Lines Matching refs:data
58 static void eap_aka_fullauth(struct eap_sm *sm, struct eap_aka_data *data);
82 static void eap_aka_state(struct eap_aka_data *data, int state) in eap_aka_state() argument
85 eap_aka_state_txt(data->state), in eap_aka_state()
87 data->state = state; in eap_aka_state()
92 struct eap_aka_data *data, in eap_aka_check_identity_reauth() argument
95 if (data->eap_method == EAP_TYPE_AKA_PRIME && in eap_aka_check_identity_reauth()
98 if (data->eap_method == EAP_TYPE_AKA && in eap_aka_check_identity_reauth()
103 data->reauth = eap_sim_db_get_reauth_entry(sm->cfg->eap_sim_db_priv, in eap_aka_check_identity_reauth()
105 if (data->reauth == NULL) { in eap_aka_check_identity_reauth()
113 os_strlcpy(data->permanent, data->reauth->permanent, in eap_aka_check_identity_reauth()
114 sizeof(data->permanent)); in eap_aka_check_identity_reauth()
115 data->counter = data->reauth->counter; in eap_aka_check_identity_reauth()
116 if (data->eap_method == EAP_TYPE_AKA_PRIME) { in eap_aka_check_identity_reauth()
117 os_memcpy(data->k_encr, data->reauth->k_encr, in eap_aka_check_identity_reauth()
119 os_memcpy(data->k_aut, data->reauth->k_aut, in eap_aka_check_identity_reauth()
121 os_memcpy(data->k_re, data->reauth->k_re, in eap_aka_check_identity_reauth()
124 os_memcpy(data->mk, data->reauth->mk, EAP_SIM_MK_LEN); in eap_aka_check_identity_reauth()
127 eap_aka_state(data, REAUTH); in eap_aka_check_identity_reauth()
133 struct eap_aka_data *data) in eap_aka_check_identity() argument
143 if (eap_aka_check_identity_reauth(sm, data, username) > 0) { in eap_aka_check_identity()
152 if ((data->eap_method == EAP_TYPE_AKA_PRIME && in eap_aka_check_identity()
154 (data->eap_method == EAP_TYPE_AKA && in eap_aka_check_identity()
168 os_strlcpy(data->permanent, permanent, in eap_aka_check_identity()
169 sizeof(data->permanent)); in eap_aka_check_identity()
174 eap_aka_fullauth(sm, data); in eap_aka_check_identity()
183 struct eap_aka_data *data; in eap_aka_init() local
190 data = os_zalloc(sizeof(*data)); in eap_aka_init()
191 if (data == NULL) in eap_aka_init()
194 data->eap_method = EAP_TYPE_AKA; in eap_aka_init()
196 data->state = IDENTITY; in eap_aka_init()
197 data->pending_id = -1; in eap_aka_init()
198 eap_aka_check_identity(sm, data); in eap_aka_init()
200 return data; in eap_aka_init()
207 struct eap_aka_data *data; in eap_aka_prime_init() local
216 data = os_zalloc(sizeof(*data)); in eap_aka_prime_init()
217 if (data == NULL) in eap_aka_prime_init()
220 data->eap_method = EAP_TYPE_AKA_PRIME; in eap_aka_prime_init()
221 data->network_name = (u8 *) os_strdup(network_name); in eap_aka_prime_init()
222 if (data->network_name == NULL) { in eap_aka_prime_init()
223 os_free(data); in eap_aka_prime_init()
227 data->network_name_len = os_strlen(network_name); in eap_aka_prime_init()
229 data->state = IDENTITY; in eap_aka_prime_init()
230 data->pending_id = -1; in eap_aka_prime_init()
231 eap_aka_check_identity(sm, data); in eap_aka_prime_init()
233 return data; in eap_aka_prime_init()
240 struct eap_aka_data *data = priv; in eap_aka_reset() local
241 os_free(data->next_pseudonym); in eap_aka_reset()
242 os_free(data->next_reauth_id); in eap_aka_reset()
243 wpabuf_free(data->id_msgs); in eap_aka_reset()
244 os_free(data->network_name); in eap_aka_reset()
245 bin_clear_free(data, sizeof(*data)); in eap_aka_reset()
249 static int eap_aka_add_id_msg(struct eap_aka_data *data, in eap_aka_add_id_msg() argument
255 if (data->id_msgs == NULL) { in eap_aka_add_id_msg()
256 data->id_msgs = wpabuf_dup(msg); in eap_aka_add_id_msg()
257 return data->id_msgs == NULL ? -1 : 0; in eap_aka_add_id_msg()
260 if (wpabuf_resize(&data->id_msgs, wpabuf_len(msg)) < 0) in eap_aka_add_id_msg()
262 wpabuf_put_buf(data->id_msgs, msg); in eap_aka_add_id_msg()
268 static void eap_aka_add_checkcode(struct eap_aka_data *data, in eap_aka_add_checkcode() argument
277 if (data->id_msgs == NULL) { in eap_aka_add_checkcode()
287 addr = wpabuf_head(data->id_msgs); in eap_aka_add_checkcode()
288 len = wpabuf_len(data->id_msgs); in eap_aka_add_checkcode()
290 if (data->eap_method == EAP_TYPE_AKA_PRIME) in eap_aka_add_checkcode()
296 data->eap_method == EAP_TYPE_AKA_PRIME ? in eap_aka_add_checkcode()
301 static int eap_aka_verify_checkcode(struct eap_aka_data *data, in eap_aka_verify_checkcode() argument
312 if (data->id_msgs == NULL) { in eap_aka_verify_checkcode()
322 hash_len = data->eap_method == EAP_TYPE_AKA_PRIME ? in eap_aka_verify_checkcode()
333 addr = wpabuf_head(data->id_msgs); in eap_aka_verify_checkcode()
334 len = wpabuf_len(data->id_msgs); in eap_aka_verify_checkcode()
335 if (data->eap_method == EAP_TYPE_AKA_PRIME) in eap_aka_verify_checkcode()
350 struct eap_aka_data *data, u8 id) in eap_aka_build_identity() argument
356 msg = eap_sim_msg_init(EAP_CODE_REQUEST, id, data->eap_method, in eap_aka_build_identity()
358 data->identity_round++; in eap_aka_build_identity()
359 if (data->identity_round == 1) { in eap_aka_build_identity()
367 } else if (data->identity_round > 3) { in eap_aka_build_identity()
381 buf = eap_sim_msg_finish(msg, data->eap_method, NULL, NULL, 0); in eap_aka_build_identity()
382 if (eap_aka_add_id_msg(data, buf) < 0) { in eap_aka_build_identity()
386 data->pending_id = id; in eap_aka_build_identity()
391 static int eap_aka_build_encr(struct eap_sm *sm, struct eap_aka_data *data, in eap_aka_build_encr() argument
395 os_free(data->next_pseudonym); in eap_aka_build_encr()
398 data->next_pseudonym = NULL; in eap_aka_build_encr()
400 data->next_pseudonym = in eap_aka_build_encr()
403 data->eap_method == EAP_TYPE_AKA_PRIME ? in eap_aka_build_encr()
407 data->next_pseudonym = NULL; in eap_aka_build_encr()
409 os_free(data->next_reauth_id); in eap_aka_build_encr()
412 data->next_reauth_id = NULL; in eap_aka_build_encr()
413 } else if (data->counter <= EAP_AKA_MAX_FAST_REAUTHS) { in eap_aka_build_encr()
414 data->next_reauth_id = in eap_aka_build_encr()
417 data->eap_method == EAP_TYPE_AKA_PRIME ? in eap_aka_build_encr()
422 data->next_reauth_id = NULL; in eap_aka_build_encr()
425 if (data->next_pseudonym == NULL && data->next_reauth_id == NULL && in eap_aka_build_encr()
444 if (data->next_pseudonym) { in eap_aka_build_encr()
446 data->next_pseudonym); in eap_aka_build_encr()
448 os_strlen(data->next_pseudonym), in eap_aka_build_encr()
449 (u8 *) data->next_pseudonym, in eap_aka_build_encr()
450 os_strlen(data->next_pseudonym)); in eap_aka_build_encr()
453 if (data->next_reauth_id) { in eap_aka_build_encr()
455 data->next_reauth_id); in eap_aka_build_encr()
457 os_strlen(data->next_reauth_id), in eap_aka_build_encr()
458 (u8 *) data->next_reauth_id, in eap_aka_build_encr()
459 os_strlen(data->next_reauth_id)); in eap_aka_build_encr()
462 if (eap_sim_msg_add_encr_end(msg, data->k_encr, EAP_SIM_AT_PADDING)) { in eap_aka_build_encr()
473 struct eap_aka_data *data, in eap_aka_build_challenge() argument
479 msg = eap_sim_msg_init(EAP_CODE_REQUEST, id, data->eap_method, in eap_aka_build_challenge()
482 eap_sim_msg_add(msg, EAP_SIM_AT_RAND, 0, data->rand, EAP_AKA_RAND_LEN); in eap_aka_build_challenge()
484 eap_sim_msg_add(msg, EAP_SIM_AT_AUTN, 0, data->autn, EAP_AKA_AUTN_LEN); in eap_aka_build_challenge()
485 if (data->eap_method == EAP_TYPE_AKA_PRIME) { in eap_aka_build_challenge()
486 if (data->kdf) { in eap_aka_build_challenge()
489 eap_sim_msg_add(msg, EAP_SIM_AT_KDF, data->kdf, in eap_aka_build_challenge()
497 data->network_name_len, in eap_aka_build_challenge()
498 data->network_name, data->network_name_len); in eap_aka_build_challenge()
501 if (eap_aka_build_encr(sm, data, msg, 0, NULL)) { in eap_aka_build_challenge()
506 eap_aka_add_checkcode(data, msg); in eap_aka_build_challenge()
514 if (data->eap_method == EAP_TYPE_AKA) { in eap_aka_build_challenge()
544 return eap_sim_msg_finish(msg, data->eap_method, data->k_aut, NULL, 0); in eap_aka_build_challenge()
549 struct eap_aka_data *data, u8 id) in eap_aka_build_reauth() argument
556 if (random_get_bytes(data->nonce_s, EAP_SIM_NONCE_S_LEN)) in eap_aka_build_reauth()
559 data->nonce_s, EAP_SIM_NONCE_S_LEN); in eap_aka_build_reauth()
561 if (data->eap_method == EAP_TYPE_AKA_PRIME) { in eap_aka_build_reauth()
562 eap_aka_prime_derive_keys_reauth(data->k_re, data->counter, in eap_aka_build_reauth()
565 data->nonce_s, in eap_aka_build_reauth()
566 data->msk, data->emsk); in eap_aka_build_reauth()
568 eap_sim_derive_keys(data->mk, data->k_encr, data->k_aut, in eap_aka_build_reauth()
569 data->msk, data->emsk); in eap_aka_build_reauth()
570 eap_sim_derive_keys_reauth(data->counter, sm->identity, in eap_aka_build_reauth()
571 sm->identity_len, data->nonce_s, in eap_aka_build_reauth()
572 data->mk, data->msk, data->emsk); in eap_aka_build_reauth()
575 msg = eap_sim_msg_init(EAP_CODE_REQUEST, id, data->eap_method, in eap_aka_build_reauth()
578 if (eap_aka_build_encr(sm, data, msg, data->counter, data->nonce_s)) { in eap_aka_build_reauth()
583 eap_aka_add_checkcode(data, msg); in eap_aka_build_reauth()
592 buf = eap_sim_msg_finish(msg, data->eap_method, data->k_aut, NULL, 0); in eap_aka_build_reauth()
597 os_memcpy(data->reauth_mac, in eap_aka_build_reauth()
606 struct eap_aka_data *data, in eap_aka_build_notification() argument
612 msg = eap_sim_msg_init(EAP_CODE_REQUEST, id, data->eap_method, in eap_aka_build_notification()
614 wpa_printf(MSG_DEBUG, " AT_NOTIFICATION (%d)", data->notification); in eap_aka_build_notification()
615 eap_sim_msg_add(msg, EAP_SIM_AT_NOTIFICATION, data->notification, in eap_aka_build_notification()
617 if (data->use_result_ind) { in eap_aka_build_notification()
618 if (data->reauth) { in eap_aka_build_notification()
624 data->counter); in eap_aka_build_notification()
625 eap_sim_msg_add(msg, EAP_SIM_AT_COUNTER, data->counter, in eap_aka_build_notification()
628 if (eap_sim_msg_add_encr_end(msg, data->k_encr, in eap_aka_build_notification()
640 return eap_sim_msg_finish(msg, data->eap_method, data->k_aut, NULL, 0); in eap_aka_build_notification()
646 struct eap_aka_data *data = priv; in eap_aka_buildReq() local
648 data->auts_reported = 0; in eap_aka_buildReq()
649 switch (data->state) { in eap_aka_buildReq()
651 return eap_aka_build_identity(sm, data, id); in eap_aka_buildReq()
653 return eap_aka_build_challenge(sm, data, id); in eap_aka_buildReq()
655 return eap_aka_build_reauth(sm, data, id); in eap_aka_buildReq()
657 return eap_aka_build_notification(sm, data, id); in eap_aka_buildReq()
660 "buildReq", data->state); in eap_aka_buildReq()
670 struct eap_aka_data *data = priv; in eap_aka_check() local
674 pos = eap_hdr_validate(EAP_VENDOR_IETF, data->eap_method, respData, in eap_aka_check()
685 static bool eap_aka_subtype_ok(struct eap_aka_data *data, u8 subtype) in eap_aka_subtype_ok() argument
691 switch (data->state) { in eap_aka_subtype_ok()
723 "processing a response", data->state); in eap_aka_subtype_ok()
732 struct eap_aka_data *data) in eap_aka_determine_identity() argument
741 data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; in eap_aka_determine_identity()
742 eap_aka_state(data, NOTIFICATION); in eap_aka_determine_identity()
746 if (eap_aka_check_identity_reauth(sm, data, username) > 0) { in eap_aka_determine_identity()
751 if (((data->eap_method == EAP_TYPE_AKA_PRIME && in eap_aka_determine_identity()
753 (data->eap_method == EAP_TYPE_AKA && in eap_aka_determine_identity()
755 data->identity_round == 1) { in eap_aka_determine_identity()
762 if ((data->eap_method == EAP_TYPE_AKA_PRIME && in eap_aka_determine_identity()
764 (data->eap_method == EAP_TYPE_AKA && in eap_aka_determine_identity()
778 os_strlcpy(data->permanent, permanent, in eap_aka_determine_identity()
779 sizeof(data->permanent)); in eap_aka_determine_identity()
780 } else if ((data->eap_method == EAP_TYPE_AKA_PRIME && in eap_aka_determine_identity()
782 (data->eap_method == EAP_TYPE_AKA && in eap_aka_determine_identity()
786 os_strlcpy(data->permanent, username, sizeof(data->permanent)); in eap_aka_determine_identity()
792 data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; in eap_aka_determine_identity()
793 eap_aka_state(data, NOTIFICATION); in eap_aka_determine_identity()
797 eap_aka_fullauth(sm, data); in eap_aka_determine_identity()
801 static void eap_aka_fullauth(struct eap_sm *sm, struct eap_aka_data *data) in eap_aka_fullauth() argument
806 res = eap_sim_db_get_aka_auth(sm->cfg->eap_sim_db_priv, data->permanent, in eap_aka_fullauth()
807 data->rand, data->autn, data->ik, in eap_aka_fullauth()
808 data->ck, data->res, &data->res_len, sm); in eap_aka_fullauth()
816 if (data->permanent[0] == EAP_AKA_PERMANENT_PREFIX || in eap_aka_fullauth()
817 data->permanent[0] == EAP_AKA_PRIME_PERMANENT_PREFIX) in eap_aka_fullauth()
818 os_strlcpy(sm->imsi, &data->permanent[1], sizeof(sm->imsi)); in eap_aka_fullauth()
821 if (data->eap_method == EAP_TYPE_AKA_PRIME) { in eap_aka_fullauth()
824 eap_aka_prime_derive_ck_ik_prime(data->ck, data->ik, in eap_aka_fullauth()
825 data->autn, in eap_aka_fullauth()
826 data->network_name, in eap_aka_fullauth()
827 data->network_name_len); in eap_aka_fullauth()
831 data->reauth = NULL; in eap_aka_fullauth()
832 data->counter = 0; /* reset re-auth counter since this is full auth */ in eap_aka_fullauth()
837 data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; in eap_aka_fullauth()
838 eap_aka_state(data, NOTIFICATION); in eap_aka_fullauth()
856 if (data->eap_method == EAP_TYPE_AKA_PRIME) { in eap_aka_fullauth()
857 eap_aka_prime_derive_keys(sm->identity, identity_len, data->ik, in eap_aka_fullauth()
858 data->ck, data->k_encr, data->k_aut, in eap_aka_fullauth()
859 data->k_re, data->msk, data->emsk); in eap_aka_fullauth()
861 eap_aka_derive_mk(sm->identity, identity_len, data->ik, in eap_aka_fullauth()
862 data->ck, data->mk); in eap_aka_fullauth()
863 eap_sim_derive_keys(data->mk, data->k_encr, data->k_aut, in eap_aka_fullauth()
864 data->msk, data->emsk); in eap_aka_fullauth()
867 eap_aka_state(data, CHALLENGE); in eap_aka_fullauth()
872 struct eap_aka_data *data, in eap_aka_process_identity() argument
883 data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; in eap_aka_process_identity()
884 eap_aka_state(data, NOTIFICATION); in eap_aka_process_identity()
895 data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; in eap_aka_process_identity()
896 eap_aka_state(data, NOTIFICATION); in eap_aka_process_identity()
902 data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; in eap_aka_process_identity()
903 eap_aka_state(data, NOTIFICATION); in eap_aka_process_identity()
911 eap_aka_determine_identity(sm, data); in eap_aka_process_identity()
912 if (eap_get_id(respData) == data->pending_id) { in eap_aka_process_identity()
913 data->pending_id = -1; in eap_aka_process_identity()
914 eap_aka_add_id_msg(data, respData); in eap_aka_process_identity()
919 static int eap_aka_verify_mac(struct eap_aka_data *data, in eap_aka_verify_mac() argument
924 if (data->eap_method == EAP_TYPE_AKA_PRIME) in eap_aka_verify_mac()
925 return eap_sim_verify_mac_sha256(data->k_aut, req, mac, extra, in eap_aka_verify_mac()
927 return eap_sim_verify_mac(data->k_aut, req, mac, extra, extra_len); in eap_aka_verify_mac()
932 struct eap_aka_data *data, in eap_aka_process_challenge() argument
942 if (data->eap_method == EAP_TYPE_AKA_PRIME && in eap_aka_process_challenge()
947 data->notification = in eap_aka_process_challenge()
949 eap_aka_state(data, NOTIFICATION); in eap_aka_process_challenge()
953 data->kdf = attr->kdf[0]; in eap_aka_process_challenge()
957 wpa_printf(MSG_DEBUG, "EAP-AKA': KDF %d selected", data->kdf); in eap_aka_process_challenge()
964 eap_aka_verify_checkcode(data, attr->checkcode, in eap_aka_process_challenge()
968 data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; in eap_aka_process_challenge()
969 eap_aka_state(data, NOTIFICATION); in eap_aka_process_challenge()
973 eap_aka_verify_mac(data, respData, attr->mac, NULL, 0)) { in eap_aka_process_challenge()
976 data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; in eap_aka_process_challenge()
977 eap_aka_state(data, NOTIFICATION); in eap_aka_process_challenge()
985 if (attr->res == NULL || attr->res_len < data->res_len || in eap_aka_process_challenge()
986 attr->res_len_bits != data->res_len * 8 || in eap_aka_process_challenge()
987 os_memcmp_const(attr->res, data->res, data->res_len) != 0) { in eap_aka_process_challenge()
993 (unsigned long) data->res_len * 8); in eap_aka_process_challenge()
994 data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; in eap_aka_process_challenge()
995 eap_aka_state(data, NOTIFICATION); in eap_aka_process_challenge()
1002 data->use_result_ind = 1; in eap_aka_process_challenge()
1003 data->notification = EAP_SIM_SUCCESS; in eap_aka_process_challenge()
1004 eap_aka_state(data, NOTIFICATION); in eap_aka_process_challenge()
1006 eap_aka_state(data, SUCCESS); in eap_aka_process_challenge()
1008 if (data->next_pseudonym) { in eap_aka_process_challenge()
1010 data->permanent, in eap_aka_process_challenge()
1011 data->next_pseudonym); in eap_aka_process_challenge()
1012 data->next_pseudonym = NULL; in eap_aka_process_challenge()
1014 if (data->next_reauth_id) { in eap_aka_process_challenge()
1015 if (data->eap_method == EAP_TYPE_AKA_PRIME) { in eap_aka_process_challenge()
1018 data->permanent, in eap_aka_process_challenge()
1019 data->next_reauth_id, in eap_aka_process_challenge()
1020 data->counter + 1, in eap_aka_process_challenge()
1021 data->k_encr, data->k_aut, in eap_aka_process_challenge()
1022 data->k_re); in eap_aka_process_challenge()
1026 data->permanent, in eap_aka_process_challenge()
1027 data->next_reauth_id, in eap_aka_process_challenge()
1028 data->counter + 1, in eap_aka_process_challenge()
1029 data->mk); in eap_aka_process_challenge()
1031 data->next_reauth_id = NULL; in eap_aka_process_challenge()
1037 struct eap_aka_data *data, in eap_aka_process_sync_failure() argument
1046 data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; in eap_aka_process_sync_failure()
1047 eap_aka_state(data, NOTIFICATION); in eap_aka_process_sync_failure()
1054 if (!data->auts_reported && in eap_aka_process_sync_failure()
1055 eap_sim_db_resynchronize(sm->cfg->eap_sim_db_priv, data->permanent, in eap_aka_process_sync_failure()
1056 attr->auts, data->rand)) { in eap_aka_process_sync_failure()
1058 data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; in eap_aka_process_sync_failure()
1059 eap_aka_state(data, NOTIFICATION); in eap_aka_process_sync_failure()
1062 data->auts_reported = 1; in eap_aka_process_sync_failure()
1065 eap_aka_fullauth(sm, data); in eap_aka_process_sync_failure()
1070 struct eap_aka_data *data, in eap_aka_process_reauth() argument
1080 eap_aka_verify_mac(data, respData, attr->mac, data->nonce_s, in eap_aka_process_reauth()
1093 decrypted = eap_sim_parse_encr(data->k_encr, attr->encr_data, in eap_aka_process_reauth()
1102 if (eattr.counter != data->counter) { in eap_aka_process_reauth()
1105 eattr.counter, data->counter); in eap_aka_process_reauth()
1118 eap_aka_fullauth(sm, data); in eap_aka_process_reauth()
1123 data->use_result_ind = 1; in eap_aka_process_reauth()
1124 data->notification = EAP_SIM_SUCCESS; in eap_aka_process_reauth()
1125 eap_aka_state(data, NOTIFICATION); in eap_aka_process_reauth()
1127 eap_aka_state(data, SUCCESS); in eap_aka_process_reauth()
1129 if (data->next_reauth_id) { in eap_aka_process_reauth()
1130 if (data->eap_method == EAP_TYPE_AKA_PRIME) { in eap_aka_process_reauth()
1133 data->permanent, in eap_aka_process_reauth()
1134 data->next_reauth_id, in eap_aka_process_reauth()
1135 data->counter + 1, in eap_aka_process_reauth()
1136 data->k_encr, data->k_aut, in eap_aka_process_reauth()
1137 data->k_re); in eap_aka_process_reauth()
1141 data->permanent, in eap_aka_process_reauth()
1142 data->next_reauth_id, in eap_aka_process_reauth()
1143 data->counter + 1, in eap_aka_process_reauth()
1144 data->mk); in eap_aka_process_reauth()
1146 data->next_reauth_id = NULL; in eap_aka_process_reauth()
1149 data->reauth); in eap_aka_process_reauth()
1150 data->reauth = NULL; in eap_aka_process_reauth()
1156 data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; in eap_aka_process_reauth()
1157 eap_aka_state(data, NOTIFICATION); in eap_aka_process_reauth()
1158 eap_sim_db_remove_reauth(sm->cfg->eap_sim_db_priv, data->reauth); in eap_aka_process_reauth()
1159 data->reauth = NULL; in eap_aka_process_reauth()
1165 struct eap_aka_data *data, in eap_aka_process_client_error() argument
1171 if (data->notification == EAP_SIM_SUCCESS && data->use_result_ind) in eap_aka_process_client_error()
1172 eap_aka_state(data, SUCCESS); in eap_aka_process_client_error()
1174 eap_aka_state(data, FAILURE); in eap_aka_process_client_error()
1179 struct eap_sm *sm, struct eap_aka_data *data, in eap_aka_process_authentication_reject() argument
1183 eap_aka_state(data, FAILURE); in eap_aka_process_authentication_reject()
1188 struct eap_aka_data *data, in eap_aka_process_notification() argument
1193 if (data->notification == EAP_SIM_SUCCESS && data->use_result_ind) in eap_aka_process_notification()
1194 eap_aka_state(data, SUCCESS); in eap_aka_process_notification()
1196 eap_aka_state(data, FAILURE); in eap_aka_process_notification()
1203 struct eap_aka_data *data = priv; in eap_aka_process() local
1209 pos = eap_hdr_validate(EAP_VENDOR_IETF, data->eap_method, respData, in eap_aka_process()
1218 if (eap_aka_subtype_ok(data, subtype)) { in eap_aka_process()
1221 data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; in eap_aka_process()
1222 eap_aka_state(data, NOTIFICATION); in eap_aka_process()
1227 data->eap_method == EAP_TYPE_AKA_PRIME ? 2 : 1, in eap_aka_process()
1230 data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; in eap_aka_process()
1231 eap_aka_state(data, NOTIFICATION); in eap_aka_process()
1236 eap_aka_process_client_error(sm, data, respData, &attr); in eap_aka_process()
1241 eap_aka_process_authentication_reject(sm, data, respData, in eap_aka_process()
1246 switch (data->state) { in eap_aka_process()
1248 eap_aka_process_identity(sm, data, respData, &attr); in eap_aka_process()
1252 eap_aka_process_sync_failure(sm, data, respData, in eap_aka_process()
1255 eap_aka_process_challenge(sm, data, respData, &attr); in eap_aka_process()
1259 eap_aka_process_reauth(sm, data, respData, &attr); in eap_aka_process()
1262 eap_aka_process_notification(sm, data, respData, &attr); in eap_aka_process()
1266 "process", data->state); in eap_aka_process()
1274 struct eap_aka_data *data = priv; in eap_aka_isDone() local
1275 return data->state == SUCCESS || data->state == FAILURE; in eap_aka_isDone()
1281 struct eap_aka_data *data = priv; in eap_aka_getKey() local
1284 if (data->state != SUCCESS) in eap_aka_getKey()
1287 key = os_memdup(data->msk, EAP_SIM_KEYING_DATA_LEN); in eap_aka_getKey()
1297 struct eap_aka_data *data = priv; in eap_aka_get_emsk() local
1300 if (data->state != SUCCESS) in eap_aka_get_emsk()
1303 key = os_memdup(data->emsk, EAP_EMSK_LEN); in eap_aka_get_emsk()
1313 struct eap_aka_data *data = priv; in eap_aka_isSuccess() local
1314 return data->state == SUCCESS; in eap_aka_isSuccess()
1320 struct eap_aka_data *data = priv; in eap_aka_get_session_id() local
1323 if (data->state != SUCCESS) in eap_aka_get_session_id()
1326 if (!data->reauth) in eap_aka_get_session_id()
1334 id[0] = data->eap_method; in eap_aka_get_session_id()
1335 if (!data->reauth) { in eap_aka_get_session_id()
1336 os_memcpy(id + 1, data->rand, EAP_AKA_RAND_LEN); in eap_aka_get_session_id()
1337 os_memcpy(id + 1 + EAP_AKA_RAND_LEN, data->autn, in eap_aka_get_session_id()
1340 os_memcpy(id + 1, data->nonce_s, EAP_SIM_NONCE_S_LEN); in eap_aka_get_session_id()
1341 os_memcpy(id + 1 + EAP_SIM_NONCE_S_LEN, data->reauth_mac, in eap_aka_get_session_id()