aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_common
diff options
context:
space:
mode:
authorHai Shalom <haishalom@google.com>2019-05-29 03:30:41 (GMT)
committerJouni Malinen <j@w1.fi>2019-05-31 13:52:15 (GMT)
commit4df4133917ab45b055f3f3dd80e22ec99fda9045 (patch)
treea0df91c2b067399b3843e8e4df0f3ef30ced3a1e /src/eap_common
parent14d85a5af7fe74682033dbe50891c42e9ffa8c0d (diff)
downloadhostap-4df4133917ab45b055f3f3dd80e22ec99fda9045.zip
hostap-4df4133917ab45b055f3f3dd80e22ec99fda9045.tar.gz
hostap-4df4133917ab45b055f3f3dd80e22ec99fda9045.tar.bz2
EAP-SIM/AKA: Add support for anonymous@realm
SIM-based EAP authentication with IMSI encryption requires a special EAP Identity response: anonymous@realm. Then the server sends AKA-Identity request which is answered with the encrypted IMSI. Add logic that indicates if the special anonymous identity is used. Otherwise, this field is used for storing the pseudonym. Test: Connect to Carrier Wi-Fi, verify correct behavior from captures Test: Connect to non IMSI encrypted EAP-AKA AP, verify pseudonym usage Signed-off-by: Hai Shalom <haishalom@google.com>
Diffstat (limited to 'src/eap_common')
-rw-r--r--src/eap_common/eap_sim_common.c16
-rw-r--r--src/eap_common/eap_sim_common.h1
2 files changed, 17 insertions, 0 deletions
diff --git a/src/eap_common/eap_sim_common.c b/src/eap_common/eap_sim_common.c
index 6290c35..cfdd1bf 100644
--- a/src/eap_common/eap_sim_common.c
+++ b/src/eap_common/eap_sim_common.c
@@ -1203,3 +1203,19 @@ void eap_sim_report_notification(void *msg_ctx, int notification, int aka)
}
}
}
+
+
+int eap_sim_anonymous_username(const u8 *id, size_t id_len)
+{
+ static const char *anonymous_id_prefix = "anonymous@";
+ size_t anonymous_id_len = os_strlen(anonymous_id_prefix);
+
+ if (id_len > anonymous_id_len &&
+ os_memcmp(id, anonymous_id_prefix, anonymous_id_len) == 0)
+ return 1; /* 'anonymous@realm' */
+
+ if (id_len > 1 && id[0] == '@')
+ return 1; /* '@realm' */
+
+ return 0;
+}
diff --git a/src/eap_common/eap_sim_common.h b/src/eap_common/eap_sim_common.h
index daeb0e2..7142b94 100644
--- a/src/eap_common/eap_sim_common.h
+++ b/src/eap_common/eap_sim_common.h
@@ -226,5 +226,6 @@ int eap_sim_msg_add_encr_end(struct eap_sim_msg *msg, u8 *k_encr,
int attr_pad);
void eap_sim_report_notification(void *msg_ctx, int notification, int aka);
+int eap_sim_anonymous_username(const u8 *id, size_t id_len);
#endif /* EAP_SIM_COMMON_H */