From 14b5ebce73cd8e997ff9a9815ef9450b6dedc421 Mon Sep 17 00:00:00 2001 From: Vinay Gannevaram Date: Sat, 29 Oct 2022 18:41:39 +0530 Subject: [PATCH] PASN: Add a common header file for initiator and responder This is a step towards decoupling the PASN initiator and responder implemenentation is decoupled from the wpa_s and hapd contexts and moving to a common folder for better abstraction. Move the struct wpas_pasn definition to a common file for initiator and responder. The idea is to provide a library libpasn.so from PASN common code. Include C++ compatibilty wrapper to extend libpasn.so support for modules using cpp code base. This library can be used in applications implementing protocols based on the PASN handshake. Signed-off-by: Jouni Malinen --- src/pasn/pasn_common.h | 103 ++++++++++++++++++++++++++++++ wpa_supplicant/wpa_supplicant_i.h | 78 +--------------------- 2 files changed, 104 insertions(+), 77 deletions(-) create mode 100644 src/pasn/pasn_common.h diff --git a/src/pasn/pasn_common.h b/src/pasn/pasn_common.h new file mode 100644 index 000000000..cefe784d5 --- /dev/null +++ b/src/pasn/pasn_common.h @@ -0,0 +1,103 @@ +/* + * PASN info for initiator and responder + * + * Copyright (C) 2019, Intel Corporation + * Copyright (c) 2022, Jouni Malinen + * Copyright (C) 2022, Qualcomm Innovation Center, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#ifndef PASN_COMMON_H +#define PASN_COMMON_H + +#ifdef __cplusplus +extern "C" { +#endif + +#ifdef CONFIG_PASN + +struct pasn_fils { + u8 nonce[FILS_NONCE_LEN]; + u8 anonce[FILS_NONCE_LEN]; + u8 session[FILS_SESSION_LEN]; + u8 erp_pmkid[PMKID_LEN]; + bool completed; +}; + +struct wpas_pasn { + int akmp; + int cipher; + u16 group; + bool secure_ltf; + int freq; + size_t kdk_len; + + u8 trans_seq; + u8 status; + + u8 own_addr[ETH_ALEN]; + u8 bssid[ETH_ALEN]; + size_t pmk_len; + u8 pmk[PMK_LEN_MAX]; + bool using_pmksa; + + u8 hash[SHA384_MAC_LEN]; + + struct wpabuf *beacon_rsne_rsnxe; + struct wpa_ptk ptk; + struct crypto_ecdh *ecdh; + + struct wpabuf *comeback; + u16 comeback_after; + +#ifdef CONFIG_SAE + struct sae_data sae; + struct sae_pt *pt; +#endif /* CONFIG_SAE */ + +#ifdef CONFIG_FILS + bool fils_eapol; + struct pasn_fils fils; +#endif /* CONFIG_FILS */ + +#ifdef CONFIG_IEEE80211R + u8 pmk_r1[PMK_LEN_MAX]; + size_t pmk_r1_len; + u8 pmk_r1_name[WPA_PMK_NAME_LEN]; +#endif /* CONFIG_IEEE80211R */ + /* Note that this pointers to RSN PMKSA cache are actually defined + * differently for the PASN initiator (using RSN Supplicant + * implementation) and PASN responser (using RSN Authenticator + * implementation). Functions cannot be mixed between those cases. */ + struct rsn_pmksa_cache *pmksa; + struct rsn_pmksa_cache_entry *pmksa_entry; + struct eapol_sm *eapol; + int fast_reauth; +#ifdef CONFIG_TESTING_OPTIONS + int corrupt_mic; +#endif /* CONFIG_TESTING_OPTIONS */ + void *cb_ctx; + u16 rsnxe_capab; + int network_id; + + /** + * send_mgmt - Function handler to transmit a Management frame + * @ctx: Callback context from cb_ctx + * @frame_buf : Frame to transmit + * @frame_len: Length of frame to transmit + * @freq: Frequency in MHz for the channel on which to transmit + * @wait_dur: How many milliseconds to wait for a response frame + * Returns: 0 on success, -1 on failure + */ + int (*send_mgmt)(void *ctx, const u8 *data, size_t data_len, int noack, + unsigned int freq, unsigned int wait); +}; + +#endif /* CONFIG_PASN */ + +#ifdef __cplusplus +} +#endif +#endif /* PASN_COMMON_H */ diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h index 294097033..4952b165f 100644 --- a/wpa_supplicant/wpa_supplicant_i.h +++ b/wpa_supplicant/wpa_supplicant_i.h @@ -20,6 +20,7 @@ #include "wps/wps_defs.h" #include "config_ssid.h" #include "wmm_ac.h" +#include "pasn/pasn_common.h" extern const char *const wpa_supplicant_version; extern const char *const wpa_supplicant_license; @@ -539,83 +540,6 @@ struct dscp_resp_data { int num_policies; }; -#ifdef CONFIG_PASN - -struct pasn_fils { - u8 nonce[FILS_NONCE_LEN]; - u8 anonce[FILS_NONCE_LEN]; - u8 session[FILS_SESSION_LEN]; - u8 erp_pmkid[PMKID_LEN]; - bool completed; -}; - -struct wpas_pasn { - int akmp; - int cipher; - u16 group; - bool secure_ltf; - int freq; - size_t kdk_len; - - u8 trans_seq; - u8 status; - - u8 own_addr[ETH_ALEN]; - u8 bssid[ETH_ALEN]; - size_t pmk_len; - u8 pmk[PMK_LEN_MAX]; - bool using_pmksa; - - u8 hash[SHA384_MAC_LEN]; - - struct wpabuf *beacon_rsne_rsnxe; - struct wpa_ptk ptk; - struct crypto_ecdh *ecdh; - - struct wpabuf *comeback; - u16 comeback_after; - -#ifdef CONFIG_SAE - struct sae_data sae; - struct sae_pt *pt; -#endif /* CONFIG_SAE */ - -#ifdef CONFIG_FILS - bool fils_eapol; - struct pasn_fils fils; -#endif /* CONFIG_FILS */ - -#ifdef CONFIG_IEEE80211R - u8 pmk_r1[PMK_LEN_MAX]; - size_t pmk_r1_len; - u8 pmk_r1_name[WPA_PMK_NAME_LEN]; -#endif /* CONFIG_IEEE80211R */ - struct rsn_pmksa_cache *pmksa; - struct rsn_pmksa_cache_entry *pmksa_entry; - struct eapol_sm *eapol; - int fast_reauth; -#ifdef CONFIG_TESTING_OPTIONS - int corrupt_mic; -#endif /* CONFIG_TESTING_OPTIONS */ - void *cb_ctx; - u16 rsnxe_capab; - int network_id; - - /** - * send_mgmt - Function handler to transmit a Management frame - * @ctx: Callback context from cb_ctx - * @frame_buf : Frame to transmit - * @frame_len: Length of frame to transmit - * @freq: Frequency in MHz for the channel on which to transmit - * @wait_dur: How many milliseconds to wait for a response frame - * Returns: 0 on success, -1 on failure - */ - int (*send_mgmt)(void *ctx, const u8 *data, size_t data_len, int noack, - unsigned int freq, unsigned int wait); -}; -#endif /* CONFIG_PASN */ - - enum ip_version { IPV4 = 4, IPV6 = 6,