ieee802_1x_kay_i.h revision 9839ecd75c832023d4d13fd2917a8c28261ff668
1/* 2 * IEEE 802.1X-2010 Key Agree Protocol of PAE state machine 3 * Copyright (c) 2013, Qualcomm Atheros, Inc. 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9#ifndef IEEE802_1X_KAY_I_H 10#define IEEE802_1X_KAY_I_H 11 12#include "utils/list.h" 13#include "common/defs.h" 14#include "common/ieee802_1x_defs.h" 15 16#define MKA_VERSION_ID 1 17 18/* IEEE Std 802.1X-2010, 11.11.1, Table 11-7 */ 19enum mka_packet_type { 20 MKA_BASIC_PARAMETER_SET = MKA_VERSION_ID, 21 MKA_LIVE_PEER_LIST = 1, 22 MKA_POTENTIAL_PEER_LIST = 2, 23 MKA_SAK_USE = 3, 24 MKA_DISTRIBUTED_SAK = 4, 25 MKA_DISTRIBUTED_CAK = 5, 26 MKA_KMD = 6, 27 MKA_ANNOUNCEMENT = 7, 28 MKA_ICV_INDICATOR = 255 29}; 30 31#define ICV_LEN 16 /* 16 bytes */ 32#define SAK_WRAPPED_LEN 24 33/* KN + Wrapper SAK */ 34#define DEFAULT_DIS_SAK_BODY_LENGTH (SAK_WRAPPED_LEN + 4) 35#define MAX_RETRY_CNT 5 36 37struct ieee802_1x_kay; 38 39struct ieee802_1x_mka_peer_id { 40 u8 mi[MI_LEN]; 41 be32 mn; 42}; 43 44struct ieee802_1x_kay_peer { 45 struct ieee802_1x_mka_sci sci; 46 u8 mi[MI_LEN]; 47 u32 mn; 48 time_t expire; 49 Boolean is_key_server; 50 u8 key_server_priority; 51 Boolean macsec_desired; 52 enum macsec_cap macsec_capability; 53 Boolean sak_used; 54 struct dl_list list; 55}; 56 57struct macsec_ciphersuite { 58 u64 id; 59 char name[32]; 60 enum macsec_cap capable; 61 int sak_len; /* unit: byte */ 62 63 u32 index; 64}; 65 66struct mka_alg { 67 u8 parameter[4]; 68 size_t cak_len; 69 size_t kek_len; 70 size_t ick_len; 71 size_t icv_len; 72 73 int (*cak_trfm)(const u8 *msk, const u8 *mac1, const u8 *mac2, u8 *cak); 74 int (*ckn_trfm)(const u8 *msk, const u8 *mac1, const u8 *mac2, 75 const u8 *sid, size_t sid_len, u8 *ckn); 76 int (*kek_trfm)(const u8 *cak, const u8 *ckn, size_t ckn_len, u8 *kek); 77 int (*ick_trfm)(const u8 *cak, const u8 *ckn, size_t ckn_len, u8 *ick); 78 int (*icv_hash)(const u8 *ick, const u8 *msg, size_t msg_len, u8 *icv); 79 80 int index; /* index for configuring */ 81}; 82 83#define DEFAULT_MKA_ALG_INDEX 0 84 85/* See IEEE Std 802.1X-2010, 9.16 MKA management */ 86struct ieee802_1x_mka_participant { 87 /* used for active and potential participant */ 88 struct mka_key_name ckn; 89 struct mka_key cak; 90 Boolean cached; 91 92 /* used by management to monitor and control activation */ 93 Boolean active; 94 Boolean participant; 95 Boolean retain; 96 97 enum { DEFAULT, DISABLED, ON_OPER_UP, ALWAYS } activate; 98 99 /* used for active participant */ 100 Boolean principal; 101 struct dl_list live_peers; 102 struct dl_list potential_peers; 103 104 /* not defined in IEEE 802.1X */ 105 struct dl_list list; 106 107 struct mka_key kek; 108 struct mka_key ick; 109 110 struct ieee802_1x_mka_ki lki; 111 u8 lan; 112 Boolean ltx; 113 Boolean lrx; 114 115 struct ieee802_1x_mka_ki oki; 116 u8 oan; 117 Boolean otx; 118 Boolean orx; 119 120 Boolean is_key_server; 121 Boolean is_obliged_key_server; 122 Boolean can_be_key_server; 123 Boolean is_elected; 124 125 struct dl_list sak_list; 126 struct dl_list rxsc_list; 127 128 struct transmit_sc *txsc; 129 130 u8 mi[MI_LEN]; 131 u32 mn; 132 133 struct ieee802_1x_mka_peer_id current_peer_id; 134 struct ieee802_1x_mka_sci current_peer_sci; 135 time_t cak_life; 136 time_t mka_life; 137 Boolean to_dist_sak; 138 Boolean to_use_sak; 139 Boolean new_sak; 140 141 Boolean advised_desired; 142 enum macsec_cap advised_capability; 143 144 struct data_key *new_key; 145 u32 retry_count; 146 147 struct ieee802_1x_kay *kay; 148}; 149 150struct ieee802_1x_mka_hdr { 151 /* octet 1 */ 152 u8 type; 153 /* octet 2 */ 154 u8 reserve; 155 /* octet 3 */ 156#if __BYTE_ORDER == __LITTLE_ENDIAN 157 u8 length:4; 158 u8 reserve1:4; 159#elif __BYTE_ORDER == __BIG_ENDIAN 160 u8 reserve1:4; 161 u8 length:4; 162#else 163#error "Please fix <bits/endian.h>" 164#endif 165 /* octet 4 */ 166 u8 length1; 167}; 168 169#define MKA_HDR_LEN sizeof(struct ieee802_1x_mka_hdr) 170 171/** 172 * struct ieee802_1x_mka_basic_body - Basic Parameter Set (Figure 11-8) 173 * @version: MKA Version Identifier 174 * @priority: Key Server Priority 175 * @length: Parameter set body length 176 * @macsec_capability: MACsec capability, as defined in ieee802_1x_defs.h 177 * @macsec_desired: the participant wants MACsec to be used to protect frames 178 * (9.6.1) 179 * @key_server: the participant has not decided that another participant is or 180 * will be the key server (9.5.1) 181 * @length1: Parameter set body length (cont) 182 * @actor_mi: Actor's Member Identifier 183 * @actor_mn: Actor's Message Number 184 * @algo_agility: Algorithm Agility parameter 185 * @ckn: CAK Name 186 */ 187struct ieee802_1x_mka_basic_body { 188 /* octet 1 */ 189 u8 version; 190 /* octet 2 */ 191 u8 priority; 192 /* octet 3 */ 193#if __BYTE_ORDER == __LITTLE_ENDIAN 194 u8 length:4; 195 u8 macsec_capability:2; 196 u8 macsec_desired:1; 197 u8 key_server:1; 198#elif __BYTE_ORDER == __BIG_ENDIAN 199 u8 key_server:1; 200 u8 macsec_desired:1; 201 u8 macsec_capability:2; 202 u8 length:4; 203#endif 204 /* octet 4 */ 205 u8 length1; 206 207 struct ieee802_1x_mka_sci actor_sci; 208 u8 actor_mi[MI_LEN]; 209 be32 actor_mn; 210 u8 algo_agility[4]; 211 212 /* followed by CAK Name*/ 213 u8 ckn[0]; 214}; 215 216/** 217 * struct ieee802_1x_mka_peer_body - Live Peer List and Potential Peer List 218 * parameter sets (Figure 11-9) 219 * @type: Parameter set type (1 or 2) 220 * @length: Parameter set body length 221 * @length1: Parameter set body length (cont) 222 * @peer: array of (MI, MN) pairs 223 */ 224struct ieee802_1x_mka_peer_body { 225 /* octet 1 */ 226 u8 type; 227 /* octet 2 */ 228 u8 reserve; 229 /* octet 3 */ 230#if __BYTE_ORDER == __LITTLE_ENDIAN 231 u8 length:4; 232 u8 reserve1:4; 233#elif __BYTE_ORDER == __BIG_ENDIAN 234 u8 reserve1:4; 235 u8 length:4; 236#endif 237 /* octet 4 */ 238 u8 length1; 239 240 u8 peer[0]; 241 /* followed by Peers */ 242}; 243 244/** 245 * struct ieee802_1x_mka_sak_use_body - MACsec SAK Use parameter set (Figure 246 * 11-10) 247 * @type: MKA message type 248 * @lan: latest key AN 249 * @ltx: latest key TX 250 * @lrx: latest key RX 251 * @oan: old key AN 252 * @otx: old key TX 253 * @orx: old key RX 254 * @ptx: plain TX, ie protectFrames is False 255 * @prx: plain RX, ie validateFrames is not Strict 256 * @delay_protect: True if LPNs are being reported sufficiently frequently to 257 * allow the recipient to provide data delay protection. If False, the LPN 258 * can be reported as zero. 259 * @lsrv_mi: latest key server MI 260 * @lkn: latest key number (together with MI, form the KI) 261 * @llpn: latest lowest acceptable PN (LPN) 262 * @osrv_mi: old key server MI 263 * @okn: old key number (together with MI, form the KI) 264 * @olpn: old lowest acceptable PN (LPN) 265 */ 266struct ieee802_1x_mka_sak_use_body { 267 /* octet 1 */ 268 u8 type; 269 /* octet 2 */ 270#if __BYTE_ORDER == __LITTLE_ENDIAN 271 u8 orx:1; 272 u8 otx:1; 273 u8 oan:2; 274 u8 lrx:1; 275 u8 ltx:1; 276 u8 lan:2; 277#elif __BYTE_ORDER == __BIG_ENDIAN 278 u8 lan:2; 279 u8 ltx:1; 280 u8 lrx:1; 281 u8 oan:2; 282 u8 otx:1; 283 u8 orx:1; 284#endif 285 286 /* octet 3 */ 287#if __BYTE_ORDER == __LITTLE_ENDIAN 288 u8 length:4; 289 u8 delay_protect:1; 290 u8 reserve:1; 291 u8 prx:1; 292 u8 ptx:1; 293#elif __BYTE_ORDER == __BIG_ENDIAN 294 u8 ptx:1; 295 u8 prx:1; 296 u8 reserve:1; 297 u8 delay_protect:1; 298 u8 length:4; 299#endif 300 301 /* octet 4 */ 302 u8 length1; 303 304 /* octet 5 - 16 */ 305 u8 lsrv_mi[MI_LEN]; 306 /* octet 17 - 20 */ 307 be32 lkn; 308 /* octet 21 - 24 */ 309 be32 llpn; 310 311 /* octet 25 - 36 */ 312 u8 osrv_mi[MI_LEN]; 313 /* octet 37 - 40 */ 314 be32 okn; 315 /* octet 41 - 44 */ 316 be32 olpn; 317}; 318 319/** 320 * struct ieee802_1x_mka_dist_sak_body - Distributed SAK parameter set 321 * (GCM-AES-128, Figure 11-11) 322 * @type: Parameter set type (4) 323 * @length: Parameter set body length 324 * @length1: Parameter set body length (cont) 325 * Total parameter body length values: 326 * - 0 for plain text 327 * - 28 for GCM-AES-128 328 * - 36 or more for other cipher suites 329 * @confid_offset: confidentiality offset, as defined in ieee802_1x_defs.h 330 * @dan: distributed AN (0 for plain text) 331 * @kn: Key Number 332 * @sak: AES Key Wrap of SAK (see 9.8) 333 */ 334struct ieee802_1x_mka_dist_sak_body { 335 /* octet 1 */ 336 u8 type; 337 /* octet 2 */ 338#if __BYTE_ORDER == __LITTLE_ENDIAN 339 u8 reserve:4; 340 u8 confid_offset:2; 341 u8 dan:2; 342#elif __BYTE_ORDER == __BIG_ENDIAN 343 u8 dan:2; 344 u8 confid_offset:2; 345 u8 reserve:4; 346#endif 347 /* octet 3 */ 348#if __BYTE_ORDER == __LITTLE_ENDIAN 349 u8 length:4; 350 u8 reserve1:4; 351#elif __BYTE_ORDER == __BIG_ENDIAN 352 u8 reserve1:4; 353 u8 length:4; 354#endif 355 /* octet 4 */ 356 u8 length1; 357 /* octet 5 - 8 */ 358 be32 kn; 359 360 /* for GCM-AES-128: octet 9-32: SAK 361 * for other cipher suite: octet 9-16: cipher suite id, octet 17-: SAK 362 */ 363 u8 sak[0]; 364}; 365 366/** 367 * struct ieee802_1x_mka_dist_cak_body - Distributed CAK parameter set (Figure 368 * 11-13) 369 * @type: Parameter set type (5) 370 * @length: Parameter set body length 371 * @length1: Parameter set body length (cont) 372 * Total parameter body length values: 373 * - 0 for plain text 374 * - 28 for GCM-AES-128 375 * - 36 or more for other cipher suites 376 * @cak: AES Key Wrap of CAK (see 9.8) 377 * @ckn: CAK Name 378 */ 379struct ieee802_1x_mka_dist_cak_body { 380 /* octet 1 */ 381 u8 type; 382 /* octet 2 */ 383 u8 reserve; 384 /* octet 3 */ 385#if __BYTE_ORDER == __LITTLE_ENDIAN 386 u8 length:4; 387 u8 reserve1:4; 388#elif __BYTE_ORDER == __BIG_ENDIAN 389 u8 reserve1:4; 390 u8 length:4; 391#endif 392 /* octet 4 */ 393 u8 length1; 394 395 /* octet 5 - 28 */ 396 u8 cak[24]; 397 398 /* followed by CAK Name, 29- */ 399 u8 ckn[0]; 400}; 401 402struct ieee802_1x_mka_icv_body { 403 /* octet 1 */ 404 u8 type; 405 /* octet 2 */ 406 u8 reserve; 407 /* octet 3 */ 408#if __BYTE_ORDER == __LITTLE_ENDIAN 409 u8 length:4; 410 u8 reserve1:4; 411#elif __BYTE_ORDER == __BIG_ENDIAN 412 u8 reserve1:4; 413 u8 length:4; 414#endif 415 /* octet 4 */ 416 u8 length1; 417 418 /* octet 5 - */ 419 u8 icv[0]; 420}; 421 422#endif /* IEEE802_1X_KAY_I_H */ 423