eap_psk_common.c
Go to the documentation of this file.00001
00016 #include "includes.h"
00017
00018 #include "common.h"
00019 #include "aes_wrap.h"
00020 #include "eap_defs.h"
00021 #include "eap_psk_common.h"
00022
00023 #define aes_block_size 16
00024
00025
00026 int eap_psk_key_setup(const u8 *psk, u8 *ak, u8 *kdk)
00027 {
00028 os_memset(ak, 0, aes_block_size);
00029 if (aes_128_encrypt_block(psk, ak, ak))
00030 return -1;
00031 os_memcpy(kdk, ak, aes_block_size);
00032 ak[aes_block_size - 1] ^= 0x01;
00033 kdk[aes_block_size - 1] ^= 0x02;
00034 if (aes_128_encrypt_block(psk, ak, ak) ||
00035 aes_128_encrypt_block(psk, kdk, kdk))
00036 return -1;
00037 return 0;
00038 }
00039
00040
00041 int eap_psk_derive_keys(const u8 *kdk, const u8 *rand_p, u8 *tek, u8 *msk,
00042 u8 *emsk)
00043 {
00044 u8 hash[aes_block_size];
00045 u8 counter = 1;
00046 int i;
00047
00048 if (aes_128_encrypt_block(kdk, rand_p, hash))
00049 return -1;
00050
00051 hash[aes_block_size - 1] ^= counter;
00052 if (aes_128_encrypt_block(kdk, hash, tek))
00053 return -1;
00054 hash[aes_block_size - 1] ^= counter;
00055 counter++;
00056
00057 for (i = 0; i < EAP_MSK_LEN / aes_block_size; i++) {
00058 hash[aes_block_size - 1] ^= counter;
00059 if (aes_128_encrypt_block(kdk, hash, &msk[i * aes_block_size]))
00060 return -1;
00061 hash[aes_block_size - 1] ^= counter;
00062 counter++;
00063 }
00064
00065 for (i = 0; i < EAP_EMSK_LEN / aes_block_size; i++) {
00066 hash[aes_block_size - 1] ^= counter;
00067 if (aes_128_encrypt_block(kdk, hash,
00068 &emsk[i * aes_block_size]))
00069 return -1;
00070 hash[aes_block_size - 1] ^= counter;
00071 counter++;
00072 }
00073
00074 return 0;
00075 }
00076
1.6.1
