1 /* 2 * EAP server/peer: EAP-PSK shared routines 3 * Copyright (c) 2004-2006, Jouni Malinen <j@w1.fi> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * Alternatively, this software may be distributed under the terms of BSD 10 * license. 11 * 12 * See README and COPYING for more details. 13 */ 14 15 #include "includes.h" 16 17 #include "common.h" 18 #include "crypto/aes_wrap.h" 19 #include "eap_defs.h" 20 #include "eap_psk_common.h" 21 22 #define aes_block_size 16 23 24 25 int eap_psk_key_setup(const u8 *psk, u8 *ak, u8 *kdk) 26 { 27 os_memset(ak, 0, aes_block_size); 28 if (aes_128_encrypt_block(psk, ak, ak)) 29 return -1; 30 os_memcpy(kdk, ak, aes_block_size); 31 ak[aes_block_size - 1] ^= 0x01; 32 kdk[aes_block_size - 1] ^= 0x02; 33 if (aes_128_encrypt_block(psk, ak, ak) || 34 aes_128_encrypt_block(psk, kdk, kdk)) 35 return -1; 36 return 0; 37 } 38 39 40 int eap_psk_derive_keys(const u8 *kdk, const u8 *rand_p, u8 *tek, u8 *msk, 41 u8 *emsk) 42 { 43 u8 hash[aes_block_size]; 44 u8 counter = 1; 45 int i; 46 47 if (aes_128_encrypt_block(kdk, rand_p, hash)) 48 return -1; 49 50 hash[aes_block_size - 1] ^= counter; 51 if (aes_128_encrypt_block(kdk, hash, tek)) 52 return -1; 53 hash[aes_block_size - 1] ^= counter; 54 counter++; 55 56 for (i = 0; i < EAP_MSK_LEN / aes_block_size; i++) { 57 hash[aes_block_size - 1] ^= counter; 58 if (aes_128_encrypt_block(kdk, hash, &msk[i * aes_block_size])) 59 return -1; 60 hash[aes_block_size - 1] ^= counter; 61 counter++; 62 } 63 64 for (i = 0; i < EAP_EMSK_LEN / aes_block_size; i++) { 65 hash[aes_block_size - 1] ^= counter; 66 if (aes_128_encrypt_block(kdk, hash, 67 &emsk[i * aes_block_size])) 68 return -1; 69 hash[aes_block_size - 1] ^= counter; 70 counter++; 71 } 72 73 return 0; 74 } 75