LCOV - code coverage report
Current view: top level - src/wps - wps_common.c (source / functions) Hit Total Coverage
Test: wpa_supplicant/hostapd combined for hwsim test run 1422976643 Lines: 391 471 83.0 %
Date: 2015-02-03 Functions: 33 33 100.0 %

          Line data    Source code
       1             : /*
       2             :  * Wi-Fi Protected Setup - common functionality
       3             :  * Copyright (c) 2008-2012, Jouni Malinen <j@w1.fi>
       4             :  *
       5             :  * This software may be distributed under the terms of the BSD license.
       6             :  * See README for more details.
       7             :  */
       8             : 
       9             : #include "includes.h"
      10             : 
      11             : #include "common.h"
      12             : #include "common/defs.h"
      13             : #include "common/ieee802_11_common.h"
      14             : #include "crypto/aes_wrap.h"
      15             : #include "crypto/crypto.h"
      16             : #include "crypto/dh_group5.h"
      17             : #include "crypto/sha1.h"
      18             : #include "crypto/sha256.h"
      19             : #include "crypto/random.h"
      20             : #include "wps_i.h"
      21             : #include "wps_dev_attr.h"
      22             : 
      23             : 
      24         521 : void wps_kdf(const u8 *key, const u8 *label_prefix, size_t label_prefix_len,
      25             :              const char *label, u8 *res, size_t res_len)
      26             : {
      27             :         u8 i_buf[4], key_bits[4];
      28             :         const u8 *addr[4];
      29             :         size_t len[4];
      30             :         int i, iter;
      31             :         u8 hash[SHA256_MAC_LEN], *opos;
      32             :         size_t left;
      33             : 
      34         521 :         WPA_PUT_BE32(key_bits, res_len * 8);
      35             : 
      36         521 :         addr[0] = i_buf;
      37         521 :         len[0] = sizeof(i_buf);
      38         521 :         addr[1] = label_prefix;
      39         521 :         len[1] = label_prefix_len;
      40         521 :         addr[2] = (const u8 *) label;
      41         521 :         len[2] = os_strlen(label);
      42         521 :         addr[3] = key_bits;
      43         521 :         len[3] = sizeof(key_bits);
      44             : 
      45         521 :         iter = (res_len + SHA256_MAC_LEN - 1) / SHA256_MAC_LEN;
      46         521 :         opos = res;
      47         521 :         left = res_len;
      48             : 
      49        2084 :         for (i = 1; i <= iter; i++) {
      50        1563 :                 WPA_PUT_BE32(i_buf, i);
      51        1563 :                 hmac_sha256_vector(key, SHA256_MAC_LEN, 4, addr, len, hash);
      52        1563 :                 if (i < iter) {
      53        1042 :                         os_memcpy(opos, hash, SHA256_MAC_LEN);
      54        1042 :                         opos += SHA256_MAC_LEN;
      55        1042 :                         left -= SHA256_MAC_LEN;
      56             :                 } else
      57         521 :                         os_memcpy(opos, hash, left);
      58             :         }
      59         521 : }
      60             : 
      61             : 
      62         521 : int wps_derive_keys(struct wps_data *wps)
      63             : {
      64             :         struct wpabuf *pubkey, *dh_shared;
      65             :         u8 dhkey[SHA256_MAC_LEN], kdk[SHA256_MAC_LEN];
      66             :         const u8 *addr[3];
      67             :         size_t len[3];
      68             :         u8 keys[WPS_AUTHKEY_LEN + WPS_KEYWRAPKEY_LEN + WPS_EMSK_LEN];
      69             : 
      70         521 :         if (wps->dh_privkey == NULL) {
      71           0 :                 wpa_printf(MSG_DEBUG, "WPS: Own DH private key not available");
      72           0 :                 return -1;
      73             :         }
      74             : 
      75         521 :         pubkey = wps->registrar ? wps->dh_pubkey_e : wps->dh_pubkey_r;
      76         521 :         if (pubkey == NULL) {
      77           0 :                 wpa_printf(MSG_DEBUG, "WPS: Peer DH public key not available");
      78           0 :                 return -1;
      79             :         }
      80             : 
      81         521 :         wpa_hexdump_buf_key(MSG_DEBUG, "WPS: DH Private Key", wps->dh_privkey);
      82         521 :         wpa_hexdump_buf(MSG_DEBUG, "WPS: DH peer Public Key", pubkey);
      83         521 :         dh_shared = dh5_derive_shared(wps->dh_ctx, pubkey, wps->dh_privkey);
      84         521 :         dh5_free(wps->dh_ctx);
      85         521 :         wps->dh_ctx = NULL;
      86         521 :         dh_shared = wpabuf_zeropad(dh_shared, 192);
      87         521 :         if (dh_shared == NULL) {
      88           0 :                 wpa_printf(MSG_DEBUG, "WPS: Failed to derive DH shared key");
      89           0 :                 return -1;
      90             :         }
      91             : 
      92             :         /* Own DH private key is not needed anymore */
      93         521 :         wpabuf_free(wps->dh_privkey);
      94         521 :         wps->dh_privkey = NULL;
      95             : 
      96         521 :         wpa_hexdump_buf_key(MSG_DEBUG, "WPS: DH shared key", dh_shared);
      97             : 
      98             :         /* DHKey = SHA-256(g^AB mod p) */
      99         521 :         addr[0] = wpabuf_head(dh_shared);
     100         521 :         len[0] = wpabuf_len(dh_shared);
     101         521 :         sha256_vector(1, addr, len, dhkey);
     102         521 :         wpa_hexdump_key(MSG_DEBUG, "WPS: DHKey", dhkey, sizeof(dhkey));
     103         521 :         wpabuf_free(dh_shared);
     104             : 
     105             :         /* KDK = HMAC-SHA-256_DHKey(N1 || EnrolleeMAC || N2) */
     106         521 :         addr[0] = wps->nonce_e;
     107         521 :         len[0] = WPS_NONCE_LEN;
     108         521 :         addr[1] = wps->mac_addr_e;
     109         521 :         len[1] = ETH_ALEN;
     110         521 :         addr[2] = wps->nonce_r;
     111         521 :         len[2] = WPS_NONCE_LEN;
     112         521 :         hmac_sha256_vector(dhkey, sizeof(dhkey), 3, addr, len, kdk);
     113         521 :         wpa_hexdump_key(MSG_DEBUG, "WPS: KDK", kdk, sizeof(kdk));
     114             : 
     115         521 :         wps_kdf(kdk, NULL, 0, "Wi-Fi Easy and Secure Key Derivation",
     116             :                 keys, sizeof(keys));
     117         521 :         os_memcpy(wps->authkey, keys, WPS_AUTHKEY_LEN);
     118         521 :         os_memcpy(wps->keywrapkey, keys + WPS_AUTHKEY_LEN, WPS_KEYWRAPKEY_LEN);
     119         521 :         os_memcpy(wps->emsk, keys + WPS_AUTHKEY_LEN + WPS_KEYWRAPKEY_LEN,
     120             :                   WPS_EMSK_LEN);
     121             : 
     122         521 :         wpa_hexdump_key(MSG_DEBUG, "WPS: AuthKey",
     123         521 :                         wps->authkey, WPS_AUTHKEY_LEN);
     124         521 :         wpa_hexdump_key(MSG_DEBUG, "WPS: KeyWrapKey",
     125         521 :                         wps->keywrapkey, WPS_KEYWRAPKEY_LEN);
     126         521 :         wpa_hexdump_key(MSG_DEBUG, "WPS: EMSK", wps->emsk, WPS_EMSK_LEN);
     127             : 
     128         521 :         return 0;
     129             : }
     130             : 
     131             : 
     132         486 : void wps_derive_psk(struct wps_data *wps, const u8 *dev_passwd,
     133             :                     size_t dev_passwd_len)
     134             : {
     135             :         u8 hash[SHA256_MAC_LEN];
     136             : 
     137         486 :         hmac_sha256(wps->authkey, WPS_AUTHKEY_LEN, dev_passwd,
     138         486 :                     (dev_passwd_len + 1) / 2, hash);
     139         486 :         os_memcpy(wps->psk1, hash, WPS_PSK_LEN);
     140         972 :         hmac_sha256(wps->authkey, WPS_AUTHKEY_LEN,
     141         486 :                     dev_passwd + (dev_passwd_len + 1) / 2,
     142             :                     dev_passwd_len / 2, hash);
     143         486 :         os_memcpy(wps->psk2, hash, WPS_PSK_LEN);
     144             : 
     145         486 :         wpa_hexdump_ascii_key(MSG_DEBUG, "WPS: Device Password",
     146             :                               dev_passwd, dev_passwd_len);
     147         486 :         wpa_hexdump_key(MSG_DEBUG, "WPS: PSK1", wps->psk1, WPS_PSK_LEN);
     148         486 :         wpa_hexdump_key(MSG_DEBUG, "WPS: PSK2", wps->psk2, WPS_PSK_LEN);
     149         486 : }
     150             : 
     151             : 
     152        1160 : struct wpabuf * wps_decrypt_encr_settings(struct wps_data *wps, const u8 *encr,
     153             :                                           size_t encr_len)
     154             : {
     155             :         struct wpabuf *decrypted;
     156        1160 :         const size_t block_size = 16;
     157             :         size_t i;
     158             :         u8 pad;
     159             :         const u8 *pos;
     160             : 
     161             :         /* AES-128-CBC */
     162        1160 :         if (encr == NULL || encr_len < 2 * block_size || encr_len % block_size)
     163             :         {
     164           0 :                 wpa_printf(MSG_DEBUG, "WPS: No Encrypted Settings received");
     165           0 :                 return NULL;
     166             :         }
     167             : 
     168        1160 :         decrypted = wpabuf_alloc(encr_len - block_size);
     169        1160 :         if (decrypted == NULL)
     170           0 :                 return NULL;
     171             : 
     172        1160 :         wpa_hexdump(MSG_MSGDUMP, "WPS: Encrypted Settings", encr, encr_len);
     173        1160 :         wpabuf_put_data(decrypted, encr + block_size, encr_len - block_size);
     174        1160 :         if (aes_128_cbc_decrypt(wps->keywrapkey, encr, wpabuf_mhead(decrypted),
     175             :                                 wpabuf_len(decrypted))) {
     176           0 :                 wpabuf_free(decrypted);
     177           0 :                 return NULL;
     178             :         }
     179             : 
     180        1160 :         wpa_hexdump_buf_key(MSG_MSGDUMP, "WPS: Decrypted Encrypted Settings",
     181             :                             decrypted);
     182             : 
     183        1160 :         pos = wpabuf_head_u8(decrypted) + wpabuf_len(decrypted) - 1;
     184        1160 :         pad = *pos;
     185        1160 :         if (pad > wpabuf_len(decrypted)) {
     186           0 :                 wpa_printf(MSG_DEBUG, "WPS: Invalid PKCS#5 v2.0 pad value");
     187           0 :                 wpabuf_free(decrypted);
     188           0 :                 return NULL;
     189             :         }
     190       17225 :         for (i = 0; i < pad; i++) {
     191       16065 :                 if (*pos-- != pad) {
     192           0 :                         wpa_printf(MSG_DEBUG, "WPS: Invalid PKCS#5 v2.0 pad "
     193             :                                    "string");
     194           0 :                         wpabuf_free(decrypted);
     195           0 :                         return NULL;
     196             :                 }
     197             :         }
     198        1160 :         decrypted->used -= pad;
     199             : 
     200        1160 :         return decrypted;
     201             : }
     202             : 
     203             : 
     204             : /**
     205             :  * wps_pin_checksum - Compute PIN checksum
     206             :  * @pin: Seven digit PIN (i.e., eight digit PIN without the checksum digit)
     207             :  * Returns: Checksum digit
     208             :  */
     209         219 : unsigned int wps_pin_checksum(unsigned int pin)
     210             : {
     211         219 :         unsigned int accum = 0;
     212        1297 :         while (pin) {
     213         859 :                 accum += 3 * (pin % 10);
     214         859 :                 pin /= 10;
     215         859 :                 accum += pin % 10;
     216         859 :                 pin /= 10;
     217             :         }
     218             : 
     219         219 :         return (10 - accum % 10) % 10;
     220             : }
     221             : 
     222             : 
     223             : /**
     224             :  * wps_pin_valid - Check whether a PIN has a valid checksum
     225             :  * @pin: Eight digit PIN (i.e., including the checksum digit)
     226             :  * Returns: 1 if checksum digit is valid, or 0 if not
     227             :  */
     228          20 : unsigned int wps_pin_valid(unsigned int pin)
     229             : {
     230          20 :         return wps_pin_checksum(pin / 10) == (pin % 10);
     231             : }
     232             : 
     233             : 
     234             : /**
     235             :  * wps_generate_pin - Generate a random PIN
     236             :  * Returns: Eight digit PIN (i.e., including the checksum digit)
     237             :  */
     238         199 : unsigned int wps_generate_pin(void)
     239             : {
     240             :         unsigned int val;
     241             : 
     242             :         /* Generate seven random digits for the PIN */
     243         199 :         if (random_get_bytes((unsigned char *) &val, sizeof(val)) < 0) {
     244             :                 struct os_time now;
     245           0 :                 os_get_time(&now);
     246           0 :                 val = os_random() ^ now.sec ^ now.usec;
     247             :         }
     248         199 :         val %= 10000000;
     249             : 
     250             :         /* Append checksum digit */
     251         199 :         return val * 10 + wps_pin_checksum(val);
     252             : }
     253             : 
     254             : 
     255         208 : int wps_pin_str_valid(const char *pin)
     256             : {
     257             :         const char *p;
     258             :         size_t len;
     259             : 
     260         208 :         p = pin;
     261        2079 :         while (*p >= '0' && *p <= '9')
     262        1663 :                 p++;
     263         208 :         if (*p != '\0')
     264           0 :                 return 0;
     265             : 
     266         208 :         len = p - pin;
     267         208 :         return len == 4 || len == 8;
     268             : }
     269             : 
     270             : 
     271          85 : void wps_fail_event(struct wps_context *wps, enum wps_msg_type msg,
     272             :                     u16 config_error, u16 error_indication, const u8 *mac_addr)
     273             : {
     274             :         union wps_event_data data;
     275             : 
     276          85 :         if (wps->event_cb == NULL)
     277          85 :                 return;
     278             : 
     279          85 :         os_memset(&data, 0, sizeof(data));
     280          85 :         data.fail.msg = msg;
     281          85 :         data.fail.config_error = config_error;
     282          85 :         data.fail.error_indication = error_indication;
     283          85 :         os_memcpy(data.fail.peer_macaddr, mac_addr, ETH_ALEN);
     284          85 :         wps->event_cb(wps->cb_ctx, WPS_EV_FAIL, &data);
     285             : }
     286             : 
     287             : 
     288         437 : void wps_success_event(struct wps_context *wps, const u8 *mac_addr)
     289             : {
     290             :         union wps_event_data data;
     291             : 
     292         437 :         if (wps->event_cb == NULL)
     293         437 :                 return;
     294             : 
     295         437 :         os_memset(&data, 0, sizeof(data));
     296         437 :         os_memcpy(data.success.peer_macaddr, mac_addr, ETH_ALEN);
     297         437 :         wps->event_cb(wps->cb_ctx, WPS_EV_SUCCESS, &data);
     298             : }
     299             : 
     300             : 
     301          14 : void wps_pwd_auth_fail_event(struct wps_context *wps, int enrollee, int part,
     302             :                              const u8 *mac_addr)
     303             : {
     304             :         union wps_event_data data;
     305             : 
     306          14 :         if (wps->event_cb == NULL)
     307          14 :                 return;
     308             : 
     309          14 :         os_memset(&data, 0, sizeof(data));
     310          14 :         data.pwd_auth_fail.enrollee = enrollee;
     311          14 :         data.pwd_auth_fail.part = part;
     312          14 :         os_memcpy(data.pwd_auth_fail.peer_macaddr, mac_addr, ETH_ALEN);
     313          14 :         wps->event_cb(wps->cb_ctx, WPS_EV_PWD_AUTH_FAIL, &data);
     314             : }
     315             : 
     316             : 
     317          13 : void wps_pbc_overlap_event(struct wps_context *wps)
     318             : {
     319          13 :         if (wps->event_cb == NULL)
     320          13 :                 return;
     321             : 
     322          13 :         wps->event_cb(wps->cb_ctx, WPS_EV_PBC_OVERLAP, NULL);
     323             : }
     324             : 
     325             : 
     326           4 : void wps_pbc_timeout_event(struct wps_context *wps)
     327             : {
     328           4 :         if (wps->event_cb == NULL)
     329           4 :                 return;
     330             : 
     331           4 :         wps->event_cb(wps->cb_ctx, WPS_EV_PBC_TIMEOUT, NULL);
     332             : }
     333             : 
     334             : 
     335          61 : void wps_pbc_active_event(struct wps_context *wps)
     336             : {
     337          61 :         if (wps->event_cb == NULL)
     338          61 :                 return;
     339             : 
     340          61 :         wps->event_cb(wps->cb_ctx, WPS_EV_PBC_ACTIVE, NULL);
     341             : }
     342             : 
     343             : 
     344          48 : void wps_pbc_disable_event(struct wps_context *wps)
     345             : {
     346          48 :         if (wps->event_cb == NULL)
     347          48 :                 return;
     348             : 
     349          48 :         wps->event_cb(wps->cb_ctx, WPS_EV_PBC_DISABLE, NULL);
     350             : }
     351             : 
     352             : 
     353             : #ifdef CONFIG_WPS_OOB
     354             : 
     355           3 : struct wpabuf * wps_get_oob_cred(struct wps_context *wps, int rf_band,
     356             :                                  int channel)
     357             : {
     358             :         struct wps_data data;
     359             :         struct wpabuf *plain;
     360             : 
     361           3 :         plain = wpabuf_alloc(500);
     362           3 :         if (plain == NULL) {
     363           0 :                 wpa_printf(MSG_ERROR, "WPS: Failed to allocate memory for OOB "
     364             :                            "credential");
     365           0 :                 return NULL;
     366             :         }
     367             : 
     368           3 :         os_memset(&data, 0, sizeof(data));
     369           3 :         data.wps = wps;
     370           3 :         data.auth_type = wps->auth_types;
     371           3 :         data.encr_type = wps->encr_types;
     372           3 :         if (wps_build_cred(&data, plain) ||
     373           3 :             (rf_band && wps_build_rf_bands_attr(plain, rf_band)) ||
     374           6 :             (channel && wps_build_ap_channel(plain, channel)) ||
     375           6 :             wps_build_mac_addr(plain, wps->dev.mac_addr) ||
     376           3 :             wps_build_wfa_ext(plain, 0, NULL, 0)) {
     377           0 :                 os_free(data.new_psk);
     378           0 :                 wpabuf_free(plain);
     379           0 :                 return NULL;
     380             :         }
     381             : 
     382           4 :         if (wps->wps_state == WPS_STATE_NOT_CONFIGURED && data.new_psk &&
     383           1 :             wps->ap) {
     384             :                 struct wps_credential cred;
     385             : 
     386           1 :                 wpa_printf(MSG_DEBUG, "WPS: Moving to Configured state based "
     387             :                            "on credential token generation");
     388             : 
     389           1 :                 os_memset(&cred, 0, sizeof(cred));
     390           1 :                 os_memcpy(cred.ssid, wps->ssid, wps->ssid_len);
     391           1 :                 cred.ssid_len = wps->ssid_len;
     392           1 :                 cred.auth_type = WPS_AUTH_WPAPSK | WPS_AUTH_WPA2PSK;
     393           1 :                 cred.encr_type = WPS_ENCR_TKIP | WPS_ENCR_AES;
     394           1 :                 os_memcpy(cred.key, data.new_psk, data.new_psk_len);
     395           1 :                 cred.key_len = data.new_psk_len;
     396             : 
     397           1 :                 wps->wps_state = WPS_STATE_CONFIGURED;
     398           2 :                 wpa_hexdump_ascii_key(MSG_DEBUG,
     399             :                                       "WPS: Generated random passphrase",
     400           1 :                                       data.new_psk, data.new_psk_len);
     401           1 :                 if (wps->cred_cb)
     402           1 :                         wps->cred_cb(wps->cb_ctx, &cred);
     403             :         }
     404             : 
     405           3 :         os_free(data.new_psk);
     406             : 
     407           3 :         return plain;
     408             : }
     409             : 
     410             : 
     411          16 : struct wpabuf * wps_build_nfc_pw_token(u16 dev_pw_id,
     412             :                                        const struct wpabuf *pubkey,
     413             :                                        const struct wpabuf *dev_pw)
     414             : {
     415             :         struct wpabuf *data;
     416             : 
     417          16 :         data = wpabuf_alloc(200);
     418          16 :         if (data == NULL)
     419           0 :                 return NULL;
     420             : 
     421          32 :         if (wps_build_oob_dev_pw(data, dev_pw_id, pubkey,
     422          32 :                                  wpabuf_head(dev_pw), wpabuf_len(dev_pw)) ||
     423          16 :             wps_build_wfa_ext(data, 0, NULL, 0)) {
     424           0 :                 wpa_printf(MSG_ERROR, "WPS: Failed to build NFC password "
     425             :                            "token");
     426           0 :                 wpabuf_free(data);
     427           0 :                 return NULL;
     428             :         }
     429             : 
     430          16 :         return data;
     431             : }
     432             : 
     433             : 
     434           8 : int wps_oob_use_cred(struct wps_context *wps, struct wps_parse_attr *attr)
     435             : {
     436             :         struct wpabuf msg;
     437             :         size_t i;
     438             : 
     439          12 :         for (i = 0; i < attr->num_cred; i++) {
     440             :                 struct wps_credential local_cred;
     441             :                 struct wps_parse_attr cattr;
     442             : 
     443           8 :                 os_memset(&local_cred, 0, sizeof(local_cred));
     444           8 :                 wpabuf_set(&msg, attr->cred[i], attr->cred_len[i]);
     445          14 :                 if (wps_parse_msg(&msg, &cattr) < 0 ||
     446           6 :                     wps_process_cred(&cattr, &local_cred)) {
     447           4 :                         wpa_printf(MSG_ERROR, "WPS: Failed to parse OOB "
     448             :                                    "credential");
     449           4 :                         return -1;
     450             :                 }
     451           4 :                 wps->cred_cb(wps->cb_ctx, &local_cred);
     452             :         }
     453             : 
     454           4 :         return 0;
     455             : }
     456             : 
     457             : 
     458             : #endif /* CONFIG_WPS_OOB */
     459             : 
     460             : 
     461          26 : int wps_dev_type_str2bin(const char *str, u8 dev_type[WPS_DEV_TYPE_LEN])
     462             : {
     463             :         const char *pos;
     464             : 
     465             :         /* <categ>-<OUI>-<subcateg> */
     466          26 :         WPA_PUT_BE16(dev_type, atoi(str));
     467          26 :         pos = os_strchr(str, '-');
     468          26 :         if (pos == NULL)
     469           2 :                 return -1;
     470          24 :         pos++;
     471          24 :         if (hexstr2bin(pos, &dev_type[2], 4))
     472           0 :                 return -1;
     473          24 :         pos = os_strchr(pos, '-');
     474          24 :         if (pos == NULL)
     475           0 :                 return -1;
     476          24 :         pos++;
     477          24 :         WPA_PUT_BE16(&dev_type[6], atoi(pos));
     478             : 
     479             : 
     480          24 :         return 0;
     481             : }
     482             : 
     483             : 
     484        9096 : char * wps_dev_type_bin2str(const u8 dev_type[WPS_DEV_TYPE_LEN], char *buf,
     485             :                             size_t buf_len)
     486             : {
     487             :         int ret;
     488             : 
     489       18192 :         ret = os_snprintf(buf, buf_len, "%u-%08X-%u",
     490        9096 :                           WPA_GET_BE16(dev_type), WPA_GET_BE32(&dev_type[2]),
     491        9096 :                           WPA_GET_BE16(&dev_type[6]));
     492        9096 :         if (os_snprintf_error(buf_len, ret))
     493           0 :                 return NULL;
     494             : 
     495        9096 :         return buf;
     496             : }
     497             : 
     498             : 
     499         163 : void uuid_gen_mac_addr(const u8 *mac_addr, u8 *uuid)
     500             : {
     501             :         const u8 *addr[2];
     502             :         size_t len[2];
     503             :         u8 hash[SHA1_MAC_LEN];
     504         163 :         u8 nsid[16] = {
     505             :                 0x52, 0x64, 0x80, 0xf8,
     506             :                 0xc9, 0x9b,
     507             :                 0x4b, 0xe5,
     508             :                 0xa6, 0x55,
     509             :                 0x58, 0xed, 0x5f, 0x5d, 0x60, 0x84
     510             :         };
     511             : 
     512         163 :         addr[0] = nsid;
     513         163 :         len[0] = sizeof(nsid);
     514         163 :         addr[1] = mac_addr;
     515         163 :         len[1] = 6;
     516         163 :         sha1_vector(2, addr, len, hash);
     517         163 :         os_memcpy(uuid, hash, 16);
     518             : 
     519             :         /* Version: 5 = named-based version using SHA-1 */
     520         163 :         uuid[6] = (5 << 4) | (uuid[6] & 0x0f);
     521             : 
     522             :         /* Variant specified in RFC 4122 */
     523         163 :         uuid[8] = 0x80 | (uuid[8] & 0x3f);
     524         163 : }
     525             : 
     526             : 
     527         517 : u16 wps_config_methods_str2bin(const char *str)
     528             : {
     529         517 :         u16 methods = 0;
     530             : 
     531         517 :         if (str == NULL) {
     532             :                 /* Default to enabling methods based on build configuration */
     533         489 :                 methods |= WPS_CONFIG_DISPLAY | WPS_CONFIG_KEYPAD;
     534         489 :                 methods |= WPS_CONFIG_VIRT_DISPLAY;
     535             : #ifdef CONFIG_WPS_NFC
     536         489 :                 methods |= WPS_CONFIG_NFC_INTERFACE;
     537             : #endif /* CONFIG_WPS_NFC */
     538             : #ifdef CONFIG_P2P
     539         420 :                 methods |= WPS_CONFIG_P2PS;
     540             : #endif /* CONFIG_P2P */
     541             :         } else {
     542          28 :                 if (os_strstr(str, "ethernet"))
     543           0 :                         methods |= WPS_CONFIG_ETHERNET;
     544          28 :                 if (os_strstr(str, "label"))
     545          17 :                         methods |= WPS_CONFIG_LABEL;
     546          28 :                 if (os_strstr(str, "display"))
     547          12 :                         methods |= WPS_CONFIG_DISPLAY;
     548          28 :                 if (os_strstr(str, "ext_nfc_token"))
     549           0 :                         methods |= WPS_CONFIG_EXT_NFC_TOKEN;
     550          28 :                 if (os_strstr(str, "int_nfc_token"))
     551           0 :                         methods |= WPS_CONFIG_INT_NFC_TOKEN;
     552          28 :                 if (os_strstr(str, "nfc_interface"))
     553          10 :                         methods |= WPS_CONFIG_NFC_INTERFACE;
     554          28 :                 if (os_strstr(str, "push_button"))
     555          18 :                         methods |= WPS_CONFIG_PUSHBUTTON;
     556          28 :                 if (os_strstr(str, "keypad"))
     557          11 :                         methods |= WPS_CONFIG_KEYPAD;
     558          28 :                 if (os_strstr(str, "virtual_display"))
     559          11 :                         methods |= WPS_CONFIG_VIRT_DISPLAY;
     560          28 :                 if (os_strstr(str, "physical_display"))
     561           0 :                         methods |= WPS_CONFIG_PHY_DISPLAY;
     562          28 :                 if (os_strstr(str, "virtual_push_button"))
     563           1 :                         methods |= WPS_CONFIG_VIRT_PUSHBUTTON;
     564          28 :                 if (os_strstr(str, "physical_push_button"))
     565           0 :                         methods |= WPS_CONFIG_PHY_PUSHBUTTON;
     566          28 :                 if (os_strstr(str, "p2ps"))
     567           8 :                         methods |= WPS_CONFIG_P2PS;
     568             :         }
     569             : 
     570         517 :         return methods;
     571             : }
     572             : 
     573             : 
     574          29 : struct wpabuf * wps_build_wsc_ack(struct wps_data *wps)
     575             : {
     576             :         struct wpabuf *msg;
     577             : 
     578          29 :         wpa_printf(MSG_DEBUG, "WPS: Building Message WSC_ACK");
     579             : 
     580          29 :         msg = wpabuf_alloc(1000);
     581          29 :         if (msg == NULL)
     582           0 :                 return NULL;
     583             : 
     584          58 :         if (wps_build_version(msg) ||
     585          58 :             wps_build_msg_type(msg, WPS_WSC_ACK) ||
     586          58 :             wps_build_enrollee_nonce(wps, msg) ||
     587          58 :             wps_build_registrar_nonce(wps, msg) ||
     588          29 :             wps_build_wfa_ext(msg, 0, NULL, 0)) {
     589           0 :                 wpabuf_free(msg);
     590           0 :                 return NULL;
     591             :         }
     592             : 
     593          29 :         return msg;
     594             : }
     595             : 
     596             : 
     597          62 : struct wpabuf * wps_build_wsc_nack(struct wps_data *wps)
     598             : {
     599             :         struct wpabuf *msg;
     600             : 
     601          62 :         wpa_printf(MSG_DEBUG, "WPS: Building Message WSC_NACK");
     602             : 
     603          62 :         msg = wpabuf_alloc(1000);
     604          62 :         if (msg == NULL)
     605           0 :                 return NULL;
     606             : 
     607         124 :         if (wps_build_version(msg) ||
     608         124 :             wps_build_msg_type(msg, WPS_WSC_NACK) ||
     609         124 :             wps_build_enrollee_nonce(wps, msg) ||
     610         124 :             wps_build_registrar_nonce(wps, msg) ||
     611         124 :             wps_build_config_error(msg, wps->config_error) ||
     612          62 :             wps_build_wfa_ext(msg, 0, NULL, 0)) {
     613           0 :                 wpabuf_free(msg);
     614           0 :                 return NULL;
     615             :         }
     616             : 
     617          62 :         return msg;
     618             : }
     619             : 
     620             : 
     621             : #ifdef CONFIG_WPS_NFC
     622             : 
     623          16 : struct wpabuf * wps_nfc_token_build(int ndef, int id, struct wpabuf *pubkey,
     624             :                                     struct wpabuf *dev_pw)
     625             : {
     626             :         struct wpabuf *ret;
     627             : 
     628          16 :         if (pubkey == NULL || dev_pw == NULL)
     629           0 :                 return NULL;
     630             : 
     631          16 :         ret = wps_build_nfc_pw_token(id, pubkey, dev_pw);
     632          16 :         if (ndef && ret) {
     633             :                 struct wpabuf *tmp;
     634          14 :                 tmp = ndef_build_wifi(ret);
     635          14 :                 wpabuf_free(ret);
     636          14 :                 if (tmp == NULL)
     637           0 :                         return NULL;
     638          14 :                 ret = tmp;
     639             :         }
     640             : 
     641          16 :         return ret;
     642             : }
     643             : 
     644             : 
     645          33 : int wps_nfc_gen_dh(struct wpabuf **pubkey, struct wpabuf **privkey)
     646             : {
     647          33 :         struct wpabuf *priv = NULL, *pub = NULL;
     648             :         void *dh_ctx;
     649             : 
     650          33 :         dh_ctx = dh5_init(&priv, &pub);
     651          33 :         if (dh_ctx == NULL)
     652           0 :                 return -1;
     653          33 :         pub = wpabuf_zeropad(pub, 192);
     654          33 :         if (pub == NULL) {
     655           0 :                 wpabuf_free(priv);
     656           0 :                 return -1;
     657             :         }
     658          33 :         wpa_hexdump_buf(MSG_DEBUG, "WPS: Generated new DH pubkey", pub);
     659          33 :         dh5_free(dh_ctx);
     660             : 
     661          33 :         wpabuf_free(*pubkey);
     662          33 :         *pubkey = pub;
     663          33 :         wpabuf_free(*privkey);
     664          33 :         *privkey = priv;
     665             : 
     666          33 :         return 0;
     667             : }
     668             : 
     669             : 
     670          16 : struct wpabuf * wps_nfc_token_gen(int ndef, int *id, struct wpabuf **pubkey,
     671             :                                   struct wpabuf **privkey,
     672             :                                   struct wpabuf **dev_pw)
     673             : {
     674             :         struct wpabuf *pw;
     675             :         u16 val;
     676             : 
     677          16 :         pw = wpabuf_alloc(WPS_OOB_DEVICE_PASSWORD_LEN);
     678          16 :         if (pw == NULL)
     679           0 :                 return NULL;
     680             : 
     681          16 :         if (random_get_bytes(wpabuf_put(pw, WPS_OOB_DEVICE_PASSWORD_LEN),
     682          16 :                              WPS_OOB_DEVICE_PASSWORD_LEN) ||
     683          16 :             random_get_bytes((u8 *) &val, sizeof(val))) {
     684           0 :                 wpabuf_free(pw);
     685           0 :                 return NULL;
     686             :         }
     687             : 
     688          16 :         if (wps_nfc_gen_dh(pubkey, privkey) < 0) {
     689           0 :                 wpabuf_free(pw);
     690           0 :                 return NULL;
     691             :         }
     692             : 
     693          16 :         *id = 0x10 + val % 0xfff0;
     694          16 :         wpabuf_free(*dev_pw);
     695          16 :         *dev_pw = pw;
     696             : 
     697          16 :         return wps_nfc_token_build(ndef, *id, *pubkey, *dev_pw);
     698             : }
     699             : 
     700             : 
     701          12 : struct wpabuf * wps_build_nfc_handover_req(struct wps_context *ctx,
     702             :                                            struct wpabuf *nfc_dh_pubkey)
     703             : {
     704             :         struct wpabuf *msg;
     705             :         void *len;
     706             : 
     707          12 :         if (ctx == NULL)
     708           0 :                 return NULL;
     709             : 
     710          12 :         wpa_printf(MSG_DEBUG, "WPS: Building attributes for NFC connection "
     711             :                    "handover request");
     712             : 
     713          12 :         if (nfc_dh_pubkey == NULL) {
     714           0 :                 wpa_printf(MSG_DEBUG, "WPS: No NFC OOB Device Password "
     715             :                            "configured");
     716           0 :                 return NULL;
     717             :         }
     718             : 
     719          12 :         msg = wpabuf_alloc(1000);
     720          12 :         if (msg == NULL)
     721           0 :                 return msg;
     722          12 :         len = wpabuf_put(msg, 2);
     723             : 
     724          12 :         if (wps_build_oob_dev_pw(msg, DEV_PW_NFC_CONNECTION_HANDOVER,
     725          12 :                                  nfc_dh_pubkey, NULL, 0) ||
     726          24 :             wps_build_uuid_e(msg, ctx->uuid) ||
     727          12 :             wps_build_wfa_ext(msg, 0, NULL, 0)) {
     728           0 :                 wpabuf_free(msg);
     729           0 :                 return NULL;
     730             :         }
     731             : 
     732          12 :         WPA_PUT_BE16(len, wpabuf_len(msg) - 2);
     733             : 
     734          12 :         return msg;
     735             : }
     736             : 
     737             : 
     738          12 : static int wps_build_ssid(struct wpabuf *msg, struct wps_context *wps)
     739             : {
     740          12 :         wpa_printf(MSG_DEBUG, "WPS:  * SSID");
     741          24 :         wpa_hexdump_ascii(MSG_DEBUG, "WPS: SSID in Connection Handover Select",
     742          12 :                           wps->ssid, wps->ssid_len);
     743          12 :         wpabuf_put_be16(msg, ATTR_SSID);
     744          12 :         wpabuf_put_be16(msg, wps->ssid_len);
     745          12 :         wpabuf_put_data(msg, wps->ssid, wps->ssid_len);
     746          12 :         return 0;
     747             : }
     748             : 
     749             : 
     750          12 : static int wps_build_ap_freq(struct wpabuf *msg, int freq)
     751             : {
     752             :         enum hostapd_hw_mode mode;
     753             :         u8 channel, rf_band;
     754             :         u16 ap_channel;
     755             : 
     756          12 :         if (freq <= 0)
     757           3 :                 return 0;
     758             : 
     759           9 :         mode = ieee80211_freq_to_chan(freq, &channel);
     760           9 :         if (mode == NUM_HOSTAPD_MODES)
     761           0 :                 return 0; /* Unknown channel */
     762             : 
     763           9 :         if (mode == HOSTAPD_MODE_IEEE80211G || mode == HOSTAPD_MODE_IEEE80211B)
     764           8 :                 rf_band = WPS_RF_24GHZ;
     765           1 :         else if (mode == HOSTAPD_MODE_IEEE80211A)
     766           1 :                 rf_band = WPS_RF_50GHZ;
     767             :         else
     768           0 :                 return 0; /* Unknown band */
     769           9 :         ap_channel = channel;
     770             : 
     771          18 :         if (wps_build_rf_bands_attr(msg, rf_band) ||
     772           9 :             wps_build_ap_channel(msg, ap_channel))
     773           0 :                 return -1;
     774             : 
     775           9 :         return 0;
     776             : }
     777             : 
     778             : 
     779          12 : struct wpabuf * wps_build_nfc_handover_sel(struct wps_context *ctx,
     780             :                                            struct wpabuf *nfc_dh_pubkey,
     781             :                                            const u8 *bssid, int freq)
     782             : {
     783             :         struct wpabuf *msg;
     784             :         void *len;
     785             : 
     786          12 :         if (ctx == NULL)
     787           0 :                 return NULL;
     788             : 
     789          12 :         wpa_printf(MSG_DEBUG, "WPS: Building attributes for NFC connection "
     790             :                    "handover select");
     791             : 
     792          12 :         if (nfc_dh_pubkey == NULL) {
     793           0 :                 wpa_printf(MSG_DEBUG, "WPS: No NFC OOB Device Password "
     794             :                            "configured");
     795           0 :                 return NULL;
     796             :         }
     797             : 
     798          12 :         msg = wpabuf_alloc(1000);
     799          12 :         if (msg == NULL)
     800           0 :                 return msg;
     801          12 :         len = wpabuf_put(msg, 2);
     802             : 
     803          12 :         if (wps_build_oob_dev_pw(msg, DEV_PW_NFC_CONNECTION_HANDOVER,
     804          12 :                                  nfc_dh_pubkey, NULL, 0) ||
     805          24 :             wps_build_ssid(msg, ctx) ||
     806          24 :             wps_build_ap_freq(msg, freq) ||
     807          24 :             (bssid && wps_build_mac_addr(msg, bssid)) ||
     808          12 :             wps_build_wfa_ext(msg, 0, NULL, 0)) {
     809           0 :                 wpabuf_free(msg);
     810           0 :                 return NULL;
     811             :         }
     812             : 
     813          12 :         WPA_PUT_BE16(len, wpabuf_len(msg) - 2);
     814             : 
     815          12 :         return msg;
     816             : }
     817             : 
     818             : 
     819           9 : struct wpabuf * wps_build_nfc_handover_req_p2p(struct wps_context *ctx,
     820             :                                                struct wpabuf *nfc_dh_pubkey)
     821             : {
     822             :         struct wpabuf *msg;
     823             : 
     824           9 :         if (ctx == NULL)
     825           0 :                 return NULL;
     826             : 
     827           9 :         wpa_printf(MSG_DEBUG, "WPS: Building attributes for NFC connection "
     828             :                    "handover request (P2P)");
     829             : 
     830           9 :         if (nfc_dh_pubkey == NULL) {
     831           0 :                 wpa_printf(MSG_DEBUG, "WPS: No NFC DH Public Key configured");
     832           0 :                 return NULL;
     833             :         }
     834             : 
     835           9 :         msg = wpabuf_alloc(1000);
     836           9 :         if (msg == NULL)
     837           0 :                 return msg;
     838             : 
     839          18 :         if (wps_build_manufacturer(&ctx->dev, msg) ||
     840          18 :             wps_build_model_name(&ctx->dev, msg) ||
     841          18 :             wps_build_model_number(&ctx->dev, msg) ||
     842           9 :             wps_build_oob_dev_pw(msg, DEV_PW_NFC_CONNECTION_HANDOVER,
     843           9 :                                  nfc_dh_pubkey, NULL, 0) ||
     844          18 :             wps_build_rf_bands(&ctx->dev, msg, 0) ||
     845          18 :             wps_build_serial_number(&ctx->dev, msg) ||
     846          18 :             wps_build_uuid_e(msg, ctx->uuid) ||
     847           9 :             wps_build_wfa_ext(msg, 0, NULL, 0)) {
     848           0 :                 wpabuf_free(msg);
     849           0 :                 return NULL;
     850             :         }
     851             : 
     852           9 :         return msg;
     853             : }
     854             : 
     855             : 
     856          20 : struct wpabuf * wps_build_nfc_handover_sel_p2p(struct wps_context *ctx,
     857             :                                                int nfc_dev_pw_id,
     858             :                                                struct wpabuf *nfc_dh_pubkey,
     859             :                                                struct wpabuf *nfc_dev_pw)
     860             : {
     861             :         struct wpabuf *msg;
     862             :         const u8 *dev_pw;
     863             :         size_t dev_pw_len;
     864             : 
     865          20 :         if (ctx == NULL)
     866           0 :                 return NULL;
     867             : 
     868          20 :         wpa_printf(MSG_DEBUG, "WPS: Building attributes for NFC connection "
     869             :                    "handover select (P2P)");
     870             : 
     871          20 :         if (nfc_dh_pubkey == NULL ||
     872          10 :             (nfc_dev_pw_id != DEV_PW_NFC_CONNECTION_HANDOVER &&
     873             :              nfc_dev_pw == NULL)) {
     874           0 :                 wpa_printf(MSG_DEBUG, "WPS: No NFC OOB Device Password "
     875             :                            "configured");
     876           0 :                 return NULL;
     877             :         }
     878             : 
     879          20 :         msg = wpabuf_alloc(1000);
     880          20 :         if (msg == NULL)
     881           0 :                 return msg;
     882             : 
     883          20 :         if (nfc_dev_pw) {
     884          10 :                 dev_pw = wpabuf_head(nfc_dev_pw);
     885          10 :                 dev_pw_len = wpabuf_len(nfc_dev_pw);
     886             :         } else {
     887          10 :                 dev_pw = NULL;
     888          10 :                 dev_pw_len = 0;
     889             :         }
     890             : 
     891          40 :         if (wps_build_manufacturer(&ctx->dev, msg) ||
     892          40 :             wps_build_model_name(&ctx->dev, msg) ||
     893          40 :             wps_build_model_number(&ctx->dev, msg) ||
     894          20 :             wps_build_oob_dev_pw(msg, nfc_dev_pw_id, nfc_dh_pubkey,
     895          20 :                                  dev_pw, dev_pw_len) ||
     896          40 :             wps_build_rf_bands(&ctx->dev, msg, 0) ||
     897          40 :             wps_build_serial_number(&ctx->dev, msg) ||
     898          40 :             wps_build_uuid_e(msg, ctx->uuid) ||
     899          20 :             wps_build_wfa_ext(msg, 0, NULL, 0)) {
     900           0 :                 wpabuf_free(msg);
     901           0 :                 return NULL;
     902             :         }
     903             : 
     904          20 :         return msg;
     905             : }
     906             : 
     907             : #endif /* CONFIG_WPS_NFC */

Generated by: LCOV version 1.10