1 /* 2 * hostapd / EAP-TLS (RFC 2716) 3 * Copyright (c) 2004-2008, Jouni Malinen <j (at) w1.fi> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * Alternatively, this software may be distributed under the terms of BSD 10 * license. 11 * 12 * See README and COPYING for more details. 13 */ 14 15 #include "includes.h" 16 17 #include "common.h" 18 #include "eap_i.h" 19 #include "eap_tls_common.h" 20 #include "crypto/tls.h" 21 22 23 static void eap_tls_reset(struct eap_sm *sm, void *priv); 24 25 26 struct eap_tls_data { 27 struct eap_ssl_data ssl; 28 enum { START, CONTINUE, SUCCESS, FAILURE } state; 29 int established; 30 }; 31 32 33 static const char * eap_tls_state_txt(int state) 34 { 35 switch (state) { 36 case START: 37 return "START"; 38 case CONTINUE: 39 return "CONTINUE"; 40 case SUCCESS: 41 return "SUCCESS"; 42 case FAILURE: 43 return "FAILURE"; 44 default: 45 return "Unknown?!"; 46 } 47 } 48 49 50 static void eap_tls_state(struct eap_tls_data *data, int state) 51 { 52 wpa_printf(MSG_DEBUG, "EAP-TLS: %s -> %s", 53 eap_tls_state_txt(data->state), 54 eap_tls_state_txt(state)); 55 data->state = state; 56 } 57 58 59 static void * eap_tls_init(struct eap_sm *sm) 60 { 61 struct eap_tls_data *data; 62 63 data = os_zalloc(sizeof(*data)); 64 if (data == NULL) 65 return NULL; 66 data->state = START; 67 68 if (eap_server_tls_ssl_init(sm, &data->ssl, 1)) { 69 wpa_printf(MSG_INFO, "EAP-TLS: Failed to initialize SSL."); 70 eap_tls_reset(sm, data); 71 return NULL; 72 } 73 74 return data; 75 } 76 77 78 static void eap_tls_reset(struct eap_sm *sm, void *priv) 79 { 80 struct eap_tls_data *data = priv; 81 if (data == NULL) 82 return; 83 eap_server_tls_ssl_deinit(sm, &data->ssl); 84 os_free(data); 85 } 86 87 88 static struct wpabuf * eap_tls_build_start(struct eap_sm *sm, 89 struct eap_tls_data *data, u8 id) 90 { 91 struct wpabuf *req; 92 93 req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TLS, 1, EAP_CODE_REQUEST, 94 id); 95 if (req == NULL) { 96 wpa_printf(MSG_ERROR, "EAP-TLS: Failed to allocate memory for " 97 "request"); 98 eap_tls_state(data, FAILURE); 99 return NULL; 100 } 101 102 wpabuf_put_u8(req, EAP_TLS_FLAGS_START); 103 104 eap_tls_state(data, CONTINUE); 105 106 return req; 107 } 108 109 110 static struct wpabuf * eap_tls_buildReq(struct eap_sm *sm, void *priv, u8 id) 111 { 112 struct eap_tls_data *data = priv; 113 struct wpabuf *res; 114 115 if (data->ssl.state == FRAG_ACK) { 116 return eap_server_tls_build_ack(id, EAP_TYPE_TLS, 0); 117 } 118 119 if (data->ssl.state == WAIT_FRAG_ACK) { 120 res = eap_server_tls_build_msg(&data->ssl, EAP_TYPE_TLS, 0, 121 id); 122 goto check_established; 123 } 124 125 switch (data->state) { 126 case START: 127 return eap_tls_build_start(sm, data, id); 128 case CONTINUE: 129 if (tls_connection_established(sm->ssl_ctx, data->ssl.conn)) 130 data->established = 1; 131 break; 132 default: 133 wpa_printf(MSG_DEBUG, "EAP-TLS: %s - unexpected state %d", 134 __func__, data->state); 135 return NULL; 136 } 137 138 res = eap_server_tls_build_msg(&data->ssl, EAP_TYPE_TLS, 0, id); 139 140 check_established: 141 if (data->established && data->ssl.state != WAIT_FRAG_ACK) { 142 /* TLS handshake has been completed and there are no more 143 * fragments waiting to be sent out. */ 144 wpa_printf(MSG_DEBUG, "EAP-TLS: Done"); 145 eap_tls_state(data, SUCCESS); 146 } 147 148 return res; 149 } 150 151 152 static Boolean eap_tls_check(struct eap_sm *sm, void *priv, 153 struct wpabuf *respData) 154 { 155 const u8 *pos; 156 size_t len; 157 158 pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_TLS, respData, &len); 159 if (pos == NULL || len < 1) { 160 wpa_printf(MSG_INFO, "EAP-TLS: Invalid frame"); 161 return TRUE; 162 } 163 164 return FALSE; 165 } 166 167 168 static void eap_tls_process_msg(struct eap_sm *sm, void *priv, 169 const struct wpabuf *respData) 170 { 171 struct eap_tls_data *data = priv; 172 if (data->state == SUCCESS && wpabuf_len(data->ssl.tls_in) == 0) { 173 wpa_printf(MSG_DEBUG, "EAP-TLS: Client acknowledged final TLS " 174 "handshake message"); 175 return; 176 } 177 if (eap_server_tls_phase1(sm, &data->ssl) < 0) 178 eap_tls_state(data, FAILURE); 179 } 180 181 182 static void eap_tls_process(struct eap_sm *sm, void *priv, 183 struct wpabuf *respData) 184 { 185 struct eap_tls_data *data = priv; 186 if (eap_server_tls_process(sm, &data->ssl, respData, data, 187 EAP_TYPE_TLS, NULL, eap_tls_process_msg) < 188 0) 189 eap_tls_state(data, FAILURE); 190 } 191 192 193 static Boolean eap_tls_isDone(struct eap_sm *sm, void *priv) 194 { 195 struct eap_tls_data *data = priv; 196 return data->state == SUCCESS || data->state == FAILURE; 197 } 198 199 200 static u8 * eap_tls_getKey(struct eap_sm *sm, void *priv, size_t *len) 201 { 202 struct eap_tls_data *data = priv; 203 u8 *eapKeyData; 204 205 if (data->state != SUCCESS) 206 return NULL; 207 208 eapKeyData = eap_server_tls_derive_key(sm, &data->ssl, 209 "client EAP encryption", 210 EAP_TLS_KEY_LEN); 211 if (eapKeyData) { 212 *len = EAP_TLS_KEY_LEN; 213 wpa_hexdump(MSG_DEBUG, "EAP-TLS: Derived key", 214 eapKeyData, EAP_TLS_KEY_LEN); 215 } else { 216 wpa_printf(MSG_DEBUG, "EAP-TLS: Failed to derive key"); 217 } 218 219 return eapKeyData; 220 } 221 222 223 static u8 * eap_tls_get_emsk(struct eap_sm *sm, void *priv, size_t *len) 224 { 225 struct eap_tls_data *data = priv; 226 u8 *eapKeyData, *emsk; 227 228 if (data->state != SUCCESS) 229 return NULL; 230 231 eapKeyData = eap_server_tls_derive_key(sm, &data->ssl, 232 "client EAP encryption", 233 EAP_TLS_KEY_LEN + EAP_EMSK_LEN); 234 if (eapKeyData) { 235 emsk = os_malloc(EAP_EMSK_LEN); 236 if (emsk) 237 os_memcpy(emsk, eapKeyData + EAP_TLS_KEY_LEN, 238 EAP_EMSK_LEN); 239 os_free(eapKeyData); 240 } else 241 emsk = NULL; 242 243 if (emsk) { 244 *len = EAP_EMSK_LEN; 245 wpa_hexdump(MSG_DEBUG, "EAP-TLS: Derived EMSK", 246 emsk, EAP_EMSK_LEN); 247 } else { 248 wpa_printf(MSG_DEBUG, "EAP-TLS: Failed to derive EMSK"); 249 } 250 251 return emsk; 252 } 253 254 255 static Boolean eap_tls_isSuccess(struct eap_sm *sm, void *priv) 256 { 257 struct eap_tls_data *data = priv; 258 return data->state == SUCCESS; 259 } 260 261 262 int eap_server_tls_register(void) 263 { 264 struct eap_method *eap; 265 int ret; 266 267 eap = eap_server_method_alloc(EAP_SERVER_METHOD_INTERFACE_VERSION, 268 EAP_VENDOR_IETF, EAP_TYPE_TLS, "TLS"); 269 if (eap == NULL) 270 return -1; 271 272 eap->init = eap_tls_init; 273 eap->reset = eap_tls_reset; 274 eap->buildReq = eap_tls_buildReq; 275 eap->check = eap_tls_check; 276 eap->process = eap_tls_process; 277 eap->isDone = eap_tls_isDone; 278 eap->getKey = eap_tls_getKey; 279 eap->isSuccess = eap_tls_isSuccess; 280 eap->get_emsk = eap_tls_get_emsk; 281 282 ret = eap_server_method_register(eap); 283 if (ret) 284 eap_server_method_free(eap); 285 return ret; 286 } 287