Lines Matching refs:sm
59 static void eap_aka_fullauth(struct eap_sm *sm, struct eap_aka_data *data);
92 static int eap_aka_check_identity_reauth(struct eap_sm *sm, in eap_aka_check_identity_reauth() argument
104 data->reauth = eap_sim_db_get_reauth_entry(sm->cfg->eap_sim_db_priv, in eap_aka_check_identity_reauth()
113 if (data->reauth->counter > sm->cfg->eap_sim_aka_fast_reauth_limit) { in eap_aka_check_identity_reauth()
116 if (sm->cfg->eap_sim_id & 0x04) { in eap_aka_check_identity_reauth()
121 os_strlcpy(sm->sim_aka_permanent, in eap_aka_check_identity_reauth()
123 sizeof(sm->sim_aka_permanent)); in eap_aka_check_identity_reauth()
124 eap_sim_db_remove_reauth(sm->cfg->eap_sim_db_priv, in eap_aka_check_identity_reauth()
127 eap_aka_fullauth(sm, data); in eap_aka_check_identity_reauth()
155 static void eap_aka_check_identity(struct eap_sm *sm, in eap_aka_check_identity() argument
159 const u8 *identity = sm->identity; in eap_aka_check_identity()
160 size_t identity_len = sm->identity_len; in eap_aka_check_identity()
162 if (sm->sim_aka_permanent[0]) { in eap_aka_check_identity()
163 identity = (const u8 *) sm->sim_aka_permanent; in eap_aka_check_identity()
164 identity_len = os_strlen(sm->sim_aka_permanent); in eap_aka_check_identity()
173 if (eap_aka_check_identity_reauth(sm, data, username) > 0) { in eap_aka_check_identity()
182 if (sm->sim_aka_permanent[0] && data->state == IDENTITY) { in eap_aka_check_identity()
186 os_strlcpy(data->permanent, sm->sim_aka_permanent, in eap_aka_check_identity()
188 eap_aka_fullauth(sm, data); in eap_aka_check_identity()
200 sm->cfg->eap_sim_db_priv, username); in eap_aka_check_identity()
214 eap_aka_fullauth(sm, data); in eap_aka_check_identity()
221 static void * eap_aka_init(struct eap_sm *sm) in eap_aka_init() argument
225 if (!sm->cfg->eap_sim_db_priv) { in eap_aka_init()
238 eap_aka_check_identity(sm, data); in eap_aka_init()
245 static void * eap_aka_prime_init(struct eap_sm *sm) in eap_aka_prime_init() argument
251 if (sm->cfg->eap_sim_db_priv == NULL) { in eap_aka_prime_init()
271 eap_aka_check_identity(sm, data); in eap_aka_prime_init()
278 static void eap_aka_reset(struct eap_sm *sm, void *priv) in eap_aka_reset() argument
389 static struct wpabuf * eap_aka_build_identity(struct eap_sm *sm, in eap_aka_build_identity() argument
411 } else if (sm->identity && sm->identity_len > 0 && in eap_aka_build_identity()
412 (sm->identity[0] == EAP_AKA_REAUTH_ID_PREFIX || in eap_aka_build_identity()
413 sm->identity[0] == EAP_AKA_PRIME_REAUTH_ID_PREFIX)) { in eap_aka_build_identity()
431 static int eap_aka_build_encr(struct eap_sm *sm, struct eap_aka_data *data, in eap_aka_build_encr() argument
436 if (!(sm->cfg->eap_sim_id & 0x01)) { in eap_aka_build_encr()
442 sm->cfg->eap_sim_db_priv, in eap_aka_build_encr()
450 if (!(sm->cfg->eap_sim_id & 0x02)) { in eap_aka_build_encr()
456 sm->cfg->eap_sim_db_priv, in eap_aka_build_encr()
512 static struct wpabuf * eap_aka_build_challenge(struct eap_sm *sm, in eap_aka_build_challenge() argument
541 if (eap_aka_build_encr(sm, data, msg, 0, NULL)) { in eap_aka_build_challenge()
548 if (sm->cfg->eap_sim_aka_result_ind) { in eap_aka_build_challenge()
560 while (sm->user && i < EAP_MAX_METHODS && in eap_aka_build_challenge()
561 (sm->user->methods[i].vendor != EAP_VENDOR_IETF || in eap_aka_build_challenge()
562 sm->user->methods[i].method != EAP_TYPE_NONE)) { in eap_aka_build_challenge()
563 if (sm->user->methods[i].vendor == EAP_VENDOR_IETF) { in eap_aka_build_challenge()
564 if (sm->user->methods[i].method == in eap_aka_build_challenge()
567 if (sm->user->methods[i].method == in eap_aka_build_challenge()
588 static struct wpabuf * eap_aka_build_reauth(struct eap_sm *sm, in eap_aka_build_reauth() argument
603 sm->identity, in eap_aka_build_reauth()
604 sm->identity_len, in eap_aka_build_reauth()
610 eap_sim_derive_keys_reauth(data->counter, sm->identity, in eap_aka_build_reauth()
611 sm->identity_len, data->nonce_s, in eap_aka_build_reauth()
618 if (eap_aka_build_encr(sm, data, msg, data->counter, data->nonce_s)) { in eap_aka_build_reauth()
625 if (sm->cfg->eap_sim_aka_result_ind) { in eap_aka_build_reauth()
645 static struct wpabuf * eap_aka_build_notification(struct eap_sm *sm, in eap_aka_build_notification() argument
684 static struct wpabuf * eap_aka_buildReq(struct eap_sm *sm, void *priv, u8 id) in eap_aka_buildReq() argument
691 return eap_aka_build_identity(sm, data, id); in eap_aka_buildReq()
693 return eap_aka_build_challenge(sm, data, id); in eap_aka_buildReq()
695 return eap_aka_build_reauth(sm, data, id); in eap_aka_buildReq()
697 return eap_aka_build_notification(sm, data, id); in eap_aka_buildReq()
707 static bool eap_aka_check(struct eap_sm *sm, void *priv, in eap_aka_check() argument
771 static void eap_aka_determine_identity(struct eap_sm *sm, in eap_aka_determine_identity() argument
777 sm->identity, sm->identity_len); in eap_aka_determine_identity()
779 username = sim_get_username(sm->identity, sm->identity_len); in eap_aka_determine_identity()
783 if (eap_aka_check_identity_reauth(sm, data, username) > 0) { in eap_aka_determine_identity()
807 sm->cfg->eap_sim_db_priv, username); in eap_aka_determine_identity()
826 } else if (sm->identity_len > 1 && sm->identity[0] == '\0') { in eap_aka_determine_identity()
835 if (!sm->cfg->imsi_privacy_key) { in eap_aka_determine_identity()
841 enc_id = (char *) &sm->identity[1]; in eap_aka_determine_identity()
842 end = (char *) &sm->identity[sm->identity_len]; in eap_aka_determine_identity()
865 dec = crypto_rsa_oaep_sha256_decrypt(sm->cfg->imsi_privacy_key, in eap_aka_determine_identity()
885 os_free(sm->identity); in eap_aka_determine_identity()
886 sm->identity = new_id; in eap_aka_determine_identity()
887 sm->identity_len = wpabuf_len(dec); in eap_aka_determine_identity()
900 eap_aka_fullauth(sm, data); in eap_aka_determine_identity()
909 static void eap_aka_fullauth(struct eap_sm *sm, struct eap_aka_data *data) in eap_aka_fullauth() argument
914 res = eap_sim_db_get_aka_auth(sm->cfg->eap_sim_db_priv, data->permanent, in eap_aka_fullauth()
916 data->ck, data->res, &data->res_len, sm); in eap_aka_fullauth()
920 sm->method_pending = METHOD_PENDING_WAIT; in eap_aka_fullauth()
926 os_strlcpy(sm->imsi, &data->permanent[1], sizeof(sm->imsi)); in eap_aka_fullauth()
949 if (sm->method_pending == METHOD_PENDING_WAIT) { in eap_aka_fullauth()
952 sm->method_pending = METHOD_PENDING_NONE; in eap_aka_fullauth()
955 identity_len = sm->identity_len; in eap_aka_fullauth()
956 while (identity_len > 0 && sm->identity[identity_len - 1] == '\0') { in eap_aka_fullauth()
962 sm->identity, identity_len); in eap_aka_fullauth()
965 eap_aka_prime_derive_keys(sm->identity, identity_len, data->ik, in eap_aka_fullauth()
969 eap_aka_derive_mk(sm->identity, identity_len, data->ik, in eap_aka_fullauth()
979 static void eap_aka_process_identity(struct eap_sm *sm, in eap_aka_process_identity() argument
1014 os_free(sm->identity); in eap_aka_process_identity()
1015 sm->identity = new_identity; in eap_aka_process_identity()
1016 os_memcpy(sm->identity, attr->identity, attr->identity_len); in eap_aka_process_identity()
1017 sm->identity_len = attr->identity_len; in eap_aka_process_identity()
1019 eap_aka_determine_identity(sm, data); in eap_aka_process_identity()
1039 static void eap_aka_process_challenge(struct eap_sm *sm, in eap_aka_process_challenge() argument
1109 if (sm->cfg->eap_sim_aka_result_ind && attr->result_ind) { in eap_aka_process_challenge()
1117 eap_sim_db_add_pseudonym(sm->cfg->eap_sim_db_priv, in eap_aka_process_challenge()
1125 eap_sim_db_add_reauth_prime(sm->cfg->eap_sim_db_priv, in eap_aka_process_challenge()
1133 eap_sim_db_add_reauth(sm->cfg->eap_sim_db_priv, in eap_aka_process_challenge()
1144 static void eap_aka_process_sync_failure(struct eap_sm *sm, in eap_aka_process_sync_failure() argument
1163 eap_sim_db_resynchronize(sm->cfg->eap_sim_db_priv, data->permanent, in eap_aka_process_sync_failure()
1173 eap_aka_fullauth(sm, data); in eap_aka_process_sync_failure()
1177 static void eap_aka_process_reauth(struct eap_sm *sm, in eap_aka_process_reauth() argument
1226 eap_aka_fullauth(sm, data); in eap_aka_process_reauth()
1230 if (sm->cfg->eap_sim_aka_result_ind && attr->result_ind) { in eap_aka_process_reauth()
1240 eap_sim_db_add_reauth_prime(sm->cfg->eap_sim_db_priv, in eap_aka_process_reauth()
1248 eap_sim_db_add_reauth(sm->cfg->eap_sim_db_priv, in eap_aka_process_reauth()
1256 eap_sim_db_remove_reauth(sm->cfg->eap_sim_db_priv, in eap_aka_process_reauth()
1266 eap_sim_db_remove_reauth(sm->cfg->eap_sim_db_priv, data->reauth); in eap_aka_process_reauth()
1272 static void eap_aka_process_client_error(struct eap_sm *sm, in eap_aka_process_client_error() argument
1287 struct eap_sm *sm, struct eap_aka_data *data, in eap_aka_process_authentication_reject() argument
1295 static void eap_aka_process_notification(struct eap_sm *sm, in eap_aka_process_notification() argument
1308 static void eap_aka_process(struct eap_sm *sm, void *priv, in eap_aka_process() argument
1344 eap_aka_process_client_error(sm, data, respData, &attr); in eap_aka_process()
1349 eap_aka_process_authentication_reject(sm, data, respData, in eap_aka_process()
1356 eap_aka_process_identity(sm, data, respData, &attr); in eap_aka_process()
1360 eap_aka_process_sync_failure(sm, data, respData, in eap_aka_process()
1363 eap_aka_process_challenge(sm, data, respData, &attr); in eap_aka_process()
1367 eap_aka_process_reauth(sm, data, respData, &attr); in eap_aka_process()
1370 eap_aka_process_notification(sm, data, respData, &attr); in eap_aka_process()
1380 static bool eap_aka_isDone(struct eap_sm *sm, void *priv) in eap_aka_isDone() argument
1387 static u8 * eap_aka_getKey(struct eap_sm *sm, void *priv, size_t *len) in eap_aka_getKey() argument
1403 static u8 * eap_aka_get_emsk(struct eap_sm *sm, void *priv, size_t *len) in eap_aka_get_emsk() argument
1419 static bool eap_aka_isSuccess(struct eap_sm *sm, void *priv) in eap_aka_isSuccess() argument
1426 static u8 * eap_aka_get_session_id(struct eap_sm *sm, void *priv, size_t *len) in eap_aka_get_session_id() argument