1 /* 2 * IEEE 802.1X-2010 KaY Interface 3 * Copyright (c) 2013-2014, Qualcomm Atheros, Inc. 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "utils/includes.h" 10 11 #include "utils/common.h" 12 #include "eap_peer/eap.h" 13 #include "eap_peer/eap_i.h" 14 #include "eapol_supp/eapol_supp_sm.h" 15 #include "pae/ieee802_1x_key.h" 16 #include "pae/ieee802_1x_kay.h" 17 #include "wpa_supplicant_i.h" 18 #include "config.h" 19 #include "config_ssid.h" 20 #include "driver_i.h" 21 #include "wpas_kay.h" 22 23 24 #define DEFAULT_KEY_LEN 16 25 /* secure Connectivity Association Key Name (CKN) */ 26 #define DEFAULT_CKN_LEN 16 27 28 29 static int wpas_macsec_init(void *priv, struct macsec_init_params *params) 30 { 31 return wpa_drv_macsec_init(priv, params); 32 } 33 34 35 static int wpas_macsec_deinit(void *priv) 36 { 37 return wpa_drv_macsec_deinit(priv); 38 } 39 40 41 static int wpas_macsec_get_capability(void *priv, enum macsec_cap *cap) 42 { 43 return wpa_drv_macsec_get_capability(priv, cap); 44 } 45 46 47 static int wpas_enable_protect_frames(void *wpa_s, Boolean enabled) 48 { 49 return wpa_drv_enable_protect_frames(wpa_s, enabled); 50 } 51 52 53 static int wpas_enable_encrypt(void *wpa_s, Boolean enabled) 54 { 55 return wpa_drv_enable_encrypt(wpa_s, enabled); 56 } 57 58 59 static int wpas_set_replay_protect(void *wpa_s, Boolean enabled, u32 window) 60 { 61 return wpa_drv_set_replay_protect(wpa_s, enabled, window); 62 } 63 64 65 static int wpas_set_current_cipher_suite(void *wpa_s, u64 cs) 66 { 67 return wpa_drv_set_current_cipher_suite(wpa_s, cs); 68 } 69 70 71 static int wpas_enable_controlled_port(void *wpa_s, Boolean enabled) 72 { 73 return wpa_drv_enable_controlled_port(wpa_s, enabled); 74 } 75 76 77 static int wpas_get_receive_lowest_pn(void *wpa_s, struct receive_sa *sa) 78 { 79 return wpa_drv_get_receive_lowest_pn(wpa_s, sa); 80 } 81 82 83 static int wpas_get_transmit_next_pn(void *wpa_s, struct transmit_sa *sa) 84 { 85 return wpa_drv_get_transmit_next_pn(wpa_s, sa); 86 } 87 88 89 static int wpas_set_transmit_next_pn(void *wpa_s, struct transmit_sa *sa) 90 { 91 return wpa_drv_set_transmit_next_pn(wpa_s, sa); 92 } 93 94 95 static unsigned int conf_offset_val(enum confidentiality_offset co) 96 { 97 switch (co) { 98 case CONFIDENTIALITY_OFFSET_30: 99 return 30; 100 break; 101 case CONFIDENTIALITY_OFFSET_50: 102 return 50; 103 default: 104 return 0; 105 } 106 } 107 108 109 static int wpas_create_receive_sc(void *wpa_s, struct receive_sc *sc, 110 enum validate_frames vf, 111 enum confidentiality_offset co) 112 { 113 return wpa_drv_create_receive_sc(wpa_s, sc, conf_offset_val(co), vf); 114 } 115 116 117 static int wpas_delete_receive_sc(void *wpa_s, struct receive_sc *sc) 118 { 119 return wpa_drv_delete_receive_sc(wpa_s, sc); 120 } 121 122 123 static int wpas_create_receive_sa(void *wpa_s, struct receive_sa *sa) 124 { 125 return wpa_drv_create_receive_sa(wpa_s, sa); 126 } 127 128 129 static int wpas_delete_receive_sa(void *wpa_s, struct receive_sa *sa) 130 { 131 return wpa_drv_delete_receive_sa(wpa_s, sa); 132 } 133 134 135 static int wpas_enable_receive_sa(void *wpa_s, struct receive_sa *sa) 136 { 137 return wpa_drv_enable_receive_sa(wpa_s, sa); 138 } 139 140 141 static int wpas_disable_receive_sa(void *wpa_s, struct receive_sa *sa) 142 { 143 return wpa_drv_disable_receive_sa(wpa_s, sa); 144 } 145 146 147 static int 148 wpas_create_transmit_sc(void *wpa_s, struct transmit_sc *sc, 149 enum confidentiality_offset co) 150 { 151 return wpa_drv_create_transmit_sc(wpa_s, sc, conf_offset_val(co)); 152 } 153 154 155 static int wpas_delete_transmit_sc(void *wpa_s, struct transmit_sc *sc) 156 { 157 return wpa_drv_delete_transmit_sc(wpa_s, sc); 158 } 159 160 161 static int wpas_create_transmit_sa(void *wpa_s, struct transmit_sa *sa) 162 { 163 return wpa_drv_create_transmit_sa(wpa_s, sa); 164 } 165 166 167 static int wpas_delete_transmit_sa(void *wpa_s, struct transmit_sa *sa) 168 { 169 return wpa_drv_delete_transmit_sa(wpa_s, sa); 170 } 171 172 173 static int wpas_enable_transmit_sa(void *wpa_s, struct transmit_sa *sa) 174 { 175 return wpa_drv_enable_transmit_sa(wpa_s, sa); 176 } 177 178 179 static int wpas_disable_transmit_sa(void *wpa_s, struct transmit_sa *sa) 180 { 181 return wpa_drv_disable_transmit_sa(wpa_s, sa); 182 } 183 184 185 int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) 186 { 187 struct ieee802_1x_kay_ctx *kay_ctx; 188 struct ieee802_1x_kay *res = NULL; 189 enum macsec_policy policy; 190 191 ieee802_1x_dealloc_kay_sm(wpa_s); 192 193 if (!ssid || ssid->macsec_policy == 0) 194 return 0; 195 196 if (ssid->macsec_policy == 1) { 197 if (ssid->macsec_integ_only == 1) 198 policy = SHOULD_SECURE; 199 else 200 policy = SHOULD_ENCRYPT; 201 } else { 202 policy = DO_NOT_SECURE; 203 } 204 205 kay_ctx = os_zalloc(sizeof(*kay_ctx)); 206 if (!kay_ctx) 207 return -1; 208 209 kay_ctx->ctx = wpa_s; 210 211 kay_ctx->macsec_init = wpas_macsec_init; 212 kay_ctx->macsec_deinit = wpas_macsec_deinit; 213 kay_ctx->macsec_get_capability = wpas_macsec_get_capability; 214 kay_ctx->enable_protect_frames = wpas_enable_protect_frames; 215 kay_ctx->enable_encrypt = wpas_enable_encrypt; 216 kay_ctx->set_replay_protect = wpas_set_replay_protect; 217 kay_ctx->set_current_cipher_suite = wpas_set_current_cipher_suite; 218 kay_ctx->enable_controlled_port = wpas_enable_controlled_port; 219 kay_ctx->get_receive_lowest_pn = wpas_get_receive_lowest_pn; 220 kay_ctx->get_transmit_next_pn = wpas_get_transmit_next_pn; 221 kay_ctx->set_transmit_next_pn = wpas_set_transmit_next_pn; 222 kay_ctx->create_receive_sc = wpas_create_receive_sc; 223 kay_ctx->delete_receive_sc = wpas_delete_receive_sc; 224 kay_ctx->create_receive_sa = wpas_create_receive_sa; 225 kay_ctx->delete_receive_sa = wpas_delete_receive_sa; 226 kay_ctx->enable_receive_sa = wpas_enable_receive_sa; 227 kay_ctx->disable_receive_sa = wpas_disable_receive_sa; 228 kay_ctx->create_transmit_sc = wpas_create_transmit_sc; 229 kay_ctx->delete_transmit_sc = wpas_delete_transmit_sc; 230 kay_ctx->create_transmit_sa = wpas_create_transmit_sa; 231 kay_ctx->delete_transmit_sa = wpas_delete_transmit_sa; 232 kay_ctx->enable_transmit_sa = wpas_enable_transmit_sa; 233 kay_ctx->disable_transmit_sa = wpas_disable_transmit_sa; 234 235 res = ieee802_1x_kay_init(kay_ctx, policy, ssid->macsec_port, 236 ssid->mka_priority, wpa_s->ifname, 237 wpa_s->own_addr); 238 /* ieee802_1x_kay_init() frees kay_ctx on failure */ 239 if (res == NULL) 240 return -1; 241 242 wpa_s->kay = res; 243 244 return 0; 245 } 246 247 248 void ieee802_1x_dealloc_kay_sm(struct wpa_supplicant *wpa_s) 249 { 250 if (!wpa_s->kay) 251 return; 252 253 ieee802_1x_kay_deinit(wpa_s->kay); 254 wpa_s->kay = NULL; 255 } 256 257 258 static int ieee802_1x_auth_get_session_id(struct wpa_supplicant *wpa_s, 259 const u8 *addr, u8 *sid, size_t *len) 260 { 261 const u8 *session_id; 262 size_t id_len, need_len; 263 264 session_id = eapol_sm_get_session_id(wpa_s->eapol, &id_len); 265 if (session_id == NULL) { 266 wpa_printf(MSG_DEBUG, 267 "Failed to get SessionID from EAPOL state machines"); 268 return -1; 269 } 270 271 need_len = 1 + 2 * 32 /* random size */; 272 if (need_len > id_len) { 273 wpa_printf(MSG_DEBUG, "EAP Session-Id not long enough"); 274 return -1; 275 } 276 277 os_memcpy(sid, session_id, need_len); 278 *len = need_len; 279 280 return 0; 281 } 282 283 284 static int ieee802_1x_auth_get_msk(struct wpa_supplicant *wpa_s, const u8 *addr, 285 u8 *msk, size_t *len) 286 { 287 u8 key[EAP_MSK_LEN]; 288 size_t keylen; 289 struct eapol_sm *sm; 290 int res; 291 292 sm = wpa_s->eapol; 293 if (sm == NULL) 294 return -1; 295 296 keylen = EAP_MSK_LEN; 297 res = eapol_sm_get_key(sm, key, keylen); 298 if (res) { 299 wpa_printf(MSG_DEBUG, 300 "Failed to get MSK from EAPOL state machines"); 301 return -1; 302 } 303 304 if (keylen > *len) 305 keylen = *len; 306 os_memcpy(msk, key, keylen); 307 *len = keylen; 308 309 return 0; 310 } 311 312 313 void * ieee802_1x_notify_create_actor(struct wpa_supplicant *wpa_s, 314 const u8 *peer_addr) 315 { 316 u8 *sid; 317 size_t sid_len = 128; 318 struct mka_key_name *ckn; 319 struct mka_key *cak; 320 struct mka_key *msk; 321 void *res = NULL; 322 323 if (!wpa_s->kay || wpa_s->kay->policy == DO_NOT_SECURE) 324 return NULL; 325 326 wpa_printf(MSG_DEBUG, 327 "IEEE 802.1X: External notification - Create MKA for " 328 MACSTR, MAC2STR(peer_addr)); 329 330 msk = os_zalloc(sizeof(*msk)); 331 sid = os_zalloc(sid_len); 332 ckn = os_zalloc(sizeof(*ckn)); 333 cak = os_zalloc(sizeof(*cak)); 334 if (!msk || !sid || !ckn || !cak) 335 goto fail; 336 337 msk->len = DEFAULT_KEY_LEN; 338 if (ieee802_1x_auth_get_msk(wpa_s, wpa_s->bssid, msk->key, &msk->len)) { 339 wpa_printf(MSG_ERROR, "IEEE 802.1X: Could not get MSK"); 340 goto fail; 341 } 342 343 if (ieee802_1x_auth_get_session_id(wpa_s, wpa_s->bssid, sid, &sid_len)) 344 { 345 wpa_printf(MSG_ERROR, 346 "IEEE 802.1X: Could not get EAP Session Id"); 347 goto fail; 348 } 349 350 /* Derive CAK from MSK */ 351 cak->len = DEFAULT_KEY_LEN; 352 if (ieee802_1x_cak_128bits_aes_cmac(msk->key, wpa_s->own_addr, 353 peer_addr, cak->key)) { 354 wpa_printf(MSG_ERROR, 355 "IEEE 802.1X: Deriving CAK failed"); 356 goto fail; 357 } 358 wpa_hexdump_key(MSG_DEBUG, "Derived CAK", cak->key, cak->len); 359 360 /* Derive CKN from MSK */ 361 ckn->len = DEFAULT_CKN_LEN; 362 if (ieee802_1x_ckn_128bits_aes_cmac(msk->key, wpa_s->own_addr, 363 peer_addr, sid, sid_len, 364 ckn->name)) { 365 wpa_printf(MSG_ERROR, 366 "IEEE 802.1X: Deriving CKN failed"); 367 goto fail; 368 } 369 wpa_hexdump(MSG_DEBUG, "Derived CKN", ckn->name, ckn->len); 370 371 res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0, 372 EAP_EXCHANGE, FALSE); 373 374 fail: 375 if (msk) { 376 os_memset(msk, 0, sizeof(*msk)); 377 os_free(msk); 378 } 379 os_free(sid); 380 os_free(ckn); 381 if (cak) { 382 os_memset(cak, 0, sizeof(*cak)); 383 os_free(cak); 384 } 385 386 return res; 387 } 388 389 390 void * ieee802_1x_create_preshared_mka(struct wpa_supplicant *wpa_s, 391 struct wpa_ssid *ssid) 392 { 393 struct mka_key *cak; 394 struct mka_key_name *ckn; 395 void *res = NULL; 396 397 if ((ssid->mka_psk_set & MKA_PSK_SET) != MKA_PSK_SET) 398 goto end; 399 400 ckn = os_zalloc(sizeof(*ckn)); 401 if (!ckn) 402 goto end; 403 404 cak = os_zalloc(sizeof(*cak)); 405 if (!cak) 406 goto free_ckn; 407 408 if (ieee802_1x_alloc_kay_sm(wpa_s, ssid) < 0 || !wpa_s->kay) 409 goto free_cak; 410 411 if (wpa_s->kay->policy == DO_NOT_SECURE) 412 goto dealloc; 413 414 cak->len = MACSEC_CAK_LEN; 415 os_memcpy(cak->key, ssid->mka_cak, cak->len); 416 417 ckn->len = MACSEC_CKN_LEN; 418 os_memcpy(ckn->name, ssid->mka_ckn, ckn->len); 419 420 res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0, PSK, FALSE); 421 if (res) 422 goto free_cak; 423 424 dealloc: 425 /* Failed to create MKA */ 426 ieee802_1x_dealloc_kay_sm(wpa_s); 427 free_cak: 428 os_free(cak); 429 free_ckn: 430 os_free(ckn); 431 end: 432 return res; 433 } 434