Corrected security protocols init and security message routing

Security protocols run now 30 seconds timer on init to clean if
protocol does not start (TLS runs longer timer since it is started
at the same time as EAP-TLS starts).

On incoming messages, the routing now prefers instances that are
not terminating. But routes to also to terminating instances if
other instances are not present.

Added some validations to TLS protocol start and traces to
security protocol init and finished.

Author: Mika Leppänen

source/6LoWPAN/ws/ws_pae_lib.c

@@ -76,15 +76,21 @@ int8_t ws_pae_lib_kmp_list_delete(kmp_list_t *kmp_list, kmp_api_t *kmp)
 
 kmp_api_t *ws_pae_lib_kmp_list_type_get(kmp_list_t *kmp_list, kmp_type_e type)
 {
+    kmp_api_t *kmp = NULL;
+
     ns_list_foreach(kmp_entry_t, cur, kmp_list) {
-        /* If type matches and receiving of messages has not been disabled for the kmp
-           (kmp is not in terminating phase) */
-        if (kmp_api_type_get(cur->kmp) == type && !kmp_api_receive_disable(cur->kmp)) {
-            return cur->kmp;
+        // If kmp type matches
+        if (kmp_api_type_get(cur->kmp) == type) {
+            /* If receiving of messages has not been disabled for the kmp (kmp is not
+               in terminating phase) prioritizes that kmp */
+            if (!kmp_api_receive_disable(cur->kmp)) {
+                return cur->kmp;
+            }
+            // Otherwise returns any kmp that matches
+            kmp = cur->kmp;
         }
     }
-
-    return 0;
+    return kmp;
 }
 
 void ws_pae_lib_kmp_list_free(kmp_list_t *kmp_list)

source/Security/protocols/eap_tls_sec_prot/auth_eap_tls_sec_prot.c

@@ -98,7 +98,7 @@ static int8_t auth_eap_tls_sec_prot_message_handle(sec_prot_t *prot);
 static int8_t auth_eap_tls_sec_prot_message_send(sec_prot_t *prot, uint8_t eap_code, uint8_t eap_type, uint8_t tls_state);
 
 static void auth_eap_tls_sec_prot_timer_timeout(sec_prot_t *prot, uint16_t ticks);
-static void auth_eap_tls_sec_prot_init_tls(sec_prot_t *prot);
+static int8_t auth_eap_tls_sec_prot_init_tls(sec_prot_t *prot);
 static void auth_eap_tls_sec_prot_delete_tls(sec_prot_t *prot);
 
 static void auth_eap_tls_sec_prot_seq_id_update(sec_prot_t *prot);
@@ -348,16 +348,16 @@ static int8_t auth_eap_tls_sec_prot_tls_send(sec_prot_t *tls_prot, void *pdu, ui
     return 0;
 }
 
-static void auth_eap_tls_sec_prot_init_tls(sec_prot_t *prot)
+static int8_t auth_eap_tls_sec_prot_init_tls(sec_prot_t *prot)
 {
     eap_tls_sec_prot_int_t *data = eap_tls_sec_prot_get(prot);
     if (data->tls_prot) {
-        return;
+        return 0;
     }
 
     data->tls_prot = prot->type_get(prot, SEC_PROT_TYPE_TLS);
     if (!data->tls_prot) {
-        return;
+        return -1;
     }
 
     data->tls_prot->header_size = TLS_HEAD_LEN;
@@ -369,6 +369,8 @@ static void auth_eap_tls_sec_prot_init_tls(sec_prot_t *prot)
     data->tls_prot->send = auth_eap_tls_sec_prot_tls_send;
 
     data->tls_ongoing = true;
+
+    return 0;
 }
 
 static void auth_eap_tls_sec_prot_delete_tls(sec_prot_t *prot)
@@ -388,14 +390,17 @@ static void auth_eap_tls_sec_prot_state_machine(sec_prot_t *prot)
     // EAP-TLS authenticator state machine
     switch (sec_prot_state_get(&data->common)) {
         case EAP_TLS_STATE_INIT:
+            tr_info("EAP-TLS init");
             sec_prot_state_set(prot, &data->common, EAP_TLS_STATE_CREATE_REQ);
+            prot->timer_start(prot);
             break;
 
         // Wait KMP-CREATE.request
         case EAP_TLS_STATE_CREATE_REQ:
             tr_info("EAP-TLS start, eui-64: %s", trace_array(sec_prot_remote_eui_64_addr_get(prot), 8));
 
-            prot->timer_start(prot);
+            // Set default timeout for the total maximum length of the negotiation
+            sec_prot_default_timeout_set(&data->common);
 
             // KMP-CREATE.confirm
             prot->create_conf(prot, SEC_RESULT_OK);
@@ -469,8 +474,11 @@ static void auth_eap_tls_sec_prot_state_machine(sec_prot_t *prot)
 
                 // All fragments received for a message
                 if (result == EAP_TLS_MSG_RECEIVE_DONE) {
-                    auth_eap_tls_sec_prot_init_tls(prot);
-
+                    // Initialize TLS protocol
+                    if (auth_eap_tls_sec_prot_init_tls(prot) < 0) {
+                        tr_error("TLS init failed");
+                        return;
+                    }
                     if (data->tls_ongoing) {
                         // Call TLS
                         data->tls_prot->receive(data->tls_prot, data->tls_recv.data, data->tls_recv.total_len);
@@ -538,12 +546,14 @@ static void auth_eap_tls_sec_prot_state_machine(sec_prot_t *prot)
             sec_prot_state_set(prot, &data->common, EAP_TLS_STATE_FINISHED);
             break;
 
-        case EAP_TLS_STATE_FINISHED:
+        case EAP_TLS_STATE_FINISHED: {
+            uint8_t *remote_eui_64 = sec_prot_remote_eui_64_addr_get(prot);
+            tr_info("EAP-TLS finished, eui-64: %s", remote_eui_64 ? trace_array(sec_prot_remote_eui_64_addr_get(prot), 8) : "not set");
             auth_eap_tls_sec_prot_delete_tls(prot);
             prot->timer_stop(prot);
             prot->finished(prot);
             break;
-
+        }
         default:
             break;
     }

source/Security/protocols/eap_tls_sec_prot/supp_eap_tls_sec_prot.c

@@ -90,7 +90,7 @@ static int8_t supp_eap_tls_sec_prot_message_handle(sec_prot_t *prot);
 static int8_t supp_eap_tls_sec_prot_message_send(sec_prot_t *prot, uint8_t eap_code, uint8_t eap_type, uint8_t tls_state);
 
 static void supp_eap_tls_sec_prot_timer_timeout(sec_prot_t *prot, uint16_t ticks);
-static void supp_eap_tls_sec_prot_init_tls(sec_prot_t *prot);
+static int8_t supp_eap_tls_sec_prot_init_tls(sec_prot_t *prot);
 static void supp_eap_tls_sec_prot_delete_tls(sec_prot_t *prot);
 
 static void supp_eap_tls_sec_prot_seq_id_update(sec_prot_t *prot);
@@ -360,16 +360,16 @@ static int8_t supp_eap_tls_sec_prot_tls_send(sec_prot_t *tls_prot, void *pdu, ui
     return 0;
 }
 
-static void supp_eap_tls_sec_prot_init_tls(sec_prot_t *prot)
+static int8_t supp_eap_tls_sec_prot_init_tls(sec_prot_t *prot)
 {
     eap_tls_sec_prot_int_t *data = eap_tls_sec_prot_get(prot);
     if (data->tls_prot) {
-        return;
+        return 0;
     }
 
     data->tls_prot = prot->type_get(prot, SEC_PROT_TYPE_TLS);
     if (!data->tls_prot) {
-        return;
+        return -1;
     }
 
     data->tls_prot->header_size = TLS_HEAD_LEN;
@@ -381,6 +381,8 @@ static void supp_eap_tls_sec_prot_init_tls(sec_prot_t *prot)
     data->tls_prot->send = supp_eap_tls_sec_prot_tls_send;
 
     data->tls_ongoing = true;
+
+    return 0;
 }
 
 static void supp_eap_tls_sec_prot_delete_tls(sec_prot_t *prot)
@@ -400,7 +402,9 @@ static void supp_eap_tls_sec_prot_state_machine(sec_prot_t *prot)
     // EAP-TLS supplicant state machine
     switch (sec_prot_state_get(&data->common)) {
         case EAP_TLS_STATE_INIT:
+            tr_info("EAP-TLS init");
             sec_prot_state_set(prot, &data->common, EAP_TLS_STATE_REQUEST_ID);
+            prot->timer_start(prot);
             break;
 
         // Wait EAP request, Identity (starts handshake on supplicant)
@@ -411,13 +415,14 @@ static void supp_eap_tls_sec_prot_state_machine(sec_prot_t *prot)
                 return;
             }
 
+            // Set default timeout for the total maximum length of the negotiation
+            sec_prot_default_timeout_set(&data->common);
+
             // Store sequence ID
             supp_eap_tls_sec_prot_seq_id_update(prot);
 
             tr_info("EAP-TLS start");
 
-            prot->timer_start(prot);
-
             // Send KMP-CREATE.indication
             prot->create_ind(prot);
             sec_prot_state_set(prot, &data->common, EAP_TLS_STATE_CREATE_RESP);
@@ -459,7 +464,10 @@ static void supp_eap_tls_sec_prot_state_machine(sec_prot_t *prot)
             data->common.ticks = retry_timeout;
 
             // Initialize TLS protocol
-            supp_eap_tls_sec_prot_init_tls(prot);
+            if (supp_eap_tls_sec_prot_init_tls(prot) < 0) {
+                tr_error("TLS init failed");
+                return;
+            }
             // Request TLS to start (send client hello)
             data->tls_prot->create_req(data->tls_prot, prot->sec_keys);
             break;
@@ -523,6 +531,7 @@ static void supp_eap_tls_sec_prot_state_machine(sec_prot_t *prot)
             break;
 
         case EAP_TLS_STATE_FINISHED:
+            tr_info("EAP-TLS finished");
             supp_eap_tls_sec_prot_delete_tls(prot);
             prot->timer_stop(prot);
             prot->finished(prot);

source/Security/protocols/fwh_sec_prot/auth_fwh_sec_prot.c

@@ -341,6 +341,7 @@ static void auth_fwh_sec_prot_state_machine(sec_prot_t *prot)
     // 4WH authenticator state machine
     switch (sec_prot_state_get(&data->common)) {
         case FWH_STATE_INIT:
+            tr_info("4WH: init");
             prot->timer_start(prot);
             sec_prot_state_set(prot, &data->common, FWH_STATE_CREATE_REQ);
             break;
@@ -349,6 +350,9 @@ static void auth_fwh_sec_prot_state_machine(sec_prot_t *prot)
         case FWH_STATE_CREATE_REQ:
             tr_info("4WH: start, eui-64: %s", trace_array(sec_prot_remote_eui_64_addr_get(prot), 8));
 
+            // Set default timeout for the total maximum length of the negotiation
+            sec_prot_default_timeout_set(&data->common);
+
             uint8_t *pmk = sec_prot_keys_pmk_get(prot->sec_keys);
             if (!pmk) { // If PMK is not set fails
                 prot->create_conf(prot, SEC_RESULT_ERROR);
@@ -429,10 +433,13 @@ static void auth_fwh_sec_prot_state_machine(sec_prot_t *prot)
             sec_prot_state_set(prot, &data->common, FWH_STATE_FINISHED);
             break;
 
-        case FWH_STATE_FINISHED:
+        case FWH_STATE_FINISHED: {
+            uint8_t *remote_eui_64 = sec_prot_remote_eui_64_addr_get(prot);
+            tr_info("4WH: finished, eui-64: %s", remote_eui_64 ? trace_array(sec_prot_remote_eui_64_addr_get(prot), 8) : "not set");
             prot->timer_stop(prot);
             prot->finished(prot);
             break;
+        }
 
         default:
             break;

source/Security/protocols/fwh_sec_prot/supp_fwh_sec_prot.c

@@ -310,6 +310,7 @@ static void supp_fwh_sec_prot_state_machine(sec_prot_t *prot)
     // 4WH supplicant state machine
     switch (sec_prot_state_get(&data->common)) {
         case FWH_STATE_INIT:
+            tr_info("4WH: init");
             prot->timer_start(prot);
             sec_prot_state_set(prot, &data->common, FWH_STATE_MESSAGE_1);
             break;
@@ -325,6 +326,9 @@ static void supp_fwh_sec_prot_state_machine(sec_prot_t *prot)
                 return;
             }
 
+            // Set default timeout for the total maximum length of the negotiation
+            sec_prot_default_timeout_set(&data->common);
+
             tr_info("4WH: start");
 
             // Store authenticator nonce for check when 4WH Message 3 is received
@@ -467,6 +471,7 @@ static void supp_fwh_sec_prot_state_machine(sec_prot_t *prot)
             break;
 
         case FWH_STATE_FINISHED:
+            tr_info("4WH: finished");
             prot->timer_stop(prot);
             prot->finished(prot);
             break;

source/Security/protocols/gkh_sec_prot/auth_gkh_sec_prot.c

@@ -293,14 +293,17 @@ static void auth_gkh_sec_prot_state_machine(sec_prot_t *prot)
     // GKH authenticator state machine
     switch (sec_prot_state_get(&data->common)) {
         case GKH_STATE_INIT:
+            tr_info("GKH init");
             sec_prot_state_set(prot, &data->common, GKH_STATE_CREATE_REQ);
+            prot->timer_start(prot);
             break;
 
         // Wait KMP-CREATE.request
         case GKH_STATE_CREATE_REQ:
             tr_info("GKH start, eui-64: %s", trace_array(sec_prot_remote_eui_64_addr_get(prot), 8));
 
-            prot->timer_start(prot);
+            // Set default timeout for the total maximum length of the negotiation
+            sec_prot_default_timeout_set(&data->common);
 
             // KMP-CREATE.confirm
             prot->create_conf(prot, SEC_RESULT_OK);
@@ -340,10 +343,13 @@ static void auth_gkh_sec_prot_state_machine(sec_prot_t *prot)
             sec_prot_state_set(prot, &data->common, GKH_STATE_FINISHED);
             break;
 
-        case GKH_STATE_FINISHED:
+        case GKH_STATE_FINISHED: {
+            uint8_t *remote_eui_64 = sec_prot_remote_eui_64_addr_get(prot);
+            tr_info("GKH finished, eui-64: %s", remote_eui_64 ? trace_array(sec_prot_remote_eui_64_addr_get(prot), 8) : "not set");
             prot->timer_stop(prot);
             prot->finished(prot);
             break;
+        }
 
         default:
             break;

source/Security/protocols/gkh_sec_prot/supp_gkh_sec_prot.c

@@ -230,7 +230,9 @@ static void supp_gkh_sec_prot_state_machine(sec_prot_t *prot)
     // GKH supplicant state machine
     switch (sec_prot_state_get(&data->common)) {
         case GKH_STATE_INIT:
+            tr_info("GKH init");
             sec_prot_state_set(prot, &data->common, GKH_STATE_MESSAGE_1);
+            prot->timer_start(prot);
             break;
 
         // Wait GKH message 1 (starts handshake on supplicant)
@@ -243,11 +245,12 @@ static void supp_gkh_sec_prot_state_machine(sec_prot_t *prot)
                 return;
             }
 
-            supp_gkh_sec_prot_security_replay_counter_update(prot);
+            // Set default timeout for the total maximum length of the negotiation
+            sec_prot_default_timeout_set(&data->common);
 
-            tr_debug("GKH start");
+            supp_gkh_sec_prot_security_replay_counter_update(prot);
 
-            prot->timer_start(prot);
+            tr_info("GKH start");
 
             // Send KMP-CREATE.indication
             prot->create_ind(prot);
@@ -267,14 +270,15 @@ static void supp_gkh_sec_prot_state_machine(sec_prot_t *prot)
             break;
 
         case GKH_STATE_FINISH:
-            tr_debug("GKH finish");
+            tr_info("GKH finish");
 
             // KMP-FINISHED.indication,
             prot->finished_ind(prot, sec_prot_result_get(&data->common), prot->sec_keys);
             sec_prot_state_set(prot, &data->common, GKH_STATE_FINISHED);
             break;
 
         case GKH_STATE_FINISHED:
+            tr_info("GKH finished");
             prot->timer_stop(prot);
             prot->finished(prot);
             break;

source/Security/protocols/sec_prot_lib.c

@@ -48,7 +48,7 @@ void sec_prot_init(sec_prot_common_t *data)
 {
     data->state = SEC_STATE_INIT;
     data->result = SEC_RESULT_OK;
-    data->ticks = SEC_TOTAL_TIMEOUT;
+    data->ticks = SEC_INIT_TIMEOUT;
     data->trickle_running = false;
 }
 
@@ -73,10 +73,14 @@ void sec_prot_timer_timeout_handle(sec_prot_t *prot, sec_prot_common_t *data, co
     if (data->ticks > ticks) {
         data->ticks -= ticks;
     } else {
-        tr_debug("prot timeout");
+        tr_debug("prot timeout, state: %i", data->state);
         data->ticks = 0;
         sec_prot_result_set(data, SEC_RESULT_TIMEOUT);
-        sec_prot_state_set(prot, data, SEC_STATE_FINISH);
+        if (data->state == SEC_STATE_INIT) {
+            sec_prot_state_set(prot, data, SEC_STATE_FINISHED);
+        } else {
+            sec_prot_state_set(prot, data, SEC_STATE_FINISH);
+        }
     }
 }
 
@@ -167,6 +171,11 @@ bool sec_prot_result_ok_check(sec_prot_common_t *data)
     return false;
 }
 
+void sec_prot_default_timeout_set(sec_prot_common_t *data)
+{
+    data->ticks = SEC_TOTAL_TIMEOUT;
+}
+
 void sec_prot_lib_nonce_generate(uint8_t *nonce)
 {
     // Use randlib

source/Security/protocols/sec_prot_lib.h

@@ -32,6 +32,7 @@
 #define FWH_NONCE_LENGTH              32
 #define EUI64_LEN                     8
 #define SEC_TOTAL_TIMEOUT             30 * 60 * 10 // 30 minutes
+#define SEC_INIT_TIMEOUT              60 * 10      // 60 seconds
 #define SEC_FINISHED_TIMEOUT          5 * 10       // 5 seconds
 
 
@@ -295,4 +296,12 @@ bool sec_prot_result_timeout_check(sec_prot_common_t *data);
  */
 bool sec_prot_result_ok_check(sec_prot_common_t *data);
 
+/**
+ * sec_prot_default_timeout_set sets default timeout for protocol
+ *
+ * \param data common data
+ *
+ */
+void sec_prot_default_timeout_set(sec_prot_common_t *data);
+
 #endif /* SEC_PROT_LIB_H_ */