29 	struct eap_eke_session sess;
104 	eap_eke_session_clean(&data->sess);
253 	if (eap_eke_derive_key(&data->sess, sm->user->password,
262 	msg = eap_eke_build_msg(data, id, data->sess.dhcomp_len,
277 	if (eap_eke_dh_init(data->sess.dhgroup, data->dh_priv, pub) < 0) {
283 	if (eap_eke_dhcomp(&data->sess, data->key, pub,
284 			   wpabuf_put(msg, data->sess.dhcomp_len))
313 	plen = data->sess.pnonce_ps_len + data->sess.prf_len;
320 	if (random_get_bytes(data->nonce_s, data->sess.nonce_len)) {
326 			data->nonce_s, data->sess.nonce_len);
328 	os_memcpy(nonces, data->nonce_p, data->sess.nonce_len);
329 	os_memcpy(nonces + data->sess.nonce_len, data->nonce_s,
330 		  data->sess.nonce_len);
332 	if (eap_eke_prot(&data->sess, nonces, 2 * data->sess.nonce_len,
340 	if (eap_eke_derive_ka(&data->sess,
349 	auth = wpabuf_put(msg, data->sess.prf_len);
350 	if (eap_eke_auth(&data->sess, "EAP-EKE server", data->msgs, auth) < 0) {
355 	wpa_hexdump(MSG_DEBUG, "EAP-EKE: Auth_S", auth, data->sess.prf_len);
461 	if (eap_eke_session_init(&data->sess, pos[0], pos[1], pos[2], pos[3]) <
533 	if (pos + data->sess.dhcomp_len + data->sess.pnonce_len > end) {
540 		    pos, data->sess.dhcomp_len);
542 	pos += data->sess.dhcomp_len;
543 	wpa_hexdump(MSG_DEBUG, "EAP-EKE: PNonce_P", pos, data->sess.pnonce_len);
545 	pos += data->sess.pnonce_len;
548 	if (eap_eke_shared_secret(&data->sess, data->key, data->dh_priv, dhcomp)
555 	if (eap_eke_derive_ke_ki(&data->sess,
564 	if (eap_eke_decrypt_prot(&data->sess, pnonce, data->sess.pnonce_len,
570 	if (decrypt_len < (size_t) data->sess.nonce_len) {
576 			data->nonce_p, data->sess.nonce_len);
606 	if (payloadlen < (size_t) data->sess.pnonce_len + data->sess.prf_len) {
613 	if (eap_eke_decrypt_prot(&data->sess, payload, data->sess.pnonce_len,
619 	if (decrypt_len < (size_t) data->sess.nonce_len) {
625 			nonce, data->sess.nonce_len);
626 	if (os_memcmp(nonce, data->nonce_s, data->sess.nonce_len) != 0) {
632 	if (eap_eke_auth(&data->sess, "EAP-EKE peer", data->msgs, auth_p) < 0) {
637 	wpa_hexdump(MSG_DEBUG, "EAP-EKE: Auth_P", auth_p, data->sess.prf_len);
638 	if (os_memcmp_const(auth_p, payload + data->sess.pnonce_len,
639 			    data->sess.prf_len) != 0) {
645 	if (eap_eke_derive_msk(&data->sess, sm->server_id, sm->server_id_len,
656 	eap_eke_session_clean(&data->sess);

Indexes created Fri Mar 13 02:32:08 CET 2015