14 * Description: EAP and WLAN authentication protocols. |
14 * Description: EAP and WLAN authentication protocols. |
15 * |
15 * |
16 */ |
16 */ |
17 |
17 |
18 /* |
18 /* |
19 * %version: 47 % |
19 * %version: 28.1.3 % |
20 */ |
20 */ |
21 |
21 |
22 #if !defined(_EAPOL_CORE_H_) |
22 #if !defined(_EAPOL_CORE_H_) |
23 #define _EAPOL_CORE_H_ |
23 #define _EAPOL_CORE_H_ |
24 |
24 |
25 #include "eap_tools.h" |
25 #include "eap_tools.h" |
26 #include "eap_am_export.h" |
26 #include "eap_am_export.h" |
27 #include "abs_eap_session_core.h" |
27 #include "abs_eap_core.h" |
28 #include "eap_core.h" |
28 #include "eap_core.h" |
29 #include "abs_eapol_core.h" |
29 #include "abs_eapol_core.h" |
30 #include "eap_base_type.h" |
30 #include "eap_base_type.h" |
31 #include "eap_variable_data.h" |
31 #include "eap_variable_data.h" |
32 #include "abs_eap_am_mutex.h" |
32 #include "abs_eap_am_mutex.h" |
33 #include "eap_session_core_base.h" |
33 #if !defined(NO_EAP_SESSION_CORE) |
|
34 #include "eap_session_core.h" |
|
35 #endif |
34 #include "abs_eap_stack_interface.h" |
36 #include "abs_eap_stack_interface.h" |
35 #include "abs_eapol_key_state.h" |
37 #include "abs_eapol_key_state.h" |
36 #include "eapol_rsna_key_header.h" |
38 #include "eapol_rsna_key_header.h" |
37 #include "eapol_key_state.h" |
39 #if defined(USE_EAPOL_KEY_STATE) |
38 #include "abs_eapol_key_state_map.h" |
40 #include "eapol_key_state.h" |
39 #include "eap_database_reference_if.h" |
41 #include "abs_eapol_key_state_map.h" |
|
42 #endif //#if defined(USE_EAPOL_KEY_STATE) |
40 |
43 |
41 |
44 |
42 /** @file */ |
45 /** @file */ |
43 |
46 |
44 /** |
47 /** |
69 class eapol_RC4_key_header_c; |
72 class eapol_RC4_key_header_c; |
70 |
73 |
71 |
74 |
72 /// A eapol_core_c class implements the basic functionality of EAPOL. |
75 /// A eapol_core_c class implements the basic functionality of EAPOL. |
73 class EAP_EXPORT eapol_core_c |
76 class EAP_EXPORT eapol_core_c |
74 : public abs_eap_session_core_c |
77 : public abs_eap_core_c |
75 , public abs_eap_base_timer_c |
78 , public abs_eap_base_timer_c |
76 , public abs_eap_stack_interface_c |
79 , public abs_eap_stack_interface_c |
|
80 #if defined(USE_EAPOL_KEY_STATE) |
77 , public abs_eapol_key_state_c |
81 , public abs_eapol_key_state_c |
78 , public abs_eapol_key_state_map_c |
82 , public abs_eapol_key_state_map_c |
79 , public eap_database_reference_if_c |
83 #endif //#if defined(USE_EAPOL_KEY_STATE) |
80 { |
84 { |
81 |
85 |
82 private: |
86 private: |
83 //-------------------------------------------------- |
87 //-------------------------------------------------- |
84 |
88 |
86 abs_eapol_core_c * const m_partner; |
90 abs_eapol_core_c * const m_partner; |
87 |
91 |
88 /// This is pointer to the eap_core object. The eapol_core object gives |
92 /// This is pointer to the eap_core object. The eapol_core object gives |
89 /// the received packets to the eap_core object. The eap_core object sends |
93 /// the received packets to the eap_core object. The eap_core object sends |
90 /// packets through the eapol_core object. |
94 /// packets through the eapol_core object. |
91 eap_session_core_base_c * m_eap_core; |
95 #if !defined(NO_EAP_SESSION_CORE) |
92 |
96 eap_session_core_c * const m_eap_core; |
|
97 #else |
|
98 eap_core_c * const m_eap_core; |
|
99 #endif |
|
100 |
|
101 #if defined(USE_EAPOL_KEY_STATE) |
93 /// This stores eapol_key_state_c objects using eap_variable_data selector. |
102 /// This stores eapol_key_state_c objects using eap_variable_data selector. |
94 /// Selector data includes send addresses of the Ethernet packet. |
103 /// Selector data includes send addresses of the Ethernet packet. |
95 eap_core_map_c<eapol_key_state_c, abs_eapol_key_state_map_c, eap_variable_data_c> m_eapol_key_state_map; |
104 eap_core_map_c<eapol_key_state_c, abs_eapol_key_state_map_c, eap_variable_data_c> m_eapol_key_state_map; |
|
105 #endif //#if defined(USE_EAPOL_KEY_STATE) |
96 |
106 |
97 /// This is pointer to the tools class. |
107 /// This is pointer to the tools class. |
98 abs_eap_am_tools_c * const m_am_tools; |
108 abs_eap_am_tools_c * const m_am_tools; |
99 |
109 |
100 /// This is the master session key derived from a successful authentication |
110 /// This is the master session key derived from a successful authentication |
129 |
139 |
130 bool m_shutdown_was_called; |
140 bool m_shutdown_was_called; |
131 |
141 |
132 bool m_block_state_notifications; |
142 bool m_block_state_notifications; |
133 |
143 |
|
144 #if defined(USE_EAPOL_KEY_STATE) |
134 /// This flag will skip start of 4-Way Handshake with true value. |
145 /// This flag will skip start of 4-Way Handshake with true value. |
135 bool m_skip_start_4_way_handshake; |
146 bool m_skip_start_4_way_handshake; |
136 |
147 #endif //#if defined(USE_EAPOL_KEY_STATE) |
137 |
148 |
|
149 |
|
150 #if defined(USE_EAPOL_KEY_STATE) |
138 EAP_FUNC_IMPORT eap_status_e indicate_eapol_key_state_started_eap_authentication( |
151 EAP_FUNC_IMPORT eap_status_e indicate_eapol_key_state_started_eap_authentication( |
139 const eap_am_network_id_c * const send_network_id); |
152 const eap_am_network_id_c * const send_network_id); |
140 |
153 |
141 EAP_FUNC_IMPORT eap_status_e init_eapol_key_pmksa_caching_timeout( |
154 EAP_FUNC_IMPORT eap_status_e init_eapol_key_pmksa_caching_timeout( |
142 const eap_am_network_id_c * const send_network_id); |
155 const eap_am_network_id_c * const send_network_id); |
143 |
156 |
144 EAP_FUNC_IMPORT eap_status_e remove_eapol_key_state( |
157 EAP_FUNC_IMPORT eap_status_e remove_eapol_key_state( |
145 const eap_am_network_id_c * const send_network_id, |
158 const eap_am_network_id_c * const send_network_id); |
146 const bool force_remove); |
|
147 |
159 |
148 eap_status_e copy_eapol_key_state( |
160 eap_status_e copy_eapol_key_state( |
149 const eap_am_network_id_c * const old_receive_network_id, ///< source includes remote address, destination includes local address. |
161 const eap_am_network_id_c * const old_receive_network_id, ///< source includes remote address, destination includes local address. |
150 const eap_am_network_id_c * const new_receive_network_id ///< source includes remote address, destination includes local address. |
162 const eap_am_network_id_c * const new_receive_network_id ///< source includes remote address, destination includes local address. |
151 ); |
163 ); |
153 eap_status_e generate_new_pmksa( |
165 eap_status_e generate_new_pmksa( |
154 eapol_key_state_c * * const eapol_key_state, |
166 eapol_key_state_c * * const eapol_key_state, |
155 const eap_am_network_id_c * const old_receive_network_id, ///< source includes remote address, destination includes local address. |
167 const eap_am_network_id_c * const old_receive_network_id, ///< source includes remote address, destination includes local address. |
156 const eap_am_network_id_c * const new_receive_network_id ///< source includes remote address, destination includes local address. |
168 const eap_am_network_id_c * const new_receive_network_id ///< source includes remote address, destination includes local address. |
157 ); |
169 ); |
|
170 #endif //#if defined(USE_EAPOL_KEY_STATE) |
158 |
171 |
159 //-------------------------------------------------- |
172 //-------------------------------------------------- |
160 protected: |
173 protected: |
161 //-------------------------------------------------- |
174 //-------------------------------------------------- |
162 |
175 |
441 EAP_FUNC_IMPORT eap_status_e cancel_timer( |
454 EAP_FUNC_IMPORT eap_status_e cancel_timer( |
442 abs_eap_base_timer_c * const p_initializer, |
455 abs_eap_base_timer_c * const p_initializer, |
443 const u32_t p_id); |
456 const u32_t p_id); |
444 |
457 |
445 // |
458 // |
|
459 EAP_FUNC_IMPORT eap_status_e cancel_all_timers(); |
|
460 |
|
461 // |
446 EAP_FUNC_IMPORT eap_status_e check_is_valid_eap_type(const eap_type_value_e eap_type); |
462 EAP_FUNC_IMPORT eap_status_e check_is_valid_eap_type(const eap_type_value_e eap_type); |
447 |
463 |
448 // See abs_eap_core_c::get_eap_type_list(). |
464 // See abs_eap_core_c::get_eap_type_list(). |
449 EAP_FUNC_IMPORT eap_status_e get_eap_type_list( |
465 EAP_FUNC_IMPORT eap_status_e get_eap_type_list( |
450 eap_array_c<eap_type_value_e> * const eap_type_list); |
466 eap_array_c<eap_type_value_e> * const eap_type_list); |
451 |
467 |
|
468 #if defined(USE_EAPOL_KEY_STATE) |
452 // See abs_eapol_key_state_c::get_and_increment_global_key_counter(). |
469 // See abs_eapol_key_state_c::get_and_increment_global_key_counter(). |
453 EAP_FUNC_IMPORT eap_status_e get_and_increment_global_key_counter( |
470 EAP_FUNC_IMPORT eap_status_e get_and_increment_global_key_counter( |
454 eap_variable_data_c * const key_counter); |
471 eap_variable_data_c * const key_counter); |
455 |
472 #endif //#if defined(USE_EAPOL_KEY_STATE) |
|
473 |
|
474 |
|
475 #if defined(USE_EAPOL_KEY_STATE) && defined(USE_EAPOL_KEY_STATE_OPTIMIZED_4_WAY_HANDSHAKE) |
456 |
476 |
457 /** |
477 /** |
458 * Function creates a state for later use. This is for optimazing 4-Way Handshake. |
478 * Function creates a state for later use. This is for optimazing 4-Way Handshake. |
459 * @param receive_network_id carries the MAC addresses. |
479 * @param receive_network_id carries the MAC addresses. |
460 * MAC address of Authenticator should be in source address. MAC address of |
480 * MAC address of Authenticator should be in source address. MAC address of |
463 */ |
483 */ |
464 EAP_FUNC_IMPORT eap_status_e create_state( |
484 EAP_FUNC_IMPORT eap_status_e create_state( |
465 const eap_am_network_id_c * const receive_network_id, |
485 const eap_am_network_id_c * const receive_network_id, |
466 const eapol_key_authentication_type_e authentication_type |
486 const eapol_key_authentication_type_e authentication_type |
467 ); |
487 ); |
|
488 |
|
489 #endif //#if defined(USE_EAPOL_KEY_STATE) && defined(USE_EAPOL_KEY_STATE_OPTIMIZED_4_WAY_HANDSHAKE) |
|
490 |
|
491 |
|
492 #if defined(USE_EAPOL_KEY_STATE) |
468 |
493 |
469 /** |
494 /** |
470 * This function need to be called when client STA (re)associates to AP. |
495 * This function need to be called when client STA (re)associates to AP. |
471 * @param receive_network_id carries the MAC addresses. |
496 * @param receive_network_id carries the MAC addresses. |
472 * MAC address of Authenticator should be in source address. MAC address of Supplicant should be in destination address. |
497 * MAC address of Authenticator should be in source address. MAC address of Supplicant should be in destination address. |
483 const eap_variable_data_c * const supplicant_RSNA_IE, |
508 const eap_variable_data_c * const supplicant_RSNA_IE, |
484 const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e eapol_pairwise_cipher, |
509 const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e eapol_pairwise_cipher, |
485 const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e eapol_group_cipher, |
510 const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e eapol_group_cipher, |
486 const eap_variable_data_c * const pre_shared_key); |
511 const eap_variable_data_c * const pre_shared_key); |
487 |
512 |
|
513 #endif //#if defined(USE_EAPOL_KEY_STATE) |
|
514 |
|
515 |
|
516 #if defined(USE_EAPOL_KEY_STATE) |
488 /** |
517 /** |
489 * This function need to be called when client STA disassociates from AP. |
518 * This function need to be called when client STA disassociates from AP. |
490 * @param receive_network_id carries the MAC addresses. |
519 * @param receive_network_id carries the MAC addresses. |
491 * MAC address of Authenticator should be in source address. MAC address of Supplicant should be in destination address. |
520 * MAC address of Authenticator should be in source address. MAC address of Supplicant should be in destination address. |
492 */ |
521 */ |
493 EAP_FUNC_IMPORT eap_status_e disassociation( |
522 EAP_FUNC_IMPORT eap_status_e disassociation( |
494 const bool complete_to_lower_layer, |
|
495 const eap_am_network_id_c * const receive_network_id); |
523 const eap_am_network_id_c * const receive_network_id); |
496 |
524 #endif //#if defined(USE_EAPOL_KEY_STATE) |
|
525 |
|
526 #if defined(USE_EAPOL_KEY_STATE) |
497 EAP_FUNC_IMPORT eap_status_e asynchronous_init_remove_eapol_key_state( |
527 EAP_FUNC_IMPORT eap_status_e asynchronous_init_remove_eapol_key_state( |
498 const eap_am_network_id_c * const send_netword_id); |
528 const eap_am_network_id_c * const send_netword_id); |
499 |
529 #endif //#if defined(USE_EAPOL_KEY_STATE) |
|
530 |
|
531 #if defined(USE_EAPOL_KEY_STATE) |
500 EAP_FUNC_IMPORT static eap_status_e shutdown_operation( |
532 EAP_FUNC_IMPORT static eap_status_e shutdown_operation( |
501 eapol_key_state_c * const handler, |
533 eapol_key_state_c * const handler, |
502 abs_eap_am_tools_c * const m_am_tools); |
534 abs_eap_am_tools_c * const m_am_tools); |
503 |
535 #endif //#if defined(USE_EAPOL_KEY_STATE) |
|
536 |
|
537 #if defined(USE_EAPOL_KEY_STATE) |
504 EAP_FUNC_IMPORT static eap_status_e cancel_authentication_session( |
538 EAP_FUNC_IMPORT static eap_status_e cancel_authentication_session( |
505 eapol_key_state_c * const handler, |
539 eapol_key_state_c * const handler, |
506 abs_eap_am_tools_c * const m_am_tools); |
540 abs_eap_am_tools_c * const m_am_tools); |
|
541 #endif //#if defined(USE_EAPOL_KEY_STATE) |
507 |
542 |
508 /// @see abs_eap_core_c::add_rogue_ap(). |
543 /// @see abs_eap_core_c::add_rogue_ap(). |
509 EAP_FUNC_IMPORT eap_status_e add_rogue_ap(eap_array_c<eap_rogue_ap_entry_c> & rogue_ap_list); |
544 EAP_FUNC_IMPORT eap_status_e add_rogue_ap(eap_array_c<eap_rogue_ap_entry_c> & rogue_ap_list); |
510 |
545 |
511 EAP_FUNC_IMPORT eap_status_e tkip_mic_failure( |
546 EAP_FUNC_IMPORT eap_status_e tkip_mic_failure( |
515 |
550 |
516 // This is documented in abs_eap_core_c::set_session_timeout(). |
551 // This is documented in abs_eap_core_c::set_session_timeout(). |
517 EAP_FUNC_IMPORT eap_status_e set_session_timeout( |
552 EAP_FUNC_IMPORT eap_status_e set_session_timeout( |
518 const u32_t session_timeout_ms); |
553 const u32_t session_timeout_ms); |
519 |
554 |
520 #if defined(USE_EAP_SIMPLE_CONFIG) |
|
521 |
|
522 EAP_FUNC_IMPORT eap_status_e save_simple_config_session( |
|
523 const simple_config_state_e state, |
|
524 EAP_TEMPLATE_CONST eap_array_c<simple_config_credential_c> * const credential_array, |
|
525 const eap_variable_data_c * const new_password, |
|
526 const simple_config_Device_Password_ID_e Device_Password_ID, |
|
527 const simple_config_payloads_c * const other_configuration); |
|
528 |
|
529 #endif // #if defined(USE_EAP_SIMPLE_CONFIG) |
|
530 |
|
531 EAP_FUNC_IMPORT eap_status_e set_eap_database_reference_values( |
|
532 const eap_variable_data_c * const reference); |
|
533 |
|
534 EAP_FUNC_IMPORT eap_status_e get_802_11_authentication_mode( |
|
535 const eap_am_network_id_c * const receive_network_id, |
|
536 const eapol_key_authentication_type_e authentication_type, |
|
537 const eap_variable_data_c * const SSID, |
|
538 const eap_variable_data_c * const preshared_key); |
|
539 |
|
540 EAP_FUNC_IMPORT eap_status_e complete_get_802_11_authentication_mode( |
|
541 const eap_status_e completion_status, |
|
542 const eap_am_network_id_c * const receive_network_id, |
|
543 const eapol_key_802_11_authentication_mode_e mode); |
|
544 |
|
545 EAP_FUNC_IMPORT eap_status_e complete_remove_eap_session( |
|
546 const bool complete_to_lower_layer, |
|
547 const eap_am_network_id_c * const receive_network_id); |
|
548 |
|
549 private: |
555 private: |
550 |
556 |
|
557 |
|
558 #if !defined(USE_EAPOL_KEY_STATE) |
|
559 /** |
|
560 * The handle_RC4_key_descriptor() function parses the EAPOL-Key frame |
|
561 * that includes RC4 Key Descriptor. |
|
562 * This function retrieves the traffic encryption key from it. It forwards the key |
|
563 * to lower layers. The format of EAPOL-Key frame is described in |
|
564 * draft-congdon-radius-8021x-23.txt (RFC ????) |
|
565 * @param eapol is the received packet |
|
566 * @param packet_length is the length of the packet |
|
567 */ |
|
568 eap_status_e handle_RC4_key_descriptor( |
|
569 const eap_am_network_id_c * const receive_network_id, |
|
570 eapol_RC4_key_header_c * const eapol, |
|
571 const u32_t packet_length); |
|
572 #endif //#if !defined(USE_EAPOL_KEY_STATE) |
|
573 |
551 //-------------------------------------------------- |
574 //-------------------------------------------------- |
552 }; // class eapol_core_c |
575 }; // class eapol_core_c |
553 |
576 |
554 #endif //#if !defined(_EAPOL_CORE_H_) |
577 #endif //#if !defined(_EAPOL_CORE_H_) |
555 |
578 |