Initial EAPOL changes

Added KMP API header, security protocol API header and modules for
PAE controller, PAE supplicant, PAE autenticator, PAE library, KMP service,
EAPOL relay, EAPOL PDU and initial EAPOL-Key exchange protocol.

Modified bootstrap to call PAE.

Author: Mika Leppänen

source/6LoWPAN/ws/ws_bootstrap.c

@@ -62,6 +62,8 @@
 #include "DHCPv6_client/dhcpv6_client_api.h"
 #include "net_rpl.h"
 #include "mac_api.h"
+#include "6LoWPAN/ws/ws_pae_controller.h"
+#include "6LoWPAN/ws/ws_eapol_relay.h"
 
 #define TRACE_GROUP "wsbs"
 
@@ -88,7 +90,11 @@ static uint16_t ws_bootstrap_routing_cost_calculate(protocol_interface_info_entr
 static uint16_t ws_bootstrap_rank_get(protocol_interface_info_entry_t *cur);
 static uint16_t ws_bootstrap_min_rank_inc_get(protocol_interface_info_entry_t *cur);
 
+static void ws_bootstrap_set_test_key(protocol_interface_info_entry_t *cur);
+static void ws_bootstrap_authentication_completed(bool success, protocol_interface_info_entry_t *cur);
+
 mac_neighbor_table_entry_t *ws_bootstrap_mac_neighbor_add(struct protocol_interface_info_entry *interface, const uint8_t *src64)
+
 {
     mac_neighbor_table_entry_t *neighbor = mac_neighbor_table_address_discover(mac_neighbor_info(interface), src64, MAC_ADDR_MODE_64_BIT);
     if (neighbor) {
@@ -1360,6 +1366,17 @@ int ws_bootstrap_init(int8_t interface_id, net_6lowpan_mode_e bootstrap_mode)
         goto init_fail;
     }
 
+    //Init PAE controller and set callback
+    ws_pae_controller_init(cur);
+    ws_pae_controller_cb_register(&ws_bootstrap_authentication_completed);
+
+    //Init EAPOL relay and register it to MPX
+    ws_eapol_relay_init(cur);
+    if (ws_eapol_relay_mpx_register(mpx_api, MPX_KEY_MANAGEMENT_ENC_USER_ID != 0)) {
+        ret_val =  -4;
+        // add deallocs
+        goto init_fail;
+    }
 
     cur->if_up = ws_bootstrap_up;
     cur->if_down = ws_bootstrap_down;
@@ -1706,6 +1723,27 @@ static void ws_bootstrap_start_discovery(protocol_interface_info_entry_t *cur)
     // Discovery statemachine is checkked after two trickle interval
     cur->bootsrap_state_machine_cnt = 2 * trickle_params_pan_discovery.Imin + randLIB_get_8bit() % 50;
 }
+
+// Start authentication
+static void ws_bootstrap_start_authentication(protocol_interface_info_entry_t *cur)
+{
+    ws_pae_controller_supplicant_authenticate();
+}
+
+static void ws_bootstrap_authentication_completed(bool success, protocol_interface_info_entry_t *cur)
+{
+    if (success) {
+        ws_bootstrap_set_test_key(cur);
+
+        ws_bootstrap_event_operation_start(cur);
+
+        //ws_bootstrap_event_configuration_start(cur);
+    } else {
+        // What else to do to start over again...
+        ws_bootstrap_event_discovery_start(cur);
+    }
+}
+
 // Start configuration learning
 static void ws_bootstrap_start_configuration_learn(protocol_interface_info_entry_t *cur)
 {
@@ -1714,6 +1752,8 @@ static void ws_bootstrap_start_configuration_learn(protocol_interface_info_entry
 
     cur->ws_info->configuration_learned = false;
     // Clear parent info
+
+    ws_pae_controller_set_target(cur->ws_info->parent_info.addr); // temporary!!! store since auth made later
     memset(cur->ws_info->parent_info.addr, 0, 8);
 
     // Clear all temporary information
@@ -1979,6 +2019,8 @@ static void ws_bootstrap_event_handler(arm_event_s *event)
                 ws_bootstrap_fhss_activate(cur);
                 ws_bootstrap_set_test_key(cur);
                 ws_bootstrap_event_operation_start(cur);
+
+                ws_pae_controller_authenticator_start();
                 break;
             }
             // Configure LLC for network discovery
@@ -1992,9 +2034,19 @@ static void ws_bootstrap_event_handler(arm_event_s *event)
             // only advert sol stopped as we might be doing re authentication
             cur->ws_info->trickle_pas_running = false;
             //Add Test ecurity key and security level's
-            ws_bootstrap_set_test_key(cur);
-            ws_bootstrap_event_configuration_start(cur);
+
+
+            //////////////////
+            // Advertisements stopped during the EAPOL
+            cur->ws_info->trickle_pa_running = false;
+            cur->ws_info->trickle_pc_running = false;
+            cur->ws_info->trickle_pas_running = false;
+            cur->ws_info->trickle_pcs_running = false;
+            //////////////////
+
+            ws_bootstrap_start_authentication(cur);
             break;
+
         case WS_CONFIGURATION_START:
             tr_info("Configuration start");
             // Old configuration is considered invalid stopping all
@@ -2072,7 +2124,10 @@ void ws_bootstrap_network_scan_process(protocol_interface_info_entry_t *cur)
 
     ws_bootstrap_network_information_learn(cur);
     ws_bootstrap_fhss_activate(cur);
-    ws_bootstrap_event_authentication_start(cur);
+
+    ws_bootstrap_set_test_key(cur);
+    ws_bootstrap_event_configuration_start(cur);
+    //ws_bootstrap_event_authentication_start(cur);
     return;
 }
 
@@ -2081,7 +2136,12 @@ void ws_bootstrap_configure_process(protocol_interface_info_entry_t *cur)
 
     if (cur->ws_info->configuration_learned) {
         ws_bootstrap_network_configuration_learn(cur);
-        ws_bootstrap_event_operation_start(cur);
+
+
+        //ws_bootstrap_event_operation_start(cur);
+
+        ws_bootstrap_event_authentication_start(cur);
+
         return;
     }
     return;

source/6LoWPAN/ws/ws_eapol_relay.c

@@ -0,0 +1,148 @@
+/*
+ * Copyright (c) 2016-2018, Arm Limited and affiliates.
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+#include "nsconfig.h"
+#include <string.h>
+#include "ns_types.h"
+#include "ns_list.h"
+#include "ns_trace.h"
+#include "nsdynmemLIB.h"
+#include "fhss_config.h"
+#include "NWK_INTERFACE/Include/protocol.h"
+#include "6LoWPAN/ws/ws_config.h"
+#include "Security/kmp/kmp.h"
+
+#include "mac_api.h"
+#include "mac_mcps.h"
+
+#include "Common_Protocols/ipv6_constants.h"
+#include "socket_api.h"
+
+#include "6LoWPAN/MAC/mac_helper.h"
+#include "6LoWPAN/MAC/mpx_api.h"
+
+#ifdef HAVE_WS
+
+#define TRACE_GROUP "wspsu"
+
+static void ws_eapol_relay_socket_cb(void *ptr);
+static void ws_eapol_relay_mpx_data_confirm(const mpx_api_t* api, const struct mcps_data_conf_s *data);
+static void ws_eapol_relay_mpx_data_indication(const mpx_api_t* api, const struct mcps_data_ind_s *data);
+static void ws_eapol_relay_data_request_primitiv_set(mcps_data_req_t *dataReq, protocol_interface_info_entry_t *cur);
+
+typedef struct {
+    protocol_interface_info_entry_t *interface_ptr;                 /**< List link entry */
+    int8_t relay_socket_id;                                         /**< Socket ID for relay */
+    mpx_api_t *mpx_api;                                             /**< mpx api */
+    uint16_t mpx_user_id;                                           /**< mpx user identifier */
+} eapol_relay_data_t;
+
+static eapol_relay_data_t *eapol_relay_data;
+
+void ws_eapol_relay_init(protocol_interface_info_entry_t *cur)
+{
+    if (!eapol_relay_data) {
+        eapol_relay_data = ns_dyn_mem_alloc(sizeof(eapol_relay_data_t));
+    }
+    eapol_relay_data->interface_ptr = cur;
+    eapol_relay_data->relay_socket_id = socket_open(IPV6_NH_UDP, 10253, &ws_eapol_relay_socket_cb);
+}
+
+static void ws_eapol_relay_socket_cb(void *cb)
+{
+    if (!eapol_relay_data || !eapol_relay_data->mpx_api) {
+        return;
+    }
+
+    socket_callback_t *cb_data = cb;
+
+    mcps_data_req_t data_request;
+
+    ws_eapol_relay_data_request_primitiv_set(&data_request, eapol_relay_data->interface_ptr);
+
+    kmp_udp_pdu_t *pdu = ns_dyn_mem_temporary_alloc(cb_data->d_len);
+
+    if (socket_recvfrom(cb_data->socket_id, pdu, cb_data->d_len, 0, 0) != cb_data->d_len) {
+        ns_dyn_mem_free(pdu);
+        return;
+    }
+
+    memcpy(data_request.DstAddr, pdu->eui_64, 8);
+
+    data_request.msdu = &(pdu->kmp_id);
+    data_request.msduLength = cb_data->d_len - 8;
+
+    eapol_relay_data->mpx_api->mpx_data_request(eapol_relay_data->mpx_api, &data_request, eapol_relay_data->mpx_user_id);
+
+    ns_dyn_mem_free(pdu);
+}
+
+static void ws_eapol_relay_data_request_primitiv_set(mcps_data_req_t *dataReq, protocol_interface_info_entry_t *cur)
+{
+    memset(dataReq, 0, sizeof(mcps_data_req_t));
+
+    dataReq->InDirectTx = false;
+    dataReq->TxAckReq = true;
+    dataReq->SrcAddrMode = ADDR_802_15_4_LONG;
+    dataReq->DstAddrMode = ADDR_802_15_4_LONG;
+    dataReq->DstPANId = mac_helper_panid_get(cur);
+}
+
+int8_t ws_eapol_relay_mpx_register(struct mpx_api_s *mpx_api, uint16_t mpx_user_id)
+{
+    eapol_relay_data->mpx_api = mpx_api;
+    eapol_relay_data->mpx_user_id = mpx_user_id;
+
+    if (eapol_relay_data->mpx_api) {
+        eapol_relay_data->mpx_api->mpx_user_registration(eapol_relay_data->mpx_api, ws_eapol_relay_mpx_data_confirm, ws_eapol_relay_mpx_data_indication, eapol_relay_data->mpx_user_id);
+    }
+    return 0;
+}
+
+static void ws_eapol_relay_mpx_data_confirm(const mpx_api_t* api, const struct mcps_data_conf_s *data)
+{
+     (void) api;
+     (void) data;
+}
+
+static void ws_eapol_relay_mpx_data_indication(const mpx_api_t* api, const struct mcps_data_ind_s *data)
+{
+    (void) api;
+
+    if (!data || !data->msduLength || !data->msdu_ptr) {
+        return;
+    }
+
+    ns_address_t dest_addr;
+    if (addr_interface_get_ll_address(eapol_relay_data->interface_ptr, &dest_addr.address[0], 1) < 0) {
+        return;
+    }
+    dest_addr.type = ADDRESS_IPV6;
+    dest_addr.identifier = 10254;
+
+    kmp_udp_pdu_t *pdu = ns_dyn_mem_temporary_alloc(8 + data->msduLength);
+    memcpy(&pdu->eui_64[0], &data->SrcAddr[0], 8);
+    memcpy(&pdu->kmp_id, data->msdu_ptr, data->msduLength);
+
+    socket_sendto(eapol_relay_data->relay_socket_id , &dest_addr, pdu, 8 + data->msduLength);
+
+    ns_dyn_mem_free(pdu);
+}
+
+#endif /* HAVE_WS */
+

source/6LoWPAN/ws/ws_eapol_relay.h

@@ -0,0 +1,25 @@
+/*
+ * Copyright (c) 2016-2018, Arm Limited and affiliates.
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef WS_EAPOL_RELAY_H_
+#define WS_EAPOL_RELAY_H_
+
+void ws_eapol_relay_init(protocol_interface_info_entry_t *cur);
+
+int8_t ws_eapol_relay_mpx_register(struct mpx_api_s *mpx_api, uint16_t mpx_user_id);
+
+#endif /* WS_EAPOL_RELAY_H_ */