src/eap_peer/eap_fast_pac.c

39beb93cSSam Leffler/*
39beb93cSSam Leffler * EAP peer method: EAP-FAST PAC file processing
39beb93cSSam Leffler * Copyright (c) 2004-2006, Jouni Malinen <j@w1.fi>
39beb93cSSam Leffler *
f05cddf9SRui Paulo * This software may be distributed under the terms of the BSD license.
f05cddf9SRui Paulo * See README for more details.
39beb93cSSam Leffler */
39beb93cSSam Leffler
39beb93cSSam Leffler#include "includes.h"
39beb93cSSam Leffler
39beb93cSSam Leffler#include "common.h"
39beb93cSSam Leffler#include "eap_config.h"
39beb93cSSam Leffler#include "eap_i.h"
39beb93cSSam Leffler#include "eap_fast_pac.h"
39beb93cSSam Leffler
39beb93cSSam Leffler/* TODO: encrypt PAC-Key in the PAC file */
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Leffler/* Text data format */
39beb93cSSam Lefflerstatic const char *pac_file_hdr =
39beb93cSSam Leffler	"wpa_supplicant EAP-FAST PAC file - version 1";
39beb93cSSam Leffler
39beb93cSSam Leffler/*
39beb93cSSam Leffler * Binary data format
39beb93cSSam Leffler * 4-octet magic value: 6A E4 92 0C
39beb93cSSam Leffler * 2-octet version (big endian)
39beb93cSSam Leffler * <version specific data>
39beb93cSSam Leffler *
39beb93cSSam Leffler * version=0:
39beb93cSSam Leffler * Sequence of PAC entries:
39beb93cSSam Leffler *   2-octet PAC-Type (big endian)
39beb93cSSam Leffler *   32-octet PAC-Key
39beb93cSSam Leffler *   2-octet PAC-Opaque length (big endian)
39beb93cSSam Leffler *   <variable len> PAC-Opaque data (length bytes)
39beb93cSSam Leffler *   2-octet PAC-Info length (big endian)
39beb93cSSam Leffler *   <variable len> PAC-Info data (length bytes)
39beb93cSSam Leffler */
39beb93cSSam Leffler
39beb93cSSam Leffler#define EAP_FAST_PAC_BINARY_MAGIC 0x6ae4920c
39beb93cSSam Leffler#define EAP_FAST_PAC_BINARY_FORMAT_VERSION 0
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Leffler/**
39beb93cSSam Leffler * eap_fast_free_pac - Free PAC data
39beb93cSSam Leffler * @pac: Pointer to the PAC entry
39beb93cSSam Leffler *
39beb93cSSam Leffler * Note that the PAC entry must not be in a list since this function does not
39beb93cSSam Leffler * remove the list links.
39beb93cSSam Leffler */
39beb93cSSam Lefflervoid eap_fast_free_pac(struct eap_fast_pac *pac)
39beb93cSSam Leffler{
39beb93cSSam Leffler	os_free(pac->pac_opaque);
39beb93cSSam Leffler	os_free(pac->pac_info);
39beb93cSSam Leffler	os_free(pac->a_id);
39beb93cSSam Leffler	os_free(pac->i_id);
39beb93cSSam Leffler	os_free(pac->a_id_info);
39beb93cSSam Leffler	os_free(pac);
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Leffler/**
39beb93cSSam Leffler * eap_fast_get_pac - Get a PAC entry based on A-ID
39beb93cSSam Leffler * @pac_root: Pointer to root of the PAC list
39beb93cSSam Leffler * @a_id: A-ID to search for
39beb93cSSam Leffler * @a_id_len: Length of A-ID
39beb93cSSam Leffler * @pac_type: PAC-Type to search for
39beb93cSSam Leffler * Returns: Pointer to the PAC entry, or %NULL if A-ID not found
39beb93cSSam Leffler */
39beb93cSSam Lefflerstruct eap_fast_pac * eap_fast_get_pac(struct eap_fast_pac *pac_root,
39beb93cSSam Leffler				       const u8 *a_id, size_t a_id_len,
39beb93cSSam Leffler				       u16 pac_type)
39beb93cSSam Leffler{
39beb93cSSam Leffler	struct eap_fast_pac *pac = pac_root;
39beb93cSSam Leffler
39beb93cSSam Leffler	while (pac) {
39beb93cSSam Leffler		if (pac->pac_type == pac_type && pac->a_id_len == a_id_len &&
39beb93cSSam Leffler		    os_memcmp(pac->a_id, a_id, a_id_len) == 0) {
39beb93cSSam Leffler			return pac;
39beb93cSSam Leffler		}
39beb93cSSam Leffler		pac = pac->next;
39beb93cSSam Leffler	}
39beb93cSSam Leffler	return NULL;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic void eap_fast_remove_pac(struct eap_fast_pac **pac_root,
39beb93cSSam Leffler				struct eap_fast_pac **pac_current,
39beb93cSSam Leffler				const u8 *a_id, size_t a_id_len, u16 pac_type)
39beb93cSSam Leffler{
39beb93cSSam Leffler	struct eap_fast_pac *pac, *prev;
39beb93cSSam Leffler
39beb93cSSam Leffler	pac = *pac_root;
39beb93cSSam Leffler	prev = NULL;
39beb93cSSam Leffler
39beb93cSSam Leffler	while (pac) {
39beb93cSSam Leffler		if (pac->pac_type == pac_type && pac->a_id_len == a_id_len &&
39beb93cSSam Leffler		    os_memcmp(pac->a_id, a_id, a_id_len) == 0) {
39beb93cSSam Leffler			if (prev == NULL)
39beb93cSSam Leffler				*pac_root = pac->next;
39beb93cSSam Leffler			else
39beb93cSSam Leffler				prev->next = pac->next;
39beb93cSSam Leffler			if (*pac_current == pac)
39beb93cSSam Leffler				*pac_current = NULL;
39beb93cSSam Leffler			eap_fast_free_pac(pac);
39beb93cSSam Leffler			break;
39beb93cSSam Leffler		}
39beb93cSSam Leffler		prev = pac;
39beb93cSSam Leffler		pac = pac->next;
39beb93cSSam Leffler	}
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic int eap_fast_copy_buf(u8 **dst, size_t *dst_len,
39beb93cSSam Leffler			     const u8 *src, size_t src_len)
39beb93cSSam Leffler{
39beb93cSSam Leffler	if (src) {
*85732ac8SCy Schubert		*dst = os_memdup(src, src_len);
39beb93cSSam Leffler		if (*dst == NULL)
39beb93cSSam Leffler			return -1;
39beb93cSSam Leffler		*dst_len = src_len;
39beb93cSSam Leffler	}
39beb93cSSam Leffler	return 0;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Leffler/**
39beb93cSSam Leffler * eap_fast_add_pac - Add a copy of a PAC entry to a list
39beb93cSSam Leffler * @pac_root: Pointer to PAC list root pointer
39beb93cSSam Leffler * @pac_current: Pointer to the current PAC pointer
39beb93cSSam Leffler * @entry: New entry to clone and add to the list
39beb93cSSam Leffler * Returns: 0 on success, -1 on failure
39beb93cSSam Leffler *
39beb93cSSam Leffler * This function makes a clone of the given PAC entry and adds this copied
39beb93cSSam Leffler * entry to the list (pac_root). If an old entry for the same A-ID is found,
39beb93cSSam Leffler * it will be removed from the PAC list and in this case, pac_current entry
39beb93cSSam Leffler * is set to %NULL if it was the removed entry.
39beb93cSSam Leffler */
39beb93cSSam Lefflerint eap_fast_add_pac(struct eap_fast_pac **pac_root,
39beb93cSSam Leffler		     struct eap_fast_pac **pac_current,
39beb93cSSam Leffler		     struct eap_fast_pac *entry)
39beb93cSSam Leffler{
39beb93cSSam Leffler	struct eap_fast_pac *pac;
39beb93cSSam Leffler
39beb93cSSam Leffler	if (entry == NULL || entry->a_id == NULL)
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler
39beb93cSSam Leffler	/* Remove a possible old entry for the matching A-ID. */
39beb93cSSam Leffler	eap_fast_remove_pac(pac_root, pac_current,
39beb93cSSam Leffler			    entry->a_id, entry->a_id_len, entry->pac_type);
39beb93cSSam Leffler
39beb93cSSam Leffler	/* Allocate a new entry and add it to the list of PACs. */
39beb93cSSam Leffler	pac = os_zalloc(sizeof(*pac));
39beb93cSSam Leffler	if (pac == NULL)
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler
39beb93cSSam Leffler	pac->pac_type = entry->pac_type;
39beb93cSSam Leffler	os_memcpy(pac->pac_key, entry->pac_key, EAP_FAST_PAC_KEY_LEN);
39beb93cSSam Leffler	if (eap_fast_copy_buf(&pac->pac_opaque, &pac->pac_opaque_len,
39beb93cSSam Leffler			      entry->pac_opaque, entry->pac_opaque_len) < 0 ||
39beb93cSSam Leffler	    eap_fast_copy_buf(&pac->pac_info, &pac->pac_info_len,
39beb93cSSam Leffler			      entry->pac_info, entry->pac_info_len) < 0 ||
39beb93cSSam Leffler	    eap_fast_copy_buf(&pac->a_id, &pac->a_id_len,
39beb93cSSam Leffler			      entry->a_id, entry->a_id_len) < 0 ||
39beb93cSSam Leffler	    eap_fast_copy_buf(&pac->i_id, &pac->i_id_len,
39beb93cSSam Leffler			      entry->i_id, entry->i_id_len) < 0 ||
39beb93cSSam Leffler	    eap_fast_copy_buf(&pac->a_id_info, &pac->a_id_info_len,
39beb93cSSam Leffler			      entry->a_id_info, entry->a_id_info_len) < 0) {
39beb93cSSam Leffler		eap_fast_free_pac(pac);
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	pac->next = *pac_root;
39beb93cSSam Leffler	*pac_root = pac;
39beb93cSSam Leffler
39beb93cSSam Leffler	return 0;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstruct eap_fast_read_ctx {
39beb93cSSam Leffler	FILE *f;
39beb93cSSam Leffler	const char *pos;
39beb93cSSam Leffler	const char *end;
39beb93cSSam Leffler	int line;
39beb93cSSam Leffler	char *buf;
39beb93cSSam Leffler	size_t buf_len;
39beb93cSSam Leffler};
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic int eap_fast_read_line(struct eap_fast_read_ctx *rc, char **value)
39beb93cSSam Leffler{
39beb93cSSam Leffler	char *pos;
39beb93cSSam Leffler
39beb93cSSam Leffler	rc->line++;
39beb93cSSam Leffler	if (rc->f) {
39beb93cSSam Leffler		if (fgets(rc->buf, rc->buf_len, rc->f) == NULL)
39beb93cSSam Leffler			return -1;
39beb93cSSam Leffler	} else {
39beb93cSSam Leffler		const char *l_end;
39beb93cSSam Leffler		size_t len;
39beb93cSSam Leffler		if (rc->pos >= rc->end)
39beb93cSSam Leffler			return -1;
39beb93cSSam Leffler		l_end = rc->pos;
39beb93cSSam Leffler		while (l_end < rc->end && *l_end != '\n')
39beb93cSSam Leffler			l_end++;
39beb93cSSam Leffler		len = l_end - rc->pos;
39beb93cSSam Leffler		if (len >= rc->buf_len)
39beb93cSSam Leffler			len = rc->buf_len - 1;
39beb93cSSam Leffler		os_memcpy(rc->buf, rc->pos, len);
39beb93cSSam Leffler		rc->buf[len] = '\0';
39beb93cSSam Leffler		rc->pos = l_end + 1;
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	rc->buf[rc->buf_len - 1] = '\0';
39beb93cSSam Leffler	pos = rc->buf;
39beb93cSSam Leffler	while (*pos != '\0') {
39beb93cSSam Leffler		if (*pos == '\n' || *pos == '\r') {
39beb93cSSam Leffler			*pos = '\0';
39beb93cSSam Leffler			break;
39beb93cSSam Leffler		}
39beb93cSSam Leffler		pos++;
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	pos = os_strchr(rc->buf, '=');
39beb93cSSam Leffler	if (pos)
39beb93cSSam Leffler		*pos++ = '\0';
39beb93cSSam Leffler	*value = pos;
39beb93cSSam Leffler
39beb93cSSam Leffler	return 0;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic u8 * eap_fast_parse_hex(const char *value, size_t *len)
39beb93cSSam Leffler{
39beb93cSSam Leffler	int hlen;
39beb93cSSam Leffler	u8 *buf;
39beb93cSSam Leffler
39beb93cSSam Leffler	if (value == NULL)
39beb93cSSam Leffler		return NULL;
39beb93cSSam Leffler	hlen = os_strlen(value);
39beb93cSSam Leffler	if (hlen & 1)
39beb93cSSam Leffler		return NULL;
39beb93cSSam Leffler	*len = hlen / 2;
39beb93cSSam Leffler	buf = os_malloc(*len);
39beb93cSSam Leffler	if (buf == NULL)
39beb93cSSam Leffler		return NULL;
39beb93cSSam Leffler	if (hexstr2bin(value, buf, *len)) {
39beb93cSSam Leffler		os_free(buf);
39beb93cSSam Leffler		return NULL;
39beb93cSSam Leffler	}
39beb93cSSam Leffler	return buf;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic int eap_fast_init_pac_data(struct eap_sm *sm, const char *pac_file,
39beb93cSSam Leffler				  struct eap_fast_read_ctx *rc)
39beb93cSSam Leffler{
39beb93cSSam Leffler	os_memset(rc, 0, sizeof(*rc));
39beb93cSSam Leffler
39beb93cSSam Leffler	rc->buf_len = 2048;
39beb93cSSam Leffler	rc->buf = os_malloc(rc->buf_len);
39beb93cSSam Leffler	if (rc->buf == NULL)
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler
39beb93cSSam Leffler	if (os_strncmp(pac_file, "blob://", 7) == 0) {
39beb93cSSam Leffler		const struct wpa_config_blob *blob;
39beb93cSSam Leffler		blob = eap_get_config_blob(sm, pac_file + 7);
39beb93cSSam Leffler		if (blob == NULL) {
39beb93cSSam Leffler			wpa_printf(MSG_INFO, "EAP-FAST: No PAC blob '%s' - "
39beb93cSSam Leffler				   "assume no PAC entries have been "
39beb93cSSam Leffler				   "provisioned", pac_file + 7);
39beb93cSSam Leffler			os_free(rc->buf);
39beb93cSSam Leffler			return -1;
39beb93cSSam Leffler		}
39beb93cSSam Leffler		rc->pos = (char *) blob->data;
39beb93cSSam Leffler		rc->end = (char *) blob->data + blob->len;
39beb93cSSam Leffler	} else {
39beb93cSSam Leffler		rc->f = fopen(pac_file, "rb");
39beb93cSSam Leffler		if (rc->f == NULL) {
39beb93cSSam Leffler			wpa_printf(MSG_INFO, "EAP-FAST: No PAC file '%s' - "
39beb93cSSam Leffler				   "assume no PAC entries have been "
39beb93cSSam Leffler				   "provisioned", pac_file);
39beb93cSSam Leffler			os_free(rc->buf);
39beb93cSSam Leffler			return -1;
39beb93cSSam Leffler		}
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	return 0;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic void eap_fast_deinit_pac_data(struct eap_fast_read_ctx *rc)
39beb93cSSam Leffler{
39beb93cSSam Leffler	os_free(rc->buf);
39beb93cSSam Leffler	if (rc->f)
39beb93cSSam Leffler		fclose(rc->f);
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic const char * eap_fast_parse_start(struct eap_fast_pac **pac)
39beb93cSSam Leffler{
39beb93cSSam Leffler	if (*pac)
39beb93cSSam Leffler		return "START line without END";
39beb93cSSam Leffler
39beb93cSSam Leffler	*pac = os_zalloc(sizeof(struct eap_fast_pac));
39beb93cSSam Leffler	if (*pac == NULL)
39beb93cSSam Leffler		return "No memory for PAC entry";
39beb93cSSam Leffler	(*pac)->pac_type = PAC_TYPE_TUNNEL_PAC;
39beb93cSSam Leffler	return NULL;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic const char * eap_fast_parse_end(struct eap_fast_pac **pac_root,
39beb93cSSam Leffler				       struct eap_fast_pac **pac)
39beb93cSSam Leffler{
39beb93cSSam Leffler	if (*pac == NULL)
39beb93cSSam Leffler		return "END line without START";
39beb93cSSam Leffler	if (*pac_root) {
39beb93cSSam Leffler		struct eap_fast_pac *end = *pac_root;
39beb93cSSam Leffler		while (end->next)
39beb93cSSam Leffler			end = end->next;
39beb93cSSam Leffler		end->next = *pac;
39beb93cSSam Leffler	} else
39beb93cSSam Leffler		*pac_root = *pac;
39beb93cSSam Leffler
39beb93cSSam Leffler	*pac = NULL;
39beb93cSSam Leffler	return NULL;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic const char * eap_fast_parse_pac_type(struct eap_fast_pac *pac,
39beb93cSSam Leffler					    char *pos)
39beb93cSSam Leffler{
5b9c547cSRui Paulo	if (!pos)
5b9c547cSRui Paulo		return "Cannot parse pac type";
39beb93cSSam Leffler	pac->pac_type = atoi(pos);
39beb93cSSam Leffler	if (pac->pac_type != PAC_TYPE_TUNNEL_PAC &&
39beb93cSSam Leffler	    pac->pac_type != PAC_TYPE_USER_AUTHORIZATION &&
39beb93cSSam Leffler	    pac->pac_type != PAC_TYPE_MACHINE_AUTHENTICATION)
39beb93cSSam Leffler		return "Unrecognized PAC-Type";
39beb93cSSam Leffler
39beb93cSSam Leffler	return NULL;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic const char * eap_fast_parse_pac_key(struct eap_fast_pac *pac, char *pos)
39beb93cSSam Leffler{
39beb93cSSam Leffler	u8 *key;
39beb93cSSam Leffler	size_t key_len;
39beb93cSSam Leffler
39beb93cSSam Leffler	key = eap_fast_parse_hex(pos, &key_len);
39beb93cSSam Leffler	if (key == NULL || key_len != EAP_FAST_PAC_KEY_LEN) {
39beb93cSSam Leffler		os_free(key);
39beb93cSSam Leffler		return "Invalid PAC-Key";
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	os_memcpy(pac->pac_key, key, EAP_FAST_PAC_KEY_LEN);
39beb93cSSam Leffler	os_free(key);
39beb93cSSam Leffler
39beb93cSSam Leffler	return NULL;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic const char * eap_fast_parse_pac_opaque(struct eap_fast_pac *pac,
39beb93cSSam Leffler					      char *pos)
39beb93cSSam Leffler{
39beb93cSSam Leffler	os_free(pac->pac_opaque);
39beb93cSSam Leffler	pac->pac_opaque = eap_fast_parse_hex(pos, &pac->pac_opaque_len);
39beb93cSSam Leffler	if (pac->pac_opaque == NULL)
39beb93cSSam Leffler		return "Invalid PAC-Opaque";
39beb93cSSam Leffler	return NULL;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic const char * eap_fast_parse_a_id(struct eap_fast_pac *pac, char *pos)
39beb93cSSam Leffler{
39beb93cSSam Leffler	os_free(pac->a_id);
39beb93cSSam Leffler	pac->a_id = eap_fast_parse_hex(pos, &pac->a_id_len);
39beb93cSSam Leffler	if (pac->a_id == NULL)
39beb93cSSam Leffler		return "Invalid A-ID";
39beb93cSSam Leffler	return NULL;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic const char * eap_fast_parse_i_id(struct eap_fast_pac *pac, char *pos)
39beb93cSSam Leffler{
39beb93cSSam Leffler	os_free(pac->i_id);
39beb93cSSam Leffler	pac->i_id = eap_fast_parse_hex(pos, &pac->i_id_len);
39beb93cSSam Leffler	if (pac->i_id == NULL)
39beb93cSSam Leffler		return "Invalid I-ID";
39beb93cSSam Leffler	return NULL;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic const char * eap_fast_parse_a_id_info(struct eap_fast_pac *pac,
39beb93cSSam Leffler					     char *pos)
39beb93cSSam Leffler{
39beb93cSSam Leffler	os_free(pac->a_id_info);
39beb93cSSam Leffler	pac->a_id_info = eap_fast_parse_hex(pos, &pac->a_id_info_len);
39beb93cSSam Leffler	if (pac->a_id_info == NULL)
39beb93cSSam Leffler		return "Invalid A-ID-Info";
39beb93cSSam Leffler	return NULL;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Leffler/**
39beb93cSSam Leffler * eap_fast_load_pac - Load PAC entries (text format)
39beb93cSSam Leffler * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
39beb93cSSam Leffler * @pac_root: Pointer to root of the PAC list (to be filled)
39beb93cSSam Leffler * @pac_file: Name of the PAC file/blob to load
39beb93cSSam Leffler * Returns: 0 on success, -1 on failure
39beb93cSSam Leffler */
39beb93cSSam Lefflerint eap_fast_load_pac(struct eap_sm *sm, struct eap_fast_pac **pac_root,
39beb93cSSam Leffler		      const char *pac_file)
39beb93cSSam Leffler{
39beb93cSSam Leffler	struct eap_fast_read_ctx rc;
39beb93cSSam Leffler	struct eap_fast_pac *pac = NULL;
39beb93cSSam Leffler	int count = 0;
39beb93cSSam Leffler	char *pos;
39beb93cSSam Leffler	const char *err = NULL;
39beb93cSSam Leffler
39beb93cSSam Leffler	if (pac_file == NULL)
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler
39beb93cSSam Leffler	if (eap_fast_init_pac_data(sm, pac_file, &rc) < 0)
39beb93cSSam Leffler		return 0;
39beb93cSSam Leffler
f05cddf9SRui Paulo	if (eap_fast_read_line(&rc, &pos) < 0) {
f05cddf9SRui Paulo		/* empty file - assume it is fine to overwrite */
f05cddf9SRui Paulo		eap_fast_deinit_pac_data(&rc);
f05cddf9SRui Paulo		return 0;
f05cddf9SRui Paulo	}
f05cddf9SRui Paulo	if (os_strcmp(pac_file_hdr, rc.buf) != 0)
39beb93cSSam Leffler		err = "Unrecognized header line";
39beb93cSSam Leffler
39beb93cSSam Leffler	while (!err && eap_fast_read_line(&rc, &pos) == 0) {
39beb93cSSam Leffler		if (os_strcmp(rc.buf, "START") == 0)
39beb93cSSam Leffler			err = eap_fast_parse_start(&pac);
39beb93cSSam Leffler		else if (os_strcmp(rc.buf, "END") == 0) {
39beb93cSSam Leffler			err = eap_fast_parse_end(pac_root, &pac);
39beb93cSSam Leffler			count++;
39beb93cSSam Leffler		} else if (!pac)
39beb93cSSam Leffler			err = "Unexpected line outside START/END block";
39beb93cSSam Leffler		else if (os_strcmp(rc.buf, "PAC-Type") == 0)
39beb93cSSam Leffler			err = eap_fast_parse_pac_type(pac, pos);
39beb93cSSam Leffler		else if (os_strcmp(rc.buf, "PAC-Key") == 0)
39beb93cSSam Leffler			err = eap_fast_parse_pac_key(pac, pos);
39beb93cSSam Leffler		else if (os_strcmp(rc.buf, "PAC-Opaque") == 0)
39beb93cSSam Leffler			err = eap_fast_parse_pac_opaque(pac, pos);
39beb93cSSam Leffler		else if (os_strcmp(rc.buf, "A-ID") == 0)
39beb93cSSam Leffler			err = eap_fast_parse_a_id(pac, pos);
39beb93cSSam Leffler		else if (os_strcmp(rc.buf, "I-ID") == 0)
39beb93cSSam Leffler			err = eap_fast_parse_i_id(pac, pos);
39beb93cSSam Leffler		else if (os_strcmp(rc.buf, "A-ID-Info") == 0)
39beb93cSSam Leffler			err = eap_fast_parse_a_id_info(pac, pos);
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	if (pac) {
780fb4a2SCy Schubert		if (!err)
39beb93cSSam Leffler			err = "PAC block not terminated with END";
39beb93cSSam Leffler		eap_fast_free_pac(pac);
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	eap_fast_deinit_pac_data(&rc);
39beb93cSSam Leffler
39beb93cSSam Leffler	if (err) {
39beb93cSSam Leffler		wpa_printf(MSG_INFO, "EAP-FAST: %s in '%s:%d'",
39beb93cSSam Leffler			   err, pac_file, rc.line);
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	wpa_printf(MSG_DEBUG, "EAP-FAST: Read %d PAC entries from '%s'",
39beb93cSSam Leffler		   count, pac_file);
39beb93cSSam Leffler
39beb93cSSam Leffler	return 0;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic void eap_fast_write(char **buf, char **pos, size_t *buf_len,
39beb93cSSam Leffler			   const char *field, const u8 *data,
39beb93cSSam Leffler			   size_t len, int txt)
39beb93cSSam Leffler{
39beb93cSSam Leffler	size_t i, need;
39beb93cSSam Leffler	int ret;
e28a4053SRui Paulo	char *end;
39beb93cSSam Leffler
e28a4053SRui Paulo	if (data == NULL || buf == NULL || *buf == NULL ||
e28a4053SRui Paulo	    pos == NULL || *pos == NULL || *pos < *buf)
39beb93cSSam Leffler		return;
39beb93cSSam Leffler
39beb93cSSam Leffler	need = os_strlen(field) + len * 2 + 30;
39beb93cSSam Leffler	if (txt)
39beb93cSSam Leffler		need += os_strlen(field) + len + 20;
39beb93cSSam Leffler
39beb93cSSam Leffler	if (*pos - *buf + need > *buf_len) {
39beb93cSSam Leffler		char *nbuf = os_realloc(*buf, *buf_len + need);
39beb93cSSam Leffler		if (nbuf == NULL) {
39beb93cSSam Leffler			os_free(*buf);
39beb93cSSam Leffler			*buf = NULL;
39beb93cSSam Leffler			return;
39beb93cSSam Leffler		}
f05cddf9SRui Paulo		*pos = nbuf + (*pos - *buf);
39beb93cSSam Leffler		*buf = nbuf;
39beb93cSSam Leffler		*buf_len += need;
39beb93cSSam Leffler	}
e28a4053SRui Paulo	end = *buf + *buf_len;
39beb93cSSam Leffler
e28a4053SRui Paulo	ret = os_snprintf(*pos, end - *pos, "%s=", field);
5b9c547cSRui Paulo	if (os_snprintf_error(end - *pos, ret))
39beb93cSSam Leffler		return;
39beb93cSSam Leffler	*pos += ret;
e28a4053SRui Paulo	*pos += wpa_snprintf_hex(*pos, end - *pos, data, len);
e28a4053SRui Paulo	ret = os_snprintf(*pos, end - *pos, "\n");
5b9c547cSRui Paulo	if (os_snprintf_error(end - *pos, ret))
39beb93cSSam Leffler		return;
39beb93cSSam Leffler	*pos += ret;
39beb93cSSam Leffler
39beb93cSSam Leffler	if (txt) {
e28a4053SRui Paulo		ret = os_snprintf(*pos, end - *pos, "%s-txt=", field);
5b9c547cSRui Paulo		if (os_snprintf_error(end - *pos, ret))
39beb93cSSam Leffler			return;
39beb93cSSam Leffler		*pos += ret;
39beb93cSSam Leffler		for (i = 0; i < len; i++) {
e28a4053SRui Paulo			ret = os_snprintf(*pos, end - *pos, "%c", data[i]);
5b9c547cSRui Paulo			if (os_snprintf_error(end - *pos, ret))
39beb93cSSam Leffler				return;
39beb93cSSam Leffler			*pos += ret;
39beb93cSSam Leffler		}
e28a4053SRui Paulo		ret = os_snprintf(*pos, end - *pos, "\n");
5b9c547cSRui Paulo		if (os_snprintf_error(end - *pos, ret))
39beb93cSSam Leffler			return;
39beb93cSSam Leffler		*pos += ret;
39beb93cSSam Leffler	}
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic int eap_fast_write_pac(struct eap_sm *sm, const char *pac_file,
39beb93cSSam Leffler			      char *buf, size_t len)
39beb93cSSam Leffler{
39beb93cSSam Leffler	if (os_strncmp(pac_file, "blob://", 7) == 0) {
39beb93cSSam Leffler		struct wpa_config_blob *blob;
39beb93cSSam Leffler		blob = os_zalloc(sizeof(*blob));
39beb93cSSam Leffler		if (blob == NULL)
39beb93cSSam Leffler			return -1;
39beb93cSSam Leffler		blob->data = (u8 *) buf;
39beb93cSSam Leffler		blob->len = len;
39beb93cSSam Leffler		buf = NULL;
39beb93cSSam Leffler		blob->name = os_strdup(pac_file + 7);
39beb93cSSam Leffler		if (blob->name == NULL) {
39beb93cSSam Leffler			os_free(blob);
39beb93cSSam Leffler			return -1;
39beb93cSSam Leffler		}
39beb93cSSam Leffler		eap_set_config_blob(sm, blob);
39beb93cSSam Leffler	} else {
39beb93cSSam Leffler		FILE *f;
39beb93cSSam Leffler		f = fopen(pac_file, "wb");
39beb93cSSam Leffler		if (f == NULL) {
39beb93cSSam Leffler			wpa_printf(MSG_INFO, "EAP-FAST: Failed to open PAC "
39beb93cSSam Leffler				   "file '%s' for writing", pac_file);
39beb93cSSam Leffler			return -1;
39beb93cSSam Leffler		}
39beb93cSSam Leffler		if (fwrite(buf, 1, len, f) != len) {
39beb93cSSam Leffler			wpa_printf(MSG_INFO, "EAP-FAST: Failed to write all "
39beb93cSSam Leffler				   "PACs into '%s'", pac_file);
39beb93cSSam Leffler			fclose(f);
39beb93cSSam Leffler			return -1;
39beb93cSSam Leffler		}
39beb93cSSam Leffler		os_free(buf);
39beb93cSSam Leffler		fclose(f);
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	return 0;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic int eap_fast_add_pac_data(struct eap_fast_pac *pac, char **buf,
39beb93cSSam Leffler				 char **pos, size_t *buf_len)
39beb93cSSam Leffler{
39beb93cSSam Leffler	int ret;
39beb93cSSam Leffler
39beb93cSSam Leffler	ret = os_snprintf(*pos, *buf + *buf_len - *pos,
39beb93cSSam Leffler			  "START\nPAC-Type=%d\n", pac->pac_type);
5b9c547cSRui Paulo	if (os_snprintf_error(*buf + *buf_len - *pos, ret))
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler
39beb93cSSam Leffler	*pos += ret;
39beb93cSSam Leffler	eap_fast_write(buf, pos, buf_len, "PAC-Key",
39beb93cSSam Leffler		       pac->pac_key, EAP_FAST_PAC_KEY_LEN, 0);
39beb93cSSam Leffler	eap_fast_write(buf, pos, buf_len, "PAC-Opaque",
39beb93cSSam Leffler		       pac->pac_opaque, pac->pac_opaque_len, 0);
39beb93cSSam Leffler	eap_fast_write(buf, pos, buf_len, "PAC-Info",
39beb93cSSam Leffler		       pac->pac_info, pac->pac_info_len, 0);
39beb93cSSam Leffler	eap_fast_write(buf, pos, buf_len, "A-ID",
39beb93cSSam Leffler		       pac->a_id, pac->a_id_len, 0);
39beb93cSSam Leffler	eap_fast_write(buf, pos, buf_len, "I-ID",
39beb93cSSam Leffler		       pac->i_id, pac->i_id_len, 1);
39beb93cSSam Leffler	eap_fast_write(buf, pos, buf_len, "A-ID-Info",
39beb93cSSam Leffler		       pac->a_id_info, pac->a_id_info_len, 1);
39beb93cSSam Leffler	if (*buf == NULL) {
39beb93cSSam Leffler		wpa_printf(MSG_DEBUG, "EAP-FAST: No memory for PAC "
39beb93cSSam Leffler			   "data");
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler	}
39beb93cSSam Leffler	ret = os_snprintf(*pos, *buf + *buf_len - *pos, "END\n");
5b9c547cSRui Paulo	if (os_snprintf_error(*buf + *buf_len - *pos, ret))
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler	*pos += ret;
39beb93cSSam Leffler
39beb93cSSam Leffler	return 0;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Leffler/**
39beb93cSSam Leffler * eap_fast_save_pac - Save PAC entries (text format)
39beb93cSSam Leffler * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
39beb93cSSam Leffler * @pac_root: Root of the PAC list
39beb93cSSam Leffler * @pac_file: Name of the PAC file/blob
39beb93cSSam Leffler * Returns: 0 on success, -1 on failure
39beb93cSSam Leffler */
39beb93cSSam Lefflerint eap_fast_save_pac(struct eap_sm *sm, struct eap_fast_pac *pac_root,
39beb93cSSam Leffler		      const char *pac_file)
39beb93cSSam Leffler{
39beb93cSSam Leffler	struct eap_fast_pac *pac;
39beb93cSSam Leffler	int ret, count = 0;
39beb93cSSam Leffler	char *buf, *pos;
39beb93cSSam Leffler	size_t buf_len;
39beb93cSSam Leffler
39beb93cSSam Leffler	if (pac_file == NULL)
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler
39beb93cSSam Leffler	buf_len = 1024;
39beb93cSSam Leffler	pos = buf = os_malloc(buf_len);
39beb93cSSam Leffler	if (buf == NULL)
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler
39beb93cSSam Leffler	ret = os_snprintf(pos, buf + buf_len - pos, "%s\n", pac_file_hdr);
5b9c547cSRui Paulo	if (os_snprintf_error(buf + buf_len - pos, ret)) {
39beb93cSSam Leffler		os_free(buf);
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler	}
39beb93cSSam Leffler	pos += ret;
39beb93cSSam Leffler
39beb93cSSam Leffler	pac = pac_root;
39beb93cSSam Leffler	while (pac) {
39beb93cSSam Leffler		if (eap_fast_add_pac_data(pac, &buf, &pos, &buf_len)) {
39beb93cSSam Leffler			os_free(buf);
39beb93cSSam Leffler			return -1;
39beb93cSSam Leffler		}
39beb93cSSam Leffler		count++;
39beb93cSSam Leffler		pac = pac->next;
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	if (eap_fast_write_pac(sm, pac_file, buf, pos - buf)) {
39beb93cSSam Leffler		os_free(buf);
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	wpa_printf(MSG_DEBUG, "EAP-FAST: Wrote %d PAC entries into '%s'",
39beb93cSSam Leffler		   count, pac_file);
39beb93cSSam Leffler
39beb93cSSam Leffler	return 0;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Leffler/**
39beb93cSSam Leffler * eap_fast_pac_list_truncate - Truncate a PAC list to the given length
39beb93cSSam Leffler * @pac_root: Root of the PAC list
39beb93cSSam Leffler * @max_len: Maximum length of the list (>= 1)
39beb93cSSam Leffler * Returns: Number of PAC entries removed
39beb93cSSam Leffler */
39beb93cSSam Lefflersize_t eap_fast_pac_list_truncate(struct eap_fast_pac *pac_root,
39beb93cSSam Leffler				  size_t max_len)
39beb93cSSam Leffler{
39beb93cSSam Leffler	struct eap_fast_pac *pac, *prev;
39beb93cSSam Leffler	size_t count;
39beb93cSSam Leffler
39beb93cSSam Leffler	pac = pac_root;
39beb93cSSam Leffler	prev = NULL;
39beb93cSSam Leffler	count = 0;
39beb93cSSam Leffler
39beb93cSSam Leffler	while (pac) {
39beb93cSSam Leffler		count++;
39beb93cSSam Leffler		if (count > max_len)
39beb93cSSam Leffler			break;
39beb93cSSam Leffler		prev = pac;
39beb93cSSam Leffler		pac = pac->next;
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	if (count <= max_len || prev == NULL)
39beb93cSSam Leffler		return 0;
39beb93cSSam Leffler
39beb93cSSam Leffler	count = 0;
39beb93cSSam Leffler	prev->next = NULL;
39beb93cSSam Leffler
39beb93cSSam Leffler	while (pac) {
39beb93cSSam Leffler		prev = pac;
39beb93cSSam Leffler		pac = pac->next;
39beb93cSSam Leffler		eap_fast_free_pac(prev);
39beb93cSSam Leffler		count++;
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	return count;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Lefflerstatic void eap_fast_pac_get_a_id(struct eap_fast_pac *pac)
39beb93cSSam Leffler{
39beb93cSSam Leffler	u8 *pos, *end;
39beb93cSSam Leffler	u16 type, len;
39beb93cSSam Leffler
39beb93cSSam Leffler	pos = pac->pac_info;
39beb93cSSam Leffler	end = pos + pac->pac_info_len;
39beb93cSSam Leffler
780fb4a2SCy Schubert	while (end - pos > 4) {
39beb93cSSam Leffler		type = WPA_GET_BE16(pos);
39beb93cSSam Leffler		pos += 2;
39beb93cSSam Leffler		len = WPA_GET_BE16(pos);
39beb93cSSam Leffler		pos += 2;
5b9c547cSRui Paulo		if (len > (unsigned int) (end - pos))
39beb93cSSam Leffler			break;
39beb93cSSam Leffler
39beb93cSSam Leffler		if (type == PAC_TYPE_A_ID) {
39beb93cSSam Leffler			os_free(pac->a_id);
*85732ac8SCy Schubert			pac->a_id = os_memdup(pos, len);
39beb93cSSam Leffler			if (pac->a_id == NULL)
39beb93cSSam Leffler				break;
39beb93cSSam Leffler			pac->a_id_len = len;
39beb93cSSam Leffler		}
39beb93cSSam Leffler
39beb93cSSam Leffler		if (type == PAC_TYPE_A_ID_INFO) {
39beb93cSSam Leffler			os_free(pac->a_id_info);
*85732ac8SCy Schubert			pac->a_id_info = os_memdup(pos, len);
39beb93cSSam Leffler			if (pac->a_id_info == NULL)
39beb93cSSam Leffler				break;
39beb93cSSam Leffler			pac->a_id_info_len = len;
39beb93cSSam Leffler		}
39beb93cSSam Leffler
39beb93cSSam Leffler		pos += len;
39beb93cSSam Leffler	}
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Leffler/**
39beb93cSSam Leffler * eap_fast_load_pac_bin - Load PAC entries (binary format)
39beb93cSSam Leffler * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
39beb93cSSam Leffler * @pac_root: Pointer to root of the PAC list (to be filled)
39beb93cSSam Leffler * @pac_file: Name of the PAC file/blob to load
39beb93cSSam Leffler * Returns: 0 on success, -1 on failure
39beb93cSSam Leffler */
39beb93cSSam Lefflerint eap_fast_load_pac_bin(struct eap_sm *sm, struct eap_fast_pac **pac_root,
39beb93cSSam Leffler			  const char *pac_file)
39beb93cSSam Leffler{
39beb93cSSam Leffler	const struct wpa_config_blob *blob = NULL;
39beb93cSSam Leffler	u8 *buf, *end, *pos;
39beb93cSSam Leffler	size_t len, count = 0;
39beb93cSSam Leffler	struct eap_fast_pac *pac, *prev;
39beb93cSSam Leffler
39beb93cSSam Leffler	*pac_root = NULL;
39beb93cSSam Leffler
39beb93cSSam Leffler	if (pac_file == NULL)
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler
39beb93cSSam Leffler	if (os_strncmp(pac_file, "blob://", 7) == 0) {
39beb93cSSam Leffler		blob = eap_get_config_blob(sm, pac_file + 7);
39beb93cSSam Leffler		if (blob == NULL) {
39beb93cSSam Leffler			wpa_printf(MSG_INFO, "EAP-FAST: No PAC blob '%s' - "
39beb93cSSam Leffler				   "assume no PAC entries have been "
39beb93cSSam Leffler				   "provisioned", pac_file + 7);
39beb93cSSam Leffler			return 0;
39beb93cSSam Leffler		}
39beb93cSSam Leffler		buf = blob->data;
39beb93cSSam Leffler		len = blob->len;
39beb93cSSam Leffler	} else {
39beb93cSSam Leffler		buf = (u8 *) os_readfile(pac_file, &len);
39beb93cSSam Leffler		if (buf == NULL) {
39beb93cSSam Leffler			wpa_printf(MSG_INFO, "EAP-FAST: No PAC file '%s' - "
39beb93cSSam Leffler				   "assume no PAC entries have been "
39beb93cSSam Leffler				   "provisioned", pac_file);
39beb93cSSam Leffler			return 0;
39beb93cSSam Leffler		}
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	if (len == 0) {
39beb93cSSam Leffler		if (blob == NULL)
39beb93cSSam Leffler			os_free(buf);
39beb93cSSam Leffler		return 0;
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	if (len < 6 || WPA_GET_BE32(buf) != EAP_FAST_PAC_BINARY_MAGIC ||
39beb93cSSam Leffler	    WPA_GET_BE16(buf + 4) != EAP_FAST_PAC_BINARY_FORMAT_VERSION) {
39beb93cSSam Leffler		wpa_printf(MSG_INFO, "EAP-FAST: Invalid PAC file '%s' (bin)",
39beb93cSSam Leffler			   pac_file);
39beb93cSSam Leffler		if (blob == NULL)
39beb93cSSam Leffler			os_free(buf);
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	pac = prev = NULL;
39beb93cSSam Leffler	pos = buf + 6;
39beb93cSSam Leffler	end = buf + len;
39beb93cSSam Leffler	while (pos < end) {
5b9c547cSRui Paulo		u16 val;
5b9c547cSRui Paulo
780fb4a2SCy Schubert		if (end - pos < 2 + EAP_FAST_PAC_KEY_LEN + 2 + 2) {
780fb4a2SCy Schubert			pac = NULL;
39beb93cSSam Leffler			goto parse_fail;
780fb4a2SCy Schubert		}
39beb93cSSam Leffler
39beb93cSSam Leffler		pac = os_zalloc(sizeof(*pac));
39beb93cSSam Leffler		if (pac == NULL)
39beb93cSSam Leffler			goto parse_fail;
39beb93cSSam Leffler
39beb93cSSam Leffler		pac->pac_type = WPA_GET_BE16(pos);
39beb93cSSam Leffler		pos += 2;
39beb93cSSam Leffler		os_memcpy(pac->pac_key, pos, EAP_FAST_PAC_KEY_LEN);
39beb93cSSam Leffler		pos += EAP_FAST_PAC_KEY_LEN;
5b9c547cSRui Paulo		val = WPA_GET_BE16(pos);
39beb93cSSam Leffler		pos += 2;
5b9c547cSRui Paulo		if (val > end - pos)
39beb93cSSam Leffler			goto parse_fail;
5b9c547cSRui Paulo		pac->pac_opaque_len = val;
*85732ac8SCy Schubert		pac->pac_opaque = os_memdup(pos, pac->pac_opaque_len);
39beb93cSSam Leffler		if (pac->pac_opaque == NULL)
39beb93cSSam Leffler			goto parse_fail;
39beb93cSSam Leffler		pos += pac->pac_opaque_len;
5b9c547cSRui Paulo		if (2 > end - pos)
39beb93cSSam Leffler			goto parse_fail;
5b9c547cSRui Paulo		val = WPA_GET_BE16(pos);
5b9c547cSRui Paulo		pos += 2;
5b9c547cSRui Paulo		if (val > end - pos)
5b9c547cSRui Paulo			goto parse_fail;
5b9c547cSRui Paulo		pac->pac_info_len = val;
*85732ac8SCy Schubert		pac->pac_info = os_memdup(pos, pac->pac_info_len);
39beb93cSSam Leffler		if (pac->pac_info == NULL)
39beb93cSSam Leffler			goto parse_fail;
39beb93cSSam Leffler		pos += pac->pac_info_len;
39beb93cSSam Leffler		eap_fast_pac_get_a_id(pac);
39beb93cSSam Leffler
39beb93cSSam Leffler		count++;
39beb93cSSam Leffler		if (prev)
39beb93cSSam Leffler			prev->next = pac;
39beb93cSSam Leffler		else
39beb93cSSam Leffler			*pac_root = pac;
39beb93cSSam Leffler		prev = pac;
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	if (blob == NULL)
39beb93cSSam Leffler		os_free(buf);
39beb93cSSam Leffler
39beb93cSSam Leffler	wpa_printf(MSG_DEBUG, "EAP-FAST: Read %lu PAC entries from '%s' (bin)",
39beb93cSSam Leffler		   (unsigned long) count, pac_file);
39beb93cSSam Leffler
39beb93cSSam Leffler	return 0;
39beb93cSSam Leffler
39beb93cSSam Lefflerparse_fail:
39beb93cSSam Leffler	wpa_printf(MSG_INFO, "EAP-FAST: Failed to parse PAC file '%s' (bin)",
39beb93cSSam Leffler		   pac_file);
39beb93cSSam Leffler	if (blob == NULL)
39beb93cSSam Leffler		os_free(buf);
39beb93cSSam Leffler	if (pac)
39beb93cSSam Leffler		eap_fast_free_pac(pac);
39beb93cSSam Leffler	return -1;
39beb93cSSam Leffler}
39beb93cSSam Leffler
39beb93cSSam Leffler
39beb93cSSam Leffler/**
39beb93cSSam Leffler * eap_fast_save_pac_bin - Save PAC entries (binary format)
39beb93cSSam Leffler * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
39beb93cSSam Leffler * @pac_root: Root of the PAC list
39beb93cSSam Leffler * @pac_file: Name of the PAC file/blob
39beb93cSSam Leffler * Returns: 0 on success, -1 on failure
39beb93cSSam Leffler */
39beb93cSSam Lefflerint eap_fast_save_pac_bin(struct eap_sm *sm, struct eap_fast_pac *pac_root,
39beb93cSSam Leffler			  const char *pac_file)
39beb93cSSam Leffler{
39beb93cSSam Leffler	size_t len, count = 0;
39beb93cSSam Leffler	struct eap_fast_pac *pac;
39beb93cSSam Leffler	u8 *buf, *pos;
39beb93cSSam Leffler
39beb93cSSam Leffler	len = 6;
39beb93cSSam Leffler	pac = pac_root;
39beb93cSSam Leffler	while (pac) {
39beb93cSSam Leffler		if (pac->pac_opaque_len > 65535 ||
39beb93cSSam Leffler		    pac->pac_info_len > 65535)
39beb93cSSam Leffler			return -1;
39beb93cSSam Leffler		len += 2 + EAP_FAST_PAC_KEY_LEN + 2 + pac->pac_opaque_len +
39beb93cSSam Leffler			2 + pac->pac_info_len;
39beb93cSSam Leffler		pac = pac->next;
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	buf = os_malloc(len);
39beb93cSSam Leffler	if (buf == NULL)
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler
39beb93cSSam Leffler	pos = buf;
39beb93cSSam Leffler	WPA_PUT_BE32(pos, EAP_FAST_PAC_BINARY_MAGIC);
39beb93cSSam Leffler	pos += 4;
39beb93cSSam Leffler	WPA_PUT_BE16(pos, EAP_FAST_PAC_BINARY_FORMAT_VERSION);
39beb93cSSam Leffler	pos += 2;
39beb93cSSam Leffler
39beb93cSSam Leffler	pac = pac_root;
39beb93cSSam Leffler	while (pac) {
39beb93cSSam Leffler		WPA_PUT_BE16(pos, pac->pac_type);
39beb93cSSam Leffler		pos += 2;
39beb93cSSam Leffler		os_memcpy(pos, pac->pac_key, EAP_FAST_PAC_KEY_LEN);
39beb93cSSam Leffler		pos += EAP_FAST_PAC_KEY_LEN;
39beb93cSSam Leffler		WPA_PUT_BE16(pos, pac->pac_opaque_len);
39beb93cSSam Leffler		pos += 2;
39beb93cSSam Leffler		os_memcpy(pos, pac->pac_opaque, pac->pac_opaque_len);
39beb93cSSam Leffler		pos += pac->pac_opaque_len;
39beb93cSSam Leffler		WPA_PUT_BE16(pos, pac->pac_info_len);
39beb93cSSam Leffler		pos += 2;
39beb93cSSam Leffler		os_memcpy(pos, pac->pac_info, pac->pac_info_len);
39beb93cSSam Leffler		pos += pac->pac_info_len;
39beb93cSSam Leffler
39beb93cSSam Leffler		pac = pac->next;
39beb93cSSam Leffler		count++;
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	if (eap_fast_write_pac(sm, pac_file, (char *) buf, len)) {
39beb93cSSam Leffler		os_free(buf);
39beb93cSSam Leffler		return -1;
39beb93cSSam Leffler	}
39beb93cSSam Leffler
39beb93cSSam Leffler	wpa_printf(MSG_DEBUG, "EAP-FAST: Wrote %lu PAC entries into '%s' "
39beb93cSSam Leffler		   "(bin)", (unsigned long) count, pac_file);
39beb93cSSam Leffler
39beb93cSSam Leffler	return 0;
39beb93cSSam Leffler}