1c1d255d3SCy Schubert /* 2c1d255d3SCy Schubert * DPP module internal definitions 3c1d255d3SCy Schubert * Copyright (c) 2017, Qualcomm Atheros, Inc. 4c1d255d3SCy Schubert * Copyright (c) 2018-2020, The Linux Foundation 5c1d255d3SCy Schubert * 6c1d255d3SCy Schubert * This software may be distributed under the terms of the BSD license. 7c1d255d3SCy Schubert * See README for more details. 8c1d255d3SCy Schubert */ 9c1d255d3SCy Schubert 10c1d255d3SCy Schubert #ifndef DPP_I_H 11c1d255d3SCy Schubert #define DPP_I_H 12c1d255d3SCy Schubert 13c1d255d3SCy Schubert #ifdef CONFIG_DPP 14c1d255d3SCy Schubert 15c1d255d3SCy Schubert struct dpp_global { 16c1d255d3SCy Schubert void *msg_ctx; 17c1d255d3SCy Schubert struct dl_list bootstrap; /* struct dpp_bootstrap_info */ 18c1d255d3SCy Schubert struct dl_list configurator; /* struct dpp_configurator */ 19c1d255d3SCy Schubert #ifdef CONFIG_DPP2 20c1d255d3SCy Schubert struct dl_list controllers; /* struct dpp_relay_controller */ 21c1d255d3SCy Schubert struct dpp_controller *controller; 22c1d255d3SCy Schubert struct dl_list tcp_init; /* struct dpp_connection */ 23c1d255d3SCy Schubert void *cb_ctx; 24c1d255d3SCy Schubert int (*process_conf_obj)(void *ctx, struct dpp_authentication *auth); 25c1d255d3SCy Schubert void (*remove_bi)(void *ctx, struct dpp_bootstrap_info *bi); 26c1d255d3SCy Schubert #endif /* CONFIG_DPP2 */ 27c1d255d3SCy Schubert }; 28c1d255d3SCy Schubert 29c1d255d3SCy Schubert /* dpp.c */ 30c1d255d3SCy Schubert 31c1d255d3SCy Schubert void dpp_build_attr_status(struct wpabuf *msg, enum dpp_status_error status); 32c1d255d3SCy Schubert void dpp_build_attr_r_bootstrap_key_hash(struct wpabuf *msg, const u8 *hash); 33c1d255d3SCy Schubert unsigned int dpp_next_id(struct dpp_global *dpp); 34c1d255d3SCy Schubert struct wpabuf * dpp_build_conn_status(enum dpp_status_error result, 35c1d255d3SCy Schubert const u8 *ssid, size_t ssid_len, 36c1d255d3SCy Schubert const char *channel_list); 37c1d255d3SCy Schubert struct json_token * dpp_parse_own_connector(const char *own_connector); 38c1d255d3SCy Schubert int dpp_connector_match_groups(struct json_token *own_root, 39c1d255d3SCy Schubert struct json_token *peer_root, bool reconfig); 404b72b91aSCy Schubert int dpp_build_jwk(struct wpabuf *buf, const char *name, 414b72b91aSCy Schubert struct crypto_ec_key *key, const char *kid, 424b72b91aSCy Schubert const struct dpp_curve_params *curve); 434b72b91aSCy Schubert struct crypto_ec_key * dpp_parse_jwk(struct json_token *jwk, 44c1d255d3SCy Schubert const struct dpp_curve_params **key_curve); 45c1d255d3SCy Schubert int dpp_prepare_channel_list(struct dpp_authentication *auth, 46c1d255d3SCy Schubert unsigned int neg_freq, 47c1d255d3SCy Schubert struct hostapd_hw_modes *own_modes, u16 num_modes); 48c1d255d3SCy Schubert void dpp_auth_fail(struct dpp_authentication *auth, const char *txt); 49c1d255d3SCy Schubert int dpp_gen_uri(struct dpp_bootstrap_info *bi); 50c1d255d3SCy Schubert void dpp_write_adv_proto(struct wpabuf *buf); 51c1d255d3SCy Schubert void dpp_write_gas_query(struct wpabuf *buf, struct wpabuf *query); 52c1d255d3SCy Schubert 53c1d255d3SCy Schubert /* dpp_backup.c */ 54c1d255d3SCy Schubert 55c1d255d3SCy Schubert void dpp_free_asymmetric_key(struct dpp_asymmetric_key *key); 56c1d255d3SCy Schubert struct wpabuf * dpp_build_enveloped_data(struct dpp_authentication *auth); 57c1d255d3SCy Schubert int dpp_conf_resp_env_data(struct dpp_authentication *auth, 58c1d255d3SCy Schubert const u8 *env_data, size_t env_data_len); 59c1d255d3SCy Schubert 60c1d255d3SCy Schubert /* dpp_crypto.c */ 61c1d255d3SCy Schubert 62c1d255d3SCy Schubert struct dpp_signed_connector_info { 63c1d255d3SCy Schubert unsigned char *payload; 64c1d255d3SCy Schubert size_t payload_len; 65c1d255d3SCy Schubert }; 66c1d255d3SCy Schubert 67c1d255d3SCy Schubert enum dpp_status_error 68c1d255d3SCy Schubert dpp_process_signed_connector(struct dpp_signed_connector_info *info, 694b72b91aSCy Schubert struct crypto_ec_key *csign_pub, 704b72b91aSCy Schubert const char *connector); 71c1d255d3SCy Schubert enum dpp_status_error 72c1d255d3SCy Schubert dpp_check_signed_connector(struct dpp_signed_connector_info *info, 73c1d255d3SCy Schubert const u8 *csign_key, size_t csign_key_len, 74c1d255d3SCy Schubert const u8 *peer_connector, size_t peer_connector_len); 75c1d255d3SCy Schubert const struct dpp_curve_params * dpp_get_curve_name(const char *name); 76c1d255d3SCy Schubert const struct dpp_curve_params * dpp_get_curve_jwk_crv(const char *name); 77c1d255d3SCy Schubert const struct dpp_curve_params * dpp_get_curve_ike_group(u16 group); 78c1d255d3SCy Schubert int dpp_bi_pubkey_hash(struct dpp_bootstrap_info *bi, 79c1d255d3SCy Schubert const u8 *data, size_t data_len); 804b72b91aSCy Schubert struct crypto_ec_key * dpp_set_pubkey_point(struct crypto_ec_key *group_key, 814b72b91aSCy Schubert const u8 *buf, size_t len); 82c1d255d3SCy Schubert int dpp_hkdf_expand(size_t hash_len, const u8 *secret, size_t secret_len, 83c1d255d3SCy Schubert const char *label, u8 *out, size_t outlen); 84c1d255d3SCy Schubert int dpp_hmac_vector(size_t hash_len, const u8 *key, size_t key_len, 85c1d255d3SCy Schubert size_t num_elem, const u8 *addr[], const size_t *len, 86c1d255d3SCy Schubert u8 *mac); 874b72b91aSCy Schubert int dpp_ecdh(struct crypto_ec_key *own, struct crypto_ec_key *peer, 884b72b91aSCy Schubert u8 *secret, size_t *secret_len); 894b72b91aSCy Schubert void dpp_debug_print_key(const char *title, struct crypto_ec_key *key); 90c1d255d3SCy Schubert int dpp_pbkdf2(size_t hash_len, const u8 *password, size_t password_len, 91c1d255d3SCy Schubert const u8 *salt, size_t salt_len, unsigned int iterations, 92c1d255d3SCy Schubert u8 *buf, size_t buflen); 93c1d255d3SCy Schubert int dpp_get_subject_public_key(struct dpp_bootstrap_info *bi, 94c1d255d3SCy Schubert const u8 *data, size_t data_len); 95c1d255d3SCy Schubert int dpp_bootstrap_key_hash(struct dpp_bootstrap_info *bi); 96c1d255d3SCy Schubert int dpp_keygen(struct dpp_bootstrap_info *bi, const char *curve, 97c1d255d3SCy Schubert const u8 *privkey, size_t privkey_len); 984b72b91aSCy Schubert struct crypto_ec_key * dpp_set_keypair(const struct dpp_curve_params **curve, 99c1d255d3SCy Schubert const u8 *privkey, size_t privkey_len); 1004b72b91aSCy Schubert struct crypto_ec_key * dpp_gen_keypair(const struct dpp_curve_params *curve); 101c1d255d3SCy Schubert int dpp_derive_k1(const u8 *Mx, size_t Mx_len, u8 *k1, unsigned int hash_len); 102c1d255d3SCy Schubert int dpp_derive_k2(const u8 *Nx, size_t Nx_len, u8 *k2, unsigned int hash_len); 103c1d255d3SCy Schubert int dpp_derive_bk_ke(struct dpp_authentication *auth); 104c1d255d3SCy Schubert int dpp_gen_r_auth(struct dpp_authentication *auth, u8 *r_auth); 105c1d255d3SCy Schubert int dpp_gen_i_auth(struct dpp_authentication *auth, u8 *i_auth); 106c1d255d3SCy Schubert int dpp_auth_derive_l_responder(struct dpp_authentication *auth); 107c1d255d3SCy Schubert int dpp_auth_derive_l_initiator(struct dpp_authentication *auth); 108c1d255d3SCy Schubert int dpp_derive_pmk(const u8 *Nx, size_t Nx_len, u8 *pmk, unsigned int hash_len); 109c1d255d3SCy Schubert int dpp_derive_pmkid(const struct dpp_curve_params *curve, 1104b72b91aSCy Schubert struct crypto_ec_key *own_key, 1114b72b91aSCy Schubert struct crypto_ec_key *peer_key, u8 *pmkid); 1124b72b91aSCy Schubert struct crypto_ec_point * 1134b72b91aSCy Schubert dpp_pkex_derive_Qi(const struct dpp_curve_params *curve, const u8 *mac_init, 1144b72b91aSCy Schubert const char *code, const char *identifier, 1154b72b91aSCy Schubert struct crypto_ec **ret_ec); 1164b72b91aSCy Schubert struct crypto_ec_point * 1174b72b91aSCy Schubert dpp_pkex_derive_Qr(const struct dpp_curve_params *curve, const u8 *mac_resp, 1184b72b91aSCy Schubert const char *code, const char *identifier, 1194b72b91aSCy Schubert struct crypto_ec **ret_ec); 120c1d255d3SCy Schubert int dpp_pkex_derive_z(const u8 *mac_init, const u8 *mac_resp, 121*32a95656SCy Schubert u8 ver_init, u8 ver_resp, 122c1d255d3SCy Schubert const u8 *Mx, size_t Mx_len, 123c1d255d3SCy Schubert const u8 *Nx, size_t Nx_len, 124c1d255d3SCy Schubert const char *code, 125c1d255d3SCy Schubert const u8 *Kx, size_t Kx_len, 126c1d255d3SCy Schubert u8 *z, unsigned int hash_len); 127c1d255d3SCy Schubert int dpp_reconfig_derive_ke_responder(struct dpp_authentication *auth, 128c1d255d3SCy Schubert const u8 *net_access_key, 129c1d255d3SCy Schubert size_t net_access_key_len, 130c1d255d3SCy Schubert struct json_token *peer_net_access_key); 131c1d255d3SCy Schubert int dpp_reconfig_derive_ke_initiator(struct dpp_authentication *auth, 132c1d255d3SCy Schubert const u8 *r_proto, u16 r_proto_len, 133c1d255d3SCy Schubert struct json_token *net_access_key); 1344b72b91aSCy Schubert struct crypto_ec_point * dpp_decrypt_e_id(struct crypto_ec_key *ppkey, 1354b72b91aSCy Schubert struct crypto_ec_key *a_nonce, 1364b72b91aSCy Schubert struct crypto_ec_key *e_prime_id); 137c1d255d3SCy Schubert char * dpp_sign_connector(struct dpp_configurator *conf, 138c1d255d3SCy Schubert const struct wpabuf *dppcon); 139c1d255d3SCy Schubert int dpp_test_gen_invalid_key(struct wpabuf *msg, 140c1d255d3SCy Schubert const struct dpp_curve_params *curve); 141c1d255d3SCy Schubert 142c1d255d3SCy Schubert struct dpp_reconfig_id { 1434b72b91aSCy Schubert struct crypto_ec *ec; 1444b72b91aSCy Schubert struct crypto_ec_point *e_id; /* E-id */ 1454b72b91aSCy Schubert struct crypto_ec_key *csign; 1464b72b91aSCy Schubert struct crypto_ec_key *a_nonce; /* A-NONCE */ 1474b72b91aSCy Schubert struct crypto_ec_key *e_prime_id; /* E'-id */ 1484b72b91aSCy Schubert struct crypto_ec_key *pp_key; 149c1d255d3SCy Schubert }; 150c1d255d3SCy Schubert 151c1d255d3SCy Schubert /* dpp_tcp.c */ 152c1d255d3SCy Schubert 153c1d255d3SCy Schubert void dpp_controller_conn_status_result_wait_timeout(void *eloop_ctx, 154c1d255d3SCy Schubert void *timeout_ctx); 155c1d255d3SCy Schubert void dpp_tcp_init_flush(struct dpp_global *dpp); 156c1d255d3SCy Schubert void dpp_relay_flush_controllers(struct dpp_global *dpp); 157c1d255d3SCy Schubert 158c1d255d3SCy Schubert #endif /* CONFIG_DPP */ 159c1d255d3SCy Schubert #endif /* DPP_I_H */ 160