Cumulative patch from commit f4626235de4b6d19c7399a2522241f7c43e0caf6
f462623 EAP-pwd server: Allow fragment_size to be configured
c876dcd EAP-IKEv2: Allow frag ack without integrity checksum
0f73c64 EAP-pwd: Fix processing of group setup failure
13e2574 EAP-pwd peer: Export Session-Id through getSessionId callback
cfdb32e eapol_test: Check EAP-Key-Name
251c53e RADIUS: Define EAP-Key-Name
04cad50 EAP-SIM peer: Fix counter-too-small message building
270c9a4 Interworking: Allow FT to be used for connection
81ed499 Remove duplicated ibss_rsn_deinit() call
144f104 X.509: Fix v3 parsing with issuerUniqueID/subjectUniqueID present
0f1034e P2P: Refrain from performing extended listen during P2P connection
8d0dd4e Add macsec_qca driver wrapper
dd10abc MACsec: wpa_supplicant integration
887d9d0 MACsec: Add PAE implementation
7baec80 MACsec: Add driver_ops
4e9528c MACsec: Add common IEEE 802.1X definitions
3bcfab8 MACsec: Add define for EAPOL type MKA
0836c04 MACsec: Allow EAPOL version 3 to be configured
49be483 Add function to fetch EAP Session-Id from EAPOL supplicant
ea40a57 nl80211: Use max associated STAs information in AP mode
Change-Id: I0e37a10ca58d0dc1be95a0088d6a4c37b2505ad4
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c
new file mode 100644
index 0000000..354decf
--- /dev/null
+++ b/wpa_supplicant/wpas_kay.c
@@ -0,0 +1,378 @@
+/*
+ * IEEE 802.1X-2010 KaY Interface
+ * Copyright (c) 2013-2014, Qualcomm Atheros, Inc.
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+#include <openssl/ssl.h>
+#include "utils/includes.h"
+
+#include "utils/common.h"
+#include "eap_peer/eap.h"
+#include "eap_peer/eap_i.h"
+#include "eapol_supp/eapol_supp_sm.h"
+#include "pae/ieee802_1x_key.h"
+#include "pae/ieee802_1x_kay.h"
+#include "wpa_supplicant_i.h"
+#include "config.h"
+#include "config_ssid.h"
+#include "driver_i.h"
+#include "wpas_kay.h"
+
+
+#define DEFAULT_KEY_LEN 16
+/* secure Connectivity Association Key Name (CKN) */
+#define DEFAULT_CKN_LEN 16
+
+
+static int wpas_macsec_init(void *priv, struct macsec_init_params *params)
+{
+ return wpa_drv_macsec_init(priv, params);
+}
+
+
+static int wpas_macsec_deinit(void *priv)
+{
+ return wpa_drv_macsec_deinit(priv);
+}
+
+
+static int wpas_enable_protect_frames(void *wpa_s, Boolean enabled)
+{
+ return wpa_drv_enable_protect_frames(wpa_s, enabled);
+}
+
+
+static int wpas_set_replay_protect(void *wpa_s, Boolean enabled, u32 window)
+{
+ return wpa_drv_set_replay_protect(wpa_s, enabled, window);
+}
+
+
+static int wpas_set_current_cipher_suite(void *wpa_s, const u8 *cs,
+ size_t cs_len)
+{
+ return wpa_drv_set_current_cipher_suite(wpa_s, cs, cs_len);
+}
+
+
+static int wpas_enable_controlled_port(void *wpa_s, Boolean enabled)
+{
+ return wpa_drv_enable_controlled_port(wpa_s, enabled);
+}
+
+
+static int wpas_get_receive_lowest_pn(void *wpa_s, u32 channel,
+ u8 an, u32 *lowest_pn)
+{
+ return wpa_drv_get_receive_lowest_pn(wpa_s, channel, an, lowest_pn);
+}
+
+
+static int wpas_get_transmit_next_pn(void *wpa_s, u32 channel,
+ u8 an, u32 *next_pn)
+{
+ return wpa_drv_get_transmit_next_pn(wpa_s, channel, an, next_pn);
+}
+
+
+static int wpas_set_transmit_next_pn(void *wpa_s, u32 channel,
+ u8 an, u32 next_pn)
+{
+ return wpa_drv_set_transmit_next_pn(wpa_s, channel, an, next_pn);
+}
+
+
+static int wpas_get_available_receive_sc(void *wpa_s, u32 *channel)
+{
+ return wpa_drv_get_available_receive_sc(wpa_s, channel);
+}
+
+
+static unsigned int conf_offset_val(enum confidentiality_offset co)
+{
+ switch (co) {
+ case CONFIDENTIALITY_OFFSET_30:
+ return 30;
+ break;
+ case CONFIDENTIALITY_OFFSET_50:
+ return 50;
+ default:
+ return 0;
+ }
+}
+
+
+static int wpas_create_receive_sc(void *wpa_s, u32 channel,
+ struct ieee802_1x_mka_sci *sci,
+ enum validate_frames vf,
+ enum confidentiality_offset co)
+{
+ return wpa_drv_create_receive_sc(wpa_s, channel, sci->addr, sci->port,
+ conf_offset_val(co), vf);
+}
+
+
+static int wpas_delete_receive_sc(void *wpa_s, u32 channel)
+{
+ return wpa_drv_delete_receive_sc(wpa_s, channel);
+}
+
+
+static int wpas_create_receive_sa(void *wpa_s, u32 channel, u8 an,
+ u32 lowest_pn, const u8 *sak)
+{
+ return wpa_drv_create_receive_sa(wpa_s, channel, an, lowest_pn, sak);
+}
+
+
+static int wpas_enable_receive_sa(void *wpa_s, u32 channel, u8 an)
+{
+ return wpa_drv_enable_receive_sa(wpa_s, channel, an);
+}
+
+
+static int wpas_disable_receive_sa(void *wpa_s, u32 channel, u8 an)
+{
+ return wpa_drv_disable_receive_sa(wpa_s, channel, an);
+}
+
+
+static int wpas_get_available_transmit_sc(void *wpa_s, u32 *channel)
+{
+ return wpa_drv_get_available_transmit_sc(wpa_s, channel);
+}
+
+
+static int
+wpas_create_transmit_sc(void *wpa_s, u32 channel,
+ const struct ieee802_1x_mka_sci *sci,
+ enum confidentiality_offset co)
+{
+ return wpa_drv_create_transmit_sc(wpa_s, channel, sci->addr, sci->port,
+ conf_offset_val(co));
+}
+
+
+static int wpas_delete_transmit_sc(void *wpa_s, u32 channel)
+{
+ return wpa_drv_delete_transmit_sc(wpa_s, channel);
+}
+
+
+static int wpas_create_transmit_sa(void *wpa_s, u32 channel, u8 an,
+ u32 next_pn, Boolean confidentiality,
+ const u8 *sak)
+{
+ return wpa_drv_create_transmit_sa(wpa_s, channel, an, next_pn,
+ confidentiality, sak);
+}
+
+
+static int wpas_enable_transmit_sa(void *wpa_s, u32 channel, u8 an)
+{
+ return wpa_drv_enable_transmit_sa(wpa_s, channel, an);
+}
+
+
+static int wpas_disable_transmit_sa(void *wpa_s, u32 channel, u8 an)
+{
+ return wpa_drv_disable_transmit_sa(wpa_s, channel, an);
+}
+
+
+int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
+{
+ struct ieee802_1x_kay_ctx *kay_ctx;
+ struct ieee802_1x_kay *res = NULL;
+ enum macsec_policy policy;
+
+ ieee802_1x_dealloc_kay_sm(wpa_s);
+
+ if (!ssid || ssid->macsec_policy == 0)
+ return 0;
+
+ policy = ssid->macsec_policy == 1 ? SHOULD_SECURE : DO_NOT_SECURE;
+
+ kay_ctx = os_zalloc(sizeof(*kay_ctx));
+ if (!kay_ctx)
+ return -1;
+
+ kay_ctx->ctx = wpa_s;
+
+ kay_ctx->macsec_init = wpas_macsec_init;
+ kay_ctx->macsec_deinit = wpas_macsec_deinit;
+ kay_ctx->enable_protect_frames = wpas_enable_protect_frames;
+ kay_ctx->set_replay_protect = wpas_set_replay_protect;
+ kay_ctx->set_current_cipher_suite = wpas_set_current_cipher_suite;
+ kay_ctx->enable_controlled_port = wpas_enable_controlled_port;
+ kay_ctx->get_receive_lowest_pn = wpas_get_receive_lowest_pn;
+ kay_ctx->get_transmit_next_pn = wpas_get_transmit_next_pn;
+ kay_ctx->set_transmit_next_pn = wpas_set_transmit_next_pn;
+ kay_ctx->get_available_receive_sc = wpas_get_available_receive_sc;
+ kay_ctx->create_receive_sc = wpas_create_receive_sc;
+ kay_ctx->delete_receive_sc = wpas_delete_receive_sc;
+ kay_ctx->create_receive_sa = wpas_create_receive_sa;
+ kay_ctx->enable_receive_sa = wpas_enable_receive_sa;
+ kay_ctx->disable_receive_sa = wpas_disable_receive_sa;
+ kay_ctx->get_available_transmit_sc = wpas_get_available_transmit_sc;
+ kay_ctx->create_transmit_sc = wpas_create_transmit_sc;
+ kay_ctx->delete_transmit_sc = wpas_delete_transmit_sc;
+ kay_ctx->create_transmit_sa = wpas_create_transmit_sa;
+ kay_ctx->enable_transmit_sa = wpas_enable_transmit_sa;
+ kay_ctx->disable_transmit_sa = wpas_disable_transmit_sa;
+
+ res = ieee802_1x_kay_init(kay_ctx, policy, wpa_s->ifname,
+ wpa_s->own_addr);
+ if (res == NULL) {
+ os_free(kay_ctx);
+ return -1;
+ }
+
+ wpa_s->kay = res;
+
+ return 0;
+}
+
+
+void ieee802_1x_dealloc_kay_sm(struct wpa_supplicant *wpa_s)
+{
+ if (!wpa_s->kay)
+ return;
+
+ ieee802_1x_kay_deinit(wpa_s->kay);
+ wpa_s->kay = NULL;
+}
+
+
+static int ieee802_1x_auth_get_session_id(struct wpa_supplicant *wpa_s,
+ const u8 *addr, u8 *sid, size_t *len)
+{
+ const u8 *session_id;
+ size_t id_len, need_len;
+
+ session_id = eapol_sm_get_session_id(wpa_s->eapol, &id_len);
+ if (session_id == NULL) {
+ wpa_printf(MSG_DEBUG,
+ "Failed to get SessionID from EAPOL state machines");
+ return -1;
+ }
+
+ need_len = 1 + 2 * SSL3_RANDOM_SIZE;
+ if (need_len > id_len) {
+ wpa_printf(MSG_DEBUG, "EAP Session-Id not long enough");
+ return -1;
+ }
+
+ os_memcpy(sid, session_id, need_len);
+ *len = need_len;
+
+ return 0;
+}
+
+
+static int ieee802_1x_auth_get_msk(struct wpa_supplicant *wpa_s, const u8 *addr,
+ u8 *msk, size_t *len)
+{
+ u8 key[EAP_MSK_LEN];
+ size_t keylen;
+ struct eapol_sm *sm;
+ int res;
+
+ sm = wpa_s->eapol;
+ if (sm == NULL)
+ return -1;
+
+ keylen = EAP_MSK_LEN;
+ res = eapol_sm_get_key(sm, key, keylen);
+ if (res) {
+ wpa_printf(MSG_DEBUG,
+ "Failed to get MSK from EAPOL state machines");
+ return -1;
+ }
+
+ if (keylen > *len)
+ keylen = *len;
+ os_memcpy(msk, key, keylen);
+ *len = keylen;
+
+ return 0;
+}
+
+
+void * ieee802_1x_notify_create_actor(struct wpa_supplicant *wpa_s,
+ const u8 *peer_addr)
+{
+ u8 *sid;
+ size_t sid_len = 128;
+ struct mka_key_name *ckn;
+ struct mka_key *cak;
+ struct mka_key *msk;
+ void *res = NULL;
+
+ if (!wpa_s->kay || wpa_s->kay->policy == DO_NOT_SECURE)
+ return NULL;
+
+ wpa_printf(MSG_DEBUG,
+ "IEEE 802.1X: External notification - Create MKA for "
+ MACSTR, MAC2STR(peer_addr));
+
+ msk = os_zalloc(sizeof(*msk));
+ sid = os_zalloc(sid_len);
+ ckn = os_zalloc(sizeof(*ckn));
+ cak = os_zalloc(sizeof(*cak));
+ if (!msk || !sid || !ckn || !cak)
+ goto fail;
+
+ msk->len = DEFAULT_KEY_LEN;
+ if (ieee802_1x_auth_get_msk(wpa_s, wpa_s->bssid, msk->key, &msk->len)) {
+ wpa_printf(MSG_ERROR, "IEEE 802.1X: Could not get MSK");
+ goto fail;
+ }
+
+ if (ieee802_1x_auth_get_session_id(wpa_s, wpa_s->bssid, sid, &sid_len))
+ {
+ wpa_printf(MSG_ERROR,
+ "IEEE 802.1X: Could not get EAP Session Id");
+ goto fail;
+ }
+
+ /* Derive CAK from MSK */
+ cak->len = DEFAULT_KEY_LEN;
+ if (ieee802_1x_cak_128bits_aes_cmac(msk->key, wpa_s->own_addr,
+ peer_addr, cak->key)) {
+ wpa_printf(MSG_ERROR,
+ "IEEE 802.1X: Deriving CAK failed");
+ goto fail;
+ }
+ wpa_hexdump_key(MSG_DEBUG, "Derived CAK", cak->key, cak->len);
+
+ /* Derive CKN from MSK */
+ ckn->len = DEFAULT_CKN_LEN;
+ if (ieee802_1x_ckn_128bits_aes_cmac(msk->key, wpa_s->own_addr,
+ peer_addr, sid, sid_len,
+ ckn->name)) {
+ wpa_printf(MSG_ERROR,
+ "IEEE 802.1X: Deriving CKN failed");
+ goto fail;
+ }
+ wpa_hexdump(MSG_DEBUG, "Derived CKN", ckn->name, ckn->len);
+
+ res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0,
+ EAP_EXCHANGE, FALSE);
+
+fail:
+ if (msk) {
+ os_memset(msk, 0, sizeof(*msk));
+ os_free(msk);
+ }
+ os_free(sid);
+ os_free(ckn);
+ if (cak) {
+ os_memset(cak, 0, sizeof(*cak));
+ os_free(cak);
+ }
+
+ return res;
+}