static void eap_sim_process_start(struct eap_sm *sm, struct eap_sim_data *data, struct wpabuf *respData, struct eap_sim_attrs *attr) { const u8 *identity; size_t identity_len; u8 ver_list[2]; wpa_printf(MSG_DEBUG, "EAP-SIM: Receive start response"); if (attr->identity) { os_free(sm->identity); sm->identity = os_malloc(attr->identity_len); if (sm->identity) { os_memcpy(sm->identity, attr->identity, attr->identity_len); sm->identity_len = attr->identity_len; } } identity = NULL; identity_len = 0; if (sm->identity && sm->identity_len > 0 && sm->identity[0] == EAP_SIM_PERMANENT_PREFIX) { identity = sm->identity; identity_len = sm->identity_len; } else { identity = eap_sim_db_get_permanent(sm->eap_sim_db_priv, sm->identity, sm->identity_len, &identity_len); if (identity == NULL) { data->reauth = eap_sim_db_get_reauth_entry( sm->eap_sim_db_priv, sm->identity, sm->identity_len); if (data->reauth) { wpa_printf(MSG_DEBUG, "EAP-SIM: Using fast " "re-authentication"); identity = data->reauth->identity; identity_len = data->reauth->identity_len; data->counter = data->reauth->counter; os_memcpy(data->mk, data->reauth->mk, EAP_SIM_MK_LEN); } } } if (identity == NULL) { wpa_printf(MSG_DEBUG, "EAP-SIM: Could not get proper permanent" " user name"); eap_sim_state(data, FAILURE); return; } wpa_hexdump_ascii(MSG_DEBUG, "EAP-SIM: Identity", identity, identity_len); if (data->reauth) { eap_sim_state(data, REAUTH); return; } if (attr->nonce_mt == NULL || attr->selected_version < 0) { wpa_printf(MSG_DEBUG, "EAP-SIM: Start/Response missing " "required attributes"); eap_sim_state(data, FAILURE); return; } if (!eap_sim_supported_ver(data, attr->selected_version)) { wpa_printf(MSG_DEBUG, "EAP-SIM: Peer selected unsupported " "version %d", attr->selected_version); eap_sim_state(data, FAILURE); return; } data->counter = 0; /* reset re-auth counter since this is full auth */ data->reauth = NULL; data->num_chal = eap_sim_db_get_gsm_triplets( sm->eap_sim_db_priv, identity, identity_len, EAP_SIM_MAX_CHAL, (u8 *) data->rand, (u8 *) data->kc, (u8 *) data->sres, sm); if (data->num_chal == EAP_SIM_DB_PENDING) { wpa_printf(MSG_DEBUG, "EAP-SIM: GSM authentication triplets " "not yet available - pending request"); sm->method_pending = METHOD_PENDING_WAIT; return; } if (data->num_chal < 2) { wpa_printf(MSG_INFO, "EAP-SIM: Failed to get GSM " "authentication triplets for the peer"); eap_sim_state(data, FAILURE); return; } identity_len = sm->identity_len; while (identity_len > 0 && sm->identity[identity_len - 1] == '\0') { wpa_printf(MSG_DEBUG, "EAP-SIM: Workaround - drop last null " "character from identity"); identity_len--; } wpa_hexdump_ascii(MSG_DEBUG, "EAP-SIM: Identity for MK derivation", sm->identity, identity_len); os_memcpy(data->nonce_mt, attr->nonce_mt, EAP_SIM_NONCE_MT_LEN); WPA_PUT_BE16(ver_list, EAP_SIM_VERSION); eap_sim_derive_mk(sm->identity, identity_len, attr->nonce_mt, attr->selected_version, ver_list, sizeof(ver_list), data->num_chal, (const u8 *) data->kc, data->mk); eap_sim_derive_keys(data->mk, data->k_encr, data->k_aut, data->msk, data->emsk); eap_sim_state(data, CHALLENGE); }
static u8 * eap_sim_process_start(struct eap_sm *sm, struct eap_sim_data *data, struct eap_hdr *req, size_t reqDataLen, size_t *respDataLen, struct eap_sim_attrs *attr) { int i, selected_version = -1, id_error; u8 *pos; wpa_printf(MSG_DEBUG, "EAP-SIM: subtype Start"); if (attr->version_list == NULL) { wpa_printf(MSG_INFO, "EAP-SIM: No AT_VERSION_LIST in " "SIM/Start"); return eap_sim_client_error(sm, data, req, respDataLen, EAP_SIM_UNSUPPORTED_VERSION); } free(data->ver_list); data->ver_list = malloc(attr->version_list_len); if (data->ver_list == NULL) { wpa_printf(MSG_DEBUG, "EAP-SIM: Failed to allocate " "memory for version list"); return eap_sim_client_error(sm, data, req, respDataLen, EAP_SIM_UNABLE_TO_PROCESS_PACKET); } memcpy(data->ver_list, attr->version_list, attr->version_list_len); data->ver_list_len = attr->version_list_len; pos = data->ver_list; for (i = 0; i < data->ver_list_len / 2; i++) { int ver = pos[0] * 256 + pos[1]; pos += 2; if (eap_sim_supported_ver(data, ver)) { selected_version = ver; break; } } if (selected_version < 0) { wpa_printf(MSG_INFO, "EAP-SIM: Could not find a supported " "version"); return eap_sim_client_error(sm, data, req, respDataLen, EAP_SIM_UNSUPPORTED_VERSION); } wpa_printf(MSG_DEBUG, "EAP-SIM: Selected Version %d", selected_version); data->selected_version = selected_version; id_error = 0; switch (attr->id_req) { case NO_ID_REQ: break; case ANY_ID: if (data->num_id_req > 0) id_error++; data->num_id_req++; break; case FULLAUTH_ID: if (data->num_id_req > 1) id_error++; data->num_id_req++; break; case PERMANENT_ID: if (data->num_id_req > 2) id_error++; data->num_id_req++; break; } if (id_error) { wpa_printf(MSG_INFO, "EAP-SIM: Too many ID requests " "used within one authentication"); return eap_sim_client_error(sm, data, req, respDataLen, EAP_SIM_UNABLE_TO_PROCESS_PACKET); } return eap_sim_response_start(sm, data, req, respDataLen, attr->id_req); }
static void eap_sim_process_start(struct eap_sm *sm, struct eap_sim_data *data, struct wpabuf *respData, struct eap_sim_attrs *attr) { size_t identity_len; u8 ver_list[2]; u8 *new_identity; char *username; wpa_printf(MSG_DEBUG, "EAP-SIM: Receive start response"); if (data->start_round == 0) { /* * Special case for AT_COUNTER_TOO_SMALL recovery - no identity * was requested since we already know it. */ goto skip_id_update; } /* * We always request identity in SIM/Start, so the peer is required to * have replied with one. */ if (!attr->identity || attr->identity_len == 0) { wpa_printf(MSG_DEBUG, "EAP-SIM: Peer did not provide any " "identity"); goto failed; } new_identity = os_malloc(attr->identity_len); if (new_identity == NULL) goto failed; os_free(sm->identity); sm->identity = new_identity; os_memcpy(sm->identity, attr->identity, attr->identity_len); sm->identity_len = attr->identity_len; wpa_hexdump_ascii(MSG_DEBUG, "EAP-SIM: Identity", sm->identity, sm->identity_len); username = sim_get_username(sm->identity, sm->identity_len); if (username == NULL) goto failed; if (username[0] == EAP_SIM_REAUTH_ID_PREFIX) { wpa_printf(MSG_DEBUG, "EAP-SIM: Reauth username '%s'", username); data->reauth = eap_sim_db_get_reauth_entry( sm->eap_sim_db_priv, username); os_free(username); if (data->reauth == NULL) { wpa_printf(MSG_DEBUG, "EAP-SIM: Unknown reauth " "identity - request full auth identity"); /* Remain in START state for another round */ return; } wpa_printf(MSG_DEBUG, "EAP-SIM: Using fast re-authentication"); os_strlcpy(data->permanent, data->reauth->permanent, sizeof(data->permanent)); data->counter = data->reauth->counter; os_memcpy(data->mk, data->reauth->mk, EAP_SIM_MK_LEN); eap_sim_state(data, REAUTH); return; } if (username[0] == EAP_SIM_PSEUDONYM_PREFIX) { const char *permanent; wpa_printf(MSG_DEBUG, "EAP-SIM: Pseudonym username '%s'", username); permanent = eap_sim_db_get_permanent( sm->eap_sim_db_priv, username); os_free(username); if (permanent == NULL) { wpa_printf(MSG_DEBUG, "EAP-SIM: Unknown pseudonym " "identity - request permanent identity"); /* Remain in START state for another round */ return; } os_strlcpy(data->permanent, permanent, sizeof(data->permanent)); } else if (username[0] == EAP_SIM_PERMANENT_PREFIX) { wpa_printf(MSG_DEBUG, "EAP-SIM: Permanent username '%s'", username); os_strlcpy(data->permanent, username, sizeof(data->permanent)); os_free(username); } else { wpa_printf(MSG_DEBUG, "EAP-SIM: Unrecognized username '%s'", username); os_free(username); goto failed; } skip_id_update: /* Full authentication */ if (attr->nonce_mt == NULL || attr->selected_version < 0) { wpa_printf(MSG_DEBUG, "EAP-SIM: Start/Response missing " "required attributes"); goto failed; } if (!eap_sim_supported_ver(data, attr->selected_version)) { wpa_printf(MSG_DEBUG, "EAP-SIM: Peer selected unsupported " "version %d", attr->selected_version); goto failed; } data->counter = 0; /* reset re-auth counter since this is full auth */ data->reauth = NULL; data->num_chal = eap_sim_db_get_gsm_triplets( sm->eap_sim_db_priv, data->permanent, EAP_SIM_MAX_CHAL, (u8 *) data->rand, (u8 *) data->kc, (u8 *) data->sres, sm); if (data->num_chal == EAP_SIM_DB_PENDING) { wpa_printf(MSG_DEBUG, "EAP-SIM: GSM authentication triplets " "not yet available - pending request"); sm->method_pending = METHOD_PENDING_WAIT; return; } if (data->num_chal < 2) { wpa_printf(MSG_INFO, "EAP-SIM: Failed to get GSM " "authentication triplets for the peer"); goto failed; } identity_len = sm->identity_len; while (identity_len > 0 && sm->identity[identity_len - 1] == '\0') { wpa_printf(MSG_DEBUG, "EAP-SIM: Workaround - drop last null " "character from identity"); identity_len--; } wpa_hexdump_ascii(MSG_DEBUG, "EAP-SIM: Identity for MK derivation", sm->identity, identity_len); os_memcpy(data->nonce_mt, attr->nonce_mt, EAP_SIM_NONCE_MT_LEN); WPA_PUT_BE16(ver_list, EAP_SIM_VERSION); eap_sim_derive_mk(sm->identity, identity_len, attr->nonce_mt, attr->selected_version, ver_list, sizeof(ver_list), data->num_chal, (const u8 *) data->kc, data->mk); eap_sim_derive_keys(data->mk, data->k_encr, data->k_aut, data->msk, data->emsk); eap_sim_state(data, CHALLENGE); return; failed: data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH; eap_sim_state(data, NOTIFICATION); }