contrib/wpa/wpa_supplicant/wpas_kay.c

   1 /*
   2  * IEEE 802.1X-2010 KaY Interface
   3  * Copyright (c) 2013-2014, Qualcomm Atheros, Inc.
   4  *
   5  * This software may be distributed under the terms of the BSD license.
   6  * See README for more details.
   7  */
   8
   9 #include "utils/includes.h"
  10
  11 #include "utils/common.h"
  12 #include "eap_peer/eap.h"
  13 #include "eap_peer/eap_i.h"
  14 #include "eapol_supp/eapol_supp_sm.h"
  15 #include "pae/ieee802_1x_key.h"
  16 #include "pae/ieee802_1x_kay.h"
  17 #include "wpa_supplicant_i.h"
  18 #include "config.h"
  19 #include "config_ssid.h"
  20 #include "driver_i.h"
  21 #include "wpas_kay.h"
  22
  23
  24 #define DEFAULT_KEY_LEN         16
  25 /* secure Connectivity Association Key Name (CKN) */
  26 #define DEFAULT_CKN_LEN         16
  27
  28
  29 static int wpas_macsec_init(void *priv, struct macsec_init_params *params)
  30 {
  31         return wpa_drv_macsec_init(priv, params);
  32 }
  33
  34
  35 static int wpas_macsec_deinit(void *priv)
  36 {
  37         return wpa_drv_macsec_deinit(priv);
  38 }
  39
  40
  41 static int wpas_macsec_get_capability(void *priv, enum macsec_cap *cap)
  42 {
  43         return wpa_drv_macsec_get_capability(priv, cap);
  44 }
  45
  46
  47 static int wpas_enable_protect_frames(void *wpa_s, Boolean enabled)
  48 {
  49         return wpa_drv_enable_protect_frames(wpa_s, enabled);
  50 }
  51
  52
  53 static int wpas_enable_encrypt(void *wpa_s, Boolean enabled)
  54 {
  55         return wpa_drv_enable_encrypt(wpa_s, enabled);
  56 }
  57
  58
  59 static int wpas_set_replay_protect(void *wpa_s, Boolean enabled, u32 window)
  60 {
  61         return wpa_drv_set_replay_protect(wpa_s, enabled, window);
  62 }
  63
  64
  65 static int wpas_set_current_cipher_suite(void *wpa_s, u64 cs)
  66 {
  67         return wpa_drv_set_current_cipher_suite(wpa_s, cs);
  68 }
  69
  70
  71 static int wpas_enable_controlled_port(void *wpa_s, Boolean enabled)
  72 {
  73         return wpa_drv_enable_controlled_port(wpa_s, enabled);
  74 }
  75
  76
  77 static int wpas_get_receive_lowest_pn(void *wpa_s, struct receive_sa *sa)
  78 {
  79         return wpa_drv_get_receive_lowest_pn(wpa_s, sa);
  80 }
  81
  82
  83 static int wpas_get_transmit_next_pn(void *wpa_s, struct transmit_sa *sa)
  84 {
  85         return wpa_drv_get_transmit_next_pn(wpa_s, sa);
  86 }
  87
  88
  89 static int wpas_set_transmit_next_pn(void *wpa_s, struct transmit_sa *sa)
  90 {
  91         return wpa_drv_set_transmit_next_pn(wpa_s, sa);
  92 }
  93
  94
  95 static int wpas_set_receive_lowest_pn(void *wpa_s, struct receive_sa *sa)
  96 {
  97         return wpa_drv_set_receive_lowest_pn(wpa_s, sa);
  98 }
  99
 100
 101 static unsigned int conf_offset_val(enum confidentiality_offset co)
 102 {
 103         switch (co) {
 104         case CONFIDENTIALITY_OFFSET_30:
 105                 return 30;
 106                 break;
 107         case CONFIDENTIALITY_OFFSET_50:
 108                 return 50;
 109         default:
 110                 return 0;
 111         }
 112 }
 113
 114
 115 static int wpas_create_receive_sc(void *wpa_s, struct receive_sc *sc,
 116                                   enum validate_frames vf,
 117                                   enum confidentiality_offset co)
 118 {
 119         return wpa_drv_create_receive_sc(wpa_s, sc, conf_offset_val(co), vf);
 120 }
 121
 122
 123 static int wpas_delete_receive_sc(void *wpa_s, struct receive_sc *sc)
 124 {
 125         return wpa_drv_delete_receive_sc(wpa_s, sc);
 126 }
 127
 128
 129 static int wpas_create_receive_sa(void *wpa_s, struct receive_sa *sa)
 130 {
 131         return wpa_drv_create_receive_sa(wpa_s, sa);
 132 }
 133
 134
 135 static int wpas_delete_receive_sa(void *wpa_s, struct receive_sa *sa)
 136 {
 137         return wpa_drv_delete_receive_sa(wpa_s, sa);
 138 }
 139
 140
 141 static int wpas_enable_receive_sa(void *wpa_s, struct receive_sa *sa)
 142 {
 143         return wpa_drv_enable_receive_sa(wpa_s, sa);
 144 }
 145
 146
 147 static int wpas_disable_receive_sa(void *wpa_s, struct receive_sa *sa)
 148 {
 149         return wpa_drv_disable_receive_sa(wpa_s, sa);
 150 }
 151
 152
 153 static int
 154 wpas_create_transmit_sc(void *wpa_s, struct transmit_sc *sc,
 155                         enum confidentiality_offset co)
 156 {
 157         return wpa_drv_create_transmit_sc(wpa_s, sc, conf_offset_val(co));
 158 }
 159
 160
 161 static int wpas_delete_transmit_sc(void *wpa_s, struct transmit_sc *sc)
 162 {
 163         return wpa_drv_delete_transmit_sc(wpa_s, sc);
 164 }
 165
 166
 167 static int wpas_create_transmit_sa(void *wpa_s, struct transmit_sa *sa)
 168 {
 169         return wpa_drv_create_transmit_sa(wpa_s, sa);
 170 }
 171
 172
 173 static int wpas_delete_transmit_sa(void *wpa_s, struct transmit_sa *sa)
 174 {
 175         return wpa_drv_delete_transmit_sa(wpa_s, sa);
 176 }
 177
 178
 179 static int wpas_enable_transmit_sa(void *wpa_s, struct transmit_sa *sa)
 180 {
 181         return wpa_drv_enable_transmit_sa(wpa_s, sa);
 182 }
 183
 184
 185 static int wpas_disable_transmit_sa(void *wpa_s, struct transmit_sa *sa)
 186 {
 187         return wpa_drv_disable_transmit_sa(wpa_s, sa);
 188 }
 189
 190
 191 int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
 192 {
 193         struct ieee802_1x_kay_ctx *kay_ctx;
 194         struct ieee802_1x_kay *res = NULL;
 195         enum macsec_policy policy;
 196
 197         ieee802_1x_dealloc_kay_sm(wpa_s);
 198
 199         if (!ssid || ssid->macsec_policy == 0)
 200                 return 0;
 201
 202         if (ssid->macsec_policy == 1) {
 203                 if (ssid->macsec_integ_only == 1)
 204                         policy = SHOULD_SECURE;
 205                 else
 206                         policy = SHOULD_ENCRYPT;
 207         } else {
 208                 policy = DO_NOT_SECURE;
 209         }
 210
 211         kay_ctx = os_zalloc(sizeof(*kay_ctx));
 212         if (!kay_ctx)
 213                 return -1;
 214
 215         kay_ctx->ctx = wpa_s;
 216
 217         kay_ctx->macsec_init = wpas_macsec_init;
 218         kay_ctx->macsec_deinit = wpas_macsec_deinit;
 219         kay_ctx->macsec_get_capability = wpas_macsec_get_capability;
 220         kay_ctx->enable_protect_frames = wpas_enable_protect_frames;
 221         kay_ctx->enable_encrypt = wpas_enable_encrypt;
 222         kay_ctx->set_replay_protect = wpas_set_replay_protect;
 223         kay_ctx->set_current_cipher_suite = wpas_set_current_cipher_suite;
 224         kay_ctx->enable_controlled_port = wpas_enable_controlled_port;
 225         kay_ctx->get_receive_lowest_pn = wpas_get_receive_lowest_pn;
 226         kay_ctx->get_transmit_next_pn = wpas_get_transmit_next_pn;
 227         kay_ctx->set_transmit_next_pn = wpas_set_transmit_next_pn;
 228         kay_ctx->set_receive_lowest_pn = wpas_set_receive_lowest_pn;
 229         kay_ctx->create_receive_sc = wpas_create_receive_sc;
 230         kay_ctx->delete_receive_sc = wpas_delete_receive_sc;
 231         kay_ctx->create_receive_sa = wpas_create_receive_sa;
 232         kay_ctx->delete_receive_sa = wpas_delete_receive_sa;
 233         kay_ctx->enable_receive_sa = wpas_enable_receive_sa;
 234         kay_ctx->disable_receive_sa = wpas_disable_receive_sa;
 235         kay_ctx->create_transmit_sc = wpas_create_transmit_sc;
 236         kay_ctx->delete_transmit_sc = wpas_delete_transmit_sc;
 237         kay_ctx->create_transmit_sa = wpas_create_transmit_sa;
 238         kay_ctx->delete_transmit_sa = wpas_delete_transmit_sa;
 239         kay_ctx->enable_transmit_sa = wpas_enable_transmit_sa;
 240         kay_ctx->disable_transmit_sa = wpas_disable_transmit_sa;
 241
 242         res = ieee802_1x_kay_init(kay_ctx, policy, ssid->macsec_replay_protect,
 243                                   ssid->macsec_replay_window, ssid->macsec_port,
 244                                   ssid->mka_priority, wpa_s->ifname,
 245                                   wpa_s->own_addr);
 246         /* ieee802_1x_kay_init() frees kay_ctx on failure */
 247         if (res == NULL)
 248                 return -1;
 249
 250         wpa_s->kay = res;
 251
 252         return 0;
 253 }
 254
 255
 256 void ieee802_1x_dealloc_kay_sm(struct wpa_supplicant *wpa_s)
 257 {
 258         if (!wpa_s->kay)
 259                 return;
 260
 261         ieee802_1x_kay_deinit(wpa_s->kay);
 262         wpa_s->kay = NULL;
 263 }
 264
 265
 266 static int ieee802_1x_auth_get_session_id(struct wpa_supplicant *wpa_s,
 267                                           const u8 *addr, u8 *sid, size_t *len)
 268 {
 269         const u8 *session_id;
 270         size_t id_len, need_len;
 271
 272         session_id = eapol_sm_get_session_id(wpa_s->eapol, &id_len);
 273         if (session_id == NULL) {
 274                 wpa_printf(MSG_DEBUG,
 275                            "Failed to get SessionID from EAPOL state machines");
 276                 return -1;
 277         }
 278
 279         need_len = 1 + 2 * 32 /* random size */;
 280         if (need_len > id_len) {
 281                 wpa_printf(MSG_DEBUG, "EAP Session-Id not long enough");
 282                 return -1;
 283         }
 284
 285         os_memcpy(sid, session_id, need_len);
 286         *len = need_len;
 287
 288         return 0;
 289 }
 290
 291
 292 static int ieee802_1x_auth_get_msk(struct wpa_supplicant *wpa_s, const u8 *addr,
 293                                    u8 *msk, size_t *len)
 294 {
 295         u8 key[EAP_MSK_LEN];
 296         size_t keylen;
 297         struct eapol_sm *sm;
 298         int res;
 299
 300         sm = wpa_s->eapol;
 301         if (sm == NULL)
 302                 return -1;
 303
 304         keylen = EAP_MSK_LEN;
 305         res = eapol_sm_get_key(sm, key, keylen);
 306         if (res) {
 307                 wpa_printf(MSG_DEBUG,
 308                            "Failed to get MSK from EAPOL state machines");
 309                 return -1;
 310         }
 311
 312         if (keylen > *len)
 313                 keylen = *len;
 314         os_memcpy(msk, key, keylen);
 315         *len = keylen;
 316
 317         return 0;
 318 }
 319
 320
 321 void * ieee802_1x_notify_create_actor(struct wpa_supplicant *wpa_s,
 322                                       const u8 *peer_addr)
 323 {
 324         u8 *sid;
 325         size_t sid_len = 128;
 326         struct mka_key_name *ckn;
 327         struct mka_key *cak;
 328         struct mka_key *msk;
 329         void *res = NULL;
 330
 331         if (!wpa_s->kay || wpa_s->kay->policy == DO_NOT_SECURE)
 332                 return NULL;
 333
 334         wpa_printf(MSG_DEBUG,
 335                    "IEEE 802.1X: External notification - Create MKA for "
 336                    MACSTR, MAC2STR(peer_addr));
 337
 338         msk = os_zalloc(sizeof(*msk));
 339         sid = os_zalloc(sid_len);
 340         ckn = os_zalloc(sizeof(*ckn));
 341         cak = os_zalloc(sizeof(*cak));
 342         if (!msk || !sid || !ckn || !cak)
 343                 goto fail;
 344
 345         msk->len = DEFAULT_KEY_LEN;
 346         if (ieee802_1x_auth_get_msk(wpa_s, wpa_s->bssid, msk->key, &msk->len)) {
 347                 wpa_printf(MSG_ERROR, "IEEE 802.1X: Could not get MSK");
 348                 goto fail;
 349         }
 350
 351         if (ieee802_1x_auth_get_session_id(wpa_s, wpa_s->bssid, sid, &sid_len))
 352         {
 353                 wpa_printf(MSG_ERROR,
 354                            "IEEE 802.1X: Could not get EAP Session Id");
 355                 goto fail;
 356         }
 357
 358         /* Derive CAK from MSK */
 359         cak->len = DEFAULT_KEY_LEN;
 360         if (ieee802_1x_cak_aes_cmac(msk->key, msk->len, wpa_s->own_addr,
 361                                     peer_addr, cak->key, cak->len)) {
 362                 wpa_printf(MSG_ERROR,
 363                            "IEEE 802.1X: Deriving CAK failed");
 364                 goto fail;
 365         }
 366         wpa_hexdump_key(MSG_DEBUG, "Derived CAK", cak->key, cak->len);
 367
 368         /* Derive CKN from MSK */
 369         ckn->len = DEFAULT_CKN_LEN;
 370         if (ieee802_1x_ckn_aes_cmac(msk->key, msk->len, wpa_s->own_addr,
 371                                     peer_addr, sid, sid_len, ckn->name)) {
 372                 wpa_printf(MSG_ERROR,
 373                            "IEEE 802.1X: Deriving CKN failed");
 374                 goto fail;
 375         }
 376         wpa_hexdump(MSG_DEBUG, "Derived CKN", ckn->name, ckn->len);
 377
 378         res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0,
 379                                         EAP_EXCHANGE, FALSE);
 380
 381 fail:
 382         if (msk) {
 383                 os_memset(msk, 0, sizeof(*msk));
 384                 os_free(msk);
 385         }
 386         os_free(sid);
 387         os_free(ckn);
 388         if (cak) {
 389                 os_memset(cak, 0, sizeof(*cak));
 390                 os_free(cak);
 391         }
 392
 393         return res;
 394 }
 395
 396
 397 void * ieee802_1x_create_preshared_mka(struct wpa_supplicant *wpa_s,
 398                                        struct wpa_ssid *ssid)
 399 {
 400         struct mka_key *cak;
 401         struct mka_key_name *ckn;
 402         void *res = NULL;
 403
 404         if ((ssid->mka_psk_set & MKA_PSK_SET) != MKA_PSK_SET)
 405                 goto end;
 406
 407         ckn = os_zalloc(sizeof(*ckn));
 408         if (!ckn)
 409                 goto end;
 410
 411         cak = os_zalloc(sizeof(*cak));
 412         if (!cak)
 413                 goto free_ckn;
 414
 415         if (ieee802_1x_alloc_kay_sm(wpa_s, ssid) < 0 || !wpa_s->kay)
 416                 goto free_cak;
 417
 418         if (wpa_s->kay->policy == DO_NOT_SECURE)
 419                 goto dealloc;
 420
 421         cak->len = ssid->mka_cak_len;
 422         os_memcpy(cak->key, ssid->mka_cak, cak->len);
 423
 424         ckn->len = ssid->mka_ckn_len;
 425         os_memcpy(ckn->name, ssid->mka_ckn, ckn->len);
 426
 427         res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0, PSK, FALSE);
 428         if (res)
 429                 goto free_cak;
 430
 431 dealloc:
 432         /* Failed to create MKA */
 433         ieee802_1x_dealloc_kay_sm(wpa_s);
 434 free_cak:
 435         os_free(cak);
 436 free_ckn:
 437         os_free(ckn);
 438 end:
 439         return res;
 440 }