1*4882a593Smuzhiyun /* 2*4882a593Smuzhiyun * 802.1x EAPOL definitions 3*4882a593Smuzhiyun * 4*4882a593Smuzhiyun * See 5*4882a593Smuzhiyun * IEEE Std 802.1X-2001 6*4882a593Smuzhiyun * IEEE 802.1X RADIUS Usage Guidelines 7*4882a593Smuzhiyun * 8*4882a593Smuzhiyun * Copyright (C) 2020, Broadcom. 9*4882a593Smuzhiyun * 10*4882a593Smuzhiyun * Unless you and Broadcom execute a separate written software license 11*4882a593Smuzhiyun * agreement governing use of this software, this software is licensed to you 12*4882a593Smuzhiyun * under the terms of the GNU General Public License version 2 (the "GPL"), 13*4882a593Smuzhiyun * available at http://www.broadcom.com/licenses/GPLv2.php, with the 14*4882a593Smuzhiyun * following added to such license: 15*4882a593Smuzhiyun * 16*4882a593Smuzhiyun * As a special exception, the copyright holders of this software give you 17*4882a593Smuzhiyun * permission to link this software with independent modules, and to copy and 18*4882a593Smuzhiyun * distribute the resulting executable under terms of your choice, provided that 19*4882a593Smuzhiyun * you also meet, for each linked independent module, the terms and conditions of 20*4882a593Smuzhiyun * the license of that module. An independent module is a module which is not 21*4882a593Smuzhiyun * derived from this software. The special exception does not apply to any 22*4882a593Smuzhiyun * modifications of the software. 23*4882a593Smuzhiyun * 24*4882a593Smuzhiyun * 25*4882a593Smuzhiyun * <<Broadcom-WL-IPTag/Dual:>> 26*4882a593Smuzhiyun */ 27*4882a593Smuzhiyun 28*4882a593Smuzhiyun #ifndef _eapol_h_ 29*4882a593Smuzhiyun #define _eapol_h_ 30*4882a593Smuzhiyun 31*4882a593Smuzhiyun #ifndef _TYPEDEFS_H_ 32*4882a593Smuzhiyun #include <typedefs.h> 33*4882a593Smuzhiyun #endif 34*4882a593Smuzhiyun 35*4882a593Smuzhiyun /* This marks the start of a packed structure section. */ 36*4882a593Smuzhiyun #include <packed_section_start.h> 37*4882a593Smuzhiyun 38*4882a593Smuzhiyun #if !defined(BCMCRYPTO_COMPONENT) 39*4882a593Smuzhiyun #include <bcmcrypto/aeskeywrap.h> 40*4882a593Smuzhiyun #endif /* !BCMCRYPTO_COMPONENT */ 41*4882a593Smuzhiyun 42*4882a593Smuzhiyun /* EAPOL for 802.3/Ethernet */ 43*4882a593Smuzhiyun typedef BWL_PRE_PACKED_STRUCT struct { 44*4882a593Smuzhiyun struct ether_header eth; /* 802.3/Ethernet header */ 45*4882a593Smuzhiyun unsigned char version; /* EAPOL protocol version */ 46*4882a593Smuzhiyun unsigned char type; /* EAPOL type */ 47*4882a593Smuzhiyun unsigned short length; /* Length of body */ 48*4882a593Smuzhiyun unsigned char body[1]; /* Body (optional) */ 49*4882a593Smuzhiyun } BWL_POST_PACKED_STRUCT eapol_header_t; 50*4882a593Smuzhiyun 51*4882a593Smuzhiyun #define EAPOL_HEADER_LEN 18 52*4882a593Smuzhiyun 53*4882a593Smuzhiyun typedef struct { 54*4882a593Smuzhiyun unsigned char version; /* EAPOL protocol version */ 55*4882a593Smuzhiyun unsigned char type; /* EAPOL type */ 56*4882a593Smuzhiyun unsigned short length; /* Length of body */ 57*4882a593Smuzhiyun } eapol_hdr_t; 58*4882a593Smuzhiyun 59*4882a593Smuzhiyun #define EAPOL_HDR_LEN 4u 60*4882a593Smuzhiyun 61*4882a593Smuzhiyun /* EAPOL version */ 62*4882a593Smuzhiyun #define WPA2_EAPOL_VERSION 2u 63*4882a593Smuzhiyun #define WPA_EAPOL_VERSION 1u 64*4882a593Smuzhiyun #define LEAP_EAPOL_VERSION 1u 65*4882a593Smuzhiyun #define SES_EAPOL_VERSION 1u 66*4882a593Smuzhiyun 67*4882a593Smuzhiyun /* EAPOL types */ 68*4882a593Smuzhiyun #define EAP_PACKET 0 69*4882a593Smuzhiyun #define EAPOL_START 1u 70*4882a593Smuzhiyun #define EAPOL_LOGOFF 2u 71*4882a593Smuzhiyun #define EAPOL_KEY 3u 72*4882a593Smuzhiyun #define EAPOL_ASF 4u 73*4882a593Smuzhiyun 74*4882a593Smuzhiyun /* EAPOL-Key types */ 75*4882a593Smuzhiyun #define EAPOL_RC4_KEY 1u 76*4882a593Smuzhiyun #define EAPOL_WPA2_KEY 2u /* 802.11i/WPA2 */ 77*4882a593Smuzhiyun #define EAPOL_WPA_KEY 254u /* WPA */ 78*4882a593Smuzhiyun 79*4882a593Smuzhiyun /* RC4 EAPOL-Key header field sizes */ 80*4882a593Smuzhiyun #define EAPOL_KEY_REPLAY_LEN 8u 81*4882a593Smuzhiyun #define EAPOL_KEY_IV_LEN 16u 82*4882a593Smuzhiyun #define EAPOL_KEY_SIG_LEN 16u 83*4882a593Smuzhiyun 84*4882a593Smuzhiyun /* RC4 EAPOL-Key */ 85*4882a593Smuzhiyun typedef BWL_PRE_PACKED_STRUCT struct { 86*4882a593Smuzhiyun unsigned char type; /* Key Descriptor Type */ 87*4882a593Smuzhiyun unsigned short length; /* Key Length (unaligned) */ 88*4882a593Smuzhiyun unsigned char replay[EAPOL_KEY_REPLAY_LEN]; /* Replay Counter */ 89*4882a593Smuzhiyun unsigned char iv[EAPOL_KEY_IV_LEN]; /* Key IV */ 90*4882a593Smuzhiyun unsigned char index; /* Key Flags & Index */ 91*4882a593Smuzhiyun unsigned char signature[EAPOL_KEY_SIG_LEN]; /* Key Signature */ 92*4882a593Smuzhiyun unsigned char key[1]; /* Key (optional) */ 93*4882a593Smuzhiyun } BWL_POST_PACKED_STRUCT eapol_key_header_t; 94*4882a593Smuzhiyun 95*4882a593Smuzhiyun #define EAPOL_KEY_HEADER_LEN 44u 96*4882a593Smuzhiyun 97*4882a593Smuzhiyun /* RC4 EAPOL-Key flags */ 98*4882a593Smuzhiyun #define EAPOL_KEY_FLAGS_MASK 0x80u 99*4882a593Smuzhiyun #define EAPOL_KEY_BROADCAST 0u 100*4882a593Smuzhiyun #define EAPOL_KEY_UNICAST 0x80u 101*4882a593Smuzhiyun 102*4882a593Smuzhiyun /* RC4 EAPOL-Key index */ 103*4882a593Smuzhiyun #define EAPOL_KEY_INDEX_MASK 0x7fu 104*4882a593Smuzhiyun 105*4882a593Smuzhiyun /* WPA/802.11i/WPA2 EAPOL-Key header field sizes */ 106*4882a593Smuzhiyun #define EAPOL_AKW_BLOCK_LEN 8 107*4882a593Smuzhiyun #define EAPOL_WPA_KEY_REPLAY_LEN 8u 108*4882a593Smuzhiyun #define EAPOL_WPA_KEY_NONCE_LEN 32u 109*4882a593Smuzhiyun #define EAPOL_WPA_KEY_IV_LEN 16u 110*4882a593Smuzhiyun #define EAPOL_WPA_KEY_RSC_LEN 8u 111*4882a593Smuzhiyun #define EAPOL_WPA_KEY_ID_LEN 8u 112*4882a593Smuzhiyun #define EAPOL_WPA_KEY_DATA_LEN (EAPOL_WPA_MAX_KEY_SIZE + EAPOL_AKW_BLOCK_LEN) 113*4882a593Smuzhiyun #define EAPOL_WPA_MAX_KEY_SIZE 32u 114*4882a593Smuzhiyun #define EAPOL_WPA_KEY_MAX_MIC_LEN 32u 115*4882a593Smuzhiyun #define EAPOL_WPA_ENCR_KEY_MAX_LEN 64u 116*4882a593Smuzhiyun #define EAPOL_WPA_TEMP_ENCR_KEY_MAX_LEN 32u 117*4882a593Smuzhiyun 118*4882a593Smuzhiyun #define EAPOL_WPA_PMK_MAX_LEN 64u 119*4882a593Smuzhiyun #define EAPOL_WPA_PMK_SHA384_LEN 48u 120*4882a593Smuzhiyun #define EAPOL_WPA_PMK_DEFAULT_LEN 32u 121*4882a593Smuzhiyun #define EAPOL_WPA_KCK_DEFAULT_LEN 16u 122*4882a593Smuzhiyun #define EAPOL_WPA_KCK_SHA384_LEN 24u 123*4882a593Smuzhiyun #define EAPOL_WPA_KCK_MIC_DEFAULT_LEN 16u 124*4882a593Smuzhiyun #define EAPOL_WPA_KCK_MIC_SHA384_LEN 24u 125*4882a593Smuzhiyun #define EAPOL_WPA_ENCR_KEY_DEFAULT_LEN 16u 126*4882a593Smuzhiyun 127*4882a593Smuzhiyun #define EAPOL_WPA_KEK2_SHA256_LEN 16u 128*4882a593Smuzhiyun #define EAPOL_WPA_KEK2_SHA384_LEN 32u 129*4882a593Smuzhiyun #define EAPOL_WPA_KCK2_SHA256_LEN 16u 130*4882a593Smuzhiyun #define EAPOL_WPA_KCK2_SHA384_LEN 24u 131*4882a593Smuzhiyun 132*4882a593Smuzhiyun #ifndef EAPOL_KEY_HDR_VER_V2 133*4882a593Smuzhiyun #define EAPOL_WPA_KEY_MIC_LEN 16u /* deprecated */ 134*4882a593Smuzhiyun #define EAPOL_WPA_KEY_LEN 95u /* deprecated */ 135*4882a593Smuzhiyun #endif 136*4882a593Smuzhiyun 137*4882a593Smuzhiyun #define EAPOL_PTK_KEY_MAX_LEN (EAPOL_WPA_KEY_MAX_MIC_LEN +\ 138*4882a593Smuzhiyun EAPOL_WPA_ENCR_KEY_MAX_LEN +\ 139*4882a593Smuzhiyun EAPOL_WPA_TEMP_ENCR_KEY_MAX_LEN +\ 140*4882a593Smuzhiyun EAPOL_WPA_KCK2_SHA384_LEN +\ 141*4882a593Smuzhiyun EAPOL_WPA_KEK2_SHA384_LEN) 142*4882a593Smuzhiyun 143*4882a593Smuzhiyun #ifndef EAPOL_KEY_HDR_VER_V2 144*4882a593Smuzhiyun 145*4882a593Smuzhiyun /* WPA EAPOL-Key : deprecated */ 146*4882a593Smuzhiyun typedef BWL_PRE_PACKED_STRUCT struct { 147*4882a593Smuzhiyun unsigned char type; /* Key Descriptor Type */ 148*4882a593Smuzhiyun unsigned short key_info; /* Key Information (unaligned) */ 149*4882a593Smuzhiyun unsigned short key_len; /* Key Length (unaligned) */ 150*4882a593Smuzhiyun unsigned char replay[EAPOL_WPA_KEY_REPLAY_LEN]; /* Replay Counter */ 151*4882a593Smuzhiyun unsigned char nonce[EAPOL_WPA_KEY_NONCE_LEN]; /* Nonce */ 152*4882a593Smuzhiyun unsigned char iv[EAPOL_WPA_KEY_IV_LEN]; /* Key IV */ 153*4882a593Smuzhiyun unsigned char rsc[EAPOL_WPA_KEY_RSC_LEN]; /* Key RSC */ 154*4882a593Smuzhiyun unsigned char id[EAPOL_WPA_KEY_ID_LEN]; /* WPA:Key ID, 802.11i/WPA2: Reserved */ 155*4882a593Smuzhiyun unsigned char mic[EAPOL_WPA_KEY_MIC_LEN]; /* Key MIC */ 156*4882a593Smuzhiyun unsigned short data_len; /* Key Data Length */ 157*4882a593Smuzhiyun unsigned char data[EAPOL_WPA_KEY_DATA_LEN]; /* Key data */ 158*4882a593Smuzhiyun } BWL_POST_PACKED_STRUCT eapol_wpa_key_header_t; 159*4882a593Smuzhiyun #else 160*4882a593Smuzhiyun /* WPA EAPOL-Key : new structure to consider dynamic MIC length */ 161*4882a593Smuzhiyun typedef BWL_PRE_PACKED_STRUCT struct { 162*4882a593Smuzhiyun unsigned char type; /* Key Descriptor Type */ 163*4882a593Smuzhiyun unsigned short key_info; /* Key Information (unaligned) */ 164*4882a593Smuzhiyun unsigned short key_len; /* Key Length (unaligned) */ 165*4882a593Smuzhiyun unsigned char replay[EAPOL_WPA_KEY_REPLAY_LEN]; /* Replay Counter */ 166*4882a593Smuzhiyun unsigned char nonce[EAPOL_WPA_KEY_NONCE_LEN]; /* Nonce */ 167*4882a593Smuzhiyun unsigned char iv[EAPOL_WPA_KEY_IV_LEN]; /* Key IV */ 168*4882a593Smuzhiyun unsigned char rsc[EAPOL_WPA_KEY_RSC_LEN]; /* Key RSC */ 169*4882a593Smuzhiyun unsigned char id[EAPOL_WPA_KEY_ID_LEN]; /* WPA:Key ID, 802.11i/WPA2: Reserved */ 170*4882a593Smuzhiyun } BWL_POST_PACKED_STRUCT eapol_wpa_key_header_v2_t; 171*4882a593Smuzhiyun 172*4882a593Smuzhiyun typedef eapol_wpa_key_header_v2_t eapol_wpa_key_header_t; 173*4882a593Smuzhiyun #endif /* EAPOL_KEY_HDR_VER_V2 */ 174*4882a593Smuzhiyun 175*4882a593Smuzhiyun #define EAPOL_WPA_KEY_DATA_LEN_SIZE 2u 176*4882a593Smuzhiyun 177*4882a593Smuzhiyun #ifdef EAPOL_KEY_HDR_VER_V2 178*4882a593Smuzhiyun #define EAPOL_WPA_KEY_HDR_SIZE(mic_len) (sizeof(eapol_wpa_key_header_v2_t) \ 179*4882a593Smuzhiyun + mic_len + EAPOL_WPA_KEY_DATA_LEN_SIZE) 180*4882a593Smuzhiyun 181*4882a593Smuzhiyun /* WPA EAPOL-Key header macros to reach out mic/data_len/data field */ 182*4882a593Smuzhiyun #define EAPOL_WPA_KEY_HDR_MIC_PTR(pos) ((uint8 *)pos + sizeof(eapol_wpa_key_header_v2_t)) 183*4882a593Smuzhiyun #define EAPOL_WPA_KEY_HDR_DATA_LEN_PTR(pos, mic_len) \ 184*4882a593Smuzhiyun ((uint8 *)pos + sizeof(eapol_wpa_key_header_v2_t) + mic_len) 185*4882a593Smuzhiyun #define EAPOL_WPA_KEY_HDR_DATA_PTR(pos, mic_len) \ 186*4882a593Smuzhiyun ((uint8 *)pos + EAPOL_WPA_KEY_HDR_SIZE(mic_len)) 187*4882a593Smuzhiyun #else 188*4882a593Smuzhiyun #define EAPOL_WPA_KEY_HDR_SIZE(mic_len) EAPOL_WPA_KEY_LEN 189*4882a593Smuzhiyun #define EAPOL_WPA_KEY_HDR_MIC_PTR(pos) ((uint8 *)&pos->mic) 190*4882a593Smuzhiyun #define EAPOL_WPA_KEY_HDR_DATA_LEN_PTR(pos, mic_len) ((uint8 *)&pos->data_len) 191*4882a593Smuzhiyun #define EAPOL_WPA_KEY_HDR_DATA_PTR(pos, mic_len) ((uint8 *)&pos->data) 192*4882a593Smuzhiyun #endif /* EAPOL_KEY_HDR_VER_V2 */ 193*4882a593Smuzhiyun 194*4882a593Smuzhiyun /* WPA/802.11i/WPA2 KEY KEY_INFO bits */ 195*4882a593Smuzhiyun #define WPA_KEY_DESC_OSEN 0x0 196*4882a593Smuzhiyun #define WPA_KEY_DESC_V0 0x0 197*4882a593Smuzhiyun #define WPA_KEY_DESC_V1 0x01 198*4882a593Smuzhiyun #define WPA_KEY_DESC_V2 0x02 199*4882a593Smuzhiyun #define WPA_KEY_DESC_V3 0x03 200*4882a593Smuzhiyun #define WPA_KEY_PAIRWISE 0x08 201*4882a593Smuzhiyun #define WPA_KEY_INSTALL 0x40 202*4882a593Smuzhiyun #define WPA_KEY_ACK 0x80 203*4882a593Smuzhiyun #define WPA_KEY_MIC 0x100 204*4882a593Smuzhiyun #define WPA_KEY_SECURE 0x200 205*4882a593Smuzhiyun #define WPA_KEY_ERROR 0x400 206*4882a593Smuzhiyun #define WPA_KEY_REQ 0x800 207*4882a593Smuzhiyun #define WPA_KEY_ENC_KEY_DATA 0x01000 /* Encrypted Key Data */ 208*4882a593Smuzhiyun #define WPA_KEY_SMK_MESSAGE 0x02000 /* SMK Message */ 209*4882a593Smuzhiyun #define WPA_KEY_DESC_VER(_ki) ((_ki) & 0x03u) 210*4882a593Smuzhiyun 211*4882a593Smuzhiyun #define WPA_KEY_DESC_V2_OR_V3 WPA_KEY_DESC_V2 212*4882a593Smuzhiyun 213*4882a593Smuzhiyun /* WPA-only KEY KEY_INFO bits */ 214*4882a593Smuzhiyun #define WPA_KEY_INDEX_0 0x00 215*4882a593Smuzhiyun #define WPA_KEY_INDEX_1 0x10 216*4882a593Smuzhiyun #define WPA_KEY_INDEX_2 0x20 217*4882a593Smuzhiyun #define WPA_KEY_INDEX_3 0x30 218*4882a593Smuzhiyun #define WPA_KEY_INDEX_MASK 0x30 219*4882a593Smuzhiyun #define WPA_KEY_INDEX_SHIFT 0x04 220*4882a593Smuzhiyun 221*4882a593Smuzhiyun /* 802.11i/WPA2-only KEY KEY_INFO bits */ 222*4882a593Smuzhiyun #define WPA_KEY_ENCRYPTED_DATA 0x1000 223*4882a593Smuzhiyun 224*4882a593Smuzhiyun /* Key Data encapsulation */ 225*4882a593Smuzhiyun /* this is really just a vendor-specific info element. should define 226*4882a593Smuzhiyun * this in 802.11.h 227*4882a593Smuzhiyun */ 228*4882a593Smuzhiyun typedef BWL_PRE_PACKED_STRUCT struct { 229*4882a593Smuzhiyun uint8 type; 230*4882a593Smuzhiyun uint8 length; 231*4882a593Smuzhiyun uint8 oui[3]; 232*4882a593Smuzhiyun uint8 subtype; 233*4882a593Smuzhiyun uint8 data[1]; 234*4882a593Smuzhiyun } BWL_POST_PACKED_STRUCT eapol_wpa2_encap_data_t; 235*4882a593Smuzhiyun 236*4882a593Smuzhiyun #define EAPOL_WPA2_ENCAP_DATA_HDR_LEN 6 237*4882a593Smuzhiyun 238*4882a593Smuzhiyun #define WPA2_KEY_DATA_SUBTYPE_GTK 1 239*4882a593Smuzhiyun #define WPA2_KEY_DATA_SUBTYPE_STAKEY 2 240*4882a593Smuzhiyun #define WPA2_KEY_DATA_SUBTYPE_MAC 3 241*4882a593Smuzhiyun #define WPA2_KEY_DATA_SUBTYPE_PMKID 4 242*4882a593Smuzhiyun #define WPA2_KEY_DATA_SUBTYPE_IGTK 9 243*4882a593Smuzhiyun #define WPA2_KEY_DATA_SUBTYPE_OCI 13 244*4882a593Smuzhiyun #define WPA2_KEY_DATA_SUBTYPE_BIGTK 14 245*4882a593Smuzhiyun 246*4882a593Smuzhiyun /* GTK encapsulation */ 247*4882a593Smuzhiyun typedef BWL_PRE_PACKED_STRUCT struct { 248*4882a593Smuzhiyun uint8 flags; 249*4882a593Smuzhiyun uint8 reserved; 250*4882a593Smuzhiyun uint8 gtk[EAPOL_WPA_MAX_KEY_SIZE]; 251*4882a593Smuzhiyun } BWL_POST_PACKED_STRUCT eapol_wpa2_key_gtk_encap_t; 252*4882a593Smuzhiyun 253*4882a593Smuzhiyun #define EAPOL_WPA2_KEY_GTK_ENCAP_HDR_LEN 2 254*4882a593Smuzhiyun 255*4882a593Smuzhiyun #define WPA2_GTK_INDEX_MASK 0x03 256*4882a593Smuzhiyun #define WPA2_GTK_INDEX_SHIFT 0x00 257*4882a593Smuzhiyun 258*4882a593Smuzhiyun #define WPA2_GTK_TRANSMIT 0x04 259*4882a593Smuzhiyun 260*4882a593Smuzhiyun /* IGTK encapsulation */ 261*4882a593Smuzhiyun #define EAPOL_RSN_IPN_SIZE 6u 262*4882a593Smuzhiyun typedef BWL_PRE_PACKED_STRUCT struct { 263*4882a593Smuzhiyun uint16 key_id; 264*4882a593Smuzhiyun uint8 ipn[EAPOL_RSN_IPN_SIZE]; 265*4882a593Smuzhiyun uint8 key[EAPOL_WPA_MAX_KEY_SIZE]; 266*4882a593Smuzhiyun } BWL_POST_PACKED_STRUCT eapol_wpa2_key_igtk_encap_t; 267*4882a593Smuzhiyun 268*4882a593Smuzhiyun #define EAPOL_WPA2_KEY_IGTK_ENCAP_HDR_LEN 8u 269*4882a593Smuzhiyun 270*4882a593Smuzhiyun /* BIGTK encapsulation */ 271*4882a593Smuzhiyun #define EAPOL_RSN_BIPN_SIZE 6u 272*4882a593Smuzhiyun typedef BWL_PRE_PACKED_STRUCT struct { 273*4882a593Smuzhiyun uint16 key_id; 274*4882a593Smuzhiyun uint8 bipn[EAPOL_RSN_BIPN_SIZE]; 275*4882a593Smuzhiyun uint8 key[EAPOL_WPA_MAX_KEY_SIZE]; 276*4882a593Smuzhiyun } BWL_POST_PACKED_STRUCT eapol_wpa2_key_bigtk_encap_t; 277*4882a593Smuzhiyun 278*4882a593Smuzhiyun #define EAPOL_WPA2_KEY_BIGTK_ENCAP_HDR_LEN 8u 279*4882a593Smuzhiyun 280*4882a593Smuzhiyun /* STAKey encapsulation */ 281*4882a593Smuzhiyun typedef BWL_PRE_PACKED_STRUCT struct { 282*4882a593Smuzhiyun uint8 reserved[2]; 283*4882a593Smuzhiyun uint8 mac[ETHER_ADDR_LEN]; 284*4882a593Smuzhiyun uint8 stakey[EAPOL_WPA_MAX_KEY_SIZE]; 285*4882a593Smuzhiyun } BWL_POST_PACKED_STRUCT eapol_wpa2_key_stakey_encap_t; 286*4882a593Smuzhiyun 287*4882a593Smuzhiyun #define WPA2_KEY_DATA_PAD 0xdd 288*4882a593Smuzhiyun 289*4882a593Smuzhiyun /* This marks the end of a packed structure section. */ 290*4882a593Smuzhiyun #include <packed_section_end.h> 291*4882a593Smuzhiyun 292*4882a593Smuzhiyun #endif /* _eapol_h_ */ 293