WPA Supplicant - WPA state machine and EAPOL-Key processing. More...

#include "includes.h"
#include "common.h"
#include "crypto/aes_wrap.h"
#include "crypto/crypto.h"
#include "crypto/random.h"
#include "common/ieee802_11_defs.h"
#include "eapol_supp/eapol_supp_sm.h"
#include "wpa.h"
#include "eloop.h"
#include "preauth.h"
#include "pmksa_cache.h"
#include "wpa_i.h"
#include "wpa_ie.h"
#include "peerkey.h"

Data Structures
struct	wpa_gtk_data
Defines
#define	RSN_SUITE "%02x-%02x-%02x-%d"
#define	RSN_SUITE_ARG(s) ((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff
Functions
void	wpa_eapol_key_send (struct wpa_sm sm, const u8 kck, int ver, const u8 dest, u16 proto, u8 msg, size_t msg_len, u8 *key_mic)
	Send WPA/RSN EAPOL-Key message.
void	wpa_sm_key_request (struct wpa_sm *sm, int error, int pairwise)
	Send EAPOL-Key Request.
int	wpa_supplicant_send_2_of_4 (struct wpa_sm sm, const unsigned char dst, const struct wpa_eapol_key key, int ver, const u8 nonce, const u8 wpa_ie, size_t wpa_ie_len, struct wpa_ptk ptk)
	Send message 2 of WPA/RSN 4-Way Handshake.
int	wpa_supplicant_send_4_of_4 (struct wpa_sm sm, const unsigned char dst, const struct wpa_eapol_key key, u16 ver, u16 key_info, const u8 kde, size_t kde_len, struct wpa_ptk *ptk)
	Send message 4 of WPA/RSN 4-Way Handshake.
void	wpa_sm_aborted_cached (struct wpa_sm *sm)
	Notify WPA that PMKSA caching was aborted.
int	wpa_sm_rx_eapol (struct wpa_sm sm, const u8 src_addr, const u8 *buf, size_t len)
	Process received WPA EAPOL frames.
int	wpa_sm_get_mib (struct wpa_sm sm, char buf, size_t buflen)
	Dump text list of MIB entries.
struct wpa_sm *	wpa_sm_init (struct wpa_sm_ctx *ctx)
	Initialize WPA state machine.
void	wpa_sm_deinit (struct wpa_sm *sm)
	Deinitialize WPA state machine.
void	wpa_sm_notify_assoc (struct wpa_sm sm, const u8 bssid)
	Notify WPA state machine about association.
void	wpa_sm_notify_disassoc (struct wpa_sm *sm)
	Notify WPA state machine about disassociation.
void	wpa_sm_set_pmk (struct wpa_sm sm, const u8 pmk, size_t pmk_len)
	Set PMK.
void	wpa_sm_set_pmk_from_pmksa (struct wpa_sm *sm)
	Set PMK based on the current PMKSA.
void	wpa_sm_set_fast_reauth (struct wpa_sm *sm, int fast_reauth)
	Set fast reauthentication (EAP) enabled/disabled.
void	wpa_sm_set_scard_ctx (struct wpa_sm sm, void scard_ctx)
	Set context pointer for smartcard callbacks.
void	wpa_sm_set_config (struct wpa_sm sm, struct rsn_supp_config config)
	Notification of current configration change.
void	wpa_sm_set_own_addr (struct wpa_sm sm, const u8 addr)
	Set own MAC address.
void	wpa_sm_set_ifname (struct wpa_sm sm, const char ifname, const char *bridge_ifname)
	Set network interface name.
void	wpa_sm_set_eapol (struct wpa_sm sm, struct eapol_sm eapol)
	Set EAPOL state machine pointer.
int	wpa_sm_set_param (struct wpa_sm *sm, enum wpa_sm_conf_params param, unsigned int value)
	Set WPA state machine parameters.
unsigned int	wpa_sm_get_param (struct wpa_sm *sm, enum wpa_sm_conf_params param)
	Get WPA state machine parameters.
int	wpa_sm_get_status (struct wpa_sm sm, char buf, size_t buflen, int verbose)
	Get WPA state machine.
int	wpa_sm_set_assoc_wpa_ie_default (struct wpa_sm sm, u8 wpa_ie, size_t *wpa_ie_len)
	Generate own WPA/RSN IE from configuration.
int	wpa_sm_set_assoc_wpa_ie (struct wpa_sm sm, const u8 ie, size_t len)
	Set own WPA/RSN IE from (Re)AssocReq.
int	wpa_sm_set_ap_wpa_ie (struct wpa_sm sm, const u8 ie, size_t len)
	Set AP WPA IE from Beacon/ProbeResp.
int	wpa_sm_set_ap_rsn_ie (struct wpa_sm sm, const u8 ie, size_t len)
	Set AP RSN IE from Beacon/ProbeResp.
int	wpa_sm_parse_own_wpa_ie (struct wpa_sm sm, struct wpa_ie_data data)
	Parse own WPA/RSN IE.
int	wpa_sm_pmksa_cache_list (struct wpa_sm sm, char buf, size_t len)
void	wpa_sm_drop_sa (struct wpa_sm *sm)
int	wpa_sm_has_ptk (struct wpa_sm *sm)
void	wpa_sm_update_replay_ctr (struct wpa_sm sm, const u8 replay_ctr)
void	wpa_sm_pmksa_cache_flush (struct wpa_sm sm, void network_ctx)

Detailed Description

WPA Supplicant - WPA state machine and EAPOL-Key processing.

Copyright: Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>

This software may be distributed under the terms of the BSD license. See README for more details.

Function Documentation

void wpa_eapol_key_send	(	struct wpa_sm *	sm,
		const u8 *	kck,
		int	ver,
		const u8 *	dest,
		u16	proto,
		u8 *	msg,
		size_t	msg_len,
		u8 *	key_mic
	)

Send WPA/RSN EAPOL-Key message.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
kck	Key Confirmation Key (KCK, part of PTK)
ver	Version field from Key Info
dest	Destination address for the frame
proto	Ethertype (usually ETH_P_EAPOL)
msg	EAPOL-Key message
msg_len	Length of message
key_mic	Pointer to the buffer to which the EAPOL-Key MIC is written

void wpa_sm_aborted_cached ( struct wpa_sm * sm )

Notify WPA that PMKSA caching was aborted.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()

void wpa_sm_deinit ( struct wpa_sm * sm )

Deinitialize WPA state machine.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()

int wpa_sm_get_mib	(	struct wpa_sm *	sm,
		char *	buf,
		size_t	buflen
	)

Dump text list of MIB entries.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
buf	Buffer for the list
buflen	Length of the buffer

Returns:: Number of bytes written to buffer

This function is used fetch dot11 MIB variables.

unsigned int wpa_sm_get_param	(	struct wpa_sm *	sm,
		enum wpa_sm_conf_params	param
	)

Get WPA state machine parameters.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
param	Parameter field

Returns:: Parameter value

int wpa_sm_get_status	(	struct wpa_sm *	sm,
		char *	buf,
		size_t	buflen,
		int	verbose
	)

Get WPA state machine.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
buf	Buffer for status information
buflen	Maximum buffer length
verbose	Whether to include verbose status information

Returns:: Number of bytes written to buf.

Query WPA state machine for status information. This function fills in a text area with current status information. If the buffer (buf) is not large enough, status information will be truncated to fit the buffer.

struct wpa_sm* wpa_sm_init ( struct wpa_sm_ctx * ctx ) [read]

Initialize WPA state machine.

Parameters:

ctx	Context pointer for callbacks; this needs to be an allocated buffer

Returns:: Pointer to the allocated WPA state machine data

This function is used to allocate a new WPA state machine and the returned value is passed to all WPA state machine calls.

void wpa_sm_key_request	(	struct wpa_sm *	sm,
		int	error,
		int	pairwise
	)

Send EAPOL-Key Request.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
error	Indicate whether this is an Michael MIC error report
pairwise	1 = error report for pairwise packet, 0 = for group packet

Send an EAPOL-Key Request to the current authenticator. This function is used to request rekeying and it is usually called when a local Michael MIC failure is detected.

void wpa_sm_notify_assoc	(	struct wpa_sm *	sm,
		const u8 *	bssid
	)

Notify WPA state machine about association.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
bssid	The BSSID of the new association

This function is called to let WPA state machine know that the connection was established.

void wpa_sm_notify_disassoc ( struct wpa_sm * sm )

Notify WPA state machine about disassociation.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()

This function is called to let WPA state machine know that the connection was lost. This will abort any existing pre-authentication session.

int wpa_sm_parse_own_wpa_ie	(	struct wpa_sm *	sm,
		struct wpa_ie_data *	data
	)

Parse own WPA/RSN IE.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
data	Pointer to data area for parsing results

Returns:: 0 on success, -1 if IE is not known, or -2 on parsing failure

Parse the contents of the own WPA or RSN IE from (Re)AssocReq and write the parsed data into data.

int wpa_sm_rx_eapol	(	struct wpa_sm *	sm,
		const u8 *	src_addr,
		const u8 *	buf,
		size_t	len
	)

Process received WPA EAPOL frames.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
src_addr	Source MAC address of the EAPOL packet
buf	Pointer to the beginning of the EAPOL data (EAPOL header)
len	Length of the EAPOL frame

Returns:: 1 = WPA EAPOL-Key processed, 0 = not a WPA EAPOL-Key, -1 failure

This function is called for each received EAPOL frame. Other than EAPOL-Key frames can be skipped if filtering is done elsewhere. wpa_sm_rx_eapol() is only processing WPA and WPA2 EAPOL-Key frames.

The received EAPOL-Key packets are validated and valid packets are replied to. In addition, key material (PTK, GTK) is configured at the end of a successful key handshake.

int wpa_sm_set_ap_rsn_ie	(	struct wpa_sm *	sm,
		const u8 *	ie,
		size_t	len
	)

Set AP RSN IE from Beacon/ProbeResp.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
ie	Pointer to IE data (starting from id)
len	IE length

Returns:: 0 on success, -1 on failure

Inform WPA state machine about the RSN IE used in Beacon / Probe Response frame.

int wpa_sm_set_ap_wpa_ie	(	struct wpa_sm *	sm,
		const u8 *	ie,
		size_t	len
	)

Set AP WPA IE from Beacon/ProbeResp.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
ie	Pointer to IE data (starting from id)
len	IE length

Returns:: 0 on success, -1 on failure

Inform WPA state machine about the WPA IE used in Beacon / Probe Response frame.

int wpa_sm_set_assoc_wpa_ie	(	struct wpa_sm *	sm,
		const u8 *	ie,
		size_t	len
	)

Set own WPA/RSN IE from (Re)AssocReq.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
ie	Pointer to IE data (starting from id)
len	IE length

Returns:: 0 on success, -1 on failure

Inform WPA state machine about the WPA/RSN IE used in (Re)Association Request frame. The IE will be used to override the default value generated with wpa_sm_set_assoc_wpa_ie_default().

int wpa_sm_set_assoc_wpa_ie_default	(	struct wpa_sm *	sm,
		u8 *	wpa_ie,
		size_t *	wpa_ie_len
	)

Generate own WPA/RSN IE from configuration.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
wpa_ie	Pointer to buffer for WPA/RSN IE
wpa_ie_len	Pointer to the length of the wpa_ie buffer

Returns:: 0 on success, -1 on failure

void wpa_sm_set_config	(	struct wpa_sm *	sm,
		struct rsn_supp_config *	config
	)

Notification of current configration change.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
config	Pointer to current network configuration

Notify WPA state machine that configuration has changed. config will be stored as a backpointer to network configuration. This can be NULL to clear the stored pointed.

void wpa_sm_set_eapol	(	struct wpa_sm *	sm,
		struct eapol_sm *	eapol
	)

Set EAPOL state machine pointer.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
eapol	Pointer to EAPOL state machine allocated with eapol_sm_init()

void wpa_sm_set_fast_reauth	(	struct wpa_sm *	sm,
		int	fast_reauth
	)

Set fast reauthentication (EAP) enabled/disabled.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
fast_reauth	Whether fast reauthentication (EAP) is allowed

void wpa_sm_set_ifname	(	struct wpa_sm *	sm,
		const char *	ifname,
		const char *	bridge_ifname
	)

Set network interface name.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
ifname	Interface name
bridge_ifname	Optional bridge interface name (for pre-auth)

void wpa_sm_set_own_addr	(	struct wpa_sm *	sm,
		const u8 *	addr
	)

Set own MAC address.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
addr	Own MAC address

int wpa_sm_set_param	(	struct wpa_sm *	sm,
		enum wpa_sm_conf_params	param,
		unsigned int	value
	)

Set WPA state machine parameters.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
param	Parameter field
value	Parameter value

Returns:: 0 on success, -1 on failure

void wpa_sm_set_pmk	(	struct wpa_sm *	sm,
		const u8 *	pmk,
		size_t	pmk_len
	)

Set PMK.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
pmk	The new PMK
pmk_len	The length of the new PMK in bytes

Configure the PMK for WPA state machine.

void wpa_sm_set_pmk_from_pmksa ( struct wpa_sm * sm )

Set PMK based on the current PMKSA.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()

Take the PMK from the current PMKSA into use. If no PMKSA is active, the PMK will be cleared.

void wpa_sm_set_scard_ctx	(	struct wpa_sm *	sm,
		void *	scard_ctx
	)

Set context pointer for smartcard callbacks.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
scard_ctx	Context pointer for smartcard related callback functions

int wpa_supplicant_send_2_of_4	(	struct wpa_sm *	sm,
		const unsigned char *	dst,
		const struct wpa_eapol_key *	key,
		int	ver,
		const u8 *	nonce,
		const u8 *	wpa_ie,
		size_t	wpa_ie_len,
		struct wpa_ptk *	ptk
	)

Send message 2 of WPA/RSN 4-Way Handshake.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
dst	Destination address for the frame
key	Pointer to the EAPOL-Key frame header
ver	Version bits from EAPOL-Key Key Info
nonce	Nonce value for the EAPOL-Key frame
wpa_ie	WPA/RSN IE
wpa_ie_len	Length of the WPA/RSN IE
ptk	PTK to use for keyed hash and encryption

Returns:: 0 on success, -1 on failure

int wpa_supplicant_send_4_of_4	(	struct wpa_sm *	sm,
		const unsigned char *	dst,
		const struct wpa_eapol_key *	key,
		u16	ver,
		u16	key_info,
		const u8 *	kde,
		size_t	kde_len,
		struct wpa_ptk *	ptk
	)

Send message 4 of WPA/RSN 4-Way Handshake.

Parameters:

sm	Pointer to WPA state machine data from wpa_sm_init()
dst	Destination address for the frame
key	Pointer to the EAPOL-Key frame header
ver	Version bits from EAPOL-Key Key Info
key_info	Key Info
kde	KDEs to include the EAPOL-Key frame
kde_len	Length of KDEs
ptk	PTK to use for keyed hash and encryption

Returns:: 0 on success, -1 on failure

wpa.c File Reference

Data Structures

Defines

Functions

Detailed Description

Function Documentation