18d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* 28d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * EAP server/peer: EAP-pwd shared definitions 38d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Copyright (c) 2009, Dan Harkins <dharkins@lounge.org> 48d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 5c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * This software may be distributed under the terms of the BSD license. 6c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * See README for more details. 78d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 88d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 98d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#ifndef EAP_PWD_COMMON_H 108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define EAP_PWD_COMMON_H 118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include <openssl/bn.h> 138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include <openssl/ec.h> 148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include <openssl/evp.h> 158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* 178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * definition of a finite cyclic group 188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * TODO: support one based on a prime field 198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidttypedef struct group_definition_ { 218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt u16 group_num; 228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt EC_GROUP *group; 238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt EC_POINT *pwe; 248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt BIGNUM *order; 258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt BIGNUM *prime; 268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} EAP_PWD_group; 278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* 298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * EAP-pwd header, included on all payloads 301f69aa52ea2e0a73ac502565df8c666ee49cab6aDmitry Shmidt * L(1 bit) | M(1 bit) | exch(6 bits) | total_length(if L is set) 318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 32c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt#define EAP_PWD_HDR_SIZE 1 338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define EAP_PWD_OPCODE_ID_EXCH 1 358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define EAP_PWD_OPCODE_COMMIT_EXCH 2 368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define EAP_PWD_OPCODE_CONFIRM_EXCH 3 37c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt#define EAP_PWD_GET_LENGTH_BIT(x) ((x) & 0x80) 38c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt#define EAP_PWD_SET_LENGTH_BIT(x) ((x) |= 0x80) 39c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt#define EAP_PWD_GET_MORE_BIT(x) ((x) & 0x40) 40c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt#define EAP_PWD_SET_MORE_BIT(x) ((x) |= 0x40) 41c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt#define EAP_PWD_GET_EXCHANGE(x) ((x) & 0x3f) 42c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt#define EAP_PWD_SET_EXCHANGE(x,y) ((x) |= (y)) 438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* EAP-pwd-ID payload */ 458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstruct eap_pwd_id { 468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt be16 group_num; 478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt u8 random_function; 488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define EAP_PWD_DEFAULT_RAND_FUNC 1 498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt u8 prf; 508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define EAP_PWD_DEFAULT_PRF 1 518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt u8 token[4]; 528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt u8 prep; 538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define EAP_PWD_PREP_NONE 0 548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define EAP_PWD_PREP_MS 1 558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt u8 identity[0]; /* length inferred from payload */ 568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} STRUCT_PACKED; 578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* common routines */ 598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint compute_password_element(EAP_PWD_group *, u16, u8 *, int, u8 *, int, u8 *, 608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int, u8 *); 618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint compute_keys(EAP_PWD_group *, BN_CTX *, BIGNUM *, BIGNUM *, BIGNUM *, 625a1480c7c46c4236d93bfd303dde32062bee04acDmitry Shmidt u8 *, u8 *, u32 *, u8 *, u8 *, u8 *); 6304949598a23f501be6eec21697465fd46a28840aDmitry Shmidtstruct crypto_hash * eap_pwd_h_init(void); 6404949598a23f501be6eec21697465fd46a28840aDmitry Shmidtvoid eap_pwd_h_update(struct crypto_hash *hash, const u8 *data, size_t len); 6504949598a23f501be6eec21697465fd46a28840aDmitry Shmidtvoid eap_pwd_h_final(struct crypto_hash *hash, u8 *digest); 668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* EAP_PWD_COMMON_H */ 68