|
1 /* |
|
2 * ============================================================================ |
|
3 * Name : ./accesssec/eapol/eapol_framework/wapi_common/include/wapi_wlan_authentication.h |
|
4 * Part of : WAPI / WAPI *** Info from the SWAD |
|
5 * Description : WAPI authentication |
|
6 * Version : %version: 9.1.1 % << Don't touch! Updated by Synergy at check-out. |
|
7 * |
|
8 * Copyright © 2001-2009 Nokia. All rights reserved. |
|
9 * This material, including documentation and any related computer |
|
10 * programs, is protected by copyright controlled by Nokia. All |
|
11 * rights are reserved. Copying, including reproducing, storing, |
|
12 * adapting or translating, any or all of this material requires the |
|
13 * prior written consent of Nokia. This material also contains |
|
14 * confidential information which may not be disclosed to others |
|
15 * without the prior written consent of Nokia. |
|
16 * ============================================================================ |
|
17 * Template version: 4.2 |
|
18 */ |
|
19 |
|
20 |
|
21 |
|
22 #if !defined(_WAPI_WLAN_AUTHENTICATION_H_) |
|
23 #define _WAPI_WLAN_AUTHENTICATION_H_ |
|
24 |
|
25 // INCLUDES |
|
26 #include "wapi_am_wlan_authentication.h" |
|
27 #include "abs_wapi_am_wlan_authentication.h" |
|
28 #include "abs_wapi_ethernet_core.h" |
|
29 #include "abs_wapi_wlan_authentication.h" |
|
30 #include "eapol_key_types.h" |
|
31 #include "eap_array.h" |
|
32 #include "eapol_rsna_key_header.h" |
|
33 #include "eapol_test_stack_if.h" |
|
34 #include "eap_am_network_id.h" |
|
35 |
|
36 // FORWARD DECLARATIONS |
|
37 class wapi_ethernet_core_c; |
|
38 |
|
39 class eap_file_config_c; |
|
40 class eapol_wlan_database_reference_c; |
|
41 |
|
42 |
|
43 // CLASS DECLARATION |
|
44 class EAP_EXPORT wapi_wlan_authentication_c |
|
45 : public abs_wapi_am_wlan_authentication_c |
|
46 , public abs_wapi_ethernet_core_c |
|
47 , public abs_eap_base_timer_c |
|
48 #if defined(USE_TEST_EAPOL_WLAN_AUTHENTICATION) |
|
49 , public eapol_test_stack_if_c |
|
50 #endif |
|
51 { |
|
52 public: |
|
53 |
|
54 EAP_FUNC_IMPORT static wapi_wlan_authentication_c * new_wapi_wlan_authentication( |
|
55 abs_eap_am_tools_c * const tools, |
|
56 abs_wapi_wlan_authentication_c * const partner, |
|
57 const bool is_client_when_true, |
|
58 const abs_eapol_wlan_database_reference_if_c * const wlan_database_reference); |
|
59 |
|
60 EAP_FUNC_IMPORT wapi_wlan_authentication_c( |
|
61 abs_eap_am_tools_c * const tools, |
|
62 abs_wapi_wlan_authentication_c * const partner, |
|
63 wapi_am_wlan_authentication_c * const am_wauth, ///< wapi_wlan_authentication_c must always delete the am_wauth object. |
|
64 const bool is_client_when_true); |
|
65 |
|
66 #if defined(EXPORT_DESTRUCTORS) |
|
67 EAP_FUNC_IMPORT virtual ~wapi_wlan_authentication_c(); // For GCC compilation |
|
68 #else |
|
69 virtual ~wapi_wlan_authentication_c(); // For RVCT compilation |
|
70 #endif |
|
71 |
|
72 |
|
73 /////////////////////////////////////////////////////////////// |
|
74 /* These are called from WLM */ |
|
75 |
|
76 /** |
|
77 * This function checks whether WAPI BKSA is cached to each eap_am_network_id_c object. |
|
78 * Function removes eap_am_network_id_c object from bssid_sta_receive_network_ids if there are |
|
79 * no cached BKSA for removes eap_am_network_id_c object. |
|
80 * All eap_am_network_id_c objects that exist in bssid_sta_receive_network_ids |
|
81 * after function returns have BKSA cached and read_reassociation_parameters() can be called |
|
82 * with those eap_am_network_id_c objects. |
|
83 */ |
|
84 EAP_FUNC_IMPORT eap_status_e check_bksa_cache( |
|
85 eap_array_c<eap_am_network_id_c> * const bssid_sta_receive_network_ids, |
|
86 const eapol_key_authentication_type_e selected_eapol_key_authentication_type, |
|
87 const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e pairwise_key_cipher_suite, |
|
88 const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e group_key_cipher_suite); |
|
89 |
|
90 EAP_FUNC_IMPORT eap_status_e start_authentication( |
|
91 const eap_variable_data_c * const SSID, |
|
92 const eapol_key_authentication_type_e selected_eapol_key_authentication_type, |
|
93 // In WAPI these are used for the PSK mode |
|
94 const eap_variable_data_c * const preshared_key, |
|
95 const bool WAPI_override_enabled, |
|
96 const eap_am_network_id_c * const receive_network_id ///< source includes remote address, destination includes local address. |
|
97 ); |
|
98 |
|
99 EAP_FUNC_IMPORT eap_status_e complete_association( |
|
100 const eapol_wlan_authentication_state_e association_result, |
|
101 const eap_am_network_id_c * const receive_network_id, ///< source includes remote address, destination includes local address. |
|
102 const eap_variable_data_c * const received_WAPI_IE, |
|
103 const eap_variable_data_c * const sent_WAPI_IE, |
|
104 const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e pairwise_key_cipher_suite, |
|
105 const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e group_key_cipher_suite |
|
106 ); |
|
107 |
|
108 EAP_FUNC_IMPORT eap_status_e disassociation( |
|
109 const eap_am_network_id_c * const receive_network_id ///< source includes remote address, destination includes local address. |
|
110 ); |
|
111 |
|
112 EAP_FUNC_IMPORT eap_status_e start_reassociation( |
|
113 const eap_am_network_id_c * const old_receive_network_id, ///< source includes remote address, destination includes local address. |
|
114 const eap_am_network_id_c * const new_receive_network_id, ///< source includes remote address, destination includes local address. |
|
115 const eapol_key_authentication_type_e selected_eapol_key_authentication_type |
|
116 ); |
|
117 |
|
118 EAP_FUNC_IMPORT eap_status_e complete_reassociation( |
|
119 const eapol_wlan_authentication_state_e reassociation_result, |
|
120 const eap_am_network_id_c * const receive_network_id, |
|
121 const eap_variable_data_c * const received_WAPI_IE, |
|
122 const eap_variable_data_c * const sent_WAPI_IE, |
|
123 const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e pairwise_key_cipher_suite, |
|
124 const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e group_key_cipher_suite); |
|
125 |
|
126 EAP_FUNC_IMPORT eap_status_e packet_process( |
|
127 const eap_am_network_id_c * const receive_network_id, ///< source includes remote address, destination includes local address. |
|
128 eap_general_header_base_c * const packet_data, |
|
129 const u32_t packet_length |
|
130 ); |
|
131 |
|
132 |
|
133 ///////////////////////////////////////// |
|
134 /* These are called from wapi_ethernet_core */ |
|
135 |
|
136 /** |
|
137 * Sends packet to lower layers |
|
138 */ |
|
139 EAP_FUNC_IMPORT eap_status_e packet_send( |
|
140 const eap_am_network_id_c * const send_network_id, ///< source includes local address, destination includes remote address. |
|
141 eap_buf_chain_wr_c * const sent_packet, |
|
142 const u32_t header_offset, |
|
143 const u32_t data_length, |
|
144 const u32_t buffer_length); |
|
145 |
|
146 EAP_FUNC_IMPORT u32_t get_header_offset( |
|
147 u32_t * const MTU, |
|
148 u32_t * const trailer_length); |
|
149 |
|
150 EAP_FUNC_IMPORT void set_is_valid(); |
|
151 |
|
152 EAP_FUNC_IMPORT bool get_is_valid(); |
|
153 |
|
154 EAP_FUNC_IMPORT void increment_authentication_counter(); |
|
155 |
|
156 EAP_FUNC_IMPORT u32_t get_authentication_counter(); |
|
157 |
|
158 #if defined(USE_TEST_EAPOL_WLAN_AUTHENTICATION) |
|
159 |
|
160 // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
|
161 // For testing |
|
162 |
|
163 EAP_FUNC_IMPORT u32_t get_wrong_send_packet_index(); |
|
164 |
|
165 EAP_FUNC_IMPORT void set_authentication_can_succeed(); |
|
166 |
|
167 EAP_FUNC_IMPORT void reset_authentication_can_succeed(); |
|
168 |
|
169 EAP_FUNC_IMPORT void restore_authentication_can_succeed(); |
|
170 |
|
171 EAP_FUNC_IMPORT void set_authentication_must_not_succeed( |
|
172 const u32_t wrong_packet_index, |
|
173 const u32_t packet_index, |
|
174 const void * const wrong_packet_stack); |
|
175 |
|
176 // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
|
177 |
|
178 #endif // #if defined(USE_TEST_EAPOL_WLAN_AUTHENTICATION) |
|
179 |
|
180 EAP_FUNC_IMPORT bool get_is_client(); |
|
181 |
|
182 /** |
|
183 * This does the initial configuration of the class. |
|
184 */ |
|
185 EAP_FUNC_IMPORT eap_status_e configure(); |
|
186 |
|
187 EAP_FUNC_IMPORT eap_status_e shutdown(); |
|
188 |
|
189 /** |
|
190 * Reads a configuration parameter value from the database. |
|
191 * In Symbian this function is only a TRAP wrapper for read_configure_L. |
|
192 */ |
|
193 EAP_FUNC_IMPORT eap_status_e read_configure( |
|
194 const eap_configuration_field_c * const field, |
|
195 eap_variable_data_c * const data); |
|
196 |
|
197 EAP_FUNC_IMPORT eap_status_e write_configure( |
|
198 const eap_configuration_field_c * const field, |
|
199 eap_variable_data_c * const data); |
|
200 |
|
201 // See abs_eap_base_type_c::state_notification(). |
|
202 EAP_FUNC_IMPORT void state_notification(const abs_eap_state_notification_c * const state); |
|
203 |
|
204 EAP_FUNC_IMPORT eap_status_e set_timer( |
|
205 abs_eap_base_timer_c * const p_initializer, |
|
206 const u32_t p_id, |
|
207 void * const p_data, |
|
208 const u32_t p_time_ms); |
|
209 |
|
210 EAP_FUNC_IMPORT eap_status_e cancel_timer( |
|
211 abs_eap_base_timer_c * const p_initializer, |
|
212 const u32_t p_id); |
|
213 |
|
214 EAP_FUNC_IMPORT eap_status_e cancel_all_timers(); |
|
215 |
|
216 /** |
|
217 * Forwards the keys to lower layer (= WLM). |
|
218 */ |
|
219 EAP_FUNC_IMPORT eap_status_e packet_data_session_key( |
|
220 const eap_am_network_id_c * const send_network_id, ///< source includes local address, destination includes remote address. |
|
221 const eapol_session_key_c * const key); |
|
222 |
|
223 EAP_FUNC_IMPORT eap_status_e timer_expired(const u32_t id, void *data); |
|
224 |
|
225 EAP_FUNC_IMPORT eap_status_e timer_delete_data(const u32_t id, void *data); |
|
226 |
|
227 |
|
228 private: |
|
229 |
|
230 EAP_FUNC_IMPORT eap_status_e wapi_indication( |
|
231 const eap_am_network_id_c * const receive_network_id, ///< source includes remote address, destination includes local address. |
|
232 const eapol_wlan_authentication_state_e notification); |
|
233 |
|
234 EAP_FUNC_IMPORT eap_status_e create_upper_stack(); |
|
235 |
|
236 eap_status_e disassociation_mutex_must_be_reserved( |
|
237 const eap_am_network_id_c * const receive_network_id ///< source includes remote address, destination includes local address. |
|
238 ); |
|
239 |
|
240 eap_status_e cancel_all_authentication_sessions(); |
|
241 |
|
242 eap_status_e cancel_timer_this_ap_failed(); |
|
243 |
|
244 eap_status_e cancel_timer_failed_completely(); |
|
245 |
|
246 eap_status_e cancel_timer_no_response(); |
|
247 |
|
248 eap_status_e cancel_timer_authentication_cancelled(); |
|
249 |
|
250 #if defined(USE_EAP_ERROR_TESTS) |
|
251 |
|
252 eap_status_e random_error( |
|
253 eap_buf_chain_wr_c * const sent_packet, |
|
254 const bool forse_error, |
|
255 const u32_t packet_index); |
|
256 |
|
257 #endif //#if defined(USE_EAP_ERROR_TESTS) |
|
258 |
|
259 |
|
260 private: |
|
261 |
|
262 |
|
263 /// Pointer to the lower layer in the stack |
|
264 abs_wapi_wlan_authentication_c * m_partner; |
|
265 |
|
266 /// Pointer to the AM of WAUTH. |
|
267 wapi_am_wlan_authentication_c * m_am_wauth; |
|
268 |
|
269 /// Pointer to the upper layer in the stack |
|
270 wapi_ethernet_core_c * m_ethernet_core; |
|
271 |
|
272 /// Pointer to the tools class |
|
273 abs_eap_am_tools_c * m_am_tools; |
|
274 |
|
275 // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
|
276 |
|
277 eap_variable_data_c m_preshared_key; |
|
278 |
|
279 eapol_key_authentication_type_e m_authentication_type; |
|
280 |
|
281 eapol_key_802_11_authentication_mode_e m_802_11_authentication_mode; |
|
282 |
|
283 eap_variable_data_c m_received_WAPI_IE; |
|
284 |
|
285 eap_variable_data_c m_sent_WAPI_IE; |
|
286 |
|
287 eapol_RSNA_key_header_c::eapol_RSNA_cipher_e m_group_key_cipher_suite; |
|
288 |
|
289 eapol_RSNA_key_header_c::eapol_RSNA_cipher_e m_pairwise_key_cipher_suite; |
|
290 |
|
291 // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
|
292 |
|
293 u32_t m_authentication_counter; |
|
294 |
|
295 u32_t m_successful_authentications; |
|
296 |
|
297 u32_t m_failed_authentications; |
|
298 |
|
299 bool m_is_valid; |
|
300 |
|
301 bool m_is_client; |
|
302 |
|
303 bool m_shutdown_was_called; |
|
304 |
|
305 #if defined(USE_EAP_ERROR_TESTS) |
|
306 |
|
307 u32_t m_error_probability; |
|
308 |
|
309 u32_t m_randomly_drop_packets_probability; |
|
310 |
|
311 u32_t m_generate_multiple_error_packets; |
|
312 |
|
313 bool m_enable_random_errors; |
|
314 |
|
315 bool m_randomly_drop_packets; |
|
316 |
|
317 bool m_manipulate_ethernet_header; |
|
318 |
|
319 bool m_send_original_packet_first; |
|
320 |
|
321 #endif //#if defined(USE_EAP_ERROR_TESTS) |
|
322 |
|
323 // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
|
324 |
|
325 |
|
326 //-------------------------------------------------- |
|
327 }; // class wapi_wlan_authentication_c |
|
328 |
|
329 #endif //#if !defined(_WAPI_WLAN_AUTHENTICATION_H_) |
|
330 |
|
331 //-------------------------------------------------- |
|
332 |
|
333 |
|
334 // End of file |