Kernel/iwd
3
0
Fork 0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-22 14:49:24 +01:00
Code Releases Activity

eap-sim: derive session-ID for ERP

Browse Source
This commit is contained in:
James Prestwood 2019-04-22 14:09:28 -07:00 committed by Denis Kenzior
parent 2cbdc1aa43
commit 6ea74d77cc
1 changed files with 23 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
src/eap-sim.c
View File

@ -111,6 +111,9 @@ struct eap_sim_handle {
/* Derived EMSK from PRNG */ /* Derived EMSK from PRNG */
uint8_t emsk[EAP_SIM_EMSK_LEN]; uint8_t emsk[EAP_SIM_EMSK_LEN];
/* Save RANDS from AT_RAND attribute for session ID derivation */
uint8_t rands[EAP_SIM_RAND_LEN * 3];
/* Flag set if AT_ANY_ID_REQ was present */ /* Flag set if AT_ANY_ID_REQ was present */
bool any_id_req : 1; bool any_id_req : 1;
@ -295,6 +298,22 @@ start_error:
eap_sim_client_error(eap, EAP_TYPE_SIM, EAP_SIM_ERROR_PROCESS); eap_sim_client_error(eap, EAP_TYPE_SIM, EAP_SIM_ERROR_PROCESS);
} }
static void eap_sim_finish(struct eap_state *eap)
{
struct eap_sim_handle *sim = eap_get_data(eap);
uint8_t session_id[1 + sizeof(sim->rands) + EAP_SIM_NONCE_LEN];
session_id[0] = EAP_TYPE_SIM;
memcpy(session_id + 1, sim->rands, sizeof(sim->rands));
memcpy(session_id + 1 + sizeof(sim->rands), sim->nonce,
EAP_SIM_NONCE_LEN);
eap_method_success(eap);
eap_set_key_material(eap, sim->msk, 32, sim->emsk, 32, NULL, 0,
session_id, sizeof(session_id));
}
static void gsm_callback(const uint8_t *sres, const uint8_t *kc, static void gsm_callback(const uint8_t *sres, const uint8_t *kc,
void *user_data) void *user_data)
{ {
@ -378,10 +397,7 @@ static void gsm_callback(const uint8_t *sres, const uint8_t *kc,
/* /*
* Result indication not required, we must accept success. * Result indication not required, we must accept success.
*/ */
eap_method_success(eap); eap_sim_finish(eap);
/* TODO: Derive Session-ID */
eap_set_key_material(eap, sim->msk, 32, NULL, 0, NULL, 0,
NULL, 0);
sim->state = EAP_SIM_STATE_SUCCESS; sim->state = EAP_SIM_STATE_SUCCESS;
} }
@ -412,8 +428,6 @@ static void handle_challenge(struct eap_state *eap, const uint8_t *pkt,
struct eap_sim_tlv_iter iter; struct eap_sim_tlv_iter iter;
enum eap_sim_error code = EAP_SIM_ERROR_PROCESS; enum eap_sim_error code = EAP_SIM_ERROR_PROCESS;
const uint8_t *rands = NULL;
if (sim->state != EAP_SIM_STATE_START) { if (sim->state != EAP_SIM_STATE_START) {
l_error("invalid packet for EAP-SIM state"); l_error("invalid packet for EAP-SIM state");
goto chal_error; goto chal_error;
@ -443,7 +457,7 @@ static void handle_challenge(struct eap_state *eap, const uint8_t *pkt,
* should only exist if we are re-authenticating to the * should only exist if we are re-authenticating to the
* server, which is currently not implemented. * server, which is currently not implemented.
*/ */
rands = contents + 2; memcpy(sim->rands, contents + 2, EAP_SIM_RAND_LEN * 3);
break; break;
case EAP_SIM_AT_RESULT_IND: case EAP_SIM_AT_RESULT_IND:
@ -466,7 +480,7 @@ static void handle_challenge(struct eap_state *eap, const uint8_t *pkt,
sim->chal_pkt = l_memdup(pkt, len); sim->chal_pkt = l_memdup(pkt, len);
sim->pkt_len = len; sim->pkt_len = len;
if (sim_auth_run_gsm(sim->auth, rands, 3, gsm_callback, eap) < 0) { if (sim_auth_run_gsm(sim->auth, sim->rands, 3, gsm_callback, eap) < 0) {
l_free(sim->chal_pkt); l_free(sim->chal_pkt);
sim->chal_pkt = NULL; sim->chal_pkt = NULL;
goto chal_error; goto chal_error;
@ -533,10 +547,7 @@ static void handle_notification(struct eap_state *eap, const uint8_t *pkt,
/* /*
* Server sent successful result indication * Server sent successful result indication
*/ */
eap_method_success(eap); eap_sim_finish(eap);
/* TODO: Derive Session-ID */
eap_set_key_material(eap, sim->msk, 32, NULL, 0, NULL, 0,
NULL, 0);
/* /*
* Build response packet * Build response packet