if (unlikely(!packet_ctx->k_encr)) {
fr_strerror_printf("%s: No k_encr set, cannot decrypt attributes", __FUNCTION__);
- return PAIR_ENCODE_FATAL_ERROR;
+ return PAIR_DECODE_FATAL_ERROR;
}
evp_ctx = aka_sim_crypto_cipher_ctx();
uint8_t *decr = NULL;
ssize_t decr_len;
fr_dict_attr_t const *child;
- fr_pair_list_t tlv_tmp;
+ fr_pair_t *tlv;
ssize_t ret;
- fr_pair_list_init(&tlv_tmp);
if (data_len < 2) {
fr_strerror_printf("%s: Insufficient data", __FUNCTION__);
return -1; /* minimum attr size */
}
+ tlv = fr_pair_afrom_da(ctx, parent);
+ if (!tlv) return PAIR_DECODE_OOM;
+
/*
* We have an AES-128-CBC encrypted attribute
*
while ((size_t)(end - p) >= sizeof(uint32_t)) {
uint8_t sim_at = p[0];
size_t sim_at_len = ((size_t)p[1]) << 2;
+ fr_dict_attr_t const *unknown_child = NULL;
if ((p + sim_at_len) > end) {
fr_strerror_printf("%s: Malformed nested attribute %d: Length field (%zu bytes) value "
error:
talloc_free(decr);
- fr_pair_list_free(&tlv_tmp);
+ talloc_free(tlv);
return -1;
}
child = fr_dict_attr_child_by_num(parent, p[0]);
if (!child) {
- fr_dict_attr_t const *unknown_child;
-
FR_PROTO_TRACE("Failed to find child %u of TLV %s", p[0], parent->name);
/*
}
FR_PROTO_TRACE("decode context changed %s -> %s", parent->name, child->name);
- ret = sim_decode_pair_value(ctx, &tlv_tmp, child, p + 2, sim_at_len - 2, (end - p) - 2,
- decode_ctx);
+ ret = sim_decode_pair_value(tlv, &tlv->vp_group, child, p + 2, sim_at_len - 2, (end - p) - 2,
+ decode_ctx);
+ fr_dict_unknown_free(&unknown_child);
if (ret < 0) goto error;
p += sim_at_len;
}
- fr_pair_list_append(out, &tlv_tmp);
+ fr_pair_append(out, tlv);
+
talloc_free(decr);
return attr_len;
# Empty TLV
decode-pair.sim_tp_decode 82 01 00 00
-match
+match Encr-Data = { }
# Non-encrypted skippable unknown attribute found inside AT_ENCR_DATA
decode-pair.sim_tp_decode 82 05 00 00 e1 8b 0e ec 5a bf 10 ac 81 ac e3 f2 ae 71 cb ef
-match raw.Encr-Data.255 = 0x0000000000000000000000000000
+match Encr-Data = { raw.255 = 0x0000000000000000000000000000 }
# Mixture of known and than skippable unknown
decode-pair.sim_tp_decode 82 05 00 00 47 bd f4 5e 3d c5 69 da e8 fa 73 2a 69 44 a8 78
-match Encr-Data.Counter = 0, raw.Encr-Data.255 = 0x00000000000000000000
+match Encr-Data = { Counter = 0, raw.255 = 0x00000000000000000000 }
decode-pair.sim_tp_decode 82 05 00 00 b2 dd 1d a3 e1 fc 91 3d 94 6b 3f a1 ba 5d 73 e2
-match raw.Encr-Data.255 = 0x00000000000000000000, Encr-Data.Counter = 0
+match Encr-Data = { raw.255 = 0x00000000000000000000, Counter = 0 }
# RFC4186 A.3. example
decode-pair.sim_tp_decode_rfc4186 0f 02 00 02 00 01 00 00
# RFC4186 A.5. example
decode-pair.sim_tp_decode_rfc4186 01 0d 00 00 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f 81 05 00 00 9e 18 b0 c2 9a 65 22 63 c0 6e fb 54 dd 00 a8 95 82 2d 00 00 55 f2 93 9b bd b1 b1 9e a1 b4 7f c0 b3 e0 be 4c ab 2c f7 37 2d 98 e3 02 3c 6b b9 24 15 72 3d 58 ba d6 6c e0 84 e1 01 b6 0f 53 58 35 4b d4 21 82 78 ae a7 bf 2c ba ce 33 10 6a ed dc 62 5b 0c 1d 5a a6 7a 41 73 9a e5 b5 79 50 97 3f c7 ff 83 01 07 3c 6f 95 31 50 fc 30 3e a1 52 d1 e1 0a 2d 1f 4f 52 26 da a1 ee 90 05 47 22 52 bd b3 b7 1d 6f 0c 3a 34 90 31 6c 46 92 98 71 bd 45 cd fd bc a6 11 2f 07 f8 be 71 79 90 d2 5f 6d d7 f2 b7 b3 20 bf 4d 5a 99 2e 88 03 31 d7 29 94 5a ec 75 ae 5d 43 c8 ed a5 fe 62 33 fc ac 49 4e e6 7a 0d 50 4d 0b 05 00 00 fe f3 24 ac 39 62 b5 9f 3b d7 82 53 ae 4d cb 6a
-match RAND = 0x101112131415161718191a1b1c1d1e1f, RAND = 0x202122232425262728292a2b2c2d2e2f, RAND = 0x303132333435363738393a3b3c3d3e3f, IV = 0x9e18b0c29a652263c06efb54dd00a895, Encr-Data.Next-Pseudonym = "w8w49PexCazWJ&xCIARmxuMKht5S1sxRDqXSEFBEg3DcZP9cIxTe5J4OyIwNGVzxeJOU1G", Encr-Data.Next-Reauth-ID = "Y24fNSrz8BP274jOJaF17WfxI8YO7QX00pMXk9XMMVOw7broaNhTczuFq53aEpOkk3L0dm@eapsim.foo", MAC = 0xfef324ac3962b59f3bd78253ae4dcb6a
+match RAND = 0x101112131415161718191a1b1c1d1e1f, RAND = 0x202122232425262728292a2b2c2d2e2f, RAND = 0x303132333435363738393a3b3c3d3e3f, IV = 0x9e18b0c29a652263c06efb54dd00a895, Encr-Data = { Next-Pseudonym = "w8w49PexCazWJ&xCIARmxuMKht5S1sxRDqXSEFBEg3DcZP9cIxTe5J4OyIwNGVzxeJOU1G", Next-Reauth-ID = "Y24fNSrz8BP274jOJaF17WfxI8YO7QX00pMXk9XMMVOw7broaNhTczuFq53aEpOkk3L0dm@eapsim.foo" }, MAC = 0xfef324ac3962b59f3bd78253ae4dcb6a
# RFC4186 A.6. example
decode-pair.sim_tp_decode_rfc4186 0b 05 00 00 f5 6d 64 33 e6 8e d2 97 6a c1 19 37 fc 3d 11 54
# RFC4186 A.9. example
decode-pair.sim_tp_decode_rfc4186 81 05 00 00 d5 85 ac 77 86 b9 03 36 65 7c 77 b4 65 75 b9 c4 82 1d 00 00 68 62 91 a9 d2 ab c5 8c aa 32 94 b6 e8 5b 44 84 6c 44 e5 dc b2 de 8b 9e 80 d6 9d 49 85 8a 5d b8 4c dc 1c 9b c9 5c 01 b9 6b 6e ca 31 34 74 ae a6 d3 14 16 e1 9d aa 9d f7 0f 05 00 88 41 ca 80 14 96 4d 3b 30 a4 9b cf 43 e4 d3 f1 8e 86 29 5a 4a 2b 38 d9 6c 97 05 c2 bb b0 5c 4a ac e9 7d 5e af f5 64 04 6c 8b d3 0b c3 9b e5 e1 7a ce 2b 10 a6 0b 05 00 00 48 3a 17 99 b8 3d 7c d3 d0 a1 e4 01 d9 ee 47 70
-match IV = 0xd585ac7786b90336657c77b46575b9c4, Encr-Data.Counter = 1, Encr-Data.Nonce-S = 0x0123456789abcdeffedcba9876543210, Encr-Data.Next-Reauth-ID = "uta0M0iyIsMwWp5TTdSdnOLvg2XDVf21OYt1vnfiMcs5dnIDHOIFVavIRzMRyzW6vFzdHW@eapsim.foo", MAC = 0x483a1799b83d7cd3d0a1e401d9ee4770
+match IV = 0xd585ac7786b90336657c77b46575b9c4, Encr-Data = { Counter = 1, Nonce-S = 0x0123456789abcdeffedcba9876543210, Next-Reauth-ID = "uta0M0iyIsMwWp5TTdSdnOLvg2XDVf21OYt1vnfiMcs5dnIDHOIFVavIRzMRyzW6vFzdHW@eapsim.foo" }, MAC = 0x483a1799b83d7cd3d0a1e401d9ee4770
# RFC4186 A.10. example
decode-pair.sim_tp_decode_rfc4186 81 05 00 00 cd f7 ff a6 5d e0 4c 02 6b 56 c8 6b 76 b1 02 ea 82 05 00 00 b6 ed d3 82 79 e2 a1 42 3c 1a fc 5c 45 5c 7d 56 0b 05 00 00 fa f7 6b 71 fb e2 d2 55 b9 6a 35 66 c9 15 c6 17
-match IV = 0xcdf7ffa65de04c026b56c86b76b102ea, Encr-Data.Counter = 1, MAC = 0xfaf76b71fbe2d255b96a3566c915c617
+match IV = 0xcdf7ffa65de04c026b56c86b76b102ea, Encr-Data = { Counter = 1 }, MAC = 0xfaf76b71fbe2d255b96a3566c915c617
# RFC4186 A.10. example - With IV at the end of the packet
decode-pair.sim_tp_decode_rfc4186 82 05 00 00 b6 ed d3 82 79 e2 a1 42 3c 1a fc 5c 45 5c 7d 56 0b 05 00 00 fa f7 6b 71 fb e2 d2 55 b9 6a 35 66 c9 15 c6 17 81 05 00 00 cd f7 ff a6 5d e0 4c 02 6b 56 c8 6b 76 b1 02 ea
-match Encr-Data.Counter = 1, MAC = 0xfaf76b71fbe2d255b96a3566c915c617, IV = 0xcdf7ffa65de04c026b56c86b76b102ea
+match Encr-Data = { Counter = 1 }, MAC = 0xfaf76b71fbe2d255b96a3566c915c617, IV = 0xcdf7ffa65de04c026b56c86b76b102ea
count
match 56
match 82 05 00 00 3f b8 34 1f f8 26 e0 4d 4a f3 f9 61 3c a9 84 26
decode-pair.sim_tp_decode -
-match Encr-Data.Next-Pseudonym = "testing123"
+match Encr-Data = { Next-Pseudonym = "testing123" }
# Encrypt attribute requiring padding
encode-pair.sim_tp_encode Encr-Data.Counter-Too-Small = yes
match 82 05 00 00 5a f8 99 3c 02 f5 6c 04 b8 6e bb 54 3a af 74 32
decode-pair.sim_tp_decode -
-match Encr-Data.Counter-Too-Small = yes
+match Encr-Data = { Counter-Too-Small = yes }
# Two encrypted attributes, one bool to extend plaintext so it's not a multiple block of block length
encode-pair.sim_tp_encode Encr-data.Next-Pseudonym = "testing123", Encr-Data.Counter-Too-Small = yes
match 82 09 00 00 3f b8 34 1f f8 26 e0 4d 4a f3 f9 61 3c a9 84 26 0f 4a 53 ce 33 99 9e 4f 29 df a4 79 18 a9 57 dd
decode-pair.sim_tp_decode -
-match Encr-Data.Next-Pseudonym = "testing123", Encr-Data.Counter-Too-Small = yes
+match Encr-Data = { Next-Pseudonym = "testing123", Counter-Too-Small = yes }
pair Encr-Data.Next-Pseudonym = "testing123", Any-ID-Req = yes, Encr-Data.Counter-Too-Small = yes
match Encr-Data = { Next-Pseudonym = "testing123", Counter-Too-Small = yes }, Any-ID-Req = yes
#match 82 05 00 00 3f b8 34 1f f8 26 e0 4d 4a f3 f9 61 3c a9 84 26 0d 01 00 00 82 05 00 00 5a f8 99 3c 02 f5 6c 04 b8 6e bb 54 3a af 74 32
decode-pair.sim_tp_decode -
-match Encr-Data.Next-Pseudonym = "testing123", Encr-Data.Counter-Too-Small = yes, Any-ID-Req = yes
+match Encr-Data = { Next-Pseudonym = "testing123", Counter-Too-Small = yes }, Any-ID-Req = yes
# Array (one element)
encode-pair.sim_tp_encode Version-List = 1
match 81 05 00 00 d5 85 ac 77 86 b9 03 36 65 7c 77 b4 65 75 b9 c4 82 11 00 00 6e a1 2b 5c d1 57 fa fc be a9 c9 7c ad 30 07 ff 72 dc cb c8 a9 96 b3 33 1f 71 aa 06 bb f0 1d 04 6b 51 9e fa 83 31 11 67 c6 93 1e 9c 06 5c 1f 2c 62 0d 1d 6d b0 b1 59 2f 91 f1 56 98 a9 e2 dc 3c
decode-pair.sim_tp_decode_rfc4186 -
-match IV = 0xd585ac7786b90336657c77b46575b9c4, Encr-Data.Next-Reauth-ID = "8osafwilQBCdof4", Encr-Data.Next-Pseudonym = "7QSzGAfgFKU8De9", Encr-Data.Nonce-S = 0xd61d1c6124106953f6f7283ae680a5ed, Encr-Data.Counter = 1
+match IV = 0xd585ac7786b90336657c77b46575b9c4, Encr-Data = { Next-Reauth-ID = "8osafwilQBCdof4", Next-Pseudonym = "7QSzGAfgFKU8De9", Nonce-S = 0xd61d1c6124106953f6f7283ae680a5ed, Counter = 1 }
+
+count
+match 6
projects / thirdparty / freeradius-server.git / commitdiff
