]> git.ipfire.org Git - thirdparty/hostap.git/blob - src/eap_common/ikev2_common.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
EAP-IKEv2: Remove obsolete ccns.pl project workarounds
[thirdparty/hostap.git] / src / eap_common / ikev2_common.c
1 /*
2 * IKEv2 common routines for initiator and responder
3 * Copyright (c) 2007, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "includes.h"
10
11 #include "common.h"
12 #include "crypto/crypto.h"
13 #include "crypto/md5.h"
14 #include "crypto/sha1.h"
15 #include "crypto/random.h"
16 #include "ikev2_common.h"
17
18
19 static struct ikev2_integ_alg ikev2_integ_algs[] = {
20 { AUTH_HMAC_SHA1_96, 20, 12 },
21 { AUTH_HMAC_MD5_96, 16, 12 }
22 };
23
24 #define NUM_INTEG_ALGS ARRAY_SIZE(ikev2_integ_algs)
25
26
27 static struct ikev2_prf_alg ikev2_prf_algs[] = {
28 { PRF_HMAC_SHA1, 20, 20 },
29 { PRF_HMAC_MD5, 16, 16 }
30 };
31
32 #define NUM_PRF_ALGS ARRAY_SIZE(ikev2_prf_algs)
33
34
35 static struct ikev2_encr_alg ikev2_encr_algs[] = {
36 { ENCR_AES_CBC, 16, 16 }, /* only 128-bit keys supported for now */
37 { ENCR_3DES, 24, 8 }
38 };
39
40 #define NUM_ENCR_ALGS ARRAY_SIZE(ikev2_encr_algs)
41
42
43 const struct ikev2_integ_alg * ikev2_get_integ(int id)
44 {
45 size_t i;
46
47 for (i = 0; i < NUM_INTEG_ALGS; i++) {
48 if (ikev2_integ_algs[i].id == id)
49 return &ikev2_integ_algs[i];
50 }
51
52 return NULL;
53 }
54
55
56 int ikev2_integ_hash(int alg, const u8 *key, size_t key_len, const u8 *data,
57 size_t data_len, u8 *hash)
58 {
59 u8 tmphash[IKEV2_MAX_HASH_LEN];
60
61 switch (alg) {
62 case AUTH_HMAC_SHA1_96:
63 if (key_len != 20)
64 return -1;
65 hmac_sha1(key, key_len, data, data_len, tmphash);
66 os_memcpy(hash, tmphash, 12);
67 break;
68 case AUTH_HMAC_MD5_96:
69 if (key_len != 16)
70 return -1;
71 hmac_md5(key, key_len, data, data_len, tmphash);
72 os_memcpy(hash, tmphash, 12);
73 break;
74 default:
75 return -1;
76 }
77
78 return 0;
79 }
80
81
82 const struct ikev2_prf_alg * ikev2_get_prf(int id)
83 {
84 size_t i;
85
86 for (i = 0; i < NUM_PRF_ALGS; i++) {
87 if (ikev2_prf_algs[i].id == id)
88 return &ikev2_prf_algs[i];
89 }
90
91 return NULL;
92 }
93
94
95 int ikev2_prf_hash(int alg, const u8 *key, size_t key_len,
96 size_t num_elem, const u8 *addr[], const size_t *len,
97 u8 *hash)
98 {
99 switch (alg) {
100 case PRF_HMAC_SHA1:
101 hmac_sha1_vector(key, key_len, num_elem, addr, len, hash);
102 break;
103 case PRF_HMAC_MD5:
104 hmac_md5_vector(key, key_len, num_elem, addr, len, hash);
105 break;
106 default:
107 return -1;
108 }
109
110 return 0;
111 }
112
113
114 int ikev2_prf_plus(int alg, const u8 *key, size_t key_len,
115 const u8 *data, size_t data_len,
116 u8 *out, size_t out_len)
117 {
118 u8 hash[IKEV2_MAX_HASH_LEN];
119 size_t hash_len;
120 u8 iter, *pos, *end;
121 const u8 *addr[3];
122 size_t len[3];
123 const struct ikev2_prf_alg *prf;
124 int res;
125
126 prf = ikev2_get_prf(alg);
127 if (prf == NULL)
128 return -1;
129 hash_len = prf->hash_len;
130
131 addr[0] = hash;
132 len[0] = hash_len;
133 addr[1] = data;
134 len[1] = data_len;
135 addr[2] = &iter;
136 len[2] = 1;
137
138 pos = out;
139 end = out + out_len;
140 iter = 1;
141 while (pos < end) {
142 size_t clen;
143 if (iter == 1)
144 res = ikev2_prf_hash(alg, key, key_len, 2, &addr[1],
145 &len[1], hash);
146 else
147 res = ikev2_prf_hash(alg, key, key_len, 3, addr, len,
148 hash);
149 if (res < 0)
150 return -1;
151 clen = hash_len;
152 if ((int) clen > end - pos)
153 clen = end - pos;
154 os_memcpy(pos, hash, clen);
155 pos += clen;
156 iter++;
157 }
158
159 return 0;
160 }
161
162
163 const struct ikev2_encr_alg * ikev2_get_encr(int id)
164 {
165 size_t i;
166
167 for (i = 0; i < NUM_ENCR_ALGS; i++) {
168 if (ikev2_encr_algs[i].id == id)
169 return &ikev2_encr_algs[i];
170 }
171
172 return NULL;
173 }
174
175
176 int ikev2_encr_encrypt(int alg, const u8 *key, size_t key_len, const u8 *iv,
177 const u8 *plain, u8 *crypt, size_t len)
178 {
179 struct crypto_cipher *cipher;
180 int encr_alg;
181
182 switch (alg) {
183 case ENCR_3DES:
184 encr_alg = CRYPTO_CIPHER_ALG_3DES;
185 break;
186 case ENCR_AES_CBC:
187 encr_alg = CRYPTO_CIPHER_ALG_AES;
188 break;
189 default:
190 wpa_printf(MSG_DEBUG, "IKEV2: Unsupported encr alg %d", alg);
191 return -1;
192 }
193
194 cipher = crypto_cipher_init(encr_alg, iv, key, key_len);
195 if (cipher == NULL) {
196 wpa_printf(MSG_INFO, "IKEV2: Failed to initialize cipher");
197 return -1;
198 }
199
200 if (crypto_cipher_encrypt(cipher, plain, crypt, len) < 0) {
201 wpa_printf(MSG_INFO, "IKEV2: Encryption failed");
202 crypto_cipher_deinit(cipher);
203 return -1;
204 }
205 crypto_cipher_deinit(cipher);
206
207 return 0;
208 }
209
210
211 int ikev2_encr_decrypt(int alg, const u8 *key, size_t key_len, const u8 *iv,
212 const u8 *crypt, u8 *plain, size_t len)
213 {
214 struct crypto_cipher *cipher;
215 int encr_alg;
216
217 switch (alg) {
218 case ENCR_3DES:
219 encr_alg = CRYPTO_CIPHER_ALG_3DES;
220 break;
221 case ENCR_AES_CBC:
222 encr_alg = CRYPTO_CIPHER_ALG_AES;
223 break;
224 default:
225 wpa_printf(MSG_DEBUG, "IKEV2: Unsupported encr alg %d", alg);
226 return -1;
227 }
228
229 cipher = crypto_cipher_init(encr_alg, iv, key, key_len);
230 if (cipher == NULL) {
231 wpa_printf(MSG_INFO, "IKEV2: Failed to initialize cipher");
232 return -1;
233 }
234
235 if (crypto_cipher_decrypt(cipher, crypt, plain, len) < 0) {
236 wpa_printf(MSG_INFO, "IKEV2: Decryption failed");
237 crypto_cipher_deinit(cipher);
238 return -1;
239 }
240 crypto_cipher_deinit(cipher);
241
242 return 0;
243 }
244
245
246 int ikev2_parse_payloads(struct ikev2_payloads *payloads,
247 u8 next_payload, const u8 *pos, const u8 *end)
248 {
249 const struct ikev2_payload_hdr *phdr;
250
251 os_memset(payloads, 0, sizeof(*payloads));
252
253 while (next_payload != IKEV2_PAYLOAD_NO_NEXT_PAYLOAD) {
254 int plen, pdatalen;
255 const u8 *pdata;
256 wpa_printf(MSG_DEBUG, "IKEV2: Processing payload %u",
257 next_payload);
258 if (end - pos < (int) sizeof(*phdr)) {
259 wpa_printf(MSG_INFO, "IKEV2: Too short message for "
260 "payload header (left=%ld)",
261 (long) (end - pos));
262 }
263 phdr = (const struct ikev2_payload_hdr *) pos;
264 plen = WPA_GET_BE16(phdr->payload_length);
265 if (plen < (int) sizeof(*phdr) || pos + plen > end) {
266 wpa_printf(MSG_INFO, "IKEV2: Invalid payload header "
267 "length %d", plen);
268 return -1;
269 }
270
271 wpa_printf(MSG_DEBUG, "IKEV2: Next Payload: %u Flags: 0x%x"
272 " Payload Length: %d",
273 phdr->next_payload, phdr->flags, plen);
274
275 pdata = (const u8 *) (phdr + 1);
276 pdatalen = plen - sizeof(*phdr);
277
278 switch (next_payload) {
279 case IKEV2_PAYLOAD_SA:
280 wpa_printf(MSG_DEBUG, "IKEV2: Payload: Security "
281 "Association");
282 payloads->sa = pdata;
283 payloads->sa_len = pdatalen;
284 break;
285 case IKEV2_PAYLOAD_KEY_EXCHANGE:
286 wpa_printf(MSG_DEBUG, "IKEV2: Payload: Key "
287 "Exchange");
288 payloads->ke = pdata;
289 payloads->ke_len = pdatalen;
290 break;
291 case IKEV2_PAYLOAD_IDi:
292 wpa_printf(MSG_DEBUG, "IKEV2: Payload: IDi");
293 payloads->idi = pdata;
294 payloads->idi_len = pdatalen;
295 break;
296 case IKEV2_PAYLOAD_IDr:
297 wpa_printf(MSG_DEBUG, "IKEV2: Payload: IDr");
298 payloads->idr = pdata;
299 payloads->idr_len = pdatalen;
300 break;
301 case IKEV2_PAYLOAD_CERTIFICATE:
302 wpa_printf(MSG_DEBUG, "IKEV2: Payload: Certificate");
303 payloads->cert = pdata;
304 payloads->cert_len = pdatalen;
305 break;
306 case IKEV2_PAYLOAD_AUTHENTICATION:
307 wpa_printf(MSG_DEBUG, "IKEV2: Payload: "
308 "Authentication");
309 payloads->auth = pdata;
310 payloads->auth_len = pdatalen;
311 break;
312 case IKEV2_PAYLOAD_NONCE:
313 wpa_printf(MSG_DEBUG, "IKEV2: Payload: Nonce");
314 payloads->nonce = pdata;
315 payloads->nonce_len = pdatalen;
316 break;
317 case IKEV2_PAYLOAD_ENCRYPTED:
318 wpa_printf(MSG_DEBUG, "IKEV2: Payload: Encrypted");
319 payloads->encrypted = pdata;
320 payloads->encrypted_len = pdatalen;
321 break;
322 case IKEV2_PAYLOAD_NOTIFICATION:
323 wpa_printf(MSG_DEBUG, "IKEV2: Payload: "
324 "Notification");
325 payloads->notification = pdata;
326 payloads->notification_len = pdatalen;
327 break;
328 default:
329 if (phdr->flags & IKEV2_PAYLOAD_FLAGS_CRITICAL) {
330 wpa_printf(MSG_INFO, "IKEV2: Unsupported "
331 "critical payload %u - reject the "
332 "entire message", next_payload);
333 return -1;
334 } else {
335 wpa_printf(MSG_DEBUG, "IKEV2: Skipped "
336 "unsupported payload %u",
337 next_payload);
338 }
339 }
340
341 if (next_payload == IKEV2_PAYLOAD_ENCRYPTED &&
342 pos + plen == end) {
343 /*
344 * Next Payload in the case of Encrypted Payload is
345 * actually the payload type for the first embedded
346 * payload.
347 */
348 payloads->encr_next_payload = phdr->next_payload;
349 next_payload = IKEV2_PAYLOAD_NO_NEXT_PAYLOAD;
350 } else
351 next_payload = phdr->next_payload;
352
353 pos += plen;
354 }
355
356 if (pos != end) {
357 wpa_printf(MSG_INFO, "IKEV2: Unexpected extra data after "
358 "payloads");
359 return -1;
360 }
361
362 return 0;
363 }
364
365
366 int ikev2_derive_auth_data(int prf_alg, const struct wpabuf *sign_msg,
367 const u8 *ID, size_t ID_len, u8 ID_type,
368 struct ikev2_keys *keys, int initiator,
369 const u8 *shared_secret, size_t shared_secret_len,
370 const u8 *nonce, size_t nonce_len,
371 const u8 *key_pad, size_t key_pad_len,
372 u8 *auth_data)
373 {
374 size_t sign_len, buf_len;
375 u8 *sign_data, *pos, *buf, hash[IKEV2_MAX_HASH_LEN];
376 const struct ikev2_prf_alg *prf;
377 const u8 *SK_p = initiator ? keys->SK_pi : keys->SK_pr;
378
379 prf = ikev2_get_prf(prf_alg);
380 if (sign_msg == NULL || ID == NULL || SK_p == NULL ||
381 shared_secret == NULL || nonce == NULL || prf == NULL)
382 return -1;
383
384 /* prf(SK_pi/r,IDi/r') */
385 buf_len = 4 + ID_len;
386 buf = os_zalloc(buf_len);
387 if (buf == NULL)
388 return -1;
389 buf[0] = ID_type;
390 os_memcpy(buf + 4, ID, ID_len);
391 if (ikev2_prf_hash(prf->id, SK_p, keys->SK_prf_len,
392 1, (const u8 **) &buf, &buf_len, hash) < 0) {
393 os_free(buf);
394 return -1;
395 }
396 os_free(buf);
397
398 /* sign_data = msg | Nr/i | prf(SK_pi/r,IDi/r') */
399 sign_len = wpabuf_len(sign_msg) + nonce_len + prf->hash_len;
400 sign_data = os_malloc(sign_len);
401 if (sign_data == NULL)
402 return -1;
403 pos = sign_data;
404 os_memcpy(pos, wpabuf_head(sign_msg), wpabuf_len(sign_msg));
405 pos += wpabuf_len(sign_msg);
406 os_memcpy(pos, nonce, nonce_len);
407 pos += nonce_len;
408 os_memcpy(pos, hash, prf->hash_len);
409
410 /* AUTH = prf(prf(Shared Secret, key pad, sign_data) */
411 if (ikev2_prf_hash(prf->id, shared_secret, shared_secret_len, 1,
412 &key_pad, &key_pad_len, hash) < 0 ||
413 ikev2_prf_hash(prf->id, hash, prf->hash_len, 1,
414 (const u8 **) &sign_data, &sign_len, auth_data) < 0)
415 {
416 os_free(sign_data);
417 return -1;
418 }
419 os_free(sign_data);
420
421 return 0;
422 }
423
424
425 u8 * ikev2_decrypt_payload(int encr_id, int integ_id,
426 struct ikev2_keys *keys, int initiator,
427 const struct ikev2_hdr *hdr,
428 const u8 *encrypted, size_t encrypted_len,
429 size_t *res_len)
430 {
431 size_t iv_len;
432 const u8 *pos, *end, *iv, *integ;
433 u8 hash[IKEV2_MAX_HASH_LEN], *decrypted;
434 size_t decrypted_len, pad_len;
435 const struct ikev2_integ_alg *integ_alg;
436 const struct ikev2_encr_alg *encr_alg;
437 const u8 *SK_e = initiator ? keys->SK_ei : keys->SK_er;
438 const u8 *SK_a = initiator ? keys->SK_ai : keys->SK_ar;
439
440 if (encrypted == NULL) {
441 wpa_printf(MSG_INFO, "IKEV2: No Encrypted payload in SA_AUTH");
442 return NULL;
443 }
444
445 encr_alg = ikev2_get_encr(encr_id);
446 if (encr_alg == NULL) {
447 wpa_printf(MSG_INFO, "IKEV2: Unsupported encryption type");
448 return NULL;
449 }
450 iv_len = encr_alg->block_size;
451
452 integ_alg = ikev2_get_integ(integ_id);
453 if (integ_alg == NULL) {
454 wpa_printf(MSG_INFO, "IKEV2: Unsupported intergrity type");
455 return NULL;
456 }
457
458 if (encrypted_len < iv_len + 1 + integ_alg->hash_len) {
459 wpa_printf(MSG_INFO, "IKEV2: No room for IV or Integrity "
460 "Checksum");
461 return NULL;
462 }
463
464 iv = encrypted;
465 pos = iv + iv_len;
466 end = encrypted + encrypted_len;
467 integ = end - integ_alg->hash_len;
468
469 if (SK_a == NULL) {
470 wpa_printf(MSG_INFO, "IKEV2: No SK_a available");
471 return NULL;
472 }
473 if (ikev2_integ_hash(integ_id, SK_a, keys->SK_integ_len,
474 (const u8 *) hdr,
475 integ - (const u8 *) hdr, hash) < 0) {
476 wpa_printf(MSG_INFO, "IKEV2: Failed to calculate integrity "
477 "hash");
478 return NULL;
479 }
480 if (os_memcmp(integ, hash, integ_alg->hash_len) != 0) {
481 wpa_printf(MSG_INFO, "IKEV2: Incorrect Integrity Checksum "
482 "Data");
483 return NULL;
484 }
485
486 if (SK_e == NULL) {
487 wpa_printf(MSG_INFO, "IKEV2: No SK_e available");
488 return NULL;
489 }
490
491 decrypted_len = integ - pos;
492 decrypted = os_malloc(decrypted_len);
493 if (decrypted == NULL)
494 return NULL;
495
496 if (ikev2_encr_decrypt(encr_alg->id, SK_e, keys->SK_encr_len, iv, pos,
497 decrypted, decrypted_len) < 0) {
498 os_free(decrypted);
499 return NULL;
500 }
501
502 pad_len = decrypted[decrypted_len - 1];
503 if (decrypted_len < pad_len + 1) {
504 wpa_printf(MSG_INFO, "IKEV2: Invalid padding in encrypted "
505 "payload");
506 os_free(decrypted);
507 return NULL;
508 }
509
510 decrypted_len -= pad_len + 1;
511
512 *res_len = decrypted_len;
513 return decrypted;
514 }
515
516
517 void ikev2_update_hdr(struct wpabuf *msg)
518 {
519 struct ikev2_hdr *hdr;
520
521 /* Update lenth field in HDR */
522 hdr = wpabuf_mhead(msg);
523 WPA_PUT_BE32(hdr->length, wpabuf_len(msg));
524 }
525
526
527 int ikev2_build_encrypted(int encr_id, int integ_id, struct ikev2_keys *keys,
528 int initiator, struct wpabuf *msg,
529 struct wpabuf *plain, u8 next_payload)
530 {
531 struct ikev2_payload_hdr *phdr;
532 size_t plen;
533 size_t iv_len, pad_len;
534 u8 *icv, *iv;
535 const struct ikev2_integ_alg *integ_alg;
536 const struct ikev2_encr_alg *encr_alg;
537 const u8 *SK_e = initiator ? keys->SK_ei : keys->SK_er;
538 const u8 *SK_a = initiator ? keys->SK_ai : keys->SK_ar;
539
540 wpa_printf(MSG_DEBUG, "IKEV2: Adding Encrypted payload");
541
542 /* Encr - RFC 4306, Sect. 3.14 */
543
544 encr_alg = ikev2_get_encr(encr_id);
545 if (encr_alg == NULL) {
546 wpa_printf(MSG_INFO, "IKEV2: Unsupported encryption type");
547 return -1;
548 }
549 iv_len = encr_alg->block_size;
550
551 integ_alg = ikev2_get_integ(integ_id);
552 if (integ_alg == NULL) {
553 wpa_printf(MSG_INFO, "IKEV2: Unsupported intergrity type");
554 return -1;
555 }
556
557 if (SK_e == NULL) {
558 wpa_printf(MSG_INFO, "IKEV2: No SK_e available");
559 return -1;
560 }
561
562 if (SK_a == NULL) {
563 wpa_printf(MSG_INFO, "IKEV2: No SK_a available");
564 return -1;
565 }
566
567 phdr = wpabuf_put(msg, sizeof(*phdr));
568 phdr->next_payload = next_payload;
569 phdr->flags = 0;
570
571 iv = wpabuf_put(msg, iv_len);
572 if (random_get_bytes(iv, iv_len)) {
573 wpa_printf(MSG_INFO, "IKEV2: Could not generate IV");
574 return -1;
575 }
576
577 pad_len = iv_len - (wpabuf_len(plain) + 1) % iv_len;
578 if (pad_len == iv_len)
579 pad_len = 0;
580 wpabuf_put(plain, pad_len);
581 wpabuf_put_u8(plain, pad_len);
582
583 if (ikev2_encr_encrypt(encr_alg->id, SK_e, keys->SK_encr_len, iv,
584 wpabuf_head(plain), wpabuf_mhead(plain),
585 wpabuf_len(plain)) < 0)
586 return -1;
587
588 wpabuf_put_buf(msg, plain);
589
590 /* Need to update all headers (Length fields) prior to hash func */
591 icv = wpabuf_put(msg, integ_alg->hash_len);
592 plen = (u8 *) wpabuf_put(msg, 0) - (u8 *) phdr;
593 WPA_PUT_BE16(phdr->payload_length, plen);
594
595 ikev2_update_hdr(msg);
596
597 return ikev2_integ_hash(integ_id, SK_a, keys->SK_integ_len,
598 wpabuf_head(msg),
599 wpabuf_len(msg) - integ_alg->hash_len, icv);
600
601 return 0;
602 }
603
604
605 int ikev2_keys_set(struct ikev2_keys *keys)
606 {
607 return keys->SK_d && keys->SK_ai && keys->SK_ar && keys->SK_ei &&
608 keys->SK_er && keys->SK_pi && keys->SK_pr;
609 }
610
611
612 void ikev2_free_keys(struct ikev2_keys *keys)
613 {
614 os_free(keys->SK_d);
615 os_free(keys->SK_ai);
616 os_free(keys->SK_ar);
617 os_free(keys->SK_ei);
618 os_free(keys->SK_er);
619 os_free(keys->SK_pi);
620 os_free(keys->SK_pr);
621 keys->SK_d = keys->SK_ai = keys->SK_ar = keys->SK_ei = keys->SK_er =
622 keys->SK_pi = keys->SK_pr = NULL;
623 }
624
625
626 int ikev2_derive_sk_keys(const struct ikev2_prf_alg *prf,
627 const struct ikev2_integ_alg *integ,
628 const struct ikev2_encr_alg *encr,
629 const u8 *skeyseed, const u8 *data, size_t data_len,
630 struct ikev2_keys *keys)
631 {
632 u8 *keybuf, *pos;
633 size_t keybuf_len;
634
635 /*
636 * {SK_d | SK_ai | SK_ar | SK_ei | SK_er | SK_pi | SK_pr } =
637 * prf+(SKEYSEED, Ni | Nr | SPIi | SPIr )
638 */
639 ikev2_free_keys(keys);
640 keys->SK_d_len = prf->key_len;
641 keys->SK_integ_len = integ->key_len;
642 keys->SK_encr_len = encr->key_len;
643 keys->SK_prf_len = prf->key_len;
644
645 keybuf_len = keys->SK_d_len + 2 * keys->SK_integ_len +
646 2 * keys->SK_encr_len + 2 * keys->SK_prf_len;
647 keybuf = os_malloc(keybuf_len);
648 if (keybuf == NULL)
649 return -1;
650
651 if (ikev2_prf_plus(prf->id, skeyseed, prf->hash_len,
652 data, data_len, keybuf, keybuf_len)) {
653 os_free(keybuf);
654 return -1;
655 }
656
657 pos = keybuf;
658
659 keys->SK_d = os_malloc(keys->SK_d_len);
660 if (keys->SK_d) {
661 os_memcpy(keys->SK_d, pos, keys->SK_d_len);
662 wpa_hexdump_key(MSG_DEBUG, "IKEV2: SK_d",
663 keys->SK_d, keys->SK_d_len);
664 }
665 pos += keys->SK_d_len;
666
667 keys->SK_ai = os_malloc(keys->SK_integ_len);
668 if (keys->SK_ai) {
669 os_memcpy(keys->SK_ai, pos, keys->SK_integ_len);
670 wpa_hexdump_key(MSG_DEBUG, "IKEV2: SK_ai",
671 keys->SK_ai, keys->SK_integ_len);
672 }
673 pos += keys->SK_integ_len;
674
675 keys->SK_ar = os_malloc(keys->SK_integ_len);
676 if (keys->SK_ar) {
677 os_memcpy(keys->SK_ar, pos, keys->SK_integ_len);
678 wpa_hexdump_key(MSG_DEBUG, "IKEV2: SK_ar",
679 keys->SK_ar, keys->SK_integ_len);
680 }
681 pos += keys->SK_integ_len;
682
683 keys->SK_ei = os_malloc(keys->SK_encr_len);
684 if (keys->SK_ei) {
685 os_memcpy(keys->SK_ei, pos, keys->SK_encr_len);
686 wpa_hexdump_key(MSG_DEBUG, "IKEV2: SK_ei",
687 keys->SK_ei, keys->SK_encr_len);
688 }
689 pos += keys->SK_encr_len;
690
691 keys->SK_er = os_malloc(keys->SK_encr_len);
692 if (keys->SK_er) {
693 os_memcpy(keys->SK_er, pos, keys->SK_encr_len);
694 wpa_hexdump_key(MSG_DEBUG, "IKEV2: SK_er",
695 keys->SK_er, keys->SK_encr_len);
696 }
697 pos += keys->SK_encr_len;
698
699 keys->SK_pi = os_malloc(keys->SK_prf_len);
700 if (keys->SK_pi) {
701 os_memcpy(keys->SK_pi, pos, keys->SK_prf_len);
702 wpa_hexdump_key(MSG_DEBUG, "IKEV2: SK_pi",
703 keys->SK_pi, keys->SK_prf_len);
704 }
705 pos += keys->SK_prf_len;
706
707 keys->SK_pr = os_malloc(keys->SK_prf_len);
708 if (keys->SK_pr) {
709 os_memcpy(keys->SK_pr, pos, keys->SK_prf_len);
710 wpa_hexdump_key(MSG_DEBUG, "IKEV2: SK_pr",
711 keys->SK_pr, keys->SK_prf_len);
712 }
713
714 os_free(keybuf);
715
716 if (!ikev2_keys_set(keys)) {
717 ikev2_free_keys(keys);
718 return -1;
719 }
720
721 return 0;
722 }
Unnamed repository; edit this file 'description' to name the repository.