1/*
2 * EAP server/peer: EAP-pwd shared definitions
3 * Copyright (c) 2009, Dan Harkins <dharkins@lounge.org>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the BSD license.
7 *
8 * Alternatively, this software may be distributed under the terms of the
9 * GNU General Public License version 2 as published by the Free Software
10 * Foundation.
11 *
12 * See README and COPYING for more details.
13 */
14
15#ifndef EAP_PWD_COMMON_H
16#define EAP_PWD_COMMON_H
17
18#include <openssl/bn.h>
19#include <openssl/sha.h>
20#include <openssl/ec.h>
21#include <openssl/evp.h>
22#include <openssl/hmac.h>
23
24/*
25 * definition of a finite cyclic group
26 * TODO: support one based on a prime field
27 */
28typedef struct group_definition_ {
29	u16 group_num;
30	EC_GROUP *group;
31	EC_POINT *pwe;
32	BIGNUM *order;
33	BIGNUM *prime;
34} EAP_PWD_group;
35
36/*
37 * EAP-pwd header, included on all payloads
38 */
39struct eap_pwd_hdr {
40	u8 l_bit:1;
41	u8 m_bit:1;
42	u8 exch:6;
43	u8 total_length[0];         /* included when l_bit is set */
44} STRUCT_PACKED;
45
46#define EAP_PWD_OPCODE_ID_EXCH          1
47#define EAP_PWD_OPCODE_COMMIT_EXCH      2
48#define EAP_PWD_OPCODE_CONFIRM_EXCH     3
49#define EAP_PWD_GET_LENGTH_BIT(x)       ((x)->lm_exch & 0x80)
50#define EAP_PWD_SET_LENGTH_BIT(x)       ((x)->lm_exch |= 0x80)
51#define EAP_PWD_GET_MORE_BIT(x)         ((x)->lm_exch & 0x40)
52#define EAP_PWD_SET_MORE_BIT(x)         ((x)->lm_exch |= 0x40)
53#define EAP_PWD_GET_EXCHANGE(x)         ((x)->lm_exch & 0x3f)
54#define EAP_PWD_SET_EXCHANGE(x,y)       ((x)->lm_exch |= (y))
55
56/* EAP-pwd-ID payload */
57struct eap_pwd_id {
58	be16 group_num;
59	u8 random_function;
60#define EAP_PWD_DEFAULT_RAND_FUNC       1
61	u8 prf;
62#define EAP_PWD_DEFAULT_PRF             1
63	u8 token[4];
64	u8 prep;
65#define EAP_PWD_PREP_NONE               0
66#define EAP_PWD_PREP_MS                 1
67	u8 identity[0];     /* length inferred from payload */
68} STRUCT_PACKED;
69
70/* common routines */
71int compute_password_element(EAP_PWD_group *, u16, u8 *, int, u8 *, int, u8 *,
72			     int, u8 *);
73int compute_keys(EAP_PWD_group *, BN_CTX *, BIGNUM *, BIGNUM *, BIGNUM *,
74		 u8 *, u8 *, u32 *, u8 *, u8 *);
75void H_Init(HMAC_CTX *);
76void H_Update(HMAC_CTX *, const u8 *, int);
77void H_Final(HMAC_CTX *, u8 *);
78
79#endif  /* EAP_PWD_COMMON_H */
80