Context Navigation

source: rtems-libbsd/freebsd/contrib/wpa/src/wps/wps_enrollee.c @ 9c9d11b

55-freebsd-126-freebsd-12

Last change on this file since 9c9d11b was 9c9d11b, checked in by Sichen Zhao <1473996754@…>, on 08/01/17 at 12:43:41
Import wpa from FreeBSD
Property mode set to `100644`
File size: 40.6 KB

Line
1	#include <machine/rtems-bsd-user-space.h>
2
3	/*
4	* Wi-Fi Protected Setup - Enrollee
5	* Copyright (c) 2008, Jouni Malinen <j@w1.fi>
6	*
7	* This software may be distributed under the terms of the BSD license.
8	* See README for more details.
9	*/
10
11	#include "includes.h"
12
13	#include "common.h"
14	#include "crypto/crypto.h"
15	#include "crypto/sha256.h"
16	#include "crypto/random.h"
17	#include "wps_i.h"
18	#include "wps_dev_attr.h"
19
20
21	static int wps_build_wps_state(struct wps_data wps, struct wpabuf msg)
22	{
23	u8 state;
24	if (wps->wps->ap)
25	state = wps->wps->wps_state;
26	else
27	state = WPS_STATE_NOT_CONFIGURED;
28	wpa_printf(MSG_DEBUG, "WPS: * Wi-Fi Protected Setup State (%d)",
29	state);
30	wpabuf_put_be16(msg, ATTR_WPS_STATE);
31	wpabuf_put_be16(msg, 1);
32	wpabuf_put_u8(msg, state);
33	return 0;
34	}
35
36
37	static int wps_build_e_hash(struct wps_data wps, struct wpabuf msg)
38	{
39	u8 *hash;
40	const u8 *addr[4];
41	size_t len[4];
42
43	if (random_get_bytes(wps->snonce, 2 * WPS_SECRET_NONCE_LEN) < 0)
44	return -1;
45	wpa_hexdump(MSG_DEBUG, "WPS: E-S1", wps->snonce, WPS_SECRET_NONCE_LEN);
46	wpa_hexdump(MSG_DEBUG, "WPS: E-S2",
47	wps->snonce + WPS_SECRET_NONCE_LEN, WPS_SECRET_NONCE_LEN);
48
49	if (wps->dh_pubkey_e == NULL \|\| wps->dh_pubkey_r == NULL) {
50	wpa_printf(MSG_DEBUG, "WPS: DH public keys not available for "
51	"E-Hash derivation");
52	return -1;
53	}
54
55	wpa_printf(MSG_DEBUG, "WPS: * E-Hash1");
56	wpabuf_put_be16(msg, ATTR_E_HASH1);
57	wpabuf_put_be16(msg, SHA256_MAC_LEN);
58	hash = wpabuf_put(msg, SHA256_MAC_LEN);
59	/* E-Hash1 = HMAC_AuthKey(E-S1 \|\| PSK1 \|\| PK_E \|\| PK_R) */
60	addr[0] = wps->snonce;
61	len[0] = WPS_SECRET_NONCE_LEN;
62	addr[1] = wps->psk1;
63	len[1] = WPS_PSK_LEN;
64	addr[2] = wpabuf_head(wps->dh_pubkey_e);
65	len[2] = wpabuf_len(wps->dh_pubkey_e);
66	addr[3] = wpabuf_head(wps->dh_pubkey_r);
67	len[3] = wpabuf_len(wps->dh_pubkey_r);
68	hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 4, addr, len, hash);
69	wpa_hexdump(MSG_DEBUG, "WPS: E-Hash1", hash, SHA256_MAC_LEN);
70
71	wpa_printf(MSG_DEBUG, "WPS: * E-Hash2");
72	wpabuf_put_be16(msg, ATTR_E_HASH2);
73	wpabuf_put_be16(msg, SHA256_MAC_LEN);
74	hash = wpabuf_put(msg, SHA256_MAC_LEN);
75	/* E-Hash2 = HMAC_AuthKey(E-S2 \|\| PSK2 \|\| PK_E \|\| PK_R) */
76	addr[0] = wps->snonce + WPS_SECRET_NONCE_LEN;
77	addr[1] = wps->psk2;
78	hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 4, addr, len, hash);
79	wpa_hexdump(MSG_DEBUG, "WPS: E-Hash2", hash, SHA256_MAC_LEN);
80
81	return 0;
82	}
83
84
85	static int wps_build_e_snonce1(struct wps_data wps, struct wpabuf msg)
86	{
87	wpa_printf(MSG_DEBUG, "WPS: * E-SNonce1");
88	wpabuf_put_be16(msg, ATTR_E_SNONCE1);
89	wpabuf_put_be16(msg, WPS_SECRET_NONCE_LEN);
90	wpabuf_put_data(msg, wps->snonce, WPS_SECRET_NONCE_LEN);
91	return 0;
92	}
93
94
95	static int wps_build_e_snonce2(struct wps_data wps, struct wpabuf msg)
96	{
97	wpa_printf(MSG_DEBUG, "WPS: * E-SNonce2");
98	wpabuf_put_be16(msg, ATTR_E_SNONCE2);
99	wpabuf_put_be16(msg, WPS_SECRET_NONCE_LEN);
100	wpabuf_put_data(msg, wps->snonce + WPS_SECRET_NONCE_LEN,
101	WPS_SECRET_NONCE_LEN);
102	return 0;
103	}
104
105
106	static struct wpabuf * wps_build_m1(struct wps_data *wps)
107	{
108	struct wpabuf *msg;
109	u16 config_methods;
110
111	if (random_get_bytes(wps->nonce_e, WPS_NONCE_LEN) < 0)
112	return NULL;
113	wpa_hexdump(MSG_DEBUG, "WPS: Enrollee Nonce",
114	wps->nonce_e, WPS_NONCE_LEN);
115
116	wpa_printf(MSG_DEBUG, "WPS: Building Message M1");
117	msg = wpabuf_alloc(1000);
118	if (msg == NULL)
119	return NULL;
120
121	config_methods = wps->wps->config_methods;
122	if (wps->wps->ap && !wps->pbc_in_m1 &&
123	(wps->dev_password_len != 0 \|\|
124	(config_methods & WPS_CONFIG_DISPLAY))) {
125	/*
126	* These are the methods that the AP supports as an Enrollee
127	* for adding external Registrars, so remove PushButton.
128	*
129	* As a workaround for Windows 7 mechanism for probing WPS
130	* capabilities from M1, leave PushButton option if no PIN
131	* method is available or if WPS configuration enables PBC
132	* workaround.
133	*/
134	config_methods &= ~WPS_CONFIG_PUSHBUTTON;
135	config_methods &= ~(WPS_CONFIG_VIRT_PUSHBUTTON \|
136	WPS_CONFIG_PHY_PUSHBUTTON);
137	}
138
139	if (wps_build_version(msg) \|\|
140	wps_build_msg_type(msg, WPS_M1) \|\|
141	wps_build_uuid_e(msg, wps->uuid_e) \|\|
142	wps_build_mac_addr(msg, wps->mac_addr_e) \|\|
143	wps_build_enrollee_nonce(wps, msg) \|\|
144	wps_build_public_key(wps, msg) \|\|
145	wps_build_auth_type_flags(wps, msg) \|\|
146	wps_build_encr_type_flags(wps, msg) \|\|
147	wps_build_conn_type_flags(wps, msg) \|\|
148	wps_build_config_methods(msg, config_methods) \|\|
149	wps_build_wps_state(wps, msg) \|\|
150	wps_build_device_attrs(&wps->wps->dev, msg) \|\|
151	wps_build_rf_bands(&wps->wps->dev, msg,
152	wps->wps->rf_band_cb(wps->wps->cb_ctx)) \|\|
153	wps_build_assoc_state(wps, msg) \|\|
154	wps_build_dev_password_id(msg, wps->dev_pw_id) \|\|
155	wps_build_config_error(msg, WPS_CFG_NO_ERROR) \|\|
156	wps_build_os_version(&wps->wps->dev, msg) \|\|
157	wps_build_wfa_ext(msg, 0, NULL, 0) \|\|
158	wps_build_vendor_ext_m1(&wps->wps->dev, msg)) {
159	wpabuf_free(msg);
160	return NULL;
161	}
162
163	wps->state = RECV_M2;
164	return msg;
165	}
166
167
168	static struct wpabuf * wps_build_m3(struct wps_data *wps)
169	{
170	struct wpabuf *msg;
171
172	wpa_printf(MSG_DEBUG, "WPS: Building Message M3");
173
174	if (wps->dev_password == NULL) {
175	wpa_printf(MSG_DEBUG, "WPS: No Device Password available");
176	return NULL;
177	}
178	wps_derive_psk(wps, wps->dev_password, wps->dev_password_len);
179
180	if (wps->wps->ap && random_pool_ready() != 1) {
181	wpa_printf(MSG_INFO,
182	"WPS: Not enough entropy in random pool to proceed - do not allow AP PIN to be used");
183	return NULL;
184	}
185
186	msg = wpabuf_alloc(1000);
187	if (msg == NULL)
188	return NULL;
189
190	if (wps_build_version(msg) \|\|
191	wps_build_msg_type(msg, WPS_M3) \|\|
192	wps_build_registrar_nonce(wps, msg) \|\|
193	wps_build_e_hash(wps, msg) \|\|
194	wps_build_wfa_ext(msg, 0, NULL, 0) \|\|
195	wps_build_authenticator(wps, msg)) {
196	wpabuf_free(msg);
197	return NULL;
198	}
199
200	wps->state = RECV_M4;
201	return msg;
202	}
203
204
205	static struct wpabuf * wps_build_m5(struct wps_data *wps)
206	{
207	struct wpabuf msg, plain;
208
209	wpa_printf(MSG_DEBUG, "WPS: Building Message M5");
210
211	plain = wpabuf_alloc(200);
212	if (plain == NULL)
213	return NULL;
214
215	msg = wpabuf_alloc(1000);
216	if (msg == NULL) {
217	wpabuf_free(plain);
218	return NULL;
219	}
220
221	if (wps_build_version(msg) \|\|
222	wps_build_msg_type(msg, WPS_M5) \|\|
223	wps_build_registrar_nonce(wps, msg) \|\|
224	wps_build_e_snonce1(wps, plain) \|\|
225	wps_build_key_wrap_auth(wps, plain) \|\|
226	wps_build_encr_settings(wps, msg, plain) \|\|
227	wps_build_wfa_ext(msg, 0, NULL, 0) \|\|
228	wps_build_authenticator(wps, msg)) {
229	wpabuf_free(plain);
230	wpabuf_free(msg);
231	return NULL;
232	}
233	wpabuf_free(plain);
234
235	wps->state = RECV_M6;
236	return msg;
237	}
238
239
240	static int wps_build_cred_ssid(struct wps_data wps, struct wpabuf msg)
241	{
242	wpa_printf(MSG_DEBUG, "WPS: * SSID");
243	wpabuf_put_be16(msg, ATTR_SSID);
244	wpabuf_put_be16(msg, wps->wps->ssid_len);
245	wpabuf_put_data(msg, wps->wps->ssid, wps->wps->ssid_len);
246	return 0;
247	}
248
249
250	static int wps_build_cred_auth_type(struct wps_data wps, struct wpabuf msg)
251	{
252	u16 auth_type = wps->wps->ap_auth_type;
253
254	/*
255	* Work around issues with Windows 7 WPS implementation not liking
256	* multiple Authentication Type bits in M7 AP Settings attribute by
257	* showing only the most secure option from current configuration.
258	*/
259	if (auth_type & WPS_AUTH_WPA2PSK)
260	auth_type = WPS_AUTH_WPA2PSK;
261	else if (auth_type & WPS_AUTH_WPAPSK)
262	auth_type = WPS_AUTH_WPAPSK;
263	else if (auth_type & WPS_AUTH_OPEN)
264	auth_type = WPS_AUTH_OPEN;
265
266	wpa_printf(MSG_DEBUG, "WPS: * Authentication Type (0x%x)", auth_type);
267	wpabuf_put_be16(msg, ATTR_AUTH_TYPE);
268	wpabuf_put_be16(msg, 2);
269	wpabuf_put_be16(msg, auth_type);
270	return 0;
271	}
272
273
274	static int wps_build_cred_encr_type(struct wps_data wps, struct wpabuf msg)
275	{
276	u16 encr_type = wps->wps->ap_encr_type;
277
278	/*
279	* Work around issues with Windows 7 WPS implementation not liking
280	* multiple Encryption Type bits in M7 AP Settings attribute by
281	* showing only the most secure option from current configuration.
282	*/
283	if (wps->wps->ap_auth_type & (WPS_AUTH_WPA2PSK \| WPS_AUTH_WPAPSK)) {
284	if (encr_type & WPS_ENCR_AES)
285	encr_type = WPS_ENCR_AES;
286	else if (encr_type & WPS_ENCR_TKIP)
287	encr_type = WPS_ENCR_TKIP;
288	}
289
290	wpa_printf(MSG_DEBUG, "WPS: * Encryption Type (0x%x)", encr_type);
291	wpabuf_put_be16(msg, ATTR_ENCR_TYPE);
292	wpabuf_put_be16(msg, 2);
293	wpabuf_put_be16(msg, encr_type);
294	return 0;
295	}
296
297
298	static int wps_build_cred_network_key(struct wps_data wps, struct wpabuf msg)
299	{
300	if ((wps->wps->ap_auth_type & (WPS_AUTH_WPAPSK \| WPS_AUTH_WPA2PSK)) &&
301	wps->wps->network_key_len == 0) {
302	char hex[65];
303	u8 psk[32];
304	/* Generate a random per-device PSK */
305	if (random_pool_ready() != 1 \|\|
306	random_get_bytes(psk, sizeof(psk)) < 0) {
307	wpa_printf(MSG_INFO,
308	"WPS: Could not generate random PSK");
309	return -1;
310	}
311	wpa_hexdump_key(MSG_DEBUG, "WPS: Generated per-device PSK",
312	psk, sizeof(psk));
313	wpa_printf(MSG_DEBUG, "WPS: * Network Key (len=%u)",
314	(unsigned int) wps->new_psk_len * 2);
315	wpa_snprintf_hex(hex, sizeof(hex), psk, sizeof(psk));
316	wpabuf_put_be16(msg, ATTR_NETWORK_KEY);
317	wpabuf_put_be16(msg, sizeof(psk) * 2);
318	wpabuf_put_data(msg, hex, sizeof(psk) * 2);
319	if (wps->wps->registrar) {
320	wps_cb_new_psk(wps->wps->registrar,
321	wps->peer_dev.mac_addr,
322	wps->p2p_dev_addr, psk, sizeof(psk));
323	}
324	return 0;
325	}
326
327	wpa_printf(MSG_DEBUG, "WPS: * Network Key (len=%u)",
328	(unsigned int) wps->wps->network_key_len);
329	wpabuf_put_be16(msg, ATTR_NETWORK_KEY);
330	wpabuf_put_be16(msg, wps->wps->network_key_len);
331	wpabuf_put_data(msg, wps->wps->network_key, wps->wps->network_key_len);
332	return 0;
333	}
334
335
336	static int wps_build_cred_mac_addr(struct wps_data wps, struct wpabuf msg)
337	{
338	wpa_printf(MSG_DEBUG, "WPS: * MAC Address (AP BSSID)");
339	wpabuf_put_be16(msg, ATTR_MAC_ADDR);
340	wpabuf_put_be16(msg, ETH_ALEN);
341	wpabuf_put_data(msg, wps->wps->dev.mac_addr, ETH_ALEN);
342	return 0;
343	}
344
345
346	static int wps_build_ap_settings(struct wps_data wps, struct wpabuf plain)
347	{
348	const u8 start, end;
349	int ret;
350
351	if (wps->wps->ap_settings) {
352	wpa_printf(MSG_DEBUG, "WPS: * AP Settings (pre-configured)");
353	wpabuf_put_data(plain, wps->wps->ap_settings,
354	wps->wps->ap_settings_len);
355	return 0;
356	}
357
358	wpa_printf(MSG_DEBUG, "WPS: * AP Settings based on current configuration");
359	start = wpabuf_put(plain, 0);
360	ret = wps_build_cred_ssid(wps, plain) \|\|
361	wps_build_cred_mac_addr(wps, plain) \|\|
362	wps_build_cred_auth_type(wps, plain) \|\|
363	wps_build_cred_encr_type(wps, plain) \|\|
364	wps_build_cred_network_key(wps, plain);
365	end = wpabuf_put(plain, 0);
366
367	wpa_hexdump_key(MSG_DEBUG, "WPS: Plaintext AP Settings",
368	start, end - start);
369
370	return ret;
371	}
372
373
374	static struct wpabuf * wps_build_m7(struct wps_data *wps)
375	{
376	struct wpabuf msg, plain;
377
378	wpa_printf(MSG_DEBUG, "WPS: Building Message M7");
379
380	plain = wpabuf_alloc(500 + wps->wps->ap_settings_len);
381	if (plain == NULL)
382	return NULL;
383
384	msg = wpabuf_alloc(1000 + wps->wps->ap_settings_len);
385	if (msg == NULL) {
386	wpabuf_free(plain);
387	return NULL;
388	}
389
390	if (wps_build_version(msg) \|\|
391	wps_build_msg_type(msg, WPS_M7) \|\|
392	wps_build_registrar_nonce(wps, msg) \|\|
393	wps_build_e_snonce2(wps, plain) \|\|
394	(wps->wps->ap && wps_build_ap_settings(wps, plain)) \|\|
395	wps_build_key_wrap_auth(wps, plain) \|\|
396	wps_build_encr_settings(wps, msg, plain) \|\|
397	wps_build_wfa_ext(msg, 0, NULL, 0) \|\|
398	wps_build_authenticator(wps, msg)) {
399	wpabuf_free(plain);
400	wpabuf_free(msg);
401	return NULL;
402	}
403	wpabuf_free(plain);
404
405	if (wps->wps->ap && wps->wps->registrar) {
406	/*
407	* If the Registrar is only learning our current configuration,
408	* it may not continue protocol run to successful completion.
409	* Store information here to make sure it remains available.
410	*/
411	wps_device_store(wps->wps->registrar, &wps->peer_dev,
412	wps->uuid_r);
413	}
414
415	wps->state = RECV_M8;
416	return msg;
417	}
418
419
420	static struct wpabuf * wps_build_wsc_done(struct wps_data *wps)
421	{
422	struct wpabuf *msg;
423
424	wpa_printf(MSG_DEBUG, "WPS: Building Message WSC_Done");
425
426	msg = wpabuf_alloc(1000);
427	if (msg == NULL)
428	return NULL;
429
430	if (wps_build_version(msg) \|\|
431	wps_build_msg_type(msg, WPS_WSC_DONE) \|\|
432	wps_build_enrollee_nonce(wps, msg) \|\|
433	wps_build_registrar_nonce(wps, msg) \|\|
434	wps_build_wfa_ext(msg, 0, NULL, 0)) {
435	wpabuf_free(msg);
436	return NULL;
437	}
438
439	if (wps->wps->ap)
440	wps->state = RECV_ACK;
441	else {
442	wps_success_event(wps->wps, wps->peer_dev.mac_addr);
443	wps->state = WPS_FINISHED;
444	}
445	return msg;
446	}
447
448
449	struct wpabuf * wps_enrollee_get_msg(struct wps_data *wps,
450	enum wsc_op_code *op_code)
451	{
452	struct wpabuf *msg;
453
454	switch (wps->state) {
455	case SEND_M1:
456	msg = wps_build_m1(wps);
457	*op_code = WSC_MSG;
458	break;
459	case SEND_M3:
460	msg = wps_build_m3(wps);
461	*op_code = WSC_MSG;
462	break;
463	case SEND_M5:
464	msg = wps_build_m5(wps);
465	*op_code = WSC_MSG;
466	break;
467	case SEND_M7:
468	msg = wps_build_m7(wps);
469	*op_code = WSC_MSG;
470	break;
471	case RECEIVED_M2D:
472	if (wps->wps->ap) {
473	msg = wps_build_wsc_nack(wps);
474	*op_code = WSC_NACK;
475	break;
476	}
477	msg = wps_build_wsc_ack(wps);
478	*op_code = WSC_ACK;
479	if (msg) {
480	/* Another M2/M2D may be received */
481	wps->state = RECV_M2;
482	}
483	break;
484	case SEND_WSC_NACK:
485	msg = wps_build_wsc_nack(wps);
486	*op_code = WSC_NACK;
487	break;
488	case WPS_MSG_DONE:
489	msg = wps_build_wsc_done(wps);
490	*op_code = WSC_Done;
491	break;
492	default:
493	wpa_printf(MSG_DEBUG, "WPS: Unsupported state %d for building "
494	"a message", wps->state);
495	msg = NULL;
496	break;
497	}
498
499	if (*op_code == WSC_MSG && msg) {
500	/* Save a copy of the last message for Authenticator derivation
501	*/
502	wpabuf_free(wps->last_msg);
503	wps->last_msg = wpabuf_dup(msg);
504	}
505
506	return msg;
507	}
508
509
510	static int wps_process_registrar_nonce(struct wps_data wps, const u8 r_nonce)
511	{
512	if (r_nonce == NULL) {
513	wpa_printf(MSG_DEBUG, "WPS: No Registrar Nonce received");
514	return -1;
515	}
516
517	os_memcpy(wps->nonce_r, r_nonce, WPS_NONCE_LEN);
518	wpa_hexdump(MSG_DEBUG, "WPS: Registrar Nonce",
519	wps->nonce_r, WPS_NONCE_LEN);
520
521	return 0;
522	}
523
524
525	static int wps_process_enrollee_nonce(struct wps_data wps, const u8 e_nonce)
526	{
527	if (e_nonce == NULL) {
528	wpa_printf(MSG_DEBUG, "WPS: No Enrollee Nonce received");
529	return -1;
530	}
531
532	if (os_memcmp(wps->nonce_e, e_nonce, WPS_NONCE_LEN) != 0) {
533	wpa_printf(MSG_DEBUG, "WPS: Invalid Enrollee Nonce received");
534	return -1;
535	}
536
537	return 0;
538	}
539
540
541	static int wps_process_uuid_r(struct wps_data wps, const u8 uuid_r)
542	{
543	if (uuid_r == NULL) {
544	wpa_printf(MSG_DEBUG, "WPS: No UUID-R received");
545	return -1;
546	}
547
548	os_memcpy(wps->uuid_r, uuid_r, WPS_UUID_LEN);
549	wpa_hexdump(MSG_DEBUG, "WPS: UUID-R", wps->uuid_r, WPS_UUID_LEN);
550
551	return 0;
552	}
553
554
555	static int wps_process_pubkey(struct wps_data wps, const u8 pk,
556	size_t pk_len)
557	{
558	if (pk == NULL \|\| pk_len == 0) {
559	wpa_printf(MSG_DEBUG, "WPS: No Public Key received");
560	return -1;
561	}
562
563	if (wps->peer_pubkey_hash_set) {
564	u8 hash[WPS_HASH_LEN];
565	sha256_vector(1, &pk, &pk_len, hash);
566	if (os_memcmp_const(hash, wps->peer_pubkey_hash,
567	WPS_OOB_PUBKEY_HASH_LEN) != 0) {
568	wpa_printf(MSG_ERROR, "WPS: Public Key hash mismatch");
569	wpa_hexdump(MSG_DEBUG, "WPS: Received public key",
570	pk, pk_len);
571	wpa_hexdump(MSG_DEBUG, "WPS: Calculated public key "
572	"hash", hash, WPS_OOB_PUBKEY_HASH_LEN);
573	wpa_hexdump(MSG_DEBUG, "WPS: Expected public key hash",
574	wps->peer_pubkey_hash,
575	WPS_OOB_PUBKEY_HASH_LEN);
576	wps->config_error = WPS_CFG_PUBLIC_KEY_HASH_MISMATCH;
577	return -1;
578	}
579	}
580
581	wpabuf_free(wps->dh_pubkey_r);
582	wps->dh_pubkey_r = wpabuf_alloc_copy(pk, pk_len);
583	if (wps->dh_pubkey_r == NULL)
584	return -1;
585
586	if (wps_derive_keys(wps) < 0)
587	return -1;
588
589	return 0;
590	}
591
592
593	static int wps_process_r_hash1(struct wps_data wps, const u8 r_hash1)
594	{
595	if (r_hash1 == NULL) {
596	wpa_printf(MSG_DEBUG, "WPS: No R-Hash1 received");
597	return -1;
598	}
599
600	os_memcpy(wps->peer_hash1, r_hash1, WPS_HASH_LEN);
601	wpa_hexdump(MSG_DEBUG, "WPS: R-Hash1", wps->peer_hash1, WPS_HASH_LEN);
602
603	return 0;
604	}
605
606
607	static int wps_process_r_hash2(struct wps_data wps, const u8 r_hash2)
608	{
609	if (r_hash2 == NULL) {
610	wpa_printf(MSG_DEBUG, "WPS: No R-Hash2 received");
611	return -1;
612	}
613
614	os_memcpy(wps->peer_hash2, r_hash2, WPS_HASH_LEN);
615	wpa_hexdump(MSG_DEBUG, "WPS: R-Hash2", wps->peer_hash2, WPS_HASH_LEN);
616
617	return 0;
618	}
619
620
621	static int wps_process_r_snonce1(struct wps_data wps, const u8 r_snonce1)
622	{
623	u8 hash[SHA256_MAC_LEN];
624	const u8 *addr[4];
625	size_t len[4];
626
627	if (r_snonce1 == NULL) {
628	wpa_printf(MSG_DEBUG, "WPS: No R-SNonce1 received");
629	return -1;
630	}
631
632	wpa_hexdump_key(MSG_DEBUG, "WPS: R-SNonce1", r_snonce1,
633	WPS_SECRET_NONCE_LEN);
634
635	/* R-Hash1 = HMAC_AuthKey(R-S1 \|\| PSK1 \|\| PK_E \|\| PK_R) */
636	addr[0] = r_snonce1;
637	len[0] = WPS_SECRET_NONCE_LEN;
638	addr[1] = wps->psk1;
639	len[1] = WPS_PSK_LEN;
640	addr[2] = wpabuf_head(wps->dh_pubkey_e);
641	len[2] = wpabuf_len(wps->dh_pubkey_e);
642	addr[3] = wpabuf_head(wps->dh_pubkey_r);
643	len[3] = wpabuf_len(wps->dh_pubkey_r);
644	hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 4, addr, len, hash);
645
646	if (os_memcmp_const(wps->peer_hash1, hash, WPS_HASH_LEN) != 0) {
647	wpa_printf(MSG_DEBUG, "WPS: R-Hash1 derived from R-S1 does "
648	"not match with the pre-committed value");
649	wps->config_error = WPS_CFG_DEV_PASSWORD_AUTH_FAILURE;
650	wps_pwd_auth_fail_event(wps->wps, 1, 1, wps->peer_dev.mac_addr);
651	return -1;
652	}
653
654	wpa_printf(MSG_DEBUG, "WPS: Registrar proved knowledge of the first "
655	"half of the device password");
656
657	return 0;
658	}
659
660
661	static int wps_process_r_snonce2(struct wps_data wps, const u8 r_snonce2)
662	{
663	u8 hash[SHA256_MAC_LEN];
664	const u8 *addr[4];
665	size_t len[4];
666
667	if (r_snonce2 == NULL) {
668	wpa_printf(MSG_DEBUG, "WPS: No R-SNonce2 received");
669	return -1;
670	}
671
672	wpa_hexdump_key(MSG_DEBUG, "WPS: R-SNonce2", r_snonce2,
673	WPS_SECRET_NONCE_LEN);
674
675	/* R-Hash2 = HMAC_AuthKey(R-S2 \|\| PSK2 \|\| PK_E \|\| PK_R) */
676	addr[0] = r_snonce2;
677	len[0] = WPS_SECRET_NONCE_LEN;
678	addr[1] = wps->psk2;
679	len[1] = WPS_PSK_LEN;
680	addr[2] = wpabuf_head(wps->dh_pubkey_e);
681	len[2] = wpabuf_len(wps->dh_pubkey_e);
682	addr[3] = wpabuf_head(wps->dh_pubkey_r);
683	len[3] = wpabuf_len(wps->dh_pubkey_r);
684	hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 4, addr, len, hash);
685
686	if (os_memcmp_const(wps->peer_hash2, hash, WPS_HASH_LEN) != 0) {
687	wpa_printf(MSG_DEBUG, "WPS: R-Hash2 derived from R-S2 does "
688	"not match with the pre-committed value");
689	wps->config_error = WPS_CFG_DEV_PASSWORD_AUTH_FAILURE;
690	wps_pwd_auth_fail_event(wps->wps, 1, 2, wps->peer_dev.mac_addr);
691	return -1;
692	}
693
694	wpa_printf(MSG_DEBUG, "WPS: Registrar proved knowledge of the second "
695	"half of the device password");
696
697	return 0;
698	}
699
700
701	static int wps_process_cred_e(struct wps_data wps, const u8 cred,
702	size_t cred_len, int wps2)
703	{
704	struct wps_parse_attr attr;
705	struct wpabuf msg;
706	int ret = 0;
707
708	wpa_printf(MSG_DEBUG, "WPS: Received Credential");
709	os_memset(&wps->cred, 0, sizeof(wps->cred));
710	wpabuf_set(&msg, cred, cred_len);
711	if (wps_parse_msg(&msg, &attr) < 0 \|\|
712	wps_process_cred(&attr, &wps->cred))
713	return -1;
714
715	if (os_memcmp(wps->cred.mac_addr, wps->wps->dev.mac_addr, ETH_ALEN) !=
716	0) {
717	wpa_printf(MSG_DEBUG, "WPS: MAC Address in the Credential ("
718	MACSTR ") does not match with own address (" MACSTR
719	")", MAC2STR(wps->cred.mac_addr),
720	MAC2STR(wps->wps->dev.mac_addr));
721	/*
722	* In theory, this could be consider fatal error, but there are
723	* number of deployed implementations using other address here
724	* due to unclarity in the specification. For interoperability
725	* reasons, allow this to be processed since we do not really
726	* use the MAC Address information for anything.
727	*/
728	#ifdef CONFIG_WPS_STRICT
729	if (wps2) {
730	wpa_printf(MSG_INFO, "WPS: Do not accept incorrect "
731	"MAC Address in AP Settings");
732	return -1;
733	}
734	#endif /* CONFIG_WPS_STRICT */
735	}
736
737	if (!(wps->cred.encr_type &
738	(WPS_ENCR_NONE \| WPS_ENCR_TKIP \| WPS_ENCR_AES))) {
739	if (wps->cred.encr_type & WPS_ENCR_WEP) {
740	wpa_printf(MSG_INFO, "WPS: Reject Credential "
741	"due to WEP configuration");
742	wps->error_indication = WPS_EI_SECURITY_WEP_PROHIBITED;
743	return -2;
744	}
745
746	wpa_printf(MSG_INFO, "WPS: Reject Credential due to "
747	"invalid encr_type 0x%x", wps->cred.encr_type);
748	return -1;
749	}
750
751	if (wps->wps->cred_cb) {
752	wps->cred.cred_attr = cred - 4;
753	wps->cred.cred_attr_len = cred_len + 4;
754	ret = wps->wps->cred_cb(wps->wps->cb_ctx, &wps->cred);
755	wps->cred.cred_attr = NULL;
756	wps->cred.cred_attr_len = 0;
757	}
758
759	return ret;
760	}
761
762
763	static int wps_process_creds(struct wps_data wps, const u8 cred[],
764	u16 cred_len[], unsigned int num_cred, int wps2)
765	{
766	size_t i;
767	int ok = 0;
768
769	if (wps->wps->ap)
770	return 0;
771
772	if (num_cred == 0) {
773	wpa_printf(MSG_DEBUG, "WPS: No Credential attributes "
774	"received");
775	return -1;
776	}
777
778	for (i = 0; i < num_cred; i++) {
779	int res;
780	res = wps_process_cred_e(wps, cred[i], cred_len[i], wps2);
781	if (res == 0)
782	ok++;
783	else if (res == -2)
784	wpa_printf(MSG_DEBUG, "WPS: WEP credential skipped");
785	else
786	return -1;
787	}
788
789	if (ok == 0) {
790	wpa_printf(MSG_DEBUG, "WPS: No valid Credential attribute "
791	"received");
792	return -1;
793	}
794
795	return 0;
796	}
797
798
799	static int wps_process_ap_settings_e(struct wps_data *wps,
800	struct wps_parse_attr *attr,
801	struct wpabuf *attrs, int wps2)
802	{
803	struct wps_credential cred;
804	int ret = 0;
805
806	if (!wps->wps->ap)
807	return 0;
808
809	if (wps_process_ap_settings(attr, &cred) < 0)
810	return -1;
811
812	wpa_printf(MSG_INFO, "WPS: Received new AP configuration from "
813	"Registrar");
814
815	if (os_memcmp(cred.mac_addr, wps->wps->dev.mac_addr, ETH_ALEN) !=
816	0) {
817	wpa_printf(MSG_DEBUG, "WPS: MAC Address in the AP Settings ("
818	MACSTR ") does not match with own address (" MACSTR
819	")", MAC2STR(cred.mac_addr),
820	MAC2STR(wps->wps->dev.mac_addr));
821	/*
822	* In theory, this could be consider fatal error, but there are
823	* number of deployed implementations using other address here
824	* due to unclarity in the specification. For interoperability
825	* reasons, allow this to be processed since we do not really
826	* use the MAC Address information for anything.
827	*/
828	#ifdef CONFIG_WPS_STRICT
829	if (wps2) {
830	wpa_printf(MSG_INFO, "WPS: Do not accept incorrect "
831	"MAC Address in AP Settings");
832	return -1;
833	}
834	#endif /* CONFIG_WPS_STRICT */
835	}
836
837	if (!(cred.encr_type & (WPS_ENCR_NONE \| WPS_ENCR_TKIP \| WPS_ENCR_AES)))
838	{
839	if (cred.encr_type & WPS_ENCR_WEP) {
840	wpa_printf(MSG_INFO, "WPS: Reject new AP settings "
841	"due to WEP configuration");
842	wps->error_indication = WPS_EI_SECURITY_WEP_PROHIBITED;
843	return -1;
844	}
845
846	wpa_printf(MSG_INFO, "WPS: Reject new AP settings due to "
847	"invalid encr_type 0x%x", cred.encr_type);
848	return -1;
849	}
850
851	#ifdef CONFIG_WPS_STRICT
852	if (wps2) {
853	if ((cred.encr_type & (WPS_ENCR_TKIP \| WPS_ENCR_AES)) ==
854	WPS_ENCR_TKIP \|\|
855	(cred.auth_type & (WPS_AUTH_WPAPSK \| WPS_AUTH_WPA2PSK)) ==
856	WPS_AUTH_WPAPSK) {
857	wpa_printf(MSG_INFO, "WPS-STRICT: Invalid WSC 2.0 "
858	"AP Settings: WPA-Personal/TKIP only");
859	wps->error_indication =
860	WPS_EI_SECURITY_TKIP_ONLY_PROHIBITED;
861	return -1;
862	}
863	}
864	#endif /* CONFIG_WPS_STRICT */
865
866	if ((cred.encr_type & (WPS_ENCR_TKIP \| WPS_ENCR_AES)) == WPS_ENCR_TKIP)
867	{
868	wpa_printf(MSG_DEBUG, "WPS: Upgrade encr_type TKIP -> "
869	"TKIP+AES");
870	cred.encr_type \|= WPS_ENCR_AES;
871	}
872
873	if ((cred.auth_type & (WPS_AUTH_WPAPSK \| WPS_AUTH_WPA2PSK)) ==
874	WPS_AUTH_WPAPSK) {
875	wpa_printf(MSG_DEBUG, "WPS: Upgrade auth_type WPAPSK -> "
876	"WPAPSK+WPA2PSK");
877	cred.auth_type \|= WPS_AUTH_WPA2PSK;
878	}
879
880	if (wps->wps->cred_cb) {
881	cred.cred_attr = wpabuf_head(attrs);
882	cred.cred_attr_len = wpabuf_len(attrs);
883	ret = wps->wps->cred_cb(wps->wps->cb_ctx, &cred);
884	}
885
886	return ret;
887	}
888
889
890	static int wps_process_dev_pw_id(struct wps_data wps, const u8 dev_pw_id)
891	{
892	u16 id;
893
894	if (dev_pw_id == NULL) {
895	wpa_printf(MSG_DEBUG, "WPS: Device Password ID");
896	return -1;
897	}
898
899	id = WPA_GET_BE16(dev_pw_id);
900	if (wps->dev_pw_id == id) {
901	wpa_printf(MSG_DEBUG, "WPS: Device Password ID %u", id);
902	return 0;
903	}
904
905	#ifdef CONFIG_P2P
906	if ((id == DEV_PW_DEFAULT &&
907	wps->dev_pw_id == DEV_PW_REGISTRAR_SPECIFIED) \|\|
908	(id == DEV_PW_REGISTRAR_SPECIFIED &&
909	wps->dev_pw_id == DEV_PW_DEFAULT)) {
910	/*
911	* Common P2P use cases indicate whether the PIN is from the
912	* client or GO using Device Password Id in M1/M2 in a way that
913	* does not look fully compliant with WSC specification. Anyway,
914	* this is deployed and needs to be allowed, so ignore changes
915	* between Registrar-Specified and Default PIN.
916	*/
917	wpa_printf(MSG_DEBUG, "WPS: Allow PIN Device Password ID "
918	"change");
919	return 0;
920	}
921	#endif /* CONFIG_P2P */
922
923	wpa_printf(MSG_DEBUG, "WPS: Registrar trying to change Device Password "
924	"ID from %u to %u", wps->dev_pw_id, id);
925
926	if (wps->dev_pw_id == DEV_PW_PUSHBUTTON && id == DEV_PW_DEFAULT) {
927	wpa_printf(MSG_DEBUG,
928	"WPS: Workaround - ignore PBC-to-PIN change");
929	return 0;
930	}
931
932	if (wps->alt_dev_password && wps->alt_dev_pw_id == id) {
933	wpa_printf(MSG_DEBUG, "WPS: Found a matching Device Password");
934	bin_clear_free(wps->dev_password, wps->dev_password_len);
935	wps->dev_pw_id = wps->alt_dev_pw_id;
936	wps->dev_password = wps->alt_dev_password;
937	wps->dev_password_len = wps->alt_dev_password_len;
938	wps->alt_dev_password = NULL;
939	wps->alt_dev_password_len = 0;
940	return 0;
941	}
942
943	return -1;
944	}
945
946
947	static enum wps_process_res wps_process_m2(struct wps_data *wps,
948	const struct wpabuf *msg,
949	struct wps_parse_attr *attr)
950	{
951	wpa_printf(MSG_DEBUG, "WPS: Received M2");
952
953	if (wps->state != RECV_M2) {
954	wpa_printf(MSG_DEBUG, "WPS: Unexpected state (%d) for "
955	"receiving M2", wps->state);
956	wps->state = SEND_WSC_NACK;
957	return WPS_CONTINUE;
958	}
959
960	if (wps_process_registrar_nonce(wps, attr->registrar_nonce) \|\|
961	wps_process_enrollee_nonce(wps, attr->enrollee_nonce) \|\|
962	wps_process_uuid_r(wps, attr->uuid_r) \|\|
963	wps_process_dev_pw_id(wps, attr->dev_password_id)) {
964	wps->state = SEND_WSC_NACK;
965	return WPS_CONTINUE;
966	}
967
968	/*
969	* Stop here on an AP as an Enrollee if AP Setup is locked unless the
970	* special locked mode is used to allow protocol run up to M7 in order
971	* to support external Registrars that only learn the current AP
972	* configuration without changing it.
973	*/
974	if (wps->wps->ap &&
975	((wps->wps->ap_setup_locked && wps->wps->ap_setup_locked != 2) \|\|
976	wps->dev_password == NULL)) {
977	wpa_printf(MSG_DEBUG, "WPS: AP Setup is locked - refuse "
978	"registration of a new Registrar");
979	wps->config_error = WPS_CFG_SETUP_LOCKED;
980	wps->state = SEND_WSC_NACK;
981	return WPS_CONTINUE;
982	}
983
984	if (wps_process_pubkey(wps, attr->public_key, attr->public_key_len) \|\|
985	wps_process_authenticator(wps, attr->authenticator, msg) \|\|
986	wps_process_device_attrs(&wps->peer_dev, attr)) {
987	wps->state = SEND_WSC_NACK;
988	return WPS_CONTINUE;
989	}
990
991	#ifdef CONFIG_WPS_NFC
992	if (wps->peer_pubkey_hash_set) {
993	struct wpabuf *decrypted;
994	struct wps_parse_attr eattr;
995
996	decrypted = wps_decrypt_encr_settings(wps, attr->encr_settings,
997	attr->encr_settings_len);
998	if (decrypted == NULL) {
999	wpa_printf(MSG_DEBUG, "WPS: Failed to decrypt "
1000	"Encrypted Settings attribute");
1001	wps->state = SEND_WSC_NACK;
1002	return WPS_CONTINUE;
1003	}
1004
1005	wpa_printf(MSG_DEBUG, "WPS: Processing decrypted Encrypted "
1006	"Settings attribute");
1007	if (wps_parse_msg(decrypted, &eattr) < 0 \|\|
1008	wps_process_key_wrap_auth(wps, decrypted,
1009	eattr.key_wrap_auth) \|\|
1010	wps_process_creds(wps, eattr.cred, eattr.cred_len,
1011	eattr.num_cred, attr->version2 != NULL)) {
1012	wpabuf_free(decrypted);
1013	wps->state = SEND_WSC_NACK;
1014	return WPS_CONTINUE;
1015	}
1016	wpabuf_free(decrypted);
1017
1018	wps->state = WPS_MSG_DONE;
1019	return WPS_CONTINUE;
1020	}
1021	#endif /* CONFIG_WPS_NFC */
1022
1023	wps->state = SEND_M3;
1024	return WPS_CONTINUE;
1025	}
1026
1027
1028	static enum wps_process_res wps_process_m2d(struct wps_data *wps,
1029	struct wps_parse_attr *attr)
1030	{
1031	wpa_printf(MSG_DEBUG, "WPS: Received M2D");
1032
1033	if (wps->state != RECV_M2) {
1034	wpa_printf(MSG_DEBUG, "WPS: Unexpected state (%d) for "
1035	"receiving M2D", wps->state);
1036	wps->state = SEND_WSC_NACK;
1037	return WPS_CONTINUE;
1038	}
1039
1040	wpa_hexdump_ascii(MSG_DEBUG, "WPS: Manufacturer",
1041	attr->manufacturer, attr->manufacturer_len);
1042	wpa_hexdump_ascii(MSG_DEBUG, "WPS: Model Name",
1043	attr->model_name, attr->model_name_len);
1044	wpa_hexdump_ascii(MSG_DEBUG, "WPS: Model Number",
1045	attr->model_number, attr->model_number_len);
1046	wpa_hexdump_ascii(MSG_DEBUG, "WPS: Serial Number",
1047	attr->serial_number, attr->serial_number_len);
1048	wpa_hexdump_ascii(MSG_DEBUG, "WPS: Device Name",
1049	attr->dev_name, attr->dev_name_len);
1050
1051	if (wps->wps->event_cb) {
1052	union wps_event_data data;
1053	struct wps_event_m2d *m2d = &data.m2d;
1054	os_memset(&data, 0, sizeof(data));
1055	if (attr->config_methods)
1056	m2d->config_methods =
1057	WPA_GET_BE16(attr->config_methods);
1058	m2d->manufacturer = attr->manufacturer;
1059	m2d->manufacturer_len = attr->manufacturer_len;
1060	m2d->model_name = attr->model_name;
1061	m2d->model_name_len = attr->model_name_len;
1062	m2d->model_number = attr->model_number;
1063	m2d->model_number_len = attr->model_number_len;
1064	m2d->serial_number = attr->serial_number;
1065	m2d->serial_number_len = attr->serial_number_len;
1066	m2d->dev_name = attr->dev_name;
1067	m2d->dev_name_len = attr->dev_name_len;
1068	m2d->primary_dev_type = attr->primary_dev_type;
1069	if (attr->config_error)
1070	m2d->config_error =
1071	WPA_GET_BE16(attr->config_error);
1072	if (attr->dev_password_id)
1073	m2d->dev_password_id =
1074	WPA_GET_BE16(attr->dev_password_id);
1075	wps->wps->event_cb(wps->wps->cb_ctx, WPS_EV_M2D, &data);
1076	}
1077
1078	wps->state = RECEIVED_M2D;
1079	return WPS_CONTINUE;
1080	}
1081
1082
1083	static enum wps_process_res wps_process_m4(struct wps_data *wps,
1084	const struct wpabuf *msg,
1085	struct wps_parse_attr *attr)
1086	{
1087	struct wpabuf *decrypted;
1088	struct wps_parse_attr eattr;
1089
1090	wpa_printf(MSG_DEBUG, "WPS: Received M4");
1091
1092	if (wps->state != RECV_M4) {
1093	wpa_printf(MSG_DEBUG, "WPS: Unexpected state (%d) for "
1094	"receiving M4", wps->state);
1095	wps->state = SEND_WSC_NACK;
1096	return WPS_CONTINUE;
1097	}
1098
1099	if (wps_process_enrollee_nonce(wps, attr->enrollee_nonce) \|\|
1100	wps_process_authenticator(wps, attr->authenticator, msg) \|\|
1101	wps_process_r_hash1(wps, attr->r_hash1) \|\|
1102	wps_process_r_hash2(wps, attr->r_hash2)) {
1103	wps->state = SEND_WSC_NACK;
1104	return WPS_CONTINUE;
1105	}
1106
1107	decrypted = wps_decrypt_encr_settings(wps, attr->encr_settings,
1108	attr->encr_settings_len);
1109	if (decrypted == NULL) {
1110	wpa_printf(MSG_DEBUG, "WPS: Failed to decrypted Encrypted "
1111	"Settings attribute");
1112	wps->state = SEND_WSC_NACK;
1113	return WPS_CONTINUE;
1114	}
1115
1116	if (wps_validate_m4_encr(decrypted, attr->version2 != NULL) < 0) {
1117	wpabuf_free(decrypted);
1118	wps->state = SEND_WSC_NACK;
1119	return WPS_CONTINUE;
1120	}
1121
1122	wpa_printf(MSG_DEBUG, "WPS: Processing decrypted Encrypted Settings "
1123	"attribute");
1124	if (wps_parse_msg(decrypted, &eattr) < 0 \|\|
1125	wps_process_key_wrap_auth(wps, decrypted, eattr.key_wrap_auth) \|\|
1126	wps_process_r_snonce1(wps, eattr.r_snonce1)) {
1127	wpabuf_free(decrypted);
1128	wps->state = SEND_WSC_NACK;
1129	return WPS_CONTINUE;
1130	}
1131	wpabuf_free(decrypted);
1132
1133	wps->state = SEND_M5;
1134	return WPS_CONTINUE;
1135	}
1136
1137
1138	static enum wps_process_res wps_process_m6(struct wps_data *wps,
1139	const struct wpabuf *msg,
1140	struct wps_parse_attr *attr)
1141	{
1142	struct wpabuf *decrypted;
1143	struct wps_parse_attr eattr;
1144
1145	wpa_printf(MSG_DEBUG, "WPS: Received M6");
1146
1147	if (wps->state != RECV_M6) {
1148	wpa_printf(MSG_DEBUG, "WPS: Unexpected state (%d) for "
1149	"receiving M6", wps->state);
1150	wps->state = SEND_WSC_NACK;
1151	return WPS_CONTINUE;
1152	}
1153
1154	if (wps_process_enrollee_nonce(wps, attr->enrollee_nonce) \|\|
1155	wps_process_authenticator(wps, attr->authenticator, msg)) {
1156	wps->state = SEND_WSC_NACK;
1157	return WPS_CONTINUE;
1158	}
1159
1160	decrypted = wps_decrypt_encr_settings(wps, attr->encr_settings,
1161	attr->encr_settings_len);
1162	if (decrypted == NULL) {
1163	wpa_printf(MSG_DEBUG, "WPS: Failed to decrypted Encrypted "
1164	"Settings attribute");
1165	wps->state = SEND_WSC_NACK;
1166	return WPS_CONTINUE;
1167	}
1168
1169	if (wps_validate_m6_encr(decrypted, attr->version2 != NULL) < 0) {
1170	wpabuf_free(decrypted);
1171	wps->state = SEND_WSC_NACK;
1172	return WPS_CONTINUE;
1173	}
1174
1175	wpa_printf(MSG_DEBUG, "WPS: Processing decrypted Encrypted Settings "
1176	"attribute");
1177	if (wps_parse_msg(decrypted, &eattr) < 0 \|\|
1178	wps_process_key_wrap_auth(wps, decrypted, eattr.key_wrap_auth) \|\|
1179	wps_process_r_snonce2(wps, eattr.r_snonce2)) {
1180	wpabuf_free(decrypted);
1181	wps->state = SEND_WSC_NACK;
1182	return WPS_CONTINUE;
1183	}
1184	wpabuf_free(decrypted);
1185
1186	if (wps->wps->ap)
1187	wps->wps->event_cb(wps->wps->cb_ctx, WPS_EV_AP_PIN_SUCCESS,
1188	NULL);
1189
1190	wps->state = SEND_M7;
1191	return WPS_CONTINUE;
1192	}
1193
1194
1195	static enum wps_process_res wps_process_m8(struct wps_data *wps,
1196	const struct wpabuf *msg,
1197	struct wps_parse_attr *attr)
1198	{
1199	struct wpabuf *decrypted;
1200	struct wps_parse_attr eattr;
1201
1202	wpa_printf(MSG_DEBUG, "WPS: Received M8");
1203
1204	if (wps->state != RECV_M8) {
1205	wpa_printf(MSG_DEBUG, "WPS: Unexpected state (%d) for "
1206	"receiving M8", wps->state);
1207	wps->state = SEND_WSC_NACK;
1208	return WPS_CONTINUE;
1209	}
1210
1211	if (wps_process_enrollee_nonce(wps, attr->enrollee_nonce) \|\|
1212	wps_process_authenticator(wps, attr->authenticator, msg)) {
1213	wps->state = SEND_WSC_NACK;
1214	return WPS_CONTINUE;
1215	}
1216
1217	if (wps->wps->ap && wps->wps->ap_setup_locked) {
1218	/*
1219	* Stop here if special ap_setup_locked == 2 mode allowed the
1220	* protocol to continue beyond M2. This allows ER to learn the
1221	* current AP settings without changing them.
1222	*/
1223	wpa_printf(MSG_DEBUG, "WPS: AP Setup is locked - refuse "
1224	"registration of a new Registrar");
1225	wps->config_error = WPS_CFG_SETUP_LOCKED;
1226	wps->state = SEND_WSC_NACK;
1227	return WPS_CONTINUE;
1228	}
1229
1230	decrypted = wps_decrypt_encr_settings(wps, attr->encr_settings,
1231	attr->encr_settings_len);
1232	if (decrypted == NULL) {
1233	wpa_printf(MSG_DEBUG, "WPS: Failed to decrypted Encrypted "
1234	"Settings attribute");
1235	wps->state = SEND_WSC_NACK;
1236	return WPS_CONTINUE;
1237	}
1238
1239	if (wps_validate_m8_encr(decrypted, wps->wps->ap,
1240	attr->version2 != NULL) < 0) {
1241	wpabuf_free(decrypted);
1242	wps->state = SEND_WSC_NACK;
1243	return WPS_CONTINUE;
1244	}
1245
1246	wpa_printf(MSG_DEBUG, "WPS: Processing decrypted Encrypted Settings "
1247	"attribute");
1248	if (wps_parse_msg(decrypted, &eattr) < 0 \|\|
1249	wps_process_key_wrap_auth(wps, decrypted, eattr.key_wrap_auth) \|\|
1250	wps_process_creds(wps, eattr.cred, eattr.cred_len,
1251	eattr.num_cred, attr->version2 != NULL) \|\|
1252	wps_process_ap_settings_e(wps, &eattr, decrypted,
1253	attr->version2 != NULL)) {
1254	wpabuf_free(decrypted);
1255	wps->state = SEND_WSC_NACK;
1256	return WPS_CONTINUE;
1257	}
1258	wpabuf_free(decrypted);
1259
1260	wps->state = WPS_MSG_DONE;
1261	return WPS_CONTINUE;
1262	}
1263
1264
1265	static enum wps_process_res wps_process_wsc_msg(struct wps_data *wps,
1266	const struct wpabuf *msg)
1267	{
1268	struct wps_parse_attr attr;
1269	enum wps_process_res ret = WPS_CONTINUE;
1270
1271	wpa_printf(MSG_DEBUG, "WPS: Received WSC_MSG");
1272
1273	if (wps_parse_msg(msg, &attr) < 0)
1274	return WPS_FAILURE;
1275
1276	if (attr.enrollee_nonce == NULL \|\|
1277	os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
1278	wpa_printf(MSG_DEBUG, "WPS: Mismatch in enrollee nonce");
1279	return WPS_FAILURE;
1280	}
1281
1282	if (attr.msg_type == NULL) {
1283	wpa_printf(MSG_DEBUG, "WPS: No Message Type attribute");
1284	wps->state = SEND_WSC_NACK;
1285	return WPS_CONTINUE;
1286	}
1287
1288	switch (*attr.msg_type) {
1289	case WPS_M2:
1290	if (wps_validate_m2(msg) < 0)
1291	return WPS_FAILURE;
1292	ret = wps_process_m2(wps, msg, &attr);
1293	break;
1294	case WPS_M2D:
1295	if (wps_validate_m2d(msg) < 0)
1296	return WPS_FAILURE;
1297	ret = wps_process_m2d(wps, &attr);
1298	break;
1299	case WPS_M4:
1300	if (wps_validate_m4(msg) < 0)
1301	return WPS_FAILURE;
1302	ret = wps_process_m4(wps, msg, &attr);
1303	if (ret == WPS_FAILURE \|\| wps->state == SEND_WSC_NACK)
1304	wps_fail_event(wps->wps, WPS_M4, wps->config_error,
1305	wps->error_indication,
1306	wps->peer_dev.mac_addr);
1307	break;
1308	case WPS_M6:
1309	if (wps_validate_m6(msg) < 0)
1310	return WPS_FAILURE;
1311	ret = wps_process_m6(wps, msg, &attr);
1312	if (ret == WPS_FAILURE \|\| wps->state == SEND_WSC_NACK)
1313	wps_fail_event(wps->wps, WPS_M6, wps->config_error,
1314	wps->error_indication,
1315	wps->peer_dev.mac_addr);
1316	break;
1317	case WPS_M8:
1318	if (wps_validate_m8(msg) < 0)
1319	return WPS_FAILURE;
1320	ret = wps_process_m8(wps, msg, &attr);
1321	if (ret == WPS_FAILURE \|\| wps->state == SEND_WSC_NACK)
1322	wps_fail_event(wps->wps, WPS_M8, wps->config_error,
1323	wps->error_indication,
1324	wps->peer_dev.mac_addr);
1325	break;
1326	default:
1327	wpa_printf(MSG_DEBUG, "WPS: Unsupported Message Type %d",
1328	*attr.msg_type);
1329	return WPS_FAILURE;
1330	}
1331
1332	/*
1333	* Save a copy of the last message for Authenticator derivation if we
1334	* are continuing. However, skip M2D since it is not authenticated and
1335	* neither is the ACK/NACK response frame. This allows the possibly
1336	* following M2 to be processed correctly by using the previously sent
1337	* M1 in Authenticator derivation.
1338	*/
1339	if (ret == WPS_CONTINUE && *attr.msg_type != WPS_M2D) {
1340	/* Save a copy of the last message for Authenticator derivation
1341	*/
1342	wpabuf_free(wps->last_msg);
1343	wps->last_msg = wpabuf_dup(msg);
1344	}
1345
1346	return ret;
1347	}
1348
1349
1350	static enum wps_process_res wps_process_wsc_ack(struct wps_data *wps,
1351	const struct wpabuf *msg)
1352	{
1353	struct wps_parse_attr attr;
1354
1355	wpa_printf(MSG_DEBUG, "WPS: Received WSC_ACK");
1356
1357	if (wps_parse_msg(msg, &attr) < 0)
1358	return WPS_FAILURE;
1359
1360	if (attr.msg_type == NULL) {
1361	wpa_printf(MSG_DEBUG, "WPS: No Message Type attribute");
1362	return WPS_FAILURE;
1363	}
1364
1365	if (*attr.msg_type != WPS_WSC_ACK) {
1366	wpa_printf(MSG_DEBUG, "WPS: Invalid Message Type %d",
1367	*attr.msg_type);
1368	return WPS_FAILURE;
1369	}
1370
1371	if (attr.registrar_nonce == NULL \|\|
1372	os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0)
1373	{
1374	wpa_printf(MSG_DEBUG, "WPS: Mismatch in registrar nonce");
1375	return WPS_FAILURE;
1376	}
1377
1378	if (attr.enrollee_nonce == NULL \|\|
1379	os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
1380	wpa_printf(MSG_DEBUG, "WPS: Mismatch in enrollee nonce");
1381	return WPS_FAILURE;
1382	}
1383
1384	if (wps->state == RECV_ACK && wps->wps->ap) {
1385	wpa_printf(MSG_DEBUG, "WPS: External Registrar registration "
1386	"completed successfully");
1387	wps_success_event(wps->wps, wps->peer_dev.mac_addr);
1388	wps->state = WPS_FINISHED;
1389	return WPS_DONE;
1390	}
1391
1392	return WPS_FAILURE;
1393	}
1394
1395
1396	static enum wps_process_res wps_process_wsc_nack(struct wps_data *wps,
1397	const struct wpabuf *msg)
1398	{
1399	struct wps_parse_attr attr;
1400	u16 config_error;
1401
1402	wpa_printf(MSG_DEBUG, "WPS: Received WSC_NACK");
1403
1404	if (wps_parse_msg(msg, &attr) < 0)
1405	return WPS_FAILURE;
1406
1407	if (attr.msg_type == NULL) {
1408	wpa_printf(MSG_DEBUG, "WPS: No Message Type attribute");
1409	return WPS_FAILURE;
1410	}
1411
1412	if (*attr.msg_type != WPS_WSC_NACK) {
1413	wpa_printf(MSG_DEBUG, "WPS: Invalid Message Type %d",
1414	*attr.msg_type);
1415	return WPS_FAILURE;
1416	}
1417
1418	if (attr.registrar_nonce == NULL \|\|
1419	os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0)
1420	{
1421	wpa_printf(MSG_DEBUG, "WPS: Mismatch in registrar nonce");
1422	wpa_hexdump(MSG_DEBUG, "WPS: Received Registrar Nonce",
1423	attr.registrar_nonce, WPS_NONCE_LEN);
1424	wpa_hexdump(MSG_DEBUG, "WPS: Expected Registrar Nonce",
1425	wps->nonce_r, WPS_NONCE_LEN);
1426	return WPS_FAILURE;
1427	}
1428
1429	if (attr.enrollee_nonce == NULL \|\|
1430	os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
1431	wpa_printf(MSG_DEBUG, "WPS: Mismatch in enrollee nonce");
1432	wpa_hexdump(MSG_DEBUG, "WPS: Received Enrollee Nonce",
1433	attr.enrollee_nonce, WPS_NONCE_LEN);
1434	wpa_hexdump(MSG_DEBUG, "WPS: Expected Enrollee Nonce",
1435	wps->nonce_e, WPS_NONCE_LEN);
1436	return WPS_FAILURE;
1437	}
1438
1439	if (attr.config_error == NULL) {
1440	wpa_printf(MSG_DEBUG, "WPS: No Configuration Error attribute "
1441	"in WSC_NACK");
1442	return WPS_FAILURE;
1443	}
1444
1445	config_error = WPA_GET_BE16(attr.config_error);
1446	wpa_printf(MSG_DEBUG, "WPS: Registrar terminated negotiation with "
1447	"Configuration Error %d", config_error);
1448
1449	switch (wps->state) {
1450	case RECV_M4:
1451	wps_fail_event(wps->wps, WPS_M3, config_error,
1452	wps->error_indication, wps->peer_dev.mac_addr);
1453	break;
1454	case RECV_M6:
1455	wps_fail_event(wps->wps, WPS_M5, config_error,
1456	wps->error_indication, wps->peer_dev.mac_addr);
1457	break;
1458	case RECV_M8:
1459	wps_fail_event(wps->wps, WPS_M7, config_error,
1460	wps->error_indication, wps->peer_dev.mac_addr);
1461	break;
1462	default:
1463	break;
1464	}
1465
1466	/* Followed by NACK if Enrollee is Supplicant or EAP-Failure if
1467	* Enrollee is Authenticator */
1468	wps->state = SEND_WSC_NACK;
1469
1470	return WPS_FAILURE;
1471	}
1472
1473
1474	enum wps_process_res wps_enrollee_process_msg(struct wps_data *wps,
1475	enum wsc_op_code op_code,
1476	const struct wpabuf *msg)
1477	{
1478
1479	wpa_printf(MSG_DEBUG, "WPS: Processing received message (len=%lu "
1480	"op_code=%d)",
1481	(unsigned long) wpabuf_len(msg), op_code);
1482
1483	if (op_code == WSC_UPnP) {
1484	/* Determine the OpCode based on message type attribute */
1485	struct wps_parse_attr attr;
1486	if (wps_parse_msg(msg, &attr) == 0 && attr.msg_type) {
1487	if (*attr.msg_type == WPS_WSC_ACK)
1488	op_code = WSC_ACK;
1489	else if (*attr.msg_type == WPS_WSC_NACK)
1490	op_code = WSC_NACK;
1491	}
1492	}
1493
1494	switch (op_code) {
1495	case WSC_MSG:
1496	case WSC_UPnP:
1497	return wps_process_wsc_msg(wps, msg);
1498	case WSC_ACK:
1499	if (wps_validate_wsc_ack(msg) < 0)
1500	return WPS_FAILURE;
1501	return wps_process_wsc_ack(wps, msg);
1502	case WSC_NACK:
1503	if (wps_validate_wsc_nack(msg) < 0)
1504	return WPS_FAILURE;
1505	return wps_process_wsc_nack(wps, msg);
1506	default:
1507	wpa_printf(MSG_DEBUG, "WPS: Unsupported op_code %d", op_code);
1508	return WPS_FAILURE;
1509	}
1510	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: