1 /*
2 * Copyright (c) 2017-2021, The Linux Foundation. All rights reserved.
3 * Copyright (c) 2022 Qualcomm Innovation Center, Inc. All rights reserved.
4 *
5 * Permission to use, copy, modify, and/or distribute this software for
6 * any purpose with or without fee is hereby granted, provided that the
7 * above copyright notice and this permission notice appear in all
8 * copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
11 * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
12 * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
13 * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
14 * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
15 * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
16 * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
17 * PERFORMANCE OF THIS SOFTWARE.
18 */
19
20 #ifndef __LIM_PROCESS_FILS_H
21 #define __LIM_PROCESS_FILS_H
22
23 #include <cds_api.h>
24 #include <lim_global.h>
25 #include <ani_global.h>
26 #include <lim_ser_des_utils.h>
27
28 #ifdef WLAN_FEATURE_FILS_SK
29
30 /**
31 * lim_process_fils_auth_frame2()- This API processes fils data from auth resp
32 * @mac_ctx: mac context
33 * @session: PE session
34 * @rx_auth_frm_body: pointer to auth frame
35 *
36 * Return: true if fils data needs to be processed else false
37 */
38 bool lim_process_fils_auth_frame2(struct mac_context *mac_ctx,
39 struct pe_session *pe_session,
40 tSirMacAuthFrameBody * rx_auth_frm_body);
41
42 /**
43 * lim_add_fils_data_to_auth_frame()- This API adds fils data to auth frame.
44 * Following will be added in this.
45 * 1. RSNIE
46 * 2. SNonce
47 * 3. Session
48 * 4. Wrapped data
49 * @session: PE session
50 * @body: pointer to auth frame where data needs to be added
51 *
52 * Return: None
53 */
54 void lim_add_fils_data_to_auth_frame(struct pe_session *session, uint8_t *body);
55
56 /**
57 * lim_is_valid_fils_auth_frame()- This API checks whether auth frame is a
58 * valid frame.
59 * @mac_ctx: mac context
60 * @pe_session: pe session pointer
61 * @rx_auth_frm_body: pointer to autherntication frame
62 *
63 * Return: true if frame is valid or fils is disable, false otherwise
64 */
65 bool lim_is_valid_fils_auth_frame(struct mac_context *mac_ctx,
66 struct pe_session *pe_session, tSirMacAuthFrameBody *rx_auth_frm_body);
67
68 /**
69 * lim_create_fils_rik()- This API create rik using rrk coming from
70 * supplicant.
71 * @rrk: input rrk
72 * @rrk_len: rrk length
73 * @rik: Created rik
74 * @rik_len: rik length to be filled
75 *
76 * rIK = KDF (K, S), where
77 * K = rRK and
78 * S = rIK Label + "\0" + cryptosuite + length
79 * The rIK Label is the 8-bit ASCII string:
80 * Re-authentication Integrity Key@ietf.org
81 *
82 * Return: QDF_STATUS
83 */
84 QDF_STATUS lim_create_fils_rik(uint8_t *rrk, uint8_t rrk_len,
85 uint8_t *rik, uint32_t *rik_len);
86
87 /**
88 * lim_update_fils_config()- This API updates fils session info to csr config
89 * from join request.
90 * @mac_ctx: pointer to mac context
91 * @session: PE session
92 * @join_req: pointer to join request
93 *
94 * Return: None
95 */
96 void lim_update_fils_config(struct mac_context *mac_ctx,
97 struct pe_session *session,
98 struct cm_vdev_join_req *join_req);
99
100 /**
101 * lim_create_fils_auth_data()- This API creates the fils auth data
102 * which needs to be sent in auth req.
103 * @mac_ctx: mac context
104 * @auth_frame: pointer to auth frame
105 * @session: PE session
106 *
107 * Return: length of fils data
108 */
109 QDF_STATUS lim_create_fils_auth_data(struct mac_context *mac_ctx,
110 tpSirMacAuthFrameBody auth_frame,
111 struct pe_session *session,
112 uint32_t *frame_len);
113
114 /**
115 * lim_increase_fils_sequence_number: this API increases fils sequence number in
116 * the event of resending auth packet
117 * @session_entry: pointer to PE session
118 *
119 * Return: None
120 */
lim_increase_fils_sequence_number(struct pe_session * session_entry)121 static inline void lim_increase_fils_sequence_number(struct pe_session *session_entry)
122 {
123 if (!session_entry->fils_info)
124 return;
125
126 if (session_entry->fils_info->is_fils_connection)
127 session_entry->fils_info->sequence_number++;
128 }
129
130 /**
131 * populate_fils_connect_params() - Populate FILS connect params to join rsp
132 * @mac_ctx: Mac context
133 * @session: PE session
134 * @connect_rsp: connect join rsp
135 *
136 * This API copies the FILS connect params from PE session to SME join rsp
137 *
138 * Return: None
139 */
140 void
141 populate_fils_connect_params(struct mac_context *mac_ctx,
142 struct pe_session *session,
143 struct wlan_cm_connect_resp *connect_rsp);
144
145 /**
146 * lim_update_fils_hlp_data() - Update the hlp data from association
147 * response frame to PE session.
148 * @hlp_frm_src_mac: SRC mac address in HLP IE from assoc frame
149 * @hlp_frm_dst_mac: DST mac address in HLP IE from assoc frame
150 * @frm_hlp_len: HLP data length
151 * @frm_hlp_data: Pointer to hlp data
152 * @pe_session: Pointer to pe_session
153 *
154 * Return: None
155 */
156 void lim_update_fils_hlp_data(struct qdf_mac_addr *hlp_frm_src_mac,
157 struct qdf_mac_addr *hlp_frm_dest_mac,
158 uint16_t frm_hlp_len, uint8_t *frm_hlp_data,
159 struct pe_session *pe_session);
160
161 /**
162 * aead_encrypt_assoc_req() - Encrypt FILS IE's in assoc request
163 * @mac_ctx: mac context
164 * @pe_session: PE session
165 * @frame: packed frame buffer
166 * @payload: length of @frame
167 *
168 * This API is used to encrypt the all the IE present after FILS session IE
169 * in Association request frame
170 *
171 * Return: QDF_STATUS
172 */
173 QDF_STATUS aead_encrypt_assoc_req(struct mac_context *mac_ctx,
174 struct pe_session *pe_session,
175 uint8_t *frame, uint32_t *payload);
176
177 /**
178 * aead_decrypt_assoc_rsp() - API for AEAD decryption in FILS connection
179 * @mac_ctx: MAC context
180 * @session: PE session
181 * @ar: Assoc response frame structure
182 * @p_frame: frame buffer received
183 * @n_frame: length of @p_frame
184 *
185 * This API is used to decrypt the AEAD encrypted part of FILS assoc response
186 * and populate the decrypted FILS IE's to Assoc response frame structure(ar)
187 *
188 * Return: QDF_STATUS
189 */
190 QDF_STATUS aead_decrypt_assoc_rsp(struct mac_context *mac_ctx,
191 struct pe_session *session,
192 tDot11fAssocResponse *ar,
193 uint8_t *p_frame, uint32_t *n_frame);
194 /**
195 * lim_is_fils_connection() - Check if it is FILS connection
196 * @pe_session: PE session
197 *
198 * This API is used to check if current PE session is FILS connection
199 *
200 * Return: True if FILS connection, false if not
201 */
lim_is_fils_connection(struct pe_session * pe_session)202 static inline bool lim_is_fils_connection(struct pe_session *pe_session)
203 {
204 if (pe_session->fils_info->is_fils_connection)
205 return true;
206 return false;
207 }
208
209 /**
210 * lim_verify_fils_params_assoc_rsp() - Verify FILS params in assoc rsp
211 * @mac_ctx: Mac context
212 * @session_entry: PE session
213 * @assoc_rsp: Assoc response received
214 * @assoc_cnf: Assoc cnf msg to be sent to MLME
215 *
216 * This API is used to match FILS params received in Assoc response
217 * with Assoc params received/derived at the Authentication stage
218 *
219 * Return: True, if successfully matches. False, otherwise
220 */
221 bool lim_verify_fils_params_assoc_rsp(struct mac_context *mac_ctx,
222 struct pe_session *session_entry,
223 tpSirAssocRsp assoc_rsp,
224 tLimMlmAssocCnf * assoc_cnf);
225 #else
lim_process_fils_auth_frame2(struct mac_context * mac_ctx,struct pe_session * pe_session,tSirMacAuthFrameBody * rx_auth_frm_body)226 static inline bool lim_process_fils_auth_frame2(struct mac_context *mac_ctx,
227 struct pe_session *pe_session, tSirMacAuthFrameBody *rx_auth_frm_body)
228 {
229 return false;
230 }
231
232 static inline void
lim_increase_fils_sequence_number(struct pe_session * session_entry)233 lim_increase_fils_sequence_number(struct pe_session *session_entry)
234 { }
235
236 static inline void
lim_add_fils_data_to_auth_frame(struct pe_session * session,uint8_t * body)237 lim_add_fils_data_to_auth_frame(struct pe_session *session, uint8_t *body)
238 {
239 }
240
lim_is_valid_fils_auth_frame(struct mac_context * mac_ctx,struct pe_session * pe_session,tSirMacAuthFrameBody * rx_auth_frm_body)241 static inline bool lim_is_valid_fils_auth_frame(struct mac_context *mac_ctx,
242 struct pe_session *pe_session, tSirMacAuthFrameBody *rx_auth_frm_body)
243 {
244 return true;
245 }
246
lim_update_fils_config(struct mac_context * mac_ctx,struct pe_session * session,struct cm_vdev_join_req * join_req)247 static inline void lim_update_fils_config(struct mac_context *mac_ctx,
248 struct pe_session *session,
249 struct cm_vdev_join_req *join_req)
250 {}
251
252 static inline
253 QDF_STATUS lim_create_fils_auth_data(struct mac_context *mac_ctx,
254 tpSirMacAuthFrameBody auth_frame,
255 struct pe_session *session,
256 uint32_t *frame_len);
257 {
258 return QDF_STATUS_SUCCESS;
259 }
260
lim_is_fils_connection(struct pe_session * pe_session)261 static inline bool lim_is_fils_connection(struct pe_session *pe_session)
262 {
263 return false;
264 }
265
266 static inline void
populate_fils_connect_params(struct mac_context * mac_ctx,struct pe_session * session,struct wlan_cm_connect_resp * connect_rsp)267 populate_fils_connect_params(struct mac_context *mac_ctx,
268 struct pe_session *session,
269 struct wlan_cm_connect_resp *connect_rsp)
270 { }
271
272 static inline
lim_update_fils_hlp_data(struct qdf_mac_addr * hlp_frm_src_mac,struct qdf_mac_addr * hlp_frm_dest_mac,uint16_t frm_hlp_len,uint8_t * frm_hlp_data,struct pe_session * pe_session)273 void lim_update_fils_hlp_data(struct qdf_mac_addr *hlp_frm_src_mac,
274 struct qdf_mac_addr *hlp_frm_dest_mac,
275 uint16_t frm_hlp_len, uint8_t *frm_hlp_data,
276 struct pe_session *pe_session)
277 {}
278
aead_encrypt_assoc_req(struct mac_context * mac_ctx,struct pe_session * pe_session,uint8_t * frame,uint32_t * payload)279 static inline QDF_STATUS aead_encrypt_assoc_req(struct mac_context *mac_ctx,
280 struct pe_session *pe_session,
281 uint8_t *frame,
282 uint32_t *payload)
283 {
284 return QDF_STATUS_SUCCESS;
285 }
286
aead_decrypt_assoc_rsp(struct mac_context * mac_ctx,struct pe_session * session,tDot11fAssocResponse * ar,uint8_t * p_frame,uint32_t * n_frame)287 static inline QDF_STATUS aead_decrypt_assoc_rsp(struct mac_context *mac_ctx,
288 struct pe_session *session,
289 tDot11fAssocResponse *ar,
290 uint8_t *p_frame, uint32_t *n_frame)
291 {
292 return QDF_STATUS_SUCCESS;
293 }
294
lim_verify_fils_params_assoc_rsp(struct mac_context * mac_ctx,struct pe_session * session_entry,tpSirAssocRsp assoc_rsp,tLimMlmAssocCnf * assoc_cnf)295 static inline bool lim_verify_fils_params_assoc_rsp(struct mac_context *mac_ctx,
296 struct pe_session *session_entry,
297 tpSirAssocRsp assoc_rsp,
298 tLimMlmAssocCnf *assoc_cnf)
299
300 {
301 return true;
302 }
303 #endif
304 #endif
305