11553Srgrimes/*
21553Srgrimes * IEEE 802.1X-2010 Key Agree Protocol of PAE state machine
31553Srgrimes * Copyright (c) 2013, Qualcomm Atheros, Inc.
41553Srgrimes *
51553Srgrimes * This software may be distributed under the terms of the BSD license.
61553Srgrimes * See README for more details.
71553Srgrimes */
81553Srgrimes
91553Srgrimes#ifndef IEEE802_1X_KAY_I_H
101553Srgrimes#define IEEE802_1X_KAY_I_H
111553Srgrimes
121553Srgrimes#include "utils/list.h"
131553Srgrimes#include "common/defs.h"
141553Srgrimes#include "common/ieee802_1x_defs.h"
151553Srgrimes
161553Srgrimes#define MKA_VERSION_ID              1
171553Srgrimes
181553Srgrimes/* IEEE Std 802.1X-2010, 11.11.1, Table 11-7 */
191553Srgrimesenum mka_packet_type {
201553Srgrimes	MKA_BASIC_PARAMETER_SET = MKA_VERSION_ID,
211553Srgrimes	MKA_LIVE_PEER_LIST = 1,
221553Srgrimes	MKA_POTENTIAL_PEER_LIST = 2,
231553Srgrimes	MKA_SAK_USE = 3,
241553Srgrimes	MKA_DISTRIBUTED_SAK = 4,
251553Srgrimes	MKA_DISTRIBUTED_CAK = 5,
261553Srgrimes	MKA_KMD = 6,
271553Srgrimes	MKA_ANNOUNCEMENT = 7,
281553Srgrimes	MKA_ICV_INDICATOR = 255
291553Srgrimes};
301553Srgrimes
3130642Scharnier#define ICV_LEN                         16  /* 16 bytes */
321553Srgrimes#define SAK_WRAPPED_LEN                 24
3330642Scharnier/* KN + Wrapper SAK */
3430642Scharnier#define DEFAULT_DIS_SAK_BODY_LENGTH     (SAK_WRAPPED_LEN + 4)
3550479Speter#define MAX_RETRY_CNT                   5
361553Srgrimes
371553Srgrimesstruct ieee802_1x_kay;
381553Srgrimes
391553Srgrimesstruct ieee802_1x_mka_peer_id {
401553Srgrimes	u8 mi[MI_LEN];
411553Srgrimes	u32 mn;
421553Srgrimes};
431553Srgrimes
441553Srgrimesstruct ieee802_1x_kay_peer {
451553Srgrimes	struct ieee802_1x_mka_sci sci;
461553Srgrimes	u8 mi[MI_LEN];
471553Srgrimes	u32 mn;
481553Srgrimes	time_t expire;
491553Srgrimes	Boolean is_key_server;
501553Srgrimes	u8 key_server_priority;
511553Srgrimes	Boolean macsec_desired;
521553Srgrimes	enum macsec_cap macsec_capbility;
531553Srgrimes	Boolean sak_used;
541553Srgrimes	struct dl_list list;
551553Srgrimes};
561553Srgrimes
571553Srgrimesstruct key_conf {
581553Srgrimes	u8 *key;
591553Srgrimes	struct ieee802_1x_mka_ki ki;
601553Srgrimes	enum confidentiality_offset offset;
611553Srgrimes	u8 an;
621553Srgrimes	Boolean tx;
631553Srgrimes	Boolean rx;
641553Srgrimes	int key_len; /* unit: byte */
651553Srgrimes};
661553Srgrimes
671553Srgrimesstruct data_key {
681553Srgrimes	u8 *key;
691553Srgrimes	int key_len;
701553Srgrimes	struct ieee802_1x_mka_ki key_identifier;
711553Srgrimes	enum confidentiality_offset confidentiality_offset;
721553Srgrimes	u8 an;
731553Srgrimes	Boolean transmits;
741553Srgrimes	Boolean receives;
751553Srgrimes	struct os_time created_time;
761553Srgrimes	u32 next_pn;
771553Srgrimes
781553Srgrimes	/* not defined data */
7930830Scharnier	Boolean rx_latest;
801553Srgrimes	Boolean tx_latest;
811553Srgrimes
821553Srgrimes	int user;  /* FIXME: to indicate if it can be delete safely */
831553Srgrimes
841553Srgrimes	struct dl_list list;
851553Srgrimes};
861553Srgrimes
871553Srgrimes/* TransmitSC in IEEE Std 802.1AE-2006, Figure 10-6 */
881553Srgrimesstruct transmit_sc {
891553Srgrimes	struct ieee802_1x_mka_sci sci; /* const SCI sci */
901553Srgrimes	Boolean transmitting; /* bool transmitting (read only) */
911553Srgrimes
921553Srgrimes	struct os_time created_time; /* Time createdTime */
931553Srgrimes
941553Srgrimes	u8 encoding_sa; /* AN encodingSA (read only) */
951553Srgrimes	u8 enciphering_sa; /* AN encipheringSA (read only) */
961553Srgrimes
971553Srgrimes	/* not defined data */
981553Srgrimes	unsigned int channel;
991553Srgrimes
1001553Srgrimes	struct dl_list list;
1011553Srgrimes	struct dl_list sa_list;
1021553Srgrimes};
1031553Srgrimes
1041553Srgrimes/* TransmitSA in IEEE Std 802.1AE-2006, Figure 10-6 */
1051553Srgrimesstruct transmit_sa {
1061553Srgrimes	Boolean in_use; /* bool inUse (read only) */
1071553Srgrimes	u32 next_pn; /* PN nextPN (read only) */
1081553Srgrimes	struct os_time created_time; /* Time createdTime */
1091553Srgrimes
1101553Srgrimes	Boolean enable_transmit; /* bool EnableTransmit */
1111553Srgrimes
1121553Srgrimes	u8 an;
1131553Srgrimes	Boolean confidentiality;
1141553Srgrimes	struct data_key *pkey;
1151553Srgrimes
1161553Srgrimes	struct transmit_sc *sc;
1171553Srgrimes	struct dl_list list; /* list entry in struct transmit_sc::sa_list */
1181553Srgrimes};
1191553Srgrimes
1201553Srgrimes/* ReceiveSC in IEEE Std 802.1AE-2006, Figure 10-6 */
1211553Srgrimesstruct receive_sc {
1228857Srgrimes	struct ieee802_1x_mka_sci sci; /* const SCI sci */
1231553Srgrimes	Boolean receiving; /* bool receiving (read only) */
1241553Srgrimes
1251553Srgrimes	struct os_time created_time; /* Time createdTime */
1261553Srgrimes
1271553Srgrimes	unsigned int channel;
1281553Srgrimes
1291553Srgrimes	struct dl_list list;
1301553Srgrimes	struct dl_list sa_list;
1311553Srgrimes};
1321553Srgrimes
1331553Srgrimes/* ReceiveSA in IEEE Std 802.1AE-2006, Figure 10-6 */
1341553Srgrimesstruct receive_sa {
1351553Srgrimes	Boolean enable_receive; /* bool enableReceive */
1361553Srgrimes	Boolean in_use; /* bool inUse (read only) */
1371553Srgrimes
13830830Scharnier	u32 next_pn; /* PN nextPN (read only) */
1391553Srgrimes	u32 lowest_pn; /* PN lowestPN (read only) */
1401553Srgrimes	u8 an;
1411553Srgrimes	struct os_time created_time;
1421553Srgrimes
1431553Srgrimes	struct data_key *pkey;
1441553Srgrimes	struct receive_sc *sc; /* list entry in struct receive_sc::sa_list */
1451553Srgrimes
1461553Srgrimes	struct dl_list list;
1471553Srgrimes};
1481553Srgrimes
1491553Srgrimesstruct macsec_ciphersuite {
1501553Srgrimes	u8 id[CS_ID_LEN];
1511553Srgrimes	char name[32];
1521553Srgrimes	enum macsec_cap capable;
1531553Srgrimes	int sak_len; /* unit: byte */
1541553Srgrimes
1551553Srgrimes	u32 index;
1561553Srgrimes};
1571553Srgrimes
1581553Srgrimesstruct mka_alg {
1591553Srgrimes	u8 parameter[4];
1601553Srgrimes	size_t cak_len;
1611553Srgrimes	size_t kek_len;
1621553Srgrimes	size_t ick_len;
1631553Srgrimes	size_t icv_len;
164
165	int (*cak_trfm)(const u8 *msk, const u8 *mac1, const u8 *mac2, u8 *cak);
166	int (*ckn_trfm)(const u8 *msk, const u8 *mac1, const u8 *mac2,
167			const u8 *sid, size_t sid_len, u8 *ckn);
168	int (*kek_trfm)(const u8 *cak, const u8 *ckn, size_t ckn_len, u8 *kek);
169	int (*ick_trfm)(const u8 *cak, const u8 *ckn, size_t ckn_len, u8 *ick);
170	int (*icv_hash)(const u8 *ick, const u8 *msg, size_t msg_len, u8 *icv);
171
172	int index; /* index for configuring */
173};
174
175#define DEFAULT_MKA_ALG_INDEX 0
176
177/* See IEEE Std 802.1X-2010, 9.16 MKA management */
178struct ieee802_1x_mka_participant {
179	/* used for active and potential participant */
180	struct mka_key_name ckn;
181	struct mka_key cak;
182	Boolean cached;
183
184	/* used by management to monitor and control activation */
185	Boolean active;
186	Boolean participant;
187	Boolean retain;
188
189	enum { DEFAULT, DISABLED, ON_OPER_UP, ALWAYS } activate;
190
191	/* used for active participant */
192	Boolean principal;
193	struct dl_list live_peers;
194	struct dl_list potential_peers;
195
196	/* not defined in IEEE 802.1X */
197	struct dl_list list;
198
199	struct mka_key kek;
200	struct mka_key ick;
201
202	struct ieee802_1x_mka_ki lki;
203	u8 lan;
204	Boolean ltx;
205	Boolean lrx;
206
207	struct ieee802_1x_mka_ki oki;
208	u8 oan;
209	Boolean otx;
210	Boolean orx;
211
212	Boolean is_key_server;
213	Boolean is_obliged_key_server;
214	Boolean can_be_key_server;
215	Boolean is_elected;
216
217	struct dl_list sak_list;
218	struct dl_list rxsc_list;
219
220	struct transmit_sc *txsc;
221
222	u8 mi[MI_LEN];
223	u32 mn;
224
225	struct ieee802_1x_mka_peer_id current_peer_id;
226	struct ieee802_1x_mka_sci current_peer_sci;
227	time_t cak_life;
228	time_t mka_life;
229	Boolean to_dist_sak;
230	Boolean to_use_sak;
231	Boolean new_sak;
232
233	Boolean advised_desired;
234	enum macsec_cap advised_capability;
235
236	struct data_key *new_key;
237	u32 retry_count;
238
239	struct ieee802_1x_kay *kay;
240};
241
242struct ieee802_1x_mka_hdr {
243	/* octet 1 */
244	u32 type:8;
245	/* octet 2 */
246	u32 reserve:8;
247	/* octet 3 */
248#if __BYTE_ORDER == __LITTLE_ENDIAN
249	u32 length:4;
250	u32 reserve1:4;
251#elif __BYTE_ORDER == __BIG_ENDIAN
252	u32 reserve1:4;
253	u32 length:4;
254#else
255#error "Please fix <bits/endian.h>"
256#endif
257	/* octet 4 */
258	u32 length1:8;
259};
260
261#define MKA_HDR_LEN sizeof(struct ieee802_1x_mka_hdr)
262
263struct ieee802_1x_mka_basic_body {
264	/* octet 1 */
265	u32 version:8;
266	/* octet 2 */
267	u32 priority:8;
268	/* octet 3 */
269#if __BYTE_ORDER == __LITTLE_ENDIAN
270	u32 length:4;
271	u32 macsec_capbility:2;
272	u32 macsec_desired:1;
273	u32 key_server:1;
274#elif __BYTE_ORDER == __BIG_ENDIAN
275	u32 key_server:1;
276	u32 macsec_desired:1;
277	u32 macsec_capbility:2;
278	u32 length:4;
279#endif
280	/* octet 4 */
281	u32 length1:8;
282
283	struct ieee802_1x_mka_sci actor_sci;
284	u8 actor_mi[MI_LEN];
285	u32 actor_mn;
286	u8 algo_agility[4];
287
288	/* followed by CAK Name*/
289	u8 ckn[0];
290};
291
292struct ieee802_1x_mka_peer_body {
293	/* octet 1 */
294	u32 type:8;
295	/* octet 2 */
296	u32 reserve:8;
297	/* octet 3 */
298#if __BYTE_ORDER == __LITTLE_ENDIAN
299	u32 length:4;
300	u32 reserve1:4;
301#elif __BYTE_ORDER == __BIG_ENDIAN
302	u32 reserve1:4;
303	u32 length:4;
304#endif
305	/* octet 4 */
306	u32 length1:8;
307
308	u8 peer[0];
309	/* followed by Peers */
310};
311
312struct ieee802_1x_mka_sak_use_body {
313	/* octet 1 */
314	u32 type:8;
315	/* octet 2 */
316#if __BYTE_ORDER == __LITTLE_ENDIAN
317	u32 orx:1;
318	u32 otx:1;
319	u32 oan:2;
320	u32 lrx:1;
321	u32 ltx:1;
322	u32 lan:2;
323#elif __BYTE_ORDER == __BIG_ENDIAN
324	u32 lan:2;
325	u32 ltx:1;
326	u32 lrx:1;
327	u32 oan:2;
328	u32 otx:1;
329	u32 orx:1;
330#endif
331
332	/* octet 3 */
333#if __BYTE_ORDER == __LITTLE_ENDIAN
334	u32 length:4;
335	u32 delay_protect:1;
336	u32 reserve:1;
337	u32 prx:1;
338	u32 ptx:1;
339#elif __BYTE_ORDER == __BIG_ENDIAN
340	u32 ptx:1;
341	u32 prx:1;
342	u32 reserve:1;
343	u32 delay_protect:1;
344	u32 length:4;
345#endif
346
347	/* octet 4 */
348	u32 length1:8;
349
350	/* octet 5 - 16 */
351	u8 lsrv_mi[MI_LEN];
352	/* octet 17 - 20 */
353	u32 lkn;
354	/* octet 21 - 24 */
355	u32 llpn;
356
357	/* octet 25 - 36 */
358	u8 osrv_mi[MI_LEN];
359	/* octet 37 - 40 */
360	u32 okn;
361	/* octet 41 - 44 */
362	u32 olpn;
363};
364
365
366struct ieee802_1x_mka_dist_sak_body {
367	/* octet 1 */
368	u32 type:8;
369	/* octet 2 */
370#if __BYTE_ORDER == __LITTLE_ENDIAN
371	u32 reserve:4;
372	u32 confid_offset:2;
373	u32 dan:2;
374#elif __BYTE_ORDER == __BIG_ENDIAN
375	u32 dan:2;
376	u32 confid_offset:2;
377	u32 reserve:4;
378#endif
379	/* octet 3 */
380#if __BYTE_ORDER == __LITTLE_ENDIAN
381	u32 length:4;
382	u32 reserve1:4;
383#elif __BYTE_ORDER == __BIG_ENDIAN
384	u32 reserve1:4;
385	u32 length:4;
386#endif
387	/* octet 4 */
388	u32 length1:8;
389	/* octet 5 - 8 */
390	u32 kn;
391
392	/* for GCM-AES-128: octet 9-32: SAK
393	 * for other cipher suite: octet 9-16: cipher suite id, octet 17-: SAK
394	 */
395	u8 sak[0];
396};
397
398
399struct ieee802_1x_mka_icv_body {
400	/* octet 1 */
401	u32 type:8;
402	/* octet 2 */
403	u32 reserve:8;
404	/* octet 3 */
405#if __BYTE_ORDER == __LITTLE_ENDIAN
406	u32 length:4;
407	u32 reserve1:4;
408#elif __BYTE_ORDER == __BIG_ENDIAN
409	u32 reserve1:4;
410	u32 length:4;
411#endif
412	/* octet 4 */
413	u32 length1:8;
414
415	/* octet 5 - */
416	u8 icv[0];
417};
418
419#endif /* IEEE802_1X_KAY_I_H */
420