From dd10abccc86d29ee828e7548ec1c3500aa813b9e Mon Sep 17 00:00:00 2001 From: Hu Wang Date: Tue, 25 Mar 2014 21:39:02 +0200 Subject: [PATCH] MACsec: wpa_supplicant integration Add MACsec to the wpa_supplicant build system and configuration file. Signed-off-by: Jouni Malinen --- wpa_supplicant/Makefile | 13 + wpa_supplicant/config.c | 3 + wpa_supplicant/config_file.c | 3 + wpa_supplicant/config_ssid.h | 11 + wpa_supplicant/wpa_supplicant.c | 5 + wpa_supplicant/wpa_supplicant.conf | 30 ++- wpa_supplicant/wpa_supplicant_i.h | 3 + wpa_supplicant/wpas_glue.c | 3 + wpa_supplicant/wpas_kay.c | 378 +++++++++++++++++++++++++++++ wpa_supplicant/wpas_kay.h | 41 ++++ 10 files changed, 488 insertions(+), 2 deletions(-) create mode 100644 wpa_supplicant/wpas_kay.c create mode 100644 wpa_supplicant/wpas_kay.h diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile index f74d51657..48eb28a3a 100644 --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile @@ -748,6 +748,19 @@ LIBS += -ldl -rdynamic endif endif +ifdef CONFIG_MACSEC +CFLAGS += -DCONFIG_MACSEC +NEED_AES_ENCBLOCK=y +NEED_AES_UNWRAP=y +NEED_AES_WRAP=y +NEED_AES_OMAC1=y +OBJS += wpas_kay.o +OBJS += ../src/pae/ieee802_1x_cp.o +OBJS += ../src/pae/ieee802_1x_kay.o +OBJS += ../src/pae/ieee802_1x_key.o +OBJS += ../src/pae/ieee802_1x_secy_ops.o +endif + ifdef CONFIG_AP NEED_80211_COMMON=y NEED_EAP_COMMON=y diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c index 7d58c05c0..e60bc05ae 100644 --- a/wpa_supplicant/config.c +++ b/wpa_supplicant/config.c @@ -1733,6 +1733,9 @@ static const struct parse_data ssid_fields[] = { { INT(ap_max_inactivity) }, { INT(dtim_period) }, { INT(beacon_int) }, +#ifdef CONFIG_MACSEC + { INT_RANGE(macsec_policy, 0, 1) }, +#endif /* CONFIG_MACSEC */ }; #undef OFFSET diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c index 3cfe5ba93..4dc4d123d 100644 --- a/wpa_supplicant/config_file.c +++ b/wpa_supplicant/config_file.c @@ -736,6 +736,9 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) #endif /* CONFIG_P2P */ INT(dtim_period); INT(beacon_int); +#ifdef CONFIG_MACSEC + INT(macsec_policy); +#endif /* CONFIG_MACSEC */ #undef STR #undef INT diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h index 18fb65bbc..76b0632e3 100644 --- a/wpa_supplicant/config_ssid.h +++ b/wpa_supplicant/config_ssid.h @@ -636,6 +636,17 @@ struct wpa_ssid { * dereferences since it may not be updated in all cases. */ void *parent_cred; + +#ifdef CONFIG_MACSEC + /** + * macsec_policy - Determines the policy for MACsec secure session + * + * 0: MACsec not in use (default) + * 1: MACsec enabled - Should secure, accept key server's advice to + * determine whether to use a secure session or not. + */ + int macsec_policy; +#endif /* CONFIG_MACSEC */ }; #endif /* CONFIG_SSID_H */ diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index f56b198bd..8ba816b4e 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -51,6 +51,7 @@ #include "offchannel.h" #include "hs20_supplicant.h" #include "wnm_sta.h" +#include "wpas_kay.h" const char *wpa_supplicant_version = "wpa_supplicant v" VERSION_STR "\n" @@ -298,6 +299,8 @@ void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s) eapol_conf.external_sim = wpa_s->conf->external_sim; eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); #endif /* IEEE8021X_EAPOL */ + + ieee802_1x_alloc_kay_sm(wpa_s, ssid); } @@ -468,6 +471,8 @@ static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) free_hw_features(wpa_s); + ieee802_1x_dealloc_kay_sm(wpa_s); + os_free(wpa_s->bssid_filter); wpa_s->bssid_filter = NULL; diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf index 81fbdfb45..243787f83 100644 --- a/wpa_supplicant/wpa_supplicant.conf +++ b/wpa_supplicant/wpa_supplicant.conf @@ -81,6 +81,8 @@ ctrl_interface=/var/run/wpa_supplicant # to make wpa_supplicant interoperate with these APs, the version number is set # to 1 by default. This configuration value can be used to set it to the new # version (2). +# Note: When using MACsec, eapol_version shall be set to 3, which is +# defined in IEEE Std 802.1X-2010. eapol_version=1 # AP scanning/selection @@ -97,6 +99,8 @@ eapol_version=1 # non-WPA drivers when using IEEE 802.1X mode; do not try to associate with # APs (i.e., external program needs to control association). This mode must # also be used when using wired Ethernet drivers. +# Note: macsec_qca driver is one type of Ethernet driver which implements +# macsec feature. # 2: like 0, but associate with APs using security policy and SSID (but not # BSSID); this can be used, e.g., with ndiswrapper and NDIS drivers to # enable operation with hidden SSIDs and optimized roaming; in this mode, @@ -675,8 +679,16 @@ fast_reauth=1 # bit0 (1): require dynamically generated unicast WEP key # bit1 (2): require dynamically generated broadcast WEP key # (3 = require both keys; default) -# Note: When using wired authentication, eapol_flags must be set to 0 for the -# authentication to be completed successfully. +# Note: When using wired authentication (including macsec_qca driver), +# eapol_flags must be set to 0 for the authentication to be completed +# successfully. +# +# macsec_policy: IEEE 802.1X/MACsec options +# This determines how sessions are secured with MACsec. It is currently +# applicable only when using the macsec_qca driver interface. +# 0: MACsec not in use (default) +# 1: MACsec enabled - Should secure, accept key server's advice to +# determine whether to use a secure session or not. # # mixed_cell: This option can be used to configure whether so called mixed # cells, i.e., networks that use both plaintext and encryption in the same @@ -1341,3 +1353,17 @@ freq_list=5180 network={ key_mgmt=NONE } + + +# Example MACsec configuration +#network={ +# key_mgmt=IEEE8021X +# eap=TTLS +# phase2="auth=PAP" +# anonymous_identity="anonymous@example.com" +# identity="user@example.com" +# password="secretr" +# ca_cert="/etc/cert/ca.pem" +# eapol_flags=0 +# macsec_policy=1 +#} diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h index b5e137cfc..a57f962de 100644 --- a/wpa_supplicant/wpa_supplicant_i.h +++ b/wpa_supplicant/wpa_supplicant_i.h @@ -808,6 +808,9 @@ struct wpa_supplicant { u16 num_modes; u16 flags; } hw; +#ifdef CONFIG_MACSEC + struct ieee802_1x_kay *kay; +#endif /* CONFIG_MACSEC */ int pno; int pno_sched_pending; diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c index b2a330cf4..350b1229b 100644 --- a/wpa_supplicant/wpas_glue.c +++ b/wpa_supplicant/wpas_glue.c @@ -26,6 +26,7 @@ #include "bss.h" #include "scan.h" #include "notify.h" +#include "wpas_kay.h" #ifndef CONFIG_NO_CONFIG_BLOBS @@ -254,6 +255,8 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol, * authentication failure. */ wpa_supplicant_req_auth_timeout(wpa_s, 2, 0); + } else { + ieee802_1x_notify_create_actor(wpa_s, wpa_s->last_eapol_src); } if (result != EAPOL_SUPP_RESULT_SUCCESS || diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c new file mode 100644 index 000000000..354decf98 --- /dev/null +++ b/wpa_supplicant/wpas_kay.c @@ -0,0 +1,378 @@ +/* + * IEEE 802.1X-2010 KaY Interface + * Copyright (c) 2013-2014, Qualcomm Atheros, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ +#include +#include "utils/includes.h" + +#include "utils/common.h" +#include "eap_peer/eap.h" +#include "eap_peer/eap_i.h" +#include "eapol_supp/eapol_supp_sm.h" +#include "pae/ieee802_1x_key.h" +#include "pae/ieee802_1x_kay.h" +#include "wpa_supplicant_i.h" +#include "config.h" +#include "config_ssid.h" +#include "driver_i.h" +#include "wpas_kay.h" + + +#define DEFAULT_KEY_LEN 16 +/* secure Connectivity Association Key Name (CKN) */ +#define DEFAULT_CKN_LEN 16 + + +static int wpas_macsec_init(void *priv, struct macsec_init_params *params) +{ + return wpa_drv_macsec_init(priv, params); +} + + +static int wpas_macsec_deinit(void *priv) +{ + return wpa_drv_macsec_deinit(priv); +} + + +static int wpas_enable_protect_frames(void *wpa_s, Boolean enabled) +{ + return wpa_drv_enable_protect_frames(wpa_s, enabled); +} + + +static int wpas_set_replay_protect(void *wpa_s, Boolean enabled, u32 window) +{ + return wpa_drv_set_replay_protect(wpa_s, enabled, window); +} + + +static int wpas_set_current_cipher_suite(void *wpa_s, const u8 *cs, + size_t cs_len) +{ + return wpa_drv_set_current_cipher_suite(wpa_s, cs, cs_len); +} + + +static int wpas_enable_controlled_port(void *wpa_s, Boolean enabled) +{ + return wpa_drv_enable_controlled_port(wpa_s, enabled); +} + + +static int wpas_get_receive_lowest_pn(void *wpa_s, u32 channel, + u8 an, u32 *lowest_pn) +{ + return wpa_drv_get_receive_lowest_pn(wpa_s, channel, an, lowest_pn); +} + + +static int wpas_get_transmit_next_pn(void *wpa_s, u32 channel, + u8 an, u32 *next_pn) +{ + return wpa_drv_get_transmit_next_pn(wpa_s, channel, an, next_pn); +} + + +static int wpas_set_transmit_next_pn(void *wpa_s, u32 channel, + u8 an, u32 next_pn) +{ + return wpa_drv_set_transmit_next_pn(wpa_s, channel, an, next_pn); +} + + +static int wpas_get_available_receive_sc(void *wpa_s, u32 *channel) +{ + return wpa_drv_get_available_receive_sc(wpa_s, channel); +} + + +static unsigned int conf_offset_val(enum confidentiality_offset co) +{ + switch (co) { + case CONFIDENTIALITY_OFFSET_30: + return 30; + break; + case CONFIDENTIALITY_OFFSET_50: + return 50; + default: + return 0; + } +} + + +static int wpas_create_receive_sc(void *wpa_s, u32 channel, + struct ieee802_1x_mka_sci *sci, + enum validate_frames vf, + enum confidentiality_offset co) +{ + return wpa_drv_create_receive_sc(wpa_s, channel, sci->addr, sci->port, + conf_offset_val(co), vf); +} + + +static int wpas_delete_receive_sc(void *wpa_s, u32 channel) +{ + return wpa_drv_delete_receive_sc(wpa_s, channel); +} + + +static int wpas_create_receive_sa(void *wpa_s, u32 channel, u8 an, + u32 lowest_pn, const u8 *sak) +{ + return wpa_drv_create_receive_sa(wpa_s, channel, an, lowest_pn, sak); +} + + +static int wpas_enable_receive_sa(void *wpa_s, u32 channel, u8 an) +{ + return wpa_drv_enable_receive_sa(wpa_s, channel, an); +} + + +static int wpas_disable_receive_sa(void *wpa_s, u32 channel, u8 an) +{ + return wpa_drv_disable_receive_sa(wpa_s, channel, an); +} + + +static int wpas_get_available_transmit_sc(void *wpa_s, u32 *channel) +{ + return wpa_drv_get_available_transmit_sc(wpa_s, channel); +} + + +static int +wpas_create_transmit_sc(void *wpa_s, u32 channel, + const struct ieee802_1x_mka_sci *sci, + enum confidentiality_offset co) +{ + return wpa_drv_create_transmit_sc(wpa_s, channel, sci->addr, sci->port, + conf_offset_val(co)); +} + + +static int wpas_delete_transmit_sc(void *wpa_s, u32 channel) +{ + return wpa_drv_delete_transmit_sc(wpa_s, channel); +} + + +static int wpas_create_transmit_sa(void *wpa_s, u32 channel, u8 an, + u32 next_pn, Boolean confidentiality, + const u8 *sak) +{ + return wpa_drv_create_transmit_sa(wpa_s, channel, an, next_pn, + confidentiality, sak); +} + + +static int wpas_enable_transmit_sa(void *wpa_s, u32 channel, u8 an) +{ + return wpa_drv_enable_transmit_sa(wpa_s, channel, an); +} + + +static int wpas_disable_transmit_sa(void *wpa_s, u32 channel, u8 an) +{ + return wpa_drv_disable_transmit_sa(wpa_s, channel, an); +} + + +int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) +{ + struct ieee802_1x_kay_ctx *kay_ctx; + struct ieee802_1x_kay *res = NULL; + enum macsec_policy policy; + + ieee802_1x_dealloc_kay_sm(wpa_s); + + if (!ssid || ssid->macsec_policy == 0) + return 0; + + policy = ssid->macsec_policy == 1 ? SHOULD_SECURE : DO_NOT_SECURE; + + kay_ctx = os_zalloc(sizeof(*kay_ctx)); + if (!kay_ctx) + return -1; + + kay_ctx->ctx = wpa_s; + + kay_ctx->macsec_init = wpas_macsec_init; + kay_ctx->macsec_deinit = wpas_macsec_deinit; + kay_ctx->enable_protect_frames = wpas_enable_protect_frames; + kay_ctx->set_replay_protect = wpas_set_replay_protect; + kay_ctx->set_current_cipher_suite = wpas_set_current_cipher_suite; + kay_ctx->enable_controlled_port = wpas_enable_controlled_port; + kay_ctx->get_receive_lowest_pn = wpas_get_receive_lowest_pn; + kay_ctx->get_transmit_next_pn = wpas_get_transmit_next_pn; + kay_ctx->set_transmit_next_pn = wpas_set_transmit_next_pn; + kay_ctx->get_available_receive_sc = wpas_get_available_receive_sc; + kay_ctx->create_receive_sc = wpas_create_receive_sc; + kay_ctx->delete_receive_sc = wpas_delete_receive_sc; + kay_ctx->create_receive_sa = wpas_create_receive_sa; + kay_ctx->enable_receive_sa = wpas_enable_receive_sa; + kay_ctx->disable_receive_sa = wpas_disable_receive_sa; + kay_ctx->get_available_transmit_sc = wpas_get_available_transmit_sc; + kay_ctx->create_transmit_sc = wpas_create_transmit_sc; + kay_ctx->delete_transmit_sc = wpas_delete_transmit_sc; + kay_ctx->create_transmit_sa = wpas_create_transmit_sa; + kay_ctx->enable_transmit_sa = wpas_enable_transmit_sa; + kay_ctx->disable_transmit_sa = wpas_disable_transmit_sa; + + res = ieee802_1x_kay_init(kay_ctx, policy, wpa_s->ifname, + wpa_s->own_addr); + if (res == NULL) { + os_free(kay_ctx); + return -1; + } + + wpa_s->kay = res; + + return 0; +} + + +void ieee802_1x_dealloc_kay_sm(struct wpa_supplicant *wpa_s) +{ + if (!wpa_s->kay) + return; + + ieee802_1x_kay_deinit(wpa_s->kay); + wpa_s->kay = NULL; +} + + +static int ieee802_1x_auth_get_session_id(struct wpa_supplicant *wpa_s, + const u8 *addr, u8 *sid, size_t *len) +{ + const u8 *session_id; + size_t id_len, need_len; + + session_id = eapol_sm_get_session_id(wpa_s->eapol, &id_len); + if (session_id == NULL) { + wpa_printf(MSG_DEBUG, + "Failed to get SessionID from EAPOL state machines"); + return -1; + } + + need_len = 1 + 2 * SSL3_RANDOM_SIZE; + if (need_len > id_len) { + wpa_printf(MSG_DEBUG, "EAP Session-Id not long enough"); + return -1; + } + + os_memcpy(sid, session_id, need_len); + *len = need_len; + + return 0; +} + + +static int ieee802_1x_auth_get_msk(struct wpa_supplicant *wpa_s, const u8 *addr, + u8 *msk, size_t *len) +{ + u8 key[EAP_MSK_LEN]; + size_t keylen; + struct eapol_sm *sm; + int res; + + sm = wpa_s->eapol; + if (sm == NULL) + return -1; + + keylen = EAP_MSK_LEN; + res = eapol_sm_get_key(sm, key, keylen); + if (res) { + wpa_printf(MSG_DEBUG, + "Failed to get MSK from EAPOL state machines"); + return -1; + } + + if (keylen > *len) + keylen = *len; + os_memcpy(msk, key, keylen); + *len = keylen; + + return 0; +} + + +void * ieee802_1x_notify_create_actor(struct wpa_supplicant *wpa_s, + const u8 *peer_addr) +{ + u8 *sid; + size_t sid_len = 128; + struct mka_key_name *ckn; + struct mka_key *cak; + struct mka_key *msk; + void *res = NULL; + + if (!wpa_s->kay || wpa_s->kay->policy == DO_NOT_SECURE) + return NULL; + + wpa_printf(MSG_DEBUG, + "IEEE 802.1X: External notification - Create MKA for " + MACSTR, MAC2STR(peer_addr)); + + msk = os_zalloc(sizeof(*msk)); + sid = os_zalloc(sid_len); + ckn = os_zalloc(sizeof(*ckn)); + cak = os_zalloc(sizeof(*cak)); + if (!msk || !sid || !ckn || !cak) + goto fail; + + msk->len = DEFAULT_KEY_LEN; + if (ieee802_1x_auth_get_msk(wpa_s, wpa_s->bssid, msk->key, &msk->len)) { + wpa_printf(MSG_ERROR, "IEEE 802.1X: Could not get MSK"); + goto fail; + } + + if (ieee802_1x_auth_get_session_id(wpa_s, wpa_s->bssid, sid, &sid_len)) + { + wpa_printf(MSG_ERROR, + "IEEE 802.1X: Could not get EAP Session Id"); + goto fail; + } + + /* Derive CAK from MSK */ + cak->len = DEFAULT_KEY_LEN; + if (ieee802_1x_cak_128bits_aes_cmac(msk->key, wpa_s->own_addr, + peer_addr, cak->key)) { + wpa_printf(MSG_ERROR, + "IEEE 802.1X: Deriving CAK failed"); + goto fail; + } + wpa_hexdump_key(MSG_DEBUG, "Derived CAK", cak->key, cak->len); + + /* Derive CKN from MSK */ + ckn->len = DEFAULT_CKN_LEN; + if (ieee802_1x_ckn_128bits_aes_cmac(msk->key, wpa_s->own_addr, + peer_addr, sid, sid_len, + ckn->name)) { + wpa_printf(MSG_ERROR, + "IEEE 802.1X: Deriving CKN failed"); + goto fail; + } + wpa_hexdump(MSG_DEBUG, "Derived CKN", ckn->name, ckn->len); + + res = ieee802_1x_kay_create_mka(wpa_s->kay, ckn, cak, 0, + EAP_EXCHANGE, FALSE); + +fail: + if (msk) { + os_memset(msk, 0, sizeof(*msk)); + os_free(msk); + } + os_free(sid); + os_free(ckn); + if (cak) { + os_memset(cak, 0, sizeof(*cak)); + os_free(cak); + } + + return res; +} diff --git a/wpa_supplicant/wpas_kay.h b/wpa_supplicant/wpas_kay.h new file mode 100644 index 000000000..b7236d077 --- /dev/null +++ b/wpa_supplicant/wpas_kay.h @@ -0,0 +1,41 @@ +/* + * IEEE 802.1X-2010 KaY Interface + * Copyright (c) 2013-2014, Qualcomm Atheros, Inc. + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#ifndef WPAS_KAY_H +#define WPAS_KAY_H + +#ifdef CONFIG_MACSEC + +int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, + struct wpa_ssid *ssid); +void * ieee802_1x_notify_create_actor(struct wpa_supplicant *wpa_s, + const u8 *peer_addr); +void ieee802_1x_dealloc_kay_sm(struct wpa_supplicant *wpa_s); + +#else /* CONFIG_MACSEC */ + +static inline int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, + struct wpa_ssid *ssid) +{ + return 0; +} + +static inline void * +ieee802_1x_notify_create_actor(struct wpa_supplicant *wpa_s, + const u8 *peer_addr) +{ + return NULL; +} + +static inline void ieee802_1x_dealloc_kay_sm(struct wpa_supplicant *wpa_s) +{ +} + +#endif /* CONFIG_MACSEC */ + +#endif /* WPAS_KAY_H */