Lines Matching full:identity
143 if (sm->identity) { in eap_aka_init()
144 /* Use the EAP-Response/Identity in MK derivation if AT_IDENTITY in eap_aka_init()
146 data->mk_identity = os_memdup(sm->identity, sm->identity_len); in eap_aka_init()
408 const u8 *identity = NULL; in eap_aka_learn_ids() local
418 /* Look for the realm of the permanent identity */ in eap_aka_learn_ids()
419 identity = eap_get_config_identity(sm, &identity_len); in eap_aka_learn_ids()
420 if (identity) { in eap_aka_learn_ids()
421 for (realm = identity, realm_len = identity_len; in eap_aka_learn_ids()
507 * No EAP-AKA/Identity packets were exchanged - send empty in eap_aka_add_checkcode()
514 /* Checkcode is SHA1/SHA256 hash over all EAP-AKA/Identity packets. */ in eap_aka_add_checkcode()
545 "indicates that AKA/Identity messages were " in eap_aka_verify_checkcode()
557 "indicates that AKA/Identity message were not " in eap_aka_verify_checkcode()
562 /* Checkcode is SHA1/SHA256 hash over all EAP-AKA/Identity packets. */ in eap_aka_verify_checkcode()
647 const u8 *identity, size_t identity_len, in eap_aka_encrypt_identity() argument
654 wpa_hexdump_ascii(MSG_DEBUG, "EAP-AKA: Encrypt permanent identity", in eap_aka_encrypt_identity()
655 identity, identity_len); in eap_aka_encrypt_identity()
657 imsi_buf = wpabuf_alloc_copy(identity, identity_len); in eap_aka_encrypt_identity()
685 wpa_hexdump_ascii(MSG_DEBUG, "EAP-AKA: Encrypted permanent identity", in eap_aka_encrypt_identity()
698 const u8 *identity = NULL; in eap_aka_response_identity() local
707 identity = data->reauth_id; in eap_aka_response_identity()
714 identity = data->pseudonym; in eap_aka_response_identity()
718 identity = eap_get_config_identity(sm, &identity_len); in eap_aka_response_identity()
719 if (identity) { in eap_aka_response_identity()
733 if (identity && data->imsi_privacy_key) { in eap_aka_response_identity()
741 identity, identity_len, attr); in eap_aka_response_identity()
744 "EAP-AKA: Failed to encrypt permanent identity"); in eap_aka_response_identity()
749 /* Use the real identity, not the encrypted one, in MK in eap_aka_response_identity()
752 data->mk_identity = os_memdup(identity, identity_len); in eap_aka_response_identity()
754 identity = wpabuf_head(enc_identity); in eap_aka_response_identity()
760 wpa_printf(MSG_DEBUG, "Generating EAP-AKA Identity (id=%d)", id); in eap_aka_response_identity()
764 if (identity) { in eap_aka_response_identity()
766 identity, identity_len); in eap_aka_response_identity()
768 identity, identity_len); in eap_aka_response_identity()
770 /* Use the IMSI identity override, i.e., the not in eap_aka_response_identity()
772 * externally encrypted identity in configuration. */ in eap_aka_response_identity()
779 /* Use the last AT_IDENTITY value as the identity in in eap_aka_response_identity()
782 data->mk_identity = os_memdup(identity, identity_len); in eap_aka_response_identity()
900 wpa_printf(MSG_DEBUG, "EAP-AKA: subtype Identity"); in eap_aka_process_identity()
1058 const u8 *identity; in eap_aka_process_challenge() local
1175 identity = data->mk_identity; in eap_aka_process_challenge()
1177 wpa_hexdump_ascii(MSG_DEBUG, "EAP-AKA: Selected identity for MK " in eap_aka_process_challenge()
1178 "derivation", identity, identity_len); in eap_aka_process_challenge()
1180 eap_aka_prime_derive_keys(identity, identity_len, data->ik, in eap_aka_process_challenge()
1184 eap_aka_derive_mk(identity, identity_len, data->ik, data->ck, in eap_aka_process_challenge()
1201 /* Old reauthentication identity must not be used anymore. In in eap_aka_process_challenge()
1204 * pseudonym identity or permanent identity). */ in eap_aka_process_challenge()
1478 wpa_printf(MSG_INFO, "EAP-AKA: Identity not configured"); in eap_aka_process()
1590 if (sm->identity) { in eap_aka_init_for_reauth()
1591 /* Use the EAP-Response/Identity in MK derivation if AT_IDENTITY in eap_aka_init_for_reauth()
1594 data->mk_identity = os_memdup(sm->identity, sm->identity_len); in eap_aka_init_for_reauth()