From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Date: Sun, 20 Oct 2024 02:42:40 +0000 (-0600)
Subject: eap-aka: Use enumv values from KDF instead of definitions
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=d04255d72f52dd5e893b74a4a706aa9d847efb0f;p=thirdparty%2Ffreeradius-server.git

eap-aka: Use enumv values from KDF instead of definitions
---

diff --git a/src/lib/eap_aka_sim/attrs.h b/src/lib/eap_aka_sim/attrs.h
index f185b405e35..5fe547b5c01 100644
--- a/src/lib/eap_aka_sim/attrs.h
+++ b/src/lib/eap_aka_sim/attrs.h
@@ -91,3 +91,5 @@ extern HIDDEN fr_dict_attr_t const *attr_sim_sqn;
 extern fr_value_box_t const *enum_eap_type_sim;
 extern fr_value_box_t const *enum_eap_type_aka;
 extern fr_value_box_t const *enum_eap_type_aka_prime;
+
+extern HIDDEN fr_value_box_t const *enum_kdf_prime_with_ck_prime_ik_prime;
diff --git a/src/lib/eap_aka_sim/base.c b/src/lib/eap_aka_sim/base.c
index cf035434f5c..6fe251d1f7d 100644
--- a/src/lib/eap_aka_sim/base.c
+++ b/src/lib/eap_aka_sim/base.c
@@ -186,11 +186,16 @@ fr_value_box_t const	*enum_eap_type_sim;
 fr_value_box_t const	*enum_eap_type_aka;
 fr_value_box_t const	*enum_eap_type_aka_prime;
 
+fr_value_box_t const	*enum_kdf_prime_with_ck_prime_ik_prime;
+
 extern fr_dict_enum_autoload_t libfreeradius_aka_sim_dict_enum[];
 fr_dict_enum_autoload_t libfreeradius_aka_sim_dict_enum[] = {
 	{ .out = &enum_eap_type_sim, .name = "SIM", .attr = &attr_eap_type },
 	{ .out = &enum_eap_type_aka, .name = "AKA", .attr = &attr_eap_type },
 	{ .out = &enum_eap_type_aka_prime, .name = "AKA-Prime", .attr = &attr_eap_type },
+
+	{ .out = &enum_kdf_prime_with_ck_prime_ik_prime, .name = "Prime-With-CK-Prime-IK-Prime", .attr = &attr_eap_aka_sim_kdf },
+
 	{ NULL }
 };
 
diff --git a/src/lib/eap_aka_sim/state_machine.c b/src/lib/eap_aka_sim/state_machine.c
index 4122977fca6..4b7fbb5d31f 100644
--- a/src/lib/eap_aka_sim/state_machine.c
+++ b/src/lib/eap_aka_sim/state_machine.c
@@ -1835,18 +1835,14 @@ static unlang_action_t common_reauthentication_request_compose(rlm_rcode_t *p_re
 		break;
 
 	case FR_EAP_METHOD_AKA_PRIME:
-		switch (eap_aka_sim_session->kdf) {
-		case FR_KDF_VALUE_PRIME_WITH_CK_PRIME_IK_PRIME:
+		if (eap_aka_sim_session->kdf == enum_kdf_prime_with_ck_prime_ik_prime->vb_int16) {
 			if (fr_aka_sim_vector_umts_kdf_1_reauth_from_attrs(request, &request->session_state_pairs,
 									   &eap_aka_sim_session->keys) != 0) {
 				goto request_new_id;
 			}
 			if (fr_aka_sim_crypto_umts_kdf_1_reauth(&eap_aka_sim_session->keys) < 0) goto request_new_id;
-			break;
-
-		default:
+		} else {
 			fr_assert(0);
-			break;
 		}
 		break;
 
@@ -2431,14 +2427,10 @@ RESUME(send_aka_challenge_request)
 		break;
 
 	case FR_EAP_METHOD_AKA_PRIME:
-		switch (eap_aka_sim_session->kdf) {
-		case FR_KDF_VALUE_PRIME_WITH_CK_PRIME_IK_PRIME:
+		if (eap_aka_sim_session->kdf == enum_kdf_prime_with_ck_prime_ik_prime->vb_int16) {
 			fr_aka_sim_crypto_umts_kdf_1(&eap_aka_sim_session->keys);
-			break;
-
-		default:
+		} else {
 			fr_assert(0);
-			break;
 		}
 	}
 	if (RDEBUG_ENABLED3) fr_aka_sim_crypto_keys_log(request, &eap_aka_sim_session->keys);
@@ -3511,7 +3503,7 @@ RESUME(recv_common_identity_response)
 		running = AKA_SIM_METHOD_HINT_AKA_PRIME;
 
 		eap_aka_sim_session->type = FR_EAP_METHOD_AKA_PRIME;
-		eap_aka_sim_session->kdf = FR_KDF_VALUE_PRIME_WITH_CK_PRIME_IK_PRIME;
+		eap_aka_sim_session->kdf = enum_kdf_prime_with_ck_prime_ik_prime->vb_int16;
 		eap_aka_sim_session->mac_md = EVP_sha256();
 		break;