13ff40c12SJohn Marino /*
23ff40c12SJohn Marino * EAP-IKEv2 server (RFC 5106)
33ff40c12SJohn Marino * Copyright (c) 2007, Jouni Malinen <j@w1.fi>
43ff40c12SJohn Marino *
53ff40c12SJohn Marino * This software may be distributed under the terms of the BSD license.
63ff40c12SJohn Marino * See README for more details.
73ff40c12SJohn Marino */
83ff40c12SJohn Marino
93ff40c12SJohn Marino #include "includes.h"
103ff40c12SJohn Marino
113ff40c12SJohn Marino #include "common.h"
123ff40c12SJohn Marino #include "eap_i.h"
133ff40c12SJohn Marino #include "eap_common/eap_ikev2_common.h"
143ff40c12SJohn Marino #include "ikev2.h"
153ff40c12SJohn Marino
163ff40c12SJohn Marino
173ff40c12SJohn Marino struct eap_ikev2_data {
183ff40c12SJohn Marino struct ikev2_initiator_data ikev2;
193ff40c12SJohn Marino enum { MSG, FRAG_ACK, WAIT_FRAG_ACK, DONE, FAIL } state;
203ff40c12SJohn Marino struct wpabuf *in_buf;
213ff40c12SJohn Marino struct wpabuf *out_buf;
223ff40c12SJohn Marino size_t out_used;
233ff40c12SJohn Marino size_t fragment_size;
243ff40c12SJohn Marino int keys_ready;
253ff40c12SJohn Marino u8 keymat[EAP_MSK_LEN + EAP_EMSK_LEN];
263ff40c12SJohn Marino int keymat_ok;
273ff40c12SJohn Marino };
283ff40c12SJohn Marino
293ff40c12SJohn Marino
eap_ikev2_get_shared_secret(void * ctx,const u8 * IDr,size_t IDr_len,size_t * secret_len)303ff40c12SJohn Marino static const u8 * eap_ikev2_get_shared_secret(void *ctx, const u8 *IDr,
313ff40c12SJohn Marino size_t IDr_len,
323ff40c12SJohn Marino size_t *secret_len)
333ff40c12SJohn Marino {
343ff40c12SJohn Marino struct eap_sm *sm = ctx;
353ff40c12SJohn Marino
363ff40c12SJohn Marino if (IDr == NULL) {
373ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: No IDr received - default "
383ff40c12SJohn Marino "to user identity from EAP-Identity");
393ff40c12SJohn Marino IDr = sm->identity;
403ff40c12SJohn Marino IDr_len = sm->identity_len;
413ff40c12SJohn Marino }
423ff40c12SJohn Marino
433ff40c12SJohn Marino if (eap_user_get(sm, IDr, IDr_len, 0) < 0 || sm->user == NULL ||
443ff40c12SJohn Marino sm->user->password == NULL) {
453ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: No user entry found");
463ff40c12SJohn Marino return NULL;
473ff40c12SJohn Marino }
483ff40c12SJohn Marino
493ff40c12SJohn Marino *secret_len = sm->user->password_len;
503ff40c12SJohn Marino return sm->user->password;
513ff40c12SJohn Marino }
523ff40c12SJohn Marino
533ff40c12SJohn Marino
eap_ikev2_state_txt(int state)543ff40c12SJohn Marino static const char * eap_ikev2_state_txt(int state)
553ff40c12SJohn Marino {
563ff40c12SJohn Marino switch (state) {
573ff40c12SJohn Marino case MSG:
583ff40c12SJohn Marino return "MSG";
593ff40c12SJohn Marino case FRAG_ACK:
603ff40c12SJohn Marino return "FRAG_ACK";
613ff40c12SJohn Marino case WAIT_FRAG_ACK:
623ff40c12SJohn Marino return "WAIT_FRAG_ACK";
633ff40c12SJohn Marino case DONE:
643ff40c12SJohn Marino return "DONE";
653ff40c12SJohn Marino case FAIL:
663ff40c12SJohn Marino return "FAIL";
673ff40c12SJohn Marino default:
683ff40c12SJohn Marino return "?";
693ff40c12SJohn Marino }
703ff40c12SJohn Marino }
713ff40c12SJohn Marino
723ff40c12SJohn Marino
eap_ikev2_state(struct eap_ikev2_data * data,int state)733ff40c12SJohn Marino static void eap_ikev2_state(struct eap_ikev2_data *data, int state)
743ff40c12SJohn Marino {
753ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: %s -> %s",
763ff40c12SJohn Marino eap_ikev2_state_txt(data->state),
773ff40c12SJohn Marino eap_ikev2_state_txt(state));
783ff40c12SJohn Marino data->state = state;
793ff40c12SJohn Marino }
803ff40c12SJohn Marino
813ff40c12SJohn Marino
eap_ikev2_init(struct eap_sm * sm)823ff40c12SJohn Marino static void * eap_ikev2_init(struct eap_sm *sm)
833ff40c12SJohn Marino {
843ff40c12SJohn Marino struct eap_ikev2_data *data;
853ff40c12SJohn Marino
863ff40c12SJohn Marino data = os_zalloc(sizeof(*data));
873ff40c12SJohn Marino if (data == NULL)
883ff40c12SJohn Marino return NULL;
893ff40c12SJohn Marino data->state = MSG;
903ff40c12SJohn Marino data->fragment_size = sm->fragment_size > 0 ? sm->fragment_size :
913ff40c12SJohn Marino IKEV2_FRAGMENT_SIZE;
923ff40c12SJohn Marino data->ikev2.state = SA_INIT;
933ff40c12SJohn Marino data->ikev2.peer_auth = PEER_AUTH_SECRET;
943ff40c12SJohn Marino data->ikev2.key_pad = (u8 *) os_strdup("Key Pad for EAP-IKEv2");
953ff40c12SJohn Marino if (data->ikev2.key_pad == NULL)
963ff40c12SJohn Marino goto failed;
973ff40c12SJohn Marino data->ikev2.key_pad_len = 21;
983ff40c12SJohn Marino
993ff40c12SJohn Marino /* TODO: make proposals configurable */
1003ff40c12SJohn Marino data->ikev2.proposal.proposal_num = 1;
1013ff40c12SJohn Marino data->ikev2.proposal.integ = AUTH_HMAC_SHA1_96;
1023ff40c12SJohn Marino data->ikev2.proposal.prf = PRF_HMAC_SHA1;
1033ff40c12SJohn Marino data->ikev2.proposal.encr = ENCR_AES_CBC;
1043ff40c12SJohn Marino data->ikev2.proposal.dh = DH_GROUP2_1024BIT_MODP;
1053ff40c12SJohn Marino
106*a1157835SDaniel Fojt data->ikev2.IDi = os_memdup(sm->server_id, sm->server_id_len);
1073ff40c12SJohn Marino if (data->ikev2.IDi == NULL)
1083ff40c12SJohn Marino goto failed;
1093ff40c12SJohn Marino data->ikev2.IDi_len = sm->server_id_len;
1103ff40c12SJohn Marino
1113ff40c12SJohn Marino data->ikev2.get_shared_secret = eap_ikev2_get_shared_secret;
1123ff40c12SJohn Marino data->ikev2.cb_ctx = sm;
1133ff40c12SJohn Marino
1143ff40c12SJohn Marino return data;
1153ff40c12SJohn Marino
1163ff40c12SJohn Marino failed:
1173ff40c12SJohn Marino ikev2_initiator_deinit(&data->ikev2);
1183ff40c12SJohn Marino os_free(data);
1193ff40c12SJohn Marino return NULL;
1203ff40c12SJohn Marino }
1213ff40c12SJohn Marino
1223ff40c12SJohn Marino
eap_ikev2_reset(struct eap_sm * sm,void * priv)1233ff40c12SJohn Marino static void eap_ikev2_reset(struct eap_sm *sm, void *priv)
1243ff40c12SJohn Marino {
1253ff40c12SJohn Marino struct eap_ikev2_data *data = priv;
1263ff40c12SJohn Marino wpabuf_free(data->in_buf);
1273ff40c12SJohn Marino wpabuf_free(data->out_buf);
1283ff40c12SJohn Marino ikev2_initiator_deinit(&data->ikev2);
129*a1157835SDaniel Fojt bin_clear_free(data, sizeof(*data));
1303ff40c12SJohn Marino }
1313ff40c12SJohn Marino
1323ff40c12SJohn Marino
eap_ikev2_build_msg(struct eap_ikev2_data * data,u8 id)1333ff40c12SJohn Marino static struct wpabuf * eap_ikev2_build_msg(struct eap_ikev2_data *data, u8 id)
1343ff40c12SJohn Marino {
1353ff40c12SJohn Marino struct wpabuf *req;
1363ff40c12SJohn Marino u8 flags;
1373ff40c12SJohn Marino size_t send_len, plen, icv_len = 0;
1383ff40c12SJohn Marino
1393ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Generating Request");
1403ff40c12SJohn Marino
1413ff40c12SJohn Marino flags = 0;
1423ff40c12SJohn Marino send_len = wpabuf_len(data->out_buf) - data->out_used;
1433ff40c12SJohn Marino if (1 + send_len > data->fragment_size) {
1443ff40c12SJohn Marino send_len = data->fragment_size - 1;
1453ff40c12SJohn Marino flags |= IKEV2_FLAGS_MORE_FRAGMENTS;
1463ff40c12SJohn Marino if (data->out_used == 0) {
1473ff40c12SJohn Marino flags |= IKEV2_FLAGS_LENGTH_INCLUDED;
1483ff40c12SJohn Marino send_len -= 4;
1493ff40c12SJohn Marino }
1503ff40c12SJohn Marino }
1513ff40c12SJohn Marino
1523ff40c12SJohn Marino plen = 1 + send_len;
1533ff40c12SJohn Marino if (flags & IKEV2_FLAGS_LENGTH_INCLUDED)
1543ff40c12SJohn Marino plen += 4;
1553ff40c12SJohn Marino if (data->keys_ready) {
1563ff40c12SJohn Marino const struct ikev2_integ_alg *integ;
1573ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Add Integrity Checksum "
1583ff40c12SJohn Marino "Data");
1593ff40c12SJohn Marino flags |= IKEV2_FLAGS_ICV_INCLUDED;
1603ff40c12SJohn Marino integ = ikev2_get_integ(data->ikev2.proposal.integ);
1613ff40c12SJohn Marino if (integ == NULL) {
1623ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Unknown INTEG "
1633ff40c12SJohn Marino "transform / cannot generate ICV");
1643ff40c12SJohn Marino return NULL;
1653ff40c12SJohn Marino }
1663ff40c12SJohn Marino icv_len = integ->hash_len;
1673ff40c12SJohn Marino
1683ff40c12SJohn Marino plen += icv_len;
1693ff40c12SJohn Marino }
1703ff40c12SJohn Marino req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_IKEV2, plen,
1713ff40c12SJohn Marino EAP_CODE_REQUEST, id);
1723ff40c12SJohn Marino if (req == NULL)
1733ff40c12SJohn Marino return NULL;
1743ff40c12SJohn Marino
1753ff40c12SJohn Marino wpabuf_put_u8(req, flags); /* Flags */
1763ff40c12SJohn Marino if (flags & IKEV2_FLAGS_LENGTH_INCLUDED)
1773ff40c12SJohn Marino wpabuf_put_be32(req, wpabuf_len(data->out_buf));
1783ff40c12SJohn Marino
1793ff40c12SJohn Marino wpabuf_put_data(req, wpabuf_head_u8(data->out_buf) + data->out_used,
1803ff40c12SJohn Marino send_len);
1813ff40c12SJohn Marino data->out_used += send_len;
1823ff40c12SJohn Marino
1833ff40c12SJohn Marino if (flags & IKEV2_FLAGS_ICV_INCLUDED) {
1843ff40c12SJohn Marino const u8 *msg = wpabuf_head(req);
1853ff40c12SJohn Marino size_t len = wpabuf_len(req);
1863ff40c12SJohn Marino ikev2_integ_hash(data->ikev2.proposal.integ,
1873ff40c12SJohn Marino data->ikev2.keys.SK_ai,
1883ff40c12SJohn Marino data->ikev2.keys.SK_integ_len,
1893ff40c12SJohn Marino msg, len, wpabuf_put(req, icv_len));
1903ff40c12SJohn Marino }
1913ff40c12SJohn Marino
1923ff40c12SJohn Marino if (data->out_used == wpabuf_len(data->out_buf)) {
1933ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Sending out %lu bytes "
1943ff40c12SJohn Marino "(message sent completely)",
1953ff40c12SJohn Marino (unsigned long) send_len);
1963ff40c12SJohn Marino wpabuf_free(data->out_buf);
1973ff40c12SJohn Marino data->out_buf = NULL;
1983ff40c12SJohn Marino data->out_used = 0;
1993ff40c12SJohn Marino } else {
2003ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Sending out %lu bytes "
2013ff40c12SJohn Marino "(%lu more to send)", (unsigned long) send_len,
2023ff40c12SJohn Marino (unsigned long) wpabuf_len(data->out_buf) -
2033ff40c12SJohn Marino data->out_used);
2043ff40c12SJohn Marino eap_ikev2_state(data, WAIT_FRAG_ACK);
2053ff40c12SJohn Marino }
2063ff40c12SJohn Marino
2073ff40c12SJohn Marino return req;
2083ff40c12SJohn Marino }
2093ff40c12SJohn Marino
2103ff40c12SJohn Marino
eap_ikev2_buildReq(struct eap_sm * sm,void * priv,u8 id)2113ff40c12SJohn Marino static struct wpabuf * eap_ikev2_buildReq(struct eap_sm *sm, void *priv, u8 id)
2123ff40c12SJohn Marino {
2133ff40c12SJohn Marino struct eap_ikev2_data *data = priv;
2143ff40c12SJohn Marino
2153ff40c12SJohn Marino switch (data->state) {
2163ff40c12SJohn Marino case MSG:
2173ff40c12SJohn Marino if (data->out_buf == NULL) {
2183ff40c12SJohn Marino data->out_buf = ikev2_initiator_build(&data->ikev2);
2193ff40c12SJohn Marino if (data->out_buf == NULL) {
2203ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Failed to "
2213ff40c12SJohn Marino "generate IKEv2 message");
2223ff40c12SJohn Marino return NULL;
2233ff40c12SJohn Marino }
2243ff40c12SJohn Marino data->out_used = 0;
2253ff40c12SJohn Marino }
226*a1157835SDaniel Fojt /* fall through */
2273ff40c12SJohn Marino case WAIT_FRAG_ACK:
2283ff40c12SJohn Marino return eap_ikev2_build_msg(data, id);
2293ff40c12SJohn Marino case FRAG_ACK:
2303ff40c12SJohn Marino return eap_ikev2_build_frag_ack(id, EAP_CODE_REQUEST);
2313ff40c12SJohn Marino default:
2323ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Unexpected state %d in "
2333ff40c12SJohn Marino "buildReq", data->state);
2343ff40c12SJohn Marino return NULL;
2353ff40c12SJohn Marino }
2363ff40c12SJohn Marino }
2373ff40c12SJohn Marino
2383ff40c12SJohn Marino
eap_ikev2_check(struct eap_sm * sm,void * priv,struct wpabuf * respData)2393ff40c12SJohn Marino static Boolean eap_ikev2_check(struct eap_sm *sm, void *priv,
2403ff40c12SJohn Marino struct wpabuf *respData)
2413ff40c12SJohn Marino {
2423ff40c12SJohn Marino const u8 *pos;
2433ff40c12SJohn Marino size_t len;
2443ff40c12SJohn Marino
2453ff40c12SJohn Marino pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_IKEV2, respData,
2463ff40c12SJohn Marino &len);
2473ff40c12SJohn Marino if (pos == NULL) {
2483ff40c12SJohn Marino wpa_printf(MSG_INFO, "EAP-IKEV2: Invalid frame");
2493ff40c12SJohn Marino return TRUE;
2503ff40c12SJohn Marino }
2513ff40c12SJohn Marino
2523ff40c12SJohn Marino return FALSE;
2533ff40c12SJohn Marino }
2543ff40c12SJohn Marino
2553ff40c12SJohn Marino
eap_ikev2_process_icv(struct eap_ikev2_data * data,const struct wpabuf * respData,u8 flags,const u8 * pos,const u8 ** end,int frag_ack)2563ff40c12SJohn Marino static int eap_ikev2_process_icv(struct eap_ikev2_data *data,
2573ff40c12SJohn Marino const struct wpabuf *respData,
258*a1157835SDaniel Fojt u8 flags, const u8 *pos, const u8 **end,
259*a1157835SDaniel Fojt int frag_ack)
2603ff40c12SJohn Marino {
2613ff40c12SJohn Marino if (flags & IKEV2_FLAGS_ICV_INCLUDED) {
2623ff40c12SJohn Marino int icv_len = eap_ikev2_validate_icv(
2633ff40c12SJohn Marino data->ikev2.proposal.integ, &data->ikev2.keys, 0,
2643ff40c12SJohn Marino respData, pos, *end);
2653ff40c12SJohn Marino if (icv_len < 0)
2663ff40c12SJohn Marino return -1;
2673ff40c12SJohn Marino /* Hide Integrity Checksum Data from further processing */
2683ff40c12SJohn Marino *end -= icv_len;
269*a1157835SDaniel Fojt } else if (data->keys_ready && !frag_ack) {
2703ff40c12SJohn Marino wpa_printf(MSG_INFO, "EAP-IKEV2: The message should have "
2713ff40c12SJohn Marino "included integrity checksum");
2723ff40c12SJohn Marino return -1;
2733ff40c12SJohn Marino }
2743ff40c12SJohn Marino
2753ff40c12SJohn Marino return 0;
2763ff40c12SJohn Marino }
2773ff40c12SJohn Marino
2783ff40c12SJohn Marino
eap_ikev2_process_cont(struct eap_ikev2_data * data,const u8 * buf,size_t len)2793ff40c12SJohn Marino static int eap_ikev2_process_cont(struct eap_ikev2_data *data,
2803ff40c12SJohn Marino const u8 *buf, size_t len)
2813ff40c12SJohn Marino {
2823ff40c12SJohn Marino /* Process continuation of a pending message */
2833ff40c12SJohn Marino if (len > wpabuf_tailroom(data->in_buf)) {
2843ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Fragment overflow");
2853ff40c12SJohn Marino eap_ikev2_state(data, FAIL);
2863ff40c12SJohn Marino return -1;
2873ff40c12SJohn Marino }
2883ff40c12SJohn Marino
2893ff40c12SJohn Marino wpabuf_put_data(data->in_buf, buf, len);
2903ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Received %lu bytes, waiting for %lu "
2913ff40c12SJohn Marino "bytes more", (unsigned long) len,
2923ff40c12SJohn Marino (unsigned long) wpabuf_tailroom(data->in_buf));
2933ff40c12SJohn Marino
2943ff40c12SJohn Marino return 0;
2953ff40c12SJohn Marino }
2963ff40c12SJohn Marino
2973ff40c12SJohn Marino
eap_ikev2_process_fragment(struct eap_ikev2_data * data,u8 flags,u32 message_length,const u8 * buf,size_t len)2983ff40c12SJohn Marino static int eap_ikev2_process_fragment(struct eap_ikev2_data *data,
2993ff40c12SJohn Marino u8 flags, u32 message_length,
3003ff40c12SJohn Marino const u8 *buf, size_t len)
3013ff40c12SJohn Marino {
3023ff40c12SJohn Marino /* Process a fragment that is not the last one of the message */
3033ff40c12SJohn Marino if (data->in_buf == NULL && !(flags & IKEV2_FLAGS_LENGTH_INCLUDED)) {
3043ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: No Message Length field in "
3053ff40c12SJohn Marino "a fragmented packet");
3063ff40c12SJohn Marino return -1;
3073ff40c12SJohn Marino }
3083ff40c12SJohn Marino
3093ff40c12SJohn Marino if (data->in_buf == NULL) {
3103ff40c12SJohn Marino /* First fragment of the message */
311*a1157835SDaniel Fojt if (message_length > 50000) {
312*a1157835SDaniel Fojt /* Limit maximum memory allocation */
313*a1157835SDaniel Fojt wpa_printf(MSG_DEBUG,
314*a1157835SDaniel Fojt "EAP-IKEV2: Ignore too long message");
315*a1157835SDaniel Fojt return -1;
316*a1157835SDaniel Fojt }
3173ff40c12SJohn Marino data->in_buf = wpabuf_alloc(message_length);
3183ff40c12SJohn Marino if (data->in_buf == NULL) {
3193ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: No memory for "
3203ff40c12SJohn Marino "message");
3213ff40c12SJohn Marino return -1;
3223ff40c12SJohn Marino }
3233ff40c12SJohn Marino wpabuf_put_data(data->in_buf, buf, len);
3243ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Received %lu bytes in first "
3253ff40c12SJohn Marino "fragment, waiting for %lu bytes more",
3263ff40c12SJohn Marino (unsigned long) len,
3273ff40c12SJohn Marino (unsigned long) wpabuf_tailroom(data->in_buf));
3283ff40c12SJohn Marino }
3293ff40c12SJohn Marino
3303ff40c12SJohn Marino return 0;
3313ff40c12SJohn Marino }
3323ff40c12SJohn Marino
3333ff40c12SJohn Marino
eap_ikev2_server_keymat(struct eap_ikev2_data * data)3343ff40c12SJohn Marino static int eap_ikev2_server_keymat(struct eap_ikev2_data *data)
3353ff40c12SJohn Marino {
3363ff40c12SJohn Marino if (eap_ikev2_derive_keymat(
3373ff40c12SJohn Marino data->ikev2.proposal.prf, &data->ikev2.keys,
3383ff40c12SJohn Marino data->ikev2.i_nonce, data->ikev2.i_nonce_len,
3393ff40c12SJohn Marino data->ikev2.r_nonce, data->ikev2.r_nonce_len,
3403ff40c12SJohn Marino data->keymat) < 0) {
3413ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Failed to derive "
3423ff40c12SJohn Marino "key material");
3433ff40c12SJohn Marino return -1;
3443ff40c12SJohn Marino }
3453ff40c12SJohn Marino data->keymat_ok = 1;
3463ff40c12SJohn Marino return 0;
3473ff40c12SJohn Marino }
3483ff40c12SJohn Marino
3493ff40c12SJohn Marino
eap_ikev2_process(struct eap_sm * sm,void * priv,struct wpabuf * respData)3503ff40c12SJohn Marino static void eap_ikev2_process(struct eap_sm *sm, void *priv,
3513ff40c12SJohn Marino struct wpabuf *respData)
3523ff40c12SJohn Marino {
3533ff40c12SJohn Marino struct eap_ikev2_data *data = priv;
3543ff40c12SJohn Marino const u8 *start, *pos, *end;
3553ff40c12SJohn Marino size_t len;
3563ff40c12SJohn Marino u8 flags;
3573ff40c12SJohn Marino u32 message_length = 0;
3583ff40c12SJohn Marino struct wpabuf tmpbuf;
3593ff40c12SJohn Marino
3603ff40c12SJohn Marino pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_IKEV2, respData,
3613ff40c12SJohn Marino &len);
3623ff40c12SJohn Marino if (pos == NULL)
3633ff40c12SJohn Marino return; /* Should not happen; message already verified */
3643ff40c12SJohn Marino
3653ff40c12SJohn Marino start = pos;
3663ff40c12SJohn Marino end = start + len;
3673ff40c12SJohn Marino
3683ff40c12SJohn Marino if (len == 0) {
3693ff40c12SJohn Marino /* fragment ack */
3703ff40c12SJohn Marino flags = 0;
3713ff40c12SJohn Marino } else
3723ff40c12SJohn Marino flags = *pos++;
3733ff40c12SJohn Marino
374*a1157835SDaniel Fojt if (eap_ikev2_process_icv(data, respData, flags, pos, &end,
375*a1157835SDaniel Fojt data->state == WAIT_FRAG_ACK && len == 0) < 0)
376*a1157835SDaniel Fojt {
3773ff40c12SJohn Marino eap_ikev2_state(data, FAIL);
3783ff40c12SJohn Marino return;
3793ff40c12SJohn Marino }
3803ff40c12SJohn Marino
3813ff40c12SJohn Marino if (flags & IKEV2_FLAGS_LENGTH_INCLUDED) {
3823ff40c12SJohn Marino if (end - pos < 4) {
3833ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Message underflow");
3843ff40c12SJohn Marino eap_ikev2_state(data, FAIL);
3853ff40c12SJohn Marino return;
3863ff40c12SJohn Marino }
3873ff40c12SJohn Marino message_length = WPA_GET_BE32(pos);
3883ff40c12SJohn Marino pos += 4;
3893ff40c12SJohn Marino
3903ff40c12SJohn Marino if (message_length < (u32) (end - pos)) {
3913ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Invalid Message "
3923ff40c12SJohn Marino "Length (%d; %ld remaining in this msg)",
3933ff40c12SJohn Marino message_length, (long) (end - pos));
3943ff40c12SJohn Marino eap_ikev2_state(data, FAIL);
3953ff40c12SJohn Marino return;
3963ff40c12SJohn Marino }
3973ff40c12SJohn Marino }
3983ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Received packet: Flags 0x%x "
3993ff40c12SJohn Marino "Message Length %u", flags, message_length);
4003ff40c12SJohn Marino
4013ff40c12SJohn Marino if (data->state == WAIT_FRAG_ACK) {
4023ff40c12SJohn Marino if (len != 0) {
4033ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Unexpected payload "
4043ff40c12SJohn Marino "in WAIT_FRAG_ACK state");
4053ff40c12SJohn Marino eap_ikev2_state(data, FAIL);
4063ff40c12SJohn Marino return;
4073ff40c12SJohn Marino }
4083ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Fragment acknowledged");
4093ff40c12SJohn Marino eap_ikev2_state(data, MSG);
4103ff40c12SJohn Marino return;
4113ff40c12SJohn Marino }
4123ff40c12SJohn Marino
4133ff40c12SJohn Marino if (data->in_buf && eap_ikev2_process_cont(data, pos, end - pos) < 0) {
4143ff40c12SJohn Marino eap_ikev2_state(data, FAIL);
4153ff40c12SJohn Marino return;
4163ff40c12SJohn Marino }
4173ff40c12SJohn Marino
4183ff40c12SJohn Marino if (flags & IKEV2_FLAGS_MORE_FRAGMENTS) {
4193ff40c12SJohn Marino if (eap_ikev2_process_fragment(data, flags, message_length,
4203ff40c12SJohn Marino pos, end - pos) < 0)
4213ff40c12SJohn Marino eap_ikev2_state(data, FAIL);
4223ff40c12SJohn Marino else
4233ff40c12SJohn Marino eap_ikev2_state(data, FRAG_ACK);
4243ff40c12SJohn Marino return;
4253ff40c12SJohn Marino } else if (data->state == FRAG_ACK) {
4263ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-TNC: All fragments received");
4273ff40c12SJohn Marino data->state = MSG;
4283ff40c12SJohn Marino }
4293ff40c12SJohn Marino
4303ff40c12SJohn Marino if (data->in_buf == NULL) {
4313ff40c12SJohn Marino /* Wrap unfragmented messages as wpabuf without extra copy */
4323ff40c12SJohn Marino wpabuf_set(&tmpbuf, pos, end - pos);
4333ff40c12SJohn Marino data->in_buf = &tmpbuf;
4343ff40c12SJohn Marino }
4353ff40c12SJohn Marino
4363ff40c12SJohn Marino if (ikev2_initiator_process(&data->ikev2, data->in_buf) < 0) {
4373ff40c12SJohn Marino if (data->in_buf == &tmpbuf)
4383ff40c12SJohn Marino data->in_buf = NULL;
4393ff40c12SJohn Marino eap_ikev2_state(data, FAIL);
4403ff40c12SJohn Marino return;
4413ff40c12SJohn Marino }
4423ff40c12SJohn Marino
4433ff40c12SJohn Marino switch (data->ikev2.state) {
4443ff40c12SJohn Marino case SA_AUTH:
4453ff40c12SJohn Marino /* SA_INIT was sent out, so message have to be
4463ff40c12SJohn Marino * integrity protected from now on. */
4473ff40c12SJohn Marino data->keys_ready = 1;
4483ff40c12SJohn Marino break;
4493ff40c12SJohn Marino case IKEV2_DONE:
4503ff40c12SJohn Marino if (data->state == FAIL)
4513ff40c12SJohn Marino break;
4523ff40c12SJohn Marino wpa_printf(MSG_DEBUG, "EAP-IKEV2: Authentication completed "
4533ff40c12SJohn Marino "successfully");
4543ff40c12SJohn Marino if (eap_ikev2_server_keymat(data))
4553ff40c12SJohn Marino break;
4563ff40c12SJohn Marino eap_ikev2_state(data, DONE);
4573ff40c12SJohn Marino break;
4583ff40c12SJohn Marino default:
4593ff40c12SJohn Marino break;
4603ff40c12SJohn Marino }
4613ff40c12SJohn Marino
4623ff40c12SJohn Marino if (data->in_buf != &tmpbuf)
4633ff40c12SJohn Marino wpabuf_free(data->in_buf);
4643ff40c12SJohn Marino data->in_buf = NULL;
4653ff40c12SJohn Marino }
4663ff40c12SJohn Marino
4673ff40c12SJohn Marino
eap_ikev2_isDone(struct eap_sm * sm,void * priv)4683ff40c12SJohn Marino static Boolean eap_ikev2_isDone(struct eap_sm *sm, void *priv)
4693ff40c12SJohn Marino {
4703ff40c12SJohn Marino struct eap_ikev2_data *data = priv;
4713ff40c12SJohn Marino return data->state == DONE || data->state == FAIL;
4723ff40c12SJohn Marino }
4733ff40c12SJohn Marino
4743ff40c12SJohn Marino
eap_ikev2_isSuccess(struct eap_sm * sm,void * priv)4753ff40c12SJohn Marino static Boolean eap_ikev2_isSuccess(struct eap_sm *sm, void *priv)
4763ff40c12SJohn Marino {
4773ff40c12SJohn Marino struct eap_ikev2_data *data = priv;
4783ff40c12SJohn Marino return data->state == DONE && data->ikev2.state == IKEV2_DONE &&
4793ff40c12SJohn Marino data->keymat_ok;
4803ff40c12SJohn Marino }
4813ff40c12SJohn Marino
4823ff40c12SJohn Marino
eap_ikev2_getKey(struct eap_sm * sm,void * priv,size_t * len)4833ff40c12SJohn Marino static u8 * eap_ikev2_getKey(struct eap_sm *sm, void *priv, size_t *len)
4843ff40c12SJohn Marino {
4853ff40c12SJohn Marino struct eap_ikev2_data *data = priv;
4863ff40c12SJohn Marino u8 *key;
4873ff40c12SJohn Marino
4883ff40c12SJohn Marino if (data->state != DONE || !data->keymat_ok)
4893ff40c12SJohn Marino return NULL;
4903ff40c12SJohn Marino
4913ff40c12SJohn Marino key = os_malloc(EAP_MSK_LEN);
4923ff40c12SJohn Marino if (key) {
4933ff40c12SJohn Marino os_memcpy(key, data->keymat, EAP_MSK_LEN);
4943ff40c12SJohn Marino *len = EAP_MSK_LEN;
4953ff40c12SJohn Marino }
4963ff40c12SJohn Marino
4973ff40c12SJohn Marino return key;
4983ff40c12SJohn Marino }
4993ff40c12SJohn Marino
5003ff40c12SJohn Marino
eap_ikev2_get_emsk(struct eap_sm * sm,void * priv,size_t * len)5013ff40c12SJohn Marino static u8 * eap_ikev2_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
5023ff40c12SJohn Marino {
5033ff40c12SJohn Marino struct eap_ikev2_data *data = priv;
5043ff40c12SJohn Marino u8 *key;
5053ff40c12SJohn Marino
5063ff40c12SJohn Marino if (data->state != DONE || !data->keymat_ok)
5073ff40c12SJohn Marino return NULL;
5083ff40c12SJohn Marino
5093ff40c12SJohn Marino key = os_malloc(EAP_EMSK_LEN);
5103ff40c12SJohn Marino if (key) {
5113ff40c12SJohn Marino os_memcpy(key, data->keymat + EAP_MSK_LEN, EAP_EMSK_LEN);
5123ff40c12SJohn Marino *len = EAP_EMSK_LEN;
5133ff40c12SJohn Marino }
5143ff40c12SJohn Marino
5153ff40c12SJohn Marino return key;
5163ff40c12SJohn Marino }
5173ff40c12SJohn Marino
5183ff40c12SJohn Marino
eap_ikev2_get_session_id(struct eap_sm * sm,void * priv,size_t * len)519*a1157835SDaniel Fojt static u8 * eap_ikev2_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
520*a1157835SDaniel Fojt {
521*a1157835SDaniel Fojt struct eap_ikev2_data *data = priv;
522*a1157835SDaniel Fojt u8 *sid;
523*a1157835SDaniel Fojt size_t sid_len;
524*a1157835SDaniel Fojt size_t offset;
525*a1157835SDaniel Fojt
526*a1157835SDaniel Fojt if (data->state != DONE || !data->keymat_ok)
527*a1157835SDaniel Fojt return NULL;
528*a1157835SDaniel Fojt
529*a1157835SDaniel Fojt sid_len = 1 + data->ikev2.i_nonce_len + data->ikev2.r_nonce_len;
530*a1157835SDaniel Fojt sid = os_malloc(sid_len);
531*a1157835SDaniel Fojt if (sid) {
532*a1157835SDaniel Fojt offset = 0;
533*a1157835SDaniel Fojt sid[offset] = EAP_TYPE_IKEV2;
534*a1157835SDaniel Fojt offset++;
535*a1157835SDaniel Fojt os_memcpy(sid + offset, data->ikev2.i_nonce,
536*a1157835SDaniel Fojt data->ikev2.i_nonce_len);
537*a1157835SDaniel Fojt offset += data->ikev2.i_nonce_len;
538*a1157835SDaniel Fojt os_memcpy(sid + offset, data->ikev2.r_nonce,
539*a1157835SDaniel Fojt data->ikev2.r_nonce_len);
540*a1157835SDaniel Fojt *len = sid_len;
541*a1157835SDaniel Fojt wpa_hexdump(MSG_DEBUG, "EAP-IKEV2: Derived Session-Id",
542*a1157835SDaniel Fojt sid, sid_len);
543*a1157835SDaniel Fojt }
544*a1157835SDaniel Fojt
545*a1157835SDaniel Fojt return sid;
546*a1157835SDaniel Fojt }
547*a1157835SDaniel Fojt
548*a1157835SDaniel Fojt
eap_server_ikev2_register(void)5493ff40c12SJohn Marino int eap_server_ikev2_register(void)
5503ff40c12SJohn Marino {
5513ff40c12SJohn Marino struct eap_method *eap;
5523ff40c12SJohn Marino
5533ff40c12SJohn Marino eap = eap_server_method_alloc(EAP_SERVER_METHOD_INTERFACE_VERSION,
5543ff40c12SJohn Marino EAP_VENDOR_IETF, EAP_TYPE_IKEV2,
5553ff40c12SJohn Marino "IKEV2");
5563ff40c12SJohn Marino if (eap == NULL)
5573ff40c12SJohn Marino return -1;
5583ff40c12SJohn Marino
5593ff40c12SJohn Marino eap->init = eap_ikev2_init;
5603ff40c12SJohn Marino eap->reset = eap_ikev2_reset;
5613ff40c12SJohn Marino eap->buildReq = eap_ikev2_buildReq;
5623ff40c12SJohn Marino eap->check = eap_ikev2_check;
5633ff40c12SJohn Marino eap->process = eap_ikev2_process;
5643ff40c12SJohn Marino eap->isDone = eap_ikev2_isDone;
5653ff40c12SJohn Marino eap->getKey = eap_ikev2_getKey;
5663ff40c12SJohn Marino eap->isSuccess = eap_ikev2_isSuccess;
5673ff40c12SJohn Marino eap->get_emsk = eap_ikev2_get_emsk;
568*a1157835SDaniel Fojt eap->getSessionId = eap_ikev2_get_session_id;
5693ff40c12SJohn Marino
570*a1157835SDaniel Fojt return eap_server_method_register(eap);
5713ff40c12SJohn Marino }
572