MACsec: wpa_supplicant integration

Add MACsec to the wpa_supplicant build system and configuration file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile
index f74d5165752d36f34f34da18c762ea4d54271ad7..48eb28a3aa7f6010d7f8eab164a63590ff615134 100644 (file)
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -748,6 +748,19 @@ LIBS += -ldl -rdynamic
 endif
 endif
 
+ifdef CONFIG_MACSEC
+CFLAGS += -DCONFIG_MACSEC
+NEED_AES_ENCBLOCK=y
+NEED_AES_UNWRAP=y
+NEED_AES_WRAP=y
+NEED_AES_OMAC1=y
+OBJS += wpas_kay.o
+OBJS += ../src/pae/ieee802_1x_cp.o
+OBJS += ../src/pae/ieee802_1x_kay.o
+OBJS += ../src/pae/ieee802_1x_key.o
+OBJS += ../src/pae/ieee802_1x_secy_ops.o
+endif
+
 ifdef CONFIG_AP
 NEED_80211_COMMON=y
 NEED_EAP_COMMON=y

diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
index 7d58c05c01cd50ece35f86eb5703b5c7819fcc11..e60bc05ae8680343e43659852c23e35c41b45d14 100644 (file)
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -1733,6 +1733,9 @@ static const struct parse_data ssid_fields[] = {
        { INT(ap_max_inactivity) },
        { INT(dtim_period) },
        { INT(beacon_int) },
+#ifdef CONFIG_MACSEC
+       { INT_RANGE(macsec_policy, 0, 1) },
+#endif /* CONFIG_MACSEC */
 };
 
 #undef OFFSET

diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c
index 3cfe5ba93c0331be3a8a16bf952d115fefd8c255..4dc4d123d66cdf281fbbc1a3c3c80d14c8c505e1 100644 (file)
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -736,6 +736,9 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid)
 #endif /* CONFIG_P2P */
        INT(dtim_period);
        INT(beacon_int);
+#ifdef CONFIG_MACSEC
+       INT(macsec_policy);
+#endif /* CONFIG_MACSEC */
 
 #undef STR
 #undef INT

diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h
index 18fb65bbc3cfc3918cdf8cebe005a135f8da0dcb..76b0632e370f85f327e274bf59c6934712e986c3 100644 (file)
--- a/wpa_supplicant/config_ssid.h
+++ b/wpa_supplicant/config_ssid.h
@@ -636,6 +636,17 @@ struct wpa_ssid {
         * dereferences since it may not be updated in all cases.
         */
        void *parent_cred;
+
+#ifdef CONFIG_MACSEC
+       /**
+        * macsec_policy - Determines the policy for MACsec secure session
+        *
+        * 0: MACsec not in use (default)
+        * 1: MACsec enabled - Should secure, accept key server's advice to
+        *    determine whether to use a secure session or not.
+        */
+       int macsec_policy;
+#endif /* CONFIG_MACSEC */
 };
 
 #endif /* CONFIG_SSID_H */

diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index f56b198bde096b645b49de752638d65350bc2729..8ba816b4ea6538a1169fd90f98cae7cb8926e5a4 100644 (file)
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -51,6 +51,7 @@
 #include "offchannel.h"
 #include "hs20_supplicant.h"
 #include "wnm_sta.h"
+#include "wpas_kay.h"
 
 const char *wpa_supplicant_version =
 "wpa_supplicant v" VERSION_STR "\n"
@@ -298,6 +299,8 @@ void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
        eapol_conf.external_sim = wpa_s->conf->external_sim;
        eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
 #endif /* IEEE8021X_EAPOL */
+
+       ieee802_1x_alloc_kay_sm(wpa_s, ssid);
 }
 
 
@@ -468,6 +471,8 @@ static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
 
        free_hw_features(wpa_s);
 
+       ieee802_1x_dealloc_kay_sm(wpa_s);
+
        os_free(wpa_s->bssid_filter);
        wpa_s->bssid_filter = NULL;
 

diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf
index 81fbdfb452217d768c4fdc0f1256d2d6bb7674fc..243787f83fef9cd36c5d996a258f9858f75b858c 100644 (file)
--- a/wpa_supplicant/wpa_supplicant.conf
+++ b/wpa_supplicant/wpa_supplicant.conf
@@ -81,6 +81,8 @@ ctrl_interface=/var/run/wpa_supplicant
 # to make wpa_supplicant interoperate with these APs, the version number is set
 # to 1 by default. This configuration value can be used to set it to the new
 # version (2).
+# Note: When using MACsec, eapol_version shall be set to 3, which is
+# defined in IEEE Std 802.1X-2010.
 eapol_version=1
 
 # AP scanning/selection
@@ -97,6 +99,8 @@ eapol_version=1
 #    non-WPA drivers when using IEEE 802.1X mode; do not try to associate with
 #    APs (i.e., external program needs to control association). This mode must
 #    also be used when using wired Ethernet drivers.
+#    Note: macsec_qca driver is one type of Ethernet driver which implements
+#    macsec feature.
 # 2: like 0, but associate with APs using security policy and SSID (but not
 #    BSSID); this can be used, e.g., with ndiswrapper and NDIS drivers to
 #    enable operation with hidden SSIDs and optimized roaming; in this mode,
@@ -675,8 +679,16 @@ fast_reauth=1
 # bit0 (1): require dynamically generated unicast WEP key
 # bit1 (2): require dynamically generated broadcast WEP key
 #      (3 = require both keys; default)
-# Note: When using wired authentication, eapol_flags must be set to 0 for the
-# authentication to be completed successfully.
+# Note: When using wired authentication (including macsec_qca driver),
+# eapol_flags must be set to 0 for the authentication to be completed
+# successfully.
+#
+# macsec_policy: IEEE 802.1X/MACsec options
+# This determines how sessions are secured with MACsec. It is currently
+# applicable only when using the macsec_qca driver interface.
+# 0: MACsec not in use (default)
+# 1: MACsec enabled - Should secure, accept key server's advice to
+#    determine whether to use a secure session or not.
 #
 # mixed_cell: This option can be used to configure whether so called mixed
 # cells, i.e., networks that use both plaintext and encryption in the same
@@ -1341,3 +1353,17 @@ freq_list=5180
 network={
        key_mgmt=NONE
 }
+
+
+# Example MACsec configuration
+#network={
+#      key_mgmt=IEEE8021X
+#      eap=TTLS
+#      phase2="auth=PAP"
+#      anonymous_identity="anonymous@example.com"
+#      identity="user@example.com"
+#      password="secretr"
+#      ca_cert="/etc/cert/ca.pem"
+#      eapol_flags=0
+#      macsec_policy=1
+#}

diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h
index b5e137cfcad79c1022df262e3fc329f6eae4210a..a57f962de7baa8e9589ce19b81d3470380696882 100644 (file)
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -808,6 +808,9 @@ struct wpa_supplicant {
                u16 num_modes;
                u16 flags;
        } hw;
+#ifdef CONFIG_MACSEC
+       struct ieee802_1x_kay *kay;
+#endif /* CONFIG_MACSEC */
 
        int pno;
        int pno_sched_pending;

diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c
index b2a330cf438092697701e18e1342745401a6dd79..350b1229b645ffd7f5e816dd3215271b808f2ac0 100644 (file)
--- a/wpa_supplicant/wpas_glue.c
+++ b/wpa_supplicant/wpas_glue.c
@@ -26,6 +26,7 @@
 #include "bss.h"
 #include "scan.h"
 #include "notify.h"
+#include "wpas_kay.h"
 
 
 #ifndef CONFIG_NO_CONFIG_BLOBS
@@ -254,6 +255,8 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol,
                 * authentication failure.
                 */
                wpa_supplicant_req_auth_timeout(wpa_s, 2, 0);
+       } else {
+               ieee802_1x_notify_create_actor(wpa_s, wpa_s->last_eapol_src);
        }
 
        if (result != EAPOL_SUPP_RESULT_SUCCESS ||

diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c
new file mode 100644 (file)
index 0000000..354decf
--- /dev/null
+++ b/wpa_supplicant/wpas_kay.c
@@ -0,0 +1,378 @@
+/*
+ * IEEE 802.1X-2010 KaY Interface
+ * Copyright (c) 2013-2014, Qualcomm Atheros, Inc.
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+#include <openssl/ssl.h>
+#include "utils/includes.h"
+
+#include "utils/common.h"
+#include "eap_peer/eap.h"
+#include "eap_peer/eap_i.h"
+#include "eapol_supp/eapol_supp_sm.h"
+#include "pae/ieee802_1x_key.h"
+#include "pae/ieee802_1x_kay.h"
+#include "wpa_supplicant_i.h"
+#include "config.h"
+#include "config_ssid.h"
+#include "driver_i.h"
+#include "wpas_kay.h"
+
+
+#define DEFAULT_KEY_LEN                16
+/* secure Connectivity Association Key Name (CKN) */
+#define DEFAULT_CKN_LEN                16
+
+
+static int wpas_macsec_init(void *priv, struct macsec_init_params *params)
+{
+       return wpa_drv_macsec_init(priv, params);
+}
+
+
+static int wpas_macsec_deinit(void *priv)
+{
+       return wpa_drv_macsec_deinit(priv);
+}
+
+
+static int wpas_enable_protect_frames(void *wpa_s, Boolean enabled)
+{
+       return wpa_drv_enable_protect_frames(wpa_s, enabled);
+}
+
+
+static int wpas_set_replay_protect(void *wpa_s, Boolean enabled, u32 window)
+{
+       return wpa_drv_set_replay_protect(wpa_s, enabled, window);
+}
+
+
+static int wpas_set_current_cipher_suite(void *wpa_s, const u8 *cs,
+                                        size_t cs_len)
+{
+       return wpa_drv_set_current_cipher_suite(wpa_s, cs, cs_len);
+}
+
+
+static int wpas_enable_controlled_port(void *wpa_s, Boolean enabled)
+{
+       return wpa_drv_enable_controlled_port(wpa_s, enabled);
+}
+
+
+static int wpas_get_receive_lowest_pn(void *wpa_s, u32 channel,
+                                     u8 an, u32 *lowest_pn)
+{
+       return wpa_drv_get_receive_lowest_pn(wpa_s, channel, an, lowest_pn);
+}
+
+
+static int wpas_get_transmit_next_pn(void *wpa_s, u32 channel,
+                                     u8 an, u32 *next_pn)
+{
+       return wpa_drv_get_transmit_next_pn(wpa_s, channel, an, next_pn);
+}
+
+
+static int wpas_set_transmit_next_pn(void *wpa_s, u32 channel,
+                                     u8 an, u32 next_pn)
+{
+       return wpa_drv_set_transmit_next_pn(wpa_s, channel, an, next_pn);
+}
+
+
+static int wpas_get_available_receive_sc(void *wpa_s, u32 *channel)
+{
+       return wpa_drv_get_available_receive_sc(wpa_s, channel);
+}
+
+
+static unsigned int conf_offset_val(enum confidentiality_offset co)
+{
+       switch (co) {
+       case CONFIDENTIALITY_OFFSET_30:
+               return 30;
+               break;
+       case CONFIDENTIALITY_OFFSET_50:
+               return 50;
+       default:
+               return 0;
+       }
+}
+
+
+static int wpas_create_receive_sc(void *wpa_s, u32 channel,
+                                 struct ieee802_1x_mka_sci *sci,
+                                 enum validate_frames vf,
+                                 enum confidentiality_offset co)
+{
+       return wpa_drv_create_receive_sc(wpa_s, channel, sci->addr, sci->port,
+                                        conf_offset_val(co), vf);
+}
+
+
+static int wpas_delete_receive_sc(void *wpa_s, u32 channel)
+{
+       return wpa_drv_delete_receive_sc(wpa_s, channel);
+}
+
+
+static int wpas_create_receive_sa(void *wpa_s, u32 channel, u8 an,
+                                 u32 lowest_pn, const u8 *sak)
+{
+       return wpa_drv_create_receive_sa(wpa_s, channel, an, lowest_pn, sak);
+}
+
+
+static int wpas_enable_receive_sa(void *wpa_s, u32 channel, u8 an)
+{
+       return wpa_drv_enable_receive_sa(wpa_s, channel, an);
+}
+
+
+static int wpas_disable_receive_sa(void *wpa_s, u32 channel, u8 an)
+{
+       return wpa_drv_disable_receive_sa(wpa_s, channel, an);
+}
+
+
+static int wpas_get_available_transmit_sc(void *wpa_s, u32 *channel)
+{
+       return wpa_drv_get_available_transmit_sc(wpa_s, channel);
+}
+
+
+static int
+wpas_create_transmit_sc(void *wpa_s, u32 channel,
+                       const struct ieee802_1x_mka_sci *sci,
+                       enum confidentiality_offset co)
+{
+       return wpa_drv_create_transmit_sc(wpa_s, channel, sci->addr, sci->port,
+                                         conf_offset_val(co));
+}
+
+
+static int wpas_delete_transmit_sc(void *wpa_s, u32 channel)
+{
+       return wpa_drv_delete_transmit_sc(wpa_s, channel);
+}
+
+
+static int wpas_create_transmit_sa(void *wpa_s, u32 channel, u8 an,
+                                  u32 next_pn, Boolean confidentiality,
+                                  const u8 *sak)
+{
+       return wpa_drv_create_transmit_sa(wpa_s, channel, an, next_pn,
+                                         confidentiality, sak);
+}
+
+
+static int wpas_enable_transmit_sa(void *wpa_s, u32 channel, u8 an)
+{
+       return wpa_drv_enable_transmit_sa(wpa_s, channel, an);
+}
+
+
+static int wpas_disable_transmit_sa(void *wpa_s, u32 channel, u8 an)
+{
+       return wpa_drv_disable_transmit_sa(wpa_s, channel, an);
+}
+
+
+int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
+{
+       struct ieee802_1x_kay_ctx *kay_ctx;
+       struct ieee802_1x_kay *res = NULL;
+       enum macsec_policy policy;
+
+       ieee802_1x_dealloc_kay_sm(wpa_s);
+
+       if (!ssid || ssid->macsec_policy == 0)
+               return 0;
+
+       policy = ssid->macsec_policy == 1 ? SHOULD_SECURE : DO_NOT_SECURE;
+
+       kay_ctx = os_zalloc(sizeof(*kay_ctx));
+       if (!kay_ctx)
+               return -1;
+
+       kay_ctx->ctx = wpa_s;
+
+       kay_ctx->macsec_init = wpas_macsec_init;
+       kay_ctx->macsec_deinit = wpas_macsec_deinit;
+       kay_ctx->enable_protect_frames = wpas_enable_protect_frames;
+       kay_ctx->set_replay_protect = wpas_set_replay_protect;
+       kay_ctx->set_current_cipher_suite = wpas_set_current_cipher_suite;
+       kay_ctx->enable_controlled_port = wpas_enable_controlled_port;
+       kay_ctx->get_receive_lowest_pn = wpas_get_receive_lowest_pn;
+       kay_ctx->get_transmit_next_pn = wpas_get_transmit_next_pn;
+       kay_ctx->set_transmit_next_pn = wpas_set_transmit_next_pn;
+       kay_ctx->get_available_receive_sc = wpas_get_available_receive_sc;
+       kay_ctx->create_receive_sc = wpas_create_receive_sc;
+       kay_ctx->delete_receive_sc = wpas_delete_receive_sc;
+       kay_ctx->create_receive_sa = wpas_create_receive_sa;
+       kay_ctx->enable_receive_sa = wpas_enable_receive_sa;
+       kay_ctx->disable_receive_sa = wpas_disable_receive_sa;
+       kay_ctx->get_available_transmit_sc = wpas_get_available_transmit_sc;
+       kay_ctx->create_transmit_sc = wpas_create_transmit_sc;
+       kay_ctx->delete_transmit_sc = wpas_delete_transmit_sc;
+       kay_ctx->create_transmit_sa = wpas_create_transmit_sa;
+       kay_ctx->enable_transmit_sa = wpas_enable_transmit_sa;
+       kay_ctx->disable_transmit_sa = wpas_disable_transmit_sa;
+
+       res = ieee802_1x_kay_init(kay_ctx, policy, wpa_s->ifname,
+                                 wpa_s->own_addr);
+       if (res == NULL) {
+               os_free(kay_ctx);
+               return -1;
+       }
+
+       wpa_s->kay = res;
+
+       return 0;
+}
+
+
+void ieee802_1x_dealloc_kay_sm(struct wpa_supplicant *wpa_s)
+{
+       if (!wpa_s->kay)
+               return;
+
+       ieee802_1x_kay_deinit(wpa_s->kay);
+       wpa_s->kay = NULL;
+}
+
+
+static int ieee802_1x_auth_get_session_id(struct wpa_supplicant *wpa_s,
+                                         const u8 *addr, u8 *sid, size_t *len)
+{
+       const u8 *session_id;
+       size_t id_len, need_len;
+
+       session_id = eapol_sm_get_session_id(wpa_s->eapol, &id_len);
+       if (session_id == NULL) {
+               wpa_printf(MSG_DEBUG,
+                          "Failed to get SessionID from EAPOL state machines");
+               return -1;
+       }
+
+       need_len = 1 + 2 * SSL3_RANDOM_SIZE;
+       if (need_len > id_len) {
+               wpa_printf(MSG_DEBUG, "EAP Session-Id not long enough");
+               return -1;
+       }
+
+       os_memcpy(sid, session_id, need_len);
+       *len = need_len;
+
+       return 0;
+}
+
+
+static int ieee802_1x_auth_get_msk(struct wpa_supplicant *wpa_s, const u8 *addr,
+                                  u8 *msk, size_t *len)
+{
+       u8 key[EAP_MSK_LEN];
+       size_t keylen;
+       struct eapol_sm *sm;
+       int res;
+
+       sm = wpa_s->eapol;
+       if (sm == NULL)
+               return -1;
+
+       keylen = EAP_MSK_LEN;
+       res = eapol_sm_get_key(sm, key, keylen);
+       if (res) {
+               wpa_printf(MSG_DEBUG,
+                          "Failed to get MSK from EAPOL state machines");
+               return -1;
+       }
+
+       if (keylen > *len)
+               keylen = *len;
+       os_memcpy(msk, key, keylen);
+       *len = keylen;
+
+       return 0;
+}
+
+
+void * ieee802_1x_notify_create_actor(struct wpa_supplicant *wpa_s,
+                                     const u8 *peer_addr)
+{
+       u8 *sid;
+       size_t sid_len = 128;
+       struct mka_key_name *ckn;
+       struct mka_key *cak;
+       struct mka_key *msk;
+       void *res = NULL;
+
+       if (!wpa_s->kay || wpa_s->kay->policy == DO_NOT_SECURE)
+               return NULL;
+
+       wpa_printf(MSG_DEBUG,
+                  "IEEE 802.1X: External notification - Create MKA for "
+                  MACSTR, MAC2STR(peer_addr));
+
+       msk = os_zalloc(sizeof(*msk));
+       sid = os_zalloc(sid_len);
+       ckn = os_zalloc(sizeof(*ckn));
+       cak = os_zalloc(sizeof(*cak));
+       if (!msk || !sid || !ckn || !cak)
+               goto fail;
+
+       msk->len = DEFAULT_KEY_LEN;
+       if (ieee802_1x_auth_get_msk(wpa_s, wpa_s->bssid, msk->key, &msk->len)) {
+               wpa_printf(MSG_ERROR, "IEEE 802.1X: Could not get MSK");
+               goto fail;
+       }
+
+       if (ieee802_1x_auth_get_session_id(wpa_s, wpa_s->bssid, sid, &sid_len))
+       {
+               wpa_printf(MSG_ERROR,
+                          "IEEE 802.1X: Could not get EAP Session Id");
+               goto fail;
+       }
+
+       /* Derive CAK from MSK */
+       cak->len = DEFAULT_KEY_LEN;
+       if (ieee802_1x_cak_128bits_aes_cmac(msk->key, wpa_s->own_addr,
+                                           peer_addr, cak->key)) {
+               wpa_printf(MSG_ERROR,
+                          "IEEE 802.1X: Deriving CAK failed");
+               goto fail;
+       }
+       wpa_hexdump_key(MSG_DEBUG, "Derived CAK", cak->key, cak->len);
+
+       /* Derive CKN from MSK */
+       ckn->len = DEFAULT_CKN_LEN;
+       if (ieee802_1x_ckn_128bits_aes_cmac(msk->key, wpa_s->own_addr,
+                                           peer_addr, sid, sid_len,
+                                           ckn->name)) {
+               wpa_printf(MSG_ERROR,
+                          "IEEE 802.1X: Deriving CKN failed");
+               goto fail;
+       }
+       wpa_hexdump(MSG_DEBUG, "Derived CKN", ckn->name, ckn->len);
+
+       res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0,
+                                       EAP_EXCHANGE, FALSE);
+
+fail:
+       if (msk) {
+               os_memset(msk, 0, sizeof(*msk));
+               os_free(msk);
+       }
+       os_free(sid);
+       os_free(ckn);
+       if (cak) {
+               os_memset(cak, 0, sizeof(*cak));
+               os_free(cak);
+       }
+
+       return res;
+}

diff --git a/wpa_supplicant/wpas_kay.h b/wpa_supplicant/wpas_kay.h
new file mode 100644 (file)
index 0000000..b7236d0
--- /dev/null
+++ b/wpa_supplicant/wpas_kay.h
@@ -0,0 +1,41 @@
+/*
+ * IEEE 802.1X-2010 KaY Interface
+ * Copyright (c) 2013-2014, Qualcomm Atheros, Inc.
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+
+#ifndef WPAS_KAY_H
+#define WPAS_KAY_H
+
+#ifdef CONFIG_MACSEC
+
+int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s,
+                           struct wpa_ssid *ssid);
+void * ieee802_1x_notify_create_actor(struct wpa_supplicant *wpa_s,
+                                     const u8 *peer_addr);
+void ieee802_1x_dealloc_kay_sm(struct wpa_supplicant *wpa_s);
+
+#else /* CONFIG_MACSEC */
+
+static inline int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s,
+                                         struct wpa_ssid *ssid)
+{
+       return 0;
+}
+
+static inline void *
+ieee802_1x_notify_create_actor(struct wpa_supplicant *wpa_s,
+                              const u8 *peer_addr)
+{
+       return NULL;
+}
+
+static inline void ieee802_1x_dealloc_kay_sm(struct wpa_supplicant *wpa_s)
+{
+}
+
+#endif /* CONFIG_MACSEC */
+
+#endif /* WPAS_KAY_H */