1 /* 2 * EAP server/peer: EAP-SAKE shared routines 3 * Copyright (c) 2006-2019, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #ifndef EAP_SAKE_COMMON_H 10 #define EAP_SAKE_COMMON_H 11 12 #define EAP_SAKE_VERSION 2 13 14 #define EAP_SAKE_SUBTYPE_CHALLENGE 1 15 #define EAP_SAKE_SUBTYPE_CONFIRM 2 16 #define EAP_SAKE_SUBTYPE_AUTH_REJECT 3 17 #define EAP_SAKE_SUBTYPE_IDENTITY 4 18 19 #define EAP_SAKE_AT_RAND_S 1 20 #define EAP_SAKE_AT_RAND_P 2 21 #define EAP_SAKE_AT_MIC_S 3 22 #define EAP_SAKE_AT_MIC_P 4 23 #define EAP_SAKE_AT_SERVERID 5 24 #define EAP_SAKE_AT_PEERID 6 25 #define EAP_SAKE_AT_SPI_S 7 26 #define EAP_SAKE_AT_SPI_P 8 27 #define EAP_SAKE_AT_ANY_ID_REQ 9 28 #define EAP_SAKE_AT_PERM_ID_REQ 10 29 #define EAP_SAKE_AT_ENCR_DATA 128 30 #define EAP_SAKE_AT_IV 129 31 #define EAP_SAKE_AT_PADDING 130 32 #define EAP_SAKE_AT_NEXT_TMPID 131 33 #define EAP_SAKE_AT_MSK_LIFE 132 34 35 #define EAP_SAKE_RAND_LEN 16 36 #define EAP_SAKE_MIC_LEN 16 37 #define EAP_SAKE_ROOT_SECRET_LEN 16 38 #define EAP_SAKE_SMS_LEN 16 39 #define EAP_SAKE_TEK_AUTH_LEN 16 40 #define EAP_SAKE_TEK_CIPHER_LEN 16 41 #define EAP_SAKE_TEK_LEN (EAP_SAKE_TEK_AUTH_LEN + EAP_SAKE_TEK_CIPHER_LEN) 42 43 #ifdef _MSC_VER 44 #pragma pack(push, 1) 45 #endif /* _MSC_VER */ 46 47 struct eap_sake_hdr { 48 u8 version; /* EAP_SAKE_VERSION */ 49 u8 session_id; 50 u8 subtype; 51 } STRUCT_PACKED; 52 53 #ifdef _MSC_VER 54 #pragma pack(pop) 55 #endif /* _MSC_VER */ 56 57 58 struct eap_sake_parse_attr { 59 const u8 *rand_s; 60 const u8 *rand_p; 61 const u8 *mic_s; 62 const u8 *mic_p; 63 const u8 *serverid; 64 size_t serverid_len; 65 const u8 *peerid; 66 size_t peerid_len; 67 const u8 *spi_s; 68 size_t spi_s_len; 69 const u8 *spi_p; 70 size_t spi_p_len; 71 const u8 *any_id_req; 72 const u8 *perm_id_req; 73 const u8 *encr_data; 74 size_t encr_data_len; 75 const u8 *iv; 76 size_t iv_len; 77 const u8 *next_tmpid; 78 size_t next_tmpid_len; 79 const u8 *msk_life; 80 }; 81 82 int eap_sake_parse_attributes(const u8 *buf, size_t len, 83 struct eap_sake_parse_attr *attr); 84 int eap_sake_derive_keys(const u8 *root_secret_a, const u8 *root_secret_b, 85 const u8 *rand_s, const u8 *rand_p, 86 u8 *tek, u8 *msk, u8 *emsk); 87 int eap_sake_compute_mic(const u8 *tek_auth, 88 const u8 *rand_s, const u8 *rand_p, 89 const u8 *serverid, size_t serverid_len, 90 const u8 *peerid, size_t peerid_len, 91 int peer, const u8 *eap, size_t eap_len, 92 const u8 *mic_pos, u8 *mic); 93 void eap_sake_add_attr(struct wpabuf *buf, u8 type, const u8 *data, 94 size_t len); 95 96 #endif /* EAP_SAKE_COMMON_H */ 97