1 /*
2 * WPA Supplicant - Sta network Aidl interface
3 * Copyright (c) 2021, Google Inc. All rights reserved.
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "aidl_manager.h"
10 #include "aidl_return_util.h"
11 #include "misc_utils.h"
12 #include "sta_network.h"
13
14 extern "C"
15 {
16 #include "wps_supplicant.h"
17 #include "crypto/tls.h"
18 }
19
20 namespace {
21 using aidl::android::hardware::wifi::supplicant::AuthAlgMask;
22 using aidl::android::hardware::wifi::supplicant::EapMethod;
23 using aidl::android::hardware::wifi::supplicant::EapPhase2Method;
24 using aidl::android::hardware::wifi::supplicant::GroupCipherMask;
25 using aidl::android::hardware::wifi::supplicant::GroupMgmtCipherMask;
26 using aidl::android::hardware::wifi::supplicant::ISupplicantStaNetwork;
27 using aidl::android::hardware::wifi::supplicant::KeyMgmtMask;
28 using aidl::android::hardware::wifi::supplicant::PairwiseCipherMask;
29 using aidl::android::hardware::wifi::supplicant::ProtoMask;
30
31 constexpr uint8_t kZeroBssid[6] = {0, 0, 0, 0, 0, 0};
32
33 constexpr uint32_t kAllowedKeyMgmtMask =
34 (static_cast<uint32_t>(KeyMgmtMask::NONE) |
35 static_cast<uint32_t>(KeyMgmtMask::WPA_PSK) |
36 static_cast<uint32_t>(KeyMgmtMask::WPA_EAP) |
37 static_cast<uint32_t>(KeyMgmtMask::IEEE8021X) |
38 static_cast<uint32_t>(KeyMgmtMask::FT_EAP) |
39 static_cast<uint32_t>(KeyMgmtMask::FT_PSK) |
40 static_cast<uint32_t>(KeyMgmtMask::OSEN) |
41 static_cast<uint32_t>(KeyMgmtMask::SAE) |
42 static_cast<uint32_t>(KeyMgmtMask::SUITE_B_192) |
43 static_cast<uint32_t>(KeyMgmtMask::OWE) |
44 static_cast<uint32_t>(KeyMgmtMask::WPA_PSK_SHA256) |
45 static_cast<uint32_t>(KeyMgmtMask::WPA_EAP_SHA256) |
46 static_cast<uint32_t>(KeyMgmtMask::WAPI_PSK) |
47 static_cast<uint32_t>(KeyMgmtMask::WAPI_CERT) |
48 static_cast<uint32_t>(KeyMgmtMask::FILS_SHA256) |
49 static_cast<uint32_t>(KeyMgmtMask::FILS_SHA384) |
50 static_cast<uint32_t>(KeyMgmtMask::DPP));
51 constexpr uint32_t kAllowedProtoMask =
52 (static_cast<uint32_t>(ProtoMask::WPA) |
53 static_cast<uint32_t>(ProtoMask::RSN) |
54 static_cast<uint32_t>(ProtoMask::OSEN) |
55 static_cast<uint32_t>(ProtoMask::WAPI));
56 constexpr uint32_t kAllowedAuthAlgMask =
57 (static_cast<uint32_t>(AuthAlgMask::OPEN) |
58 static_cast<uint32_t>(AuthAlgMask::SHARED) |
59 static_cast<uint32_t>(AuthAlgMask::LEAP) |
60 static_cast<uint32_t>(AuthAlgMask::SAE));
61 constexpr uint32_t kAllowedGroupCipherMask =
62 (static_cast<uint32_t>(GroupCipherMask::WEP40) |
63 static_cast<uint32_t>(GroupCipherMask::WEP104) |
64 static_cast<uint32_t>(GroupCipherMask::TKIP) |
65 static_cast<uint32_t>(GroupCipherMask::CCMP) |
66 static_cast<uint32_t>(
67 GroupCipherMask::GTK_NOT_USED) |
68 static_cast<uint32_t>(GroupCipherMask::GCMP_256) |
69 static_cast<uint32_t>(GroupCipherMask::SMS4) |
70 static_cast<uint32_t>(GroupCipherMask::GCMP_128));
71 constexpr uint32_t kAllowedPairwisewCipherMask =
72 (static_cast<uint32_t>(PairwiseCipherMask::NONE) |
73 static_cast<uint32_t>(PairwiseCipherMask::TKIP) |
74 static_cast<uint32_t>(PairwiseCipherMask::CCMP) |
75 static_cast<uint32_t>(
76 PairwiseCipherMask::GCMP_256) |
77 static_cast<uint32_t>(
78 PairwiseCipherMask::SMS4) |
79 static_cast<uint32_t>(PairwiseCipherMask::GCMP_128));
80 constexpr uint32_t kAllowedGroupMgmtCipherMask =
81 (static_cast<uint32_t>(
82 GroupMgmtCipherMask::BIP_GMAC_128) |
83 static_cast<uint32_t>(
84 GroupMgmtCipherMask::BIP_GMAC_256) |
85 static_cast<uint32_t>(
86 GroupMgmtCipherMask::BIP_CMAC_256));
87
88 constexpr uint32_t kEapMethodMax =
89 static_cast<uint32_t>(EapMethod::WFA_UNAUTH_TLS) + 1;
90 constexpr char const *kEapMethodStrings[kEapMethodMax] = {
91 "PEAP", "TLS", "TTLS", "PWD", "SIM", "AKA", "AKA'", "WFA-UNAUTH-TLS"};
92 constexpr uint32_t kEapPhase2MethodMax =
93 static_cast<uint32_t>(EapPhase2Method::AKA_PRIME) + 1;
94 constexpr char const *kEapPhase2MethodStrings[kEapPhase2MethodMax] = {
95 "", "PAP", "MSCHAP", "MSCHAPV2", "GTC", "SIM", "AKA", "AKA'"};
96 constexpr char kEapPhase2AuthPrefix[] = "auth=";
97 constexpr char kEapPhase2AuthEapPrefix[] = "autheap=";
98 constexpr char kNetworkEapSimGsmAuthResponse[] = "GSM-AUTH";
99 constexpr char kNetworkEapSimUmtsAuthResponse[] = "UMTS-AUTH";
100 constexpr char kNetworkEapSimUmtsAutsResponse[] = "UMTS-AUTS";
101 constexpr char kNetworkEapSimGsmAuthFailure[] = "GSM-FAIL";
102 constexpr char kNetworkEapSimUmtsAuthFailure[] = "UMTS-FAIL";
103
104 #ifdef CONFIG_WAPI_INTERFACE
105 std::string dummyWapiCertSuite;
106 std::vector<uint8_t> dummyWapiPsk;
107 #endif /* CONFIG_WAPI_INTERFACE */
108 } // namespace
109
110 namespace aidl {
111 namespace android {
112 namespace hardware {
113 namespace wifi {
114 namespace supplicant {
115 using aidl_return_util::validateAndCall;
116 using misc_utils::createStatus;
117 using misc_utils::createStatusWithMsg;
118
StaNetwork(struct wpa_global * wpa_global,const char ifname[],int network_id)119 StaNetwork::StaNetwork(
120 struct wpa_global *wpa_global, const char ifname[], int network_id)
121 : wpa_global_(wpa_global),
122 ifname_(ifname),
123 network_id_(network_id),
124 is_valid_(true)
125 {
126 tlsFlags = 0;
127 }
128
invalidate()129 void StaNetwork::invalidate() { is_valid_ = false; }
isValid()130 bool StaNetwork::isValid()
131 {
132 return (is_valid_ && (retrieveNetworkPtr() != nullptr));
133 }
134
getId(int32_t * _aidl_return)135 ::ndk::ScopedAStatus StaNetwork::getId(
136 int32_t* _aidl_return)
137 {
138 return validateAndCall(
139 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
140 &StaNetwork::getIdInternal, _aidl_return);
141 }
142
getInterfaceName(std::string * _aidl_return)143 ::ndk::ScopedAStatus StaNetwork::getInterfaceName(
144 std::string* _aidl_return)
145 {
146 return validateAndCall(
147 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
148 &StaNetwork::getInterfaceNameInternal, _aidl_return);
149 }
150
getType(IfaceType * _aidl_return)151 ::ndk::ScopedAStatus StaNetwork::getType(
152 IfaceType* _aidl_return)
153 {
154 return validateAndCall(
155 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
156 &StaNetwork::getTypeInternal, _aidl_return);
157 }
158
registerCallback(const std::shared_ptr<ISupplicantStaNetworkCallback> & in_callback)159 ::ndk::ScopedAStatus StaNetwork::registerCallback(
160 const std::shared_ptr<ISupplicantStaNetworkCallback>& in_callback)
161 {
162 return validateAndCall(
163 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
164 &StaNetwork::registerCallbackInternal, in_callback);
165 }
166
setSsid(const std::vector<uint8_t> & in_ssid)167 ::ndk::ScopedAStatus StaNetwork::setSsid(
168 const std::vector<uint8_t>& in_ssid)
169 {
170 return validateAndCall(
171 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
172 &StaNetwork::setSsidInternal, in_ssid);
173 }
174
setBssid(const std::vector<uint8_t> & in_bssid)175 ::ndk::ScopedAStatus StaNetwork::setBssid(
176 const std::vector<uint8_t>& in_bssid)
177 {
178 return validateAndCall(
179 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
180 &StaNetwork::setBssidInternal, in_bssid);
181 }
182
setDppKeys(const DppConnectionKeys & in_keys)183 ::ndk::ScopedAStatus StaNetwork::setDppKeys(const DppConnectionKeys& in_keys)
184 {
185 return validateAndCall(
186 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
187 &StaNetwork::setDppKeysInternal, in_keys);
188 }
189
setScanSsid(bool in_enable)190 ::ndk::ScopedAStatus StaNetwork::setScanSsid(bool in_enable)
191 {
192 return validateAndCall(
193 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
194 &StaNetwork::setScanSsidInternal, in_enable);
195 }
196
setKeyMgmt(KeyMgmtMask in_keyMgmtMask)197 ::ndk::ScopedAStatus StaNetwork::setKeyMgmt(
198 KeyMgmtMask in_keyMgmtMask)
199 {
200 return validateAndCall(
201 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
202 &StaNetwork::setKeyMgmtInternal, in_keyMgmtMask);
203 }
204
setProto(ProtoMask in_protoMask)205 ::ndk::ScopedAStatus StaNetwork::setProto(
206 ProtoMask in_protoMask)
207 {
208 return validateAndCall(
209 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
210 &StaNetwork::setProtoInternal, in_protoMask);
211 }
212
setAuthAlg(AuthAlgMask in_authAlgMask)213 ::ndk::ScopedAStatus StaNetwork::setAuthAlg(
214 AuthAlgMask in_authAlgMask)
215 {
216 return validateAndCall(
217 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
218 &StaNetwork::setAuthAlgInternal, in_authAlgMask);
219 }
220
setGroupCipher(GroupCipherMask in_groupCipherMask)221 ::ndk::ScopedAStatus StaNetwork::setGroupCipher(
222 GroupCipherMask in_groupCipherMask)
223 {
224 return validateAndCall(
225 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
226 &StaNetwork::setGroupCipherInternal, in_groupCipherMask);
227 }
228
setPairwiseCipher(PairwiseCipherMask in_pairwiseCipherMask)229 ::ndk::ScopedAStatus StaNetwork::setPairwiseCipher(
230 PairwiseCipherMask in_pairwiseCipherMask)
231 {
232 return validateAndCall(
233 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
234 &StaNetwork::setPairwiseCipherInternal,
235 in_pairwiseCipherMask);
236 }
237
setPskPassphrase(const std::string & in_psk)238 ::ndk::ScopedAStatus StaNetwork::setPskPassphrase(
239 const std::string& in_psk)
240 {
241 return validateAndCall(
242 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
243 &StaNetwork::setPskPassphraseInternal, in_psk);
244 }
245
setPsk(const std::vector<uint8_t> & in_psk)246 ::ndk::ScopedAStatus StaNetwork::setPsk(
247 const std::vector<uint8_t>& in_psk)
248 {
249 return validateAndCall(
250 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
251 &StaNetwork::setPskInternal, in_psk);
252 }
253
setWepKey(int32_t in_keyIdx,const std::vector<uint8_t> & in_wepKey)254 ::ndk::ScopedAStatus StaNetwork::setWepKey(
255 int32_t in_keyIdx, const std::vector<uint8_t>& in_wepKey)
256 {
257 return validateAndCall(
258 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
259 &StaNetwork::setWepKeyInternal, in_keyIdx, in_wepKey);
260 }
261
setWepTxKeyIdx(int32_t in_keyIdx)262 ::ndk::ScopedAStatus StaNetwork::setWepTxKeyIdx(
263 int32_t in_keyIdx)
264 {
265 return validateAndCall(
266 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
267 &StaNetwork::setWepTxKeyIdxInternal, in_keyIdx);
268 }
269
setRequirePmf(bool in_enable)270 ::ndk::ScopedAStatus StaNetwork::setRequirePmf(bool in_enable)
271 {
272 return validateAndCall(
273 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
274 &StaNetwork::setRequirePmfInternal, in_enable);
275 }
276
setEapMethod(EapMethod in_method)277 ::ndk::ScopedAStatus StaNetwork::setEapMethod(
278 EapMethod in_method)
279 {
280 return validateAndCall(
281 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
282 &StaNetwork::setEapMethodInternal, in_method);
283 }
284
setEapPhase2Method(EapPhase2Method in_method)285 ::ndk::ScopedAStatus StaNetwork::setEapPhase2Method(
286 EapPhase2Method in_method)
287 {
288 return validateAndCall(
289 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
290 &StaNetwork::setEapPhase2MethodInternal, in_method);
291 }
292
setEapIdentity(const std::vector<uint8_t> & in_identity)293 ::ndk::ScopedAStatus StaNetwork::setEapIdentity(
294 const std::vector<uint8_t>& in_identity)
295 {
296 return validateAndCall(
297 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
298 &StaNetwork::setEapIdentityInternal, in_identity);
299 }
300
setEapEncryptedImsiIdentity(const std::vector<uint8_t> & in_identity)301 ::ndk::ScopedAStatus StaNetwork::setEapEncryptedImsiIdentity(
302 const std::vector<uint8_t>& in_identity)
303 {
304 return validateAndCall(
305 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
306 &StaNetwork::setEapEncryptedImsiIdentityInternal,
307 in_identity);
308 }
309
setStrictConservativePeerMode(bool in_enable)310 ::ndk::ScopedAStatus StaNetwork::setStrictConservativePeerMode(
311 bool in_enable)
312 {
313 return validateAndCall(
314 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
315 &StaNetwork::setStrictConservativePeerModeInternal,
316 in_enable);
317 }
318
setEapAnonymousIdentity(const std::vector<uint8_t> & in_identity)319 ::ndk::ScopedAStatus StaNetwork::setEapAnonymousIdentity(
320 const std::vector<uint8_t>& in_identity)
321 {
322 return validateAndCall(
323 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
324 &StaNetwork::setEapAnonymousIdentityInternal, in_identity);
325 }
326
setEapPassword(const std::vector<uint8_t> & in_password)327 ::ndk::ScopedAStatus StaNetwork::setEapPassword(
328 const std::vector<uint8_t>& in_password)
329 {
330 return validateAndCall(
331 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
332 &StaNetwork::setEapPasswordInternal, in_password);
333 }
334
setEapCACert(const std::string & in_path)335 ::ndk::ScopedAStatus StaNetwork::setEapCACert(
336 const std::string& in_path)
337 {
338 return validateAndCall(
339 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
340 &StaNetwork::setEapCACertInternal, in_path);
341 }
342
setEapCAPath(const std::string & in_path)343 ::ndk::ScopedAStatus StaNetwork::setEapCAPath(
344 const std::string& in_path)
345 {
346 return validateAndCall(
347 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
348 &StaNetwork::setEapCAPathInternal, in_path);
349 }
350
setEapClientCert(const std::string & in_path)351 ::ndk::ScopedAStatus StaNetwork::setEapClientCert(
352 const std::string& in_path)
353 {
354 return validateAndCall(
355 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
356 &StaNetwork::setEapClientCertInternal, in_path);
357 }
358
setEapPrivateKeyId(const std::string & in_id)359 ::ndk::ScopedAStatus StaNetwork::setEapPrivateKeyId(
360 const std::string& in_id)
361 {
362 return validateAndCall(
363 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
364 &StaNetwork::setEapPrivateKeyIdInternal, in_id);
365 }
366
setEapSubjectMatch(const std::string & in_match)367 ::ndk::ScopedAStatus StaNetwork::setEapSubjectMatch(
368 const std::string& in_match)
369 {
370 return validateAndCall(
371 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
372 &StaNetwork::setEapSubjectMatchInternal, in_match);
373 }
374
setEapAltSubjectMatch(const std::string & in_match)375 ::ndk::ScopedAStatus StaNetwork::setEapAltSubjectMatch(
376 const std::string& in_match)
377 {
378 return validateAndCall(
379 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
380 &StaNetwork::setEapAltSubjectMatchInternal, in_match);
381 }
382
setEapEngine(bool in_enable)383 ::ndk::ScopedAStatus StaNetwork::setEapEngine(bool in_enable)
384 {
385 return validateAndCall(
386 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
387 &StaNetwork::setEapEngineInternal, in_enable);
388 }
389
setEapEngineID(const std::string & in_id)390 ::ndk::ScopedAStatus StaNetwork::setEapEngineID(
391 const std::string& in_id)
392 {
393 return validateAndCall(
394 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
395 &StaNetwork::setEapEngineIDInternal, in_id);
396 }
397
setEapDomainSuffixMatch(const std::string & in_match)398 ::ndk::ScopedAStatus StaNetwork::setEapDomainSuffixMatch(
399 const std::string& in_match)
400 {
401 return validateAndCall(
402 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
403 &StaNetwork::setEapDomainSuffixMatchInternal, in_match);
404 }
405
setProactiveKeyCaching(bool in_enable)406 ::ndk::ScopedAStatus StaNetwork::setProactiveKeyCaching(
407 bool in_enable)
408 {
409 return validateAndCall(
410 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
411 &StaNetwork::setProactiveKeyCachingInternal, in_enable);
412 }
413
setIdStr(const std::string & in_idStr)414 ::ndk::ScopedAStatus StaNetwork::setIdStr(
415 const std::string& in_idStr)
416 {
417 return validateAndCall(
418 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
419 &StaNetwork::setIdStrInternal, in_idStr);
420 }
421
setUpdateIdentifier(int32_t in_id)422 ::ndk::ScopedAStatus StaNetwork::setUpdateIdentifier(
423 int32_t in_id)
424 {
425 return validateAndCall(
426 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
427 &StaNetwork::setUpdateIdentifierInternal, in_id);
428 }
429
setWapiCertSuite(const std::string & in_suite)430 ::ndk::ScopedAStatus StaNetwork::setWapiCertSuite(
431 const std::string& in_suite)
432 {
433 return validateAndCall(
434 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
435 &StaNetwork::setWapiCertSuiteInternal, in_suite);
436 }
437
setEdmg(bool in_enable)438 ::ndk::ScopedAStatus StaNetwork::setEdmg(bool in_enable)
439 {
440 return validateAndCall(
441 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
442 &StaNetwork::setEdmgInternal, in_enable);
443 }
444
getSsid(std::vector<uint8_t> * _aidl_return)445 ::ndk::ScopedAStatus StaNetwork::getSsid(
446 std::vector<uint8_t>* _aidl_return)
447 {
448 return validateAndCall(
449 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
450 &StaNetwork::getSsidInternal, _aidl_return);
451 }
452
getBssid(std::vector<uint8_t> * _aidl_return)453 ndk::ScopedAStatus StaNetwork::getBssid(
454 std::vector<uint8_t>* _aidl_return)
455 {
456 return validateAndCall(
457 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
458 &StaNetwork::getBssidInternal, _aidl_return);
459 }
460
getScanSsid(bool * _aidl_return)461 ::ndk::ScopedAStatus StaNetwork::getScanSsid(
462 bool* _aidl_return)
463 {
464 return validateAndCall(
465 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
466 &StaNetwork::getScanSsidInternal, _aidl_return);
467 }
468
getKeyMgmt(KeyMgmtMask * _aidl_return)469 ::ndk::ScopedAStatus StaNetwork::getKeyMgmt(
470 KeyMgmtMask* _aidl_return)
471 {
472 return validateAndCall(
473 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
474 &StaNetwork::getKeyMgmtInternal, _aidl_return);
475 }
476
getProto(ProtoMask * _aidl_return)477 ::ndk::ScopedAStatus StaNetwork::getProto(
478 ProtoMask* _aidl_return)
479 {
480 return validateAndCall(
481 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
482 &StaNetwork::getProtoInternal, _aidl_return);
483 }
484
getAuthAlg(AuthAlgMask * _aidl_return)485 ::ndk::ScopedAStatus StaNetwork::getAuthAlg(
486 AuthAlgMask* _aidl_return)
487 {
488 return validateAndCall(
489 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
490 &StaNetwork::getAuthAlgInternal, _aidl_return);
491 }
492
getGroupCipher(GroupCipherMask * _aidl_return)493 ::ndk::ScopedAStatus StaNetwork::getGroupCipher(
494 GroupCipherMask* _aidl_return)
495 {
496 return validateAndCall(
497 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
498 &StaNetwork::getGroupCipherInternal, _aidl_return);
499 }
500
getPairwiseCipher(PairwiseCipherMask * _aidl_return)501 ::ndk::ScopedAStatus StaNetwork::getPairwiseCipher(
502 PairwiseCipherMask* _aidl_return)
503 {
504 return validateAndCall(
505 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
506 &StaNetwork::getPairwiseCipherInternal, _aidl_return);
507 }
508
getPskPassphrase(std::string * _aidl_return)509 ::ndk::ScopedAStatus StaNetwork::getPskPassphrase(
510 std::string* _aidl_return)
511 {
512 return validateAndCall(
513 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
514 &StaNetwork::getPskPassphraseInternal, _aidl_return);
515 }
516
getPsk(std::vector<uint8_t> * _aidl_return)517 ::ndk::ScopedAStatus StaNetwork::getPsk(
518 std::vector<uint8_t>* _aidl_return)
519 {
520 return validateAndCall(
521 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
522 &StaNetwork::getPskInternal, _aidl_return);
523 }
524
getSaePassword(std::string * _aidl_return)525 ::ndk::ScopedAStatus StaNetwork::getSaePassword(
526 std::string* _aidl_return)
527 {
528 return validateAndCall(
529 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
530 &StaNetwork::getSaePasswordInternal, _aidl_return);
531 }
532
getSaePasswordId(std::string * _aidl_return)533 ::ndk::ScopedAStatus StaNetwork::getSaePasswordId(
534 std::string* _aidl_return)
535 {
536 return validateAndCall(
537 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
538 &StaNetwork::getSaePasswordIdInternal, _aidl_return);
539 }
540
getWepKey(int32_t in_keyIdx,std::vector<uint8_t> * _aidl_return)541 ::ndk::ScopedAStatus StaNetwork::getWepKey(
542 int32_t in_keyIdx,
543 std::vector<uint8_t>* _aidl_return)
544 {
545 return validateAndCall(
546 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
547 &StaNetwork::getWepKeyInternal, _aidl_return, in_keyIdx);
548 }
549
getWepTxKeyIdx(int32_t * _aidl_return)550 ::ndk::ScopedAStatus StaNetwork::getWepTxKeyIdx(
551 int32_t* _aidl_return)
552 {
553 return validateAndCall(
554 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
555 &StaNetwork::getWepTxKeyIdxInternal, _aidl_return);
556 }
557
getRequirePmf(bool * _aidl_return)558 ::ndk::ScopedAStatus StaNetwork::getRequirePmf(
559 bool* _aidl_return)
560 {
561 return validateAndCall(
562 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
563 &StaNetwork::getRequirePmfInternal, _aidl_return);
564 }
565
getEapMethod(EapMethod * _aidl_return)566 ::ndk::ScopedAStatus StaNetwork::getEapMethod(
567 EapMethod* _aidl_return)
568 {
569 return validateAndCall(
570 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
571 &StaNetwork::getEapMethodInternal, _aidl_return);
572 }
573
getEapPhase2Method(EapPhase2Method * _aidl_return)574 ::ndk::ScopedAStatus StaNetwork::getEapPhase2Method(
575 EapPhase2Method* _aidl_return)
576 {
577 return validateAndCall(
578 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
579 &StaNetwork::getEapPhase2MethodInternal, _aidl_return);
580 }
581
getEapIdentity(std::vector<uint8_t> * _aidl_return)582 ::ndk::ScopedAStatus StaNetwork::getEapIdentity(
583 std::vector<uint8_t>* _aidl_return)
584 {
585 return validateAndCall(
586 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
587 &StaNetwork::getEapIdentityInternal, _aidl_return);
588 }
589
getEapAnonymousIdentity(std::vector<uint8_t> * _aidl_return)590 ::ndk::ScopedAStatus StaNetwork::getEapAnonymousIdentity(
591 std::vector<uint8_t>* _aidl_return)
592 {
593 return validateAndCall(
594 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
595 &StaNetwork::getEapAnonymousIdentityInternal, _aidl_return);
596 }
597
getEapPassword(std::vector<uint8_t> * _aidl_return)598 ::ndk::ScopedAStatus StaNetwork::getEapPassword(
599 std::vector<uint8_t>* _aidl_return)
600 {
601 return validateAndCall(
602 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
603 &StaNetwork::getEapPasswordInternal, _aidl_return);
604 }
605
getEapCACert(std::string * _aidl_return)606 ::ndk::ScopedAStatus StaNetwork::getEapCACert(
607 std::string* _aidl_return)
608 {
609 return validateAndCall(
610 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
611 &StaNetwork::getEapCACertInternal, _aidl_return);
612 }
613
getEapCAPath(std::string * _aidl_return)614 ::ndk::ScopedAStatus StaNetwork::getEapCAPath(
615 std::string* _aidl_return)
616 {
617 return validateAndCall(
618 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
619 &StaNetwork::getEapCAPathInternal, _aidl_return);
620 }
621
getEapClientCert(std::string * _aidl_return)622 ::ndk::ScopedAStatus StaNetwork::getEapClientCert(
623 std::string* _aidl_return)
624 {
625 return validateAndCall(
626 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
627 &StaNetwork::getEapClientCertInternal, _aidl_return);
628 }
629
getEapPrivateKeyId(std::string * _aidl_return)630 ::ndk::ScopedAStatus StaNetwork::getEapPrivateKeyId(
631 std::string* _aidl_return)
632 {
633 return validateAndCall(
634 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
635 &StaNetwork::getEapPrivateKeyIdInternal, _aidl_return);
636 }
637
getEapSubjectMatch(std::string * _aidl_return)638 ::ndk::ScopedAStatus StaNetwork::getEapSubjectMatch(
639 std::string* _aidl_return)
640 {
641 return validateAndCall(
642 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
643 &StaNetwork::getEapSubjectMatchInternal, _aidl_return);
644 }
645
getEapAltSubjectMatch(std::string * _aidl_return)646 ::ndk::ScopedAStatus StaNetwork::getEapAltSubjectMatch(
647 std::string* _aidl_return)
648 {
649 return validateAndCall(
650 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
651 &StaNetwork::getEapAltSubjectMatchInternal, _aidl_return);
652 }
653
getEapEngine(bool * _aidl_return)654 ::ndk::ScopedAStatus StaNetwork::getEapEngine(
655 bool* _aidl_return)
656 {
657 return validateAndCall(
658 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
659 &StaNetwork::getEapEngineInternal, _aidl_return);
660 }
661
getEapEngineId(std::string * _aidl_return)662 ::ndk::ScopedAStatus StaNetwork::getEapEngineId(
663 std::string* _aidl_return)
664 {
665 return validateAndCall(
666 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
667 &StaNetwork::getEapEngineIdInternal, _aidl_return);
668 }
669
getEapDomainSuffixMatch(std::string * _aidl_return)670 ::ndk::ScopedAStatus StaNetwork::getEapDomainSuffixMatch(
671 std::string* _aidl_return)
672 {
673 return validateAndCall(
674 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
675 &StaNetwork::getEapDomainSuffixMatchInternal, _aidl_return);
676 }
677
getIdStr(std::string * _aidl_return)678 ::ndk::ScopedAStatus StaNetwork::getIdStr(
679 std::string* _aidl_return)
680 {
681 return validateAndCall(
682 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
683 &StaNetwork::getIdStrInternal, _aidl_return);
684 }
685
getWpsNfcConfigurationToken(std::vector<uint8_t> * _aidl_return)686 ::ndk::ScopedAStatus StaNetwork::getWpsNfcConfigurationToken(
687 std::vector<uint8_t>* _aidl_return)
688 {
689 return validateAndCall(
690 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
691 &StaNetwork::getWpsNfcConfigurationTokenInternal, _aidl_return);
692 }
693
getWapiCertSuite(std::string * _aidl_return)694 ::ndk::ScopedAStatus StaNetwork::getWapiCertSuite(
695 std::string* _aidl_return)
696 {
697 return validateAndCall(
698 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
699 &StaNetwork::getWapiCertSuiteInternal, _aidl_return);
700 }
701
getEdmg(bool * _aidl_return)702 ::ndk::ScopedAStatus StaNetwork::getEdmg(
703 bool* _aidl_return)
704 {
705 return validateAndCall(
706 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
707 &StaNetwork::getEdmgInternal, _aidl_return);
708 }
709
enable(bool in_noConnect)710 ::ndk::ScopedAStatus StaNetwork::enable(bool in_noConnect)
711 {
712 return validateAndCall(
713 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
714 &StaNetwork::enableInternal, in_noConnect);
715 }
716
disable()717 ::ndk::ScopedAStatus StaNetwork::disable()
718 {
719 return validateAndCall(
720 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
721 &StaNetwork::disableInternal);
722 }
723
select()724 ::ndk::ScopedAStatus StaNetwork::select()
725 {
726 return validateAndCall(
727 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
728 &StaNetwork::selectInternal);
729 }
730
sendNetworkEapSimGsmAuthResponse(const std::vector<NetworkResponseEapSimGsmAuthParams> & in_params)731 ::ndk::ScopedAStatus StaNetwork::sendNetworkEapSimGsmAuthResponse(
732 const std::vector<NetworkResponseEapSimGsmAuthParams>& in_params)
733 {
734 return validateAndCall(
735 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
736 &StaNetwork::sendNetworkEapSimGsmAuthResponseInternal,
737 in_params);
738 }
739
sendNetworkEapSimGsmAuthFailure()740 ::ndk::ScopedAStatus StaNetwork::sendNetworkEapSimGsmAuthFailure()
741 {
742 return validateAndCall(
743 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
744 &StaNetwork::sendNetworkEapSimGsmAuthFailureInternal);
745 }
746
sendNetworkEapSimUmtsAuthResponse(const NetworkResponseEapSimUmtsAuthParams & in_params)747 ::ndk::ScopedAStatus StaNetwork::sendNetworkEapSimUmtsAuthResponse(
748 const NetworkResponseEapSimUmtsAuthParams& in_params)
749 {
750 return validateAndCall(
751 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
752 &StaNetwork::sendNetworkEapSimUmtsAuthResponseInternal,
753 in_params);
754 }
755
sendNetworkEapSimUmtsAutsResponse(const std::vector<uint8_t> & in_auts)756 ::ndk::ScopedAStatus StaNetwork::sendNetworkEapSimUmtsAutsResponse(
757 const std::vector<uint8_t>& in_auts)
758 {
759 return validateAndCall(
760 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
761 &StaNetwork::sendNetworkEapSimUmtsAutsResponseInternal,
762 in_auts);
763 }
764
sendNetworkEapSimUmtsAuthFailure()765 ::ndk::ScopedAStatus StaNetwork::sendNetworkEapSimUmtsAuthFailure()
766 {
767 return validateAndCall(
768 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
769 &StaNetwork::sendNetworkEapSimUmtsAuthFailureInternal);
770 }
771
sendNetworkEapIdentityResponse(const std::vector<uint8_t> & in_identity,const std::vector<uint8_t> & in_encryptedIdentity)772 ::ndk::ScopedAStatus StaNetwork::sendNetworkEapIdentityResponse(
773 const std::vector<uint8_t>& in_identity,
774 const std::vector<uint8_t>& in_encryptedIdentity)
775 {
776 return validateAndCall(
777 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
778 &StaNetwork::sendNetworkEapIdentityResponseInternal,
779 in_identity, in_encryptedIdentity);
780 }
781
setGroupMgmtCipher(GroupMgmtCipherMask in_groupMgmtCipherMask)782 ::ndk::ScopedAStatus StaNetwork::setGroupMgmtCipher(
783 GroupMgmtCipherMask in_groupMgmtCipherMask)
784 {
785 return validateAndCall(
786 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
787 &StaNetwork::setGroupMgmtCipherInternal,
788 in_groupMgmtCipherMask);
789 }
790
getGroupMgmtCipher(GroupMgmtCipherMask * _aidl_return)791 ::ndk::ScopedAStatus StaNetwork::getGroupMgmtCipher(
792 GroupMgmtCipherMask* _aidl_return)
793 {
794 return validateAndCall(
795 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
796 &StaNetwork::getGroupMgmtCipherInternal, _aidl_return);
797 }
798
enableTlsSuiteBEapPhase1Param(bool in_enable)799 ::ndk::ScopedAStatus StaNetwork::enableTlsSuiteBEapPhase1Param(
800 bool in_enable)
801 {
802 return validateAndCall(
803 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
804 &StaNetwork::enableTlsSuiteBEapPhase1ParamInternal, in_enable);
805 }
806
enableSuiteBEapOpenSslCiphers()807 ::ndk::ScopedAStatus StaNetwork::enableSuiteBEapOpenSslCiphers()
808 {
809 return validateAndCall(
810 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
811 &StaNetwork::enableSuiteBEapOpenSslCiphersInternal);
812 }
813
setSaePassword(const std::string & in_saePassword)814 ::ndk::ScopedAStatus StaNetwork::setSaePassword(
815 const std::string& in_saePassword)
816 {
817 return validateAndCall(
818 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
819 &StaNetwork::setSaePasswordInternal, in_saePassword);
820 }
821
setSaePasswordId(const std::string & in_saePasswordId)822 ::ndk::ScopedAStatus StaNetwork::setSaePasswordId(
823 const std::string& in_saePasswordId)
824 {
825 return validateAndCall(
826 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
827 &StaNetwork::setSaePasswordIdInternal, in_saePasswordId);
828 }
829
setOcsp(OcspType in_ocspType)830 ::ndk::ScopedAStatus StaNetwork::setOcsp(
831 OcspType in_ocspType)
832 {
833 return validateAndCall(
834 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
835 &StaNetwork::setOcspInternal, in_ocspType);
836 }
837
getOcsp(OcspType * _aidl_return)838 ::ndk::ScopedAStatus StaNetwork::getOcsp(
839 OcspType* _aidl_return)
840 {
841 return validateAndCall(
842 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
843 &StaNetwork::getOcspInternal, _aidl_return);
844 }
845
setPmkCache(const std::vector<uint8_t> & in_serializedEntry)846 ::ndk::ScopedAStatus StaNetwork::setPmkCache(
847 const std::vector<uint8_t>& in_serializedEntry)
848 {
849 return validateAndCall(
850 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
851 &StaNetwork::setPmkCacheInternal, in_serializedEntry);
852 }
853
setEapErp(bool in_enable)854 ::ndk::ScopedAStatus StaNetwork::setEapErp(
855 bool in_enable)
856 {
857 return validateAndCall(
858 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
859 &StaNetwork::setEapErpInternal, in_enable);
860 }
861
setSaeH2eMode(SaeH2eMode in_mode)862 ::ndk::ScopedAStatus StaNetwork::setSaeH2eMode(
863 SaeH2eMode in_mode)
864 {
865 return validateAndCall(
866 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
867 &StaNetwork::setSaeH2eModeInternal, in_mode);
868 }
869
enableSaePkOnlyMode(bool in_enable)870 ::ndk::ScopedAStatus StaNetwork::enableSaePkOnlyMode(
871 bool in_enable)
872 {
873 return validateAndCall(
874 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
875 &StaNetwork::enableSaePkOnlyModeInternal, in_enable);
876 }
877
setRoamingConsortiumSelection(const std::vector<uint8_t> & in_selectedRcoi)878 ::ndk::ScopedAStatus StaNetwork::setRoamingConsortiumSelection(
879 const std::vector<uint8_t>& in_selectedRcoi)
880 {
881 return validateAndCall(
882 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
883 &StaNetwork::setRoamingConsortiumSelectionInternal, in_selectedRcoi);
884 }
885
setMinimumTlsVersionEapPhase1Param(TlsVersion in_tlsVersion)886 ::ndk::ScopedAStatus StaNetwork::setMinimumTlsVersionEapPhase1Param(
887 TlsVersion in_tlsVersion)
888 {
889 return validateAndCall(
890 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
891 &StaNetwork::setMinimumTlsVersionEapPhase1ParamInternal, in_tlsVersion);
892 }
893
disableEht()894 ::ndk::ScopedAStatus StaNetwork::disableEht()
895 {
896 return validateAndCall(
897 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
898 &StaNetwork::disableEhtInternal);
899 }
900
setVendorData(const std::vector<common::OuiKeyedData> & in_vendorData)901 ::ndk::ScopedAStatus StaNetwork::setVendorData(
902 const std::vector<common::OuiKeyedData>& in_vendorData)
903 {
904 return validateAndCall(
905 this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
906 &StaNetwork::setVendorDataInternal, in_vendorData);
907 }
908
getIdInternal()909 std::pair<uint32_t, ndk::ScopedAStatus> StaNetwork::getIdInternal()
910 {
911 return {network_id_, ndk::ScopedAStatus::ok()};
912 }
913
getInterfaceNameInternal()914 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getInterfaceNameInternal()
915 {
916 return {ifname_, ndk::ScopedAStatus::ok()};
917 }
918
getTypeInternal()919 std::pair<IfaceType, ndk::ScopedAStatus> StaNetwork::getTypeInternal()
920 {
921 return {IfaceType::STA, ndk::ScopedAStatus::ok()};
922 }
923
registerCallbackInternal(const std::shared_ptr<ISupplicantStaNetworkCallback> & callback)924 ndk::ScopedAStatus StaNetwork::registerCallbackInternal(
925 const std::shared_ptr<ISupplicantStaNetworkCallback> &callback)
926 {
927 AidlManager *aidl_manager = AidlManager::getInstance();
928 if (!aidl_manager || aidl_manager->addStaNetworkCallbackAidlObject(
929 ifname_, network_id_, callback)) {
930 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
931 }
932 return ndk::ScopedAStatus::ok();
933 }
934
setSsidInternal(const std::vector<uint8_t> & ssid)935 ndk::ScopedAStatus StaNetwork::setSsidInternal(const std::vector<uint8_t> &ssid)
936 {
937 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
938 if (ssid.size() == 0 ||
939 ssid.size() >
940 static_cast<uint32_t>(ISupplicantStaNetwork::
941 SSID_MAX_LEN_IN_BYTES)) {
942 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
943 }
944 if (setByteArrayFieldAndResetState(
945 ssid.data(), ssid.size(), &(wpa_ssid->ssid),
946 &(wpa_ssid->ssid_len), "ssid")) {
947 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
948 }
949 if (wpa_ssid->passphrase) {
950 wpa_config_update_psk(wpa_ssid);
951 }
952 return ndk::ScopedAStatus::ok();
953 }
954
setBssidInternal(const std::vector<uint8_t> & bssid)955 ndk::ScopedAStatus StaNetwork::setBssidInternal(
956 const std::vector<uint8_t> &bssid)
957 {
958 if (bssid.size() != ETH_ALEN) {
959 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
960 }
961 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
962 int prev_bssid_set = wpa_ssid->bssid_set;
963 u8 prev_bssid[ETH_ALEN];
964 os_memcpy(prev_bssid, wpa_ssid->bssid, ETH_ALEN);
965 // Zero'ed array is used to clear out the BSSID value.
966 if (os_memcmp(bssid.data(), kZeroBssid, ETH_ALEN) == 0) {
967 wpa_ssid->bssid_set = 0;
968 wpa_printf(MSG_MSGDUMP, "BSSID any");
969 } else {
970 os_memcpy(wpa_ssid->bssid, bssid.data(), ETH_ALEN);
971 wpa_ssid->bssid_set = 1;
972 wpa_hexdump(MSG_MSGDUMP, "BSSID", wpa_ssid->bssid, ETH_ALEN);
973 }
974 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
975 if ((wpa_ssid->bssid_set != prev_bssid_set ||
976 os_memcmp(wpa_ssid->bssid, prev_bssid, ETH_ALEN) != 0)) {
977 wpas_notify_network_bssid_set_changed(wpa_s, wpa_ssid);
978 }
979 return ndk::ScopedAStatus::ok();
980 }
981
setDppKeysInternal(const DppConnectionKeys & keys)982 ndk::ScopedAStatus StaNetwork::setDppKeysInternal(const DppConnectionKeys& keys)
983 {
984 #ifdef CONFIG_DPP
985 if (keys.connector.empty() || keys.cSign.empty() || keys.netAccessKey.empty()) {
986 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
987 }
988
989 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
990 std::string connector_str(keys.connector.begin(), keys.connector.end());
991
992 if (setStringFieldAndResetState(
993 connector_str.c_str(), &(wpa_ssid->dpp_connector), "dpp_connector")) {
994 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
995 }
996
997 if (setByteArrayFieldAndResetState(
998 keys.cSign.data(), keys.cSign.size(), &(wpa_ssid->dpp_csign),
999 &(wpa_ssid->dpp_csign_len), "dpp csign")) {
1000 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1001 }
1002
1003 if (setByteArrayFieldAndResetState(
1004 keys.netAccessKey.data(), keys.netAccessKey.size(), &(wpa_ssid->dpp_netaccesskey),
1005 &(wpa_ssid->dpp_netaccesskey_len), "dpp netAccessKey")) {
1006 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1007 }
1008
1009 return ndk::ScopedAStatus::ok();
1010 #else
1011 return createStatus(SupplicantStatusCode::FAILURE_UNSUPPORTED);
1012 #endif
1013 }
1014
setScanSsidInternal(bool enable)1015 ndk::ScopedAStatus StaNetwork::setScanSsidInternal(bool enable)
1016 {
1017 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1018 wpa_ssid->scan_ssid = enable ? 1 : 0;
1019 resetInternalStateAfterParamsUpdate();
1020 return ndk::ScopedAStatus::ok();
1021 }
1022
setAuthAlgInternal(AuthAlgMask mask)1023 ndk::ScopedAStatus StaNetwork::setAuthAlgInternal(
1024 AuthAlgMask mask)
1025 {
1026 uint32_t auth_alg_mask = static_cast<uint32_t>(mask);
1027 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1028 if (auth_alg_mask & ~kAllowedAuthAlgMask) {
1029 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1030 }
1031 wpa_ssid->auth_alg = auth_alg_mask;
1032 wpa_printf(MSG_MSGDUMP, "auth_alg: 0x%x", wpa_ssid->auth_alg);
1033 resetInternalStateAfterParamsUpdate();
1034 return ndk::ScopedAStatus::ok();
1035 }
1036
setEdmgInternal(bool enable)1037 ndk::ScopedAStatus StaNetwork::setEdmgInternal(bool enable)
1038 {
1039 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1040 wpa_ssid->enable_edmg = enable ? 1 : 0;
1041 resetInternalStateAfterParamsUpdate();
1042 return ndk::ScopedAStatus::ok();
1043 }
1044
setPskPassphraseInternal(const std::string & rawPsk)1045 ndk::ScopedAStatus StaNetwork::setPskPassphraseInternal(const std::string &rawPsk)
1046 {
1047 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1048 std::string psk = rawPsk;
1049 #ifdef CONFIG_WAPI_INTERFACE
1050 if (wpa_ssid->key_mgmt & WPA_KEY_MGMT_WAPI_PSK) {
1051 if (rawPsk.size() > 2 && rawPsk.front()== '"' && rawPsk.back() == '"') {
1052 psk = rawPsk.substr(1, rawPsk.size() - 2);
1053 } else {
1054 if ((rawPsk.size() & 1)) {
1055 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1056 }
1057 size_t len = psk.size() / 2;
1058 uint8_t *buf = (uint8_t *) os_malloc(len);
1059 if (hexstr2bin(psk.c_str(), buf, len) < 0) {
1060 os_free(buf);
1061 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1062 }
1063 std::vector<uint8_t> bytes(buf, buf + len);
1064 os_free(buf);
1065 return setWapiPskInternal(bytes);
1066 }
1067 }
1068 #endif
1069 if (isPskPassphraseValid(psk)) {
1070 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1071 }
1072 if (wpa_ssid->passphrase &&
1073 os_strlen(wpa_ssid->passphrase) == psk.size() &&
1074 os_memcmp(wpa_ssid->passphrase, psk.c_str(), psk.size()) == 0) {
1075 return ndk::ScopedAStatus::ok();
1076 }
1077 // Flag to indicate if raw psk is calculated or not using
1078 // |wpa_config_update_psk|. Deferred if ssid not already set.
1079 wpa_ssid->psk_set = 0;
1080 if (setStringKeyFieldAndResetState(
1081 psk.c_str(), &(wpa_ssid->passphrase), "psk passphrase")) {
1082 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1083 }
1084 if (wpa_ssid->ssid_len) {
1085 wpa_config_update_psk(wpa_ssid);
1086 }
1087 return ndk::ScopedAStatus::ok();
1088 }
1089
setPskInternal(const std::vector<uint8_t> & psk)1090 ndk::ScopedAStatus StaNetwork::setPskInternal(const std::vector<uint8_t> &psk)
1091 {
1092 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1093 WPA_ASSERT(psk.size() == sizeof(wpa_ssid->psk));
1094 str_clear_free(wpa_ssid->passphrase);
1095 wpa_ssid->passphrase = nullptr;
1096 os_memcpy(wpa_ssid->psk, psk.data(), sizeof(wpa_ssid->psk));
1097 wpa_ssid->psk_set = 1;
1098 resetInternalStateAfterParamsUpdate();
1099 return ndk::ScopedAStatus::ok();
1100 }
1101
setWepKeyInternal(uint32_t key_idx,const std::vector<uint8_t> & wep_key)1102 ndk::ScopedAStatus StaNetwork::setWepKeyInternal(
1103 uint32_t key_idx, const std::vector<uint8_t> &wep_key)
1104 {
1105 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1106 if (key_idx >=
1107 static_cast<uint32_t>(
1108 ISupplicantStaNetwork::WEP_KEYS_MAX_NUM)) {
1109 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1110 }
1111 if (wep_key.size() !=
1112 static_cast<uint32_t>(ISupplicantStaNetwork::
1113 WEP40_KEY_LEN_IN_BYTES) &&
1114 wep_key.size() !=
1115 static_cast<uint32_t>(ISupplicantStaNetwork::
1116 WEP104_KEY_LEN_IN_BYTES)) {
1117 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1118 }
1119 os_memcpy(wpa_ssid->wep_key[key_idx], wep_key.data(), wep_key.size());
1120 wpa_ssid->wep_key_len[key_idx] = wep_key.size();
1121 std::string msg_dump_title("wep_key" + std::to_string(key_idx));
1122 wpa_hexdump_key(
1123 MSG_MSGDUMP, msg_dump_title.c_str(), wpa_ssid->wep_key[key_idx],
1124 wpa_ssid->wep_key_len[key_idx]);
1125 resetInternalStateAfterParamsUpdate();
1126 return ndk::ScopedAStatus::ok();
1127 }
1128
setWepTxKeyIdxInternal(uint32_t key_idx)1129 ndk::ScopedAStatus StaNetwork::setWepTxKeyIdxInternal(uint32_t key_idx)
1130 {
1131 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1132 if (key_idx >=
1133 static_cast<uint32_t>(
1134 ISupplicantStaNetwork::WEP_KEYS_MAX_NUM)) {
1135 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1136 }
1137 wpa_ssid->wep_tx_keyidx = key_idx;
1138 resetInternalStateAfterParamsUpdate();
1139 return ndk::ScopedAStatus::ok();
1140 }
1141
setRequirePmfInternal(bool enable)1142 ndk::ScopedAStatus StaNetwork::setRequirePmfInternal(bool enable)
1143 {
1144 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1145 if (enable) {
1146 wpa_ssid->ieee80211w = MGMT_FRAME_PROTECTION_REQUIRED;
1147 }
1148 resetInternalStateAfterParamsUpdate();
1149 return ndk::ScopedAStatus::ok();
1150 }
1151
setEapMethodInternal(EapMethod method)1152 ndk::ScopedAStatus StaNetwork::setEapMethodInternal(
1153 EapMethod method)
1154 {
1155 uint32_t eap_method_idx = static_cast<
1156 std::underlying_type<EapMethod>::type>(
1157 method);
1158 if (eap_method_idx >= kEapMethodMax) {
1159 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1160 }
1161
1162 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1163 int retrieved_vendor, retrieved_method;
1164 const char *method_str = kEapMethodStrings[eap_method_idx];
1165 // This string lookup is needed to check if the device supports the
1166 // corresponding EAP type.
1167 retrieved_method = eap_peer_get_type(method_str, &retrieved_vendor);
1168 if (retrieved_vendor == EAP_VENDOR_IETF &&
1169 retrieved_method == EAP_TYPE_NONE) {
1170 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1171 }
1172 if (wpa_ssid->eap.eap_methods) {
1173 os_free(wpa_ssid->eap.eap_methods);
1174 }
1175 // wpa_supplicant can support setting multiple eap methods for each
1176 // network. But, this is not really used by Android. So, just adding
1177 // support for setting one EAP method for each network. The additional
1178 // |eap_method_type| member in the array is used to indicate the end
1179 // of list.
1180 wpa_ssid->eap.eap_methods =
1181 (eap_method_type *)os_malloc(sizeof(eap_method_type) * 2);
1182 if (!wpa_ssid->eap.eap_methods) {
1183 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1184 }
1185 wpa_ssid->eap.eap_methods[0].vendor = retrieved_vendor;
1186 wpa_ssid->eap.eap_methods[0].method = retrieved_method;
1187 wpa_ssid->eap.eap_methods[1].vendor = EAP_VENDOR_IETF;
1188 wpa_ssid->eap.eap_methods[1].method = EAP_TYPE_NONE;
1189
1190 wpa_ssid->leap = 0;
1191 wpa_ssid->non_leap = 0;
1192 if (retrieved_vendor == EAP_VENDOR_IETF &&
1193 retrieved_method == EAP_TYPE_LEAP) {
1194 wpa_ssid->leap++;
1195 } else {
1196 wpa_ssid->non_leap++;
1197 }
1198 wpa_hexdump(
1199 MSG_MSGDUMP, "eap methods", (u8 *)wpa_ssid->eap.eap_methods,
1200 sizeof(eap_method_type) * 2);
1201 resetInternalStateAfterParamsUpdate();
1202 return ndk::ScopedAStatus::ok();
1203 }
1204
setEapPhase2MethodInternal(EapPhase2Method method)1205 ndk::ScopedAStatus StaNetwork::setEapPhase2MethodInternal(
1206 EapPhase2Method method)
1207 {
1208 uint32_t eap_phase2_method_idx = static_cast<
1209 std::underlying_type<EapPhase2Method>::type>(
1210 method);
1211 if (eap_phase2_method_idx >= kEapPhase2MethodMax) {
1212 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
1213 }
1214
1215 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1216 // EAP method needs to be set for us to construct the eap
1217 // phase 2 method string.
1218 ndk::ScopedAStatus status;
1219 EapMethod eap_method;
1220 std::tie(eap_method, status) = getEapMethodInternal();
1221 if (!status.isOk()) {
1222 return createStatusWithMsg(SupplicantStatusCode::FAILURE_UNKNOWN,
1223 "EAP method not set");
1224 }
1225 std::string eap_phase2_str;
1226 if (method == EapPhase2Method::NONE) {
1227 eap_phase2_str = "";
1228 } else if (
1229 eap_method == EapMethod::TTLS &&
1230 method == EapPhase2Method::GTC) {
1231 eap_phase2_str = kEapPhase2AuthEapPrefix;
1232 } else {
1233 eap_phase2_str = kEapPhase2AuthPrefix;
1234 }
1235 eap_phase2_str += kEapPhase2MethodStrings[eap_phase2_method_idx];
1236 if (setStringFieldAndResetState(
1237 eap_phase2_str.c_str(), &(wpa_ssid->eap.phase2),
1238 "eap phase2")) {
1239 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1240 }
1241 return ndk::ScopedAStatus::ok();
1242 }
1243
setEapIdentityInternal(const std::vector<uint8_t> & identity)1244 ndk::ScopedAStatus StaNetwork::setEapIdentityInternal(
1245 const std::vector<uint8_t> &identity)
1246 {
1247 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1248 if (setByteArrayFieldAndResetState(
1249 identity.data(), identity.size(), &(wpa_ssid->eap.identity),
1250 &(wpa_ssid->eap.identity_len), "eap identity")) {
1251 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1252 }
1253 // plain IMSI identity
1254 if (setByteArrayFieldAndResetState(
1255 identity.data(), identity.size(),
1256 &(wpa_ssid->eap.imsi_identity),
1257 &(wpa_ssid->eap.imsi_identity_len), "eap imsi identity")) {
1258 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1259 }
1260 return ndk::ScopedAStatus::ok();
1261 }
1262
setEapEncryptedImsiIdentityInternal(const std::vector<uint8_t> & identity)1263 ndk::ScopedAStatus StaNetwork::setEapEncryptedImsiIdentityInternal(
1264 const std::vector<uint8_t> &identity)
1265 {
1266 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1267 // encrypted IMSI identity
1268 if (setByteArrayFieldAndResetState(
1269 identity.data(), identity.size(), &(wpa_ssid->eap.identity),
1270 &(wpa_ssid->eap.identity_len), "eap encrypted imsi identity")) {
1271 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1272 }
1273 return ndk::ScopedAStatus::ok();
1274 }
1275
setStrictConservativePeerModeInternal(bool enable)1276 ndk::ScopedAStatus StaNetwork::setStrictConservativePeerModeInternal(bool enable)
1277 {
1278 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1279 wpa_ssid->eap.strict_conservative_peer_mode = enable ? 1 : 0;
1280 return ndk::ScopedAStatus::ok();
1281 }
1282
setEapAnonymousIdentityInternal(const std::vector<uint8_t> & identity)1283 ndk::ScopedAStatus StaNetwork::setEapAnonymousIdentityInternal(
1284 const std::vector<uint8_t> &identity)
1285 {
1286 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1287 // If current supplicant pseudonym is the prefix of new pseudonym,
1288 // the credential is not changed, just update the decoration.
1289 // As a result, no need to reset the state.
1290 // The decorated identity will have a postfix like
1291 // @mncXXX.mccYYY.3gppnetwork.org, so the length will be always
1292 // greater than the current one.
1293 bool resetState = wpa_ssid->eap.anonymous_identity == NULL
1294 || wpa_ssid->eap.anonymous_identity_len == 0
1295 || identity.size() == 0
1296 || wpa_ssid->eap.anonymous_identity_len >= identity.size()
1297 || os_strncmp((char *) identity.data(),
1298 (char *) wpa_ssid->eap.anonymous_identity,
1299 wpa_ssid->eap.anonymous_identity_len) != 0;
1300 if (setByteArrayField(
1301 identity.data(), identity.size(),
1302 &(wpa_ssid->eap.anonymous_identity),
1303 &(wpa_ssid->eap.anonymous_identity_len),
1304 "eap anonymous_identity", resetState)) {
1305 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1306 }
1307 return ndk::ScopedAStatus::ok();
1308 }
1309
setEapPasswordInternal(const std::vector<uint8_t> & password)1310 ndk::ScopedAStatus StaNetwork::setEapPasswordInternal(
1311 const std::vector<uint8_t> &password)
1312 {
1313 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1314 if (setByteArrayKeyFieldAndResetState(
1315 password.data(), password.size(), &(wpa_ssid->eap.password),
1316 &(wpa_ssid->eap.password_len), "eap password")) {
1317 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1318 }
1319 wpa_ssid->eap.flags &= ~EAP_CONFIG_FLAGS_PASSWORD_NTHASH;
1320 wpa_ssid->eap.flags &= ~EAP_CONFIG_FLAGS_EXT_PASSWORD;
1321 return ndk::ScopedAStatus::ok();
1322 }
1323
setEapCACertInternal(const std::string & path)1324 ndk::ScopedAStatus StaNetwork::setEapCACertInternal(const std::string &path)
1325 {
1326 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1327 if (setStringFieldAndResetState(
1328 path.c_str(), &(wpa_ssid->eap.cert.ca_cert), "eap ca_cert")) {
1329 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1330 }
1331 return ndk::ScopedAStatus::ok();
1332 }
1333
setEapCAPathInternal(const std::string & path)1334 ndk::ScopedAStatus StaNetwork::setEapCAPathInternal(const std::string &path)
1335 {
1336 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1337 if (setStringFieldAndResetState(
1338 path.c_str(), &(wpa_ssid->eap.cert.ca_path), "eap ca_path")) {
1339 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1340 }
1341 return ndk::ScopedAStatus::ok();
1342 }
1343
setEapClientCertInternal(const std::string & path)1344 ndk::ScopedAStatus StaNetwork::setEapClientCertInternal(const std::string &path)
1345 {
1346 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1347 if (setStringFieldAndResetState(
1348 path.c_str(), &(wpa_ssid->eap.cert.client_cert),
1349 "eap client_cert")) {
1350 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1351 }
1352 return ndk::ScopedAStatus::ok();
1353 }
1354
setEapPrivateKeyIdInternal(const std::string & id)1355 ndk::ScopedAStatus StaNetwork::setEapPrivateKeyIdInternal(const std::string &id)
1356 {
1357 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1358 if (setStringFieldAndResetState(
1359 id.c_str(), &(wpa_ssid->eap.cert.key_id), "eap key_id")) {
1360 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1361 }
1362 return ndk::ScopedAStatus::ok();
1363 }
1364
setEapSubjectMatchInternal(const std::string & match)1365 ndk::ScopedAStatus StaNetwork::setEapSubjectMatchInternal(
1366 const std::string &match)
1367 {
1368 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1369 if (setStringFieldAndResetState(
1370 match.c_str(), &(wpa_ssid->eap.cert.subject_match),
1371 "eap subject_match")) {
1372 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1373 }
1374 return ndk::ScopedAStatus::ok();
1375 }
1376
setEapAltSubjectMatchInternal(const std::string & match)1377 ndk::ScopedAStatus StaNetwork::setEapAltSubjectMatchInternal(
1378 const std::string &match)
1379 {
1380 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1381 if (setStringFieldAndResetState(
1382 match.c_str(), &(wpa_ssid->eap.cert.altsubject_match),
1383 "eap altsubject_match")) {
1384 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1385 }
1386 return ndk::ScopedAStatus::ok();
1387 }
1388
setEapEngineInternal(bool enable)1389 ndk::ScopedAStatus StaNetwork::setEapEngineInternal(bool enable)
1390 {
1391 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1392 wpa_ssid->eap.cert.engine = enable ? 1 : 0;
1393 return ndk::ScopedAStatus::ok();
1394 }
1395
setEapEngineIDInternal(const std::string & id)1396 ndk::ScopedAStatus StaNetwork::setEapEngineIDInternal(const std::string &id)
1397 {
1398 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1399 if (setStringFieldAndResetState(
1400 id.c_str(), &(wpa_ssid->eap.cert.engine_id), "eap engine_id")) {
1401 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1402 }
1403 return ndk::ScopedAStatus::ok();
1404 }
1405
setEapDomainSuffixMatchInternal(const std::string & match)1406 ndk::ScopedAStatus StaNetwork::setEapDomainSuffixMatchInternal(
1407 const std::string &match)
1408 {
1409 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1410 if (setStringFieldAndResetState(
1411 match.c_str(), &(wpa_ssid->eap.cert.domain_suffix_match),
1412 "eap domain_suffix_match")) {
1413 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1414 }
1415 return ndk::ScopedAStatus::ok();
1416 }
1417
setProactiveKeyCachingInternal(bool enable)1418 ndk::ScopedAStatus StaNetwork::setProactiveKeyCachingInternal(bool enable)
1419 {
1420 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1421 wpa_ssid->proactive_key_caching = enable ? 1 : 0;
1422 resetInternalStateAfterParamsUpdate();
1423 return ndk::ScopedAStatus::ok();
1424 }
1425
setIdStrInternal(const std::string & id_str)1426 ndk::ScopedAStatus StaNetwork::setIdStrInternal(const std::string &id_str)
1427 {
1428 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1429 if (setStringFieldAndResetState(
1430 id_str.c_str(), &(wpa_ssid->id_str), "id_str")) {
1431 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1432 }
1433 return ndk::ScopedAStatus::ok();
1434 }
1435
setUpdateIdentifierInternal(uint32_t id)1436 ndk::ScopedAStatus StaNetwork::setUpdateIdentifierInternal(uint32_t id)
1437 {
1438 #ifdef CONFIG_HS20
1439 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1440 wpa_ssid->update_identifier = id;
1441 wpa_printf(
1442 MSG_MSGDUMP, "update_identifier: %d", wpa_ssid->update_identifier);
1443 resetInternalStateAfterParamsUpdate();
1444 return ndk::ScopedAStatus::ok();
1445 #else
1446 return createStatusWithMsg(SupplicantStatusCode::FAILURE_UNKNOWN, "Not implemented");
1447 #endif /* CONFIG_HS20 */
1448 }
1449
setWapiCertSuiteInternal(const std::string & suite)1450 ndk::ScopedAStatus StaNetwork::setWapiCertSuiteInternal(const std::string &suite)
1451 {
1452 #ifdef CONFIG_WAPI_INTERFACE
1453 // Dummy implementation
1454 dummyWapiCertSuite = suite;
1455 return ndk::ScopedAStatus::ok();
1456 #else
1457 return createStatusWithMsg(SupplicantStatusCode::FAILURE_UNKNOWN, "Not implemented");
1458 #endif
1459 }
1460
setWapiPskInternal(const std::vector<uint8_t> & psk)1461 ndk::ScopedAStatus StaNetwork::setWapiPskInternal(const std::vector<uint8_t> &psk)
1462 {
1463 #ifdef CONFIG_WAPI_INTERFACE
1464 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1465 str_clear_free(wpa_ssid->passphrase);
1466 wpa_ssid->passphrase = nullptr;
1467
1468 // Dummy implementation
1469 dummyWapiPsk = psk;
1470
1471 wpa_ssid->psk_set = 1;
1472 resetInternalStateAfterParamsUpdate();
1473 return ndk::ScopedAStatus::ok();
1474 #else
1475 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1476 #endif
1477 }
1478
getSsidInternal()1479 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus> StaNetwork::getSsidInternal()
1480 {
1481 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1482 std::vector<uint8_t> ssid(
1483 wpa_ssid->ssid,
1484 wpa_ssid->ssid + wpa_ssid->ssid_len);
1485 return {std::move(ssid), ndk::ScopedAStatus::ok()};
1486 }
1487
1488 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus>
getBssidInternal()1489 StaNetwork::getBssidInternal()
1490 {
1491 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1492 std::vector<uint8_t> bssid(kZeroBssid, kZeroBssid + ETH_ALEN);
1493 if (wpa_ssid->bssid_set) {
1494 bssid.assign(wpa_ssid->bssid, wpa_ssid->bssid + ETH_ALEN);
1495 }
1496 return {std::move(bssid), ndk::ScopedAStatus::ok()};
1497 }
1498
getScanSsidInternal()1499 std::pair<bool, ndk::ScopedAStatus> StaNetwork::getScanSsidInternal()
1500 {
1501 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1502 return {(wpa_ssid->scan_ssid == 1), ndk::ScopedAStatus::ok()};
1503 }
1504
1505 std::pair<AuthAlgMask, ndk::ScopedAStatus>
getAuthAlgInternal()1506 StaNetwork::getAuthAlgInternal()
1507 {
1508 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1509 uint32_t auth_alg_mask = wpa_ssid->auth_alg & kAllowedAuthAlgMask;
1510 return {static_cast<AuthAlgMask>(auth_alg_mask), ndk::ScopedAStatus::ok()};
1511 }
1512
getPskPassphraseInternal()1513 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getPskPassphraseInternal()
1514 {
1515 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1516 #ifdef CONFIG_WAPI_INTERFACE
1517 if (wpa_ssid->key_mgmt & WPA_KEY_MGMT_WAPI_PSK) {
1518 if (wpa_ssid->psk_set) {
1519 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus> ret = getWapiPskInternal();
1520 std::string psk;
1521 char buf[3] = {0};
1522 for (int i = 0; i < ret.second.size(); i++) {
1523 snprintf(buf, sizeof(buf), "%02x", ret.second[i]);
1524 psk.append(buf);
1525 }
1526 return {psk, ndk::ScopedAStatus::ok()};
1527 } else {
1528 if (!wpa_ssid->passphrase) {
1529 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1530 }
1531 std::string passphrase;
1532 passphrase.append("\"");
1533 passphrase.append(wpa_ssid->passphrase);
1534 passphrase.append("\"");
1535 return {passphrase, ndk::ScopedAStatus::ok()};
1536 }
1537 }
1538 #endif
1539 if (!wpa_ssid->passphrase) {
1540 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1541 }
1542 return {wpa_ssid->passphrase, ndk::ScopedAStatus::ok()};
1543 }
1544
1545 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus>
getPskInternal()1546 StaNetwork::getPskInternal()
1547 {
1548 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1549 WPA_ASSERT(psk.size() == sizeof(wpa_ssid->psk));
1550 if (!wpa_ssid->psk_set) {
1551 return {std::vector<uint8_t>(),
1552 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1553 }
1554 std::vector<uint8_t> psk(wpa_ssid->psk, wpa_ssid->psk + 32);
1555 return {psk, ndk::ScopedAStatus::ok()};
1556 }
1557
getSaePasswordInternal()1558 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getSaePasswordInternal()
1559 {
1560 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1561 if (!wpa_ssid->sae_password) {
1562 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1563 }
1564 return {misc_utils::charBufToString(wpa_ssid->sae_password),
1565 ndk::ScopedAStatus::ok()};
1566 }
1567
getSaePasswordIdInternal()1568 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getSaePasswordIdInternal()
1569 {
1570 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1571 if (!wpa_ssid->sae_password_id) {
1572 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1573 }
1574 return {misc_utils::charBufToString(wpa_ssid->sae_password_id),
1575 ndk::ScopedAStatus::ok()};
1576 }
1577
getWepKeyInternal(uint32_t key_idx)1578 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus> StaNetwork::getWepKeyInternal(
1579 uint32_t key_idx)
1580 {
1581 std::vector<uint8_t> wep_key;
1582 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1583 if (key_idx >=
1584 static_cast<uint32_t>(
1585 ISupplicantStaNetwork::WEP_KEYS_MAX_NUM)) {
1586 return {wep_key,
1587 createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID)};
1588 }
1589 wep_key.assign(
1590 wpa_ssid->wep_key[key_idx],
1591 wpa_ssid->wep_key[key_idx] + wpa_ssid->wep_key_len[key_idx]);
1592 return {std::move(wep_key), ndk::ScopedAStatus::ok()};
1593 }
1594
getWepTxKeyIdxInternal()1595 std::pair<uint32_t, ndk::ScopedAStatus> StaNetwork::getWepTxKeyIdxInternal()
1596 {
1597 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1598 return {wpa_ssid->wep_tx_keyidx, ndk::ScopedAStatus::ok()};
1599 }
1600
getRequirePmfInternal()1601 std::pair<bool, ndk::ScopedAStatus> StaNetwork::getRequirePmfInternal()
1602 {
1603 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1604 return {(wpa_ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED),
1605 ndk::ScopedAStatus::ok()};
1606 }
1607
1608 std::pair<EapMethod, ndk::ScopedAStatus>
getEapMethodInternal()1609 StaNetwork::getEapMethodInternal()
1610 {
1611 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1612 if (!wpa_ssid->eap.eap_methods) {
1613 return {static_cast<EapMethod>(0),
1614 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1615 }
1616 // wpa_supplicant can support setting multiple eap methods for each
1617 // network. But, this is not really used by Android. So, just reading
1618 // the first EAP method for each network.
1619 const std::string eap_method_str = eap_get_name(
1620 wpa_ssid->eap.eap_methods[0].vendor,
1621 static_cast<enum eap_type>(wpa_ssid->eap.eap_methods[0].method));
1622 size_t eap_method_idx =
1623 std::find(
1624 std::begin(kEapMethodStrings), std::end(kEapMethodStrings),
1625 eap_method_str) -
1626 std::begin(kEapMethodStrings);
1627 if (eap_method_idx >= kEapMethodMax) {
1628 return {static_cast<EapMethod>(0),
1629 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1630 }
1631 return {static_cast<EapMethod>(eap_method_idx), ndk::ScopedAStatus::ok()};
1632 }
1633
1634 std::pair<EapPhase2Method, ndk::ScopedAStatus>
getEapPhase2MethodInternal()1635 StaNetwork::getEapPhase2MethodInternal()
1636 {
1637 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1638 if (!wpa_ssid->eap.phase2) {
1639 return {static_cast<EapPhase2Method>(0),
1640 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1641 }
1642 const std::string eap_phase2_method_str_with_prefix =
1643 wpa_ssid->eap.phase2;
1644 std::string eap_phase2_method_str;
1645 // Strip out the phase 2 method prefix before doing a reverse lookup
1646 // of phase 2 string to the Eap Phase 2 type.
1647 if (eap_phase2_method_str_with_prefix.find(kEapPhase2AuthPrefix) == 0) {
1648 eap_phase2_method_str =
1649 eap_phase2_method_str_with_prefix.substr(
1650 strlen(kEapPhase2AuthPrefix),
1651 eap_phase2_method_str_with_prefix.size());
1652 } else if (
1653 eap_phase2_method_str_with_prefix.find(kEapPhase2AuthEapPrefix) ==
1654 0) {
1655 eap_phase2_method_str =
1656 eap_phase2_method_str_with_prefix.substr(
1657 strlen(kEapPhase2AuthEapPrefix),
1658 eap_phase2_method_str_with_prefix.size());
1659 }
1660 size_t eap_phase2_method_idx =
1661 std::find(
1662 std::begin(kEapPhase2MethodStrings),
1663 std::end(kEapPhase2MethodStrings), eap_phase2_method_str) -
1664 std::begin(kEapPhase2MethodStrings);
1665 if (eap_phase2_method_idx >= kEapPhase2MethodMax) {
1666 return {static_cast<EapPhase2Method>(0),
1667 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1668 }
1669 return {static_cast<EapPhase2Method>(eap_phase2_method_idx),
1670 ndk::ScopedAStatus::ok()};
1671 }
1672
1673 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus>
getEapIdentityInternal()1674 StaNetwork::getEapIdentityInternal()
1675 {
1676 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1677 if (!wpa_ssid->eap.identity) {
1678 return {std::vector<uint8_t>(),
1679 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1680 }
1681 return {std::vector<uint8_t>(
1682 wpa_ssid->eap.identity,
1683 wpa_ssid->eap.identity + wpa_ssid->eap.identity_len),
1684 ndk::ScopedAStatus::ok()};
1685 }
1686
1687 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus>
getEapAnonymousIdentityInternal()1688 StaNetwork::getEapAnonymousIdentityInternal()
1689 {
1690 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1691 if (!wpa_ssid->eap.anonymous_identity) {
1692 return {std::vector<uint8_t>(),
1693 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1694 }
1695 return {std::vector<uint8_t>(
1696 wpa_ssid->eap.anonymous_identity,
1697 wpa_ssid->eap.anonymous_identity +
1698 wpa_ssid->eap.anonymous_identity_len),
1699 ndk::ScopedAStatus::ok()};
1700 }
1701
1702 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus>
getEapPasswordInternal()1703 StaNetwork::getEapPasswordInternal()
1704 {
1705 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1706 if (!wpa_ssid->eap.password) {
1707 return {std::vector<uint8_t>(), createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1708 }
1709 return {std::vector<uint8_t>(
1710 wpa_ssid->eap.password,
1711 wpa_ssid->eap.password + wpa_ssid->eap.password_len),
1712 ndk::ScopedAStatus::ok()};
1713 }
1714
getEapCACertInternal()1715 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getEapCACertInternal()
1716 {
1717 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1718 if (!wpa_ssid->eap.cert.ca_cert) {
1719 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1720 }
1721 return {misc_utils::charBufToString(wpa_ssid->eap.cert.ca_cert),
1722 ndk::ScopedAStatus::ok()};
1723 }
1724
getEapCAPathInternal()1725 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getEapCAPathInternal()
1726 {
1727 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1728 if (!wpa_ssid->eap.cert.ca_path) {
1729 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1730 }
1731 return {misc_utils::charBufToString(wpa_ssid->eap.cert.ca_path),
1732 ndk::ScopedAStatus::ok()};
1733 }
1734
getEapClientCertInternal()1735 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getEapClientCertInternal()
1736 {
1737 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1738 if (!wpa_ssid->eap.cert.client_cert) {
1739 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1740 }
1741 return {misc_utils::charBufToString(wpa_ssid->eap.cert.client_cert),
1742 ndk::ScopedAStatus::ok()};
1743 }
1744
1745 std::pair<std::string, ndk::ScopedAStatus>
getEapPrivateKeyIdInternal()1746 StaNetwork::getEapPrivateKeyIdInternal()
1747 {
1748 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1749 if (!wpa_ssid->eap.cert.key_id) {
1750 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1751 }
1752 return {misc_utils::charBufToString(reinterpret_cast<char *>(wpa_ssid->eap.cert.key_id)),
1753 ndk::ScopedAStatus::ok()};
1754 }
1755
1756 std::pair<std::string, ndk::ScopedAStatus>
getEapSubjectMatchInternal()1757 StaNetwork::getEapSubjectMatchInternal()
1758 {
1759 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1760 if (!wpa_ssid->eap.cert.subject_match) {
1761 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1762 }
1763 return {misc_utils::charBufToString(wpa_ssid->eap.cert.subject_match),
1764 ndk::ScopedAStatus::ok()};
1765 }
1766
1767 std::pair<std::string, ndk::ScopedAStatus>
getEapAltSubjectMatchInternal()1768 StaNetwork::getEapAltSubjectMatchInternal()
1769 {
1770 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1771 if (!wpa_ssid->eap.cert.altsubject_match) {
1772 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1773 }
1774 return {misc_utils::charBufToString(wpa_ssid->eap.cert.altsubject_match),
1775 ndk::ScopedAStatus::ok()};
1776 }
1777
getEapEngineInternal()1778 std::pair<bool, ndk::ScopedAStatus> StaNetwork::getEapEngineInternal()
1779 {
1780 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1781 return {wpa_ssid->eap.cert.engine == 1, ndk::ScopedAStatus::ok()};
1782 }
1783
getEapEngineIdInternal()1784 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getEapEngineIdInternal()
1785 {
1786 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1787 if (!wpa_ssid->eap.cert.engine_id) {
1788 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1789 }
1790 return {misc_utils::charBufToString(wpa_ssid->eap.cert.engine_id),
1791 ndk::ScopedAStatus::ok()};
1792 }
1793
1794 std::pair<std::string, ndk::ScopedAStatus>
getEapDomainSuffixMatchInternal()1795 StaNetwork::getEapDomainSuffixMatchInternal()
1796 {
1797 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1798 if (!wpa_ssid->eap.cert.domain_suffix_match) {
1799 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1800 }
1801 return {misc_utils::charBufToString(wpa_ssid->eap.cert.domain_suffix_match),
1802 ndk::ScopedAStatus::ok()};
1803 }
1804
getIdStrInternal()1805 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getIdStrInternal()
1806 {
1807 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1808 if (!wpa_ssid->id_str) {
1809 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1810 }
1811 return {misc_utils::charBufToString(wpa_ssid->id_str),
1812 ndk::ScopedAStatus::ok()};
1813 }
1814
getEdmgInternal()1815 std::pair<bool, ndk::ScopedAStatus> StaNetwork::getEdmgInternal()
1816 {
1817 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1818 return {(wpa_ssid->enable_edmg == 1), ndk::ScopedAStatus::ok()};
1819 }
1820
1821 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus>
getWpsNfcConfigurationTokenInternal()1822 StaNetwork::getWpsNfcConfigurationTokenInternal()
1823 {
1824 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1825 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1826 auto token_buf = misc_utils::createWpaBufUniquePtr(
1827 wpas_wps_network_config_token(wpa_s, 0, wpa_ssid));
1828 if (!token_buf) {
1829 return {std::vector<uint8_t>(),
1830 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1831 }
1832 return {misc_utils::convertWpaBufToVector(token_buf.get()),
1833 ndk::ScopedAStatus::ok()};
1834 }
1835
getWapiCertSuiteInternal()1836 std::pair<std::string, ndk::ScopedAStatus> StaNetwork::getWapiCertSuiteInternal()
1837 {
1838 #ifdef CONFIG_WAPI_INTERFACE
1839 // Dummy implementation
1840 return {dummyWapiCertSuite, ndk::ScopedAStatus::ok()};
1841 #else
1842 return {"", createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1843 #endif
1844 }
1845
getWapiPskInternal()1846 std::pair<std::vector<uint8_t>, ndk::ScopedAStatus> StaNetwork::getWapiPskInternal()
1847 {
1848 #ifdef CONFIG_WAPI_INTERFACE
1849 // Dummy implementation
1850 return {dummyWapiPsk, ndk::ScopedAStatus::ok()};
1851 #else
1852 return {std::vector<uint8_t>(),
1853 createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
1854 #endif
1855 }
1856
enableInternal(bool no_connect)1857 ndk::ScopedAStatus StaNetwork::enableInternal(bool no_connect)
1858 {
1859 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1860 if (wpa_ssid->disabled == 2) {
1861 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1862 }
1863 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1864 if (no_connect) {
1865 wpa_ssid->disabled = 0;
1866 } else {
1867 wpa_s->scan_min_time.sec = 0;
1868 wpa_s->scan_min_time.usec = 0;
1869 wpa_supplicant_enable_network(wpa_s, wpa_ssid);
1870 }
1871 return ndk::ScopedAStatus::ok();
1872 }
1873
disableInternal()1874 ndk::ScopedAStatus StaNetwork::disableInternal()
1875 {
1876 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1877 if (wpa_ssid->disabled == 2) {
1878 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1879 }
1880 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1881 wpa_supplicant_disable_network(wpa_s, wpa_ssid);
1882 return ndk::ScopedAStatus::ok();
1883 }
1884
selectInternal()1885 ndk::ScopedAStatus StaNetwork::selectInternal()
1886 {
1887 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1888 if (wpa_ssid->disabled == 2) {
1889 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1890 }
1891 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1892 wpa_s->scan_min_time.sec = 0;
1893 wpa_s->scan_min_time.usec = 0;
1894 wpa_supplicant_select_network(wpa_s, wpa_ssid);
1895 return ndk::ScopedAStatus::ok();
1896 }
1897
sendNetworkEapSimGsmAuthResponseInternal(const std::vector<NetworkResponseEapSimGsmAuthParams> & vec_params)1898 ndk::ScopedAStatus StaNetwork::sendNetworkEapSimGsmAuthResponseInternal(
1899 const std::vector<NetworkResponseEapSimGsmAuthParams>
1900 &vec_params)
1901 {
1902 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1903 // Convert the incoming parameters to a string to pass to
1904 // wpa_supplicant.
1905 std::string ctrl_rsp_param = std::string(kNetworkEapSimGsmAuthResponse);
1906 for (const auto ¶ms : vec_params) {
1907 uint32_t kc_hex_len = params.kc.size() * 2 + 1;
1908 std::vector<char> kc_hex(kc_hex_len);
1909 uint32_t sres_hex_len = params.sres.size() * 2 + 1;
1910 std::vector<char> sres_hex(sres_hex_len);
1911 wpa_snprintf_hex(
1912 kc_hex.data(), kc_hex.size(), params.kc.data(),
1913 params.kc.size());
1914 wpa_snprintf_hex(
1915 sres_hex.data(), sres_hex.size(), params.sres.data(),
1916 params.sres.size());
1917 ctrl_rsp_param += ":" + std::string(kc_hex.data()) + ":" +
1918 std::string(sres_hex.data());
1919 }
1920 enum wpa_ctrl_req_type rtype = WPA_CTRL_REQ_SIM;
1921 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1922 if (wpa_supplicant_ctrl_rsp_handle(
1923 wpa_s, wpa_ssid, rtype, ctrl_rsp_param.c_str(),
1924 ctrl_rsp_param.size())) {
1925 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1926 }
1927 eapol_sm_notify_ctrl_response(wpa_s->eapol);
1928 wpa_hexdump_ascii_key(
1929 MSG_DEBUG, "network sim gsm auth response param",
1930 (const u8 *)ctrl_rsp_param.c_str(), ctrl_rsp_param.size());
1931 return ndk::ScopedAStatus::ok();
1932 }
1933
sendNetworkEapSimGsmAuthFailureInternal()1934 ndk::ScopedAStatus StaNetwork::sendNetworkEapSimGsmAuthFailureInternal()
1935 {
1936 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1937 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1938 enum wpa_ctrl_req_type rtype = WPA_CTRL_REQ_SIM;
1939 if (wpa_supplicant_ctrl_rsp_handle(
1940 wpa_s, wpa_ssid, rtype, kNetworkEapSimGsmAuthFailure,
1941 strlen(kNetworkEapSimGsmAuthFailure))) {
1942 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1943 }
1944 eapol_sm_notify_ctrl_response(wpa_s->eapol);
1945 return ndk::ScopedAStatus::ok();
1946 }
1947
sendNetworkEapSimUmtsAuthResponseInternal(const NetworkResponseEapSimUmtsAuthParams & params)1948 ndk::ScopedAStatus StaNetwork::sendNetworkEapSimUmtsAuthResponseInternal(
1949 const NetworkResponseEapSimUmtsAuthParams ¶ms)
1950 {
1951 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1952 // Convert the incoming parameters to a string to pass to
1953 // wpa_supplicant.
1954 uint32_t ik_hex_len = params.ik.size() * 2 + 1;
1955 std::vector<char> ik_hex(ik_hex_len);
1956 uint32_t ck_hex_len = params.ck.size() * 2 + 1;
1957 std::vector<char> ck_hex(ck_hex_len);
1958 uint32_t res_hex_len = params.res.size() * 2 + 1;
1959 std::vector<char> res_hex(res_hex_len);
1960 wpa_snprintf_hex(
1961 ik_hex.data(), ik_hex.size(), params.ik.data(), params.ik.size());
1962 wpa_snprintf_hex(
1963 ck_hex.data(), ck_hex.size(), params.ck.data(), params.ck.size());
1964 wpa_snprintf_hex(
1965 res_hex.data(), res_hex.size(), params.res.data(),
1966 params.res.size());
1967 std::string ctrl_rsp_param =
1968 std::string(kNetworkEapSimUmtsAuthResponse) + ":" +
1969 std::string(ik_hex.data()) + ":" + std::string(ck_hex.data()) +
1970 ":" + std::string(res_hex.data());
1971 enum wpa_ctrl_req_type rtype = WPA_CTRL_REQ_SIM;
1972 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1973 if (wpa_supplicant_ctrl_rsp_handle(
1974 wpa_s, wpa_ssid, rtype, ctrl_rsp_param.c_str(),
1975 ctrl_rsp_param.size())) {
1976 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
1977 }
1978 eapol_sm_notify_ctrl_response(wpa_s->eapol);
1979 wpa_hexdump_ascii_key(
1980 MSG_DEBUG, "network sim umts auth response param",
1981 (const u8 *)ctrl_rsp_param.c_str(), ctrl_rsp_param.size());
1982 return ndk::ScopedAStatus::ok();
1983 }
1984
sendNetworkEapSimUmtsAutsResponseInternal(const std::vector<uint8_t> & auts)1985 ndk::ScopedAStatus StaNetwork::sendNetworkEapSimUmtsAutsResponseInternal(
1986 const std::vector<uint8_t> &auts)
1987 {
1988 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
1989 uint32_t auts_hex_len = auts.size() * 2 + 1;
1990 std::vector<char> auts_hex(auts_hex_len);
1991 wpa_snprintf_hex(
1992 auts_hex.data(), auts_hex.size(), auts.data(), auts.size());
1993 std::string ctrl_rsp_param =
1994 std::string(kNetworkEapSimUmtsAutsResponse) + ":" +
1995 std::string(auts_hex.data());
1996 enum wpa_ctrl_req_type rtype = WPA_CTRL_REQ_SIM;
1997 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
1998 if (wpa_supplicant_ctrl_rsp_handle(
1999 wpa_s, wpa_ssid, rtype, ctrl_rsp_param.c_str(),
2000 ctrl_rsp_param.size())) {
2001 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2002 }
2003 eapol_sm_notify_ctrl_response(wpa_s->eapol);
2004 wpa_hexdump_ascii_key(
2005 MSG_DEBUG, "network sim umts auts response param",
2006 (const u8 *)ctrl_rsp_param.c_str(), ctrl_rsp_param.size());
2007 return ndk::ScopedAStatus::ok();
2008 }
2009
sendNetworkEapSimUmtsAuthFailureInternal()2010 ndk::ScopedAStatus StaNetwork::sendNetworkEapSimUmtsAuthFailureInternal()
2011 {
2012 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2013 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
2014 enum wpa_ctrl_req_type rtype = WPA_CTRL_REQ_SIM;
2015 if (wpa_supplicant_ctrl_rsp_handle(
2016 wpa_s, wpa_ssid, rtype, kNetworkEapSimUmtsAuthFailure,
2017 strlen(kNetworkEapSimUmtsAuthFailure))) {
2018 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2019 }
2020 eapol_sm_notify_ctrl_response(wpa_s->eapol);
2021 return ndk::ScopedAStatus::ok();
2022 }
2023
sendNetworkEapIdentityResponseInternal(const std::vector<uint8_t> & identity,const std::vector<uint8_t> & encrypted_imsi_identity)2024 ndk::ScopedAStatus StaNetwork::sendNetworkEapIdentityResponseInternal(
2025 const std::vector<uint8_t> &identity,
2026 const std::vector<uint8_t> &encrypted_imsi_identity)
2027 {
2028 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2029 std::string ctrl_rsp_param(identity.begin(), identity.end());
2030 // If encrypted identity is included, format is:
2031 // plain identity + ":" + encrypted_identity
2032 if (encrypted_imsi_identity.size() != 0) {
2033 ctrl_rsp_param += ":" + std::string(
2034 encrypted_imsi_identity.begin(), encrypted_imsi_identity.end());
2035 }
2036 enum wpa_ctrl_req_type rtype = WPA_CTRL_REQ_EAP_IDENTITY;
2037 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
2038 if (wpa_supplicant_ctrl_rsp_handle(
2039 wpa_s, wpa_ssid, rtype, ctrl_rsp_param.c_str(),
2040 ctrl_rsp_param.size())) {
2041 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2042 }
2043 eapol_sm_notify_ctrl_response(wpa_s->eapol);
2044 wpa_hexdump_ascii_key(
2045 MSG_DEBUG, "network identity response param",
2046 (const u8 *)ctrl_rsp_param.c_str(), ctrl_rsp_param.size());
2047 return ndk::ScopedAStatus::ok();
2048 }
2049
enableTlsSuiteBEapPhase1ParamInternal(bool enable)2050 ndk::ScopedAStatus StaNetwork::enableTlsSuiteBEapPhase1ParamInternal(bool enable)
2051 {
2052 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2053 int val = enable == true ? 1 : 0;
2054 if (enable) {
2055 setTlsFlagsFor192BitMode(true /*rsaMode */);
2056 } else {
2057 tlsFlags &= ~TLS_CONN_SUITEB;
2058 }
2059 std::string phase1_params("tls_suiteb=" + std::to_string(val));
2060 if (wpa_ssid->eap.phase1 != NULL) {
2061 phase1_params.append(wpa_ssid->eap.phase1);
2062 }
2063
2064 if (setStringKeyFieldAndResetState(
2065 phase1_params.c_str(), &(wpa_ssid->eap.phase1), "phase1")) {
2066 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2067 }
2068 return ndk::ScopedAStatus::ok();
2069 }
2070
enableSuiteBEapOpenSslCiphersInternal()2071 ndk::ScopedAStatus StaNetwork::enableSuiteBEapOpenSslCiphersInternal()
2072 {
2073 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2074 const char openssl_suiteb_cipher[] = "SUITEB192";
2075
2076 if (setStringKeyFieldAndResetState(
2077 openssl_suiteb_cipher, &(wpa_ssid->eap.openssl_ciphers),
2078 "openssl_ciphers")) {
2079 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2080 }
2081 setTlsFlagsFor192BitMode(false /*rsaMode */);
2082 return ndk::ScopedAStatus::ok();
2083 }
2084
setSaePasswordInternal(const std::string & sae_password)2085 ndk::ScopedAStatus StaNetwork::setSaePasswordInternal(
2086 const std::string &sae_password)
2087 {
2088 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2089 if (sae_password.length() < 1) {
2090 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2091 }
2092 if (wpa_ssid->sae_password &&
2093 os_strlen(wpa_ssid->sae_password) == sae_password.length() &&
2094 os_memcmp(
2095 wpa_ssid->sae_password, sae_password.c_str(),
2096 sae_password.length()) == 0) {
2097 return ndk::ScopedAStatus::ok();
2098 }
2099 wpa_ssid->psk_set = 1;
2100 if (setStringKeyFieldAndResetState(
2101 sae_password.c_str(), &(wpa_ssid->sae_password),
2102 "sae password")) {
2103 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2104 }
2105 return ndk::ScopedAStatus::ok();
2106 }
2107
setSaePasswordIdInternal(const std::string & sae_password_id)2108 ndk::ScopedAStatus StaNetwork::setSaePasswordIdInternal(
2109 const std::string &sae_password_id)
2110 {
2111 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2112 if (sae_password_id.length() < 1) {
2113 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2114 }
2115 if (wpa_ssid->sae_password_id &&
2116 os_strlen(wpa_ssid->sae_password_id) == sae_password_id.length() &&
2117 os_memcmp(
2118 wpa_ssid->sae_password_id, sae_password_id.c_str(),
2119 sae_password_id.length()) == 0) {
2120 return ndk::ScopedAStatus::ok();
2121 }
2122 wpa_ssid->psk_set = 1;
2123 if (setStringKeyFieldAndResetState(
2124 sae_password_id.c_str(), &(wpa_ssid->sae_password_id),
2125 "sae password id")) {
2126 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2127 }
2128 return ndk::ScopedAStatus::ok();
2129 }
2130
setGroupMgmtCipherInternal(GroupMgmtCipherMask mask)2131 ndk::ScopedAStatus StaNetwork::setGroupMgmtCipherInternal(
2132 GroupMgmtCipherMask mask)
2133 {
2134 uint32_t group_mgmt_cipher_mask = static_cast<uint32_t>(mask);
2135 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2136 if (group_mgmt_cipher_mask & ~kAllowedGroupMgmtCipherMask) {
2137 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2138 }
2139 wpa_ssid->group_mgmt_cipher = group_mgmt_cipher_mask;
2140 wpa_printf(MSG_MSGDUMP, "group_mgmt_cipher: 0x%x",
2141 wpa_ssid->group_mgmt_cipher);
2142 resetInternalStateAfterParamsUpdate();
2143 return ndk::ScopedAStatus::ok();
2144 }
2145
2146 std::pair<GroupMgmtCipherMask, ndk::ScopedAStatus>
getGroupMgmtCipherInternal()2147 StaNetwork::getGroupMgmtCipherInternal()
2148 {
2149 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2150 uint32_t group_mgmt_cipher_mask =
2151 wpa_ssid->group_mgmt_cipher & kAllowedGroupMgmtCipherMask;
2152 return {static_cast<GroupMgmtCipherMask>(group_mgmt_cipher_mask),
2153 ndk::ScopedAStatus::ok()};
2154 }
2155
setOcspInternal(OcspType ocspType)2156 ndk::ScopedAStatus StaNetwork::setOcspInternal(OcspType ocspType) {
2157 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2158 if (ocspType < OcspType::NONE || ocspType > OcspType::REQUIRE_ALL_CERTS_STATUS) {
2159 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2160 }
2161 wpa_ssid->eap.cert.ocsp = (int) ocspType;
2162 wpa_printf(
2163 MSG_MSGDUMP, "ocsp: %d", wpa_ssid->eap.cert.ocsp);
2164 resetInternalStateAfterParamsUpdate();
2165 return ndk::ScopedAStatus::ok();
2166 }
2167
getOcspInternal()2168 std::pair<OcspType, ndk::ScopedAStatus> StaNetwork::getOcspInternal()
2169 {
2170 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2171 return {static_cast<OcspType>(wpa_ssid->eap.cert.ocsp),
2172 ndk::ScopedAStatus::ok()};
2173 }
2174
setPmkCacheInternal(const std::vector<uint8_t> & serializedEntry)2175 ndk::ScopedAStatus StaNetwork::setPmkCacheInternal(const std::vector<uint8_t>& serializedEntry) {
2176 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
2177 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2178 struct rsn_pmksa_cache_entry *new_entry = NULL;
2179
2180 new_entry = (struct rsn_pmksa_cache_entry *) os_zalloc(sizeof(*new_entry));
2181 if (!new_entry) {
2182 return createStatusWithMsg(SupplicantStatusCode::FAILURE_UNKNOWN,
2183 "Allocating memory failed");
2184 }
2185
2186 std::stringstream ss(
2187 std::stringstream::in | std::stringstream::out | std::stringstream::binary);
2188 ss.write((char *) serializedEntry.data(), std::streamsize(serializedEntry.size()));
2189 if (misc_utils::deserializePmkCacheEntry(ss, new_entry) < 0) {
2190 os_free(new_entry);
2191 return createStatusWithMsg(SupplicantStatusCode::FAILURE_ARGS_INVALID,
2192 "Invalid pmk length");
2193 }
2194 new_entry->network_ctx = wpa_ssid;
2195
2196 // If there is an entry has a later expiration, ignore this one.
2197 struct rsn_pmksa_cache_entry *existing_entry = wpa_sm_pmksa_cache_get(
2198 wpa_s->wpa, new_entry->aa, NULL, NULL, new_entry->akmp);
2199 if (NULL != existing_entry &&
2200 existing_entry->expiration >= new_entry->expiration) {
2201 return ndk::ScopedAStatus::ok();
2202 }
2203
2204 new_entry->external = true;
2205 wpa_sm_pmksa_cache_add_entry(wpa_s->wpa, new_entry);
2206
2207 return ndk::ScopedAStatus::ok();
2208 }
2209
setKeyMgmtInternal(KeyMgmtMask mask)2210 ndk::ScopedAStatus StaNetwork::setKeyMgmtInternal(
2211 KeyMgmtMask mask)
2212 {
2213 uint32_t key_mgmt_mask = static_cast<uint32_t>(mask);
2214 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
2215 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2216 if (key_mgmt_mask & ~kAllowedKeyMgmtMask) {
2217 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2218 }
2219 #ifdef CONFIG_SAE
2220 struct wpa_driver_capa capa;
2221 int res = wpa_drv_get_capa(wpa_s, &capa);
2222 if ((res == 0) && (key_mgmt_mask & WPA_KEY_MGMT_SAE) &&
2223 (capa.key_mgmt_iftype[WPA_IF_STATION] & WPA_DRIVER_CAPA_KEY_MGMT_SAE_EXT_KEY)) {
2224 key_mgmt_mask |= WPA_KEY_MGMT_SAE_EXT_KEY;
2225 }
2226 #endif
2227 setFastTransitionKeyMgmt(key_mgmt_mask);
2228
2229 if (key_mgmt_mask & WPA_KEY_MGMT_OWE) {
2230 // Do not allow to connect to Open network when OWE is selected
2231 wpa_ssid->owe_only = 1;
2232 wpa_ssid->owe_ptk_workaround = 1;
2233 }
2234 wpa_ssid->key_mgmt = key_mgmt_mask;
2235 wpa_printf(MSG_MSGDUMP, "key_mgmt: 0x%x", wpa_ssid->key_mgmt);
2236 resetInternalStateAfterParamsUpdate();
2237 return ndk::ScopedAStatus::ok();
2238 }
2239
2240 std::pair<KeyMgmtMask, ndk::ScopedAStatus>
getKeyMgmtInternal()2241 StaNetwork::getKeyMgmtInternal()
2242 {
2243 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2244 uint32_t key_mgmt_mask = wpa_ssid->key_mgmt & kAllowedKeyMgmtMask;
2245
2246 resetFastTransitionKeyMgmt(key_mgmt_mask);
2247 return {static_cast<KeyMgmtMask>(key_mgmt_mask),
2248 ndk::ScopedAStatus::ok()};
2249 }
2250
setProtoInternal(ProtoMask mask)2251 ndk::ScopedAStatus StaNetwork::setProtoInternal(
2252 ProtoMask mask)
2253 {
2254 uint32_t proto_mask = static_cast<uint32_t>(mask);
2255 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2256 if (proto_mask & ~kAllowedProtoMask) {
2257 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2258 }
2259 wpa_ssid->proto = proto_mask;
2260 wpa_printf(MSG_MSGDUMP, "proto: 0x%x", wpa_ssid->proto);
2261 resetInternalStateAfterParamsUpdate();
2262 return ndk::ScopedAStatus::ok();
2263 }
2264
2265 std::pair<ProtoMask, ndk::ScopedAStatus>
getProtoInternal()2266 StaNetwork::getProtoInternal()
2267 {
2268 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2269 uint32_t proto_mask = wpa_ssid->proto & kAllowedProtoMask;
2270 return {static_cast<ProtoMask>(proto_mask), ndk::ScopedAStatus::ok()};
2271 }
2272
setGroupCipherInternal(GroupCipherMask mask)2273 ndk::ScopedAStatus StaNetwork::setGroupCipherInternal(
2274 GroupCipherMask mask)
2275 {
2276 uint32_t group_cipher_mask = static_cast<uint32_t>(mask);
2277 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2278 if (group_cipher_mask & ~kAllowedGroupCipherMask) {
2279 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2280 }
2281 wpa_ssid->group_cipher = group_cipher_mask;
2282 wpa_printf(MSG_MSGDUMP, "group_cipher: 0x%x", wpa_ssid->group_cipher);
2283 resetInternalStateAfterParamsUpdate();
2284 return ndk::ScopedAStatus::ok();
2285 }
2286
2287 std::pair<GroupCipherMask, ndk::ScopedAStatus>
getGroupCipherInternal()2288 StaNetwork::getGroupCipherInternal()
2289 {
2290 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2291 uint32_t group_cipher_mask = wpa_ssid->group_cipher & kAllowedGroupCipherMask;
2292 return {static_cast<GroupCipherMask>(group_cipher_mask),
2293 ndk::ScopedAStatus::ok()};
2294 }
2295
setPairwiseCipherInternal(PairwiseCipherMask mask)2296 ndk::ScopedAStatus StaNetwork::setPairwiseCipherInternal(
2297 PairwiseCipherMask mask)
2298 {
2299 uint32_t pairwise_cipher_mask = static_cast<uint32_t>(mask);
2300 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2301 if (pairwise_cipher_mask & ~kAllowedPairwisewCipherMask) {
2302 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2303 }
2304 wpa_ssid->pairwise_cipher = pairwise_cipher_mask;
2305 wpa_printf(
2306 MSG_MSGDUMP, "pairwise_cipher: 0x%x", wpa_ssid->pairwise_cipher);
2307 resetInternalStateAfterParamsUpdate();
2308 return ndk::ScopedAStatus::ok();
2309 }
2310
2311 std::pair<PairwiseCipherMask, ndk::ScopedAStatus>
getPairwiseCipherInternal()2312 StaNetwork::getPairwiseCipherInternal()
2313 {
2314 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2315 uint32_t pairwise_cipher_mask = wpa_ssid->pairwise_cipher & kAllowedPairwisewCipherMask;
2316 return {static_cast<PairwiseCipherMask>(pairwise_cipher_mask),
2317 ndk::ScopedAStatus::ok()};
2318 }
2319
setRoamingConsortiumSelectionInternal(const std::vector<uint8_t> & selectedRcoi)2320 ndk::ScopedAStatus StaNetwork::setRoamingConsortiumSelectionInternal(
2321 const std::vector<uint8_t> &selectedRcoi)
2322 {
2323 #ifdef CONFIG_HS20
2324 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2325 if (wpa_ssid == NULL) {
2326 return createStatus(SupplicantStatusCode::FAILURE_NETWORK_INVALID);
2327 }
2328
2329 if (setByteArrayFieldAndResetState(
2330 selectedRcoi.data(), selectedRcoi.size(),
2331 &(wpa_ssid->roaming_consortium_selection),
2332 &(wpa_ssid->roaming_consortium_selection_len),
2333 "roaming_consortium_selection")) {
2334 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2335 }
2336
2337 resetInternalStateAfterParamsUpdate();
2338 return ndk::ScopedAStatus::ok();
2339 #else
2340 return createStatusWithMsg(SupplicantStatusCode::FAILURE_UNKNOWN, "Not implemented");
2341 #endif /* CONFIG_HS20 */
2342 }
2343
2344 /**
2345 * Retrieve the underlying |wpa_ssid| struct pointer for
2346 * this network.
2347 * If the underlying network is removed or the interface
2348 * this network belong to
2349 * is removed, all RPC method calls on this object will
2350 * return failure.
2351 */
retrieveNetworkPtr()2352 struct wpa_ssid *StaNetwork::retrieveNetworkPtr()
2353 {
2354 wpa_supplicant *wpa_s = retrieveIfacePtr();
2355 if (!wpa_s)
2356 return nullptr;
2357 return wpa_config_get_network(wpa_s->conf, network_id_);
2358 }
2359
2360 /**
2361 * Retrieve the underlying |wpa_supplicant| struct
2362 * pointer for
2363 * this network.
2364 */
retrieveIfacePtr()2365 struct wpa_supplicant *StaNetwork::retrieveIfacePtr()
2366 {
2367 return wpa_supplicant_get_iface(wpa_global_, ifname_.c_str());
2368 }
2369
2370 /**
2371 * Check if the provided psk passhrase is valid or not.
2372 *
2373 * Returns 0 if valid, 1 otherwise.
2374 */
isPskPassphraseValid(const std::string & psk)2375 int StaNetwork::isPskPassphraseValid(const std::string &psk)
2376 {
2377 if (psk.size() <
2378 static_cast<uint32_t>(ISupplicantStaNetwork::
2379 PSK_PASSPHRASE_MIN_LEN_IN_BYTES) ||
2380 psk.size() >
2381 static_cast<uint32_t>(ISupplicantStaNetwork::
2382 PSK_PASSPHRASE_MAX_LEN_IN_BYTES)) {
2383 return 1;
2384 }
2385 if (has_ctrl_char((u8 *)psk.c_str(), psk.size())) {
2386 return 1;
2387 }
2388 return 0;
2389 }
2390
2391 /**
2392 * Reset internal wpa_supplicant state machine state
2393 * after params update (except
2394 * bssid).
2395 */
resetInternalStateAfterParamsUpdate()2396 void StaNetwork::resetInternalStateAfterParamsUpdate()
2397 {
2398 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
2399 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2400
2401 wpa_sm_pmksa_cache_flush(wpa_s->wpa, wpa_ssid);
2402
2403 if (wpa_s->current_ssid == wpa_ssid || wpa_s->current_ssid == NULL) {
2404 /*
2405 * Invalidate the EAP session cache if
2406 * anything in the
2407 * current or previously used
2408 * configuration changes.
2409 */
2410 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2411 }
2412 }
2413
2414 /**
2415 * Helper function to set value in a string field in |wpa_ssid| structue
2416 * instance for this network.
2417 * This function frees any existing data in these fields.
2418 */
setStringFieldAndResetState(const char * value,uint8_t ** to_update_field,const char * hexdump_prefix)2419 int StaNetwork::setStringFieldAndResetState(
2420 const char *value, uint8_t **to_update_field, const char *hexdump_prefix)
2421 {
2422 return setStringFieldAndResetState(
2423 value, (char **)to_update_field, hexdump_prefix);
2424 }
2425
2426 /**
2427 * Helper function to set value in a string field in |wpa_ssid| structue
2428 * instance for this network.
2429 * This function frees any existing data in these fields.
2430 */
setStringFieldAndResetState(const char * value,char ** to_update_field,const char * hexdump_prefix)2431 int StaNetwork::setStringFieldAndResetState(
2432 const char *value, char **to_update_field, const char *hexdump_prefix)
2433 {
2434 int value_len = strlen(value);
2435 if (*to_update_field) {
2436 os_free(*to_update_field);
2437 }
2438 *to_update_field = dup_binstr(value, value_len);
2439 if (!(*to_update_field)) {
2440 return 1;
2441 }
2442 wpa_hexdump_ascii(
2443 MSG_MSGDUMP, hexdump_prefix, *to_update_field, value_len);
2444 resetInternalStateAfterParamsUpdate();
2445 return 0;
2446 }
2447
2448 /**
2449 * Helper function to set value in a string key field in |wpa_ssid| structue
2450 * instance for this network.
2451 * This function frees any existing data in these fields.
2452 */
setStringKeyFieldAndResetState(const char * value,char ** to_update_field,const char * hexdump_prefix)2453 int StaNetwork::setStringKeyFieldAndResetState(
2454 const char *value, char **to_update_field, const char *hexdump_prefix)
2455 {
2456 int value_len = strlen(value);
2457 if (*to_update_field) {
2458 str_clear_free(*to_update_field);
2459 }
2460 *to_update_field = dup_binstr(value, value_len);
2461 if (!(*to_update_field)) {
2462 return 1;
2463 }
2464 wpa_hexdump_ascii_key(
2465 MSG_MSGDUMP, hexdump_prefix, *to_update_field, value_len);
2466 resetInternalStateAfterParamsUpdate();
2467 return 0;
2468 }
2469
2470 /**
2471 * Helper function to set value in a string field with a corresponding length
2472 * field in |wpa_ssid| structure instance for this network.
2473 * This function frees any existing data in these fields.
2474 */
setByteArrayField(const uint8_t * value,const size_t value_len,uint8_t ** to_update_field,size_t * to_update_field_len,const char * hexdump_prefix,bool resetState)2475 int StaNetwork::setByteArrayField(
2476 const uint8_t *value, const size_t value_len, uint8_t **to_update_field,
2477 size_t *to_update_field_len, const char *hexdump_prefix, bool resetState)
2478 {
2479 if (*to_update_field) {
2480 os_free(*to_update_field);
2481 }
2482 *to_update_field = (uint8_t *)os_malloc(value_len);
2483 if (!(*to_update_field)) {
2484 return 1;
2485 }
2486 os_memcpy(*to_update_field, value, value_len);
2487 *to_update_field_len = value_len;
2488
2489 wpa_hexdump_ascii(
2490 MSG_MSGDUMP, hexdump_prefix, *to_update_field,
2491 *to_update_field_len);
2492
2493 if (resetState) {
2494 resetInternalStateAfterParamsUpdate();
2495 }
2496 return 0;
2497 }
2498
2499 /**
2500 * Helper function to set value in a string field with a corresponding length
2501 * field in |wpa_ssid| structure instance for this network.
2502 * This function frees any existing data in these fields.
2503 */
setByteArrayFieldAndResetState(const uint8_t * value,const size_t value_len,uint8_t ** to_update_field,size_t * to_update_field_len,const char * hexdump_prefix)2504 int StaNetwork::setByteArrayFieldAndResetState(
2505 const uint8_t *value, const size_t value_len, uint8_t **to_update_field,
2506 size_t *to_update_field_len, const char *hexdump_prefix)
2507 {
2508 return setByteArrayField(value, value_len, to_update_field,
2509 to_update_field_len, hexdump_prefix, true);
2510 }
2511
2512 /**
2513 * Helper function to set value in a string key field with a corresponding
2514 * length field in |wpa_ssid| structue instance for this network.
2515 * This function frees any existing data in these fields.
2516 */
setByteArrayKeyFieldAndResetState(const uint8_t * value,const size_t value_len,uint8_t ** to_update_field,size_t * to_update_field_len,const char * hexdump_prefix)2517 int StaNetwork::setByteArrayKeyFieldAndResetState(
2518 const uint8_t *value, const size_t value_len, uint8_t **to_update_field,
2519 size_t *to_update_field_len, const char *hexdump_prefix)
2520 {
2521 if (*to_update_field) {
2522 bin_clear_free(*to_update_field, *to_update_field_len);
2523 }
2524 *to_update_field = (uint8_t *)os_malloc(value_len);
2525 if (!(*to_update_field)) {
2526 return 1;
2527 }
2528 os_memcpy(*to_update_field, value, value_len);
2529 *to_update_field_len = value_len;
2530
2531 wpa_hexdump_ascii_key(
2532 MSG_MSGDUMP, hexdump_prefix, *to_update_field,
2533 *to_update_field_len);
2534 resetInternalStateAfterParamsUpdate();
2535 return 0;
2536 }
2537
2538 /**
2539 * Helper function to set the fast transition bits in the key management
2540 * bitmask, to allow FT support when possible.
2541 */
setFastTransitionKeyMgmt(uint32_t & key_mgmt_mask)2542 void StaNetwork::setFastTransitionKeyMgmt(uint32_t &key_mgmt_mask)
2543 {
2544 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
2545 int res;
2546 struct wpa_driver_capa capa;
2547
2548 if (key_mgmt_mask & WPA_KEY_MGMT_PSK) {
2549 key_mgmt_mask |= WPA_KEY_MGMT_FT_PSK;
2550 }
2551
2552 if (key_mgmt_mask & WPA_KEY_MGMT_IEEE8021X) {
2553 key_mgmt_mask |= WPA_KEY_MGMT_FT_IEEE8021X;
2554 }
2555
2556 res = wpa_drv_get_capa(wpa_s, &capa);
2557 if (res == 0) {
2558 #ifdef CONFIG_IEEE80211R
2559 #ifdef CONFIG_SAE
2560 if ((key_mgmt_mask & WPA_KEY_MGMT_SAE) &&
2561 (capa.key_mgmt_iftype[WPA_IF_STATION] & WPA_DRIVER_CAPA_KEY_MGMT_FT_SAE)) {
2562 key_mgmt_mask |= WPA_KEY_MGMT_FT_SAE;
2563 }
2564 if ((key_mgmt_mask & WPA_KEY_MGMT_SAE_EXT_KEY) &&
2565 (capa.key_mgmt_iftype[WPA_IF_STATION] &
2566 WPA_DRIVER_CAPA_KEY_MGMT_FT_SAE_EXT_KEY)) {
2567 key_mgmt_mask |= WPA_KEY_MGMT_FT_SAE_EXT_KEY;
2568 }
2569 #endif
2570 #ifdef CONFIG_FILS
2571 if ((key_mgmt_mask & WPA_KEY_MGMT_FILS_SHA256) &&
2572 (capa.key_mgmt_iftype[WPA_IF_STATION] &
2573 WPA_DRIVER_CAPA_KEY_MGMT_FT_FILS_SHA256)) {
2574 key_mgmt_mask |= WPA_KEY_MGMT_FT_FILS_SHA256;
2575 }
2576
2577 if ((key_mgmt_mask & WPA_KEY_MGMT_FILS_SHA384) &&
2578 (capa.key_mgmt_iftype[WPA_IF_STATION] &
2579 WPA_DRIVER_CAPA_KEY_MGMT_FT_FILS_SHA384)) {
2580 key_mgmt_mask |= WPA_KEY_MGMT_FT_FILS_SHA384;
2581 }
2582 #endif
2583 #ifdef CONFIG_SUITEB192
2584 if ((key_mgmt_mask & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) &&
2585 (capa.key_mgmt_iftype[WPA_IF_STATION] &
2586 WPA_DRIVER_CAPA_KEY_MGMT_FT_802_1X_SHA384)) {
2587 key_mgmt_mask |= WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
2588 }
2589 #endif
2590 #endif
2591 }
2592
2593 }
2594
2595 /**
2596 * Helper function to reset the fast transition bits in the key management
2597 * bitmask.
2598 */
resetFastTransitionKeyMgmt(uint32_t & key_mgmt_mask)2599 void StaNetwork::resetFastTransitionKeyMgmt(uint32_t &key_mgmt_mask)
2600 {
2601 if (key_mgmt_mask & WPA_KEY_MGMT_PSK) {
2602 key_mgmt_mask &= ~WPA_KEY_MGMT_FT_PSK;
2603 }
2604
2605 if (key_mgmt_mask & WPA_KEY_MGMT_IEEE8021X) {
2606 key_mgmt_mask &= ~WPA_KEY_MGMT_FT_IEEE8021X;
2607 }
2608 #ifdef CONFIG_IEEE80211R
2609 #ifdef CONFIG_SAE
2610 if (key_mgmt_mask & WPA_KEY_MGMT_SAE) {
2611 key_mgmt_mask &= ~WPA_KEY_MGMT_FT_SAE;
2612 }
2613 #endif
2614 #ifdef CONFIG_FILS
2615 if (key_mgmt_mask & WPA_KEY_MGMT_FILS_SHA256) {
2616 key_mgmt_mask &= ~WPA_KEY_MGMT_FT_FILS_SHA256;
2617 }
2618
2619 if (key_mgmt_mask & WPA_KEY_MGMT_FILS_SHA384) {
2620 key_mgmt_mask &= ~WPA_KEY_MGMT_FT_FILS_SHA384;
2621 }
2622 #endif
2623 #ifdef CONFIG_SUITEB192
2624 if (key_mgmt_mask & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
2625 key_mgmt_mask &= ~WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
2626 }
2627 #endif
2628 #endif
2629 }
2630
2631 /**
2632 * Helper function to enable erp keys generation while connecting to FILS
2633 * enabled APs.
2634 */
setEapErpInternal(bool enable)2635 ndk::ScopedAStatus StaNetwork::setEapErpInternal(bool enable)
2636 {
2637 #ifdef CONFIG_FILS
2638 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2639 wpa_ssid->eap.erp = enable ? 1 : 0;
2640 return ndk::ScopedAStatus::ok();
2641 #else /* CONFIG_FILS */
2642 return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
2643 #endif /* CONFIG_FILS */
2644 }
2645
setSaeH2eModeInternal(SaeH2eMode mode)2646 ndk::ScopedAStatus StaNetwork::setSaeH2eModeInternal(
2647 SaeH2eMode mode)
2648 {
2649 struct wpa_supplicant *wpa_s = retrieveIfacePtr();
2650 switch (mode) {
2651 case SaeH2eMode::DISABLED:
2652 wpa_s->conf->sae_pwe = SAE_PWE_HUNT_AND_PECK;
2653 break;
2654 case SaeH2eMode::H2E_MANDATORY:
2655 wpa_s->conf->sae_pwe = SAE_PWE_HASH_TO_ELEMENT;
2656 break;
2657 case SaeH2eMode::H2E_OPTIONAL:
2658 wpa_s->conf->sae_pwe = SAE_PWE_BOTH;
2659 break;
2660 }
2661 resetInternalStateAfterParamsUpdate();
2662 return ndk::ScopedAStatus::ok();
2663 }
2664
enableSaePkOnlyModeInternal(bool enable)2665 ndk::ScopedAStatus StaNetwork::enableSaePkOnlyModeInternal(bool enable)
2666 {
2667 #ifdef CONFIG_SAE_PK
2668 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2669 wpa_ssid->sae_pk = enable ? SAE_PK_MODE_ONLY : SAE_PK_MODE_AUTOMATIC;
2670 resetInternalStateAfterParamsUpdate();
2671 return ndk::ScopedAStatus::ok();
2672 #else
2673 return createStatus(SupplicantStatusCode::FAILURE_UNSUPPORTED);
2674 #endif
2675 }
2676
setMinimumTlsVersionEapPhase1ParamInternal(TlsVersion tlsVersion)2677 ndk::ScopedAStatus StaNetwork::setMinimumTlsVersionEapPhase1ParamInternal(TlsVersion tlsVersion)
2678 {
2679 if (tlsVersion < TlsVersion::TLS_V1_0 || tlsVersion > TlsVersion::TLS_V1_3) {
2680 return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
2681 }
2682 if (tlsVersion == TlsVersion::TLS_V1_0) {
2683 // no restriction
2684 return ndk::ScopedAStatus::ok();
2685 }
2686
2687 if (tlsVersion < TlsVersion::TLS_V1_3 && (tlsFlags & TLS_CONN_SUITEB)) {
2688 // TLS configuration already set up for WPA3-Enterprise 192-bit mode
2689 return ndk::ScopedAStatus::ok();
2690 }
2691
2692 tlsFlags &= ~(TLS_CONN_DISABLE_TLSv1_3 | TLS_CONN_DISABLE_TLSv1_2 \
2693 | TLS_CONN_DISABLE_TLSv1_1 | TLS_CONN_DISABLE_TLSv1_0);
2694
2695 // Fallback to disable lower version TLS cascadingly.
2696 switch (tlsVersion) {
2697 #ifdef EAP_TLSV1_3
2698 case TlsVersion::TLS_V1_3:
2699 tlsFlags |= TLS_CONN_DISABLE_TLSv1_2;
2700 FALLTHROUGH_INTENDED;
2701 #endif
2702 case TlsVersion::TLS_V1_2:
2703 tlsFlags |= TLS_CONN_DISABLE_TLSv1_1;
2704 FALLTHROUGH_INTENDED;
2705 case TlsVersion::TLS_V1_1:
2706 tlsFlags |= TLS_CONN_DISABLE_TLSv1_0;
2707 break;
2708 default:
2709 return createStatus(SupplicantStatusCode::FAILURE_UNSUPPORTED);
2710 }
2711
2712 generateTlsParams();
2713 return ndk::ScopedAStatus::ok();
2714 }
2715
disableEhtInternal()2716 ndk::ScopedAStatus StaNetwork::disableEhtInternal()
2717 {
2718 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2719 if (wpa_ssid == nullptr ) {
2720 return createStatus(SupplicantStatusCode::FAILURE_NETWORK_INVALID);
2721 }
2722 wpa_ssid->disable_eht = 1;
2723 resetInternalStateAfterParamsUpdate();
2724 return ndk::ScopedAStatus::ok();
2725 }
2726
setVendorDataInternal(const std::vector<common::OuiKeyedData> &)2727 ndk::ScopedAStatus StaNetwork::setVendorDataInternal(
2728 const std::vector<common::OuiKeyedData>& /* vendorData */) {
2729 // Not implemented in the default implementation.
2730 return ndk::ScopedAStatus::ok();
2731 }
2732
2733 /**
2734 * WPA3-Enterprise 192-bit mode workaround to force the connection to EAP-TLSv1.2 due to
2735 * interoperability issues in TLSv1.3 which disables the SSL_SIGN_RSA_PKCS1_SHA384
2736 * signature algorithm, and has its own set of incompatible cipher suites which the
2737 * current WPA3 specification doesn't specify. The only specified cipher suites in the
2738 * WPA3 specifications are:
2739 * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, and
2740 * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384.
2741 * See boringssl/include/openssl/tls1.h for TLSv1.3 cipher suites.
2742 */
setTlsFlagsFor192BitMode(bool rsaMode)2743 void StaNetwork::setTlsFlagsFor192BitMode(bool rsaMode) {
2744 // Disable TLSv1.0 and TLSv1.1 by default for 192-bit mode
2745 int flags = TLS_CONN_DISABLE_TLSv1_1 \
2746 | TLS_CONN_DISABLE_TLSv1_0;
2747 if (rsaMode) {
2748 // Check if flags not set or already set to use EAP-TLSv1.3
2749 if (tlsFlags == 0 || !(tlsFlags & TLS_CONN_DISABLE_TLSv1_2)) {
2750 // Set up EAP-TLSv1.2 by default for maximum compatibility
2751 tlsFlags |= TLS_CONN_DISABLE_TLSv1_3;
2752 tlsFlags &= ~TLS_CONN_DISABLE_TLSv1_2;
2753 }
2754 tlsFlags |= TLS_CONN_SUITEB;
2755 }
2756
2757 tlsFlags |= flags;
2758 generateTlsParams();
2759 }
2760
generateTlsParams()2761 void StaNetwork::generateTlsParams() {
2762 struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
2763 if (wpa_ssid->eap.phase1 != NULL) {
2764 os_free(wpa_ssid->eap.phase1);
2765 wpa_ssid->eap.phase1 = NULL;
2766 }
2767 std::string tlsConfig;
2768
2769 if (tlsFlags & TLS_CONN_DISABLE_TLSv1_3) {
2770 tlsConfig.append("tls_disable_tlsv1_3=1");
2771 } else {
2772 tlsConfig.append("tls_disable_tlsv1_3=0");
2773 }
2774 if (tlsFlags & TLS_CONN_DISABLE_TLSv1_2) {
2775 tlsConfig.append("tls_disable_tlsv1_2=1");
2776 } else {
2777 tlsConfig.append("tls_disable_tlsv1_2=0");
2778 }
2779 if (tlsFlags & TLS_CONN_DISABLE_TLSv1_1) {
2780 tlsConfig.append("tls_disable_tlsv1_1=1");
2781 } else {
2782 tlsConfig.append("tls_disable_tlsv1_1=0");
2783 }
2784 if (tlsFlags & TLS_CONN_DISABLE_TLSv1_0) {
2785 tlsConfig.append("tls_disable_tlsv1_0=1");
2786 } else {
2787 tlsConfig.append("tls_disable_tlsv1_0=0");
2788 }
2789 if (tlsFlags & TLS_CONN_SUITEB) {
2790 tlsConfig.append("tls_suiteb=1");
2791 }
2792
2793 wpa_printf(MSG_DEBUG, "TLS configuration: %s", tlsConfig.c_str());
2794 setStringKeyFieldAndResetState(
2795 tlsConfig.c_str(), &(wpa_ssid->eap.phase1), "phase1");
2796 }
2797 } // namespace supplicant
2798 } // namespace wifi
2799 } // namespace hardware
2800 } // namespace android
2801 } // namespace aidl
2802