1 /* $OpenBSD: eap.h,v 1.1 2010/06/03 16:41:12 reyk Exp $ */ 2 /* $vantronix: eap.h,v 1.6 2010/05/18 17:56:16 reyk Exp $ */ 3 4 /* 5 * Copyright (c) 2010 Reyk Floeter <reyk@vantronix.net> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #ifndef _IKEV2_EAP_H 21 #define _IKEV2_EAP_H 22 23 struct eap_header { 24 u_int8_t eap_code; 25 u_int8_t eap_id; 26 u_int16_t eap_length; 27 } __packed; 28 29 struct eap_message { 30 u_int8_t eap_code; 31 u_int8_t eap_id; 32 u_int16_t eap_length; 33 u_int8_t eap_type; 34 /* Followed by type-specific data */ 35 } __packed; 36 37 #define EAP_CODE_REQUEST 1 /* Request */ 38 #define EAP_CODE_RESPONSE 2 /* Response */ 39 #define EAP_CODE_SUCCESS 3 /* Success */ 40 #define EAP_CODE_FAILURE 4 /* Failure */ 41 42 extern struct iked_constmap eap_code_map[]; 43 44 /* http://www.iana.org/assignments/eap-numbers */ 45 #define EAP_TYPE_NONE 0 /* NONE */ 46 #define EAP_TYPE_IDENTITY 1 /* RFC3748 */ 47 #define EAP_TYPE_NOTIFICATION 2 /* RFC3748 */ 48 #define EAP_TYPE_NAK 3 /* RFC3748 */ 49 #define EAP_TYPE_MD5 4 /* RFC3748 */ 50 #define EAP_TYPE_OTP 5 /* RFC3748 */ 51 #define EAP_TYPE_GTC 6 /* RFC3748 */ 52 #define EAP_TYPE_RSA 9 /* Whelan */ 53 #define EAP_TYPE_DSS 10 /* Nace */ 54 #define EAP_TYPE_KEA 11 /* Nace */ 55 #define EAP_TYPE_KEA_VALIDATE 12 /* Nace */ 56 #define EAP_TYPE_TLS 13 /* RFC-simon-emu-rfc2716bis-13.txt */ 57 #define EAP_TYPE_AXENT 14 /* Rosselli */ 58 #define EAP_TYPE_SECURID 15 /* Nystrm */ 59 #define EAP_TYPE_ARCOT 16 /* Jerdonek */ 60 #define EAP_TYPE_CISCO 17 /* Norman */ 61 #define EAP_TYPE_SIM 18 /* RFC4186 */ 62 #define EAP_TYPE_SRP_SHA1 19 /* Carlson */ 63 #define EAP_TYPE_TTLS 21 /* Funk */ 64 #define EAP_TYPE_RAS 22 /* Fields */ 65 #define EAP_TYPE_OAAKA 23 /* RFC4187 */ 66 #define EAP_TYPE_3COM 24 /* Young */ 67 #define EAP_TYPE_PEAP 25 /* Palekar */ 68 #define EAP_TYPE_MSCHAP_V2 26 /* Palekar */ 69 #define EAP_TYPE_MAKE 27 /* Berrendonner */ 70 #define EAP_TYPE_CRYPTOCARD 28 /* Webb */ 71 #define EAP_TYPE_MSCHAP_V2_2 29 /* Potter */ 72 #define EAP_TYPE_DYNAMID 30 /* Merlin */ 73 #define EAP_TYPE_ROB 31 /* Ullah */ 74 #define EAP_TYPE_POTP 32 /* RFC4794 */ 75 #define EAP_TYPE_MS_TLV 33 /* Palekar */ 76 #define EAP_TYPE_SENTRINET 34 /* Kelleher */ 77 #define EAP_TYPE_ACTIONTEC 35 /* Chang */ 78 #define EAP_TYPE_BIOMETRICS 36 /* Xiong */ 79 #define EAP_TYPE_AIRFORTRESS 37 /* Hibbard */ 80 #define EAP_TYPE_HTTP_DIGEST 38 /* Tavakoli */ 81 #define EAP_TYPE_SECURESUITE 39 /* Clements */ 82 #define EAP_TYPE_DEVICECONNECT 40 /* Pitard */ 83 #define EAP_TYPE_SPEKE 41 /* Zick */ 84 #define EAP_TYPE_MOBAC 42 /* Rixom */ 85 #define EAP_TYPE_FAST 43 /* Cam-Winget */ 86 #define EAP_TYPE_ZLX 44 /* Bogue */ 87 #define EAP_TYPE_LINK 45 /* Zick */ 88 #define EAP_TYPE_PAX 46 /* Clancy */ 89 #define EAP_TYPE_PSK 47 /* RFC-bersani-eap-psk-11.txt */ 90 #define EAP_TYPE_SAKE 48 /* RFC-vanderveen-eap-sake-02.txt */ 91 #define EAP_TYPE_IKEV2 49 /* RFC5106 */ 92 #define EAP_TYPE_AKA2 50 /* RFC5448 */ 93 #define EAP_TYPE_GPSK 51 /* RFC5106 */ 94 #define EAP_TYPE_PWD 52 /* RFC-harkins-emu-eap-pwd-12.txt */ 95 #define EAP_TYPE_EXPANDED_TYPE 254 /* RFC3748 */ 96 #define EAP_TYPE_EXPERIMENTAL 255 /* RFC3748 */ 97 98 extern struct iked_constmap eap_type_map[]; 99 100 /* 101 * EAP MSCHAP-V2 102 */ 103 104 #define EAP_MSCHAP_CHALLENGE_SZ 16 105 #define EAP_MSCHAP_RESPONSE_SZ 49 106 #define EAP_MSCHAP_NTRESPONSE_SZ 24 107 #define EAP_MSCHAP_SUCCESS_SZ 42 108 109 #define EAP_MSOPCODE_CHALLENGE 1 /* Challenge */ 110 #define EAP_MSOPCODE_RESPONSE 2 /* Response */ 111 #define EAP_MSOPCODE_SUCCESS 3 /* Success */ 112 #define EAP_MSOPCODE_FAILURE 4 /* Failure */ 113 #define EAP_MSOPCODE_CHANGE_PASSWORD 7 /* Change Password */ 114 115 extern struct iked_constmap eap_msopcode_map[]; 116 117 struct eap_mschap { 118 u_int8_t ms_opcode; 119 } __packed; 120 121 struct eap_mschap_challenge { 122 u_int8_t msc_opcode; 123 u_int8_t msc_id; 124 u_int16_t msc_length; 125 u_int8_t msc_valuesize; 126 u_int8_t msc_challenge[EAP_MSCHAP_CHALLENGE_SZ]; 127 /* Followed by variable-size name field */ 128 } __packed; 129 130 struct eap_mschap_peer { 131 u_int8_t msp_challenge[EAP_MSCHAP_CHALLENGE_SZ]; 132 u_int8_t msp_reserved[8]; 133 u_int8_t msp_ntresponse[EAP_MSCHAP_NTRESPONSE_SZ]; 134 u_int8_t msp_flags; 135 }; 136 137 struct eap_mschap_response { 138 u_int8_t msr_opcode; 139 u_int8_t msr_id; 140 u_int16_t msr_length; 141 u_int8_t msr_valuesize; 142 union { 143 u_int8_t resp_data[EAP_MSCHAP_RESPONSE_SZ]; 144 struct eap_mschap_peer resp_peer; 145 } msr_response; 146 /* Followed by variable-size name field */ 147 } __packed; 148 149 struct eap_mschap_success { 150 u_int8_t mss_opcode; 151 u_int8_t mss_id; 152 u_int16_t mss_length; 153 /* Followed by variable-size success message */ 154 } __packed; 155 156 struct eap_mschap_failure { 157 u_int8_t msf_opcode; 158 u_int8_t msf_id; 159 u_int16_t msf_length; 160 /* Followed by variable-size message field */ 161 } __packed; 162 163 #define EAP_MSERROR_RESTRICTED_LOGON_HOURS 646 /* eap-mschapv2 */ 164 #define EAP_MSERROR_ACCT_DISABLED 647 /* eap-mschapv2 */ 165 #define EAP_MSERROR_PASSWD_EXPIRED 648 /* eap-mschapv2 */ 166 #define EAP_MSERROR_NO_DIALIN_PERMISSION 649 /* eap-mschapv2 */ 167 #define EAP_MSERROR_AUTHENTICATION_FAILURE 691 /* eap-mschapv2 */ 168 #define EAP_MSERROR_CHANGING_PASSWORD 709 /* eap-mschapv2 */ 169 170 extern struct iked_constmap eap_mserror_map[]; 171 172 #endif /* _IKEV2_EAP_H */ 173