EAPOL helper update

EAPOL key mask function moved to eapol_helper. Now we have a generic common function for read key mask.

Change-Id: I9f11f613f0cfa9a686d7f777f7f96e3810f3e2d2

Author: Juha Heiskanen

source/Security/eapol/eapol_helper.c

@@ -274,5 +274,25 @@ uint16_t eapol_pdu_key_frame_init(eapol_pdu_t *eapol_pdu, uint16_t data_length,
 
 }
 
+uint8_t eapol_pdu_key_mask_get(eapol_pdu_t *eapol_pdu)
+{
+    uint8_t key_mask = 0;
+
+    if (eapol_pdu->msg.key.key_information.install) {
+        key_mask |= KEY_INFO_INSTALL;
+    }
+    if (eapol_pdu->msg.key.key_information.key_ack) {
+        key_mask |= KEY_INFO_KEY_ACK;
+    }
+    if (eapol_pdu->msg.key.key_information.key_mic) {
+        key_mask |= KEY_INFO_KEY_MIC;
+    }
+    if (eapol_pdu->msg.key.key_information.secured_key_frame) {
+        key_mask |= KEY_INFO_SECURED_KEY_FRAME;
+    }
+
+    return key_mask;
+}
+
 #endif
 

source/Security/eapol/eapol_helper.h

@@ -96,4 +96,18 @@ uint16_t eapol_pdu_key_frame_init(eapol_pdu_t *eapol_pdu, uint16_t data_length,
 
 void eapol_write_key_packet_mic(uint8_t *eapol_pdu, uint8_t *mic);
 
+#define KEY_INFO_INSTALL              0x01
+#define KEY_INFO_KEY_ACK              0x02
+#define KEY_INFO_KEY_MIC              0x04
+#define KEY_INFO_SECURED_KEY_FRAME    0x08
+
+/**
+ * eapol_pdu_key_mask_get gets masked EAPOL-Key message bits
+ *
+ * \param eapol_pdu EAPOL PDU
+ *
+ * \return mask
+ */
+uint8_t eapol_pdu_key_mask_get(eapol_pdu_t *eapol_pdu);
+
 #endif /* EAPOL_HELPER_H_ */

source/Security/protocols/fwh_sec_prot/auth_fwh_sec_prot.c

@@ -186,7 +186,7 @@ static fwh_sec_prot_msg_e auth_fwh_sec_prot_message_get(eapol_pdu_t *eapol_pdu,
         return FWH_MESSAGE_UNKNOWN;
     }
 
-    uint8_t key_mask = sec_prot_lib_key_mask_get(eapol_pdu);
+    uint8_t key_mask = eapol_pdu_key_mask_get(eapol_pdu);
 
     switch (key_mask) {
         case KEY_INFO_KEY_MIC:

source/Security/protocols/fwh_sec_prot/supp_fwh_sec_prot.c

@@ -204,7 +204,7 @@ static fwh_sec_prot_msg_e supp_fwh_sec_prot_message_get(sec_prot_t *prot, eapol_
         return FWH_MESSAGE_UNKNOWN;
     }
 
-    uint8_t key_mask = sec_prot_lib_key_mask_get(eapol_pdu);
+    uint8_t key_mask = eapol_pdu_key_mask_get(eapol_pdu);
 
     switch (key_mask) {
         // Message 1

source/Security/protocols/gkh_sec_prot/auth_gkh_sec_prot.c

@@ -169,7 +169,7 @@ static gkh_sec_prot_msg_e auth_gkh_sec_prot_message_get(eapol_pdu_t *eapol_pdu,
         return GKH_MESSAGE_UNKNOWN;
     }
 
-    uint8_t key_mask = sec_prot_lib_key_mask_get(eapol_pdu);
+    uint8_t key_mask = eapol_pdu_key_mask_get(eapol_pdu);
 
     switch (key_mask) {
         case KEY_INFO_KEY_MIC | KEY_INFO_SECURED_KEY_FRAME:

source/Security/protocols/gkh_sec_prot/supp_gkh_sec_prot.c

@@ -172,7 +172,7 @@ static gkh_sec_prot_msg_e supp_gkh_sec_prot_message_get(eapol_pdu_t *eapol_pdu,
         return GKH_MESSAGE_UNKNOWN;
     }
 
-    uint8_t key_mask = sec_prot_lib_key_mask_get(eapol_pdu);
+    uint8_t key_mask = eapol_pdu_key_mask_get(eapol_pdu);
 
     switch (key_mask) {
         case KEY_INFO_KEY_ACK | KEY_INFO_KEY_MIC | KEY_INFO_SECURED_KEY_FRAME:

source/Security/protocols/sec_prot_lib.c

@@ -429,26 +429,6 @@ int8_t sec_prot_lib_mic_validate(uint8_t *ptk, uint8_t *mic, uint8_t *pdu, uint8
     return 0;
 }
 
-uint8_t sec_prot_lib_key_mask_get(eapol_pdu_t *eapol_pdu)
-{
-    uint8_t key_mask = 0;
-
-    if (eapol_pdu->msg.key.key_information.install) {
-        key_mask |= KEY_INFO_INSTALL;
-    }
-    if (eapol_pdu->msg.key.key_information.key_ack) {
-        key_mask |= KEY_INFO_KEY_ACK;
-    }
-    if (eapol_pdu->msg.key.key_information.key_mic) {
-        key_mask |= KEY_INFO_KEY_MIC;
-    }
-    if (eapol_pdu->msg.key.key_information.secured_key_frame) {
-        key_mask |= KEY_INFO_SECURED_KEY_FRAME;
-    }
-
-    return key_mask;
-}
-
 int8_t sec_prot_lib_pmkid_generate(sec_prot_t *prot, uint8_t *pmkid, bool is_auth)
 {
     uint8_t *pmk = sec_prot_keys_pmk_get(prot->sec_keys);

source/Security/protocols/sec_prot_lib.h

@@ -34,10 +34,6 @@
 #define SEC_TOTAL_TIMEOUT             30 * 60 * 10 // 30 minutes
 #define SEC_FINISHED_TIMEOUT          5 * 10       // 5 seconds
 
-#define KEY_INFO_INSTALL              0x01
-#define KEY_INFO_KEY_ACK              0x02
-#define KEY_INFO_KEY_MIC              0x04
-#define KEY_INFO_SECURED_KEY_FRAME    0x08
 
 // Common data shared between security protocols needing general timers and state machines
 typedef struct {
@@ -159,15 +155,6 @@ int8_t sec_prot_lib_gtk_read(uint8_t *kde, uint16_t kde_len, sec_prot_keys_t *se
  */
 int8_t sec_prot_lib_mic_validate(uint8_t *ptk, uint8_t *mic, uint8_t *pdu, uint8_t pdu_size);
 
-/**
- * sec_prot_lib_key_mask_get gets masked EAPOL-Key message bits
- *
- * \param eapol_pdu EAPOL PDU
- *
- * \return mask
- */
-uint8_t sec_prot_lib_key_mask_get(eapol_pdu_t *eapol_pdu);
-
 /**
  *  sec_prot_lib_pmkid_generate generate PMK ID from PMK
  *

test/nanostack/unittest/6LoWPAN/ws_llc_data_service/Makefile

@@ -35,6 +35,7 @@ TEST_SRC_FILES = \
         ../../stub/mac_neighbor_table_stub.c \
         ../../stub/iphc_decompress_stub.c \
         ../../stub/fhss_config_stub.c \
+        ../../stub/eapol_helper_stub.c \
 
 
 include ../../MakefileWorker.mk

test/nanostack/unittest/stub/eapol_helper_stub.c

@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) 2018-2019, Arm Limited and affiliates.
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+
+#include "nsconfig.h"
+
+#include "ns_types.h"
+#include "eventOS_event.h"
+#include "ns_trace.h"
+#include "string.h"
+#include "common_functions.h"
+#include "Security/PANA/pana_eap_header.h"
+#include "Security/eapol/eapol_helper.h"
+
+#ifdef HAVE_WS
+
+void eapol_write_key_packet_mic(uint8_t *eapol_pdu, uint8_t *mic)
+{
+
+}
+
+bool eapol_parse_pdu_header(uint8_t *ptr, uint16_t data_length, eapol_pdu_t *eapol_pdu)
+{
+    return false;
+}
+
+uint8_t *eapol_write_pdu_frame(uint8_t *ptr, eapol_pdu_t *eapol_pdu)
+{
+    return ptr;
+}
+
+
+
+uint16_t eapol_pdu_eap_frame_init(eapol_pdu_t *eapol_pdu, uint8_t eap_code, uint8_t id_seq, uint8_t type, uint16_t data_length, uint8_t *data_ptr)
+{
+    memset(eapol_pdu, 0, sizeof(eapol_pdu_t));
+
+    return eapol_pdu_total_length(eapol_pdu);
+
+}
+
+uint16_t eapol_pdu_key_frame_init(eapol_pdu_t *eapol_pdu, uint16_t data_length, uint8_t *data_ptr)
+{
+
+    return eapol_pdu_total_length(eapol_pdu);
+
+}
+
+uint8_t eapol_pdu_key_mask_get(eapol_pdu_t *eapol_pdu)
+{
+
+
+    return 0;
+}
+
+#endif
+