aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_common
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-06-08 09:28:36 (GMT)
committerJouni Malinen <j@w1.fi>2014-06-08 09:28:36 (GMT)
commit737754dc2ba75267b6ab22572ad136915fd2a295 (patch)
tree4dd336cc6ee25cf6791c2c6eff8add483dff6f91 /src/eap_common
parentaa6bf6dabc8ac1310c74076c202a5f6302f7c0cc (diff)
downloadhostap-737754dc2ba75267b6ab22572ad136915fd2a295.zip
hostap-737754dc2ba75267b6ab22572ad136915fd2a295.tar.gz
hostap-737754dc2ba75267b6ab22572ad136915fd2a295.tar.bz2
EAP-IKEv2: Remove obsolete ccns.pl project workarounds
It does not look like there is going to be any additional use for this old build option that could be used to build the EAP-IKEv2 peer implementation in a way that interoperates with the eap-ikev2.ccns.pl project. Remove the workarounds that matches incorrect implementation in that project to clean up implementation. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eap_common')
-rw-r--r--src/eap_common/eap_ikev2_common.c10
-rw-r--r--src/eap_common/eap_ikev2_common.h7
-rw-r--r--src/eap_common/ikev2_common.c69
-rw-r--r--src/eap_common/ikev2_common.h4
4 files changed, 0 insertions, 90 deletions
diff --git a/src/eap_common/eap_ikev2_common.c b/src/eap_common/eap_ikev2_common.c
index 6095fd8..da9f3cc 100644
--- a/src/eap_common/eap_ikev2_common.c
+++ b/src/eap_common/eap_ikev2_common.c
@@ -52,22 +52,12 @@ struct wpabuf * eap_ikev2_build_frag_ack(u8 id, u8 code)
{
struct wpabuf *msg;
-#ifdef CCNS_PL
- msg = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_IKEV2, 1, code, id);
- if (msg == NULL) {
- wpa_printf(MSG_ERROR, "EAP-IKEV2: Failed to allocate memory "
- "for fragment ack");
- return NULL;
- }
- wpabuf_put_u8(msg, 0); /* Flags */
-#else /* CCNS_PL */
msg = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_IKEV2, 0, code, id);
if (msg == NULL) {
wpa_printf(MSG_ERROR, "EAP-IKEV2: Failed to allocate memory "
"for fragment ack");
return NULL;
}
-#endif /* CCNS_PL */
wpa_printf(MSG_DEBUG, "EAP-IKEV2: Send fragment ack");
diff --git a/src/eap_common/eap_ikev2_common.h b/src/eap_common/eap_ikev2_common.h
index 329ccc4..e7502d7 100644
--- a/src/eap_common/eap_ikev2_common.h
+++ b/src/eap_common/eap_ikev2_common.h
@@ -9,16 +9,9 @@
#ifndef EAP_IKEV2_COMMON_H
#define EAP_IKEV2_COMMON_H
-#ifdef CCNS_PL
-/* incorrect bit order */
-#define IKEV2_FLAGS_LENGTH_INCLUDED 0x01
-#define IKEV2_FLAGS_MORE_FRAGMENTS 0x02
-#define IKEV2_FLAGS_ICV_INCLUDED 0x04
-#else /* CCNS_PL */
#define IKEV2_FLAGS_LENGTH_INCLUDED 0x80
#define IKEV2_FLAGS_MORE_FRAGMENTS 0x40
#define IKEV2_FLAGS_ICV_INCLUDED 0x20
-#endif /* CCNS_PL */
#define IKEV2_FRAGMENT_SIZE 1400
diff --git a/src/eap_common/ikev2_common.c b/src/eap_common/ikev2_common.c
index f061866..b98a3e8 100644
--- a/src/eap_common/ikev2_common.c
+++ b/src/eap_common/ikev2_common.c
@@ -173,46 +173,12 @@ const struct ikev2_encr_alg * ikev2_get_encr(int id)
}
-#ifdef CCNS_PL
-/* from des.c */
-struct des3_key_s {
- u32 ek[3][32];
- u32 dk[3][32];
-};
-
-void des3_key_setup(const u8 *key, struct des3_key_s *dkey);
-void des3_encrypt(const u8 *plain, const struct des3_key_s *key, u8 *crypt);
-void des3_decrypt(const u8 *crypt, const struct des3_key_s *key, u8 *plain);
-#endif /* CCNS_PL */
-
-
int ikev2_encr_encrypt(int alg, const u8 *key, size_t key_len, const u8 *iv,
const u8 *plain, u8 *crypt, size_t len)
{
struct crypto_cipher *cipher;
int encr_alg;
-#ifdef CCNS_PL
- if (alg == ENCR_3DES) {
- struct des3_key_s des3key;
- size_t i, blocks;
- u8 *pos;
-
- /* ECB mode is used incorrectly for 3DES!? */
- if (key_len != 24) {
- wpa_printf(MSG_INFO, "IKEV2: Invalid encr key length");
- return -1;
- }
- des3_key_setup(key, &des3key);
-
- blocks = len / 8;
- pos = crypt;
- for (i = 0; i < blocks; i++) {
- des3_encrypt(pos, &des3key, pos);
- pos += 8;
- }
- } else {
-#endif /* CCNS_PL */
switch (alg) {
case ENCR_3DES:
encr_alg = CRYPTO_CIPHER_ALG_3DES;
@@ -237,9 +203,6 @@ int ikev2_encr_encrypt(int alg, const u8 *key, size_t key_len, const u8 *iv,
return -1;
}
crypto_cipher_deinit(cipher);
-#ifdef CCNS_PL
- }
-#endif /* CCNS_PL */
return 0;
}
@@ -251,31 +214,6 @@ int ikev2_encr_decrypt(int alg, const u8 *key, size_t key_len, const u8 *iv,
struct crypto_cipher *cipher;
int encr_alg;
-#ifdef CCNS_PL
- if (alg == ENCR_3DES) {
- struct des3_key_s des3key;
- size_t i, blocks;
-
- /* ECB mode is used incorrectly for 3DES!? */
- if (key_len != 24) {
- wpa_printf(MSG_INFO, "IKEV2: Invalid encr key length");
- return -1;
- }
- des3_key_setup(key, &des3key);
-
- if (len % 8) {
- wpa_printf(MSG_INFO, "IKEV2: Invalid encrypted "
- "length");
- return -1;
- }
- blocks = len / 8;
- for (i = 0; i < blocks; i++) {
- des3_decrypt(crypt, &des3key, plain);
- plain += 8;
- crypt += 8;
- }
- } else {
-#endif /* CCNS_PL */
switch (alg) {
case ENCR_3DES:
encr_alg = CRYPTO_CIPHER_ALG_3DES;
@@ -300,9 +238,6 @@ int ikev2_encr_decrypt(int alg, const u8 *key, size_t key_len, const u8 *iv,
return -1;
}
crypto_cipher_deinit(cipher);
-#ifdef CCNS_PL
- }
-#endif /* CCNS_PL */
return 0;
}
@@ -706,10 +641,6 @@ int ikev2_derive_sk_keys(const struct ikev2_prf_alg *prf,
keys->SK_integ_len = integ->key_len;
keys->SK_encr_len = encr->key_len;
keys->SK_prf_len = prf->key_len;
-#ifdef CCNS_PL
- /* Uses encryption key length for SK_d; should be PRF length */
- keys->SK_d_len = keys->SK_encr_len;
-#endif /* CCNS_PL */
keybuf_len = keys->SK_d_len + 2 * keys->SK_integ_len +
2 * keys->SK_encr_len + 2 * keys->SK_prf_len;
diff --git a/src/eap_common/ikev2_common.h b/src/eap_common/ikev2_common.h
index 45c970b..8a7982a 100644
--- a/src/eap_common/ikev2_common.h
+++ b/src/eap_common/ikev2_common.h
@@ -70,11 +70,7 @@ struct ikev2_transform {
/* Current IKEv2 version from RFC 4306 */
#define IKEV2_MjVer 2
#define IKEV2_MnVer 0
-#ifdef CCNS_PL
-#define IKEV2_VERSION ((IKEV2_MjVer) | ((IKEV2_MnVer) << 4))
-#else /* CCNS_PL */
#define IKEV2_VERSION (((IKEV2_MjVer) << 4) | (IKEV2_MnVer))
-#endif /* CCNS_PL */
/* IKEv2 Exchange Types */
enum {