1  /*
2   * wpa_supplicant - WPA2/RSN PMKSA cache functions
3   * Copyright (c) 2003-2009, 2011-2012, Jouni Malinen <j@w1.fi>
4   *
5   * This software may be distributed under the terms of the BSD license.
6   * See README for more details.
7   */
8  
9  #ifndef PMKSA_CACHE_H
10  #define PMKSA_CACHE_H
11  
12  /**
13   * struct rsn_pmksa_cache_entry - PMKSA cache entry
14   */
15  struct rsn_pmksa_cache_entry {
16  	struct rsn_pmksa_cache_entry *next;
17  	u8 pmkid[PMKID_LEN];
18  	u8 pmk[PMK_LEN_MAX];
19  	size_t pmk_len;
20  	u8 kck[WPA_KCK_MAX_LEN];
21  	size_t kck_len;
22  	os_time_t expiration;
23  	int akmp; /* WPA_KEY_MGMT_* */
24  	u8 aa[ETH_ALEN];
25  	u8 spa[ETH_ALEN];
26  
27  	/*
28  	 * If FILS Cache Identifier is included (fils_cache_id_set), this PMKSA
29  	 * cache entry is applicable to all BSSs (any BSSID/aa[]) that
30  	 * advertise the same FILS Cache Identifier within the same ESS.
31  	 */
32  	u8 fils_cache_id[2];
33  	unsigned int fils_cache_id_set:1;
34  	unsigned int dpp_pfs:1;
35  
36  	os_time_t reauth_time;
37  
38  	/**
39  	 * network_ctx - Network configuration context
40  	 *
41  	 * This field is only used to match PMKSA cache entries to a specific
42  	 * network configuration (e.g., a specific SSID and security policy).
43  	 * This can be a pointer to the configuration entry, but PMKSA caching
44  	 * code does not dereference the value and this could be any kind of
45  	 * identifier.
46  	 */
47  	void *network_ctx;
48  	int opportunistic;
49  	bool external;
50  
51  	/**
52  	 * This field is used to avoid duplicate pmksa_cache_reauth() calls for
53  	 * every 10 minutes during the periodic expiration check of the current
54  	 * PMKSA for SAE.
55  	 */
56  	bool sae_reauth_scheduled;
57  };
58  
59  struct rsn_pmksa_cache;
60  
61  enum pmksa_free_reason {
62  	PMKSA_FREE,
63  	PMKSA_REPLACE,
64  	PMKSA_EXPIRE,
65  };
66  
67  struct rsn_pmksa_cache *
68  pmksa_cache_init(void (*free_cb)(struct rsn_pmksa_cache_entry *entry,
69  				 void *ctx, enum pmksa_free_reason reason),
70  		 bool (*is_current_cb)(struct rsn_pmksa_cache_entry *entry,
71  				       void *ctx),
72  		 void (*notify_cb)(struct rsn_pmksa_cache_entry *entry,
73  				   void *ctx),
74  		 void *ctx, struct wpa_sm *sm);
75  void pmksa_cache_deinit(struct rsn_pmksa_cache *pmksa);
76  struct rsn_pmksa_cache_entry * pmksa_cache_get(struct rsn_pmksa_cache *pmksa,
77  					       const u8 *aa, const u8 *spa,
78  					       const u8 *pmkid,
79  					       const void *network_ctx,
80  					       int akmp);
81  int pmksa_cache_list(struct rsn_pmksa_cache *pmksa, char *buf, size_t len);
82  struct rsn_pmksa_cache_entry * pmksa_cache_head(struct rsn_pmksa_cache *pmksa);
83  struct rsn_pmksa_cache_entry *
84  pmksa_cache_add(struct rsn_pmksa_cache *pmksa, const u8 *pmk, size_t pmk_len,
85  		const u8 *pmkid, const u8 *kck, size_t kck_len,
86  		const u8 *aa, const u8 *spa, void *network_ctx, int akmp,
87  		const u8 *cache_id);
88  struct rsn_pmksa_cache_entry *
89  pmksa_cache_add_entry(struct rsn_pmksa_cache *pmksa,
90  		      struct rsn_pmksa_cache_entry *entry);
91  struct rsn_pmksa_cache_entry * pmksa_cache_get_current(struct wpa_sm *sm);
92  void pmksa_cache_clear_current(struct wpa_sm *sm);
93  int pmksa_cache_set_current(struct wpa_sm *sm, const u8 *pmkid,
94  			    const u8 *bssid, void *network_ctx,
95  			    int try_opportunistic, const u8 *fils_cache_id,
96  			    int akmp, bool associated);
97  struct rsn_pmksa_cache_entry *
98  pmksa_cache_get_opportunistic(struct rsn_pmksa_cache *pmksa,
99  			      void *network_ctx, const u8 *aa, int akmp);
100  void pmksa_cache_flush(struct rsn_pmksa_cache *pmksa, void *network_ctx,
101  		       const u8 *pmk, size_t pmk_len, bool external_only);
102  void pmksa_cache_remove(struct rsn_pmksa_cache *pmksa,
103  			struct rsn_pmksa_cache_entry *entry);
104  void pmksa_cache_reconfig(struct rsn_pmksa_cache *pmksa);
105  
106  #endif /* PMKSA_CACHE_H */
107