1 /* 2 * IEEE 802.1X-2010 Key Agree Protocol of PAE state machine 3 * Copyright (c) 2013, Qualcomm Atheros, Inc. 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #ifndef IEEE802_1X_KAY_I_H 10 #define IEEE802_1X_KAY_I_H 11 12 #include "utils/list.h" 13 #include "common/defs.h" 14 #include "common/ieee802_1x_defs.h" 15 16 #define MKA_VERSION_ID 1 17 18 /* IEEE Std 802.1X-2010, 11.11.1, Table 11-7 */ 19 enum mka_packet_type { 20 MKA_BASIC_PARAMETER_SET = MKA_VERSION_ID, 21 MKA_LIVE_PEER_LIST = 1, 22 MKA_POTENTIAL_PEER_LIST = 2, 23 MKA_SAK_USE = 3, 24 MKA_DISTRIBUTED_SAK = 4, 25 MKA_DISTRIBUTED_CAK = 5, 26 MKA_KMD = 6, 27 MKA_ANNOUNCEMENT = 7, 28 MKA_ICV_INDICATOR = 255 29 }; 30 31 #define ICV_LEN 16 /* 16 bytes */ 32 #define SAK_WRAPPED_LEN 24 33 /* KN + Wrapper SAK */ 34 #define DEFAULT_DIS_SAK_BODY_LENGTH (SAK_WRAPPED_LEN + 4) 35 #define MAX_RETRY_CNT 5 36 37 struct ieee802_1x_kay; 38 39 struct ieee802_1x_mka_peer_id { 40 u8 mi[MI_LEN]; 41 be32 mn; 42 }; 43 44 struct ieee802_1x_kay_peer { 45 struct ieee802_1x_mka_sci sci; 46 u8 mi[MI_LEN]; 47 u32 mn; 48 time_t expire; 49 Boolean is_key_server; 50 u8 key_server_priority; 51 Boolean macsec_desired; 52 enum macsec_cap macsec_capability; 53 Boolean sak_used; 54 struct dl_list list; 55 }; 56 57 struct data_key { 58 u8 *key; 59 int key_len; 60 struct ieee802_1x_mka_ki key_identifier; 61 enum confidentiality_offset confidentiality_offset; 62 u8 an; 63 Boolean transmits; 64 Boolean receives; 65 struct os_time created_time; 66 u32 next_pn; 67 68 /* not defined data */ 69 Boolean rx_latest; 70 Boolean tx_latest; 71 72 int user; /* FIXME: to indicate if it can be delete safely */ 73 74 struct dl_list list; 75 }; 76 77 /* TransmitSC in IEEE Std 802.1AE-2006, Figure 10-6 */ 78 struct transmit_sc { 79 struct ieee802_1x_mka_sci sci; /* const SCI sci */ 80 Boolean transmitting; /* bool transmitting (read only) */ 81 82 struct os_time created_time; /* Time createdTime */ 83 84 u8 encoding_sa; /* AN encodingSA (read only) */ 85 u8 enciphering_sa; /* AN encipheringSA (read only) */ 86 87 /* not defined data */ 88 unsigned int channel; 89 90 struct dl_list list; 91 struct dl_list sa_list; 92 }; 93 94 /* TransmitSA in IEEE Std 802.1AE-2006, Figure 10-6 */ 95 struct transmit_sa { 96 Boolean in_use; /* bool inUse (read only) */ 97 u32 next_pn; /* PN nextPN (read only) */ 98 struct os_time created_time; /* Time createdTime */ 99 100 Boolean enable_transmit; /* bool EnableTransmit */ 101 102 u8 an; 103 Boolean confidentiality; 104 struct data_key *pkey; 105 106 struct transmit_sc *sc; 107 struct dl_list list; /* list entry in struct transmit_sc::sa_list */ 108 }; 109 110 /* ReceiveSC in IEEE Std 802.1AE-2006, Figure 10-6 */ 111 struct receive_sc { 112 struct ieee802_1x_mka_sci sci; /* const SCI sci */ 113 Boolean receiving; /* bool receiving (read only) */ 114 115 struct os_time created_time; /* Time createdTime */ 116 117 unsigned int channel; 118 119 struct dl_list list; 120 struct dl_list sa_list; 121 }; 122 123 /* ReceiveSA in IEEE Std 802.1AE-2006, Figure 10-6 */ 124 struct receive_sa { 125 Boolean enable_receive; /* bool enableReceive */ 126 Boolean in_use; /* bool inUse (read only) */ 127 128 u32 next_pn; /* PN nextPN (read only) */ 129 u32 lowest_pn; /* PN lowestPN (read only) */ 130 u8 an; 131 struct os_time created_time; 132 133 struct data_key *pkey; 134 struct receive_sc *sc; /* list entry in struct receive_sc::sa_list */ 135 136 struct dl_list list; 137 }; 138 139 struct macsec_ciphersuite { 140 u64 id; 141 char name[32]; 142 enum macsec_cap capable; 143 int sak_len; /* unit: byte */ 144 145 u32 index; 146 }; 147 148 struct mka_alg { 149 u8 parameter[4]; 150 size_t cak_len; 151 size_t kek_len; 152 size_t ick_len; 153 size_t icv_len; 154 155 int (*cak_trfm)(const u8 *msk, const u8 *mac1, const u8 *mac2, u8 *cak); 156 int (*ckn_trfm)(const u8 *msk, const u8 *mac1, const u8 *mac2, 157 const u8 *sid, size_t sid_len, u8 *ckn); 158 int (*kek_trfm)(const u8 *cak, const u8 *ckn, size_t ckn_len, u8 *kek); 159 int (*ick_trfm)(const u8 *cak, const u8 *ckn, size_t ckn_len, u8 *ick); 160 int (*icv_hash)(const u8 *ick, const u8 *msg, size_t msg_len, u8 *icv); 161 162 int index; /* index for configuring */ 163 }; 164 165 #define DEFAULT_MKA_ALG_INDEX 0 166 167 /* See IEEE Std 802.1X-2010, 9.16 MKA management */ 168 struct ieee802_1x_mka_participant { 169 /* used for active and potential participant */ 170 struct mka_key_name ckn; 171 struct mka_key cak; 172 Boolean cached; 173 174 /* used by management to monitor and control activation */ 175 Boolean active; 176 Boolean participant; 177 Boolean retain; 178 179 enum { DEFAULT, DISABLED, ON_OPER_UP, ALWAYS } activate; 180 181 /* used for active participant */ 182 Boolean principal; 183 struct dl_list live_peers; 184 struct dl_list potential_peers; 185 186 /* not defined in IEEE 802.1X */ 187 struct dl_list list; 188 189 struct mka_key kek; 190 struct mka_key ick; 191 192 struct ieee802_1x_mka_ki lki; 193 u8 lan; 194 Boolean ltx; 195 Boolean lrx; 196 197 struct ieee802_1x_mka_ki oki; 198 u8 oan; 199 Boolean otx; 200 Boolean orx; 201 202 Boolean is_key_server; 203 Boolean is_obliged_key_server; 204 Boolean can_be_key_server; 205 Boolean is_elected; 206 207 struct dl_list sak_list; 208 struct dl_list rxsc_list; 209 210 struct transmit_sc *txsc; 211 212 u8 mi[MI_LEN]; 213 u32 mn; 214 215 struct ieee802_1x_mka_peer_id current_peer_id; 216 struct ieee802_1x_mka_sci current_peer_sci; 217 time_t cak_life; 218 time_t mka_life; 219 Boolean to_dist_sak; 220 Boolean to_use_sak; 221 Boolean new_sak; 222 223 Boolean advised_desired; 224 enum macsec_cap advised_capability; 225 226 struct data_key *new_key; 227 u32 retry_count; 228 229 struct ieee802_1x_kay *kay; 230 }; 231 232 struct ieee802_1x_mka_hdr { 233 /* octet 1 */ 234 u8 type; 235 /* octet 2 */ 236 u8 reserve; 237 /* octet 3 */ 238 #if __BYTE_ORDER == __LITTLE_ENDIAN 239 u8 length:4; 240 u8 reserve1:4; 241 #elif __BYTE_ORDER == __BIG_ENDIAN 242 u8 reserve1:4; 243 u8 length:4; 244 #else 245 #error "Please fix <bits/endian.h>" 246 #endif 247 /* octet 4 */ 248 u8 length1; 249 }; 250 251 #define MKA_HDR_LEN sizeof(struct ieee802_1x_mka_hdr) 252 253 struct ieee802_1x_mka_basic_body { 254 /* octet 1 */ 255 u8 version; 256 /* octet 2 */ 257 u8 priority; 258 /* octet 3 */ 259 #if __BYTE_ORDER == __LITTLE_ENDIAN 260 u8 length:4; 261 u8 macsec_capability:2; 262 u8 macsec_desired:1; 263 u8 key_server:1; 264 #elif __BYTE_ORDER == __BIG_ENDIAN 265 u8 key_server:1; 266 u8 macsec_desired:1; 267 u8 macsec_capability:2; 268 u8 length:4; 269 #endif 270 /* octet 4 */ 271 u8 length1; 272 273 struct ieee802_1x_mka_sci actor_sci; 274 u8 actor_mi[MI_LEN]; 275 be32 actor_mn; 276 u8 algo_agility[4]; 277 278 /* followed by CAK Name*/ 279 u8 ckn[0]; 280 }; 281 282 struct ieee802_1x_mka_peer_body { 283 /* octet 1 */ 284 u8 type; 285 /* octet 2 */ 286 u8 reserve; 287 /* octet 3 */ 288 #if __BYTE_ORDER == __LITTLE_ENDIAN 289 u8 length:4; 290 u8 reserve1:4; 291 #elif __BYTE_ORDER == __BIG_ENDIAN 292 u8 reserve1:4; 293 u8 length:4; 294 #endif 295 /* octet 4 */ 296 u8 length1; 297 298 u8 peer[0]; 299 /* followed by Peers */ 300 }; 301 302 struct ieee802_1x_mka_sak_use_body { 303 /* octet 1 */ 304 u8 type; 305 /* octet 2 */ 306 #if __BYTE_ORDER == __LITTLE_ENDIAN 307 u8 orx:1; 308 u8 otx:1; 309 u8 oan:2; 310 u8 lrx:1; 311 u8 ltx:1; 312 u8 lan:2; 313 #elif __BYTE_ORDER == __BIG_ENDIAN 314 u8 lan:2; 315 u8 ltx:1; 316 u8 lrx:1; 317 u8 oan:2; 318 u8 otx:1; 319 u8 orx:1; 320 #endif 321 322 /* octet 3 */ 323 #if __BYTE_ORDER == __LITTLE_ENDIAN 324 u8 length:4; 325 u8 delay_protect:1; 326 u8 reserve:1; 327 u8 prx:1; 328 u8 ptx:1; 329 #elif __BYTE_ORDER == __BIG_ENDIAN 330 u8 ptx:1; 331 u8 prx:1; 332 u8 reserve:1; 333 u8 delay_protect:1; 334 u8 length:4; 335 #endif 336 337 /* octet 4 */ 338 u8 length1; 339 340 /* octet 5 - 16 */ 341 u8 lsrv_mi[MI_LEN]; 342 /* octet 17 - 20 */ 343 be32 lkn; 344 /* octet 21 - 24 */ 345 be32 llpn; 346 347 /* octet 25 - 36 */ 348 u8 osrv_mi[MI_LEN]; 349 /* octet 37 - 40 */ 350 be32 okn; 351 /* octet 41 - 44 */ 352 be32 olpn; 353 }; 354 355 356 struct ieee802_1x_mka_dist_sak_body { 357 /* octet 1 */ 358 u8 type; 359 /* octet 2 */ 360 #if __BYTE_ORDER == __LITTLE_ENDIAN 361 u8 reserve:4; 362 u8 confid_offset:2; 363 u8 dan:2; 364 #elif __BYTE_ORDER == __BIG_ENDIAN 365 u8 dan:2; 366 u8 confid_offset:2; 367 u8 reserve:4; 368 #endif 369 /* octet 3 */ 370 #if __BYTE_ORDER == __LITTLE_ENDIAN 371 u8 length:4; 372 u8 reserve1:4; 373 #elif __BYTE_ORDER == __BIG_ENDIAN 374 u8 reserve1:4; 375 u8 length:4; 376 #endif 377 /* octet 4 */ 378 u8 length1; 379 /* octet 5 - 8 */ 380 be32 kn; 381 382 /* for GCM-AES-128: octet 9-32: SAK 383 * for other cipher suite: octet 9-16: cipher suite id, octet 17-: SAK 384 */ 385 u8 sak[0]; 386 }; 387 388 389 struct ieee802_1x_mka_icv_body { 390 /* octet 1 */ 391 u8 type; 392 /* octet 2 */ 393 u8 reserve; 394 /* octet 3 */ 395 #if __BYTE_ORDER == __LITTLE_ENDIAN 396 u8 length:4; 397 u8 reserve1:4; 398 #elif __BYTE_ORDER == __BIG_ENDIAN 399 u8 reserve1:4; 400 u8 length:4; 401 #endif 402 /* octet 4 */ 403 u8 length1; 404 405 /* octet 5 - */ 406 u8 icv[0]; 407 }; 408 409 #endif /* IEEE802_1X_KAY_I_H */ 410