Lines Matching refs:data
57 static void eap_eke_state(struct eap_eke_data *data, int state) in eap_eke_state() argument
60 eap_eke_state_txt(data->state), eap_eke_state_txt(state)); in eap_eke_state()
61 data->state = state; in eap_eke_state()
70 struct eap_eke_data *data; in eap_eke_init() local
81 data = os_zalloc(sizeof(*data)); in eap_eke_init()
82 if (data == NULL) in eap_eke_init()
84 eap_eke_state(data, IDENTITY); in eap_eke_init()
88 data->peerid = os_memdup(identity, identity_len); in eap_eke_init()
89 if (data->peerid == NULL) { in eap_eke_init()
90 eap_eke_deinit(sm, data); in eap_eke_init()
93 data->peerid_len = identity_len; in eap_eke_init()
102 data->dhgroup = atoi(pos + 8); in eap_eke_init()
104 data->dhgroup); in eap_eke_init()
109 data->encr = atoi(pos + 5); in eap_eke_init()
111 data->encr); in eap_eke_init()
116 data->prf = atoi(pos + 4); in eap_eke_init()
118 data->prf); in eap_eke_init()
123 data->mac = atoi(pos + 4); in eap_eke_init()
125 data->mac); in eap_eke_init()
129 return data; in eap_eke_init()
135 struct eap_eke_data *data = priv; in eap_eke_deinit() local
136 eap_eke_session_clean(&data->sess); in eap_eke_deinit()
137 os_free(data->serverid); in eap_eke_deinit()
138 os_free(data->peerid); in eap_eke_deinit()
139 wpabuf_free(data->msgs); in eap_eke_deinit()
140 bin_clear_free(data, sizeof(*data)); in eap_eke_deinit()
144 static struct wpabuf * eap_eke_build_msg(struct eap_eke_data *data, int id, in eap_eke_build_msg() argument
195 static struct wpabuf * eap_eke_build_fail(struct eap_eke_data *data, in eap_eke_build_fail() argument
204 resp = eap_eke_build_msg(data, id, 4, EAP_EKE_FAILURE); in eap_eke_build_fail()
208 os_memset(data->dh_priv, 0, sizeof(data->dh_priv)); in eap_eke_build_fail()
209 eap_eke_session_clean(&data->sess); in eap_eke_build_fail()
211 eap_eke_state(data, FAILURE); in eap_eke_build_fail()
220 static struct wpabuf * eap_eke_process_id(struct eap_eke_data *data, in eap_eke_process_id() argument
233 if (data->state != IDENTITY) { in eap_eke_process_id()
234 return eap_eke_build_fail(data, ret, id, in eap_eke_process_id()
242 return eap_eke_build_fail(data, ret, id, in eap_eke_process_id()
255 return eap_eke_build_fail(data, ret, id, in eap_eke_process_id()
266 if ((data->dhgroup && data->dhgroup != *tmp) || in eap_eke_process_id()
270 if ((data->encr && data->encr != *tmp) || in eap_eke_process_id()
274 if ((data->prf && data->prf != *tmp) || in eap_eke_process_id()
278 if ((data->mac && data->mac != *tmp) || in eap_eke_process_id()
283 if (eap_eke_session_init(&data->sess, prop[0], prop[1], prop[2], in eap_eke_process_id()
295 return eap_eke_build_fail(data, ret, id, in eap_eke_process_id()
303 return eap_eke_build_fail(data, ret, id, in eap_eke_process_id()
311 os_free(data->serverid); in eap_eke_process_id()
312 data->serverid = os_memdup(pos, end - pos); in eap_eke_process_id()
313 if (data->serverid == NULL) { in eap_eke_process_id()
314 return eap_eke_build_fail(data, ret, id, in eap_eke_process_id()
317 data->serverid_len = end - pos; in eap_eke_process_id()
321 resp = eap_eke_build_msg(data, id, in eap_eke_process_id()
322 2 + 4 + 1 + data->peerid_len, in eap_eke_process_id()
325 return eap_eke_build_fail(data, ret, id, in eap_eke_process_id()
333 if (data->peerid) in eap_eke_process_id()
334 wpabuf_put_data(resp, data->peerid, data->peerid_len); in eap_eke_process_id()
336 wpabuf_free(data->msgs); in eap_eke_process_id()
337 data->msgs = wpabuf_alloc(wpabuf_len(reqData) + wpabuf_len(resp)); in eap_eke_process_id()
338 if (data->msgs == NULL) { in eap_eke_process_id()
340 return eap_eke_build_fail(data, ret, id, in eap_eke_process_id()
343 wpabuf_put_buf(data->msgs, reqData); in eap_eke_process_id()
344 wpabuf_put_buf(data->msgs, resp); in eap_eke_process_id()
346 eap_eke_state(data, COMMIT); in eap_eke_process_id()
353 struct eap_eke_data *data, in eap_eke_process_commit() argument
369 if (data->state != COMMIT) { in eap_eke_process_commit()
370 …wpa_printf(MSG_DEBUG, "EAP-EKE: EAP-EKE-Commit/Request received in unexpected state (%d)", data->s… in eap_eke_process_commit()
371 return eap_eke_build_fail(data, ret, id, in eap_eke_process_commit()
380 return eap_eke_build_fail(data, ret, id, in eap_eke_process_commit()
387 if (pos + data->sess.dhcomp_len > end) { in eap_eke_process_commit()
389 return eap_eke_build_fail(data, ret, id, in eap_eke_process_commit()
394 pos, data->sess.dhcomp_len); in eap_eke_process_commit()
396 pos += data->sess.dhcomp_len; in eap_eke_process_commit()
403 if (eap_eke_derive_key(&data->sess, password, password_len, in eap_eke_process_commit()
404 data->serverid, data->serverid_len, in eap_eke_process_commit()
405 data->peerid, data->peerid_len, key) < 0) { in eap_eke_process_commit()
407 return eap_eke_build_fail(data, ret, id, in eap_eke_process_commit()
415 if (eap_eke_dh_init(data->sess.dhgroup, data->dh_priv, pub) < 0) { in eap_eke_process_commit()
418 return eap_eke_build_fail(data, ret, id, in eap_eke_process_commit()
422 if (eap_eke_shared_secret(&data->sess, key, data->dh_priv, dhcomp) < 0) in eap_eke_process_commit()
426 return eap_eke_build_fail(data, ret, id, in eap_eke_process_commit()
430 if (eap_eke_derive_ke_ki(&data->sess, in eap_eke_process_commit()
431 data->serverid, data->serverid_len, in eap_eke_process_commit()
432 data->peerid, data->peerid_len) < 0) { in eap_eke_process_commit()
435 return eap_eke_build_fail(data, ret, id, in eap_eke_process_commit()
441 resp = eap_eke_build_msg(data, id, in eap_eke_process_commit()
442 data->sess.dhcomp_len + data->sess.pnonce_len, in eap_eke_process_commit()
446 return eap_eke_build_fail(data, ret, id, in eap_eke_process_commit()
451 rpos = wpabuf_put(resp, data->sess.dhcomp_len); in eap_eke_process_commit()
452 if (eap_eke_dhcomp(&data->sess, key, pub, rpos) < 0) { in eap_eke_process_commit()
456 return eap_eke_build_fail(data, ret, id, in eap_eke_process_commit()
462 rpos, data->sess.dhcomp_len); in eap_eke_process_commit()
464 if (random_get_bytes(data->nonce_p, data->sess.nonce_len)) { in eap_eke_process_commit()
466 return eap_eke_build_fail(data, ret, id, in eap_eke_process_commit()
470 data->nonce_p, data->sess.nonce_len); in eap_eke_process_commit()
472 if (eap_eke_prot(&data->sess, data->nonce_p, data->sess.nonce_len, in eap_eke_process_commit()
475 return eap_eke_build_fail(data, ret, id, in eap_eke_process_commit()
484 if (wpabuf_resize(&data->msgs, wpabuf_len(reqData) + wpabuf_len(resp)) in eap_eke_process_commit()
487 return eap_eke_build_fail(data, ret, id, in eap_eke_process_commit()
490 wpabuf_put_buf(data->msgs, reqData); in eap_eke_process_commit()
491 wpabuf_put_buf(data->msgs, resp); in eap_eke_process_commit()
493 eap_eke_state(data, CONFIRM); in eap_eke_process_commit()
499 static struct wpabuf * eap_eke_process_confirm(struct eap_eke_data *data, in eap_eke_process_confirm() argument
514 if (data->state != CONFIRM) { in eap_eke_process_confirm()
516 data->state); in eap_eke_process_confirm()
517 return eap_eke_build_fail(data, ret, id, in eap_eke_process_confirm()
526 if (pos + data->sess.pnonce_ps_len + data->sess.prf_len > end) { in eap_eke_process_confirm()
528 return eap_eke_build_fail(data, ret, id, in eap_eke_process_confirm()
533 if (eap_eke_decrypt_prot(&data->sess, pos, data->sess.pnonce_ps_len, in eap_eke_process_confirm()
536 return eap_eke_build_fail(data, ret, id, in eap_eke_process_confirm()
539 if (decrypt_len != (size_t) 2 * data->sess.nonce_len) { in eap_eke_process_confirm()
541 return eap_eke_build_fail(data, ret, id, in eap_eke_process_confirm()
545 nonces, 2 * data->sess.nonce_len); in eap_eke_process_confirm()
546 if (os_memcmp(data->nonce_p, nonces, data->sess.nonce_len) != 0) { in eap_eke_process_confirm()
548 return eap_eke_build_fail(data, ret, id, in eap_eke_process_confirm()
552 os_memcpy(data->nonce_s, nonces + data->sess.nonce_len, in eap_eke_process_confirm()
553 data->sess.nonce_len); in eap_eke_process_confirm()
555 data->nonce_s, data->sess.nonce_len); in eap_eke_process_confirm()
557 if (eap_eke_derive_ka(&data->sess, data->serverid, data->serverid_len, in eap_eke_process_confirm()
558 data->peerid, data->peerid_len, in eap_eke_process_confirm()
559 data->nonce_p, data->nonce_s) < 0) { in eap_eke_process_confirm()
560 return eap_eke_build_fail(data, ret, id, in eap_eke_process_confirm()
564 if (eap_eke_auth(&data->sess, "EAP-EKE server", data->msgs, auth_s) < 0) in eap_eke_process_confirm()
566 return eap_eke_build_fail(data, ret, id, in eap_eke_process_confirm()
569 wpa_hexdump(MSG_DEBUG, "EAP-EKE: Auth_S", auth_s, data->sess.prf_len); in eap_eke_process_confirm()
570 if (os_memcmp_const(auth_s, pos + data->sess.pnonce_ps_len, in eap_eke_process_confirm()
571 data->sess.prf_len) != 0) { in eap_eke_process_confirm()
573 return eap_eke_build_fail(data, ret, id, in eap_eke_process_confirm()
579 resp = eap_eke_build_msg(data, id, in eap_eke_process_confirm()
580 data->sess.pnonce_len + data->sess.prf_len, in eap_eke_process_confirm()
583 return eap_eke_build_fail(data, ret, id, in eap_eke_process_confirm()
588 if (eap_eke_prot(&data->sess, data->nonce_s, data->sess.nonce_len, in eap_eke_process_confirm()
591 return eap_eke_build_fail(data, ret, id, in eap_eke_process_confirm()
596 auth = wpabuf_put(resp, data->sess.prf_len); in eap_eke_process_confirm()
597 if (eap_eke_auth(&data->sess, "EAP-EKE peer", data->msgs, auth) < 0) { in eap_eke_process_confirm()
599 return eap_eke_build_fail(data, ret, id, in eap_eke_process_confirm()
602 wpa_hexdump(MSG_DEBUG, "EAP-EKE: Auth_P", auth, data->sess.prf_len); in eap_eke_process_confirm()
604 if (eap_eke_derive_msk(&data->sess, data->serverid, data->serverid_len, in eap_eke_process_confirm()
605 data->peerid, data->peerid_len, in eap_eke_process_confirm()
606 data->nonce_s, data->nonce_p, in eap_eke_process_confirm()
607 data->msk, data->emsk) < 0) { in eap_eke_process_confirm()
610 return eap_eke_build_fail(data, ret, id, in eap_eke_process_confirm()
614 os_memset(data->dh_priv, 0, sizeof(data->dh_priv)); in eap_eke_process_confirm()
615 eap_eke_session_clean(&data->sess); in eap_eke_process_confirm()
617 eap_eke_state(data, SUCCESS); in eap_eke_process_confirm()
626 static struct wpabuf * eap_eke_process_failure(struct eap_eke_data *data, in eap_eke_process_failure() argument
642 return eap_eke_build_fail(data, ret, eap_get_id(reqData), in eap_eke_process_failure()
651 struct eap_eke_data *data = priv; in eap_eke_process() local
676 resp = eap_eke_process_id(data, ret, reqData, pos, end - pos); in eap_eke_process()
679 resp = eap_eke_process_commit(sm, data, ret, reqData, in eap_eke_process()
683 resp = eap_eke_process_confirm(data, ret, reqData, in eap_eke_process()
687 resp = eap_eke_process_failure(data, ret, reqData, in eap_eke_process()
705 struct eap_eke_data *data = priv; in eap_eke_isKeyAvailable() local
706 return data->state == SUCCESS; in eap_eke_isKeyAvailable()
712 struct eap_eke_data *data = priv; in eap_eke_getKey() local
715 if (data->state != SUCCESS) in eap_eke_getKey()
718 key = os_memdup(data->msk, EAP_MSK_LEN); in eap_eke_getKey()
729 struct eap_eke_data *data = priv; in eap_eke_get_emsk() local
732 if (data->state != SUCCESS) in eap_eke_get_emsk()
735 key = os_memdup(data->emsk, EAP_EMSK_LEN); in eap_eke_get_emsk()
746 struct eap_eke_data *data = priv; in eap_eke_get_session_id() local
750 if (data->state != SUCCESS) in eap_eke_get_session_id()
753 sid_len = 1 + 2 * data->sess.nonce_len; in eap_eke_get_session_id()
758 os_memcpy(sid + 1, data->nonce_p, data->sess.nonce_len); in eap_eke_get_session_id()
759 os_memcpy(sid + 1 + data->sess.nonce_len, data->nonce_s, in eap_eke_get_session_id()
760 data->sess.nonce_len); in eap_eke_get_session_id()