Skip to content

Commit cc3ce58

Browse files
author
Mika Leppänen
committed
Moved 4WH functions to library and added constants
1 parent 650771c commit cc3ce58

File tree

7 files changed

+191
-128
lines changed

7 files changed

+191
-128
lines changed

source/6LoWPAN/ws/ws_bootstrap.c

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1803,11 +1803,14 @@ static void ws_bootstrap_key_insert(protocol_interface_info_entry_t *cur, uint8_
18031803

18041804
// Verify HASH etc.
18051805

1806-
mac_helper_security_key_clean(cur);
1807-
mac_helper_default_security_level_set(cur, AES_SECURITY_LEVEL_ENC_MIC64);
1808-
mac_helper_default_security_key_id_mode_set(cur, MAC_KEY_ID_MODE_IDX);
1809-
//Set Keys
1810-
mac_helper_security_default_key_set(cur, gtk, gtk_index + 1, MAC_KEY_ID_MODE_IDX);
1806+
// Check index, for now only reacts to keys of index 0
1807+
if (gtk_index == 0) {
1808+
mac_helper_security_key_clean(cur);
1809+
mac_helper_default_security_level_set(cur, AES_SECURITY_LEVEL_ENC_MIC64);
1810+
mac_helper_default_security_key_id_mode_set(cur, MAC_KEY_ID_MODE_IDX);
1811+
//Set Keys
1812+
mac_helper_security_default_key_set(cur, gtk, gtk_index + 1, MAC_KEY_ID_MODE_IDX);
1813+
}
18111814
}
18121815

18131816
static void ws_bootstrap_authentication_completed(protocol_interface_info_entry_t *cur, bool success)

source/Security/eapol/eapol_helper.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@
2222
#define EAPOL_EAP_TYPE 0
2323
#define EAPOL_KEY_TYPE 3
2424
#define EAPOL_KEY_NONCE_LEN 32
25+
#define EAPOL_KEY_MIC_LEN 16
2526

2627
#define EAPOL_BASE_LENGTH 4 //Protocol version 1 byte, Packet type 1 byte, packet length 2 byte
2728

source/Security/protocols/fwh_sec_prot/auth_fwh_sec_prot.c

Lines changed: 11 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -63,13 +63,13 @@ typedef enum {
6363
#define KEY_INFO_SECURED_KEY_FRAME 0x08
6464

6565
typedef struct {
66-
sec_prot_common_t common; /**< Common data */
67-
eapol_pdu_t recv_eapol_pdu; /**< Received EAPOL PDU */
68-
fwh_sec_prot_msg_e recv_msg; /**< Received message */
69-
uint8_t nonce[FWH_NONCE_LENGTH]; /**< Authenticator nonce */
70-
uint8_t new_ptk[48]; /**< PTK (384 bits) */
71-
void *recv_pdu;
72-
uint16_t recv_size;
66+
sec_prot_common_t common; /**< Common data */
67+
eapol_pdu_t recv_eapol_pdu; /**< Received EAPOL PDU */
68+
fwh_sec_prot_msg_e recv_msg; /**< Received message */
69+
uint8_t nonce[EAPOL_KEY_NONCE_LEN]; /**< Authenticator nonce */
70+
uint8_t new_ptk[PTK_LEN]; /**< PTK (384 bits) */
71+
void *recv_pdu; /**< received pdu */
72+
uint16_t recv_size; /**< received pdu size */
7373
} fwh_sec_prot_int_t;
7474

7575
static const trickle_params_t fwh_trickle_params = {
@@ -248,7 +248,7 @@ static int8_t auth_fwh_sec_prot_message_send(sec_prot_t *prot, fwh_sec_prot_msg_
248248

249249
switch (msg) {
250250
case FWH_MESSAGE_1: {
251-
uint8_t pmkid[16];
251+
uint8_t pmkid[PMKID_LEN];
252252
if (auth_fwh_sec_prot_pmkid_generate(prot, pmkid) < 0) {
253253
ns_dyn_mem_free(kde_start);
254254
return -1;
@@ -262,7 +262,7 @@ static int8_t auth_fwh_sec_prot_message_send(sec_prot_t *prot, fwh_sec_prot_msg_
262262
if (gtk_set_index >= 0 && gtks->gtk[gtk_set_index].set && gtks->gtk[gtk_set_index].live) {
263263
kde_end = kde_gtk_write(kde_end, gtk_set_index, gtks->gtk[gtk_set_index].key);
264264
}
265-
kde_end = kde_lifetime_write(kde_end, 1000);
265+
kde_end = kde_lifetime_write(kde_end, GTK_DEFAULT_LIFETIME);
266266
kde_end = kde_gtkl_write(kde_end, gtks->gtk[0].live, gtks->gtk[1].live, gtks->gtk[2].live, gtks->gtk[3].live);
267267
kde_padding_write(kde_end, kde_start + kde_len);
268268
}
@@ -361,7 +361,7 @@ static void auth_fwh_sec_prot_state_machine(sec_prot_t *prot)
361361
return;
362362
}
363363
if (auth_fwh_sec_prot_mic_validate(prot) < 0) {
364-
memset(data->new_ptk, 0, 48);
364+
memset(data->new_ptk, 0, PTK_LEN);
365365
return;
366366
}
367367

@@ -440,18 +440,7 @@ static int8_t auth_fwh_sec_prot_ptk_generate(sec_prot_t *prot, sec_prot_keys_t *
440440
static int8_t auth_fwh_sec_prot_mic_validate(sec_prot_t *prot)
441441
{
442442
fwh_sec_prot_int_t *data = fwh_sec_prot_get(prot);
443-
444-
uint8_t recv_mic[16];
445-
memcpy(recv_mic, data->recv_eapol_pdu.msg.key.key_mic, 16);
446-
447-
eapol_write_key_packet_mic(data->recv_pdu, 0);
448-
uint8_t mic[20];
449-
hmac_sha1_calc(data->new_ptk, 16, data->recv_pdu, data->recv_size, mic);
450-
if (memcmp(recv_mic, mic, 16) != 0) {
451-
return -1;
452-
}
453-
454-
return 0;
443+
return sec_prot_lib_mic_validate(data->new_ptk, data->recv_eapol_pdu.msg.key.key_mic, data->recv_pdu, data->recv_size);
455444
}
456445

457446
#endif /* HAVE_WS */

source/Security/protocols/fwh_sec_prot/supp_fwh_sec_prot.c

Lines changed: 24 additions & 89 deletions
Original file line numberDiff line numberDiff line change
@@ -65,15 +65,15 @@ typedef enum {
6565
#define KEY_INFO_SECURED_KEY_FRAME 0x08
6666

6767
typedef struct {
68-
sec_prot_common_t common; /**< Common data */
69-
eapol_pdu_t recv_eapol_pdu; /**< Received EAPOL PDU */
70-
fwh_sec_prot_msg_e recv_msg; /**< Received message */
71-
uint8_t snonce[FWH_NONCE_LENGTH]; /**< Supplicant nonce */
72-
uint8_t anonce[FWH_NONCE_LENGTH]; /**< Authenticator nonce */
73-
uint8_t new_ptk[48]; /**< PTK (384 bits) */
74-
void *recv_pdu;
75-
uint16_t recv_size;
76-
uint64_t recv_replay_cnt;
68+
sec_prot_common_t common; /**< Common data */
69+
eapol_pdu_t recv_eapol_pdu; /**< Received EAPOL PDU */
70+
fwh_sec_prot_msg_e recv_msg; /**< Received message */
71+
uint8_t snonce[EAPOL_KEY_NONCE_LEN]; /**< Supplicant nonce */
72+
uint8_t anonce[EAPOL_KEY_NONCE_LEN]; /**< Authenticator nonce */
73+
uint8_t new_ptk[PTK_LEN]; /**< PTK (384 bits) */
74+
void *recv_pdu; /**< received pdu */
75+
uint16_t recv_size; /**< received pdu size */
76+
uint64_t recv_replay_cnt; /**< received replay counter */
7777
} fwh_sec_prot_int_t;
7878

7979
static const trickle_params_t fwh_trickle_params = {
@@ -380,7 +380,8 @@ static void supp_fwh_sec_prot_state_machine(sec_prot_t *prot)
380380
case FWH_STATE_FINISH:
381381
tr_debug("4WH finish");
382382

383-
// KMP-FINISHED.indication,
383+
// KMP-FINISHED.indication
384+
memcpy(prot->sec_keys->ptk, data->new_ptk, PTK_LEN);
384385
prot->finished_ind(prot, sec_prot_result_get(&data->common), prot->sec_keys);
385386
sec_prot_state_set(prot, &data->common, FWH_STATE_FINISHED);
386387
break;
@@ -469,18 +470,7 @@ static int8_t supp_fwh_sec_prot_ptk_generate(sec_prot_t *prot, sec_prot_keys_t *
469470
static int8_t supp_fwh_sec_prot_mic_validate(sec_prot_t *prot)
470471
{
471472
fwh_sec_prot_int_t *data = fwh_sec_prot_get(prot);
472-
473-
uint8_t recv_mic[16];
474-
memcpy(recv_mic, data->recv_eapol_pdu.msg.key.key_mic, 16);
475-
476-
eapol_write_key_packet_mic(data->recv_pdu, 0);
477-
uint8_t mic[20];
478-
hmac_sha1_calc(data->new_ptk, 16, data->recv_pdu, data->recv_size, mic);
479-
if (memcmp(recv_mic, mic, 16) != 0) {
480-
return -1;
481-
}
482-
483-
return 0;
473+
return sec_prot_lib_mic_validate(data->new_ptk, data->recv_eapol_pdu.msg.key.key_mic, data->recv_pdu, data->recv_size);
484474
}
485475

486476
static void supp_fwh_sec_prot_recv_replay_counter_store(sec_prot_t *prot)
@@ -492,13 +482,13 @@ static void supp_fwh_sec_prot_recv_replay_counter_store(sec_prot_t *prot)
492482
static void supp_fwh_sec_prot_anonce_store(sec_prot_t *prot)
493483
{
494484
fwh_sec_prot_int_t *data = fwh_sec_prot_get(prot);
495-
memcpy(data->anonce, data->recv_eapol_pdu.msg.key.key_nonce, FWH_NONCE_LENGTH);
485+
memcpy(data->anonce, data->recv_eapol_pdu.msg.key.key_nonce, EAPOL_KEY_NONCE_LEN);
496486
}
497487

498488
static int8_t supp_fwh_sec_prot_anonce_validate(sec_prot_t *prot)
499489
{
500490
fwh_sec_prot_int_t *data = fwh_sec_prot_get(prot);
501-
if (memcmp(data->anonce, data->recv_eapol_pdu.msg.key.key_nonce, FWH_NONCE_LENGTH) != 0) {
491+
if (memcmp(data->anonce, data->recv_eapol_pdu.msg.key.key_nonce, EAPOL_KEY_NONCE_LEN) != 0) {
502492
return -1;
503493
}
504494
return 0;
@@ -514,30 +504,15 @@ static int8_t supp_fwh_kde_handle(sec_prot_t *prot)
514504
{
515505
fwh_sec_prot_int_t *data = fwh_sec_prot_get(prot);
516506

517-
eapol_pdu_t *eapol_pdu = &data->recv_eapol_pdu;
518-
519-
if (eapol_pdu->msg.key.key_data_length == 0 || eapol_pdu->msg.key.key_data == NULL) {
507+
uint16_t kde_len;
508+
uint8_t *kde = sec_prot_lib_message_handle(data->new_ptk, &kde_len, &data->recv_eapol_pdu);
509+
if (!kde) {
520510
return -1;
521511
}
522512

523-
uint8_t *ptk = data->new_ptk;
524-
uint16_t kde_len = eapol_pdu->msg.key.key_data_length;
525-
uint8_t *kde = ns_dyn_mem_temporary_alloc(kde_len);
526-
527-
uint8_t *key_data = eapol_pdu->msg.key.key_data;
528-
uint16_t key_data_len = eapol_pdu->msg.key.key_data_length;
529-
530-
if (eapol_pdu->msg.key.key_information.encrypted_key_data) {
531-
size_t output_len = kde_len;
532-
if (nist_aes_key_wrap(0, &ptk[16], 128, key_data, key_data_len, kde, &output_len) < 0 || output_len != (size_t) key_data_len - 8) {
533-
goto error;
534-
}
535-
} else {
536-
memcpy(kde, key_data, kde_len);
537-
}
538-
539513
switch (data->recv_msg) {
540-
case FWH_MESSAGE_1: {
514+
case FWH_MESSAGE_1:
515+
{
541516
uint8_t recv_pmkid[PMKID_LEN];
542517
uint8_t calc_pmkid[PMKID_LEN];
543518
if (kde_pmkid_read(kde, kde_len, recv_pmkid) < 0) {
@@ -549,55 +524,15 @@ static int8_t supp_fwh_kde_handle(sec_prot_t *prot)
549524
if (memcmp(recv_pmkid, calc_pmkid, PMKID_LEN) != 0) {
550525
goto error;
551526
}
552-
}
553-
break;
527+
}
528+
break;
554529

555-
case FWH_MESSAGE_3: {
530+
case FWH_MESSAGE_3:
556531
// If a valid new GTK value present, insert it
557-
prot->sec_keys->gtk_set_index = -1;
558-
559-
uint8_t key_id;
560-
uint8_t gtk[16];
561-
sec_prot_gtk_keys_t *gtks = prot->sec_keys->gtks;
562-
563-
if (kde_gtk_read(kde, kde_len, &key_id, gtk) >= 0) {
564-
// A new GTK value
565-
if (!gtks->gtk[key_id].set || memcmp(gtks->gtk[key_id].key, gtk, 16) != 0) {
566-
gtks->gtk[key_id].set = true;
567-
gtks->gtk[key_id].live = false; // Set from GTKL, if not set on GTKL then what?
568-
gtks->gtk[key_id].hash = false; // Not verified yet
569-
gtks->gtk[key_id].lifetime = 0; // Should be provided by authenticator
570-
memcpy(gtks->gtk[key_id].key, gtk, 16);
571-
prot->sec_keys->gtk_set_index = key_id; // Insert
572-
}
573-
uint32_t lifetime;
574-
if (kde_lifetime_read(kde, kde_len, &lifetime) >= 0) {
575-
if (gtks->gtk[key_id].set) {
576-
gtks->gtk[key_id].lifetime = lifetime;
577-
}
578-
}
579-
}
580-
uint8_t gtkl[4];
581-
if (kde_gtkl_read(kde, kde_len, &gtkl[0], &gtkl[1], &gtkl[2], &gtkl[3]) >= 0) {
582-
for (uint8_t i = 0; i < 4; i++) {
583-
if (gtkl[i]) {
584-
gtks->gtk[i].live = true; // Live on authenticator
585-
} else {
586-
gtks->gtk[i].live = false;
587-
}
588-
}
589-
} else {
532+
if (sec_prot_lib_gtk_read(kde, kde_len, prot->sec_keys->gtks, &prot->sec_keys->gtk_set_index) < 0) {
590533
goto error;
591534
}
592-
593-
// Sanity checks
594-
if (prot->sec_keys->gtk_set_index >= 0) {
595-
if (!gtks->gtk[prot->sec_keys->gtk_set_index].live) {
596-
prot->sec_keys->gtk_set_index = -1;
597-
}
598-
}
599-
}
600-
break;
535+
break;
601536

602537
default:
603538
break;

source/Security/protocols/sec_prot_keys.h

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,8 +28,16 @@
2828
#define PTK_LEN 48
2929
#define GTK_LEN 16
3030

31+
#define KCK_LEN 16
32+
#define KEK_LEN 16
33+
34+
#define KCK_INDEX 0
35+
#define KEK_INDEX 16
36+
3137
#define PMKID_LEN 16
3238

39+
#define GTK_DEFAULT_LIFETIME 60 * 60 * 24 * 30 // 30 days
40+
3341
typedef struct {
3442
uint8_t key[GTK_LEN]; /**< Group Transient Key (128 bits) */
3543
uint32_t lifetime; /**< Lifetime is seconds */

0 commit comments

Comments
 (0)