xref: /onnv-gate/usr/src/cmd/cmd-inet/usr.lib/wpad/wpa_impl.h (revision 8453:15fa4bb77d8c)
14126Szf162725 /*
25895Syz147064  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
34126Szf162725  * Use is subject to license terms.
44126Szf162725  */
54126Szf162725 
64126Szf162725 /*
74126Szf162725  * Copyright (c) 2003-2004, Jouni Malinen <jkmaline@cc.hut.fi>
84126Szf162725  * Sun elects to license this software under the BSD license.
94126Szf162725  * See README for more details.
104126Szf162725  */
114126Szf162725 #ifndef __WPA_IMPL_H
124126Szf162725 #define	__WPA_IMPL_H
134126Szf162725 
144126Szf162725 #include <net/wpa.h>
155895Syz147064 #include <libdladm.h>
166411Szf162725 #include <libdllink.h>
174126Szf162725 
184126Szf162725 #ifdef	__cplusplus
194126Szf162725 extern "C" {
204126Szf162725 #endif
214126Szf162725 
224126Szf162725 #define	BIT(n)			(1 << (n))
234126Szf162725 
244126Szf162725 #define	WPA_CIPHER_NONE		BIT(0)
254126Szf162725 #define	WPA_CIPHER_WEP40	BIT(1)
264126Szf162725 #define	WPA_CIPHER_WEP104	BIT(2)
274126Szf162725 #define	WPA_CIPHER_TKIP		BIT(3)
284126Szf162725 #define	WPA_CIPHER_CCMP		BIT(4)
294126Szf162725 
304126Szf162725 #define	WPA_KEY_MGMT_IEEE8021X	BIT(0)
314126Szf162725 #define	WPA_KEY_MGMT_PSK	BIT(1)
324126Szf162725 #define	WPA_KEY_MGMT_NONE	BIT(2)
334126Szf162725 #define	WPA_KEY_MGMT_IEEE8021X_NO_WPA	BIT(3)
344126Szf162725 
354126Szf162725 #define	WPA_PROTO_WPA		BIT(0)
364126Szf162725 #define	WPA_PROTO_RSN		BIT(1)
374126Szf162725 
384126Szf162725 #pragma pack(1)
394126Szf162725 struct ieee802_1x_hdr {
404126Szf162725 	uint8_t		version;
414126Szf162725 	uint8_t		type;
424126Szf162725 	uint16_t	length;
434126Szf162725 	/* followed by length octets of data */
444126Szf162725 };
454126Szf162725 #pragma pack()
464126Szf162725 
474126Szf162725 #define	EAPOL_VERSION	2
484126Szf162725 
494126Szf162725 enum {	IEEE802_1X_TYPE_EAP_PACKET	= 0,
504126Szf162725 	IEEE802_1X_TYPE_EAPOL_START	= 1,
514126Szf162725 	IEEE802_1X_TYPE_EAPOL_LOGOFF	= 2,
524126Szf162725 	IEEE802_1X_TYPE_EAPOL_KEY	= 3,
534126Szf162725 	IEEE802_1X_TYPE_EAPOL_ENCAPSULATED_ASF_ALERT	= 4
544126Szf162725 };
554126Szf162725 
564126Szf162725 enum {	EAPOL_KEY_TYPE_RC4 = 1,
574126Szf162725 	EAPOL_KEY_TYPE_RSN = 2,
584126Szf162725 	EAPOL_KEY_TYPE_WPA = 254
594126Szf162725 };
604126Szf162725 
614126Szf162725 #define	WPA_NONCE_LEN		32
624126Szf162725 #define	WPA_REPLAY_COUNTER_LEN	8
634126Szf162725 #define	MAX_PSK_LENGTH		64
644126Szf162725 #define	WPA_PMK_LEN		32
654126Szf162725 
664126Szf162725 #pragma pack(1)
674126Szf162725 struct wpa_eapol_key {
684126Szf162725 	uint8_t		type;
694126Szf162725 	uint16_t	key_info;
704126Szf162725 	uint16_t	key_length;
714126Szf162725 	uint8_t		replay_counter[WPA_REPLAY_COUNTER_LEN];
724126Szf162725 	uint8_t		key_nonce[WPA_NONCE_LEN];
734126Szf162725 	uint8_t		key_iv[16];
744126Szf162725 	uint8_t		key_rsc[8];
754126Szf162725 	uint8_t		key_id[8]; /* Reserved in IEEE 802.11i/RSN */
764126Szf162725 	uint8_t		key_mic[16];
774126Szf162725 	uint16_t	key_data_length;
784126Szf162725 	/* followed by key_data_length bytes of key_data */
794126Szf162725 };
804126Szf162725 #pragma pack()
814126Szf162725 
824126Szf162725 #define	WPA_KEY_INFO_TYPE_MASK		(BIT(0) | BIT(1) | BIT(2))
834126Szf162725 #define	WPA_KEY_INFO_TYPE_HMAC_MD5_RC4	BIT(0)
844126Szf162725 #define	WPA_KEY_INFO_TYPE_HMAC_SHA1_AES	BIT(1)
854126Szf162725 #define	WPA_KEY_INFO_KEY_TYPE		BIT(3) /* 1: Pairwise, 0: Group key */
864126Szf162725 /* bit4..5 is used in WPA, but is reserved in IEEE 802.11i/RSN */
874126Szf162725 #define	WPA_KEY_INFO_KEY_INDEX_MASK	(BIT(4) | BIT(5))
884126Szf162725 #define	WPA_KEY_INFO_KEY_INDEX_SHIFT	4
894126Szf162725 #define	WPA_KEY_INFO_INSTALL		BIT(6) /* pairwise */
904126Szf162725 #define	WPA_KEY_INFO_TXRX		BIT(6) /* group */
914126Szf162725 #define	WPA_KEY_INFO_ACK		BIT(7)
924126Szf162725 #define	WPA_KEY_INFO_MIC		BIT(8)
934126Szf162725 #define	WPA_KEY_INFO_SECURE		BIT(9)
944126Szf162725 #define	WPA_KEY_INFO_ERROR		BIT(10)
954126Szf162725 #define	WPA_KEY_INFO_REQUEST		BIT(11)
964126Szf162725 #define	WPA_KEY_INFO_ENCR_KEY_DATA	BIT(12) /* IEEE 802.11i/RSN only */
974126Szf162725 
984126Szf162725 #define	WPA_CAPABILITY_PREAUTH		BIT(0)
994126Szf162725 
1004126Szf162725 #define	GENERIC_INFO_ELEM		0xdd
1014126Szf162725 #define	RSN_INFO_ELEM			0x30
1024126Szf162725 
1034126Szf162725 #define	MAX_LOGBUF			4096
1044126Szf162725 #define	MAX_SCANRESULTS			64
1054126Szf162725 
1064126Szf162725 enum {
1074126Szf162725 	REASON_UNSPECIFIED			= 1,
1084126Szf162725 	REASON_DEAUTH_LEAVING			= 3,
1094126Szf162725 	REASON_INVALID_IE			= 13,
1104126Szf162725 	REASON_MICHAEL_MIC_FAILURE		= 14,
1114126Szf162725 	REASON_4WAY_HANDSHAKE_TIMEOUT		= 15,
1124126Szf162725 	REASON_GROUP_KEY_UPDATE_TIMEOUT		= 16,
1134126Szf162725 	REASON_IE_IN_4WAY_DIFFERS		= 17,
1144126Szf162725 	REASON_GROUP_CIPHER_NOT_VALID		= 18,
1154126Szf162725 	REASON_PAIRWISE_CIPHER_NOT_VALID	= 19,
1164126Szf162725 	REASON_AKMP_NOT_VALID			= 20,
1174126Szf162725 	REASON_UNSUPPORTED_RSN_IE_VERSION	= 21,
1184126Szf162725 	REASON_INVALID_RSN_IE_CAPAB		= 22,
1194126Szf162725 	REASON_IEEE_802_1X_AUTH_FAILED		= 23,
1204126Szf162725 	REASON_CIPHER_SUITE_REJECTED		= 24
1214126Szf162725 };
1224126Szf162725 
1234126Szf162725 /*
1244126Szf162725  * wpa_supplicant
1254126Szf162725  */
1264126Szf162725 #define	PMKID_LEN 			16
1274126Szf162725 #define	PMK_LEN				32
1284126Szf162725 
1294126Szf162725 #define	MAC2STR(a) (a)[0], (a)[1], (a)[2], (a)[3], (a)[4], (a)[5]
1304126Szf162725 #define	MACSTR "%02x:%02x:%02x:%02x:%02x:%02x"
1314126Szf162725 
1324126Szf162725 struct rsn_pmksa_cache {
1334126Szf162725 	struct rsn_pmksa_cache	*next;
1344126Szf162725 	uint8_t			pmkid[PMKID_LEN];
1354126Szf162725 	uint8_t			pmk[PMK_LEN];
1364126Szf162725 	time_t			expiration;
1374126Szf162725 	int			akmp; /* WPA_KEY_MGMT_* */
1384126Szf162725 	uint8_t			aa[IEEE80211_ADDR_LEN];
1394126Szf162725 };
1404126Szf162725 
1414126Szf162725 struct rsn_pmksa_candidate {
1424126Szf162725 	struct rsn_pmksa_candidate *next;
1434126Szf162725 	uint8_t			bssid[IEEE80211_ADDR_LEN];
1444126Szf162725 };
1454126Szf162725 
1464126Szf162725 
1474126Szf162725 #pragma pack(1)
1484126Szf162725 struct wpa_ptk {
1494126Szf162725 	uint8_t mic_key[16]; /* EAPOL-Key MIC Key (MK) */
1504126Szf162725 	uint8_t encr_key[16]; /* EAPOL-Key Encryption Key (EK) */
1514126Szf162725 	uint8_t tk1[16]; /* Temporal Key 1 (TK1) */
1524126Szf162725 	union {
1534126Szf162725 		uint8_t tk2[16]; /* Temporal Key 2 (TK2) */
1544126Szf162725 		struct {
1554126Szf162725 			uint8_t tx_mic_key[8];
1564126Szf162725 			uint8_t rx_mic_key[8];
1574126Szf162725 		} auth;
1584126Szf162725 	} u;
1594126Szf162725 };
1604126Szf162725 #pragma pack()
1614126Szf162725 
1624126Szf162725 
1634126Szf162725 struct wpa_supplicant {
1644126Szf162725 	struct l2_packet_data	*l2;
1654126Szf162725 	unsigned char		own_addr[IEEE80211_ADDR_LEN];
1664126Szf162725 
167*8453SAnurag.Maskey@Sun.COM 	/* The handle required for libdladm calls */
168*8453SAnurag.Maskey@Sun.COM 	dladm_handle_t		handle;
169*8453SAnurag.Maskey@Sun.COM 
1705895Syz147064 	datalink_id_t		linkid;
1716411Szf162725 	char			kname[DLADM_SECOBJ_NAME_MAX];
1724126Szf162725 
1734126Szf162725 	uint8_t			pmk[PMK_LEN];
1744126Szf162725 
1754126Szf162725 	uint8_t			snonce[WPA_NONCE_LEN];
1764126Szf162725 	uint8_t			anonce[WPA_NONCE_LEN];
1774126Szf162725 	/* ANonce from the last 1/4 msg */
1784126Szf162725 
1794126Szf162725 	struct wpa_ptk		ptk, tptk;
1804126Szf162725 	int			ptk_set, tptk_set;
1814126Szf162725 	int			renew_snonce;
1824126Szf162725 
1834126Szf162725 	struct wpa_config	*conf;
1844126Szf162725 
1854126Szf162725 	uint8_t			request_counter[WPA_REPLAY_COUNTER_LEN];
1864126Szf162725 	uint8_t			rx_replay_counter[WPA_REPLAY_COUNTER_LEN];
1874126Szf162725 	int			rx_replay_counter_set;
1884126Szf162725 
1894126Szf162725 	uint8_t			bssid[IEEE80211_ADDR_LEN];
1904126Szf162725 	int			reassociate; /* reassociation requested */
1914126Szf162725 
1924126Szf162725 	uint8_t			*ap_wpa_ie;
1934126Szf162725 	size_t			ap_wpa_ie_len;
1944126Szf162725 
1954126Szf162725 	/*
1964126Szf162725 	 * Selected configuration
1974126Szf162725 	 * based on Beacon/ProbeResp WPA IE
1984126Szf162725 	 */
1994126Szf162725 	int			proto;
2004126Szf162725 	int 			pairwise_cipher;
2014126Szf162725 	int 			group_cipher;
2024126Szf162725 	int			key_mgmt;
2034126Szf162725 
2044126Szf162725 	struct wpa_driver_ops	*driver;
2054126Szf162725 
2064126Szf162725 	enum {
2074126Szf162725 		WPA_DISCONNECTED,
2084126Szf162725 		WPA_SCANNING,
2094126Szf162725 		WPA_ASSOCIATING,
2104126Szf162725 		WPA_ASSOCIATED,
2114126Szf162725 		WPA_4WAY_HANDSHAKE,
2124126Szf162725 		WPA_GROUP_HANDSHAKE,
2134126Szf162725 		WPA_COMPLETED
2144126Szf162725 	} wpa_state;
2154126Szf162725 
2164126Szf162725 	struct rsn_pmksa_cache	*pmksa; /* PMKSA cache */
2174126Szf162725 	int	pmksa_count; /* number of entries in PMKSA cache */
2184126Szf162725 	struct rsn_pmksa_cache	*cur_pmksa; /* current PMKSA entry */
2194126Szf162725 	struct rsn_pmksa_candidate	*pmksa_candidates;
2204126Szf162725 
2214126Szf162725 	/*
2224126Szf162725 	 * number of EAPOL packets received after the
2234126Szf162725 	 * previous association event
2244126Szf162725 	 */
2254126Szf162725 	int			eapol_received;
2264126Szf162725 };
2274126Szf162725 
2284126Szf162725 struct wpa_ie_data {
2294126Szf162725 	int	proto;
2304126Szf162725 	int	pairwise_cipher;
2314126Szf162725 	int	group_cipher;
2324126Szf162725 	int	key_mgmt;
2334126Szf162725 	int	capabilities;
2344126Szf162725 };
2354126Szf162725 
2364126Szf162725 /* WPA configuration */
2374126Szf162725 struct wpa_ssid {
2384126Szf162725 	uint8_t	*ssid;
2394126Szf162725 	size_t	ssid_len;
2404126Szf162725 
2414126Szf162725 	uint8_t	bssid[IEEE80211_ADDR_LEN];
2424126Szf162725 	int	bssid_set;
2434126Szf162725 
2444126Szf162725 	uint8_t	psk[PMK_LEN];
2454126Szf162725 	int	psk_set;
2464126Szf162725 	char	*passphrase;
2474126Szf162725 
2484126Szf162725 	/* Bitfields of allowed Pairwise/Group Ciphers, WPA_CIPHER_* */
2494126Szf162725 	int	pairwise_cipher;
2504126Szf162725 	int	group_cipher;
2514126Szf162725 
2524126Szf162725 	int	key_mgmt;
2534126Szf162725 	int	proto; /* Bitfield of allowed protocols (WPA_PROTO_*) */
2544126Szf162725 };
2554126Szf162725 
2564126Szf162725 struct wpa_config {
2574126Szf162725 	struct wpa_ssid *ssid; /* global network list */
2584126Szf162725 	int eapol_version;
2594126Szf162725 	/* int ap_scan; */
2604126Szf162725 };
2614126Szf162725 
2624126Szf162725 struct wpa_config *wpa_config_read(void *);
2634126Szf162725 void wpa_config_free(struct wpa_config *);
2644126Szf162725 
2654126Szf162725 /*
2664126Szf162725  * Debugging function - conditional printf and hex dump.
2674126Szf162725  * Driver wrappers can use these for debugging purposes.
2684126Szf162725  */
2694126Szf162725 enum { MSG_MSGDUMP, MSG_DEBUG, MSG_INFO, MSG_WARNING, MSG_ERROR };
2704126Szf162725 
2714126Szf162725 void wpa_printf(int, char *, ...);
2724126Szf162725 void wpa_hexdump(int, const char *, const uint8_t *, size_t);
2734126Szf162725 
2744126Szf162725 void wpa_event_handler(void *, wpa_event_type);
2754126Szf162725 void wpa_supplicant_rx_eapol(void *, unsigned char *, unsigned char *, size_t);
2764126Szf162725 
2774126Szf162725 void wpa_supplicant_scan(void *, void *);
2784126Szf162725 void wpa_supplicant_req_scan(struct wpa_supplicant *, int, int);
2794126Szf162725 
2804126Szf162725 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *, int, int);
2814126Szf162725 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *);
2824126Szf162725 void wpa_supplicant_disassociate(struct wpa_supplicant *, int);
2834126Szf162725 
2844126Szf162725 void pmksa_cache_free(struct wpa_supplicant *);
2854126Szf162725 void pmksa_candidate_free(struct wpa_supplicant *);
2864126Szf162725 struct rsn_pmksa_cache *pmksa_cache_get(struct wpa_supplicant *,
2874126Szf162725     uint8_t *, uint8_t *);
2884126Szf162725 
2894126Szf162725 int wpa_parse_wpa_ie(struct wpa_supplicant *, uint8_t *,
2904126Szf162725 	size_t, struct wpa_ie_data *);
2914126Szf162725 int wpa_gen_wpa_ie(struct wpa_supplicant *, uint8_t *);
2924126Szf162725 
2934126Szf162725 #ifdef __cplusplus
2944126Szf162725 }
2954126Szf162725 #endif
2964126Szf162725 
2974126Szf162725 #endif /* __WPA_IMPL_H */
298