2 * hostapd / EAP-TLS (RFC 2716)
3 * Copyright (c) 2004-2008, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
13 #include "eap_tls_common.h"
14 #include "crypto/tls.h"
17 static void eap_tls_reset(struct eap_sm *sm, void *priv);
21 struct eap_ssl_data ssl;
22 enum { START, CONTINUE, SUCCESS, FAILURE } state;
28 static const char * eap_tls_state_txt(int state)
45 static void eap_tls_state(struct eap_tls_data *data, int state)
47 wpa_printf(MSG_DEBUG, "EAP-TLS: %s -> %s",
48 eap_tls_state_txt(data->state),
49 eap_tls_state_txt(state));
52 tls_connection_remove_session(data->ssl.conn);
56 static void eap_tls_valid_session(struct eap_sm *sm, struct eap_tls_data *data)
60 if (!sm->tls_session_lifetime)
63 buf = wpabuf_alloc(1);
66 wpabuf_put_u8(buf, data->eap_type);
67 tls_connection_set_success_data(data->ssl.conn, buf);
71 static void * eap_tls_init(struct eap_sm *sm)
73 struct eap_tls_data *data;
75 data = os_zalloc(sizeof(*data));
80 if (eap_server_tls_ssl_init(sm, &data->ssl, 1, EAP_TYPE_TLS)) {
81 wpa_printf(MSG_INFO, "EAP-TLS: Failed to initialize SSL.");
82 eap_tls_reset(sm, data);
86 data->eap_type = EAP_TYPE_TLS;
92 #ifdef EAP_SERVER_UNAUTH_TLS
93 static void * eap_unauth_tls_init(struct eap_sm *sm)
95 struct eap_tls_data *data;
97 data = os_zalloc(sizeof(*data));
102 if (eap_server_tls_ssl_init(sm, &data->ssl, 0, EAP_UNAUTH_TLS_TYPE)) {
103 wpa_printf(MSG_INFO, "EAP-TLS: Failed to initialize SSL.");
104 eap_tls_reset(sm, data);
108 data->eap_type = EAP_UNAUTH_TLS_TYPE;
111 #endif /* EAP_SERVER_UNAUTH_TLS */
115 static void * eap_wfa_unauth_tls_init(struct eap_sm *sm)
117 struct eap_tls_data *data;
119 data = os_zalloc(sizeof(*data));
124 if (eap_server_tls_ssl_init(sm, &data->ssl, 0,
125 EAP_WFA_UNAUTH_TLS_TYPE)) {
126 wpa_printf(MSG_INFO, "EAP-TLS: Failed to initialize SSL.");
127 eap_tls_reset(sm, data);
131 data->eap_type = EAP_WFA_UNAUTH_TLS_TYPE;
134 #endif /* CONFIG_HS20 */
137 static void eap_tls_reset(struct eap_sm *sm, void *priv)
139 struct eap_tls_data *data = priv;
142 eap_server_tls_ssl_deinit(sm, &data->ssl);
147 static struct wpabuf * eap_tls_build_start(struct eap_sm *sm,
148 struct eap_tls_data *data, u8 id)
152 req = eap_tls_msg_alloc(data->eap_type, 1, EAP_CODE_REQUEST, id);
154 wpa_printf(MSG_ERROR, "EAP-TLS: Failed to allocate memory for "
156 eap_tls_state(data, FAILURE);
160 wpabuf_put_u8(req, EAP_TLS_FLAGS_START);
162 eap_tls_state(data, CONTINUE);
168 static struct wpabuf * eap_tls_buildReq(struct eap_sm *sm, void *priv, u8 id)
170 struct eap_tls_data *data = priv;
173 if (data->ssl.state == FRAG_ACK) {
174 return eap_server_tls_build_ack(id, data->eap_type, 0);
177 if (data->ssl.state == WAIT_FRAG_ACK) {
178 res = eap_server_tls_build_msg(&data->ssl, data->eap_type, 0,
180 goto check_established;
183 switch (data->state) {
185 return eap_tls_build_start(sm, data, id);
187 if (tls_connection_established(sm->ssl_ctx, data->ssl.conn))
188 data->established = 1;
191 wpa_printf(MSG_DEBUG, "EAP-TLS: %s - unexpected state %d",
192 __func__, data->state);
196 res = eap_server_tls_build_msg(&data->ssl, data->eap_type, 0, id);
199 if (data->established && data->ssl.state != WAIT_FRAG_ACK) {
200 /* TLS handshake has been completed and there are no more
201 * fragments waiting to be sent out. */
202 wpa_printf(MSG_DEBUG, "EAP-TLS: Done");
203 eap_tls_state(data, SUCCESS);
204 eap_tls_valid_session(sm, data);
211 static Boolean eap_tls_check(struct eap_sm *sm, void *priv,
212 struct wpabuf *respData)
214 struct eap_tls_data *data = priv;
218 if (data->eap_type == EAP_UNAUTH_TLS_TYPE)
219 pos = eap_hdr_validate(EAP_VENDOR_UNAUTH_TLS,
220 EAP_VENDOR_TYPE_UNAUTH_TLS, respData,
222 else if (data->eap_type == EAP_WFA_UNAUTH_TLS_TYPE)
223 pos = eap_hdr_validate(EAP_VENDOR_WFA_NEW,
224 EAP_VENDOR_WFA_UNAUTH_TLS, respData,
227 pos = eap_hdr_validate(EAP_VENDOR_IETF, data->eap_type,
229 if (pos == NULL || len < 1) {
230 wpa_printf(MSG_INFO, "EAP-TLS: Invalid frame");
238 static void eap_tls_process_msg(struct eap_sm *sm, void *priv,
239 const struct wpabuf *respData)
241 struct eap_tls_data *data = priv;
242 if (data->state == SUCCESS && wpabuf_len(data->ssl.tls_in) == 0) {
243 wpa_printf(MSG_DEBUG, "EAP-TLS: Client acknowledged final TLS "
244 "handshake message");
247 if (eap_server_tls_phase1(sm, &data->ssl) < 0)
248 eap_tls_state(data, FAILURE);
252 static void eap_tls_process(struct eap_sm *sm, void *priv,
253 struct wpabuf *respData)
255 struct eap_tls_data *data = priv;
256 const struct wpabuf *buf;
259 if (eap_server_tls_process(sm, &data->ssl, respData, data,
260 data->eap_type, NULL, eap_tls_process_msg) <
262 eap_tls_state(data, FAILURE);
266 if (!tls_connection_established(sm->ssl_ctx, data->ssl.conn) ||
267 !tls_connection_resumed(sm->ssl_ctx, data->ssl.conn))
270 buf = tls_connection_get_success_data(data->ssl.conn);
271 if (!buf || wpabuf_len(buf) < 1) {
272 wpa_printf(MSG_DEBUG,
273 "EAP-TLS: No success data in resumed session - reject attempt");
274 eap_tls_state(data, FAILURE);
278 pos = wpabuf_head(buf);
279 if (*pos != data->eap_type) {
280 wpa_printf(MSG_DEBUG,
281 "EAP-TLS: Resumed session for another EAP type (%u) - reject attempt",
283 eap_tls_state(data, FAILURE);
287 wpa_printf(MSG_DEBUG,
288 "EAP-TLS: Resuming previous session");
289 eap_tls_state(data, SUCCESS);
290 tls_connection_set_success_data_resumed(data->ssl.conn);
294 static Boolean eap_tls_isDone(struct eap_sm *sm, void *priv)
296 struct eap_tls_data *data = priv;
297 return data->state == SUCCESS || data->state == FAILURE;
301 static u8 * eap_tls_getKey(struct eap_sm *sm, void *priv, size_t *len)
303 struct eap_tls_data *data = priv;
307 if (data->state != SUCCESS)
310 if (data->ssl.tls_v13)
311 label = "EXPORTER_EAP_TLS_Key_Material";
313 label = "client EAP encryption";
314 eapKeyData = eap_server_tls_derive_key(sm, &data->ssl, label,
315 EAP_TLS_KEY_LEN + EAP_EMSK_LEN);
317 *len = EAP_TLS_KEY_LEN;
318 wpa_hexdump(MSG_DEBUG, "EAP-TLS: Derived key",
319 eapKeyData, EAP_TLS_KEY_LEN);
320 os_memset(eapKeyData + EAP_TLS_KEY_LEN, 0, EAP_EMSK_LEN);
322 wpa_printf(MSG_DEBUG, "EAP-TLS: Failed to derive key");
329 static u8 * eap_tls_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
331 struct eap_tls_data *data = priv;
332 u8 *eapKeyData, *emsk;
335 if (data->state != SUCCESS)
338 if (data->ssl.tls_v13)
339 label = "EXPORTER_EAP_TLS_Key_Material";
341 label = "client EAP encryption";
342 eapKeyData = eap_server_tls_derive_key(sm, &data->ssl, label,
343 EAP_TLS_KEY_LEN + EAP_EMSK_LEN);
345 emsk = os_malloc(EAP_EMSK_LEN);
347 os_memcpy(emsk, eapKeyData + EAP_TLS_KEY_LEN,
349 bin_clear_free(eapKeyData, EAP_TLS_KEY_LEN + EAP_EMSK_LEN);
355 wpa_hexdump(MSG_DEBUG, "EAP-TLS: Derived EMSK",
358 wpa_printf(MSG_DEBUG, "EAP-TLS: Failed to derive EMSK");
365 static Boolean eap_tls_isSuccess(struct eap_sm *sm, void *priv)
367 struct eap_tls_data *data = priv;
368 return data->state == SUCCESS;
372 static u8 * eap_tls_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
374 struct eap_tls_data *data = priv;
376 if (data->state != SUCCESS)
379 return eap_server_tls_derive_session_id(sm, &data->ssl, EAP_TYPE_TLS,
384 int eap_server_tls_register(void)
386 struct eap_method *eap;
388 eap = eap_server_method_alloc(EAP_SERVER_METHOD_INTERFACE_VERSION,
389 EAP_VENDOR_IETF, EAP_TYPE_TLS, "TLS");
393 eap->init = eap_tls_init;
394 eap->reset = eap_tls_reset;
395 eap->buildReq = eap_tls_buildReq;
396 eap->check = eap_tls_check;
397 eap->process = eap_tls_process;
398 eap->isDone = eap_tls_isDone;
399 eap->getKey = eap_tls_getKey;
400 eap->isSuccess = eap_tls_isSuccess;
401 eap->get_emsk = eap_tls_get_emsk;
402 eap->getSessionId = eap_tls_get_session_id;
404 return eap_server_method_register(eap);
408 #ifdef EAP_SERVER_UNAUTH_TLS
409 int eap_server_unauth_tls_register(void)
411 struct eap_method *eap;
413 eap = eap_server_method_alloc(EAP_SERVER_METHOD_INTERFACE_VERSION,
414 EAP_VENDOR_UNAUTH_TLS,
415 EAP_VENDOR_TYPE_UNAUTH_TLS,
420 eap->init = eap_unauth_tls_init;
421 eap->reset = eap_tls_reset;
422 eap->buildReq = eap_tls_buildReq;
423 eap->check = eap_tls_check;
424 eap->process = eap_tls_process;
425 eap->isDone = eap_tls_isDone;
426 eap->getKey = eap_tls_getKey;
427 eap->isSuccess = eap_tls_isSuccess;
428 eap->get_emsk = eap_tls_get_emsk;
430 return eap_server_method_register(eap);
432 #endif /* EAP_SERVER_UNAUTH_TLS */
436 int eap_server_wfa_unauth_tls_register(void)
438 struct eap_method *eap;
440 eap = eap_server_method_alloc(EAP_SERVER_METHOD_INTERFACE_VERSION,
442 EAP_VENDOR_WFA_UNAUTH_TLS,
447 eap->init = eap_wfa_unauth_tls_init;
448 eap->reset = eap_tls_reset;
449 eap->buildReq = eap_tls_buildReq;
450 eap->check = eap_tls_check;
451 eap->process = eap_tls_process;
452 eap->isDone = eap_tls_isDone;
453 eap->getKey = eap_tls_getKey;
454 eap->isSuccess = eap_tls_isSuccess;
455 eap->get_emsk = eap_tls_get_emsk;
457 return eap_server_method_register(eap);
459 #endif /* CONFIG_HS20 */