EAP peer: Add Session-Id derivation to more EAP methods

author Jouni Malinen <jouni@qca.qualcomm.com>

Fri, 8 Feb 2013 22:53:54 +0000 (00:53 +0200)

committer Jouni Malinen <j@w1.fi>

Fri, 8 Feb 2013 23:20:45 +0000 (01:20 +0200)
author Jouni Malinen <jouni@qca.qualcomm.com>
Fri, 8 Feb 2013 22:53:54 +0000 (00:53 +0200)
committer Jouni Malinen <j@w1.fi>
Fri, 8 Feb 2013 23:20:45 +0000 (01:20 +0200)
diff --git a/src/eap_peer/eap_aka.c b/src/eap_peer/eap_aka.c

index 59861cba1dc01c64ea8abc57b6bf61fa49620298..dc424d783ce347ad2c9a20d4c715a96088d9edb9 100644 (file)
--- a/src/eap_peer/eap_aka.c
+++ b/src/eap_peer/eap_aka.c
@@ -1340,6 +1340,28 @@ static u8 * eap_aka_getKey(struct eap_sm *sm, void *priv, size_t *len)
  }
  
  
+static u8 * eap_aka_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
+{
+       struct eap_aka_data *data = priv;
+       u8 *id;
+
+       if (data->state != SUCCESS)
+               return NULL;
+
+       *len = 1 + EAP_AKA_RAND_LEN + EAP_AKA_AUTN_LEN;
+       id = os_malloc(*len);
+       if (id == NULL)
+               return NULL;
+
+       id[0] = data->eap_method;
+       os_memcpy(id + 1, data->rand, EAP_AKA_RAND_LEN);
+       os_memcpy(id + 1 + EAP_AKA_RAND_LEN, data->autn, EAP_AKA_AUTN_LEN);
+       wpa_hexdump(MSG_DEBUG, "EAP-AKA: Derived Session-Id", id, *len);
+
+       return id;
+}
+
+
  static u8 * eap_aka_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
  {
         struct eap_aka_data *data = priv;
@@ -1374,6 +1396,7 @@ int eap_peer_aka_register(void)
         eap->process = eap_aka_process;
         eap->isKeyAvailable = eap_aka_isKeyAvailable;
         eap->getKey = eap_aka_getKey;
+       eap->getSessionId = eap_aka_get_session_id;
         eap->has_reauth_data = eap_aka_has_reauth_data;
         eap->deinit_for_reauth = eap_aka_deinit_for_reauth;
         eap->init_for_reauth = eap_aka_init_for_reauth;
@@ -1404,6 +1427,7 @@ int eap_peer_aka_prime_register(void)
         eap->process = eap_aka_process;
         eap->isKeyAvailable = eap_aka_isKeyAvailable;
         eap->getKey = eap_aka_getKey;
+       eap->getSessionId = eap_aka_get_session_id;
         eap->has_reauth_data = eap_aka_has_reauth_data;
         eap->deinit_for_reauth = eap_aka_deinit_for_reauth;
         eap->init_for_reauth = eap_aka_init_for_reauth;
diff --git a/src/eap_peer/eap_psk.c b/src/eap_peer/eap_psk.c

index d618fcfd68e95bc890d69d12e91090e5d6ecb43f..cd0e3f9666624cffcb47b7041177d039aca37595 100644 (file)
--- a/src/eap_peer/eap_psk.c
+++ b/src/eap_peer/eap_psk.c
@@ -21,6 +21,7 @@
  struct eap_psk_data {
         enum { PSK_INIT, PSK_MAC_SENT, PSK_DONE } state;
         u8 rand_p[EAP_PSK_RAND_LEN];
+       u8 rand_s[EAP_PSK_RAND_LEN];
         u8 ak[EAP_PSK_AK_LEN], kdk[EAP_PSK_KDK_LEN], tek[EAP_PSK_TEK_LEN];
         u8 *id_s, *id_p;
         size_t id_s_len, id_p_len;
@@ -112,6 +113,7 @@ static struct wpabuf * eap_psk_process_1(struct eap_psk_data *data,
         }
         wpa_hexdump(MSG_DEBUG, "EAP-PSK: RAND_S", hdr1->rand_s,
                     EAP_PSK_RAND_LEN);
+       os_memcpy(data->rand_s, hdr1->rand_s, EAP_PSK_RAND_LEN);
         os_free(data->id_s);
         data->id_s_len = len - sizeof(*hdr1);
         data->id_s = os_malloc(data->id_s_len);
@@ -434,6 +436,28 @@ static u8 * eap_psk_getKey(struct eap_sm *sm, void *priv, size_t *len)
  }
  
  
+static u8 * eap_psk_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
+{
+       struct eap_psk_data *data = priv;
+       u8 *id;
+
+       if (data->state != PSK_DONE)
+               return NULL;
+
+       *len = 1 + 2 * EAP_PSK_RAND_LEN;
+       id = os_malloc(*len);
+       if (id == NULL)
+               return NULL;
+
+       id[0] = EAP_TYPE_PSK;
+       os_memcpy(id + 1, data->rand_p, EAP_PSK_RAND_LEN);
+       os_memcpy(id + 1 + EAP_PSK_RAND_LEN, data->rand_s, EAP_PSK_RAND_LEN);
+       wpa_hexdump(MSG_DEBUG, "EAP-PSK: Derived Session-Id", id, *len);
+
+       return id;
+}
+
+
  static u8 * eap_psk_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
  {
         struct eap_psk_data *data = priv;
@@ -468,6 +492,7 @@ int eap_peer_psk_register(void)
         eap->process = eap_psk_process;
         eap->isKeyAvailable = eap_psk_isKeyAvailable;
         eap->getKey = eap_psk_getKey;
+       eap->getSessionId = eap_psk_get_session_id;
         eap->get_emsk = eap_psk_get_emsk;
  
         ret = eap_peer_method_register(eap);
diff --git a/src/eap_peer/eap_sake.c b/src/eap_peer/eap_sake.c

index e072f463757868fb79681879d5a7e93a5acd4306..431519cae628e7263357b744ec55ea40ddba8b4b 100644 (file)
--- a/src/eap_peer/eap_sake.c
+++ b/src/eap_peer/eap_sake.c
@@ -452,6 +452,28 @@ static u8 * eap_sake_getKey(struct eap_sm *sm, void *priv, size_t *len)
  }
  
  
+static u8 * eap_sake_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
+{
+       struct eap_sake_data *data = priv;
+       u8 *id;
+
+       if (data->state != SUCCESS)
+               return NULL;
+
+       *len = 1 + 2 * EAP_SAKE_RAND_LEN;
+       id = os_malloc(*len);
+       if (id == NULL)
+               return NULL;
+
+       id[0] = EAP_TYPE_SAKE;
+       os_memcpy(id + 1, data->rand_s, EAP_SAKE_RAND_LEN);
+       os_memcpy(id + 1 + EAP_SAKE_RAND_LEN, data->rand_s, EAP_SAKE_RAND_LEN);
+       wpa_hexdump(MSG_DEBUG, "EAP-SAKE: Derived Session-Id", id, *len);
+
+       return id;
+}
+
+
  static u8 * eap_sake_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
  {
         struct eap_sake_data *data = priv;
@@ -485,6 +507,7 @@ int eap_peer_sake_register(void)
         eap->process = eap_sake_process;
         eap->isKeyAvailable = eap_sake_isKeyAvailable;
         eap->getKey = eap_sake_getKey;
+       eap->getSessionId = eap_sake_get_session_id;
         eap->get_emsk = eap_sake_get_emsk;
  
         ret = eap_peer_method_register(eap);
diff --git a/src/eap_peer/eap_sim.c b/src/eap_peer/eap_sim.c

index c936a447530347a78268b3ac1c4d975b49bd178f..82ea18de4ecd404d05cc1ec6787d415ce94b0125 100644 (file)
--- a/src/eap_peer/eap_sim.c
+++ b/src/eap_peer/eap_sim.c
@@ -1084,6 +1084,29 @@ static u8 * eap_sim_getKey(struct eap_sm *sm, void *priv, size_t *len)
  }
  
  
+static u8 * eap_sim_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
+{
+       struct eap_sim_data *data = priv;
+       u8 *id;
+
+       if (data->state != SUCCESS)
+               return NULL;
+
+       *len = 1 + data->num_chal * GSM_RAND_LEN + EAP_SIM_NONCE_MT_LEN;
+       id = os_malloc(*len);
+       if (id == NULL)
+               return NULL;
+
+       id[0] = EAP_TYPE_SIM;
+       os_memcpy(id + 1, data->rand, data->num_chal * GSM_RAND_LEN);
+       os_memcpy(id + 1 + data->num_chal * GSM_RAND_LEN, data->nonce_mt,
+                 EAP_SIM_NONCE_MT_LEN);
+       wpa_hexdump(MSG_DEBUG, "EAP-SIM: Derived Session-Id", id, *len);
+
+       return id;
+}
+
+
  static u8 * eap_sim_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
  {
         struct eap_sim_data *data = priv;
@@ -1118,6 +1141,7 @@ int eap_peer_sim_register(void)
         eap->process = eap_sim_process;
         eap->isKeyAvailable = eap_sim_isKeyAvailable;
         eap->getKey = eap_sim_getKey;
+       eap->getSessionId = eap_sim_get_session_id;
         eap->has_reauth_data = eap_sim_has_reauth_data;
         eap->deinit_for_reauth = eap_sim_deinit_for_reauth;
         eap->init_for_reauth = eap_sim_init_for_reauth;
author	Jouni Malinen <jouni@qca.qualcomm.com>
	Fri, 8 Feb 2013 22:53:54 +0000 (00:53 +0200)
committer	Jouni Malinen <j@w1.fi>
	Fri, 8 Feb 2013 23:20:45 +0000 (01:20 +0200)
src/eap_peer/eap_aka.c		patch \| blob \| blame \| history
src/eap_peer/eap_psk.c		patch \| blob \| blame \| history
src/eap_peer/eap_sake.c		patch \| blob \| blame \| history
src/eap_peer/eap_sim.c		patch \| blob \| blame \| history