185732ac8SCy Schubert /* 285732ac8SCy Schubert * DPP functionality shared between hostapd and wpa_supplicant 385732ac8SCy Schubert * Copyright (c) 2017, Qualcomm Atheros, Inc. 4c1d255d3SCy Schubert * Copyright (c) 2018-2020, The Linux Foundation 585732ac8SCy Schubert * 685732ac8SCy Schubert * This software may be distributed under the terms of the BSD license. 785732ac8SCy Schubert * See README for more details. 885732ac8SCy Schubert */ 985732ac8SCy Schubert 1085732ac8SCy Schubert #ifndef DPP_H 1185732ac8SCy Schubert #define DPP_H 1285732ac8SCy Schubert 134bc52338SCy Schubert #ifdef CONFIG_DPP 1485732ac8SCy Schubert #include "utils/list.h" 1585732ac8SCy Schubert #include "common/wpa_common.h" 1685732ac8SCy Schubert #include "crypto/sha256.h" 174b72b91aSCy Schubert #include "crypto/crypto.h" 1885732ac8SCy Schubert 19206b73d0SCy Schubert struct hostapd_ip_addr; 204bc52338SCy Schubert struct dpp_global; 21c1d255d3SCy Schubert struct json_token; 22c1d255d3SCy Schubert struct dpp_reconfig_id; 23c1d255d3SCy Schubert 24c1d255d3SCy Schubert #ifdef CONFIG_TESTING_OPTIONS 25c1d255d3SCy Schubert #define DPP_VERSION (dpp_version_override) 26c1d255d3SCy Schubert extern int dpp_version_override; 27c1d255d3SCy Schubert #else /* CONFIG_TESTING_OPTIONS */ 28*32a95656SCy Schubert #ifdef CONFIG_DPP3 29*32a95656SCy Schubert #define DPP_VERSION 3 30*32a95656SCy Schubert #elif defined(CONFIG_DPP2) 31c1d255d3SCy Schubert #define DPP_VERSION 2 32c1d255d3SCy Schubert #else 33c1d255d3SCy Schubert #define DPP_VERSION 1 34c1d255d3SCy Schubert #endif 35c1d255d3SCy Schubert #endif /* CONFIG_TESTING_OPTIONS */ 364bc52338SCy Schubert 3785732ac8SCy Schubert #define DPP_HDR_LEN (4 + 2) /* OUI, OUI Type, Crypto Suite, DPP frame type */ 38c1d255d3SCy Schubert #define DPP_TCP_PORT 8908 3985732ac8SCy Schubert 4085732ac8SCy Schubert enum dpp_public_action_frame_type { 4185732ac8SCy Schubert DPP_PA_AUTHENTICATION_REQ = 0, 4285732ac8SCy Schubert DPP_PA_AUTHENTICATION_RESP = 1, 4385732ac8SCy Schubert DPP_PA_AUTHENTICATION_CONF = 2, 4485732ac8SCy Schubert DPP_PA_PEER_DISCOVERY_REQ = 5, 4585732ac8SCy Schubert DPP_PA_PEER_DISCOVERY_RESP = 6, 46*32a95656SCy Schubert DPP_PA_PKEX_V1_EXCHANGE_REQ = 7, 4785732ac8SCy Schubert DPP_PA_PKEX_EXCHANGE_RESP = 8, 4885732ac8SCy Schubert DPP_PA_PKEX_COMMIT_REVEAL_REQ = 9, 4985732ac8SCy Schubert DPP_PA_PKEX_COMMIT_REVEAL_RESP = 10, 504bc52338SCy Schubert DPP_PA_CONFIGURATION_RESULT = 11, 51c1d255d3SCy Schubert DPP_PA_CONNECTION_STATUS_RESULT = 12, 52c1d255d3SCy Schubert DPP_PA_PRESENCE_ANNOUNCEMENT = 13, 53c1d255d3SCy Schubert DPP_PA_RECONFIG_ANNOUNCEMENT = 14, 54c1d255d3SCy Schubert DPP_PA_RECONFIG_AUTH_REQ = 15, 55c1d255d3SCy Schubert DPP_PA_RECONFIG_AUTH_RESP = 16, 56c1d255d3SCy Schubert DPP_PA_RECONFIG_AUTH_CONF = 17, 57*32a95656SCy Schubert DPP_PA_PKEX_EXCHANGE_REQ = 18, 5885732ac8SCy Schubert }; 5985732ac8SCy Schubert 6085732ac8SCy Schubert enum dpp_attribute_id { 6185732ac8SCy Schubert DPP_ATTR_STATUS = 0x1000, 6285732ac8SCy Schubert DPP_ATTR_I_BOOTSTRAP_KEY_HASH = 0x1001, 6385732ac8SCy Schubert DPP_ATTR_R_BOOTSTRAP_KEY_HASH = 0x1002, 6485732ac8SCy Schubert DPP_ATTR_I_PROTOCOL_KEY = 0x1003, 6585732ac8SCy Schubert DPP_ATTR_WRAPPED_DATA = 0x1004, 6685732ac8SCy Schubert DPP_ATTR_I_NONCE = 0x1005, 6785732ac8SCy Schubert DPP_ATTR_I_CAPABILITIES = 0x1006, 6885732ac8SCy Schubert DPP_ATTR_R_NONCE = 0x1007, 6985732ac8SCy Schubert DPP_ATTR_R_CAPABILITIES = 0x1008, 7085732ac8SCy Schubert DPP_ATTR_R_PROTOCOL_KEY = 0x1009, 7185732ac8SCy Schubert DPP_ATTR_I_AUTH_TAG = 0x100A, 7285732ac8SCy Schubert DPP_ATTR_R_AUTH_TAG = 0x100B, 7385732ac8SCy Schubert DPP_ATTR_CONFIG_OBJ = 0x100C, 7485732ac8SCy Schubert DPP_ATTR_CONNECTOR = 0x100D, 7585732ac8SCy Schubert DPP_ATTR_CONFIG_ATTR_OBJ = 0x100E, 7685732ac8SCy Schubert DPP_ATTR_BOOTSTRAP_KEY = 0x100F, 7785732ac8SCy Schubert DPP_ATTR_OWN_NET_NK_HASH = 0x1011, 7885732ac8SCy Schubert DPP_ATTR_FINITE_CYCLIC_GROUP = 0x1012, 7985732ac8SCy Schubert DPP_ATTR_ENCRYPTED_KEY = 0x1013, 8085732ac8SCy Schubert DPP_ATTR_ENROLLEE_NONCE = 0x1014, 8185732ac8SCy Schubert DPP_ATTR_CODE_IDENTIFIER = 0x1015, 8285732ac8SCy Schubert DPP_ATTR_TRANSACTION_ID = 0x1016, 8385732ac8SCy Schubert DPP_ATTR_BOOTSTRAP_INFO = 0x1017, 8485732ac8SCy Schubert DPP_ATTR_CHANNEL = 0x1018, 854bc52338SCy Schubert DPP_ATTR_PROTOCOL_VERSION = 0x1019, 864bc52338SCy Schubert DPP_ATTR_ENVELOPED_DATA = 0x101A, 87c1d255d3SCy Schubert DPP_ATTR_SEND_CONN_STATUS = 0x101B, 88c1d255d3SCy Schubert DPP_ATTR_CONN_STATUS = 0x101C, 89c1d255d3SCy Schubert DPP_ATTR_RECONFIG_FLAGS = 0x101D, 90c1d255d3SCy Schubert DPP_ATTR_C_SIGN_KEY_HASH = 0x101E, 91c1d255d3SCy Schubert DPP_ATTR_CSR_ATTR_REQ = 0x101F, 92c1d255d3SCy Schubert DPP_ATTR_A_NONCE = 0x1020, 93c1d255d3SCy Schubert DPP_ATTR_E_PRIME_ID = 0x1021, 94c1d255d3SCy Schubert DPP_ATTR_CONFIGURATOR_NONCE = 0x1022, 9585732ac8SCy Schubert }; 9685732ac8SCy Schubert 9785732ac8SCy Schubert enum dpp_status_error { 9885732ac8SCy Schubert DPP_STATUS_OK = 0, 9985732ac8SCy Schubert DPP_STATUS_NOT_COMPATIBLE = 1, 10085732ac8SCy Schubert DPP_STATUS_AUTH_FAILURE = 2, 10185732ac8SCy Schubert DPP_STATUS_UNWRAP_FAILURE = 3, 10285732ac8SCy Schubert DPP_STATUS_BAD_GROUP = 4, 10385732ac8SCy Schubert DPP_STATUS_CONFIGURE_FAILURE = 5, 10485732ac8SCy Schubert DPP_STATUS_RESPONSE_PENDING = 6, 10585732ac8SCy Schubert DPP_STATUS_INVALID_CONNECTOR = 7, 10685732ac8SCy Schubert DPP_STATUS_NO_MATCH = 8, 1074bc52338SCy Schubert DPP_STATUS_CONFIG_REJECTED = 9, 108c1d255d3SCy Schubert DPP_STATUS_NO_AP = 10, 109c1d255d3SCy Schubert DPP_STATUS_CONFIGURE_PENDING = 11, 110c1d255d3SCy Schubert DPP_STATUS_CSR_NEEDED = 12, 111c1d255d3SCy Schubert DPP_STATUS_CSR_BAD = 13, 112c1d255d3SCy Schubert }; 113c1d255d3SCy Schubert 114c1d255d3SCy Schubert /* DPP Reconfig Flags object - connectorKey values */ 115c1d255d3SCy Schubert enum dpp_connector_key { 116c1d255d3SCy Schubert DPP_CONFIG_REUSEKEY = 0, 117c1d255d3SCy Schubert DPP_CONFIG_REPLACEKEY = 1, 11885732ac8SCy Schubert }; 11985732ac8SCy Schubert 12085732ac8SCy Schubert #define DPP_CAPAB_ENROLLEE BIT(0) 12185732ac8SCy Schubert #define DPP_CAPAB_CONFIGURATOR BIT(1) 12285732ac8SCy Schubert #define DPP_CAPAB_ROLE_MASK (BIT(0) | BIT(1)) 12385732ac8SCy Schubert 12485732ac8SCy Schubert #define DPP_BOOTSTRAP_MAX_FREQ 30 12585732ac8SCy Schubert #define DPP_MAX_NONCE_LEN 32 12685732ac8SCy Schubert #define DPP_MAX_HASH_LEN 64 12785732ac8SCy Schubert #define DPP_MAX_SHARED_SECRET_LEN 66 128c1d255d3SCy Schubert #define DPP_CP_LEN 64 12985732ac8SCy Schubert 13085732ac8SCy Schubert struct dpp_curve_params { 13185732ac8SCy Schubert const char *name; 13285732ac8SCy Schubert size_t hash_len; 13385732ac8SCy Schubert size_t aes_siv_key_len; 13485732ac8SCy Schubert size_t nonce_len; 13585732ac8SCy Schubert size_t prime_len; 13685732ac8SCy Schubert const char *jwk_crv; 13785732ac8SCy Schubert u16 ike_group; 13885732ac8SCy Schubert const char *jws_alg; 13985732ac8SCy Schubert }; 14085732ac8SCy Schubert 14185732ac8SCy Schubert enum dpp_bootstrap_type { 14285732ac8SCy Schubert DPP_BOOTSTRAP_QR_CODE, 14385732ac8SCy Schubert DPP_BOOTSTRAP_PKEX, 144c1d255d3SCy Schubert DPP_BOOTSTRAP_NFC_URI, 14585732ac8SCy Schubert }; 14685732ac8SCy Schubert 14785732ac8SCy Schubert struct dpp_bootstrap_info { 14885732ac8SCy Schubert struct dl_list list; 14985732ac8SCy Schubert unsigned int id; 15085732ac8SCy Schubert enum dpp_bootstrap_type type; 15185732ac8SCy Schubert char *uri; 15285732ac8SCy Schubert u8 mac_addr[ETH_ALEN]; 153c1d255d3SCy Schubert char *chan; 15485732ac8SCy Schubert char *info; 155c1d255d3SCy Schubert char *pk; 15685732ac8SCy Schubert unsigned int freq[DPP_BOOTSTRAP_MAX_FREQ]; 15785732ac8SCy Schubert unsigned int num_freq; 158c1d255d3SCy Schubert bool channels_listed; 159c1d255d3SCy Schubert u8 version; 16085732ac8SCy Schubert int own; 1614b72b91aSCy Schubert struct crypto_ec_key *pubkey; 16285732ac8SCy Schubert u8 pubkey_hash[SHA256_MAC_LEN]; 163c1d255d3SCy Schubert u8 pubkey_hash_chirp[SHA256_MAC_LEN]; 16485732ac8SCy Schubert const struct dpp_curve_params *curve; 16585732ac8SCy Schubert unsigned int pkex_t; /* number of failures before dpp_pkex 16685732ac8SCy Schubert * instantiation */ 167c1d255d3SCy Schubert int nfc_negotiated; /* whether this has been used in NFC negotiated 168c1d255d3SCy Schubert * connection handover */ 169c1d255d3SCy Schubert char *configurator_params; 17085732ac8SCy Schubert }; 17185732ac8SCy Schubert 17285732ac8SCy Schubert #define PKEX_COUNTER_T_LIMIT 5 17385732ac8SCy Schubert 17485732ac8SCy Schubert struct dpp_pkex { 17585732ac8SCy Schubert void *msg_ctx; 17685732ac8SCy Schubert unsigned int initiator:1; 17785732ac8SCy Schubert unsigned int exchange_done:1; 17885732ac8SCy Schubert unsigned int failed:1; 179*32a95656SCy Schubert unsigned int v2:1; 18085732ac8SCy Schubert struct dpp_bootstrap_info *own_bi; 18185732ac8SCy Schubert u8 own_mac[ETH_ALEN]; 18285732ac8SCy Schubert u8 peer_mac[ETH_ALEN]; 18385732ac8SCy Schubert char *identifier; 18485732ac8SCy Schubert char *code; 1854b72b91aSCy Schubert struct crypto_ec_key *x; 1864b72b91aSCy Schubert struct crypto_ec_key *y; 18785732ac8SCy Schubert u8 Mx[DPP_MAX_SHARED_SECRET_LEN]; 18885732ac8SCy Schubert u8 Nx[DPP_MAX_SHARED_SECRET_LEN]; 18985732ac8SCy Schubert u8 z[DPP_MAX_HASH_LEN]; 1904b72b91aSCy Schubert struct crypto_ec_key *peer_bootstrap_key; 19185732ac8SCy Schubert struct wpabuf *exchange_req; 19285732ac8SCy Schubert struct wpabuf *exchange_resp; 19385732ac8SCy Schubert unsigned int t; /* number of failures on code use */ 19485732ac8SCy Schubert unsigned int exch_req_wait_time; 19585732ac8SCy Schubert unsigned int exch_req_tries; 19685732ac8SCy Schubert unsigned int freq; 197*32a95656SCy Schubert u8 peer_version; 19885732ac8SCy Schubert }; 19985732ac8SCy Schubert 20085732ac8SCy Schubert enum dpp_akm { 20185732ac8SCy Schubert DPP_AKM_UNKNOWN, 20285732ac8SCy Schubert DPP_AKM_DPP, 20385732ac8SCy Schubert DPP_AKM_PSK, 20485732ac8SCy Schubert DPP_AKM_SAE, 2054bc52338SCy Schubert DPP_AKM_PSK_SAE, 2064bc52338SCy Schubert DPP_AKM_SAE_DPP, 2074bc52338SCy Schubert DPP_AKM_PSK_SAE_DPP, 208c1d255d3SCy Schubert DPP_AKM_DOT1X, 209c1d255d3SCy Schubert }; 210c1d255d3SCy Schubert 211c1d255d3SCy Schubert enum dpp_netrole { 212c1d255d3SCy Schubert DPP_NETROLE_STA, 213c1d255d3SCy Schubert DPP_NETROLE_AP, 214c1d255d3SCy Schubert DPP_NETROLE_CONFIGURATOR, 21585732ac8SCy Schubert }; 21685732ac8SCy Schubert 21785732ac8SCy Schubert struct dpp_configuration { 21885732ac8SCy Schubert u8 ssid[32]; 21985732ac8SCy Schubert size_t ssid_len; 220c1d255d3SCy Schubert int ssid_charset; 22185732ac8SCy Schubert enum dpp_akm akm; 222c1d255d3SCy Schubert enum dpp_netrole netrole; 22385732ac8SCy Schubert 22485732ac8SCy Schubert /* For DPP configuration (connector) */ 22585732ac8SCy Schubert os_time_t netaccesskey_expiry; 22685732ac8SCy Schubert 22785732ac8SCy Schubert /* TODO: groups */ 22885732ac8SCy Schubert char *group_id; 22985732ac8SCy Schubert 23085732ac8SCy Schubert /* For legacy configuration */ 23185732ac8SCy Schubert char *passphrase; 23285732ac8SCy Schubert u8 psk[32]; 2334bc52338SCy Schubert int psk_set; 234c1d255d3SCy Schubert 235c1d255d3SCy Schubert char *csrattrs; 23685732ac8SCy Schubert }; 23785732ac8SCy Schubert 238c1d255d3SCy Schubert struct dpp_asymmetric_key { 239c1d255d3SCy Schubert struct dpp_asymmetric_key *next; 2404b72b91aSCy Schubert struct crypto_ec_key *csign; 2414b72b91aSCy Schubert struct crypto_ec_key *pp_key; 242c1d255d3SCy Schubert char *config_template; 243c1d255d3SCy Schubert char *connector_template; 244c1d255d3SCy Schubert }; 245c1d255d3SCy Schubert 246c1d255d3SCy Schubert #define DPP_MAX_CONF_OBJ 10 247c1d255d3SCy Schubert 24885732ac8SCy Schubert struct dpp_authentication { 249c1d255d3SCy Schubert struct dpp_global *global; 25085732ac8SCy Schubert void *msg_ctx; 2514bc52338SCy Schubert u8 peer_version; 25285732ac8SCy Schubert const struct dpp_curve_params *curve; 25385732ac8SCy Schubert struct dpp_bootstrap_info *peer_bi; 25485732ac8SCy Schubert struct dpp_bootstrap_info *own_bi; 25585732ac8SCy Schubert struct dpp_bootstrap_info *tmp_own_bi; 256c1d255d3SCy Schubert struct dpp_bootstrap_info *tmp_peer_bi; 25785732ac8SCy Schubert u8 waiting_pubkey_hash[SHA256_MAC_LEN]; 25885732ac8SCy Schubert int response_pending; 259c1d255d3SCy Schubert int reconfig; 260c1d255d3SCy Schubert enum dpp_connector_key reconfig_connector_key; 26185732ac8SCy Schubert enum dpp_status_error auth_resp_status; 2624bc52338SCy Schubert enum dpp_status_error conf_resp_status; 263c1d255d3SCy Schubert enum dpp_status_error force_conf_resp_status; 26485732ac8SCy Schubert u8 peer_mac_addr[ETH_ALEN]; 26585732ac8SCy Schubert u8 i_nonce[DPP_MAX_NONCE_LEN]; 26685732ac8SCy Schubert u8 r_nonce[DPP_MAX_NONCE_LEN]; 26785732ac8SCy Schubert u8 e_nonce[DPP_MAX_NONCE_LEN]; 268c1d255d3SCy Schubert u8 c_nonce[DPP_MAX_NONCE_LEN]; 26985732ac8SCy Schubert u8 i_capab; 27085732ac8SCy Schubert u8 r_capab; 271c1d255d3SCy Schubert enum dpp_netrole e_netrole; 2724b72b91aSCy Schubert struct crypto_ec_key *own_protocol_key; 2734b72b91aSCy Schubert struct crypto_ec_key *peer_protocol_key; 2744b72b91aSCy Schubert struct crypto_ec_key *reconfig_old_protocol_key; 27585732ac8SCy Schubert struct wpabuf *req_msg; 27685732ac8SCy Schubert struct wpabuf *resp_msg; 277c1d255d3SCy Schubert struct wpabuf *reconfig_req_msg; 278c1d255d3SCy Schubert struct wpabuf *reconfig_resp_msg; 27985732ac8SCy Schubert /* Intersection of possible frequencies for initiating DPP 28085732ac8SCy Schubert * Authentication exchange */ 28185732ac8SCy Schubert unsigned int freq[DPP_BOOTSTRAP_MAX_FREQ]; 28285732ac8SCy Schubert unsigned int num_freq, freq_idx; 28385732ac8SCy Schubert unsigned int curr_freq; 28485732ac8SCy Schubert unsigned int neg_freq; 28585732ac8SCy Schubert unsigned int num_freq_iters; 28685732ac8SCy Schubert size_t secret_len; 28785732ac8SCy Schubert u8 Mx[DPP_MAX_SHARED_SECRET_LEN]; 28885732ac8SCy Schubert size_t Mx_len; 28985732ac8SCy Schubert u8 Nx[DPP_MAX_SHARED_SECRET_LEN]; 29085732ac8SCy Schubert size_t Nx_len; 29185732ac8SCy Schubert u8 Lx[DPP_MAX_SHARED_SECRET_LEN]; 29285732ac8SCy Schubert size_t Lx_len; 29385732ac8SCy Schubert u8 k1[DPP_MAX_HASH_LEN]; 29485732ac8SCy Schubert u8 k2[DPP_MAX_HASH_LEN]; 29585732ac8SCy Schubert u8 ke[DPP_MAX_HASH_LEN]; 296c1d255d3SCy Schubert u8 bk[DPP_MAX_HASH_LEN]; 29785732ac8SCy Schubert int initiator; 29885732ac8SCy Schubert int waiting_auth_resp; 29985732ac8SCy Schubert int waiting_auth_conf; 30085732ac8SCy Schubert int auth_req_ack; 30185732ac8SCy Schubert unsigned int auth_resp_tries; 30285732ac8SCy Schubert u8 allowed_roles; 30385732ac8SCy Schubert int configurator; 30485732ac8SCy Schubert int remove_on_tx_status; 3054bc52338SCy Schubert int connect_on_tx_status; 3064bc52338SCy Schubert int waiting_conf_result; 307c1d255d3SCy Schubert int waiting_conn_status_result; 30885732ac8SCy Schubert int auth_success; 309c1d255d3SCy Schubert bool reconfig_success; 31085732ac8SCy Schubert struct wpabuf *conf_req; 31185732ac8SCy Schubert const struct wpabuf *conf_resp; /* owned by GAS server */ 312c1d255d3SCy Schubert struct wpabuf *conf_resp_tcp; 31385732ac8SCy Schubert struct dpp_configuration *conf_ap; 314c1d255d3SCy Schubert struct dpp_configuration *conf2_ap; 31585732ac8SCy Schubert struct dpp_configuration *conf_sta; 316c1d255d3SCy Schubert struct dpp_configuration *conf2_sta; 317c1d255d3SCy Schubert int provision_configurator; 31885732ac8SCy Schubert struct dpp_configurator *conf; 319c1d255d3SCy Schubert struct dpp_config_obj { 32085732ac8SCy Schubert char *connector; /* received signedConnector */ 32185732ac8SCy Schubert u8 ssid[SSID_MAX_LEN]; 32285732ac8SCy Schubert u8 ssid_len; 323c1d255d3SCy Schubert int ssid_charset; 32485732ac8SCy Schubert char passphrase[64]; 32585732ac8SCy Schubert u8 psk[PMK_LEN]; 32685732ac8SCy Schubert int psk_set; 32785732ac8SCy Schubert enum dpp_akm akm; 328c1d255d3SCy Schubert struct wpabuf *c_sign_key; 329c1d255d3SCy Schubert struct wpabuf *certbag; 330c1d255d3SCy Schubert struct wpabuf *certs; 331c1d255d3SCy Schubert struct wpabuf *cacert; 332c1d255d3SCy Schubert char *server_name; 333c1d255d3SCy Schubert struct wpabuf *pp_key; 334c1d255d3SCy Schubert } conf_obj[DPP_MAX_CONF_OBJ]; 335c1d255d3SCy Schubert unsigned int num_conf_obj; 336c1d255d3SCy Schubert struct dpp_asymmetric_key *conf_key_pkg; 33785732ac8SCy Schubert struct wpabuf *net_access_key; 33885732ac8SCy Schubert os_time_t net_access_key_expiry; 339c1d255d3SCy Schubert int send_conn_status; 340c1d255d3SCy Schubert int conn_status_requested; 341c1d255d3SCy Schubert int akm_use_selector; 342c1d255d3SCy Schubert int configurator_set; 343c1d255d3SCy Schubert u8 transaction_id; 344c1d255d3SCy Schubert u8 *csrattrs; 345c1d255d3SCy Schubert size_t csrattrs_len; 346c1d255d3SCy Schubert bool waiting_csr; 347c1d255d3SCy Schubert struct wpabuf *csr; 348c1d255d3SCy Schubert struct wpabuf *priv_key; /* DER-encoded private key used for csr */ 349c1d255d3SCy Schubert bool waiting_cert; 350c1d255d3SCy Schubert char *trusted_eap_server_name; 351c1d255d3SCy Schubert struct wpabuf *cacert; 352c1d255d3SCy Schubert struct wpabuf *certbag; 353c1d255d3SCy Schubert void *cert_resp_ctx; 354c1d255d3SCy Schubert void *gas_server_ctx; 35585732ac8SCy Schubert #ifdef CONFIG_TESTING_OPTIONS 35685732ac8SCy Schubert char *config_obj_override; 35785732ac8SCy Schubert char *discovery_override; 35885732ac8SCy Schubert char *groups_override; 35985732ac8SCy Schubert unsigned int ignore_netaccesskey_mismatch:1; 36085732ac8SCy Schubert #endif /* CONFIG_TESTING_OPTIONS */ 36185732ac8SCy Schubert }; 36285732ac8SCy Schubert 36385732ac8SCy Schubert struct dpp_configurator { 36485732ac8SCy Schubert struct dl_list list; 36585732ac8SCy Schubert unsigned int id; 36685732ac8SCy Schubert int own; 3674b72b91aSCy Schubert struct crypto_ec_key *csign; 368c1d255d3SCy Schubert u8 kid_hash[SHA256_MAC_LEN]; 36985732ac8SCy Schubert char *kid; 37085732ac8SCy Schubert const struct dpp_curve_params *curve; 371c1d255d3SCy Schubert char *connector; /* own Connector for reconfiguration */ 3724b72b91aSCy Schubert struct crypto_ec_key *connector_key; 3734b72b91aSCy Schubert struct crypto_ec_key *pp_key; 37485732ac8SCy Schubert }; 37585732ac8SCy Schubert 37685732ac8SCy Schubert struct dpp_introduction { 37785732ac8SCy Schubert u8 pmkid[PMKID_LEN]; 37885732ac8SCy Schubert u8 pmk[PMK_LEN_MAX]; 37985732ac8SCy Schubert size_t pmk_len; 380*32a95656SCy Schubert int peer_version; 38185732ac8SCy Schubert }; 38285732ac8SCy Schubert 383206b73d0SCy Schubert struct dpp_relay_config { 384206b73d0SCy Schubert const struct hostapd_ip_addr *ipaddr; 385206b73d0SCy Schubert const u8 *pkhash; 386206b73d0SCy Schubert 387c1d255d3SCy Schubert void *msg_ctx; 388206b73d0SCy Schubert void *cb_ctx; 389206b73d0SCy Schubert void (*tx)(void *ctx, const u8 *addr, unsigned int freq, const u8 *msg, 390206b73d0SCy Schubert size_t len); 391206b73d0SCy Schubert void (*gas_resp_tx)(void *ctx, const u8 *addr, u8 dialog_token, int prot, 392206b73d0SCy Schubert struct wpabuf *buf); 393206b73d0SCy Schubert }; 394206b73d0SCy Schubert 395206b73d0SCy Schubert struct dpp_controller_config { 396206b73d0SCy Schubert const char *configurator_params; 397206b73d0SCy Schubert int tcp_port; 398c1d255d3SCy Schubert u8 allowed_roles; 399c1d255d3SCy Schubert int qr_mutual; 400c1d255d3SCy Schubert enum dpp_netrole netrole; 401c1d255d3SCy Schubert void *msg_ctx; 402c1d255d3SCy Schubert void *cb_ctx; 403c1d255d3SCy Schubert int (*process_conf_obj)(void *ctx, struct dpp_authentication *auth); 404206b73d0SCy Schubert }; 405206b73d0SCy Schubert 40685732ac8SCy Schubert #ifdef CONFIG_TESTING_OPTIONS 40785732ac8SCy Schubert enum dpp_test_behavior { 40885732ac8SCy Schubert DPP_TEST_DISABLED = 0, 40985732ac8SCy Schubert DPP_TEST_AFTER_WRAPPED_DATA_AUTH_REQ = 1, 41085732ac8SCy Schubert DPP_TEST_AFTER_WRAPPED_DATA_AUTH_RESP = 2, 41185732ac8SCy Schubert DPP_TEST_AFTER_WRAPPED_DATA_AUTH_CONF = 3, 41285732ac8SCy Schubert DPP_TEST_AFTER_WRAPPED_DATA_PKEX_CR_REQ = 4, 41385732ac8SCy Schubert DPP_TEST_AFTER_WRAPPED_DATA_PKEX_CR_RESP = 5, 41485732ac8SCy Schubert DPP_TEST_AFTER_WRAPPED_DATA_CONF_REQ = 6, 41585732ac8SCy Schubert DPP_TEST_AFTER_WRAPPED_DATA_CONF_RESP = 7, 41685732ac8SCy Schubert DPP_TEST_ZERO_I_CAPAB = 8, 41785732ac8SCy Schubert DPP_TEST_ZERO_R_CAPAB = 9, 41885732ac8SCy Schubert DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_REQ = 10, 41985732ac8SCy Schubert DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_REQ = 11, 42085732ac8SCy Schubert DPP_TEST_NO_I_PROTO_KEY_AUTH_REQ = 12, 42185732ac8SCy Schubert DPP_TEST_NO_I_NONCE_AUTH_REQ = 13, 42285732ac8SCy Schubert DPP_TEST_NO_I_CAPAB_AUTH_REQ = 14, 42385732ac8SCy Schubert DPP_TEST_NO_WRAPPED_DATA_AUTH_REQ = 15, 42485732ac8SCy Schubert DPP_TEST_NO_STATUS_AUTH_RESP = 16, 42585732ac8SCy Schubert DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_RESP = 17, 42685732ac8SCy Schubert DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_RESP = 18, 42785732ac8SCy Schubert DPP_TEST_NO_R_PROTO_KEY_AUTH_RESP = 19, 42885732ac8SCy Schubert DPP_TEST_NO_R_NONCE_AUTH_RESP = 20, 42985732ac8SCy Schubert DPP_TEST_NO_I_NONCE_AUTH_RESP = 21, 43085732ac8SCy Schubert DPP_TEST_NO_R_CAPAB_AUTH_RESP = 22, 43185732ac8SCy Schubert DPP_TEST_NO_R_AUTH_AUTH_RESP = 23, 43285732ac8SCy Schubert DPP_TEST_NO_WRAPPED_DATA_AUTH_RESP = 24, 43385732ac8SCy Schubert DPP_TEST_NO_STATUS_AUTH_CONF = 25, 43485732ac8SCy Schubert DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_CONF = 26, 43585732ac8SCy Schubert DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_CONF = 27, 43685732ac8SCy Schubert DPP_TEST_NO_I_AUTH_AUTH_CONF = 28, 43785732ac8SCy Schubert DPP_TEST_NO_WRAPPED_DATA_AUTH_CONF = 29, 43885732ac8SCy Schubert DPP_TEST_I_NONCE_MISMATCH_AUTH_RESP = 30, 43985732ac8SCy Schubert DPP_TEST_INCOMPATIBLE_R_CAPAB_AUTH_RESP = 31, 44085732ac8SCy Schubert DPP_TEST_R_AUTH_MISMATCH_AUTH_RESP = 32, 44185732ac8SCy Schubert DPP_TEST_I_AUTH_MISMATCH_AUTH_CONF = 33, 44285732ac8SCy Schubert DPP_TEST_NO_FINITE_CYCLIC_GROUP_PKEX_EXCHANGE_REQ = 34, 44385732ac8SCy Schubert DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_REQ = 35, 44485732ac8SCy Schubert DPP_TEST_NO_STATUS_PKEX_EXCHANGE_RESP = 36, 44585732ac8SCy Schubert DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_RESP = 37, 44685732ac8SCy Schubert DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_REQ = 38, 44785732ac8SCy Schubert DPP_TEST_NO_I_AUTH_TAG_PKEX_CR_REQ = 39, 44885732ac8SCy Schubert DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_REQ = 40, 44985732ac8SCy Schubert DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_RESP = 41, 45085732ac8SCy Schubert DPP_TEST_NO_R_AUTH_TAG_PKEX_CR_RESP = 42, 45185732ac8SCy Schubert DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_RESP = 43, 45285732ac8SCy Schubert DPP_TEST_INVALID_ENCRYPTED_KEY_PKEX_EXCHANGE_REQ = 44, 45385732ac8SCy Schubert DPP_TEST_INVALID_ENCRYPTED_KEY_PKEX_EXCHANGE_RESP = 45, 45485732ac8SCy Schubert DPP_TEST_INVALID_STATUS_PKEX_EXCHANGE_RESP = 46, 45585732ac8SCy Schubert DPP_TEST_INVALID_BOOTSTRAP_KEY_PKEX_CR_REQ = 47, 45685732ac8SCy Schubert DPP_TEST_INVALID_BOOTSTRAP_KEY_PKEX_CR_RESP = 48, 45785732ac8SCy Schubert DPP_TEST_I_AUTH_TAG_MISMATCH_PKEX_CR_REQ = 49, 45885732ac8SCy Schubert DPP_TEST_R_AUTH_TAG_MISMATCH_PKEX_CR_RESP = 50, 45985732ac8SCy Schubert DPP_TEST_NO_E_NONCE_CONF_REQ = 51, 46085732ac8SCy Schubert DPP_TEST_NO_CONFIG_ATTR_OBJ_CONF_REQ = 52, 46185732ac8SCy Schubert DPP_TEST_NO_WRAPPED_DATA_CONF_REQ = 53, 46285732ac8SCy Schubert DPP_TEST_NO_E_NONCE_CONF_RESP = 54, 46385732ac8SCy Schubert DPP_TEST_NO_CONFIG_OBJ_CONF_RESP = 55, 46485732ac8SCy Schubert DPP_TEST_NO_STATUS_CONF_RESP = 56, 46585732ac8SCy Schubert DPP_TEST_NO_WRAPPED_DATA_CONF_RESP = 57, 46685732ac8SCy Schubert DPP_TEST_INVALID_STATUS_CONF_RESP = 58, 46785732ac8SCy Schubert DPP_TEST_E_NONCE_MISMATCH_CONF_RESP = 59, 46885732ac8SCy Schubert DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_REQ = 60, 46985732ac8SCy Schubert DPP_TEST_NO_CONNECTOR_PEER_DISC_REQ = 61, 47085732ac8SCy Schubert DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_RESP = 62, 47185732ac8SCy Schubert DPP_TEST_NO_STATUS_PEER_DISC_RESP = 63, 47285732ac8SCy Schubert DPP_TEST_NO_CONNECTOR_PEER_DISC_RESP = 64, 47385732ac8SCy Schubert DPP_TEST_AUTH_RESP_IN_PLACE_OF_CONF = 65, 47485732ac8SCy Schubert DPP_TEST_INVALID_I_PROTO_KEY_AUTH_REQ = 66, 47585732ac8SCy Schubert DPP_TEST_INVALID_R_PROTO_KEY_AUTH_RESP = 67, 47685732ac8SCy Schubert DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_REQ = 68, 47785732ac8SCy Schubert DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_REQ = 69, 47885732ac8SCy Schubert DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_RESP = 70, 47985732ac8SCy Schubert DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_RESP = 71, 48085732ac8SCy Schubert DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_CONF = 72, 48185732ac8SCy Schubert DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_CONF = 73, 48285732ac8SCy Schubert DPP_TEST_INVALID_STATUS_AUTH_RESP = 74, 48385732ac8SCy Schubert DPP_TEST_INVALID_STATUS_AUTH_CONF = 75, 48485732ac8SCy Schubert DPP_TEST_INVALID_CONFIG_ATTR_OBJ_CONF_REQ = 76, 48585732ac8SCy Schubert DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_RESP = 77, 48685732ac8SCy Schubert DPP_TEST_INVALID_STATUS_PEER_DISC_RESP = 78, 48785732ac8SCy Schubert DPP_TEST_INVALID_CONNECTOR_PEER_DISC_RESP = 79, 48885732ac8SCy Schubert DPP_TEST_INVALID_CONNECTOR_PEER_DISC_REQ = 80, 48985732ac8SCy Schubert DPP_TEST_INVALID_I_NONCE_AUTH_REQ = 81, 49085732ac8SCy Schubert DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_REQ = 82, 49185732ac8SCy Schubert DPP_TEST_INVALID_E_NONCE_CONF_REQ = 83, 49285732ac8SCy Schubert DPP_TEST_STOP_AT_PKEX_EXCHANGE_RESP = 84, 49385732ac8SCy Schubert DPP_TEST_STOP_AT_PKEX_CR_REQ = 85, 49485732ac8SCy Schubert DPP_TEST_STOP_AT_PKEX_CR_RESP = 86, 49585732ac8SCy Schubert DPP_TEST_STOP_AT_AUTH_REQ = 87, 49685732ac8SCy Schubert DPP_TEST_STOP_AT_AUTH_RESP = 88, 49785732ac8SCy Schubert DPP_TEST_STOP_AT_AUTH_CONF = 89, 49885732ac8SCy Schubert DPP_TEST_STOP_AT_CONF_REQ = 90, 4994bc52338SCy Schubert DPP_TEST_REJECT_CONFIG = 91, 500*32a95656SCy Schubert DPP_TEST_NO_PROTOCOL_VERSION_PEER_DISC_REQ = 92, 501*32a95656SCy Schubert DPP_TEST_NO_PROTOCOL_VERSION_PEER_DISC_RESP = 93, 50285732ac8SCy Schubert }; 50385732ac8SCy Schubert 50485732ac8SCy Schubert extern enum dpp_test_behavior dpp_test; 50585732ac8SCy Schubert extern u8 dpp_pkex_own_mac_override[ETH_ALEN]; 50685732ac8SCy Schubert extern u8 dpp_pkex_peer_mac_override[ETH_ALEN]; 50785732ac8SCy Schubert extern u8 dpp_pkex_ephemeral_key_override[600]; 50885732ac8SCy Schubert extern size_t dpp_pkex_ephemeral_key_override_len; 50985732ac8SCy Schubert extern u8 dpp_protocol_key_override[600]; 51085732ac8SCy Schubert extern size_t dpp_protocol_key_override_len; 51185732ac8SCy Schubert extern u8 dpp_nonce_override[DPP_MAX_NONCE_LEN]; 51285732ac8SCy Schubert extern size_t dpp_nonce_override_len; 51385732ac8SCy Schubert #endif /* CONFIG_TESTING_OPTIONS */ 51485732ac8SCy Schubert 51585732ac8SCy Schubert void dpp_bootstrap_info_free(struct dpp_bootstrap_info *info); 51685732ac8SCy Schubert const char * dpp_bootstrap_type_txt(enum dpp_bootstrap_type type); 51785732ac8SCy Schubert int dpp_parse_uri_chan_list(struct dpp_bootstrap_info *bi, 51885732ac8SCy Schubert const char *chan_list); 51985732ac8SCy Schubert int dpp_parse_uri_mac(struct dpp_bootstrap_info *bi, const char *mac); 52085732ac8SCy Schubert int dpp_parse_uri_info(struct dpp_bootstrap_info *bi, const char *info); 521c1d255d3SCy Schubert int dpp_nfc_update_bi(struct dpp_bootstrap_info *own_bi, 522c1d255d3SCy Schubert struct dpp_bootstrap_info *peer_bi); 523c1d255d3SCy Schubert struct dpp_authentication * 524c1d255d3SCy Schubert dpp_alloc_auth(struct dpp_global *dpp, void *msg_ctx); 52585732ac8SCy Schubert struct hostapd_hw_modes; 526c1d255d3SCy Schubert struct dpp_authentication * dpp_auth_init(struct dpp_global *dpp, void *msg_ctx, 52785732ac8SCy Schubert struct dpp_bootstrap_info *peer_bi, 52885732ac8SCy Schubert struct dpp_bootstrap_info *own_bi, 52985732ac8SCy Schubert u8 dpp_allowed_roles, 53085732ac8SCy Schubert unsigned int neg_freq, 53185732ac8SCy Schubert struct hostapd_hw_modes *own_modes, 53285732ac8SCy Schubert u16 num_modes); 53385732ac8SCy Schubert struct dpp_authentication * 534c1d255d3SCy Schubert dpp_auth_req_rx(struct dpp_global *dpp, void *msg_ctx, u8 dpp_allowed_roles, 535c1d255d3SCy Schubert int qr_mutual, struct dpp_bootstrap_info *peer_bi, 53685732ac8SCy Schubert struct dpp_bootstrap_info *own_bi, 53785732ac8SCy Schubert unsigned int freq, const u8 *hdr, const u8 *attr_start, 53885732ac8SCy Schubert size_t attr_len); 53985732ac8SCy Schubert struct wpabuf * 54085732ac8SCy Schubert dpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr, 54185732ac8SCy Schubert const u8 *attr_start, size_t attr_len); 54285732ac8SCy Schubert struct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth, 54385732ac8SCy Schubert const char *json); 544c1d255d3SCy Schubert struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth, 545c1d255d3SCy Schubert const char *name, 546c1d255d3SCy Schubert enum dpp_netrole netrole, 547c1d255d3SCy Schubert const char *mud_url, int *opclasses); 54885732ac8SCy Schubert int dpp_auth_conf_rx(struct dpp_authentication *auth, const u8 *hdr, 54985732ac8SCy Schubert const u8 *attr_start, size_t attr_len); 55085732ac8SCy Schubert int dpp_notify_new_qr_code(struct dpp_authentication *auth, 55185732ac8SCy Schubert struct dpp_bootstrap_info *peer_bi); 5524bc52338SCy Schubert struct dpp_configuration * dpp_configuration_alloc(const char *type); 5534bc52338SCy Schubert int dpp_akm_psk(enum dpp_akm akm); 5544bc52338SCy Schubert int dpp_akm_sae(enum dpp_akm akm); 5554bc52338SCy Schubert int dpp_akm_legacy(enum dpp_akm akm); 5564bc52338SCy Schubert int dpp_akm_dpp(enum dpp_akm akm); 5574bc52338SCy Schubert int dpp_akm_ver2(enum dpp_akm akm); 5584bc52338SCy Schubert int dpp_configuration_valid(const struct dpp_configuration *conf); 55985732ac8SCy Schubert void dpp_configuration_free(struct dpp_configuration *conf); 560c1d255d3SCy Schubert int dpp_set_configurator(struct dpp_authentication *auth, const char *cmd); 56185732ac8SCy Schubert void dpp_auth_deinit(struct dpp_authentication *auth); 56285732ac8SCy Schubert struct wpabuf * 563c1d255d3SCy Schubert dpp_build_conf_resp(struct dpp_authentication *auth, const u8 *e_nonce, 564c1d255d3SCy Schubert u16 e_nonce_len, enum dpp_netrole netrole, 565c1d255d3SCy Schubert bool cert_req); 566c1d255d3SCy Schubert struct wpabuf * 56785732ac8SCy Schubert dpp_conf_req_rx(struct dpp_authentication *auth, const u8 *attr_start, 56885732ac8SCy Schubert size_t attr_len); 56985732ac8SCy Schubert int dpp_conf_resp_rx(struct dpp_authentication *auth, 57085732ac8SCy Schubert const struct wpabuf *resp); 5714bc52338SCy Schubert enum dpp_status_error dpp_conf_result_rx(struct dpp_authentication *auth, 5724bc52338SCy Schubert const u8 *hdr, 5734bc52338SCy Schubert const u8 *attr_start, size_t attr_len); 5744bc52338SCy Schubert struct wpabuf * dpp_build_conf_result(struct dpp_authentication *auth, 5754bc52338SCy Schubert enum dpp_status_error status); 576c1d255d3SCy Schubert enum dpp_status_error dpp_conn_status_result_rx(struct dpp_authentication *auth, 577c1d255d3SCy Schubert const u8 *hdr, 578c1d255d3SCy Schubert const u8 *attr_start, 579c1d255d3SCy Schubert size_t attr_len, 580c1d255d3SCy Schubert u8 *ssid, size_t *ssid_len, 581c1d255d3SCy Schubert char **channel_list); 582c1d255d3SCy Schubert struct wpabuf * dpp_build_conn_status_result(struct dpp_authentication *auth, 583c1d255d3SCy Schubert enum dpp_status_error result, 584c1d255d3SCy Schubert const u8 *ssid, size_t ssid_len, 585c1d255d3SCy Schubert const char *channel_list); 58685732ac8SCy Schubert struct wpabuf * dpp_alloc_msg(enum dpp_public_action_frame_type type, 58785732ac8SCy Schubert size_t len); 58885732ac8SCy Schubert const u8 * dpp_get_attr(const u8 *buf, size_t len, u16 req_id, u16 *ret_len); 58985732ac8SCy Schubert int dpp_check_attrs(const u8 *buf, size_t len); 59085732ac8SCy Schubert int dpp_key_expired(const char *timestamp, os_time_t *expiry); 59185732ac8SCy Schubert const char * dpp_akm_str(enum dpp_akm akm); 592c1d255d3SCy Schubert const char * dpp_akm_selector_str(enum dpp_akm akm); 59385732ac8SCy Schubert int dpp_configurator_get_key(const struct dpp_configurator *conf, char *buf, 59485732ac8SCy Schubert size_t buflen); 59585732ac8SCy Schubert void dpp_configurator_free(struct dpp_configurator *conf); 59685732ac8SCy Schubert int dpp_configurator_own_config(struct dpp_authentication *auth, 59785732ac8SCy Schubert const char *curve, int ap); 59885732ac8SCy Schubert enum dpp_status_error 59985732ac8SCy Schubert dpp_peer_intro(struct dpp_introduction *intro, const char *own_connector, 60085732ac8SCy Schubert const u8 *net_access_key, size_t net_access_key_len, 60185732ac8SCy Schubert const u8 *csign_key, size_t csign_key_len, 60285732ac8SCy Schubert const u8 *peer_connector, size_t peer_connector_len, 60385732ac8SCy Schubert os_time_t *expiry); 604*32a95656SCy Schubert int dpp_get_connector_version(const char *connector); 60585732ac8SCy Schubert struct dpp_pkex * dpp_pkex_init(void *msg_ctx, struct dpp_bootstrap_info *bi, 60685732ac8SCy Schubert const u8 *own_mac, 607*32a95656SCy Schubert const char *identifier, const char *code, 608*32a95656SCy Schubert bool v2); 60985732ac8SCy Schubert struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, 61085732ac8SCy Schubert struct dpp_bootstrap_info *bi, 61185732ac8SCy Schubert const u8 *own_mac, 61285732ac8SCy Schubert const u8 *peer_mac, 61385732ac8SCy Schubert const char *identifier, 61485732ac8SCy Schubert const char *code, 615*32a95656SCy Schubert const u8 *buf, size_t len, bool v2); 61685732ac8SCy Schubert struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex, 61785732ac8SCy Schubert const u8 *peer_mac, 61885732ac8SCy Schubert const u8 *buf, size_t len); 61985732ac8SCy Schubert struct wpabuf * dpp_pkex_rx_commit_reveal_req(struct dpp_pkex *pkex, 62085732ac8SCy Schubert const u8 *hdr, 62185732ac8SCy Schubert const u8 *buf, size_t len); 62285732ac8SCy Schubert int dpp_pkex_rx_commit_reveal_resp(struct dpp_pkex *pkex, const u8 *hdr, 62385732ac8SCy Schubert const u8 *buf, size_t len); 62485732ac8SCy Schubert void dpp_pkex_free(struct dpp_pkex *pkex); 62585732ac8SCy Schubert 62685732ac8SCy Schubert char * dpp_corrupt_connector_signature(const char *connector); 62785732ac8SCy Schubert 6284bc52338SCy Schubert 6294bc52338SCy Schubert struct dpp_pfs { 6304bc52338SCy Schubert struct crypto_ecdh *ecdh; 6314bc52338SCy Schubert const struct dpp_curve_params *curve; 6324bc52338SCy Schubert struct wpabuf *ie; 6334bc52338SCy Schubert struct wpabuf *secret; 6344bc52338SCy Schubert }; 6354bc52338SCy Schubert 6364bc52338SCy Schubert struct dpp_pfs * dpp_pfs_init(const u8 *net_access_key, 6374bc52338SCy Schubert size_t net_access_key_len); 6384bc52338SCy Schubert int dpp_pfs_process(struct dpp_pfs *pfs, const u8 *peer_ie, size_t peer_ie_len); 6394bc52338SCy Schubert void dpp_pfs_free(struct dpp_pfs *pfs); 6404bc52338SCy Schubert 641c1d255d3SCy Schubert struct wpabuf * dpp_build_csr(struct dpp_authentication *auth, 642c1d255d3SCy Schubert const char *name); 643c1d255d3SCy Schubert int dpp_validate_csr(struct dpp_authentication *auth, const struct wpabuf *csr); 644c1d255d3SCy Schubert 6454bc52338SCy Schubert struct dpp_bootstrap_info * dpp_add_qr_code(struct dpp_global *dpp, 6464bc52338SCy Schubert const char *uri); 647c1d255d3SCy Schubert struct dpp_bootstrap_info * dpp_add_nfc_uri(struct dpp_global *dpp, 648c1d255d3SCy Schubert const char *uri); 6494bc52338SCy Schubert int dpp_bootstrap_gen(struct dpp_global *dpp, const char *cmd); 6504bc52338SCy Schubert struct dpp_bootstrap_info * 6514bc52338SCy Schubert dpp_bootstrap_get_id(struct dpp_global *dpp, unsigned int id); 6524bc52338SCy Schubert int dpp_bootstrap_remove(struct dpp_global *dpp, const char *id); 6534bc52338SCy Schubert struct dpp_bootstrap_info * 6544bc52338SCy Schubert dpp_pkex_finish(struct dpp_global *dpp, struct dpp_pkex *pkex, const u8 *peer, 6554bc52338SCy Schubert unsigned int freq); 6564bc52338SCy Schubert const char * dpp_bootstrap_get_uri(struct dpp_global *dpp, unsigned int id); 6574bc52338SCy Schubert int dpp_bootstrap_info(struct dpp_global *dpp, int id, 6584bc52338SCy Schubert char *reply, int reply_size); 659c1d255d3SCy Schubert int dpp_bootstrap_set(struct dpp_global *dpp, int id, const char *params); 6604bc52338SCy Schubert void dpp_bootstrap_find_pair(struct dpp_global *dpp, const u8 *i_bootstrap, 6614bc52338SCy Schubert const u8 *r_bootstrap, 6624bc52338SCy Schubert struct dpp_bootstrap_info **own_bi, 6634bc52338SCy Schubert struct dpp_bootstrap_info **peer_bi); 664c1d255d3SCy Schubert struct dpp_bootstrap_info * dpp_bootstrap_find_chirp(struct dpp_global *dpp, 665c1d255d3SCy Schubert const u8 *hash); 6664bc52338SCy Schubert int dpp_configurator_add(struct dpp_global *dpp, const char *cmd); 6674bc52338SCy Schubert int dpp_configurator_remove(struct dpp_global *dpp, const char *id); 6684bc52338SCy Schubert int dpp_configurator_get_key_id(struct dpp_global *dpp, unsigned int id, 6694bc52338SCy Schubert char *buf, size_t buflen); 670c1d255d3SCy Schubert int dpp_configurator_from_backup(struct dpp_global *dpp, 671c1d255d3SCy Schubert struct dpp_asymmetric_key *key); 672c1d255d3SCy Schubert struct dpp_configurator * dpp_configurator_find_kid(struct dpp_global *dpp, 673c1d255d3SCy Schubert const u8 *kid); 674206b73d0SCy Schubert int dpp_relay_add_controller(struct dpp_global *dpp, 675206b73d0SCy Schubert struct dpp_relay_config *config); 676206b73d0SCy Schubert int dpp_relay_rx_action(struct dpp_global *dpp, const u8 *src, const u8 *hdr, 677206b73d0SCy Schubert const u8 *buf, size_t len, unsigned int freq, 678c1d255d3SCy Schubert const u8 *i_bootstrap, const u8 *r_bootstrap, 679c1d255d3SCy Schubert void *cb_ctx); 680206b73d0SCy Schubert int dpp_relay_rx_gas_req(struct dpp_global *dpp, const u8 *src, const u8 *data, 681206b73d0SCy Schubert size_t data_len); 682206b73d0SCy Schubert int dpp_controller_start(struct dpp_global *dpp, 683206b73d0SCy Schubert struct dpp_controller_config *config); 684206b73d0SCy Schubert void dpp_controller_stop(struct dpp_global *dpp); 6854b72b91aSCy Schubert void dpp_controller_stop_for_ctx(struct dpp_global *dpp, void *cb_ctx); 686c1d255d3SCy Schubert struct dpp_authentication * dpp_controller_get_auth(struct dpp_global *dpp, 687c1d255d3SCy Schubert unsigned int id); 688c1d255d3SCy Schubert void dpp_controller_new_qr_code(struct dpp_global *dpp, 689c1d255d3SCy Schubert struct dpp_bootstrap_info *bi); 690206b73d0SCy Schubert int dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth, 691c1d255d3SCy Schubert const struct hostapd_ip_addr *addr, int port, 692c1d255d3SCy Schubert const char *name, enum dpp_netrole netrole, void *msg_ctx, 693c1d255d3SCy Schubert void *cb_ctx, 694c1d255d3SCy Schubert int (*process_conf_obj)(void *ctx, 695c1d255d3SCy Schubert struct dpp_authentication *auth)); 696c1d255d3SCy Schubert 697c1d255d3SCy Schubert struct wpabuf * dpp_build_presence_announcement(struct dpp_bootstrap_info *bi); 698c1d255d3SCy Schubert void dpp_notify_chirp_received(void *msg_ctx, int id, const u8 *src, 699c1d255d3SCy Schubert unsigned int freq, const u8 *hash); 700206b73d0SCy Schubert 701206b73d0SCy Schubert struct dpp_global_config { 702206b73d0SCy Schubert void *cb_ctx; 703c1d255d3SCy Schubert void (*remove_bi)(void *ctx, struct dpp_bootstrap_info *bi); 704206b73d0SCy Schubert }; 705206b73d0SCy Schubert 706206b73d0SCy Schubert struct dpp_global * dpp_global_init(struct dpp_global_config *config); 7074bc52338SCy Schubert void dpp_global_clear(struct dpp_global *dpp); 7084bc52338SCy Schubert void dpp_global_deinit(struct dpp_global *dpp); 7094bc52338SCy Schubert 710c1d255d3SCy Schubert /* dpp_reconfig.c */ 711c1d255d3SCy Schubert 712c1d255d3SCy Schubert struct wpabuf * dpp_build_reconfig_announcement(const u8 *csign_key, 713c1d255d3SCy Schubert size_t csign_key_len, 714c1d255d3SCy Schubert const u8 *net_access_key, 715c1d255d3SCy Schubert size_t net_access_key_len, 716c1d255d3SCy Schubert struct dpp_reconfig_id *id); 717c1d255d3SCy Schubert struct dpp_authentication * 718c1d255d3SCy Schubert dpp_reconfig_init(struct dpp_global *dpp, void *msg_ctx, 719c1d255d3SCy Schubert struct dpp_configurator *conf, unsigned int freq, u16 group, 720c1d255d3SCy Schubert const u8 *a_nonce_attr, size_t a_nonce_len, 721c1d255d3SCy Schubert const u8 *e_id_attr, size_t e_id_len); 722c1d255d3SCy Schubert struct dpp_authentication * 723c1d255d3SCy Schubert dpp_reconfig_auth_req_rx(struct dpp_global *dpp, void *msg_ctx, 724c1d255d3SCy Schubert const char *own_connector, 725c1d255d3SCy Schubert const u8 *net_access_key, size_t net_access_key_len, 726c1d255d3SCy Schubert const u8 *csign_key, size_t csign_key_len, 727c1d255d3SCy Schubert unsigned int freq, const u8 *hdr, 728c1d255d3SCy Schubert const u8 *attr_start, size_t attr_len); 729c1d255d3SCy Schubert struct wpabuf * 730c1d255d3SCy Schubert dpp_reconfig_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr, 731c1d255d3SCy Schubert const u8 *attr_start, size_t attr_len); 732c1d255d3SCy Schubert int dpp_reconfig_auth_conf_rx(struct dpp_authentication *auth, const u8 *hdr, 733c1d255d3SCy Schubert const u8 *attr_start, size_t attr_len); 734c1d255d3SCy Schubert 735c1d255d3SCy Schubert struct dpp_reconfig_id * dpp_gen_reconfig_id(const u8 *csign_key, 736c1d255d3SCy Schubert size_t csign_key_len, 737c1d255d3SCy Schubert const u8 *pp_key, 738c1d255d3SCy Schubert size_t pp_key_len); 739c1d255d3SCy Schubert int dpp_update_reconfig_id(struct dpp_reconfig_id *id); 740c1d255d3SCy Schubert void dpp_free_reconfig_id(struct dpp_reconfig_id *id); 741c1d255d3SCy Schubert 7424bc52338SCy Schubert #endif /* CONFIG_DPP */ 74385732ac8SCy Schubert #endif /* DPP_H */ 744