espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-01 19:54:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

supplicant/esp_wifi: move supplicant to idf

Browse Source 
Move supplicant to idf and do following refactoring:
1. Make the folder structure consitent with supplicant upstream
2. Remove duplicated header files and minimize the public header files
3. Refactor for WiFi/supplicant interfaces
This commit is contained in:
Deng Xin
2018-08-13 16:37:56 +08:00
committed by liuzhifu
parent 39a5fbdfee
commit c139683024
185 changed files with 17694 additions and 3983 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
components/esp_wifi/CMakeLists.txt
View File

@@ -19,7 +19,7 @@ idf_build_get_property(build_dir BUILD_DIR)
target_link_libraries(${COMPONENT_LIB} PUBLIC "-L ${CMAKE_CURRENT_SOURCE_DIR}/lib_${idf_target}")
if(NOT CONFIG_ESP32_NO_BLOBS)
set(blobs coexist core espnow mesh net80211 phy pp rtc smartconfig wpa2 wpa wps)
set(blobs coexist core espnow mesh net80211 phy pp rtc smartconfig)
foreach(blob ${blobs})
add_library(${blob} STATIC IMPORTED)
set_property(TARGET ${blob} PROPERTY IMPORTED_LOCATION ${CMAKE_CURRENT_SOURCE_DIR}/lib_${idf_target}/lib${blob}.a)

2
components/esp_wifi/component.mk
View File

@@ -6,7 +6,7 @@ COMPONENT_ADD_INCLUDEDIRS := include $(IDF_TARGET)/include
COMPONENT_SRCDIRS := src
ifndef CONFIG_ESP32_NO_BLOBS
LIBS := core rtc net80211 pp wpa smartconfig coexist wps wpa2 espnow phy mesh
LIBS := core rtc net80211 pp smartconfig coexist espnow phy mesh
COMPONENT_ADD_LDFLAGS += -L$(COMPONENT_PATH)/lib_$(IDF_TARGET) \
$(addprefix -l,$(LIBS))

439
components/esp_wifi/include/esp_wifi_crypto_types.h
View File

@@ -62,43 +62,6 @@ typedef struct crypto_hash esp_crypto_hash_t;
*/
typedef struct crypto_cipher esp_crypto_cipher_t;
/**
* @brief The crypto callback function used in wpa enterprise hash operation when connect.
* Initialize a esp_crypto_hash_t structure.
*
* @param alg Hash algorithm.
* @param key Key for keyed hash (e.g., HMAC) or %NULL if not needed.
* @param key_len Length of the key in bytes
*
*/
typedef esp_crypto_hash_t * (*esp_crypto_hash_init_t)(esp_crypto_hash_alg_t alg, const unsigned char *key, int key_len);
/**
* @brief The crypto callback function used in wpa enterprise hash operation when connect.
* Add data to hash calculation.
*
* @param ctz Context pointer from esp_crypto_hash_init_t function.
* @param data Data buffer to add.
* @param len Length of the buffer.
*
*/
typedef void (*esp_crypto_hash_update_t)(esp_crypto_hash_t *ctx, const unsigned char *data, int len);
/**
* @brief The crypto callback function used in wpa enterprise hash operation when connect.
* Complete hash calculation.
*
* @param ctz Context pointer from esp_crypto_hash_init_t function.
* @param hash Buffer for hash value or %NULL if caller is just freeing the hash
* context.
* @param len Pointer to length of the buffer or %NULL if caller is just freeing the
* hash context; on return, this is set to the actual length of the hash value
* Returns: 0 on success, -1 if buffer is too small (len set to needed length),
* or -2 on other failures (including failed crypto_hash_update() operations)
*
*/
typedef int (*esp_crypto_hash_finish_t)(esp_crypto_hash_t *ctx, unsigned char *hash, int *len);
/**
* @brief The AES callback function when do WPS connect.
*
@@ -142,64 +105,6 @@ typedef int (*esp_aes_wrap_t)(const unsigned char *kek, int n, const unsigned ch
*/
typedef int (*esp_aes_unwrap_t)(const unsigned char *kek, int n, const unsigned char *cipher, unsigned char *plain);
/**
* @brief The crypto callback function used in wpa enterprise cipher operation when connect.
* Initialize a esp_crypto_cipher_t structure.
*
* @param alg cipher algorithm.
* @param iv Initialization vector for block ciphers or %NULL for stream ciphers.
* @param key Cipher key
* @param key_len Length of key in bytes
*
*/
typedef esp_crypto_cipher_t * (*esp_crypto_cipher_init_t)(esp_crypto_cipher_alg_t alg, const unsigned char *iv, const unsigned char *key, int key_len);
/**
* @brief The crypto callback function used in wpa enterprise cipher operation when connect.
* Cipher encrypt.
*
* @param ctx Context pointer from esp_crypto_cipher_init_t callback function.
* @param plain Plaintext to cipher.
* @param crypt Resulting ciphertext.
* @param len Length of the plaintext.
*
*/
typedef int (*esp_crypto_cipher_encrypt_t)(esp_crypto_cipher_t *ctx,
const unsigned char *plain, unsigned char *crypt, int len);
/**
* @brief The crypto callback function used in wpa enterprise cipher operation when connect.
* Cipher decrypt.
*
* @param ctx Context pointer from esp_crypto_cipher_init_t callback function.
* @param crypt Ciphertext to decrypt.
* @param plain Resulting plaintext.
* @param len Length of the cipher text.
*
*/
typedef int (*esp_crypto_cipher_decrypt_t)(esp_crypto_cipher_t *ctx,
const unsigned char *crypt, unsigned char *plain, int len);
/**
* @brief The crypto callback function used in wpa enterprise cipher operation when connect.
* Free cipher context.
*
* @param ctx Context pointer from esp_crypto_cipher_init_t callback function.
*
*/
typedef void (*esp_crypto_cipher_deinit_t)(esp_crypto_cipher_t *ctx);
/**
* @brief The SHA256 callback function when do WPS connect.
*
* @param key Key for HMAC operations.
* @param key_len Length of the key in bytes.
* @param data Pointers to the data area.
* @param data_len Length of the data area.
* @param mac Buffer for the hash (20 bytes).
*
*/
typedef void (*esp_hmac_sha256_t)(const unsigned char *key, int key_len, const unsigned char *data,
int data_len, unsigned char *mac);
/**
* @brief The SHA256 callback function when do WPS connect.
*
@@ -229,37 +134,6 @@ typedef void (*esp_hmac_sha256_vector_t)(const unsigned char *key, int key_len,
typedef void (*esp_sha256_prf_t)(const unsigned char *key, int key_len, const char *label,
const unsigned char *data, int data_len, unsigned char *buf, int buf_len);
/**
* @brief The SHA256 callback function when do WPS connect.
*
* @param num_elem Number of elements in the data vector.
* @param addr Pointers to the data areas.
* @param len Lengths of the data blocks.
* @paramac Buffer for the hash.
*
*/
typedef int (*esp_sha256_vector_t)(int num_elem, const unsigned char *addr[], const int *len,
unsigned char *mac);
/**
* @brief The bignum calculate callback function used when do connect.
* In WPS process, it used to calculate public key and private key.
*
* @param base Base integer (big endian byte array).
* @param base_len Length of base integer in bytes.
* @param power Power integer (big endian byte array).
* @param power_len Length of power integer in bytes.
* @param modulus Modulus integer (big endian byte array).
* @param modulus_len Length of modulus integer in bytes.
* @param result Buffer for the result.
* @param result_len Result length (max buffer size on input, real len on output).
*
*/
typedef int (*esp_crypto_mod_exp_t)(const unsigned char *base, int base_len,
const unsigned char *power, int power_len,
const unsigned char *modulus, int modulus_len,
unsigned char *result, unsigned int *result_len);
/**
* @brief HMAC-MD5 over data buffer (RFC 2104)'
*
@@ -441,258 +315,6 @@ typedef void * (*esp_aes_decrypt_init_t)(const unsigned char *key, unsigned int
*/
typedef void (*esp_aes_decrypt_deinit_t)(void *ctx);
/**
* @brief Initialize TLS library
*
* @conf: Configuration data for TLS library
* Returns: Context data to be used as tls_ctx in calls to other functions,
* or %NULL on failure.
*
* Called once during program startup and once for each RSN pre-authentication
* session. In other words, there can be two concurrent TLS contexts. If global
* library initialization is needed (i.e., one that is shared between both
* authentication types), the TLS library wrapper should maintain a reference
* counter and do global initialization only when moving from 0 to 1 reference.
*/
typedef void * (*esp_tls_init_t)(void);
/**
* @brief Deinitialize TLS library
*
* @tls_ctx: TLS context data from tls_init()
*
* Called once during program shutdown and once for each RSN pre-authentication
* session. If global library deinitialization is needed (i.e., one that is
* shared between both authentication types), the TLS library wrapper should
* maintain a reference counter and do global deinitialization only when moving
* from 1 to 0 references.
*/
typedef void (*esp_tls_deinit_t)(void *tls_ctx);
/**
* @brief Add certificate and private key for connect
* @sm: eap state machine
*
* Returns: 0 for success, -1 state machine didn't exist, -2 short of certificate or key
*/
typedef int (*esp_eap_peer_blob_init_t)(void *sm);
/**
* @brief delete the certificate and private
*
* @sm: eap state machine
*
*/
typedef void (*esp_eap_peer_blob_deinit_t)(void *sm);
/**
* @brief Initialize the eap state machine
*
* @sm: eap state machine
* @private_key_passwd: the start address of private_key_passwd
* @private_key_passwd_len: length of private_key_password
*
* Returns: 0 is success, -1 state machine didn't exist, -2 short of parameters
*
*/
typedef int (*esp_eap_peer_config_init_t)(void *sm, unsigned char *private_key_passwd,int private_key_passwd_len);
/**
* @brief Deinit the eap state machine
*
* @sm: eap state machine
*
*/
typedef void (*esp_eap_peer_config_deinit_t)(void *sm);
/**
* @brief Register the eap method
*
* Note: ESP32 only support PEAP/TTLS/TLS three eap methods now.
*
*/
typedef int (*esp_eap_peer_register_methods_t)(void);
/**
* @brief remove the eap method
*
* Note: ESP32 only support PEAP/TTLS/TLS three eap methods now.
*
*/
typedef void (*esp_eap_peer_unregister_methods_t)(void);
/**
* @brief remove the eap method before build new connect
*
* @sm: eap state machine
* @txt: not used now
*/
typedef void (*esp_eap_deinit_prev_method_t)(void *sm, const char *txt);
/**
* @brief Get EAP method based on type number
*
* @vendor: EAP Vendor-Id (0 = IETF)
* @method: EAP type number
* Returns: Pointer to EAP method or %NULL if not found
*/
typedef const void * (*esp_eap_peer_get_eap_method_t)(int vendor, int method);
/**
* @brief Abort EAP authentication
*
* @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
*
* Release system resources that have been allocated for the authentication
* session without fully deinitializing the EAP state machine.
*/
typedef void (*esp_eap_sm_abort_t)(void *sm);
/**
* @brief Build EAP-NAK for the current network
*
* @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
* @type: EAP type of the fail reason
* @id: EAP identifier for the packet
*
* This function allocates and builds a nak packet for the
* current network. The caller is responsible for freeing the returned data.
*/
typedef void * (*esp_eap_sm_build_nak_t)(void *sm, int type, unsigned char id);
/**
* @brief Build EAP-Identity/Response for the current network
*
* @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
* @id: EAP identifier for the packet
* @encrypted: Whether the packet is for encrypted tunnel (EAP phase 2)
* Returns: Pointer to the allocated EAP-Identity/Response packet or %NULL on
* failure
*
* This function allocates and builds an EAP-Identity/Response packet for the
* current network. The caller is responsible for freeing the returned data.
*/
typedef void * (*esp_eap_sm_build_identity_resp_t)(void *sm, unsigned char id, int encrypted);
/**
* @brief Allocate a buffer for an EAP message
*
* @vendor: Vendor-Id (0 = IETF)
* @type: EAP type
* @payload_len: Payload length in bytes (data after Type)
* @code: Message Code (EAP_CODE_*)
* @identifier: Identifier
* Returns: Pointer to the allocated message buffer or %NULL on error
*
* This function can be used to allocate a buffer for an EAP message and fill
* in the EAP header. This function is automatically using expanded EAP header
* if the selected Vendor-Id is not IETF. In other words, most EAP methods do
* not need to separately select which header type to use when using this
* function to allocate the message buffers. The returned buffer has room for
* payload_len bytes and has the EAP header and Type field already filled in.
*/
typedef void * (*esp_eap_msg_alloc_t)(int vendor, int type, unsigned int payload_len,
unsigned char code, unsigned char identifier);
/**
* @brief get the enrollee mac address
* @mac_addr: instore the mac address of enrollee
* @uuid: Universally Unique Identifer of the enrollee
*
*/
typedef void (*esp_uuid_gen_mac_addr_t)(const unsigned char *mac_addr, unsigned char *uuid);
/**
* @brief free the message after finish DH
*
*/
typedef void (*esp_dh5_free_t)(void *ctx);
/**
* @brief Build WPS IE for (Re)Association Request
*
* @req_type: Value for Request Type attribute
* Returns: WPS IE or %NULL on failure
*
* The caller is responsible for freeing the buffer.
*/
typedef void * (*esp_wps_build_assoc_req_ie_t)(int req_type);
/**
* @brief Build WPS IE for (Re)Association Response
*
* Returns: WPS IE or %NULL on failure
*
* The caller is responsible for freeing the buffer.
*/
typedef void * (*esp_wps_build_assoc_resp_ie_t)(void);
/**
* @brief Build WPS IE for Probe Request
*
* @pw_id: Password ID (DEV_PW_PUSHBUTTON for active PBC and DEV_PW_DEFAULT for
* most other use cases)
* @dev: Device attributes
* @uuid: Own UUID
* @req_type: Value for Request Type attribute
* @num_req_dev_types: Number of requested device types
* @req_dev_types: Requested device types (8 * num_req_dev_types octets) or
* %NULL if none
* Returns: WPS IE or %NULL on failure
*
* The caller is responsible for freeing the buffer.
*/
typedef void * (*esp_wps_build_probe_req_ie_t)(uint16_t pw_id, void *dev, const unsigned char *uuid,
int req_type, unsigned int num_req_dev_types, const unsigned char *req_dev_types);
/**
* @brief build public key for exchange in M1
*
*
*/
typedef int (*esp_wps_build_public_key_t)(void *wps, void *msg, int mode);
/**
* @brief get the wps information in exchange password
*
*
*/
typedef void * (*esp_wps_enrollee_get_msg_t)(void *wps, void *op_code);
/**
* @brief deal with the wps information in exchange password
*
*
*/
typedef int (*esp_wps_enrollee_process_msg_t)(void *wps, int op_code, const void *msg);
/**
* @brief Generate a random PIN
*
* Returns: Eight digit PIN (i.e., including the checksum digit)
*/
typedef unsigned int (*esp_wps_generate_pin_t)(void);
/**
* @brief Check whether WPS IE indicates active PIN
*
* @msg: WPS IE contents from Beacon or Probe Response frame
* Returns: 1 if PIN Registrar is active, 0 if not
*/
typedef int (*esp_wps_is_selected_pin_registrar_t)(const void *msg, unsigned char *bssid);
/**
* @brief Check whether WPS IE indicates active PBC
*
* @msg: WPS IE contents from Beacon or Probe Response frame
* Returns: 1 if PBC Registrar is active, 0 if not
*/
typedef int (*esp_wps_is_selected_pbc_registrar_t)(const void *msg, unsigned char *bssid);
/**
* @brief The crypto callback function structure used when do station security connect.
* The structure can be set as software crypto or the crypto optimized by ESP32
@@ -722,67 +344,6 @@ typedef struct {
esp_aes_decrypt_deinit_t aes_decrypt_deinit;
}wpa_crypto_funcs_t;
/**
* @brief The crypto callback function structure used when do WPS process. The
* structure can be set as software crypto or the crypto optimized by ESP32
* hardware.
*/
typedef struct{
uint32_t size;
uint32_t version;
esp_aes_128_encrypt_t aes_128_encrypt; /**< function used to process message when do WPS */
esp_aes_128_decrypt_t aes_128_decrypt; /**< function used to process message when do WPS */
esp_crypto_mod_exp_t crypto_mod_exp; /**< function used to calculate public key and private key */
esp_hmac_sha256_t hmac_sha256; /**< function used to get attribute */
esp_hmac_sha256_vector_t hmac_sha256_vector; /**< function used to process message when do WPS */
esp_sha256_vector_t sha256_vector; /**< function used to process message when do WPS */
esp_uuid_gen_mac_addr_t uuid_gen_mac_addr;
esp_dh5_free_t dh5_free;
esp_wps_build_assoc_req_ie_t wps_build_assoc_req_ie;
esp_wps_build_assoc_resp_ie_t wps_build_assoc_resp_ie;
esp_wps_build_probe_req_ie_t wps_build_probe_req_ie;
esp_wps_build_public_key_t wps_build_public_key;
esp_wps_enrollee_get_msg_t wps_enrollee_get_msg;
esp_wps_enrollee_process_msg_t wps_enrollee_process_msg;
esp_wps_generate_pin_t wps_generate_pin;
esp_wps_is_selected_pin_registrar_t wps_is_selected_pin_registrar;
esp_wps_is_selected_pbc_registrar_t wps_is_selected_pbc_registrar;
esp_eap_msg_alloc_t eap_msg_alloc;
}wps_crypto_funcs_t;
/**
* @brief The crypto callback function structure used when do WPA enterprise connect.
* The structure can be set as software crypto or the crypto optimized by ESP32
* hardware.
*/
typedef struct {
uint32_t size;
uint32_t version;
esp_crypto_hash_init_t crypto_hash_init; /**< function used to initialize a crypto_hash structure when use TLSV1 */
esp_crypto_hash_update_t crypto_hash_update; /**< function used to calculate hash data when use TLSV1 */
esp_crypto_hash_finish_t crypto_hash_finish; /**< function used to finish the hash calculate when use TLSV1 */
esp_crypto_cipher_init_t crypto_cipher_init; /**< function used to initialize a crypt_cipher structure when use TLSV1 */
esp_crypto_cipher_encrypt_t crypto_cipher_encrypt; /**< function used to encrypt cipher when use TLSV1 */
esp_crypto_cipher_decrypt_t crypto_cipher_decrypt; /**< function used to decrypt cipher when use TLSV1 */
esp_crypto_cipher_deinit_t crypto_cipher_deinit; /**< function used to free context when use TLSV1 */
esp_crypto_mod_exp_t crypto_mod_exp; /**< function used to do key exchange when use TLSV1 */
esp_sha256_vector_t sha256_vector; /**< function used to do X.509v3 certificate parsing and processing */
esp_tls_init_t tls_init;
esp_tls_deinit_t tls_deinit;
esp_eap_peer_blob_init_t eap_peer_blob_init;
esp_eap_peer_blob_deinit_t eap_peer_blob_deinit;
esp_eap_peer_config_init_t eap_peer_config_init;
esp_eap_peer_config_deinit_t eap_peer_config_deinit;
esp_eap_peer_register_methods_t eap_peer_register_methods;
esp_eap_peer_unregister_methods_t eap_peer_unregister_methods;
esp_eap_deinit_prev_method_t eap_deinit_prev_method;
esp_eap_peer_get_eap_method_t eap_peer_get_eap_method;
esp_eap_sm_abort_t eap_sm_abort;
esp_eap_sm_build_nak_t eap_sm_build_nak;
esp_eap_sm_build_identity_resp_t eap_sm_build_identity_resp;
esp_eap_msg_alloc_t eap_msg_alloc;
} wpa2_crypto_funcs_t;
/**
* @brief The crypto callback function structure used in mesh vendor IE encryption. The
* structure can be set as software crypto or the crypto optimized by ESP32

2
components/esp_wifi/lib_esp32

Submodule components/esp_wifi/lib_esp32 updated: fc518f822e...6579ef9a7e

66
components/esp_wifi/src/fast_crypto_ops.c
View File

@@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/aes_wrap.h"
#include "crypto/sha256.h"
#include "crypto/crypto.h"
@@ -20,13 +20,6 @@
#include "crypto/sha1.h"
#include "crypto/aes.h"
#include "crypto/dh_group5.h"
#include "wps/wps.h"
#include "wps/wps_i.h"
#include "wpa2/eap_peer/eap.h"
#include "wpa2/tls/tls.h"
#include "wpa2/eap_peer/eap_methods.h"
#include "wpa2/eap_peer/eap_i.h"
#include "wpa2/eap_peer/eap_common.h"
#include "esp_wifi_crypto_types.h"
/*
* The parameters is used to set the cyrpto callback function for station connect when in security mode,
@@ -59,63 +52,6 @@ const wpa_crypto_funcs_t g_wifi_default_wpa_crypto_funcs = {
.aes_decrypt_deinit = (esp_aes_decrypt_deinit_t)aes_decrypt_deinit
};
const wps_crypto_funcs_t g_wifi_default_wps_crypto_funcs = {
.size = sizeof(wps_crypto_funcs_t),
.version = ESP_WIFI_CRYPTO_VERSION,
.aes_128_encrypt = (esp_aes_128_encrypt_t)fast_aes_128_cbc_encrypt,
.aes_128_decrypt = (esp_aes_128_decrypt_t)fast_aes_128_cbc_decrypt,
.crypto_mod_exp = (esp_crypto_mod_exp_t)fast_crypto_mod_exp,
.hmac_sha256 = (esp_hmac_sha256_t)fast_hmac_sha256,
.hmac_sha256_vector = (esp_hmac_sha256_vector_t)fast_hmac_sha256_vector,
.sha256_vector = (esp_sha256_vector_t)fast_sha256_vector,
.uuid_gen_mac_addr = (esp_uuid_gen_mac_addr_t)uuid_gen_mac_addr,
.dh5_free = (esp_dh5_free_t)dh5_free,
.wps_build_assoc_req_ie = (esp_wps_build_assoc_req_ie_t)wps_build_assoc_req_ie,
.wps_build_assoc_resp_ie = (esp_wps_build_assoc_resp_ie_t)wps_build_assoc_resp_ie,
.wps_build_probe_req_ie = (esp_wps_build_probe_req_ie_t)wps_build_probe_req_ie,
.wps_build_public_key = (esp_wps_build_public_key_t)wps_build_public_key,
.wps_enrollee_get_msg = (esp_wps_enrollee_get_msg_t)wps_enrollee_get_msg,
.wps_enrollee_process_msg = (esp_wps_enrollee_process_msg_t)wps_enrollee_process_msg,
.wps_generate_pin = (esp_wps_generate_pin_t)wps_generate_pin,
.wps_is_selected_pin_registrar = (esp_wps_is_selected_pin_registrar_t)wps_is_selected_pin_registrar,
.wps_is_selected_pbc_registrar = (esp_wps_is_selected_pbc_registrar_t)wps_is_selected_pbc_registrar,
.eap_msg_alloc = (esp_eap_msg_alloc_t)eap_msg_alloc
};
/*
* What should notice is that the cyrpto hash type function and crypto cipher type function can not register
* as different, i.e, if you use fast_crypto_hash_init, you should use fast_crypto_hash_update and
* fast_crypto_hash_finish for finish hash calculate, rather than call crypto_hash_update and
* crypto_hash_finish, so do crypto_cipher.
*/
const wpa2_crypto_funcs_t g_wifi_default_wpa2_crypto_funcs = {
.size = sizeof(wpa2_crypto_funcs_t),
.version = ESP_WIFI_CRYPTO_VERSION,
.crypto_hash_init = (esp_crypto_hash_init_t)fast_crypto_hash_init,
.crypto_hash_update = (esp_crypto_hash_update_t)fast_crypto_hash_update,
.crypto_hash_finish = (esp_crypto_hash_finish_t)fast_crypto_hash_finish,
.crypto_cipher_init = (esp_crypto_cipher_init_t)fast_crypto_cipher_init,
.crypto_cipher_encrypt = (esp_crypto_cipher_encrypt_t)fast_crypto_cipher_encrypt,
.crypto_cipher_decrypt = (esp_crypto_cipher_decrypt_t)fast_crypto_cipher_decrypt,
.crypto_cipher_deinit = (esp_crypto_cipher_deinit_t)fast_crypto_cipher_deinit,
.crypto_mod_exp = (esp_crypto_mod_exp_t)crypto_mod_exp,
.sha256_vector = (esp_sha256_vector_t)fast_sha256_vector,
.tls_init = (esp_tls_init_t)tls_init,
.tls_deinit = (esp_tls_deinit_t)tls_deinit,
.eap_peer_blob_init = (esp_eap_peer_blob_init_t)eap_peer_blob_init,
.eap_peer_blob_deinit = (esp_eap_peer_blob_deinit_t)eap_peer_blob_deinit,
.eap_peer_config_init = (esp_eap_peer_config_init_t)eap_peer_config_init,
.eap_peer_config_deinit = (esp_eap_peer_config_deinit_t)eap_peer_config_deinit,
.eap_peer_register_methods = (esp_eap_peer_register_methods_t)eap_peer_register_methods,
.eap_peer_unregister_methods = (esp_eap_peer_unregister_methods_t)eap_peer_unregister_methods,
.eap_deinit_prev_method = (esp_eap_deinit_prev_method_t)eap_deinit_prev_method,
.eap_peer_get_eap_method = (esp_eap_peer_get_eap_method_t)eap_peer_get_eap_method,
.eap_sm_abort = (esp_eap_sm_abort_t)eap_sm_abort,
.eap_sm_build_nak = (esp_eap_sm_build_nak_t)eap_sm_build_nak,
.eap_sm_build_identity_resp = (esp_eap_sm_build_identity_resp_t)eap_sm_build_identity_resp,
.eap_msg_alloc = (esp_eap_msg_alloc_t)eap_msg_alloc
};
const mesh_crypto_funcs_t g_wifi_default_mesh_crypto_funcs = {
.aes_128_encrypt = (esp_aes_128_encrypt_t)fast_aes_128_cbc_encrypt,
.aes_128_decrypt = (esp_aes_128_decrypt_t)fast_aes_128_cbc_decrypt,

12
components/esp_wifi/src/wifi_init.c
View File

@@ -18,6 +18,7 @@
#include "esp_private/wifi.h"
#include "esp_pm.h"
#include "soc/rtc.h"
#include "esp_wpa.h"
ESP_EVENT_DEFINE_BASE(WIFI_EVENT);
@@ -106,6 +107,17 @@ esp_err_t esp_wifi_init(const wifi_init_config_t *config)
if (result == ESP_OK) {
esp_wifi_set_debug_log();
s_wifi_mac_time_update_cb = esp_wifi_internal_update_mac_time;
result = esp_supplicant_init();
if (result != ESP_OK) {
ESP_LOGE(TAG, "Failed to init supplicant (0x%x)", result);
esp_err_t deinit_ret = esp_wifi_deinit();
if (deinit_ret != ESP_OK) {
ESP_LOGE(TAG, "Failed to deinit Wi-Fi (0x%x)", deinit_ret);
}
return result;
}
}
return result;

84
components/wpa_supplicant/CMakeLists.txt
View File

@@ -1,5 +1,9 @@
set(srcs
"port/os_xtensa.c"
set(srcs "port/os_xtensa.c"
"src/ap/ap_config.c"
"src/ap/ieee802_1x.c"
"src/ap/wpa_auth.c"
"src/ap/wpa_auth_ie.c"
"src/common/wpa_common.c"
"src/crypto/aes-cbc.c"
"src/crypto/aes-internal-dec.c"
"src/crypto/aes-internal-enc.c"
@@ -33,37 +37,46 @@ set(srcs
"src/fast_crypto/fast_crypto_internal.c"
"src/fast_crypto/fast_sha256-internal.c"
"src/fast_crypto/fast_sha256.c"
"src/wpa2/eap_peer/chap.c"
"src/wpa2/eap_peer/eap.c"
"src/wpa2/eap_peer/eap_common.c"
"src/wpa2/eap_peer/eap_mschapv2.c"
"src/wpa2/eap_peer/eap_peap.c"
"src/wpa2/eap_peer/eap_peap_common.c"
"src/wpa2/eap_peer/eap_tls.c"
"src/wpa2/eap_peer/eap_tls_common.c"
"src/wpa2/eap_peer/eap_ttls.c"
"src/wpa2/eap_peer/mschapv2.c"
"src/wpa2/tls/asn1.c"
"src/wpa2/tls/bignum.c"
"src/wpa2/tls/pkcs1.c"
"src/wpa2/tls/pkcs5.c"
"src/wpa2/tls/pkcs8.c"
"src/wpa2/tls/rsa.c"
"src/wpa2/tls/tls_internal.c"
"src/wpa2/tls/tlsv1_client.c"
"src/wpa2/tls/tlsv1_client_read.c"
"src/wpa2/tls/tlsv1_client_write.c"
"src/wpa2/tls/tlsv1_common.c"
"src/wpa2/tls/tlsv1_cred.c"
"src/wpa2/tls/tlsv1_record.c"
"src/wpa2/tls/tlsv1_server.c"
"src/wpa2/tls/tlsv1_server_read.c"
"src/wpa2/tls/tlsv1_server_write.c"
"src/wpa2/tls/x509v3.c"
"src/wpa2/utils/base64.c"
"src/wpa2/utils/ext_password.c"
"src/wps/eap_common.c"
"src/wps/uuid.c"
"src/eap_peer/chap.c"
"src/eap_peer/eap.c"
"src/eap_peer/eap_common.c"
"src/eap_peer/eap_mschapv2.c"
"src/eap_peer/eap_peap.c"
"src/eap_peer/eap_peap_common.c"
"src/eap_peer/eap_tls.c"
"src/eap_peer/eap_tls_common.c"
"src/eap_peer/eap_ttls.c"
"src/eap_peer/mschapv2.c"
"src/esp_supplicant/esp_hostap.c"
"src/esp_supplicant/esp_wpa2.c"
"src/esp_supplicant/esp_wpa_main.c"
"src/esp_supplicant/esp_wpas_glue.c"
"src/esp_supplicant/esp_wps.c"
"src/rsn_supp/wpa.c"
"src/rsn_supp/wpa_ie.c"
"src/tls/asn1.c"
"src/tls/bignum.c"
"src/tls/pkcs1.c"
"src/tls/pkcs5.c"
"src/tls/pkcs8.c"
"src/tls/rsa.c"
"src/tls/tls_internal.c"
"src/tls/tlsv1_client.c"
"src/tls/tlsv1_client_read.c"
"src/tls/tlsv1_client_write.c"
"src/tls/tlsv1_common.c"
"src/tls/tlsv1_cred.c"
"src/tls/tlsv1_record.c"
"src/tls/tlsv1_server.c"
"src/tls/tlsv1_server_read.c"
"src/tls/tlsv1_server_write.c"
"src/tls/x509v3.c"
"src/utils/base64.c"
"src/utils/common.c"
"src/utils/ext_password.c"
"src/utils/uuid.c"
"src/utils/wpabuf.c"
"src/utils/wpa_debug.c"
"src/wps/wps.c"
"src/wps/wps_attr_build.c"
"src/wps/wps_attr_parse.c"
@@ -75,13 +88,14 @@ set(srcs
"src/wps/wps_validate.c")
idf_component_register(SRCS "${srcs}"
INCLUDE_DIRS include port/include
INCLUDE_DIRS include port/include include/esp_supplicant
PRIV_INCLUDE_DIRS src
PRIV_REQUIRES mbedtls)
target_compile_options(${COMPONENT_LIB} PRIVATE -Wno-strict-aliasing)
target_compile_definitions(${COMPONENT_LIB} PRIVATE
__ets__
EMBEDDED_SUPP
ESP_SUPPLICANT
IEEE8021X_EAPOL
EAP_PEER_METHOD
EAP_MSCHAPv2

30
components/wpa_supplicant/Kconfig Normal file
View File

@@ -0,0 +1,30 @@
menu "Supplicant"
config WPA_ENTERPRISE
bool "Enable WPA/WPA2-Enterprise"
default n
help
Select this option to enable WiFi WPA/WPA2-Enterprise authentication.
config WPA_EAP_TLS
bool "Enable EAP-TLS"
depends on WPA_ENTERPRISE
default y
help
Select this option to support EAP-TLS.
config WPA_EAP_TTLS
bool "Enable EAP-TTLS"
depends on WPA_ENTERPRISE
default y
help
Select this option to support EAP-TTLS.
config WPA_EAP_PEAP
bool "Enable EAP-PEAP"
depends on WPA_ENTERPRISE
default y
help
Select this option to support EAP-PEAP.
endmenu

7
components/wpa_supplicant/component.mk
View File

@@ -1,4 +1,5 @@
COMPONENT_ADD_INCLUDEDIRS := include port/include
COMPONENT_SRCDIRS := src/crypto port src/fast_crypto src/wpa2/eap_peer src/wpa2/tls src/wpa2/utils src/wps
COMPONENT_ADD_INCLUDEDIRS := include port/include include/esp_supplicant
COMPONENT_PRIV_INCLUDEDIRS := src
COMPONENT_SRCDIRS := port src/ap src/common src/crypto src/eap_peer src/fast_crypto src/rsn_supp src/tls src/utils src/esp_supplicant src/wps
CFLAGS += -DEMBEDDED_SUPP -DIEEE8021X_EAPOL -DEAP_PEER_METHOD -DEAP_MSCHAPv2 -DEAP_TTLS -DEAP_TLS -DEAP_PEAP -DUSE_WPA2_TASK -DCONFIG_WPS2 -DCONFIG_WPS_PIN -DUSE_WPS_TASK -DESPRESSIF_USE -DESP32_WORKAROUND -D__ets__ -DCONFIG_ECC -Wno-strict-aliasing
CFLAGS += -DESP_SUPPLICANT -DIEEE8021X_EAPOL -DEAP_PEER_METHOD -DEAP_MSCHAPv2 -DUSE_WPA2_TASK -DCONFIG_WPS2 -DCONFIG_WPS_PIN -DUSE_WPS_TASK -DESPRESSIF_USE -DESP32_WORKAROUND -DCONFIG_ECC -D__ets__ -Wno-strict-aliasing

481
components/wpa_supplicant/include/crypto/common.h
View File

@@ -1,481 +0,0 @@
/*
* wpa_supplicant/hostapd / common helper functions, etc.
* Copyright (c) 2002-2007, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*
* Alternatively, this software may be distributed under the terms of BSD
* license.
*
* See README and COPYING for more details.
*/
#ifndef COMMON_H
#define COMMON_H
#include "os.h"
#if defined(__XTENSA__)
#include <machine/endian.h>
#define __BYTE_ORDER BYTE_ORDER
#define __LITTLE_ENDIAN LITTLE_ENDIAN
#define __BIG_ENDIAN BIG_ENDIAN
#endif /*__XTENSA__*/
#if defined(__linux__) || defined(__GLIBC__)
#include <endian.h>
#include <byteswap.h>
#endif /* __linux__ */
#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__DragonFly__) || \
defined(__OpenBSD__)
#include <sys/types.h>
#include <sys/endian.h>
#define __BYTE_ORDER _BYTE_ORDER
#define __LITTLE_ENDIAN _LITTLE_ENDIAN
#define __BIG_ENDIAN _BIG_ENDIAN
#ifdef __OpenBSD__
#define bswap_16 swap16
#define bswap_32 swap32
#define bswap_64 swap64
#else /* __OpenBSD__ */
#define bswap_16 bswap16
#define bswap_32 bswap32
#define bswap_64 bswap64
#endif /* __OpenBSD__ */
#endif /* defined(__FreeBSD__) || defined(__NetBSD__) ||
* defined(__DragonFly__) || defined(__OpenBSD__) */
#ifdef __APPLE__
#include <sys/types.h>
#include <machine/endian.h>
#define __BYTE_ORDER _BYTE_ORDER
#define __LITTLE_ENDIAN _LITTLE_ENDIAN
#define __BIG_ENDIAN _BIG_ENDIAN
static inline unsigned short bswap_16(unsigned short v)
{
return ((v & 0xff) << 8) | (v >> 8);
}
static inline unsigned int bswap_32(unsigned int v)
{
return ((v & 0xff) << 24) | ((v & 0xff00) << 8) |
((v & 0xff0000) >> 8) | (v >> 24);
}
#endif /* __APPLE__ */
#ifdef CONFIG_TI_COMPILER
#define __BIG_ENDIAN 4321
#define __LITTLE_ENDIAN 1234
#ifdef __big_endian__
#define __BYTE_ORDER __BIG_ENDIAN
#else
#define __BYTE_ORDER __LITTLE_ENDIAN
#endif
#endif /* CONFIG_TI_COMPILER */
#ifdef __SYMBIAN32__
#define __BIG_ENDIAN 4321
#define __LITTLE_ENDIAN 1234
#define __BYTE_ORDER __LITTLE_ENDIAN
#endif /* __SYMBIAN32__ */
#ifdef CONFIG_NATIVE_WINDOWS
#include <winsock.h>
typedef int socklen_t;
#ifndef MSG_DONTWAIT
#define MSG_DONTWAIT 0 /* not supported */
#endif
#endif /* CONFIG_NATIVE_WINDOWS */
#ifdef _MSC_VER
#define inline __inline
#undef vsnprintf
#define vsnprintf _vsnprintf
#undef close
#define close closesocket
#endif /* _MSC_VER */
/* Define platform specific integer types */
#ifdef _MSC_VER
typedef UINT64 u64;
typedef UINT32 u32;
typedef UINT16 u16;
typedef UINT8 u8;
typedef INT64 s64;
typedef INT32 s32;
typedef INT16 s16;
typedef INT8 s8;
#define WPA_TYPES_DEFINED
#endif /* _MSC_VER */
#ifdef __vxworks
typedef unsigned long long u64;
typedef UINT32 u32;
typedef UINT16 u16;
typedef UINT8 u8;
typedef long long s64;
typedef INT32 s32;
typedef INT16 s16;
typedef INT8 s8;
#define WPA_TYPES_DEFINED
#endif /* __vxworks */
#ifdef CONFIG_TI_COMPILER
#ifdef _LLONG_AVAILABLE
typedef unsigned long long u64;
#else
/*
* TODO: 64-bit variable not available. Using long as a workaround to test the
* build, but this will likely not work for all operations.
*/
typedef unsigned long u64;
#endif
typedef unsigned int u32;
typedef unsigned short u16;
typedef unsigned char u8;
#define WPA_TYPES_DEFINED
#endif /* CONFIG_TI_COMPILER */
#ifdef __SYMBIAN32__
#define __REMOVE_PLATSEC_DIAGNOSTICS__
#include <e32def.h>
typedef TUint64 u64;
typedef TUint32 u32;
typedef TUint16 u16;
typedef TUint8 u8;
#define WPA_TYPES_DEFINED
#endif /* __SYMBIAN32__ */
#ifndef WPA_TYPES_DEFINED
#ifdef CONFIG_USE_INTTYPES_H
#include <inttypes.h>
#else
#include <stdint.h>
#endif
typedef uint64_t u64;
typedef uint32_t u32;
typedef uint16_t u16;
typedef uint8_t u8;
typedef int64_t s64;
typedef int32_t s32;
typedef int16_t s16;
typedef int8_t s8;
#define WPA_TYPES_DEFINED
#endif /* !WPA_TYPES_DEFINED */
/* Define platform specific byte swapping macros */
#if defined(__CYGWIN__) || defined(CONFIG_NATIVE_WINDOWS)
static inline unsigned short wpa_swap_16(unsigned short v)
{
return ((v & 0xff) << 8) | (v >> 8);
}
static inline unsigned int wpa_swap_32(unsigned int v)
{
return ((v & 0xff) << 24) | ((v & 0xff00) << 8) |
((v & 0xff0000) >> 8) | (v >> 24);
}
#define le_to_host16(n) (n)
#define host_to_le16(n) (n)
#define be_to_host16(n) wpa_swap_16(n)
#define host_to_be16(n) wpa_swap_16(n)
#define le_to_host32(n) (n)
#define be_to_host32(n) wpa_swap_32(n)
#define host_to_be32(n) wpa_swap_32(n)
#define WPA_BYTE_SWAP_DEFINED
#endif /* __CYGWIN__ || CONFIG_NATIVE_WINDOWS */
#ifndef WPA_BYTE_SWAP_DEFINED
#ifndef __BYTE_ORDER
#ifndef __LITTLE_ENDIAN
#ifndef __BIG_ENDIAN
#define __LITTLE_ENDIAN 1234
#define __BIG_ENDIAN 4321
#if defined(sparc)
#define __BYTE_ORDER __BIG_ENDIAN
#endif
#endif /* __BIG_ENDIAN */
#endif /* __LITTLE_ENDIAN */
#endif /* __BYTE_ORDER */
#if __BYTE_ORDER == __LITTLE_ENDIAN
#define le_to_host16(n) ((__force u16) (le16) (n))
#define host_to_le16(n) ((__force le16) (u16) (n))
#define be_to_host16(n) bswap_16((__force u16) (be16) (n))
#define host_to_be16(n) ((__force be16) bswap_16((n)))
#define le_to_host32(n) ((__force u32) (le32) (n))
#define host_to_le32(n) ((__force le32) (u32) (n))
#define be_to_host32(n) bswap_32((__force u32) (be32) (n))
#define host_to_be32(n) ((__force be32) bswap_32((n)))
#define le_to_host64(n) ((__force u64) (le64) (n))
#define host_to_le64(n) ((__force le64) (u64) (n))
#define be_to_host64(n) bswap_64((__force u64) (be64) (n))
#define host_to_be64(n) ((__force be64) bswap_64((n)))
#elif __BYTE_ORDER == __BIG_ENDIAN
#define le_to_host16(n) bswap_16(n)
#define host_to_le16(n) bswap_16(n)
#define be_to_host16(n) (n)
#define host_to_be16(n) (n)
#define le_to_host32(n) bswap_32(n)
#define be_to_host32(n) (n)
#define host_to_be32(n) (n)
#define le_to_host64(n) bswap_64(n)
#define host_to_le64(n) bswap_64(n)
#define be_to_host64(n) (n)
#define host_to_be64(n) (n)
#ifndef WORDS_BIGENDIAN
#define WORDS_BIGENDIAN
#endif
#else
#error Could not determine CPU byte order
#endif
#define WPA_BYTE_SWAP_DEFINED
#endif /* !WPA_BYTE_SWAP_DEFINED */
/* Macros for handling unaligned memory accesses */
#define WPA_GET_BE16(a) ((u16) (((a)[0] << 8) | (a)[1]))
#define WPA_PUT_BE16(a, val) \
do { \
(a)[0] = ((u16) (val)) >> 8; \
(a)[1] = ((u16) (val)) & 0xff; \
} while (0)
#define WPA_GET_LE16(a) ((u16) (((a)[1] << 8) | (a)[0]))
#define WPA_PUT_LE16(a, val) \
do { \
(a)[1] = ((u16) (val)) >> 8; \
(a)[0] = ((u16) (val)) & 0xff; \
} while (0)
#define WPA_GET_BE24(a) ((((u32) (a)[0]) << 16) | (((u32) (a)[1]) << 8) | \
((u32) (a)[2]))
#define WPA_PUT_BE24(a, val) \
do { \
(a)[0] = (u8) ((((u32) (val)) >> 16) & 0xff); \
(a)[1] = (u8) ((((u32) (val)) >> 8) & 0xff); \
(a)[2] = (u8) (((u32) (val)) & 0xff); \
} while (0)
#define WPA_GET_BE32(a) ((((u32) (a)[0]) << 24) | (((u32) (a)[1]) << 16) | \
(((u32) (a)[2]) << 8) | ((u32) (a)[3]))
#define WPA_PUT_BE32(a, val) \
do { \
(a)[0] = (u8) ((((u32) (val)) >> 24) & 0xff); \
(a)[1] = (u8) ((((u32) (val)) >> 16) & 0xff); \
(a)[2] = (u8) ((((u32) (val)) >> 8) & 0xff); \
(a)[3] = (u8) (((u32) (val)) & 0xff); \
} while (0)
#define WPA_GET_LE32(a) ((((u32) (a)[3]) << 24) | (((u32) (a)[2]) << 16) | \
(((u32) (a)[1]) << 8) | ((u32) (a)[0]))
#define WPA_PUT_LE32(a, val) \
do { \
(a)[3] = (u8) ((((u32) (val)) >> 24) & 0xff); \
(a)[2] = (u8) ((((u32) (val)) >> 16) & 0xff); \
(a)[1] = (u8) ((((u32) (val)) >> 8) & 0xff); \
(a)[0] = (u8) (((u32) (val)) & 0xff); \
} while (0)
#define WPA_GET_BE64(a) ((((u64) (a)[0]) << 56) | (((u64) (a)[1]) << 48) | \
(((u64) (a)[2]) << 40) | (((u64) (a)[3]) << 32) | \
(((u64) (a)[4]) << 24) | (((u64) (a)[5]) << 16) | \
(((u64) (a)[6]) << 8) | ((u64) (a)[7]))
#define WPA_PUT_BE64(a, val) \
do { \
(a)[0] = (u8) (((u64) (val)) >> 56); \
(a)[1] = (u8) (((u64) (val)) >> 48); \
(a)[2] = (u8) (((u64) (val)) >> 40); \
(a)[3] = (u8) (((u64) (val)) >> 32); \
(a)[4] = (u8) (((u64) (val)) >> 24); \
(a)[5] = (u8) (((u64) (val)) >> 16); \
(a)[6] = (u8) (((u64) (val)) >> 8); \
(a)[7] = (u8) (((u64) (val)) & 0xff); \
} while (0)
#define WPA_GET_LE64(a) ((((u64) (a)[7]) << 56) | (((u64) (a)[6]) << 48) | \
(((u64) (a)[5]) << 40) | (((u64) (a)[4]) << 32) | \
(((u64) (a)[3]) << 24) | (((u64) (a)[2]) << 16) | \
(((u64) (a)[1]) << 8) | ((u64) (a)[0]))
#ifndef ETH_ALEN
#define ETH_ALEN 6
#endif
#ifndef IFNAMSIZ
#define IFNAMSIZ 16
#endif
#ifndef ETH_P_ALL
#define ETH_P_ALL 0x0003
#endif
#ifndef ETH_P_PAE
#define ETH_P_PAE 0x888E /* Port Access Entity (IEEE 802.1X) */
#endif /* ETH_P_PAE */
#ifndef ETH_P_EAPOL
#define ETH_P_EAPOL ETH_P_PAE
#endif /* ETH_P_EAPOL */
#ifndef ETH_P_RSN_PREAUTH
#define ETH_P_RSN_PREAUTH 0x88c7
#endif /* ETH_P_RSN_PREAUTH */
#ifndef ETH_P_RRB
#define ETH_P_RRB 0x890D
#endif /* ETH_P_RRB */
#ifdef __GNUC__
#define PRINTF_FORMAT(a,b) __attribute__ ((format (printf, (a), (b))))
#define STRUCT_PACKED __attribute__ ((packed))
#else
#define PRINTF_FORMAT(a,b)
#define STRUCT_PACKED
#endif
#ifdef CONFIG_ANSI_C_EXTRA
#if !defined(_MSC_VER) || _MSC_VER < 1400
/* snprintf - used in number of places; sprintf() is _not_ a good replacement
* due to possible buffer overflow; see, e.g.,
* http://www.ijs.si/software/snprintf/ for portable implementation of
* snprintf. */
int snprintf(char *str, size_t size, const char *format, ...);
/* vsnprintf - only used for wpa_msg() in wpa_supplicant.c */
int vsnprintf(char *str, size_t size, const char *format, va_list ap);
#endif /* !defined(_MSC_VER) || _MSC_VER < 1400 */
/* getopt - only used in main.c */
int getopt(int argc, char *const argv[], const char *optstring);
extern char *optarg;
extern int optind;
#ifndef CONFIG_NO_SOCKLEN_T_TYPEDEF
#ifndef __socklen_t_defined
typedef int socklen_t;
#endif
#endif
/* inline - define as __inline or just define it to be empty, if needed */
#ifdef CONFIG_NO_INLINE
#define inline
#else
#define inline __inline
#endif
#ifndef __func__
#define __func__ "__func__ not defined"
#endif
#ifndef bswap_16
#define bswap_16(a) ((((u16) (a) << 8) & 0xff00) | (((u16) (a) >> 8) & 0xff))
#endif
#ifndef bswap_32
#define bswap_32(a) ((((u32) (a) << 24) & 0xff000000) | \
(((u32) (a) << 8) & 0xff0000) | \
(((u32) (a) >> 8) & 0xff00) | \
(((u32) (a) >> 24) & 0xff))
#endif
#ifndef MSG_DONTWAIT
#define MSG_DONTWAIT 0
#endif
#ifdef _WIN32_WCE
void perror(const char *s);
#endif /* _WIN32_WCE */
#endif /* CONFIG_ANSI_C_EXTRA */
#ifndef MAC2STR
#define MAC2STR(a) (a)[0], (a)[1], (a)[2], (a)[3], (a)[4], (a)[5]
#define MACSTR "%02x:%02x:%02x:%02x:%02x:%02x"
#endif
#ifndef BIT
#define BIT(x) (1 << (x))
#endif
/*
* Definitions for sparse validation
* (http://kernel.org/pub/linux/kernel/people/josh/sparse/)
*/
#ifdef __CHECKER__
#define __force __attribute__((force))
#define __bitwise __attribute__((bitwise))
#else
#define __force
#define __bitwise
#endif
typedef u16 __bitwise be16;
typedef u16 __bitwise le16;
typedef u32 __bitwise be32;
typedef u32 __bitwise le32;
typedef u64 __bitwise be64;
typedef u64 __bitwise le64;
#ifndef __must_check
#if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 4)
#define __must_check __attribute__((__warn_unused_result__))
#else
#define __must_check
#endif /* __GNUC__ */
#endif /* __must_check */
int hwaddr_aton(const char *txt, u8 *addr);
int hwaddr_aton2(const char *txt, u8 *addr);
int hexstr2bin(const char *hex, u8 *buf, size_t len);
void inc_byte_array(u8 *counter, size_t len);
void wpa_get_ntp_timestamp(u8 *buf);
int wpa_snprintf_hex(char *buf, size_t buf_size, const u8 *data, size_t len);
int wpa_snprintf_hex_uppercase(char *buf, size_t buf_size, const u8 *data,
size_t len);
#ifdef CONFIG_NATIVE_WINDOWS
void wpa_unicode2ascii_inplace(TCHAR *str);
TCHAR * wpa_strdup_tchar(const char *str);
#else /* CONFIG_NATIVE_WINDOWS */
#define wpa_unicode2ascii_inplace(s) do { } while (0)
#define wpa_strdup_tchar(s) strdup((s))
#endif /* CONFIG_NATIVE_WINDOWS */
const char * wpa_ssid_txt(const u8 *ssid, size_t ssid_len);
static inline int is_zero_ether_addr(const u8 *a)
{
return !(a[0] | a[1] | a[2] | a[3] | a[4] | a[5]);
}
/*
* gcc 4.4 ends up generating strict-aliasing warnings about some very common
* networking socket uses that do not really result in a real problem and
* cannot be easily avoided with union-based type-punning due to struct
* definitions including another struct in system header files. To avoid having
* to fully disable strict-aliasing warnings, provide a mechanism to hide the
* typecast from aliasing for now. A cleaner solution will hopefully be found
* in the future to handle these cases.
*/
void * __hide_aliasing_typecast(void *foo);
#define aliasing_hide_typecast(a,t) (t *) __hide_aliasing_typecast((a))
#endif /* COMMON_H */

2
components/wpa_supplicant/include/crypto/crypto.h
View File

@@ -27,7 +27,7 @@
#ifndef CRYPTO_H
#define CRYPTO_H
#include "common.h"
#include "utils/common.h"
/**
* md4_vector - MD4 hash for data vector

2
components/wpa_supplicant/include/crypto/dh_group5.h
View File

@@ -15,7 +15,7 @@
#ifndef DH_GROUP5_H
#define DH_GROUP5_H
#include "wpa/wpabuf.h"
#include "utils/wpabuf.h"
void * dh5_init(struct wpabuf **priv, struct wpabuf **publ);
struct wpabuf * dh5_derive_shared(void *ctx, const struct wpabuf *peer_public,

10
components/wpa_supplicant/include/crypto/wepkey.h Normal file
View File

@@ -0,0 +1,10 @@
#ifndef WEPKEY_H
#define WEPKEY_H
#define WEPKEY_64_BYTES 5
#define WePKEY_128_BYTES 13
unsigned int wepkey_64(uint8_t *out, unsigned int size, const char *in, int n);
unsigned int wepkey_128(uint8_t *out, unsigned int size, const char *in, int n);
#endif /* WEPKEY_H */

66
components/wpa_supplicant/include/esp_supplicant/esp_wpa.h Normal file
View File

@@ -0,0 +1,66 @@
// Copyright 2019 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef __ESP_WPA_H__
#define __ESP_WPA_H__
#include <stdint.h>
#include <stdbool.h>
#include "esp_err.h"
#include "esp_wifi_crypto_types.h"
#ifdef __cplusplus
extern "C" {
#endif
/** \defgroup WiFi_APIs WiFi Related APIs
* @brief WiFi APIs
*/
/** @addtogroup WiFi_APIs
* @{
*/
/** \defgroup WPA_APIs WPS APIs
* @brief ESP32 Supplicant APIs
*
*/
/** @addtogroup WPA_APIs
* @{
*/
/**
* @brief Supplicant initialization
*
* @return
* - ESP_OK : succeed
* - ESP_ERR_NO_MEM : out of memory
*/
esp_err_t esp_supplicant_init(void);
/**
* @}
*/
/**
* @}
*/
#ifdef __cplusplus
}
#endif
#endif /* __ESP_WPA_H__ */

19
components/esp_wifi/include/esp_wpa2.h → components/wpa_supplicant/include/esp_supplicant/esp_wpa2.h
View File

@@ -1,4 +1,4 @@
// Hardware crypto support Copyright 2017 Espressif Systems (Shanghai) PTE LTD
// Hardware crypto support Copyright 2019 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
@@ -12,28 +12,17 @@
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef ESP_WPA2_H
#define ESP_WPA2_H
#ifndef _ESP_WPA2_H
#define _ESP_WPA2_H
#include <stdbool.h>
#include "esp_err.h"
#include "esp_wifi_crypto_types.h"
#ifdef __cplusplus
extern "C" {
#endif
extern const wpa2_crypto_funcs_t g_wifi_default_wpa2_crypto_funcs;
typedef struct {
const wpa2_crypto_funcs_t *crypto_funcs;
}esp_wpa2_config_t;
#define WPA2_CONFIG_INIT_DEFAULT() { \
.crypto_funcs = &g_wifi_default_wpa2_crypto_funcs \
}
/**
* @brief Enable wpa2 enterprise authentication.
*
@@ -44,7 +33,7 @@ typedef struct {
* - ESP_OK: succeed.
* - ESP_ERR_NO_MEM: fail(internal memory malloc fail)
*/
esp_err_t esp_wifi_sta_wpa2_ent_enable(const esp_wpa2_config_t *config);
esp_err_t esp_wifi_sta_wpa2_ent_enable(void);
/**
* @brief Disable wpa2 enterprise authentication.

6
components/esp_wifi/include/esp_wps.h → components/wpa_supplicant/include/esp_supplicant/esp_wps.h
View File

@@ -1,4 +1,4 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
// Copyright 2019 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
@@ -54,8 +54,6 @@ typedef enum wps_type {
WPS_TYPE_MAX,
} wps_type_t;
extern const wps_crypto_funcs_t g_wifi_default_wps_crypto_funcs;
#define WPS_MAX_MANUFACTURER_LEN 65
#define WPS_MAX_MODEL_NUMBER_LEN 33
#define WPS_MAX_MODEL_NAME_LEN 33
@@ -70,13 +68,11 @@ typedef struct {
typedef struct {
wps_type_t wps_type;
const wps_crypto_funcs_t *crypto_funcs;
wps_factory_information_t factory_info;
} esp_wps_config_t;
#define WPS_CONFIG_INIT_DEFAULT(type) { \
.wps_type = type, \
.crypto_funcs = &g_wifi_default_wps_crypto_funcs, \
.factory_info = { \
.manufacturer = "ESPRESSIF", \
.model_number = "ESP32", \

1
components/wpa_supplicant/include/wpa/common.h → components/wpa_supplicant/include/utils/common.h
View File

@@ -18,6 +18,7 @@
#if defined(__ets__)
#endif /* ets */
#include "os.h"
#include "esp_bit_defs.h"
/* Define platform specific variable type macros */
#if defined(ESP_PLATFORM)

1
components/wpa_supplicant/include/wpa/wpa_debug.h → components/wpa_supplicant/include/utils/wpa_debug.h
View File

@@ -75,6 +75,7 @@ void wpa_debug_print_timestamp(void);
#ifdef DEBUG_PRINT
#define wpa_printf(level,fmt, args...) ESP_LOG_LEVEL_LOCAL(level, TAG, fmt, ##args)
void wpa_dump_mem(char* desc, uint8_t *addr, uint16_t len);
static inline void wpa_hexdump_ascii(int level, const char *title, const u8 *buf, size_t len)
{

0
components/wpa_supplicant/include/wpa/wpabuf.h → components/wpa_supplicant/include/utils/wpabuf.h
View File

312
components/wpa_supplicant/include/wpa/hostapd.h
View File

@@ -1,312 +0,0 @@
/*
* hostapd / Initialization and configuration
* Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#ifndef HOSTAPD_H
#define HOSTAPD_H
#include "wpa/defs.h"
#include "wpa/ap_config.h"
struct wpa_driver_ops;
struct wpa_ctrl_dst;
struct radius_server_data;
struct upnp_wps_device_sm;
struct hostapd_data;
struct sta_info;
struct hostap_sta_driver_data;
struct ieee80211_ht_capabilities;
struct full_dynamic_vlan;
enum wps_event;
union wps_event_data;
struct hostapd_iface;
struct hapd_interfaces {
int (*reload_config)(struct hostapd_iface *iface);
struct hostapd_config * (*config_read_cb)(const char *config_fname);
int (*ctrl_iface_init)(struct hostapd_data *hapd);
void (*ctrl_iface_deinit)(struct hostapd_data *hapd);
int (*for_each_interface)(struct hapd_interfaces *interfaces,
int (*cb)(struct hostapd_iface *iface,
void *ctx), void *ctx);
int (*driver_init)(struct hostapd_iface *iface);
size_t count;
int global_ctrl_sock;
char *global_iface_path;
char *global_iface_name;
struct hostapd_iface **iface;
};
struct hostapd_probereq_cb {
int (*cb)(void *ctx, const u8 *sa, const u8 *da, const u8 *bssid,
const u8 *ie, size_t ie_len, int ssi_signal);
void *ctx;
};
#define HOSTAPD_RATE_BASIC 0x00000001
struct hostapd_rate_data {
int rate; /* rate in 100 kbps */
int flags; /* HOSTAPD_RATE_ flags */
};
struct hostapd_frame_info {
u32 channel;
u32 datarate;
int ssi_signal; /* dBm */
};
/**
* struct hostapd_data - hostapd per-BSS data structure
*/
struct hostapd_data {
// struct hostapd_iface *iface;
struct hostapd_config *iconf;
struct hostapd_bss_config *conf;
int interface_added; /* virtual interface added for this BSS */
u8 own_addr[ETH_ALEN];
int num_sta; /* number of entries in sta_list */
// struct sta_info *sta_list; /* STA info list head */
//#define STA_HASH_SIZE 256
//#define STA_HASH(sta) (sta[5])
// struct sta_info *sta_hash[STA_HASH_SIZE];
// /*
// * Bitfield for indicating which AIDs are allocated. Only AID values
// * 1-2007 are used and as such, the bit at index 0 corresponds to AID
// * 1.
// */
//#define AID_WORDS ((2008 + 31) / 32)
// u32 sta_aid[AID_WORDS];
// const struct wpa_driver_ops *driver;
// void *drv_priv;
// void (*new_assoc_sta_cb)(struct hostapd_data *hapd,
// struct sta_info *sta, int reassoc);
// void *msg_ctx; /* ctx for wpa_msg() calls */
// void *msg_ctx_parent; /* parent interface ctx for wpa_msg() calls */
// struct radius_client_data *radius;
// u32 acct_session_id_hi, acct_session_id_lo;
// struct radius_das_data *radius_das;
// struct iapp_data *iapp;
// struct hostapd_cached_radius_acl *acl_cache;
// struct hostapd_acl_query_data *acl_queries;
struct wpa_authenticator *wpa_auth;
// struct eapol_authenticator *eapol_auth;
// struct rsn_preauth_interface *preauth_iface;
// time_t michael_mic_failure;
// int michael_mic_failures;
// int tkip_countermeasures;
// int ctrl_sock;
// struct wpa_ctrl_dst *ctrl_dst;
// void *ssl_ctx;
// void *eap_sim_db_priv;
// struct radius_server_data *radius_srv;
// int parameter_set_count;
/* Time Advertisement */
// u8 time_update_counter;
// struct wpabuf *time_adv;
#ifdef CONFIG_FULL_DYNAMIC_VLAN
struct full_dynamic_vlan *full_dynamic_vlan;
#endif /* CONFIG_FULL_DYNAMIC_VLAN */
// struct l2_packet_data *l2;
// struct wps_context *wps;
// int beacon_set_done;
// struct wpabuf *wps_beacon_ie;
// struct wpabuf *wps_probe_resp_ie;
#ifdef CONFIG_WPS
unsigned int ap_pin_failures;
unsigned int ap_pin_failures_consecutive;
struct upnp_wps_device_sm *wps_upnp;
unsigned int ap_pin_lockout_time;
#endif /* CONFIG_WPS */
// struct hostapd_probereq_cb *probereq_cb;
// size_t num_probereq_cb;
// void (*public_action_cb)(void *ctx, const u8 *buf, size_t len,
// int freq);
// void *public_action_cb_ctx;
// int (*vendor_action_cb)(void *ctx, const u8 *buf, size_t len,
// int freq);
// void *vendor_action_cb_ctx;
// void (*wps_reg_success_cb)(void *ctx, const u8 *mac_addr,
// const u8 *uuid_e);
// void *wps_reg_success_cb_ctx;
// void (*wps_event_cb)(void *ctx, enum wps_event event,
// union wps_event_data *data);
// void *wps_event_cb_ctx;
// void (*sta_authorized_cb)(void *ctx, const u8 *mac_addr,
// int authorized, const u8 *p2p_dev_addr);
// void *sta_authorized_cb_ctx;
// void (*setup_complete_cb)(void *ctx);
// void *setup_complete_cb_ctx;
#ifdef CONFIG_P2P
struct p2p_data *p2p;
struct p2p_group *p2p_group;
struct wpabuf *p2p_beacon_ie;
struct wpabuf *p2p_probe_resp_ie;
/* Number of non-P2P association stations */
int num_sta_no_p2p;
/* Periodic NoA (used only when no non-P2P clients in the group) */
int noa_enabled;
int noa_start;
int noa_duration;
#endif /* CONFIG_P2P */
#ifdef CONFIG_INTERWORKING
size_t gas_frag_limit;
#endif /* CONFIG_INTERWORKING */
#ifdef CONFIG_SQLITE
struct hostapd_eap_user tmp_eap_user;
#endif /* CONFIG_SQLITE */
};
#if 0
/**
* struct hostapd_iface - hostapd per-interface data structure
*/
struct hostapd_iface {
struct hapd_interfaces *interfaces;
void *owner;
char *config_fname;
struct hostapd_config *conf;
size_t num_bss;
struct hostapd_data **bss;
int num_ap; /* number of entries in ap_list */
struct ap_info *ap_list; /* AP info list head */
struct ap_info *ap_hash[STA_HASH_SIZE];
struct ap_info *ap_iter_list;
unsigned int drv_flags;
/*
* A bitmap of supported protocols for probe response offload. See
* struct wpa_driver_capa in driver.h
*/
unsigned int probe_resp_offloads;
struct hostapd_hw_modes *hw_features;
int num_hw_features;
struct hostapd_hw_modes *current_mode;
/* Rates that are currently used (i.e., filtered copy of
* current_mode->channels */
int num_rates;
struct hostapd_rate_data *current_rates;
int *basic_rates;
int freq;
u16 hw_flags;
/* Number of associated Non-ERP stations (i.e., stations using 802.11b
* in 802.11g BSS) */
int num_sta_non_erp;
/* Number of associated stations that do not support Short Slot Time */
int num_sta_no_short_slot_time;
/* Number of associated stations that do not support Short Preamble */
int num_sta_no_short_preamble;
int olbc; /* Overlapping Legacy BSS Condition */
/* Number of HT associated stations that do not support greenfield */
int num_sta_ht_no_gf;
/* Number of associated non-HT stations */
int num_sta_no_ht;
/* Number of HT associated stations 20 MHz */
int num_sta_ht_20mhz;
/* Overlapping BSS information */
int olbc_ht;
u16 ht_op_mode;
void (*scan_cb)(struct hostapd_iface *iface);
};
#endif
#if 0
/* hostapd.c */
int hostapd_for_each_interface(struct hapd_interfaces *interfaces,
int (*cb)(struct hostapd_iface *iface,
void *ctx), void *ctx);
int hostapd_reload_config(struct hostapd_iface *iface);
struct hostapd_data *
hostapd_alloc_bss_data(struct hostapd_iface *hapd_iface,
struct hostapd_config *conf,
struct hostapd_bss_config *bss);
int hostapd_setup_interface(struct hostapd_iface *iface);
int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err);
void hostapd_interface_deinit(struct hostapd_iface *iface);
void hostapd_interface_free(struct hostapd_iface *iface);
void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta,
int reassoc);
void hostapd_interface_deinit_free(struct hostapd_iface *iface);
int hostapd_enable_iface(struct hostapd_iface *hapd_iface);
int hostapd_reload_iface(struct hostapd_iface *hapd_iface);
int hostapd_disable_iface(struct hostapd_iface *hapd_iface);
int hostapd_add_iface(struct hapd_interfaces *ifaces, char *buf);
int hostapd_remove_iface(struct hapd_interfaces *ifaces, char *buf);
/* utils.c */
int hostapd_register_probereq_cb(struct hostapd_data *hapd,
int (*cb)(void *ctx, const u8 *sa,
const u8 *da, const u8 *bssid,
const u8 *ie, size_t ie_len,
int ssi_signal),
void *ctx);
void hostapd_prune_associations(struct hostapd_data *hapd, const u8 *addr);
/* drv_callbacks.c (TODO: move to somewhere else?) */
int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr,
const u8 *ie, size_t ielen, int reassoc);
void hostapd_notif_disassoc(struct hostapd_data *hapd, const u8 *addr);
void hostapd_event_sta_low_ack(struct hostapd_data *hapd, const u8 *addr);
int hostapd_probe_req_rx(struct hostapd_data *hapd, const u8 *sa, const u8 *da,
const u8 *bssid, const u8 *ie, size_t ie_len,
int ssi_signal);
void hostapd_event_ch_switch(struct hostapd_data *hapd, int freq, int ht,
int offset);
const struct hostapd_eap_user *
hostapd_get_eap_user(struct hostapd_data *hapd, const u8 *identity,
size_t identity_len, int phase2);
#endif
#endif /* HOSTAPD_H */

226
components/wpa_supplicant/include/wpa/ieee80211_crypto.h
View File

@@ -1,226 +0,0 @@
/*-
* Copyright (c) 2001 Atsushi Onoe
* Copyright (c) 2002-2008 Sam Leffler, Errno Consulting
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* $FreeBSD$
*/
/*
* copyright (c) 2010-2011 Espressif System
*/
#ifndef _NET80211_IEEE80211_CRYPTO_H_
#define _NET80211_IEEE80211_CRYPTO_H_
//#include "pp/esf_buf.h"
/*
* 802.11 protocol crypto-related definitions.
*/
#define IEEE80211_KEYBUF_SIZE 16
#define IEEE80211_MICBUF_SIZE (8+8) /* space for both tx+rx keys */
/*
* Old WEP-style key. Deprecated.
*/
#if 0
struct ieee80211_rsnparms {
uint8_t rsn_mcastcipher; /* mcast/group cipher */
uint8_t rsn_mcastkeylen; /* mcast key length */
uint8_t rsn_ucastcipher; /* selected unicast cipher */
uint8_t rsn_ucastkeylen; /* unicast key length */
uint8_t rsn_keymgmt; /* selected key mgmt algo */
uint16_t rsn_caps; /* capabilities */
};
#endif //0000
/*
* Template for a supported cipher. Ciphers register with the
* crypto code and are typically loaded as separate modules
* (the null cipher is always present).
* XXX may need refcnts
*/
/*
* Crypto key state. There is sufficient room for all supported
* ciphers (see below). The underlying ciphers are handled
* separately through loadable cipher modules that register with
* the generic crypto support. A key has a reference to an instance
* of the cipher; any per-key state is hung off wk_private by the
* cipher when it is attached. Ciphers are automatically called
* to detach and cleanup any such state when the key is deleted.
*
* The generic crypto support handles encap/decap of cipher-related
* frame contents for both hardware- and software-based implementations.
* A key requiring software crypto support is automatically flagged and
* the cipher is expected to honor this and do the necessary work.
* Ciphers such as TKIP may also support mixed hardware/software
* encrypt/decrypt and MIC processing.
*/
typedef uint16_t ieee80211_keyix; /* h/w key index */
struct ieee80211_key {
uint8_t wk_keylen; /* key length in bytes */
uint8_t wk_pad;
uint16_t wk_flags;
#define IEEE80211_KEY_XMIT 0x0001 /* key used for xmit */
#define IEEE80211_KEY_RECV 0x0002 /* key used for recv */
#define IEEE80211_KEY_GROUP 0x0004 /* key used for WPA group operation */
#define IEEE80211_KEY_SWENCRYPT 0x0010 /* host-based encrypt */
#define IEEE80211_KEY_SWDECRYPT 0x0020 /* host-based decrypt */
#define IEEE80211_KEY_SWENMIC 0x0040 /* host-based enmic */
#define IEEE80211_KEY_SWDEMIC 0x0080 /* host-based demic */
#define IEEE80211_KEY_DEVKEY 0x0100 /* device key request completed */
#define IEEE80211_KEY_CIPHER0 0x1000 /* cipher-specific action 0 */
#define IEEE80211_KEY_CIPHER1 0x2000 /* cipher-specific action 1 */
#define IEEE80211_KEY_EMPTY 0x0000
ieee80211_keyix wk_keyix; /* h/w key index */
ieee80211_keyix wk_rxkeyix; /* optional h/w rx key index */
uint8_t wk_key[IEEE80211_KEYBUF_SIZE+IEEE80211_MICBUF_SIZE];
#define wk_txmic wk_key+IEEE80211_KEYBUF_SIZE+0 /* XXX can't () right */
#define wk_rxmic wk_key+IEEE80211_KEYBUF_SIZE+8 /* XXX can't () right */
/* key receive sequence counter */
uint64_t wk_keyrsc[IEEE80211_TID_SIZE];
uint64_t wk_keytsc; /* key transmit sequence counter */
const struct ieee80211_cipher *wk_cipher;
//void *wk_private; /* private cipher state */
//uint8_t wk_macaddr[IEEE80211_ADDR_LEN]; //JLU: no need ...
};
#define IEEE80211_KEY_COMMON /* common flags passed in by apps */\
(IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV | IEEE80211_KEY_GROUP)
#define IEEE80211_KEY_DEVICE /* flags owned by device driver */\
(IEEE80211_KEY_DEVKEY|IEEE80211_KEY_CIPHER0|IEEE80211_KEY_CIPHER1)
#define IEEE80211_KEY_SWCRYPT \
(IEEE80211_KEY_SWENCRYPT | IEEE80211_KEY_SWDECRYPT)
#define IEEE80211_KEY_SWMIC (IEEE80211_KEY_SWENMIC | IEEE80211_KEY_SWDEMIC)
//#define IEEE80211_KEYIX_NONE ((ieee80211_keyix) -1)
/*
* NB: these values are ordered carefully; there are lots of
* of implications in any reordering. Beware that 4 is used
* only to indicate h/w TKIP MIC support in driver capabilities;
* there is no separate cipher support (it's rolled into the
* TKIP cipher support).
*/
#define IEEE80211_CIPHER_NONE 0 /* pseudo value */
#define IEEE80211_CIPHER_TKIP 1
#define IEEE80211_CIPHER_AES_OCB 2
#define IEEE80211_CIPHER_AES_CCM 3
#define IEEE80211_CIPHER_TKIPMIC 4 /* TKIP MIC capability */
#define IEEE80211_CIPHER_CKIP 5
#define IEEE80211_CIPHER_WEP 6
#define IEEE80211_CIPHER_WEP40 7
#define IEEE80211_CIPHER_WEP104 8
#define IEEE80211_CIPHER_MAX (IEEE80211_CIPHER_NONE+2)
/* capability bits in ic_cryptocaps/iv_cryptocaps */
#define IEEE80211_CRYPTO_NONE (1<<IEEE80211_CIPHER_NONE)
#define IEEE80211_CRYPTO_WEP (1<<IEEE80211_CIPHER_WEP)
#define IEEE80211_CRYPTO_WEP40 (1<<IEEE80211_CIPHER_WEP40)
#define IEEE80211_CRYPTO_WEP104 (1<<IEEE80211_CIPHER_WEP104)
#define IEEE80211_CRYPTO_TKIP (1<<IEEE80211_CIPHER_TKIP)
#define IEEE80211_CRYPTO_AES_OCB (1<<IEEE80211_CIPHER_AES_OCB)
#define IEEE80211_CRYPTO_AES_CCM (1<<IEEE80211_CIPHER_AES_CCM)
#define IEEE80211_CRYPTO_TKIPMIC (1<<IEEE80211_CIPHER_TKIPMIC)
#define IEEE80211_CRYPTO_CKIP (1<<IEEE80211_CIPHER_CKIP)
struct ieee80211_cipher {
u_int ic_cipher; /* IEEE80211_CIPHER_* */
u_int ic_header; /* size of privacy header (bytes) */
u_int ic_trailer; /* size of privacy trailer (bytes) */
u_int ic_miclen; /* size of mic trailer (bytes) */
// int (*ic_setkey)(struct ieee80211_key *);
int (*ic_encap)(struct ieee80211_key *, esf_buf_t *, uint8_t);
int (*ic_decap)(struct ieee80211_key *, esf_buf_t *, int);
#ifdef EAGLE_SW_MIC
int (*ic_enmic)(struct ieee80211_key *, esf_buf_t *, int);
int (*ic_demic)(struct ieee80211_key *, esf_buf_t *, int);
#endif /* EAGLE_SW_CRYPTO */
};
struct ieee80211com;
struct ieee80211_conn;
#define IEEE80211_KEY_UNDEFINED(k) \
((k)->wk_cipher == &ieee80211_cipher_none)
struct ieee80211_key *ieee80211_crypto_encap(struct ieee80211_conn *,
esf_buf *);
struct ieee80211_key *ieee80211_crypto_decap(struct ieee80211_conn *,
esf_buf *, int);
#if 0 //H/W MIC
/*
* Check and remove any MIC.
*/
static INLINE int
ieee80211_crypto_demic(struct ieee80211vap *vap, struct ieee80211_key *k,
esf_buf *m, int force)
{
const struct ieee80211_cipher *cip = k->wk_cipher;
return (cip->ic_miclen > 0 ? cip->ic_demic(k, m, force) : 1);
}
/*
* Add any MIC.
*/
static INLINE int
ieee80211_crypto_enmic(struct ieee80211vap *vap,
struct ieee80211_key *k, esf_buf *m, int force)
{
const struct ieee80211_cipher *cip = k->wk_cipher;
return (cip->ic_miclen > 0 ? cip->ic_enmic(k, m, force) : 1);
}
#endif //0000
/*
* Setup crypto support for a device/shared instance.
*/
void ieee80211_crypto_attach(struct ieee80211com *ic);
/*
* Reset key state to an unused state. The crypto
* key allocation mechanism insures other state (e.g.
* key data) is properly setup before a key is used.
*/
static inline void
ieee80211_crypto_resetkey(struct ieee80211_key *k)
{
k->wk_cipher = NULL;
k->wk_flags = IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV;
}
/*
* Crypt-related notification methods.
*/
//void ieee80211_notify_replay_failure(const struct ieee80211_frame *, const struct ieee80211_key *,
// uint64_t rsc, int tid);
//void ieee80211_notify_michael_failure(const struct ieee80211_frame *, u_int keyix);
#endif /* _NET80211_IEEE80211_CRYPTO_H_ */

64
components/wpa_supplicant/include/wpa/ieee802_1x.h
View File

@@ -1,64 +0,0 @@
/*
* hostapd / IEEE 802.1X-2004 Authenticator
* Copyright (c) 2002-2012, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#ifndef IEEE802_1X_H
#define IEEE802_1X_H
struct hostapd_data;
struct sta_info;
struct eapol_state_machine;
struct hostapd_config;
struct hostapd_bss_config;
struct hostapd_radius_attr;
struct radius_msg;
void ieee802_1x_receive(struct hostapd_data *hapd, const u8 *sa, const u8 *buf,
size_t len);
#if 0
void ieee802_1x_new_station(struct hostapd_data *hapd, struct sta_info *sta);
void ieee802_1x_free_station(struct sta_info *sta);
void ieee802_1x_tx_key(struct hostapd_data *hapd, struct sta_info *sta);
void ieee802_1x_abort_auth(struct hostapd_data *hapd, struct sta_info *sta);
void ieee802_1x_set_sta_authorized(struct hostapd_data *hapd,
struct sta_info *sta, int authorized);
void ieee802_1x_dump_state(FILE *f, const char *prefix, struct sta_info *sta);
int ieee802_1x_init(struct hostapd_data *hapd);
void ieee802_1x_deinit(struct hostapd_data *hapd);
int ieee802_1x_tx_status(struct hostapd_data *hapd, struct sta_info *sta,
const u8 *buf, size_t len, int ack);
int ieee802_1x_eapol_tx_status(struct hostapd_data *hapd, struct sta_info *sta,
const u8 *data, int len, int ack);
u8 * ieee802_1x_get_identity(struct eapol_state_machine *sm, size_t *len);
u8 * ieee802_1x_get_radius_class(struct eapol_state_machine *sm, size_t *len,
int idx);
struct wpabuf * ieee802_1x_get_radius_cui(struct eapol_state_machine *sm);
const u8 * ieee802_1x_get_key(struct eapol_state_machine *sm, size_t *len);
void ieee802_1x_notify_port_enabled(struct eapol_state_machine *sm,
int enabled);
void ieee802_1x_notify_port_valid(struct eapol_state_machine *sm,
int valid);
void ieee802_1x_notify_pre_auth(struct eapol_state_machine *sm, int pre_auth);
int ieee802_1x_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen);
int ieee802_1x_get_mib_sta(struct hostapd_data *hapd, struct sta_info *sta,
char *buf, size_t buflen);
void hostapd_get_ntp_timestamp(u8 *buf);
char *eap_type_text(u8 type);
const char *radius_mode_txt(struct hostapd_data *hapd);
int radius_sta_rate(struct hostapd_data *hapd, struct sta_info *sta);
int add_common_radius_attr(struct hostapd_data *hapd,
struct hostapd_radius_attr *req_attr,
struct sta_info *sta,
struct radius_msg *msg);
#endif
#endif /* IEEE802_1X_H */

31
components/wpa_supplicant/include/wpa/includes.h
View File

@@ -1,31 +0,0 @@
/*
* wpa_supplicant/hostapd - Default include files
* Copyright (c) 2005-2006, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*
* Alternatively, this software may be distributed under the terms of BSD
* license.
*
* See README and COPYING for more details.
*
* This header file is included into all C files so that commonly used header
* files can be selected with OS specific ifdef blocks in one place instead of
* having to have OS/C library specific selection in many files.
*/
#ifndef INCLUDES_H
#define INCLUDES_H
/* Include possible build time configuration before including anything else */
//#include "build_config.h" //don't need anymore
//#include <stdlib.h>
//#include <stdio.h>
//#include <string.h>
//#include <ctype.h>
//#include <time.h>
#endif /* INCLUDES_H */

31
components/wpa_supplicant/include/wpa/wpas_glue.h
View File

@@ -1,31 +0,0 @@
/*
* WPA Supplicant - Glue code to setup EAPOL and RSN modules
* Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*
* Alternatively, this software may be distributed under the terms of BSD
* license.
*
* See README and COPYING for more details.
*/
#ifndef WPAS_GLUE_H
#define WPAS_GLUE_H
u8 * wpa_sm_alloc_eapol(struct wpa_sm *sm, u8 type,
const void *data, u16 data_len,
size_t *msg_len, void **data_pos);
int wpa_sm_mlme_setprotection(struct wpa_sm *sm, const u8 *addr,
int protect_type, int key_type);
void wpa_sm_deauthenticate(struct wpa_sm *sm, uint8 reason_code);
void wpa_sm_disassociate(struct wpa_sm *sm, int reason_code);
int wpa_sm_get_beacon_ie(struct wpa_sm *sm);
#endif /* WPAS_GLUE_H */

17
components/wpa_supplicant/include/wpa2/utils/base64.h
View File

@@ -1,17 +0,0 @@
/*
* Base64 encoding/decoding (RFC1341)
* Copyright (c) 2005, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#ifndef BASE64_H
#define BASE64_H
unsigned char * base64_encode(const unsigned char *src, size_t len,
size_t *out_len);
unsigned char * base64_decode(const unsigned char *src, size_t len,
size_t *out_len);
#endif /* BASE64_H */

4
components/wpa_supplicant/port/include/endian.h
View File

@@ -98,10 +98,6 @@ typedef __uint64_t uint64_t;
#define le32toh(x) ((uint32_t)(x))
#define le64toh(x) ((uint64_t)(x))
#ifndef htons
#define htons htobe16
#endif //htons
#else /* _BYTE_ORDER != _LITTLE_ENDIAN */
#define htobe16(x) ((uint16_t)(x))
#define htobe32(x) ((uint32_t)(x))

32
components/wpa_supplicant/port/include/supplicant_opt.h Normal file
View File

@@ -0,0 +1,32 @@
// Copyright 2019 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SUPPLICANT_OPT_H
#define _SUPPLICANT_OPT_H
#include "sdkconfig.h"
#if CONFIG_WPA_EAP_TLS
#define EAP_TLS 1
#endif
#if CONFIG_WPA_EAP_TTLS
#define EAP_TTLS 1
#endif
#if CONFIG_WPA_EAP_PEAP
#define EAP_PEAP 1
#endif
#endif /* _SUPPLICANT_OPT_H */

2
components/wpa_supplicant/port/os_xtensa.c
View File

@@ -27,7 +27,7 @@
#include <time.h>
#include <sys/time.h>
#include "esp_system.h"
#include "crypto/common.h"
#include "utils/common.h"
int os_get_time(struct os_time *t)
{

248
components/wpa_supplicant/src/ap/ap_config.c Normal file
View File

@@ -0,0 +1,248 @@
/*
* hostapd / Configuration helper functions
* Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#include "utils/includes.h"
#include "utils/common.h"
#include "crypto/sha1.h"
#include "common/ieee802_11_defs.h"
#include "common/eapol_common.h"
#include "ap/wpa_auth.h"
#include "ap/ap_config.h"
#include "utils/wpa_debug.h"
#include "ap/hostapd.h"
#include "ap/wpa_auth_i.h"
#include "esp_supplicant/esp_wifi_driver.h"
#include "esp_wifi_types.h"
void hostapd_config_defaults_bss(struct hostapd_bss_config *bss)
{
bss->auth_algs = WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED;
bss->wep_rekeying_period = 300;
/* use key0 in individual key and key1 in broadcast key */
bss->broadcast_key_idx_min = 1;
bss->broadcast_key_idx_max = 2;
bss->wpa_group_rekey = 600;
bss->wpa_gmk_rekey = 86400;
bss->wpa_key_mgmt = WPA_KEY_MGMT_PSK;
bss->wpa_pairwise = WPA_CIPHER_TKIP;
bss->wpa_group = WPA_CIPHER_TKIP;
bss->rsn_pairwise = 0;
bss->max_num_sta = MAX_STA_COUNT;
bss->dtim_period = 2;
bss->ap_max_inactivity = 5*60; //AP_MAX_INACTIVITY;
bss->eapol_version = EAPOL_VERSION;
bss->max_listen_interval = 65535;
#ifdef CONFIG_IEEE80211W
bss->assoc_sa_query_max_timeout = 1000;
bss->assoc_sa_query_retry_timeout = 201;
#endif /* CONFIG_IEEE80211W */
#ifdef EAP_SERVER_FAST
/* both anonymous and authenticated provisioning */
bss->eap_fast_prov = 3;
bss->pac_key_lifetime = 7 * 24 * 60 * 60;
bss->pac_key_refresh_time = 1 * 24 * 60 * 60;
#endif /* EAP_SERVER_FAST */
/* Set to -1 as defaults depends on HT in setup */
bss->wmm_enabled = -1;
#ifdef CONFIG_IEEE80211R
bss->ft_over_ds = 1;
#endif /* CONFIG_IEEE80211R */
}
struct hostapd_config * hostapd_config_defaults(void)
{
#define ecw2cw(ecw) ((1 << (ecw)) - 1)
struct hostapd_config *conf;
struct hostapd_bss_config *bss;
#undef ecw2cw
conf = (struct hostapd_config *)os_zalloc(sizeof(*conf));
bss = (struct hostapd_bss_config *)os_zalloc(sizeof(*bss));
if (conf == NULL || bss == NULL) {
wpa_printf(MSG_DEBUG, "Failed to allocate memory for "
"configuration data.");
os_free(conf);
os_free(bss);
return NULL;
}
hostapd_config_defaults_bss(bss);
conf->num_bss = 1;
conf->bss = bss;
conf->beacon_int = 100;
conf->rts_threshold = -1; /* use driver default: 2347 */
conf->fragm_threshold = -1; /* user driver default: 2346 */
conf->send_probe_response = 1;
conf->ht_capab = HT_CAP_INFO_SMPS_DISABLED;
conf->ap_table_max_size = 255;
conf->ap_table_expiration_time = 60;
return conf;
}
int hostapd_mac_comp(const void *a, const void *b)
{
return memcmp(a, b, sizeof(macaddr));
}
int hostapd_mac_comp_empty(const void *a)
{
u8 empty[ETH_ALEN];
os_bzero(empty, ETH_ALEN);
return memcmp(a, empty, ETH_ALEN);
}
static int hostapd_derive_psk(struct hostapd_ssid *ssid)
{
ssid->wpa_psk = (struct hostapd_wpa_psk *)os_zalloc(sizeof(struct hostapd_wpa_psk));
if (ssid->wpa_psk == NULL) {
wpa_printf(MSG_ERROR, "Unable to alloc space for PSK");
return -1;
}
wpa_hexdump_ascii(MSG_DEBUG, "SSID",
(u8 *) ssid->ssid, ssid->ssid_len);
wpa_hexdump_ascii_key(MSG_DEBUG, "PSK (ASCII passphrase)",
(u8 *) ssid->wpa_passphrase,
strlen(ssid->wpa_passphrase));
#ifdef ESP_SUPPLICANT
memcpy(ssid->wpa_psk->psk, esp_wifi_ap_get_prof_pmk_internal(), PMK_LEN);
#else
/* It's too SLOW */
pbkdf2_sha1(ssid->wpa_passphrase,
ssid->ssid, ssid->ssid_len,
4096, ssid->wpa_psk->psk, PMK_LEN);
#endif
wpa_hexdump_key(MSG_DEBUG, "PSK (from passphrase)",
ssid->wpa_psk->psk, PMK_LEN);
return 0;
}
int hostapd_setup_wpa_psk(struct hostapd_bss_config *conf)
{
struct hostapd_ssid *ssid = &conf->ssid;
if (ssid->wpa_passphrase != NULL) {
if (ssid->wpa_psk != NULL) {
wpa_printf(MSG_DEBUG, "Using pre-configured WPA PSK "
"instead of passphrase");
} else {
wpa_printf(MSG_DEBUG, "Deriving WPA PSK based on "
"passphrase\n");
if (hostapd_derive_psk(ssid) < 0)
return -1;
}
ssid->wpa_psk->group = 1;
}
return 0;
}
int hostapd_wep_key_cmp(struct hostapd_wep_keys *a, struct hostapd_wep_keys *b)
{
int i;
if (a->idx != b->idx || a->default_len != b->default_len)
return 1;
for (i = 0; i < NUM_WEP_KEYS; i++)
if (a->len[i] != b->len[i] ||
memcmp(a->key[i], b->key[i], a->len[i]) != 0)
return 1;
return 0;
}
/**
* hostapd_maclist_found - Find a MAC address from a list
* @list: MAC address list
* @num_entries: Number of addresses in the list
* @addr: Address to search for
* @vlan_id: Buffer for returning VLAN ID or %NULL if not needed
* Returns: 1 if address is in the list or 0 if not.
*
* Perform a binary search for given MAC address from a pre-sorted list.
*/
int hostapd_maclist_found(struct mac_acl_entry *list, int num_entries,
const u8 *addr, int *vlan_id)
{
int start, end, middle, res;
start = 0;
end = num_entries - 1;
while (start <= end) {
middle = (start + end) / 2;
res = memcmp(list[middle].addr, addr, ETH_ALEN);
if (res == 0) {
if (vlan_id)
*vlan_id = list[middle].vlan_id;
return 1;
}
if (res < 0)
start = middle + 1;
else
end = middle - 1;
}
return 0;
}
int hostapd_rate_found(int *list, int rate)
{
int i;
if (list == NULL)
return 0;
for (i = 0; list[i] >= 0; i++)
if (list[i] == rate)
return 1;
return 0;
}
const u8 * hostapd_get_psk(const struct hostapd_bss_config *conf,
const u8 *addr, const u8 *prev_psk)
{
struct hostapd_wpa_psk *psk;
int next_ok = prev_psk == NULL;
for (psk = conf->ssid.wpa_psk; psk != NULL; psk = psk->next) {
if (next_ok &&
(psk->group || memcmp(psk->addr, addr, ETH_ALEN) == 0))
return psk->psk;
if (psk->psk == prev_psk)
next_ok = 1;
}
return NULL;
}

177
components/wpa_supplicant/include/wpa/ap_config.h → components/wpa_supplicant/src/ap/ap_config.h
View File

@@ -9,11 +9,8 @@
#ifndef HOSTAPD_CONFIG_H
#define HOSTAPD_CONFIG_H
#include "wpa/defs.h"
//#include "ip_addr.h"
#include "wpa/wpa_common.h"
//#include "common/ieee802_11_common.h"
//#include "wps/wps.h"
#include "common/defs.h"
#include "common/wpa_common.h"
#define MAX_STA_COUNT 4
#define MAX_VLAN_ID 4094
@@ -54,12 +51,8 @@ struct hostapd_ssid {
unsigned int ssid_set:1;
unsigned int utf8_ssid:1;
// char vlan[IFNAMSIZ + 1];
// secpolicy security_policy;
struct hostapd_wpa_psk *wpa_psk;
char *wpa_passphrase;
// char *wpa_psk_file;
struct hostapd_wep_keys wep;
@@ -183,70 +176,22 @@ struct hostapd_nai_realm_data {
* struct hostapd_bss_config - Per-BSS configuration
*/
struct hostapd_bss_config {
// char iface[IFNAMSIZ + 1];
// char bridge[IFNAMSIZ + 1];
// char wds_bridge[IFNAMSIZ + 1];
// enum hostapd_logger_level logger_syslog_level, logger_stdout_level;
// unsigned int logger_syslog; /* module bitfield */
// unsigned int logger_stdout; /* module bitfield */
// char *dump_log_name; /* file name for state dump (SIGUSR1) */
int max_num_sta; /* maximum number of STAs in station table */
int dtim_period;
int ieee802_1x; /* use IEEE 802.1X */
int eapol_version;
// int eap_server; /* Use internal EAP server instead of external
// * RADIUS server */
// struct hostapd_eap_user *eap_user;
// char *eap_user_sqlite;
// char *eap_sim_db;
// struct hostapd_ip_addr own_ip_addr;
// char *nas_identifier;
// struct hostapd_radius_servers *radius;
// int acct_interim_interval;
// int radius_request_cui;
// struct hostapd_radius_attr *radius_auth_req_attr;
// struct hostapd_radius_attr *radius_acct_req_attr;
// int radius_das_port;
// unsigned int radius_das_time_window;
// int radius_das_require_event_timestamp;
// struct hostapd_ip_addr radius_das_client_addr;
// u8 *radius_das_shared_secret;
// size_t radius_das_shared_secret_len;
struct hostapd_ssid ssid;
// char *eap_req_id_text; /* optional displayable message sent with
// * EAP Request-Identity */
// size_t eap_req_id_text_len;
// int eapol_key_index_workaround;
// size_t default_wep_key_len;
// int individual_wep_key_len;
int wep_rekeying_period;
int broadcast_key_idx_min, broadcast_key_idx_max;
// int eap_reauth_period;
// int ieee802_11f; /* use IEEE 802.11f (IAPP) */
// char iapp_iface[IFNAMSIZ + 1]; /* interface used with IAPP broadcast
// * frames */
enum {
ACCEPT_UNLESS_DENIED = 0,
DENY_UNLESS_ACCEPTED = 1,
USE_EXTERNAL_RADIUS_AUTH = 2
} macaddr_acl;
// struct mac_acl_entry *accept_mac;
// int num_accept_mac;
// struct mac_acl_entry *deny_mac;
// int num_deny_mac;
// int wds_sta;
// int isolate;
int auth_algs; /* bitfield of allowed IEEE 802.11 authentication
* algorithms, WPA_AUTH_ALG_{OPEN,SHARED,LEAP} */
@@ -288,49 +233,12 @@ struct hostapd_bss_config {
int ft_over_ds;
#endif /* CONFIG_IEEE80211R */
// char *ctrl_interface; /* directory for UNIX domain sockets */
#ifndef CONFIG_NATIVE_WINDOWS
// gid_t ctrl_interface_gid;
#endif /* CONFIG_NATIVE_WINDOWS */
// int ctrl_interface_gid_set;
// char *ca_cert;
// char *server_cert;
// char *private_key;
// char *private_key_passwd;
// int check_crl;
// char *dh_file;
// u8 *pac_opaque_encr_key;
// u8 *eap_fast_a_id;
// size_t eap_fast_a_id_len;
// char *eap_fast_a_id_info;
// int eap_fast_prov;
// int pac_key_lifetime;
// int pac_key_refresh_time;
// int eap_sim_aka_result_ind;
// int tnc;
// int fragment_size;
// u16 pwd_group;
// char *radius_server_clients;
// int radius_server_auth_port;
// int radius_server_ipv6;
// char *test_socket; /* UNIX domain socket path for driver_test */
// int use_pae_group_addr; /* Whether to send EAPOL frames to PAE group
// * address instead of individual address
// * (for driver_wired.c).
// */
int ap_max_inactivity;
int ignore_broadcast_ssid;
int wmm_enabled;
int wmm_uapsd;
// struct hostapd_vlan *vlan, *vlan_tail;
macaddr bssid;
/*
@@ -340,10 +248,6 @@ struct hostapd_bss_config {
*/
u16 max_listen_interval;
// int disable_pmksa_caching;
// int okc; /* Opportunistic Key Caching */
// int wps_state;
#ifdef CONFIG_WPS
int ap_setup_locked;
u8 uuid[16];
@@ -375,71 +279,6 @@ struct hostapd_bss_config {
struct wpabuf *wps_nfc_dh_privkey;
struct wpabuf *wps_nfc_dev_pw;
#endif /* CONFIG_WPS */
// int pbc_in_m1;
#define P2P_ENABLED BIT(0)
#define P2P_GROUP_OWNER BIT(1)
#define P2P_GROUP_FORMATION BIT(2)
#define P2P_MANAGE BIT(3)
#define P2P_ALLOW_CROSS_CONNECTION BIT(4)
// int p2p;
// int disassoc_low_ack;
// int skip_inactivity_poll;
#define TDLS_PROHIBIT BIT(0)
#define TDLS_PROHIBIT_CHAN_SWITCH BIT(1)
// int tdls;
// int disable_11n;
// int disable_11ac;
/* IEEE 802.11v */
// int time_advertisement;
// char *time_zone;
// int wnm_sleep_mode;
// int bss_transition;
/* IEEE 802.11u - Interworking */
// int interworking;
// int access_network_type;
// int internet;
// int asra;
// int esr;
// int uesa;
// int venue_info_set;
// u8 venue_group;
// u8 venue_type;
// u8 hessid[ETH_ALEN];
/* IEEE 802.11u - Roaming Consortium list */
// unsigned int roaming_consortium_count;
// struct hostapd_roaming_consortium *roaming_consortium;
/* IEEE 802.11u - Venue Name duples */
// unsigned int venue_name_count;
// struct hostapd_lang_string *venue_name;
/* IEEE 802.11u - Network Authentication Type */
// u8 *network_auth_type;
// size_t network_auth_type_len;
/* IEEE 802.11u - IP Address Type Availability */
// u8 ipaddr_type_availability;
// u8 ipaddr_type_configured;
/* IEEE 802.11u - 3GPP Cellular Network */
// u8 *anqp_3gpp_cell_net;
// size_t anqp_3gpp_cell_net_len;
/* IEEE 802.11u - Domain Name */
// u8 *domain_name;
// size_t domain_name_len;
// unsigned int nai_realm_count;
// struct hostapd_nai_realm_data *nai_realm_data;
// u16 gas_comeback_delay;
// int gas_frag_limit;
#ifdef CONFIG_HS20
int hs20;
@@ -453,13 +292,10 @@ struct hostapd_bss_config {
u8 hs20_operating_class_len;
#endif /* CONFIG_HS20 */
// u8 wps_rf_bands; /* RF bands for WPS (WPS_RF_*) */
#ifdef CONFIG_RADIUS_TEST
char *dump_msk_file;
#endif /* CONFIG_RADIUS_TEST */
// struct wpabuf *vendor_elements;
};
@@ -498,8 +334,6 @@ struct hostapd_config {
int ieee80211d;
// struct hostapd_tx_queue_params tx_queue[NUM_TX_QUEUES];
/*
* WMM AC parameters, in same order as 802.1D, i.e.
* 0 = BE (best effort)
@@ -507,7 +341,6 @@ struct hostapd_config {
* 2 = VI (video)
* 3 = VO (voice)
*/
// struct hostapd_wmm_ac_params wmm_ac_params[4];
int ht_op_mode_fixed;
u16 ht_capab;
@@ -536,9 +369,7 @@ int hostapd_wep_key_cmp(struct hostapd_wep_keys *a,
const u8 * hostapd_get_psk(const struct hostapd_bss_config *conf,
const u8 *addr, const u8 *prev_psk);
int hostapd_setup_wpa_psk(struct hostapd_bss_config *conf);
//const char * hostapd_get_vlan_id_ifname(struct hostapd_vlan *vlan,
// int vlan_id);
//struct hostapd_radius_attr *
//hostapd_config_get_radius_attr(struct hostapd_radius_attr *attr, u8 type);
bool wpa_ap_join(void** sm, uint8_t *bssid, uint8_t *wpa_ie, uint8_t wpa_ie_len);
bool wpa_ap_remove(void* sm);
#endif /* HOSTAPD_CONFIG_H */

115
components/wpa_supplicant/src/ap/hostapd.h Normal file
View File

@@ -0,0 +1,115 @@
/*
* hostapd / Initialization and configuration
* Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#ifndef HOSTAPD_H
#define HOSTAPD_H
#include "common/defs.h"
#include "ap/ap_config.h"
struct wpa_driver_ops;
struct wpa_ctrl_dst;
struct radius_server_data;
struct upnp_wps_device_sm;
struct hostapd_data;
struct sta_info;
struct hostap_sta_driver_data;
struct ieee80211_ht_capabilities;
struct full_dynamic_vlan;
enum wps_event;
union wps_event_data;
struct hostapd_iface;
struct hapd_interfaces {
int (*reload_config)(struct hostapd_iface *iface);
struct hostapd_config * (*config_read_cb)(const char *config_fname);
int (*ctrl_iface_init)(struct hostapd_data *hapd);
void (*ctrl_iface_deinit)(struct hostapd_data *hapd);
int (*for_each_interface)(struct hapd_interfaces *interfaces,
int (*cb)(struct hostapd_iface *iface,
void *ctx), void *ctx);
int (*driver_init)(struct hostapd_iface *iface);
size_t count;
int global_ctrl_sock;
char *global_iface_path;
char *global_iface_name;
struct hostapd_iface **iface;
};
struct hostapd_probereq_cb {
int (*cb)(void *ctx, const u8 *sa, const u8 *da, const u8 *bssid,
const u8 *ie, size_t ie_len, int ssi_signal);
void *ctx;
};
#define HOSTAPD_RATE_BASIC 0x00000001
struct hostapd_rate_data {
int rate; /* rate in 100 kbps */
int flags; /* HOSTAPD_RATE_ flags */
};
struct hostapd_frame_info {
u32 channel;
u32 datarate;
int ssi_signal; /* dBm */
};
/**
* struct hostapd_data - hostapd per-BSS data structure
*/
struct hostapd_data {
struct hostapd_config *iconf;
struct hostapd_bss_config *conf;
int interface_added; /* virtual interface added for this BSS */
u8 own_addr[ETH_ALEN];
int num_sta; /* number of entries in sta_list */
struct wpa_authenticator *wpa_auth;
#ifdef CONFIG_FULL_DYNAMIC_VLAN
struct full_dynamic_vlan *full_dynamic_vlan;
#endif /* CONFIG_FULL_DYNAMIC_VLAN */
#ifdef CONFIG_WPS
unsigned int ap_pin_failures;
unsigned int ap_pin_failures_consecutive;
struct upnp_wps_device_sm *wps_upnp;
unsigned int ap_pin_lockout_time;
#endif /* CONFIG_WPS */
#ifdef CONFIG_P2P
struct p2p_data *p2p;
struct p2p_group *p2p_group;
struct wpabuf *p2p_beacon_ie;
struct wpabuf *p2p_probe_resp_ie;
/* Number of non-P2P association stations */
int num_sta_no_p2p;
/* Periodic NoA (used only when no non-P2P clients in the group) */
int noa_enabled;
int noa_start;
int noa_duration;
#endif /* CONFIG_P2P */
#ifdef CONFIG_INTERWORKING
size_t gas_frag_limit;
#endif /* CONFIG_INTERWORKING */
#ifdef CONFIG_SQLITE
struct hostapd_eap_user tmp_eap_user;
#endif /* CONFIG_SQLITE */
};
#endif /* HOSTAPD_H */

78
components/wpa_supplicant/src/ap/ieee802_1x.c Normal file
View File

@@ -0,0 +1,78 @@
/*
* hostapd / IEEE 802.1X-2004 Authenticator
* Copyright (c) 2002-2012, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#include "utils/includes.h"
#include "utils/common.h"
#include "crypto/crypto.h"
#include "crypto/random.h"
#include "common/ieee802_11_defs.h"
#include "hostapd.h"
#include "ap/sta_info.h"
#include "ap/wpa_auth.h"
#include "ap/ap_config.h"
#include "ap/ieee802_1x.h"
#include "utils/wpa_debug.h"
/**
* ieee802_1x_receive - Process the EAPOL frames from the Supplicant
* @hapd: hostapd BSS data
* @sa: Source address (sender of the EAPOL frame)
* @buf: EAPOL frame
* @len: Length of buf in octets
*
* This function is called for each incoming EAPOL frame from the interface
*/
void ieee802_1x_receive(struct hostapd_data *hapd, const u8 *sa, const u8 *buf,
size_t len)
{
struct sta_info *sta;
struct ieee802_1x_hdr *hdr;
struct ieee802_1x_eapol_key *key;
u16 datalen;
wpa_printf( MSG_DEBUG, "IEEE 802.1X: %lu bytes from " MACSTR,
(unsigned long) len, MAC2STR(sa));
sta = ap_get_sta(hapd, sa);
if (!sta || !(sta->flags & (WLAN_STA_ASSOC | WLAN_STA_PREAUTH))) {
wpa_printf( MSG_DEBUG, "IEEE 802.1X data frame from not "
"associated/Pre-authenticating STA");
return;
}
if (len < sizeof(*hdr)) {
wpa_printf( MSG_DEBUG, " too short IEEE 802.1X packet\n");
return;
}
hdr = (struct ieee802_1x_hdr *) buf;
datalen = be_to_host16(hdr->length);
wpa_printf( MSG_DEBUG, " IEEE 802.1X: version=%d type=%d length=%d",
hdr->version, hdr->type, datalen);
if (len - sizeof(*hdr) < datalen) {
wpa_printf( MSG_DEBUG, " frame too short for this IEEE 802.1X packet\n");
return;
}
if (len - sizeof(*hdr) > datalen) {
wpa_printf( MSG_DEBUG, " ignoring %lu extra octets after "
"IEEE 802.1X packet",
(unsigned long) len - sizeof(*hdr) - datalen);
}
key = (struct ieee802_1x_eapol_key *) (hdr + 1);
if (datalen >= sizeof(struct ieee802_1x_eapol_key) &&
hdr->type == IEEE802_1X_TYPE_EAPOL_KEY &&
(key->type == EAPOL_KEY_TYPE_WPA ||
key->type == EAPOL_KEY_TYPE_RSN)) {
wpa_receive(hapd->wpa_auth, sta->wpa_sm, (u8 *) hdr,
sizeof(*hdr) + datalen);
return;
}
}

24
components/wpa_supplicant/src/ap/ieee802_1x.h Normal file
View File

@@ -0,0 +1,24 @@
/*
* hostapd / IEEE 802.1X-2004 Authenticator
* Copyright (c) 2002-2012, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#ifndef IEEE802_1X_H
#define IEEE802_1X_H
struct hostapd_data;
struct sta_info;
struct eapol_state_machine;
struct hostapd_config;
struct hostapd_bss_config;
struct hostapd_radius_attr;
struct radius_msg;
void ieee802_1x_receive(struct hostapd_data *hapd, const u8 *sa, const u8 *buf,
size_t len);
#endif /* IEEE802_1X_H */

53
components/wpa_supplicant/include/wpa/sta_info.h → components/wpa_supplicant/src/ap/sta_info.h
View File

@@ -48,61 +48,14 @@ struct sta_info {
u16 listen_interval; /* or beacon_int for APs */
u8 supported_rates[WLAN_SUPP_RATES_MAX];
int supported_rates_len;
// u8 qosinfo; /* Valid when WLAN_STA_WMM is set */
// unsigned int nonerp_set:1;
// unsigned int no_short_slot_time_set:1;
// unsigned int no_short_preamble_set:1;
// unsigned int no_ht_gf_set:1;
// unsigned int no_ht_set:1;
// unsigned int ht_20mhz_set:1;
// unsigned int no_p2p_set:1;
u16 auth_alg;
// u8 previous_ap[6];
enum {
STA_NULLFUNC = 0, STA_DISASSOC, STA_DEAUTH, STA_REMOVE
} timeout_next;
// u16 deauth_reason;
// u16 disassoc_reason;
/* IEEE 802.1X related data */
// struct eapol_state_machine *eapol_sm;
/* IEEE 802.11f (IAPP) related data */
// struct ieee80211_mgmt *last_assoc_req;
// u32 acct_session_id_hi;
// u32 acct_session_id_lo;
// time_t acct_session_start;
// int acct_session_started;
// int acct_terminate_cause; /* Acct-Terminate-Cause */
// int acct_interim_interval; /* Acct-Interim-Interval */
// unsigned long last_rx_bytes;
// unsigned long last_tx_bytes;
// u32 acct_input_gigawords; /* Acct-Input-Gigawords */
// u32 acct_output_gigawords; /* Acct-Output-Gigawords */
// u8 *challenge; /* IEEE 802.11 Shared Key Authentication Challenge */
struct wpa_state_machine *wpa_sm;
// struct rsn_preauth_interface *preauth_iface;
struct hostapd_ssid *ssid; /* SSID selection based on (Re)AssocReq */
// struct hostapd_ssid *ssid_probe; /* SSID selection based on ProbeReq */
// int vlan_id;
/* PSKs from RADIUS authentication server */
// struct hostapd_sta_wpa_psk_short *psk;
// char *identity; /* User-Name from RADIUS */
// char *radius_cui; /* Chargeable-User-Identity from RADIUS */
// struct ieee80211_ht_capabilities *ht_capabilities;
// struct ieee80211_vht_capabilities *vht_capabilities;
#ifdef CONFIG_IEEE80211W
int sa_query_count; /* number of pending SA Query requests;
@@ -120,12 +73,6 @@ struct sta_info {
u8 gas_dialog_next;
#endif /* CONFIG_INTERWORKING */
// struct wpabuf *wps_ie; /* WPS IE from (Re)Association Request */
// struct wpabuf *p2p_ie; /* P2P IE from (Re)Association Request */
// struct wpabuf *hs20_ie; /* HS 2.0 IE from (Re)Association Request */
// struct os_time connected_time;
#ifdef CONFIG_SAE
enum { SAE_INIT, SAE_COMMIT, SAE_CONFIRM } sae_state;
u16 sae_send_confirm;

2439
components/wpa_supplicant/src/ap/wpa_auth.c Normal file
View File

File diff suppressed because it is too large Load Diff

8
components/wpa_supplicant/include/wpa/wpa_auth.h → components/wpa_supplicant/src/ap/wpa_auth.h
View File

@@ -9,14 +9,16 @@
#ifndef WPA_AUTH_H
#define WPA_AUTH_H
#include "wpa/defs.h"
#include "wpa/eapol_common.h"
#include "wpa/wpa_common.h"
#include "common/defs.h"
#include "common/eapol_common.h"
#include "common/wpa_common.h"
#ifdef _MSC_VER
#pragma pack(push, 1)
#endif /* _MSC_VER */
#define WPA_IS_MULTICAST(_a) (*(_a) & 0x01)
/* IEEE Std 802.11r-2008, 11A.10.3 - Remote request/response frame definition
*/
struct ft_rrb_frame {

28
components/wpa_supplicant/include/wpa/wpa_auth_i.h → components/wpa_supplicant/src/ap/wpa_auth_i.h
View File

@@ -102,10 +102,6 @@ struct wpa_state_machine {
} wpa;
int pairwise; /* Pairwise cipher suite, WPA_CIPHER_* */
int wpa_key_mgmt; /* the selected WPA_KEY_MGMT_* */
// struct rsn_pmksa_cache_entry *pmksa;
// u32 dot11RSNAStatsTKIPLocalMICFailures;
// u32 dot11RSNAStatsTKIPRemoteMICFailures;
#ifdef CONFIG_IEEE80211R
u8 xxkey[PMK_LEN]; /* PSK or the second 256 bits of MSK */
@@ -120,6 +116,8 @@ struct wpa_state_machine {
#endif /* CONFIG_IEEE80211R */
int pending_1_of_4_timeout;
u32 index;
ETSTimer resend_eapol;
};
@@ -160,40 +158,18 @@ struct wpa_ft_pmk_cache;
struct wpa_authenticator {
struct wpa_group *group;
// unsigned int dot11RSNAStatsTKIPRemoteMICFailures;
// u32 dot11RSNAAuthenticationSuiteSelected;
// u32 dot11RSNAPairwiseCipherSelected;
// u32 dot11RSNAGroupCipherSelected;
// u8 dot11RSNAPMKIDUsed[PMKID_LEN];
// u32 dot11RSNAAuthenticationSuiteRequested; /* FIX: update */
// u32 dot11RSNAPairwiseCipherRequested; /* FIX: update */
// u32 dot11RSNAGroupCipherRequested; /* FIX: update */
// unsigned int dot11RSNATKIPCounterMeasuresInvoked;
// unsigned int dot11RSNA4WayHandshakeFailures;
// struct wpa_stsl_negotiation *stsl_negotiations;
struct wpa_auth_config conf;
// struct wpa_auth_callbacks cb;
u8 *wpa_ie;
size_t wpa_ie_len;
u8 addr[ETH_ALEN];
// struct rsn_pmksa_cache *pmksa;
// struct wpa_ft_pmk_cache *ft_pmk_cache;
};
int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
const u8 *pmkid);
#if 0
void wpa_auth_logger(struct wpa_authenticator *wpa_auth, const u8 *addr,
logger_level level, const char *txt);
void wpa_auth_vlogger(struct wpa_authenticator *wpa_auth, const u8 *addr,
logger_level level, const char *fmt, ...);
#endif
void __wpa_send_eapol(struct wpa_authenticator *wpa_auth,
struct wpa_state_machine *sm, int key_info,
const u8 *key_rsc, const u8 *nonce,

705
components/wpa_supplicant/src/ap/wpa_auth_ie.c Normal file
View File

@@ -0,0 +1,705 @@
/*
* hostapd - WPA/RSN IE and KDE definitions
* Copyright (c) 2004-2008, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#include "utils/includes.h"
#include "utils/common.h"
#include "common/ieee802_11_defs.h"
#include "ap/wpa_auth.h"
#include "ap/wpa_auth_ie.h"
#include "ap/wpa_auth_i.h"
#include "common/wpa_common.h"
#include "utils/wpa_debug.h"
#ifdef CONFIG_RSN_TESTING
int rsn_testing = 0;
#endif /* CONFIG_RSN_TESTING */
static int wpa_write_wpa_ie(struct wpa_auth_config *conf, u8 *buf, size_t len)
{
struct wpa_ie_hdr *hdr;
int num_suites;
u8 *pos, *count;
u32 suite;
hdr = (struct wpa_ie_hdr *) buf;
hdr->elem_id = WLAN_EID_VENDOR_SPECIFIC;
RSN_SELECTOR_PUT(hdr->oui, WPA_OUI_TYPE);
WPA_PUT_LE16(hdr->version, WPA_VERSION);
pos = (u8 *) (hdr + 1);
suite = wpa_cipher_to_suite(WPA_PROTO_WPA, conf->wpa_group);
if (suite == 0) {
wpa_printf( MSG_DEBUG, "Invalid group cipher (%d).",
conf->wpa_group);
return -1;
}
RSN_SELECTOR_PUT(pos, suite);
pos += WPA_SELECTOR_LEN;
count = pos;
pos += 2;
num_suites = wpa_cipher_put_suites(pos, conf->wpa_pairwise);
if (num_suites == 0) {
wpa_printf( MSG_DEBUG, "Invalid pairwise cipher (%d).",
conf->wpa_pairwise);
return -1;
}
pos += num_suites * WPA_SELECTOR_LEN;
WPA_PUT_LE16(count, num_suites);
num_suites = 0;
count = pos;
pos += 2;
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
RSN_SELECTOR_PUT(pos, WPA_AUTH_KEY_MGMT_UNSPEC_802_1X);
pos += WPA_SELECTOR_LEN;
num_suites++;
}
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
RSN_SELECTOR_PUT(pos, WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X);
pos += WPA_SELECTOR_LEN;
num_suites++;
}
if (num_suites == 0) {
wpa_printf( MSG_DEBUG, "Invalid key management type (%d).",
conf->wpa_key_mgmt);
return -1;
}
WPA_PUT_LE16(count, num_suites);
/* WPA Capabilities; use defaults, so no need to include it */
hdr->len = (pos - buf) - 2;
return pos - buf;
}
int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
const u8 *pmkid)
{
struct rsn_ie_hdr *hdr;
int num_suites, res;
u8 *pos, *count;
u16 capab;
u32 suite;
hdr = (struct rsn_ie_hdr *) buf;
hdr->elem_id = WLAN_EID_RSN;
WPA_PUT_LE16(hdr->version, RSN_VERSION);
pos = (u8 *) (hdr + 1);
suite = wpa_cipher_to_suite(WPA_PROTO_RSN, conf->wpa_group);
if (suite == 0) {
wpa_printf( MSG_DEBUG, "Invalid group cipher (%d).",
conf->wpa_group);
return -1;
}
RSN_SELECTOR_PUT(pos, suite);
pos += RSN_SELECTOR_LEN;
num_suites = 0;
count = pos;
pos += 2;
#ifdef CONFIG_RSN_TESTING
if (rsn_testing) {
RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 1));
pos += RSN_SELECTOR_LEN;
num_suites++;
}
#endif /* CONFIG_RSN_TESTING */
res = rsn_cipher_put_suites(pos, conf->rsn_pairwise);
num_suites += res;
pos += res * RSN_SELECTOR_LEN;
#ifdef CONFIG_RSN_TESTING
if (rsn_testing) {
RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 2));
pos += RSN_SELECTOR_LEN;
num_suites++;
}
#endif /* CONFIG_RSN_TESTING */
if (num_suites == 0) {
wpa_printf( MSG_DEBUG, "Invalid pairwise cipher (%d).",
conf->rsn_pairwise);
return -1;
}
WPA_PUT_LE16(count, num_suites);
num_suites = 0;
count = pos;
pos += 2;
#ifdef CONFIG_RSN_TESTING
if (rsn_testing) {
RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 1));
pos += RSN_SELECTOR_LEN;
num_suites++;
}
#endif /* CONFIG_RSN_TESTING */
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_UNSPEC_802_1X);
pos += RSN_SELECTOR_LEN;
num_suites++;
}
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X);
pos += RSN_SELECTOR_LEN;
num_suites++;
}
#ifdef CONFIG_IEEE80211R
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_802_1X);
pos += RSN_SELECTOR_LEN;
num_suites++;
}
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_PSK);
pos += RSN_SELECTOR_LEN;
num_suites++;
}
#endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SHA256);
pos += RSN_SELECTOR_LEN;
num_suites++;
}
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_SHA256);
pos += RSN_SELECTOR_LEN;
num_suites++;
}
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_SAE
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_SAE);
pos += RSN_SELECTOR_LEN;
num_suites++;
}
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_SAE);
pos += RSN_SELECTOR_LEN;
num_suites++;
}
#endif /* CONFIG_SAE */
#ifdef CONFIG_RSN_TESTING
if (rsn_testing) {
RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 2));
pos += RSN_SELECTOR_LEN;
num_suites++;
}
#endif /* CONFIG_RSN_TESTING */
if (num_suites == 0) {
wpa_printf( MSG_DEBUG, "Invalid key management type (%d).",
conf->wpa_key_mgmt);
return -1;
}
WPA_PUT_LE16(count, num_suites);
/* RSN Capabilities */
capab = 0;
if (conf->rsn_preauth)
capab |= WPA_CAPABILITY_PREAUTH;
if (conf->peerkey)
capab |= WPA_CAPABILITY_PEERKEY_ENABLED;
if (conf->wmm_enabled) {
/* 4 PTKSA replay counters when using WMM */
capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
}
#ifdef CONFIG_IEEE80211W
if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
capab |= WPA_CAPABILITY_MFPC;
if (conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED)
capab |= WPA_CAPABILITY_MFPR;
}
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_RSN_TESTING
if (rsn_testing)
capab |= BIT(8) | BIT(14) | BIT(15);
#endif /* CONFIG_RSN_TESTING */
WPA_PUT_LE16(pos, capab);
pos += 2;
if (pmkid) {
if (pos + 2 + PMKID_LEN > buf + len)
return -1;
/* PMKID Count */
WPA_PUT_LE16(pos, 1);
pos += 2;
memcpy(pos, pmkid, PMKID_LEN);
pos += PMKID_LEN;
}
#ifdef CONFIG_IEEE80211W
if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
if (pos + 2 + 4 > buf + len)
return -1;
if (pmkid == NULL) {
/* PMKID Count */
WPA_PUT_LE16(pos, 0);
pos += 2;
}
/* Management Group Cipher Suite */
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC);
pos += RSN_SELECTOR_LEN;
}
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_RSN_TESTING
if (rsn_testing) {
/*
* Fill in any defined fields and add extra data to the end of
* the element.
*/
int pmkid_count_set = pmkid != NULL;
if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION)
pmkid_count_set = 1;
/* PMKID Count */
WPA_PUT_LE16(pos, 0);
pos += 2;
if (conf->ieee80211w == NO_MGMT_FRAME_PROTECTION) {
/* Management Group Cipher Suite */
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC);
pos += RSN_SELECTOR_LEN;
}
memset(pos, 0x12, 17);
pos += 17;
}
#endif /* CONFIG_RSN_TESTING */
hdr->len = (pos - buf) - 2;
return pos - buf;
}
int wpa_auth_gen_wpa_ie(struct wpa_authenticator *wpa_auth)
{
u8 *pos, buf[128];
int res;
pos = buf;
if (wpa_auth->conf.wpa & WPA_PROTO_RSN) {
res = wpa_write_rsn_ie(&wpa_auth->conf,
pos, buf + sizeof(buf) - pos, NULL);
if (res < 0)
return res;
pos += res;
}
#ifdef CONFIG_IEEE80211R
if (wpa_key_mgmt_ft(wpa_auth->conf.wpa_key_mgmt)) {
res = wpa_write_mdie(&wpa_auth->conf, pos,
buf + sizeof(buf) - pos);
if (res < 0)
return res;
pos += res;
}
#endif /* CONFIG_IEEE80211R */
if (wpa_auth->conf.wpa & WPA_PROTO_WPA) {
res = wpa_write_wpa_ie(&wpa_auth->conf,
pos, buf + sizeof(buf) - pos);
if (res < 0)
return res;
pos += res;
}
os_free(wpa_auth->wpa_ie);
wpa_auth->wpa_ie = os_malloc(pos - buf);
if (wpa_auth->wpa_ie == NULL)
return -1;
memcpy(wpa_auth->wpa_ie, buf, pos - buf);
wpa_auth->wpa_ie_len = pos - buf;
return 0;
}
u8 * wpa_add_kde(u8 *pos, u32 kde, const u8 *data, size_t data_len,
const u8 *data2, size_t data2_len)
{
*pos++ = WLAN_EID_VENDOR_SPECIFIC;
*pos++ = RSN_SELECTOR_LEN + data_len + data2_len;
RSN_SELECTOR_PUT(pos, kde);
pos += RSN_SELECTOR_LEN;
memcpy(pos, data, data_len);
pos += data_len;
if (data2) {
memcpy(pos, data2, data2_len);
pos += data2_len;
}
return pos;
}
int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
struct wpa_state_machine *sm,
const u8 *wpa_ie, size_t wpa_ie_len/*,
const u8 *mdie, size_t mdie_len*/)
{
struct wpa_ie_data data;
int ciphers, key_mgmt, res, version;
u32 selector;
if (wpa_auth == NULL || sm == NULL)
return WPA_NOT_ENABLED;
if (wpa_ie == NULL || wpa_ie_len < 1)
return WPA_INVALID_IE;
if (wpa_ie[0] == WLAN_EID_RSN)
version = WPA_PROTO_RSN;
else
version = WPA_PROTO_WPA;
if (!(wpa_auth->conf.wpa & version)) {
wpa_printf( MSG_DEBUG, "Invalid WPA proto (%d) from " MACSTR,
version, MAC2STR(sm->addr));
return WPA_INVALID_PROTO;
}
if (version == WPA_PROTO_RSN) {
res = wpa_parse_wpa_ie_rsn(wpa_ie, wpa_ie_len, &data);
selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
if (0) {
}
#ifdef CONFIG_IEEE80211R
else if (data.key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
selector = RSN_AUTH_KEY_MGMT_FT_802_1X;
else if (data.key_mgmt & WPA_KEY_MGMT_FT_PSK)
selector = RSN_AUTH_KEY_MGMT_FT_PSK;
#endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
selector = RSN_AUTH_KEY_MGMT_802_1X_SHA256;
else if (data.key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
selector = RSN_AUTH_KEY_MGMT_PSK_SHA256;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_SAE
else if (data.key_mgmt & WPA_KEY_MGMT_SAE)
selector = RSN_AUTH_KEY_MGMT_SAE;
else if (data.key_mgmt & WPA_KEY_MGMT_FT_SAE)
selector = RSN_AUTH_KEY_MGMT_FT_SAE;
#endif /* CONFIG_SAE */
else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
else if (data.key_mgmt & WPA_KEY_MGMT_PSK)
selector = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X;
selector = wpa_cipher_to_suite(WPA_PROTO_RSN,
data.pairwise_cipher);
if (!selector)
selector = RSN_CIPHER_SUITE_CCMP;
selector = wpa_cipher_to_suite(WPA_PROTO_RSN,
data.group_cipher);
if (!selector)
selector = RSN_CIPHER_SUITE_CCMP;
} else {
res = wpa_parse_wpa_ie_wpa(wpa_ie, wpa_ie_len, &data);
selector = WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
selector = WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
else if (data.key_mgmt & WPA_KEY_MGMT_PSK)
selector = WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X;
selector = wpa_cipher_to_suite(WPA_PROTO_WPA,
data.pairwise_cipher);
if (!selector)
selector = RSN_CIPHER_SUITE_TKIP;
selector = wpa_cipher_to_suite(WPA_PROTO_WPA,
data.group_cipher);
if (!selector)
selector = WPA_CIPHER_SUITE_TKIP;
}
if (res) {
wpa_printf( MSG_DEBUG, "Failed to parse WPA/RSN IE from "
MACSTR " (res=%d)", MAC2STR(sm->addr), res);
wpa_hexdump(MSG_DEBUG, "WPA/RSN IE", wpa_ie, wpa_ie_len);
return WPA_INVALID_IE;
}
if (data.group_cipher != wpa_auth->conf.wpa_group) {
wpa_printf( MSG_DEBUG, "Invalid WPA group cipher (0x%x) from "
MACSTR, data.group_cipher, MAC2STR(sm->addr));
return WPA_INVALID_GROUP;
}
key_mgmt = data.key_mgmt & wpa_auth->conf.wpa_key_mgmt;
if (!key_mgmt) {
wpa_printf( MSG_DEBUG, "Invalid WPA key mgmt (0x%x) from "
MACSTR, data.key_mgmt, MAC2STR(sm->addr));
return WPA_INVALID_AKMP;
}
if (0) {
}
#ifdef CONFIG_IEEE80211R
else if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
else if (key_mgmt & WPA_KEY_MGMT_FT_PSK)
sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_PSK;
#endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
else if (key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_SAE
else if (key_mgmt & WPA_KEY_MGMT_SAE)
sm->wpa_key_mgmt = WPA_KEY_MGMT_SAE;
else if (key_mgmt & WPA_KEY_MGMT_FT_SAE)
sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_SAE;
#endif /* CONFIG_SAE */
else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X)
sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X;
else
sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK;
if (version == WPA_PROTO_RSN)
ciphers = data.pairwise_cipher & wpa_auth->conf.rsn_pairwise;
else
ciphers = data.pairwise_cipher & wpa_auth->conf.wpa_pairwise;
if (!ciphers) {
wpa_printf( MSG_DEBUG, "Invalid %s pairwise cipher (0x%x) "
"from " MACSTR,
version == WPA_PROTO_RSN ? "RSN" : "WPA",
data.pairwise_cipher, MAC2STR(sm->addr));
return WPA_INVALID_PAIRWISE;
}
#ifdef CONFIG_IEEE80211W
if (wpa_auth->conf.ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
if (!(data.capabilities & WPA_CAPABILITY_MFPC)) {
wpa_printf( MSG_DEBUG, "Management frame protection "
"required, but client did not enable it");
return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
}
if (ciphers & WPA_CIPHER_TKIP) {
wpa_printf( MSG_DEBUG, "Management frame protection "
"cannot use TKIP");
return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
}
if (data.mgmt_group_cipher != WPA_CIPHER_AES_128_CMAC) {
wpa_printf( MSG_DEBUG, "Unsupported management group "
"cipher %d", data.mgmt_group_cipher);
return WPA_INVALID_MGMT_GROUP_CIPHER;
}
}
if (wpa_auth->conf.ieee80211w == NO_MGMT_FRAME_PROTECTION ||
!(data.capabilities & WPA_CAPABILITY_MFPC))
sm->mgmt_frame_prot = 0;
else
sm->mgmt_frame_prot = 1;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211R
if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
if (mdie == NULL || mdie_len < MOBILITY_DOMAIN_ID_LEN + 1) {
wpa_printf( MSG_DEBUG, "RSN: Trying to use FT, but "
"MDIE not included");
return WPA_INVALID_MDIE;
}
if (memcmp(mdie, wpa_auth->conf.mobility_domain,
MOBILITY_DOMAIN_ID_LEN) != 0) {
wpa_hexdump(MSG_DEBUG, "RSN: Attempted to use unknown "
"MDIE", mdie, MOBILITY_DOMAIN_ID_LEN);
return WPA_INVALID_MDIE;
}
}
#endif /* CONFIG_IEEE80211R */
if (ciphers & WPA_CIPHER_CCMP)
sm->pairwise = WPA_CIPHER_CCMP;
else if (ciphers & WPA_CIPHER_GCMP)
sm->pairwise = WPA_CIPHER_GCMP;
else
sm->pairwise = WPA_CIPHER_TKIP;
/* TODO: clear WPA/WPA2 state if STA changes from one to another */
if (wpa_ie[0] == WLAN_EID_RSN)
sm->wpa = WPA_VERSION_WPA2;
else
sm->wpa = WPA_VERSION_WPA;
if (sm->wpa_ie == NULL || sm->wpa_ie_len < wpa_ie_len) {
os_free(sm->wpa_ie);
sm->wpa_ie = os_malloc(wpa_ie_len);
if (sm->wpa_ie == NULL)
return WPA_ALLOC_FAIL;
}
memcpy(sm->wpa_ie, wpa_ie, wpa_ie_len);
sm->wpa_ie_len = wpa_ie_len;
return WPA_IE_OK;
}
/**
* wpa_parse_generic - Parse EAPOL-Key Key Data Generic IEs
* @pos: Pointer to the IE header
* @end: Pointer to the end of the Key Data buffer
* @ie: Pointer to parsed IE data
* Returns: 0 on success, 1 if end mark is found, -1 on failure
*/
static int wpa_parse_generic(const u8 *pos, const u8 *end,
struct wpa_eapol_ie_parse *ie)
{
if (pos[1] == 0)
return 1;
if (pos[1] >= 6 &&
RSN_SELECTOR_GET(pos + 2) == WPA_OUI_TYPE &&
pos[2 + WPA_SELECTOR_LEN] == 1 &&
pos[2 + WPA_SELECTOR_LEN + 1] == 0) {
ie->wpa_ie = pos;
ie->wpa_ie_len = pos[1] + 2;
return 0;
}
if (pos + 1 + RSN_SELECTOR_LEN < end &&
pos[1] >= RSN_SELECTOR_LEN + PMKID_LEN &&
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_PMKID) {
ie->pmkid = pos + 2 + RSN_SELECTOR_LEN;
return 0;
}
if (pos[1] > RSN_SELECTOR_LEN + 2 &&
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_GROUPKEY) {
ie->gtk = pos + 2 + RSN_SELECTOR_LEN;
ie->gtk_len = pos[1] - RSN_SELECTOR_LEN;
return 0;
}
if (pos[1] > RSN_SELECTOR_LEN + 2 &&
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_MAC_ADDR) {
ie->mac_addr = pos + 2 + RSN_SELECTOR_LEN;
ie->mac_addr_len = pos[1] - RSN_SELECTOR_LEN;
return 0;
}
#ifdef CONFIG_PEERKEY
if (pos[1] > RSN_SELECTOR_LEN + 2 &&
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_SMK) {
ie->smk = pos + 2 + RSN_SELECTOR_LEN;
ie->smk_len = pos[1] - RSN_SELECTOR_LEN;
return 0;
}
if (pos[1] > RSN_SELECTOR_LEN + 2 &&
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_NONCE) {
ie->nonce = pos + 2 + RSN_SELECTOR_LEN;
ie->nonce_len = pos[1] - RSN_SELECTOR_LEN;
return 0;
}
if (pos[1] > RSN_SELECTOR_LEN + 2 &&
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_LIFETIME) {
ie->lifetime = pos + 2 + RSN_SELECTOR_LEN;
ie->lifetime_len = pos[1] - RSN_SELECTOR_LEN;
return 0;
}
if (pos[1] > RSN_SELECTOR_LEN + 2 &&
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_ERROR) {
ie->error = pos + 2 + RSN_SELECTOR_LEN;
ie->error_len = pos[1] - RSN_SELECTOR_LEN;
return 0;
}
#endif /* CONFIG_PEERKEY */
#ifdef CONFIG_IEEE80211W
if (pos[1] > RSN_SELECTOR_LEN + 2 &&
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_IGTK) {
ie->igtk = pos + 2 + RSN_SELECTOR_LEN;
ie->igtk_len = pos[1] - RSN_SELECTOR_LEN;
return 0;
}
#endif /* CONFIG_IEEE80211W */
return 0;
}
/**
* wpa_parse_kde_ies - Parse EAPOL-Key Key Data IEs
* @buf: Pointer to the Key Data buffer
* @len: Key Data Length
* @ie: Pointer to parsed IE data
* Returns: 0 on success, -1 on failure
*/
int wpa_parse_kde_ies(const u8 *buf, size_t len, struct wpa_eapol_ie_parse *ie)
{
const u8 *pos, *end;
int ret = 0;
memset(ie, 0, sizeof(*ie));
for (pos = buf, end = pos + len; pos + 1 < end; pos += 2 + pos[1]) {
if (pos[0] == 0xdd &&
((pos == buf + len - 1) || pos[1] == 0)) {
/* Ignore padding */
break;
}
if (pos + 2 + pos[1] > end) {
wpa_printf( MSG_DEBUG, "WPA: EAPOL-Key Key Data "
"underflow (ie=%d len=%d pos=%d)",
pos[0], pos[1], (int) (pos - buf));
wpa_hexdump_key(MSG_DEBUG, "WPA: Key Data",
buf, len);
ret = -1;
break;
}
if (*pos == WLAN_EID_RSN) {
ie->rsn_ie = pos;
ie->rsn_ie_len = pos[1] + 2;
#ifdef CONFIG_IEEE80211R
} else if (*pos == WLAN_EID_MOBILITY_DOMAIN) {
ie->mdie = pos;
ie->mdie_len = pos[1] + 2;
} else if (*pos == WLAN_EID_FAST_BSS_TRANSITION) {
ie->ftie = pos;
ie->ftie_len = pos[1] + 2;
#endif /* CONFIG_IEEE80211R */
} else if (*pos == WLAN_EID_VENDOR_SPECIFIC) {
ret = wpa_parse_generic(pos, end, ie);
if (ret < 0)
break;
if (ret > 0) {
ret = 0;
break;
}
} else {
wpa_hexdump(MSG_DEBUG, "WPA: Unrecognized EAPOL-Key "
"Key Data IE", pos, 2 + pos[1]);
}
}
return ret;
}
int wpa_auth_uses_mfp(struct wpa_state_machine *sm)
{
return sm ? sm->mgmt_frame_prot : 0;
}

0
components/wpa_supplicant/include/wpa/wpa_auth_ie.h → components/wpa_supplicant/src/ap/wpa_auth_ie.h
View File

56
components/wpa_supplicant/include/wpa/defs.h → components/wpa_supplicant/src/common/defs.h
View File

@@ -23,56 +23,12 @@
#endif
typedef enum { FALSE = 0, TRUE = 1 } Boolean;
/*
#define WPA_CIPHER_NONE BIT(0)
#define WPA_CIPHER_WEP40 BIT(1)
#define WPA_CIPHER_WEP104 BIT(2)
#define WPA_CIPHER_TKIP BIT(3)
#define WPA_CIPHER_CCMP BIT(4)
#ifdef CONFIG_IEEE80211W
#define WPA_CIPHER_AES_128_CMAC BIT(5)
#endif
*/
/*
* NB: these values are ordered carefully; there are lots of
* of implications in any reordering. Beware that 4 is used
* only to indicate h/w TKIP MIC support in driver capabilities;
* there is no separate cipher support (it's rolled into the
* TKIP cipher support).
*/
#define IEEE80211_CIPHER_NONE 0 /* pseudo value */
#define IEEE80211_CIPHER_TKIP 1
#define IEEE80211_CIPHER_AES_OCB 2
#define IEEE80211_CIPHER_AES_CCM 3
#define IEEE80211_CIPHER_TKIPMIC 4 /* TKIP MIC capability */
#define IEEE80211_CIPHER_CKIP 5
#define IEEE80211_CIPHER_WEP 6
#define IEEE80211_CIPHER_WEP40 7
#define IEEE80211_CIPHER_WEP104 8
#define IEEE80211_CIPHER_MAX (IEEE80211_CIPHER_NONE+2)
/* capability bits in ic_cryptocaps/iv_cryptocaps */
#define IEEE80211_CRYPTO_NONE (1<<IEEE80211_CIPHER_NONE)
#define IEEE80211_CRYPTO_WEP (1<<IEEE80211_CIPHER_WEP)
#define IEEE80211_CRYPTO_WEP40 (1<<IEEE80211_CIPHER_WEP40)
#define IEEE80211_CRYPTO_WEP104 (1<<IEEE80211_CIPHER_WEP104)
#define IEEE80211_CRYPTO_TKIP (1<<IEEE80211_CIPHER_TKIP)
#define IEEE80211_CRYPTO_AES_OCB (1<<IEEE80211_CIPHER_AES_OCB)
#define IEEE80211_CRYPTO_AES_CCM (1<<IEEE80211_CIPHER_AES_CCM)
#define IEEE80211_CRYPTO_TKIPMIC (1<<IEEE80211_CIPHER_TKIPMIC)
#define IEEE80211_CRYPTO_CKIP (1<<IEEE80211_CIPHER_CKIP)
#define WPA_CIPHER_NONE IEEE80211_CRYPTO_NONE
#define WPA_CIPHER_WEP40 IEEE80211_CRYPTO_WEP40
#define WPA_CIPHER_WEP104 IEEE80211_CRYPTO_WEP104
#define WPA_CIPHER_TKIP IEEE80211_CRYPTO_TKIP
#define WPA_CIPHER_CCMP IEEE80211_CRYPTO_AES_CCM
#ifdef CONFIG_IEEE80211W
#define WPA_CIPHER_AES_128_CMAC IEEE80211_CRYPTO_AES_OCB
#endif /* CONFIG_IEEE80211W */
#define WPA_CIPHER_WEP40 BIT(7)
#define WPA_CIPHER_WEP104 BIT(8)
#define WPA_CIPHER_TKIP BIT(1)
#define WPA_CIPHER_CCMP BIT(3)
#define WPA_CIPHER_AES_128_CMAC BIT(2)
#define WPA_CIPHER_GCMP BIT(6)
#define WPA_KEY_MGMT_IEEE8021X BIT(0)
@@ -124,7 +80,7 @@ static inline int wpa_key_mgmt_sha256(int akm)
#define WPA_AUTH_ALG_FT BIT(3)
enum ieee80211_key_alg {
enum wifi_key_alg {
ALG_WEP,
ALG_TKIP,
ALG_CCMP,

0
components/wpa_supplicant/include/wpa/eapol_common.h → components/wpa_supplicant/src/common/eapol_common.h
View File

0
components/wpa_supplicant/include/wpa/ieee802_11_defs.h → components/wpa_supplicant/src/common/ieee802_11_defs.h
View File

668
components/wpa_supplicant/src/common/wpa_common.c Normal file
View File

@@ -0,0 +1,668 @@
/*
* WPA/RSN - Shared functions for supplicant and authenticator
* Copyright (c) 2002-2008, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*
* Alternatively, this software may be distributed under the terms of BSD
* license.
*
* See README and COPYING for more details.
*/
#ifdef ESP_SUPPLICANT
#include "utils/includes.h"
#include "utils/common.h"
#include "common/defs.h"
#include "common/ieee802_11_defs.h"
#include "common/wpa_common.h"
#include "rsn_supp/wpa.h"
#include "crypto/sha1.h"
#include "crypto/sha256.h"
#include "crypto/md5.h"
#define MD5_MAC_LEN 16
#ifndef CONFIG_NO_WPA2
static int rsn_selector_to_bitfield(const u8 *s)
{
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_NONE)
return WPA_CIPHER_NONE;
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_WEP40)
return WPA_CIPHER_WEP40;
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_TKIP)
return WPA_CIPHER_TKIP;
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_CCMP)
return WPA_CIPHER_CCMP;
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_WEP104)
return WPA_CIPHER_WEP104;
#ifdef CONFIG_IEEE80211W
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_AES_128_CMAC)
return WPA_CIPHER_AES_128_CMAC;
#endif /* CONFIG_IEEE80211W */
return 0;
}
static int rsn_key_mgmt_to_bitfield(const u8 *s)
{
if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_UNSPEC_802_1X)
return WPA_KEY_MGMT_IEEE8021X;
if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X)
return WPA_KEY_MGMT_PSK;
#ifdef CONFIG_IEEE80211R
if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_FT_802_1X)
return WPA_KEY_MGMT_FT_IEEE8021X;
if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_FT_PSK)
return WPA_KEY_MGMT_FT_PSK;
#endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_802_1X_SHA256)
return WPA_KEY_MGMT_IEEE8021X_SHA256;
if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_PSK_SHA256)
return WPA_KEY_MGMT_PSK_SHA256;
#endif /* CONFIG_IEEE80211W */
return 0;
}
static int wpa_selector_to_bitfield(const u8 *s)
{
if (RSN_SELECTOR_GET(s) == WPA_CIPHER_SUITE_NONE)
return WPA_CIPHER_NONE;
if (RSN_SELECTOR_GET(s) == WPA_CIPHER_SUITE_WEP40)
return WPA_CIPHER_WEP40;
if (RSN_SELECTOR_GET(s) == WPA_CIPHER_SUITE_TKIP)
return WPA_CIPHER_TKIP;
if (RSN_SELECTOR_GET(s) == WPA_CIPHER_SUITE_CCMP)
return WPA_CIPHER_CCMP;
if (RSN_SELECTOR_GET(s) == WPA_CIPHER_SUITE_WEP104)
return WPA_CIPHER_WEP104;
return 0;
}
static int wpa_key_mgmt_to_bitfield(const u8 *s)
{
if (RSN_SELECTOR_GET(s) == WPA_AUTH_KEY_MGMT_UNSPEC_802_1X)
return WPA_KEY_MGMT_IEEE8021X;
if (RSN_SELECTOR_GET(s) == WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X)
return WPA_KEY_MGMT_PSK;
if (RSN_SELECTOR_GET(s) == WPA_AUTH_KEY_MGMT_NONE)
return WPA_KEY_MGMT_WPA_NONE;
return 0;
}
#endif /* CONFIG_NO_WPA2 */
/**
* wpa_parse_wpa_ie_rsn - Parse RSN IE
* @rsn_ie: Buffer containing RSN IE
* @rsn_ie_len: RSN IE buffer length (including IE number and length octets)
* @data: Pointer to structure that will be filled in with parsed data
* Returns: 0 on success, <0 on failure
*/
int wpa_parse_wpa_ie_rsn(const u8 *rsn_ie, size_t rsn_ie_len,
struct wpa_ie_data *data)
{
#ifndef CONFIG_NO_WPA2
const struct rsn_ie_hdr *hdr;
const u8 *pos;
int left;
int i, count;
memset(data, 0, sizeof(*data));
data->proto = WPA_PROTO_RSN;
data->pairwise_cipher = WPA_CIPHER_CCMP;
data->group_cipher = WPA_CIPHER_CCMP;
data->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
data->capabilities = 0;
data->pmkid = NULL;
data->num_pmkid = 0;
data->mgmt_group_cipher = 0;
if (rsn_ie_len == 0) {
/* No RSN IE - fail silently */
return -1;
}
if (rsn_ie_len < sizeof(struct rsn_ie_hdr)) {
#ifdef DEBUG_PRINT
wpa_printf(MSG_DEBUG, "%s: ie len too short %lu",
__func__, (unsigned long) rsn_ie_len);
#endif
return -1;
}
hdr = (const struct rsn_ie_hdr *) rsn_ie;
if (hdr->elem_id != WLAN_EID_RSN ||
hdr->len != rsn_ie_len - 2 ||
WPA_GET_LE16(hdr->version) != RSN_VERSION) {
#ifdef DEBUG_PRINT
wpa_printf(MSG_DEBUG, "%s: malformed ie or unknown version",
__func__);
#endif
return -2;
}
pos = (const u8 *) (hdr + 1);
left = rsn_ie_len - sizeof(*hdr);
if (left >= RSN_SELECTOR_LEN) {
data->group_cipher = rsn_selector_to_bitfield(pos);
pos += RSN_SELECTOR_LEN;
left -= RSN_SELECTOR_LEN;
} else if (left > 0) {
#ifdef DEBUG_PRINT
wpa_printf(MSG_DEBUG, "%s: ie length mismatch, %u too much",
__func__, left);
#endif
return -3;
}
if (left >= 2) {
data->pairwise_cipher = 0;
count = WPA_GET_LE16(pos);
pos += 2;
left -= 2;
if (count == 0 || left < count * RSN_SELECTOR_LEN) {
#ifdef DEBUG_PRINT
wpa_printf(MSG_DEBUG, "%s: ie count botch (pairwise), "
"count %u left %u", __func__, count, left);
#endif
return -4;
}
for (i = 0; i < count; i++) {
data->pairwise_cipher |= rsn_selector_to_bitfield(pos);
pos += RSN_SELECTOR_LEN;
left -= RSN_SELECTOR_LEN;
}
} else if (left == 1) {
#ifdef DEBUG_PRINT
wpa_printf(MSG_DEBUG, "%s: ie too short (for key mgmt)",
__func__);
#endif
return -5;
}
if (left >= 2) {
data->key_mgmt = 0;
count = WPA_GET_LE16(pos);
pos += 2;
left -= 2;
if (count == 0 || left < count * RSN_SELECTOR_LEN) {
#ifdef DEBUG_PRINT
wpa_printf(MSG_DEBUG, "%s: ie count botch (key mgmt), "
"count %u left %u", __func__, count, left);
#endif
return -6;
}
for (i = 0; i < count; i++) {
data->key_mgmt |= rsn_key_mgmt_to_bitfield(pos);
pos += RSN_SELECTOR_LEN;
left -= RSN_SELECTOR_LEN;
}
} else if (left == 1) {
#ifdef DEBUG_PRINT
wpa_printf(MSG_DEBUG, "%s: ie too short (for capabilities)",
__func__);
#endif
return -7;
}
if (left >= 2) {
data->capabilities = WPA_GET_LE16(pos);
pos += 2;
left -= 2;
}
if (left >= 2) {
data->num_pmkid = WPA_GET_LE16(pos);
pos += 2;
left -= 2;
if (left < (int) data->num_pmkid * PMKID_LEN) {
#ifdef DEBUG_PRINT
wpa_printf(MSG_DEBUG, "%s: PMKID underflow "
"(num_pmkid=%lu left=%d)",
__func__, (unsigned long) data->num_pmkid,
left);
#endif
data->num_pmkid = 0;
return -9;
} else {
data->pmkid = pos;
pos += data->num_pmkid * PMKID_LEN;
left -= data->num_pmkid * PMKID_LEN;
}
}
if (left > 0) {
#ifdef DEBUG_PRINT
wpa_printf(MSG_DEBUG, "%s: ie has %u trailing bytes - ignored",
__func__, left);
#endif
}
return 0;
#else /* CONFIG_NO_WPA2 */
return -1;
#endif /* CONFIG_NO_WPA2 */
}
int wpa_parse_wpa_ie_wpa(const u8 *wpa_ie, size_t wpa_ie_len,
struct wpa_ie_data *data)
{
const struct wpa_ie_hdr *hdr;
const u8 *pos;
int left;
int i, count;
memset(data, 0, sizeof(*data));
data->proto = WPA_PROTO_WPA;
data->pairwise_cipher = WPA_CIPHER_TKIP;
data->group_cipher = WPA_CIPHER_TKIP;
data->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
data->capabilities = 0;
data->pmkid = NULL;
data->num_pmkid = 0;
data->mgmt_group_cipher = 0;
if (wpa_ie_len == 0) {
/* No WPA IE - fail silently */
return -1;
}
if (wpa_ie_len < sizeof(struct wpa_ie_hdr)) {
wpa_printf(MSG_DEBUG, "%s: ie len too short %lu",
__func__, (unsigned long) wpa_ie_len);
return -1;
}
hdr = (const struct wpa_ie_hdr *) wpa_ie;
if (hdr->elem_id != WLAN_EID_VENDOR_SPECIFIC ||
hdr->len != wpa_ie_len - 2 ||
RSN_SELECTOR_GET(hdr->oui) != WPA_OUI_TYPE ||
WPA_GET_LE16(hdr->version) != WPA_VERSION) {
wpa_printf(MSG_DEBUG, "%s: malformed ie or unknown version",
__func__);
return -2;
}
pos = (const u8 *) (hdr + 1);
left = wpa_ie_len - sizeof(*hdr);
if (left >= WPA_SELECTOR_LEN) {
data->group_cipher = wpa_selector_to_bitfield(pos);
pos += WPA_SELECTOR_LEN;
left -= WPA_SELECTOR_LEN;
} else if (left > 0) {
wpa_printf(MSG_DEBUG, "%s: ie length mismatch, %u too much",
__func__, left);
return -3;
}
if (left >= 2) {
data->pairwise_cipher = 0;
count = WPA_GET_LE16(pos);
pos += 2;
left -= 2;
if (count == 0 || left < count * WPA_SELECTOR_LEN) {
wpa_printf(MSG_DEBUG, "%s: ie count botch (pairwise), "
"count %u left %u", __func__, count, left);
return -4;
}
for (i = 0; i < count; i++) {
data->pairwise_cipher |= wpa_selector_to_bitfield(pos);
pos += WPA_SELECTOR_LEN;
left -= WPA_SELECTOR_LEN;
}
} else if (left == 1) {
wpa_printf(MSG_DEBUG, "%s: ie too short (for key mgmt)",
__func__);
return -5;
}
if (left >= 2) {
data->key_mgmt = 0;
count = WPA_GET_LE16(pos);
pos += 2;
left -= 2;
if (count == 0 || left < count * WPA_SELECTOR_LEN) {
wpa_printf(MSG_DEBUG, "%s: ie count botch (key mgmt), "
"count %u left %u", __func__, count, left);
return -6;
}
for (i = 0; i < count; i++) {
data->key_mgmt |= wpa_key_mgmt_to_bitfield(pos);
pos += WPA_SELECTOR_LEN;
left -= WPA_SELECTOR_LEN;
}
} else if (left == 1) {
wpa_printf(MSG_DEBUG, "%s: ie too short (for capabilities)",
__func__);
return -7;
}
if (left >= 2) {
data->capabilities = WPA_GET_LE16(pos);
pos += 2;
left -= 2;
}
if (left > 0) {
wpa_printf(MSG_DEBUG, "%s: ie has %u trailing bytes - ignored",
__func__, left);
}
return 0;
}
/**
* wpa_eapol_key_mic - Calculate EAPOL-Key MIC
* @key: EAPOL-Key Key Confirmation Key (KCK)
* @ver: Key descriptor version (WPA_KEY_INFO_TYPE_*)
* @buf: Pointer to the beginning of the EAPOL header (version field)
* @len: Length of the EAPOL frame (from EAPOL header to the end of the frame)
* @mic: Pointer to the buffer to which the EAPOL-Key MIC is written
* Returns: 0 on success, -1 on failure
*
* Calculate EAPOL-Key MIC for an EAPOL-Key packet. The EAPOL-Key MIC field has
* to be cleared (all zeroes) when calling this function.
*
* Note: 'IEEE Std 802.11i-2004 - 8.5.2 EAPOL-Key frames' has an error in the
* description of the Key MIC calculation. It includes packet data from the
* beginning of the EAPOL-Key header, not EAPOL header. This incorrect change
* happened during final editing of the standard and the correct behavior is
* defined in the last draft (IEEE 802.11i/D10).
*/
int wpa_eapol_key_mic(const u8 *key, int ver, const u8 *buf, size_t len,
u8 *mic)
{
u8 hash[SHA1_MAC_LEN];
switch (ver) {
case WPA_KEY_INFO_TYPE_HMAC_MD5_RC4:
return hmac_md5(key, 16, buf, len, mic);
case WPA_KEY_INFO_TYPE_HMAC_SHA1_AES:
if (hmac_sha1(key, 16, buf, len, hash))
return -1;
memcpy(mic, hash, MD5_MAC_LEN);
break;
default:
return -1;
}
return 0;
}
int wpa_compare_rsn_ie(int ft_initial_assoc,
const u8 *ie1, size_t ie1len,
const u8 *ie2, size_t ie2len)
{
if (ie1 == NULL || ie2 == NULL)
return -1;
if (ie1len == ie2len && memcmp(ie1, ie2, ie1len) == 0)
return 0; /* identical IEs */
#ifdef CONFIG_IEEE80211R
if (ft_initial_assoc) {
struct wpa_ie_data ie1d, ie2d;
/*
* The PMKID-List in RSN IE is different between Beacon/Probe
* Response/(Re)Association Request frames and EAPOL-Key
* messages in FT initial mobility domain association. Allow
* for this, but verify that other parts of the RSN IEs are
* identical.
*/
if (wpa_parse_wpa_ie_rsn(ie1, ie1len, &ie1d) < 0 ||
wpa_parse_wpa_ie_rsn(ie2, ie2len, &ie2d) < 0)
return -1;
if (ie1d.proto == ie2d.proto &&
ie1d.pairwise_cipher == ie2d.pairwise_cipher &&
ie1d.group_cipher == ie2d.group_cipher &&
ie1d.key_mgmt == ie2d.key_mgmt &&
ie1d.capabilities == ie2d.capabilities &&
ie1d.mgmt_group_cipher == ie2d.mgmt_group_cipher)
return 0;
}
#endif /* CONFIG_IEEE80211R */
return -1;
}
#ifdef DEBUG_PRINT
/**
* wpa_cipher_txt - Convert cipher suite to a text string
* @cipher: Cipher suite (WPA_CIPHER_* enum)
* Returns: Pointer to a text string of the cipher suite name
*/
const char * wpa_cipher_txt(int cipher)
{
switch (cipher) {
case WPA_CIPHER_NONE:
return "NONE";
case WPA_CIPHER_WEP40:
return "WEP-40";
case WPA_CIPHER_WEP104:
return "WEP-104";
case WPA_CIPHER_TKIP:
return "TKIP";
case WPA_CIPHER_CCMP:
return "CCMP";
case WPA_CIPHER_CCMP | WPA_CIPHER_TKIP:
return "CCMP+TKIP";
default:
return "UNKNOWN";
}
}
#endif
/**
* wpa_pmk_to_ptk - Calculate PTK from PMK, addresses, and nonces
* @pmk: Pairwise master key
* @pmk_len: Length of PMK
* @label: Label to use in derivation
* @addr1: AA or SA
* @addr2: SA or AA
* @nonce1: ANonce or SNonce
* @nonce2: SNonce or ANonce
* @ptk: Buffer for pairwise transient key
* @ptk_len: Length of PTK
* @use_sha256: Whether to use SHA256-based KDF
*
* IEEE Std 802.11i-2004 - 8.5.1.2 Pairwise key hierarchy
* PTK = PRF-X(PMK, "Pairwise key expansion",
* Min(AA, SA) || Max(AA, SA) ||
* Min(ANonce, SNonce) || Max(ANonce, SNonce))
*
* STK = PRF-X(SMK, "Peer key expansion",
* Min(MAC_I, MAC_P) || Max(MAC_I, MAC_P) ||
* Min(INonce, PNonce) || Max(INonce, PNonce))
*/
void wpa_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const char *label,
const u8 *addr1, const u8 *addr2,
const u8 *nonce1, const u8 *nonce2,
u8 *ptk, size_t ptk_len, int use_sha256)
{
u8 data[2 * ETH_ALEN + 2 * WPA_NONCE_LEN];
if (memcmp(addr1, addr2, ETH_ALEN) < 0) {
memcpy(data, addr1, ETH_ALEN);
memcpy(data + ETH_ALEN, addr2, ETH_ALEN);
} else {
memcpy(data, addr2, ETH_ALEN);
memcpy(data + ETH_ALEN, addr1, ETH_ALEN);
}
if (memcmp(nonce1, nonce2, WPA_NONCE_LEN) < 0) {
memcpy(data + 2 * ETH_ALEN, nonce1, WPA_NONCE_LEN);
memcpy(data + 2 * ETH_ALEN + WPA_NONCE_LEN, nonce2,
WPA_NONCE_LEN);
} else {
memcpy(data + 2 * ETH_ALEN, nonce2, WPA_NONCE_LEN);
memcpy(data + 2 * ETH_ALEN + WPA_NONCE_LEN, nonce1,
WPA_NONCE_LEN);
}
#ifdef CONFIG_IEEE80211W
if (use_sha256) {
fast_sha256_prf(pmk, pmk_len, label, data, sizeof(data),
ptk, ptk_len);
}
else
#endif /* CONFIG_IEEE80211W */
{
sha1_prf(pmk, pmk_len, label, data, sizeof(data), ptk, ptk_len);
}
wpa_printf(MSG_DEBUG, "WPA: PTK derivation - A1=" MACSTR " A2=" MACSTR"\n",
MAC2STR(addr1), MAC2STR(addr2));
wpa_hexdump(MSG_MSGDUMP, "WPA: PMK", pmk, pmk_len);
wpa_hexdump(MSG_MSGDUMP, "WPA: PTK", ptk, ptk_len);
}
/**
* rsn_pmkid - Calculate PMK identifier
* @pmk: Pairwise master key
* @pmk_len: Length of pmk in bytes
* @aa: Authenticator address
* @spa: Supplicant address
* @pmkid: Buffer for PMKID
* @use_sha256: Whether to use SHA256-based KDF
*
* IEEE Std 802.11i-2004 - 8.5.1.2 Pairwise key hierarchy
* PMKID = HMAC-SHA1-128(PMK, "PMK Name" || AA || SPA)
*/
void rsn_pmkid(const u8 *pmk, size_t pmk_len, const u8 *aa, const u8 *spa,
u8 *pmkid, int use_sha256)
{
char title[9];
const u8 *addr[3];
const size_t len[3] = { 8, ETH_ALEN, ETH_ALEN };
unsigned char hash[SHA256_MAC_LEN];
os_memcpy(title, "PMK Name", sizeof("PMK Name"));
addr[0] = (u8 *) title;
addr[1] = aa;
addr[2] = spa;
#ifdef CONFIG_IEEE80211W
if (use_sha256) {
fast_hmac_sha256_vector(pmk, pmk_len, 3, addr, len, hash);
}
else
#endif /* CONFIG_IEEE80211W */
hmac_sha1_vector(pmk, pmk_len, 3, addr, len, hash);
memcpy(pmkid, hash, PMKID_LEN);
}
int wpa_cipher_key_len(int cipher)
{
switch (cipher) {
case WPA_CIPHER_CCMP:
case WPA_CIPHER_GCMP:
return 16;
case WPA_CIPHER_TKIP:
return 32;
case WPA_CIPHER_WEP104:
return 13;
case WPA_CIPHER_WEP40:
return 5;
}
return 0;
}
int wpa_cipher_to_alg(int cipher)
{
switch (cipher) {
case WPA_CIPHER_CCMP:
return WPA_ALG_CCMP;
case WPA_CIPHER_GCMP:
return WPA_ALG_GCMP;
case WPA_CIPHER_TKIP:
return WPA_ALG_TKIP;
case WPA_CIPHER_WEP104:
case WPA_CIPHER_WEP40:
return WPA_ALG_WEP;
}
return WPA_ALG_NONE;
}
u32 wpa_cipher_to_suite(int proto, int cipher)
{
if (cipher & WPA_CIPHER_CCMP)
return (proto == WPA_PROTO_RSN ?
RSN_CIPHER_SUITE_CCMP : WPA_CIPHER_SUITE_CCMP);
if (cipher & WPA_CIPHER_GCMP)
return RSN_CIPHER_SUITE_GCMP;
if (cipher & WPA_CIPHER_TKIP)
return (proto == WPA_PROTO_RSN ?
RSN_CIPHER_SUITE_TKIP : WPA_CIPHER_SUITE_TKIP);
if (cipher & WPA_CIPHER_WEP104)
return (proto == WPA_PROTO_RSN ?
RSN_CIPHER_SUITE_WEP104 : WPA_CIPHER_SUITE_WEP104);
if (cipher & WPA_CIPHER_WEP40)
return (proto == WPA_PROTO_RSN ?
RSN_CIPHER_SUITE_WEP40 : WPA_CIPHER_SUITE_WEP40);
if (cipher & WPA_CIPHER_NONE)
return (proto == WPA_PROTO_RSN ?
RSN_CIPHER_SUITE_NONE : WPA_CIPHER_SUITE_NONE);
return 0;
}
int rsn_cipher_put_suites(u8 *pos, int ciphers)
{
int num_suites = 0;
if (ciphers & WPA_CIPHER_CCMP) {
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_CCMP);
pos += RSN_SELECTOR_LEN;
num_suites++;
}
if (ciphers & WPA_CIPHER_GCMP) {
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_GCMP);
pos += RSN_SELECTOR_LEN;
num_suites++;
}
if (ciphers & WPA_CIPHER_TKIP) {
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_TKIP);
pos += RSN_SELECTOR_LEN;
num_suites++;
}
if (ciphers & WPA_CIPHER_NONE) {
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_NONE);
pos += RSN_SELECTOR_LEN;
num_suites++;
}
return num_suites;
}
int wpa_cipher_put_suites(u8 *pos, int ciphers)
{
int num_suites = 0;
if (ciphers & WPA_CIPHER_CCMP) {
RSN_SELECTOR_PUT(pos, WPA_CIPHER_SUITE_CCMP);
pos += WPA_SELECTOR_LEN;
num_suites++;
}
if (ciphers & WPA_CIPHER_TKIP) {
RSN_SELECTOR_PUT(pos, WPA_CIPHER_SUITE_TKIP);
pos += WPA_SELECTOR_LEN;
num_suites++;
}
if (ciphers & WPA_CIPHER_NONE) {
RSN_SELECTOR_PUT(pos, WPA_CIPHER_SUITE_NONE);
pos += WPA_SELECTOR_LEN;
num_suites++;
}
return num_suites;
}
#endif // ESP_SUPPLICANT

22
components/wpa_supplicant/include/wpa/wpa_common.h → components/wpa_supplicant/src/common/wpa_common.h
View File

@@ -42,9 +42,6 @@
#define WPA_CIPHER_SUITE_NONE RSN_SELECTOR(0x00, 0x50, 0xf2, 0)
#define WPA_CIPHER_SUITE_WEP40 RSN_SELECTOR(0x00, 0x50, 0xf2, 1)
#define WPA_CIPHER_SUITE_TKIP RSN_SELECTOR(0x00, 0x50, 0xf2, 2)
#if 0
#define WPA_CIPHER_SUITE_WRAP RSN_SELECTOR(0x00, 0x50, 0xf2, 3)
#endif
#define WPA_CIPHER_SUITE_CCMP RSN_SELECTOR(0x00, 0x50, 0xf2, 4)
#define WPA_CIPHER_SUITE_WEP104 RSN_SELECTOR(0x00, 0x50, 0xf2, 5)
@@ -61,9 +58,6 @@
#define RSN_CIPHER_SUITE_NONE RSN_SELECTOR(0x00, 0x0f, 0xac, 0)
#define RSN_CIPHER_SUITE_WEP40 RSN_SELECTOR(0x00, 0x0f, 0xac, 1)
#define RSN_CIPHER_SUITE_TKIP RSN_SELECTOR(0x00, 0x0f, 0xac, 2)
#if 0
#define RSN_CIPHER_SUITE_WRAP RSN_SELECTOR(0x00, 0x0f, 0xac, 3)
#endif
#define RSN_CIPHER_SUITE_CCMP RSN_SELECTOR(0x00, 0x0f, 0xac, 4)
#define RSN_CIPHER_SUITE_WEP104 RSN_SELECTOR(0x00, 0x0f, 0xac, 5)
#ifdef CONFIG_IEEE80211W
@@ -76,9 +70,6 @@
* GroupKey and PeerKey require encryption, otherwise, encryption is optional.
*/
#define RSN_KEY_DATA_GROUPKEY RSN_SELECTOR(0x00, 0x0f, 0xac, 1)
#if 0
#define RSN_KEY_DATA_STAKEY RSN_SELECTOR(0x00, 0x0f, 0xac, 2)
#endif
#define RSN_KEY_DATA_MAC_ADDR RSN_SELECTOR(0x00, 0x0f, 0xac, 3)
#define RSN_KEY_DATA_PMKID RSN_SELECTOR(0x00, 0x0f, 0xac, 4)
#ifdef CONFIG_PEERKEY
@@ -329,4 +320,17 @@ void wpa_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const char *label,
void rsn_pmkid(const u8 *pmk, size_t pmk_len, const u8 *aa, const u8 *spa,
u8 *pmkid, int use_sha256);
int wpa_cipher_key_len(int cipher);
int wpa_cipher_to_alg(int cipher);
u32 wpa_cipher_to_suite(int proto, int cipher);
int wpa_cipher_put_suites(u8 *pos, int ciphers);
int wpa_parse_wpa_ie_wpa(const u8 *wpa_ie, size_t wpa_ie_len,
struct wpa_ie_data *data);
int rsn_cipher_put_suites(u8 *pos, int ciphers);
#endif /* WPA_COMMON_H */

196
components/wpa_supplicant/src/common/wpa_ctrl.h Normal file
View File

@@ -0,0 +1,196 @@
/*
* wpa_supplicant/hostapd control interface library
* Copyright (c) 2004-2006, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#ifndef WPA_CTRL_H
#define WPA_CTRL_H
#ifdef __cplusplus
extern "C" {
#endif
/* wpa_supplicant control interface - fixed message prefixes */
/** Interactive request for identity/password/pin */
#define WPA_CTRL_REQ "CTRL-REQ-"
/** Response to identity/password/pin request */
#define WPA_CTRL_RSP "CTRL-RSP-"
/* Event messages with fixed prefix */
/** Authentication completed successfully and data connection enabled */
#define WPA_EVENT_CONNECTED "CTRL-EVENT-CONNECTED "
/** Disconnected, data connection is not available */
#define WPA_EVENT_DISCONNECTED "CTRL-EVENT-DISCONNECTED "
/** Association rejected during connection attempt */
#define WPA_EVENT_ASSOC_REJECT "CTRL-EVENT-ASSOC-REJECT "
/** wpa_supplicant is exiting */
#define WPA_EVENT_TERMINATING "CTRL-EVENT-TERMINATING "
/** Password change was completed successfully */
#define WPA_EVENT_PASSWORD_CHANGED "CTRL-EVENT-PASSWORD-CHANGED "
/** EAP-Request/Notification received */
#define WPA_EVENT_EAP_NOTIFICATION "CTRL-EVENT-EAP-NOTIFICATION "
/** EAP authentication started (EAP-Request/Identity received) */
#define WPA_EVENT_EAP_STARTED "CTRL-EVENT-EAP-STARTED "
/** EAP method proposed by the server */
#define WPA_EVENT_EAP_PROPOSED_METHOD "CTRL-EVENT-EAP-PROPOSED-METHOD "
/** EAP method selected */
#define WPA_EVENT_EAP_METHOD "CTRL-EVENT-EAP-METHOD "
/** EAP peer certificate from TLS */
#define WPA_EVENT_EAP_PEER_CERT "CTRL-EVENT-EAP-PEER-CERT "
/** EAP TLS certificate chain validation error */
#define WPA_EVENT_EAP_TLS_CERT_ERROR "CTRL-EVENT-EAP-TLS-CERT-ERROR "
/** EAP status */
#define WPA_EVENT_EAP_STATUS "CTRL-EVENT-EAP-STATUS "
/** EAP authentication completed successfully */
#define WPA_EVENT_EAP_SUCCESS "CTRL-EVENT-EAP-SUCCESS "
/** EAP authentication failed (EAP-Failure received) */
#define WPA_EVENT_EAP_FAILURE "CTRL-EVENT-EAP-FAILURE "
/** Network block temporarily disabled (e.g., due to authentication failure) */
#define WPA_EVENT_TEMP_DISABLED "CTRL-EVENT-SSID-TEMP-DISABLED "
/** Temporarily disabled network block re-enabled */
#define WPA_EVENT_REENABLED "CTRL-EVENT-SSID-REENABLED "
/** New scan results available */
#define WPA_EVENT_SCAN_RESULTS "CTRL-EVENT-SCAN-RESULTS "
/** wpa_supplicant state change */
#define WPA_EVENT_STATE_CHANGE "CTRL-EVENT-STATE-CHANGE "
/** A new BSS entry was added (followed by BSS entry id and BSSID) */
#define WPA_EVENT_BSS_ADDED "CTRL-EVENT-BSS-ADDED "
/** A BSS entry was removed (followed by BSS entry id and BSSID) */
#define WPA_EVENT_BSS_REMOVED "CTRL-EVENT-BSS-REMOVED "
#ifdef ANDROID_P2P
/** Notify the Userspace about the freq conflict */
#define WPA_EVENT_FREQ_CONFLICT "CTRL-EVENT-FREQ-CONFLICT "
#endif
/** RSN IBSS 4-way handshakes completed with specified peer */
#define IBSS_RSN_COMPLETED "IBSS-RSN-COMPLETED "
/** WPS overlap detected in PBC mode */
#define WPS_EVENT_OVERLAP "WPS-OVERLAP-DETECTED "
/** Available WPS AP with active PBC found in scan results */
#define WPS_EVENT_AP_AVAILABLE_PBC "WPS-AP-AVAILABLE-PBC "
/** Available WPS AP with our address as authorized in scan results */
#define WPS_EVENT_AP_AVAILABLE_AUTH "WPS-AP-AVAILABLE-AUTH "
/** Available WPS AP with recently selected PIN registrar found in scan results
*/
#define WPS_EVENT_AP_AVAILABLE_PIN "WPS-AP-AVAILABLE-PIN "
/** Available WPS AP found in scan results */
#define WPS_EVENT_AP_AVAILABLE "WPS-AP-AVAILABLE "
/** A new credential received */
#define WPS_EVENT_CRED_RECEIVED "WPS-CRED-RECEIVED "
/** M2D received */
#define WPS_EVENT_M2D "WPS-M2D "
/** WPS registration failed after M2/M2D */
#define WPS_EVENT_FAIL "WPS-FAIL "
/** WPS registration completed successfully */
#define WPS_EVENT_SUCCESS "WPS-SUCCESS "
/** WPS enrollment attempt timed out and was terminated */
#define WPS_EVENT_TIMEOUT "WPS-TIMEOUT "
/* PBC mode was activated */
#define WPS_EVENT_ACTIVE "WPS-PBC-ACTIVE "
/* PBC mode was disabled */
#define WPS_EVENT_DISABLE "WPS-PBC-DISABLE "
#define WPS_EVENT_ENROLLEE_SEEN "WPS-ENROLLEE-SEEN "
#define WPS_EVENT_OPEN_NETWORK "WPS-OPEN-NETWORK "
/* WPS ER events */
#define WPS_EVENT_ER_AP_ADD "WPS-ER-AP-ADD "
#define WPS_EVENT_ER_AP_REMOVE "WPS-ER-AP-REMOVE "
#define WPS_EVENT_ER_ENROLLEE_ADD "WPS-ER-ENROLLEE-ADD "
#define WPS_EVENT_ER_ENROLLEE_REMOVE "WPS-ER-ENROLLEE-REMOVE "
#define WPS_EVENT_ER_AP_SETTINGS "WPS-ER-AP-SETTINGS "
#define WPS_EVENT_ER_SET_SEL_REG "WPS-ER-AP-SET-SEL-REG "
/** P2P device found */
#define P2P_EVENT_DEVICE_FOUND "P2P-DEVICE-FOUND "
/** P2P device lost */
#define P2P_EVENT_DEVICE_LOST "P2P-DEVICE-LOST "
/** A P2P device requested GO negotiation, but we were not ready to start the
* negotiation */
#define P2P_EVENT_GO_NEG_REQUEST "P2P-GO-NEG-REQUEST "
#define P2P_EVENT_GO_NEG_SUCCESS "P2P-GO-NEG-SUCCESS "
#define P2P_EVENT_GO_NEG_FAILURE "P2P-GO-NEG-FAILURE "
#define P2P_EVENT_GROUP_FORMATION_SUCCESS "P2P-GROUP-FORMATION-SUCCESS "
#define P2P_EVENT_GROUP_FORMATION_FAILURE "P2P-GROUP-FORMATION-FAILURE "
#define P2P_EVENT_GROUP_STARTED "P2P-GROUP-STARTED "
#define P2P_EVENT_GROUP_REMOVED "P2P-GROUP-REMOVED "
#define P2P_EVENT_CROSS_CONNECT_ENABLE "P2P-CROSS-CONNECT-ENABLE "
#define P2P_EVENT_CROSS_CONNECT_DISABLE "P2P-CROSS-CONNECT-DISABLE "
/* parameters: <peer address> <PIN> */
#define P2P_EVENT_PROV_DISC_SHOW_PIN "P2P-PROV-DISC-SHOW-PIN "
/* parameters: <peer address> */
#define P2P_EVENT_PROV_DISC_ENTER_PIN "P2P-PROV-DISC-ENTER-PIN "
/* parameters: <peer address> */
#define P2P_EVENT_PROV_DISC_PBC_REQ "P2P-PROV-DISC-PBC-REQ "
/* parameters: <peer address> */
#define P2P_EVENT_PROV_DISC_PBC_RESP "P2P-PROV-DISC-PBC-RESP "
/* parameters: <peer address> <status> */
#define P2P_EVENT_PROV_DISC_FAILURE "P2P-PROV-DISC-FAILURE"
/* parameters: <freq> <src addr> <dialog token> <update indicator> <TLVs> */
#define P2P_EVENT_SERV_DISC_REQ "P2P-SERV-DISC-REQ "
/* parameters: <src addr> <update indicator> <TLVs> */
#define P2P_EVENT_SERV_DISC_RESP "P2P-SERV-DISC-RESP "
#define P2P_EVENT_INVITATION_RECEIVED "P2P-INVITATION-RECEIVED "
#define P2P_EVENT_INVITATION_RESULT "P2P-INVITATION-RESULT "
#define P2P_EVENT_FIND_STOPPED "P2P-FIND-STOPPED "
#define P2P_EVENT_PERSISTENT_PSK_FAIL "P2P-PERSISTENT-PSK-FAIL id="
/* parameters: <PMF enabled> <timeout in ms> <Session Information URL> */
#define ESS_DISASSOC_IMMINENT "ESS-DISASSOC-IMMINENT "
#define INTERWORKING_AP "INTERWORKING-AP "
#define INTERWORKING_NO_MATCH "INTERWORKING-NO-MATCH "
#define GAS_RESPONSE_INFO "GAS-RESPONSE-INFO "
/* hostapd control interface - fixed message prefixes */
#define WPS_EVENT_PIN_NEEDED "WPS-PIN-NEEDED "
#define WPS_EVENT_NEW_AP_SETTINGS "WPS-NEW-AP-SETTINGS "
#define WPS_EVENT_REG_SUCCESS "WPS-REG-SUCCESS "
#define WPS_EVENT_AP_SETUP_LOCKED "WPS-AP-SETUP-LOCKED "
#define WPS_EVENT_AP_SETUP_UNLOCKED "WPS-AP-SETUP-UNLOCKED "
#define WPS_EVENT_AP_PIN_ENABLED "WPS-AP-PIN-ENABLED "
#define WPS_EVENT_AP_PIN_DISABLED "WPS-AP-PIN-DISABLED "
#define AP_STA_CONNECTED "AP-STA-CONNECTED "
#define AP_STA_DISCONNECTED "AP-STA-DISCONNECTED "
#define AP_REJECTED_MAX_STA "AP-REJECTED-MAX-STA "
#define AP_REJECTED_BLOCKED_STA "AP-REJECTED-BLOCKED-STA "
/* BSS command information masks */
#define WPA_BSS_MASK_ALL 0xFFFDFFFF
#define WPA_BSS_MASK_ID BIT(0)
#define WPA_BSS_MASK_BSSID BIT(1)
#define WPA_BSS_MASK_FREQ BIT(2)
#define WPA_BSS_MASK_BEACON_INT BIT(3)
#define WPA_BSS_MASK_CAPABILITIES BIT(4)
#define WPA_BSS_MASK_QUAL BIT(5)
#define WPA_BSS_MASK_NOISE BIT(6)
#define WPA_BSS_MASK_LEVEL BIT(7)
#define WPA_BSS_MASK_TSF BIT(8)
#define WPA_BSS_MASK_AGE BIT(9)
#define WPA_BSS_MASK_IE BIT(10)
#define WPA_BSS_MASK_FLAGS BIT(11)
#define WPA_BSS_MASK_SSID BIT(12)
#define WPA_BSS_MASK_WPS_SCAN BIT(13)
#define WPA_BSS_MASK_P2P_SCAN BIT(14)
#define WPA_BSS_MASK_INTERNETW BIT(15)
#define WPA_BSS_MASK_WIFI_DISPLAY BIT(16)
#define WPA_BSS_MASK_DELIM BIT(17)
#ifdef __cplusplus
}
#endif
#endif /* WPA_CTRL_H */

4
components/wpa_supplicant/src/crypto/aes-cbc.c
View File

@@ -13,9 +13,9 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "utils/includes.h"
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/aes.h"
#include "crypto/aes_wrap.h"

4
components/wpa_supplicant/src/crypto/aes-internal-dec.c
View File

@@ -21,9 +21,9 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "utils/includes.h"
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/crypto.h"
#include "crypto/aes_i.h"

4
components/wpa_supplicant/src/crypto/aes-internal-enc.c
View File

@@ -21,8 +21,8 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "crypto/common.h"
#include "utils/includes.h"
#include "utils/common.h"
#include "crypto/crypto.h"
#include "crypto/aes_i.h"

5
components/wpa_supplicant/src/crypto/aes-internal.c
View File

@@ -21,10 +21,9 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "utils/includes.h"
//#include "wpa/common.h"
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/crypto.h"
#include "crypto/aes_i.h"

4
components/wpa_supplicant/src/crypto/aes-unwrap.c
View File

@@ -13,9 +13,9 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "utils/includes.h"
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/aes.h"
#include "crypto/aes_wrap.h"

4
components/wpa_supplicant/src/crypto/aes-wrap.c
View File

@@ -7,9 +7,9 @@
* See README for more details.
*/
#include "crypto/includes.h"
#include "utils/includes.h"
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/aes.h"
#include "crypto/aes_wrap.h"

2
components/wpa_supplicant/include/crypto/aes_i.h → components/wpa_supplicant/src/crypto/aes_i.h
View File

@@ -15,7 +15,7 @@
#ifndef AES_I_H
#define AES_I_H
#include "aes.h"
#include "crypto/aes.h"
/* #define FULL_UNROLL */
#define AES_SMALL_TABLES

8
components/wpa_supplicant/src/crypto/bignum.c
View File

@@ -12,10 +12,10 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "crypto/common.h"
#include "wpa/wpabuf.h"
#include "wpa/wpa_debug.h"
#include "utils/includes.h"
#include "utils/common.h"
#include "utils/wpabuf.h"
#include "utils/wpa_debug.h"
#include "bignum.h"
#define CONFIG_INTERNAL_LIBTOMMATH

10
components/wpa_supplicant/src/crypto/crypto_internal-cipher.c
View File

@@ -6,21 +6,13 @@
* See README for more details.
*/
//#include "wpa/includes.h"
//#include "wpa/common.h"
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/crypto.h"
#include "crypto/aes.h"
#if defined(CONFIG_DES) || defined(CONFIG_DES3)
#include "crypto/des_i.h"
#endif
#ifdef MEMLEAK_DEBUG
static const char mem_debug_file[] ICACHE_RODATA_ATTR = __FILE__;
#endif
struct crypto_cipher {
enum crypto_cipher_alg alg;
union {

4
components/wpa_supplicant/src/crypto/crypto_internal-modexp.c
View File

@@ -12,9 +12,9 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "utils/includes.h"
#include "crypto/common.h"
#include "utils/common.h"
#include "bignum.h"
#include "crypto/crypto.h"

14
components/wpa_supplicant/src/crypto/crypto_internal-rsa.c
View File

@@ -6,16 +6,16 @@
* See README for more details.
*/
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/crypto.h"
#include "wpa/includes.h"
#include "wpa/common.h"
#include "wpa/wpa_debug.h"
#include "utils/includes.h"
#include "utils/common.h"
#include "utils/wpa_debug.h"
#include "wpa2/tls/rsa.h"
#include "wpa2/tls/pkcs1.h"
#include "wpa2/tls/pkcs8.h"
#include "tls/rsa.h"
#include "tls/pkcs1.h"
#include "tls/pkcs8.h"
/* Dummy structures; these are just typecast to struct crypto_rsa_key */
struct crypto_public_key;

11
components/wpa_supplicant/src/crypto/crypto_internal.c
View File

@@ -6,19 +6,12 @@
* See README for more details.
*/
#include "crypto/includes.h"
#include "crypto/common.h"
//#include "wpa/common.h"
#include "utils/includes.h"
#include "utils/common.h"
#include "crypto/crypto.h"
//#include "crypto/sha256_i.h"
#include "crypto/sha1_i.h"
#include "crypto/md5_i.h"
#ifdef MEMLEAK_DEBUG
static const char mem_debug_file[] ICACHE_RODATA_ATTR = __FILE__;
#endif
struct crypto_hash {
enum crypto_hash_alg alg;
union {

4
components/wpa_supplicant/src/crypto/crypto_mbedtls.c
View File

@@ -17,8 +17,8 @@
#include "mbedtls/bignum.h"
#endif
#include "crypto/includes.h"
#include "crypto/common.h"
#include "utils/includes.h"
#include "utils/common.h"
#include "crypto/crypto.h"
#include "mbedtls/ecp.h"

4
components/wpa_supplicant/src/crypto/des-internal.c
View File

@@ -9,9 +9,9 @@
*/
#include "wpa/includes.h"
#include "utils/includes.h"
#include "wpa/common.h"
#include "utils/common.h"
#include "crypto/crypto.h"
//#include "des_i.h"

25
components/wpa_supplicant/src/crypto/des_i.h Normal file
View File

@@ -0,0 +1,25 @@
/*
* DES and 3DES-EDE ciphers
* Copyright (c) 2006-2009, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#ifndef DES_I_H
#define DES_I_H
struct des3_key_s {
u32 ek[3][32];
u32 dk[3][32];
};
void des_key_setup(const u8 *key, u32 *ek, u32 *dk);
void des_block_encrypt(const u8 *plain, const u32 *ek, u8 *crypt);
void des_block_decrypt(const u8 *crypt, const u32 *dk, u8 *plain);
void des3_key_setup(const u8 *key, struct des3_key_s *dkey);
void des3_encrypt(const u8 *plain, const struct des3_key_s *key, u8 *crypt);
void des3_decrypt(const u8 *crypt, const struct des3_key_s *key, u8 *plain);
#endif /* DES_I_H */

4
components/wpa_supplicant/src/crypto/dh_group5.c
View File

@@ -12,9 +12,9 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "utils/includes.h"
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/dh_groups.h"
#include "crypto/dh_group5.h"

26
components/wpa_supplicant/src/crypto/dh_groups.c
View File

@@ -12,18 +12,16 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "utils/includes.h"
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/crypto.h"
#include "crypto/random.h"
#include "crypto/dh_groups.h"
#include "wpa/wpabuf.h"
#include "wpa/wpa_debug.h"
#include "utils/wpabuf.h"
#include "utils/wpa_debug.h"
#include "esp_wifi_crypto_types.h"
extern wps_crypto_funcs_t wps_crypto_funcs;
#ifdef ALL_DH_GROUPS
/* RFC 4306, B.1. Group 1 - 768 Bit MODP
@@ -588,8 +586,7 @@ dh_init(const struct dh_group *dh, struct wpabuf **priv)
if (pv == NULL)
return NULL;
if (wps_crypto_funcs.crypto_mod_exp) {
if (wps_crypto_funcs.crypto_mod_exp(dh->generator, dh->generator_len,
if (fast_crypto_mod_exp(dh->generator, dh->generator_len,
wpabuf_head(*priv), wpabuf_len(*priv),
dh->prime, dh->prime_len, wpabuf_mhead(pv),
&pv_len)) {
@@ -597,11 +594,6 @@ dh_init(const struct dh_group *dh, struct wpabuf **priv)
wpa_printf(MSG_INFO, "DH: crypto_mod_exp failed");
return NULL;
}
} else {
wpabuf_free(pv);
wpa_printf(MSG_INFO, "DH: crypto_mod_exp failed");
return NULL;
}
wpabuf_put(pv, pv_len);
wpa_hexdump_buf(MSG_DEBUG, "DH: public value", pv);
@@ -632,8 +624,7 @@ dh_derive_shared(const struct wpabuf *peer_public,
if (shared == NULL)
return NULL;
if (wps_crypto_funcs.crypto_mod_exp) {
if (wps_crypto_funcs.crypto_mod_exp(wpabuf_head(peer_public), wpabuf_len(peer_public),
if (fast_crypto_mod_exp(wpabuf_head(peer_public), wpabuf_len(peer_public),
wpabuf_head(own_private), wpabuf_len(own_private),
dh->prime, dh->prime_len,
wpabuf_mhead(shared), &shared_len)) {
@@ -641,11 +632,6 @@ dh_derive_shared(const struct wpabuf *peer_public,
wpa_printf(MSG_INFO, "DH: crypto_mod_exp failed");
return NULL;
}
} else {
wpabuf_free(shared);
wpa_printf(MSG_INFO, "DH: crypto_mod_exp failed");
return NULL;
}
wpabuf_put(shared, shared_len);
wpa_hexdump_buf_key(MSG_DEBUG, "DH: shared key", shared);

4
components/wpa_supplicant/src/crypto/md4-internal.c
View File

@@ -4,8 +4,8 @@
* This software may be distributed under the terms of BSD license.
*/
#include "crypto/includes.h"
#include "crypto/common.h"
#include "utils/includes.h"
#include "utils/common.h"
#include "crypto/crypto.h"
#define MD4_BLOCK_LENGTH 64

4
components/wpa_supplicant/src/crypto/md5-internal.c
View File

@@ -12,9 +12,9 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "utils/includes.h"
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/md5.h"
#include "crypto/md5_i.h"
#include "crypto/crypto.h"

4
components/wpa_supplicant/src/crypto/md5.c
View File

@@ -12,9 +12,9 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "utils/includes.h"
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/md5.h"
#include "crypto/crypto.h"

0
components/wpa_supplicant/include/crypto/md5_i.h → components/wpa_supplicant/src/crypto/md5_i.h
View File

4
components/wpa_supplicant/src/crypto/ms_funcs.c
View File

@@ -7,9 +7,9 @@
*/
#include "wpa/includes.h"
#include "utils/includes.h"
#include "wpa/common.h"
#include "utils/common.h"
#include "crypto/sha1.h"
#include "crypto/ms_funcs.h"
#include "crypto/crypto.h"

4
components/wpa_supplicant/src/crypto/rc4.c
View File

@@ -12,9 +12,9 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "utils/includes.h"
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/crypto.h"
#define S_SWAP(a,b) do { u8 t = S[a]; S[a] = S[b]; S[b] = t; } while(0)

4
components/wpa_supplicant/src/crypto/sha1-internal.c
View File

@@ -12,9 +12,9 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "utils/includes.h"
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/sha1.h"
#include "crypto/sha1_i.h"
#include "crypto/md5.h"

4
components/wpa_supplicant/src/crypto/sha1-pbkdf2.c
View File

@@ -12,8 +12,8 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "crypto/common.h"
#include "utils/includes.h"
#include "utils/common.h"
#include "crypto/sha1.h"
#include "crypto/md5.h"
#include "crypto/crypto.h"

4
components/wpa_supplicant/src/crypto/sha1.c
View File

@@ -12,9 +12,9 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "utils/includes.h"
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/sha1.h"
#include "crypto/crypto.h"

0
components/wpa_supplicant/include/crypto/sha1_i.h → components/wpa_supplicant/src/crypto/sha1_i.h
View File

4
components/wpa_supplicant/src/crypto/sha256-internal.c
View File

@@ -12,9 +12,9 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "utils/includes.h"
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/sha256.h"
#include "crypto/crypto.h"

4
components/wpa_supplicant/src/crypto/sha256.c
View File

@@ -12,9 +12,9 @@
* See README and COPYING for more details.
*/
#include "crypto/includes.h"
#include "utils/includes.h"
#include "crypto/common.h"
#include "utils/common.h"
#include "crypto/sha256.h"
#include "crypto/crypto.h"

4
components/wpa_supplicant/src/wpa2/eap_peer/chap.c → components/wpa_supplicant/src/eap_peer/chap.c
View File

@@ -4,8 +4,8 @@
*/
#ifdef CHAP_MD5
#include "wpa/includes.h"
#include "wpa/common.h"
#include "utils/includes.h"
#include "utils/common.h"
#include "crypto/crypto.h"
#include "wpa2/eap_peer/chap.h"

219
components/wpa_supplicant/src/wpa2/eap_peer/eap.c → components/wpa_supplicant/src/eap_peer/eap.c
View File

@@ -18,34 +18,34 @@
#include "esp_err.h"
#include "wpa/includes.h"
#include "wpa/common.h"
#include "wpa/wpa_debug.h"
#include "wpa/eapol_common.h"
#include "wpa/ieee802_11_defs.h"
#include "wpa/state_machine.h"
#include "wpa/wpa.h"
#include "utils/includes.h"
#include "utils/common.h"
#include "utils/wpa_debug.h"
#include "common/eapol_common.h"
#include "common/ieee802_11_defs.h"
#include "utils/state_machine.h"
#include "rsn_supp/wpa.h"
#include "crypto/crypto.h"
#include "wpa2/utils/ext_password.h"
#include "wpa2/tls/tls.h"
#include "wpa2/eap_peer/eap_i.h"
#include "wpa2/eap_peer/eap_config.h"
#include "wpa2/eap_peer/eap.h"
#include "wpa2/eap_peer/eap_tls.h"
#include "utils/ext_password.h"
#include "tls/tls.h"
#include "eap_peer/eap_i.h"
#include "eap_peer/eap_config.h"
#include "eap_peer/eap.h"
#include "eap_peer/eap_tls.h"
#include "esp_supplicant/esp_wifi_driver.h"
#ifdef EAP_PEER_METHOD
#include "wpa2/eap_peer/eap_methods.h"
#include "eap_peer/eap_methods.h"
#endif
#include "supplicant_opt.h"
static bool gl_disable_time_check = true;
void eap_peer_config_deinit(struct eap_sm *sm);
void eap_peer_blob_deinit(struct eap_sm *sm);
void eap_deinit_prev_method(struct eap_sm *sm, const char *txt);
extern bool ieee80211_unregister_wpa2_cb(void);
#ifdef EAP_PEER_METHOD
static struct eap_method *eap_methods = NULL;
@@ -333,7 +333,7 @@ struct wpabuf * eap_sm_build_nak(struct eap_sm *sm, EapType type, u8 id)
#endif
int eap_peer_config_init(
struct eap_sm *sm, u8 *private_key_passwd,
struct eap_sm *sm, const u8 *private_key_passwd,
int private_key_passwd_len)
{
if (!sm)
@@ -478,8 +478,6 @@ void eap_sm_abort(struct eap_sm *sm)
{
wpabuf_free(sm->lastRespData);
sm->lastRespData = NULL;
//os_free(sm->eapKeyData);
//sm->eapKeyData = NULL;
}
/**
@@ -559,184 +557,3 @@ const struct wpa_config_blob * eap_get_config_blob(struct eap_sm *sm,
return NULL;
}
esp_err_t esp_wifi_sta_wpa2_ent_set_cert_key(const unsigned char *client_cert, int client_cert_len, const unsigned char *private_key, int private_key_len, const unsigned char *private_key_passwd, int private_key_passwd_len)
{
if (client_cert && client_cert_len > 0) {
g_wpa_client_cert = client_cert;
g_wpa_client_cert_len = client_cert_len;
}
if (private_key && private_key_len > 0) {
g_wpa_private_key = private_key;
g_wpa_private_key_len = private_key_len;
}
if (private_key_passwd && private_key_passwd_len > 0) {
g_wpa_private_key_passwd = private_key_passwd;
g_wpa_private_key_passwd_len = private_key_passwd_len;
}
return ESP_OK;
}
void esp_wifi_sta_wpa2_ent_clear_cert_key(void)
{
ieee80211_unregister_wpa2_cb();
g_wpa_client_cert = NULL;
g_wpa_client_cert_len = 0;
g_wpa_private_key = NULL;
g_wpa_private_key_len = 0;
g_wpa_private_key_passwd = NULL;
g_wpa_private_key_passwd_len = 0;
}
esp_err_t esp_wifi_sta_wpa2_ent_set_ca_cert(const unsigned char *ca_cert, int ca_cert_len)
{
if (ca_cert && ca_cert_len > 0) {
g_wpa_ca_cert = ca_cert;
g_wpa_ca_cert_len = ca_cert_len;
}
return ESP_OK;
}
void esp_wifi_sta_wpa2_ent_clear_ca_cert(void)
{
g_wpa_ca_cert = NULL;
g_wpa_ca_cert_len = 0;
}
#define ANONYMOUS_ID_LEN_MAX 128
esp_err_t esp_wifi_sta_wpa2_ent_set_identity(const unsigned char *identity, int len)
{
if (len <= 0 || len > ANONYMOUS_ID_LEN_MAX) {
return ESP_ERR_INVALID_ARG;
}
if (g_wpa_anonymous_identity) {
os_free(g_wpa_anonymous_identity);
g_wpa_anonymous_identity = NULL;
}
g_wpa_anonymous_identity = (u8 *)os_zalloc(len);
if (g_wpa_anonymous_identity == NULL) {
return ESP_ERR_NO_MEM;
}
os_memcpy(g_wpa_anonymous_identity, identity, len);
g_wpa_anonymous_identity_len = len;
return ESP_OK;
}
void esp_wifi_sta_wpa2_ent_clear_identity(void)
{
if (g_wpa_anonymous_identity)
os_free(g_wpa_anonymous_identity);
g_wpa_anonymous_identity = NULL;
g_wpa_anonymous_identity_len = 0;
}
#define USERNAME_LEN_MAX 128
esp_err_t esp_wifi_sta_wpa2_ent_set_username(const unsigned char *username, int len)
{
if (len <= 0 || len > USERNAME_LEN_MAX)
return ESP_ERR_INVALID_ARG;
if (g_wpa_username) {
os_free(g_wpa_username);
g_wpa_username = NULL;
}
g_wpa_username = (u8 *)os_zalloc(len);
if (g_wpa_username == NULL)
return ESP_ERR_NO_MEM;
os_memcpy(g_wpa_username, username, len);
g_wpa_username_len = len;
return ESP_OK;
}
void esp_wifi_sta_wpa2_ent_clear_username(void)
{
if (g_wpa_username)
os_free(g_wpa_username);
g_wpa_username = NULL;
g_wpa_username_len = 0;
}
esp_err_t esp_wifi_sta_wpa2_ent_set_password(const unsigned char *password, int len)
{
if (len <= 0)
return ESP_ERR_INVALID_ARG;
if (g_wpa_password) {
os_free(g_wpa_password);
g_wpa_password = NULL;
}
g_wpa_password = (u8 *)os_zalloc(len);
if (g_wpa_password == NULL)
return ESP_ERR_NO_MEM;
os_memcpy(g_wpa_password, password, len);
g_wpa_password_len = len;
return ESP_OK;
}
void esp_wifi_sta_wpa2_ent_clear_password(void)
{
if (g_wpa_password)
os_free(g_wpa_password);
g_wpa_password = NULL;
g_wpa_password_len = 0;
}
esp_err_t esp_wifi_sta_wpa2_ent_set_new_password(const unsigned char *new_password, int len)
{
if (len <= 0)
return ESP_ERR_INVALID_ARG;
if (g_wpa_new_password) {
os_free(g_wpa_new_password);
g_wpa_new_password = NULL;
}
g_wpa_new_password = (u8 *)os_zalloc(len);
if (g_wpa_new_password == NULL)
return ESP_ERR_NO_MEM;
os_memcpy(g_wpa_new_password, new_password, len);
g_wpa_password_len = len;
return ESP_OK;
}
void esp_wifi_sta_wpa2_ent_clear_new_password(void)
{
if (g_wpa_new_password)
os_free(g_wpa_new_password);
g_wpa_new_password = NULL;
g_wpa_new_password_len = 0;
}
esp_err_t esp_wifi_sta_wpa2_ent_set_disable_time_check(bool disable)
{
gl_disable_time_check = disable;
return ESP_OK;
}
bool wifi_sta_get_enterprise_disable_time_check(void)
{
return gl_disable_time_check;
}
esp_err_t esp_wifi_sta_wpa2_ent_get_disable_time_check(bool *disable)
{
*disable = wifi_sta_get_enterprise_disable_time_check();
return ESP_OK;
}

6
components/wpa_supplicant/include/wpa2/eap_peer/eap.h → components/wpa_supplicant/src/eap_peer/eap.h
View File

@@ -9,8 +9,8 @@
#ifndef EAP_H
#define EAP_H
#include "wpa/defs.h"
#include "wpa2/eap_peer/eap_defs.h"
#include "common/defs.h"
#include "eap_peer/eap_defs.h"
struct eap_sm;
@@ -45,7 +45,7 @@ struct wpabuf * eap_sm_build_nak(struct eap_sm *sm, EapType type, u8 id);
int eap_peer_blob_init(struct eap_sm *sm);
void eap_peer_blob_deinit(struct eap_sm *sm);
int eap_peer_config_init(
struct eap_sm *sm, u8 *private_key_passwd,
struct eap_sm *sm, const u8 *private_key_passwd,
int private_key_passwd_len);
void eap_peer_config_deinit(struct eap_sm *sm);
void eap_sm_abort(struct eap_sm *sm);

8
components/wpa_supplicant/src/wpa2/eap_peer/eap_common.c → components/wpa_supplicant/src/eap_peer/eap_common.c
View File

@@ -6,11 +6,11 @@
* See README for more details.
*/
#include "wpa/includes.h"
#include "utils/includes.h"
#include "wpa/common.h"
#include "wpa2/eap_peer/eap_defs.h"
#include "wpa2/eap_peer/eap_common.h"
#include "utils/common.h"
#include "eap_peer/eap_defs.h"
#include "eap_peer/eap_common.h"
/**
* eap_hdr_len_valid - Validate EAP header length field

2
components/wpa_supplicant/include/wpa2/eap_peer/eap_common.h → components/wpa_supplicant/src/eap_peer/eap_common.h
View File

@@ -9,7 +9,7 @@
#ifndef EAP_COMMON_H
#define EAP_COMMON_H
#include "wpa/wpabuf.h"
#include "utils/wpabuf.h"
int eap_hdr_len_valid(const struct wpabuf *msg, size_t min_payload);
const u8 * eap_hdr_validate(int vendor, EapType eap_type,

2
components/wpa_supplicant/include/wpa2/eap_peer/eap_config.h → components/wpa_supplicant/src/eap_peer/eap_config.h
View File

@@ -141,7 +141,7 @@ struct eap_peer_config {
*
* If left out, this will be asked through control interface.
*/
u8 *private_key_passwd;
const u8 *private_key_passwd;
/**
* Phase 2

0
components/wpa_supplicant/include/wpa2/eap_peer/eap_defs.h → components/wpa_supplicant/src/eap_peer/eap_defs.h
View File

7
components/wpa_supplicant/include/wpa2/eap_peer/eap_i.h → components/wpa_supplicant/src/eap_peer/eap_i.h
View File

@@ -9,7 +9,7 @@
#ifndef EAP_I_H
#define EAP_I_H
#include "wpa/wpabuf.h"
#include "utils/wpabuf.h"
#include "eap.h"
#include "eap_common.h"
#include "eap_config.h"
@@ -134,7 +134,10 @@ struct eap_sm {
const struct eap_method *m;
};
wpa2_crypto_funcs_t wpa2_crypto_funcs;
typedef enum {
WPA2_STATE_ENABLED = 0,
WPA2_STATE_DISABLED,
} wpa2_state_t;
const u8 * eap_get_config_identity(struct eap_sm *sm, size_t *len);
const u8 * eap_get_config_password(struct eap_sm *sm, size_t *len);

1
components/wpa_supplicant/include/wpa2/eap_peer/eap_methods.h → components/wpa_supplicant/src/eap_peer/eap_methods.h
View File

@@ -27,7 +27,6 @@ int eap_peer_method_register(struct eap_method *method);
void eap_peer_unregister_methods(void);
//int eap_peer_md5_register(void);
int eap_peer_tls_register(void);
int eap_peer_peap_register(void);
int eap_peer_ttls_register(void);

31
components/wpa_supplicant/src/wpa2/eap_peer/eap_mschapv2.c → components/wpa_supplicant/src/eap_peer/eap_mschapv2.c
View File

@@ -9,18 +9,18 @@
#ifdef EAP_MSCHAPv2
#include "wpa/wpa.h"
#include "wpa/includes.h"
#include "wpa/common.h"
#include "rsn_supp/wpa.h"
#include "utils/includes.h"
#include "utils/common.h"
#include "crypto/random.h"
#include "crypto/ms_funcs.h"
#include "wpa2/tls/tls.h"
#include "wpa2/eap_peer/eap_i.h"
#include "wpa2/eap_peer/eap_defs.h"
#include "wpa2/eap_peer/eap_tls_common.h"
#include "wpa2/eap_peer/eap_config.h"
#include "wpa2/eap_peer/mschapv2.h"
#include "wpa2/eap_peer/eap_methods.h"
#include "tls/tls.h"
#include "eap_peer/eap_i.h"
#include "eap_peer/eap_defs.h"
#include "eap_peer/eap_tls_common.h"
#include "eap_peer/eap_config.h"
#include "eap_peer/mschapv2.h"
#include "eap_peer/eap_methods.h"
#define MSCHAPV2_OP_CHALLENGE 1
#define MSCHAPV2_OP_RESPONSE 2
@@ -296,7 +296,6 @@ eap_mschapv2_failure_txt(struct eap_sm *sm,
struct eap_mschapv2_data *data, char *txt)
{
char *pos;
//char *msg = "";
int retry = 1;
struct eap_peer_config *config = eap_get_config(sm);
@@ -345,23 +344,15 @@ eap_mschapv2_failure_txt(struct eap_sm *sm,
if (pos && os_strncmp(pos, "M=", 2) == 0) {
pos += 2;
//msg = pos;
}
#if 0
wpa_printf(MSG_WARNING, "EAP-MSCHAPV2: failure message: '%s' (retry %sallowed, error %d)",
msg, retry == 1? "" : "not ", data->prev_error);
#endif
if (data->prev_error == ERROR_PASSWD_EXPIRED &&
data->passwd_change_version == 3 && config) {
if (config->new_password == NULL) {
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: Password expired - "
"password change reqired\n");
//eap_sm_request_new_password(sm);
}
} else if (retry == 1 && config) {
if (!config->mschapv2_retry)
//eap_sm_request_identity(sm);
//eap_sm_request_password(sm);
config->mschapv2_retry = 1;
} else if (config) {
config->mschapv2_retry = 0;
@@ -493,8 +484,6 @@ eap_mschapv2_failure(struct eap_sm *sm,
if (config && config->new_password)
return eap_mschapv2_change_password(sm, data, ret,
req, id);
//if (config && config->pending_req_new_password)
// return NULL;
} else if (retry && data->prev_error == ERROR_AUTHENTICATION_FAILURE) {
return NULL;
}

25
components/wpa_supplicant/src/wpa2/eap_peer/eap_peap.c → components/wpa_supplicant/src/eap_peer/eap_peap.c
View File

@@ -5,20 +5,18 @@
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#include "utils/includes.h"
#ifdef EAP_PEAP
#include "wpa/includes.h"
#include "wpa/common.h"
#include "utils/common.h"
#include "crypto/sha1.h"
#include "wpa2/tls/tls.h"
#include "wpa2/eap_peer/eap_tlv_common.h"
#include "wpa2/eap_peer/eap_peap_common.h"
#include "wpa2/eap_peer/eap_i.h"
#include "wpa2/eap_peer/eap_tls_common.h"
#include "wpa2/eap_peer/eap_config.h"
#include "wpa2/eap_peer/eap_methods.h"
//#include "tncc.h"
#include "tls/tls.h"
#include "eap_peer/eap_tlv_common.h"
#include "eap_peer/eap_peap_common.h"
#include "eap_peer/eap_i.h"
#include "eap_peer/eap_tls_common.h"
#include "eap_peer/eap_config.h"
#include "eap_peer/eap_methods.h"
/* Maximum supported PEAP version
* 0 = Microsoft's PEAP version 0; draft-kamath-pppext-peapv0-00.txt
@@ -629,7 +627,6 @@ static int eap_peap_phase2_request(struct eap_sm *sm,
size_t len = be_to_host16(hdr->length);
u8 *pos;
struct eap_method_ret iret;
//struct eap_peer_config *config = eap_get_config(sm);
if (len <= sizeof(struct eap_hdr)) {
wpa_printf(MSG_INFO, "EAP-PEAP: too short "
@@ -1111,10 +1108,8 @@ eap_peap_process(struct eap_sm *sm, void *priv,
* label by default, but allow it to be configured with
* phase1 parameter peaplabel=1. */
if (data->peap_version > 1 || data->force_new_label)
//label = "client PEAP encryption";
strcpy(label, "client PEAP encryption");
else
//label = "client EAP encryption";
strcpy(label, "client EAP encryption");
wpa_printf(MSG_DEBUG, "EAP-PEAP: using label '%s' in "
"key derivation", label);

8
components/wpa_supplicant/src/wpa2/eap_peer/eap_peap_common.c → components/wpa_supplicant/src/eap_peer/eap_peap_common.c
View File

@@ -6,13 +6,13 @@
* See README for more details.
*/
#include "utils/includes.h"
#ifdef EAP_PEAP
#include "wpa/includes.h"
#include "wpa/common.h"
#include "utils/common.h"
#include "crypto/sha1.h"
#include "wpa2/eap_peer/eap_peap_common.h"
#include "eap_peer/eap_peap_common.h"
int
peap_prfplus(int version, const u8 *key, size_t key_len,

0
components/wpa_supplicant/include/wpa2/eap_peer/eap_peap_common.h → components/wpa_supplicant/src/eap_peer/eap_peap_common.h
View File

19
components/wpa_supplicant/src/wpa2/eap_peer/eap_tls.c → components/wpa_supplicant/src/eap_peer/eap_tls.c
View File

@@ -5,17 +5,16 @@
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#include "utils/includes.h"
#ifdef EAP_TLS
#include "wpa/includes.h"
#include "wpa/common.h"
#include "wpa2/tls/tls.h"
#include "wpa2/eap_peer/eap_i.h"
#include "wpa2/eap_peer/eap_defs.h"
#include "wpa2/eap_peer/eap_tls_common.h"
#include "wpa2/eap_peer/eap_config.h"
#include "wpa2/eap_peer/eap_methods.h"
#include "utils/common.h"
#include "tls/tls.h"
#include "eap_peer/eap_i.h"
#include "eap_peer/eap_defs.h"
#include "eap_peer/eap_tls_common.h"
#include "eap_peer/eap_config.h"
#include "eap_peer/eap_methods.h"
struct eap_tls_data {
struct eap_ssl_data ssl;

2
components/wpa_supplicant/include/wpa2/eap_peer/eap_tls.h → components/wpa_supplicant/src/eap_peer/eap_tls.h
View File

@@ -12,7 +12,7 @@
#include "eap_i.h"
#include "eap_common.h"
#include "eap.h"
#include "wpa/wpabuf.h"
#include "utils/wpabuf.h"
void * eap_tls_init(struct eap_sm *sm);
void eap_tls_deinit(struct eap_sm *sm, void *priv);

14
components/wpa_supplicant/src/wpa2/eap_peer/eap_tls_common.c → components/wpa_supplicant/src/eap_peer/eap_tls_common.c
View File

@@ -6,15 +6,15 @@
* See README for more details.
*/
#include "wpa/includes.h"
#include "utils/includes.h"
#include "wpa/common.h"
#include "utils/common.h"
#include "crypto/sha1.h"
#include "wpa2/tls/tls.h"
#include "wpa2/eap_peer/eap_i.h"
#include "wpa2/eap_peer/eap_tls_common.h"
#include "wpa2/eap_peer/eap_config.h"
#include "wpa2/eap_peer/eap_methods.h"
#include "tls/tls.h"
#include "eap_peer/eap_i.h"
#include "eap_peer/eap_tls_common.h"
#include "eap_peer/eap_config.h"
#include "eap_peer/eap_methods.h"
static struct wpabuf * eap_tls_msg_alloc(EapType type, size_t payload_len,
u8 code, u8 identifier)

0
components/wpa_supplicant/include/wpa2/eap_peer/eap_tls_common.h → components/wpa_supplicant/src/eap_peer/eap_tls_common.h
View File

0
components/wpa_supplicant/include/wpa2/eap_peer/eap_tlv_common.h → components/wpa_supplicant/src/eap_peer/eap_tlv_common.h
View File

473
components/wpa_supplicant/src/wpa2/eap_peer/eap_ttls.c → components/wpa_supplicant/src/eap_peer/eap_ttls.c
View File

@@ -6,23 +6,20 @@
* See README for more details.
*/
#include "utils/includes.h"
#ifdef EAP_TTLS
#include "wpa/includes.h"
#include "wpa/common.h"
#include "utils/common.h"
#include "crypto/ms_funcs.h"
#include "crypto/sha1.h"
#include "wpa2/tls/tls.h"
//#include "eap_common/chap.h"
#include "wpa2/eap_peer/eap.h"
#include "wpa2/eap_peer/eap_ttls.h"
#include "wpa2/eap_peer/mschapv2.h"
//#include "wpa2/eap_peer/chap.h"
#include "wpa2/eap_peer/eap_i.h"
#include "wpa2/eap_peer/eap_tls_common.h"
#include "wpa2/eap_peer/eap_config.h"
#include "wpa2/eap_peer/eap_methods.h"
#include "tls/tls.h"
#include "eap_peer/eap.h"
#include "eap_peer/eap_ttls.h"
#include "eap_peer/mschapv2.h"
#include "eap_peer/eap_i.h"
#include "eap_peer/eap_tls_common.h"
#include "eap_peer/eap_config.h"
#include "eap_peer/eap_methods.h"
#define EAP_TTLS_VERSION 0
@@ -73,7 +70,6 @@ static void * eap_ttls_init(struct eap_sm *sm)
{
struct eap_ttls_data *data;
struct eap_peer_config *config = eap_get_config(sm);
//char *selected;
data = (struct eap_ttls_data *)os_zalloc(sizeof(*data));
if (data == NULL)
@@ -83,7 +79,6 @@ static void * eap_ttls_init(struct eap_sm *sm)
/*
selected = "MSCHAPV2";
//TODO: Now only support EAP-TTLS/MSCHAPV2
if (config && config->phase2) {
if (os_strstr(config->phase2, "autheap=")) {
selected = "EAP";
@@ -187,32 +182,6 @@ static u8 * eap_ttls_avp_add(u8 *start, u8 *avphdr, u32 avp_code,
return pos;
}
#if 0
static int eap_ttls_avp_encapsulate(struct wpabuf **resp, u32 avp_code,
int mandatory)
{
struct wpabuf *msg;
u8 *avp, *pos;
msg = wpabuf_alloc(sizeof(struct ttls_avp) + wpabuf_len(*resp) + 4);
if (msg == NULL) {
wpabuf_free(*resp);
*resp = NULL;
return -1;
}
avp = wpabuf_mhead(msg);
pos = eap_ttls_avp_hdr(avp, avp_code, 0, mandatory, wpabuf_len(*resp));
os_memcpy(pos, wpabuf_head(*resp), wpabuf_len(*resp));
pos += wpabuf_len(*resp);
AVP_PAD(avp, pos);
wpabuf_free(*resp);
wpabuf_put(msg, pos - avp);
*resp = msg;
return 0;
}
#endif
static int eap_ttls_v0_derive_key(struct eap_sm *sm,
struct eap_ttls_data *data)
{
@@ -244,170 +213,6 @@ static u8 * eap_ttls_implicit_challenge(struct eap_sm *sm,
return eap_peer_tls_derive_key(sm, &data->ssl, "ttls challenge", len);
}
#if 0
static void eap_ttls_phase2_select_eap_method(struct eap_ttls_data *data,
u8 method)
{
size_t i;
for (i = 0; i < data->num_phase2_eap_types; i++) {
if (data->phase2_eap_types[i].vendor != EAP_VENDOR_IETF ||
data->phase2_eap_types[i].method != method)
continue;
data->phase2_eap_type.vendor =
data->phase2_eap_types[i].vendor;
data->phase2_eap_type.method =
data->phase2_eap_types[i].method;
wpa_printf(MSG_DEBUG, "EAP-TTLS: Selected "
"Phase 2 EAP vendor %d method %d\n",
data->phase2_eap_type.vendor,
data->phase2_eap_type.method);
break;
}
}
static int eap_ttls_phase2_eap_process(struct eap_sm *sm,
struct eap_ttls_data *data,
struct eap_method_ret *ret,
struct eap_hdr *hdr, size_t len,
struct wpabuf **resp)
{
struct wpabuf msg;
struct eap_method_ret iret;
os_memset(&iret, 0, sizeof(iret));
wpabuf_set(&msg, hdr, len);
*resp = data->phase2_method->process(sm, data->phase2_priv, &iret,
&msg);
if ((iret.methodState == METHOD_DONE ||
iret.methodState == METHOD_MAY_CONT) &&
(iret.decision == DECISION_UNCOND_SUCC ||
iret.decision == DECISION_COND_SUCC ||
iret.decision == DECISION_FAIL)) {
ret->methodState = iret.methodState;
ret->decision = iret.decision;
}
return 0;
}
static int eap_ttls_phase2_request_eap_method(struct eap_sm *sm,
struct eap_ttls_data *data,
struct eap_method_ret *ret,
struct eap_hdr *hdr, size_t len,
u8 method, struct wpabuf **resp)
{
#ifdef EAP_TNC
if (data->tnc_started && data->phase2_method &&
data->phase2_priv && method == EAP_TYPE_TNC &&
data->phase2_eap_type.method == EAP_TYPE_TNC)
return eap_ttls_phase2_eap_process(sm, data, ret, hdr, len,
resp);
if (data->ready_for_tnc && !data->tnc_started &&
method == EAP_TYPE_TNC) {
wpa_printf(MSG_DEBUG, "EAP-TTLS: Start TNC after completed "
"EAP method\n");
data->tnc_started = 1;
}
if (data->tnc_started) {
if (data->phase2_eap_type.vendor != EAP_VENDOR_IETF ||
data->phase2_eap_type.method == EAP_TYPE_TNC) {
wpa_printf(MSG_ERROR, "EAP-TTLS: Unexpected EAP "
"type %d for TNC\n", method);
return -1;
}
data->phase2_eap_type.vendor = EAP_VENDOR_IETF;
data->phase2_eap_type.method = method;
wpa_printf(MSG_DEBUG, "EAP-TTLS: Selected "
"Phase 2 EAP vendor %d method %d (TNC)\n",
data->phase2_eap_type.vendor,
data->phase2_eap_type.method);
if (data->phase2_type == EAP_TTLS_PHASE2_EAP)
eap_ttls_phase2_eap_deinit(sm, data);
}
#endif /* EAP_TNC */
if (data->phase2_eap_type.vendor == EAP_VENDOR_IETF &&
data->phase2_eap_type.method == EAP_TYPE_NONE)
eap_ttls_phase2_select_eap_method(data, method);
if (method != data->phase2_eap_type.method || method == EAP_TYPE_NONE)
{
return -1;
if (eap_peer_tls_phase2_nak(data->phase2_eap_types,
data->num_phase2_eap_types,
hdr, resp))
return -1;
return 0;
}
if (data->phase2_priv == NULL) {
data->phase2_method = eap_peer_get_eap_method(
EAP_VENDOR_IETF, method);
if (data->phase2_method) {
sm->init_phase2 = 1;
data->phase2_priv = data->phase2_method->init(sm);
sm->init_phase2 = 0;
}
}
if (data->phase2_priv == NULL || data->phase2_method == NULL) {
wpa_printf(MSG_ERROR, "EAP-TTLS: failed to initialize "
"Phase 2 EAP method %d\n", method);
return -1;
}
return eap_ttls_phase2_eap_process(sm, data, ret, hdr, len, resp);
}
#if 0
static int eap_ttls_phase2_request_eap(struct eap_sm *sm,
struct eap_ttls_data *data,
struct eap_method_ret *ret,
struct eap_hdr *hdr,
struct wpabuf **resp)
{
size_t len = be_to_host16(hdr->length);
u8 *pos;
struct eap_peer_config *config = eap_get_config(sm);
if (len <= sizeof(struct eap_hdr)) {
wpa_printf(MSG_ERROR, "EAP-TTLS: too short "
"Phase 2 request (len=%lu)\n", (unsigned long) len);
return -1;
}
pos = (u8 *) (hdr + 1);
wpa_printf(MSG_DEBUG, "EAP-TTLS: Phase 2 EAP Request: type=%d\n", *pos);
switch (*pos) {
case EAP_TYPE_IDENTITY:
*resp = eap_sm_build_identity_resp(sm, hdr->identifier, 1);
break;
default:
if (eap_ttls_phase2_request_eap_method(sm, data, ret, hdr, len,
*pos, resp) < 0)
return -1;
break;
}
if (*resp == NULL &&
(config->pending_req_identity || config->pending_req_password ||
config->pending_req_otp)) {
return 0;
}
if (*resp == NULL)
return -1;
return eap_ttls_avp_encapsulate(resp, RADIUS_ATTR_EAP_MESSAGE, 1);
}
#endif
#endif
static int eap_ttls_phase2_request_mschapv2(struct eap_sm *sm,
struct eap_ttls_data *data,
struct eap_method_ret *ret,
@@ -507,202 +312,6 @@ static int eap_ttls_phase2_request_mschapv2(struct eap_sm *sm,
#endif /* EAP_MSCHAPv2 */
}
#if 0
//only support MSCHAPv2
static int eap_ttls_phase2_request_mschap(struct eap_sm *sm,
struct eap_ttls_data *data,
struct eap_method_ret *ret,
struct wpabuf **resp)
{
struct wpabuf *msg;
u8 *buf, *pos, *challenge;
const u8 *identity, *password;
size_t identity_len, password_len;
int pwhash;
wpa_printf(MSG_DEBUG, "EAP-TTLS: Phase 2 MSCHAP Request\n");
identity = eap_get_config_identity(sm, &identity_len);
password = eap_get_config_password2(sm, &password_len, &pwhash);
if (identity == NULL || password == NULL)
return -1;
msg = wpabuf_alloc(identity_len + 1000);
if (msg == NULL) {
wpa_printf(MSG_ERROR, "EAP-TTLS/MSCHAP: Failed to allocate memory\n");
return -1;
}
pos = buf = wpabuf_mhead(msg);
// User-Name
pos = eap_ttls_avp_add(buf, pos, RADIUS_ATTR_USER_NAME, 0, 1,
identity, identity_len);
// MS-CHAP-Challenge
challenge = eap_ttls_implicit_challenge(
sm, data, EAP_TTLS_MSCHAP_CHALLENGE_LEN + 1);
if (challenge == NULL) {
wpabuf_free(msg);
wpa_printf(MSG_ERROR, "EAP-TTLS/MSCHAP: Failed to derive "
"implicit challenge\n");
return -1;
}
pos = eap_ttls_avp_add(buf, pos, RADIUS_ATTR_MS_CHAP_CHALLENGE,
RADIUS_VENDOR_ID_MICROSOFT, 1,
challenge, EAP_TTLS_MSCHAP_CHALLENGE_LEN);
// MS-CHAP-Response
pos = eap_ttls_avp_hdr(pos, RADIUS_ATTR_MS_CHAP_RESPONSE,
RADIUS_VENDOR_ID_MICROSOFT, 1,
EAP_TTLS_MSCHAP_RESPONSE_LEN);
data->ident = challenge[EAP_TTLS_MSCHAP_CHALLENGE_LEN];
*pos++ = data->ident;
*pos++ = 1; // Flags: Use NT style passwords
os_memset(pos, 0, 24); // LM-Response
pos += 24;
if (pwhash) {
challenge_response(challenge, password, pos); // NT-Response
} else {
nt_challenge_response(challenge, password, password_len,
pos); // NT-Response
}
pos += 24;
os_free(challenge);
AVP_PAD(buf, pos);
wpabuf_put(msg, pos - buf);
*resp = msg;
// EAP-TTLS/MSCHAP does not provide tunneled success
// notification, so assume that Phase2 succeeds.
ret->methodState = METHOD_DONE;
ret->decision = DECISION_COND_SUCC;
return 0;
}
static int eap_ttls_phase2_request_pap(struct eap_sm *sm,
struct eap_ttls_data *data,
struct eap_method_ret *ret,
struct wpabuf **resp)
{
struct wpabuf *msg;
u8 *buf, *pos;
size_t pad;
const u8 *identity, *password;
size_t identity_len, password_len;
wpa_printf(MSG_DEBUG, "EAP-TTLS: Phase 2 PAP Request\n");
identity = eap_get_config_identity(sm, &identity_len);
password = eap_get_config_password(sm, &password_len);
if (identity == NULL || password == NULL)
return -1;
msg = wpabuf_alloc(identity_len + password_len + 100);
if (msg == NULL) {
wpa_printf(MSG_ERROR, "EAP-TTLS/PAP: Failed to allocate memory\n");
return -1;
}
pos = buf = wpabuf_mhead(msg);
// User-Name
pos = eap_ttls_avp_add(buf, pos, RADIUS_ATTR_USER_NAME, 0, 1,
identity, identity_len);
// User-Password; in RADIUS, this is encrypted, but EAP-TTLS encrypts
// the data, so no separate encryption is used in the AVP itself.
// However, the password is padded to obfuscate its length.
pad = password_len == 0 ? 16 : (16 - (password_len & 15)) & 15;
pos = eap_ttls_avp_hdr(pos, RADIUS_ATTR_USER_PASSWORD, 0, 1,
password_len + pad);
os_memcpy(pos, password, password_len);
pos += password_len;
os_memset(pos, 0, pad);
pos += pad;
AVP_PAD(buf, pos);
wpabuf_put(msg, pos - buf);
*resp = msg;
// EAP-TTLS/PAP does not provide tunneled success notification,
// so assume that Phase2 succeeds.
ret->methodState = METHOD_DONE;
ret->decision = DECISION_COND_SUCC;
return 0;
}
static int eap_ttls_phase2_request_chap(struct eap_sm *sm,
struct eap_ttls_data *data,
struct eap_method_ret *ret,
struct wpabuf **resp)
{
struct wpabuf *msg;
u8 *buf, *pos, *challenge;
const u8 *identity, *password;
size_t identity_len, password_len;
wpa_printf(MSG_DEBUG, "EAP-TTLS: Phase 2 CHAP Request\n");
identity = eap_get_config_identity(sm, &identity_len);
password = eap_get_config_password(sm, &password_len);
if (identity == NULL || password == NULL)
return -1;
msg = wpabuf_alloc(identity_len + 1000);
if (msg == NULL) {
wpa_printf(MSG_ERROR, "EAP-TTLS/CHAP: Failed to allocate memory\n");
return -1;
}
pos = buf = wpabuf_mhead(msg);
// User-Name
pos = eap_ttls_avp_add(buf, pos, RADIUS_ATTR_USER_NAME, 0, 1,
identity, identity_len);
// CHAP-Challenge
challenge = eap_ttls_implicit_challenge(
sm, data, EAP_TTLS_CHAP_CHALLENGE_LEN + 1);
if (challenge == NULL) {
wpabuf_free(msg);
wpa_printf(MSG_ERROR, "EAP-TTLS/CHAP: Failed to derive "
"implicit challenge\n");
return -1;
}
pos = eap_ttls_avp_add(buf, pos, RADIUS_ATTR_CHAP_CHALLENGE, 0, 1,
challenge, EAP_TTLS_CHAP_CHALLENGE_LEN);
// CHAP-Password
pos = eap_ttls_avp_hdr(pos, RADIUS_ATTR_CHAP_PASSWORD, 0, 1,
1 + EAP_TTLS_CHAP_PASSWORD_LEN);
data->ident = challenge[EAP_TTLS_CHAP_CHALLENGE_LEN];
*pos++ = data->ident;
// MD5(Ident + Password + Challenge)
chap_md5(data->ident, password, password_len, challenge,
EAP_TTLS_CHAP_CHALLENGE_LEN, pos);
pos += EAP_TTLS_CHAP_PASSWORD_LEN;
os_free(challenge);
AVP_PAD(buf, pos);
wpabuf_put(msg, pos - buf);
*resp = msg;
// EAP-TTLS/CHAP does not provide tunneled success
// notification, so assume that Phase2 succeeds.
ret->methodState = METHOD_DONE;
ret->decision = DECISION_COND_SUCC;
return 0;
}
#endif
static int eap_ttls_phase2_request(struct eap_sm *sm,
struct eap_ttls_data *data,
struct eap_method_ret *ret,
@@ -745,9 +354,7 @@ static int eap_ttls_phase2_request(struct eap_sm *sm,
phase2_type == EAP_TTLS_PHASE2_CHAP) {
if (eap_get_config_identity(sm, &len) == NULL) {
wpa_printf(MSG_ERROR, "EAP-TTLS: Identity not configured\n");
//eap_sm_request_identity(sm);
if (eap_get_config_password(sm, &len) == NULL);
// eap_sm_request_password(sm);
printf("[Debug] Return because no identity EAP_TTLS_PHASE2_MSCHAPV2 EAP_TTLS_PHASE2_MSCHAP\n");
return 0;
}
@@ -755,7 +362,6 @@ static int eap_ttls_phase2_request(struct eap_sm *sm,
if (eap_get_config_password(sm, &len) == NULL) {
wpa_printf(MSG_ERROR, "EAP-TTLS: Password not configured\n");
printf("[Debug] Return because no password EAP_TTLS_PHASE2_MSCHAPV2 EAP_TTLS_PHASE2_MSCHAP\n");
//eap_sm_request_password(sm);
return 0;
}
}
@@ -992,61 +598,6 @@ static int eap_ttls_encrypt_response(struct eap_sm *sm,
return 0;
}
#if 0
static int eap_ttls_process_phase2_eap(struct eap_sm *sm,
struct eap_ttls_data *data,
struct eap_method_ret *ret,
struct ttls_parse_avp *parse,
struct wpabuf **resp)
{
struct eap_hdr *hdr;
size_t len;
if (parse->eapdata == NULL) {
wpa_printf(MSG_ERROR, "EAP-TTLS: No EAP Message in the "
"packet - dropped\n");
return -1;
}
hdr = (struct eap_hdr *) parse->eapdata;
if (parse->eap_len < sizeof(*hdr)) {
wpa_printf(MSG_ERROR, "EAP-TTLS: Too short Phase 2 EAP "
"frame (len=%lu, expected %lu or more) - dropped\n",
(unsigned long) parse->eap_len,
(unsigned long) sizeof(*hdr));
return -1;
}
len = be_to_host16(hdr->length);
if (len > parse->eap_len) {
wpa_printf(MSG_ERROR, "EAP-TTLS: Length mismatch in Phase 2 "
"EAP frame (EAP hdr len=%lu, EAP data len in "
"AVP=%lu)\n",
(unsigned long) len,
(unsigned long) parse->eap_len);
return -1;
}
wpa_printf(MSG_DEBUG, "EAP-TTLS: received Phase 2: code=%d "
"identifier=%d length=%lu\n",
hdr->code, hdr->identifier, (unsigned long) len);
switch (hdr->code) {
case EAP_CODE_REQUEST:
if (eap_ttls_phase2_request(sm, data, ret, hdr, resp)) {
wpa_printf(MSG_ERROR, "EAP-TTLS: Phase2 Request "
"processing failed\n");
return -1;
}
break;
default:
wpa_printf(MSG_ERROR, "EAP-TTLS: Unexpected code=%d in "
"Phase 2 EAP header\n", hdr->code);
return -1;
}
return 0;
}
#endif
static int eap_ttls_process_phase2_mschapv2(struct eap_sm *sm,
struct eap_ttls_data *data,
struct eap_method_ret *ret,
@@ -1149,7 +700,6 @@ static int eap_ttls_process_decrypted(struct eap_sm *sm,
struct wpabuf **out_data)
{
struct wpabuf *resp = NULL;
//struct eap_peer_config *config = eap_get_config(sm);
int res;
enum phase2_types phase2_type = data->phase2_type;
@@ -1242,7 +792,6 @@ static int eap_ttls_implicit_identity_request(struct eap_sm *sm,
"processing failed\n");
retval = -1;
} else {
//struct eap_peer_config *config = eap_get_config(sm);
if (resp == NULL) {/* &&
(config->pending_req_identity ||
config->pending_req_password ||

0
components/wpa_supplicant/include/wpa2/eap_peer/eap_ttls.h → components/wpa_supplicant/src/eap_peer/eap_ttls.h
View File

6
components/wpa_supplicant/src/wpa2/eap_peer/mschapv2.c → components/wpa_supplicant/src/eap_peer/mschapv2.c
View File

@@ -4,10 +4,10 @@
#ifdef EAP_MSCHAPv2
#include "wpa/includes.h"
#include "wpa/common.h"
#include "utils/includes.h"
#include "utils/common.h"
#include "crypto/ms_funcs.h"
#include "wpa2/eap_peer/mschapv2.h"
#include "eap_peer/mschapv2.h"
const u8 * mschapv2_remove_domain(const u8 *username, size_t *len)
{

0
components/wpa_supplicant/include/wpa2/eap_peer/mschapv2.h → components/wpa_supplicant/src/eap_peer/mschapv2.h
View File

134
components/wpa_supplicant/src/esp_supplicant/esp_hostap.c Normal file
View File

@@ -0,0 +1,134 @@
// Copyright 2019 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include "utils/includes.h"
#include "utils/common.h"
#include "crypto/sha1.h"
#include "common/ieee802_11_defs.h"
#include "common/eapol_common.h"
#include "ap/wpa_auth.h"
#include "ap/ap_config.h"
#include "utils/wpa_debug.h"
#include "ap/hostapd.h"
#include "ap/wpa_auth_i.h"
#include "esp_wifi_driver.h"
#include "esp_wifi_types.h"
void *hostap_init(void)
{
struct wifi_ssid *ssid = esp_wifi_ap_get_prof_ap_ssid_internal();
struct hostapd_data *hapd = NULL;
struct wpa_auth_config *auth_conf;
u8 mac[6];
hapd = (struct hostapd_data *)os_zalloc(sizeof(struct hostapd_data));
if (hapd == NULL) {
return NULL;
}
hapd->conf = (struct hostapd_bss_config *)os_zalloc(sizeof(struct hostapd_bss_config));
if (hapd->conf == NULL) {
os_free(hapd);
return NULL;
}
auth_conf = (struct wpa_auth_config *)os_zalloc(sizeof(struct wpa_auth_config));
if (auth_conf == NULL) {
os_free(hapd->conf);
os_free(hapd);
hapd = NULL;
return NULL;
}
if (esp_wifi_ap_get_prof_authmode_internal() == WIFI_AUTH_WPA_PSK) {
auth_conf->wpa = WPA_PROTO_WPA;
}
if (esp_wifi_ap_get_prof_authmode_internal() == WIFI_AUTH_WPA2_PSK) {
auth_conf->wpa = WPA_PROTO_RSN;
}
if (esp_wifi_ap_get_prof_authmode_internal() == WIFI_AUTH_WPA_WPA2_PSK) {
auth_conf->wpa = WPA_PROTO_RSN | WPA_PROTO_WPA;
}
auth_conf->wpa_group = WPA_CIPHER_TKIP;
auth_conf->wpa_pairwise = WPA_CIPHER_CCMP | WPA_CIPHER_TKIP;
auth_conf->rsn_pairwise = WPA_CIPHER_CCMP | WPA_CIPHER_TKIP;
auth_conf->wpa_key_mgmt = WPA_KEY_MGMT_PSK;
auth_conf->eapol_version = EAPOL_VERSION;
memcpy(hapd->conf->ssid.ssid, ssid->ssid, ssid->len);
hapd->conf->ssid.ssid_len = ssid->len;
hapd->conf->ssid.wpa_passphrase = (char *)os_zalloc(64);
if (hapd->conf->ssid.wpa_passphrase == NULL) {
os_free(auth_conf);
os_free(hapd->conf);
os_free(hapd);
hapd = NULL;
return NULL;
}
memcpy(hapd->conf->ssid.wpa_passphrase, esp_wifi_ap_get_prof_password_internal(), strlen((char *)esp_wifi_ap_get_prof_password_internal()));
hapd->conf->ap_max_inactivity = 5 * 60;
hostapd_setup_wpa_psk(hapd->conf);
esp_wifi_get_macaddr_internal(WIFI_IF_AP, mac);
hapd->wpa_auth = wpa_init(mac, auth_conf, NULL);
esp_wifi_set_appie_internal(WIFI_APPIE_WPA, hapd->wpa_auth->wpa_ie, (uint16_t)hapd->wpa_auth->wpa_ie_len, 0); //michael ML
os_free(auth_conf);
return (void *)hapd;
}
bool hostap_deinit(void *data)
{
struct hostapd_data *hapd = (struct hostapd_data *)data;
if (hapd == NULL) {
return true;
}
if (hapd->wpa_auth->wpa_ie != NULL) {
os_free(hapd->wpa_auth->wpa_ie);
}
if (hapd->wpa_auth->group != NULL) {
os_free(hapd->wpa_auth->group);
}
if (hapd->wpa_auth != NULL) {
os_free(hapd->wpa_auth);
}
if (hapd->conf->ssid.wpa_psk != NULL) {
os_free(hapd->conf->ssid.wpa_psk);
}
if (hapd->conf->ssid.wpa_passphrase != NULL) {
os_free(hapd->conf->ssid.wpa_passphrase);
}
if (hapd->conf != NULL) {
os_free(hapd->conf);
}
if (hapd != NULL) {
os_free(hapd);
}
return true;
}

21
components/wpa_supplicant/src/esp_supplicant/esp_hostap.h Normal file
View File

@@ -0,0 +1,21 @@
// Copyright 2019 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef ESP_HOSTAP_H
#define ESP_HOSTAP_H
void *hostap_init(void);
bool hostap_deinit(void *data);
#endif /* ESP_HOSTAP_H */

220
components/wpa_supplicant/src/esp_supplicant/esp_wifi_driver.h Normal file
View File

@@ -0,0 +1,220 @@
// Copyright 2019 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _ESP_WIFI_DRIVER_H_
#define _ESP_WIFI_DRIVER_H_
#include "esp_err.h"
#include "esp_wifi.h"
#if CONFIG_NEWLIB_NANO_FORMAT
#define TASK_STACK_SIZE_ADD 0
#else
#define TASK_STACK_SIZE_ADD 512
#endif
#define WPA2_TASK_STACK_SIZE (6144 + TASK_STACK_SIZE_ADD)
#define WPS_TASK_STACK_SIZE (12288 + TASK_STACK_SIZE_ADD)
enum {
WIFI_WPA_ALG_NONE = 0,
WIFI_WPA_ALG_WEP40 = 1,
WIFI_WPA_ALG_TKIP = 2,
WIFI_WPA_ALG_CCMP = 3,
WIFI_WPA_ALG_WAPI = 4,
WIFI_WPA_ALG_WEP104 = 5,
WIFI_WPA_ALG_WEP,
WIFI_WPA_ALG_IGTK,
WIFI_WPA_ALG_PMK,
WIFI_WPA_ALG_GCMP
};
enum {
WIFI_APPIE_PROBEREQ = 0,
WIFI_APPIE_ASSOC_REQ,
WIFI_APPIE_ASSOC_RESP,
WIFI_APPIE_WPA,
WIFI_APPIE_RSN,
WIFI_APPIE_WPS_PR,
WIFI_APPIE_WPS_AR,
WIFI_APPIE_MESH_QUICK,
WIFI_APPIE_FREQ_ERROR,
WIFI_APPIE_ESP_MANUFACTOR,
WIFI_APPIE_COUNTRY,
WIFI_APPIE_MAX,
};
enum {
NONE_AUTH = 0x01,
WPA_AUTH_UNSPEC = 0x02,
WPA_AUTH_PSK = 0x03,
WPA2_AUTH_ENT = 0x04,
WPA2_AUTH_PSK = 0x05,
WPA_AUTH_CCKM = 0x06,
WPA2_AUTH_CCKM = 0x07,
WPA2_AUTH_INVALID = 0x08,
};
typedef enum {
WPA2_ENT_EAP_STATE_NOT_START,
WPA2_ENT_EAP_STATE_IN_PROGRESS,
WPA2_ENT_EAP_STATE_SUCCESS,
WPA2_ENT_EAP_STATE_FAIL,
} wpa2_ent_eap_state_t;
struct wifi_appie {
uint16_t ie_len;
uint8_t ie_data[];
};
struct wifi_ssid {
int len;
uint8_t ssid[32];
};
struct wps_scan_ie {
uint8_t *bssid;
uint8_t chan;
uint16_t capinfo;
uint8_t *ssid;
uint8_t *wpa;
uint8_t *rsn;
uint8_t *wps;
};
typedef struct {
int proto;
int pairwise_cipher;
int group_cipher;
int key_mgmt;
int capabilities;
size_t num_pmkid;
const u8 *pmkid;
int mgmt_group_cipher;
} wifi_wpa_ie_t;
struct wpa_funcs {
void (*wpa_sta_init)(void);
bool (*wpa_sta_deinit)(void);
void (*wpa_sta_connect)(uint8_t *bssid);
int (*wpa_sta_rx_eapol)(u8 *src_addr, u8 *buf, u32 len);
bool (*wpa_sta_in_4way_handshake)(void);
void *(*wpa_ap_init)(void);
bool (*wpa_ap_deinit)(void *data);
bool (*wpa_ap_join)(void **sm, u8 *bssid, u8 *wpa_ie, u8 wpa_ie_len);
bool (*wpa_ap_remove)(void *sm);
uint8_t *(*wpa_ap_get_wpa_ie)(uint8_t *len);
bool (*wpa_ap_rx_eapol)(void *hapd_data, void *sm, u8 *data, size_t data_len);
char *(*wpa_config_parse_string)(const char *value, size_t *len);
int (*wpa_parse_wpa_ie)(const u8 *wpa_ie, size_t wpa_ie_len, wifi_wpa_ie_t *data);
int (*wpa_config_bss)(u8 *bssid);
int (*wpa_michael_mic_failure)(u16 is_unicast);
};
struct wpa2_funcs {
int (*wpa2_sm_rx_eapol)(u8 *src_addr, u8 *buf, u32 len, u8 *bssid);
int (*wpa2_start)(void);
u8 (*wpa2_get_state)(void);
int (*wpa2_init)(void);
void (*wpa2_deinit)(void);
};
struct wps_funcs {
bool (*wps_parse_scan_result)(struct wps_scan_ie *scan);
int (*wifi_station_wps_start)(void);
int (*wps_sm_rx_eapol)(u8 *src_addr, u8 *buf, u32 len);
int (*wps_start_pending)(void);
};
typedef esp_err_t (*wifi_wpa2_fn_t)(void *);
typedef struct {
wifi_wpa2_fn_t fn;
void *param;
} wifi_wpa2_param_t;
#define IS_WPS_REGISTRAR(type) (((type)>WPS_TYPE_MAX)?(((type)<WPS_TYPE_MAX)?true:false):false)
#define IS_WPS_ENROLLEE(type) (((type)>WPS_TYPE_DISABLE)?(((type)<WPS_TYPE_MAX)?true:false):false)
typedef enum wps_status {
WPS_STATUS_DISABLE = 0,
WPS_STATUS_SCANNING,
WPS_STATUS_PENDING,
WPS_STATUS_SUCCESS,
WPS_STATUS_MAX,
} WPS_STATUS_t;
#define WIFI_TXCB_EAPOL_ID 3
typedef void(*wifi_tx_cb_t)(void *);
typedef int (*wifi_ipc_fn_t)(void *);
typedef struct {
wifi_ipc_fn_t fn;
void *arg;
uint32_t arg_size;
} wifi_ipc_config_t;
uint8_t *esp_wifi_ap_get_prof_pmk_internal(void);
struct wifi_ssid *esp_wifi_ap_get_prof_ap_ssid_internal(void);
uint8_t esp_wifi_ap_get_prof_authmode_internal(void);
uint8_t esp_wifi_sta_get_prof_authmode_internal(void);
uint8_t *esp_wifi_ap_get_prof_password_internal(void);
uint8_t *esp_wifi_sta_get_prof_pmk_internal(void);
struct wifi_ssid *esp_wifi_sta_get_prof_ssid_internal(void);
uint8_t esp_wifi_sta_get_reset_param_internal(void);
uint8_t esp_wifi_sta_get_pairwise_cipher_internal(void);
uint8_t esp_wifi_sta_get_group_cipher_internal(void);
bool esp_wifi_sta_prof_is_wpa_internal(void);
int esp_wifi_get_macaddr_internal(uint8_t if_index, uint8_t *macaddr);
int esp_wifi_set_appie_internal(uint8_t type, uint8_t *ie, uint16_t len, uint8_t flag);
int esp_wifi_unset_appie_internal(uint8_t type);
struct wifi_appie *esp_wifi_get_appie_internal(uint8_t type);
void *esp_wifi_get_hostap_private_internal(void); //1
uint8_t *esp_wifi_sta_get_prof_password_internal(void);
void esp_wifi_deauthenticate_internal(u8 reason_code);
bool esp_wifi_sta_is_running_internal(void);
bool esp_wifi_auth_done_internal(void);
int esp_wifi_set_ap_key_internal(int alg, const u8 *addr, int idx, u8 *key, size_t key_len);
int esp_wifi_set_sta_key_internal(int alg, u8 *addr, int key_idx, int set_tx,
u8 *seq, size_t seq_len, u8 *key, size_t key_len, int key_entry_valid);
int esp_wifi_get_sta_key_internal(uint8_t *ifx, int *alg, u8 *addr, int *key_idx,
u8 *key, size_t key_len, int key_entry_valid);
bool esp_wifi_wpa_ptk_init_done_internal(uint8_t *mac);
uint8_t esp_wifi_sta_set_reset_param_internal(uint8_t reset_flag);
uint8_t esp_wifi_get_sta_gtk_index_internal(void);
void esp_wifi_set_sta_gtk_index_internal(u8 valid, u8 index);
int esp_wifi_register_tx_cb_internal(wifi_tx_cb_t fn, u8 id);
int esp_wifi_register_wpa_cb_internal(struct wpa_funcs *cb);
int esp_wifi_unregister_wpa_cb_internal(void);
int esp_wifi_get_assoc_bssid_internal(uint8_t *bssid);
bool esp_wifi_sta_is_ap_notify_completed_rsne_internal(void);
int esp_wifi_ap_deauth_internal(uint8_t *mac, uint32_t reason);
int esp_wifi_ipc_internal(wifi_ipc_config_t *cfg, bool sync);
int esp_wifi_register_wpa2_cb_internal(struct wpa2_funcs *cb);
int esp_wifi_unregister_wpa2_cb_internal(void);
bool esp_wifi_sta_prof_is_wpa2_internal(void);
esp_err_t esp_wifi_sta_wpa2_ent_disable_internal(wifi_wpa2_param_t *param);
esp_err_t esp_wifi_sta_wpa2_ent_enable_internal(wifi_wpa2_param_t *param);
esp_err_t esp_wifi_set_wpa2_ent_state_internal(wpa2_ent_eap_state_t state);
int esp_wifi_get_wps_type_internal(void);
int esp_wifi_set_wps_type_internal(uint32_t type);
int esp_wifi_get_wps_status_internal(void);
int esp_wifi_set_wps_status_internal(uint32_t status);
int esp_wifi_disarm_sta_connection_timer_internal(void);
bool esp_wifi_get_sniffer_internal(void);
int esp_wifi_set_wps_cb_internal(struct wps_funcs *wps_cb);
bool esp_wifi_enable_sta_privacy_internal(void);
uint8_t esp_wifi_get_user_init_flag_internal(void);
esp_err_t esp_wifi_send_event_internal(system_event_t *evt);
esp_err_t esp_wifi_internal_supplicant_header_md5_check(const char *md5);
#endif /* _ESP_WIFI_DRIVER_H_ */

1036
components/wpa_supplicant/src/esp_supplicant/esp_wpa2.c Normal file
View File

File diff suppressed because it is too large Load Diff

Some files were not shown because too many files have changed in this diff Show More