|
1 /* |
|
2 * Copyright (c) 2001-2006 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: EAP and WLAN authentication protocols. |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 |
|
21 #if !defined(_EAPOL_WLAN_AUTHENTICATION_H_) |
|
22 #define _EAPOL_WLAN_AUTHENTICATION_H_ |
|
23 |
|
24 // INCLUDES |
|
25 #include "eapol_am_wlan_authentication.h" |
|
26 #include "abs_eapol_am_wlan_authentication.h" |
|
27 #include "abs_ethernet_core.h" |
|
28 #include "abs_eapol_wlan_authentication.h" |
|
29 #include "eapol_key_types.h" |
|
30 #include "eap_type_selection.h" |
|
31 #include "eap_array.h" |
|
32 #include "eapol_key_state.h" |
|
33 #include "eapol_test_stack_if.h" |
|
34 |
|
35 #if defined(USE_EAP_SIMPLE_CONFIG) |
|
36 #include "abs_eap_configuration_if.h" |
|
37 #endif // #if defined(USE_EAP_SIMPLE_CONFIG) |
|
38 |
|
39 // FORWARD DECLARATIONS |
|
40 class ethernet_core_c; |
|
41 class eap_am_tools_symbian_c; |
|
42 class eap_file_config_c; |
|
43 |
|
44 |
|
45 // CLASS DECLARATION |
|
46 class EAP_EXPORT eapol_wlan_authentication_c |
|
47 : public abs_eapol_am_wlan_authentication_c |
|
48 , public abs_ethernet_core_c |
|
49 , public abs_eap_base_timer_c |
|
50 #if defined(USE_TEST_EAPOL_WLAN_AUTHENTICATION) |
|
51 , public eapol_test_stack_if_c |
|
52 #endif //#if defined(USE_TEST_EAPOL_WLAN_AUTHENTICATION) |
|
53 #if defined(USE_EAP_SIMPLE_CONFIG) |
|
54 , public abs_eap_configuration_if_c |
|
55 #endif // #if defined(USE_EAP_SIMPLE_CONFIG) |
|
56 { |
|
57 public: |
|
58 |
|
59 EAP_FUNC_IMPORT static eapol_wlan_authentication_c * new_eapol_wlan_authentication( |
|
60 abs_eap_am_tools_c * const tools, |
|
61 abs_eapol_wlan_authentication_c * const partner, |
|
62 const bool is_client_when_true, |
|
63 const abs_eapol_wlan_database_reference_if_c * const wlan_database_reference); |
|
64 |
|
65 EAP_FUNC_IMPORT eapol_wlan_authentication_c( |
|
66 abs_eap_am_tools_c * const tools, |
|
67 abs_eapol_wlan_authentication_c * const partner, |
|
68 eapol_am_wlan_authentication_c * const am_wauth, ///< eapol_wlan_authentication_c must always delete the am_wauth object. |
|
69 const bool is_client_when_true); |
|
70 |
|
71 #if defined(EXPORT_DESTRUCTORS) |
|
72 EAP_FUNC_IMPORT virtual ~eapol_wlan_authentication_c(); // For GCC compilation |
|
73 #else |
|
74 virtual ~eapol_wlan_authentication_c(); // For RVCT compilation |
|
75 #endif |
|
76 |
|
77 |
|
78 /////////////////////////////////////////////////////////////// |
|
79 /* These are called from WLM */ |
|
80 |
|
81 /** |
|
82 * This function checks whether PMKSA is cached to each eap_am_network_id_c object. |
|
83 * Function removes eap_am_network_id_c object from bssid_sta_receive_network_ids if there are |
|
84 * no cached PMKSA for removes eap_am_network_id_c object. |
|
85 * All eap_am_network_id_c objects that exist in bssid_sta_receive_network_ids |
|
86 * after function returns have PMKSA cached and read_reassociation_parameters() can be called |
|
87 * with those eap_am_network_id_c objects. |
|
88 */ |
|
89 EAP_FUNC_IMPORT eap_status_e check_pmksa_cache( |
|
90 eap_array_c<eap_am_network_id_c> * const bssid_sta_receive_network_ids, |
|
91 const eapol_key_authentication_type_e selected_eapol_key_authentication_type, |
|
92 const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e pairwise_key_cipher_suite, |
|
93 const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e group_key_cipher_suite); |
|
94 |
|
95 EAP_FUNC_IMPORT eap_status_e start_authentication( |
|
96 const eap_variable_data_c * const SSID, |
|
97 const eapol_key_authentication_type_e selected_eapol_key_authentication_type, |
|
98 const eap_variable_data_c * const wpa_preshared_key, |
|
99 const bool WPA_override_enabled |
|
100 #if defined(USE_EAPOL_KEY_STATE_OPTIMIZED_4_WAY_HANDSHAKE) |
|
101 , |
|
102 const eap_am_network_id_c * const receive_network_id ///< source includes remote address, destination includes local address. |
|
103 #endif //#if defined(USE_EAPOL_KEY_STATE_OPTIMIZED_4_WAY_HANDSHAKE) |
|
104 ); |
|
105 |
|
106 EAP_FUNC_IMPORT eap_status_e complete_association( |
|
107 const eapol_wlan_authentication_state_e association_result, |
|
108 const eap_am_network_id_c * const receive_network_id, ///< source includes remote address, destination includes local address. |
|
109 const eap_variable_data_c * const received_WPA_IE, // WLM must give only the WPA IE to EAPOL |
|
110 const eap_variable_data_c * const sent_WPA_IE, |
|
111 const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e pairwise_key_cipher_suite, |
|
112 const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e group_key_cipher_suite |
|
113 ); |
|
114 |
|
115 EAP_FUNC_IMPORT eap_status_e disassociation( |
|
116 const eap_am_network_id_c * const receive_network_id ///< source includes remote address, destination includes local address. |
|
117 ); |
|
118 |
|
119 EAP_FUNC_IMPORT eap_status_e start_preauthentication( |
|
120 const eap_am_network_id_c * const receive_network_id ///< source includes remote address, destination includes local address. |
|
121 ); |
|
122 |
|
123 EAP_FUNC_IMPORT eap_status_e start_reassociation( |
|
124 const eap_am_network_id_c * const old_receive_network_id, ///< source includes remote address, destination includes local address. |
|
125 const eap_am_network_id_c * const new_receive_network_id, ///< source includes remote address, destination includes local address. |
|
126 const eapol_key_authentication_type_e selected_eapol_key_authentication_type ///< In WPXM this must be the same in old and new APs, other connections can change authentication type. |
|
127 ); |
|
128 |
|
129 EAP_FUNC_IMPORT eap_status_e complete_reassociation( |
|
130 const eapol_wlan_authentication_state_e reassociation_result, |
|
131 const eap_am_network_id_c * const receive_network_id, |
|
132 const eap_variable_data_c * const received_WPA_IE, // WLM must give only the WPA IE to EAPOL |
|
133 const eap_variable_data_c * const sent_WPA_IE, |
|
134 const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e pairwise_key_cipher_suite, |
|
135 const eapol_RSNA_key_header_c::eapol_RSNA_cipher_e group_key_cipher_suite); |
|
136 |
|
137 EAP_FUNC_IMPORT eap_status_e start_WPXM_reassociation( |
|
138 const eap_am_network_id_c * const old_receive_network_id, ///< source includes remote address, destination includes local address. |
|
139 const eap_am_network_id_c * const new_receive_network_id, ///< source includes remote address, destination includes local address. |
|
140 eap_variable_data_c * const send_reassociation_request_ie, |
|
141 const eap_variable_data_c * const received_WPA_ie, |
|
142 const eap_variable_data_c * const sent_WPA_ie); |
|
143 |
|
144 EAP_FUNC_IMPORT eap_status_e complete_WPXM_reassociation( |
|
145 const eapol_wlan_authentication_state_e reassociation_result, |
|
146 const eap_am_network_id_c * const receive_network_id, |
|
147 const eap_variable_data_c * const received_reassociation_ie); |
|
148 |
|
149 EAP_FUNC_IMPORT eap_status_e packet_process( |
|
150 const eap_am_network_id_c * const receive_network_id, ///< source includes remote address, destination includes local address. |
|
151 eap_general_header_base_c * const packet_data, |
|
152 const u32_t packet_length |
|
153 ); |
|
154 |
|
155 EAP_FUNC_IMPORT eap_status_e tkip_mic_failure( |
|
156 const eap_am_network_id_c * const receive_network_id, ///< source includes remote address, destination includes local address. |
|
157 const bool fatal_failure_when_true, |
|
158 const eapol_RSNA_key_header_c::eapol_tkip_mic_failure_type_e tkip_mic_failure_type |
|
159 ); |
|
160 |
|
161 EAP_FUNC_IMPORT eap_status_e eap_acknowledge( |
|
162 const eap_am_network_id_c * const receive_network_id ///< source includes remote address, destination includes local address. |
|
163 ); |
|
164 |
|
165 ///////////////////////////////////////// |
|
166 /* These are called from ethernet_core */ |
|
167 |
|
168 /** |
|
169 * Sends packet to lower layers |
|
170 */ |
|
171 EAP_FUNC_IMPORT eap_status_e packet_send( |
|
172 const eap_am_network_id_c * const send_network_id, ///< source includes local address, destination includes remote address. |
|
173 eap_buf_chain_wr_c * const sent_packet, |
|
174 const u32_t header_offset, |
|
175 const u32_t data_length, |
|
176 const u32_t buffer_length); |
|
177 |
|
178 EAP_FUNC_IMPORT u32_t get_header_offset( |
|
179 u32_t * const MTU, |
|
180 u32_t * const trailer_length); |
|
181 |
|
182 /** |
|
183 * Loads an EAP type plug-in. |
|
184 * @param type Type to be loaded. |
|
185 * @param partner Pointer to the partner class for the EAP type. |
|
186 * @param eap_type The pointer for the loaded type should be set here. |
|
187 * @param is_client_when_true Indicates whether the loaded EAP type should be client or server. |
|
188 * @param receive_network_id Network address. |
|
189 */ |
|
190 EAP_FUNC_IMPORT eap_status_e load_module( |
|
191 const eap_type_value_e type, |
|
192 const eap_type_value_e /* tunneling_type */, |
|
193 abs_eap_base_type_c * const partner, |
|
194 eap_base_type_c ** const eap_type, |
|
195 const bool is_client_when_true, |
|
196 const eap_am_network_id_c * const receive_network_id ///< source includes remote address, destination includes local address. |
|
197 ); |
|
198 |
|
199 EAP_FUNC_IMPORT eap_status_e unload_module(const eap_type_value_e type); |
|
200 |
|
201 EAP_FUNC_IMPORT void set_is_valid(); |
|
202 |
|
203 EAP_FUNC_IMPORT bool get_is_valid(); |
|
204 |
|
205 EAP_FUNC_IMPORT void increment_authentication_counter(); |
|
206 |
|
207 EAP_FUNC_IMPORT u32_t get_authentication_counter(); |
|
208 |
|
209 EAP_FUNC_IMPORT bool get_is_client(); |
|
210 |
|
211 /** |
|
212 * This does the initial configuration of the class. |
|
213 */ |
|
214 EAP_FUNC_IMPORT eap_status_e configure(); |
|
215 |
|
216 EAP_FUNC_IMPORT eap_status_e shutdown(); |
|
217 |
|
218 /** |
|
219 * Reads a configuration parameter value from the database. |
|
220 * In Symbian this function is only a TRAP wrapper for read_configure_L. |
|
221 */ |
|
222 EAP_FUNC_IMPORT eap_status_e read_configure( |
|
223 const eap_configuration_field_c * const field, |
|
224 eap_variable_data_c * const data); |
|
225 |
|
226 EAP_FUNC_IMPORT eap_status_e write_configure( |
|
227 const eap_configuration_field_c * const field, |
|
228 eap_variable_data_c * const data); |
|
229 |
|
230 // See abs_eap_base_type_c::state_notification(). |
|
231 EAP_FUNC_IMPORT void state_notification(const abs_eap_state_notification_c * const state); |
|
232 |
|
233 EAP_FUNC_IMPORT eap_status_e set_timer( |
|
234 abs_eap_base_timer_c * const p_initializer, |
|
235 const u32_t p_id, |
|
236 void * const p_data, |
|
237 const u32_t p_time_ms); |
|
238 |
|
239 EAP_FUNC_IMPORT eap_status_e cancel_timer( |
|
240 abs_eap_base_timer_c * const p_initializer, |
|
241 const u32_t p_id); |
|
242 |
|
243 EAP_FUNC_IMPORT eap_status_e cancel_all_timers(); |
|
244 |
|
245 EAP_FUNC_IMPORT eap_status_e check_is_valid_eap_type(const eap_type_value_e eap_type); |
|
246 |
|
247 /** |
|
248 * Forwards the keys to lower layer (= WLM). |
|
249 */ |
|
250 EAP_FUNC_IMPORT eap_status_e packet_data_session_key( |
|
251 const eap_am_network_id_c * const send_network_id, ///< source includes local address, destination includes remote address. |
|
252 const eapol_session_key_c * const key); |
|
253 |
|
254 EAP_FUNC_IMPORT eap_status_e timer_expired(const u32_t id, void *data); |
|
255 |
|
256 EAP_FUNC_IMPORT eap_status_e timer_delete_data(const u32_t id, void *data); |
|
257 |
|
258 EAP_FUNC_IMPORT eap_status_e get_eap_type_list( |
|
259 eap_array_c<eap_type_value_e> * const eap_type_list); |
|
260 |
|
261 EAP_FUNC_IMPORT eap_status_e add_rogue_ap(eap_array_c<eap_rogue_ap_entry_c> & rogue_ap_list); |
|
262 |
|
263 EAP_FUNC_IMPORT u32_t get_current_eap_index(); |
|
264 |
|
265 EAP_FUNC_IMPORT void set_current_eap_index(u32_t eap_index); |
|
266 |
|
267 |
|
268 #if defined(USE_TEST_EAPOL_WLAN_AUTHENTICATION) |
|
269 /// These are called by testing application. |
|
270 EAP_FUNC_IMPORT u32_t get_wrong_send_packet_index(); |
|
271 |
|
272 EAP_FUNC_IMPORT void reset_authentication_can_succeed(); |
|
273 |
|
274 EAP_FUNC_IMPORT void set_authentication_can_succeed(); |
|
275 |
|
276 EAP_FUNC_IMPORT void restore_authentication_can_succeed(); |
|
277 |
|
278 EAP_FUNC_IMPORT void set_authentication_must_not_succeed( |
|
279 const u32_t wrong_packet_index, |
|
280 const u32_t packet_index, |
|
281 const void * const wrong_packet_stack); |
|
282 #endif //#if defined(USE_TEST_EAPOL_WLAN_AUTHENTICATION) |
|
283 |
|
284 #if defined(USE_EAP_SIMPLE_CONFIG) |
|
285 EAP_FUNC_IMPORT eap_status_e save_simple_config_session( |
|
286 const simple_config_state_e state, |
|
287 EAP_TEMPLATE_CONST eap_array_c<simple_config_credential_c> * const credential_array, |
|
288 const eap_variable_data_c * const new_password, |
|
289 const simple_config_Device_Password_ID_e Device_Password_ID, |
|
290 const simple_config_payloads_c * const other_configuration); |
|
291 #endif // #if defined(USE_EAP_SIMPLE_CONFIG) |
|
292 |
|
293 private: |
|
294 |
|
295 EAP_FUNC_IMPORT eap_status_e eapol_indication( |
|
296 const eap_am_network_id_c * const receive_network_id, ///< source includes remote address, destination includes local address. |
|
297 const eapol_wlan_authentication_state_e notification); |
|
298 |
|
299 EAP_FUNC_IMPORT eap_status_e create_upper_stack(); |
|
300 |
|
301 eap_status_e disassociation_mutex_must_be_reserved( |
|
302 const eap_am_network_id_c * const receive_network_id ///< source includes remote address, destination includes local address. |
|
303 ); |
|
304 |
|
305 eap_status_e cancel_all_authentication_sessions(); |
|
306 |
|
307 private: |
|
308 |
|
309 |
|
310 eap_status_e cancel_timer_this_ap_failed(); |
|
311 |
|
312 eap_status_e cancel_timer_failed_completely(); |
|
313 |
|
314 eap_status_e cancel_timer_no_response(); |
|
315 |
|
316 eap_status_e cancel_timer_authentication_cancelled(); |
|
317 |
|
318 |
|
319 |
|
320 /// Pointer to the lower layer in the stack |
|
321 abs_eapol_wlan_authentication_c * m_partner; |
|
322 |
|
323 /// Pointer to the AM of WAUTH. |
|
324 eapol_am_wlan_authentication_c * m_am_wauth; |
|
325 |
|
326 /// Pointer to the upper layer in the stack |
|
327 ethernet_core_c * m_ethernet_core; |
|
328 |
|
329 /// Pointer to the tools class |
|
330 abs_eap_am_tools_c * m_am_tools; |
|
331 |
|
332 // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
|
333 |
|
334 eap_array_c<eap_type_selection_c> m_selected_eap_types; |
|
335 |
|
336 eap_variable_data_c m_wpa_preshared_key_hash; |
|
337 |
|
338 eapol_key_authentication_type_e m_authentication_type; |
|
339 |
|
340 eapol_key_802_11_authentication_mode_e m_802_11_authentication_mode; |
|
341 |
|
342 eap_variable_data_c m_received_WPA_IE; // WLM must give only the WPA IE to EAPOL |
|
343 |
|
344 eap_variable_data_c m_sent_WPA_IE; |
|
345 |
|
346 eapol_RSNA_key_header_c::eapol_RSNA_cipher_e m_group_key_cipher_suite; |
|
347 |
|
348 eapol_RSNA_key_header_c::eapol_RSNA_cipher_e m_pairwise_key_cipher_suite; |
|
349 |
|
350 u32_t m_current_eap_index; |
|
351 |
|
352 // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
|
353 |
|
354 u32_t m_authentication_counter; |
|
355 |
|
356 u32_t m_successful_authentications; |
|
357 |
|
358 u32_t m_failed_authentications; |
|
359 |
|
360 bool m_is_valid; |
|
361 |
|
362 bool m_is_client; |
|
363 |
|
364 bool m_shutdown_was_called; |
|
365 |
|
366 // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
|
367 |
|
368 #if defined(USE_EAP_ERROR_TESTS) |
|
369 bool m_randomly_drop_packets; |
|
370 |
|
371 u32_t m_randomly_drop_packets_probability; |
|
372 |
|
373 u32_t m_error_probability; |
|
374 |
|
375 u32_t m_generate_multiple_error_packets; |
|
376 |
|
377 u32_t m_packet_index; |
|
378 |
|
379 bool m_enable_random_errors; |
|
380 |
|
381 bool m_manipulate_ethernet_header; |
|
382 |
|
383 bool m_send_original_packet_first; |
|
384 #endif //#if defined(USE_EAP_ERROR_TESTS) |
|
385 |
|
386 // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
|
387 |
|
388 |
|
389 //-------------------------------------------------- |
|
390 }; // class eapol_wlan_authentication_c |
|
391 |
|
392 #endif //#if !defined(_EAPOL_WLAN_AUTHENTICATION_H_) |
|
393 |
|
394 //-------------------------------------------------- |
|
395 |
|
396 |
|
397 // End of file |