1 /*
2 * IEEE 802.1X-2010 KaY Interface
3 * Copyright (c) 2013-2014, Qualcomm Atheros, Inc.
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10
11 #include "utils/common.h"
12 #include "eap_peer/eap.h"
13 #include "eap_peer/eap_i.h"
14 #include "eapol_supp/eapol_supp_sm.h"
15 #include "pae/ieee802_1x_key.h"
16 #include "pae/ieee802_1x_kay.h"
17 #include "wpa_supplicant_i.h"
18 #include "config.h"
19 #include "config_ssid.h"
20 #include "driver_i.h"
21 #include "wpas_kay.h"
22
23
24 #define DEFAULT_KEY_LEN 16
25 /* secure Connectivity Association Key Name (CKN) */
26 #define DEFAULT_CKN_LEN 16
27
28
wpas_macsec_init(void * priv,struct macsec_init_params * params)29 static int wpas_macsec_init(void *priv, struct macsec_init_params *params)
30 {
31 return wpa_drv_macsec_init(priv, params);
32 }
33
34
wpas_macsec_deinit(void * priv)35 static int wpas_macsec_deinit(void *priv)
36 {
37 return wpa_drv_macsec_deinit(priv);
38 }
39
40
wpas_macsec_get_capability(void * priv,enum macsec_cap * cap)41 static int wpas_macsec_get_capability(void *priv, enum macsec_cap *cap)
42 {
43 return wpa_drv_macsec_get_capability(priv, cap);
44 }
45
46
wpas_enable_protect_frames(void * wpa_s,bool enabled)47 static int wpas_enable_protect_frames(void *wpa_s, bool enabled)
48 {
49 return wpa_drv_enable_protect_frames(wpa_s, enabled);
50 }
51
52
wpas_enable_encrypt(void * wpa_s,bool enabled)53 static int wpas_enable_encrypt(void *wpa_s, bool enabled)
54 {
55 return wpa_drv_enable_encrypt(wpa_s, enabled);
56 }
57
58
wpas_set_replay_protect(void * wpa_s,bool enabled,u32 window)59 static int wpas_set_replay_protect(void *wpa_s, bool enabled, u32 window)
60 {
61 return wpa_drv_set_replay_protect(wpa_s, enabled, window);
62 }
63
64
wpas_set_current_cipher_suite(void * wpa_s,u64 cs)65 static int wpas_set_current_cipher_suite(void *wpa_s, u64 cs)
66 {
67 return wpa_drv_set_current_cipher_suite(wpa_s, cs);
68 }
69
70
wpas_enable_controlled_port(void * wpa_s,bool enabled)71 static int wpas_enable_controlled_port(void *wpa_s, bool enabled)
72 {
73 return wpa_drv_enable_controlled_port(wpa_s, enabled);
74 }
75
76
wpas_get_receive_lowest_pn(void * wpa_s,struct receive_sa * sa)77 static int wpas_get_receive_lowest_pn(void *wpa_s, struct receive_sa *sa)
78 {
79 return wpa_drv_get_receive_lowest_pn(wpa_s, sa);
80 }
81
82
wpas_get_transmit_next_pn(void * wpa_s,struct transmit_sa * sa)83 static int wpas_get_transmit_next_pn(void *wpa_s, struct transmit_sa *sa)
84 {
85 return wpa_drv_get_transmit_next_pn(wpa_s, sa);
86 }
87
88
wpas_set_transmit_next_pn(void * wpa_s,struct transmit_sa * sa)89 static int wpas_set_transmit_next_pn(void *wpa_s, struct transmit_sa *sa)
90 {
91 return wpa_drv_set_transmit_next_pn(wpa_s, sa);
92 }
93
94
wpas_set_receive_lowest_pn(void * wpa_s,struct receive_sa * sa)95 static int wpas_set_receive_lowest_pn(void *wpa_s, struct receive_sa *sa)
96 {
97 return wpa_drv_set_receive_lowest_pn(wpa_s, sa);
98 }
99
100
wpas_set_offload(void * wpa_s,u8 offload)101 static int wpas_set_offload(void *wpa_s, u8 offload)
102 {
103 return wpa_drv_set_offload(wpa_s, offload);
104 }
105
106
conf_offset_val(enum confidentiality_offset co)107 static unsigned int conf_offset_val(enum confidentiality_offset co)
108 {
109 switch (co) {
110 case CONFIDENTIALITY_OFFSET_30:
111 return 30;
112 case CONFIDENTIALITY_OFFSET_50:
113 return 50;
114 default:
115 return 0;
116 }
117 }
118
119
wpas_create_receive_sc(void * wpa_s,struct receive_sc * sc,enum validate_frames vf,enum confidentiality_offset co)120 static int wpas_create_receive_sc(void *wpa_s, struct receive_sc *sc,
121 enum validate_frames vf,
122 enum confidentiality_offset co)
123 {
124 return wpa_drv_create_receive_sc(wpa_s, sc, conf_offset_val(co), vf);
125 }
126
127
wpas_delete_receive_sc(void * wpa_s,struct receive_sc * sc)128 static int wpas_delete_receive_sc(void *wpa_s, struct receive_sc *sc)
129 {
130 return wpa_drv_delete_receive_sc(wpa_s, sc);
131 }
132
133
wpas_create_receive_sa(void * wpa_s,struct receive_sa * sa)134 static int wpas_create_receive_sa(void *wpa_s, struct receive_sa *sa)
135 {
136 return wpa_drv_create_receive_sa(wpa_s, sa);
137 }
138
139
wpas_delete_receive_sa(void * wpa_s,struct receive_sa * sa)140 static int wpas_delete_receive_sa(void *wpa_s, struct receive_sa *sa)
141 {
142 return wpa_drv_delete_receive_sa(wpa_s, sa);
143 }
144
145
wpas_enable_receive_sa(void * wpa_s,struct receive_sa * sa)146 static int wpas_enable_receive_sa(void *wpa_s, struct receive_sa *sa)
147 {
148 return wpa_drv_enable_receive_sa(wpa_s, sa);
149 }
150
151
wpas_disable_receive_sa(void * wpa_s,struct receive_sa * sa)152 static int wpas_disable_receive_sa(void *wpa_s, struct receive_sa *sa)
153 {
154 return wpa_drv_disable_receive_sa(wpa_s, sa);
155 }
156
157
158 static int
wpas_create_transmit_sc(void * wpa_s,struct transmit_sc * sc,enum confidentiality_offset co)159 wpas_create_transmit_sc(void *wpa_s, struct transmit_sc *sc,
160 enum confidentiality_offset co)
161 {
162 return wpa_drv_create_transmit_sc(wpa_s, sc, conf_offset_val(co));
163 }
164
165
wpas_delete_transmit_sc(void * wpa_s,struct transmit_sc * sc)166 static int wpas_delete_transmit_sc(void *wpa_s, struct transmit_sc *sc)
167 {
168 return wpa_drv_delete_transmit_sc(wpa_s, sc);
169 }
170
171
wpas_create_transmit_sa(void * wpa_s,struct transmit_sa * sa)172 static int wpas_create_transmit_sa(void *wpa_s, struct transmit_sa *sa)
173 {
174 return wpa_drv_create_transmit_sa(wpa_s, sa);
175 }
176
177
wpas_delete_transmit_sa(void * wpa_s,struct transmit_sa * sa)178 static int wpas_delete_transmit_sa(void *wpa_s, struct transmit_sa *sa)
179 {
180 return wpa_drv_delete_transmit_sa(wpa_s, sa);
181 }
182
183
wpas_enable_transmit_sa(void * wpa_s,struct transmit_sa * sa)184 static int wpas_enable_transmit_sa(void *wpa_s, struct transmit_sa *sa)
185 {
186 return wpa_drv_enable_transmit_sa(wpa_s, sa);
187 }
188
189
wpas_disable_transmit_sa(void * wpa_s,struct transmit_sa * sa)190 static int wpas_disable_transmit_sa(void *wpa_s, struct transmit_sa *sa)
191 {
192 return wpa_drv_disable_transmit_sa(wpa_s, sa);
193 }
194
195
ieee802_1x_alloc_kay_sm(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)196 int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
197 {
198 struct ieee802_1x_kay_ctx *kay_ctx;
199 struct ieee802_1x_kay *res = NULL;
200 enum macsec_policy policy;
201
202 ieee802_1x_dealloc_kay_sm(wpa_s);
203
204 if (!ssid || ssid->macsec_policy == 0)
205 return 0;
206
207 if (ssid->macsec_policy == 1) {
208 if (ssid->macsec_integ_only == 1)
209 policy = SHOULD_SECURE;
210 else
211 policy = SHOULD_ENCRYPT;
212 } else {
213 policy = DO_NOT_SECURE;
214 }
215
216 kay_ctx = os_zalloc(sizeof(*kay_ctx));
217 if (!kay_ctx)
218 return -1;
219
220 kay_ctx->ctx = wpa_s;
221
222 kay_ctx->macsec_init = wpas_macsec_init;
223 kay_ctx->macsec_deinit = wpas_macsec_deinit;
224 kay_ctx->macsec_get_capability = wpas_macsec_get_capability;
225 kay_ctx->enable_protect_frames = wpas_enable_protect_frames;
226 kay_ctx->enable_encrypt = wpas_enable_encrypt;
227 kay_ctx->set_replay_protect = wpas_set_replay_protect;
228 kay_ctx->set_offload = wpas_set_offload;
229 kay_ctx->set_current_cipher_suite = wpas_set_current_cipher_suite;
230 kay_ctx->enable_controlled_port = wpas_enable_controlled_port;
231 kay_ctx->get_receive_lowest_pn = wpas_get_receive_lowest_pn;
232 kay_ctx->get_transmit_next_pn = wpas_get_transmit_next_pn;
233 kay_ctx->set_transmit_next_pn = wpas_set_transmit_next_pn;
234 kay_ctx->set_receive_lowest_pn = wpas_set_receive_lowest_pn;
235 kay_ctx->create_receive_sc = wpas_create_receive_sc;
236 kay_ctx->delete_receive_sc = wpas_delete_receive_sc;
237 kay_ctx->create_receive_sa = wpas_create_receive_sa;
238 kay_ctx->delete_receive_sa = wpas_delete_receive_sa;
239 kay_ctx->enable_receive_sa = wpas_enable_receive_sa;
240 kay_ctx->disable_receive_sa = wpas_disable_receive_sa;
241 kay_ctx->create_transmit_sc = wpas_create_transmit_sc;
242 kay_ctx->delete_transmit_sc = wpas_delete_transmit_sc;
243 kay_ctx->create_transmit_sa = wpas_create_transmit_sa;
244 kay_ctx->delete_transmit_sa = wpas_delete_transmit_sa;
245 kay_ctx->enable_transmit_sa = wpas_enable_transmit_sa;
246 kay_ctx->disable_transmit_sa = wpas_disable_transmit_sa;
247
248 res = ieee802_1x_kay_init(kay_ctx, policy, ssid->macsec_replay_protect,
249 ssid->macsec_replay_window,
250 ssid->macsec_offload, ssid->macsec_port,
251 ssid->mka_priority, ssid->macsec_csindex,
252 ssid->macsec_icv_indicator,
253 wpa_s->ifname, wpa_s->own_addr);
254 /* ieee802_1x_kay_init() frees kay_ctx on failure */
255 if (res == NULL)
256 return -1;
257
258 wpa_s->kay = res;
259
260 return 0;
261 }
262
263
ieee802_1x_dealloc_kay_sm(struct wpa_supplicant * wpa_s)264 void ieee802_1x_dealloc_kay_sm(struct wpa_supplicant *wpa_s)
265 {
266 if (!wpa_s->kay)
267 return;
268
269 ieee802_1x_kay_deinit(wpa_s->kay);
270 wpa_s->kay = NULL;
271 }
272
273
ieee802_1x_auth_get_msk(struct wpa_supplicant * wpa_s,const u8 * addr,u8 * msk,size_t * len)274 static int ieee802_1x_auth_get_msk(struct wpa_supplicant *wpa_s, const u8 *addr,
275 u8 *msk, size_t *len)
276 {
277 u8 key[EAP_MSK_LEN];
278 size_t keylen;
279 struct eapol_sm *sm;
280 int res;
281
282 sm = wpa_s->eapol;
283 if (sm == NULL)
284 return -1;
285
286 keylen = EAP_MSK_LEN;
287 res = eapol_sm_get_key(sm, key, keylen);
288 if (res) {
289 wpa_printf(MSG_DEBUG,
290 "Failed to get MSK from EAPOL state machines");
291 return -1;
292 }
293
294 if (keylen > *len)
295 keylen = *len;
296 os_memcpy(msk, key, keylen);
297 *len = keylen;
298
299 return 0;
300 }
301
302
ieee802_1x_notify_create_actor(struct wpa_supplicant * wpa_s,const u8 * peer_addr)303 void * ieee802_1x_notify_create_actor(struct wpa_supplicant *wpa_s,
304 const u8 *peer_addr)
305 {
306 const u8 *sid;
307 size_t sid_len;
308 struct mka_key_name *ckn;
309 struct mka_key *cak;
310 struct mka_key *msk;
311 void *res = NULL;
312
313 if (!wpa_s->kay || wpa_s->kay->policy == DO_NOT_SECURE)
314 return NULL;
315
316 wpa_printf(MSG_DEBUG,
317 "IEEE 802.1X: External notification - Create MKA for "
318 MACSTR, MAC2STR(peer_addr));
319
320 msk = os_zalloc(sizeof(*msk));
321 ckn = os_zalloc(sizeof(*ckn));
322 cak = os_zalloc(sizeof(*cak));
323 if (!msk || !ckn || !cak)
324 goto fail;
325
326 msk->len = DEFAULT_KEY_LEN;
327 if (ieee802_1x_auth_get_msk(wpa_s, wpa_s->bssid, msk->key, &msk->len)) {
328 wpa_printf(MSG_ERROR, "IEEE 802.1X: Could not get MSK");
329 goto fail;
330 }
331
332 sid = eapol_sm_get_session_id(wpa_s->eapol, &sid_len);
333 if (!sid) {
334 wpa_printf(MSG_ERROR,
335 "IEEE 802.1X: Could not get EAP Session Id");
336 goto fail;
337 }
338
339 /* Derive CAK from MSK */
340 cak->len = DEFAULT_KEY_LEN;
341 if (ieee802_1x_cak_aes_cmac(msk->key, msk->len, wpa_s->own_addr,
342 peer_addr, cak->key, cak->len)) {
343 wpa_printf(MSG_ERROR,
344 "IEEE 802.1X: Deriving CAK failed");
345 goto fail;
346 }
347 wpa_hexdump_key(MSG_DEBUG, "Derived CAK", cak->key, cak->len);
348
349 /* Derive CKN from MSK */
350 ckn->len = DEFAULT_CKN_LEN;
351 if (ieee802_1x_ckn_aes_cmac(msk->key, msk->len, wpa_s->own_addr,
352 peer_addr, sid, sid_len, ckn->name)) {
353 wpa_printf(MSG_ERROR,
354 "IEEE 802.1X: Deriving CKN failed");
355 goto fail;
356 }
357 wpa_hexdump(MSG_DEBUG, "Derived CKN", ckn->name, ckn->len);
358
359 res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0,
360 EAP_EXCHANGE, false);
361
362 fail:
363 if (msk) {
364 os_memset(msk, 0, sizeof(*msk));
365 os_free(msk);
366 }
367 os_free(ckn);
368 if (cak) {
369 os_memset(cak, 0, sizeof(*cak));
370 os_free(cak);
371 }
372
373 return res;
374 }
375
376
ieee802_1x_create_preshared_mka(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)377 void * ieee802_1x_create_preshared_mka(struct wpa_supplicant *wpa_s,
378 struct wpa_ssid *ssid)
379 {
380 struct mka_key *cak;
381 struct mka_key_name *ckn;
382 void *res = NULL;
383
384 if ((ssid->mka_psk_set & MKA_PSK_SET) != MKA_PSK_SET)
385 goto end;
386
387 ckn = os_zalloc(sizeof(*ckn));
388 if (!ckn)
389 goto end;
390
391 cak = os_zalloc(sizeof(*cak));
392 if (!cak)
393 goto free_ckn;
394
395 if (ieee802_1x_alloc_kay_sm(wpa_s, ssid) < 0 || !wpa_s->kay)
396 goto free_cak;
397
398 if (wpa_s->kay->policy == DO_NOT_SECURE)
399 goto dealloc;
400
401 cak->len = ssid->mka_cak_len;
402 os_memcpy(cak->key, ssid->mka_cak, cak->len);
403
404 ckn->len = ssid->mka_ckn_len;
405 os_memcpy(ckn->name, ssid->mka_ckn, ckn->len);
406
407 res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0, PSK, false);
408 if (res)
409 goto free_cak;
410
411 dealloc:
412 /* Failed to create MKA */
413 ieee802_1x_dealloc_kay_sm(wpa_s);
414 free_cak:
415 os_free(cak);
416 free_ckn:
417 os_free(ckn);
418 end:
419 return res;
420 }
421