1  /*
2   * EAP-TEAP definitions (RFC 7170)
3   * Copyright (c) 2004-2019, Jouni Malinen <j@w1.fi>
4   *
5   * This software may be distributed under the terms of the BSD license.
6   * See README for more details.
7   */
8  
9  #ifndef EAP_TEAP_H
10  #define EAP_TEAP_H
11  
12  #define EAP_TEAP_VERSION 1
13  #define EAP_TEAP_KEY_LEN 64
14  #define EAP_TEAP_IMCK_LEN 60
15  #define EAP_TEAP_SIMCK_LEN 40
16  #define EAP_TEAP_CMK_LEN 20
17  #define EAP_TEAP_COMPOUND_MAC_LEN 20
18  #define EAP_TEAP_NONCE_LEN 32
19  
20  #define TEAP_TLS_EXPORTER_LABEL_SKS "EXPORTER: teap session key seed"
21  
22  #define TLS_EXT_PAC_OPAQUE 35
23  
24  /*
25   * RFC 7170: Section 4.2.12.1 - Formats for PAC Attributes
26   * Note: bit 0x8000 (Mandatory) and bit 0x4000 (Reserved) are also defined
27   * in the general TLV format (Section 4.2.1).
28   */
29  #define PAC_TYPE_PAC_KEY 1
30  #define PAC_TYPE_PAC_OPAQUE 2
31  #define PAC_TYPE_CRED_LIFETIME 3
32  #define PAC_TYPE_A_ID 4
33  #define PAC_TYPE_I_ID 5
34  /* 6 - Reserved */
35  #define PAC_TYPE_A_ID_INFO 7
36  #define PAC_TYPE_PAC_ACKNOWLEDGEMENT 8
37  #define PAC_TYPE_PAC_INFO 9
38  #define PAC_TYPE_PAC_TYPE 10
39  
40  #ifdef _MSC_VER
41  #pragma pack(push, 1)
42  #endif /* _MSC_VER */
43  
44  struct pac_attr_hdr {
45  	be16 type;
46  	be16 len;
47  } STRUCT_PACKED;
48  
49  struct teap_tlv_hdr {
50  	be16 tlv_type;
51  	be16 length;
52  } STRUCT_PACKED;
53  
54  /* Result TLV and Intermediate-Result TLV */
55  struct teap_tlv_result {
56  	be16 tlv_type;
57  	be16 length;
58  	be16 status;
59  	/* for Intermediate-Result TLV, followed by optional TLVs */
60  } STRUCT_PACKED;
61  
62  struct teap_tlv_nak {
63  	be16 tlv_type;
64  	be16 length;
65  	be32 vendor_id;
66  	be16 nak_type;
67  	/* followed by optional TLVs */
68  } STRUCT_PACKED;
69  
70  struct teap_tlv_crypto_binding {
71  	be16 tlv_type; /* TLV Type[14b] and M/R flags */
72  	be16 length;
73  	u8 reserved;
74  	u8 version;
75  	u8 received_version;
76  	u8 subtype; /* Flags[4b] and Sub-Type[4b] */
77  	u8 nonce[EAP_TEAP_NONCE_LEN];
78  	u8 emsk_compound_mac[EAP_TEAP_COMPOUND_MAC_LEN];
79  	u8 msk_compound_mac[EAP_TEAP_COMPOUND_MAC_LEN];
80  } STRUCT_PACKED;
81  
82  struct teap_tlv_request_action {
83  	be16 tlv_type;
84  	be16 length;
85  	u8 status;
86  	u8 action;
87  	/* followed by optional TLVs */
88  } STRUCT_PACKED;
89  
90  enum teap_request_action {
91  	TEAP_REQUEST_ACTION_PROCESS_TLV = 1,
92  	TEAP_REQUEST_ACTION_NEGOTIATE_EAP = 2,
93  };
94  
95  /* PAC TLV with PAC-Acknowledgement TLV attribute */
96  struct teap_tlv_pac_ack {
97  	be16 tlv_type;
98  	be16 length;
99  	be16 pac_type;
100  	be16 pac_len;
101  	be16 result;
102  } STRUCT_PACKED;
103  
104  struct teap_attr_pac_type {
105  	be16 type; /* PAC_TYPE_PAC_TYPE */
106  	be16 length; /* 2 */
107  	be16 pac_type;
108  } STRUCT_PACKED;
109  
110  #ifdef _MSC_VER
111  #pragma pack(pop)
112  #endif /* _MSC_VER */
113  
114  #define TEAP_CRYPTO_BINDING_SUBTYPE_REQUEST 0
115  #define TEAP_CRYPTO_BINDING_SUBTYPE_RESPONSE 1
116  
117  #define TEAP_CRYPTO_BINDING_EMSK_CMAC 1
118  #define TEAP_CRYPTO_BINDING_MSK_CMAC 2
119  #define TEAP_CRYPTO_BINDING_EMSK_AND_MSK_CMAC 3
120  
121  
122  #define EAP_TEAP_PAC_KEY_LEN 48
123  
124  /* RFC 7170: 4.2.12.6 PAC-Type TLV */
125  #define PAC_TYPE_TUNNEL_PAC 1
126  
127  
128  /* RFC 7170, 4.2.1: General TLV Format */
129  enum teap_tlv_types {
130  	TEAP_TLV_AUTHORITY_ID = 1,
131  	TEAP_TLV_IDENTITY_TYPE = 2,
132  	TEAP_TLV_RESULT = 3,
133  	TEAP_TLV_NAK = 4,
134  	TEAP_TLV_ERROR = 5,
135  	TEAP_TLV_CHANNEL_BINDING = 6,
136  	TEAP_TLV_VENDOR_SPECIFIC = 7,
137  	TEAP_TLV_REQUEST_ACTION = 8,
138  	TEAP_TLV_EAP_PAYLOAD = 9,
139  	TEAP_TLV_INTERMEDIATE_RESULT = 10,
140  	TEAP_TLV_PAC = 11,
141  	TEAP_TLV_CRYPTO_BINDING = 12,
142  	TEAP_TLV_BASIC_PASSWORD_AUTH_REQ = 13,
143  	TEAP_TLV_BASIC_PASSWORD_AUTH_RESP = 14,
144  	TEAP_TLV_PKCS7 = 15,
145  	TEAP_TLV_PKCS10 = 16,
146  	TEAP_TLV_TRUSTED_SERVER_ROOT = 17,
147  };
148  
149  enum teap_tlv_result_status {
150  	TEAP_STATUS_SUCCESS = 1,
151  	TEAP_STATUS_FAILURE = 2
152  };
153  
154  /* Identity-Type values within Identity-Type TLV */
155  enum teap_identity_types {
156  	TEAP_IDENTITY_TYPE_USER = 1,
157  	TEAP_IDENTITY_TYPE_MACHINE = 2,
158  };
159  
160  #define TEAP_TLV_MANDATORY 0x8000
161  #define TEAP_TLV_TYPE_MASK 0x3fff
162  
163  /* RFC 7170, 4.2.6: Error TLV */
164  enum teap_error_codes {
165  	TEAP_ERROR_INNER_METHOD = 1001,
166  	TEAP_ERROR_UNSPEC_AUTH_INFRA_PROBLEM = 1002,
167  	TEAP_ERROR_UNSPEC_AUTHENTICATION_FAILURE = 1003,
168  	TEAP_ERROR_UNSPEC_AUTHORIZATION_FAILURE = 1004,
169  	TEAP_ERROR_USER_ACCOUNT_CRED_UNAVAILABLE = 1005,
170  	TEAP_ERROR_USER_ACCOUNT_EXPIRED = 1006,
171  	TEAP_ERROR_USER_ACCOUNT_LOCKED_TRY_AGAIN_LATER = 1007,
172  	TEAP_ERROR_USER_ACCOUNT_LOCKED_ADMIN_REQ = 1008,
173  	TEAP_ERROR_TUNNEL_COMPROMISE_ERROR = 2001,
174  	TEAP_ERROR_UNEXPECTED_TLVS_EXCHANGED = 2002,
175  };
176  
177  struct wpabuf;
178  struct tls_connection;
179  
180  struct eap_teap_tlv_parse {
181  	u8 *eap_payload_tlv;
182  	size_t eap_payload_tlv_len;
183  	struct teap_tlv_crypto_binding *crypto_binding;
184  	size_t crypto_binding_len;
185  	int iresult;
186  	int result;
187  	u8 *nak;
188  	size_t nak_len;
189  	u8 request_action;
190  	u8 request_action_status;
191  	u8 *pac;
192  	size_t pac_len;
193  	u8 *basic_auth_req;
194  	size_t basic_auth_req_len;
195  	u8 *basic_auth_resp;
196  	size_t basic_auth_resp_len;
197  	u32 error_code;
198  	u16 identity_type;
199  };
200  
201  void eap_teap_put_tlv_hdr(struct wpabuf *buf, u16 type, u16 len);
202  void eap_teap_put_tlv(struct wpabuf *buf, u16 type, const void *data, u16 len);
203  void eap_teap_put_tlv_buf(struct wpabuf *buf, u16 type,
204  			  const struct wpabuf *data);
205  struct wpabuf * eap_teap_tlv_eap_payload(struct wpabuf *buf);
206  int eap_teap_derive_eap_msk(u16 tls_cs, const u8 *simck, u8 *msk);
207  int eap_teap_derive_eap_emsk(u16 tls_cs, const u8 *simck, u8 *emsk);
208  int eap_teap_derive_imck(u16 tls_cs, const u8 *prev_s_imck,
209  			 const u8 *msk, size_t msk_len,
210  			 const u8 *emsk, size_t emsk_len,
211  			 u8 *s_imck_msk, u8 *cmk_msk,
212  			 u8 *s_imck_emsk, u8 *cmk_emsk);
213  int eap_teap_compound_mac(u16 tls_cs, const struct teap_tlv_crypto_binding *cb,
214  			  const struct wpabuf *server_outer_tlvs,
215  			  const struct wpabuf *peer_outer_tlvs,
216  			  const u8 *cmk, u8 *compound_mac);
217  int eap_teap_parse_tlv(struct eap_teap_tlv_parse *tlv,
218  		       int tlv_type, u8 *pos, size_t len);
219  const char * eap_teap_tlv_type_str(enum teap_tlv_types type);
220  struct wpabuf * eap_teap_tlv_result(int status, int intermediate);
221  struct wpabuf * eap_teap_tlv_error(enum teap_error_codes error);
222  struct wpabuf * eap_teap_tlv_identity_type(enum teap_identity_types id);
223  enum eap_type;
224  
225  #endif /* EAP_TEAP_H */
226