18d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* 28d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * EAP peer method: EAP-OTP (RFC 3748) 38d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Copyright (c) 2004-2006, Jouni Malinen <j@w1.fi> 48d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 5c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * This software may be distributed under the terms of the BSD license. 6c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * See README for more details. 78d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 88d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 98d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "includes.h" 108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "common.h" 128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "eap_i.h" 138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic void * eap_otp_init(struct eap_sm *sm) 168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* No need for private data. However, must return non-NULL to indicate 188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * success. */ 198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return (void *) 1; 208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic void eap_otp_deinit(struct eap_sm *sm, void *priv) 248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic struct wpabuf * eap_otp_process(struct eap_sm *sm, void *priv, 298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct eap_method_ret *ret, 308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const struct wpabuf *reqData) 318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct wpabuf *resp; 338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const u8 *pos, *password; 348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t password_len, len; 358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int otp; 368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_OTP, reqData, &len); 388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (pos == NULL) { 398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret->ignore = TRUE; 408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-OTP: Request message", 438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt pos, len); 448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt password = eap_get_config_otp(sm, &password_len); 468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (password) 478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt otp = 1; 488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt else { 498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt password = eap_get_config_password(sm, &password_len); 508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt otp = 0; 518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (password == NULL) { 548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_INFO, "EAP-OTP: Password not configured"); 558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt eap_sm_request_otp(sm, (const char *) pos, len); 568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret->ignore = TRUE; 578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret->ignore = FALSE; 618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret->methodState = METHOD_DONE; 638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret->decision = DECISION_COND_SUCC; 648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret->allowNotifications = FALSE; 658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_OTP, password_len, 678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt EAP_CODE_RESPONSE, eap_get_id(reqData)); 688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (resp == NULL) 698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_data(resp, password, password_len); 718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump_ascii_key(MSG_MSGDUMP, "EAP-OTP: Response", 728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt password, password_len); 738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (otp) { 758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "EAP-OTP: Forgetting used password"); 768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt eap_clear_config_otp(sm); 778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return resp; 808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint eap_peer_otp_register(void) 848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct eap_method *eap; 868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int ret; 878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt eap = eap_peer_method_alloc(EAP_PEER_METHOD_INTERFACE_VERSION, 898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt EAP_VENDOR_IETF, EAP_TYPE_OTP, "OTP"); 908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (eap == NULL) 918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt eap->init = eap_otp_init; 948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt eap->deinit = eap_otp_deinit; 958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt eap->process = eap_otp_process; 968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = eap_peer_method_register(eap); 988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret) 998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt eap_peer_method_free(eap); 1008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return ret; 1018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 102