15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) * Simultaneous authentication of equals 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) * Copyright (c) 2012-2013, Jouni Malinen <j@w1.fi> 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) * 55821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) * This software may be distributed under the terms of the BSD license. 65821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) * See README for more details. 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) */ 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#ifndef SAE_H 105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SAE_H 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SAE_KCK_LEN 32 135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SAE_PMK_LEN 32 145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SAE_PMKID_LEN 16 155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SAE_KEYSEED_KEY_LEN 32 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SAE_MAX_PRIME_LEN 512 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SAE_MAX_ECC_PRIME_LEN 66 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SAE_COMMIT_MAX_LEN (2 + 3 * SAE_MAX_PRIME_LEN) 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SAE_CONFIRM_MAX_LEN (2 + SAE_MAX_PRIME_LEN) 205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)struct sae_temporary_data { 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) u8 kck[SAE_KCK_LEN]; 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) struct crypto_bignum *own_commit_scalar; 245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) struct crypto_bignum *own_commit_element_ffc; 255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) struct crypto_ec_point *own_commit_element_ecc; 265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) struct crypto_bignum *peer_commit_element_ffc; 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) struct crypto_ec_point *peer_commit_element_ecc; 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) struct crypto_ec_point *pwe_ecc; 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) struct crypto_bignum *pwe_ffc; 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) struct crypto_bignum *sae_rand; 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) struct crypto_ec *ec; 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int prime_len; 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const struct dh_group *dh; 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const struct crypto_bignum *prime; 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const struct crypto_bignum *order; 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) struct crypto_bignum *prime_buf; 375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) struct crypto_bignum *order_buf; 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)struct sae_data { 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) enum { SAE_NOTHING, SAE_COMMITTED, SAE_CONFIRMED, SAE_ACCEPTED } state; 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) u16 send_confirm; 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) u8 pmk[SAE_PMK_LEN]; 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) struct crypto_bignum *peer_commit_scalar; 455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int group; 465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) struct sae_temporary_data *tmp; 475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)int sae_set_group(struct sae_data *sae, int group); 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void sae_clear_temp_data(struct sae_data *sae); 515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void sae_clear_data(struct sae_data *sae); 52 53int sae_prepare_commit(const u8 *addr1, const u8 *addr2, 54 const u8 *password, size_t password_len, 55 struct sae_data *sae); 56int sae_process_commit(struct sae_data *sae); 57void sae_write_commit(struct sae_data *sae, struct wpabuf *buf, 58 const struct wpabuf *token); 59u16 sae_parse_commit(struct sae_data *sae, const u8 *data, size_t len, 60 const u8 **token, size_t *token_len, int *allowed_groups); 61void sae_write_confirm(struct sae_data *sae, struct wpabuf *buf); 62int sae_check_confirm(struct sae_data *sae, const u8 *data, size_t len); 63 64#endif /* SAE_H */ 65