xref: /freebsd/contrib/wpa/src/ap/wpa_auth_kay.c (revision 7fdf597e96a02165cfe22ff357b857d5fa15ed8a)
1 /*
2  * IEEE 802.1X-2010 KaY Interface
3  * Copyright (c) 2019, The Linux Foundation
4  *
5  * This software may be distributed under the terms of the BSD license.
6  * See README for more details.
7  */
8 
9 #include "utils/includes.h"
10 
11 #include "utils/common.h"
12 #include "pae/ieee802_1x_key.h"
13 #include "pae/ieee802_1x_kay.h"
14 #include "hostapd.h"
15 #include "sta_info.h"
16 #include "wpa_auth_kay.h"
17 #include "ieee802_1x.h"
18 
19 
20 #define DEFAULT_KEY_LEN		16
21 /* secure Connectivity Association Key Name (CKN) */
22 #define DEFAULT_CKN_LEN		16
23 
24 
25 static int hapd_macsec_init(void *priv, struct macsec_init_params *params)
26 {
27 	struct hostapd_data *hapd = priv;
28 
29 	if (!hapd->driver->macsec_init)
30 		return -1;
31 	return hapd->driver->macsec_init(hapd->drv_priv, params);
32 }
33 
34 
35 static int hapd_macsec_deinit(void *priv)
36 {
37 	struct hostapd_data *hapd = priv;
38 
39 	if (!hapd->driver->macsec_deinit)
40 		return -1;
41 	return hapd->driver->macsec_deinit(hapd->drv_priv);
42 }
43 
44 
45 static int hapd_macsec_get_capability(void *priv, enum macsec_cap *cap)
46 {
47 	struct hostapd_data *hapd = priv;
48 
49 	if (!hapd->driver->macsec_get_capability)
50 		return -1;
51 	return hapd->driver->macsec_get_capability(hapd->drv_priv, cap);
52 }
53 
54 
55 static int hapd_enable_protect_frames(void *priv, bool enabled)
56 {
57 	struct hostapd_data *hapd = priv;
58 
59 	if (!hapd->driver->enable_protect_frames)
60 		return -1;
61 	return hapd->driver->enable_protect_frames(hapd->drv_priv, enabled);
62 }
63 
64 
65 static int hapd_enable_encrypt(void *priv, bool enabled)
66 {
67 	struct hostapd_data *hapd = priv;
68 
69 	if (!hapd->driver->enable_encrypt)
70 		return -1;
71 	return hapd->driver->enable_encrypt(hapd->drv_priv, enabled);
72 }
73 
74 
75 static int hapd_set_replay_protect(void *priv, bool enabled, u32 window)
76 {
77 	struct hostapd_data *hapd = priv;
78 
79 	if (!hapd->driver->set_replay_protect)
80 		return -1;
81 	return hapd->driver->set_replay_protect(hapd->drv_priv, enabled,
82 						 window);
83 }
84 
85 
86 static int hapd_set_current_cipher_suite(void *priv, u64 cs)
87 {
88 	struct hostapd_data *hapd = priv;
89 
90 	if (!hapd->driver->set_current_cipher_suite)
91 		return -1;
92 	return hapd->driver->set_current_cipher_suite(hapd->drv_priv, cs);
93 }
94 
95 
96 static int hapd_enable_controlled_port(void *priv, bool enabled)
97 {
98 	struct hostapd_data *hapd = priv;
99 
100 	if (!hapd->driver->enable_controlled_port)
101 		return -1;
102 	return hapd->driver->enable_controlled_port(hapd->drv_priv, enabled);
103 }
104 
105 
106 static int hapd_get_receive_lowest_pn(void *priv, struct receive_sa *sa)
107 {
108 	struct hostapd_data *hapd = priv;
109 
110 	if (!hapd->driver->get_receive_lowest_pn)
111 		return -1;
112 	return hapd->driver->get_receive_lowest_pn(hapd->drv_priv, sa);
113 }
114 
115 
116 static int hapd_get_transmit_next_pn(void *priv, struct transmit_sa *sa)
117 {
118 	struct hostapd_data *hapd = priv;
119 
120 	if (!hapd->driver->get_transmit_next_pn)
121 		return -1;
122 	return hapd->driver->get_transmit_next_pn(hapd->drv_priv, sa);
123 }
124 
125 
126 static int hapd_set_transmit_next_pn(void *priv, struct transmit_sa *sa)
127 {
128 	struct hostapd_data *hapd = priv;
129 
130 	if (!hapd->driver->set_transmit_next_pn)
131 		return -1;
132 	return hapd->driver->set_transmit_next_pn(hapd->drv_priv, sa);
133 }
134 
135 
136 static unsigned int conf_offset_val(enum confidentiality_offset co)
137 {
138 	switch (co) {
139 	case CONFIDENTIALITY_OFFSET_30:
140 		return 30;
141 	case CONFIDENTIALITY_OFFSET_50:
142 		return 50;
143 	default:
144 		return 0;
145 	}
146 }
147 
148 
149 static int hapd_create_receive_sc(void *priv, struct receive_sc *sc,
150 				  enum validate_frames vf,
151 				  enum confidentiality_offset co)
152 {
153 	struct hostapd_data *hapd = priv;
154 
155 	if (!hapd->driver->create_receive_sc)
156 		return -1;
157 	return hapd->driver->create_receive_sc(hapd->drv_priv, sc,
158 					       conf_offset_val(co), vf);
159 }
160 
161 
162 static int hapd_delete_receive_sc(void *priv, struct receive_sc *sc)
163 {
164 	struct hostapd_data *hapd = priv;
165 
166 	if (!hapd->driver->delete_receive_sc)
167 		return -1;
168 	return hapd->driver->delete_receive_sc(hapd->drv_priv, sc);
169 }
170 
171 
172 static int hapd_create_receive_sa(void *priv, struct receive_sa *sa)
173 {
174 	struct hostapd_data *hapd = priv;
175 
176 	if (!hapd->driver->create_receive_sa)
177 		return -1;
178 	return hapd->driver->create_receive_sa(hapd->drv_priv, sa);
179 }
180 
181 
182 static int hapd_delete_receive_sa(void *priv, struct receive_sa *sa)
183 {
184 	struct hostapd_data *hapd = priv;
185 
186 	if (!hapd->driver->delete_receive_sa)
187 		return -1;
188 	return hapd->driver->delete_receive_sa(hapd->drv_priv, sa);
189 }
190 
191 
192 static int hapd_enable_receive_sa(void *priv, struct receive_sa *sa)
193 {
194 	struct hostapd_data *hapd = priv;
195 
196 	if (!hapd->driver->enable_receive_sa)
197 		return -1;
198 	return hapd->driver->enable_receive_sa(hapd->drv_priv, sa);
199 }
200 
201 
202 static int hapd_disable_receive_sa(void *priv, struct receive_sa *sa)
203 {
204 	struct hostapd_data *hapd = priv;
205 
206 	if (!hapd->driver->disable_receive_sa)
207 		return -1;
208 	return hapd->driver->disable_receive_sa(hapd->drv_priv, sa);
209 }
210 
211 
212 static int
213 hapd_create_transmit_sc(void *priv, struct transmit_sc *sc,
214 			enum confidentiality_offset co)
215 {
216 	struct hostapd_data *hapd = priv;
217 
218 	if (!hapd->driver->create_transmit_sc)
219 		return -1;
220 	return hapd->driver->create_transmit_sc(hapd->drv_priv, sc,
221 						conf_offset_val(co));
222 }
223 
224 
225 static int hapd_delete_transmit_sc(void *priv, struct transmit_sc *sc)
226 {
227 	struct hostapd_data *hapd = priv;
228 
229 	if (!hapd->driver->delete_transmit_sc)
230 		return -1;
231 	return hapd->driver->delete_transmit_sc(hapd->drv_priv, sc);
232 }
233 
234 
235 static int hapd_create_transmit_sa(void *priv, struct transmit_sa *sa)
236 {
237 	struct hostapd_data *hapd = priv;
238 
239 	if (!hapd->driver->create_transmit_sa)
240 		return -1;
241 	return hapd->driver->create_transmit_sa(hapd->drv_priv, sa);
242 }
243 
244 
245 static int hapd_delete_transmit_sa(void *priv, struct transmit_sa *sa)
246 {
247 	struct hostapd_data *hapd = priv;
248 
249 	if (!hapd->driver->delete_transmit_sa)
250 		return -1;
251 	return hapd->driver->delete_transmit_sa(hapd->drv_priv, sa);
252 }
253 
254 
255 static int hapd_enable_transmit_sa(void *priv, struct transmit_sa *sa)
256 {
257 	struct hostapd_data *hapd = priv;
258 
259 	if (!hapd->driver->enable_transmit_sa)
260 		return -1;
261 	return hapd->driver->enable_transmit_sa(hapd->drv_priv, sa);
262 }
263 
264 
265 static int hapd_disable_transmit_sa(void *priv, struct transmit_sa *sa)
266 {
267 	struct hostapd_data *hapd = priv;
268 
269 	if (!hapd->driver->disable_transmit_sa)
270 		return -1;
271 	return hapd->driver->disable_transmit_sa(hapd->drv_priv, sa);
272 }
273 
274 
275 int ieee802_1x_alloc_kay_sm_hapd(struct hostapd_data *hapd,
276 				 struct sta_info *sta)
277 {
278 	struct ieee802_1x_kay_ctx *kay_ctx;
279 	struct ieee802_1x_kay *res = NULL;
280 	enum macsec_policy policy;
281 
282 	ieee802_1x_dealloc_kay_sm_hapd(hapd);
283 
284 	if (!hapd->conf || hapd->conf->macsec_policy == 0)
285 		return 0;
286 
287 	if (hapd->conf->macsec_policy == 1) {
288 		if (hapd->conf->macsec_integ_only == 1)
289 			policy = SHOULD_SECURE;
290 		else
291 			policy = SHOULD_ENCRYPT;
292 	} else {
293 		policy = DO_NOT_SECURE;
294 	}
295 
296 	wpa_printf(MSG_DEBUG, "%s: if_name=%s", __func__, hapd->conf->iface);
297 	kay_ctx = os_zalloc(sizeof(*kay_ctx));
298 	if (!kay_ctx)
299 		return -1;
300 
301 	kay_ctx->ctx = hapd;
302 
303 	kay_ctx->macsec_init = hapd_macsec_init;
304 	kay_ctx->macsec_deinit = hapd_macsec_deinit;
305 	kay_ctx->macsec_get_capability = hapd_macsec_get_capability;
306 	kay_ctx->enable_protect_frames = hapd_enable_protect_frames;
307 	kay_ctx->enable_encrypt = hapd_enable_encrypt;
308 	kay_ctx->set_replay_protect = hapd_set_replay_protect;
309 	kay_ctx->set_current_cipher_suite = hapd_set_current_cipher_suite;
310 	kay_ctx->enable_controlled_port = hapd_enable_controlled_port;
311 	kay_ctx->get_receive_lowest_pn = hapd_get_receive_lowest_pn;
312 	kay_ctx->get_transmit_next_pn = hapd_get_transmit_next_pn;
313 	kay_ctx->set_transmit_next_pn = hapd_set_transmit_next_pn;
314 	kay_ctx->create_receive_sc = hapd_create_receive_sc;
315 	kay_ctx->delete_receive_sc = hapd_delete_receive_sc;
316 	kay_ctx->create_receive_sa = hapd_create_receive_sa;
317 	kay_ctx->delete_receive_sa = hapd_delete_receive_sa;
318 	kay_ctx->enable_receive_sa = hapd_enable_receive_sa;
319 	kay_ctx->disable_receive_sa = hapd_disable_receive_sa;
320 	kay_ctx->create_transmit_sc = hapd_create_transmit_sc;
321 	kay_ctx->delete_transmit_sc = hapd_delete_transmit_sc;
322 	kay_ctx->create_transmit_sa = hapd_create_transmit_sa;
323 	kay_ctx->delete_transmit_sa = hapd_delete_transmit_sa;
324 	kay_ctx->enable_transmit_sa = hapd_enable_transmit_sa;
325 	kay_ctx->disable_transmit_sa = hapd_disable_transmit_sa;
326 
327 	res = ieee802_1x_kay_init(kay_ctx, policy,
328 				  hapd->conf->macsec_replay_protect,
329 				  hapd->conf->macsec_replay_window,
330 				  hapd->conf->macsec_offload,
331 				  hapd->conf->macsec_port,
332 				  hapd->conf->mka_priority,
333 				  hapd->conf->macsec_csindex,
334 				  hapd->conf->iface,
335 				  hapd->own_addr);
336 	/* ieee802_1x_kay_init() frees kay_ctx on failure */
337 	if (!res)
338 		return -1;
339 
340 	hapd->kay = res;
341 
342 	return 0;
343 }
344 
345 
346 void ieee802_1x_dealloc_kay_sm_hapd(struct hostapd_data *hapd)
347 {
348 	if (!hapd->kay)
349 		return;
350 
351 	ieee802_1x_kay_deinit(hapd->kay);
352 	hapd->kay = NULL;
353 }
354 
355 
356 static int ieee802_1x_auth_get_msk(struct hostapd_data *hapd,
357 				   struct sta_info *sta, u8 *msk, size_t *len)
358 {
359 	const u8 *key;
360 	size_t keylen;
361 
362 	if (!sta->eapol_sm)
363 		return -1;
364 
365 	key = ieee802_1x_get_key(sta->eapol_sm, &keylen);
366 	if (key == NULL) {
367 		wpa_printf(MSG_DEBUG,
368 			   "MACsec: Failed to get MSK from EAPOL state machines");
369 		return -1;
370 	}
371 	wpa_printf(MSG_DEBUG, "MACsec: Successfully fetched key (len=%lu)",
372 		   (unsigned long) keylen);
373 	wpa_hexdump_key(MSG_DEBUG, "MSK: ", key, keylen);
374 
375 	if (keylen > *len)
376 		keylen = *len;
377 	os_memcpy(msk, key, keylen);
378 	*len = keylen;
379 
380 	return 0;
381 }
382 
383 
384 void * ieee802_1x_notify_create_actor_hapd(struct hostapd_data *hapd,
385 					   struct sta_info *sta)
386 {
387 	const u8 *sid;
388 	size_t sid_len;
389 	struct mka_key_name *ckn;
390 	struct mka_key *cak;
391 	struct mka_key *msk;
392 	void *res = NULL;
393 
394 	if (!hapd->kay || hapd->kay->policy == DO_NOT_SECURE)
395 		return NULL;
396 
397 	wpa_printf(MSG_DEBUG,
398 		   "IEEE 802.1X: External notification - Create MKA for "
399 		   MACSTR, MAC2STR(sta->addr));
400 
401 	msk = os_zalloc(sizeof(*msk));
402 	ckn = os_zalloc(sizeof(*ckn));
403 	cak = os_zalloc(sizeof(*cak));
404 	if (!msk || !ckn || !cak)
405 		goto fail;
406 
407 	msk->len = DEFAULT_KEY_LEN;
408 	if (ieee802_1x_auth_get_msk(hapd, sta, msk->key, &msk->len)) {
409 		wpa_printf(MSG_ERROR, "IEEE 802.1X: Could not get MSK");
410 		goto fail;
411 	}
412 
413 	sid = ieee802_1x_get_session_id(sta->eapol_sm, &sid_len);
414 	if (!sid) {
415 		wpa_printf(MSG_ERROR,
416 			   "IEEE 802.1X: Could not get EAP Session Id");
417 		goto fail;
418 	}
419 
420 	wpa_hexdump(MSG_DEBUG, "own_addr", hapd->own_addr, ETH_ALEN);
421 	wpa_hexdump(MSG_DEBUG, "sta_addr", sta->addr, ETH_ALEN);
422 
423 	/* Derive CAK from MSK */
424 	cak->len = DEFAULT_KEY_LEN;
425 	if (ieee802_1x_cak_aes_cmac(msk->key, msk->len, hapd->own_addr,
426 				    sta->addr, cak->key, cak->len)) {
427 		wpa_printf(MSG_ERROR, "IEEE 802.1X: Deriving CAK failed");
428 		goto fail;
429 	}
430 	wpa_hexdump_key(MSG_DEBUG, "Derived CAK", cak->key, cak->len);
431 
432 	/* Derive CKN from MSK */
433 	ckn->len = DEFAULT_CKN_LEN;
434 	if (ieee802_1x_ckn_aes_cmac(msk->key, msk->len, hapd->own_addr,
435 				    sta->addr, sid, sid_len, ckn->name)) {
436 		wpa_printf(MSG_ERROR, "IEEE 802.1X: Deriving CKN failed");
437 		goto fail;
438 	}
439 	wpa_hexdump(MSG_DEBUG, "Derived CKN", ckn->name, ckn->len);
440 
441 	res = ieee802_1x_kay_create_mka(hapd->kay, ckn, cak, 0, EAP_EXCHANGE,
442 					true);
443 
444 fail:
445 	bin_clear_free(msk, sizeof(*msk));
446 	os_free(ckn);
447 	bin_clear_free(cak, sizeof(*cak));
448 
449 	return res;
450 }
451 
452 
453 void * ieee802_1x_create_preshared_mka_hapd(struct hostapd_data *hapd,
454 					    struct sta_info *sta)
455 {
456 	struct mka_key *cak;
457 	struct mka_key_name *ckn;
458 	void *res = NULL;
459 
460 	if ((hapd->conf->mka_psk_set & MKA_PSK_SET) != MKA_PSK_SET)
461 		goto end;
462 
463 	ckn = os_zalloc(sizeof(*ckn));
464 	if (!ckn)
465 		goto end;
466 
467 	cak = os_zalloc(sizeof(*cak));
468 	if (!cak)
469 		goto free_ckn;
470 
471 	if (ieee802_1x_alloc_kay_sm_hapd(hapd, sta) < 0 || !hapd->kay)
472 		goto free_cak;
473 
474 	if (hapd->kay->policy == DO_NOT_SECURE)
475 		goto dealloc;
476 
477 	cak->len = hapd->conf->mka_cak_len;
478 	os_memcpy(cak->key, hapd->conf->mka_cak, cak->len);
479 
480 	ckn->len = hapd->conf->mka_ckn_len;;
481 	os_memcpy(ckn->name, hapd->conf->mka_ckn, ckn->len);
482 
483 	res = ieee802_1x_kay_create_mka(hapd->kay, ckn, cak, 0, PSK, true);
484 	if (res)
485 		goto free_cak;
486 
487 dealloc:
488 	/* Failed to create MKA */
489 	ieee802_1x_dealloc_kay_sm_hapd(hapd);
490 free_cak:
491 	os_free(cak);
492 free_ckn:
493 	os_free(ckn);
494 end:
495 	return res;
496 }
497