInvoked
;
160 unsigned int dot11RSNA4WayHandshakeFailures
;
164 int wpa_init(struct hostapd_data
*hapd
);
165 void wpa_deinit(struct hostapd_data
*hapd
);
168 WPA_IE_OK
, WPA_INVALID_IE
, WPA_INVALID_GROUP
, WPA_INVALID_PAIRWISE
,
172 int wpa_validate_wpa_ie(struct hostapd_data
*hapd
, struct sta_info
*sta
,
173 const u8
*wpa_ie
, size_t wpa_ie_len
, int version
);
174 void wpa_new_station(struct hostapd_data
*hapd
, struct sta_info
*sta
);
175 void wpa_free_station(struct sta_info
*sta
);
176 void wpa_receive(struct hostapd_data
*hapd
, struct sta_info
*sta
,
177 u8
*data
, size_t data_len
);
179 WPA_AUTH
, WPA_ASSOC
, WPA_DISASSOC
, WPA_DEAUTH
, WPA_REAUTH
,
182 void wpa_sm_event(struct hostapd_data
*hapd
, struct sta_info
*sta
,
184 void wpa_sm_notify(struct hostapd_data
*hapd
, struct sta_info
*sta
);
185 void pmksa_cache_add(struct hostapd_data
*hapd
, struct sta_info
*sta
, u8
*pmk
,
186 int session_timeout
);
187 void rsn_preauth_finished(struct hostapd_data
*hapd
, struct sta_info
*sta
,
189 void rsn_preauth_send(struct hostapd_data
*hapd
, struct sta_info
*sta
,
190 u8
*buf
, size_t len
);
191 void wpa_gtk_rekey(struct hostapd_data
*hapd
);
192 int wpa_get_mib(struct hostapd_data
*hapd
, char *buf
, size_t buflen
);
193 int wpa_get_mib_sta(struct hostapd_data
*hapd
, struct sta_info
*sta
,
194 char *buf
, size_t buflen
);