search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Expand PMF_FN_* macros.
[netbsd-mini2440.git] / dist / wpa / src / eap_common / ikev2_common.h
blobc96a070d5bcb85de76d4dda2d6dc5623503a6110
1 /*
2 * IKEv2 definitions
3 * Copyright (c) 2007, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 */
14
15 #ifndef IKEV2_COMMON_H
16 #define IKEV2_COMMON_H
17
18 /*
19 * Nonce length must be at least 16 octets. It must also be at least half the
20 * key size of the negotiated PRF.
21 */
22 #define IKEV2_NONCE_MIN_LEN 16
23 #define IKEV2_NONCE_MAX_LEN 256
24
25 /* IKE Header - RFC 4306, Sect. 3.1 */
26 #ifdef _MSC_VER
27 #pragma pack(push, 1)
28 #endif /* _MSC_VER */
29
30 #define IKEV2_SPI_LEN 8
31
32 struct ikev2_hdr {
33 u8 i_spi[IKEV2_SPI_LEN]; /* IKE_SA Initiator's SPI */
34 u8 r_spi[IKEV2_SPI_LEN]; /* IKE_SA Responder's SPI */
35 u8 next_payload;
36 u8 version; /* MjVer | MnVer */
37 u8 exchange_type;
38 u8 flags;
39 u8 message_id[4];
40 u8 length[4]; /* total length of HDR + payloads */
41 } STRUCT_PACKED;
42
43 struct ikev2_payload_hdr {
44 u8 next_payload;
45 u8 flags;
46 u8 payload_length[2]; /* this payload, including the payload header */
47 } STRUCT_PACKED;
48
49 struct ikev2_proposal {
50 u8 type; /* 0 (last) or 2 (more) */
51 u8 reserved;
52 u8 proposal_length[2]; /* including all transform and attributes */
53 u8 proposal_num;
54 u8 protocol_id; /* IKEV2_PROTOCOL_* */
55 u8 spi_size;
56 u8 num_transforms;
57 /* SPI of spi_size octets */
58 /* Transforms */
59 } STRUCT_PACKED;
60
61 struct ikev2_transform {
62 u8 type; /* 0 (last) or 3 (more) */
63 u8 reserved;
64 u8 transform_length[2]; /* including Header and Attributes */
65 u8 transform_type;
66 u8 reserved2;
67 u8 transform_id[2];
68 /* Transform Attributes */
69 } STRUCT_PACKED;
70
71 #ifdef _MSC_VER
72 #pragma pack(pop)
73 #endif /* _MSC_VER */
74
75
76 /* Current IKEv2 version from RFC 4306 */
77 #define IKEV2_MjVer 2
78 #define IKEV2_MnVer 0
79 #ifdef CCNS_PL
80 #define IKEV2_VERSION ((IKEV2_MjVer) | ((IKEV2_MnVer) << 4))
81 #else /* CCNS_PL */
82 #define IKEV2_VERSION (((IKEV2_MjVer) << 4) | (IKEV2_MnVer))
83 #endif /* CCNS_PL */
84
85 /* IKEv2 Exchange Types */
86 enum {
87 /* 0-33 RESERVED */
88 IKE_SA_INIT = 34,
89 IKE_SA_AUTH = 35,
90 CREATE_CHILD_SA = 36,
91 INFORMATION = 37
92 /* 38-239 RESERVED TO IANA */
93 /* 240-255 Reserved for private use */
94 };
95
96 /* IKEv2 Flags */
97 #define IKEV2_HDR_INITIATOR 0x08
98 #define IKEV2_HDR_VERSION 0x10
99 #define IKEV2_HDR_RESPONSE 0x20
100
101 /* Payload Header Flags */
102 #define IKEV2_PAYLOAD_FLAGS_CRITICAL 0x01
103
104
105 /* EAP-IKEv2 Payload Types (in Next Payload Type field)
106 * http://www.iana.org/assignments/eap-ikev2-payloads */
107 enum {
108 IKEV2_PAYLOAD_NO_NEXT_PAYLOAD = 0,
109 IKEV2_PAYLOAD_SA = 33,
110 IKEV2_PAYLOAD_KEY_EXCHANGE = 34,
111 IKEV2_PAYLOAD_IDi = 35,
112 IKEV2_PAYLOAD_IDr = 36,
113 IKEV2_PAYLOAD_CERTIFICATE = 37,
114 IKEV2_PAYLOAD_CERT_REQ = 38,
115 IKEV2_PAYLOAD_AUTHENTICATION = 39,
116 IKEV2_PAYLOAD_NONCE = 40,
117 IKEV2_PAYLOAD_NOTIFICATION = 41,
118 IKEV2_PAYLOAD_VENDOD_ID = 43,
119 IKEV2_PAYLOAD_ENCRYPTED = 46,
120 IKEV2_PAYLOAD_NEXT_FAST_ID = 121
121 };
122
123
124 /* IKEv2 Proposal - Protocol ID */
125 enum {
126 IKEV2_PROTOCOL_RESERVED = 0,
127 IKEV2_PROTOCOL_IKE = 1, /* IKE is the only one allowed for EAP-IKEv2 */
128 IKEV2_PROTOCOL_AH = 2,
129 IKEV2_PROTOCOL_ESP = 3
130 };
131
132
133 /* IKEv2 Transform Types */
134 enum {
135 IKEV2_TRANSFORM_ENCR = 1,
136 IKEV2_TRANSFORM_PRF = 2,
137 IKEV2_TRANSFORM_INTEG = 3,
138 IKEV2_TRANSFORM_DH = 4,
139 IKEV2_TRANSFORM_ESN = 5
140 };
141
142 /* IKEv2 Tranform Type 1 (Encryption Algorithm) */
143 enum {
144 ENCR_DES_IV64 = 1,
145 ENCR_DES = 2,
146 ENCR_3DES = 3,
147 ENCR_RC5 = 4,
148 ENCR_IDEA = 5,
149 ENCR_CAST = 6,
150 ENCR_BLOWFISH = 7,
151 ENCR_3IDEA = 8,
152 ENCR_DES_IV32 = 9,
153 ENCR_NULL = 11,
154 ENCR_AES_CBC = 12,
155 ENCR_AES_CTR = 13
156 };
157
158 /* IKEv2 Transform Type 2 (Pseudo-random Function) */
159 enum {
160 PRF_HMAC_MD5 = 1,
161 PRF_HMAC_SHA1 = 2,
162 PRF_HMAC_TIGER = 3,
163 PRF_AES128_XCBC = 4
164 };
165
166 /* IKEv2 Transform Type 3 (Integrity Algorithm) */
167 enum {
168 AUTH_HMAC_MD5_96 = 1,
169 AUTH_HMAC_SHA1_96 = 2,
170 AUTH_DES_MAC = 3,
171 AUTH_KPDK_MD5 = 4,
172 AUTH_AES_XCBC_96 = 5
173 };
174
175 /* IKEv2 Transform Type 4 (Diffie-Hellman Group) */
176 enum {
177 DH_GROUP1_768BIT_MODP = 1, /* RFC 4306 */
178 DH_GROUP2_1024BIT_MODP = 2, /* RFC 4306 */
179 DH_GROUP5_1536BIT_MODP = 5, /* RFC 3526 */
180 DH_GROUP5_2048BIT_MODP = 14, /* RFC 3526 */
181 DH_GROUP5_3072BIT_MODP = 15, /* RFC 3526 */
182 DH_GROUP5_4096BIT_MODP = 16, /* RFC 3526 */
183 DH_GROUP5_6144BIT_MODP = 17, /* RFC 3526 */
184 DH_GROUP5_8192BIT_MODP = 18 /* RFC 3526 */
185 };
186
187
188 /* Identification Data Types (RFC 4306, Sect. 3.5) */
189 enum {
190 ID_IPV4_ADDR = 1,
191 ID_FQDN = 2,
192 ID_RFC822_ADDR = 3,
193 ID_IPV6_ADDR = 5,
194 ID_DER_ASN1_DN = 9,
195 ID_DER_ASN1_GN= 10,
196 ID_KEY_ID = 11
197 };
198
199
200 /* Certificate Encoding (RFC 4306, Sect. 3.6) */
201 enum {
202 CERT_ENCODING_PKCS7_X509 = 1,
203 CERT_ENCODING_PGP_CERT = 2,
204 CERT_ENCODING_DNS_SIGNED_KEY = 3,
205 /* X.509 Certificate - Signature: DER encoded X.509 certificate whose
206 * public key is used to validate the sender's AUTH payload */
207 CERT_ENCODING_X509_CERT_SIGN = 4,
208 CERT_ENCODING_KERBEROS_TOKEN = 6,
209 /* DER encoded X.509 certificate revocation list */
210 CERT_ENCODING_CRL = 7,
211 CERT_ENCODING_ARL = 8,
212 CERT_ENCODING_SPKI_CERT = 9,
213 CERT_ENCODING_X509_CERT_ATTR = 10,
214 /* PKCS #1 encoded RSA key */
215 CERT_ENCODING_RAW_RSA_KEY = 11,
216 CERT_ENCODING_HASH_AND_URL_X509_CERT = 12,
217 CERT_ENCODING_HASH_AND_URL_X509_BUNDLE = 13
218 };
219
220
221 /* Authentication Method (RFC 4306, Sect. 3.8) */
222 enum {
223 AUTH_RSA_SIGN = 1,
224 AUTH_SHARED_KEY_MIC = 2,
225 AUTH_DSS_SIGN = 3
226 };
227
228
229 /* Notify Message Types (RFC 4306, Sect. 3.10.1) */
230 enum {
231 UNSUPPORTED_CRITICAL_PAYLOAD = 1,
232 INVALID_IKE_SPI = 4,
233 INVALID_MAJOR_VERSION = 5,
234 INVALID_SYNTAX = 7,
235 INVALID_MESSAGE_ID = 9,
236 INVALID_SPI = 11,
237 NO_PROPOSAL_CHOSEN = 14,
238 INVALID_KE_PAYLOAD = 17,
239 AUTHENTICATION_FAILED = 24,
240 SINGLE_PAIR_REQUIRED = 34,
241 NO_ADDITIONAL_SAS = 35,
242 INTERNAL_ADDRESS_FAILURE = 36,
243 FAILED_CP_REQUIRED = 37,
244 TS_UNACCEPTABLE = 38,
245 INVALID_SELECTORS = 39
246 };
247
248
249 struct ikev2_keys {
250 u8 *SK_d, *SK_ai, *SK_ar, *SK_ei, *SK_er, *SK_pi, *SK_pr;
251 size_t SK_d_len, SK_integ_len, SK_encr_len, SK_prf_len;
252 };
253
254
255 int ikev2_keys_set(struct ikev2_keys *keys);
256 void ikev2_free_keys(struct ikev2_keys *keys);
257
258
259 /* Maximum hash length for supported hash algorithms */
260 #define IKEV2_MAX_HASH_LEN 20
261
262 struct ikev2_integ_alg {
263 int id;
264 size_t key_len;
265 size_t hash_len;
266 };
267
268 struct ikev2_prf_alg {
269 int id;
270 size_t key_len;
271 size_t hash_len;
272 };
273
274 struct ikev2_encr_alg {
275 int id;
276 size_t key_len;
277 size_t block_size;
278 };
279
280 const struct ikev2_integ_alg * ikev2_get_integ(int id);
281 int ikev2_integ_hash(int alg, const u8 *key, size_t key_len, const u8 *data,
282 size_t data_len, u8 *hash);
283 const struct ikev2_prf_alg * ikev2_get_prf(int id);
284 int ikev2_prf_hash(int alg, const u8 *key, size_t key_len,
285 size_t num_elem, const u8 *addr[], const size_t *len,
286 u8 *hash);
287 int ikev2_prf_plus(int alg, const u8 *key, size_t key_len,
288 const u8 *data, size_t data_len,
289 u8 *out, size_t out_len);
290 const struct ikev2_encr_alg * ikev2_get_encr(int id);
291 int ikev2_encr_encrypt(int alg, const u8 *key, size_t key_len, const u8 *iv,
292 const u8 *plain, u8 *crypt, size_t len);
293 int ikev2_encr_decrypt(int alg, const u8 *key, size_t key_len, const u8 *iv,
294 const u8 *crypt, u8 *plain, size_t len);
295
296 int ikev2_derive_auth_data(int prf_alg, const struct wpabuf *sign_msg,
297 const u8 *ID, size_t ID_len, u8 ID_type,
298 struct ikev2_keys *keys, int initiator,
299 const u8 *shared_secret, size_t shared_secret_len,
300 const u8 *nonce, size_t nonce_len,
301 const u8 *key_pad, size_t key_pad_len,
302 u8 *auth_data);
303
304
305 struct ikev2_payloads {
306 const u8 *sa;
307 size_t sa_len;
308 const u8 *ke;
309 size_t ke_len;
310 const u8 *idi;
311 size_t idi_len;
312 const u8 *idr;
313 size_t idr_len;
314 const u8 *cert;
315 size_t cert_len;
316 const u8 *auth;
317 size_t auth_len;
318 const u8 *nonce;
319 size_t nonce_len;
320 const u8 *encrypted;
321 size_t encrypted_len;
322 u8 encr_next_payload;
323 const u8 *notification;
324 size_t notification_len;
325 };
326
327 int ikev2_parse_payloads(struct ikev2_payloads *payloads,
328 u8 next_payload, const u8 *pos, const u8 *end);
329
330 u8 * ikev2_decrypt_payload(int encr_id, int integ_id, struct ikev2_keys *keys,
331 int initiator, const struct ikev2_hdr *hdr,
332 const u8 *encrypted, size_t encrypted_len,
333 size_t *res_len);
334 void ikev2_update_hdr(struct wpabuf *msg);
335 int ikev2_build_encrypted(int encr_id, int integ_id, struct ikev2_keys *keys,
336 int initiator, struct wpabuf *msg,
337 struct wpabuf *plain, u8 next_payload);
338 int ikev2_derive_sk_keys(const struct ikev2_prf_alg *prf,
339 const struct ikev2_integ_alg *integ,
340 const struct ikev2_encr_alg *encr,
341 const u8 *skeyseed, const u8 *data, size_t data_len,
342 struct ikev2_keys *keys);
343
344 #endif /* IKEV2_COMMON_H */
NetBSD on the FriendlyARM MINI2440