]>
Commit | Line | Data |
---|---|---|
79a87846 | 1 | /* |
efee3ed8 | 2 | * Copyright (C) 2008-2011 Martin Willi |
79a87846 MW |
3 | * Hochschule fuer Technik Rapperswil |
4 | * | |
5 | * This program is free software; you can redistribute it and/or modify it | |
6 | * under the terms of the GNU General Public License as published by the | |
7 | * Free Software Foundation; either version 2 of the License, or (at your | |
8 | * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. | |
9 | * | |
10 | * This program is distributed in the hope that it will be useful, but | |
11 | * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY | |
12 | * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | |
13 | * for more details. | |
14 | */ | |
15 | ||
16 | /** | |
efee3ed8 MW |
17 | * @defgroup simaka_manager simaka_manager |
18 | * @{ @ingroup libsimaka | |
79a87846 MW |
19 | */ |
20 | ||
efee3ed8 MW |
21 | #ifndef SIMAKA_MANAGER_H_ |
22 | #define SIMAKA_MANAGER_H_ | |
79a87846 | 23 | |
bcf8a0ff | 24 | #include <crypto/hashers/hasher.h> |
79a87846 | 25 | #include <utils/identification.h> |
12642a68 | 26 | #include <collections/enumerator.h> |
c12c3349 | 27 | #include <plugins/plugin.h> |
79a87846 | 28 | |
efee3ed8 | 29 | typedef struct simaka_manager_t simaka_manager_t; |
ed5fc4ca | 30 | |
5d5e2853 MW |
31 | #define SIM_RAND_LEN 16 |
32 | #define SIM_SRES_LEN 4 | |
33 | #define SIM_KC_LEN 8 | |
34 | ||
073e7dc0 | 35 | #define AKA_RAND_LEN 16 |
1a86be6e | 36 | #define AKA_RES_MAX 16 |
073e7dc0 MW |
37 | #define AKA_CK_LEN 16 |
38 | #define AKA_IK_LEN 16 | |
39 | #define AKA_AUTN_LEN 16 | |
40 | #define AKA_AUTS_LEN 14 | |
41 | ||
efee3ed8 MW |
42 | #include "simaka_card.h" |
43 | #include "simaka_provider.h" | |
44 | #include "simaka_hooks.h" | |
8434c88b MW |
45 | |
46 | /** | |
47 | * The SIM manager handles multiple (U)SIM cards/providers and hooks. | |
79a87846 | 48 | */ |
efee3ed8 | 49 | struct simaka_manager_t { |
7daf5226 | 50 | |
79a87846 MW |
51 | /** |
52 | * Register a SIM card (client) at the manager. | |
53 | * | |
54 | * @param card sim card to register | |
55 | */ | |
efee3ed8 | 56 | void (*add_card)(simaka_manager_t *this, simaka_card_t *card); |
7daf5226 | 57 | |
79a87846 MW |
58 | /** |
59 | * Unregister a previously registered card from the manager. | |
60 | * | |
61 | * @param card sim card to unregister | |
62 | */ | |
efee3ed8 | 63 | void (*remove_card)(simaka_manager_t *this, simaka_card_t *card); |
7daf5226 | 64 | |
79a87846 | 65 | /** |
0109846a | 66 | * Calculate SIM triplets on one of the registered SIM cards. |
79a87846 | 67 | * |
0109846a MW |
68 | * @param id permanent identity to get a triplet for |
69 | * @param rand RAND input buffer, fixed size 16 bytes | |
70 | * @param sres SRES output buffer, fixed size 4 byte | |
71 | * @param kc KC output buffer, fixed size 8 bytes | |
72 | * @return TRUE if calculated, FALSE if no matching card found | |
73 | */ | |
efee3ed8 | 74 | bool (*card_get_triplet)(simaka_manager_t *this, identification_t *id, |
0109846a MW |
75 | char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], |
76 | char kc[SIM_KC_LEN]); | |
77 | ||
78 | /** | |
79 | * Calculate AKA quitpulets on one of the registered SIM cards. | |
80 | * | |
81 | * @param id permanent identity to request quintuplet for | |
82 | * @param rand random value rand | |
83 | * @param autn authentication token autn | |
84 | * @param ck buffer receiving encryption key ck | |
85 | * @param ik buffer receiving integrity key ik | |
86 | * @param res buffer receiving authentication result res | |
1fafc56b | 87 | * @param res_len number of bytes written to res buffer |
0109846a MW |
88 | * @return SUCCESS, FAILED, or INVALID_STATE if out of sync |
89 | */ | |
efee3ed8 | 90 | status_t (*card_get_quintuplet)(simaka_manager_t *this, identification_t *id, |
0109846a MW |
91 | char rand[AKA_RAND_LEN], char autn[AKA_AUTN_LEN], |
92 | char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], | |
1a86be6e | 93 | char res[AKA_RES_MAX], int *res_len); |
0109846a MW |
94 | |
95 | /** | |
96 | * Calculate resynchronization data on one of the registered SIM cards. | |
97 | * | |
98 | * @param id permanent identity to request quintuplet for | |
99 | * @param rand random value rand | |
100 | * @param auts resynchronization parameter auts | |
2db6d5b8 | 101 | * @return TRUE if calculated, FALSE if no matching card found |
0109846a | 102 | */ |
efee3ed8 | 103 | bool (*card_resync)(simaka_manager_t *this, identification_t *id, |
0109846a MW |
104 | char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]); |
105 | ||
106 | /** | |
107 | * Store a received pseudonym on one of the registered SIM cards. | |
108 | * | |
109 | * @param id permanent identity of the peer | |
110 | * @param pseudonym pseudonym identity received from the server | |
111 | */ | |
efee3ed8 | 112 | void (*card_set_pseudonym)(simaka_manager_t *this, identification_t *id, |
0109846a MW |
113 | identification_t *pseudonym); |
114 | ||
115 | /** | |
35a19861 | 116 | * Get a stored pseudonym from one of the registered SIM cards. |
0109846a MW |
117 | * |
118 | * @param id permanent identity of the peer | |
119 | * @return associated pseudonym identity, NULL if none found | |
120 | */ | |
efee3ed8 | 121 | identification_t* (*card_get_pseudonym)(simaka_manager_t *this, |
0109846a MW |
122 | identification_t *id); |
123 | ||
124 | /** | |
125 | * Store fast reauthentication parameters on one of the registered cards. | |
126 | * | |
127 | * @param id permanent identity of the peer | |
128 | * @param next next fast reauthentication identity to use | |
129 | * @param mk master key MK to store for reauthentication | |
130 | * @param counter counter value to store, host order | |
131 | */ | |
efee3ed8 | 132 | void (*card_set_reauth)(simaka_manager_t *this, identification_t *id, |
0109846a | 133 | identification_t *next, char mk[HASH_SIZE_SHA1], |
b12c53ce | 134 | uint16_t counter); |
0109846a MW |
135 | |
136 | /** | |
35a19861 | 137 | * Retrieve fast reauthentication parameters from one of the registered cards. |
0109846a MW |
138 | * |
139 | * @param id permanent identity of the peer | |
140 | * @param mk buffer receiving master key MK | |
141 | * @param counter pointer receiving counter value, in host order | |
142 | * @return fast reauthentication identity, NULL if none found | |
79a87846 | 143 | */ |
efee3ed8 | 144 | identification_t* (*card_get_reauth)(simaka_manager_t *this, |
0109846a | 145 | identification_t *id, char mk[HASH_SIZE_SHA1], |
b12c53ce | 146 | uint16_t *counter); |
7daf5226 | 147 | |
79a87846 MW |
148 | /** |
149 | * Register a triplet provider (server) at the manager. | |
150 | * | |
151 | * @param card sim card to register | |
152 | */ | |
efee3ed8 | 153 | void (*add_provider)(simaka_manager_t *this, simaka_provider_t *provider); |
7daf5226 | 154 | |
79a87846 MW |
155 | /** |
156 | * Unregister a previously registered provider from the manager. | |
157 | * | |
158 | * @param card sim card to unregister | |
159 | */ | |
efee3ed8 | 160 | void (*remove_provider)(simaka_manager_t *this, simaka_provider_t *provider); |
7daf5226 | 161 | |
79a87846 | 162 | /** |
0109846a | 163 | * Get a SIM triplet from one of the registered providers. |
79a87846 | 164 | * |
0109846a MW |
165 | * @param id permanent identity of peer to gen triplet for |
166 | * @param rand RAND output buffer, fixed size 16 bytes | |
167 | * @param sres SRES output buffer, fixed size 4 byte | |
168 | * @param kc KC output buffer, fixed size 8 bytes | |
169 | * @return TRUE if triplet received, FALSE if no match found | |
170 | */ | |
efee3ed8 | 171 | bool (*provider_get_triplet)(simaka_manager_t *this, identification_t *id, |
0109846a MW |
172 | char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], |
173 | char kc[SIM_KC_LEN]); | |
174 | ||
175 | /** | |
176 | * Get a AKA quintuplet from one of the registered providers. | |
177 | * | |
178 | * @param id permanent identity of peer to create challenge for | |
179 | * @param rand buffer receiving random value rand | |
180 | * @param xres buffer receiving expected authentication result xres | |
181 | * @param ck buffer receiving encryption key ck | |
182 | * @param ik buffer receiving integrity key ik | |
183 | * @param autn authentication token autn | |
184 | * @return TRUE if quintuplet received, FALSE if no match found | |
185 | */ | |
efee3ed8 | 186 | bool (*provider_get_quintuplet)(simaka_manager_t *this, identification_t *id, |
1a86be6e MW |
187 | char rand[AKA_RAND_LEN], |
188 | char xres[AKA_RES_MAX], int *xres_len, | |
0109846a MW |
189 | char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], |
190 | char autn[AKA_AUTN_LEN]); | |
191 | ||
192 | /** | |
193 | * Pass AKA resynchronization data to one of the registered providers. | |
194 | * | |
195 | * @param id permanent identity of peer requesting resynchronisation | |
196 | * @param rand random value rand | |
197 | * @param auts synchronization parameter auts | |
198 | * @return TRUE if resynchronized, FALSE if not handled | |
199 | */ | |
efee3ed8 | 200 | bool (*provider_resync)(simaka_manager_t *this, identification_t *id, |
0109846a MW |
201 | char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]); |
202 | ||
203 | /** | |
204 | * Check if a peer uses a pseudonym using one of the registered providers. | |
205 | * | |
206 | * @param id pseudonym identity candidate | |
207 | * @return permanent identity, NULL if id not a pseudonym | |
208 | */ | |
efee3ed8 | 209 | identification_t* (*provider_is_pseudonym)(simaka_manager_t *this, |
0109846a MW |
210 | identification_t *id); |
211 | ||
212 | /** | |
213 | * Generate a new pseudonym using one of the registered providers. | |
214 | * | |
215 | * @param id permanent identity to generate a pseudonym for | |
216 | * @return generated pseudonym, NULL to not use a pseudonym identity | |
217 | */ | |
efee3ed8 | 218 | identification_t* (*provider_gen_pseudonym)(simaka_manager_t *this, |
0109846a MW |
219 | identification_t *id); |
220 | ||
221 | /** | |
222 | * Check if a peer uses a reauth id using one of the registered providers. | |
223 | * | |
224 | * @param id reauthentication identity (candidate) | |
225 | * @param mk buffer receiving master key MK | |
226 | * @param counter pointer receiving current counter value, host order | |
227 | * @return permanent identity, NULL if not a known reauth identity | |
228 | */ | |
efee3ed8 | 229 | identification_t* (*provider_is_reauth)(simaka_manager_t *this, |
0109846a | 230 | identification_t *id, char mk[HASH_SIZE_SHA1], |
b12c53ce | 231 | uint16_t *counter); |
0109846a MW |
232 | |
233 | /** | |
234 | * Generate a fast reauth id using one of the registered providers. | |
235 | * | |
236 | * @param id permanent peer identity | |
237 | * @param mk master key to store along with generated identity | |
238 | * @return fast reauthentication identity, NULL to not use reauth | |
79a87846 | 239 | */ |
efee3ed8 | 240 | identification_t* (*provider_gen_reauth)(simaka_manager_t *this, |
0109846a | 241 | identification_t *id, char mk[HASH_SIZE_SHA1]); |
7daf5226 | 242 | |
8434c88b MW |
243 | /** |
244 | * Register a set of hooks to the manager. | |
245 | * | |
246 | * @param hooks hook interface implementation to register | |
247 | */ | |
efee3ed8 | 248 | void (*add_hooks)(simaka_manager_t *this, simaka_hooks_t *hooks); |
8434c88b MW |
249 | |
250 | /** | |
251 | * Unregister a set of hooks from the manager. | |
252 | * | |
253 | * @param hooks hook interface implementation to unregister | |
254 | */ | |
efee3ed8 | 255 | void (*remove_hooks)(simaka_manager_t *this, simaka_hooks_t *hooks); |
8434c88b MW |
256 | |
257 | /** | |
ed5fc4ca | 258 | * Invoke SIM/AKA message hook. |
8434c88b | 259 | * |
ed5fc4ca MW |
260 | * @param message SIM message |
261 | * @param inbound TRUE for incoming messages, FALSE for outgoing | |
262 | * @param decrypted TRUE if AT_ENCR_DATA has been decrypted | |
8434c88b | 263 | */ |
efee3ed8 | 264 | void (*message_hook)(simaka_manager_t *this, simaka_message_t *message, |
ed5fc4ca | 265 | bool inbound, bool decrypted); |
8434c88b MW |
266 | |
267 | /** | |
268 | * Invoke SIM/AKA key hook. | |
269 | * | |
270 | * @param k_encr SIM/AKA encryption key k_encr | |
271 | * @param k_auth SIM/AKA authentication key k_auth | |
272 | */ | |
efee3ed8 | 273 | void (*key_hook)(simaka_manager_t *this, chunk_t k_encr, chunk_t k_auth); |
8434c88b | 274 | |
79a87846 MW |
275 | /** |
276 | * Destroy a manager instance. | |
277 | */ | |
efee3ed8 | 278 | void (*destroy)(simaka_manager_t *this); |
79a87846 MW |
279 | }; |
280 | ||
281 | /** | |
efee3ed8 | 282 | * Create an SIM/AKA manager to handle multiple (U)SIM cards/providers. |
79a87846 | 283 | * |
efee3ed8 | 284 | * @return simaka_t object |
79a87846 | 285 | */ |
efee3ed8 | 286 | simaka_manager_t *simaka_manager_create(); |
79a87846 | 287 | |
c12c3349 MW |
288 | /** |
289 | * Callback for the simaka_manager_register_cb_t, provides backend to register. | |
290 | * | |
291 | * @param plugin plugin registering a backend (card or provider) | |
292 | * @return a simaka_card_t* or simaka_provider_t*, NULL on failure | |
293 | */ | |
294 | typedef void* (*simaka_manager_register_cb_t)(plugin_t *plugin); | |
295 | ||
296 | /** | |
297 | * Helper function to (un-)register SIM/AKA backend plugin features. | |
298 | * | |
299 | * This function is a plugin_feature_callback_t and can be used with the | |
300 | * PLUGIN_CALLBACK macro to register a SIM/AKA backend. | |
301 | * | |
302 | * @param plugin plugin registering the SIM/AKA backend | |
303 | * @param feature associated plugin feature | |
304 | * @param reg TRUE to register, FALSE to unregister. | |
305 | * @param data data passed to callback, an simaka_manager_register_cb_t | |
306 | */ | |
307 | bool simaka_manager_register(plugin_t *plugin, plugin_feature_t *feature, | |
308 | bool reg, void *data); | |
309 | ||
11adf114 TB |
310 | /** |
311 | * @} | |
312 | * @addtogroup libsimaka | |
313 | * @{ | |
314 | * | |
315 | * Dummy libsimaka initialization function needed for integrity test | |
316 | */ | |
317 | void libsimaka_init(void); | |
318 | ||
efee3ed8 | 319 | #endif /** SIMAKA_MANAGER_H_ @}*/ |