src/eap_server/eap_server_tls.c

   1 /*
   2  * hostapd / EAP-TLS (RFC 2716)
   3  * Copyright (c) 2004-2008, Jouni Malinen <j@w1.fi>
   4  *
   5  * This software may be distributed under the terms of the BSD license.
   6  * See README for more details.
   7  */
   8
   9 #include "includes.h"
  10
  11 #include "common.h"
  12 #include "eap_i.h"
  13 #include "eap_tls_common.h"
  14 #include "crypto/tls.h"
  15
  16
  17 static void eap_tls_reset(struct eap_sm *sm, void *priv);
  18
  19
  20 struct eap_tls_data {
  21         struct eap_ssl_data ssl;
  22         enum { START, CONTINUE, SUCCESS, FAILURE } state;
  23         int established;
  24         u8 eap_type;
  25 };
  26
  27
  28 static const char * eap_tls_state_txt(int state)
  29 {
  30         switch (state) {
  31         case START:
  32                 return "START";
  33         case CONTINUE:
  34                 return "CONTINUE";
  35         case SUCCESS:
  36                 return "SUCCESS";
  37         case FAILURE:
  38                 return "FAILURE";
  39         default:
  40                 return "Unknown?!";
  41         }
  42 }
  43
  44
  45 static void eap_tls_state(struct eap_tls_data *data, int state)
  46 {
  47         wpa_printf(MSG_DEBUG, "EAP-TLS: %s -> %s",
  48                    eap_tls_state_txt(data->state),
  49                    eap_tls_state_txt(state));
  50         data->state = state;
  51 }
  52
  53
  54 static void * eap_tls_init(struct eap_sm *sm)
  55 {
  56         struct eap_tls_data *data;
  57
  58         data = os_zalloc(sizeof(*data));
  59         if (data == NULL)
  60                 return NULL;
  61         data->state = START;
  62
  63         if (eap_server_tls_ssl_init(sm, &data->ssl, 1, EAP_TYPE_TLS)) {
  64                 wpa_printf(MSG_INFO, "EAP-TLS: Failed to initialize SSL.");
  65                 eap_tls_reset(sm, data);
  66                 return NULL;
  67         }
  68
  69         data->eap_type = EAP_TYPE_TLS;
  70
  71         return data;
  72 }
  73
  74
  75 #ifdef EAP_SERVER_UNAUTH_TLS
  76 static void * eap_unauth_tls_init(struct eap_sm *sm)
  77 {
  78         struct eap_tls_data *data;
  79
  80         data = os_zalloc(sizeof(*data));
  81         if (data == NULL)
  82                 return NULL;
  83         data->state = START;
  84
  85         if (eap_server_tls_ssl_init(sm, &data->ssl, 0, EAP_UNAUTH_TLS_TYPE)) {
  86                 wpa_printf(MSG_INFO, "EAP-TLS: Failed to initialize SSL.");
  87                 eap_tls_reset(sm, data);
  88                 return NULL;
  89         }
  90
  91         data->eap_type = EAP_UNAUTH_TLS_TYPE;
  92         return data;
  93 }
  94 #endif /* EAP_SERVER_UNAUTH_TLS */
  95
  96
  97 #ifdef CONFIG_HS20
  98 static void * eap_wfa_unauth_tls_init(struct eap_sm *sm)
  99 {
 100         struct eap_tls_data *data;
 101
 102         data = os_zalloc(sizeof(*data));
 103         if (data == NULL)
 104                 return NULL;
 105         data->state = START;
 106
 107         if (eap_server_tls_ssl_init(sm, &data->ssl, 0,
 108                                     EAP_WFA_UNAUTH_TLS_TYPE)) {
 109                 wpa_printf(MSG_INFO, "EAP-TLS: Failed to initialize SSL.");
 110                 eap_tls_reset(sm, data);
 111                 return NULL;
 112         }
 113
 114         data->eap_type = EAP_WFA_UNAUTH_TLS_TYPE;
 115         return data;
 116 }
 117 #endif /* CONFIG_HS20 */
 118
 119
 120 static void eap_tls_reset(struct eap_sm *sm, void *priv)
 121 {
 122         struct eap_tls_data *data = priv;
 123         if (data == NULL)
 124                 return;
 125         eap_server_tls_ssl_deinit(sm, &data->ssl);
 126         os_free(data);
 127 }
 128
 129
 130 static struct wpabuf * eap_tls_build_start(struct eap_sm *sm,
 131                                            struct eap_tls_data *data, u8 id)
 132 {
 133         struct wpabuf *req;
 134
 135         req = eap_tls_msg_alloc(data->eap_type, 1, EAP_CODE_REQUEST, id);
 136         if (req == NULL) {
 137                 wpa_printf(MSG_ERROR, "EAP-TLS: Failed to allocate memory for "
 138                            "request");
 139                 eap_tls_state(data, FAILURE);
 140                 return NULL;
 141         }
 142
 143         wpabuf_put_u8(req, EAP_TLS_FLAGS_START);
 144
 145         eap_tls_state(data, CONTINUE);
 146
 147         return req;
 148 }
 149
 150
 151 static struct wpabuf * eap_tls_buildReq(struct eap_sm *sm, void *priv, u8 id)
 152 {
 153         struct eap_tls_data *data = priv;
 154         struct wpabuf *res;
 155
 156         if (data->ssl.state == FRAG_ACK) {
 157                 return eap_server_tls_build_ack(id, data->eap_type, 0);
 158         }
 159
 160         if (data->ssl.state == WAIT_FRAG_ACK) {
 161                 res = eap_server_tls_build_msg(&data->ssl, data->eap_type, 0,
 162                                                id);
 163                 goto check_established;
 164         }
 165
 166         switch (data->state) {
 167         case START:
 168                 return eap_tls_build_start(sm, data, id);
 169         case CONTINUE:
 170                 if (tls_connection_established(sm->ssl_ctx, data->ssl.conn))
 171                         data->established = 1;
 172                 break;
 173         default:
 174                 wpa_printf(MSG_DEBUG, "EAP-TLS: %s - unexpected state %d",
 175                            __func__, data->state);
 176                 return NULL;
 177         }
 178
 179         res = eap_server_tls_build_msg(&data->ssl, data->eap_type, 0, id);
 180
 181 check_established:
 182         if (data->established && data->ssl.state != WAIT_FRAG_ACK) {
 183                 /* TLS handshake has been completed and there are no more
 184                  * fragments waiting to be sent out. */
 185                 wpa_printf(MSG_DEBUG, "EAP-TLS: Done");
 186                 eap_tls_state(data, SUCCESS);
 187         }
 188
 189         return res;
 190 }
 191
 192
 193 static Boolean eap_tls_check(struct eap_sm *sm, void *priv,
 194                              struct wpabuf *respData)
 195 {
 196         struct eap_tls_data *data = priv;
 197         const u8 *pos;
 198         size_t len;
 199
 200         if (data->eap_type == EAP_UNAUTH_TLS_TYPE)
 201                 pos = eap_hdr_validate(EAP_VENDOR_UNAUTH_TLS,
 202                                        EAP_VENDOR_TYPE_UNAUTH_TLS, respData,
 203                                        &len);
 204         else if (data->eap_type == EAP_WFA_UNAUTH_TLS_TYPE)
 205                 pos = eap_hdr_validate(EAP_VENDOR_WFA_NEW,
 206                                        EAP_VENDOR_WFA_UNAUTH_TLS, respData,
 207                                        &len);
 208         else
 209                 pos = eap_hdr_validate(EAP_VENDOR_IETF, data->eap_type,
 210                                        respData, &len);
 211         if (pos == NULL || len < 1) {
 212                 wpa_printf(MSG_INFO, "EAP-TLS: Invalid frame");
 213                 return TRUE;
 214         }
 215
 216         return FALSE;
 217 }
 218
 219
 220 static void eap_tls_process_msg(struct eap_sm *sm, void *priv,
 221                                 const struct wpabuf *respData)
 222 {
 223         struct eap_tls_data *data = priv;
 224         if (data->state == SUCCESS && wpabuf_len(data->ssl.tls_in) == 0) {
 225                 wpa_printf(MSG_DEBUG, "EAP-TLS: Client acknowledged final TLS "
 226                            "handshake message");
 227                 return;
 228         }
 229         if (eap_server_tls_phase1(sm, &data->ssl) < 0)
 230                 eap_tls_state(data, FAILURE);
 231 }
 232
 233
 234 static void eap_tls_process(struct eap_sm *sm, void *priv,
 235                             struct wpabuf *respData)
 236 {
 237         struct eap_tls_data *data = priv;
 238         if (eap_server_tls_process(sm, &data->ssl, respData, data,
 239                                    data->eap_type, NULL, eap_tls_process_msg) <
 240             0)
 241                 eap_tls_state(data, FAILURE);
 242 }
 243
 244
 245 static Boolean eap_tls_isDone(struct eap_sm *sm, void *priv)
 246 {
 247         struct eap_tls_data *data = priv;
 248         return data->state == SUCCESS || data->state == FAILURE;
 249 }
 250
 251
 252 static u8 * eap_tls_getKey(struct eap_sm *sm, void *priv, size_t *len)
 253 {
 254         struct eap_tls_data *data = priv;
 255         u8 *eapKeyData;
 256
 257         if (data->state != SUCCESS)
 258                 return NULL;
 259
 260         eapKeyData = eap_server_tls_derive_key(sm, &data->ssl,
 261                                                "client EAP encryption",
 262                                                EAP_TLS_KEY_LEN);
 263         if (eapKeyData) {
 264                 *len = EAP_TLS_KEY_LEN;
 265                 wpa_hexdump(MSG_DEBUG, "EAP-TLS: Derived key",
 266                             eapKeyData, EAP_TLS_KEY_LEN);
 267         } else {
 268                 wpa_printf(MSG_DEBUG, "EAP-TLS: Failed to derive key");
 269         }
 270
 271         return eapKeyData;
 272 }
 273
 274
 275 static u8 * eap_tls_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
 276 {
 277         struct eap_tls_data *data = priv;
 278         u8 *eapKeyData, *emsk;
 279
 280         if (data->state != SUCCESS)
 281                 return NULL;
 282
 283         eapKeyData = eap_server_tls_derive_key(sm, &data->ssl,
 284                                                "client EAP encryption",
 285                                                EAP_TLS_KEY_LEN + EAP_EMSK_LEN);
 286         if (eapKeyData) {
 287                 emsk = os_malloc(EAP_EMSK_LEN);
 288                 if (emsk)
 289                         os_memcpy(emsk, eapKeyData + EAP_TLS_KEY_LEN,
 290                                   EAP_EMSK_LEN);
 291                 bin_clear_free(eapKeyData, EAP_TLS_KEY_LEN + EAP_EMSK_LEN);
 292         } else
 293                 emsk = NULL;
 294
 295         if (emsk) {
 296                 *len = EAP_EMSK_LEN;
 297                 wpa_hexdump(MSG_DEBUG, "EAP-TLS: Derived EMSK",
 298                             emsk, EAP_EMSK_LEN);
 299         } else {
 300                 wpa_printf(MSG_DEBUG, "EAP-TLS: Failed to derive EMSK");
 301         }
 302
 303         return emsk;
 304 }
 305
 306
 307 static Boolean eap_tls_isSuccess(struct eap_sm *sm, void *priv)
 308 {
 309         struct eap_tls_data *data = priv;
 310         return data->state == SUCCESS;
 311 }
 312
 313
 314 static u8 * eap_tls_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
 315 {
 316         struct eap_tls_data *data = priv;
 317
 318         if (data->state != SUCCESS)
 319                 return NULL;
 320
 321         return eap_server_tls_derive_session_id(sm, &data->ssl, EAP_TYPE_TLS,
 322                                                 len);
 323 }
 324
 325
 326 int eap_server_tls_register(void)
 327 {
 328         struct eap_method *eap;
 329         int ret;
 330
 331         eap = eap_server_method_alloc(EAP_SERVER_METHOD_INTERFACE_VERSION,
 332                                       EAP_VENDOR_IETF, EAP_TYPE_TLS, "TLS");
 333         if (eap == NULL)
 334                 return -1;
 335
 336         eap->init = eap_tls_init;
 337         eap->reset = eap_tls_reset;
 338         eap->buildReq = eap_tls_buildReq;
 339         eap->check = eap_tls_check;
 340         eap->process = eap_tls_process;
 341         eap->isDone = eap_tls_isDone;
 342         eap->getKey = eap_tls_getKey;
 343         eap->isSuccess = eap_tls_isSuccess;
 344         eap->get_emsk = eap_tls_get_emsk;
 345         eap->getSessionId = eap_tls_get_session_id;
 346
 347         ret = eap_server_method_register(eap);
 348         if (ret)
 349                 eap_server_method_free(eap);
 350         return ret;
 351 }
 352
 353
 354 #ifdef EAP_SERVER_UNAUTH_TLS
 355 int eap_server_unauth_tls_register(void)
 356 {
 357         struct eap_method *eap;
 358         int ret;
 359
 360         eap = eap_server_method_alloc(EAP_SERVER_METHOD_INTERFACE_VERSION,
 361                                       EAP_VENDOR_UNAUTH_TLS,
 362                                       EAP_VENDOR_TYPE_UNAUTH_TLS,
 363                                       "UNAUTH-TLS");
 364         if (eap == NULL)
 365                 return -1;
 366
 367         eap->init = eap_unauth_tls_init;
 368         eap->reset = eap_tls_reset;
 369         eap->buildReq = eap_tls_buildReq;
 370         eap->check = eap_tls_check;
 371         eap->process = eap_tls_process;
 372         eap->isDone = eap_tls_isDone;
 373         eap->getKey = eap_tls_getKey;
 374         eap->isSuccess = eap_tls_isSuccess;
 375         eap->get_emsk = eap_tls_get_emsk;
 376
 377         ret = eap_server_method_register(eap);
 378         if (ret)
 379                 eap_server_method_free(eap);
 380         return ret;
 381 }
 382 #endif /* EAP_SERVER_UNAUTH_TLS */
 383
 384
 385 #ifdef CONFIG_HS20
 386 int eap_server_wfa_unauth_tls_register(void)
 387 {
 388         struct eap_method *eap;
 389         int ret;
 390
 391         eap = eap_server_method_alloc(EAP_SERVER_METHOD_INTERFACE_VERSION,
 392                                       EAP_VENDOR_WFA_NEW,
 393                                       EAP_VENDOR_WFA_UNAUTH_TLS,
 394                                       "WFA-UNAUTH-TLS");
 395         if (eap == NULL)
 396                 return -1;
 397
 398         eap->init = eap_wfa_unauth_tls_init;
 399         eap->reset = eap_tls_reset;
 400         eap->buildReq = eap_tls_buildReq;
 401         eap->check = eap_tls_check;
 402         eap->process = eap_tls_process;
 403         eap->isDone = eap_tls_isDone;
 404         eap->getKey = eap_tls_getKey;
 405         eap->isSuccess = eap_tls_isSuccess;
 406         eap->get_emsk = eap_tls_get_emsk;
 407
 408         ret = eap_server_method_register(eap);
 409         if (ret)
 410                 eap_server_method_free(eap);
 411         return ret;
 412 }
 413 #endif /* CONFIG_HS20 */