wpa_supplicant/wpas_kay.c

   1 /*
   2  * IEEE 802.1X-2010 KaY Interface
   3  * Copyright (c) 2013-2014, Qualcomm Atheros, Inc.
   4  *
   5  * This software may be distributed under the terms of the BSD license.
   6  * See README for more details.
   7  */
   8 #include <openssl/ssl.h>
   9 #include "utils/includes.h"
  10
  11 #include "utils/common.h"
  12 #include "eap_peer/eap.h"
  13 #include "eap_peer/eap_i.h"
  14 #include "eapol_supp/eapol_supp_sm.h"
  15 #include "pae/ieee802_1x_key.h"
  16 #include "pae/ieee802_1x_kay.h"
  17 #include "wpa_supplicant_i.h"
  18 #include "config.h"
  19 #include "config_ssid.h"
  20 #include "driver_i.h"
  21 #include "wpas_kay.h"
  22
  23
  24 #define DEFAULT_KEY_LEN         16
  25 /* secure Connectivity Association Key Name (CKN) */
  26 #define DEFAULT_CKN_LEN         16
  27
  28
  29 static int wpas_macsec_init(void *priv, struct macsec_init_params *params)
  30 {
  31         return wpa_drv_macsec_init(priv, params);
  32 }
  33
  34
  35 static int wpas_macsec_deinit(void *priv)
  36 {
  37         return wpa_drv_macsec_deinit(priv);
  38 }
  39
  40
  41 static int wpas_enable_protect_frames(void *wpa_s, Boolean enabled)
  42 {
  43         return wpa_drv_enable_protect_frames(wpa_s, enabled);
  44 }
  45
  46
  47 static int wpas_set_replay_protect(void *wpa_s, Boolean enabled, u32 window)
  48 {
  49         return wpa_drv_set_replay_protect(wpa_s, enabled, window);
  50 }
  51
  52
  53 static int wpas_set_current_cipher_suite(void *wpa_s, u64 cs)
  54 {
  55         return wpa_drv_set_current_cipher_suite(wpa_s, cs);
  56 }
  57
  58
  59 static int wpas_enable_controlled_port(void *wpa_s, Boolean enabled)
  60 {
  61         return wpa_drv_enable_controlled_port(wpa_s, enabled);
  62 }
  63
  64
  65 static int wpas_get_receive_lowest_pn(void *wpa_s, struct receive_sa *sa)
  66 {
  67         return wpa_drv_get_receive_lowest_pn(wpa_s, sa);
  68 }
  69
  70
  71 static int wpas_get_transmit_next_pn(void *wpa_s, struct transmit_sa *sa)
  72 {
  73         return wpa_drv_get_transmit_next_pn(wpa_s, sa);
  74 }
  75
  76
  77 static int wpas_set_transmit_next_pn(void *wpa_s, struct transmit_sa *sa)
  78 {
  79         return wpa_drv_set_transmit_next_pn(wpa_s, sa);
  80 }
  81
  82
  83 static int wpas_get_available_receive_sc(void *wpa_s, u32 *channel)
  84 {
  85         return wpa_drv_get_available_receive_sc(wpa_s, channel);
  86 }
  87
  88
  89 static unsigned int conf_offset_val(enum confidentiality_offset co)
  90 {
  91         switch (co) {
  92         case CONFIDENTIALITY_OFFSET_30:
  93                 return 30;
  94                 break;
  95         case CONFIDENTIALITY_OFFSET_50:
  96                 return 50;
  97         default:
  98                 return 0;
  99         }
 100 }
 101
 102
 103 static int wpas_create_receive_sc(void *wpa_s, struct receive_sc *sc,
 104                                   enum validate_frames vf,
 105                                   enum confidentiality_offset co)
 106 {
 107         return wpa_drv_create_receive_sc(wpa_s, sc, conf_offset_val(co), vf);
 108 }
 109
 110
 111 static int wpas_delete_receive_sc(void *wpa_s, struct receive_sc *sc)
 112 {
 113         return wpa_drv_delete_receive_sc(wpa_s, sc);
 114 }
 115
 116
 117 static int wpas_create_receive_sa(void *wpa_s, struct receive_sa *sa)
 118 {
 119         return wpa_drv_create_receive_sa(wpa_s, sa);
 120 }
 121
 122
 123 static int wpas_enable_receive_sa(void *wpa_s, struct receive_sa *sa)
 124 {
 125         return wpa_drv_enable_receive_sa(wpa_s, sa);
 126 }
 127
 128
 129 static int wpas_disable_receive_sa(void *wpa_s, struct receive_sa *sa)
 130 {
 131         return wpa_drv_disable_receive_sa(wpa_s, sa);
 132 }
 133
 134
 135 static int wpas_get_available_transmit_sc(void *wpa_s, u32 *channel)
 136 {
 137         return wpa_drv_get_available_transmit_sc(wpa_s, channel);
 138 }
 139
 140
 141 static int
 142 wpas_create_transmit_sc(void *wpa_s, struct transmit_sc *sc,
 143                         enum confidentiality_offset co)
 144 {
 145         return wpa_drv_create_transmit_sc(wpa_s, sc, conf_offset_val(co));
 146 }
 147
 148
 149 static int wpas_delete_transmit_sc(void *wpa_s, struct transmit_sc *sc)
 150 {
 151         return wpa_drv_delete_transmit_sc(wpa_s, sc);
 152 }
 153
 154
 155 static int wpas_create_transmit_sa(void *wpa_s, struct transmit_sa *sa)
 156 {
 157         return wpa_drv_create_transmit_sa(wpa_s, sa);
 158 }
 159
 160
 161 static int wpas_enable_transmit_sa(void *wpa_s, struct transmit_sa *sa)
 162 {
 163         return wpa_drv_enable_transmit_sa(wpa_s, sa);
 164 }
 165
 166
 167 static int wpas_disable_transmit_sa(void *wpa_s, struct transmit_sa *sa)
 168 {
 169         return wpa_drv_disable_transmit_sa(wpa_s, sa);
 170 }
 171
 172
 173 int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
 174 {
 175         struct ieee802_1x_kay_ctx *kay_ctx;
 176         struct ieee802_1x_kay *res = NULL;
 177         enum macsec_policy policy;
 178
 179         ieee802_1x_dealloc_kay_sm(wpa_s);
 180
 181         if (!ssid || ssid->macsec_policy == 0)
 182                 return 0;
 183
 184         policy = ssid->macsec_policy == 1 ? SHOULD_SECURE : DO_NOT_SECURE;
 185
 186         kay_ctx = os_zalloc(sizeof(*kay_ctx));
 187         if (!kay_ctx)
 188                 return -1;
 189
 190         kay_ctx->ctx = wpa_s;
 191
 192         kay_ctx->macsec_init = wpas_macsec_init;
 193         kay_ctx->macsec_deinit = wpas_macsec_deinit;
 194         kay_ctx->enable_protect_frames = wpas_enable_protect_frames;
 195         kay_ctx->set_replay_protect = wpas_set_replay_protect;
 196         kay_ctx->set_current_cipher_suite = wpas_set_current_cipher_suite;
 197         kay_ctx->enable_controlled_port = wpas_enable_controlled_port;
 198         kay_ctx->get_receive_lowest_pn = wpas_get_receive_lowest_pn;
 199         kay_ctx->get_transmit_next_pn = wpas_get_transmit_next_pn;
 200         kay_ctx->set_transmit_next_pn = wpas_set_transmit_next_pn;
 201         kay_ctx->get_available_receive_sc = wpas_get_available_receive_sc;
 202         kay_ctx->create_receive_sc = wpas_create_receive_sc;
 203         kay_ctx->delete_receive_sc = wpas_delete_receive_sc;
 204         kay_ctx->create_receive_sa = wpas_create_receive_sa;
 205         kay_ctx->enable_receive_sa = wpas_enable_receive_sa;
 206         kay_ctx->disable_receive_sa = wpas_disable_receive_sa;
 207         kay_ctx->get_available_transmit_sc = wpas_get_available_transmit_sc;
 208         kay_ctx->create_transmit_sc = wpas_create_transmit_sc;
 209         kay_ctx->delete_transmit_sc = wpas_delete_transmit_sc;
 210         kay_ctx->create_transmit_sa = wpas_create_transmit_sa;
 211         kay_ctx->enable_transmit_sa = wpas_enable_transmit_sa;
 212         kay_ctx->disable_transmit_sa = wpas_disable_transmit_sa;
 213
 214         res = ieee802_1x_kay_init(kay_ctx, policy, wpa_s->ifname,
 215                                   wpa_s->own_addr);
 216         if (res == NULL) {
 217                 os_free(kay_ctx);
 218                 return -1;
 219         }
 220
 221         wpa_s->kay = res;
 222
 223         return 0;
 224 }
 225
 226
 227 void ieee802_1x_dealloc_kay_sm(struct wpa_supplicant *wpa_s)
 228 {
 229         if (!wpa_s->kay)
 230                 return;
 231
 232         ieee802_1x_kay_deinit(wpa_s->kay);
 233         wpa_s->kay = NULL;
 234 }
 235
 236
 237 static int ieee802_1x_auth_get_session_id(struct wpa_supplicant *wpa_s,
 238                                           const u8 *addr, u8 *sid, size_t *len)
 239 {
 240         const u8 *session_id;
 241         size_t id_len, need_len;
 242
 243         session_id = eapol_sm_get_session_id(wpa_s->eapol, &id_len);
 244         if (session_id == NULL) {
 245                 wpa_printf(MSG_DEBUG,
 246                            "Failed to get SessionID from EAPOL state machines");
 247                 return -1;
 248         }
 249
 250         need_len = 1 + 2 * SSL3_RANDOM_SIZE;
 251         if (need_len > id_len) {
 252                 wpa_printf(MSG_DEBUG, "EAP Session-Id not long enough");
 253                 return -1;
 254         }
 255
 256         os_memcpy(sid, session_id, need_len);
 257         *len = need_len;
 258
 259         return 0;
 260 }
 261
 262
 263 static int ieee802_1x_auth_get_msk(struct wpa_supplicant *wpa_s, const u8 *addr,
 264                                    u8 *msk, size_t *len)
 265 {
 266         u8 key[EAP_MSK_LEN];
 267         size_t keylen;
 268         struct eapol_sm *sm;
 269         int res;
 270
 271         sm = wpa_s->eapol;
 272         if (sm == NULL)
 273                 return -1;
 274
 275         keylen = EAP_MSK_LEN;
 276         res = eapol_sm_get_key(sm, key, keylen);
 277         if (res) {
 278                 wpa_printf(MSG_DEBUG,
 279                            "Failed to get MSK from EAPOL state machines");
 280                 return -1;
 281         }
 282
 283         if (keylen > *len)
 284                 keylen = *len;
 285         os_memcpy(msk, key, keylen);
 286         *len = keylen;
 287
 288         return 0;
 289 }
 290
 291
 292 void * ieee802_1x_notify_create_actor(struct wpa_supplicant *wpa_s,
 293                                       const u8 *peer_addr)
 294 {
 295         u8 *sid;
 296         size_t sid_len = 128;
 297         struct mka_key_name *ckn;
 298         struct mka_key *cak;
 299         struct mka_key *msk;
 300         void *res = NULL;
 301
 302         if (!wpa_s->kay || wpa_s->kay->policy == DO_NOT_SECURE)
 303                 return NULL;
 304
 305         wpa_printf(MSG_DEBUG,
 306                    "IEEE 802.1X: External notification - Create MKA for "
 307                    MACSTR, MAC2STR(peer_addr));
 308
 309         msk = os_zalloc(sizeof(*msk));
 310         sid = os_zalloc(sid_len);
 311         ckn = os_zalloc(sizeof(*ckn));
 312         cak = os_zalloc(sizeof(*cak));
 313         if (!msk || !sid || !ckn || !cak)
 314                 goto fail;
 315
 316         msk->len = DEFAULT_KEY_LEN;
 317         if (ieee802_1x_auth_get_msk(wpa_s, wpa_s->bssid, msk->key, &msk->len)) {
 318                 wpa_printf(MSG_ERROR, "IEEE 802.1X: Could not get MSK");
 319                 goto fail;
 320         }
 321
 322         if (ieee802_1x_auth_get_session_id(wpa_s, wpa_s->bssid, sid, &sid_len))
 323         {
 324                 wpa_printf(MSG_ERROR,
 325                            "IEEE 802.1X: Could not get EAP Session Id");
 326                 goto fail;
 327         }
 328
 329         /* Derive CAK from MSK */
 330         cak->len = DEFAULT_KEY_LEN;
 331         if (ieee802_1x_cak_128bits_aes_cmac(msk->key, wpa_s->own_addr,
 332                                             peer_addr, cak->key)) {
 333                 wpa_printf(MSG_ERROR,
 334                            "IEEE 802.1X: Deriving CAK failed");
 335                 goto fail;
 336         }
 337         wpa_hexdump_key(MSG_DEBUG, "Derived CAK", cak->key, cak->len);
 338
 339         /* Derive CKN from MSK */
 340         ckn->len = DEFAULT_CKN_LEN;
 341         if (ieee802_1x_ckn_128bits_aes_cmac(msk->key, wpa_s->own_addr,
 342                                             peer_addr, sid, sid_len,
 343                                             ckn->name)) {
 344                 wpa_printf(MSG_ERROR,
 345                            "IEEE 802.1X: Deriving CKN failed");
 346                 goto fail;
 347         }
 348         wpa_hexdump(MSG_DEBUG, "Derived CKN", ckn->name, ckn->len);
 349
 350         res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0,
 351                                         EAP_EXCHANGE, FALSE);
 352
 353 fail:
 354         if (msk) {
 355                 os_memset(msk, 0, sizeof(*msk));
 356                 os_free(msk);
 357         }
 358         os_free(sid);
 359         os_free(ckn);
 360         if (cak) {
 361                 os_memset(cak, 0, sizeof(*cak));
 362                 os_free(cak);
 363         }
 364
 365         return res;
 366 }