Sridhar Selvaraj | 8c6f5e8 | 2017-08-21 14:53:46 +0530 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright (c) 2017 The Linux Foundation. All rights reserved. |
| 3 | * |
| 4 | * Permission to use, copy, modify, and/or distribute this software for |
| 5 | * any purpose with or without fee is hereby granted, provided that the |
| 6 | * above copyright notice and this permission notice appear in all |
| 7 | * copies. |
| 8 | * |
| 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL |
| 10 | * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED |
| 11 | * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE |
| 12 | * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL |
| 13 | * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR |
| 14 | * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER |
| 15 | * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR |
| 16 | * PERFORMANCE OF THIS SOFTWARE. |
| 17 | */ |
| 18 | |
| 19 | #define FILS_EAP_TLV_MAX_DATA_LEN 255 |
| 20 | #define FILS_SHA256_128_AUTH_TAG 16 |
| 21 | #define FILS_SHA256_256_AUTH_TAG 32 |
| 22 | |
| 23 | #define FILS_SHA256_CRYPTO_TYPE "hmac(sha256)" |
| 24 | #define FILS_SHA384_CRYPTO_TYPE "hmac(sha384)" |
| 25 | |
| 26 | /* RFC 6696 */ |
| 27 | #define RMSK_LABEL "Re-authentication Master Session Key@ietf.org" |
| 28 | |
| 29 | /* 12.12.2.5.3 80211-ai draft */ |
| 30 | #define PTK_KEY_LABEL "FILS PTK Derivation" |
| 31 | #define MAX_ICK_LEN 48 |
| 32 | #define MAX_KEK_LEN 64 |
| 33 | #define MAX_TK_LEN 32 |
| 34 | #define MAX_KEY_AUTH_DATA_LEN 48 |
| 35 | #define MAX_GTK_LEN 255 |
| 36 | #define MAX_IGTK_LEN 255 |
| 37 | |
| 38 | #define IPN_LEN 6 |
| 39 | #define FILS_SESSION_LENGTH 8 |
| 40 | #define FILS_MAX_KDE_LIST_LEN 255 |
| 41 | |
| 42 | /* 12.12.2.5.3 80211-ai draft */ |
| 43 | #define FILS_SHA384_KEK_LEN 64 |
| 44 | #define FILS_SHA256_KEK_LEN 32 |
| 45 | |
| 46 | /* 12.12.2.5.3 80211-ai draft */ |
| 47 | #define FILS_SHA256_ICK_LEN 32 |
| 48 | #define FILS_SHA384_ICK_LEN 48 |
| 49 | |
| 50 | #define TK_LEN_TKIP 32 |
| 51 | #define TK_LEN_CCMP 16 |
| 52 | #define TK_LEN_AES_128_CMAC 32 |
| 53 | |
| 54 | #define FILS_SHA256_PKM_LEN 32 |
| 55 | #define FILS_SHA384_PKM_LEN 48 |
| 56 | |
| 57 | #define PMKID_LEN 16 |
| 58 | |
| 59 | #define MAX_PRF_INTERATIONS_COUNT 255 |
| 60 | |
| 61 | /* 9.4.2.180 FILS Session element */ |
| 62 | #define SIR_FILS_SESSION_LENGTH 8 |
| 63 | #define SIR_FILS_SESSION_EXT_EID 4 |
| 64 | |
| 65 | /* 9.4.2.190 FILS Nonce element */ |
| 66 | #define SIR_FILS_NONCE_LENGTH 16 |
| 67 | #define SIR_FILS_NONCE_EXT_EID 13 |
| 68 | |
| 69 | /*9.4.2.188 FILS Wrapped Data element */ |
| 70 | #define SIR_FILS_WRAPPED_DATA_MAX_SIZE 255 |
| 71 | #define SIR_FILS_WRAPPED_DATA_EXT_EID 8 |
| 72 | |
| 73 | #define MAX_IE_LENGTH 255 |
| 74 | |
| 75 | /* RFC 6696 5.3.1: EAP-Initiate/Re-auth-Start Packet */ |
| 76 | #define SIR_FILS_EAP_REAUTH_PACKET_TYPE 1 |
| 77 | #define SIR_FILS_EAP_INIT_PACKET_TYPE 2 |
| 78 | |
| 79 | #define FILS_AUTH_TAG_MAX_LENGTH 32 |
| 80 | |
| 81 | #define SIR_FILS_OPTIONAL_DATA_LEN 3 |
| 82 | /* RFC 6696 4.3: RiK deriavtion */ |
| 83 | #define SIR_FILS_RIK_LABEL "Re-authentication Integrity Key@ietf.org" |
| 84 | |
| 85 | /* RFC 6696 5.3.1: EAP-Initiate/Re-auth-Start Packet */ |
| 86 | #define SIR_FILS_EAP_TLV_KEYNAME_NAI 1 |
| 87 | #define SIR_FILS_EAP_TLV_R_RK_LIFETIME 2 |
| 88 | #define SIR_FILS_EAP_TLV_R_MSK_LIFETIME 3 |
| 89 | #define SIR_FILS_EAP_TLV_DOMAIN_NAME 4 |
| 90 | #define SIR_FILS_EAP_TLV_CRYPTO_LIST 5 |
| 91 | #define SIR_FILS_EAP_TLV_AUTH_INDICATION 6 |
| 92 | |
| 93 | /* |
| 94 | * struct eap_auth_reserved: this structure defines flags format in eap packets |
| 95 | * as defined in RFC 6696 5.3.1 |
| 96 | * flag_r: |
| 97 | * flag_b: |
| 98 | * flag_l: |
| 99 | */ |
| 100 | struct eap_auth_reserved { |
| 101 | uint8_t flag_r:1; |
| 102 | uint8_t flag_b:1; |
| 103 | uint8_t flag_l:1; |
| 104 | uint8_t reverved:5; |
| 105 | }; |
| 106 | |
| 107 | /* |
| 108 | * enum fils_erp_cryptosuite: this enum defines the cryptosuites used |
| 109 | * to calculate auth tag and auth tag length as defined by RFC 6696 5.3.1 |
| 110 | * @HMAC_SHA256_64: sha256 with auth tag len as 64 bits |
| 111 | * @HMAC_SHA256_128: sha256 with auth tag len as 128 bits |
| 112 | * @HMAC_SHA256_256: sha256 with auth tag len as 256 bits |
| 113 | */ |
| 114 | enum fils_erp_cryptosuite { |
| 115 | INVALID_CRYPTO = 0, /* reserved */ |
| 116 | HMAC_SHA256_64, |
| 117 | HMAC_SHA256_128, |
| 118 | HMAC_SHA256_256, |
| 119 | }; |
| 120 | |
| 121 | /* |
| 122 | * struct fils_eap_tlv: this structure defines the eap header |
| 123 | * for eap packet present in warpped data element IE |
| 124 | * @type: type of packet |
| 125 | * @length: length of packet |
| 126 | * @data: pointer to eap data |
| 127 | */ |
| 128 | struct fils_eap_tlv { |
| 129 | uint8_t type; |
| 130 | uint8_t length; |
| 131 | uint8_t data[FILS_EAP_TLV_MAX_DATA_LEN]; |
| 132 | }; |
| 133 | |
| 134 | /* struct fils_auth_rsp_info: this structure saves the info from |
| 135 | * fils auth response. |
| 136 | * @keyname: pointer to keyname nai |
| 137 | * @keylength: keyname nai length |
| 138 | * @domain_name: pointer to domain name |
| 139 | * @domain_len: domain length |
| 140 | * @r_rk_lifetime: rRk lifetime |
| 141 | * @r_msk_lifetime: RMSK lifetime |
| 142 | * @sequence: sequence number to be validated |
| 143 | * @fils_nonce: anonce |
| 144 | * @assoc_delay: time in ms, DUT needs to wait after association req |
| 145 | */ |
| 146 | struct fils_auth_rsp_info { |
| 147 | uint8_t *keyname; |
| 148 | uint8_t keylength; |
| 149 | uint8_t *domain_name; |
| 150 | uint8_t domain_len; |
| 151 | uint32_t r_rk_lifetime; |
| 152 | uint32_t r_msk_lifetime; |
| 153 | uint16_t sequence; |
| 154 | uint8_t fils_nonce[SIR_FILS_NONCE_LENGTH]; |
| 155 | uint8_t assoc_delay; |
| 156 | }; |
| 157 | |
| 158 | /* |
| 159 | * struct pe_fils_session: fils session info used in PE session |
| 160 | * @is_fils_connection: whether connection is fils or not |
| 161 | * @keyname_nai_data: keyname nai data |
| 162 | * @keyname_nai_length: keyname nai length |
| 163 | * @akm: akm type will be used |
| 164 | * @auth: authentication type |
| 165 | * @cipher: cipher type |
| 166 | * @fils_erp_reauth_pkt: pointer to fils reauth packet data |
| 167 | * @fils_erp_reauth_pkt_len: reauth packet length |
| 168 | * @fils_r_rk: pointer to fils rRk |
| 169 | * @fils_r_rk_len: fils rRk length |
| 170 | * @fils_r_ik: pointer to fils rIk |
| 171 | * @fils_r_ik_len: fils rIk length |
| 172 | * @sequence_number: sequence number needs to be used in eap packet |
| 173 | * @fils_session: fils session IE element |
| 174 | * @fils_nonce: fils snonce |
| 175 | * @rsn_ie: rsn ie used in auth request |
| 176 | * @rsn_ie_len: rsn ie length |
| 177 | * @fils_eap_finish_pkt: pointer to eap finish packet |
| 178 | * @fils_eap_finish_pkt_len: eap finish packet length |
| 179 | * @fils_rmsk: rmsk data pointer |
| 180 | * @fils_rmsk_len: rmsk data length |
| 181 | * @fils_pmk: pointer to pmk data |
| 182 | * @fils_pmk_len: pmk length |
| 183 | * @fils_pmkid: pointer to pmkid derived |
| 184 | * @auth_info: data obtained from auth response |
| 185 | * @ick: pointer to ick |
| 186 | * @ick_len: ick length |
| 187 | * @kek: pointer to kek |
| 188 | * @kek_len: kek length |
| 189 | * @tk: pointer to tk |
| 190 | * @tk_len: tk length |
| 191 | * @key_auth: data needs to be sent in assoc req, will be validated by AP |
| 192 | * @key_auth_len: key auth data length |
| 193 | * @ap_key_auth_data: data needs to be validated in assoc rsp |
| 194 | * @ap_key_auth_len: ap key data length |
| 195 | * @gtk_len: gtk key length |
| 196 | * @gtk: pointer to gtk data |
| 197 | * @rsc: rsc value |
| 198 | * @igtk_len: igtk length |
| 199 | * @igtk: igtk data pointer |
| 200 | * @ipn: pointer to ipn data |
| 201 | */ |
| 202 | struct pe_fils_session { |
| 203 | bool is_fils_connection; |
| 204 | uint8_t *keyname_nai_data; |
| 205 | uint8_t keyname_nai_length; |
| 206 | uint8_t akm; |
| 207 | uint8_t auth; |
| 208 | uint8_t cipher; |
| 209 | uint8_t *fils_erp_reauth_pkt; |
| 210 | uint32_t fils_erp_reauth_pkt_len; |
| 211 | uint8_t *fils_r_rk; |
| 212 | uint8_t fils_r_rk_len; |
| 213 | uint8_t *fils_r_ik; |
| 214 | uint32_t fils_r_ik_len; |
| 215 | uint16_t sequence_number; |
| 216 | uint8_t fils_session[SIR_FILS_SESSION_LENGTH]; |
| 217 | uint8_t fils_nonce[SIR_FILS_NONCE_LENGTH]; |
| 218 | uint8_t rsn_ie[MAX_IE_LENGTH]; |
| 219 | uint8_t rsn_ie_len; |
| 220 | uint8_t *fils_eap_finish_pkt; |
| 221 | uint8_t fils_eap_finish_pkt_len; |
| 222 | uint8_t *fils_rmsk; |
| 223 | uint8_t fils_rmsk_len; |
| 224 | uint8_t *fils_pmk; |
| 225 | uint8_t fils_pmk_len; |
| 226 | uint8_t fils_pmkid[PMKID_LEN]; |
| 227 | struct fils_auth_rsp_info auth_info; |
| 228 | uint8_t ick[MAX_ICK_LEN]; |
| 229 | uint8_t ick_len; |
| 230 | uint8_t kek[MAX_KEK_LEN]; |
| 231 | uint8_t kek_len; |
| 232 | uint8_t tk[MAX_TK_LEN]; |
| 233 | uint8_t tk_len; |
| 234 | uint8_t key_auth[MAX_KEY_AUTH_DATA_LEN]; |
| 235 | uint8_t key_auth_len; |
| 236 | uint8_t ap_key_auth_data[MAX_KEY_AUTH_DATA_LEN]; |
| 237 | uint8_t ap_key_auth_len; |
| 238 | uint8_t gtk_len; |
| 239 | uint8_t gtk[MAX_GTK_LEN]; |
| 240 | uint8_t rsc; |
| 241 | uint8_t igtk_len; |
| 242 | uint8_t igtk[MAX_IGTK_LEN]; |
| 243 | uint8_t ipn[IPN_LEN]; |
| 244 | }; |