EAP server/peer: EAP-PAX shared routines. More...
Go to the source code of this file.
Data Structures | |
| struct | eap_pax_hdr |
Defines | |
| #define | EAP_PAX_FLAGS_MF 0x01 |
| #define | EAP_PAX_FLAGS_CE 0x02 |
| #define | EAP_PAX_FLAGS_AI 0x04 |
| #define | EAP_PAX_MAC_HMAC_SHA1_128 0x01 |
| #define | EAP_PAX_HMAC_SHA256_128 0x02 |
| #define | EAP_PAX_DH_GROUP_NONE 0x00 |
| #define | EAP_PAX_DH_GROUP_2048_MODP 0x01 |
| #define | EAP_PAX_DH_GROUP_3072_MODP 0x02 |
| #define | EAP_PAX_DH_GROUP_NIST_ECC_P_256 0x03 |
| #define | EAP_PAX_PUBLIC_KEY_NONE 0x00 |
| #define | EAP_PAX_PUBLIC_KEY_RSAES_OAEP 0x01 |
| #define | EAP_PAX_PUBLIC_KEY_RSA_PKCS1_V1_5 0x02 |
| #define | EAP_PAX_PUBLIC_KEY_EL_GAMAL_NIST_ECC 0x03 |
| #define | EAP_PAX_ADE_VENDOR_SPECIFIC 0x01 |
| #define | EAP_PAX_ADE_CLIENT_CHANNEL_BINDING 0x02 |
| #define | EAP_PAX_ADE_SERVER_CHANNEL_BINDING 0x03 |
| #define | EAP_PAX_RAND_LEN 32 |
| #define | EAP_PAX_MAC_LEN 16 |
| #define | EAP_PAX_ICV_LEN 16 |
| #define | EAP_PAX_AK_LEN 16 |
| #define | EAP_PAX_MK_LEN 16 |
| #define | EAP_PAX_CK_LEN 16 |
| #define | EAP_PAX_ICK_LEN 16 |
Enumerations | |
| enum | { EAP_PAX_OP_STD_1 = 0x01, EAP_PAX_OP_STD_2 = 0x02, EAP_PAX_OP_STD_3 = 0x03, EAP_PAX_OP_SEC_1 = 0x11, EAP_PAX_OP_SEC_2 = 0x12, EAP_PAX_OP_SEC_3 = 0x13, EAP_PAX_OP_SEC_4 = 0x14, EAP_PAX_OP_SEC_5 = 0x15, EAP_PAX_OP_ACK = 0x21 } |
Functions | |
| int | eap_pax_kdf (u8 mac_id, const u8 *key, size_t key_len, const char *identifier, const u8 *entropy, size_t entropy_len, size_t output_len, u8 *output) |
| PAX Key Derivation Function. | |
| int | eap_pax_mac (u8 mac_id, const u8 *key, size_t key_len, const u8 *data1, size_t data1_len, const u8 *data2, size_t data2_len, const u8 *data3, size_t data3_len, u8 *mac) |
| EAP-PAX MAC. | |
| int | eap_pax_initial_key_derivation (u8 mac_id, const u8 *ak, const u8 *e, u8 *mk, u8 *ck, u8 *ick) |
| EAP-PAX initial key derivation. | |
Variables | |
| struct eap_pax_hdr | STRUCT_PACKED |
EAP server/peer: EAP-PAX shared routines.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation.
Alternatively, this software may be distributed under the terms of BSD license.
See README and COPYING for more details.
Definition in file eap_pax_common.h.
| int eap_pax_initial_key_derivation | ( | u8 | mac_id, | |
| const u8 * | ak, | |||
| const u8 * | e, | |||
| u8 * | mk, | |||
| u8 * | ck, | |||
| u8 * | ick | |||
| ) |
EAP-PAX initial key derivation.
| mac_id | MAC ID (EAP_PAX_MAC_*) / currently, only HMAC_SHA1_128 is supported | |
| ak | Authentication Key | |
| e | Entropy | |
| mk | Buffer for the derived Master Key | |
| ck | Buffer for the derived Confirmation Key | |
| ick | Buffer for the derived Integrity Check Key |
Definition at line 136 of file eap_pax_common.c.
| int eap_pax_kdf | ( | u8 | mac_id, | |
| const u8 * | key, | |||
| size_t | key_len, | |||
| const char * | identifier, | |||
| const u8 * | entropy, | |||
| size_t | entropy_len, | |||
| size_t | output_len, | |||
| u8 * | output | |||
| ) |
PAX Key Derivation Function.
| mac_id | MAC ID (EAP_PAX_MAC_*) / currently, only HMAC_SHA1_128 is supported | |
| key | Secret key (X) | |
| key_len | Length of the secret key in bytes | |
| identifier | Public identifier for the key (Y) | |
| entropy | Exchanged entropy to seed the KDF (Z) | |
| entropy_len | Length of the entropy in bytes | |
| output_len | Output len in bytes (W) | |
| output | Buffer for the derived key |
RFC 4746, Section 2.6: PAX-KDF-W(X, Y, Z)
Definition at line 38 of file eap_pax_common.c.
| int eap_pax_mac | ( | u8 | mac_id, | |
| const u8 * | key, | |||
| size_t | key_len, | |||
| const u8 * | data1, | |||
| size_t | data1_len, | |||
| const u8 * | data2, | |||
| size_t | data2_len, | |||
| const u8 * | data3, | |||
| size_t | data3_len, | |||
| u8 * | mac | |||
| ) |
EAP-PAX MAC.
| mac_id | MAC ID (EAP_PAX_MAC_*) / currently, only HMAC_SHA1_128 is supported | |
| key | Secret key | |
| key_len | Length of the secret key in bytes | |
| data1 | Optional data, first block; NULL if not used | |
| data1_len | Length of data1 in bytes | |
| data2 | Optional data, second block; NULL if not used | |
| data2_len | Length of data2 in bytes | |
| data3 | Optional data, third block; NULL if not used | |
| data3_len | Length of data3 in bytes | |
| mac | Buffer for the MAC value (EAP_PAX_MAC_LEN = 16 bytes) |
Wrapper function to calculate EAP-PAX MAC.
Definition at line 95 of file eap_pax_common.c.
1.6.1
