1 /* 2 * EAP server/peer: EAP-PSK shared routines 3 * Copyright (c) 2004-2006, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "includes.h" 10 11 #include "common.h" 12 #include "crypto/aes_wrap.h" 13 #include "eap_defs.h" 14 #include "eap_psk_common.h" 15 16 #define aes_block_size 16 17 18 19 int eap_psk_key_setup(const u8 *psk, u8 *ak, u8 *kdk) 20 { 21 os_memset(ak, 0, aes_block_size); 22 if (aes_128_encrypt_block(psk, ak, ak)) 23 return -1; 24 os_memcpy(kdk, ak, aes_block_size); 25 ak[aes_block_size - 1] ^= 0x01; 26 kdk[aes_block_size - 1] ^= 0x02; 27 if (aes_128_encrypt_block(psk, ak, ak) || 28 aes_128_encrypt_block(psk, kdk, kdk)) 29 return -1; 30 return 0; 31 } 32 33 34 int eap_psk_derive_keys(const u8 *kdk, const u8 *rand_p, u8 *tek, u8 *msk, 35 u8 *emsk) 36 { 37 u8 hash[aes_block_size]; 38 u8 counter = 1; 39 int i; 40 41 if (aes_128_encrypt_block(kdk, rand_p, hash)) 42 return -1; 43 44 hash[aes_block_size - 1] ^= counter; 45 if (aes_128_encrypt_block(kdk, hash, tek)) 46 return -1; 47 hash[aes_block_size - 1] ^= counter; 48 counter++; 49 50 for (i = 0; i < EAP_MSK_LEN / aes_block_size; i++) { 51 hash[aes_block_size - 1] ^= counter; 52 if (aes_128_encrypt_block(kdk, hash, &msk[i * aes_block_size])) 53 return -1; 54 hash[aes_block_size - 1] ^= counter; 55 counter++; 56 } 57 58 for (i = 0; i < EAP_EMSK_LEN / aes_block_size; i++) { 59 hash[aes_block_size - 1] ^= counter; 60 if (aes_128_encrypt_block(kdk, hash, 61 &emsk[i * aes_block_size])) 62 return -1; 63 hash[aes_block_size - 1] ^= counter; 64 counter++; 65 } 66 67 return 0; 68 } 69