1 /* 2 * Copyright (c) 2020 HiSilicon (Shanghai) Technologies CO., LIMITED. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 * Description: WAPI Implementation 15 */ 16 #ifndef WAPI_H 17 #define WAPI_H 18 19 #include "wpa_supplicant_i.h" 20 #include "utils/eloop.h" 21 22 #define ETH_TYPE_WAI 0x88B4 23 24 #define WAI_VERSION 1 25 #define WAI_TYPE 1 26 27 #define WAI_FLAG_BK_UPDATE BIT(0) 28 #define WAI_FLAG_PRE_AUTH BIT(1) 29 #define WAI_FLAG_CERT_REQ BIT(2) 30 #define WAI_FLAG_OPT_FIELD BIT(3) 31 #define WAI_FLAG_USK_UPDATE BIT(4) 32 #define WAI_FLAG_STAKEY_NEG BIT(5) 33 #define WAI_FLAG_STAKEY_DEL BIT(6) 34 #define WAI_FLAG_RESERVED BIT(7) 35 36 #define MAX_KEYDATA_SIZE 256 37 #define WAI_AUTH_ID_SIZE 32 38 #define WAI_FLAG_SIZE 1 39 #define WAI_CHALLENGE_SIZE 32 40 #define WAI_KEY_LENGTH_SIZE 1 41 #define WAI_BKID_SIZE 16 42 #define WAI_BK_SIZE 16 43 #define WAI_ADDID_SIZE 12 44 #define WAI_USKID_SIZE 1 45 #define WAI_MSKID_SIZE 1 46 #define WAI_USK_PN_IV_SIZE 16 47 #define WAI_MSK_ANNO_IV_SIZE 16 48 #define WAI_DATA_SERIAL_NUMBER 16 49 #define WAI_MIC_SIZE 20 50 #define WAI_UEK_UCK_SIZE 32 51 #define WAI_MAK_SIZE 16 52 #define WAI_KEK_SIZE 16 53 #define WAI_MSK_SIZE 32 54 #define WAI_NMK_SIZE 16 55 #define WAI_MAX_TX_COUNT 3 56 #define WAI_USKSA_CNT 2 57 #define WAI_PRE_PSK_SIZE 128 /* HEX key type will be 64 * 2 */ 58 59 #define WAPI_IE_ID 0x44 60 #define WAPI_IE_ID_SIZE 1 61 #define WAPI_IE_LENGTH_SIZE 1 62 #define WAPI_IE_VERSION_SIZE 2 63 #define WAPI_IE_OUI_SIZE 3 64 #define WAPI_IE_AKM_CNT_LEN 2 65 #define WAPI_IE_AKM_SUIT_LEN 1 66 #define WAPI_IE_AKM_SUIT_PSK 0x00147202 67 #define WAPI_IE_CIPHER_CNT_LEN 2 68 #define WAPI_IE_CIPHER_SUIT_LEN 1 69 #define WAPI_IE_MIN_SIZE 16 70 #define WAPI_IE_MAX_SIZE 255 71 #define WAI_USK_DERIVATION_SIZE 96 72 73 #define WAI_AUTH_TIMEOUT 10 /* unit: s */ 74 75 #define WAPI_SUCCESS 0 76 #define WAPI_FAILED (-1) 77 78 #ifndef ETH_ALEN 79 #define ETH_ALEN 6 80 #endif 81 82 typedef enum { 83 KEYSLOT_ENGINE_AES = 0, 84 KEYSLOT_ENGINE_SM4, 85 KEYSLOT_ENGINE_HMAC_SHA1, 86 KEYSLOT_ENGINE_HMAC_SHA256, 87 KEYSLOT_ENGINE_HMAC_SHA384, 88 KEYSLOT_ENGINE_HMAC_SHA512, 89 KEYSLOT_ENGINE_HMAC_SM3, 90 91 /* content key. */ 92 KEYSLOT_ENGINE_AES_ABRK1_REE, 93 } keyslot_engine; 94 95 /** Type of operation. */ 96 typedef enum { 97 WAI_OPERATION_NONE = -1, 98 WAI_DECRYPT = 0, 99 WAI_ENCRYPT, 100 } wai_operation_t; 101 102 typedef enum { 103 WAISM_INIT = 0, 104 WAISM_ALREADY_ASSOC, 105 WAISM_USKNEG_RES, 106 WAISM_USKNEG_CONFIRM, 107 WAISM_FINSHED 108 } wai_state_enum; 109 110 typedef enum _wai_frame_enum { 111 WAI_PREAUTH_START = 1, 112 WAI_STAKEY_REQUEST = 2, 113 WAI_AUTH_ACTIVE = 3, 114 WAI_ACCESS_AUTH_REQUEST = 4, 115 WAI_ACCESS_AUTH_RESPONSE = 5, 116 WAI_CERT_AUTH_REQUEST = 6, 117 WAI_CERT_AUTH_RESPONSE = 7, 118 WAI_USK_NEGOTIATION_REQUEST = 8, 119 WAI_USK_NEGOTIATION_RESPONSE = 9, 120 WAI_USK_NEGOTIATION_CONFIRM = 10, 121 WAI_MSK_ANNOUNCEMENT = 11, 122 WAI_MSK_ANNOUNCEMENT_RESPONSE = 12, 123 WAI_SUBTYPE_MAX = 13 124 } wai_frame_enum; 125 126 struct wpa_supplicant; 127 struct l2_packet_data; 128 struct wpabuf; 129 struct wpa_ie_data; 130 struct wpa_bss; 131 struct wpa_driver_associate_params; 132 133 typedef int (*wai_dispose_func)(struct wpa_supplicant *wpa, 134 const unsigned char *payload, unsigned int payload_len); 135 136 typedef struct wai_sm_hdl { 137 unsigned char msgid; 138 wai_dispose_func handler; 139 } wai_sm_hdl_stru; 140 141 /* BKSA struct */ 142 typedef struct wapi_bksa { 143 unsigned char bkid[WAI_BKID_SIZE]; 144 unsigned char bk[WAI_BK_SIZE]; 145 unsigned char ae_mac[ETH_ALEN]; 146 unsigned char asue_mac[ETH_ALEN]; 147 } wapi_bksa_stru; 148 149 typedef struct wapi_usk { 150 unsigned char uek_uck[WAI_UEK_UCK_SIZE]; 151 unsigned char mak[WAI_MAK_SIZE]; 152 unsigned char kek[WAI_KEK_SIZE]; 153 } wapi_usk_stru; 154 155 /* USKSA struct */ 156 typedef struct wapi_usksa { 157 unsigned char uskid; 158 wapi_usk_stru usk; 159 } wapi_usksa_stru; 160 161 /* MSKSA struct */ 162 typedef struct wapi_msksa { 163 unsigned char mskid; 164 unsigned char msk_seq_pn[WAI_DATA_SERIAL_NUMBER]; 165 unsigned char msk_anno_iv[WAI_MSK_ANNO_IV_SIZE]; 166 } wapi_msksa_stru; 167 168 typedef struct wapi_cipher_suite { 169 int wpa_alg_type; 170 int wpa_cipher_flag; 171 int wai_cipher_type; 172 int (*wai_decrypt_cb)(const unsigned char *iv, unsigned int ivlen, 173 const unsigned char *key, unsigned int keylen, 174 const unsigned char *input, unsigned int inlen, 175 unsigned char *output, unsigned int *outlen); 176 } wapi_cipher_suite_stru; 177 178 typedef enum _auth_type_enum { 179 AUTH_TYPE_NONE_WAPI = 0, /* no WAPI */ 180 AUTH_TYPE_WAPI_CERT, /* Certificate */ 181 AUTH_TYPE_WAPI_PSK /* Pre-PSK */ 182 } auth_type_enum; 183 184 typedef enum _cipher_type_enum { 185 CIPHER_TYPE_NONE = 0, /* resv */ 186 CIPHER_TYPE_SM4_OFB, /* SM4 OFB mode */ 187 CIPHER_TYPE_MAX, 188 } cipher_type_enum; 189 190 typedef enum { 191 CONN_ASSOC = 0, 192 CONN_DISASSOC 193 } conn_status_enum; 194 195 struct wapi_asue_struct { 196 struct wpa_supplicant *wpa; 197 struct l2_packet_data *wapi_l2; 198 struct wpabuf *tx_framebuf; 199 unsigned int tx_count; 200 201 const wapi_cipher_suite_stru *ucast_cipher_suite; 202 const wapi_cipher_suite_stru *mcast_cipher_suite; 203 204 wai_state_enum state; 205 auth_type_enum auth_type; 206 207 unsigned short next_frame_seq; 208 unsigned short tx_frame_seq; 209 unsigned char wai_flag; 210 211 unsigned char own_mac[ETH_ALEN]; 212 unsigned char bssid[ETH_ALEN]; 213 unsigned char addid[WAI_ADDID_SIZE]; /* ADDID( MAC || MAC ) */ 214 unsigned char asue_nonce[WAI_CHALLENGE_SIZE]; 215 unsigned char ae_next_nonce[WAI_CHALLENGE_SIZE]; 216 unsigned char bk[WAI_BK_SIZE]; 217 218 wapi_bksa_stru bksa; 219 wapi_usksa_stru usksa; 220 wapi_msksa_stru msksa; 221 222 unsigned char wapi_ie[WAPI_IE_MAX_SIZE]; 223 size_t wapi_ie_len; 224 unsigned char assoc_wapi_ie[WAPI_IE_MAX_SIZE]; /* Own WAPI/RSN IE from (Re)AssocReq */ 225 size_t assoc_wapi_ie_len; 226 }; 227 228 void wapi_iface_init(struct wapi_asue_struct *wapi); 229 void wapi_iface_deinit(struct wapi_asue_struct *wapi); 230 int wapi_init_ie(struct wpa_supplicant *wpa); 231 int wapi_parse_ie(const unsigned char *wapi_ie, unsigned int ie_len, 232 struct wpa_ie_data *ie_data); 233 int wapi_generate_addid(struct wapi_asue_struct *wapi, struct wpa_bss *bss); 234 int wapi_event_process(struct wapi_asue_struct *wapi, conn_status_enum action, 235 const unsigned char *assoc_ie, size_t assoc_ie_len); 236 237 #endif /* end of WAPI_H */ 238 239