diff options
author | Jouni Malinen <j@w1.fi> | 2008-12-04 20:29:46 +0200 |
---|---|---|
committer | Jouni Malinen <j@w1.fi> | 2008-12-04 20:29:46 +0200 |
commit | 6ec4021c03fab7b8982ba345d2bd078d67045511 (patch) | |
tree | 32378415e0c49f2129c521da2988dafe0969a34d /src/eap_common | |
parent | b8ab62498412836cfc55b9a72f06f3d3b48767f3 (diff) | |
download | external_wpa_supplicant_8_ti-6ec4021c03fab7b8982ba345d2bd078d67045511.zip external_wpa_supplicant_8_ti-6ec4021c03fab7b8982ba345d2bd078d67045511.tar.gz external_wpa_supplicant_8_ti-6ec4021c03fab7b8982ba345d2bd078d67045511.tar.bz2 |
EAP-AKA': Added processing of AT_KDF and AT_KDF_INPUT attributes
Network Name is not yet generated and validated based on 3GPP.33.402
(i.e., a hardcoded string is used in server and anything is accepted in
peer).
Diffstat (limited to 'src/eap_common')
-rw-r--r-- | src/eap_common/eap_sim_common.c | 46 | ||||
-rw-r--r-- | src/eap_common/eap_sim_common.h | 9 |
2 files changed, 55 insertions, 0 deletions
diff --git a/src/eap_common/eap_sim_common.c b/src/eap_common/eap_sim_common.c index 58253f9..9d1bf2c 100644 --- a/src/eap_common/eap_sim_common.c +++ b/src/eap_common/eap_sim_common.c @@ -788,6 +788,52 @@ int eap_sim_parse_attr(const u8 *start, const u8 *end, wpa_printf(MSG_DEBUG, "EAP-SIM: AT_RESULT_IND"); attr->result_ind = 1; break; +#ifdef EAP_AKA_PRIME + case EAP_SIM_AT_KDF_INPUT: + if (aka != 2) { + wpa_printf(MSG_INFO, "EAP-AKA: Unexpected " + "AT_KDF_INPUT"); + return -1; + } + + wpa_printf(MSG_DEBUG, "EAP-AKA: AT_KDF_INPUT"); + plen = WPA_GET_BE16(apos); + apos += 2; + alen -= 2; + if (plen > alen) { + wpa_printf(MSG_INFO, "EAP-AKA': Invalid " + "AT_KDF_INPUT (Actual Length %lu, " + "remaining length %lu)", + (unsigned long) plen, + (unsigned long) alen); + return -1; + } + attr->kdf_input = apos; + attr->kdf_input_len = plen; + break; + case EAP_SIM_AT_KDF: + if (aka != 2) { + wpa_printf(MSG_INFO, "EAP-AKA: Unexpected " + "AT_KDF"); + return -1; + } + + wpa_printf(MSG_DEBUG, "EAP-AKA: AT_KDF"); + if (alen != 2) { + wpa_printf(MSG_INFO, "EAP-AKA': Invalid " + "AT_KDF (len %lu)", + (unsigned long) alen); + return -1; + } + if (attr->kdf_count == EAP_AKA_PRIME_KDF_MAX) { + wpa_printf(MSG_DEBUG, "EAP-AKA': Too many " + "AT_KDF attributes - ignore this"); + continue; + } + attr->kdf[attr->kdf_count] = WPA_GET_BE16(apos); + attr->kdf_count++; + break; +#endif /* EAP_AKA_PRIME */ default: if (pos[0] < 128) { wpa_printf(MSG_INFO, "EAP-SIM: Unrecognized " diff --git a/src/eap_common/eap_sim_common.h b/src/eap_common/eap_sim_common.h index 15efcb3..c799f2f 100644 --- a/src/eap_common/eap_sim_common.h +++ b/src/eap_common/eap_sim_common.h @@ -126,6 +126,8 @@ void eap_sim_add_mac_sha256(const u8 *k_aut, const u8 *msg, size_t msg_len, #define EAP_SIM_AT_COUNTER_TOO_SMALL 20 /* only encrypted */ #define EAP_SIM_AT_NONCE_S 21 /* only encrypted */ #define EAP_SIM_AT_CLIENT_ERROR_CODE 22 /* only send */ +#define EAP_SIM_AT_KDF_INPUT 23 /* only AKA' */ +#define EAP_SIM_AT_KDF 24 /* only AKA' */ #define EAP_SIM_AT_IV 129 #define EAP_SIM_AT_ENCR_DATA 130 #define EAP_SIM_AT_NEXT_PSEUDONYM 132 /* only encrypted */ @@ -140,6 +142,8 @@ void eap_sim_add_mac_sha256(const u8 *k_aut, const u8 *msg, size_t msg_len, #define EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH 16384 #define EAP_SIM_SUCCESS 32768 +/* EAP-AKA' AT_KDF Key Derivation Function values */ +#define EAP_AKA_PRIME_KDF 1 enum eap_sim_id_req { NO_ID_REQ, ANY_ID, FULLAUTH_ID, PERMANENT_ID @@ -151,14 +155,19 @@ struct eap_sim_attrs { const u8 *next_pseudonym, *next_reauth_id; const u8 *nonce_mt, *identity, *res, *auts; const u8 *checkcode; + const u8 *kdf_input; size_t num_chal, version_list_len, encr_data_len; size_t next_pseudonym_len, next_reauth_id_len, identity_len, res_len; size_t res_len_bits; size_t checkcode_len; + size_t kdf_input_len; enum eap_sim_id_req id_req; int notification, counter, selected_version, client_error_code; int counter_too_small; int result_ind; +#define EAP_AKA_PRIME_KDF_MAX 10 + u16 kdf[EAP_AKA_PRIME_KDF_MAX]; + size_t kdf_count; }; int eap_sim_parse_attr(const u8 *start, const u8 *end, |