Lines Matching refs:sm
91 int wpa_eapol_key_send(struct wpa_sm *sm, struct wpa_ptk *ptk, in wpa_eapol_key_send() argument
96 size_t mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); in wpa_eapol_key_send()
100 MAC2STR(dest), ver, (int) mic_len, sm->key_mgmt); in wpa_eapol_key_send()
101 if (is_zero_ether_addr(dest) && is_zero_ether_addr(sm->bssid)) { in wpa_eapol_key_send()
106 if (wpa_sm_get_bssid(sm, sm->bssid) < 0) { in wpa_eapol_key_send()
107 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_eapol_key_send()
111 dest = sm->bssid; in wpa_eapol_key_send()
112 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_eapol_key_send()
124 wpa_eapol_key_mic(ptk->kck, ptk->kck_len, sm->key_mgmt, ver, in wpa_eapol_key_send()
126 wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, in wpa_eapol_key_send()
128 ver, sm->key_mgmt); in wpa_eapol_key_send()
202 ret = wpa_sm_ether_send(sm, dest, proto, msg, msg_len); in wpa_eapol_key_send()
203 eapol_sm_notify_tx_eapol_key(sm->eapol); in wpa_eapol_key_send()
220 void wpa_sm_key_request(struct wpa_sm *sm, int error, int pairwise) in wpa_sm_key_request() argument
227 if (pairwise && sm->wpa_deny_ptk0_rekey && !sm->use_ext_key_id && in wpa_sm_key_request()
228 wpa_sm_get_state(sm) == WPA_COMPLETED && !error) { in wpa_sm_key_request()
229 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_key_request()
231 wpa_sm_reconnect(sm); in wpa_sm_key_request()
235 if (!sm->ptk_set) { in wpa_sm_key_request()
241 if (wpa_use_akm_defined(sm->key_mgmt)) in wpa_sm_key_request()
243 else if (wpa_key_mgmt_ft(sm->key_mgmt) || in wpa_sm_key_request()
244 wpa_key_mgmt_sha256(sm->key_mgmt)) in wpa_sm_key_request()
246 else if (sm->pairwise_cipher != WPA_CIPHER_TKIP) in wpa_sm_key_request()
251 mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); in wpa_sm_key_request()
253 rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL, in wpa_sm_key_request()
258 reply->type = (sm->proto == WPA_PROTO_RSN || in wpa_sm_key_request()
259 sm->proto == WPA_PROTO_OSEN) ? in wpa_sm_key_request()
273 os_memcpy(reply->replay_counter, sm->request_counter, in wpa_sm_key_request()
275 inc_byte_array(sm->request_counter, WPA_REPLAY_COUNTER_LEN); in wpa_sm_key_request()
284 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_key_request()
287 error, pairwise, sm->ptk_set, (unsigned long) rlen); in wpa_sm_key_request()
288 wpa_eapol_key_send(sm, &sm->ptk, ver, wpa_sm_get_auth_addr(sm), in wpa_sm_key_request()
293 static void wpa_supplicant_key_mgmt_set_pmk(struct wpa_sm *sm) in wpa_supplicant_key_mgmt_set_pmk() argument
296 if (sm->key_mgmt == WPA_KEY_MGMT_FT_IEEE8021X) { in wpa_supplicant_key_mgmt_set_pmk()
297 if (wpa_sm_key_mgmt_set_pmk(sm, sm->xxkey, sm->xxkey_len)) in wpa_supplicant_key_mgmt_set_pmk()
298 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_key_mgmt_set_pmk()
302 if (wpa_sm_key_mgmt_set_pmk(sm, sm->pmk, sm->pmk_len)) in wpa_supplicant_key_mgmt_set_pmk()
303 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_key_mgmt_set_pmk()
311 static int wpa_supplicant_get_pmk(struct wpa_sm *sm, in wpa_supplicant_get_pmk() argument
317 if (pmkid && !sm->cur_pmksa) { in wpa_supplicant_get_pmk()
322 sm->cur_pmksa = pmksa_cache_get(sm->pmksa, src_addr, in wpa_supplicant_get_pmk()
323 sm->own_addr, pmkid, in wpa_supplicant_get_pmk()
325 if (sm->cur_pmksa) { in wpa_supplicant_get_pmk()
326 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_get_pmk()
329 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_get_pmk()
335 if (pmkid && sm->cur_pmksa && in wpa_supplicant_get_pmk()
336 os_memcmp_const(pmkid, sm->cur_pmksa->pmkid, PMKID_LEN) == 0) { in wpa_supplicant_get_pmk()
338 wpa_sm_set_pmk_from_pmksa(sm); in wpa_supplicant_get_pmk()
340 sm->pmk, sm->pmk_len); in wpa_supplicant_get_pmk()
341 eapol_sm_notify_cached(sm->eapol); in wpa_supplicant_get_pmk()
343 sm->xxkey_len = 0; in wpa_supplicant_get_pmk()
345 if ((sm->key_mgmt == WPA_KEY_MGMT_FT_SAE || in wpa_supplicant_get_pmk()
346 sm->key_mgmt == WPA_KEY_MGMT_FT_SAE_EXT_KEY) && in wpa_supplicant_get_pmk()
347 sm->pmk_len == PMK_LEN) { in wpa_supplicant_get_pmk()
353 os_memcpy(sm->xxkey, sm->pmk, sm->pmk_len); in wpa_supplicant_get_pmk()
354 sm->xxkey_len = sm->pmk_len; in wpa_supplicant_get_pmk()
358 } else if (wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt) && sm->eapol) { in wpa_supplicant_get_pmk()
364 if (wpa_key_mgmt_sha384(sm->key_mgmt)) in wpa_supplicant_get_pmk()
368 res = eapol_sm_get_key(sm->eapol, sm->pmk, pmk_len); in wpa_supplicant_get_pmk()
375 res = eapol_sm_get_key(sm->eapol, sm->pmk, 16); in wpa_supplicant_get_pmk()
381 eapol_sm_get_key(sm->eapol, buf, 2 * PMK_LEN) == 0) { in wpa_supplicant_get_pmk()
382 if (wpa_key_mgmt_sha384(sm->key_mgmt)) { in wpa_supplicant_get_pmk()
383 os_memcpy(sm->xxkey, buf, SHA384_MAC_LEN); in wpa_supplicant_get_pmk()
384 sm->xxkey_len = SHA384_MAC_LEN; in wpa_supplicant_get_pmk()
386 os_memcpy(sm->xxkey, buf + PMK_LEN, PMK_LEN); in wpa_supplicant_get_pmk()
387 sm->xxkey_len = PMK_LEN; in wpa_supplicant_get_pmk()
390 if (sm->proto == WPA_PROTO_RSN && in wpa_supplicant_get_pmk()
391 wpa_key_mgmt_ft(sm->key_mgmt)) { in wpa_supplicant_get_pmk()
396 if (sm->fils_cache_id_set) in wpa_supplicant_get_pmk()
397 fils_cache_id = sm->fils_cache_id; in wpa_supplicant_get_pmk()
401 sm->xxkey, sm->xxkey_len); in wpa_supplicant_get_pmk()
402 sa = pmksa_cache_add(sm->pmksa, in wpa_supplicant_get_pmk()
403 sm->xxkey, sm->xxkey_len, in wpa_supplicant_get_pmk()
405 src_addr, sm->own_addr, in wpa_supplicant_get_pmk()
406 sm->network_ctx, in wpa_supplicant_get_pmk()
407 sm->key_mgmt, in wpa_supplicant_get_pmk()
409 if (!sm->cur_pmksa) in wpa_supplicant_get_pmk()
410 sm->cur_pmksa = sa; in wpa_supplicant_get_pmk()
419 if (sm->fils_cache_id_set) in wpa_supplicant_get_pmk()
420 fils_cache_id = sm->fils_cache_id; in wpa_supplicant_get_pmk()
424 "machines", sm->pmk, pmk_len); in wpa_supplicant_get_pmk()
425 sm->pmk_len = pmk_len; in wpa_supplicant_get_pmk()
426 wpa_supplicant_key_mgmt_set_pmk(sm); in wpa_supplicant_get_pmk()
427 if (sm->proto == WPA_PROTO_RSN && in wpa_supplicant_get_pmk()
428 !wpa_key_mgmt_suite_b(sm->key_mgmt) && in wpa_supplicant_get_pmk()
429 !wpa_key_mgmt_ft(sm->key_mgmt)) { in wpa_supplicant_get_pmk()
430 sa = pmksa_cache_add(sm->pmksa, in wpa_supplicant_get_pmk()
431 sm->pmk, pmk_len, NULL, in wpa_supplicant_get_pmk()
433 src_addr, sm->own_addr, in wpa_supplicant_get_pmk()
434 sm->network_ctx, in wpa_supplicant_get_pmk()
435 sm->key_mgmt, in wpa_supplicant_get_pmk()
438 if (!sm->cur_pmksa && pmkid && in wpa_supplicant_get_pmk()
439 pmksa_cache_get(sm->pmksa, src_addr, sm->own_addr, in wpa_supplicant_get_pmk()
441 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_get_pmk()
445 } else if (sa && !sm->cur_pmksa && pmkid) { in wpa_supplicant_get_pmk()
453 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_get_pmk()
458 if (!sm->cur_pmksa) in wpa_supplicant_get_pmk()
459 sm->cur_pmksa = sa; in wpa_supplicant_get_pmk()
461 } else if (wpa_key_mgmt_ft(sm->key_mgmt) && sm->ft_protocol) { in wpa_supplicant_get_pmk()
466 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_get_pmk()
470 if (sm->cur_pmksa) { in wpa_supplicant_get_pmk()
471 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_get_pmk()
474 sm->cur_pmksa = NULL; in wpa_supplicant_get_pmk()
482 if (abort_cached && wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt) && in wpa_supplicant_get_pmk()
483 !wpa_key_mgmt_suite_b(sm->key_mgmt) && in wpa_supplicant_get_pmk()
484 !wpa_key_mgmt_ft(sm->key_mgmt) && sm->key_mgmt != WPA_KEY_MGMT_OSEN) in wpa_supplicant_get_pmk()
490 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_get_pmk()
493 buf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_START, in wpa_supplicant_get_pmk()
498 eapol_sm_notify_eap_fail(sm->eapol, true); in wpa_supplicant_get_pmk()
499 eapol_sm_notify_eap_fail(sm->eapol, false); in wpa_supplicant_get_pmk()
500 wpa_sm_ether_send(sm, sm->bssid, ETH_P_EAPOL, in wpa_supplicant_get_pmk()
525 int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst, in wpa_supplicant_send_2_of_4() argument
541 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: No wpa_ie set - " in wpa_supplicant_send_2_of_4()
547 if (wpa_key_mgmt_ft(sm->key_mgmt)) { in wpa_supplicant_send_2_of_4()
557 sm->assoc_resp_ies_len); in wpa_supplicant_send_2_of_4()
562 sm->pmk_r1_name, !sm->ft_prepend_pmkid); in wpa_supplicant_send_2_of_4()
571 if (sm->assoc_resp_ies) { in wpa_supplicant_send_2_of_4()
573 sm->assoc_resp_ies, in wpa_supplicant_send_2_of_4()
574 sm->assoc_resp_ies_len); in wpa_supplicant_send_2_of_4()
575 os_memcpy(rsn_ie_buf + wpa_ie_len, sm->assoc_resp_ies, in wpa_supplicant_send_2_of_4()
576 sm->assoc_resp_ies_len); in wpa_supplicant_send_2_of_4()
577 wpa_ie_len += sm->assoc_resp_ies_len; in wpa_supplicant_send_2_of_4()
584 if (sm->rsn_override != RSN_OVERRIDE_NOT_USED) { in wpa_supplicant_send_2_of_4()
598 if (sm->rsn_override == RSN_OVERRIDE_RSNE) { in wpa_supplicant_send_2_of_4()
600 } else if (sm->rsn_override == RSN_OVERRIDE_RSNE_OVERRIDE) { in wpa_supplicant_send_2_of_4()
602 } else if (sm->rsn_override == RSN_OVERRIDE_RSNE_OVERRIDE_2) { in wpa_supplicant_send_2_of_4()
618 if (sm->test_eapol_m2_elems) in wpa_supplicant_send_2_of_4()
619 extra_len = wpabuf_len(sm->test_eapol_m2_elems); in wpa_supplicant_send_2_of_4()
620 if (sm->encrypt_eapol_m2) { in wpa_supplicant_send_2_of_4()
628 mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); in wpa_supplicant_send_2_of_4()
630 rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, in wpa_supplicant_send_2_of_4()
639 reply->type = (sm->proto == WPA_PROTO_RSN || in wpa_supplicant_send_2_of_4()
640 sm->proto == WPA_PROTO_OSEN) ? in wpa_supplicant_send_2_of_4()
643 if (sm->ptk_set && sm->proto != WPA_PROTO_WPA) in wpa_supplicant_send_2_of_4()
650 if (sm->encrypt_eapol_m2) in wpa_supplicant_send_2_of_4()
654 if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) in wpa_supplicant_send_2_of_4()
670 if (sm->test_eapol_m2_elems) { in wpa_supplicant_send_2_of_4()
672 wpabuf_head(sm->test_eapol_m2_elems), in wpa_supplicant_send_2_of_4()
673 wpabuf_len(sm->test_eapol_m2_elems)); in wpa_supplicant_send_2_of_4()
676 if (sm->encrypt_eapol_m2) { in wpa_supplicant_send_2_of_4()
680 if (sm->test_eapol_m2_elems) in wpa_supplicant_send_2_of_4()
681 extra_len = wpabuf_len(sm->test_eapol_m2_elems); in wpa_supplicant_send_2_of_4()
710 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Sending EAPOL-Key 2/4"); in wpa_supplicant_send_2_of_4()
711 return wpa_eapol_key_send(sm, ptk, ver, dst, ETH_P_EAPOL, rbuf, rlen, in wpa_supplicant_send_2_of_4()
716 static int wpa_derive_ptk(struct wpa_sm *sm, const unsigned char *src_addr, in wpa_derive_ptk() argument
725 if (wpa_key_mgmt_ft(sm->key_mgmt)) in wpa_derive_ptk()
726 return wpa_derive_ptk_ft(sm, src_addr, key, ptk); in wpa_derive_ptk()
730 if (sm->key_mgmt == WPA_KEY_MGMT_DPP && sm->dpp_z) { in wpa_derive_ptk()
731 z = wpabuf_head(sm->dpp_z); in wpa_derive_ptk()
732 z_len = wpabuf_len(sm->dpp_z); in wpa_derive_ptk()
736 akmp = sm->key_mgmt; in wpa_derive_ptk()
738 if (sm->owe_ptk_workaround && akmp == WPA_KEY_MGMT_OWE && in wpa_derive_ptk()
739 sm->pmk_len > 32) { in wpa_derive_ptk()
746 if (sm->force_kdk_derivation || in wpa_derive_ptk()
747 (sm->secure_ltf && in wpa_derive_ptk()
748 ieee802_11_rsnx_capab(sm->ap_rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF))) in wpa_derive_ptk()
753 ret = wpa_pmk_to_ptk(sm->pmk, sm->pmk_len, "Pairwise key expansion", in wpa_derive_ptk()
754 sm->own_addr, wpa_sm_get_auth_addr(sm), sm->snonce, in wpa_derive_ptk()
756 sm->pairwise_cipher, z, z_len, in wpa_derive_ptk()
764 if (sm->secure_ltf && in wpa_derive_ptk()
765 ieee802_11_rsnx_capab(sm->ap_rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF)) in wpa_derive_ptk()
766 ret = wpa_ltf_keyseed(ptk, akmp, sm->pairwise_cipher); in wpa_derive_ptk()
773 static int wpa_handle_ext_key_id(struct wpa_sm *sm, in wpa_handle_ext_key_id() argument
776 if (sm->ext_key_id) { in wpa_handle_ext_key_id()
780 wpa_msg(sm->ctx->msg_ctx, in wpa_handle_ext_key_id()
781 sm->use_ext_key_id ? MSG_INFO : MSG_DEBUG, in wpa_handle_ext_key_id()
783 sm->keyidx_active = 0; in wpa_handle_ext_key_id()
784 return sm->use_ext_key_id ? -1 : 0; in wpa_handle_ext_key_id()
789 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_handle_ext_key_id()
793 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_handle_ext_key_id()
795 sm->keyidx_active = key_id; in wpa_handle_ext_key_id()
796 sm->use_ext_key_id = 1; in wpa_handle_ext_key_id()
799 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_handle_ext_key_id()
807 wpa_msg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_handle_ext_key_id()
810 sm->keyidx_active = 0; in wpa_handle_ext_key_id()
811 sm->use_ext_key_id = 0; in wpa_handle_ext_key_id()
831 static size_t wpa_mlo_link_kde_len(struct wpa_sm *sm) in wpa_mlo_link_kde_len() argument
836 for_each_link(sm->mlo.req_links, i) { in wpa_mlo_link_kde_len()
837 if (sm->mlo.assoc_link_id != i) in wpa_mlo_link_kde_len()
845 static u8 * wpa_mlo_link_kde(struct wpa_sm *sm, u8 *pos) in wpa_mlo_link_kde() argument
850 for_each_link(sm->mlo.req_links, i) { in wpa_mlo_link_kde()
851 if (sm->mlo.assoc_link_id == i) in wpa_mlo_link_kde()
857 os_memcpy(&hdr[1], sm->mlo.links[i].addr, ETH_ALEN); in wpa_mlo_link_kde()
865 static bool is_valid_ap_mld_mac_kde(struct wpa_sm *sm, const u8 *mac_kde) in is_valid_ap_mld_mac_kde() argument
868 ether_addr_equal(mac_kde, sm->mlo.ap_mld_addr); in is_valid_ap_mld_mac_kde()
884 static void wpa_supplicant_process_1_of_4_wpa(struct wpa_sm *sm, in wpa_supplicant_process_1_of_4_wpa() argument
895 if (wpa_sm_get_network_ctx(sm) == NULL) { in wpa_supplicant_process_1_of_4_wpa()
896 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_4_wpa()
901 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_process_1_of_4_wpa()
907 res = wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid); in wpa_supplicant_process_1_of_4_wpa()
909 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_process_1_of_4_wpa()
916 wpa_sm_set_state(sm, WPA_4WAY_HANDSHAKE); in wpa_supplicant_process_1_of_4_wpa()
918 if (sm->renew_snonce) { in wpa_supplicant_process_1_of_4_wpa()
919 if (random_get_bytes(sm->snonce, WPA_NONCE_LEN)) { in wpa_supplicant_process_1_of_4_wpa()
920 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_4_wpa()
924 sm->renew_snonce = 0; in wpa_supplicant_process_1_of_4_wpa()
926 sm->snonce, WPA_NONCE_LEN); in wpa_supplicant_process_1_of_4_wpa()
931 ptk = &sm->tptk; in wpa_supplicant_process_1_of_4_wpa()
932 if (wpa_derive_ptk(sm, src_addr, key, ptk) < 0) in wpa_supplicant_process_1_of_4_wpa()
934 if (sm->pairwise_cipher == WPA_CIPHER_TKIP) in wpa_supplicant_process_1_of_4_wpa()
936 sm->tptk_set = 1; in wpa_supplicant_process_1_of_4_wpa()
938 if (wpa_supplicant_send_2_of_4(sm, wpa_sm_get_auth_addr(sm), key, ver, in wpa_supplicant_process_1_of_4_wpa()
939 sm->snonce, sm->assoc_wpa_ie, in wpa_supplicant_process_1_of_4_wpa()
940 sm->assoc_wpa_ie_len, ptk) < 0) in wpa_supplicant_process_1_of_4_wpa()
943 os_memcpy(sm->anonce, key->key_nonce, WPA_NONCE_LEN); in wpa_supplicant_process_1_of_4_wpa()
947 wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED); in wpa_supplicant_process_1_of_4_wpa()
951 static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, in wpa_supplicant_process_1_of_4() argument
965 if (encrypted == FRAME_NOT_ENCRYPTED && sm->tk_set && in wpa_supplicant_process_1_of_4()
966 wpa_sm_pmf_enabled(sm)) { in wpa_supplicant_process_1_of_4()
972 if (wpa_sm_get_network_ctx(sm) == NULL) { in wpa_supplicant_process_1_of_4()
973 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: No SSID info " in wpa_supplicant_process_1_of_4()
978 if (sm->wpa_deny_ptk0_rekey && !sm->use_ext_key_id && in wpa_supplicant_process_1_of_4()
979 wpa_sm_get_state(sm) == WPA_COMPLETED) { in wpa_supplicant_process_1_of_4()
980 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_4()
982 wpa_sm_reconnect(sm); in wpa_supplicant_process_1_of_4()
986 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: RX message 1 of 4-Way " in wpa_supplicant_process_1_of_4()
1003 if (sm->mlo.valid_links && !is_valid_ap_mld_mac_kde(sm, ie.mac_addr)) { in wpa_supplicant_process_1_of_4()
1009 res = wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid); in wpa_supplicant_process_1_of_4()
1011 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "RSN: Do not reply to " in wpa_supplicant_process_1_of_4()
1018 wpa_sm_set_state(sm, WPA_4WAY_HANDSHAKE); in wpa_supplicant_process_1_of_4()
1020 if (sm->renew_snonce) { in wpa_supplicant_process_1_of_4()
1021 if (random_get_bytes(sm->snonce, WPA_NONCE_LEN)) { in wpa_supplicant_process_1_of_4()
1022 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_4()
1026 if (wpa_sm_rsn_overriding_supported(sm)) in wpa_supplicant_process_1_of_4()
1027 rsn_set_snonce_cookie(sm->snonce); in wpa_supplicant_process_1_of_4()
1028 sm->renew_snonce = 0; in wpa_supplicant_process_1_of_4()
1030 sm->snonce, WPA_NONCE_LEN); in wpa_supplicant_process_1_of_4()
1035 ptk = &sm->tptk; in wpa_supplicant_process_1_of_4()
1036 if (wpa_derive_ptk(sm, src_addr, key, ptk) < 0) in wpa_supplicant_process_1_of_4()
1038 if (sm->pairwise_cipher == WPA_CIPHER_TKIP) in wpa_supplicant_process_1_of_4()
1040 sm->tptk_set = 1; in wpa_supplicant_process_1_of_4()
1043 if (sm->mlo.valid_links) in wpa_supplicant_process_1_of_4()
1044 mlo_kde_len = wpa_mlo_link_kde_len(sm) + in wpa_supplicant_process_1_of_4()
1047 kde = sm->assoc_wpa_ie; in wpa_supplicant_process_1_of_4()
1048 kde_len = sm->assoc_wpa_ie_len; in wpa_supplicant_process_1_of_4()
1051 sm->assoc_rsnxe_len + in wpa_supplicant_process_1_of_4()
1061 if (wpa_sm_ocv_enabled(sm)) { in wpa_supplicant_process_1_of_4()
1066 if (wpa_sm_channel_info(sm, &ci) != 0) { in wpa_supplicant_process_1_of_4()
1072 if (sm->oci_freq_override_eapol) { in wpa_supplicant_process_1_of_4()
1075 ci.frequency, sm->oci_freq_override_eapol); in wpa_supplicant_process_1_of_4()
1076 ci.frequency = sm->oci_freq_override_eapol; in wpa_supplicant_process_1_of_4()
1086 if (sm->assoc_rsnxe && sm->assoc_rsnxe_len) { in wpa_supplicant_process_1_of_4()
1087 os_memcpy(kde + kde_len, sm->assoc_rsnxe, sm->assoc_rsnxe_len); in wpa_supplicant_process_1_of_4()
1088 kde_len += sm->assoc_rsnxe_len; in wpa_supplicant_process_1_of_4()
1092 if (sm->p2p) { in wpa_supplicant_process_1_of_4()
1108 if (DPP_VERSION > 1 && sm->key_mgmt == WPA_KEY_MGMT_DPP) { in wpa_supplicant_process_1_of_4()
1119 if (sm->dpp_pfs == 0) in wpa_supplicant_process_1_of_4()
1121 else if (sm->dpp_pfs == 1) in wpa_supplicant_process_1_of_4()
1128 if (sm->mlo.valid_links) { in wpa_supplicant_process_1_of_4()
1134 pos = rsn_add_kde(pos, RSN_KEY_DATA_MAC_ADDR, sm->own_addr, in wpa_supplicant_process_1_of_4()
1139 pos = wpa_mlo_link_kde(sm, pos); in wpa_supplicant_process_1_of_4()
1143 if (wpa_supplicant_send_2_of_4(sm, wpa_sm_get_auth_addr(sm), key, ver, in wpa_supplicant_process_1_of_4()
1144 sm->snonce, kde, kde_len, ptk) < 0) in wpa_supplicant_process_1_of_4()
1148 os_memcpy(sm->anonce, key->key_nonce, WPA_NONCE_LEN); in wpa_supplicant_process_1_of_4()
1153 wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED); in wpa_supplicant_process_1_of_4()
1159 struct wpa_sm *sm = eloop_ctx; in wpa_sm_start_preauth() local
1160 rsn_preauth_candidate_process(sm); in wpa_sm_start_preauth()
1164 static void wpa_supplicant_key_neg_complete(struct wpa_sm *sm, in wpa_supplicant_key_neg_complete() argument
1167 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_key_neg_complete()
1170 wpa_cipher_txt(sm->pairwise_cipher), in wpa_supplicant_key_neg_complete()
1171 wpa_cipher_txt(sm->group_cipher)); in wpa_supplicant_key_neg_complete()
1172 wpa_sm_cancel_auth_timeout(sm); in wpa_supplicant_key_neg_complete()
1173 wpa_sm_set_state(sm, WPA_COMPLETED); in wpa_supplicant_key_neg_complete()
1177 sm, addr, MLME_SETPROTECTION_PROTECT_TYPE_RX_TX, in wpa_supplicant_key_neg_complete()
1179 eapol_sm_notify_portValid(sm->eapol, true); in wpa_supplicant_key_neg_complete()
1180 if (wpa_key_mgmt_wpa_psk(sm->key_mgmt) || in wpa_supplicant_key_neg_complete()
1181 sm->key_mgmt == WPA_KEY_MGMT_DPP || in wpa_supplicant_key_neg_complete()
1182 sm->key_mgmt == WPA_KEY_MGMT_OWE) in wpa_supplicant_key_neg_complete()
1183 eapol_sm_notify_eap_success(sm->eapol, true); in wpa_supplicant_key_neg_complete()
1191 if (!dl_list_empty(&sm->pmksa_candidates)) in wpa_supplicant_key_neg_complete()
1193 sm, NULL); in wpa_supplicant_key_neg_complete()
1196 if (sm->cur_pmksa && sm->cur_pmksa->opportunistic) { in wpa_supplicant_key_neg_complete()
1197 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_key_neg_complete()
1200 sm->cur_pmksa->opportunistic = 0; in wpa_supplicant_key_neg_complete()
1204 if (wpa_key_mgmt_ft(sm->key_mgmt)) { in wpa_supplicant_key_neg_complete()
1206 wpa_ft_prepare_auth_request(sm, NULL); in wpa_supplicant_key_neg_complete()
1214 struct wpa_sm *sm = eloop_ctx; in wpa_sm_rekey_ptk() local
1215 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Request PTK rekeying"); in wpa_sm_rekey_ptk()
1216 wpa_sm_key_request(sm, 0, 1); in wpa_sm_rekey_ptk()
1220 static int wpa_supplicant_install_ptk(struct wpa_sm *sm, in wpa_supplicant_install_ptk() argument
1228 if (sm->ptk.installed) { in wpa_supplicant_install_ptk()
1229 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_ptk()
1234 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_ptk()
1237 if (sm->pairwise_cipher == WPA_CIPHER_NONE) { in wpa_supplicant_install_ptk()
1238 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Pairwise Cipher " in wpa_supplicant_install_ptk()
1243 if (!wpa_cipher_valid_pairwise(sm->pairwise_cipher)) { in wpa_supplicant_install_ptk()
1244 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_ptk()
1246 sm->pairwise_cipher); in wpa_supplicant_install_ptk()
1250 alg = wpa_cipher_to_alg(sm->pairwise_cipher); in wpa_supplicant_install_ptk()
1251 keylen = wpa_cipher_key_len(sm->pairwise_cipher); in wpa_supplicant_install_ptk()
1252 if (keylen <= 0 || (unsigned int) keylen != sm->ptk.tk_len) { in wpa_supplicant_install_ptk()
1254 keylen, (long unsigned int) sm->ptk.tk_len); in wpa_supplicant_install_ptk()
1257 rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher); in wpa_supplicant_install_ptk()
1259 if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) { in wpa_supplicant_install_ptk()
1266 if (wpa_sm_set_key(sm, -1, alg, wpa_sm_get_auth_addr(sm), in wpa_supplicant_install_ptk()
1267 sm->keyidx_active, 1, key_rsc, rsclen, sm->ptk.tk, in wpa_supplicant_install_ptk()
1269 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_ptk()
1272 alg, keylen, MAC2STR(wpa_sm_get_auth_addr(sm)), in wpa_supplicant_install_ptk()
1273 sm->keyidx_active, key_flag); in wpa_supplicant_install_ptk()
1278 if (sm->secure_ltf && in wpa_supplicant_install_ptk()
1279 ieee802_11_rsnx_capab(sm->ap_rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF) && in wpa_supplicant_install_ptk()
1280 wpa_sm_set_ltf_keyseed(sm, sm->own_addr, sm->bssid, in wpa_supplicant_install_ptk()
1281 sm->ptk.ltf_keyseed_len, in wpa_supplicant_install_ptk()
1282 sm->ptk.ltf_keyseed) < 0) { in wpa_supplicant_install_ptk()
1283 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_ptk()
1285 MACSTR ")", sm->ptk.ltf_keyseed_len, in wpa_supplicant_install_ptk()
1286 MAC2STR(sm->bssid)); in wpa_supplicant_install_ptk()
1291 wpa_sm_store_ptk(sm, sm->bssid, sm->pairwise_cipher, in wpa_supplicant_install_ptk()
1292 sm->dot11RSNAConfigPMKLifetime, &sm->ptk); in wpa_supplicant_install_ptk()
1295 os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN); in wpa_supplicant_install_ptk()
1296 sm->ptk.tk_len = 0; in wpa_supplicant_install_ptk()
1297 sm->ptk.installed = 1; in wpa_supplicant_install_ptk()
1298 sm->tk_set = true; in wpa_supplicant_install_ptk()
1300 if (sm->wpa_ptk_rekey) { in wpa_supplicant_install_ptk()
1301 eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL); in wpa_supplicant_install_ptk()
1302 eloop_register_timeout(sm->wpa_ptk_rekey, 0, wpa_sm_rekey_ptk, in wpa_supplicant_install_ptk()
1303 sm, NULL); in wpa_supplicant_install_ptk()
1309 static int wpa_supplicant_activate_ptk(struct wpa_sm *sm) in wpa_supplicant_activate_ptk() argument
1311 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_activate_ptk()
1313 sm->keyidx_active, MAC2STR(wpa_sm_get_auth_addr(sm))); in wpa_supplicant_activate_ptk()
1315 if (wpa_sm_set_key(sm, -1, 0, wpa_sm_get_auth_addr(sm), in wpa_supplicant_activate_ptk()
1316 sm->keyidx_active, 0, NULL, 0, NULL, 0, in wpa_supplicant_activate_ptk()
1318 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_activate_ptk()
1320 MACSTR ")", sm->keyidx_active, in wpa_supplicant_activate_ptk()
1321 MAC2STR(wpa_sm_get_auth_addr(sm))); in wpa_supplicant_activate_ptk()
1328 static int wpa_supplicant_check_group_cipher(struct wpa_sm *sm, in wpa_supplicant_check_group_cipher() argument
1338 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_check_group_cipher()
1347 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_check_group_cipher()
1364 static int wpa_supplicant_install_gtk(struct wpa_sm *sm, in wpa_supplicant_install_gtk() argument
1372 if ((sm->gtk.gtk_len == (size_t) gd->gtk_len && in wpa_supplicant_install_gtk()
1373 os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) || in wpa_supplicant_install_gtk()
1374 (sm->gtk_wnm_sleep.gtk_len == (size_t) gd->gtk_len && in wpa_supplicant_install_gtk()
1375 os_memcmp(sm->gtk_wnm_sleep.gtk, gd->gtk, in wpa_supplicant_install_gtk()
1376 sm->gtk_wnm_sleep.gtk_len) == 0)) { in wpa_supplicant_install_gtk()
1377 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_gtk()
1384 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_gtk()
1388 if (sm->group_cipher == WPA_CIPHER_TKIP) { in wpa_supplicant_install_gtk()
1395 if (sm->pairwise_cipher == WPA_CIPHER_NONE) { in wpa_supplicant_install_gtk()
1396 if (wpa_sm_set_key(sm, -1, gd->alg, NULL, in wpa_supplicant_install_gtk()
1400 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_gtk()
1406 } else if (wpa_sm_set_key(sm, -1, gd->alg, broadcast_ether_addr, in wpa_supplicant_install_gtk()
1409 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_gtk()
1419 sm->gtk_wnm_sleep.gtk_len = gd->gtk_len; in wpa_supplicant_install_gtk()
1420 os_memcpy(sm->gtk_wnm_sleep.gtk, gd->gtk, in wpa_supplicant_install_gtk()
1421 sm->gtk_wnm_sleep.gtk_len); in wpa_supplicant_install_gtk()
1423 sm->gtk.gtk_len = gd->gtk_len; in wpa_supplicant_install_gtk()
1424 os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len); in wpa_supplicant_install_gtk()
1431 static int wpa_supplicant_install_mlo_gtk(struct wpa_sm *sm, u8 link_id, in wpa_supplicant_install_mlo_gtk() argument
1439 if ((sm->mlo.links[link_id].gtk.gtk_len == (size_t) gd->gtk_len && in wpa_supplicant_install_mlo_gtk()
1440 os_memcmp(sm->mlo.links[link_id].gtk.gtk, gd->gtk, in wpa_supplicant_install_mlo_gtk()
1441 sm->mlo.links[link_id].gtk.gtk_len) == 0) || in wpa_supplicant_install_mlo_gtk()
1442 (sm->mlo.links[link_id].gtk_wnm_sleep.gtk_len == in wpa_supplicant_install_mlo_gtk()
1444 os_memcmp(sm->mlo.links[link_id].gtk_wnm_sleep.gtk, gd->gtk, in wpa_supplicant_install_mlo_gtk()
1445 sm->mlo.links[link_id].gtk_wnm_sleep.gtk_len) == 0)) { in wpa_supplicant_install_mlo_gtk()
1446 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_mlo_gtk()
1454 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_mlo_gtk()
1459 if (sm->group_cipher == WPA_CIPHER_TKIP) { in wpa_supplicant_install_mlo_gtk()
1466 if (wpa_sm_set_key(sm, link_id, gd->alg, broadcast_ether_addr, in wpa_supplicant_install_mlo_gtk()
1469 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_mlo_gtk()
1478 sm->mlo.links[link_id].gtk_wnm_sleep.gtk_len = gd->gtk_len; in wpa_supplicant_install_mlo_gtk()
1479 os_memcpy(sm->mlo.links[link_id].gtk_wnm_sleep.gtk, gd->gtk, in wpa_supplicant_install_mlo_gtk()
1480 sm->mlo.links[link_id].gtk_wnm_sleep.gtk_len); in wpa_supplicant_install_mlo_gtk()
1482 sm->mlo.links[link_id].gtk.gtk_len = gd->gtk_len; in wpa_supplicant_install_mlo_gtk()
1483 os_memcpy(sm->mlo.links[link_id].gtk.gtk, gd->gtk, in wpa_supplicant_install_mlo_gtk()
1484 sm->mlo.links[link_id].gtk.gtk_len); in wpa_supplicant_install_mlo_gtk()
1491 static int wpa_supplicant_gtk_tx_bit_workaround(const struct wpa_sm *sm, in wpa_supplicant_gtk_tx_bit_workaround() argument
1494 if (tx && sm->pairwise_cipher != WPA_CIPHER_NONE) { in wpa_supplicant_gtk_tx_bit_workaround()
1500 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_gtk_tx_bit_workaround()
1509 static int wpa_supplicant_rsc_relaxation(const struct wpa_sm *sm, in wpa_supplicant_rsc_relaxation() argument
1514 if (!sm->wpa_rsc_relaxation) in wpa_supplicant_rsc_relaxation()
1517 rsclen = wpa_cipher_rsc_len(sm->group_cipher); in wpa_supplicant_rsc_relaxation()
1527 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_rsc_relaxation()
1539 static int wpa_supplicant_mlo_gtk(struct wpa_sm *sm, u8 link_id, const u8 *gtk, in wpa_supplicant_mlo_gtk() argument
1574 if (wpa_supplicant_check_group_cipher(sm, sm->group_cipher, gtk_len, in wpa_supplicant_mlo_gtk()
1577 wpa_supplicant_install_mlo_gtk(sm, link_id, &gd, key_rsc, 0)) { in wpa_supplicant_mlo_gtk()
1578 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_mlo_gtk()
1591 static int wpa_supplicant_pairwise_mlo_gtk(struct wpa_sm *sm, in wpa_supplicant_pairwise_mlo_gtk() argument
1598 for_each_link(sm->mlo.valid_links, i) { in wpa_supplicant_pairwise_mlo_gtk()
1600 wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, in wpa_supplicant_pairwise_mlo_gtk()
1605 if (wpa_supplicant_mlo_gtk(sm, i, ie->mlo_gtk[i], in wpa_supplicant_pairwise_mlo_gtk()
1614 static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm, in wpa_supplicant_pairwise_gtk() argument
1638 gd.tx = wpa_supplicant_gtk_tx_bit_workaround(sm, in wpa_supplicant_pairwise_gtk()
1647 if (wpa_supplicant_rsc_relaxation(sm, key->key_rsc)) in wpa_supplicant_pairwise_gtk()
1650 if (sm->group_cipher != WPA_CIPHER_GTK_NOT_USED && in wpa_supplicant_pairwise_gtk()
1651 (wpa_supplicant_check_group_cipher(sm, sm->group_cipher, in wpa_supplicant_pairwise_gtk()
1654 wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0))) { in wpa_supplicant_pairwise_gtk()
1655 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_pairwise_gtk()
1666 static int wpa_supplicant_install_igtk(struct wpa_sm *sm, in wpa_supplicant_install_igtk() argument
1670 size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher); in wpa_supplicant_install_igtk()
1674 if ((sm->igtk.igtk_len == len && in wpa_supplicant_install_igtk()
1675 os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) || in wpa_supplicant_install_igtk()
1676 (sm->igtk_wnm_sleep.igtk_len == len && in wpa_supplicant_install_igtk()
1677 os_memcmp(sm->igtk_wnm_sleep.igtk, igtk->igtk, in wpa_supplicant_install_igtk()
1678 sm->igtk_wnm_sleep.igtk_len) == 0)) { in wpa_supplicant_install_igtk()
1679 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_igtk()
1685 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_igtk()
1690 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_igtk()
1694 if (wpa_sm_set_key(sm, -1, wpa_cipher_to_alg(sm->mgmt_group_cipher), in wpa_supplicant_install_igtk()
1712 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_install_igtk()
1715 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_igtk()
1722 sm->igtk_wnm_sleep.igtk_len = len; in wpa_supplicant_install_igtk()
1723 os_memcpy(sm->igtk_wnm_sleep.igtk, igtk->igtk, in wpa_supplicant_install_igtk()
1724 sm->igtk_wnm_sleep.igtk_len); in wpa_supplicant_install_igtk()
1726 sm->igtk.igtk_len = len; in wpa_supplicant_install_igtk()
1727 os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len); in wpa_supplicant_install_igtk()
1734 static int wpa_supplicant_install_bigtk(struct wpa_sm *sm, in wpa_supplicant_install_bigtk() argument
1738 size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher); in wpa_supplicant_install_bigtk()
1742 if ((sm->bigtk.bigtk_len == len && in wpa_supplicant_install_bigtk()
1743 os_memcmp(sm->bigtk.bigtk, bigtk->bigtk, in wpa_supplicant_install_bigtk()
1744 sm->bigtk.bigtk_len) == 0) || in wpa_supplicant_install_bigtk()
1745 (sm->bigtk_wnm_sleep.bigtk_len == len && in wpa_supplicant_install_bigtk()
1746 os_memcmp(sm->bigtk_wnm_sleep.bigtk, bigtk->bigtk, in wpa_supplicant_install_bigtk()
1747 sm->bigtk_wnm_sleep.bigtk_len) == 0)) { in wpa_supplicant_install_bigtk()
1748 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_bigtk()
1754 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_bigtk()
1759 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_bigtk()
1763 if (wpa_sm_set_key(sm, -1, wpa_cipher_to_alg(sm->mgmt_group_cipher), in wpa_supplicant_install_bigtk()
1767 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_bigtk()
1773 sm->bigtk_wnm_sleep.bigtk_len = len; in wpa_supplicant_install_bigtk()
1774 os_memcpy(sm->bigtk_wnm_sleep.bigtk, bigtk->bigtk, in wpa_supplicant_install_bigtk()
1775 sm->bigtk_wnm_sleep.bigtk_len); in wpa_supplicant_install_bigtk()
1777 sm->bigtk.bigtk_len = len; in wpa_supplicant_install_bigtk()
1778 os_memcpy(sm->bigtk.bigtk, bigtk->bigtk, sm->bigtk.bigtk_len); in wpa_supplicant_install_bigtk()
1785 static int wpa_supplicant_install_mlo_igtk(struct wpa_sm *sm, u8 link_id, in wpa_supplicant_install_mlo_igtk() argument
1789 size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher); in wpa_supplicant_install_mlo_igtk()
1793 if ((sm->mlo.links[link_id].igtk.igtk_len == len && in wpa_supplicant_install_mlo_igtk()
1794 os_memcmp(sm->mlo.links[link_id].igtk.igtk, igtk->igtk, in wpa_supplicant_install_mlo_igtk()
1795 sm->mlo.links[link_id].igtk.igtk_len) == 0) || in wpa_supplicant_install_mlo_igtk()
1796 (sm->mlo.links[link_id].igtk_wnm_sleep.igtk_len == len && in wpa_supplicant_install_mlo_igtk()
1797 os_memcmp(sm->mlo.links[link_id].igtk_wnm_sleep.igtk, igtk->igtk, in wpa_supplicant_install_mlo_igtk()
1798 sm->mlo.links[link_id].igtk_wnm_sleep.igtk_len) == 0)) { in wpa_supplicant_install_mlo_igtk()
1799 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_mlo_igtk()
1805 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_mlo_igtk()
1810 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_mlo_igtk()
1815 if (wpa_sm_set_key(sm, link_id, in wpa_supplicant_install_mlo_igtk()
1816 wpa_cipher_to_alg(sm->mgmt_group_cipher), in wpa_supplicant_install_mlo_igtk()
1820 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_mlo_igtk()
1827 sm->mlo.links[link_id].igtk_wnm_sleep.igtk_len = len; in wpa_supplicant_install_mlo_igtk()
1828 os_memcpy(sm->mlo.links[link_id].igtk_wnm_sleep.igtk, in wpa_supplicant_install_mlo_igtk()
1830 sm->mlo.links[link_id].igtk_wnm_sleep.igtk_len); in wpa_supplicant_install_mlo_igtk()
1832 sm->mlo.links[link_id].igtk.igtk_len = len; in wpa_supplicant_install_mlo_igtk()
1833 os_memcpy(sm->mlo.links[link_id].igtk.igtk, igtk->igtk, in wpa_supplicant_install_mlo_igtk()
1834 sm->mlo.links[link_id].igtk.igtk_len); in wpa_supplicant_install_mlo_igtk()
1842 wpa_supplicant_install_mlo_bigtk(struct wpa_sm *sm, u8 link_id, in wpa_supplicant_install_mlo_bigtk() argument
1846 size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher); in wpa_supplicant_install_mlo_bigtk()
1850 if ((sm->mlo.links[link_id].bigtk.bigtk_len == len && in wpa_supplicant_install_mlo_bigtk()
1851 os_memcmp(sm->mlo.links[link_id].bigtk.bigtk, bigtk->bigtk, in wpa_supplicant_install_mlo_bigtk()
1852 sm->mlo.links[link_id].bigtk.bigtk_len) == 0) || in wpa_supplicant_install_mlo_bigtk()
1853 (sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk_len == len && in wpa_supplicant_install_mlo_bigtk()
1854 os_memcmp(sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk, in wpa_supplicant_install_mlo_bigtk()
1856 sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk_len) == in wpa_supplicant_install_mlo_bigtk()
1858 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_mlo_bigtk()
1864 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_install_mlo_bigtk()
1870 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_mlo_bigtk()
1875 if (wpa_sm_set_key(sm, link_id, in wpa_supplicant_install_mlo_bigtk()
1876 wpa_cipher_to_alg(sm->mgmt_group_cipher), in wpa_supplicant_install_mlo_bigtk()
1880 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_install_mlo_bigtk()
1887 sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk_len = len; in wpa_supplicant_install_mlo_bigtk()
1888 os_memcpy(sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk, in wpa_supplicant_install_mlo_bigtk()
1890 sm->mlo.links[link_id].bigtk_wnm_sleep.bigtk_len); in wpa_supplicant_install_mlo_bigtk()
1892 sm->mlo.links[link_id].bigtk.bigtk_len = len; in wpa_supplicant_install_mlo_bigtk()
1893 os_memcpy(sm->mlo.links[link_id].bigtk.bigtk, bigtk->bigtk, in wpa_supplicant_install_mlo_bigtk()
1894 sm->mlo.links[link_id].bigtk.bigtk_len); in wpa_supplicant_install_mlo_bigtk()
1901 static int _mlo_ieee80211w_set_keys(struct wpa_sm *sm, u8 link_id, in _mlo_ieee80211w_set_keys() argument
1907 len = wpa_cipher_key_len(sm->mgmt_group_cipher); in _mlo_ieee80211w_set_keys()
1913 sm, link_id, in _mlo_ieee80211w_set_keys()
1920 if (ie->mlo_bigtk[link_id] && sm->beacon_prot) { in _mlo_ieee80211w_set_keys()
1921 len = wpa_cipher_key_len(sm->mgmt_group_cipher); in _mlo_ieee80211w_set_keys()
1927 sm, link_id, in _mlo_ieee80211w_set_keys()
1938 static int mlo_ieee80211w_set_keys(struct wpa_sm *sm, in mlo_ieee80211w_set_keys() argument
1943 if (!wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher) || in mlo_ieee80211w_set_keys()
1944 sm->mgmt_group_cipher == WPA_CIPHER_GTK_NOT_USED) in mlo_ieee80211w_set_keys()
1947 for_each_link(sm->mlo.valid_links, i) { in mlo_ieee80211w_set_keys()
1948 if (_mlo_ieee80211w_set_keys(sm, i, ie)) in mlo_ieee80211w_set_keys()
1956 static int ieee80211w_set_keys(struct wpa_sm *sm, in ieee80211w_set_keys() argument
1961 if (!wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher) || in ieee80211w_set_keys()
1962 sm->mgmt_group_cipher == WPA_CIPHER_GTK_NOT_USED) in ieee80211w_set_keys()
1968 len = wpa_cipher_key_len(sm->mgmt_group_cipher); in ieee80211w_set_keys()
1973 if (wpa_supplicant_install_igtk(sm, igtk, 0) < 0) in ieee80211w_set_keys()
1977 if (ie->bigtk && sm->beacon_prot) { in ieee80211w_set_keys()
1980 len = wpa_cipher_key_len(sm->mgmt_group_cipher); in ieee80211w_set_keys()
1985 if (wpa_supplicant_install_bigtk(sm, bigtk, 0) < 0) in ieee80211w_set_keys()
1993 static void wpa_report_ie_mismatch(struct wpa_sm *sm, in wpa_report_ie_mismatch() argument
1998 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: %s (src=" MACSTR ")", in wpa_report_ie_mismatch()
2001 if (sm->ap_wpa_ie) { in wpa_report_ie_mismatch()
2003 sm->ap_wpa_ie, sm->ap_wpa_ie_len); in wpa_report_ie_mismatch()
2006 if (!sm->ap_wpa_ie) { in wpa_report_ie_mismatch()
2007 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_report_ie_mismatch()
2014 if (sm->ap_rsn_ie) { in wpa_report_ie_mismatch()
2016 sm->ap_rsn_ie, sm->ap_rsn_ie_len); in wpa_report_ie_mismatch()
2019 if (!sm->ap_rsn_ie) { in wpa_report_ie_mismatch()
2020 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_report_ie_mismatch()
2027 wpa_sm_deauthenticate(sm, WLAN_REASON_IE_IN_4WAY_DIFFERS); in wpa_report_ie_mismatch()
2033 static int ft_validate_mdie(struct wpa_sm *sm, in ft_validate_mdie() argument
2042 os_memcmp(mdie->mobility_domain, sm->mobility_domain, in ft_validate_mdie()
2044 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "FT: MDIE in msg 3/4 did " in ft_validate_mdie()
2052 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "FT: MDIE mismatch"); in ft_validate_mdie()
2064 static int ft_validate_ftie(struct wpa_sm *sm, in ft_validate_ftie() argument
2070 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in ft_validate_ftie()
2080 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "FT: FTIE mismatch"); in ft_validate_ftie()
2092 static int ft_validate_rsnie(struct wpa_sm *sm, in ft_validate_rsnie() argument
2107 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "FT: No PMKR1Name in " in ft_validate_rsnie()
2112 if (os_memcmp_const(rsn.pmkid, sm->pmk_r1_name, WPA_PMK_NAME_LEN) != 0) in ft_validate_rsnie()
2114 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in ft_validate_rsnie()
2120 sm->pmk_r1_name, WPA_PMK_NAME_LEN); in ft_validate_rsnie()
2128 static int wpa_supplicant_validate_ie_ft(struct wpa_sm *sm, in wpa_supplicant_validate_ie_ft() argument
2134 if (sm->assoc_resp_ies) { in wpa_supplicant_validate_ie_ft()
2135 pos = sm->assoc_resp_ies; in wpa_supplicant_validate_ie_ft()
2136 end = pos + sm->assoc_resp_ies_len; in wpa_supplicant_validate_ie_ft()
2152 if (ft_validate_mdie(sm, src_addr, ie, mdie) < 0 || in wpa_supplicant_validate_ie_ft()
2153 ft_validate_ftie(sm, src_addr, ie, ftie) < 0 || in wpa_supplicant_validate_ie_ft()
2154 ft_validate_rsnie(sm, src_addr, ie) < 0) in wpa_supplicant_validate_ie_ft()
2163 static int wpa_supplicant_validate_ie(struct wpa_sm *sm, in wpa_supplicant_validate_ie() argument
2167 if (sm->ap_wpa_ie == NULL && sm->ap_rsn_ie == NULL) { in wpa_supplicant_validate_ie()
2168 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_validate_ie()
2171 if (wpa_sm_get_beacon_ie(sm) < 0) { in wpa_supplicant_validate_ie()
2172 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_validate_ie()
2177 wpa_msg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_validate_ie()
2182 (sm->ap_wpa_ie || sm->ap_rsn_ie)) { in wpa_supplicant_validate_ie()
2183 wpa_report_ie_mismatch(sm, "IE in 3/4 msg does not match " in wpa_supplicant_validate_ie()
2190 if ((ie->wpa_ie && sm->ap_wpa_ie && in wpa_supplicant_validate_ie()
2191 (ie->wpa_ie_len != sm->ap_wpa_ie_len || in wpa_supplicant_validate_ie()
2192 os_memcmp(ie->wpa_ie, sm->ap_wpa_ie, ie->wpa_ie_len) != 0)) || in wpa_supplicant_validate_ie()
2193 (ie->rsn_ie && sm->ap_rsn_ie && in wpa_supplicant_validate_ie()
2194 wpa_compare_rsn_ie(wpa_key_mgmt_ft(sm->key_mgmt), in wpa_supplicant_validate_ie()
2195 sm->ap_rsn_ie, sm->ap_rsn_ie_len, in wpa_supplicant_validate_ie()
2197 wpa_report_ie_mismatch(sm, "IE in 3/4 msg does not match " in wpa_supplicant_validate_ie()
2204 if (sm->proto == WPA_PROTO_WPA && in wpa_supplicant_validate_ie()
2205 ie->rsn_ie && sm->ap_rsn_ie == NULL && sm->rsn_enabled) { in wpa_supplicant_validate_ie()
2206 wpa_report_ie_mismatch(sm, "Possible downgrade attack " in wpa_supplicant_validate_ie()
2215 if (sm->proto == WPA_PROTO_RSN && in wpa_supplicant_validate_ie()
2216 ((sm->ap_rsnxe && !ie->rsnxe) || in wpa_supplicant_validate_ie()
2217 (!sm->ap_rsnxe && ie->rsnxe) || in wpa_supplicant_validate_ie()
2218 (sm->ap_rsnxe && ie->rsnxe && in wpa_supplicant_validate_ie()
2219 (sm->ap_rsnxe_len != ie->rsnxe_len || in wpa_supplicant_validate_ie()
2220 os_memcmp(sm->ap_rsnxe, ie->rsnxe, sm->ap_rsnxe_len) != 0)))) { in wpa_supplicant_validate_ie()
2221 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_ie()
2224 sm->ap_rsnxe, sm->ap_rsnxe_len); in wpa_supplicant_validate_ie()
2227 wpa_sm_deauthenticate(sm, WLAN_REASON_IE_IN_4WAY_DIFFERS); in wpa_supplicant_validate_ie()
2231 if (sm->proto == WPA_PROTO_RSN && wpa_sm_rsn_overriding_supported(sm)) { in wpa_supplicant_validate_ie()
2232 if ((sm->ap_rsne_override && !ie->rsne_override) || in wpa_supplicant_validate_ie()
2233 (!sm->ap_rsne_override && ie->rsne_override) || in wpa_supplicant_validate_ie()
2234 (sm->ap_rsne_override && ie->rsne_override && in wpa_supplicant_validate_ie()
2235 (sm->ap_rsne_override_len != ie->rsne_override_len || in wpa_supplicant_validate_ie()
2236 os_memcmp(sm->ap_rsne_override, ie->rsne_override, in wpa_supplicant_validate_ie()
2237 sm->ap_rsne_override_len) != 0))) { in wpa_supplicant_validate_ie()
2238 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_ie()
2242 sm->ap_rsne_override, in wpa_supplicant_validate_ie()
2243 sm->ap_rsne_override_len); in wpa_supplicant_validate_ie()
2247 wpa_sm_deauthenticate(sm, in wpa_supplicant_validate_ie()
2252 if ((sm->ap_rsne_override_2 && !ie->rsne_override_2) || in wpa_supplicant_validate_ie()
2253 (!sm->ap_rsne_override_2 && ie->rsne_override_2) || in wpa_supplicant_validate_ie()
2254 (sm->ap_rsne_override_2 && ie->rsne_override_2 && in wpa_supplicant_validate_ie()
2255 (sm->ap_rsne_override_2_len != ie->rsne_override_2_len || in wpa_supplicant_validate_ie()
2256 os_memcmp(sm->ap_rsne_override_2, ie->rsne_override_2, in wpa_supplicant_validate_ie()
2257 sm->ap_rsne_override_2_len) != 0))) { in wpa_supplicant_validate_ie()
2258 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_ie()
2262 sm->ap_rsne_override_2, in wpa_supplicant_validate_ie()
2263 sm->ap_rsne_override_2_len); in wpa_supplicant_validate_ie()
2267 wpa_sm_deauthenticate(sm, in wpa_supplicant_validate_ie()
2272 if ((sm->ap_rsnxe_override && !ie->rsnxe_override) || in wpa_supplicant_validate_ie()
2273 (!sm->ap_rsnxe_override && ie->rsnxe_override) || in wpa_supplicant_validate_ie()
2274 (sm->ap_rsnxe_override && ie->rsnxe_override && in wpa_supplicant_validate_ie()
2275 (sm->ap_rsnxe_override_len != ie->rsnxe_override_len || in wpa_supplicant_validate_ie()
2276 os_memcmp(sm->ap_rsnxe_override, ie->rsnxe_override, in wpa_supplicant_validate_ie()
2277 sm->ap_rsnxe_override_len) != 0))) { in wpa_supplicant_validate_ie()
2278 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_ie()
2282 sm->ap_rsnxe_override, in wpa_supplicant_validate_ie()
2283 sm->ap_rsnxe_override_len); in wpa_supplicant_validate_ie()
2287 wpa_sm_deauthenticate(sm, in wpa_supplicant_validate_ie()
2294 if (wpa_key_mgmt_ft(sm->key_mgmt) && in wpa_supplicant_validate_ie()
2295 wpa_supplicant_validate_ie_ft(sm, src_addr, ie) < 0) in wpa_supplicant_validate_ie()
2313 int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst, in wpa_supplicant_send_4_of_4() argument
2327 if (sm->mlo.valid_links) { in wpa_supplicant_send_4_of_4()
2337 pos = rsn_add_kde(pos, RSN_KEY_DATA_MAC_ADDR, sm->own_addr, in wpa_supplicant_send_4_of_4()
2343 if (sm->test_eapol_m4_elems) in wpa_supplicant_send_4_of_4()
2344 extra_len = wpabuf_len(sm->test_eapol_m4_elems); in wpa_supplicant_send_4_of_4()
2345 if (sm->encrypt_eapol_m4) { in wpa_supplicant_send_4_of_4()
2353 mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); in wpa_supplicant_send_4_of_4()
2355 rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL, in wpa_supplicant_send_4_of_4()
2363 reply->type = (sm->proto == WPA_PROTO_RSN || in wpa_supplicant_send_4_of_4()
2364 sm->proto == WPA_PROTO_OSEN) ? in wpa_supplicant_send_4_of_4()
2373 if (sm->encrypt_eapol_m4) in wpa_supplicant_send_4_of_4()
2377 if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) in wpa_supplicant_send_4_of_4()
2393 if (sm->test_eapol_m4_elems) { in wpa_supplicant_send_4_of_4()
2395 wpabuf_head(sm->test_eapol_m4_elems), in wpa_supplicant_send_4_of_4()
2396 wpabuf_len(sm->test_eapol_m4_elems)); in wpa_supplicant_send_4_of_4()
2399 if (sm->encrypt_eapol_m4) { in wpa_supplicant_send_4_of_4()
2403 if (sm->test_eapol_m4_elems) in wpa_supplicant_send_4_of_4()
2404 extra_len = wpabuf_len(sm->test_eapol_m4_elems); in wpa_supplicant_send_4_of_4()
2431 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Sending EAPOL-Key 4/4"); in wpa_supplicant_send_4_of_4()
2432 return wpa_eapol_key_send(sm, ptk, ver, dst, ETH_P_EAPOL, rbuf, rlen, in wpa_supplicant_send_4_of_4()
2437 static int wpa_supplicant_validate_link_kde(struct wpa_sm *sm, u8 link_id, in wpa_supplicant_validate_link_kde() argument
2450 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2456 if (!ether_addr_equal(sm->mlo.links[link_id].bssid, in wpa_supplicant_validate_link_kde()
2458 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2463 MAC2STR(sm->mlo.links[link_id].bssid)); in wpa_supplicant_validate_link_kde()
2472 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2482 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2493 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2502 if (wpa_compare_rsn_ie(wpa_key_mgmt_ft(sm->key_mgmt), in wpa_supplicant_validate_link_kde()
2503 sm->mlo.links[link_id].ap_rsne, in wpa_supplicant_validate_link_kde()
2504 sm->mlo.links[link_id].ap_rsne_len, in wpa_supplicant_validate_link_kde()
2506 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2510 sm->mlo.links[link_id].ap_rsne, in wpa_supplicant_validate_link_kde()
2511 sm->mlo.links[link_id].ap_rsne_len); in wpa_supplicant_validate_link_kde()
2517 if ((sm->mlo.links[link_id].ap_rsnxe && !rsnxe) || in wpa_supplicant_validate_link_kde()
2518 (!sm->mlo.links[link_id].ap_rsnxe && rsnxe) || in wpa_supplicant_validate_link_kde()
2519 (sm->mlo.links[link_id].ap_rsnxe && rsnxe && in wpa_supplicant_validate_link_kde()
2520 (sm->mlo.links[link_id].ap_rsnxe_len != rsnxe_len || in wpa_supplicant_validate_link_kde()
2521 os_memcmp(sm->mlo.links[link_id].ap_rsnxe, rsnxe, in wpa_supplicant_validate_link_kde()
2522 sm->mlo.links[link_id].ap_rsnxe_len) != 0))) { in wpa_supplicant_validate_link_kde()
2523 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2527 sm->mlo.links[link_id].ap_rsnxe, in wpa_supplicant_validate_link_kde()
2528 sm->mlo.links[link_id].ap_rsnxe_len); in wpa_supplicant_validate_link_kde()
2534 if (!wpa_sm_rsn_overriding_supported(sm)) in wpa_supplicant_validate_link_kde()
2557 if ((sm->mlo.links[link_id].ap_rsnoe && !rsnoe) || in wpa_supplicant_validate_link_kde()
2558 (!sm->mlo.links[link_id].ap_rsnoe && rsnoe) || in wpa_supplicant_validate_link_kde()
2559 (sm->mlo.links[link_id].ap_rsnoe && rsnoe && in wpa_supplicant_validate_link_kde()
2560 wpa_compare_rsn_ie(wpa_key_mgmt_ft(sm->key_mgmt), in wpa_supplicant_validate_link_kde()
2561 sm->mlo.links[link_id].ap_rsnoe, in wpa_supplicant_validate_link_kde()
2562 sm->mlo.links[link_id].ap_rsnoe_len, in wpa_supplicant_validate_link_kde()
2564 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2568 sm->mlo.links[link_id].ap_rsnoe, in wpa_supplicant_validate_link_kde()
2569 sm->mlo.links[link_id].ap_rsnoe_len); in wpa_supplicant_validate_link_kde()
2575 if ((sm->mlo.links[link_id].ap_rsno2e && !rsno2e) || in wpa_supplicant_validate_link_kde()
2576 (!sm->mlo.links[link_id].ap_rsno2e && rsno2e) || in wpa_supplicant_validate_link_kde()
2577 (sm->mlo.links[link_id].ap_rsno2e && rsno2e && in wpa_supplicant_validate_link_kde()
2578 wpa_compare_rsn_ie(wpa_key_mgmt_ft(sm->key_mgmt), in wpa_supplicant_validate_link_kde()
2579 sm->mlo.links[link_id].ap_rsno2e, in wpa_supplicant_validate_link_kde()
2580 sm->mlo.links[link_id].ap_rsno2e_len, in wpa_supplicant_validate_link_kde()
2582 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2586 sm->mlo.links[link_id].ap_rsno2e, in wpa_supplicant_validate_link_kde()
2587 sm->mlo.links[link_id].ap_rsno2e_len); in wpa_supplicant_validate_link_kde()
2593 if ((sm->mlo.links[link_id].ap_rsnxoe && !rsnxoe) || in wpa_supplicant_validate_link_kde()
2594 (!sm->mlo.links[link_id].ap_rsnxoe && rsnxoe) || in wpa_supplicant_validate_link_kde()
2595 (sm->mlo.links[link_id].ap_rsnxoe && rsnxoe && in wpa_supplicant_validate_link_kde()
2596 (sm->mlo.links[link_id].ap_rsnxoe_len != rsnxoe_len || in wpa_supplicant_validate_link_kde()
2597 os_memcmp(sm->mlo.links[link_id].ap_rsnxoe, rsnxoe, in wpa_supplicant_validate_link_kde()
2598 sm->mlo.links[link_id].ap_rsnxoe_len) != 0))) { in wpa_supplicant_validate_link_kde()
2599 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_validate_link_kde()
2603 sm->mlo.links[link_id].ap_rsnxoe, in wpa_supplicant_validate_link_kde()
2604 sm->mlo.links[link_id].ap_rsnxoe_len); in wpa_supplicant_validate_link_kde()
2612 wpa_sm_deauthenticate(sm, WLAN_REASON_IE_IN_4WAY_DIFFERS); in wpa_supplicant_validate_link_kde()
2617 static int wpa_validate_mlo_ieee80211w_kdes(struct wpa_sm *sm, in wpa_validate_mlo_ieee80211w_kdes() argument
2623 (unsigned int) wpa_cipher_key_len(sm->mgmt_group_cipher)) { in wpa_validate_mlo_ieee80211w_kdes()
2624 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_validate_mlo_ieee80211w_kdes()
2630 if (!sm->beacon_prot) in wpa_validate_mlo_ieee80211w_kdes()
2635 (unsigned int) wpa_cipher_key_len(sm->mgmt_group_cipher)) { in wpa_validate_mlo_ieee80211w_kdes()
2636 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_validate_mlo_ieee80211w_kdes()
2646 static void wpa_supplicant_process_3_of_4_wpa(struct wpa_sm *sm, in wpa_supplicant_process_3_of_4_wpa() argument
2654 wpa_sm_set_state(sm, WPA_4WAY_HANDSHAKE); in wpa_supplicant_process_3_of_4_wpa()
2655 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_process_3_of_4_wpa()
2657 " (ver=%d)", MAC2STR(sm->bssid), ver); in wpa_supplicant_process_3_of_4_wpa()
2665 if (wpa_supplicant_validate_ie(sm, sm->bssid, &ie) < 0) in wpa_supplicant_process_3_of_4_wpa()
2668 if (os_memcmp(sm->anonce, key->key_nonce, WPA_NONCE_LEN) != 0) { in wpa_supplicant_process_3_of_4_wpa()
2669 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4_wpa()
2671 MACSTR ")", MAC2STR(sm->bssid)); in wpa_supplicant_process_3_of_4_wpa()
2676 if (keylen != wpa_cipher_key_len(sm->pairwise_cipher)) { in wpa_supplicant_process_3_of_4_wpa()
2677 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4_wpa()
2679 wpa_cipher_txt(sm->pairwise_cipher), keylen, in wpa_supplicant_process_3_of_4_wpa()
2680 MAC2STR(sm->bssid)); in wpa_supplicant_process_3_of_4_wpa()
2684 if (wpa_supplicant_send_4_of_4(sm, wpa_sm_get_auth_addr(sm), key, ver, in wpa_supplicant_process_3_of_4_wpa()
2685 key_info, &sm->ptk) < 0) in wpa_supplicant_process_3_of_4_wpa()
2691 sm->renew_snonce = 1; in wpa_supplicant_process_3_of_4_wpa()
2694 wpa_supplicant_install_ptk(sm, key, KEY_FLAG_RX_TX)) in wpa_supplicant_process_3_of_4_wpa()
2699 sm, sm->bssid, MLME_SETPROTECTION_PROTECT_TYPE_RX, in wpa_supplicant_process_3_of_4_wpa()
2701 eapol_sm_notify_portValid(sm->eapol, true); in wpa_supplicant_process_3_of_4_wpa()
2703 wpa_sm_set_state(sm, WPA_GROUP_HANDSHAKE); in wpa_supplicant_process_3_of_4_wpa()
2705 sm->msg_3_of_4_ok = 1; in wpa_supplicant_process_3_of_4_wpa()
2709 wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED); in wpa_supplicant_process_3_of_4_wpa()
2713 static void wpa_supplicant_process_3_of_4(struct wpa_sm *sm, in wpa_supplicant_process_3_of_4() argument
2720 bool mlo = sm->mlo.valid_links; in wpa_supplicant_process_3_of_4()
2723 wpa_sm_set_state(sm, WPA_4WAY_HANDSHAKE); in wpa_supplicant_process_3_of_4()
2724 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_process_3_of_4()
2726 " (ver=%d)%s", MAC2STR(sm->bssid), ver, mlo ? " (MLO)" : ""); in wpa_supplicant_process_3_of_4()
2734 if (sm->ssid_protection) { in wpa_supplicant_process_3_of_4()
2736 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_3_of_4()
2741 if (ie.ssid_len != sm->ssid_len || in wpa_supplicant_process_3_of_4()
2742 os_memcmp(ie.ssid, sm->ssid, sm->ssid_len) != 0) { in wpa_supplicant_process_3_of_4()
2743 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_3_of_4()
2748 sm->ssid, sm->ssid_len); in wpa_supplicant_process_3_of_4()
2752 wpa_sm_ssid_verified(sm); in wpa_supplicant_process_3_of_4()
2756 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_3_of_4()
2766 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4()
2772 if (mlo && !is_valid_ap_mld_mac_kde(sm, ie.mac_addr)) { in wpa_supplicant_process_3_of_4()
2778 if (!(sm->mlo.req_links & BIT(i))) in wpa_supplicant_process_3_of_4()
2782 sm, i, ie.mlo_link[i], ie.mlo_link_len[i], in wpa_supplicant_process_3_of_4()
2787 if (!(sm->mlo.valid_links & BIT(i))) in wpa_supplicant_process_3_of_4()
2791 wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, in wpa_supplicant_process_3_of_4()
2796 if (sm->mgmt_group_cipher != WPA_CIPHER_GTK_NOT_USED && in wpa_supplicant_process_3_of_4()
2797 wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher) && in wpa_supplicant_process_3_of_4()
2798 wpa_validate_mlo_ieee80211w_kdes(sm, i, &ie) < 0) in wpa_supplicant_process_3_of_4()
2803 if (mlo && wpa_key_mgmt_ft(sm->key_mgmt) && in wpa_supplicant_process_3_of_4()
2804 wpa_supplicant_validate_ie_ft(sm, sm->bssid, &ie) < 0) in wpa_supplicant_process_3_of_4()
2809 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4()
2814 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4()
2820 sm->mgmt_group_cipher != WPA_CIPHER_GTK_NOT_USED && in wpa_supplicant_process_3_of_4()
2821 wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher) && in wpa_supplicant_process_3_of_4()
2823 (unsigned int) wpa_cipher_key_len(sm->mgmt_group_cipher)) { in wpa_supplicant_process_3_of_4()
2824 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4()
2830 if (!mlo && wpa_supplicant_validate_ie(sm, sm->bssid, &ie) < 0) in wpa_supplicant_process_3_of_4()
2833 if (wpa_handle_ext_key_id(sm, &ie)) in wpa_supplicant_process_3_of_4()
2836 if (os_memcmp(sm->anonce, key->key_nonce, WPA_NONCE_LEN) != 0) { in wpa_supplicant_process_3_of_4()
2837 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4()
2840 MACSTR ")", MAC2STR(sm->bssid)); in wpa_supplicant_process_3_of_4()
2845 if (keylen != wpa_cipher_key_len(sm->pairwise_cipher)) { in wpa_supplicant_process_3_of_4()
2846 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4()
2848 ")", wpa_cipher_txt(sm->pairwise_cipher), keylen, in wpa_supplicant_process_3_of_4()
2849 MAC2STR(sm->bssid)); in wpa_supplicant_process_3_of_4()
2855 os_memcpy(sm->p2p_ip_addr, ie.ip_addr_alloc, 3 * 4); in wpa_supplicant_process_3_of_4()
2857 sm->p2p_ip_addr, sizeof(sm->p2p_ip_addr)); in wpa_supplicant_process_3_of_4()
2862 if (wpa_sm_ocv_enabled(sm)) { in wpa_supplicant_process_3_of_4()
2865 if (wpa_sm_channel_info(sm, &ci) != 0) { in wpa_supplicant_process_3_of_4()
2866 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_3_of_4()
2874 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, OCV_FAILURE in wpa_supplicant_process_3_of_4()
2876 MAC2STR(sm->bssid), ocv_errorstr); in wpa_supplicant_process_3_of_4()
2887 if (sm->key_mgmt == WPA_KEY_MGMT_DPP && sm->dpp_pfs != 2 && in wpa_supplicant_process_3_of_4()
2888 (ie.dpp_kde[1] & DPP_KDE_PFS_ALLOWED) && !sm->dpp_z) { in wpa_supplicant_process_3_of_4()
2896 if (sm->use_ext_key_id && in wpa_supplicant_process_3_of_4()
2897 wpa_supplicant_install_ptk(sm, key, KEY_FLAG_RX)) in wpa_supplicant_process_3_of_4()
2900 if (wpa_supplicant_send_4_of_4(sm, wpa_sm_get_auth_addr(sm), key, ver, in wpa_supplicant_process_3_of_4()
2901 key_info, &sm->ptk) < 0) in wpa_supplicant_process_3_of_4()
2907 sm->renew_snonce = 1; in wpa_supplicant_process_3_of_4()
2912 if (sm->use_ext_key_id) in wpa_supplicant_process_3_of_4()
2913 res = wpa_supplicant_activate_ptk(sm); in wpa_supplicant_process_3_of_4()
2915 res = wpa_supplicant_install_ptk(sm, key, in wpa_supplicant_process_3_of_4()
2923 sm, sm->bssid, MLME_SETPROTECTION_PROTECT_TYPE_RX, in wpa_supplicant_process_3_of_4()
2925 eapol_sm_notify_portValid(sm->eapol, true); in wpa_supplicant_process_3_of_4()
2927 wpa_sm_set_state(sm, WPA_GROUP_HANDSHAKE); in wpa_supplicant_process_3_of_4()
2930 if (wpa_supplicant_pairwise_mlo_gtk(sm, key, &ie, in wpa_supplicant_process_3_of_4()
2932 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_3_of_4()
2936 } else if (sm->group_cipher == WPA_CIPHER_GTK_NOT_USED) { in wpa_supplicant_process_3_of_4()
2938 } else if (!ie.gtk && sm->proto == WPA_PROTO_RSN) { in wpa_supplicant_process_3_of_4()
2939 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_3_of_4()
2943 wpa_supplicant_pairwise_gtk(sm, key, in wpa_supplicant_process_3_of_4()
2945 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_3_of_4()
2950 if ((mlo && mlo_ieee80211w_set_keys(sm, &ie) < 0) || in wpa_supplicant_process_3_of_4()
2951 (!mlo && ieee80211w_set_keys(sm, &ie) < 0)) { in wpa_supplicant_process_3_of_4()
2952 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_3_of_4()
2957 if (mlo || sm->group_cipher == WPA_CIPHER_GTK_NOT_USED || ie.gtk) in wpa_supplicant_process_3_of_4()
2958 wpa_supplicant_key_neg_complete(sm, sm->bssid, in wpa_supplicant_process_3_of_4()
2962 wpa_sm_set_rekey_offload(sm); in wpa_supplicant_process_3_of_4()
2969 if (sm->proto == WPA_PROTO_RSN && wpa_key_mgmt_suite_b(sm->key_mgmt) && in wpa_supplicant_process_3_of_4()
2970 !sm->cur_pmksa) { in wpa_supplicant_process_3_of_4()
2973 sa = pmksa_cache_add(sm->pmksa, sm->pmk, sm->pmk_len, NULL, in wpa_supplicant_process_3_of_4()
2974 sm->ptk.kck, sm->ptk.kck_len, in wpa_supplicant_process_3_of_4()
2975 wpa_sm_get_auth_addr(sm), sm->own_addr, in wpa_supplicant_process_3_of_4()
2976 sm->network_ctx, sm->key_mgmt, NULL); in wpa_supplicant_process_3_of_4()
2977 if (!sm->cur_pmksa) in wpa_supplicant_process_3_of_4()
2978 sm->cur_pmksa = sa; in wpa_supplicant_process_3_of_4()
2982 wpa_sm_transition_disable(sm, ie.transition_disable[0]); in wpa_supplicant_process_3_of_4()
2983 sm->msg_3_of_4_ok = 1; in wpa_supplicant_process_3_of_4()
2987 wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED); in wpa_supplicant_process_3_of_4()
2991 static int wpa_supplicant_send_2_of_2(struct wpa_sm *sm, in wpa_supplicant_send_2_of_2() argument
3001 if (sm->disable_eapol_g2_tx) { in wpa_supplicant_send_2_of_2()
3008 if (wpa_sm_ocv_enabled(sm)) in wpa_supplicant_send_2_of_2()
3012 mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); in wpa_supplicant_send_2_of_2()
3014 rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL, in wpa_supplicant_send_2_of_2()
3019 reply->type = (sm->proto == WPA_PROTO_RSN || in wpa_supplicant_send_2_of_2()
3020 sm->proto == WPA_PROTO_OSEN) ? in wpa_supplicant_send_2_of_2()
3029 if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) in wpa_supplicant_send_2_of_2()
3040 if (wpa_sm_ocv_enabled(sm)) { in wpa_supplicant_send_2_of_2()
3044 if (wpa_sm_channel_info(sm, &ci) != 0) { in wpa_supplicant_send_2_of_2()
3051 if (sm->oci_freq_override_eapol_g2) { in wpa_supplicant_send_2_of_2()
3055 sm->oci_freq_override_eapol_g2); in wpa_supplicant_send_2_of_2()
3056 ci.frequency = sm->oci_freq_override_eapol_g2; in wpa_supplicant_send_2_of_2()
3068 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Sending EAPOL-Key 2/2"); in wpa_supplicant_send_2_of_2()
3069 return wpa_eapol_key_send(sm, &sm->ptk, ver, wpa_sm_get_auth_addr(sm), in wpa_supplicant_send_2_of_2()
3074 static void wpa_supplicant_process_mlo_1_of_2(struct wpa_sm *sm, in wpa_supplicant_process_mlo_1_of_2() argument
3084 if (!sm->msg_3_of_4_ok && !wpa_fils_is_completed(sm)) { in wpa_supplicant_process_mlo_1_of_2()
3085 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_mlo_1_of_2()
3090 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "MLO RSN: RX message 1 of Group " in wpa_supplicant_process_mlo_1_of_2()
3096 wpa_sm_set_state(sm, WPA_GROUP_HANDSHAKE); in wpa_supplicant_process_mlo_1_of_2()
3104 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_mlo_1_of_2()
3110 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_mlo_1_of_2()
3116 if (wpa_sm_ocv_enabled(sm)) { in wpa_supplicant_process_mlo_1_of_2()
3119 if (wpa_sm_channel_info(sm, &ci) != 0) { in wpa_supplicant_process_mlo_1_of_2()
3120 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_mlo_1_of_2()
3128 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, OCV_FAILURE in wpa_supplicant_process_mlo_1_of_2()
3130 MAC2STR(sm->bssid), ocv_errorstr); in wpa_supplicant_process_mlo_1_of_2()
3136 if (mlo_ieee80211w_set_keys(sm, &ie) < 0) in wpa_supplicant_process_mlo_1_of_2()
3137 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_mlo_1_of_2()
3140 for_each_link(sm->mlo.valid_links, i) { in wpa_supplicant_process_mlo_1_of_2()
3148 if (wpa_supplicant_mlo_gtk(sm, i, ie.mlo_gtk[i], in wpa_supplicant_process_mlo_1_of_2()
3153 if (wpa_supplicant_send_2_of_2(sm, key, ver, key_info) < 0) in wpa_supplicant_process_mlo_1_of_2()
3156 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "MLO RSN: Group rekeying completed " in wpa_supplicant_process_mlo_1_of_2()
3157 "with " MACSTR " [GTK=%s]", MAC2STR(sm->mlo.ap_mld_addr), in wpa_supplicant_process_mlo_1_of_2()
3158 wpa_cipher_txt(sm->group_cipher)); in wpa_supplicant_process_mlo_1_of_2()
3159 wpa_sm_cancel_auth_timeout(sm); in wpa_supplicant_process_mlo_1_of_2()
3160 wpa_sm_set_state(sm, WPA_COMPLETED); in wpa_supplicant_process_mlo_1_of_2()
3162 wpa_sm_set_rekey_offload(sm); in wpa_supplicant_process_mlo_1_of_2()
3167 wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED); in wpa_supplicant_process_mlo_1_of_2()
3171 static void wpa_supplicant_process_1_of_2_wpa(struct wpa_sm *sm, in wpa_supplicant_process_1_of_2_wpa() argument
3184 if (!sm->msg_3_of_4_ok) { in wpa_supplicant_process_1_of_2_wpa()
3185 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2_wpa()
3192 rekey = wpa_sm_get_state(sm) == WPA_COMPLETED; in wpa_supplicant_process_1_of_2_wpa()
3193 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_process_1_of_2_wpa()
3203 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2_wpa()
3212 wpa_supplicant_check_group_cipher(sm, sm->group_cipher, in wpa_supplicant_process_1_of_2_wpa()
3217 wpa_sm_set_state(sm, WPA_GROUP_HANDSHAKE); in wpa_supplicant_process_1_of_2_wpa()
3222 if (ver == WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 && sm->ptk.kek_len == 16) { in wpa_supplicant_process_1_of_2_wpa()
3224 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_2_wpa()
3230 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_2_wpa()
3236 os_memcpy(ek + 16, sm->ptk.kek, sm->ptk.kek_len); in wpa_supplicant_process_1_of_2_wpa()
3240 wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, in wpa_supplicant_process_1_of_2_wpa()
3248 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_2_wpa()
3254 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_2_wpa()
3261 if (aes_unwrap(sm->ptk.kek, sm->ptk.kek_len, maxkeylen / 8, in wpa_supplicant_process_1_of_2_wpa()
3263 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_2_wpa()
3269 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_2_wpa()
3274 sm, !!(key_info & WPA_KEY_INFO_TXRX)); in wpa_supplicant_process_1_of_2_wpa()
3277 if (wpa_supplicant_rsc_relaxation(sm, key->key_rsc)) in wpa_supplicant_process_1_of_2_wpa()
3280 if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0) || in wpa_supplicant_process_1_of_2_wpa()
3281 wpa_supplicant_send_2_of_2(sm, key, ver, key_info) < 0) in wpa_supplicant_process_1_of_2_wpa()
3286 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2_wpa()
3289 MAC2STR(sm->bssid), wpa_cipher_txt(sm->group_cipher)); in wpa_supplicant_process_1_of_2_wpa()
3290 wpa_sm_cancel_auth_timeout(sm); in wpa_supplicant_process_1_of_2_wpa()
3291 wpa_sm_set_state(sm, WPA_COMPLETED); in wpa_supplicant_process_1_of_2_wpa()
3293 wpa_supplicant_key_neg_complete(sm, sm->bssid, in wpa_supplicant_process_1_of_2_wpa()
3297 wpa_sm_set_rekey_offload(sm); in wpa_supplicant_process_1_of_2_wpa()
3303 wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED); in wpa_supplicant_process_1_of_2_wpa()
3307 static void wpa_supplicant_process_1_of_2(struct wpa_sm *sm, in wpa_supplicant_process_1_of_2() argument
3320 if (!sm->msg_3_of_4_ok && !wpa_fils_is_completed(sm)) { in wpa_supplicant_process_1_of_2()
3321 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2()
3328 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_supplicant_process_1_of_2()
3339 wpa_sm_set_state(sm, WPA_GROUP_HANDSHAKE); in wpa_supplicant_process_1_of_2()
3342 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_2()
3347 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2()
3353 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2()
3360 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2()
3367 if (wpa_sm_ocv_enabled(sm)) { in wpa_supplicant_process_1_of_2()
3370 if (wpa_sm_channel_info(sm, &ci) != 0) { in wpa_supplicant_process_1_of_2()
3371 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_process_1_of_2()
3379 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, OCV_FAILURE in wpa_supplicant_process_1_of_2()
3381 MAC2STR(sm->bssid), ocv_errorstr); in wpa_supplicant_process_1_of_2()
3387 if (wpa_supplicant_check_group_cipher(sm, sm->group_cipher, in wpa_supplicant_process_1_of_2()
3395 gd.tx = wpa_supplicant_gtk_tx_bit_workaround(sm, in wpa_supplicant_process_1_of_2()
3399 if (ieee80211w_set_keys(sm, &ie) < 0) in wpa_supplicant_process_1_of_2()
3400 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2()
3404 if (wpa_supplicant_rsc_relaxation(sm, key->key_rsc)) in wpa_supplicant_process_1_of_2()
3407 if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0) || in wpa_supplicant_process_1_of_2()
3408 wpa_supplicant_send_2_of_2(sm, key, ver, key_info) < 0) in wpa_supplicant_process_1_of_2()
3412 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_supplicant_process_1_of_2()
3414 MAC2STR(sm->bssid), wpa_cipher_txt(sm->group_cipher)); in wpa_supplicant_process_1_of_2()
3415 wpa_sm_cancel_auth_timeout(sm); in wpa_supplicant_process_1_of_2()
3416 wpa_sm_set_state(sm, WPA_COMPLETED); in wpa_supplicant_process_1_of_2()
3418 wpa_sm_set_rekey_offload(sm); in wpa_supplicant_process_1_of_2()
3424 wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED); in wpa_supplicant_process_1_of_2()
3428 static int wpa_supplicant_verify_eapol_key_mic(struct wpa_sm *sm, in wpa_supplicant_verify_eapol_key_mic() argument
3435 size_t mic_len = wpa_mic_len(sm->key_mgmt, sm->pmk_len); in wpa_supplicant_verify_eapol_key_mic()
3438 if (sm->tptk_set) { in wpa_supplicant_verify_eapol_key_mic()
3440 if (wpa_eapol_key_mic(sm->tptk.kck, sm->tptk.kck_len, in wpa_supplicant_verify_eapol_key_mic()
3441 sm->key_mgmt, in wpa_supplicant_verify_eapol_key_mic()
3444 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_verify_eapol_key_mic()
3457 sm->tptk_set = 0; in wpa_supplicant_verify_eapol_key_mic()
3458 sm->ptk_set = 1; in wpa_supplicant_verify_eapol_key_mic()
3459 os_memcpy(&sm->ptk, &sm->tptk, sizeof(sm->ptk)); in wpa_supplicant_verify_eapol_key_mic()
3460 os_memset(&sm->tptk, 0, sizeof(sm->tptk)); in wpa_supplicant_verify_eapol_key_mic()
3468 sm->renew_snonce = 1; in wpa_supplicant_verify_eapol_key_mic()
3472 if (!ok && sm->ptk_set) { in wpa_supplicant_verify_eapol_key_mic()
3474 if (wpa_eapol_key_mic(sm->ptk.kck, sm->ptk.kck_len, in wpa_supplicant_verify_eapol_key_mic()
3475 sm->key_mgmt, in wpa_supplicant_verify_eapol_key_mic()
3478 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_verify_eapol_key_mic()
3495 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_verify_eapol_key_mic()
3501 os_memcpy(sm->rx_replay_counter, key->replay_counter, in wpa_supplicant_verify_eapol_key_mic()
3503 sm->rx_replay_counter_set = 1; in wpa_supplicant_verify_eapol_key_mic()
3509 static int wpa_supplicant_decrypt_key_data(struct wpa_sm *sm, in wpa_supplicant_decrypt_key_data() argument
3516 if (!sm->ptk_set) { in wpa_supplicant_decrypt_key_data()
3517 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_decrypt_key_data()
3525 if (ver == WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 && sm->ptk.kek_len == 16) { in wpa_supplicant_decrypt_key_data()
3527 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_decrypt_key_data()
3535 os_memcpy(ek + 16, sm->ptk.kek, sm->ptk.kek_len); in wpa_supplicant_decrypt_key_data()
3538 wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, in wpa_supplicant_decrypt_key_data()
3546 wpa_use_aes_key_wrap(sm->key_mgmt)) { in wpa_supplicant_decrypt_key_data()
3551 (unsigned int) sm->ptk.kek_len); in wpa_supplicant_decrypt_key_data()
3553 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_decrypt_key_data()
3561 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_decrypt_key_data()
3568 if (aes_unwrap(sm->ptk.kek, sm->ptk.kek_len, *key_data_len / 8, in wpa_supplicant_decrypt_key_data()
3576 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_decrypt_key_data()
3588 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_supplicant_decrypt_key_data()
3602 void wpa_sm_aborted_cached(struct wpa_sm *sm) in wpa_sm_aborted_cached() argument
3604 if (sm && sm->cur_pmksa) { in wpa_sm_aborted_cached()
3605 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_aborted_cached()
3607 sm->cur_pmksa = NULL; in wpa_sm_aborted_cached()
3612 void wpa_sm_aborted_external_cached(struct wpa_sm *sm) in wpa_sm_aborted_external_cached() argument
3614 if (sm && sm->cur_pmksa && sm->cur_pmksa->external) { in wpa_sm_aborted_external_cached()
3615 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_aborted_external_cached()
3617 sm->cur_pmksa = NULL; in wpa_sm_aborted_external_cached()
3622 static void wpa_eapol_key_dump(struct wpa_sm *sm, in wpa_eapol_key_dump() argument
3630 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, " EAPOL-Key type=%d", key->type); in wpa_eapol_key_dump()
3631 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_eapol_key_dump()
3645 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_eapol_key_dump()
3660 static int wpa_supp_aead_decrypt(struct wpa_sm *sm, u8 *buf, size_t buf_len, in wpa_supp_aead_decrypt() argument
3675 if (sm->tptk_set) in wpa_supp_aead_decrypt()
3676 ptk = &sm->tptk; in wpa_supp_aead_decrypt()
3677 else if (sm->ptk_set) in wpa_supp_aead_decrypt()
3678 ptk = &sm->ptk; in wpa_supp_aead_decrypt()
3713 if (sm->tptk_set) { in wpa_supp_aead_decrypt()
3714 sm->tptk_set = 0; in wpa_supp_aead_decrypt()
3715 sm->ptk_set = 1; in wpa_supp_aead_decrypt()
3716 os_memcpy(&sm->ptk, &sm->tptk, sizeof(sm->ptk)); in wpa_supp_aead_decrypt()
3717 os_memset(&sm->tptk, 0, sizeof(sm->tptk)); in wpa_supp_aead_decrypt()
3720 os_memcpy(sm->rx_replay_counter, key->replay_counter, in wpa_supp_aead_decrypt()
3722 sm->rx_replay_counter_set = 1; in wpa_supp_aead_decrypt()
3729 static int wpa_sm_rx_eapol_wpa(struct wpa_sm *sm, const u8 *src_addr, in wpa_sm_rx_eapol_wpa() argument
3740 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol_wpa()
3748 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol_wpa()
3754 if (sm->pairwise_cipher == WPA_CIPHER_CCMP && in wpa_sm_rx_eapol_wpa()
3756 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol_wpa()
3759 if (sm->group_cipher != WPA_CIPHER_CCMP && in wpa_sm_rx_eapol_wpa()
3765 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol_wpa()
3772 wpa_supplicant_verify_eapol_key_mic(sm, key, ver, tmp, data_len)) in wpa_sm_rx_eapol_wpa()
3777 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_sm_rx_eapol_wpa()
3784 wpa_supplicant_process_3_of_4_wpa(sm, key, ver, in wpa_sm_rx_eapol_wpa()
3789 wpa_supplicant_process_1_of_4_wpa(sm, src_addr, key, in wpa_sm_rx_eapol_wpa()
3797 wpa_supplicant_process_1_of_2_wpa(sm, src_addr, key, in wpa_sm_rx_eapol_wpa()
3802 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_sm_rx_eapol_wpa()
3828 int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, in wpa_sm_rx_eapol() argument
3841 sm->ft_completed = 0; in wpa_sm_rx_eapol()
3844 pmk_len = sm->pmk_len; in wpa_sm_rx_eapol()
3845 if (!pmk_len && sm->cur_pmksa) in wpa_sm_rx_eapol()
3846 pmk_len = sm->cur_pmksa->pmk_len; in wpa_sm_rx_eapol()
3847 mic_len = wpa_mic_len(sm->key_mgmt, pmk_len); in wpa_sm_rx_eapol()
3851 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_rx_eapol()
3862 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_rx_eapol()
3870 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_rx_eapol()
3878 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_rx_eapol()
3886 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_rx_eapol()
3904 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_rx_eapol()
3912 wpa_eapol_key_dump(sm, key, key_data_len, mic, mic_len); in wpa_sm_rx_eapol()
3915 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: Invalid EAPOL-Key " in wpa_sm_rx_eapol()
3922 if (sm->rx_replay_counter_set && in wpa_sm_rx_eapol()
3923 os_memcmp(key->replay_counter, sm->rx_replay_counter, in wpa_sm_rx_eapol()
3925 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_sm_rx_eapol()
3930 eapol_sm_notify_lower_layer_success(sm->eapol, 0); in wpa_sm_rx_eapol()
3935 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3941 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3947 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3952 if (sm->proto == WPA_PROTO_WPA) { in wpa_sm_rx_eapol()
3953 ret = wpa_sm_rx_eapol_wpa(sm, src_addr, key, encrypted, in wpa_sm_rx_eapol()
3960 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3969 !wpa_use_akm_defined(sm->key_mgmt)) { in wpa_sm_rx_eapol()
3970 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3977 sm->pairwise_cipher != WPA_CIPHER_TKIP) { in wpa_sm_rx_eapol()
3978 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3985 (sm->key_mgmt != WPA_KEY_MGMT_IEEE8021X && in wpa_sm_rx_eapol()
3986 sm->key_mgmt != WPA_KEY_MGMT_PSK)) { in wpa_sm_rx_eapol()
3987 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
3989 ver, sm->key_mgmt); in wpa_sm_rx_eapol()
3993 if (wpa_use_akm_defined(sm->key_mgmt) && in wpa_sm_rx_eapol()
3995 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
4002 if (wpa_key_mgmt_ft(sm->key_mgmt)) { in wpa_sm_rx_eapol()
4005 !wpa_use_akm_defined(sm->key_mgmt)) { in wpa_sm_rx_eapol()
4006 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
4012 if (wpa_key_mgmt_sha256(sm->key_mgmt)) { in wpa_sm_rx_eapol()
4014 !wpa_use_akm_defined(sm->key_mgmt)) { in wpa_sm_rx_eapol()
4015 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
4019 } else if (sm->pairwise_cipher == WPA_CIPHER_CCMP && in wpa_sm_rx_eapol()
4020 !wpa_use_akm_defined(sm->key_mgmt) && in wpa_sm_rx_eapol()
4022 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
4025 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
4028 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
4032 } else if (sm->pairwise_cipher == WPA_CIPHER_GCMP && in wpa_sm_rx_eapol()
4033 !wpa_use_akm_defined(sm->key_mgmt) && in wpa_sm_rx_eapol()
4035 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_rx_eapol()
4042 wpa_supplicant_verify_eapol_key_mic(sm, key, ver, tmp, data_len)) in wpa_sm_rx_eapol()
4047 if (wpa_supp_aead_decrypt(sm, tmp, data_len, &key_data_len)) in wpa_sm_rx_eapol()
4052 if ((sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) && in wpa_sm_rx_eapol()
4061 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_sm_rx_eapol()
4065 if (wpa_supplicant_decrypt_key_data(sm, key, mic_len, in wpa_sm_rx_eapol()
4073 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_sm_rx_eapol()
4080 wpa_supplicant_process_3_of_4(sm, key, ver, key_data, in wpa_sm_rx_eapol()
4084 wpa_supplicant_process_1_of_4(sm, src_addr, key, in wpa_sm_rx_eapol()
4093 if (sm->mlo.valid_links) in wpa_sm_rx_eapol()
4094 wpa_supplicant_process_mlo_1_of_2(sm, src_addr, in wpa_sm_rx_eapol()
4099 wpa_supplicant_process_1_of_2(sm, src_addr, key, in wpa_sm_rx_eapol()
4104 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in wpa_sm_rx_eapol()
4118 static u32 wpa_key_mgmt_suite(struct wpa_sm *sm) in wpa_key_mgmt_suite() argument
4120 switch (sm->key_mgmt) { in wpa_key_mgmt_suite()
4122 return ((sm->proto == WPA_PROTO_RSN || in wpa_key_mgmt_suite()
4123 sm->proto == WPA_PROTO_OSEN) ? in wpa_key_mgmt_suite()
4127 return (sm->proto == WPA_PROTO_RSN ? in wpa_key_mgmt_suite()
4141 return (sm->proto == WPA_PROTO_RSN ? in wpa_key_mgmt_suite()
4171 int wpa_sm_get_mib(struct wpa_sm *sm, char *buf, size_t buflen) in wpa_sm_get_mib() argument
4178 if (sm->cur_pmksa) { in wpa_sm_get_mib()
4180 sm->cur_pmksa->pmkid, PMKID_LEN); in wpa_sm_get_mib()
4184 rsna = (wpa_key_mgmt_wpa_psk(sm->key_mgmt) || in wpa_sm_get_mib()
4185 wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt)) && in wpa_sm_get_mib()
4186 sm->proto == WPA_PROTO_RSN; in wpa_sm_get_mib()
4203 wpa_cipher_key_len(sm->group_cipher) * 8, in wpa_sm_get_mib()
4204 sm->dot11RSNAConfigPMKLifetime, in wpa_sm_get_mib()
4205 sm->dot11RSNAConfigPMKReauthThreshold, in wpa_sm_get_mib()
4206 sm->dot11RSNAConfigSATimeout); in wpa_sm_get_mib()
4222 RSN_SUITE_ARG(wpa_key_mgmt_suite(sm)), in wpa_sm_get_mib()
4223 RSN_SUITE_ARG(wpa_cipher_to_suite(sm->proto, in wpa_sm_get_mib()
4224 sm->pairwise_cipher)), in wpa_sm_get_mib()
4225 RSN_SUITE_ARG(wpa_cipher_to_suite(sm->proto, in wpa_sm_get_mib()
4226 sm->group_cipher)), in wpa_sm_get_mib()
4228 RSN_SUITE_ARG(wpa_key_mgmt_suite(sm)), in wpa_sm_get_mib()
4229 RSN_SUITE_ARG(wpa_cipher_to_suite(sm->proto, in wpa_sm_get_mib()
4230 sm->pairwise_cipher)), in wpa_sm_get_mib()
4231 RSN_SUITE_ARG(wpa_cipher_to_suite(sm->proto, in wpa_sm_get_mib()
4232 sm->group_cipher)), in wpa_sm_get_mib()
4233 sm->dot11RSNA4WayHandshakeFailures); in wpa_sm_get_mib()
4245 struct wpa_sm *sm = ctx; in wpa_sm_pmksa_free_cb() local
4248 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "RSN: PMKSA cache entry free_cb: " in wpa_sm_pmksa_free_cb()
4251 if (sm->cur_pmksa == entry) { in wpa_sm_pmksa_free_cb()
4252 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_pmksa_free_cb()
4255 pmksa_cache_clear_current(sm); in wpa_sm_pmksa_free_cb()
4268 (sm->pmk_len == entry->pmk_len && in wpa_sm_pmksa_free_cb()
4269 os_memcmp(sm->pmk, entry->pmk, sm->pmk_len) == 0)) { in wpa_sm_pmksa_free_cb()
4270 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_pmksa_free_cb()
4272 pmksa_cache_clear_current(sm); in wpa_sm_pmksa_free_cb()
4277 sm->pmk_len = 0; in wpa_sm_pmksa_free_cb()
4278 os_memset(sm->pmk, 0, sizeof(sm->pmk)); in wpa_sm_pmksa_free_cb()
4279 wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED); in wpa_sm_pmksa_free_cb()
4287 struct wpa_sm *sm = ctx; in wpa_sm_pmksa_is_current_cb() local
4289 return sm->cur_pmksa == entry; in wpa_sm_pmksa_is_current_cb()
4296 struct wpa_sm *sm = ctx; in wpa_sm_pmksa_notify_cb() local
4298 wpa_sm_notify_pmksa_cache_entry(sm, entry); in wpa_sm_pmksa_notify_cb()
4312 struct wpa_sm *sm; in wpa_sm_init() local
4314 sm = os_zalloc(sizeof(*sm)); in wpa_sm_init()
4315 if (sm == NULL) in wpa_sm_init()
4317 dl_list_init(&sm->pmksa_candidates); in wpa_sm_init()
4318 sm->renew_snonce = 1; in wpa_sm_init()
4319 sm->ctx = ctx; in wpa_sm_init()
4321 sm->dot11RSNAConfigPMKLifetime = 43200; in wpa_sm_init()
4322 sm->dot11RSNAConfigPMKReauthThreshold = 70; in wpa_sm_init()
4323 sm->dot11RSNAConfigSATimeout = 60; in wpa_sm_init()
4325 sm->pmksa = pmksa_cache_init(wpa_sm_pmksa_free_cb, in wpa_sm_init()
4327 wpa_sm_pmksa_notify_cb, sm, sm); in wpa_sm_init()
4328 if (sm->pmksa == NULL) { in wpa_sm_init()
4329 wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, in wpa_sm_init()
4331 os_free(sm); in wpa_sm_init()
4335 return sm; in wpa_sm_init()
4343 void wpa_sm_deinit(struct wpa_sm *sm) in wpa_sm_deinit() argument
4347 if (sm == NULL) in wpa_sm_deinit()
4349 pmksa_cache_deinit(sm->pmksa); in wpa_sm_deinit()
4350 eloop_cancel_timeout(wpa_sm_start_preauth, sm, NULL); in wpa_sm_deinit()
4351 eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL); in wpa_sm_deinit()
4352 os_free(sm->assoc_wpa_ie); in wpa_sm_deinit()
4353 os_free(sm->assoc_rsnxe); in wpa_sm_deinit()
4354 os_free(sm->ap_wpa_ie); in wpa_sm_deinit()
4355 os_free(sm->ap_rsn_ie); in wpa_sm_deinit()
4356 os_free(sm->ap_rsnxe); in wpa_sm_deinit()
4357 os_free(sm->ap_rsne_override); in wpa_sm_deinit()
4358 os_free(sm->ap_rsne_override_2); in wpa_sm_deinit()
4359 os_free(sm->ap_rsnxe_override); in wpa_sm_deinit()
4361 os_free(sm->mlo.links[i].ap_rsne); in wpa_sm_deinit()
4362 os_free(sm->mlo.links[i].ap_rsnxe); in wpa_sm_deinit()
4363 os_free(sm->mlo.links[i].ap_rsnoe); in wpa_sm_deinit()
4364 os_free(sm->mlo.links[i].ap_rsno2e); in wpa_sm_deinit()
4365 os_free(sm->mlo.links[i].ap_rsnxoe); in wpa_sm_deinit()
4367 wpa_sm_drop_sa(sm); in wpa_sm_deinit()
4368 os_free(sm->ctx); in wpa_sm_deinit()
4370 os_free(sm->assoc_resp_ies); in wpa_sm_deinit()
4373 wpabuf_free(sm->test_assoc_ie); in wpa_sm_deinit()
4374 wpabuf_free(sm->test_eapol_m2_elems); in wpa_sm_deinit()
4375 wpabuf_free(sm->test_eapol_m4_elems); in wpa_sm_deinit()
4378 crypto_ecdh_deinit(sm->fils_ecdh); in wpa_sm_deinit()
4381 wpabuf_free(sm->fils_ft_ies); in wpa_sm_deinit()
4384 crypto_ecdh_deinit(sm->owe_ecdh); in wpa_sm_deinit()
4387 wpabuf_clear_free(sm->dpp_z); in wpa_sm_deinit()
4389 os_free(sm); in wpa_sm_deinit()
4393 static void wpa_sm_clear_ptk(struct wpa_sm *sm) in wpa_sm_clear_ptk() argument
4397 sm->ptk_set = 0; in wpa_sm_clear_ptk()
4398 os_memset(&sm->ptk, 0, sizeof(sm->ptk)); in wpa_sm_clear_ptk()
4399 sm->tptk_set = 0; in wpa_sm_clear_ptk()
4400 os_memset(&sm->tptk, 0, sizeof(sm->tptk)); in wpa_sm_clear_ptk()
4401 os_memset(&sm->gtk, 0, sizeof(sm->gtk)); in wpa_sm_clear_ptk()
4402 os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep)); in wpa_sm_clear_ptk()
4403 os_memset(&sm->igtk, 0, sizeof(sm->igtk)); in wpa_sm_clear_ptk()
4404 os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep)); in wpa_sm_clear_ptk()
4405 os_memset(&sm->bigtk, 0, sizeof(sm->bigtk)); in wpa_sm_clear_ptk()
4406 os_memset(&sm->bigtk_wnm_sleep, 0, sizeof(sm->bigtk_wnm_sleep)); in wpa_sm_clear_ptk()
4407 sm->tk_set = false; in wpa_sm_clear_ptk()
4409 os_memset(&sm->mlo.links[i].gtk, 0, in wpa_sm_clear_ptk()
4410 sizeof(sm->mlo.links[i].gtk)); in wpa_sm_clear_ptk()
4411 os_memset(&sm->mlo.links[i].gtk_wnm_sleep, 0, in wpa_sm_clear_ptk()
4412 sizeof(sm->mlo.links[i].gtk_wnm_sleep)); in wpa_sm_clear_ptk()
4413 os_memset(&sm->mlo.links[i].igtk, 0, in wpa_sm_clear_ptk()
4414 sizeof(sm->mlo.links[i].igtk)); in wpa_sm_clear_ptk()
4415 os_memset(&sm->mlo.links[i].igtk_wnm_sleep, 0, in wpa_sm_clear_ptk()
4416 sizeof(sm->mlo.links[i].igtk_wnm_sleep)); in wpa_sm_clear_ptk()
4417 os_memset(&sm->mlo.links[i].bigtk, 0, in wpa_sm_clear_ptk()
4418 sizeof(sm->mlo.links[i].bigtk)); in wpa_sm_clear_ptk()
4419 os_memset(&sm->mlo.links[i].bigtk_wnm_sleep, 0, in wpa_sm_clear_ptk()
4420 sizeof(sm->mlo.links[i].bigtk_wnm_sleep)); in wpa_sm_clear_ptk()
4433 void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid) in wpa_sm_notify_assoc() argument
4437 if (sm == NULL) in wpa_sm_notify_assoc()
4440 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_notify_assoc()
4442 os_memcpy(sm->bssid, bssid, ETH_ALEN); in wpa_sm_notify_assoc()
4443 os_memset(sm->rx_replay_counter, 0, WPA_REPLAY_COUNTER_LEN); in wpa_sm_notify_assoc()
4444 sm->rx_replay_counter_set = 0; in wpa_sm_notify_assoc()
4445 sm->renew_snonce = 1; in wpa_sm_notify_assoc()
4446 if (ether_addr_equal(sm->preauth_bssid, bssid)) in wpa_sm_notify_assoc()
4447 rsn_preauth_deinit(sm); in wpa_sm_notify_assoc()
4450 if (wpa_ft_is_completed(sm)) { in wpa_sm_notify_assoc()
4455 eapol_sm_notify_portValid(sm->eapol, false); in wpa_sm_notify_assoc()
4456 wpa_supplicant_key_neg_complete(sm, sm->bssid, 1); in wpa_sm_notify_assoc()
4459 wpa_ft_prepare_auth_request(sm, NULL); in wpa_sm_notify_assoc()
4462 sm->ft_protocol = 1; in wpa_sm_notify_assoc()
4464 sm->ft_protocol = 0; in wpa_sm_notify_assoc()
4468 if (sm->fils_completed) { in wpa_sm_notify_assoc()
4473 wpa_supplicant_key_neg_complete(sm, sm->bssid, 1); in wpa_sm_notify_assoc()
4483 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Clear old PTK"); in wpa_sm_notify_assoc()
4484 wpa_sm_clear_ptk(sm); in wpa_sm_notify_assoc()
4488 wpa_tdls_assoc(sm); in wpa_sm_notify_assoc()
4492 os_memset(sm->p2p_ip_addr, 0, sizeof(sm->p2p_ip_addr)); in wpa_sm_notify_assoc()
4495 sm->keyidx_active = 0; in wpa_sm_notify_assoc()
4506 void wpa_sm_notify_disassoc(struct wpa_sm *sm) in wpa_sm_notify_disassoc() argument
4508 eloop_cancel_timeout(wpa_sm_start_preauth, sm, NULL); in wpa_sm_notify_disassoc()
4509 eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL); in wpa_sm_notify_disassoc()
4510 rsn_preauth_deinit(sm); in wpa_sm_notify_disassoc()
4511 pmksa_cache_clear_current(sm); in wpa_sm_notify_disassoc()
4512 if (wpa_sm_get_state(sm) == WPA_4WAY_HANDSHAKE) in wpa_sm_notify_disassoc()
4513 sm->dot11RSNA4WayHandshakeFailures++; in wpa_sm_notify_disassoc()
4515 wpa_tdls_disassoc(sm); in wpa_sm_notify_disassoc()
4518 sm->fils_completed = 0; in wpa_sm_notify_disassoc()
4521 sm->ft_reassoc_completed = 0; in wpa_sm_notify_disassoc()
4522 sm->ft_protocol = 0; in wpa_sm_notify_disassoc()
4526 wpa_sm_drop_sa(sm); in wpa_sm_notify_disassoc()
4527 sm->keyidx_active = 0; in wpa_sm_notify_disassoc()
4529 sm->msg_3_of_4_ok = 0; in wpa_sm_notify_disassoc()
4530 os_memset(sm->bssid, 0, ETH_ALEN); in wpa_sm_notify_disassoc()
4544 void wpa_sm_set_pmk(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len, in wpa_sm_set_pmk() argument
4547 if (sm == NULL) in wpa_sm_set_pmk()
4552 sm->pmk_len = pmk_len; in wpa_sm_set_pmk()
4553 os_memcpy(sm->pmk, pmk, pmk_len); in wpa_sm_set_pmk()
4557 sm->xxkey_len = pmk_len; in wpa_sm_set_pmk()
4558 os_memcpy(sm->xxkey, pmk, pmk_len); in wpa_sm_set_pmk()
4562 sm->cur_pmksa = pmksa_cache_add(sm->pmksa, pmk, pmk_len, in wpa_sm_set_pmk()
4564 sm->own_addr, in wpa_sm_set_pmk()
4565 sm->network_ctx, sm->key_mgmt, in wpa_sm_set_pmk()
4578 void wpa_sm_set_pmk_from_pmksa(struct wpa_sm *sm) in wpa_sm_set_pmk_from_pmksa() argument
4580 if (sm == NULL) in wpa_sm_set_pmk_from_pmksa()
4583 if (sm->cur_pmksa) { in wpa_sm_set_pmk_from_pmksa()
4586 sm->cur_pmksa->pmk, sm->cur_pmksa->pmk_len); in wpa_sm_set_pmk_from_pmksa()
4587 sm->pmk_len = sm->cur_pmksa->pmk_len; in wpa_sm_set_pmk_from_pmksa()
4588 os_memcpy(sm->pmk, sm->cur_pmksa->pmk, sm->pmk_len); in wpa_sm_set_pmk_from_pmksa()
4591 sm->pmk_len = 0; in wpa_sm_set_pmk_from_pmksa()
4592 os_memset(sm->pmk, 0, PMK_LEN_MAX); in wpa_sm_set_pmk_from_pmksa()
4602 void wpa_sm_set_fast_reauth(struct wpa_sm *sm, int fast_reauth) in wpa_sm_set_fast_reauth() argument
4604 if (sm) in wpa_sm_set_fast_reauth()
4605 sm->fast_reauth = fast_reauth; in wpa_sm_set_fast_reauth()
4614 void wpa_sm_set_scard_ctx(struct wpa_sm *sm, void *scard_ctx) in wpa_sm_set_scard_ctx() argument
4616 if (sm == NULL) in wpa_sm_set_scard_ctx()
4618 sm->scard_ctx = scard_ctx; in wpa_sm_set_scard_ctx()
4619 if (sm->preauth_eapol) in wpa_sm_set_scard_ctx()
4620 eapol_sm_register_scard_ctx(sm->preauth_eapol, scard_ctx); in wpa_sm_set_scard_ctx()
4633 void wpa_sm_set_config(struct wpa_sm *sm, struct rsn_supp_config *config) in wpa_sm_set_config() argument
4635 if (!sm) in wpa_sm_set_config()
4639 sm->network_ctx = config->network_ctx; in wpa_sm_set_config()
4640 sm->allowed_pairwise_cipher = config->allowed_pairwise_cipher; in wpa_sm_set_config()
4641 sm->proactive_key_caching = config->proactive_key_caching; in wpa_sm_set_config()
4642 sm->eap_workaround = config->eap_workaround; in wpa_sm_set_config()
4643 sm->eap_conf_ctx = config->eap_conf_ctx; in wpa_sm_set_config()
4645 os_memcpy(sm->ssid, config->ssid, config->ssid_len); in wpa_sm_set_config()
4646 sm->ssid_len = config->ssid_len; in wpa_sm_set_config()
4648 sm->ssid_len = 0; in wpa_sm_set_config()
4649 sm->wpa_ptk_rekey = config->wpa_ptk_rekey; in wpa_sm_set_config()
4650 sm->p2p = config->p2p; in wpa_sm_set_config()
4651 sm->wpa_rsc_relaxation = config->wpa_rsc_relaxation; in wpa_sm_set_config()
4652 sm->owe_ptk_workaround = config->owe_ptk_workaround; in wpa_sm_set_config()
4653 sm->force_kdk_derivation = config->force_kdk_derivation; in wpa_sm_set_config()
4656 sm->fils_cache_id_set = 1; in wpa_sm_set_config()
4657 os_memcpy(sm->fils_cache_id, config->fils_cache_id, in wpa_sm_set_config()
4660 sm->fils_cache_id_set = 0; in wpa_sm_set_config()
4663 sm->beacon_prot = config->beacon_prot; in wpa_sm_set_config()
4665 sm->network_ctx = NULL; in wpa_sm_set_config()
4666 sm->allowed_pairwise_cipher = 0; in wpa_sm_set_config()
4667 sm->proactive_key_caching = 0; in wpa_sm_set_config()
4668 sm->eap_workaround = 0; in wpa_sm_set_config()
4669 sm->eap_conf_ctx = NULL; in wpa_sm_set_config()
4670 sm->ssid_len = 0; in wpa_sm_set_config()
4671 sm->wpa_ptk_rekey = 0; in wpa_sm_set_config()
4672 sm->p2p = 0; in wpa_sm_set_config()
4673 sm->wpa_rsc_relaxation = 0; in wpa_sm_set_config()
4674 sm->owe_ptk_workaround = 0; in wpa_sm_set_config()
4675 sm->beacon_prot = 0; in wpa_sm_set_config()
4676 sm->force_kdk_derivation = false; in wpa_sm_set_config()
4681 void wpa_sm_set_ssid(struct wpa_sm *sm, const u8 *ssid, size_t ssid_len) in wpa_sm_set_ssid() argument
4683 if (!sm) in wpa_sm_set_ssid()
4687 os_memcpy(sm->ssid, ssid, ssid_len); in wpa_sm_set_ssid()
4688 sm->ssid_len = ssid_len; in wpa_sm_set_ssid()
4690 sm->ssid_len = 0; in wpa_sm_set_ssid()
4695 int wpa_sm_set_mlo_params(struct wpa_sm *sm, const struct wpa_sm_mlo *mlo) in wpa_sm_set_mlo_params() argument
4699 if (!sm) in wpa_sm_set_mlo_params()
4702 os_memcpy(sm->mlo.ap_mld_addr, mlo->ap_mld_addr, ETH_ALEN); in wpa_sm_set_mlo_params()
4703 sm->mlo.assoc_link_id = mlo->assoc_link_id; in wpa_sm_set_mlo_params()
4704 sm->mlo.valid_links = mlo->valid_links; in wpa_sm_set_mlo_params()
4705 sm->mlo.req_links = mlo->req_links; in wpa_sm_set_mlo_params()
4711 if (sm->mlo.req_links & BIT(i)) { in wpa_sm_set_mlo_params()
4714 wpa_dbg(sm->ctx->msg_ctx, MSG_INFO, in wpa_sm_set_mlo_params()
4721 os_memcpy(sm->mlo.links[i].addr, mlo->links[i].addr, in wpa_sm_set_mlo_params()
4723 os_memcpy(sm->mlo.links[i].bssid, mlo->links[i].bssid, in wpa_sm_set_mlo_params()
4729 os_free(sm->mlo.links[i].ap_rsne); in wpa_sm_set_mlo_params()
4731 if (sm->mlo.links[i].ap_rsne) in wpa_sm_set_mlo_params()
4732 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_mlo_params()
4735 sm->mlo.links[i].ap_rsne = NULL; in wpa_sm_set_mlo_params()
4736 sm->mlo.links[i].ap_rsne_len = 0; in wpa_sm_set_mlo_params()
4740 sm->mlo.links[i].ap_rsne = os_memdup(ie, len); in wpa_sm_set_mlo_params()
4741 if (!sm->mlo.links[i].ap_rsne) { in wpa_sm_set_mlo_params()
4742 sm->mlo.links[i].ap_rsne_len = 0; in wpa_sm_set_mlo_params()
4745 sm->mlo.links[i].ap_rsne_len = len; in wpa_sm_set_mlo_params()
4750 os_free(sm->mlo.links[i].ap_rsnxe); in wpa_sm_set_mlo_params()
4752 if (sm->mlo.links[i].ap_rsnxe) in wpa_sm_set_mlo_params()
4753 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_mlo_params()
4756 sm->mlo.links[i].ap_rsnxe = NULL; in wpa_sm_set_mlo_params()
4757 sm->mlo.links[i].ap_rsnxe_len = 0; in wpa_sm_set_mlo_params()
4761 sm->mlo.links[i].ap_rsnxe = os_memdup(ie, len); in wpa_sm_set_mlo_params()
4762 if (!sm->mlo.links[i].ap_rsnxe) { in wpa_sm_set_mlo_params()
4763 sm->mlo.links[i].ap_rsnxe_len = 0; in wpa_sm_set_mlo_params()
4766 sm->mlo.links[i].ap_rsnxe_len = len; in wpa_sm_set_mlo_params()
4771 os_free(sm->mlo.links[i].ap_rsnoe); in wpa_sm_set_mlo_params()
4773 if (sm->mlo.links[i].ap_rsnoe) in wpa_sm_set_mlo_params()
4774 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_mlo_params()
4777 sm->mlo.links[i].ap_rsnoe = NULL; in wpa_sm_set_mlo_params()
4778 sm->mlo.links[i].ap_rsnoe_len = 0; in wpa_sm_set_mlo_params()
4782 sm->mlo.links[i].ap_rsnoe = os_memdup(ie, len); in wpa_sm_set_mlo_params()
4783 if (!sm->mlo.links[i].ap_rsnoe) { in wpa_sm_set_mlo_params()
4784 sm->mlo.links[i].ap_rsnoe_len = 0; in wpa_sm_set_mlo_params()
4787 sm->mlo.links[i].ap_rsnoe_len = len; in wpa_sm_set_mlo_params()
4792 os_free(sm->mlo.links[i].ap_rsno2e); in wpa_sm_set_mlo_params()
4794 if (sm->mlo.links[i].ap_rsno2e) in wpa_sm_set_mlo_params()
4795 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_mlo_params()
4798 sm->mlo.links[i].ap_rsno2e = NULL; in wpa_sm_set_mlo_params()
4799 sm->mlo.links[i].ap_rsno2e_len = 0; in wpa_sm_set_mlo_params()
4803 sm->mlo.links[i].ap_rsno2e = os_memdup(ie, len); in wpa_sm_set_mlo_params()
4804 if (!sm->mlo.links[i].ap_rsno2e) { in wpa_sm_set_mlo_params()
4805 sm->mlo.links[i].ap_rsno2e_len = 0; in wpa_sm_set_mlo_params()
4808 sm->mlo.links[i].ap_rsno2e_len = len; in wpa_sm_set_mlo_params()
4813 os_free(sm->mlo.links[i].ap_rsnxoe); in wpa_sm_set_mlo_params()
4815 if (sm->mlo.links[i].ap_rsnxoe) in wpa_sm_set_mlo_params()
4816 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_mlo_params()
4819 sm->mlo.links[i].ap_rsnxoe = NULL; in wpa_sm_set_mlo_params()
4820 sm->mlo.links[i].ap_rsnxoe_len = 0; in wpa_sm_set_mlo_params()
4824 sm->mlo.links[i].ap_rsnxoe = os_memdup(ie, len); in wpa_sm_set_mlo_params()
4825 if (!sm->mlo.links[i].ap_rsnxoe) { in wpa_sm_set_mlo_params()
4826 sm->mlo.links[i].ap_rsnxoe_len = 0; in wpa_sm_set_mlo_params()
4829 sm->mlo.links[i].ap_rsnxoe_len = len; in wpa_sm_set_mlo_params()
4842 void wpa_sm_set_own_addr(struct wpa_sm *sm, const u8 *addr) in wpa_sm_set_own_addr() argument
4844 if (sm) in wpa_sm_set_own_addr()
4845 os_memcpy(sm->own_addr, addr, ETH_ALEN); in wpa_sm_set_own_addr()
4855 void wpa_sm_set_ifname(struct wpa_sm *sm, const char *ifname, in wpa_sm_set_ifname() argument
4858 if (sm) { in wpa_sm_set_ifname()
4859 sm->ifname = ifname; in wpa_sm_set_ifname()
4860 sm->bridge_ifname = bridge_ifname; in wpa_sm_set_ifname()
4870 void wpa_sm_set_eapol(struct wpa_sm *sm, struct eapol_sm *eapol) in wpa_sm_set_eapol() argument
4872 if (sm) in wpa_sm_set_eapol()
4873 sm->eapol = eapol; in wpa_sm_set_eapol()
4884 int wpa_sm_set_param(struct wpa_sm *sm, enum wpa_sm_conf_params param, in wpa_sm_set_param() argument
4889 if (sm == NULL) in wpa_sm_set_param()
4895 sm->dot11RSNAConfigPMKLifetime = value; in wpa_sm_set_param()
4901 sm->dot11RSNAConfigPMKReauthThreshold = value; in wpa_sm_set_param()
4907 sm->dot11RSNAConfigSATimeout = value; in wpa_sm_set_param()
4912 sm->proto = value; in wpa_sm_set_param()
4915 sm->pairwise_cipher = value; in wpa_sm_set_param()
4918 sm->group_cipher = value; in wpa_sm_set_param()
4921 sm->key_mgmt = value; in wpa_sm_set_param()
4924 sm->mgmt_group_cipher = value; in wpa_sm_set_param()
4927 sm->rsn_enabled = value; in wpa_sm_set_param()
4930 sm->mfp = value; in wpa_sm_set_param()
4933 sm->ocv = value; in wpa_sm_set_param()
4936 sm->sae_pwe = value; in wpa_sm_set_param()
4939 sm->sae_pk = value; in wpa_sm_set_param()
4942 sm->wpa_deny_ptk0_rekey = value; in wpa_sm_set_param()
4945 sm->ext_key_id = value; in wpa_sm_set_param()
4948 sm->use_ext_key_id = value; in wpa_sm_set_param()
4952 sm->ft_rsnxe_used = value; in wpa_sm_set_param()
4955 sm->oci_freq_override_eapol = value; in wpa_sm_set_param()
4958 sm->oci_freq_override_eapol_g2 = value; in wpa_sm_set_param()
4961 sm->oci_freq_override_ft_assoc = value; in wpa_sm_set_param()
4964 sm->oci_freq_override_fils_assoc = value; in wpa_sm_set_param()
4967 sm->disable_eapol_g2_tx = value; in wpa_sm_set_param()
4970 sm->encrypt_eapol_m2 = value; in wpa_sm_set_param()
4973 sm->encrypt_eapol_m4 = value; in wpa_sm_set_param()
4978 sm->dpp_pfs = value; in wpa_sm_set_param()
4982 sm->wmm_enabled = value; in wpa_sm_set_param()
4985 sm->ft_prepend_pmkid = value; in wpa_sm_set_param()
4988 sm->ssid_protection = value; in wpa_sm_set_param()
4991 sm->rsn_override = value; in wpa_sm_set_param()
4994 sm->rsn_override_support = value; in wpa_sm_set_param()
5004 static const u8 * wpa_sm_get_ap_rsne(struct wpa_sm *sm, size_t *len) in wpa_sm_get_ap_rsne() argument
5006 if (sm->rsn_override == RSN_OVERRIDE_RSNE_OVERRIDE) { in wpa_sm_get_ap_rsne()
5007 *len = sm->ap_rsne_override_len; in wpa_sm_get_ap_rsne()
5008 return sm->ap_rsne_override; in wpa_sm_get_ap_rsne()
5011 if (sm->rsn_override == RSN_OVERRIDE_RSNE_OVERRIDE_2) { in wpa_sm_get_ap_rsne()
5012 *len = sm->ap_rsne_override_2_len; in wpa_sm_get_ap_rsne()
5013 return sm->ap_rsne_override_2; in wpa_sm_get_ap_rsne()
5016 *len = sm->ap_rsn_ie_len; in wpa_sm_get_ap_rsne()
5017 return sm->ap_rsn_ie; in wpa_sm_get_ap_rsne()
5033 int wpa_sm_get_status(struct wpa_sm *sm, char *buf, size_t buflen, in wpa_sm_get_status() argument
5041 rsne = wpa_sm_get_ap_rsne(sm, &rsne_len); in wpa_sm_get_status()
5047 wpa_cipher_txt(sm->pairwise_cipher), in wpa_sm_get_status()
5048 wpa_cipher_txt(sm->group_cipher), in wpa_sm_get_status()
5049 wpa_key_mgmt_txt(sm->key_mgmt, sm->proto)); in wpa_sm_get_status()
5055 if (sm->key_mgmt == WPA_KEY_MGMT_DPP && sm->dpp_z) { in wpa_sm_get_status()
5063 if (sm->mfp != NO_MGMT_FRAME_PROTECTION && rsne) { in wpa_sm_get_status()
5074 sm->mgmt_group_cipher)); in wpa_sm_get_status()
5085 int wpa_sm_pmf_enabled(struct wpa_sm *sm) in wpa_sm_pmf_enabled() argument
5091 rsne = wpa_sm_get_ap_rsne(sm, &rsne_len); in wpa_sm_pmf_enabled()
5093 if (sm->mfp == NO_MGMT_FRAME_PROTECTION || !rsne) in wpa_sm_pmf_enabled()
5104 bool wpa_sm_rsn_overriding_supported(struct wpa_sm *sm) in wpa_sm_rsn_overriding_supported() argument
5109 rsne = wpa_sm_get_ap_rsne(sm, &rsne_len); in wpa_sm_rsn_overriding_supported()
5111 return sm->rsn_override_support && rsne; in wpa_sm_rsn_overriding_supported()
5115 int wpa_sm_ext_key_id(struct wpa_sm *sm) in wpa_sm_ext_key_id() argument
5117 return sm ? sm->ext_key_id : 0; in wpa_sm_ext_key_id()
5121 int wpa_sm_ext_key_id_active(struct wpa_sm *sm) in wpa_sm_ext_key_id_active() argument
5123 return sm ? sm->use_ext_key_id : 0; in wpa_sm_ext_key_id_active()
5127 int wpa_sm_ocv_enabled(struct wpa_sm *sm) in wpa_sm_ocv_enabled() argument
5133 rsne = wpa_sm_get_ap_rsne(sm, &rsne_len); in wpa_sm_ocv_enabled()
5134 if (!sm->ocv || !rsne) in wpa_sm_ocv_enabled()
5149 int wpa_sm_set_assoc_wpa_ie_default(struct wpa_sm *sm, u8 *wpa_ie, in wpa_sm_set_assoc_wpa_ie_default() argument
5154 if (sm == NULL) in wpa_sm_set_assoc_wpa_ie_default()
5158 if (sm->test_assoc_ie) { in wpa_sm_set_assoc_wpa_ie_default()
5161 if (*wpa_ie_len < wpabuf_len(sm->test_assoc_ie)) in wpa_sm_set_assoc_wpa_ie_default()
5163 os_memcpy(wpa_ie, wpabuf_head(sm->test_assoc_ie), in wpa_sm_set_assoc_wpa_ie_default()
5164 wpabuf_len(sm->test_assoc_ie)); in wpa_sm_set_assoc_wpa_ie_default()
5165 res = wpabuf_len(sm->test_assoc_ie); in wpa_sm_set_assoc_wpa_ie_default()
5168 res = wpa_gen_wpa_ie(sm, wpa_ie, *wpa_ie_len); in wpa_sm_set_assoc_wpa_ie_default()
5176 if (sm->assoc_wpa_ie == NULL) { in wpa_sm_set_assoc_wpa_ie_default()
5182 sm->assoc_wpa_ie = os_memdup(wpa_ie, *wpa_ie_len); in wpa_sm_set_assoc_wpa_ie_default()
5183 if (sm->assoc_wpa_ie == NULL) in wpa_sm_set_assoc_wpa_ie_default()
5186 sm->assoc_wpa_ie_len = *wpa_ie_len; in wpa_sm_set_assoc_wpa_ie_default()
5190 sm->assoc_wpa_ie, sm->assoc_wpa_ie_len); in wpa_sm_set_assoc_wpa_ie_default()
5208 int wpa_sm_set_assoc_wpa_ie(struct wpa_sm *sm, const u8 *ie, size_t len) in wpa_sm_set_assoc_wpa_ie() argument
5210 if (sm == NULL) in wpa_sm_set_assoc_wpa_ie()
5213 os_free(sm->assoc_wpa_ie); in wpa_sm_set_assoc_wpa_ie()
5215 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_assoc_wpa_ie()
5217 sm->assoc_wpa_ie = NULL; in wpa_sm_set_assoc_wpa_ie()
5218 sm->assoc_wpa_ie_len = 0; in wpa_sm_set_assoc_wpa_ie()
5221 sm->assoc_wpa_ie = os_memdup(ie, len); in wpa_sm_set_assoc_wpa_ie()
5222 if (sm->assoc_wpa_ie == NULL) in wpa_sm_set_assoc_wpa_ie()
5225 sm->assoc_wpa_ie_len = len; in wpa_sm_set_assoc_wpa_ie()
5239 int wpa_sm_set_assoc_rsnxe_default(struct wpa_sm *sm, u8 *rsnxe, in wpa_sm_set_assoc_rsnxe_default() argument
5244 if (!sm) in wpa_sm_set_assoc_rsnxe_default()
5247 res = wpa_gen_rsnxe(sm, rsnxe, *rsnxe_len); in wpa_sm_set_assoc_rsnxe_default()
5254 if (sm->assoc_rsnxe) { in wpa_sm_set_assoc_rsnxe_default()
5257 sm->assoc_rsnxe, sm->assoc_rsnxe_len); in wpa_sm_set_assoc_rsnxe_default()
5263 sm->assoc_rsnxe = os_memdup(rsnxe, *rsnxe_len); in wpa_sm_set_assoc_rsnxe_default()
5264 if (!sm->assoc_rsnxe) in wpa_sm_set_assoc_rsnxe_default()
5267 sm->assoc_rsnxe_len = *rsnxe_len; in wpa_sm_set_assoc_rsnxe_default()
5285 int wpa_sm_set_assoc_rsnxe(struct wpa_sm *sm, const u8 *ie, size_t len) in wpa_sm_set_assoc_rsnxe() argument
5287 if (!sm) in wpa_sm_set_assoc_rsnxe()
5290 os_free(sm->assoc_rsnxe); in wpa_sm_set_assoc_rsnxe()
5292 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_assoc_rsnxe()
5294 sm->assoc_rsnxe = NULL; in wpa_sm_set_assoc_rsnxe()
5295 sm->assoc_rsnxe_len = 0; in wpa_sm_set_assoc_rsnxe()
5298 sm->assoc_rsnxe = os_memdup(ie, len); in wpa_sm_set_assoc_rsnxe()
5299 if (!sm->assoc_rsnxe) in wpa_sm_set_assoc_rsnxe()
5302 sm->assoc_rsnxe_len = len; in wpa_sm_set_assoc_rsnxe()
5305 if (sm->ssid_protection && in wpa_sm_set_assoc_rsnxe()
5306 !ieee802_11_rsnx_capab(sm->assoc_rsnxe, in wpa_sm_set_assoc_rsnxe()
5308 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_assoc_rsnxe()
5310 sm->ssid_protection = 0; in wpa_sm_set_assoc_rsnxe()
5327 int wpa_sm_set_ap_wpa_ie(struct wpa_sm *sm, const u8 *ie, size_t len) in wpa_sm_set_ap_wpa_ie() argument
5329 if (sm == NULL) in wpa_sm_set_ap_wpa_ie()
5332 os_free(sm->ap_wpa_ie); in wpa_sm_set_ap_wpa_ie()
5334 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_ap_wpa_ie()
5336 sm->ap_wpa_ie = NULL; in wpa_sm_set_ap_wpa_ie()
5337 sm->ap_wpa_ie_len = 0; in wpa_sm_set_ap_wpa_ie()
5340 sm->ap_wpa_ie = os_memdup(ie, len); in wpa_sm_set_ap_wpa_ie()
5341 if (sm->ap_wpa_ie == NULL) in wpa_sm_set_ap_wpa_ie()
5344 sm->ap_wpa_ie_len = len; in wpa_sm_set_ap_wpa_ie()
5361 int wpa_sm_set_ap_rsn_ie(struct wpa_sm *sm, const u8 *ie, size_t len) in wpa_sm_set_ap_rsn_ie() argument
5363 if (sm == NULL) in wpa_sm_set_ap_rsn_ie()
5366 os_free(sm->ap_rsn_ie); in wpa_sm_set_ap_rsn_ie()
5368 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_ap_rsn_ie()
5370 sm->ap_rsn_ie = NULL; in wpa_sm_set_ap_rsn_ie()
5371 sm->ap_rsn_ie_len = 0; in wpa_sm_set_ap_rsn_ie()
5374 sm->ap_rsn_ie = os_memdup(ie, len); in wpa_sm_set_ap_rsn_ie()
5375 if (sm->ap_rsn_ie == NULL) in wpa_sm_set_ap_rsn_ie()
5378 sm->ap_rsn_ie_len = len; in wpa_sm_set_ap_rsn_ie()
5395 int wpa_sm_set_ap_rsnxe(struct wpa_sm *sm, const u8 *ie, size_t len) in wpa_sm_set_ap_rsnxe() argument
5397 if (!sm) in wpa_sm_set_ap_rsnxe()
5400 os_free(sm->ap_rsnxe); in wpa_sm_set_ap_rsnxe()
5402 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: clearing AP RSNXE"); in wpa_sm_set_ap_rsnxe()
5403 sm->ap_rsnxe = NULL; in wpa_sm_set_ap_rsnxe()
5404 sm->ap_rsnxe_len = 0; in wpa_sm_set_ap_rsnxe()
5407 sm->ap_rsnxe = os_memdup(ie, len); in wpa_sm_set_ap_rsnxe()
5408 if (!sm->ap_rsnxe) in wpa_sm_set_ap_rsnxe()
5411 sm->ap_rsnxe_len = len; in wpa_sm_set_ap_rsnxe()
5418 int wpa_sm_set_ap_rsne_override(struct wpa_sm *sm, const u8 *ie, size_t len) in wpa_sm_set_ap_rsne_override() argument
5420 if (!sm) in wpa_sm_set_ap_rsne_override()
5423 os_free(sm->ap_rsne_override); in wpa_sm_set_ap_rsne_override()
5425 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_ap_rsne_override()
5427 sm->ap_rsne_override = NULL; in wpa_sm_set_ap_rsne_override()
5428 sm->ap_rsne_override_len = 0; in wpa_sm_set_ap_rsne_override()
5432 sm->ap_rsne_override = os_memdup(ie, len); in wpa_sm_set_ap_rsne_override()
5433 if (!sm->ap_rsne_override) in wpa_sm_set_ap_rsne_override()
5436 sm->ap_rsne_override_len = len; in wpa_sm_set_ap_rsne_override()
5443 int wpa_sm_set_ap_rsne_override_2(struct wpa_sm *sm, const u8 *ie, size_t len) in wpa_sm_set_ap_rsne_override_2() argument
5445 if (!sm) in wpa_sm_set_ap_rsne_override_2()
5448 os_free(sm->ap_rsne_override_2); in wpa_sm_set_ap_rsne_override_2()
5450 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_ap_rsne_override_2()
5452 sm->ap_rsne_override_2 = NULL; in wpa_sm_set_ap_rsne_override_2()
5453 sm->ap_rsne_override_2_len = 0; in wpa_sm_set_ap_rsne_override_2()
5457 sm->ap_rsne_override_2 = os_memdup(ie, len); in wpa_sm_set_ap_rsne_override_2()
5458 if (!sm->ap_rsne_override_2) in wpa_sm_set_ap_rsne_override_2()
5461 sm->ap_rsne_override_2_len = len; in wpa_sm_set_ap_rsne_override_2()
5468 int wpa_sm_set_ap_rsnxe_override(struct wpa_sm *sm, const u8 *ie, size_t len) in wpa_sm_set_ap_rsnxe_override() argument
5470 if (!sm) in wpa_sm_set_ap_rsnxe_override()
5473 os_free(sm->ap_rsnxe_override); in wpa_sm_set_ap_rsnxe_override()
5475 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_set_ap_rsnxe_override()
5477 sm->ap_rsnxe_override = NULL; in wpa_sm_set_ap_rsnxe_override()
5478 sm->ap_rsnxe_override_len = 0; in wpa_sm_set_ap_rsnxe_override()
5482 sm->ap_rsnxe_override = os_memdup(ie, len); in wpa_sm_set_ap_rsnxe_override()
5483 if (!sm->ap_rsnxe_override) in wpa_sm_set_ap_rsnxe_override()
5486 sm->ap_rsnxe_override_len = len; in wpa_sm_set_ap_rsnxe_override()
5502 int wpa_sm_parse_own_wpa_ie(struct wpa_sm *sm, struct wpa_ie_data *data) in wpa_sm_parse_own_wpa_ie() argument
5504 if (sm == NULL) in wpa_sm_parse_own_wpa_ie()
5507 if (sm->assoc_wpa_ie == NULL) { in wpa_sm_parse_own_wpa_ie()
5508 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, in wpa_sm_parse_own_wpa_ie()
5512 if (wpa_parse_wpa_ie(sm->assoc_wpa_ie, sm->assoc_wpa_ie_len, data)) in wpa_sm_parse_own_wpa_ie()
5518 int wpa_sm_pmksa_cache_list(struct wpa_sm *sm, char *buf, size_t len) in wpa_sm_pmksa_cache_list() argument
5520 return pmksa_cache_list(sm->pmksa, buf, len); in wpa_sm_pmksa_cache_list()
5524 struct rsn_pmksa_cache_entry * wpa_sm_pmksa_cache_head(struct wpa_sm *sm) in wpa_sm_pmksa_cache_head() argument
5526 return pmksa_cache_head(sm->pmksa); in wpa_sm_pmksa_cache_head()
5531 wpa_sm_pmksa_cache_add_entry(struct wpa_sm *sm, in wpa_sm_pmksa_cache_add_entry() argument
5534 return pmksa_cache_add_entry(sm->pmksa, entry); in wpa_sm_pmksa_cache_add_entry()
5538 void wpa_sm_pmksa_cache_add(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len, in wpa_sm_pmksa_cache_add() argument
5542 sm->cur_pmksa = pmksa_cache_add(sm->pmksa, pmk, pmk_len, pmkid, NULL, 0, in wpa_sm_pmksa_cache_add()
5543 bssid, sm->own_addr, sm->network_ctx, in wpa_sm_pmksa_cache_add()
5544 sm->key_mgmt, fils_cache_id); in wpa_sm_pmksa_cache_add()
5548 int wpa_sm_pmksa_exists(struct wpa_sm *sm, const u8 *bssid, const u8 *own_addr, in wpa_sm_pmksa_exists() argument
5551 return pmksa_cache_get(sm->pmksa, bssid, own_addr, NULL, network_ctx, in wpa_sm_pmksa_exists()
5556 struct rsn_pmksa_cache_entry * wpa_sm_pmksa_cache_get(struct wpa_sm *sm, in wpa_sm_pmksa_cache_get() argument
5562 return pmksa_cache_get(sm->pmksa, aa, sm->own_addr, pmkid, network_ctx, in wpa_sm_pmksa_cache_get()
5567 void wpa_sm_pmksa_cache_remove(struct wpa_sm *sm, in wpa_sm_pmksa_cache_remove() argument
5570 if (sm && sm->pmksa) in wpa_sm_pmksa_cache_remove()
5571 pmksa_cache_remove(sm->pmksa, entry); in wpa_sm_pmksa_cache_remove()
5575 void wpa_sm_drop_sa(struct wpa_sm *sm) in wpa_sm_drop_sa() argument
5577 wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Clear old PMK and PTK"); in wpa_sm_drop_sa()
5578 wpa_sm_clear_ptk(sm); in wpa_sm_drop_sa()
5579 sm->pmk_len = 0; in wpa_sm_drop_sa()
5580 os_memset(sm->pmk, 0, sizeof(sm->pmk)); in wpa_sm_drop_sa()
5582 os_memset(sm->xxkey, 0, sizeof(sm->xxkey)); in wpa_sm_drop_sa()
5583 sm->xxkey_len = 0; in wpa_sm_drop_sa()
5584 os_memset(sm->pmk_r0, 0, sizeof(sm->pmk_r0)); in wpa_sm_drop_sa()
5585 sm->pmk_r0_len = 0; in wpa_sm_drop_sa()
5586 os_memset(sm->pmk_r1, 0, sizeof(sm->pmk_r1)); in wpa_sm_drop_sa()
5587 sm->pmk_r1_len = 0; in wpa_sm_drop_sa()
5589 os_free(sm->pasn_r1kh); in wpa_sm_drop_sa()
5590 sm->pasn_r1kh = NULL; in wpa_sm_drop_sa()
5591 sm->n_pasn_r1kh = 0; in wpa_sm_drop_sa()
5598 bool wpa_sm_has_ft_keys(struct wpa_sm *sm, const u8 *md) in wpa_sm_has_ft_keys() argument
5600 if (!sm) in wpa_sm_has_ft_keys()
5602 if (!wpa_key_mgmt_ft(sm->key_mgmt) || in wpa_sm_has_ft_keys()
5603 os_memcmp(md, sm->key_mobility_domain, in wpa_sm_has_ft_keys()
5609 return sm->ptk_set; in wpa_sm_has_ft_keys()
5614 int wpa_sm_has_ptk_installed(struct wpa_sm *sm) in wpa_sm_has_ptk_installed() argument
5616 if (!sm) in wpa_sm_has_ptk_installed()
5618 return sm->tk_set || sm->ptk.installed; in wpa_sm_has_ptk_installed()
5622 void wpa_sm_update_replay_ctr(struct wpa_sm *sm, const u8 *replay_ctr) in wpa_sm_update_replay_ctr() argument
5624 os_memcpy(sm->rx_replay_counter, replay_ctr, WPA_REPLAY_COUNTER_LEN); in wpa_sm_update_replay_ctr()
5628 void wpa_sm_pmksa_cache_flush(struct wpa_sm *sm, void *network_ctx) in wpa_sm_pmksa_cache_flush() argument
5630 pmksa_cache_flush(sm->pmksa, network_ctx, NULL, 0, false); in wpa_sm_pmksa_cache_flush()
5634 void wpa_sm_external_pmksa_cache_flush(struct wpa_sm *sm, void *network_ctx) in wpa_sm_external_pmksa_cache_flush() argument
5636 pmksa_cache_flush(sm->pmksa, network_ctx, NULL, 0, true); in wpa_sm_external_pmksa_cache_flush()
5641 int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf) in wpa_wnmsleep_install_key() argument
5651 keylen = wpa_cipher_key_len(sm->group_cipher); in wpa_wnmsleep_install_key()
5652 gd.key_rsc_len = wpa_cipher_rsc_len(sm->group_cipher); in wpa_wnmsleep_install_key()
5653 gd.alg = wpa_cipher_to_alg(sm->group_cipher); in wpa_wnmsleep_install_key()
5669 sm, !!(keyinfo & WPA_KEY_INFO_TXRX)); in wpa_wnmsleep_install_key()
5675 if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 1)) { in wpa_wnmsleep_install_key()
5686 if (wpa_supplicant_install_igtk(sm, igtk, 1) < 0) in wpa_wnmsleep_install_key()
5692 if (sm->beacon_prot && in wpa_wnmsleep_install_key()
5693 wpa_supplicant_install_bigtk(sm, bigtk, 1) < 0) in wpa_wnmsleep_install_key()
5707 int wpa_sm_get_p2p_ip_addr(struct wpa_sm *sm, u8 *buf) in wpa_sm_get_p2p_ip_addr() argument
5709 if (sm == NULL || WPA_GET_BE32(sm->p2p_ip_addr) == 0) in wpa_sm_get_p2p_ip_addr()
5711 os_memcpy(buf, sm->p2p_ip_addr, 3 * 4); in wpa_sm_get_p2p_ip_addr()
5718 void wpa_sm_set_rx_replay_ctr(struct wpa_sm *sm, const u8 *rx_replay_counter) in wpa_sm_set_rx_replay_ctr() argument
5723 os_memcpy(sm->rx_replay_counter, rx_replay_counter, in wpa_sm_set_rx_replay_ctr()
5725 sm->rx_replay_counter_set = 1; in wpa_sm_set_rx_replay_ctr()
5730 void wpa_sm_set_ptk_kck_kek(struct wpa_sm *sm, in wpa_sm_set_ptk_kck_kek() argument
5735 os_memcpy(sm->ptk.kck, ptk_kck, ptk_kck_len); in wpa_sm_set_ptk_kck_kek()
5736 sm->ptk.kck_len = ptk_kck_len; in wpa_sm_set_ptk_kck_kek()
5740 os_memcpy(sm->ptk.kek, ptk_kek, ptk_kek_len); in wpa_sm_set_ptk_kck_kek()
5741 sm->ptk.kek_len = ptk_kek_len; in wpa_sm_set_ptk_kck_kek()
5744 sm->ptk_set = 1; in wpa_sm_set_ptk_kck_kek()
5750 void wpa_sm_set_test_assoc_ie(struct wpa_sm *sm, struct wpabuf *buf) in wpa_sm_set_test_assoc_ie() argument
5752 wpabuf_free(sm->test_assoc_ie); in wpa_sm_set_test_assoc_ie()
5753 sm->test_assoc_ie = buf; in wpa_sm_set_test_assoc_ie()
5757 void wpa_sm_set_test_eapol_m2_elems(struct wpa_sm *sm, struct wpabuf *buf) in wpa_sm_set_test_eapol_m2_elems() argument
5759 wpabuf_free(sm->test_eapol_m2_elems); in wpa_sm_set_test_eapol_m2_elems()
5760 sm->test_eapol_m2_elems = buf; in wpa_sm_set_test_eapol_m2_elems()
5764 void wpa_sm_set_test_eapol_m4_elems(struct wpa_sm *sm, struct wpabuf *buf) in wpa_sm_set_test_eapol_m4_elems() argument
5766 wpabuf_free(sm->test_eapol_m4_elems); in wpa_sm_set_test_eapol_m4_elems()
5767 sm->test_eapol_m4_elems = buf; in wpa_sm_set_test_eapol_m4_elems()
5771 const u8 * wpa_sm_get_anonce(struct wpa_sm *sm) in wpa_sm_get_anonce() argument
5773 return sm->anonce; in wpa_sm_get_anonce()
5779 unsigned int wpa_sm_get_key_mgmt(struct wpa_sm *sm) in wpa_sm_get_key_mgmt() argument
5781 return sm->key_mgmt; in wpa_sm_get_key_mgmt()
5785 const u8 * wpa_sm_get_auth_addr(struct wpa_sm *sm) in wpa_sm_get_auth_addr() argument
5787 return sm->mlo.valid_links ? sm->mlo.ap_mld_addr : sm->bssid; in wpa_sm_get_auth_addr()
5793 struct wpabuf * fils_build_auth(struct wpa_sm *sm, int dh_group, const u8 *md) in fils_build_auth() argument
5799 erp_msg = eapol_sm_build_erp_reauth_start(sm->eapol); in fils_build_auth()
5800 if (!erp_msg && !sm->cur_pmksa) { in fils_build_auth()
5807 erp_msg != NULL, sm->cur_pmksa != NULL); in fils_build_auth()
5809 sm->fils_completed = 0; in fils_build_auth()
5811 if (!sm->assoc_wpa_ie) { in fils_build_auth()
5816 if (random_get_bytes(sm->fils_nonce, FILS_NONCE_LEN) < 0 || in fils_build_auth()
5817 random_get_bytes(sm->fils_session, FILS_SESSION_LEN) < 0) in fils_build_auth()
5821 sm->fils_nonce, FILS_NONCE_LEN); in fils_build_auth()
5823 sm->fils_session, FILS_SESSION_LEN); in fils_build_auth()
5826 sm->fils_dh_group = dh_group; in fils_build_auth()
5828 crypto_ecdh_deinit(sm->fils_ecdh); in fils_build_auth()
5829 sm->fils_ecdh = crypto_ecdh_init(dh_group); in fils_build_auth()
5830 if (!sm->fils_ecdh) { in fils_build_auth()
5836 pub = crypto_ecdh_get_pubkey(sm->fils_ecdh, 1); in fils_build_auth()
5841 sm->fils_dh_elem_len = wpabuf_len(pub); in fils_build_auth()
5845 buf = wpabuf_alloc(1000 + sm->assoc_wpa_ie_len + in fils_build_auth()
5870 sm->assoc_wpa_ie, sm->assoc_wpa_ie_len); in fils_build_auth()
5871 wpabuf_put_data(buf, sm->assoc_wpa_ie, sm->assoc_wpa_ie_len); in fils_build_auth()
5889 wpabuf_put_data(buf, sm->fils_nonce, FILS_NONCE_LEN); in fils_build_auth()
5896 wpabuf_put_data(buf, sm->fils_session, FILS_SESSION_LEN); in fils_build_auth()
5899 sm->fils_erp_pmkid_set = 0; in fils_build_auth()
5908 if (fils_pmkid_erp(sm->key_mgmt, wpabuf_head(erp_msg), in fils_build_auth()
5910 sm->fils_erp_pmkid) == 0) in fils_build_auth()
5911 sm->fils_erp_pmkid_set = 1; in fils_build_auth()
5924 int fils_process_auth(struct wpa_sm *sm, const u8 *bssid, const u8 *data, in fils_process_auth() argument
5946 os_memcpy(sm->bssid, bssid, ETH_ALEN); in fils_process_auth()
5955 if (sm->fils_dh_group) { in fils_process_auth()
5968 if (group != sm->fils_dh_group) { in fils_process_auth()
5971 group, sm->fils_dh_group); in fils_process_auth()
5976 if ((size_t) (end - pos) < sm->fils_dh_elem_len) { in fils_process_auth()
5981 if (!sm->fils_ecdh) { in fils_process_auth()
5985 dh_ss = crypto_ecdh_set_peerkey(sm->fils_ecdh, 1, pos, in fils_process_auth()
5986 sm->fils_dh_elem_len); in fils_process_auth()
5993 g_ap_len = sm->fils_dh_elem_len; in fils_process_auth()
5994 pos += sm->fils_dh_elem_len; in fils_process_auth()
6018 os_memcpy(sm->fils_anonce, elems.fils_nonce, FILS_NONCE_LEN); in fils_process_auth()
6019 wpa_hexdump(MSG_DEBUG, "FILS: ANonce", sm->fils_anonce, FILS_NONCE_LEN); in fils_process_auth()
6022 if (wpa_key_mgmt_ft(sm->key_mgmt)) { in fils_process_auth()
6029 sm->key_mgmt, false) < 0) { in fils_process_auth()
6039 os_memcpy(sm->r0kh_id, parse.r0kh_id, parse.r0kh_id_len); in fils_process_auth()
6040 sm->r0kh_id_len = parse.r0kh_id_len; in fils_process_auth()
6042 sm->r0kh_id, sm->r0kh_id_len); in fils_process_auth()
6049 os_memcpy(sm->r1kh_id, parse.r1kh_id, FT_R1KH_ID_LEN); in fils_process_auth()
6051 sm->r1kh_id, FT_R1KH_ID_LEN); in fils_process_auth()
6055 wpabuf_free(sm->fils_ft_ies); in fils_process_auth()
6056 sm->fils_ft_ies = wpabuf_alloc(2 + elems.mdie_len + in fils_process_auth()
6058 if (!sm->fils_ft_ies) in fils_process_auth()
6060 wpabuf_put_data(sm->fils_ft_ies, elems.mdie - 2, in fils_process_auth()
6062 wpabuf_put_data(sm->fils_ft_ies, elems.ftie - 2, in fils_process_auth()
6065 wpabuf_free(sm->fils_ft_ies); in fils_process_auth()
6066 sm->fils_ft_ies = NULL; in fils_process_auth()
6080 if (os_memcmp(sm->cur_pmksa->pmkid, rsn.pmkid, PMKID_LEN) != 0) in fils_process_auth()
6084 sm->cur_pmksa->pmkid, PMKID_LEN); in fils_process_auth()
6091 if (!pmkid_match && sm->cur_pmksa) { in fils_process_auth()
6094 sm->cur_pmksa = NULL; in fils_process_auth()
6104 if (os_memcmp(sm->fils_session, elems.fils_session, FILS_SESSION_LEN) in fils_process_auth()
6108 sm->fils_session, FILS_SESSION_LEN); in fils_process_auth()
6113 if (!sm->cur_pmksa && elems.wrapped_data) { in fils_process_auth()
6120 eapol_sm_process_erp_finish(sm->eapol, elems.wrapped_data, in fils_process_auth()
6122 if (eapol_sm_failed(sm->eapol)) in fils_process_auth()
6126 res = eapol_sm_get_key(sm->eapol, rmsk, rmsk_len); in fils_process_auth()
6129 res = eapol_sm_get_key(sm->eapol, rmsk, rmsk_len); in fils_process_auth()
6134 res = fils_rmsk_to_pmk(sm->key_mgmt, rmsk, rmsk_len, in fils_process_auth()
6135 sm->fils_nonce, sm->fils_anonce, in fils_process_auth()
6138 sm->pmk, &sm->pmk_len); in fils_process_auth()
6149 if (!sm->fils_erp_pmkid_set) { in fils_process_auth()
6153 wpa_hexdump(MSG_DEBUG, "FILS: PMKID", sm->fils_erp_pmkid, in fils_process_auth()
6156 sm->cur_pmksa = pmksa_cache_add(sm->pmksa, sm->pmk, sm->pmk_len, in fils_process_auth()
6157 sm->fils_erp_pmkid, NULL, 0, in fils_process_auth()
6158 sm->bssid, sm->own_addr, in fils_process_auth()
6159 sm->network_ctx, sm->key_mgmt, in fils_process_auth()
6163 if (!sm->cur_pmksa) { in fils_process_auth()
6169 if (sm->force_kdk_derivation || in fils_process_auth()
6170 (sm->secure_ltf && in fils_process_auth()
6171 ieee802_11_rsnx_capab(sm->ap_rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF))) in fils_process_auth()
6176 if (fils_pmk_to_ptk(sm->pmk, sm->pmk_len, sm->own_addr, in fils_process_auth()
6177 wpa_sm_get_auth_addr(sm), in fils_process_auth()
6178 sm->fils_nonce, sm->fils_anonce, in fils_process_auth()
6181 &sm->ptk, ick, &ick_len, in fils_process_auth()
6182 sm->key_mgmt, sm->pairwise_cipher, in fils_process_auth()
6183 sm->fils_ft, &sm->fils_ft_len, in fils_process_auth()
6190 if (sm->secure_ltf && in fils_process_auth()
6191 ieee802_11_rsnx_capab(sm->ap_rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF) && in fils_process_auth()
6192 wpa_ltf_keyseed(&sm->ptk, sm->key_mgmt, sm->pairwise_cipher)) { in fils_process_auth()
6201 sm->ptk_set = 1; in fils_process_auth()
6202 sm->tptk_set = 0; in fils_process_auth()
6203 os_memset(&sm->tptk, 0, sizeof(sm->tptk)); in fils_process_auth()
6206 if (sm->fils_dh_group) { in fils_process_auth()
6207 if (!sm->fils_ecdh) { in fils_process_auth()
6211 pub = crypto_ecdh_get_pubkey(sm->fils_ecdh, 1); in fils_process_auth()
6225 res = fils_key_auth_sk(ick, ick_len, sm->fils_nonce, in fils_process_auth()
6226 sm->fils_anonce, sm->own_addr, sm->bssid, in fils_process_auth()
6228 sm->key_mgmt, sm->fils_key_auth_sta, in fils_process_auth()
6229 sm->fils_key_auth_ap, in fils_process_auth()
6230 &sm->fils_key_auth_len); in fils_process_auth()
6248 static int fils_ft_build_assoc_req_rsne(struct wpa_sm *sm, struct wpabuf *buf) in fils_ft_build_assoc_req_rsne() argument
6253 int use_sha384 = wpa_key_mgmt_sha384(sm->key_mgmt); in fils_ft_build_assoc_req_rsne()
6261 if (!wpa_cipher_valid_group(sm->group_cipher)) { in fils_ft_build_assoc_req_rsne()
6263 sm->group_cipher); in fils_ft_build_assoc_req_rsne()
6268 sm->group_cipher)); in fils_ft_build_assoc_req_rsne()
6274 if (!wpa_cipher_valid_pairwise(sm->pairwise_cipher)) { in fils_ft_build_assoc_req_rsne()
6276 sm->pairwise_cipher); in fils_ft_build_assoc_req_rsne()
6281 sm->pairwise_cipher)); in fils_ft_build_assoc_req_rsne()
6288 if (sm->key_mgmt == WPA_KEY_MGMT_FT_FILS_SHA256) in fils_ft_build_assoc_req_rsne()
6290 else if (sm->key_mgmt == WPA_KEY_MGMT_FT_FILS_SHA384) in fils_ft_build_assoc_req_rsne()
6295 sm->key_mgmt); in fils_ft_build_assoc_req_rsne()
6301 if (sm->mfp) in fils_ft_build_assoc_req_rsne()
6303 if (sm->mfp == 2) in fils_ft_build_assoc_req_rsne()
6305 if (sm->ocv) in fils_ft_build_assoc_req_rsne()
6307 if (sm->ext_key_id) in fils_ft_build_assoc_req_rsne()
6316 sm->fils_ft, sm->fils_ft_len); in fils_ft_build_assoc_req_rsne()
6317 wpa_hexdump_ascii(MSG_DEBUG, "FILS+FT: SSID", sm->ssid, sm->ssid_len); in fils_ft_build_assoc_req_rsne()
6319 sm->mobility_domain, MOBILITY_DOMAIN_ID_LEN); in fils_ft_build_assoc_req_rsne()
6321 sm->r0kh_id, sm->r0kh_id_len); in fils_ft_build_assoc_req_rsne()
6322 if (wpa_derive_pmk_r0(sm->fils_ft, sm->fils_ft_len, sm->ssid, in fils_ft_build_assoc_req_rsne()
6323 sm->ssid_len, sm->mobility_domain, in fils_ft_build_assoc_req_rsne()
6324 sm->r0kh_id, sm->r0kh_id_len, sm->own_addr, in fils_ft_build_assoc_req_rsne()
6325 sm->pmk_r0, sm->pmk_r0_name, sm->key_mgmt) < 0) { in fils_ft_build_assoc_req_rsne()
6329 if (wpa_key_mgmt_sae_ext_key(sm->key_mgmt)) in fils_ft_build_assoc_req_rsne()
6330 sm->pmk_r0_len = sm->fils_ft_len; in fils_ft_build_assoc_req_rsne()
6332 sm->pmk_r0_len = use_sha384 ? SHA384_MAC_LEN : PMK_LEN; in fils_ft_build_assoc_req_rsne()
6334 MAC2STR(sm->r1kh_id)); in fils_ft_build_assoc_req_rsne()
6336 if (wpa_derive_pmk_r1_name(sm->pmk_r0_name, sm->r1kh_id, sm->own_addr, in fils_ft_build_assoc_req_rsne()
6337 sm->pmk_r1_name, sm->fils_ft_len) < 0) { in fils_ft_build_assoc_req_rsne()
6341 os_memcpy(pos, sm->pmk_r1_name, WPA_PMK_NAME_LEN); in fils_ft_build_assoc_req_rsne()
6343 os_memcpy(sm->key_mobility_domain, sm->mobility_domain, in fils_ft_build_assoc_req_rsne()
6346 if (sm->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC) { in fils_ft_build_assoc_req_rsne()
6358 struct wpabuf * fils_build_assoc_req(struct wpa_sm *sm, const u8 **kek, in fils_build_assoc_req() argument
6370 if (sm->fils_ft_ies) in fils_build_assoc_req()
6371 len += wpabuf_len(sm->fils_ft_ies); in fils_build_assoc_req()
6372 if (wpa_key_mgmt_ft(sm->key_mgmt)) in fils_build_assoc_req()
6382 if (wpa_key_mgmt_ft(sm->key_mgmt) && sm->fils_ft_ies) { in fils_build_assoc_req()
6384 wpabuf_put_buf(buf, sm->fils_ft_ies); in fils_build_assoc_req()
6386 if (fils_ft_build_assoc_req_rsne(sm, buf) < 0) { in fils_build_assoc_req()
6398 wpabuf_put_data(buf, sm->fils_session, FILS_SESSION_LEN); in fils_build_assoc_req()
6407 wpabuf_put_u8(buf, 1 + sm->fils_key_auth_len); /* Length */ in fils_build_assoc_req()
6410 wpabuf_put_data(buf, sm->fils_key_auth_sta, sm->fils_key_auth_len); in fils_build_assoc_req()
6444 if (wpa_sm_ocv_enabled(sm)) { in fils_build_assoc_req()
6448 if (wpa_sm_channel_info(sm, &ci) != 0) { in fils_build_assoc_req()
6455 if (sm->oci_freq_override_fils_assoc) { in fils_build_assoc_req()
6459 sm->oci_freq_override_fils_assoc); in fils_build_assoc_req()
6460 ci.frequency = sm->oci_freq_override_fils_assoc; in fils_build_assoc_req()
6474 *kek = sm->ptk.kek; in fils_build_assoc_req()
6475 *kek_len = sm->ptk.kek_len; in fils_build_assoc_req()
6477 *snonce = sm->fils_nonce; in fils_build_assoc_req()
6480 *anonce = sm->fils_anonce; in fils_build_assoc_req()
6488 static void fils_process_hlp_resp(struct wpa_sm *sm, const u8 *resp, size_t len) in fils_process_hlp_resp() argument
6500 wpa_sm_fils_hlp_rx(sm, resp, resp + ETH_ALEN, pos, end - pos); in fils_process_hlp_resp()
6504 static void fils_process_hlp_container(struct wpa_sm *sm, const u8 *pos, in fils_process_hlp_container() argument
6546 fils_process_hlp_resp(sm, tmp, tmp_pos - tmp); in fils_process_hlp_container()
6553 int fils_process_assoc_resp(struct wpa_sm *sm, const u8 *resp, size_t len) in fils_process_assoc_resp() argument
6564 if (!sm || !sm->ptk_set) { in fils_process_assoc_resp()
6569 if (!wpa_key_mgmt_fils(sm->key_mgmt)) { in fils_process_assoc_resp()
6574 if (sm->fils_completed) { in fils_process_assoc_resp()
6602 if (os_memcmp(elems.fils_session, sm->fils_session, in fils_process_assoc_resp()
6608 sm->fils_session, FILS_SESSION_LEN); in fils_process_assoc_resp()
6619 } else if (wpa_compare_rsn_ie(wpa_key_mgmt_ft(sm->key_mgmt), in fils_process_assoc_resp()
6620 sm->ap_rsn_ie, sm->ap_rsn_ie_len, in fils_process_assoc_resp()
6622 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, in fils_process_assoc_resp()
6625 sm->ap_rsn_ie, sm->ap_rsn_ie_len); in fils_process_assoc_resp()
6637 if (elems.fils_key_confirm_len != sm->fils_key_auth_len) { in fils_process_assoc_resp()
6641 (int) sm->fils_key_auth_len); in fils_process_assoc_resp()
6644 if (os_memcmp(elems.fils_key_confirm, sm->fils_key_auth_ap, in fils_process_assoc_resp()
6645 sm->fils_key_auth_len) != 0) { in fils_process_assoc_resp()
6651 sm->fils_key_auth_ap, sm->fils_key_auth_len); in fils_process_assoc_resp()
6656 if (wpa_sm_ocv_enabled(sm)) { in fils_process_assoc_resp()
6659 if (wpa_sm_channel_info(sm, &ci) != 0) { in fils_process_assoc_resp()
6668 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, OCV_FAILURE in fils_process_assoc_resp()
6670 MAC2STR(sm->bssid), ocv_errorstr); in fils_process_assoc_resp()
6677 if (wpa_key_mgmt_ft(sm->key_mgmt) && sm->fils_ft_ies) { in fils_process_assoc_resp()
6685 os_memcmp(rsn.pmkid, sm->pmk_r1_name, in fils_process_assoc_resp()
6713 if (wpa_supplicant_check_group_cipher(sm, sm->group_cipher, in fils_process_assoc_resp()
6720 gd.tx = wpa_supplicant_gtk_tx_bit_workaround(sm, in fils_process_assoc_resp()
6730 if (wpa_supplicant_install_gtk(sm, &gd, elems.key_delivery, 0) < 0) { in fils_process_assoc_resp()
6735 if (ieee80211w_set_keys(sm, &kde) < 0) { in fils_process_assoc_resp()
6740 alg = wpa_cipher_to_alg(sm->pairwise_cipher); in fils_process_assoc_resp()
6741 keylen = wpa_cipher_key_len(sm->pairwise_cipher); in fils_process_assoc_resp()
6742 if (keylen <= 0 || (unsigned int) keylen != sm->ptk.tk_len) { in fils_process_assoc_resp()
6744 keylen, (long unsigned int) sm->ptk.tk_len); in fils_process_assoc_resp()
6748 rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher); in fils_process_assoc_resp()
6750 sm->ptk.tk, keylen); in fils_process_assoc_resp()
6751 if (wpa_sm_set_key(sm, -1, alg, wpa_sm_get_auth_addr(sm), 0, 1, in fils_process_assoc_resp()
6753 sm->ptk.tk, keylen, KEY_FLAG_PAIRWISE_RX_TX) < 0) { in fils_process_assoc_resp()
6754 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, in fils_process_assoc_resp()
6757 alg, keylen, MAC2STR(wpa_sm_get_auth_addr(sm))); in fils_process_assoc_resp()
6761 wpa_sm_store_ptk(sm, sm->bssid, sm->pairwise_cipher, in fils_process_assoc_resp()
6762 sm->dot11RSNAConfigPMKLifetime, &sm->ptk); in fils_process_assoc_resp()
6767 os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN); in fils_process_assoc_resp()
6768 sm->ptk.tk_len = 0; in fils_process_assoc_resp()
6769 sm->ptk.installed = 1; in fils_process_assoc_resp()
6770 sm->tk_set = true; in fils_process_assoc_resp()
6773 fils_process_hlp_container(sm, ie_start, end - ie_start); in fils_process_assoc_resp()
6778 sm->fils_completed = 1; in fils_process_assoc_resp()
6782 wpa_sm_transition_disable(sm, kde.transition_disable[0]); in fils_process_assoc_resp()
6791 void wpa_sm_set_reset_fils_completed(struct wpa_sm *sm, int set) in wpa_sm_set_reset_fils_completed() argument
6793 if (sm) in wpa_sm_set_reset_fils_completed()
6794 sm->fils_completed = !!set; in wpa_sm_set_reset_fils_completed()
6800 int wpa_fils_is_completed(struct wpa_sm *sm) in wpa_fils_is_completed() argument
6803 return sm && sm->fils_completed; in wpa_fils_is_completed()
6812 struct wpabuf * owe_build_assoc_req(struct wpa_sm *sm, u16 group) in owe_build_assoc_req() argument
6826 crypto_ecdh_deinit(sm->owe_ecdh); in owe_build_assoc_req()
6827 sm->owe_ecdh = crypto_ecdh_init(group); in owe_build_assoc_req()
6828 if (!sm->owe_ecdh) in owe_build_assoc_req()
6830 sm->owe_group = group; in owe_build_assoc_req()
6831 pub = crypto_ecdh_get_pubkey(sm->owe_ecdh, 0); in owe_build_assoc_req()
6851 crypto_ecdh_deinit(sm->owe_ecdh); in owe_build_assoc_req()
6852 sm->owe_ecdh = NULL; in owe_build_assoc_req()
6857 int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *bssid, in owe_process_assoc_resp() argument
6879 if (sm->cur_pmksa && elems.rsn_ie && in owe_process_assoc_resp()
6883 os_memcmp(sm->cur_pmksa->pmkid, data.pmkid, PMKID_LEN) == 0) { in owe_process_assoc_resp()
6885 wpa_sm_set_pmk_from_pmksa(sm); in owe_process_assoc_resp()
6896 if (group != sm->owe_group) { in owe_process_assoc_resp()
6903 if (!sm->owe_ecdh) { in owe_process_assoc_resp()
6917 secret = crypto_ecdh_set_peerkey(sm->owe_ecdh, 0, in owe_process_assoc_resp()
6929 pub = crypto_ecdh_get_pubkey(sm->owe_ecdh, 0); in owe_process_assoc_resp()
6970 wpabuf_put_le16(hkey, sm->owe_group); /* group */ in owe_process_assoc_resp()
6991 os_strlen(info), sm->pmk, hash_len); in owe_process_assoc_resp()
6994 os_strlen(info), sm->pmk, hash_len); in owe_process_assoc_resp()
6997 os_strlen(info), sm->pmk, hash_len); in owe_process_assoc_resp()
7000 sm->pmk_len = 0; in owe_process_assoc_resp()
7003 sm->pmk_len = hash_len; in owe_process_assoc_resp()
7005 wpa_hexdump_key(MSG_DEBUG, "OWE: PMK", sm->pmk, sm->pmk_len); in owe_process_assoc_resp()
7007 pmksa_cache_add(sm->pmksa, sm->pmk, sm->pmk_len, pmkid, NULL, 0, in owe_process_assoc_resp()
7008 bssid, sm->own_addr, sm->network_ctx, sm->key_mgmt, in owe_process_assoc_resp()
7017 void wpa_sm_set_fils_cache_id(struct wpa_sm *sm, const u8 *fils_cache_id) in wpa_sm_set_fils_cache_id() argument
7020 if (sm && fils_cache_id) { in wpa_sm_set_fils_cache_id()
7021 sm->fils_cache_id_set = 1; in wpa_sm_set_fils_cache_id()
7022 os_memcpy(sm->fils_cache_id, fils_cache_id, FILS_CACHE_ID_LEN); in wpa_sm_set_fils_cache_id()
7029 void wpa_sm_set_dpp_z(struct wpa_sm *sm, const struct wpabuf *z) in wpa_sm_set_dpp_z() argument
7031 if (sm) { in wpa_sm_set_dpp_z()
7032 wpabuf_clear_free(sm->dpp_z); in wpa_sm_set_dpp_z()
7033 sm->dpp_z = z ? wpabuf_dup(z) : NULL; in wpa_sm_set_dpp_z()
7041 void wpa_pasn_sm_set_caps(struct wpa_sm *sm, unsigned int flags2) in wpa_pasn_sm_set_caps() argument
7044 sm->secure_ltf = 1; in wpa_pasn_sm_set_caps()
7046 sm->secure_rtt = 1; in wpa_pasn_sm_set_caps()
7048 sm->prot_range_neg = 1; in wpa_pasn_sm_set_caps()
7054 void wpa_sm_pmksa_cache_reconfig(struct wpa_sm *sm) in wpa_sm_pmksa_cache_reconfig() argument
7056 if (sm) in wpa_sm_pmksa_cache_reconfig()
7057 pmksa_cache_reconfig(sm->pmksa); in wpa_sm_pmksa_cache_reconfig()
7061 struct rsn_pmksa_cache * wpa_sm_get_pmksa_cache(struct wpa_sm *sm) in wpa_sm_get_pmksa_cache() argument
7063 return sm ? sm->pmksa : NULL; in wpa_sm_get_pmksa_cache()
7067 void wpa_sm_set_cur_pmksa(struct wpa_sm *sm, in wpa_sm_set_cur_pmksa() argument
7070 if (sm) in wpa_sm_set_cur_pmksa()
7071 sm->cur_pmksa = entry; in wpa_sm_set_cur_pmksa()
7075 void wpa_sm_set_driver_bss_selection(struct wpa_sm *sm, in wpa_sm_set_driver_bss_selection() argument
7078 if (sm) in wpa_sm_set_driver_bss_selection()
7079 sm->driver_bss_selection = driver_bss_selection; in wpa_sm_set_driver_bss_selection()