1 /* 2 * IEEE 802.1X-2010 Key Agree Protocol of PAE state machine 3 * Copyright (c) 2013, Qualcomm Atheros, Inc. 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #ifndef IEEE802_1X_KAY_I_H 10 #define IEEE802_1X_KAY_I_H 11 12 #include "utils/list.h" 13 #include "common/defs.h" 14 #include "common/ieee802_1x_defs.h" 15 16 #define MKA_VERSION_ID 1 17 18 /* IEEE Std 802.1X-2010, 11.11.1, Table 11-7 */ 19 enum mka_packet_type { 20 MKA_BASIC_PARAMETER_SET = MKA_VERSION_ID, 21 MKA_LIVE_PEER_LIST = 1, 22 MKA_POTENTIAL_PEER_LIST = 2, 23 MKA_SAK_USE = 3, 24 MKA_DISTRIBUTED_SAK = 4, 25 MKA_DISTRIBUTED_CAK = 5, 26 MKA_KMD = 6, 27 MKA_ANNOUNCEMENT = 7, 28 MKA_ICV_INDICATOR = 255 29 }; 30 31 #define ICV_LEN 16 /* 16 bytes */ 32 #define SAK_WRAPPED_LEN 24 33 /* KN + Wrapper SAK */ 34 #define DEFAULT_DIS_SAK_BODY_LENGTH (SAK_WRAPPED_LEN + 4) 35 #define MAX_RETRY_CNT 5 36 37 struct ieee802_1x_kay; 38 39 struct ieee802_1x_mka_peer_id { 40 u8 mi[MI_LEN]; 41 be32 mn; 42 }; 43 44 struct ieee802_1x_kay_peer { 45 struct ieee802_1x_mka_sci sci; 46 u8 mi[MI_LEN]; 47 u32 mn; 48 time_t expire; 49 Boolean is_key_server; 50 u8 key_server_priority; 51 Boolean macsec_desired; 52 enum macsec_cap macsec_capability; 53 Boolean sak_used; 54 struct dl_list list; 55 }; 56 57 struct macsec_ciphersuite { 58 u64 id; 59 char name[32]; 60 enum macsec_cap capable; 61 int sak_len; /* unit: byte */ 62 63 u32 index; 64 }; 65 66 struct mka_alg { 67 u8 parameter[4]; 68 size_t cak_len; 69 size_t kek_len; 70 size_t ick_len; 71 size_t icv_len; 72 73 int (*cak_trfm)(const u8 *msk, const u8 *mac1, const u8 *mac2, u8 *cak); 74 int (*ckn_trfm)(const u8 *msk, const u8 *mac1, const u8 *mac2, 75 const u8 *sid, size_t sid_len, u8 *ckn); 76 int (*kek_trfm)(const u8 *cak, const u8 *ckn, size_t ckn_len, u8 *kek); 77 int (*ick_trfm)(const u8 *cak, const u8 *ckn, size_t ckn_len, u8 *ick); 78 int (*icv_hash)(const u8 *ick, const u8 *msg, size_t msg_len, u8 *icv); 79 80 int index; /* index for configuring */ 81 }; 82 83 #define DEFAULT_MKA_ALG_INDEX 0 84 85 /* See IEEE Std 802.1X-2010, 9.16 MKA management */ 86 struct ieee802_1x_mka_participant { 87 /* used for active and potential participant */ 88 struct mka_key_name ckn; 89 struct mka_key cak; 90 Boolean cached; 91 92 /* used by management to monitor and control activation */ 93 Boolean active; 94 Boolean participant; 95 Boolean retain; 96 enum mka_created_mode mode; 97 98 enum { DEFAULT, DISABLED, ON_OPER_UP, ALWAYS } activate; 99 100 /* used for active participant */ 101 Boolean principal; 102 struct dl_list live_peers; 103 struct dl_list potential_peers; 104 105 /* not defined in IEEE 802.1X */ 106 struct dl_list list; 107 108 struct mka_key kek; 109 struct mka_key ick; 110 111 struct ieee802_1x_mka_ki lki; 112 u8 lan; 113 Boolean ltx; 114 Boolean lrx; 115 116 struct ieee802_1x_mka_ki oki; 117 u8 oan; 118 Boolean otx; 119 Boolean orx; 120 121 Boolean is_key_server; 122 Boolean is_obliged_key_server; 123 Boolean can_be_key_server; 124 Boolean is_elected; 125 126 struct dl_list sak_list; 127 struct dl_list rxsc_list; 128 129 struct transmit_sc *txsc; 130 131 u8 mi[MI_LEN]; 132 u32 mn; 133 134 struct ieee802_1x_mka_peer_id current_peer_id; 135 struct ieee802_1x_mka_sci current_peer_sci; 136 time_t cak_life; 137 time_t mka_life; 138 Boolean to_dist_sak; 139 Boolean to_use_sak; 140 Boolean new_sak; 141 142 Boolean advised_desired; 143 enum macsec_cap advised_capability; 144 145 struct data_key *new_key; 146 u32 retry_count; 147 148 struct ieee802_1x_kay *kay; 149 }; 150 151 struct ieee802_1x_mka_hdr { 152 /* octet 1 */ 153 u8 type; 154 /* octet 2 */ 155 u8 reserve; 156 /* octet 3 */ 157 #if __BYTE_ORDER == __LITTLE_ENDIAN 158 u8 length:4; 159 u8 reserve1:4; 160 #elif __BYTE_ORDER == __BIG_ENDIAN 161 u8 reserve1:4; 162 u8 length:4; 163 #else 164 #error "Please fix <bits/endian.h>" 165 #endif 166 /* octet 4 */ 167 u8 length1; 168 }; 169 170 #define MKA_HDR_LEN sizeof(struct ieee802_1x_mka_hdr) 171 172 /** 173 * struct ieee802_1x_mka_basic_body - Basic Parameter Set (Figure 11-8) 174 * @version: MKA Version Identifier 175 * @priority: Key Server Priority 176 * @length: Parameter set body length 177 * @macsec_capability: MACsec capability, as defined in ieee802_1x_defs.h 178 * @macsec_desired: the participant wants MACsec to be used to protect frames 179 * (9.6.1) 180 * @key_server: the participant has not decided that another participant is or 181 * will be the key server (9.5.1) 182 * @length1: Parameter set body length (cont) 183 * @actor_mi: Actor's Member Identifier 184 * @actor_mn: Actor's Message Number 185 * @algo_agility: Algorithm Agility parameter 186 * @ckn: CAK Name 187 */ 188 struct ieee802_1x_mka_basic_body { 189 /* octet 1 */ 190 u8 version; 191 /* octet 2 */ 192 u8 priority; 193 /* octet 3 */ 194 #if __BYTE_ORDER == __LITTLE_ENDIAN 195 u8 length:4; 196 u8 macsec_capability:2; 197 u8 macsec_desired:1; 198 u8 key_server:1; 199 #elif __BYTE_ORDER == __BIG_ENDIAN 200 u8 key_server:1; 201 u8 macsec_desired:1; 202 u8 macsec_capability:2; 203 u8 length:4; 204 #endif 205 /* octet 4 */ 206 u8 length1; 207 208 struct ieee802_1x_mka_sci actor_sci; 209 u8 actor_mi[MI_LEN]; 210 be32 actor_mn; 211 u8 algo_agility[4]; 212 213 /* followed by CAK Name*/ 214 u8 ckn[0]; 215 }; 216 217 /** 218 * struct ieee802_1x_mka_peer_body - Live Peer List and Potential Peer List 219 * parameter sets (Figure 11-9) 220 * @type: Parameter set type (1 or 2) 221 * @length: Parameter set body length 222 * @length1: Parameter set body length (cont) 223 * @peer: array of (MI, MN) pairs 224 */ 225 struct ieee802_1x_mka_peer_body { 226 /* octet 1 */ 227 u8 type; 228 /* octet 2 */ 229 u8 reserve; 230 /* octet 3 */ 231 #if __BYTE_ORDER == __LITTLE_ENDIAN 232 u8 length:4; 233 u8 reserve1:4; 234 #elif __BYTE_ORDER == __BIG_ENDIAN 235 u8 reserve1:4; 236 u8 length:4; 237 #endif 238 /* octet 4 */ 239 u8 length1; 240 241 u8 peer[0]; 242 /* followed by Peers */ 243 }; 244 245 /** 246 * struct ieee802_1x_mka_sak_use_body - MACsec SAK Use parameter set (Figure 247 * 11-10) 248 * @type: MKA message type 249 * @lan: latest key AN 250 * @ltx: latest key TX 251 * @lrx: latest key RX 252 * @oan: old key AN 253 * @otx: old key TX 254 * @orx: old key RX 255 * @ptx: plain TX, ie protectFrames is False 256 * @prx: plain RX, ie validateFrames is not Strict 257 * @delay_protect: True if LPNs are being reported sufficiently frequently to 258 * allow the recipient to provide data delay protection. If False, the LPN 259 * can be reported as zero. 260 * @lsrv_mi: latest key server MI 261 * @lkn: latest key number (together with MI, form the KI) 262 * @llpn: latest lowest acceptable PN (LPN) 263 * @osrv_mi: old key server MI 264 * @okn: old key number (together with MI, form the KI) 265 * @olpn: old lowest acceptable PN (LPN) 266 */ 267 struct ieee802_1x_mka_sak_use_body { 268 /* octet 1 */ 269 u8 type; 270 /* octet 2 */ 271 #if __BYTE_ORDER == __LITTLE_ENDIAN 272 u8 orx:1; 273 u8 otx:1; 274 u8 oan:2; 275 u8 lrx:1; 276 u8 ltx:1; 277 u8 lan:2; 278 #elif __BYTE_ORDER == __BIG_ENDIAN 279 u8 lan:2; 280 u8 ltx:1; 281 u8 lrx:1; 282 u8 oan:2; 283 u8 otx:1; 284 u8 orx:1; 285 #endif 286 287 /* octet 3 */ 288 #if __BYTE_ORDER == __LITTLE_ENDIAN 289 u8 length:4; 290 u8 delay_protect:1; 291 u8 reserve:1; 292 u8 prx:1; 293 u8 ptx:1; 294 #elif __BYTE_ORDER == __BIG_ENDIAN 295 u8 ptx:1; 296 u8 prx:1; 297 u8 reserve:1; 298 u8 delay_protect:1; 299 u8 length:4; 300 #endif 301 302 /* octet 4 */ 303 u8 length1; 304 305 /* octet 5 - 16 */ 306 u8 lsrv_mi[MI_LEN]; 307 /* octet 17 - 20 */ 308 be32 lkn; 309 /* octet 21 - 24 */ 310 be32 llpn; 311 312 /* octet 25 - 36 */ 313 u8 osrv_mi[MI_LEN]; 314 /* octet 37 - 40 */ 315 be32 okn; 316 /* octet 41 - 44 */ 317 be32 olpn; 318 }; 319 320 /** 321 * struct ieee802_1x_mka_dist_sak_body - Distributed SAK parameter set 322 * (GCM-AES-128, Figure 11-11) 323 * @type: Parameter set type (4) 324 * @length: Parameter set body length 325 * @length1: Parameter set body length (cont) 326 * Total parameter body length values: 327 * - 0 for plain text 328 * - 28 for GCM-AES-128 329 * - 36 or more for other cipher suites 330 * @confid_offset: confidentiality offset, as defined in ieee802_1x_defs.h 331 * @dan: distributed AN (0 for plain text) 332 * @kn: Key Number 333 * @sak: AES Key Wrap of SAK (see 9.8) 334 */ 335 struct ieee802_1x_mka_dist_sak_body { 336 /* octet 1 */ 337 u8 type; 338 /* octet 2 */ 339 #if __BYTE_ORDER == __LITTLE_ENDIAN 340 u8 reserve:4; 341 u8 confid_offset:2; 342 u8 dan:2; 343 #elif __BYTE_ORDER == __BIG_ENDIAN 344 u8 dan:2; 345 u8 confid_offset:2; 346 u8 reserve:4; 347 #endif 348 /* octet 3 */ 349 #if __BYTE_ORDER == __LITTLE_ENDIAN 350 u8 length:4; 351 u8 reserve1:4; 352 #elif __BYTE_ORDER == __BIG_ENDIAN 353 u8 reserve1:4; 354 u8 length:4; 355 #endif 356 /* octet 4 */ 357 u8 length1; 358 /* octet 5 - 8 */ 359 be32 kn; 360 361 /* for GCM-AES-128: octet 9-32: SAK 362 * for other cipher suite: octet 9-16: cipher suite id, octet 17-: SAK 363 */ 364 u8 sak[0]; 365 }; 366 367 /** 368 * struct ieee802_1x_mka_dist_cak_body - Distributed CAK parameter set (Figure 369 * 11-13) 370 * @type: Parameter set type (5) 371 * @length: Parameter set body length 372 * @length1: Parameter set body length (cont) 373 * Total parameter body length values: 374 * - 0 for plain text 375 * - 28 for GCM-AES-128 376 * - 36 or more for other cipher suites 377 * @cak: AES Key Wrap of CAK (see 9.8) 378 * @ckn: CAK Name 379 */ 380 struct ieee802_1x_mka_dist_cak_body { 381 /* octet 1 */ 382 u8 type; 383 /* octet 2 */ 384 u8 reserve; 385 /* octet 3 */ 386 #if __BYTE_ORDER == __LITTLE_ENDIAN 387 u8 length:4; 388 u8 reserve1:4; 389 #elif __BYTE_ORDER == __BIG_ENDIAN 390 u8 reserve1:4; 391 u8 length:4; 392 #endif 393 /* octet 4 */ 394 u8 length1; 395 396 /* octet 5 - 28 */ 397 u8 cak[24]; 398 399 /* followed by CAK Name, 29- */ 400 u8 ckn[0]; 401 }; 402 403 struct ieee802_1x_mka_icv_body { 404 /* octet 1 */ 405 u8 type; 406 /* octet 2 */ 407 u8 reserve; 408 /* octet 3 */ 409 #if __BYTE_ORDER == __LITTLE_ENDIAN 410 u8 length:4; 411 u8 reserve1:4; 412 #elif __BYTE_ORDER == __BIG_ENDIAN 413 u8 reserve1:4; 414 u8 length:4; 415 #endif 416 /* octet 4 */ 417 u8 length1; 418 419 /* octet 5 - */ 420 u8 icv[0]; 421 }; 422 423 #endif /* IEEE802_1X_KAY_I_H */ 424