Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 1 | #ifndef EAP_PACKET_H |
| 2 | #define EAP_PACKET_H |
| 3 | |
Matt Kilgore | 2460563 | 2016-09-27 02:05:44 -0400 | [diff] [blame] | 4 | #include <linux/compiler.h> |
| 5 | |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 6 | #define WBIT(n) (1 << (n)) |
| 7 | |
| 8 | #ifndef ETH_ALEN |
| 9 | #define ETH_ALEN 6 |
| 10 | #endif |
| 11 | |
| 12 | struct ether_hdr { |
Wolfram Sang | 5d7696b | 2016-05-31 12:56:27 +0200 | [diff] [blame] | 13 | unsigned char h_dest[ETH_ALEN]; /* destination eth addr */ |
| 14 | unsigned char h_source[ETH_ALEN]; /* source ether addr */ |
| 15 | unsigned char h_dest_snap; |
| 16 | unsigned char h_source_snap; |
| 17 | unsigned char h_command; |
| 18 | unsigned char h_vendor_id[3]; |
| 19 | unsigned short h_proto; /* packet type ID field */ |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 20 | #define ETHER_PROTOCOL_TYPE_EAP 0x888e |
| 21 | #define ETHER_PROTOCOL_TYPE_IP 0x0800 |
| 22 | #define ETHER_PROTOCOL_TYPE_ARP 0x0806 |
| 23 | /* followed by length octets of data */ |
Matt Kilgore | 2460563 | 2016-09-27 02:05:44 -0400 | [diff] [blame] | 24 | } __packed; |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 25 | |
| 26 | struct ieee802_1x_hdr { |
| 27 | unsigned char version; |
| 28 | unsigned char type; |
| 29 | unsigned short length; |
| 30 | /* followed by length octets of data */ |
Matt Kilgore | 2460563 | 2016-09-27 02:05:44 -0400 | [diff] [blame] | 31 | } __packed; |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 32 | |
| 33 | #define EAPOL_VERSION 2 |
| 34 | |
| 35 | enum { IEEE802_1X_TYPE_EAP_PACKET = 0, |
Wolfram Sang | 5d7696b | 2016-05-31 12:56:27 +0200 | [diff] [blame] | 36 | IEEE802_1X_TYPE_EAPOL_START = 1, |
| 37 | IEEE802_1X_TYPE_EAPOL_LOGOFF = 2, |
| 38 | IEEE802_1X_TYPE_EAPOL_KEY = 3, |
| 39 | IEEE802_1X_TYPE_EAPOL_ENCAPSULATED_ASF_ALERT = 4 |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 40 | }; |
| 41 | |
| 42 | enum { EAPOL_KEY_TYPE_RC4 = 1, EAPOL_KEY_TYPE_RSN = 2, |
Wolfram Sang | 5d7696b | 2016-05-31 12:56:27 +0200 | [diff] [blame] | 43 | EAPOL_KEY_TYPE_WPA = 254 |
| 44 | }; |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 45 | |
| 46 | #define IEEE8021X_REPLAY_COUNTER_LEN 8 |
| 47 | #define IEEE8021X_KEY_SIGN_LEN 16 |
| 48 | #define IEEE8021X_KEY_IV_LEN 16 |
| 49 | |
| 50 | #define IEEE8021X_KEY_INDEX_FLAG 0x80 |
| 51 | #define IEEE8021X_KEY_INDEX_MASK 0x03 |
| 52 | |
| 53 | struct ieee802_1x_eapol_key { |
| 54 | unsigned char type; |
| 55 | unsigned short key_length; |
Muraru Mihaela | 6315bbd | 2016-09-29 13:09:56 +0300 | [diff] [blame] | 56 | /* |
| 57 | * does not repeat within the life of the keying material used to |
| 58 | * encrypt the Key field; 64-bit NTP timestamp MAY be used here |
| 59 | */ |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 60 | unsigned char replay_counter[IEEE8021X_REPLAY_COUNTER_LEN]; |
Wolfram Sang | 5d7696b | 2016-05-31 12:56:27 +0200 | [diff] [blame] | 61 | unsigned char key_iv[IEEE8021X_KEY_IV_LEN]; /* cryptographically random number */ |
Muraru Mihaela | 6315bbd | 2016-09-29 13:09:56 +0300 | [diff] [blame] | 62 | unsigned char key_index; /* |
| 63 | * key flag in the most significant bit: |
Wolfram Sang | 5d7696b | 2016-05-31 12:56:27 +0200 | [diff] [blame] | 64 | * 0 = broadcast (default key), |
| 65 | * 1 = unicast (key mapping key); key index is in the |
Muraru Mihaela | 6315bbd | 2016-09-29 13:09:56 +0300 | [diff] [blame] | 66 | * 7 least significant bits |
| 67 | */ |
| 68 | /* |
| 69 | * HMAC-MD5 message integrity check computed with MS-MPPE-Send-Key as |
| 70 | * the key |
| 71 | */ |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 72 | unsigned char key_signature[IEEE8021X_KEY_SIGN_LEN]; |
| 73 | |
Muraru Mihaela | 6315bbd | 2016-09-29 13:09:56 +0300 | [diff] [blame] | 74 | /* |
| 75 | * followed by key: if packet body length = 44 + key length, then the |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 76 | * key field (of key_length bytes) contains the key in encrypted form; |
| 77 | * if packet body length = 44, key field is absent and key_length |
| 78 | * represents the number of least significant octets from |
| 79 | * MS-MPPE-Send-Key attribute to be used as the keying material; |
Muraru Mihaela | 6315bbd | 2016-09-29 13:09:56 +0300 | [diff] [blame] | 80 | * RC4 key used in encryption = Key-IV + MS-MPPE-Recv-Key |
| 81 | */ |
Matt Kilgore | 2460563 | 2016-09-27 02:05:44 -0400 | [diff] [blame] | 82 | } __packed; |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 83 | |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 84 | #define WPA_NONCE_LEN 32 |
| 85 | #define WPA_REPLAY_COUNTER_LEN 8 |
| 86 | |
| 87 | struct wpa_eapol_key { |
| 88 | unsigned char type; |
Wolfram Sang | 5d7696b | 2016-05-31 12:56:27 +0200 | [diff] [blame] | 89 | unsigned short key_info; |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 90 | unsigned short key_length; |
| 91 | unsigned char replay_counter[WPA_REPLAY_COUNTER_LEN]; |
| 92 | unsigned char key_nonce[WPA_NONCE_LEN]; |
| 93 | unsigned char key_iv[16]; |
| 94 | unsigned char key_rsc[8]; |
Wolfram Sang | 5d7696b | 2016-05-31 12:56:27 +0200 | [diff] [blame] | 95 | unsigned char key_id[8]; /* Reserved in IEEE 802.11i/RSN */ |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 96 | unsigned char key_mic[16]; |
| 97 | unsigned short key_data_length; |
| 98 | /* followed by key_data_length bytes of key_data */ |
Matt Kilgore | 2460563 | 2016-09-27 02:05:44 -0400 | [diff] [blame] | 99 | } __packed; |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 100 | |
| 101 | #define WPA_KEY_INFO_TYPE_MASK (WBIT(0) | WBIT(1) | WBIT(2)) |
| 102 | #define WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 WBIT(0) |
| 103 | #define WPA_KEY_INFO_TYPE_HMAC_SHA1_AES WBIT(1) |
Wolfram Sang | 5d7696b | 2016-05-31 12:56:27 +0200 | [diff] [blame] | 104 | #define WPA_KEY_INFO_KEY_TYPE WBIT(3) /* 1 = Pairwise, 0 = Group key */ |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 105 | /* bit4..5 is used in WPA, but is reserved in IEEE 802.11i/RSN */ |
| 106 | #define WPA_KEY_INFO_KEY_INDEX_MASK (WBIT(4) | WBIT(5)) |
| 107 | #define WPA_KEY_INFO_KEY_INDEX_SHIFT 4 |
Wolfram Sang | 5d7696b | 2016-05-31 12:56:27 +0200 | [diff] [blame] | 108 | #define WPA_KEY_INFO_INSTALL WBIT(6) /* pairwise */ |
| 109 | #define WPA_KEY_INFO_TXRX WBIT(6) /* group */ |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 110 | #define WPA_KEY_INFO_ACK WBIT(7) |
| 111 | #define WPA_KEY_INFO_MIC WBIT(8) |
| 112 | #define WPA_KEY_INFO_SECURE WBIT(9) |
| 113 | #define WPA_KEY_INFO_ERROR WBIT(10) |
| 114 | #define WPA_KEY_INFO_REQUEST WBIT(11) |
Wolfram Sang | 5d7696b | 2016-05-31 12:56:27 +0200 | [diff] [blame] | 115 | #define WPA_KEY_INFO_ENCR_KEY_DATA WBIT(12) /* IEEE 802.11i/RSN only */ |
Wolfram Sang | 13a9930 | 2016-05-31 12:56:13 +0200 | [diff] [blame] | 116 | |
| 117 | #define WPA_CAPABILITY_PREAUTH WBIT(0) |
| 118 | |
| 119 | #define GENERIC_INFO_ELEM 0xdd |
| 120 | #define RSN_INFO_ELEM 0x30 |
| 121 | |
| 122 | enum { |
| 123 | REASON_UNSPECIFIED = 1, |
| 124 | REASON_DEAUTH_LEAVING = 3, |
| 125 | REASON_INVALID_IE = 13, |
| 126 | REASON_MICHAEL_MIC_FAILURE = 14, |
| 127 | REASON_4WAY_HANDSHAKE_TIMEOUT = 15, |
| 128 | REASON_GROUP_KEY_UPDATE_TIMEOUT = 16, |
| 129 | REASON_IE_IN_4WAY_DIFFERS = 17, |
| 130 | REASON_GROUP_CIPHER_NOT_VALID = 18, |
| 131 | REASON_PAIRWISE_CIPHER_NOT_VALID = 19, |
| 132 | REASON_AKMP_NOT_VALID = 20, |
| 133 | REASON_UNSUPPORTED_RSN_IE_VERSION = 21, |
| 134 | REASON_INVALID_RSN_IE_CAPAB = 22, |
| 135 | REASON_IEEE_802_1X_AUTH_FAILED = 23, |
| 136 | REASON_CIPHER_SUITE_REJECTED = 24 |
| 137 | }; |
| 138 | |
| 139 | #endif /* EAP_PACKET_H */ |