src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.h

   1 /*
   2  * eap_fast.h
   3  *
   4  * Version:     $Id$
   5  *
   6  *   This program is free software; you can redistribute it and/or modify
   7  *   it under the terms of the GNU General Public License as published by
   8  *   the Free Software Foundation; either version 2 of the License, or
   9  *   (at your option) any later version.
  10  *
  11  *   This program is distributed in the hope that it will be useful,
  12  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  *   GNU General Public License for more details.
  15  *
  16  *   You should have received a copy of the GNU General Public License
  17  *   along with this program; if not, write to the Free Software
  18  *   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  19  *
  20  * Copyright 2003 Alan DeKok <aland@freeradius.org>
  21  * Copyright 2006 The FreeRADIUS server project
  22  */
  23 #ifndef _EAP_FAST_H
  24 #define _EAP_FAST_H
  25
  26 RCSIDH(eap_fast_h, "$Id$")
  27
  28 #include "eap_tls.h"
  29
  30 #define EAP_FAST_VERSION                        1
  31
  32 #define EAP_FAST_KEY_LEN                        64
  33 #define EAP_EMSK_LEN                            64
  34 #define EAP_FAST_SKS_LEN                        40
  35 #define EAP_FAST_SIMCK_LEN                      40
  36 #define EAP_FAST_CMK_LEN                        20
  37
  38 #define EAP_FAST_TLV_MANDATORY                  0x8000
  39 #define EAP_FAST_TLV_TYPE                       0x3fff
  40
  41 #define EAP_FAST_FATAL_ERROR                    2000
  42 #define EAP_FAST_ERR_TUNNEL_COMPROMISED         2001
  43 #define EAP_FAST_ERR_UNEXPECTED_TLV             2002
  44
  45 #define EAP_FAST_TLV_RESULT_SUCCESS             1
  46 #define EAP_FAST_TLV_RESULT_FAILURE             2
  47
  48 typedef enum eap_fast_stage_t {
  49         TLS_SESSION_HANDSHAKE = 0,
  50         AUTHENTICATION,
  51         CRYPTOBIND_CHECK,
  52         PROVISIONING,
  53         COMPLETE
  54 } eap_fast_stage_t;
  55
  56 typedef enum eap_fast_auth_type {
  57         EAP_FAST_UNKNOWN = 0,
  58         EAP_FAST_PROVISIONING_ANON,
  59         EAP_FAST_PROVISIONING_AUTH,
  60         EAP_FAST_NORMAL_AUTH
  61 } eap_fast_auth_type_t;
  62
  63 typedef enum eap_fast_pac_info_attr_type_t {
  64         PAC_INFO_PAC_KEY = 1,   // 1
  65         PAC_INFO_PAC_OPAQUE,    // 2
  66         PAC_INFO_PAC_LIFETIME,  // 3
  67         PAC_INFO_A_ID,          // 4
  68         PAC_INFO_I_ID,          // 5
  69         PAC_INFO_PAC_RESERVED6, // 6
  70         PAC_INFO_A_ID_INFO,     // 7
  71         PAC_INFO_PAC_ACK,       // 8
  72         PAC_INFO_PAC_INFO,      // 9
  73         PAC_INFO_PAC_TYPE,      // 10
  74         PAC_INFO_MAX
  75 } eap_fast_pac_info_attr_type_t;
  76
  77 typedef enum eap_fast_pac_type_t {
  78         PAC_TYPE_TUNNEL = 1,    // 1
  79         PAC_TYPE_MACHINE_AUTH,  // 2
  80         PAC_TYPE_USER_AUTHZ,    // 3
  81         PAC_TYPE_MAX
  82 } eap_fast_pac_type_t;
  83
  84 #define PAC_KEY_LENGTH          32
  85 #define PAC_A_ID_LENGTH         16
  86 #define PAC_I_ID_LENGTH         16
  87 #define PAC_A_ID_INFO_LENGTH    32
  88
  89 typedef struct eap_fast_pac_attr_hdr_t {
  90         uint16_t                        type;
  91         uint16_t                        length;
  92 } CC_HINT(__packed__) eap_fast_pac_attr_hdr_t;
  93
  94 typedef struct eap_fast_pac_attr_lifetime_t {
  95         eap_fast_pac_attr_hdr_t         hdr;
  96         uint32_t                        data;   // secs since epoch
  97 } CC_HINT(__packed__) eap_fast_pac_attr_lifetime_t;
  98
  99 typedef struct eap_fast_pac_attr_a_id_t {
 100         eap_fast_pac_attr_hdr_t         hdr;
 101         uint8_t                         data[PAC_A_ID_LENGTH];
 102 } CC_HINT(__packed__) eap_fast_pac_attr_a_id_t;
 103
 104 typedef struct eap_fast_pac_attr_i_id_t {
 105         eap_fast_pac_attr_hdr_t         hdr;
 106         uint8_t                         data[PAC_I_ID_LENGTH];
 107 } CC_HINT(__packed__) eap_fast_pac_attr_i_id_t;
 108
 109 typedef struct eap_fast_pac_attr_a_id_info_t {
 110         eap_fast_pac_attr_hdr_t         hdr;
 111         uint8_t                         data[PAC_A_ID_INFO_LENGTH];
 112 } CC_HINT(__packed__) eap_fast_pac_attr_a_id_info_t;
 113
 114 typedef struct eap_fast_pac_attr_pac_type_t {
 115         eap_fast_pac_attr_hdr_t         hdr;
 116         uint16_t                        data;
 117 } CC_HINT(__packed__) eap_fast_pac_attr_pac_type_t;
 118
 119 typedef struct eap_fast_pac_attr_pac_key_t {
 120         eap_fast_pac_attr_hdr_t         hdr;
 121         uint8_t                         data[PAC_KEY_LENGTH];
 122 } CC_HINT(__packed__) eap_fast_pac_attr_pac_key_t;
 123
 124 typedef struct eap_fast_attr_pac_opaque_plaintext_t {
 125         eap_fast_pac_attr_pac_type_t    type;
 126         eap_fast_pac_attr_lifetime_t    lifetime;
 127         eap_fast_pac_attr_pac_key_t     key;
 128 } CC_HINT(__packed__) eap_fast_attr_pac_opaque_plaintext_t;
 129
 130 typedef struct eap_fast_attr_pac_opaque_t {
 131         eap_fast_pac_attr_hdr_t         hdr;
 132         unsigned char                   aad[PAC_A_ID_LENGTH];
 133         unsigned char                   iv[EVP_MAX_IV_LENGTH];
 134         unsigned char                   tag[EVP_GCM_TLS_TAG_LEN];
 135         uint8_t                         data[sizeof(eap_fast_attr_pac_opaque_plaintext_t) * 2]; // space for EVP
 136 } CC_HINT(__packed__) eap_fast_attr_pac_opaque_t;
 137
 138 typedef struct eap_fast_attr_pac_info_t {
 139         eap_fast_pac_attr_hdr_t         hdr;
 140         eap_fast_pac_attr_lifetime_t    lifetime;
 141         eap_fast_pac_attr_a_id_t        a_id;
 142         eap_fast_pac_attr_a_id_info_t   a_id_info;
 143         eap_fast_pac_attr_pac_type_t    type;
 144 } CC_HINT(__packed__) eap_fast_attr_pac_info_t;
 145
 146 typedef struct eap_fast_pac_t {
 147         eap_fast_pac_attr_pac_key_t     key;
 148         eap_fast_attr_pac_info_t        info;
 149         eap_fast_attr_pac_opaque_t      opaque; // has to be last!
 150 } CC_HINT(__packed__) eap_fast_pac_t;
 151
 152 /* RFC 4851, Section 4.2.8 - Crypto-Binding TLV */
 153 typedef struct eap_tlv_crypto_binding_tlv_t {
 154         uint16_t tlv_type;
 155         uint16_t length;
 156         uint8_t reserved;
 157         uint8_t version;
 158         uint8_t received_version;
 159         uint8_t subtype;
 160         uint8_t nonce[32];
 161         uint8_t compound_mac[20];
 162 } CC_HINT(__packed__) eap_tlv_crypto_binding_tlv_t;
 163
 164 typedef enum eap_fast_tlv_type_t {
 165         EAP_FAST_TLV_RESERVED_0 = 0,    // 0
 166         EAP_FAST_TLV_RESERVED_1,        // 1
 167         EAP_FAST_TLV_RESERVED_2,        // 2
 168         EAP_FAST_TLV_RESULT,            // 3
 169         EAP_FAST_TLV_NAK,               // 4
 170         EAP_FAST_TLV_ERROR,             // 5
 171         EAP_FAST_TLV_RESERVED6,         // 6
 172         EAP_FAST_TLV_VENDOR_SPECIFIC,   // 7
 173         EAP_FAST_TLV_RESERVED8,         // 8
 174         EAP_FAST_TLV_EAP_PAYLOAD,       // 9
 175         EAP_FAST_TLV_INTERMED_RESULT,   // 10
 176         EAP_FAST_TLV_PAC,               // 11
 177         EAP_FAST_TLV_CRYPTO_BINDING,    // 12
 178         EAP_FAST_TLV_RESERVED_13,       // 13
 179         EAP_FAST_TLV_RESERVED_14,       // 14
 180         EAP_FAST_TLV_RESERVED_15,       // 15
 181         EAP_FAST_TLV_RESERVED_16,       // 16
 182         EAP_FAST_TLV_RESERVED_17,       // 17
 183         EAP_FAST_TLV_TRUSTED_ROOT,      // 18
 184         EAP_FAST_TLV_REQ_ACTION,        // 19
 185         EAP_FAST_TLV_PKCS,              // 20
 186         EAP_FAST_TLV_MAX
 187 } eap_fast_tlv_type_t;
 188
 189 typedef enum eap_fast_tlv_crypto_binding_tlv_subtype_t {
 190         EAP_FAST_TLV_CRYPTO_BINDING_SUBTYPE_REQUEST = 0,        // 0
 191         EAP_FAST_TLV_CRYPTO_BINDING_SUBTYPE_RESPONSE            // 1
 192 } eap_fast_tlv_crypto_binding_tlv_subtype_t;
 193
 194 /* RFC 5422: Section 3.3 - Key Derivations Used in the EAP-FAST Provisioning Exchange */
 195 typedef struct eap_fast_keyblock_t {
 196         uint8_t session_key_seed[EAP_FAST_SKS_LEN];
 197         uint8_t server_challenge[CHAP_VALUE_LENGTH];
 198         uint8_t client_challenge[CHAP_VALUE_LENGTH];
 199 } CC_HINT(__packed__) eap_fast_keyblock_t;
 200
 201 typedef struct eap_fast_tunnel_t {
 202         VALUE_PAIR              *username;
 203         VALUE_PAIR      *state;
 204         VALUE_PAIR      *accept_vps;
 205         bool            copy_request_to_tunnel;
 206         bool            use_tunneled_reply;
 207
 208         bool                    authenticated;
 209
 210         int                     mode;
 211         eap_fast_stage_t        stage;
 212         eap_fast_keyblock_t     *keyblock;
 213         uint8_t                 *simck;
 214         uint8_t                 *cmk;
 215         int                     imckc;
 216         struct {
 217                 uint8_t         mppe_send[CHAP_VALUE_LENGTH];
 218                 uint8_t         mppe_recv[CHAP_VALUE_LENGTH];
 219         } CC_HINT(__packed__)   isk;
 220         uint8_t                 *msk;
 221         uint8_t                 *emsk;
 222
 223         int                     default_method;
 224
 225         uint32_t                pac_lifetime;
 226         char const              *authority_identity;
 227         uint8_t const           *a_id;
 228         uint8_t const           *pac_opaque_key;
 229
 230         struct {
 231                 uint8_t                 *key;
 232                 eap_fast_pac_type_t     type;
 233                 uint32_t                expires;
 234                 bool                    expired;
 235                 bool                    send;
 236         }                       pac;
 237
 238         bool                    result_final;
 239
 240 #ifdef WITH_PROXY
 241         bool            proxy_tunneled_request_as_eap;  //!< Proxy tunneled session as EAP, or as de-capsulated
 242                                                         //!< protocol.
 243 #endif
 244         char const      *virtual_server;
 245 } eap_fast_tunnel_t;
 246
 247 /*
 248  *      Process the FAST portion of an EAP-FAST request.
 249  */
 250 void eap_fast_tlv_append(tls_session_t *tls_session, int tlv, bool mandatory,
 251                          int length, const void *data) CC_HINT(nonnull);
 252 PW_CODE eap_fast_process(eap_handler_t *eap_session, tls_session_t *tls_session) CC_HINT(nonnull);
 253
 254 /*
 255  *      A bunch of EAP-FAST helper functions.
 256  */
 257 VALUE_PAIR *eap_fast_fast2vp(REQUEST *request, UNUSED SSL *ssl, uint8_t const *data,
 258                              size_t data_len, DICT_ATTR const *fast_da, vp_cursor_t *out);
 259
 260 #endif /* _EAP_FAST_H */