1  /*
2   * EAP server/peer: EAP-SAKE shared routines
3   * Copyright (c) 2006-2019, Jouni Malinen <j@w1.fi>
4   *
5   * This software may be distributed under the terms of the BSD license.
6   * See README for more details.
7   */
8  
9  #ifndef EAP_SAKE_COMMON_H
10  #define EAP_SAKE_COMMON_H
11  
12  #define EAP_SAKE_VERSION 2
13  
14  #define EAP_SAKE_SUBTYPE_CHALLENGE 1
15  #define EAP_SAKE_SUBTYPE_CONFIRM 2
16  #define EAP_SAKE_SUBTYPE_AUTH_REJECT 3
17  #define EAP_SAKE_SUBTYPE_IDENTITY 4
18  
19  #define EAP_SAKE_AT_RAND_S 1
20  #define EAP_SAKE_AT_RAND_P 2
21  #define EAP_SAKE_AT_MIC_S 3
22  #define EAP_SAKE_AT_MIC_P 4
23  #define EAP_SAKE_AT_SERVERID 5
24  #define EAP_SAKE_AT_PEERID 6
25  #define EAP_SAKE_AT_SPI_S 7
26  #define EAP_SAKE_AT_SPI_P 8
27  #define EAP_SAKE_AT_ANY_ID_REQ 9
28  #define EAP_SAKE_AT_PERM_ID_REQ 10
29  #define EAP_SAKE_AT_ENCR_DATA 128
30  #define EAP_SAKE_AT_IV 129
31  #define EAP_SAKE_AT_PADDING 130
32  #define EAP_SAKE_AT_NEXT_TMPID 131
33  #define EAP_SAKE_AT_MSK_LIFE 132
34  
35  #define EAP_SAKE_RAND_LEN 16
36  #define EAP_SAKE_MIC_LEN 16
37  #define EAP_SAKE_ROOT_SECRET_LEN 16
38  #define EAP_SAKE_SMS_LEN 16
39  #define EAP_SAKE_TEK_AUTH_LEN 16
40  #define EAP_SAKE_TEK_CIPHER_LEN 16
41  #define EAP_SAKE_TEK_LEN (EAP_SAKE_TEK_AUTH_LEN + EAP_SAKE_TEK_CIPHER_LEN)
42  
43  #ifdef _MSC_VER
44  #pragma pack(push, 1)
45  #endif /* _MSC_VER */
46  
47  struct eap_sake_hdr {
48  	u8 version; /* EAP_SAKE_VERSION */
49  	u8 session_id;
50  	u8 subtype;
51  } STRUCT_PACKED;
52  
53  #ifdef _MSC_VER
54  #pragma pack(pop)
55  #endif /* _MSC_VER */
56  
57  
58  struct eap_sake_parse_attr {
59  	const u8 *rand_s;
60  	const u8 *rand_p;
61  	const u8 *mic_s;
62  	const u8 *mic_p;
63  	const u8 *serverid;
64  	size_t serverid_len;
65  	const u8 *peerid;
66  	size_t peerid_len;
67  	const u8 *spi_s;
68  	size_t spi_s_len;
69  	const u8 *spi_p;
70  	size_t spi_p_len;
71  	const u8 *any_id_req;
72  	const u8 *perm_id_req;
73  	const u8 *encr_data;
74  	size_t encr_data_len;
75  	const u8 *iv;
76  	size_t iv_len;
77  	const u8 *next_tmpid;
78  	size_t next_tmpid_len;
79  	const u8 *msk_life;
80  };
81  
82  int eap_sake_parse_attributes(const u8 *buf, size_t len,
83  			      struct eap_sake_parse_attr *attr);
84  int eap_sake_derive_keys(const u8 *root_secret_a, const u8 *root_secret_b,
85  			 const u8 *rand_s, const u8 *rand_p,
86  			 u8 *tek, u8 *msk, u8 *emsk);
87  int eap_sake_compute_mic(const u8 *tek_auth,
88  			 const u8 *rand_s, const u8 *rand_p,
89  			 const u8 *serverid, size_t serverid_len,
90  			 const u8 *peerid, size_t peerid_len,
91  			 int peer, const u8 *eap, size_t eap_len,
92  			 const u8 *mic_pos, u8 *mic);
93  void eap_sake_add_attr(struct wpabuf *buf, u8 type, const u8 *data,
94  		       size_t len);
95  
96  #endif /* EAP_SAKE_COMMON_H */
97