1 /*
2 * hostapd - WPA/RSN IE and KDE definitions
3 * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10
11 #include "utils/common.h"
12 #include "common/ieee802_11_defs.h"
13 #include "drivers/driver.h"
14 #include "eapol_auth/eapol_auth_sm.h"
15 #include "ap_config.h"
16 #include "ieee802_11.h"
17 #include "wpa_auth.h"
18 #include "pmksa_cache_auth.h"
19 #include "wpa_auth_ie.h"
20 #include "wpa_auth_i.h"
21
22
23 #ifdef CONFIG_RSN_TESTING
24 int rsn_testing = 0;
25 #endif /* CONFIG_RSN_TESTING */
26
27
wpa_write_wpa_ie(struct wpa_auth_config * conf,u8 * buf,size_t len)28 static int wpa_write_wpa_ie(struct wpa_auth_config *conf, u8 *buf, size_t len)
29 {
30 struct wpa_ie_hdr *hdr;
31 int num_suites;
32 u8 *pos, *count;
33 u32 suite;
34
35 hdr = (struct wpa_ie_hdr *) buf;
36 hdr->elem_id = WLAN_EID_VENDOR_SPECIFIC;
37 RSN_SELECTOR_PUT(hdr->oui, WPA_OUI_TYPE);
38 WPA_PUT_LE16(hdr->version, WPA_VERSION);
39 pos = (u8 *) (hdr + 1);
40
41 suite = wpa_cipher_to_suite(WPA_PROTO_WPA, conf->wpa_group);
42 if (suite == 0) {
43 wpa_printf(MSG_DEBUG, "Invalid group cipher (%d).",
44 conf->wpa_group);
45 return -1;
46 }
47 RSN_SELECTOR_PUT(pos, suite);
48 pos += WPA_SELECTOR_LEN;
49
50 count = pos;
51 pos += 2;
52
53 num_suites = wpa_cipher_put_suites(pos, conf->wpa_pairwise);
54 if (num_suites == 0) {
55 wpa_printf(MSG_DEBUG, "Invalid pairwise cipher (%d).",
56 conf->wpa_pairwise);
57 return -1;
58 }
59 pos += num_suites * WPA_SELECTOR_LEN;
60 WPA_PUT_LE16(count, num_suites);
61
62 num_suites = 0;
63 count = pos;
64 pos += 2;
65
66 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
67 RSN_SELECTOR_PUT(pos, WPA_AUTH_KEY_MGMT_UNSPEC_802_1X);
68 pos += WPA_SELECTOR_LEN;
69 num_suites++;
70 }
71 if (conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
72 RSN_SELECTOR_PUT(pos, WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X);
73 pos += WPA_SELECTOR_LEN;
74 num_suites++;
75 }
76
77 if (num_suites == 0) {
78 wpa_printf(MSG_DEBUG, "Invalid key management type (%d).",
79 conf->wpa_key_mgmt);
80 return -1;
81 }
82 WPA_PUT_LE16(count, num_suites);
83
84 /* WPA Capabilities; use defaults, so no need to include it */
85
86 hdr->len = (pos - buf) - 2;
87
88 return pos - buf;
89 }
90
91
wpa_own_rsn_capab(struct wpa_auth_config * conf,enum mfp_options mfp)92 static u16 wpa_own_rsn_capab(struct wpa_auth_config *conf,
93 enum mfp_options mfp)
94 {
95 u16 capab = 0;
96
97 if (conf->rsn_preauth)
98 capab |= WPA_CAPABILITY_PREAUTH;
99 if (conf->wmm_enabled) {
100 /* 4 PTKSA replay counters when using WMM */
101 capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
102 }
103 if (mfp != NO_MGMT_FRAME_PROTECTION) {
104 capab |= WPA_CAPABILITY_MFPC;
105 if (mfp == MGMT_FRAME_PROTECTION_REQUIRED)
106 capab |= WPA_CAPABILITY_MFPR;
107 }
108 #ifdef CONFIG_OCV
109 if (conf->ocv)
110 capab |= WPA_CAPABILITY_OCVC;
111 #endif /* CONFIG_OCV */
112 #ifdef CONFIG_RSN_TESTING
113 if (rsn_testing)
114 capab |= BIT(8) | BIT(15);
115 #endif /* CONFIG_RSN_TESTING */
116 if (conf->extended_key_id)
117 capab |= WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST;
118
119 return capab;
120 }
121
122
rsne_write_data(u8 * buf,size_t len,u8 * pos,int group,int pairwise,int key_mgmt,u16 rsn_capab,const u8 * pmkid,enum mfp_options mfp,int group_mgmt_cipher)123 static u8 * rsne_write_data(u8 *buf, size_t len, u8 *pos, int group,
124 int pairwise, int key_mgmt, u16 rsn_capab,
125 const u8 *pmkid, enum mfp_options mfp,
126 int group_mgmt_cipher)
127 {
128 int num_suites, res;
129 u8 *count;
130 u32 suite;
131
132 suite = wpa_cipher_to_suite(WPA_PROTO_RSN, group);
133 if (suite == 0) {
134 wpa_printf(MSG_DEBUG, "Invalid group cipher (%d).", group);
135 return NULL;
136 }
137 RSN_SELECTOR_PUT(pos, suite);
138 pos += RSN_SELECTOR_LEN;
139
140 num_suites = 0;
141 count = pos;
142 pos += 2;
143
144 #ifdef CONFIG_RSN_TESTING
145 if (rsn_testing) {
146 RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 1));
147 pos += RSN_SELECTOR_LEN;
148 num_suites++;
149 }
150 #endif /* CONFIG_RSN_TESTING */
151
152 res = rsn_cipher_put_suites(pos, pairwise);
153 num_suites += res;
154 pos += res * RSN_SELECTOR_LEN;
155
156 #ifdef CONFIG_RSN_TESTING
157 if (rsn_testing) {
158 RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 2));
159 pos += RSN_SELECTOR_LEN;
160 num_suites++;
161 }
162 #endif /* CONFIG_RSN_TESTING */
163
164 if (num_suites == 0) {
165 wpa_printf(MSG_DEBUG, "Invalid pairwise cipher (%d).",
166 pairwise);
167 return NULL;
168 }
169 WPA_PUT_LE16(count, num_suites);
170
171 num_suites = 0;
172 count = pos;
173 pos += 2;
174
175 #ifdef CONFIG_RSN_TESTING
176 if (rsn_testing) {
177 RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 1));
178 pos += RSN_SELECTOR_LEN;
179 num_suites++;
180 }
181 #endif /* CONFIG_RSN_TESTING */
182
183 if (key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
184 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_UNSPEC_802_1X);
185 pos += RSN_SELECTOR_LEN;
186 num_suites++;
187 }
188 if (key_mgmt & WPA_KEY_MGMT_PSK) {
189 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X);
190 pos += RSN_SELECTOR_LEN;
191 num_suites++;
192 }
193 #ifdef CONFIG_IEEE80211R_AP
194 if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
195 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_802_1X);
196 pos += RSN_SELECTOR_LEN;
197 num_suites++;
198 }
199 #ifdef CONFIG_SHA384
200 if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) {
201 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_802_1X_SHA384);
202 pos += RSN_SELECTOR_LEN;
203 num_suites++;
204 }
205 #endif /* CONFIG_SHA384 */
206 if (key_mgmt & WPA_KEY_MGMT_FT_PSK) {
207 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_PSK);
208 pos += RSN_SELECTOR_LEN;
209 num_suites++;
210 }
211 #endif /* CONFIG_IEEE80211R_AP */
212 #ifdef CONFIG_SHA384
213 if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA384) {
214 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SHA384);
215 pos += RSN_SELECTOR_LEN;
216 num_suites++;
217 }
218 #endif /* CONFIG_SHA384 */
219 if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
220 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SHA256);
221 pos += RSN_SELECTOR_LEN;
222 num_suites++;
223 }
224 if (key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
225 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_SHA256);
226 pos += RSN_SELECTOR_LEN;
227 num_suites++;
228 }
229 #ifdef CONFIG_SAE
230 if (key_mgmt & WPA_KEY_MGMT_SAE) {
231 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_SAE);
232 pos += RSN_SELECTOR_LEN;
233 num_suites++;
234 }
235 if (key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
236 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_SAE_EXT_KEY);
237 pos += RSN_SELECTOR_LEN;
238 num_suites++;
239 }
240 if (key_mgmt & WPA_KEY_MGMT_FT_SAE) {
241 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_SAE);
242 pos += RSN_SELECTOR_LEN;
243 num_suites++;
244 }
245 if (key_mgmt & WPA_KEY_MGMT_FT_SAE_EXT_KEY) {
246 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_SAE_EXT_KEY);
247 pos += RSN_SELECTOR_LEN;
248 num_suites++;
249 }
250 #endif /* CONFIG_SAE */
251 if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
252 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SUITE_B);
253 pos += RSN_SELECTOR_LEN;
254 num_suites++;
255 }
256 if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
257 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192);
258 pos += RSN_SELECTOR_LEN;
259 num_suites++;
260 }
261 #ifdef CONFIG_FILS
262 if (key_mgmt & WPA_KEY_MGMT_FILS_SHA256) {
263 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FILS_SHA256);
264 pos += RSN_SELECTOR_LEN;
265 num_suites++;
266 }
267 if (key_mgmt & WPA_KEY_MGMT_FILS_SHA384) {
268 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FILS_SHA384);
269 pos += RSN_SELECTOR_LEN;
270 num_suites++;
271 }
272 #ifdef CONFIG_IEEE80211R_AP
273 if (key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256) {
274 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_FILS_SHA256);
275 pos += RSN_SELECTOR_LEN;
276 num_suites++;
277 }
278 if (key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384) {
279 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_FILS_SHA384);
280 pos += RSN_SELECTOR_LEN;
281 num_suites++;
282 }
283 #endif /* CONFIG_IEEE80211R_AP */
284 #endif /* CONFIG_FILS */
285 #ifdef CONFIG_OWE
286 if (key_mgmt & WPA_KEY_MGMT_OWE) {
287 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_OWE);
288 pos += RSN_SELECTOR_LEN;
289 num_suites++;
290 }
291 #endif /* CONFIG_OWE */
292 #ifdef CONFIG_DPP
293 if (key_mgmt & WPA_KEY_MGMT_DPP) {
294 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_DPP);
295 pos += RSN_SELECTOR_LEN;
296 num_suites++;
297 }
298 #endif /* CONFIG_DPP */
299 #ifdef CONFIG_PASN
300 if (key_mgmt & WPA_KEY_MGMT_PASN) {
301 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PASN);
302 pos += RSN_SELECTOR_LEN;
303 num_suites++;
304 }
305 #endif /* CONFIG_PASN */
306
307 #ifdef CONFIG_RSN_TESTING
308 if (rsn_testing) {
309 RSN_SELECTOR_PUT(pos, RSN_SELECTOR(0x12, 0x34, 0x56, 2));
310 pos += RSN_SELECTOR_LEN;
311 num_suites++;
312 }
313 #endif /* CONFIG_RSN_TESTING */
314
315 if (num_suites == 0) {
316 wpa_printf(MSG_DEBUG, "Invalid key management type (%d).",
317 key_mgmt);
318 return NULL;
319 }
320 WPA_PUT_LE16(count, num_suites);
321
322 /* RSN Capabilities */
323 WPA_PUT_LE16(pos, rsn_capab);
324 pos += 2;
325
326 if (pmkid) {
327 if (2 + PMKID_LEN > buf + len - pos)
328 return NULL;
329 /* PMKID Count */
330 WPA_PUT_LE16(pos, 1);
331 pos += 2;
332 os_memcpy(pos, pmkid, PMKID_LEN);
333 pos += PMKID_LEN;
334 }
335
336
337 if (mfp != NO_MGMT_FRAME_PROTECTION &&
338 group_mgmt_cipher != WPA_CIPHER_AES_128_CMAC) {
339 if (2 + 4 > buf + len - pos)
340 return NULL;
341 if (!pmkid) {
342 /* PMKID Count */
343 WPA_PUT_LE16(pos, 0);
344 pos += 2;
345 }
346
347 /* Management Group Cipher Suite */
348 switch (group_mgmt_cipher) {
349 case WPA_CIPHER_AES_128_CMAC:
350 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC);
351 break;
352 case WPA_CIPHER_BIP_GMAC_128:
353 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_BIP_GMAC_128);
354 break;
355 case WPA_CIPHER_BIP_GMAC_256:
356 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_BIP_GMAC_256);
357 break;
358 case WPA_CIPHER_BIP_CMAC_256:
359 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_BIP_CMAC_256);
360 break;
361 default:
362 wpa_printf(MSG_DEBUG,
363 "Invalid group management cipher (0x%x)",
364 group_mgmt_cipher);
365 return NULL;
366 }
367 pos += RSN_SELECTOR_LEN;
368 }
369
370 #ifdef CONFIG_RSN_TESTING
371 if (rsn_testing) {
372 /*
373 * Fill in any defined fields and add extra data to the end of
374 * the element.
375 */
376 int pmkid_count_set = pmkid != NULL;
377 if (mfp != NO_MGMT_FRAME_PROTECTION)
378 pmkid_count_set = 1;
379 /* PMKID Count */
380 WPA_PUT_LE16(pos, 0);
381 pos += 2;
382 if (mfp == NO_MGMT_FRAME_PROTECTION) {
383 /* Management Group Cipher Suite */
384 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC);
385 pos += RSN_SELECTOR_LEN;
386 }
387
388 os_memset(pos, 0x12, 17);
389 pos += 17;
390 }
391 #endif /* CONFIG_RSN_TESTING */
392 return pos;
393 }
394
395
wpa_write_rsn_ie(struct wpa_auth_config * conf,u8 * buf,size_t len,const u8 * pmkid)396 int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
397 const u8 *pmkid)
398 {
399 struct rsn_ie_hdr *hdr;
400 u8 *pos;
401
402 hdr = (struct rsn_ie_hdr *) buf;
403 hdr->elem_id = WLAN_EID_RSN;
404 WPA_PUT_LE16(hdr->version, RSN_VERSION);
405 pos = (u8 *) (hdr + 1);
406
407 pos = rsne_write_data(buf, len, pos, conf->wpa_group,
408 conf->rsn_pairwise, conf->wpa_key_mgmt,
409 wpa_own_rsn_capab(conf, conf->ieee80211w), pmkid,
410 conf->ieee80211w, conf->group_mgmt_cipher);
411 if (!pos)
412 return -1;
413
414 hdr->len = (pos - buf) - 2;
415
416 return pos - buf;
417 }
418
419
wpa_write_rsne_override(struct wpa_auth_config * conf,u8 * buf,size_t len)420 static int wpa_write_rsne_override(struct wpa_auth_config *conf, u8 *buf,
421 size_t len)
422 {
423 u8 *pos, *len_pos;
424
425 pos = buf;
426 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
427 len_pos = pos++;
428
429 WPA_PUT_BE32(pos, RSNE_OVERRIDE_IE_VENDOR_TYPE);
430 pos += 4;
431
432 WPA_PUT_LE16(pos, RSN_VERSION);
433 pos += 2;
434
435 pos = rsne_write_data(buf, len, pos, conf->wpa_group,
436 conf->rsn_override_pairwise,
437 conf->rsn_override_key_mgmt,
438 wpa_own_rsn_capab(conf, conf->rsn_override_mfp),
439 NULL, conf->rsn_override_mfp,
440 conf->group_mgmt_cipher);
441 if (!pos)
442 return -1;
443
444 *len_pos = (pos - buf) - 2;
445
446 return pos - buf;
447 }
448
449
wpa_write_rsne_override_2(struct wpa_auth_config * conf,u8 * buf,size_t len)450 static int wpa_write_rsne_override_2(struct wpa_auth_config *conf, u8 *buf,
451 size_t len)
452 {
453 u8 *pos, *len_pos;
454
455 pos = buf;
456 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
457 len_pos = pos++;
458
459 WPA_PUT_BE32(pos, RSNE_OVERRIDE_2_IE_VENDOR_TYPE);
460 pos += 4;
461
462 WPA_PUT_LE16(pos, RSN_VERSION);
463 pos += 2;
464
465 pos = rsne_write_data(buf, len, pos, conf->wpa_group,
466 conf->rsn_override_pairwise_2,
467 conf->rsn_override_key_mgmt_2,
468 wpa_own_rsn_capab(conf, conf->rsn_override_mfp_2),
469 NULL, conf->rsn_override_mfp_2,
470 conf->group_mgmt_cipher);
471 if (!pos)
472 return -1;
473
474 *len_pos = (pos - buf) - 2;
475
476 return pos - buf;
477 }
478
479
rsnxe_capab(struct wpa_auth_config * conf,int key_mgmt)480 static u32 rsnxe_capab(struct wpa_auth_config *conf, int key_mgmt)
481 {
482 u32 capab = 0;
483
484 if (wpa_key_mgmt_sae(key_mgmt) &&
485 (conf->sae_pwe == SAE_PWE_HASH_TO_ELEMENT ||
486 conf->sae_pwe == SAE_PWE_BOTH || conf->sae_pk ||
487 wpa_key_mgmt_sae_ext_key(key_mgmt))) {
488 capab |= BIT(WLAN_RSNX_CAPAB_SAE_H2E);
489 #ifdef CONFIG_SAE_PK
490 if (conf->sae_pk)
491 capab |= BIT(WLAN_RSNX_CAPAB_SAE_PK);
492 #endif /* CONFIG_SAE_PK */
493 }
494
495 if (conf->secure_ltf)
496 capab |= BIT(WLAN_RSNX_CAPAB_SECURE_LTF);
497 if (conf->secure_rtt)
498 capab |= BIT(WLAN_RSNX_CAPAB_SECURE_RTT);
499 if (conf->prot_range_neg)
500 capab |= BIT(WLAN_RSNX_CAPAB_URNM_MFPR);
501 if (conf->ssid_protection)
502 capab |= BIT(WLAN_RSNX_CAPAB_SSID_PROTECTION);
503 if (conf->spp_amsdu)
504 capab |= BIT(WLAN_RSNX_CAPAB_SPP_A_MSDU);
505
506 return capab;
507 }
508
509
wpa_write_rsnxe(struct wpa_auth_config * conf,u8 * buf,size_t len)510 int wpa_write_rsnxe(struct wpa_auth_config *conf, u8 *buf, size_t len)
511 {
512 u8 *pos = buf;
513 u32 capab = 0, tmp;
514 size_t flen;
515
516 capab = rsnxe_capab(conf, conf->wpa_key_mgmt);
517
518 if (!capab)
519 return 0; /* no supported extended RSN capabilities */
520 tmp = capab;
521 flen = 0;
522 while (tmp) {
523 flen++;
524 tmp >>= 8;
525 }
526 if (len < 2 + flen)
527 return -1;
528 capab |= flen - 1; /* bit 0-3 = Field length (n - 1) */
529
530 *pos++ = WLAN_EID_RSNX;
531 *pos++ = flen;
532 while (capab) {
533 *pos++ = capab & 0xff;
534 capab >>= 8;
535 }
536
537 return pos - buf;
538 }
539
540
wpa_write_rsnxe_override(struct wpa_auth_config * conf,u8 * buf,size_t len)541 static int wpa_write_rsnxe_override(struct wpa_auth_config *conf, u8 *buf,
542 size_t len)
543 {
544 u8 *pos = buf;
545 u32 capab, tmp;
546 size_t flen;
547
548 capab = rsnxe_capab(conf, conf->rsn_override_key_mgmt |
549 conf->rsn_override_key_mgmt_2);
550
551 if (!capab)
552 return 0; /* no supported extended RSN capabilities */
553 tmp = capab;
554 flen = 0;
555 while (tmp) {
556 flen++;
557 tmp >>= 8;
558 }
559 if (len < 2 + flen)
560 return -1;
561 capab |= flen - 1; /* bit 0-3 = Field length (n - 1) */
562
563 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
564 *pos++ = 4 + flen;
565 WPA_PUT_BE32(pos, RSNXE_OVERRIDE_IE_VENDOR_TYPE);
566 pos += 4;
567
568 while (capab) {
569 *pos++ = capab & 0xff;
570 capab >>= 8;
571 }
572
573 return pos - buf;
574 }
575
576
wpa_auth_gen_wpa_ie(struct wpa_authenticator * wpa_auth)577 int wpa_auth_gen_wpa_ie(struct wpa_authenticator *wpa_auth)
578 {
579 u8 *pos, buf[1500];
580 int res;
581
582 #ifdef CONFIG_TESTING_OPTIONS
583 if (wpa_auth->conf.own_ie_override_len) {
584 wpa_hexdump(MSG_DEBUG, "WPA: Forced own IE(s) for testing",
585 wpa_auth->conf.own_ie_override,
586 wpa_auth->conf.own_ie_override_len);
587 os_free(wpa_auth->wpa_ie);
588 wpa_auth->wpa_ie =
589 os_malloc(wpa_auth->conf.own_ie_override_len);
590 if (wpa_auth->wpa_ie == NULL)
591 return -1;
592 os_memcpy(wpa_auth->wpa_ie, wpa_auth->conf.own_ie_override,
593 wpa_auth->conf.own_ie_override_len);
594 wpa_auth->wpa_ie_len = wpa_auth->conf.own_ie_override_len;
595 return 0;
596 }
597 #endif /* CONFIG_TESTING_OPTIONS */
598
599 pos = buf;
600
601 if (wpa_auth->conf.wpa & WPA_PROTO_RSN) {
602 #ifdef CONFIG_TESTING_OPTIONS
603 if (wpa_auth->conf.rsne_override_set) {
604 wpa_hexdump(MSG_DEBUG,
605 "RSN: Forced own RSNE for testing",
606 wpa_auth->conf.rsne_override,
607 wpa_auth->conf.rsne_override_len);
608 if (sizeof(buf) - (pos - buf) <
609 wpa_auth->conf.rsne_override_len)
610 return -1;
611 os_memcpy(pos, wpa_auth->conf.rsne_override,
612 wpa_auth->conf.rsne_override_len);
613 pos += wpa_auth->conf.rsne_override_len;
614 goto rsnxe;
615 }
616 #endif /* CONFIG_TESTING_OPTIONS */
617 res = wpa_write_rsn_ie(&wpa_auth->conf,
618 pos, buf + sizeof(buf) - pos, NULL);
619 if (res < 0)
620 return res;
621 pos += res;
622 #ifdef CONFIG_TESTING_OPTIONS
623 rsnxe:
624 if (wpa_auth->conf.rsnxe_override_set) {
625 wpa_hexdump(MSG_DEBUG,
626 "RSN: Forced own RSNXE for testing",
627 wpa_auth->conf.rsnxe_override,
628 wpa_auth->conf.rsnxe_override_len);
629 if (sizeof(buf) - (pos - buf) <
630 wpa_auth->conf.rsnxe_override_len)
631 return -1;
632 os_memcpy(pos, wpa_auth->conf.rsnxe_override,
633 wpa_auth->conf.rsnxe_override_len);
634 pos += wpa_auth->conf.rsnxe_override_len;
635 goto fte;
636 }
637 #endif /* CONFIG_TESTING_OPTIONS */
638 if (wpa_auth->conf.rsn_override_omit_rsnxe)
639 res = 0;
640 else
641 res = wpa_write_rsnxe(&wpa_auth->conf, pos,
642 buf + sizeof(buf) - pos);
643 if (res < 0)
644 return res;
645 pos += res;
646 }
647 #ifdef CONFIG_TESTING_OPTIONS
648 fte:
649 #endif /* CONFIG_TESTING_OPTIONS */
650 #ifdef CONFIG_IEEE80211R_AP
651 if (wpa_key_mgmt_ft(wpa_auth->conf.wpa_key_mgmt)) {
652 res = wpa_write_mdie(&wpa_auth->conf, pos,
653 buf + sizeof(buf) - pos);
654 if (res < 0)
655 return res;
656 pos += res;
657 }
658 #endif /* CONFIG_IEEE80211R_AP */
659 if (wpa_auth->conf.wpa & WPA_PROTO_WPA) {
660 res = wpa_write_wpa_ie(&wpa_auth->conf,
661 pos, buf + sizeof(buf) - pos);
662 if (res < 0)
663 return res;
664 pos += res;
665 }
666 if ((wpa_auth->conf.wpa & WPA_PROTO_RSN) &&
667 wpa_auth->conf.rsn_override_key_mgmt) {
668 #ifdef CONFIG_TESTING_OPTIONS
669 if (wpa_auth->conf.rsnoe_override_set) {
670 wpa_hexdump(MSG_DEBUG,
671 "RSN: Forced own RSNOE for testing",
672 wpa_auth->conf.rsnoe_override,
673 wpa_auth->conf.rsnoe_override_len);
674 if (sizeof(buf) - (pos - buf) <
675 wpa_auth->conf.rsnoe_override_len)
676 return -1;
677 os_memcpy(pos, wpa_auth->conf.rsnoe_override,
678 wpa_auth->conf.rsnoe_override_len);
679 pos += wpa_auth->conf.rsnoe_override_len;
680 goto rsno2e;
681 }
682 #endif /* CONFIG_TESTING_OPTIONS */
683 res = wpa_write_rsne_override(&wpa_auth->conf,
684 pos, buf + sizeof(buf) - pos);
685 if (res < 0)
686 return res;
687 pos += res;
688 }
689 #ifdef CONFIG_TESTING_OPTIONS
690 rsno2e:
691 #endif /* CONFIG_TESTING_OPTIONS */
692 if ((wpa_auth->conf.wpa & WPA_PROTO_RSN) &&
693 wpa_auth->conf.rsn_override_key_mgmt_2) {
694 #ifdef CONFIG_TESTING_OPTIONS
695 if (wpa_auth->conf.rsno2e_override_set) {
696 wpa_hexdump(MSG_DEBUG,
697 "RSN: Forced own RSNO2E for testing",
698 wpa_auth->conf.rsno2e_override,
699 wpa_auth->conf.rsno2e_override_len);
700 if (sizeof(buf) - (pos - buf) <
701 wpa_auth->conf.rsno2e_override_len)
702 return -1;
703 os_memcpy(pos, wpa_auth->conf.rsno2e_override,
704 wpa_auth->conf.rsno2e_override_len);
705 pos += wpa_auth->conf.rsno2e_override_len;
706 goto rsnxoe;
707 }
708 #endif /* CONFIG_TESTING_OPTIONS */
709 res = wpa_write_rsne_override_2(&wpa_auth->conf, pos,
710 buf + sizeof(buf) - pos);
711 if (res < 0)
712 return res;
713 pos += res;
714 }
715 #ifdef CONFIG_TESTING_OPTIONS
716 rsnxoe:
717 #endif /* CONFIG_TESTING_OPTIONS */
718 if ((wpa_auth->conf.wpa & WPA_PROTO_RSN) &&
719 (wpa_auth->conf.rsn_override_key_mgmt ||
720 wpa_auth->conf.rsn_override_key_mgmt_2)) {
721 #ifdef CONFIG_TESTING_OPTIONS
722 if (wpa_auth->conf.rsnxoe_override_set) {
723 wpa_hexdump(MSG_DEBUG,
724 "RSN: Forced own RSNXOE for testing",
725 wpa_auth->conf.rsnxoe_override,
726 wpa_auth->conf.rsnxoe_override_len);
727 if (sizeof(buf) - (pos - buf) <
728 wpa_auth->conf.rsnxoe_override_len)
729 return -1;
730 os_memcpy(pos, wpa_auth->conf.rsnxoe_override,
731 wpa_auth->conf.rsnxoe_override_len);
732 pos += wpa_auth->conf.rsnxoe_override_len;
733 goto done;
734 }
735 #endif /* CONFIG_TESTING_OPTIONS */
736 res = wpa_write_rsnxe_override(&wpa_auth->conf, pos,
737 buf + sizeof(buf) - pos);
738 if (res < 0)
739 return res;
740 pos += res;
741 }
742 #ifdef CONFIG_TESTING_OPTIONS
743 done:
744 #endif /* CONFIG_TESTING_OPTIONS */
745
746 wpa_hexdump(MSG_DEBUG, "RSN: Own IEs", buf, pos - buf);
747 os_free(wpa_auth->wpa_ie);
748 wpa_auth->wpa_ie = os_malloc(pos - buf);
749 if (wpa_auth->wpa_ie == NULL)
750 return -1;
751 os_memcpy(wpa_auth->wpa_ie, buf, pos - buf);
752 wpa_auth->wpa_ie_len = pos - buf;
753
754 return 0;
755 }
756
757
wpa_add_kde(u8 * pos,u32 kde,const u8 * data,size_t data_len,const u8 * data2,size_t data2_len)758 u8 * wpa_add_kde(u8 *pos, u32 kde, const u8 *data, size_t data_len,
759 const u8 *data2, size_t data2_len)
760 {
761 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
762 *pos++ = RSN_SELECTOR_LEN + data_len + data2_len;
763 RSN_SELECTOR_PUT(pos, kde);
764 pos += RSN_SELECTOR_LEN;
765 os_memcpy(pos, data, data_len);
766 pos += data_len;
767 if (data2) {
768 os_memcpy(pos, data2, data2_len);
769 pos += data2_len;
770 }
771 return pos;
772 }
773
774
775 struct wpa_auth_okc_iter_data {
776 struct rsn_pmksa_cache_entry *pmksa;
777 const u8 *aa;
778 const u8 *spa;
779 const u8 *pmkid;
780 };
781
782
wpa_auth_okc_iter(struct wpa_authenticator * a,void * ctx)783 static int wpa_auth_okc_iter(struct wpa_authenticator *a, void *ctx)
784 {
785 struct wpa_auth_okc_iter_data *data = ctx;
786 data->pmksa = pmksa_cache_get_okc(a->pmksa, data->aa, data->spa,
787 data->pmkid);
788 if (data->pmksa)
789 return 1;
790 return 0;
791 }
792
793
794 #ifdef CONFIG_IEEE80211BE
795
796 struct wpa_auth_link_iter_data {
797 struct wpa_authenticator *wpa_auth;
798 struct rsn_pmksa_cache_entry *pmksa;
799 const u8 *spa;
800 const u8 *pmkid;
801 };
802
wpa_auth_pmksa_iter(struct wpa_authenticator * a,void * ctx)803 static int wpa_auth_pmksa_iter(struct wpa_authenticator *a, void *ctx)
804 {
805 struct wpa_auth_link_iter_data *data = ctx;
806
807 if (a == data->wpa_auth ||
808 !ether_addr_equal(a->mld_addr, data->wpa_auth->mld_addr))
809 return 0;
810
811 data->pmksa = pmksa_cache_auth_get(a->pmksa, data->spa, data->pmkid);
812 if (data->pmksa)
813 return 1;
814 return 0;
815 }
816
817 #endif /* CONFIG_IEEE80211BE */
818
819
820 enum wpa_validate_result
wpa_validate_wpa_ie(struct wpa_authenticator * wpa_auth,struct wpa_state_machine * sm,int freq,const u8 * wpa_ie,size_t wpa_ie_len,const u8 * rsnxe,size_t rsnxe_len,const u8 * mdie,size_t mdie_len,const u8 * owe_dh,size_t owe_dh_len,struct wpa_state_machine * assoc_sm,bool is_ml)821 wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
822 struct wpa_state_machine *sm, int freq,
823 const u8 *wpa_ie, size_t wpa_ie_len,
824 const u8 *rsnxe, size_t rsnxe_len,
825 const u8 *mdie, size_t mdie_len,
826 const u8 *owe_dh, size_t owe_dh_len,
827 struct wpa_state_machine *assoc_sm, bool is_ml)
828 {
829 struct wpa_auth_config *conf = &wpa_auth->conf;
830 struct wpa_ie_data data;
831 int ciphers, key_mgmt, res, version;
832 u32 selector;
833 size_t i;
834 const u8 *pmkid = NULL;
835
836 if (wpa_auth == NULL || sm == NULL)
837 return WPA_NOT_ENABLED;
838
839 if (wpa_ie == NULL || wpa_ie_len < 1)
840 return WPA_INVALID_IE;
841
842 if (wpa_ie[0] == WLAN_EID_RSN)
843 version = WPA_PROTO_RSN;
844 else
845 version = WPA_PROTO_WPA;
846
847 if (!(wpa_auth->conf.wpa & version)) {
848 wpa_printf(MSG_DEBUG, "Invalid WPA proto (%d) from " MACSTR,
849 version, MAC2STR(sm->addr));
850 return WPA_INVALID_PROTO;
851 }
852
853 if (version == WPA_PROTO_RSN) {
854 res = wpa_parse_wpa_ie_rsn(wpa_ie, wpa_ie_len, &data);
855 if (!data.has_pairwise)
856 data.pairwise_cipher = wpa_default_rsn_cipher(freq);
857 if (!data.has_group)
858 data.group_cipher = wpa_default_rsn_cipher(freq);
859
860 if (wpa_key_mgmt_ft(data.key_mgmt) && !mdie &&
861 !wpa_key_mgmt_only_ft(data.key_mgmt)) {
862 /* Workaround for some HP and Epson printers that seem
863 * to incorrectly copy the FT-PSK + WPA-PSK AKMs from AP
864 * advertised RSNE to Association Request frame. */
865 wpa_printf(MSG_DEBUG,
866 "RSN: FT set in RSNE AKM but MDE is missing from "
867 MACSTR
868 " - ignore FT AKM(s) because there's also a non-FT AKM",
869 MAC2STR(sm->addr));
870 data.key_mgmt &= ~WPA_KEY_MGMT_FT;
871 }
872
873 selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
874 if (0) {
875 }
876 else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
877 selector = RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192;
878 else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B)
879 selector = RSN_AUTH_KEY_MGMT_802_1X_SUITE_B;
880 #ifdef CONFIG_FILS
881 #ifdef CONFIG_IEEE80211R_AP
882 else if (data.key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384)
883 selector = RSN_AUTH_KEY_MGMT_FT_FILS_SHA384;
884 else if (data.key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256)
885 selector = RSN_AUTH_KEY_MGMT_FT_FILS_SHA256;
886 #endif /* CONFIG_IEEE80211R_AP */
887 else if (data.key_mgmt & WPA_KEY_MGMT_FILS_SHA384)
888 selector = RSN_AUTH_KEY_MGMT_FILS_SHA384;
889 else if (data.key_mgmt & WPA_KEY_MGMT_FILS_SHA256)
890 selector = RSN_AUTH_KEY_MGMT_FILS_SHA256;
891 #endif /* CONFIG_FILS */
892 #ifdef CONFIG_IEEE80211R_AP
893 #ifdef CONFIG_SHA384
894 else if (data.key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384)
895 selector = RSN_AUTH_KEY_MGMT_FT_802_1X_SHA384;
896 #endif /* CONFIG_SHA384 */
897 else if (data.key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
898 selector = RSN_AUTH_KEY_MGMT_FT_802_1X;
899 else if (data.key_mgmt & WPA_KEY_MGMT_FT_PSK)
900 selector = RSN_AUTH_KEY_MGMT_FT_PSK;
901 #endif /* CONFIG_IEEE80211R_AP */
902 else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
903 selector = RSN_AUTH_KEY_MGMT_802_1X_SHA256;
904 else if (data.key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
905 selector = RSN_AUTH_KEY_MGMT_PSK_SHA256;
906 #ifdef CONFIG_SAE
907 else if (data.key_mgmt & WPA_KEY_MGMT_SAE)
908 selector = RSN_AUTH_KEY_MGMT_SAE;
909 else if (data.key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY)
910 selector = RSN_AUTH_KEY_MGMT_SAE_EXT_KEY;
911 else if (data.key_mgmt & WPA_KEY_MGMT_FT_SAE)
912 selector = RSN_AUTH_KEY_MGMT_FT_SAE;
913 else if (data.key_mgmt & WPA_KEY_MGMT_FT_SAE_EXT_KEY)
914 selector = RSN_AUTH_KEY_MGMT_FT_SAE_EXT_KEY;
915 #endif /* CONFIG_SAE */
916 else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
917 selector = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
918 else if (data.key_mgmt & WPA_KEY_MGMT_PSK)
919 selector = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X;
920 #ifdef CONFIG_OWE
921 else if (data.key_mgmt & WPA_KEY_MGMT_OWE)
922 selector = RSN_AUTH_KEY_MGMT_OWE;
923 #endif /* CONFIG_OWE */
924 #ifdef CONFIG_DPP
925 else if (data.key_mgmt & WPA_KEY_MGMT_DPP)
926 selector = RSN_AUTH_KEY_MGMT_DPP;
927 #endif /* CONFIG_DPP */
928 #ifdef CONFIG_SHA384
929 else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA384)
930 selector = RSN_AUTH_KEY_MGMT_802_1X_SHA384;
931 #endif /* CONFIG_SHA384 */
932 wpa_auth->dot11RSNAAuthenticationSuiteSelected = selector;
933
934 selector = wpa_cipher_to_suite(WPA_PROTO_RSN,
935 data.pairwise_cipher);
936 if (!selector)
937 selector = RSN_CIPHER_SUITE_CCMP;
938 wpa_auth->dot11RSNAPairwiseCipherSelected = selector;
939
940 selector = wpa_cipher_to_suite(WPA_PROTO_RSN,
941 data.group_cipher);
942 if (!selector)
943 selector = RSN_CIPHER_SUITE_CCMP;
944 wpa_auth->dot11RSNAGroupCipherSelected = selector;
945 } else {
946 res = wpa_parse_wpa_ie_wpa(wpa_ie, wpa_ie_len, &data);
947
948 selector = WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
949 if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X)
950 selector = WPA_AUTH_KEY_MGMT_UNSPEC_802_1X;
951 else if (data.key_mgmt & WPA_KEY_MGMT_PSK)
952 selector = WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X;
953 wpa_auth->dot11RSNAAuthenticationSuiteSelected = selector;
954
955 selector = wpa_cipher_to_suite(WPA_PROTO_WPA,
956 data.pairwise_cipher);
957 if (!selector)
958 selector = RSN_CIPHER_SUITE_TKIP;
959 wpa_auth->dot11RSNAPairwiseCipherSelected = selector;
960
961 selector = wpa_cipher_to_suite(WPA_PROTO_WPA,
962 data.group_cipher);
963 if (!selector)
964 selector = WPA_CIPHER_SUITE_TKIP;
965 wpa_auth->dot11RSNAGroupCipherSelected = selector;
966 }
967 if (res) {
968 wpa_printf(MSG_DEBUG, "Failed to parse WPA/RSN IE from "
969 MACSTR " (res=%d)", MAC2STR(sm->addr), res);
970 wpa_hexdump(MSG_DEBUG, "WPA/RSN IE", wpa_ie, wpa_ie_len);
971 return WPA_INVALID_IE;
972 }
973
974 if (data.group_cipher != wpa_auth->conf.wpa_group) {
975 wpa_printf(MSG_DEBUG, "Invalid WPA group cipher (0x%x) from "
976 MACSTR, data.group_cipher, MAC2STR(sm->addr));
977 return WPA_INVALID_GROUP;
978 }
979
980 if (sm->rsn_override_2)
981 key_mgmt = data.key_mgmt &
982 wpa_auth->conf.rsn_override_key_mgmt_2;
983 else if (sm->rsn_override)
984 key_mgmt = data.key_mgmt & wpa_auth->conf.rsn_override_key_mgmt;
985 else
986 key_mgmt = data.key_mgmt & wpa_auth->conf.wpa_key_mgmt;
987 if (!key_mgmt) {
988 wpa_printf(MSG_DEBUG, "Invalid WPA key mgmt (0x%x) from "
989 MACSTR, data.key_mgmt, MAC2STR(sm->addr));
990 return WPA_INVALID_AKMP;
991 }
992 if (0) {
993 }
994 else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
995 sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
996 else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B)
997 sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
998 #ifdef CONFIG_FILS
999 #ifdef CONFIG_IEEE80211R_AP
1000 else if (key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384)
1001 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1002 else if (data.key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256)
1003 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1004 #endif /* CONFIG_IEEE80211R_AP */
1005 else if (key_mgmt & WPA_KEY_MGMT_FILS_SHA384)
1006 sm->wpa_key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1007 else if (key_mgmt & WPA_KEY_MGMT_FILS_SHA256)
1008 sm->wpa_key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1009 #endif /* CONFIG_FILS */
1010 #ifdef CONFIG_IEEE80211R_AP
1011 #ifdef CONFIG_SHA384
1012 else if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384)
1013 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
1014 #endif /* CONFIG_SHA384 */
1015 else if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
1016 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1017 else if (key_mgmt & WPA_KEY_MGMT_FT_PSK)
1018 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_PSK;
1019 #endif /* CONFIG_IEEE80211R_AP */
1020 #ifdef CONFIG_SHA384
1021 else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA384)
1022 sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA384;
1023 #endif /* CONFIG_SHA384 */
1024 else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
1025 sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1026 else if (key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
1027 sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1028 #ifdef CONFIG_SAE
1029 else if (key_mgmt & WPA_KEY_MGMT_SAE)
1030 sm->wpa_key_mgmt = WPA_KEY_MGMT_SAE;
1031 else if (key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY)
1032 sm->wpa_key_mgmt = WPA_KEY_MGMT_SAE_EXT_KEY;
1033 else if (key_mgmt & WPA_KEY_MGMT_FT_SAE)
1034 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_SAE;
1035 else if (key_mgmt & WPA_KEY_MGMT_FT_SAE_EXT_KEY)
1036 sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_SAE_EXT_KEY;
1037 #endif /* CONFIG_SAE */
1038 else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X)
1039 sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1040 #ifdef CONFIG_OWE
1041 else if (key_mgmt & WPA_KEY_MGMT_OWE)
1042 sm->wpa_key_mgmt = WPA_KEY_MGMT_OWE;
1043 #endif /* CONFIG_OWE */
1044 #ifdef CONFIG_DPP
1045 else if (key_mgmt & WPA_KEY_MGMT_DPP)
1046 sm->wpa_key_mgmt = WPA_KEY_MGMT_DPP;
1047 #endif /* CONFIG_DPP */
1048 else
1049 sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK;
1050
1051 if (version == WPA_PROTO_RSN && sm->rsn_override_2)
1052 ciphers = data.pairwise_cipher &
1053 wpa_auth->conf.rsn_override_pairwise_2;
1054 else if (version == WPA_PROTO_RSN && sm->rsn_override)
1055 ciphers = data.pairwise_cipher &
1056 wpa_auth->conf.rsn_override_pairwise;
1057 else if (version == WPA_PROTO_RSN)
1058 ciphers = data.pairwise_cipher & wpa_auth->conf.rsn_pairwise;
1059 else
1060 ciphers = data.pairwise_cipher & wpa_auth->conf.wpa_pairwise;
1061 if (!ciphers) {
1062 wpa_printf(MSG_DEBUG, "Invalid %s pairwise cipher (0x%x) "
1063 "from " MACSTR,
1064 version == WPA_PROTO_RSN ? "RSN" : "WPA",
1065 data.pairwise_cipher, MAC2STR(sm->addr));
1066 return WPA_INVALID_PAIRWISE;
1067 }
1068
1069 if (wpa_auth->conf.ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
1070 if (!(data.capabilities & WPA_CAPABILITY_MFPC)) {
1071 wpa_printf(MSG_DEBUG, "Management frame protection "
1072 "required, but client did not enable it");
1073 return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
1074 }
1075
1076 if (data.mgmt_group_cipher != wpa_auth->conf.group_mgmt_cipher)
1077 {
1078 wpa_printf(MSG_DEBUG, "Unsupported management group "
1079 "cipher %d", data.mgmt_group_cipher);
1080 return WPA_INVALID_MGMT_GROUP_CIPHER;
1081 }
1082 }
1083
1084 #ifdef CONFIG_SAE
1085 if (wpa_auth->conf.ieee80211w == MGMT_FRAME_PROTECTION_OPTIONAL &&
1086 wpa_auth->conf.sae_require_mfp &&
1087 wpa_key_mgmt_sae(sm->wpa_key_mgmt) &&
1088 !(data.capabilities & WPA_CAPABILITY_MFPC)) {
1089 wpa_printf(MSG_DEBUG,
1090 "Management frame protection required with SAE, but client did not enable it");
1091 return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
1092 }
1093 #endif /* CONFIG_SAE */
1094
1095 #ifdef CONFIG_OCV
1096 if (wpa_auth->conf.ocv && (data.capabilities & WPA_CAPABILITY_OCVC) &&
1097 !(data.capabilities & WPA_CAPABILITY_MFPC)) {
1098 /* Some legacy MFP incapable STAs wrongly copy OCVC bit from
1099 * AP RSN capabilities. To improve interoperability with such
1100 * legacy STAs allow connection without enabling OCV when the
1101 * workaround mode (ocv=2) is enabled.
1102 */
1103 if (wpa_auth->conf.ocv == 2) {
1104 wpa_printf(MSG_DEBUG,
1105 "Allow connecting MFP incapable and OCV capable STA without enabling OCV");
1106 wpa_auth_set_ocv(sm, 0);
1107 } else {
1108 wpa_printf(MSG_DEBUG,
1109 "Management frame protection required with OCV, but client did not enable it");
1110 return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
1111 }
1112 } else {
1113 wpa_auth_set_ocv(sm, (data.capabilities & WPA_CAPABILITY_OCVC) ?
1114 wpa_auth->conf.ocv : 0);
1115 }
1116 #endif /* CONFIG_OCV */
1117
1118 if (!wpa_auth_pmf_enabled(conf) ||
1119 !(data.capabilities & WPA_CAPABILITY_MFPC))
1120 sm->mgmt_frame_prot = 0;
1121 else
1122 sm->mgmt_frame_prot = 1;
1123 sm->mfpr = !!(data.capabilities & WPA_CAPABILITY_MFPR);
1124
1125 if (sm->mgmt_frame_prot && (ciphers & WPA_CIPHER_TKIP)) {
1126 wpa_printf(MSG_DEBUG,
1127 "Management frame protection cannot use TKIP");
1128 return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
1129 }
1130
1131 if (wpa_auth->conf.spp_amsdu &&
1132 ieee802_11_rsnx_capab(rsnxe, WLAN_RSNX_CAPAB_SPP_A_MSDU) &&
1133 (ciphers & (WPA_CIPHER_CCMP_256 | WPA_CIPHER_CCMP |
1134 WPA_CIPHER_GCMP_256 | WPA_CIPHER_GCMP)))
1135 sm->spp_amsdu = 1;
1136 else
1137 sm->spp_amsdu = 0;
1138
1139 #ifdef CONFIG_IEEE80211R_AP
1140 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
1141 if (mdie == NULL || mdie_len < MOBILITY_DOMAIN_ID_LEN + 1) {
1142 wpa_printf(MSG_DEBUG, "RSN: Trying to use FT, but "
1143 "MDIE not included");
1144 return WPA_INVALID_MDIE;
1145 }
1146 if (os_memcmp(mdie, wpa_auth->conf.mobility_domain,
1147 MOBILITY_DOMAIN_ID_LEN) != 0) {
1148 wpa_hexdump(MSG_DEBUG, "RSN: Attempted to use unknown "
1149 "MDIE", mdie, MOBILITY_DOMAIN_ID_LEN);
1150 return WPA_INVALID_MDIE;
1151 }
1152 } else if (mdie != NULL) {
1153 wpa_printf(MSG_DEBUG,
1154 "RSN: Trying to use non-FT AKM suite, but MDIE included");
1155 return WPA_INVALID_AKMP;
1156 }
1157 #endif /* CONFIG_IEEE80211R_AP */
1158
1159 #ifdef CONFIG_OWE
1160 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_OWE && !owe_dh) {
1161 wpa_printf(MSG_DEBUG,
1162 "OWE: No Diffie-Hellman Parameter element");
1163 return WPA_INVALID_AKMP;
1164 }
1165 #endif /* CONFIG_OWE */
1166
1167 #ifdef CONFIG_DPP2
1168 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP &&
1169 ((conf->dpp_pfs == 1 && !owe_dh) ||
1170 (conf->dpp_pfs == 2 && owe_dh))) {
1171 wpa_printf(MSG_DEBUG, "DPP: PFS %s",
1172 conf->dpp_pfs == 1 ? "required" : "not allowed");
1173 return WPA_DENIED_OTHER_REASON;
1174 }
1175 #endif /* CONFIG_DPP2 */
1176
1177 sm->pairwise = wpa_pick_pairwise_cipher(ciphers, 0);
1178 if (sm->pairwise < 0)
1179 return WPA_INVALID_PAIRWISE;
1180
1181 /* TODO: clear WPA/WPA2 state if STA changes from one to another */
1182 if (wpa_ie[0] == WLAN_EID_RSN)
1183 sm->wpa = WPA_VERSION_WPA2;
1184 else
1185 sm->wpa = WPA_VERSION_WPA;
1186
1187 if (assoc_sm) {
1188 /* For ML association link STA cannot choose a different
1189 * AKM or pairwise cipher from association STA */
1190 if (sm->wpa_key_mgmt != assoc_sm->wpa_key_mgmt)
1191 return WPA_INVALID_AKMP;
1192 if (sm->pairwise != assoc_sm->pairwise)
1193 return WPA_INVALID_PAIRWISE;
1194 }
1195
1196 #if defined(CONFIG_IEEE80211R_AP) && defined(CONFIG_FILS)
1197 if ((sm->wpa_key_mgmt == WPA_KEY_MGMT_FT_FILS_SHA256 ||
1198 sm->wpa_key_mgmt == WPA_KEY_MGMT_FT_FILS_SHA384) &&
1199 (sm->auth_alg == WLAN_AUTH_FILS_SK ||
1200 sm->auth_alg == WLAN_AUTH_FILS_SK_PFS ||
1201 sm->auth_alg == WLAN_AUTH_FILS_PK) &&
1202 (data.num_pmkid != 1 || !data.pmkid || !sm->pmk_r1_name_valid ||
1203 os_memcmp_const(data.pmkid, sm->pmk_r1_name,
1204 WPA_PMK_NAME_LEN) != 0)) {
1205 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
1206 "No PMKR1Name match for FILS+FT");
1207 return WPA_INVALID_PMKID;
1208 }
1209 #endif /* CONFIG_IEEE80211R_AP && CONFIG_FILS */
1210
1211 sm->pmksa = NULL;
1212 for (i = 0; i < data.num_pmkid; i++) {
1213 struct rsn_pmksa_cache *pmksa = wpa_auth->pmksa;
1214
1215 wpa_hexdump(MSG_DEBUG, "RSN IE: STA PMKID",
1216 &data.pmkid[i * PMKID_LEN], PMKID_LEN);
1217 #ifdef CONFIG_IEEE80211BE
1218 if (is_ml)
1219 pmksa = wpa_auth->ml_pmksa;
1220 #endif /* CONFIG_IEEE80211BE */
1221 sm->pmksa = pmksa_cache_auth_get(pmksa, sm->addr,
1222 &data.pmkid[i * PMKID_LEN]);
1223 #ifdef CONFIG_IEEE80211BE
1224 if (!sm->pmksa && !is_ml && wpa_auth->is_ml)
1225 sm->pmksa = pmksa_cache_auth_get(
1226 wpa_auth->ml_pmksa, sm->addr,
1227 &data.pmkid[i * PMKID_LEN]);
1228 if (!sm->pmksa && is_ml) {
1229 struct wpa_auth_link_iter_data idata;
1230
1231 idata.wpa_auth = wpa_auth;
1232 idata.pmksa = NULL;
1233 idata.spa = sm->addr;
1234 idata.pmkid = &data.pmkid[i * PMKID_LEN];
1235 wpa_auth_for_each_auth(wpa_auth,
1236 wpa_auth_pmksa_iter,
1237 &idata);
1238 if (idata.pmksa)
1239 sm->pmksa = idata.pmksa;
1240 }
1241 #endif /* CONFIG_IEEE80211BE */
1242 if (!sm->pmksa && !is_zero_ether_addr(sm->p2p_dev_addr))
1243 sm->pmksa = pmksa_cache_auth_get(
1244 wpa_auth->pmksa, sm->p2p_dev_addr,
1245 &data.pmkid[i * PMKID_LEN]);
1246 if (sm->pmksa) {
1247 pmkid = sm->pmksa->pmkid;
1248 break;
1249 }
1250 }
1251 for (i = 0; sm->pmksa == NULL && wpa_auth->conf.okc &&
1252 i < data.num_pmkid; i++) {
1253 struct wpa_auth_okc_iter_data idata;
1254 idata.pmksa = NULL;
1255 idata.aa = wpa_auth->addr;
1256 idata.spa = sm->addr;
1257 idata.pmkid = &data.pmkid[i * PMKID_LEN];
1258 wpa_auth_for_each_auth(wpa_auth, wpa_auth_okc_iter, &idata);
1259 if (idata.pmksa) {
1260 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
1261 "OKC match for PMKID");
1262 sm->pmksa = pmksa_cache_add_okc(wpa_auth->pmksa,
1263 idata.pmksa,
1264 wpa_auth->addr,
1265 idata.pmkid);
1266 pmkid = idata.pmkid;
1267 break;
1268 }
1269 }
1270 if (sm->pmksa && pmkid) {
1271 struct vlan_description *vlan;
1272
1273 vlan = sm->pmksa->vlan_desc;
1274 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
1275 "PMKID found from PMKSA cache eap_type=%d vlan=%d%s",
1276 sm->pmksa->eap_type_authsrv,
1277 vlan ? vlan->untagged : 0,
1278 (vlan && vlan->tagged[0]) ? "+" : "");
1279 os_memcpy(wpa_auth->dot11RSNAPMKIDUsed, pmkid, PMKID_LEN);
1280 }
1281
1282 #ifdef CONFIG_SAE
1283 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_SAE ||
1284 sm->wpa_key_mgmt == WPA_KEY_MGMT_SAE_EXT_KEY) {
1285 u64 drv_flags = 0;
1286 u64 drv_flags2 = 0;
1287 bool ap_sae_offload = false;
1288
1289 if (wpa_auth->cb->get_drv_flags &&
1290 wpa_auth->cb->get_drv_flags(wpa_auth->cb_ctx, &drv_flags,
1291 &drv_flags2) == 0)
1292 ap_sae_offload =
1293 !!(drv_flags2 &
1294 WPA_DRIVER_FLAGS2_SAE_OFFLOAD_AP);
1295
1296 /* Authenticator needs to have a PMKSA corresponding to a
1297 * PMKID (if present) included by the STA in (Re)Association
1298 * Request frame if PMKSA caching is attempted to be used. In
1299 * case of SAE, this follows Open System authentication. IEEE
1300 * Std 802.11 mandates the AP to reject (re)association trying
1301 * to use PMKSA caching for SAE authentication. While the
1302 * PMKID (if any) in the RSNE in (Re)Association Request frame
1303 * following SAE authentication (i.e., in the case of no PMKSA
1304 * caching) is not really supposed to include an unknown PMKID,
1305 * the standard does not require the AP to reject association.
1306 * The PMKSA that was just derived using SAE authentication
1307 * can be used regardless of which PMKID(s) are indicated in the
1308 * (Re)Association Request frame. */
1309 if (!ap_sae_offload && data.num_pmkid && !sm->pmksa &&
1310 sm->auth_alg == WLAN_AUTH_OPEN) {
1311 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
1312 "No PMKSA cache entry found for SAE");
1313 return WPA_INVALID_PMKID;
1314 }
1315 }
1316 #endif /* CONFIG_SAE */
1317
1318 #ifdef CONFIG_DPP
1319 if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP && !sm->pmksa) {
1320 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
1321 "No PMKSA cache entry found for DPP");
1322 return WPA_INVALID_PMKID;
1323 }
1324 #endif /* CONFIG_DPP */
1325
1326 if (conf->extended_key_id && sm->wpa == WPA_VERSION_WPA2 &&
1327 sm->pairwise != WPA_CIPHER_TKIP &&
1328 (data.capabilities & WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST)) {
1329 sm->use_ext_key_id = true;
1330 if (conf->extended_key_id == 2 &&
1331 !wpa_key_mgmt_ft(sm->wpa_key_mgmt) &&
1332 !wpa_key_mgmt_fils(sm->wpa_key_mgmt))
1333 sm->keyidx_active = 1;
1334 else
1335 sm->keyidx_active = 0;
1336 wpa_printf(MSG_DEBUG,
1337 "RSN: Extended Key ID supported (start with %d)",
1338 sm->keyidx_active);
1339 } else {
1340 sm->use_ext_key_id = false;
1341 }
1342
1343 if (sm->wpa_ie == NULL || sm->wpa_ie_len < wpa_ie_len) {
1344 os_free(sm->wpa_ie);
1345 sm->wpa_ie = os_malloc(wpa_ie_len);
1346 if (sm->wpa_ie == NULL)
1347 return WPA_ALLOC_FAIL;
1348 }
1349 os_memcpy(sm->wpa_ie, wpa_ie, wpa_ie_len);
1350 sm->wpa_ie_len = wpa_ie_len;
1351
1352 if (rsnxe && rsnxe_len) {
1353 if (!sm->rsnxe || sm->rsnxe_len < rsnxe_len) {
1354 os_free(sm->rsnxe);
1355 sm->rsnxe = os_malloc(rsnxe_len);
1356 if (!sm->rsnxe)
1357 return WPA_ALLOC_FAIL;
1358 }
1359 os_memcpy(sm->rsnxe, rsnxe, rsnxe_len);
1360 sm->rsnxe_len = rsnxe_len;
1361 } else {
1362 os_free(sm->rsnxe);
1363 sm->rsnxe = NULL;
1364 sm->rsnxe_len = 0;
1365 }
1366
1367 return WPA_IE_OK;
1368 }
1369
1370
wpa_auth_uses_mfp(struct wpa_state_machine * sm)1371 int wpa_auth_uses_mfp(struct wpa_state_machine *sm)
1372 {
1373 return sm ? sm->mgmt_frame_prot : 0;
1374 }
1375
1376
wpa_auth_uses_spp_amsdu(struct wpa_state_machine * sm)1377 int wpa_auth_uses_spp_amsdu(struct wpa_state_machine *sm)
1378 {
1379 return sm ? sm->spp_amsdu : 0;
1380 }
1381
1382 #ifdef CONFIG_OCV
1383
wpa_auth_set_ocv(struct wpa_state_machine * sm,int ocv)1384 void wpa_auth_set_ocv(struct wpa_state_machine *sm, int ocv)
1385 {
1386 if (sm)
1387 sm->ocv_enabled = ocv;
1388 }
1389
1390
wpa_auth_uses_ocv(struct wpa_state_machine * sm)1391 int wpa_auth_uses_ocv(struct wpa_state_machine *sm)
1392 {
1393 return sm ? sm->ocv_enabled : 0;
1394 }
1395
1396 #endif /* CONFIG_OCV */
1397
1398
1399 #ifdef CONFIG_OWE
wpa_auth_write_assoc_resp_owe(struct wpa_state_machine * sm,u8 * pos,size_t max_len,const u8 * req_ies,size_t req_ies_len)1400 u8 * wpa_auth_write_assoc_resp_owe(struct wpa_state_machine *sm,
1401 u8 *pos, size_t max_len,
1402 const u8 *req_ies, size_t req_ies_len)
1403 {
1404 int res;
1405 struct wpa_auth_config *conf;
1406
1407 if (!sm)
1408 return pos;
1409 conf = &sm->wpa_auth->conf;
1410
1411 #ifdef CONFIG_TESTING_OPTIONS
1412 if (conf->own_ie_override_len) {
1413 if (max_len < conf->own_ie_override_len)
1414 return NULL;
1415 wpa_hexdump(MSG_DEBUG, "WPA: Forced own IE(s) for testing",
1416 conf->own_ie_override, conf->own_ie_override_len);
1417 os_memcpy(pos, conf->own_ie_override,
1418 conf->own_ie_override_len);
1419 return pos + conf->own_ie_override_len;
1420 }
1421 #endif /* CONFIG_TESTING_OPTIONS */
1422
1423 res = wpa_write_rsn_ie(conf, pos, max_len,
1424 sm->pmksa ? sm->pmksa->pmkid : NULL);
1425 if (res < 0)
1426 return pos;
1427 return pos + res;
1428 }
1429 #endif /* CONFIG_OWE */
1430
1431
1432 #ifdef CONFIG_FILS
1433
wpa_auth_write_assoc_resp_fils(struct wpa_state_machine * sm,u8 * pos,size_t max_len,const u8 * req_ies,size_t req_ies_len)1434 u8 * wpa_auth_write_assoc_resp_fils(struct wpa_state_machine *sm,
1435 u8 *pos, size_t max_len,
1436 const u8 *req_ies, size_t req_ies_len)
1437 {
1438 int res;
1439
1440 if (!sm ||
1441 sm->wpa_key_mgmt & (WPA_KEY_MGMT_FT_FILS_SHA256 |
1442 WPA_KEY_MGMT_FT_FILS_SHA384))
1443 return pos;
1444
1445 res = wpa_write_rsn_ie(&sm->wpa_auth->conf, pos, max_len, NULL);
1446 if (res < 0)
1447 return pos;
1448 return pos + res;
1449 }
1450
1451
wpa_auth_write_fd_rsn_info(struct wpa_authenticator * wpa_auth,u8 * fd_rsn_info)1452 bool wpa_auth_write_fd_rsn_info(struct wpa_authenticator *wpa_auth,
1453 u8 *fd_rsn_info)
1454 {
1455 struct wpa_auth_config *conf;
1456 u32 selectors = 0;
1457 u8 *pos = fd_rsn_info;
1458 int i, res;
1459 u32 cipher, suite, selector, mask;
1460 u8 tmp[10 * RSN_SELECTOR_LEN];
1461
1462 if (!wpa_auth)
1463 return false;
1464 conf = &wpa_auth->conf;
1465
1466 if (!(conf->wpa & WPA_PROTO_RSN))
1467 return false;
1468
1469 /* RSN Capability (B0..B15) */
1470 WPA_PUT_LE16(pos, wpa_own_rsn_capab(conf, conf->ieee80211w));
1471 pos += 2;
1472
1473 /* Group Data Cipher Suite Selector (B16..B21) */
1474 suite = wpa_cipher_to_suite(WPA_PROTO_RSN, conf->wpa_group);
1475 if (suite == RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED)
1476 cipher = 63; /* No cipher suite selected */
1477 else if ((suite >> 8) == 0x000fac && ((suite & 0xff) <= 13))
1478 cipher = suite & 0xff;
1479 else
1480 cipher = 62; /* vendor specific */
1481 selectors |= cipher;
1482
1483 /* Group Management Cipher Suite Selector (B22..B27) */
1484 cipher = 63; /* Default to no cipher suite selected */
1485 if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1486 switch (conf->group_mgmt_cipher) {
1487 case WPA_CIPHER_AES_128_CMAC:
1488 cipher = RSN_CIPHER_SUITE_AES_128_CMAC & 0xff;
1489 break;
1490 case WPA_CIPHER_BIP_GMAC_128:
1491 cipher = RSN_CIPHER_SUITE_BIP_GMAC_128 & 0xff;
1492 break;
1493 case WPA_CIPHER_BIP_GMAC_256:
1494 cipher = RSN_CIPHER_SUITE_BIP_GMAC_256 & 0xff;
1495 break;
1496 case WPA_CIPHER_BIP_CMAC_256:
1497 cipher = RSN_CIPHER_SUITE_BIP_CMAC_256 & 0xff;
1498 break;
1499 }
1500 }
1501 selectors |= cipher << 6;
1502
1503 /* Pairwise Cipher Suite Selector (B28..B33) */
1504 cipher = 63; /* Default to no cipher suite selected */
1505 res = rsn_cipher_put_suites(tmp, conf->rsn_pairwise);
1506 if (res == 1 && tmp[0] == 0x00 && tmp[1] == 0x0f && tmp[2] == 0xac &&
1507 tmp[3] <= 13)
1508 cipher = tmp[3];
1509 selectors |= cipher << 12;
1510
1511 /* AKM Suite Selector (B34..B39) */
1512 selector = 0; /* default to AKM from RSNE in Beacon/Probe Response */
1513 mask = WPA_KEY_MGMT_FILS_SHA256 | WPA_KEY_MGMT_FILS_SHA384 |
1514 WPA_KEY_MGMT_FT_FILS_SHA384;
1515 if ((conf->wpa_key_mgmt & mask) && (conf->wpa_key_mgmt & ~mask) == 0) {
1516 suite = conf->wpa_key_mgmt & mask;
1517 if (suite == WPA_KEY_MGMT_FILS_SHA256)
1518 selector = 1; /* 00-0f-ac:14 */
1519 else if (suite == WPA_KEY_MGMT_FILS_SHA384)
1520 selector = 2; /* 00-0f-ac:15 */
1521 else if (suite == (WPA_KEY_MGMT_FILS_SHA256 |
1522 WPA_KEY_MGMT_FILS_SHA384))
1523 selector = 3; /* 00-0f-ac:14 or 00-0f-ac:15 */
1524 else if (suite == WPA_KEY_MGMT_FT_FILS_SHA384)
1525 selector = 4; /* 00-0f-ac:17 */
1526 }
1527 selectors |= selector << 18;
1528
1529 for (i = 0; i < 3; i++) {
1530 *pos++ = selectors & 0xff;
1531 selectors >>= 8;
1532 }
1533
1534 return true;
1535 }
1536
1537 #endif /* CONFIG_FILS */
1538