Lines Matching defs:data
78 static void eap_aka_state(struct eap_aka_data *data, int state)
81 eap_aka_state_txt(data->state),
83 data->state = state;
89 struct eap_aka_data *data;
93 data = os_zalloc(sizeof(*data));
94 if (data == NULL)
97 data->eap_method = EAP_TYPE_AKA;
99 eap_aka_state(data, CONTINUE);
100 data->prev_id = -1;
102 data->result_ind = phase1 && os_strstr(phase1, "result_ind=1") != NULL;
105 data->pseudonym = os_malloc(config->anonymous_identity_len);
106 if (data->pseudonym) {
107 os_memcpy(data->pseudonym, config->anonymous_identity,
109 data->pseudonym_len = config->anonymous_identity_len;
113 return data;
120 struct eap_aka_data *data = eap_aka_init(sm);
121 if (data == NULL)
123 data->eap_method = EAP_TYPE_AKA_PRIME;
124 return data;
129 static void eap_aka_clear_keys(struct eap_aka_data *data, int reauth)
132 os_memset(data->mk, 0, EAP_SIM_MK_LEN);
133 os_memset(data->k_aut, 0, EAP_AKA_PRIME_K_AUT_LEN);
134 os_memset(data->k_encr, 0, EAP_SIM_K_ENCR_LEN);
135 os_memset(data->k_re, 0, EAP_AKA_PRIME_K_RE_LEN);
137 os_memset(data->msk, 0, EAP_SIM_KEYING_DATA_LEN);
138 os_memset(data->emsk, 0, EAP_EMSK_LEN);
139 os_memset(data->autn, 0, EAP_AKA_AUTN_LEN);
140 os_memset(data->auts, 0, EAP_AKA_AUTS_LEN);
146 struct eap_aka_data *data = priv;
147 if (data) {
148 os_free(data->pseudonym);
149 os_free(data->reauth_id);
150 os_free(data->last_eap_identity);
151 wpabuf_free(data->id_msgs);
152 os_free(data->network_name);
153 eap_aka_clear_keys(data, 0);
154 os_free(data);
159 static int eap_aka_ext_sim_req(struct eap_sm *sm, struct eap_aka_data *data)
168 pos += wpa_snprintf_hex(pos, end - pos, data->rand, EAP_AKA_RAND_LEN);
170 wpa_snprintf_hex(pos, end - pos, data->autn, EAP_AKA_AUTN_LEN);
177 static int eap_aka_ext_sim_result(struct eap_sm *sm, struct eap_aka_data *data,
190 if (hexstr2bin(pos, data->auts, EAP_AKA_AUTS_LEN) < 0)
192 wpa_hexdump_key(MSG_DEBUG, "EAP-AKA: AUTS", data->auts,
205 wpa_hexdump(MSG_DEBUG, "EAP-AKA: RAND", data->rand, EAP_AKA_RAND_LEN);
207 if (hexstr2bin(pos, data->ik, EAP_AKA_IK_LEN) < 0)
209 wpa_hexdump_key(MSG_DEBUG, "EAP-AKA: IK", data->ik, EAP_AKA_IK_LEN);
215 if (hexstr2bin(pos, data->ck, EAP_AKA_CK_LEN) < 0)
217 wpa_hexdump_key(MSG_DEBUG, "EAP-AKA: CK", data->ck, EAP_AKA_CK_LEN);
223 data->res_len = os_strlen(pos) / 2;
224 if (data->res_len > EAP_AKA_RES_MAX_LEN) {
225 data->res_len = 0;
228 if (hexstr2bin(pos, data->res, data->res_len) < 0)
230 wpa_hexdump_key(MSG_DEBUG, "EAP-AKA: RES", data->res, data->res_len);
242 static int eap_aka_umts_auth(struct eap_sm *sm, struct eap_aka_data *data)
254 return eap_aka_ext_sim_result(sm, data, conf);
256 return eap_aka_ext_sim_req(sm, data);
260 return scard_umts_auth(sm->scard_ctx, data->rand,
261 data->autn, data->res, &data->res_len,
262 data->ik, data->ck, data->auts);
294 return milenage_check(opc, k, sqn, data->rand, data->autn,
295 data->ik, data->ck,
296 data->res, &data->res_len, data->auts);
306 os_memset(data->res, '2', EAP_AKA_RES_MAX_LEN);
307 data->res_len = EAP_AKA_RES_MAX_LEN;
308 os_memset(data->ik, '3', EAP_AKA_IK_LEN);
309 os_memset(data->ck, '4', EAP_AKA_CK_LEN);
313 if (os_memcmp_const(autn, data->autn, EAP_AKA_AUTN_LEN) != 0) {
346 struct eap_aka_data *data, int id)
348 if ((id & CLEAR_PSEUDONYM) && data->pseudonym) {
350 os_free(data->pseudonym);
351 data->pseudonym = NULL;
352 data->pseudonym_len = 0;
355 if ((id & CLEAR_REAUTH_ID) && data->reauth_id) {
357 os_free(data->reauth_id);
358 data->reauth_id = NULL;
359 data->reauth_id_len = 0;
361 if ((id & CLEAR_EAP_ID) && data->last_eap_identity) {
363 os_free(data->last_eap_identity);
364 data->last_eap_identity = NULL;
365 data->last_eap_identity_len = 0;
370 static int eap_aka_learn_ids(struct eap_sm *sm, struct eap_aka_data *data,
383 os_free(data->pseudonym);
393 data->pseudonym = os_malloc(attr->next_pseudonym_len +
395 if (data->pseudonym == NULL) {
398 data->pseudonym_len = 0;
401 os_memcpy(data->pseudonym, attr->next_pseudonym,
404 os_memcpy(data->pseudonym + attr->next_pseudonym_len,
407 data->pseudonym_len = attr->next_pseudonym_len + realm_len;
408 eap_set_anon_id(sm, data->pseudonym, data->pseudonym_len);
412 os_free(data->reauth_id);
413 data->reauth_id = os_malloc(attr->next_reauth_id_len);
414 if (data->reauth_id == NULL) {
417 data->reauth_id_len = 0;
420 os_memcpy(data->reauth_id, attr->next_reauth_id,
422 data->reauth_id_len = attr->next_reauth_id_len;
425 data->reauth_id,
426 data->reauth_id_len);
433 static int eap_aka_add_id_msg(struct eap_aka_data *data,
439 if (data->id_msgs == NULL) {
440 data->id_msgs = wpabuf_dup(msg);
441 return data->id_msgs == NULL ? -1 : 0;
444 if (wpabuf_resize(&data->id_msgs, wpabuf_len(msg)) < 0)
446 wpabuf_put_buf(data->id_msgs, msg);
452 static void eap_aka_add_checkcode(struct eap_aka_data *data,
461 if (data->id_msgs == NULL) {
471 addr = wpabuf_head(data->id_msgs);
472 len = wpabuf_len(data->id_msgs);
473 wpa_hexdump(MSG_MSGDUMP, "EAP-AKA: AT_CHECKCODE data", addr, len);
475 if (data->eap_method == EAP_TYPE_AKA_PRIME)
482 data->eap_method == EAP_TYPE_AKA_PRIME ?
487 static int eap_aka_verify_checkcode(struct eap_aka_data *data,
498 if (data->id_msgs == NULL) {
508 hash_len = data->eap_method == EAP_TYPE_AKA_PRIME ?
519 addr = wpabuf_head(data->id_msgs);
520 len = wpabuf_len(data->id_msgs);
522 if (data->eap_method == EAP_TYPE_AKA_PRIME)
537 static struct wpabuf * eap_aka_client_error(struct eap_aka_data *data, u8 id,
542 eap_aka_state(data, FAILURE);
543 data->num_id_req = 0;
544 data->num_notification = 0;
548 msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, data->eap_method,
551 return eap_sim_msg_finish(msg, data->eap_method, NULL, NULL, 0);
555 static struct wpabuf * eap_aka_authentication_reject(struct eap_aka_data *data,
560 eap_aka_state(data, FAILURE);
561 data->num_id_req = 0;
562 data->num_notification = 0;
566 msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, data->eap_method,
568 return eap_sim_msg_finish(msg, data->eap_method, NULL, NULL, 0);
573 struct eap_aka_data *data, u8 id)
577 data->num_id_req = 0;
578 data->num_notification = 0;
582 msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, data->eap_method,
585 eap_sim_msg_add_full(msg, EAP_SIM_AT_AUTS, data->auts,
587 return eap_sim_msg_finish(msg, data->eap_method, NULL, NULL, 0);
592 struct eap_aka_data *data,
600 data->reauth = 0;
601 if (id_req == ANY_ID && data->reauth_id) {
602 identity = data->reauth_id;
603 identity_len = data->reauth_id_len;
604 data->reauth = 1;
606 data->pseudonym) {
607 identity = data->pseudonym;
608 identity_len = data->pseudonym_len;
609 eap_aka_clear_identities(sm, data, CLEAR_REAUTH_ID);
613 eap_aka_clear_identities(sm, data, CLEAR_PSEUDONYM |
618 eap_aka_clear_identities(sm, data, CLEAR_EAP_ID);
621 msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, data->eap_method,
631 return eap_sim_msg_finish(msg, data->eap_method, NULL, NULL, 0);
635 static struct wpabuf * eap_aka_response_challenge(struct eap_aka_data *data,
641 msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, data->eap_method,
644 eap_sim_msg_add(msg, EAP_SIM_AT_RES, data->res_len * 8,
645 data->res, data->res_len);
646 eap_aka_add_checkcode(data, msg);
647 if (data->use_result_ind) {
653 return eap_sim_msg_finish(msg, data->eap_method, data->k_aut, (u8 *) "",
658 static struct wpabuf * eap_aka_response_reauth(struct eap_aka_data *data,
667 msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, data->eap_method,
676 counter = data->counter_too_small;
678 counter = data->counter;
683 if (eap_sim_msg_add_encr_end(msg, data->k_encr, EAP_SIM_AT_PADDING)) {
689 eap_aka_add_checkcode(data, msg);
690 if (data->use_result_ind) {
696 return eap_sim_msg_finish(msg, data->eap_method, data->k_aut, nonce_s,
701 static struct wpabuf * eap_aka_response_notification(struct eap_aka_data *data,
705 u8 *k_aut = (notification & 0x4000) == 0 ? data->k_aut : NULL;
708 msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, data->eap_method,
710 if (k_aut && data->reauth) {
715 wpa_printf(MSG_DEBUG, " *AT_COUNTER %d", data->counter);
716 eap_sim_msg_add(msg, EAP_SIM_AT_COUNTER, data->counter,
718 if (eap_sim_msg_add_encr_end(msg, data->k_encr,
730 return eap_sim_msg_finish(msg, data->eap_method, k_aut, (u8 *) "", 0);
735 struct eap_aka_data *data,
750 if (data->num_id_req > 0)
752 data->num_id_req++;
755 if (data->num_id_req > 1)
757 data->num_id_req++;
760 if (data->num_id_req > 2)
762 data->num_id_req++;
768 return eap_aka_client_error(data, id,
772 buf = eap_aka_response_identity(sm, data, id, attr->id_req);
774 if (data->prev_id != id) {
775 eap_aka_add_id_msg(data, reqData);
776 eap_aka_add_id_msg(data, buf);
777 data->prev_id = id;
784 static int eap_aka_verify_mac(struct eap_aka_data *data,
789 if (data->eap_method == EAP_TYPE_AKA_PRIME)
790 return eap_sim_verify_mac_sha256(data->k_aut, req, mac, extra,
792 return eap_sim_verify_mac(data->k_aut, req, mac, extra, extra_len);
797 static struct wpabuf * eap_aka_prime_kdf_select(struct eap_aka_data *data,
802 data->kdf_negotiation = 1;
803 data->kdf = kdf;
806 msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, data->eap_method,
810 return eap_sim_msg_finish(msg, data->eap_method, NULL, NULL, 0);
814 static struct wpabuf * eap_aka_prime_kdf_neg(struct eap_aka_data *data,
821 return eap_aka_prime_kdf_select(data, id,
827 return eap_aka_authentication_reject(data, id);
831 static int eap_aka_prime_kdf_valid(struct eap_aka_data *data,
842 if (data->kdf_negotiation) {
843 if (attr->kdf[0] != data->kdf) {
850 if (attr->kdf[i] == data->kdf)
865 for (i = data->kdf ? 1 : 0; i < attr->kdf_count; i++) {
881 struct eap_aka_data *data,
894 eap_aka_verify_checkcode(data, attr->checkcode,
898 return eap_aka_client_error(data, id,
903 if (data->eap_method == EAP_TYPE_AKA_PRIME) {
908 return eap_aka_authentication_reject(data, id);
910 os_free(data->network_name);
911 data->network_name = os_malloc(attr->kdf_input_len);
912 if (data->network_name == NULL) {
915 return eap_aka_authentication_reject(data, id);
917 os_memcpy(data->network_name, attr->kdf_input,
919 data->network_name_len = attr->kdf_input_len;
922 data->network_name, data->network_name_len);
925 if (!eap_aka_prime_kdf_valid(data, attr))
926 return eap_aka_authentication_reject(data, id);
929 return eap_aka_prime_kdf_neg(data, id, attr);
931 data->kdf = EAP_AKA_PRIME_KDF;
932 wpa_printf(MSG_DEBUG, "EAP-AKA': KDF %d selected", data->kdf);
935 if (data->eap_method == EAP_TYPE_AKA && attr->bidding) {
943 return eap_aka_authentication_reject(data, id);
948 data->reauth = 0;
955 return eap_aka_client_error(data, id,
958 os_memcpy(data->rand, attr->rand, EAP_AKA_RAND_LEN);
959 os_memcpy(data->autn, attr->autn, EAP_AKA_AUTN_LEN);
961 res = eap_aka_umts_auth(sm, data);
965 return eap_aka_authentication_reject(data, id);
969 return eap_aka_synchronization_failure(data, id);
975 return eap_aka_client_error(data, id,
979 if (data->eap_method == EAP_TYPE_AKA_PRIME) {
982 u16 amf = WPA_GET_BE16(data->autn + 6);
986 return eap_aka_authentication_reject(data, id);
988 eap_aka_prime_derive_ck_ik_prime(data->ck, data->ik,
989 data->autn,
990 data->network_name,
991 data->network_name_len);
994 if (data->last_eap_identity) {
995 identity = data->last_eap_identity;
996 identity_len = data->last_eap_identity_len;
997 } else if (data->pseudonym) {
998 identity = data->pseudonym;
999 identity_len = data->pseudonym_len;
1004 if (data->eap_method == EAP_TYPE_AKA_PRIME) {
1005 eap_aka_prime_derive_keys(identity, identity_len, data->ik,
1006 data->ck, data->k_encr, data->k_aut,
1007 data->k_re, data->msk, data->emsk);
1009 eap_aka_derive_mk(identity, identity_len, data->ik, data->ck,
1010 data->mk);
1011 eap_sim_derive_keys(data->mk, data->k_encr, data->k_aut,
1012 data->msk, data->emsk);
1014 if (eap_aka_verify_mac(data, reqData, attr->mac, (u8 *) "", 0)) {
1017 return eap_aka_client_error(data, id,
1025 eap_aka_clear_identities(sm, data, CLEAR_REAUTH_ID | CLEAR_EAP_ID);
1029 decrypted = eap_sim_parse_encr(data->k_encr, attr->encr_data,
1034 data, id, EAP_AKA_UNABLE_TO_PROCESS_PACKET);
1036 eap_aka_learn_ids(sm, data, &eattr);
1040 if (data->result_ind && attr->result_ind)
1041 data->use_result_ind = 1;
1043 if (data->state != FAILURE) {
1044 eap_aka_state(data, data->use_result_ind ?
1048 data->num_id_req = 0;
1049 data->num_notification = 0;
1053 data->counter = 0;
1054 return eap_aka_response_challenge(data, id);
1058 static int eap_aka_process_notification_reauth(struct eap_aka_data *data,
1066 "reauth did not include encrypted data");
1070 decrypted = eap_sim_parse_encr(data->k_encr, attr->encr_data,
1075 "data from notification message");
1079 if (eattr.counter < 0 || (size_t) eattr.counter != data->counter) {
1092 static int eap_aka_process_notification_auth(struct eap_aka_data *data,
1102 if (eap_aka_verify_mac(data, reqData, attr->mac, (u8 *) "", 0)) {
1108 if (data->reauth &&
1109 eap_aka_process_notification_reauth(data, attr)) {
1120 struct eap_sm *sm, struct eap_aka_data *data, u8 id,
1124 if (data->num_notification > 0) {
1127 return eap_aka_client_error(data, id,
1130 data->num_notification++;
1134 return eap_aka_client_error(data, id,
1139 eap_aka_process_notification_auth(data, reqData, attr)) {
1140 return eap_aka_client_error(data, id,
1146 eap_aka_state(data, FAILURE);
1148 data->state == RESULT_SUCCESS)
1149 eap_aka_state(data, SUCCESS);
1150 return eap_aka_response_notification(data, id, attr->notification);
1155 struct eap_sm *sm, struct eap_aka_data *data, u8 id,
1164 eap_aka_verify_checkcode(data, attr->checkcode,
1168 return eap_aka_client_error(data, id,
1172 if (data->reauth_id == NULL) {
1175 return eap_aka_client_error(data, id,
1179 data->reauth = 1;
1180 if (eap_aka_verify_mac(data, reqData, attr->mac, (u8 *) "", 0)) {
1183 return eap_aka_client_error(data, id,
1189 "message did not include encrypted data");
1190 return eap_aka_client_error(data, id,
1194 decrypted = eap_sim_parse_encr(data->k_encr, attr->encr_data,
1199 "data from reauthentication message");
1200 return eap_aka_client_error(data, id,
1209 return eap_aka_client_error(data, id,
1213 if (eattr.counter < 0 || (size_t) eattr.counter <= data->counter) {
1216 "(%d <= %d)", eattr.counter, data->counter);
1217 data->counter_too_small = eattr.counter;
1224 os_free(data->last_eap_identity);
1225 data->last_eap_identity = data->reauth_id;
1226 data->last_eap_identity_len = data->reauth_id_len;
1227 data->reauth_id = NULL;
1228 data->reauth_id_len = 0;
1230 res = eap_aka_response_reauth(data, id, 1, eattr.nonce_s);
1235 data->counter = eattr.counter;
1237 os_memcpy(data->nonce_s, eattr.nonce_s, EAP_SIM_NONCE_S_LEN);
1239 data->nonce_s, EAP_SIM_NONCE_S_LEN);
1241 if (data->eap_method == EAP_TYPE_AKA_PRIME) {
1242 eap_aka_prime_derive_keys_reauth(data->k_re, data->counter,
1243 data->reauth_id,
1244 data->reauth_id_len,
1245 data->nonce_s,
1246 data->msk, data->emsk);
1248 eap_sim_derive_keys_reauth(data->counter, data->reauth_id,
1249 data->reauth_id_len,
1250 data->nonce_s, data->mk,
1251 data->msk, data->emsk);
1253 eap_aka_clear_identities(sm, data, CLEAR_REAUTH_ID | CLEAR_EAP_ID);
1254 eap_aka_learn_ids(sm, data, &eattr);
1256 if (data->result_ind && attr->result_ind)
1257 data->use_result_ind = 1;
1259 if (data->state != FAILURE) {
1260 eap_aka_state(data, data->use_result_ind ?
1264 data->num_id_req = 0;
1265 data->num_notification = 0;
1266 if (data->counter > EAP_AKA_MAX_FAST_REAUTHS) {
1269 eap_aka_clear_identities(sm, data,
1273 return eap_aka_response_reauth(data, id, 0, data->nonce_s);
1281 struct eap_aka_data *data = priv;
1289 wpa_hexdump_buf(MSG_DEBUG, "EAP-AKA: EAP data", reqData);
1297 pos = eap_hdr_validate(EAP_VENDOR_IETF, data->eap_method, reqData,
1317 data->eap_method == EAP_TYPE_AKA_PRIME ? 2 : 1,
1319 res = eap_aka_client_error(data, id,
1326 res = eap_aka_process_identity(sm, data, id, reqData, &attr);
1329 res = eap_aka_process_challenge(sm, data, id, reqData, &attr);
1332 res = eap_aka_process_notification(sm, data, id, reqData,
1336 res = eap_aka_process_reauthentication(sm, data, id, reqData,
1341 res = eap_aka_client_error(data, id,
1346 res = eap_aka_client_error(data, id,
1352 if (data->state == FAILURE) {
1355 } else if (data->state == SUCCESS) {
1356 ret->decision = data->use_result_ind ?
1363 ret->methodState = data->use_result_ind ?
1365 } else if (data->state == RESULT_SUCCESS)
1378 struct eap_aka_data *data = priv;
1379 return data->pseudonym || data->reauth_id;
1385 struct eap_aka_data *data = priv;
1386 eap_aka_clear_identities(sm, data, CLEAR_EAP_ID);
1387 data->prev_id = -1;
1388 wpabuf_free(data->id_msgs);
1389 data->id_msgs = NULL;
1390 data->use_result_ind = 0;
1391 data->kdf_negotiation = 0;
1392 eap_aka_clear_keys(data, 1);
1398 struct eap_aka_data *data = priv;
1399 data->num_id_req = 0;
1400 data->num_notification = 0;
1401 eap_aka_state(data, CONTINUE);
1409 struct eap_aka_data *data = priv;
1411 if (data->reauth_id) {
1412 *len = data->reauth_id_len;
1413 return data->reauth_id;
1416 if (data->pseudonym) {
1417 *len = data->pseudonym_len;
1418 return data->pseudonym;
1427 struct eap_aka_data *data = priv;
1428 return data->state == SUCCESS;
1434 struct eap_aka_data *data = priv;
1437 if (data->state != SUCCESS)
1445 os_memcpy(key, data->msk, EAP_SIM_KEYING_DATA_LEN);
1453 struct eap_aka_data *data = priv;
1456 if (data->state != SUCCESS)
1464 id[0] = data->eap_method;
1465 os_memcpy(id + 1, data->rand, EAP_AKA_RAND_LEN);
1466 os_memcpy(id + 1 + EAP_AKA_RAND_LEN, data->autn, EAP_AKA_AUTN_LEN);
1475 struct eap_aka_data *data = priv;
1478 if (data->state != SUCCESS)
1486 os_memcpy(key, data->emsk, EAP_EMSK_LEN);