1 /*

     2 * ============================================================================

     3 *  Name        : ./accesssec/eapol/eapol_framework/wapi_common/include/wapi_ethernet_core.h

     4 *  Part of     : WAPI / WAPI       *** Info from the SWAD

     5 *  Description : WAPI authentication

     6 *  Version     : %version: 9.1.1 % << Don't touch! Updated by Synergy at check-out.

     7 *

     8 *  Copyright © 2001-2009 Nokia.  All rights reserved.

     9 *  This material, including documentation and any related computer

    10 *  programs, is protected by copyright controlled by Nokia.  All

    11 *  rights are reserved.  Copying, including reproducing, storing,

    12 *  adapting or translating, any or all of this material requires the

    13 *  prior written consent of Nokia.  This material also contains

    14 *  confidential information which may not be disclosed to others

    15 *  without the prior written consent of Nokia.

    16 * ============================================================================

    17 * Template version: 4.2

    18 */

    19 

    20 

    21 

    22 #if !defined(_WAPI_ETHERNET_CORE_H_)

    23 #define _WAPI_ETHERNET_CORE_H_

    24 

    25 #include "eap_tools.h"

    26 #include "eap_am_export.h"

    27 #include "abs_wapi_ethernet_core.h"

    28 #include "abs_wapi_core.h"

    29 #include "wapi_core.h"

    30 #include "wapi_session_core.h"

    31 #include "eap_variable_data.h"

    32 #include "eap_core_map.h"

    33 #include "abs_eap_stack_interface.h"

    34 #include "eapol_rsna_key_header.h"

    35 

    36 

    37 /// This class defines the ethernet protocol layer.

    38 class EAP_EXPORT wapi_ethernet_core_c

    39 : public abs_wapi_core_c

    40 , public abs_eap_stack_interface_c

    41 {

    42 private:

    43 	//--------------------------------------------------

    44 

    45 	abs_wapi_ethernet_core_c *m_partner;

    46 

    47 	wapi_session_core_c *m_wapi_core;

    48 

    49 	abs_eap_am_tools_c * const m_am_tools;

    50 

    51 	bool m_is_client;

    52 

    53 	bool m_is_valid;

    54 

    55 	bool m_shutdown_was_called;

    56 

    57 	//--------------------------------------------------

    58 protected:

    59 	//--------------------------------------------------

    60 

    61 	//--------------------------------------------------

    62 public:

    63 	//--------------------------------------------------

    64 

    65 	// 

    66 	EAP_FUNC_IMPORT virtual ~wapi_ethernet_core_c();

    67 

    68 	// 

    69 	EAP_FUNC_IMPORT wapi_ethernet_core_c(

    70 		abs_eap_am_tools_c * const m_am_tools,

    71 		abs_wapi_ethernet_core_c * const partner,

    72 		const bool is_client_when_true);

    73 

    74 	EAP_FUNC_IMPORT eap_status_e cancel_all_authentication_sessions();

    75 

    76 

    77 	// This is documented in abs_eap_stack_interface_c::packet_process().

    78 	EAP_FUNC_IMPORT eap_status_e packet_process(

    79 		const eap_am_network_id_c * const receive_network_id,

    80 		eap_general_header_base_c * const packet_data,

    81 		const u32_t packet_length); 

    82 

    83 	//

    84 	EAP_FUNC_IMPORT eap_status_e packet_send(

    85 		const eap_am_network_id_c * const send_network_id,

    86 		eap_buf_chain_wr_c * const sent_packet,

    87 		const u32_t header_offset,

    88 		const u32_t data_length,

    89 		const u32_t buffer_length); 

    90 

    91 	//

    92 	EAP_FUNC_IMPORT u32_t get_header_offset(

    93 		u32_t * const MTU,

    94 		u32_t * const trailer_length);  

    95 

    96 	/**

    97 	 * This function checks whether WAPI BKID is cached to each eap_am_network_id_c object.

    98 	 * Function removes eap_am_network_id_c object from bssid_sta_receive_network_ids if there are

    99 	 * no cached BKID for eap_am_network_id_c object.

   100 	 * All eap_am_network_id_c objects that exist in bssid_sta_receive_network_ids

   101 	 * after function returns have BKID cached and read_reassociation_parameters() can be called

   102 	 * with those eap_am_network_id_c objects.

   103 	 */

   104 	EAP_FUNC_IMPORT eap_status_e check_bksa_cache(

   105 		eap_array_c<eap_am_network_id_c> * const bssid_sta_receive_network_ids,

   106 		const eapol_key_authentication_type_e selected_eapol_key_authentication_type,

   107 		const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e pairwise_key_cipher_suite,

   108 		const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e group_key_cipher_suite);

   109 

   110 	/**

   111 	 * This function removes BKID from cache.

   112 	 * @param receive_network_id carries the MAC addresses.

   113 	 * MAC address of Authenticator should be in source address.

   114 	 * MAC address of Supplicant should be in destination address.

   115 	 */

   116 	EAP_FUNC_IMPORT eap_status_e remove_bksa_from_cache(

   117 		const eap_am_network_id_c * const receive_network_id);

   118 

   119 	/**

   120 	 * This function starts the WAPI authentication.

   121 	 * The first parameter includes the network addresses of the protocol

   122 	 * over the WAPI packets are transmitted.

   123 	 * The type attribute of the eap_am_network_id_c object MUST be set

   124 	 * WAPI Ethernet type.

   125 	 * The second parameter is_client_when_true tells whether this stack

   126 	 * is client (true) or server (false).

   127 	 */ 

   128 	EAP_FUNC_IMPORT eap_status_e start_authentication(

   129 		const eap_am_network_id_c * const receive_network_id,

   130 		const bool is_client_when_true);

   131 

   132 	EAP_FUNC_IMPORT eap_status_e start_reassociation(

   133 		const eap_am_network_id_c * const receive_network_id,

   134 		const eapol_key_authentication_type_e authentication_type,

   135 		const eap_variable_data_c * const BKID);

   136 

   137 	EAP_FUNC_IMPORT eap_status_e read_reassociation_parameters(

   138 		const eap_am_network_id_c * const old_receive_network_id, ///< source includes remote address, destination includes local address.

   139 		const eap_am_network_id_c * const new_receive_network_id, ///< source includes remote address, destination includes local address.

   140 		const eapol_key_authentication_type_e authentication_type,

   141 		eap_variable_data_c * const BKID,

   142 		const eap_variable_data_c * const received_WAPI_ie,

   143 		const eap_variable_data_c * const sent_WAPI_ie);

   144 

   145 

   146 	EAP_FUNC_IMPORT eap_status_e complete_reassociation(

   147 		const eapol_wlan_authentication_state_e reassociation_result,

   148 		const eap_am_network_id_c * const receive_network_id,

   149 		const eapol_key_authentication_type_e authentication_type,

   150 		const eap_variable_data_c * const received_WAPI_IE,

   151 		const eap_variable_data_c * const sent_WAPI_IE,

   152 		const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e pairwise_key_cipher_suite,

   153 		const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e group_key_cipher_suite);

   154 

   155 	// This is documented in abs_eap_stack_interface_c::set_is_valid().

   156 	EAP_FUNC_IMPORT void set_is_valid();

   157 

   158 	// This is documented in abs_eap_stack_interface_c::get_is_valid().

   159 	EAP_FUNC_IMPORT bool get_is_valid();

   160 

   161 	// This is documented in abs_eap_stack_interface_c::configure().

   162 	EAP_FUNC_IMPORT eap_status_e configure();

   163 

   164 	// This is documented in abs_eap_stack_interface_c::shutdown().

   165 	EAP_FUNC_IMPORT eap_status_e shutdown();

   166 

   167 	EAP_FUNC_IMPORT eap_status_e packet_data_session_key(

   168 		const eap_am_network_id_c * const send_network_id,

   169 		const eapol_session_key_c * const key);

   170 

   171 	EAP_FUNC_IMPORT eap_status_e read_configure(

   172 		const eap_configuration_field_c * const field,

   173 		eap_variable_data_c * const data);

   174 

   175 	EAP_FUNC_IMPORT eap_status_e write_configure(

   176 		const eap_configuration_field_c * const field,

   177 		eap_variable_data_c * const data);

   178 

   179 	// See abs_eap_base_type_c::state_notification().

   180 	EAP_FUNC_IMPORT void state_notification(

   181 		const abs_eap_state_notification_c * const state);

   182 

   183 

   184 	//

   185 	EAP_FUNC_IMPORT eap_status_e set_timer(

   186 		abs_eap_base_timer_c * const p_initializer, 

   187 		const u32_t p_id, 

   188 		void * const p_data,

   189 		const u32_t p_time_ms);

   190 

   191 	EAP_FUNC_IMPORT eap_status_e cancel_timer(

   192 		abs_eap_base_timer_c * const p_initializer, 

   193 		const u32_t p_id);

   194 

   195 	//

   196 	EAP_FUNC_IMPORT eap_status_e cancel_all_timers();

   197 

   198 	/**

   199 	 * Function creates a state for later use. This is for optimazing 4-Way Handshake.

   200 	 * @param receive_network_id carries the MAC addresses.

   201 	 * MAC address of Authenticator should be in source address. MAC address of 

   202 	 * Supplicant should be in destination address.

   203 	 * @param authentication_type is the selected authentication type.

   204 	 */

   205 	EAP_FUNC_IMPORT eap_status_e create_state(

   206 		const eap_am_network_id_c * const receive_network_id,

   207 		const eapol_key_authentication_type_e authentication_type

   208 		);

   209 

   210 	/**

   211 	 * This function need to be called when client STA (re)associates to AP.

   212 	 * @param receive_network_id carries the MAC addresses.

   213 	 * MAC address of Authenticator should be in source address. MAC address of Supplicant should be in destination address.

   214 	 * @param authenticator_RSNA_IE is RSN IE of authenticator. Authenticator sends this in Beacon or Probe message.

   215 	 * @param supplicant_RSNA_IE is RSN IE of supplicant. Supplicant sends this in (re)association request message.

   216 	 * @param eapol_pairwise_cipher is the selected pairwise cipher.

   217 	 * @param eapol_group_cipher is the selected group cipher.

   218 	 */

   219 	EAP_FUNC_IMPORT eap_status_e association(

   220 		const eap_am_network_id_c * const receive_network_id,

   221 		const eapol_key_authentication_type_e authentication_type,

   222 		const eap_variable_data_c * const authenticator_RSNA_IE,

   223 		const eap_variable_data_c * const supplicant_RSNA_IE,

   224 		const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e eapol_pairwise_cipher,

   225 		const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e eapol_group_cipher,

   226 		const eap_variable_data_c * const pre_shared_key);

   227 

   228 	/**

   229 	 * This function need to be called when client STA disassociates from AP.

   230 	 * @param receive_network_id carries the MAC addresses.

   231 	 * MAC address of Authenticator should be in source address. MAC address of Supplicant should be in destination address.

   232 	 */

   233 	EAP_FUNC_IMPORT eap_status_e disassociation(

   234 		const eap_am_network_id_c * const receive_network_id

   235 		);

   236 

   237 	EAP_FUNC_IMPORT eap_status_e restart_authentication(

   238 		const eap_am_network_id_c * const receive_network_id,

   239 		const bool is_client_when_true,

   240 		const bool force_clean_restart,

   241 		const bool from_timer = false);

   242 

   243 	EAP_FUNC_IMPORT eap_status_e asynchronous_init_remove_wapi_session(

   244 		const eap_am_network_id_c * const send_network_id);

   245 

   246 	EAP_FUNC_IMPORT eap_status_e set_session_timeout(

   247 		const u32_t session_timeout_ms);

   248 

   249 	//--------------------------------------------------

   250 }; // class wapi_ethernet_core_c

   251 

   252 #endif //#if !defined(_WAPI_ETHERNET_CORE_H_)

   253 

   254 //--------------------------------------------------

   255 

   256 

   257 

   258 // End.