static int ikev2_build_auth(struct ikev2_responder_data *data, struct wpabuf *msg, u8 next_payload)
{
struct ikev2_payload_hdr *phdr;
size_t plen;
const struct ikev2_prf_alg *prf;
wpa_printf(MSG_DEBUG, "IKEV2: Adding AUTH payload");
prf = ikev2_get_prf(data->proposal.prf);
if (prf == NULL) {
return -1;
}
/* Authentication - RFC 4306, Sect. 3.8 */
phdr = wpabuf_put(msg, sizeof(*phdr));
phdr->next_payload = next_payload;
phdr->flags = 0;
wpabuf_put_u8(msg, AUTH_SHARED_KEY_MIC);
wpabuf_put(msg, 3); /* RESERVED */
/* msg | Ni | prf(SK_pr,IDr') */
if (ikev2_derive_auth_data(data->proposal.prf, data->r_sign_msg, data->IDr, data->IDr_len, ID_KEY_ID, &data->keys, 0, data->shared_secret, data->shared_secret_len, data->i_nonce, data->i_nonce_len, data->key_pad, data->key_pad_len, wpabuf_put(msg, prf->hash_len)) < 0) {
wpa_printf(MSG_INFO, "IKEV2: Could not derive AUTH data");
return -1;
}
wpabuf_free(data->r_sign_msg);
data->r_sign_msg = NULL;
plen = (u8 *)wpabuf_put(msg, 0) - (u8 *)phdr;
WPA_PUT_BE16(phdr->payload_length, plen);
return 0;
}
static int ikev2_process_auth_secret(struct ikev2_responder_data *data,
u8 method, const u8 *auth,
size_t auth_len)
{
u8 auth_data[IKEV2_MAX_HASH_LEN];
const struct ikev2_prf_alg *prf;
if (method != AUTH_SHARED_KEY_MIC) {
wpa_printf(MSG_INFO, "IKEV2: Unsupported authentication "
"method %d", method);
return -1;
}
/* msg | Nr | prf(SK_pi,IDi') */
if (ikev2_derive_auth_data(data->proposal.prf, data->i_sign_msg,
data->IDi, data->IDi_len, data->IDi_type,
&data->keys, 1, data->shared_secret,
data->shared_secret_len,
data->r_nonce, data->r_nonce_len,
data->key_pad, data->key_pad_len,
auth_data) < 0) {
wpa_printf(MSG_INFO, "IKEV2: Could not derive AUTH data");
return -1;
}
wpabuf_free(data->i_sign_msg);
data->i_sign_msg = NULL;
prf = ikev2_get_prf(data->proposal.prf);
if (prf == NULL)
return -1;
if (auth_len != prf->hash_len ||
os_memcmp(auth, auth_data, auth_len) != 0) {
wpa_printf(MSG_INFO, "IKEV2: Invalid Authentication Data");
wpa_hexdump(MSG_DEBUG, "IKEV2: Received Authentication Data",
auth, auth_len);
wpa_hexdump(MSG_DEBUG, "IKEV2: Expected Authentication Data",
auth_data, prf->hash_len);
data->error_type = AUTHENTICATION_FAILED;
data->state = NOTIFY;
return -1;
}
wpa_printf(MSG_DEBUG, "IKEV2: Server authenticated successfully "
"using shared keys");
return 0;
}
static int ikev2_process_auth_secret(struct ikev2_initiator_data *data,
u8 method, const u8 *auth,
size_t auth_len)
{
u8 auth_data[IKEV2_MAX_HASH_LEN];
const struct ikev2_prf_alg *prf;
if (method != AUTH_SHARED_KEY_MIC) {
asd_printf(ASD_DEFAULT,MSG_DEBUG, "IKEV2: Unsupported authentication "
"method %d", method);
return -1;
}
/* msg | Ni | prf(SK_pr,IDr') */
if (ikev2_derive_auth_data(data->proposal.prf, data->r_sign_msg,
data->IDr, data->IDr_len, data->IDr_type,
&data->keys, 0, data->shared_secret,
data->shared_secret_len,
data->i_nonce, data->i_nonce_len,
data->key_pad, data->key_pad_len,
auth_data) < 0) {
asd_printf(ASD_DEFAULT,MSG_DEBUG, "IKEV2: Could not derive AUTH data");
return -1;
}
wpabuf_free(data->r_sign_msg);
data->r_sign_msg = NULL;
prf = ikev2_get_prf(data->proposal.prf);
if (prf == NULL)
return -1;
if (auth_len != prf->hash_len ||
os_memcmp(auth, auth_data, auth_len) != 0) {
asd_printf(ASD_DEFAULT,MSG_DEBUG, "IKEV2: Invalid Authentication Data");
wpa_hexdump(MSG_DEBUG, "IKEV2: Received Authentication Data",
auth, auth_len);
wpa_hexdump(MSG_DEBUG, "IKEV2: Expected Authentication Data",
auth_data, prf->hash_len);
return -1;
}
asd_printf(ASD_DEFAULT,MSG_DEBUG, "IKEV2: Peer authenticated successfully "
"using shared keys");
return 0;
}
