EAP-pwd peer: Export Session-Id through getSessionId callback

author Jouni Malinen <j@w1.fi>

Sun, 11 May 2014 18:22:55 +0000 (21:22 +0300)

committer Jouni Malinen <j@w1.fi>

Sun, 11 May 2014 18:22:55 +0000 (21:22 +0300)
author Jouni Malinen <j@w1.fi>
Sun, 11 May 2014 18:22:55 +0000 (21:22 +0300)
committer Jouni Malinen <j@w1.fi>
Sun, 11 May 2014 18:22:55 +0000 (21:22 +0300)
diff --git a/src/eap_common/eap_pwd_common.c b/src/eap_common/eap_pwd_common.c

index 7d6e6b8898a1694b93555a2567f6ef7387c1cfd8..96c9efd82cce6b3e5660f0e04af43ec4b284c57e 100644 (file)
--- a/src/eap_common/eap_pwd_common.c
+++ b/src/eap_common/eap_pwd_common.c
@@ -284,11 +284,10 @@ int compute_password_element(EAP_PWD_group *grp, u16 num,
  int compute_keys(EAP_PWD_group *grp, BN_CTX *bnctx, BIGNUM *k,
                  BIGNUM *peer_scalar, BIGNUM *server_scalar,
                  u8 *confirm_peer, u8 *confirm_server,
-                u32 *ciphersuite, u8 *msk, u8 *emsk)
+                u32 *ciphersuite, u8 *msk, u8 *emsk, u8 *session_id)
  {
         struct crypto_hash *hash;
         u8 mk[SHA256_MAC_LEN], *cruft;
-       u8 session_id[SHA256_MAC_LEN + 1];
         u8 msk_emsk[EAP_MSK_LEN + EAP_EMSK_LEN];
         int offset;
  
diff --git a/src/eap_common/eap_pwd_common.h b/src/eap_common/eap_pwd_common.h

index 816e58ccb3d014de324f8413ee73fd5b82320720..c54c4414f11f36425a3fd12753f4a526483963a2 100644 (file)
--- a/src/eap_common/eap_pwd_common.h
+++ b/src/eap_common/eap_pwd_common.h
@@ -59,7 +59,7 @@ struct eap_pwd_id {
  int compute_password_element(EAP_PWD_group *, u16, u8 *, int, u8 *, int, u8 *,
                              int, u8 *);
  int compute_keys(EAP_PWD_group *, BN_CTX *, BIGNUM *, BIGNUM *, BIGNUM *,
-                u8 *, u8 *, u32 *, u8 *, u8 *);
+                u8 *, u8 *, u32 *, u8 *, u8 *, u8 *);
  struct crypto_hash * eap_pwd_h_init(void);
  void eap_pwd_h_update(struct crypto_hash *hash, const u8 *data, size_t len);
  void eap_pwd_h_final(struct crypto_hash *hash, u8 *digest);
diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c

index e4168fc02ec22643f5bf51c914bd811959187fc9..ac1b6eb17f4004440940f6e5ec17b77989eefc74 100644 (file)
--- a/src/eap_peer/eap_pwd.c
+++ b/src/eap_peer/eap_pwd.c
@@ -43,6 +43,7 @@ struct eap_pwd_data {
  
         u8 msk[EAP_MSK_LEN];
         u8 emsk[EAP_EMSK_LEN];
+       u8 session_id[1 + SHA256_MAC_LEN];
  
         BN_CTX *bnctx;
  };
@@ -189,6 +190,25 @@ static u8 * eap_pwd_getkey(struct eap_sm *sm, void *priv, size_t *len)
  }
  
  
+static u8 * eap_pwd_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
+{
+       struct eap_pwd_data *data = priv;
+       u8 *id;
+
+       if (data->state != SUCCESS)
+               return NULL;
+
+       id = os_malloc(1 + SHA256_MAC_LEN);
+       if (id == NULL)
+               return NULL;
+
+       os_memcpy(id, data->session_id, 1 + SHA256_MAC_LEN);
+       *len = 1 + SHA256_MAC_LEN;
+
+       return id;
+}
+
+
  static void
  eap_pwd_perform_id_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
                             struct eap_method_ret *ret,
@@ -647,7 +667,7 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
  
         if (compute_keys(data->grp, data->bnctx, data->k,
                          data->my_scalar, data->server_scalar, conf, ptr,
-                        &cs, data->msk, data->emsk) < 0) {
+                        &cs, data->msk, data->emsk, data->session_id) < 0) {
                 wpa_printf(MSG_INFO, "EAP-PWD (peer): unable to compute MSK | "
                            "EMSK");
                 goto fin;
@@ -934,6 +954,7 @@ int eap_peer_pwd_register(void)
         eap->process = eap_pwd_process;
         eap->isKeyAvailable = eap_pwd_key_available;
         eap->getKey = eap_pwd_getkey;
+       eap->getSessionId = eap_pwd_get_session_id;
         eap->get_emsk = eap_pwd_get_emsk;
  
         ret = eap_peer_method_register(eap);
diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c

index 3467dd160ad8173762fc0ed23cb31374538d928f..b0d03d2de6d928c699d889dfa94121d15a38e10f 100644 (file)
--- a/src/eap_server/eap_server_pwd.c
+++ b/src/eap_server/eap_server_pwd.c
@@ -45,6 +45,7 @@ struct eap_pwd_data {
  
         u8 msk[EAP_MSK_LEN];
         u8 emsk[EAP_EMSK_LEN];
+       u8 session_id[1 + SHA256_MAC_LEN];
  
         BN_CTX *bnctx;
  };
@@ -841,7 +842,8 @@ eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data,
         wpa_printf(MSG_DEBUG, "EAP-pwd (server): confirm verified");
         if (compute_keys(data->grp, data->bnctx, data->k,
                          data->peer_scalar, data->my_scalar, conf,
-                        data->my_confirm, &cs, data->msk, data->emsk) < 0)
+                        data->my_confirm, &cs, data->msk, data->emsk,
+                        data->session_id) < 0)
                 eap_pwd_state(data, FAILURE);
         else
                 eap_pwd_state(data, SUCCESS);
author	Jouni Malinen <j@w1.fi>
	Sun, 11 May 2014 18:22:55 +0000 (21:22 +0300)
committer	Jouni Malinen <j@w1.fi>
	Sun, 11 May 2014 18:22:55 +0000 (21:22 +0300)
src/eap_common/eap_pwd_common.c		patch \| blob \| blame \| history
src/eap_common/eap_pwd_common.h		patch \| blob \| blame \| history
src/eap_peer/eap_pwd.c		patch \| blob \| blame \| history
src/eap_server/eap_server_pwd.c		patch \| blob \| blame \| history