path: root/src/wps/wps_defs.h
Commit message (Collapse)AuthorAgeFilesLines
* WPS: Add multi_ap_subelem to wps_build_wfa_ext()Arnout Vandecappelle (Essensium/Mind)2019-02-181-1/+2
| | | | | | | | | | | | | | The Multi-AP specification adds a new subelement to the WFA extension element in the WPS exchange. Add an additional parameter to wps_build_wfa_ext() to add this subelement. The subelement is only added if the parameter is nonzero. Note that we don't reuse the existing MULTI_AP_SUB_ELEM_TYPE definition here, but rather define a new WFA_ELEM_MULTI_AP, to make sure the enum of WFA subelement types for WPS vendor extension remains complete. For now, all callers set the multi_ap_subelem parameter to 0. Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
* WPS: Testing mechanism to force auth/encr type flagsJouni Malinen2016-01-011-0/+4
| | | | | | | | | | The new wps_force_{auth,encr}_types parameters can be used in test build (CONFIG_WPS_TESTING) to force wpa_supplicant to use the specified value in the Authentication/Encryption Type flags attribute. This can be used to test AP behavior on various error cases for which there are workarounds to cover deployed device behavior. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Add support for 60 GHz bandHamad Kadmany2015-04-271-0/+1
| | | | | | | | Handling of WPS RF band for 60 GHz was missing. Add it in all relevant places and also map "AES" as the cipher to GCMP instead of CCMP when operating on the 60 GHz band. Signed-off-by: Hamad Kadmany <qca_hkadmany@qca.qualcomm.com>
* WPS: Truncate variable length string attributes to maximum lengthJouni Malinen2015-04-221-0/+4
| | | | | | | | | | | This enforces variable length strings Manufacturer, Model Name, Model Number, and Serial Number to be within the maximum length defined in the WSC specification. While none of the existing users for these within hostapd/wpa_supplicant had problems with longer strings, it is good to ensure the strings are not longer to avoid potential issues at higher layer components. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add WPS_DEV_NAME_MAX_LEN define and use it when comparing lengthJouni Malinen2015-04-221-0/+1
| | | | | | This make code easier to understand. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* P2PS: WPS changes needed for P2PS default PINBrian Gix2015-02-021-1/+3
| | | | | | | This provides additional WPS definitions and rules for negotiating use of P2PS default PIN configuration method. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Add missing device typesIlan Peer2014-10-251-2/+43
| | | | | | Add missing device category and device sub category definitions. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
* WPS: Remove unused WEP related functionalityJouni Malinen2014-04-061-2/+2
| | | | | | | | | | | Now that WPS 2.0 support is enabled unconditionally, WEP and Shared auth type are not allowed. This made some of the older code unused and that can now be removed to clean up the implementation. There is still one place where WEP is allowed for testing purposes: wpa_supplicant as Registrar trying to configure an AP to use WEP. That is now only allowed in CONFIG_TESTING_OPTIONS=y builds, though. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Enable WSC 2.0 support unconditionallyJouni Malinen2014-03-251-6/+0
| | | | | | | | | There is not much point in building devices with WPS 1.0 only supported nowadays. As such, there is not sufficient justification for maintaining extra complexity for the CONFIG_WPS2 build option either. Remove this by enabling WSC 2.0 support unconditionally. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Parse Registrar Configuration MethodsRahul Jain2014-03-051-1/+2
| | | | | | This new subelement was added into the WFA Vendor Extension. Signed-off-by: Rahul Jain <rahul.jain@samsung.com>
* WPS: Add testing option to corrupt public key hashJouni Malinen2014-01-271-0/+1
| | | | | | | | | | If CONFIG_WPS_TESTING=y is enabled in build configuration, the new wps_corrupt_pkhash parameter (similar to wps_testing_dummy_cred) can be used to request public key hash to be corrupted in all generated OOB Device Password attributes. This can be used for testing purposes to validate public key hash validation steps. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS NFC: Update NFC connection handover designJouni Malinen2014-01-271-1/+2
| | | | | | | | | | | The new Device Password ID 7 is used to indicate that NFC connection handover is used with DH public key hash from both devices being exchanged over the NFC connection handover messages. This allows an abbreviated M1-M2 handshake to be used since Device Password does not need to be used when DH is authenticated with the out-of-band information (validation of the public key against the hash). Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS NFC: Send M2D with config error 20 on pkhash mismatchJouni Malinen2014-01-271-1/+3
| | | | | | | Instead of terminating the WPS protocol immediately, go through an M2D exchange to notify Enrollee of the public key hash mismatch. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Track result of the latest WPS operationJeffin Mammen2013-08-231-0/+1
| | | | Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Add support for OOB dev password lengths 16..31Jouni Malinen2012-06-271-1/+1
| | | | | | | | | Previously, only the maximum length 32 octets for OOB device password was accepted. Since the specification allows a shorter password to be used with limited OOB mechanism (e.g., small NFC tag), we should accept lengths 16..32. Signed-hostap: Jouni Malinen <j@w1.fi>
* Remove the GPL notification from files contributed by Jouni MalinenJouni Malinen2012-02-111-8/+2
| | | | | | | Remove the GPL notification text from the files that were initially contributed by myself. Signed-hostap: Jouni Malinen <j@w1.fi>
* WPS: Add mechanism for indicating non-standard WPS errorsChao-Wen Yang2011-01-131-0/+8
| | | | | | | | | | | Previously, only the Configuration Error values were indicated in WPS-FAIL events. Since those values are defined in the specification it is not feasible to extend them for indicating other errors. Add a new error indication value that is internal to wpa_supplicant and hostapd to allow other errors to be indicated. Use the new mechanism to indicate if negotiation fails because of WEP or TKIP-only configurations being disallows by WPS 2.0.
* WPS: Make testing operations configurable at runtimeJouni Malinen2010-09-221-4/+10
| | | | | | | | | | | | | | | | | | | Instead of build time options (CONFIG_WPS_TESTING_EXTRA_CRED and CONFIG_WPS_EXTENSIBILITY_TESTING), use a single build option (CONFIG_WPS_TESTING) and runtime configuration of which testing operations are enabled. This allows a single binary to be used for various tests. The runtime configuration can be done through control interface with wpa_cli/hostapd_cli commands: Enable extensibility tests: set wps_version_number 0x57 Disable extensibility tests (WPS2 build): set wps_version_number 0x20 Enable extra credential tests: set wps_testing_dummy_cred 1 Disable extra credential tests: set wps_testing_dummy_cred 0
* WPS 2.0: Convert new attributes into WFA vendor extensionJouni Malinen2010-09-091-7/+11
| | | | | | The WSC 2.0 specification moved to use another design for the new attributes to avoid backwards compatibility issues with some deployed implementations.
* WPS 2.0: Make WSC 2.0 support to be build option (CONFIG_WPS2)Jouni Malinen2010-09-091-0/+8
| | | | | For now, the default build will only include WSC 1.0 support. CONFIG_WPS2=y can be used to add support for WSC 2.0.
* WPS 2.0: Add tool for testing protocol extensibilityJouni Malinen2010-09-091-1/+6
| | | | | This is disabled by default and can be enabled by defining CONFIG_WPS_EXTENSIBILITY_TESTING.
* WPS 2.0: Add virtual/physical display and pushbutton config methodsJouni Malinen2010-09-091-0/+4
* WPS 2.0: Add support for AuthorizedMACs attributeJouni Malinen2010-09-091-0/+2
| | | | | | | | | | Advertize list of authorized enrollee MAC addresses in Beacon and Probe Response frames and use these when selecting the AP. In order to provide the list, the enrollee MAC address should be specified whenever adding a new PIN. In addition, add UUID-R into SetSelectedRegistrar action to make it potentially easier for an AP to figure out which ER sent the action should there be multiple ERs using the same IP address.
* WPS 2.0: Add new attributes and update version negotiationJouni Malinen2010-09-091-2/+8
| | | | | | | This adds definitions and parsing of the new attributes that were added in WPS 2.0. In addition, the version negotiation is updated to use the new mechanism, i.e., accept everything received and use the new Version2 attribute in transmitted messages.
* Fix a typo in unused attribute nameJouni Malinen2010-05-251-1/+1
* WPS: Clean up Primary Device Type handlingJouni Malinen2009-11-261-7/+0
| | | | | | Use shared functions for converting Primary Device Type between binary and string formats. In addition, use array of eight octets instead of a specific structure with multiple fields to reduce code complexity.
* WPS: Add UFD support (USBA out-of-band mechanism)Masashi Honma2009-02-261-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | This patch is only for the following use case: - Enrollee = wpa_supplicant - Registrar = hostapd internal Registrar Following UFD methods can be used: - Enrollee PIN with UFD - Registrar PIN with UFD - unencrypted credential with UFD Encrypted credentials are not supported. Enrollee side operation: wpa_cli -i ath0 wps_oob <device type> <mount point> <oob method> oob method = pin-e/pin-r/cred wpa_cli -i ath0 wps_oob ufd /mnt/ pin-r Registrar side operation: ./hostapd_cli -i ath0 wps_oob <device type> <mount point> <oob method> oob method = pin-e/pin-r/cred hostapd_cli -i ath0 wps_oob ufd /mnt/ cred
* WPS: Parse Request Type from WPS IE in (Re)AssocReq and derive mgmt keysJouni Malinen2008-11-291-0/+3
| | | | | | | WPS IE is now passed from hostapd association processing into EAP-WSC and WPS processing. Request Type attribute is parsed from this information and if the request is for a WLAN Manager Registrar, additional management keys are derived (to be used with UPnP).
* Added preliminary Wi-Fi Protected Setup (WPS) implementationJouni Malinen2008-11-231-0/+294
This adds WPS support for both hostapd and wpa_supplicant. Both programs can be configured to act as WPS Enrollee and Registrar. Both PBC and PIN methods are supported. Currently, hostapd has more complete configuration option for WPS parameters and wpa_supplicant configuration style will likely change in the future. External Registrars are not yet supported in hostapd or wpa_supplicant. While wpa_supplicant has initial support for acting as an Registrar to configure an AP, this is still using number of hardcoded parameters which will need to be made configurable for proper operation.