aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_server/eap_server_sim.c
diff options
context:
space:
mode:
authorMohit Sethi <mohit.sethi@aalto.fi>2019-05-17 11:40:30 (GMT)
committerJouni Malinen <j@w1.fi>2019-05-25 14:05:03 (GMT)
commit1c16b257a081e810caf2ca0926ff4f9e2bb9557c (patch)
treee73b4531a04911c3bad00449d5bc88bd842d3708 /src/eap_server/eap_server_sim.c
parent2f6700c9c6dd41a0770c5fd8fccc1df5f1e39af5 (diff)
downloadhostap-1c16b257a081e810caf2ca0926ff4f9e2bb9557c.zip
hostap-1c16b257a081e810caf2ca0926ff4f9e2bb9557c.tar.gz
hostap-1c16b257a081e810caf2ca0926ff4f9e2bb9557c.tar.bz2
EAP-SIM: Add Session-Id derivation during fast-reauth
The Session-Id derivation for EAP-SIM in RFC 5247 only explained how the Session-Id is derived for regular authentication. Jouni reported it as an errata with text explaining how to derive it during fast reauthentication. This patch now exports the Session-Id for EAP-SIM during fast reauthentication based on this Session-Id = 0x12 || NONCE_S || MAC construction. Signed-off-by: Mohit Sethi <mohit.sethi@aalto.fi>
Diffstat (limited to 'src/eap_server/eap_server_sim.c')
-rw-r--r--src/eap_server/eap_server_sim.c31
1 files changed, 26 insertions, 5 deletions
diff --git a/src/eap_server/eap_server_sim.c b/src/eap_server/eap_server_sim.c
index 1287827..66a0872 100644
--- a/src/eap_server/eap_server_sim.c
+++ b/src/eap_server/eap_server_sim.c
@@ -26,6 +26,7 @@ struct eap_sim_data {
u8 kc[EAP_SIM_MAX_CHAL][EAP_SIM_KC_LEN];
u8 sres[EAP_SIM_MAX_CHAL][EAP_SIM_SRES_LEN];
u8 rand[EAP_SIM_MAX_CHAL][GSM_RAND_LEN];
+ u8 reauth_mac[EAP_SIM_MAC_LEN];
int num_chal;
enum {
START, CHALLENGE, REAUTH, NOTIFICATION, SUCCESS, FAILURE
@@ -249,6 +250,7 @@ static struct wpabuf * eap_sim_build_reauth(struct eap_sm *sm,
struct eap_sim_data *data, u8 id)
{
struct eap_sim_msg *msg;
+ struct wpabuf *buf;
wpa_printf(MSG_DEBUG, "EAP-SIM: Generating Re-authentication");
@@ -278,7 +280,16 @@ static struct wpabuf * eap_sim_build_reauth(struct eap_sm *sm,
wpa_printf(MSG_DEBUG, " AT_MAC");
eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
- return eap_sim_msg_finish(msg, EAP_TYPE_SIM, data->k_aut, NULL, 0);
+ buf = eap_sim_msg_finish(msg, EAP_TYPE_SIM, data->k_aut, NULL, 0);
+
+ /* Remember this MAC before sending it to the peer. This MAC is used for
+ * Session-Id calculation after receiving response from the peer and
+ * after all other checks pass. */
+ os_memcpy(data->reauth_mac,
+ wpabuf_head(buf) + wpabuf_len(buf) - EAP_SIM_MAC_LEN,
+ EAP_SIM_MAC_LEN);
+
+ return buf;
}
@@ -829,15 +840,25 @@ static u8 * eap_sim_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
if (data->state != SUCCESS)
return NULL;
- *len = 1 + data->num_chal * GSM_RAND_LEN + EAP_SIM_NONCE_MT_LEN;
+ if (!data->reauth)
+ *len = 1 + data->num_chal * GSM_RAND_LEN + EAP_SIM_NONCE_MT_LEN;
+ else
+ *len = 1 + EAP_SIM_NONCE_S_LEN + EAP_SIM_MAC_LEN;
id = os_malloc(*len);
if (id == NULL)
return NULL;
id[0] = EAP_TYPE_SIM;
- os_memcpy(id + 1, data->rand, data->num_chal * GSM_RAND_LEN);
- os_memcpy(id + 1 + data->num_chal * GSM_RAND_LEN, data->nonce_mt,
- EAP_SIM_NONCE_MT_LEN);
+ if (!data->reauth) {
+ os_memcpy(id + 1, data->rand, data->num_chal * GSM_RAND_LEN);
+ os_memcpy(id + 1 + data->num_chal * GSM_RAND_LEN,
+ data->nonce_mt, EAP_SIM_NONCE_MT_LEN);
+ } else {
+ os_memcpy(id + 1, data->nonce_s, EAP_SIM_NONCE_S_LEN);
+ os_memcpy(id + 1 + EAP_SIM_NONCE_S_LEN, data->reauth_mac,
+ EAP_SIM_MAC_LEN);
+
+ }
wpa_hexdump(MSG_DEBUG, "EAP-SIM: Derived Session-Id", id, *len);
return id;