1 /*
2  * wpa_supplicant - PASN processing
3  *
4  * Copyright (C) 2019 Intel Corporation
5  *
6  * This software may be distributed under the terms of the BSD license.
7  * See README for more details.
8  */
9 
10 #include "includes.h"
11 
12 #include "common/ieee802_11_defs.h"
13 #include "common/ieee802_11_common.h"
14 #include "common/dragonfly.h"
15 #include "common/ptksa_cache.h"
16 #include "utils/eloop.h"
17 #include "drivers/driver.h"
18 #include "crypto/crypto.h"
19 #include "crypto/random.h"
20 #include "eap_common/eap_defs.h"
21 #include "rsn_supp/wpa.h"
22 #include "rsn_supp/pmksa_cache.h"
23 #include "wpa_supplicant_i.h"
24 #include "driver_i.h"
25 #include "bss.h"
26 #include "scan.h"
27 #include "config.h"
28 
29 static const int dot11RSNAConfigPMKLifetime = 43200;
30 
31 struct wpa_pasn_auth_work {
32           u8 own_addr[ETH_ALEN];
33           u8 peer_addr[ETH_ALEN];
34           int akmp;
35           int cipher;
36           u16 group;
37           int network_id;
38           struct wpabuf *comeback;
39 };
40 
41 
wpas_pasn_send_mlme(void * ctx,const u8 * data,size_t data_len,int noack,unsigned int freq,unsigned int wait)42 static int wpas_pasn_send_mlme(void *ctx, const u8 *data, size_t data_len,
43                                      int noack, unsigned int freq, unsigned int wait)
44 {
45           struct wpa_supplicant *wpa_s = ctx;
46 
47           return wpa_drv_send_mlme(wpa_s, data, data_len, noack, freq, wait);
48 }
49 
50 
wpas_pasn_free_auth_work(struct wpa_pasn_auth_work * awork)51 static void wpas_pasn_free_auth_work(struct wpa_pasn_auth_work *awork)
52 {
53           wpabuf_free(awork->comeback);
54           awork->comeback = NULL;
55           os_free(awork);
56 }
57 
58 
wpas_pasn_auth_work_timeout(void * eloop_ctx,void * timeout_ctx)59 static void wpas_pasn_auth_work_timeout(void *eloop_ctx, void *timeout_ctx)
60 {
61           struct wpa_supplicant *wpa_s = eloop_ctx;
62 
63           wpa_printf(MSG_DEBUG, "PASN: Auth work timeout - stopping auth");
64 
65           wpas_pasn_auth_stop(wpa_s);
66 
67           wpas_pasn_auth_work_done(wpa_s, PASN_STATUS_FAILURE);
68 }
69 
70 
wpas_pasn_cancel_auth_work(struct wpa_supplicant * wpa_s)71 static void wpas_pasn_cancel_auth_work(struct wpa_supplicant *wpa_s)
72 {
73           wpa_printf(MSG_DEBUG, "PASN: Cancel pasn-start-auth work");
74 
75           /* Remove pending/started work */
76           radio_remove_works(wpa_s, "pasn-start-auth", 0);
77 }
78 
79 
wpas_pasn_auth_status(struct wpa_supplicant * wpa_s,const u8 * peer_addr,int akmp,int cipher,u8 status,struct wpabuf * comeback,u16 comeback_after)80 static void wpas_pasn_auth_status(struct wpa_supplicant *wpa_s,
81                                           const u8 *peer_addr,
82                                           int akmp, int cipher, u8 status,
83                                           struct wpabuf *comeback,
84                                           u16 comeback_after)
85 {
86           if (comeback) {
87                     size_t comeback_len = wpabuf_len(comeback);
88                     size_t buflen = comeback_len * 2 + 1;
89                     char *comeback_txt = os_malloc(buflen);
90 
91                     if (comeback_txt) {
92                               wpa_snprintf_hex(comeback_txt, buflen,
93                                                    wpabuf_head(comeback), comeback_len);
94 
95                               wpa_msg(wpa_s, MSG_INFO, PASN_AUTH_STATUS MACSTR
96                                         " akmp=%s, status=%u comeback_after=%u comeback=%s",
97                                         MAC2STR(peer_addr),
98                                         wpa_key_mgmt_txt(akmp, WPA_PROTO_RSN),
99                                         status, comeback_after, comeback_txt);
100 
101                               os_free(comeback_txt);
102                               return;
103                     }
104           }
105 
106           wpa_msg(wpa_s, MSG_INFO,
107                     PASN_AUTH_STATUS MACSTR " akmp=%s, status=%u",
108                     MAC2STR(peer_addr), wpa_key_mgmt_txt(akmp, WPA_PROTO_RSN),
109                     status);
110 }
111 
112 
113 #ifdef CONFIG_SAE
114 
115 static struct sae_pt *
wpas_pasn_sae_derive_pt(struct wpa_ssid * ssid,int group)116 wpas_pasn_sae_derive_pt(struct wpa_ssid *ssid, int group)
117 {
118           const char *password = ssid->sae_password;
119           int groups[2] = { group, 0 };
120 
121           if (!password)
122                     password = ssid->passphrase;
123 
124           if (!password) {
125                     wpa_printf(MSG_DEBUG, "PASN: SAE without a password");
126                     return NULL;
127           }
128 
129           return sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
130                                   (const u8 *) password, os_strlen(password),
131                                   ssid->sae_password_id);
132 }
133 
134 
wpas_pasn_sae_setup_pt(struct wpa_ssid * ssid,int group)135 static int wpas_pasn_sae_setup_pt(struct wpa_ssid *ssid, int group)
136 {
137           if (!ssid->sae_password && !ssid->passphrase) {
138                     wpa_printf(MSG_DEBUG, "PASN: SAE without a password");
139                     return -1;
140           }
141 
142           if (ssid->pt)
143                     return 0; /* PT already derived */
144 
145           ssid->pt = wpas_pasn_sae_derive_pt(ssid, group);
146 
147           return ssid->pt ? 0 : -1;
148 }
149 
150 #endif /* CONFIG_SAE */
151 
152 
wpas_pasn_get_params_from_bss(struct wpa_supplicant * wpa_s,struct pasn_peer * peer)153 static int wpas_pasn_get_params_from_bss(struct wpa_supplicant *wpa_s,
154                                                    struct pasn_peer *peer)
155 {
156           int ret;
157           const u8 *rsne, *rsnxe;
158           struct wpa_bss *bss;
159           struct wpa_ie_data rsne_data;
160           int sel, key_mgmt, pairwise_cipher;
161           int network_id = 0, group = 19;
162           struct wpa_ssid *ssid = NULL;
163           size_t ssid_str_len = 0;
164           const u8 *ssid_str = NULL;
165           const u8 *peer_addr = peer->peer_addr;
166 
167           bss = wpa_bss_get_bssid(wpa_s, peer_addr);
168           if (!bss) {
169                     wpa_supplicant_update_scan_results(wpa_s, peer_addr);
170                     bss = wpa_bss_get_bssid(wpa_s, peer_addr);
171                     if (!bss) {
172                               wpa_printf(MSG_DEBUG, "PASN: BSS not found");
173                               return -1;
174                     }
175           }
176 
177           rsne = wpa_bss_get_ie(bss, WLAN_EID_RSN);
178           if (!rsne) {
179                     wpa_printf(MSG_DEBUG, "PASN: BSS without RSNE");
180                     return -1;
181           }
182 
183           ret = wpa_parse_wpa_ie(rsne, *(rsne + 1) + 2, &rsne_data);
184           if (ret) {
185                     wpa_printf(MSG_DEBUG, "PASN: Failed parsing RSNE data");
186                     return -1;
187           }
188 
189           rsnxe = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
190 
191           ssid_str_len = bss->ssid_len;
192           ssid_str = bss->ssid;
193 
194           /* Get the network configuration based on the obtained SSID */
195           for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
196                     if (!wpas_network_disabled(wpa_s, ssid) &&
197                         ssid_str_len == ssid->ssid_len &&
198                         os_memcmp(ssid_str, ssid->ssid, ssid_str_len) == 0)
199                               break;
200           }
201 
202           if (ssid)
203                     network_id = ssid->id;
204 
205           sel = rsne_data.pairwise_cipher;
206           if (ssid && ssid->pairwise_cipher)
207                     sel &= ssid->pairwise_cipher;
208 
209           wpa_printf(MSG_DEBUG, "PASN: peer pairwise 0x%x, select 0x%x",
210                        rsne_data.pairwise_cipher, sel);
211 
212           pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
213           if (pairwise_cipher < 0) {
214                     wpa_msg(wpa_s, MSG_WARNING,
215                               "PASN: Failed to select pairwise cipher");
216                     return -1;
217           }
218 
219           sel = rsne_data.key_mgmt;
220           if (ssid && ssid->key_mgmt)
221                     sel &= ssid->key_mgmt;
222 
223           wpa_printf(MSG_DEBUG, "PASN: peer AKMP 0x%x, select 0x%x",
224                        rsne_data.key_mgmt, sel);
225 #ifdef CONFIG_SAE
226           if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE) || !ssid)
227                     sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY |
228                                WPA_KEY_MGMT_FT_SAE | WPA_KEY_MGMT_FT_SAE_EXT_KEY);
229 #endif /* CONFIG_SAE */
230 #ifdef CONFIG_IEEE80211R
231           if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME |
232                                           WPA_DRIVER_FLAGS_UPDATE_FT_IES)))
233                     sel &= ~WPA_KEY_MGMT_FT;
234 #endif /* CONFIG_IEEE80211R */
235           if (0) {
236 #ifdef CONFIG_IEEE80211R
237 #ifdef CONFIG_SHA384
238           } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
239                        os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
240                     key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
241                     wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FT/802.1X-SHA384");
242                     if (ssid && !ssid->ft_eap_pmksa_caching &&
243                         pmksa_cache_get_current(wpa_s->wpa)) {
244                               /* PMKSA caching with FT may have interoperability
245                                * issues, so disable that case by default for now.
246                                */
247                               wpa_printf(MSG_DEBUG,
248                                            "PASN: Disable PMKSA caching for FT/802.1X connection");
249                               pmksa_cache_clear_current(wpa_s->wpa);
250                     }
251 #endif /* CONFIG_SHA384 */
252 #endif /* CONFIG_IEEE80211R */
253 #ifdef CONFIG_SAE
254           } else if ((sel & WPA_KEY_MGMT_SAE_EXT_KEY) &&
255                        (ieee802_11_rsnx_capab(rsnxe,
256                                                      WLAN_RSNX_CAPAB_SAE_H2E)) &&
257                        (wpas_pasn_sae_setup_pt(ssid, group) == 0)) {
258                     key_mgmt = WPA_KEY_MGMT_SAE_EXT_KEY;
259                     wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT SAE (ext key)");
260           } else if ((sel & WPA_KEY_MGMT_SAE) &&
261                        (ieee802_11_rsnx_capab(rsnxe,
262                                                      WLAN_RSNX_CAPAB_SAE_H2E)) &&
263                        (wpas_pasn_sae_setup_pt(ssid, group) == 0)) {
264                     key_mgmt = WPA_KEY_MGMT_SAE;
265                     wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT SAE");
266 #endif /* CONFIG_SAE */
267 #ifdef CONFIG_FILS
268           } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
269                     key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
270                     wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FILS-SHA384");
271           } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
272                     key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
273                     wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FILS-SHA256");
274 #endif /* CONFIG_FILS */
275 #ifdef CONFIG_IEEE80211R
276           } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
277                        os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
278                     key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
279                     wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FT/802.1X");
280                     if (ssid && !ssid->ft_eap_pmksa_caching &&
281                         pmksa_cache_get_current(wpa_s->wpa)) {
282                               /* PMKSA caching with FT may have interoperability
283                                * issues, so disable that case by default for now.
284                                */
285                               wpa_printf(MSG_DEBUG,
286                                            "PASN: Disable PMKSA caching for FT/802.1X connection");
287                               pmksa_cache_clear_current(wpa_s->wpa);
288                     }
289           } else if (sel & WPA_KEY_MGMT_FT_PSK) {
290                     key_mgmt = WPA_KEY_MGMT_FT_PSK;
291                     wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT FT/PSK");
292 #endif /* CONFIG_IEEE80211R */
293           } else if (sel & WPA_KEY_MGMT_PASN) {
294                     key_mgmt = WPA_KEY_MGMT_PASN;
295                     wpa_printf(MSG_DEBUG, "PASN: using KEY_MGMT PASN");
296           } else {
297                     wpa_printf(MSG_DEBUG, "PASN: invalid AKMP");
298                     return -1;
299           }
300 
301           peer->akmp = key_mgmt;
302           peer->cipher = pairwise_cipher;
303           peer->network_id = network_id;
304           peer->group = group;
305           return 0;
306 }
307 
308 
wpas_pasn_set_keys_from_cache(struct wpa_supplicant * wpa_s,const u8 * own_addr,const u8 * peer_addr,int cipher,int akmp)309 static int wpas_pasn_set_keys_from_cache(struct wpa_supplicant *wpa_s,
310                                                    const u8 *own_addr,
311                                                    const u8 *peer_addr,
312                                                    int cipher, int akmp)
313 {
314           struct ptksa_cache_entry *entry;
315 
316           entry = ptksa_cache_get(wpa_s->ptksa, peer_addr, cipher);
317           if (!entry) {
318                     wpa_printf(MSG_DEBUG, "PASN: peer " MACSTR
319                                  " not present in PTKSA cache", MAC2STR(peer_addr));
320                     return -1;
321           }
322 
323           if (!ether_addr_equal(entry->own_addr, own_addr)) {
324                     wpa_printf(MSG_DEBUG,
325                                  "PASN: own addr " MACSTR " and PTKSA entry own addr "
326                                  MACSTR " differ",
327                                  MAC2STR(own_addr), MAC2STR(entry->own_addr));
328                     return -1;
329           }
330 
331           wpa_printf(MSG_DEBUG, "PASN: " MACSTR " present in PTKSA cache",
332                        MAC2STR(peer_addr));
333           wpa_drv_set_secure_ranging_ctx(wpa_s, own_addr, peer_addr, cipher,
334                                                entry->ptk.tk_len,
335                                                entry->ptk.tk,
336                                                entry->ptk.ltf_keyseed_len,
337                                                entry->ptk.ltf_keyseed, 0);
338           return 0;
339 }
340 
341 
wpas_pasn_configure_next_peer(struct wpa_supplicant * wpa_s,struct pasn_auth * pasn_params)342 static void wpas_pasn_configure_next_peer(struct wpa_supplicant *wpa_s,
343                                                     struct pasn_auth *pasn_params)
344 {
345           struct pasn_peer *peer;
346           u8 comeback_len = 0;
347           const u8 *comeback = NULL;
348 
349           if (!pasn_params)
350                     return;
351 
352           while (wpa_s->pasn_count < pasn_params->num_peers) {
353                     peer = &pasn_params->peer[wpa_s->pasn_count];
354 
355                     if (ether_addr_equal(wpa_s->bssid, peer->peer_addr)) {
356                               wpa_printf(MSG_DEBUG,
357                                            "PASN: Associated peer is not expected");
358                               peer->status = PASN_STATUS_FAILURE;
359                               wpa_s->pasn_count++;
360                               continue;
361                     }
362 
363                     if (wpas_pasn_set_keys_from_cache(wpa_s, peer->own_addr,
364                                                               peer->peer_addr,
365                                                               peer->cipher,
366                                                               peer->akmp) == 0) {
367                               peer->status = PASN_STATUS_SUCCESS;
368                               wpa_s->pasn_count++;
369                               continue;
370                     }
371 
372                     if (wpas_pasn_get_params_from_bss(wpa_s, peer)) {
373                               peer->status = PASN_STATUS_FAILURE;
374                               wpa_s->pasn_count++;
375                               continue;
376                     }
377 
378                     if (wpas_pasn_auth_start(wpa_s, peer->own_addr,
379                                                    peer->peer_addr, peer->akmp,
380                                                    peer->cipher, peer->group,
381                                                    peer->network_id,
382                                                    comeback, comeback_len)) {
383                               peer->status = PASN_STATUS_FAILURE;
384                               wpa_s->pasn_count++;
385                               continue;
386                     }
387                     wpa_printf(MSG_DEBUG, "PASN: Sent PASN auth start for " MACSTR,
388                                  MAC2STR(peer->peer_addr));
389                     return;
390           }
391 
392           if (wpa_s->pasn_count == pasn_params->num_peers) {
393                     wpa_drv_send_pasn_resp(wpa_s, pasn_params);
394                     wpa_printf(MSG_DEBUG, "PASN: Response sent");
395                     os_free(wpa_s->pasn_params);
396                     wpa_s->pasn_params = NULL;
397           }
398 }
399 
400 
wpas_pasn_auth_work_done(struct wpa_supplicant * wpa_s,int status)401 void wpas_pasn_auth_work_done(struct wpa_supplicant *wpa_s, int status)
402 {
403           if (!wpa_s->pasn_params)
404                     return;
405 
406           wpa_s->pasn_params->peer[wpa_s->pasn_count].status = status;
407           wpa_s->pasn_count++;
408           wpas_pasn_configure_next_peer(wpa_s, wpa_s->pasn_params);
409 }
410 
411 
wpas_pasn_delete_peers(struct wpa_supplicant * wpa_s,struct pasn_auth * pasn_params)412 static void wpas_pasn_delete_peers(struct wpa_supplicant *wpa_s,
413                                            struct pasn_auth *pasn_params)
414 {
415           struct pasn_peer *peer;
416           unsigned int i;
417 
418           if (!pasn_params)
419                     return;
420 
421           for (i = 0; i < pasn_params->num_peers; i++) {
422                     peer = &pasn_params->peer[i];
423                     ptksa_cache_flush(wpa_s->ptksa, peer->peer_addr,
424                                           WPA_CIPHER_NONE);
425           }
426 }
427 
428 
429 #ifdef CONFIG_FILS
wpas_pasn_initiate_eapol(struct pasn_data * pasn,struct wpa_ssid * ssid)430 static void wpas_pasn_initiate_eapol(struct pasn_data *pasn,
431                                              struct wpa_ssid *ssid)
432 {
433           struct eapol_config eapol_conf;
434 
435           wpa_printf(MSG_DEBUG, "PASN: FILS: Initiating EAPOL");
436 
437           eapol_sm_notify_eap_success(pasn->eapol, false);
438           eapol_sm_notify_eap_fail(pasn->eapol, false);
439           eapol_sm_notify_portControl(pasn->eapol, Auto);
440 
441           os_memset(&eapol_conf, 0, sizeof(eapol_conf));
442           eapol_conf.fast_reauth = pasn->fast_reauth;
443           eapol_conf.workaround = ssid->eap_workaround;
444 
445           eapol_sm_notify_config(pasn->eapol, &ssid->eap, &eapol_conf);
446 }
447 #endif /* CONFIG_FILS */
448 
449 
wpas_pasn_reset(struct wpa_supplicant * wpa_s)450 static void wpas_pasn_reset(struct wpa_supplicant *wpa_s)
451 {
452           struct pasn_data *pasn = &wpa_s->pasn;
453 
454           wpas_pasn_cancel_auth_work(wpa_s);
455           wpa_s->pasn_auth_work = NULL;
456           eloop_cancel_timeout(wpas_pasn_auth_work_timeout, wpa_s, NULL);
457 
458           wpa_pasn_reset(pasn);
459 }
460 
461 
wpas_pasn_allowed(struct wpa_supplicant * wpa_s,const u8 * peer_addr,int akmp,int cipher)462 static struct wpa_bss * wpas_pasn_allowed(struct wpa_supplicant *wpa_s,
463                                                     const u8 *peer_addr, int akmp,
464                                                     int cipher)
465 {
466           struct wpa_bss *bss;
467           const u8 *rsne;
468           struct wpa_ie_data rsne_data;
469           int ret;
470 
471           if (ether_addr_equal(wpa_s->bssid, peer_addr)) {
472                     wpa_printf(MSG_DEBUG,
473                                  "PASN: Not doing authentication with current BSS");
474                     return NULL;
475           }
476 
477           bss = wpa_bss_get_bssid_latest(wpa_s, peer_addr);
478           if (!bss) {
479                     wpa_printf(MSG_DEBUG, "PASN: BSS not found");
480                     return NULL;
481           }
482 
483           rsne = wpa_bss_get_ie(bss, WLAN_EID_RSN);
484           if (!rsne) {
485                     wpa_printf(MSG_DEBUG, "PASN: BSS without RSNE");
486                     return NULL;
487           }
488 
489           ret = wpa_parse_wpa_ie(rsne, *(rsne + 1) + 2, &rsne_data);
490           if (ret) {
491                     wpa_printf(MSG_DEBUG, "PASN: Failed parsing RSNE data");
492                     return NULL;
493           }
494 
495           if (!(rsne_data.key_mgmt & akmp) ||
496               !(rsne_data.pairwise_cipher & cipher)) {
497                     wpa_printf(MSG_DEBUG,
498                                  "PASN: AP does not support requested AKMP or cipher");
499                     return NULL;
500           }
501 
502           return bss;
503 }
504 
505 
wpas_pasn_auth_start_cb(struct wpa_radio_work * work,int deinit)506 static void wpas_pasn_auth_start_cb(struct wpa_radio_work *work, int deinit)
507 {
508           struct wpa_supplicant *wpa_s = work->wpa_s;
509           struct wpa_pasn_auth_work *awork = work->ctx;
510           struct pasn_data *pasn = &wpa_s->pasn;
511           struct wpa_ssid *ssid;
512           struct wpa_bss *bss;
513           const u8 *rsne, *rsnxe;
514 #ifdef CONFIG_FILS
515           const u8 *indic;
516           u16 fils_info;
517 #endif /* CONFIG_FILS */
518           u16 capab = 0;
519           bool derive_kdk;
520           int ret;
521 
522           wpa_printf(MSG_DEBUG, "PASN: auth_start_cb: deinit=%d", deinit);
523 
524           if (deinit) {
525                     if (work->started) {
526                               eloop_cancel_timeout(wpas_pasn_auth_work_timeout,
527                                                        wpa_s, NULL);
528                               wpa_s->pasn_auth_work = NULL;
529                     }
530 
531                     wpas_pasn_free_auth_work(awork);
532                     return;
533           }
534 
535           /*
536            * It is possible that by the time the callback is called, the PASN
537            * authentication is not allowed, e.g., a connection with the AP was
538            * established.
539            */
540           bss = wpas_pasn_allowed(wpa_s, awork->peer_addr, awork->akmp,
541                                         awork->cipher);
542           if (!bss) {
543                     wpa_printf(MSG_DEBUG, "PASN: auth_start_cb: Not allowed");
544                     goto fail;
545           }
546 
547           rsne = wpa_bss_get_ie(bss, WLAN_EID_RSN);
548           if (!rsne) {
549                     wpa_printf(MSG_DEBUG, "PASN: BSS without RSNE");
550                     goto fail;
551           }
552 
553           rsnxe = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
554 
555           derive_kdk = (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF_STA) &&
556                     ieee802_11_rsnx_capab(rsnxe,
557                                               WLAN_RSNX_CAPAB_SECURE_LTF);
558 #ifdef CONFIG_TESTING_OPTIONS
559           if (!derive_kdk)
560                     derive_kdk = wpa_s->conf->force_kdk_derivation;
561 #endif /* CONFIG_TESTING_OPTIONS */
562           if (derive_kdk)
563                     pasn_enable_kdk_derivation(pasn);
564           else
565                     pasn_disable_kdk_derivation(pasn);
566 
567           wpa_printf(MSG_DEBUG, "PASN: kdk_len=%zu", pasn->kdk_len);
568 
569           if ((wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF_STA) &&
570               ieee802_11_rsnx_capab(rsnxe, WLAN_RSNX_CAPAB_SECURE_LTF))
571                     pasn->secure_ltf = true;
572           else
573                     pasn->secure_ltf = false;
574 
575 #ifdef CONFIG_TESTING_OPTIONS
576           pasn->corrupt_mic = wpa_s->conf->pasn_corrupt_mic;
577 #endif /* CONFIG_TESTING_OPTIONS */
578 
579           capab |= BIT(WLAN_RSNX_CAPAB_SAE_H2E);
580           if (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF_STA)
581                     capab |= BIT(WLAN_RSNX_CAPAB_SECURE_LTF);
582           if (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_RTT_STA)
583                     capab |= BIT(WLAN_RSNX_CAPAB_SECURE_RTT);
584           if (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_PROT_RANGE_NEG_STA)
585                     capab |= BIT(WLAN_RSNX_CAPAB_URNM_MFPR);
586           pasn_set_rsnxe_caps(pasn, capab);
587           pasn_register_callbacks(pasn, wpa_s, wpas_pasn_send_mlme, NULL);
588           ssid = wpa_config_get_network(wpa_s->conf, awork->network_id);
589 
590 #ifdef CONFIG_SAE
591           if (awork->akmp == WPA_KEY_MGMT_SAE) {
592                     if (!ssid) {
593                               wpa_printf(MSG_DEBUG,
594                                            "PASN: No network profile found for SAE");
595                               goto fail;
596                     }
597                     pasn_set_pt(pasn, wpas_pasn_sae_derive_pt(ssid, awork->group));
598                     if (!pasn->pt) {
599                               wpa_printf(MSG_DEBUG, "PASN: Failed to derive PT");
600                               goto fail;
601                     }
602                     pasn->network_id = ssid->id;
603           }
604 #endif /* CONFIG_SAE */
605 
606 #ifdef CONFIG_FILS
607           /* Prepare needed information for wpas_pasn_wd_fils_auth(). */
608           if (awork->akmp == WPA_KEY_MGMT_FILS_SHA256 ||
609               awork->akmp == WPA_KEY_MGMT_FILS_SHA384) {
610                     indic = wpa_bss_get_ie(bss, WLAN_EID_FILS_INDICATION);
611                     if (!ssid) {
612                               wpa_printf(MSG_DEBUG, "PASN: FILS: No network block");
613                     } else if (!indic || indic[1] < 2) {
614                               wpa_printf(MSG_DEBUG,
615                                            "PASN: Missing FILS Indication IE");
616                     } else {
617                               fils_info = WPA_GET_LE16(indic + 2);
618                               if ((fils_info & BIT(9)) && ssid) {
619                                         pasn->eapol = wpa_s->eapol;
620                                         pasn->network_id = ssid->id;
621                                         wpas_pasn_initiate_eapol(pasn, ssid);
622                                         pasn->fils_eapol = true;
623                               } else {
624                                         wpa_printf(MSG_DEBUG,
625                                                      "PASN: FILS auth without PFS not supported");
626                               }
627                     }
628                     pasn->fast_reauth = wpa_s->conf->fast_reauth;
629           }
630 #endif /* CONFIG_FILS */
631 
632           pasn_set_initiator_pmksa(pasn, wpa_sm_get_pmksa_cache(wpa_s->wpa));
633 
634           if (wpa_key_mgmt_ft(awork->akmp)) {
635 #ifdef CONFIG_IEEE80211R
636                     ret = wpa_pasn_ft_derive_pmk_r1(wpa_s->wpa, awork->akmp,
637                                                             awork->peer_addr,
638                                                             pasn->pmk_r1,
639                                                             &pasn->pmk_r1_len,
640                                                             pasn->pmk_r1_name);
641                     if (ret) {
642                               wpa_printf(MSG_DEBUG,
643                                            "PASN: FT: Failed to derive keys");
644                               goto fail;
645                     }
646 #else /* CONFIG_IEEE80211R */
647                     goto fail;
648 #endif /* CONFIG_IEEE80211R */
649           }
650 
651 
652           ret = wpas_pasn_start(pasn, awork->own_addr, awork->peer_addr,
653                                     awork->peer_addr, awork->akmp, awork->cipher,
654                                     awork->group, bss->freq, rsne, *(rsne + 1) + 2,
655                                     rsnxe, rsnxe ? *(rsnxe + 1) + 2 : 0,
656                                     awork->comeback);
657           if (ret) {
658                     wpa_printf(MSG_DEBUG,
659                                  "PASN: Failed to start PASN authentication");
660                     goto fail;
661           }
662           eloop_register_timeout(2, 0, wpas_pasn_auth_work_timeout, wpa_s, NULL);
663 
664           /* comeback token is no longer needed at this stage */
665           wpabuf_free(awork->comeback);
666           awork->comeback = NULL;
667 
668           wpa_s->pasn_auth_work = work;
669           return;
670 fail:
671           wpas_pasn_free_auth_work(awork);
672           work->ctx = NULL;
673           radio_work_done(work);
674 }
675 
676 
wpas_pasn_auth_start(struct wpa_supplicant * wpa_s,const u8 * own_addr,const u8 * peer_addr,int akmp,int cipher,u16 group,int network_id,const u8 * comeback,size_t comeback_len)677 int wpas_pasn_auth_start(struct wpa_supplicant *wpa_s,
678                                const u8 *own_addr, const u8 *peer_addr,
679                                int akmp, int cipher, u16 group, int network_id,
680                                const u8 *comeback, size_t comeback_len)
681 {
682           struct wpa_pasn_auth_work *awork;
683           struct wpa_bss *bss;
684 
685           wpa_printf(MSG_DEBUG, "PASN: Start: " MACSTR " akmp=0x%x, cipher=0x%x",
686                        MAC2STR(peer_addr), akmp, cipher);
687 
688           /*
689            * TODO: Consider modifying the offchannel logic to handle additional
690            * Management frames other then Action frames. For now allow PASN only
691            * with drivers that support off-channel TX.
692            */
693           if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX)) {
694                     wpa_printf(MSG_DEBUG,
695                                  "PASN: Driver does not support offchannel TX");
696                     return -1;
697           }
698 
699           if (radio_work_pending(wpa_s, "pasn-start-auth")) {
700                     wpa_printf(MSG_DEBUG,
701                                  "PASN: send_auth: Work is already pending");
702                     return -1;
703           }
704 
705           if (wpa_s->pasn_auth_work) {
706                     wpa_printf(MSG_DEBUG, "PASN: send_auth: Already in progress");
707                     return -1;
708           }
709 
710           bss = wpas_pasn_allowed(wpa_s, peer_addr, akmp, cipher);
711           if (!bss)
712                     return -1;
713 
714           wpas_pasn_reset(wpa_s);
715 
716           awork = os_zalloc(sizeof(*awork));
717           if (!awork)
718                     return -1;
719 
720           os_memcpy(awork->own_addr, own_addr, ETH_ALEN);
721           os_memcpy(awork->peer_addr, peer_addr, ETH_ALEN);
722           awork->akmp = akmp;
723           awork->cipher = cipher;
724           awork->group = group;
725           awork->network_id = network_id;
726 
727           if (comeback && comeback_len) {
728                     awork->comeback = wpabuf_alloc_copy(comeback, comeback_len);
729                     if (!awork->comeback) {
730                               wpas_pasn_free_auth_work(awork);
731                               return -1;
732                     }
733           }
734 
735           if (radio_add_work(wpa_s, bss->freq, "pasn-start-auth", 1,
736                                  wpas_pasn_auth_start_cb, awork) < 0) {
737                     wpas_pasn_free_auth_work(awork);
738                     return -1;
739           }
740 
741           wpa_printf(MSG_DEBUG, "PASN: Auth work successfully added");
742           return 0;
743 }
744 
745 
wpas_pasn_auth_stop(struct wpa_supplicant * wpa_s)746 void wpas_pasn_auth_stop(struct wpa_supplicant *wpa_s)
747 {
748           struct pasn_data *pasn = &wpa_s->pasn;
749 
750           if (!wpa_s->pasn.ecdh)
751                     return;
752 
753           wpa_printf(MSG_DEBUG, "PASN: Stopping authentication");
754 
755           wpas_pasn_auth_status(wpa_s, pasn->peer_addr, pasn_get_akmp(pasn),
756                                     pasn_get_cipher(pasn),
757                                     pasn->status, pasn->comeback,
758                                     pasn->comeback_after);
759 
760           wpas_pasn_reset(wpa_s);
761 }
762 
763 
wpas_pasn_immediate_retry(struct wpa_supplicant * wpa_s,struct pasn_data * pasn,struct wpa_pasn_params_data * params)764 static int wpas_pasn_immediate_retry(struct wpa_supplicant *wpa_s,
765                                              struct pasn_data *pasn,
766                                              struct wpa_pasn_params_data *params)
767 {
768           int akmp = pasn_get_akmp(pasn);
769           int cipher = pasn_get_cipher(pasn);
770           u16 group = pasn->group;
771           u8 own_addr[ETH_ALEN];
772           u8 peer_addr[ETH_ALEN];
773 
774           wpa_printf(MSG_DEBUG, "PASN: Immediate retry");
775           os_memcpy(own_addr, pasn->own_addr, ETH_ALEN);
776           os_memcpy(peer_addr, pasn->peer_addr, ETH_ALEN);
777           wpas_pasn_reset(wpa_s);
778 
779           return wpas_pasn_auth_start(wpa_s, own_addr, peer_addr, akmp, cipher,
780                                             group, pasn->network_id,
781                                             params->comeback, params->comeback_len);
782 }
783 
784 
wpas_pasn_deauth_cb(struct ptksa_cache_entry * entry)785 static void wpas_pasn_deauth_cb(struct ptksa_cache_entry *entry)
786 {
787           struct wpa_supplicant *wpa_s = entry->ctx;
788           u8 own_addr[ETH_ALEN];
789           u8 peer_addr[ETH_ALEN];
790 
791           /* Use a copy of the addresses from the entry to avoid issues with the
792            * entry getting freed during deauthentication processing. */
793           os_memcpy(own_addr, entry->own_addr, ETH_ALEN);
794           os_memcpy(peer_addr, entry->addr, ETH_ALEN);
795           wpas_pasn_deauthenticate(wpa_s, own_addr, peer_addr);
796 }
797 
798 
wpas_pasn_auth_rx(struct wpa_supplicant * wpa_s,const struct ieee80211_mgmt * mgmt,size_t len)799 int wpas_pasn_auth_rx(struct wpa_supplicant *wpa_s,
800                           const struct ieee80211_mgmt *mgmt, size_t len)
801 {
802           struct pasn_data *pasn = &wpa_s->pasn;
803           struct wpa_pasn_params_data pasn_data;
804           int ret;
805 
806           if (!wpa_s->pasn_auth_work)
807                     return -2;
808 
809           pasn_register_callbacks(pasn, wpa_s, wpas_pasn_send_mlme, NULL);
810           ret = wpa_pasn_auth_rx(pasn, (const u8 *) mgmt, len, &pasn_data);
811           if (ret == 0) {
812                     ptksa_cache_add(wpa_s->ptksa, pasn->own_addr, pasn->peer_addr,
813                                         pasn_get_cipher(pasn),
814                                         dot11RSNAConfigPMKLifetime,
815                                         pasn_get_ptk(pasn),
816                                         wpa_s->pasn_params ? wpas_pasn_deauth_cb : NULL,
817                                         wpa_s->pasn_params ? wpa_s : NULL,
818                                         pasn_get_akmp(pasn));
819 
820                     if (pasn->pmksa_entry)
821                               wpa_sm_set_cur_pmksa(wpa_s->wpa, pasn->pmksa_entry);
822           }
823 
824           forced_memzero(pasn_get_ptk(pasn), sizeof(pasn->ptk));
825 
826           if (ret == -1) {
827                     wpas_pasn_auth_stop(wpa_s);
828                     wpas_pasn_auth_work_done(wpa_s, PASN_STATUS_FAILURE);
829           }
830 
831           if (ret == 1)
832                     ret = wpas_pasn_immediate_retry(wpa_s, pasn, &pasn_data);
833 
834           return ret;
835 }
836 
837 
wpas_pasn_auth_trigger(struct wpa_supplicant * wpa_s,struct pasn_auth * pasn_auth)838 void wpas_pasn_auth_trigger(struct wpa_supplicant *wpa_s,
839                                   struct pasn_auth *pasn_auth)
840 {
841           struct pasn_peer *src, *dst;
842           unsigned int i, num_peers = pasn_auth->num_peers;
843 
844           if (wpa_s->pasn_params) {
845                     wpa_printf(MSG_DEBUG,
846                                  "PASN: auth_trigger: Already in progress");
847                     return;
848           }
849 
850           if (!num_peers || num_peers > WPAS_MAX_PASN_PEERS) {
851                     wpa_printf(MSG_DEBUG,
852                                  "PASN: auth trigger: Invalid number of peers");
853                     return;
854           }
855 
856           wpa_s->pasn_params = os_zalloc(sizeof(struct pasn_auth));
857           if (!wpa_s->pasn_params) {
858                     wpa_printf(MSG_DEBUG,
859                                  "PASN: auth trigger: Failed to allocate a buffer");
860                     return;
861           }
862 
863           wpa_s->pasn_count = 0;
864           wpa_s->pasn_params->num_peers = num_peers;
865 
866           for (i = 0; i < num_peers; i++) {
867                     dst = &wpa_s->pasn_params->peer[i];
868                     src = &pasn_auth->peer[i];
869                     os_memcpy(dst->own_addr, wpa_s->own_addr, ETH_ALEN);
870                     os_memcpy(dst->peer_addr, src->peer_addr, ETH_ALEN);
871                     dst->ltf_keyseed_required = src->ltf_keyseed_required;
872                     dst->status = PASN_STATUS_SUCCESS;
873 
874                     if (!is_zero_ether_addr(src->own_addr)) {
875                               os_memcpy(dst->own_addr, src->own_addr, ETH_ALEN);
876                               wpa_printf(MSG_DEBUG, "PASN: Own (source) MAC addr: "
877                                            MACSTR, MAC2STR(dst->own_addr));
878                     }
879           }
880 
881           if (pasn_auth->action == PASN_ACTION_DELETE_SECURE_RANGING_CONTEXT) {
882                     wpas_pasn_delete_peers(wpa_s, wpa_s->pasn_params);
883                     os_free(wpa_s->pasn_params);
884                     wpa_s->pasn_params = NULL;
885           } else if (pasn_auth->action == PASN_ACTION_AUTH) {
886                     wpas_pasn_configure_next_peer(wpa_s, wpa_s->pasn_params);
887           }
888 }
889 
890 
wpas_pasn_auth_tx_status(struct wpa_supplicant * wpa_s,const u8 * data,size_t data_len,u8 acked)891 int wpas_pasn_auth_tx_status(struct wpa_supplicant *wpa_s,
892                                    const u8 *data, size_t data_len, u8 acked)
893 
894 {
895           struct pasn_data *pasn = &wpa_s->pasn;
896           int ret;
897 
898           if (!wpa_s->pasn_auth_work) {
899                     wpa_printf(MSG_DEBUG,
900                                  "PASN: auth_tx_status: no work in progress");
901                     return -1;
902           }
903 
904           ret = wpa_pasn_auth_tx_status(pasn, data, data_len, acked);
905           if (ret != 1)
906                     return ret;
907 
908           if (!wpa_s->pasn_params) {
909                     wpas_pasn_auth_stop(wpa_s);
910                     return 0;
911           }
912 
913           wpas_pasn_set_keys_from_cache(wpa_s, pasn->own_addr, pasn->peer_addr,
914                                               pasn_get_cipher(pasn),
915                                               pasn_get_akmp(pasn));
916           wpas_pasn_auth_stop(wpa_s);
917           wpas_pasn_auth_work_done(wpa_s, PASN_STATUS_SUCCESS);
918 
919           return 0;
920 }
921 
922 
wpas_pasn_deauthenticate(struct wpa_supplicant * wpa_s,const u8 * own_addr,const u8 * peer_addr)923 int wpas_pasn_deauthenticate(struct wpa_supplicant *wpa_s, const u8 *own_addr,
924                                    const u8 *peer_addr)
925 {
926           struct wpa_bss *bss;
927           struct wpabuf *buf;
928           struct ieee80211_mgmt *deauth;
929           int ret;
930 
931           if (ether_addr_equal(wpa_s->bssid, peer_addr)) {
932                     wpa_printf(MSG_DEBUG,
933                                  "PASN: Cannot deauthenticate from current BSS");
934                     return -1;
935           }
936 
937           wpa_drv_set_secure_ranging_ctx(wpa_s, own_addr, peer_addr, 0, 0, NULL,
938                                                0, NULL, 1);
939 
940           wpa_printf(MSG_DEBUG, "PASN: deauth: Flushing all PTKSA entries for "
941                        MACSTR, MAC2STR(peer_addr));
942           ptksa_cache_flush(wpa_s->ptksa, peer_addr, WPA_CIPHER_NONE);
943 
944           bss = wpa_bss_get_bssid(wpa_s, peer_addr);
945           if (!bss) {
946                     wpa_printf(MSG_DEBUG, "PASN: deauth: BSS not found");
947                     return -1;
948           }
949 
950           buf = wpabuf_alloc(64);
951           if (!buf) {
952                     wpa_printf(MSG_DEBUG, "PASN: deauth: Failed wpabuf allocate");
953                     return -1;
954           }
955 
956           deauth = wpabuf_put(buf, offsetof(struct ieee80211_mgmt,
957                                                     u.deauth.variable));
958 
959           deauth->frame_control = host_to_le16((WLAN_FC_TYPE_MGMT << 2) |
960                                                        (WLAN_FC_STYPE_DEAUTH << 4));
961 
962           os_memcpy(deauth->da, peer_addr, ETH_ALEN);
963           os_memcpy(deauth->sa, own_addr, ETH_ALEN);
964           os_memcpy(deauth->bssid, peer_addr, ETH_ALEN);
965           deauth->u.deauth.reason_code =
966                     host_to_le16(WLAN_REASON_PREV_AUTH_NOT_VALID);
967 
968           /*
969            * Since we do not expect any response from the AP, implement the
970            * Deauthentication frame transmission using direct call to the driver
971            * without a radio work.
972            */
973           ret = wpa_drv_send_mlme(wpa_s, wpabuf_head(buf), wpabuf_len(buf), 1,
974                                         bss->freq, 0);
975 
976           wpabuf_free(buf);
977           wpa_printf(MSG_DEBUG, "PASN: deauth: send_mlme ret=%d", ret);
978 
979           return ret;
980 }
981