static void eap_sake_process_challenge(struct eap_sm *sm,
struct eap_sake_data *data,
u8 *respData, size_t respDataLen,
u8 *payload, size_t payloadlen)
{
struct eap_sake_parse_attr attr;
u8 mic_p[EAP_SAKE_MIC_LEN];
if (data->state != CHALLENGE)
return;
wpa_printf(MSG_DEBUG, "EAP-SAKE: Received Response/Challenge");
if (eap_sake_parse_attributes(payload, payloadlen, &attr))
return;
if (!attr.rand_p || !attr.mic_p) {
wpa_printf(MSG_INFO, "EAP-SAKE: Response/Challenge did not "
"include AT_RAND_P or AT_MIC_P");
return;
}
os_memcpy(data->rand_p, attr.rand_p, EAP_SAKE_RAND_LEN);
os_free(data->peerid);
data->peerid = NULL;
data->peerid_len = 0;
if (attr.peerid) {
data->peerid = os_malloc(attr.peerid_len);
if (data->peerid == NULL)
return;
os_memcpy(data->peerid, attr.peerid, attr.peerid_len);
data->peerid_len = attr.peerid_len;
}
if (sm->user == NULL || sm->user->password == NULL ||
sm->user->password_len != 2 * EAP_SAKE_ROOT_SECRET_LEN) {
wpa_printf(MSG_INFO, "EAP-SAKE: Plaintext password with "
"%d-byte key not configured",
2 * EAP_SAKE_ROOT_SECRET_LEN);
data->state = FAILURE;
return;
}
eap_sake_derive_keys(sm->user->password,
sm->user->password + EAP_SAKE_ROOT_SECRET_LEN,
data->rand_s, data->rand_p,
(u8 *) &data->tek, data->msk, data->emsk);
eap_sake_compute_mic(data->tek.auth, data->rand_s, data->rand_p,
data->serverid, data->serverid_len,
data->peerid, data->peerid_len, 1,
respData, respDataLen, attr.mic_p, mic_p);
if (os_memcmp(attr.mic_p, mic_p, EAP_SAKE_MIC_LEN) != 0) {
wpa_printf(MSG_INFO, "EAP-SAKE: Incorrect AT_MIC_P");
eap_sake_state(data, FAILURE);
return;
}
eap_sake_state(data, CONFIRM);
}
static void eap_sake_process_confirm(struct eap_sm *sm,
struct eap_sake_data *data,
const struct wpabuf *respData,
const u8 *payload, size_t payloadlen)
{
struct eap_sake_parse_attr attr;
u8 mic_p[EAP_SAKE_MIC_LEN];
if (data->state != CONFIRM)
return;
asd_printf(ASD_DEFAULT,MSG_DEBUG, "EAP-SAKE: Received Response/Confirm");
if (eap_sake_parse_attributes(payload, payloadlen, &attr))
return;
if (!attr.mic_p) {
asd_printf(ASD_DEFAULT,MSG_DEBUG, "EAP-SAKE: Response/Confirm did not "
"include AT_MIC_P");
return;
}
eap_sake_compute_mic(data->tek.auth, data->rand_s, data->rand_p,
data->serverid, data->serverid_len,
data->peerid, data->peerid_len, 1,
wpabuf_head(respData), wpabuf_len(respData),
attr.mic_p, mic_p);
if (os_memcmp(attr.mic_p, mic_p, EAP_SAKE_MIC_LEN) != 0) {
asd_printf(ASD_DEFAULT,MSG_DEBUG, "EAP-SAKE: Incorrect AT_MIC_P");
eap_sake_state(data, FAILURE);
} else
eap_sake_state(data, SUCCESS);
}
static void eap_sake_process_auth_reject(struct eap_sm *sm,
struct eap_sake_data *data,
const struct wpabuf *respData,
const u8 *payload, size_t payloadlen)
{
asd_printf(ASD_DEFAULT,MSG_DEBUG, "EAP-SAKE: Received Response/Auth-Reject");
eap_sake_state(data, FAILURE);
}
static void eap_sake_process_auth_reject(struct eap_sm *sm,
struct eap_sake_data *data,
u8 *respData, size_t respDataLen,
u8 *payload, size_t payloadlen)
{
wpa_printf(MSG_DEBUG, "EAP-SAKE: Received Response/Auth-Reject");
eap_sake_state(data, FAILURE);
}
static void eap_sake_process_identity(struct eap_sm *sm,
struct eap_sake_data *data,
const struct wpabuf *respData,
const u8 *payload, size_t payloadlen)
{
if (data->state != IDENTITY)
return;
asd_printf(ASD_DEFAULT,MSG_DEBUG, "EAP-SAKE: Received Response/Identity");
/* TODO: update identity and select new user data */
eap_sake_state(data, CHALLENGE);
}
static u8 * eap_sake_process_identity(struct eap_sm *sm,
struct eap_sake_data *data,
struct eap_method_ret *ret,
const u8 *reqData, size_t reqDataLen,
const u8 *payload, size_t payload_len,
size_t *respDataLen)
{
struct eap_sake_parse_attr attr;
u8 *resp, *rpos;
const struct eap_hdr *hdr = (const struct eap_hdr *) reqData;
if (data->state != IDENTITY) {
ret->ignore = TRUE;
return NULL;
}
wpa_printf(MSG_DEBUG, "EAP-SAKE: Received Request/Identity");
if (eap_sake_parse_attributes(payload, payload_len, &attr))
return NULL;
if (!attr.perm_id_req && !attr.any_id_req) {
wpa_printf(MSG_INFO, "EAP-SAKE: No AT_PERM_ID_REQ or "
"AT_ANY_ID_REQ in Request/Identity");
return NULL;
}
wpa_printf(MSG_DEBUG, "EAP-SAKE: Sending Response/Identity");
*respDataLen = 2 + data->peerid_len;
resp = eap_sake_build_msg(data, &rpos, hdr->identifier, respDataLen,
EAP_SAKE_SUBTYPE_IDENTITY);
if (resp == NULL)
return NULL;
wpa_printf(MSG_DEBUG, "EAP-SAKE: * AT_PEERID");
*rpos++ = EAP_SAKE_AT_PEERID;
*rpos++ = 2 + data->peerid_len;
if (data->peerid)
os_memcpy(rpos, data->peerid, data->peerid_len);
eap_sake_state(data, CHALLENGE);
return resp;
}
static void eap_sake_process_identity(struct eap_sm *sm,
struct eap_sake_data *data,
u8 *respData, size_t respDataLen,
u8 *payload, size_t payloadlen)
{
if (data->state != IDENTITY)
return;
wpa_printf(MSG_DEBUG, "EAP-SAKE: Received Response/Identity");
/* TODO: update identity and select new user data */
eap_sake_state(data, CHALLENGE);
(void)sm;
(void)respData;
(void)respDataLen;
(void)payload;
(void)payloadlen;
}
static struct wpabuf * eap_sake_process_identity(struct eap_sm *sm,
struct eap_sake_data *data,
struct eap_method_ret *ret,
const struct wpabuf *reqData,
const u8 *payload,
size_t payload_len)
{
struct eap_sake_parse_attr attr;
struct wpabuf *resp;
if (data->state != IDENTITY) {
ret->ignore = TRUE;
return NULL;
}
wpa_printf(MSG_DEBUG, "EAP-SAKE: Received Request/Identity");
if (eap_sake_parse_attributes(payload, payload_len, &attr))
return NULL;
if (!attr.perm_id_req && !attr.any_id_req) {
wpa_printf(MSG_INFO, "EAP-SAKE: No AT_PERM_ID_REQ or "
"AT_ANY_ID_REQ in Request/Identity");
return NULL;
}
wpa_printf(MSG_DEBUG, "EAP-SAKE: Sending Response/Identity");
resp = eap_sake_build_msg(data, eap_get_id(reqData),
2 + data->peerid_len,
EAP_SAKE_SUBTYPE_IDENTITY);
if (resp == NULL)
return NULL;
wpa_printf(MSG_DEBUG, "EAP-SAKE: * AT_PEERID");
eap_sake_add_attr(resp, EAP_SAKE_AT_PEERID,
data->peerid, data->peerid_len);
eap_sake_state(data, CHALLENGE);
return resp;
}
static struct wpabuf * eap_sake_process_confirm(struct eap_sm *sm,
struct eap_sake_data *data,
struct eap_method_ret *ret,
u8 id,
const struct wpabuf *reqData,
const u8 *payload,
size_t payload_len)
{
struct eap_sake_parse_attr attr;
u8 mic_s[EAP_SAKE_MIC_LEN];
struct wpabuf *resp;
u8 *rpos;
if (data->state != CONFIRM) {
ret->ignore = TRUE;
return NULL;
}
wpa_printf(MSG_DEBUG, "EAP-SAKE: Received Request/Confirm");
if (eap_sake_parse_attributes(payload, payload_len, &attr))
return NULL;
if (!attr.mic_s) {
wpa_printf(MSG_INFO, "EAP-SAKE: Request/Confirm did not "
"include AT_MIC_S");
return NULL;
}
if (eap_sake_compute_mic(data->tek.auth, data->rand_s, data->rand_p,
data->serverid, data->serverid_len,
data->peerid, data->peerid_len, 0,
wpabuf_head(reqData), wpabuf_len(reqData),
attr.mic_s, mic_s)) {
wpa_printf(MSG_INFO, "EAP-SAKE: Failed to compute MIC");
eap_sake_state(data, FAILURE);
ret->methodState = METHOD_DONE;
ret->decision = DECISION_FAIL;
ret->allowNotifications = FALSE;
wpa_printf(MSG_DEBUG, "EAP-SAKE: Sending Response/Auth-Reject");
return eap_sake_build_msg(data, id, 0,
EAP_SAKE_SUBTYPE_AUTH_REJECT);
}
if (os_memcmp_const(attr.mic_s, mic_s, EAP_SAKE_MIC_LEN) != 0) {
wpa_printf(MSG_INFO, "EAP-SAKE: Incorrect AT_MIC_S");
eap_sake_state(data, FAILURE);
ret->methodState = METHOD_DONE;
ret->decision = DECISION_FAIL;
ret->allowNotifications = FALSE;
wpa_printf(MSG_DEBUG, "EAP-SAKE: Sending "
"Response/Auth-Reject");
return eap_sake_build_msg(data, id, 0,
EAP_SAKE_SUBTYPE_AUTH_REJECT);
}
wpa_printf(MSG_DEBUG, "EAP-SAKE: Sending Response/Confirm");
resp = eap_sake_build_msg(data, id, 2 + EAP_SAKE_MIC_LEN,
EAP_SAKE_SUBTYPE_CONFIRM);
if (resp == NULL)
return NULL;
wpa_printf(MSG_DEBUG, "EAP-SAKE: * AT_MIC_P");
wpabuf_put_u8(resp, EAP_SAKE_AT_MIC_P);
wpabuf_put_u8(resp, 2 + EAP_SAKE_MIC_LEN);
rpos = wpabuf_put(resp, EAP_SAKE_MIC_LEN);
if (eap_sake_compute_mic(data->tek.auth, data->rand_s, data->rand_p,
data->serverid, data->serverid_len,
data->peerid, data->peerid_len, 1,
wpabuf_head(resp), wpabuf_len(resp), rpos,
rpos)) {
wpa_printf(MSG_INFO, "EAP-SAKE: Failed to compute MIC");
wpabuf_free(resp);
return NULL;
}
eap_sake_state(data, SUCCESS);
ret->methodState = METHOD_DONE;
ret->decision = DECISION_UNCOND_SUCC;
ret->allowNotifications = FALSE;
return resp;
}
static struct wpabuf * eap_sake_process_challenge(struct eap_sm *sm,
struct eap_sake_data *data,
struct eap_method_ret *ret,
u8 id,
const u8 *payload,
size_t payload_len)
{
struct eap_sake_parse_attr attr;
struct wpabuf *resp;
u8 *rpos;
size_t rlen;
if (data->state != IDENTITY && data->state != CHALLENGE) {
wpa_printf(MSG_DEBUG, "EAP-SAKE: Request/Challenge received "
"in unexpected state (%d)", data->state);
ret->ignore = TRUE;
return NULL;
}
if (data->state == IDENTITY)
eap_sake_state(data, CHALLENGE);
wpa_printf(MSG_DEBUG, "EAP-SAKE: Received Request/Challenge");
if (eap_sake_parse_attributes(payload, payload_len, &attr))
return NULL;
if (!attr.rand_s) {
wpa_printf(MSG_INFO, "EAP-SAKE: Request/Challenge did not "
"include AT_RAND_S");
return NULL;
}
os_memcpy(data->rand_s, attr.rand_s, EAP_SAKE_RAND_LEN);
wpa_hexdump(MSG_MSGDUMP, "EAP-SAKE: RAND_S (server rand)",
data->rand_s, EAP_SAKE_RAND_LEN);
if (random_get_bytes(data->rand_p, EAP_SAKE_RAND_LEN)) {
wpa_printf(MSG_ERROR, "EAP-SAKE: Failed to get random data");
return NULL;
}
wpa_hexdump(MSG_MSGDUMP, "EAP-SAKE: RAND_P (peer rand)",
data->rand_p, EAP_SAKE_RAND_LEN);
os_free(data->serverid);
data->serverid = NULL;
data->serverid_len = 0;
if (attr.serverid) {
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-SAKE: SERVERID",
attr.serverid, attr.serverid_len);
data->serverid = os_malloc(attr.serverid_len);
if (data->serverid == NULL)
return NULL;
os_memcpy(data->serverid, attr.serverid, attr.serverid_len);
data->serverid_len = attr.serverid_len;
}
eap_sake_derive_keys(data->root_secret_a, data->root_secret_b,
data->rand_s, data->rand_p,
(u8 *) &data->tek, data->msk, data->emsk);
wpa_printf(MSG_DEBUG, "EAP-SAKE: Sending Response/Challenge");
rlen = 2 + EAP_SAKE_RAND_LEN + 2 + EAP_SAKE_MIC_LEN;
if (data->peerid)
rlen += 2 + data->peerid_len;
resp = eap_sake_build_msg(data, id, rlen, EAP_SAKE_SUBTYPE_CHALLENGE);
if (resp == NULL)
return NULL;
wpa_printf(MSG_DEBUG, "EAP-SAKE: * AT_RAND_P");
eap_sake_add_attr(resp, EAP_SAKE_AT_RAND_P,
data->rand_p, EAP_SAKE_RAND_LEN);
if (data->peerid) {
wpa_printf(MSG_DEBUG, "EAP-SAKE: * AT_PEERID");
eap_sake_add_attr(resp, EAP_SAKE_AT_PEERID,
data->peerid, data->peerid_len);
}
wpa_printf(MSG_DEBUG, "EAP-SAKE: * AT_MIC_P");
wpabuf_put_u8(resp, EAP_SAKE_AT_MIC_P);
wpabuf_put_u8(resp, 2 + EAP_SAKE_MIC_LEN);
rpos = wpabuf_put(resp, EAP_SAKE_MIC_LEN);
if (eap_sake_compute_mic(data->tek.auth, data->rand_s, data->rand_p,
data->serverid, data->serverid_len,
data->peerid, data->peerid_len, 1,
wpabuf_head(resp), wpabuf_len(resp), rpos,
rpos)) {
wpa_printf(MSG_INFO, "EAP-SAKE: Failed to compute MIC");
wpabuf_free(resp);
return NULL;
}
eap_sake_state(data, CONFIRM);
return resp;
}
static u8 * eap_sake_process_confirm(struct eap_sm *sm,
struct eap_sake_data *data,
struct eap_method_ret *ret,
const u8 *reqData, size_t reqDataLen,
const u8 *payload, size_t payload_len,
size_t *respDataLen)
{
struct eap_sake_parse_attr attr;
u8 mic_s[EAP_SAKE_MIC_LEN];
u8 *resp, *rpos;
const struct eap_hdr *hdr = (const struct eap_hdr *) reqData;
if (data->state != CONFIRM) {
ret->ignore = TRUE;
return NULL;
}
wpa_printf(MSG_DEBUG, "EAP-SAKE: Received Request/Confirm");
if (eap_sake_parse_attributes(payload, payload_len, &attr))
return NULL;
if (!attr.mic_s) {
wpa_printf(MSG_INFO, "EAP-SAKE: Request/Confirm did not "
"include AT_MIC_S");
return NULL;
}
eap_sake_compute_mic(data->tek.auth, data->rand_s, data->rand_p,
data->serverid, data->serverid_len,
data->peerid, data->peerid_len, 0,
reqData, reqDataLen, attr.mic_s, mic_s);
if (os_memcmp(attr.mic_s, mic_s, EAP_SAKE_MIC_LEN) != 0) {
wpa_printf(MSG_INFO, "EAP-SAKE: Incorrect AT_MIC_S");
eap_sake_state(data, FAILURE);
ret->methodState = METHOD_DONE;
ret->decision = DECISION_FAIL;
ret->allowNotifications = FALSE;
*respDataLen = 0;
wpa_printf(MSG_DEBUG, "EAP-SAKE: Sending "
"Response/Auth-Reject");
return eap_sake_build_msg(data, &rpos, hdr->identifier,
respDataLen,
EAP_SAKE_SUBTYPE_AUTH_REJECT);
}
wpa_printf(MSG_DEBUG, "EAP-SAKE: Sending Response/Confirm");
*respDataLen = 2 + EAP_SAKE_MIC_LEN;
resp = eap_sake_build_msg(data, &rpos, hdr->identifier, respDataLen,
EAP_SAKE_SUBTYPE_CONFIRM);
if (resp == NULL)
return NULL;
wpa_printf(MSG_DEBUG, "EAP-SAKE: * AT_MIC_P");
*rpos++ = EAP_SAKE_AT_MIC_P;
*rpos++ = 2 + EAP_SAKE_MIC_LEN;
if (eap_sake_compute_mic(data->tek.auth, data->rand_s, data->rand_p,
data->serverid, data->serverid_len,
data->peerid, data->peerid_len, 1,
resp, *respDataLen, rpos, rpos)) {
wpa_printf(MSG_INFO, "EAP-SAKE: Failed to compute MIC");
os_free(resp);
return NULL;
}
eap_sake_state(data, SUCCESS);
ret->methodState = METHOD_DONE;
ret->decision = DECISION_UNCOND_SUCC;
ret->allowNotifications = FALSE;
return resp;
}
static u8 * eap_sake_process_challenge(struct eap_sm *sm,
struct eap_sake_data *data,
struct eap_method_ret *ret,
const u8 *reqData, size_t reqDataLen,
const u8 *payload, size_t payload_len,
size_t *respDataLen)
{
struct eap_sake_parse_attr attr;
u8 *resp, *rpos;
const struct eap_hdr *hdr = (const struct eap_hdr *) reqData;
if (data->state != IDENTITY && data->state != CHALLENGE) {
wpa_printf(MSG_DEBUG, "EAP-SAKE: Request/Challenge received "
"in unexpected state (%d)", data->state);
ret->ignore = TRUE;
return NULL;
}
if (data->state == IDENTITY)
eap_sake_state(data, CHALLENGE);
wpa_printf(MSG_DEBUG, "EAP-SAKE: Received Request/Challenge");
if (eap_sake_parse_attributes(payload, payload_len, &attr))
return NULL;
if (!attr.rand_s) {
wpa_printf(MSG_INFO, "EAP-SAKE: Request/Challenge did not "
"include AT_RAND_S");
return NULL;
}
os_memcpy(data->rand_s, attr.rand_s, EAP_SAKE_RAND_LEN);
wpa_hexdump(MSG_MSGDUMP, "EAP-SAKE: RAND_S (server rand)",
data->rand_s, EAP_SAKE_RAND_LEN);
if (hostapd_get_rand(data->rand_p, EAP_SAKE_RAND_LEN)) {
wpa_printf(MSG_ERROR, "EAP-SAKE: Failed to get random data");
return NULL;
}
wpa_hexdump(MSG_MSGDUMP, "EAP-SAKE: RAND_P (peer rand)",
data->rand_p, EAP_SAKE_RAND_LEN);
os_free(data->serverid);
data->serverid = NULL;
data->serverid_len = 0;
if (attr.serverid) {
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-SAKE: SERVERID",
attr.serverid, attr.serverid_len);
data->serverid = os_malloc(attr.serverid_len);
if (data->serverid == NULL)
return NULL;
os_memcpy(data->serverid, attr.serverid, attr.serverid_len);
data->serverid_len = attr.serverid_len;
}
eap_sake_derive_keys(data->root_secret_a, data->root_secret_b,
data->rand_s, data->rand_p,
(u8 *) &data->tek, data->msk, data->emsk);
wpa_printf(MSG_DEBUG, "EAP-SAKE: Sending Response/Challenge");
*respDataLen = 2 + EAP_SAKE_RAND_LEN + 2 + EAP_SAKE_MIC_LEN;
if (data->peerid)
*respDataLen += 2 + data->peerid_len;
resp = eap_sake_build_msg(data, &rpos, hdr->identifier, respDataLen,
EAP_SAKE_SUBTYPE_CHALLENGE);
if (resp == NULL)
return NULL;
wpa_printf(MSG_DEBUG, "EAP-SAKE: * AT_RAND_P");
*rpos++ = EAP_SAKE_AT_RAND_P;
*rpos++ = 2 + EAP_SAKE_RAND_LEN;
os_memcpy(rpos, data->rand_p, EAP_SAKE_RAND_LEN);
rpos += EAP_SAKE_RAND_LEN;
if (data->peerid) {
wpa_printf(MSG_DEBUG, "EAP-SAKE: * AT_PEERID");
*rpos++ = EAP_SAKE_AT_PEERID;
*rpos++ = 2 + data->peerid_len;
os_memcpy(rpos, data->peerid, data->peerid_len);
rpos += data->peerid_len;
}
wpa_printf(MSG_DEBUG, "EAP-SAKE: * AT_MIC_P");
*rpos++ = EAP_SAKE_AT_MIC_P;
*rpos++ = 2 + EAP_SAKE_MIC_LEN;
if (eap_sake_compute_mic(data->tek.auth, data->rand_s, data->rand_p,
data->serverid, data->serverid_len,
data->peerid, data->peerid_len, 1,
resp, *respDataLen, rpos, rpos)) {
wpa_printf(MSG_INFO, "EAP-SAKE: Failed to compute MIC");
os_free(resp);
return NULL;
}
eap_sake_state(data, CONFIRM);
return resp;
}
