1 /* 2 * EAP peer method: LEAP 3 * Copyright (c) 2004-2007, Jouni Malinen <j@w1.fi> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * Alternatively, this software may be distributed under the terms of BSD 10 * license. 11 * 12 * See README and COPYING for more details. 13 */ 14 15 #include "includes.h" 16 17 #include "common.h" 18 #include "crypto/ms_funcs.h" 19 #include "crypto/crypto.h" 20 #include "eap_i.h" 21 22 #define LEAP_VERSION 1 23 #define LEAP_CHALLENGE_LEN 8 24 #define LEAP_RESPONSE_LEN 24 25 #define LEAP_KEY_LEN 16 26 27 28 struct eap_leap_data { 29 enum { 30 LEAP_WAIT_CHALLENGE, 31 LEAP_WAIT_SUCCESS, 32 LEAP_WAIT_RESPONSE, 33 LEAP_DONE 34 } state; 35 36 u8 peer_challenge[LEAP_CHALLENGE_LEN]; 37 u8 peer_response[LEAP_RESPONSE_LEN]; 38 39 u8 ap_challenge[LEAP_CHALLENGE_LEN]; 40 u8 ap_response[LEAP_RESPONSE_LEN]; 41 }; 42 43 44 static void * eap_leap_init(struct eap_sm *sm) 45 { 46 struct eap_leap_data *data; 47 48 data = os_zalloc(sizeof(*data)); 49 if (data == NULL) 50 return NULL; 51 data->state = LEAP_WAIT_CHALLENGE; 52 53 sm->leap_done = FALSE; 54 return data; 55 } 56 57 58 static void eap_leap_deinit(struct eap_sm *sm, void *priv) 59 { 60 os_free(priv); 61 } 62 63 64 static struct wpabuf * eap_leap_process_request(struct eap_sm *sm, void *priv, 65 struct eap_method_ret *ret, 66 const struct wpabuf *reqData) 67 { 68 struct eap_leap_data *data = priv; 69 struct wpabuf *resp; 70 const u8 *pos, *challenge, *identity, *password; 71 u8 challenge_len, *rpos; 72 size_t identity_len, password_len, len; 73 int pwhash; 74 75 wpa_printf(MSG_DEBUG, "EAP-LEAP: Processing EAP-Request"); 76 77 identity = eap_get_config_identity(sm, &identity_len); 78 password = eap_get_config_password2(sm, &password_len, &pwhash); 79 if (identity == NULL || password == NULL) 80 return NULL; 81 82 pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_LEAP, reqData, &len); 83 if (pos == NULL || len < 3) { 84 wpa_printf(MSG_INFO, "EAP-LEAP: Invalid EAP-Request frame"); 85 ret->ignore = TRUE; 86 return NULL; 87 } 88 89 if (*pos != LEAP_VERSION) { 90 wpa_printf(MSG_WARNING, "EAP-LEAP: Unsupported LEAP version " 91 "%d", *pos); 92 ret->ignore = TRUE; 93 return NULL; 94 } 95 pos++; 96 97 pos++; /* skip unused byte */ 98 99 challenge_len = *pos++; 100 if (challenge_len != LEAP_CHALLENGE_LEN || challenge_len > len - 3) { 101 wpa_printf(MSG_INFO, "EAP-LEAP: Invalid challenge " 102 "(challenge_len=%d reqDataLen=%lu)", 103 challenge_len, (unsigned long) wpabuf_len(reqData)); 104 ret->ignore = TRUE; 105 return NULL; 106 } 107 challenge = pos; 108 os_memcpy(data->peer_challenge, challenge, LEAP_CHALLENGE_LEN); 109 wpa_hexdump(MSG_MSGDUMP, "EAP-LEAP: Challenge from AP", 110 challenge, LEAP_CHALLENGE_LEN); 111 112 wpa_printf(MSG_DEBUG, "EAP-LEAP: Generating Challenge Response"); 113 114 resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_LEAP, 115 3 + LEAP_RESPONSE_LEN + identity_len, 116 EAP_CODE_RESPONSE, eap_get_id(reqData)); 117 if (resp == NULL) 118 return NULL; 119 wpabuf_put_u8(resp, LEAP_VERSION); 120 wpabuf_put_u8(resp, 0); /* unused */ 121 wpabuf_put_u8(resp, LEAP_RESPONSE_LEN); 122 rpos = wpabuf_put(resp, LEAP_RESPONSE_LEN); 123 if (pwhash) 124 challenge_response(challenge, password, rpos); 125 else 126 nt_challenge_response(challenge, password, password_len, rpos); 127 os_memcpy(data->peer_response, rpos, LEAP_RESPONSE_LEN); 128 wpa_hexdump(MSG_MSGDUMP, "EAP-LEAP: Response", 129 rpos, LEAP_RESPONSE_LEN); 130 wpabuf_put_data(resp, identity, identity_len); 131 132 data->state = LEAP_WAIT_SUCCESS; 133 134 return resp; 135 } 136 137 138 static struct wpabuf * eap_leap_process_success(struct eap_sm *sm, void *priv, 139 struct eap_method_ret *ret, 140 const struct wpabuf *reqData) 141 { 142 struct eap_leap_data *data = priv; 143 struct wpabuf *resp; 144 u8 *pos; 145 const u8 *identity; 146 size_t identity_len; 147 148 wpa_printf(MSG_DEBUG, "EAP-LEAP: Processing EAP-Success"); 149 150 identity = eap_get_config_identity(sm, &identity_len); 151 if (identity == NULL) 152 return NULL; 153 154 if (data->state != LEAP_WAIT_SUCCESS) { 155 wpa_printf(MSG_INFO, "EAP-LEAP: EAP-Success received in " 156 "unexpected state (%d) - ignored", data->state); 157 ret->ignore = TRUE; 158 return NULL; 159 } 160 161 resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_LEAP, 162 3 + LEAP_CHALLENGE_LEN + identity_len, 163 EAP_CODE_REQUEST, eap_get_id(reqData)); 164 if (resp == NULL) 165 return NULL; 166 wpabuf_put_u8(resp, LEAP_VERSION); 167 wpabuf_put_u8(resp, 0); /* unused */ 168 wpabuf_put_u8(resp, LEAP_CHALLENGE_LEN); 169 pos = wpabuf_put(resp, LEAP_CHALLENGE_LEN); 170 if (os_get_random(pos, LEAP_CHALLENGE_LEN)) { 171 wpa_printf(MSG_WARNING, "EAP-LEAP: Failed to read random data " 172 "for challenge"); 173 wpabuf_free(resp); 174 ret->ignore = TRUE; 175 return NULL; 176 } 177 os_memcpy(data->ap_challenge, pos, LEAP_CHALLENGE_LEN); 178 wpa_hexdump(MSG_MSGDUMP, "EAP-LEAP: Challenge to AP/AS", pos, 179 LEAP_CHALLENGE_LEN); 180 wpabuf_put_data(resp, identity, identity_len); 181 182 data->state = LEAP_WAIT_RESPONSE; 183 184 return resp; 185 } 186 187 188 static struct wpabuf * eap_leap_process_response(struct eap_sm *sm, void *priv, 189 struct eap_method_ret *ret, 190 const struct wpabuf *reqData) 191 { 192 struct eap_leap_data *data = priv; 193 const u8 *pos, *password; 194 u8 response_len, pw_hash[16], pw_hash_hash[16], 195 expected[LEAP_RESPONSE_LEN]; 196 size_t password_len, len; 197 int pwhash; 198 199 wpa_printf(MSG_DEBUG, "EAP-LEAP: Processing EAP-Response"); 200 201 password = eap_get_config_password2(sm, &password_len, &pwhash); 202 if (password == NULL) 203 return NULL; 204 205 pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_LEAP, reqData, &len); 206 if (pos == NULL || len < 3) { 207 wpa_printf(MSG_INFO, "EAP-LEAP: Invalid EAP-Response frame"); 208 ret->ignore = TRUE; 209 return NULL; 210 } 211 212 if (*pos != LEAP_VERSION) { 213 wpa_printf(MSG_WARNING, "EAP-LEAP: Unsupported LEAP version " 214 "%d", *pos); 215 ret->ignore = TRUE; 216 return NULL; 217 } 218 pos++; 219 220 pos++; /* skip unused byte */ 221 222 response_len = *pos++; 223 if (response_len != LEAP_RESPONSE_LEN || response_len > len - 3) { 224 wpa_printf(MSG_INFO, "EAP-LEAP: Invalid response " 225 "(response_len=%d reqDataLen=%lu)", 226 response_len, (unsigned long) wpabuf_len(reqData)); 227 ret->ignore = TRUE; 228 return NULL; 229 } 230 231 wpa_hexdump(MSG_DEBUG, "EAP-LEAP: Response from AP", 232 pos, LEAP_RESPONSE_LEN); 233 os_memcpy(data->ap_response, pos, LEAP_RESPONSE_LEN); 234 235 if (pwhash) { 236 if (hash_nt_password_hash(password, pw_hash_hash)) { 237 ret->ignore = TRUE; 238 return NULL; 239 } 240 } else { 241 if (nt_password_hash(password, password_len, pw_hash) || 242 hash_nt_password_hash(pw_hash, pw_hash_hash)) { 243 ret->ignore = TRUE; 244 return NULL; 245 } 246 } 247 challenge_response(data->ap_challenge, pw_hash_hash, expected); 248 249 ret->methodState = METHOD_DONE; 250 ret->allowNotifications = FALSE; 251 252 if (os_memcmp(pos, expected, LEAP_RESPONSE_LEN) != 0) { 253 wpa_printf(MSG_WARNING, "EAP-LEAP: AP sent an invalid " 254 "response - authentication failed"); 255 wpa_hexdump(MSG_DEBUG, "EAP-LEAP: Expected response from AP", 256 expected, LEAP_RESPONSE_LEN); 257 ret->decision = DECISION_FAIL; 258 return NULL; 259 } 260 261 ret->decision = DECISION_UNCOND_SUCC; 262 263 /* LEAP is somewhat odd method since it sends EAP-Success in the middle 264 * of the authentication. Use special variable to transit EAP state 265 * machine to SUCCESS state. */ 266 sm->leap_done = TRUE; 267 data->state = LEAP_DONE; 268 269 /* No more authentication messages expected; AP will send EAPOL-Key 270 * frames if encryption is enabled. */ 271 return NULL; 272 } 273 274 275 static struct wpabuf * eap_leap_process(struct eap_sm *sm, void *priv, 276 struct eap_method_ret *ret, 277 const struct wpabuf *reqData) 278 { 279 const struct eap_hdr *eap; 280 size_t password_len; 281 const u8 *password; 282 283 password = eap_get_config_password(sm, &password_len); 284 if (password == NULL) { 285 wpa_printf(MSG_INFO, "EAP-LEAP: Password not configured"); 286 eap_sm_request_password(sm); 287 ret->ignore = TRUE; 288 return NULL; 289 } 290 291 /* 292 * LEAP needs to be able to handle EAP-Success frame which does not 293 * include Type field. Consequently, eap_hdr_validate() cannot be used 294 * here. This validation will be done separately for EAP-Request and 295 * EAP-Response frames. 296 */ 297 eap = wpabuf_head(reqData); 298 if (wpabuf_len(reqData) < sizeof(*eap) || 299 be_to_host16(eap->length) > wpabuf_len(reqData)) { 300 wpa_printf(MSG_INFO, "EAP-LEAP: Invalid frame"); 301 ret->ignore = TRUE; 302 return NULL; 303 } 304 305 ret->ignore = FALSE; 306 ret->allowNotifications = TRUE; 307 ret->methodState = METHOD_MAY_CONT; 308 ret->decision = DECISION_FAIL; 309 310 sm->leap_done = FALSE; 311 312 switch (eap->code) { 313 case EAP_CODE_REQUEST: 314 return eap_leap_process_request(sm, priv, ret, reqData); 315 case EAP_CODE_SUCCESS: 316 return eap_leap_process_success(sm, priv, ret, reqData); 317 case EAP_CODE_RESPONSE: 318 return eap_leap_process_response(sm, priv, ret, reqData); 319 default: 320 wpa_printf(MSG_INFO, "EAP-LEAP: Unexpected EAP code (%d) - " 321 "ignored", eap->code); 322 ret->ignore = TRUE; 323 return NULL; 324 } 325 } 326 327 328 static Boolean eap_leap_isKeyAvailable(struct eap_sm *sm, void *priv) 329 { 330 struct eap_leap_data *data = priv; 331 return data->state == LEAP_DONE; 332 } 333 334 335 static u8 * eap_leap_getKey(struct eap_sm *sm, void *priv, size_t *len) 336 { 337 struct eap_leap_data *data = priv; 338 u8 *key, pw_hash_hash[16], pw_hash[16]; 339 const u8 *addr[5], *password; 340 size_t elen[5], password_len; 341 int pwhash; 342 343 if (data->state != LEAP_DONE) 344 return NULL; 345 346 password = eap_get_config_password2(sm, &password_len, &pwhash); 347 if (password == NULL) 348 return NULL; 349 350 key = os_malloc(LEAP_KEY_LEN); 351 if (key == NULL) 352 return NULL; 353 354 if (pwhash) { 355 if (hash_nt_password_hash(password, pw_hash_hash)) { 356 os_free(key); 357 return NULL; 358 } 359 } else { 360 if (nt_password_hash(password, password_len, pw_hash) || 361 hash_nt_password_hash(pw_hash, pw_hash_hash)) { 362 os_free(key); 363 return NULL; 364 } 365 } 366 wpa_hexdump_key(MSG_DEBUG, "EAP-LEAP: pw_hash_hash", 367 pw_hash_hash, 16); 368 wpa_hexdump(MSG_DEBUG, "EAP-LEAP: peer_challenge", 369 data->peer_challenge, LEAP_CHALLENGE_LEN); 370 wpa_hexdump(MSG_DEBUG, "EAP-LEAP: peer_response", 371 data->peer_response, LEAP_RESPONSE_LEN); 372 wpa_hexdump(MSG_DEBUG, "EAP-LEAP: ap_challenge", 373 data->ap_challenge, LEAP_CHALLENGE_LEN); 374 wpa_hexdump(MSG_DEBUG, "EAP-LEAP: ap_response", 375 data->ap_response, LEAP_RESPONSE_LEN); 376 377 addr[0] = pw_hash_hash; 378 elen[0] = 16; 379 addr[1] = data->ap_challenge; 380 elen[1] = LEAP_CHALLENGE_LEN; 381 addr[2] = data->ap_response; 382 elen[2] = LEAP_RESPONSE_LEN; 383 addr[3] = data->peer_challenge; 384 elen[3] = LEAP_CHALLENGE_LEN; 385 addr[4] = data->peer_response; 386 elen[4] = LEAP_RESPONSE_LEN; 387 md5_vector(5, addr, elen, key); 388 wpa_hexdump_key(MSG_DEBUG, "EAP-LEAP: master key", key, LEAP_KEY_LEN); 389 *len = LEAP_KEY_LEN; 390 391 return key; 392 } 393 394 395 int eap_peer_leap_register(void) 396 { 397 struct eap_method *eap; 398 int ret; 399 400 eap = eap_peer_method_alloc(EAP_PEER_METHOD_INTERFACE_VERSION, 401 EAP_VENDOR_IETF, EAP_TYPE_LEAP, "LEAP"); 402 if (eap == NULL) 403 return -1; 404 405 eap->init = eap_leap_init; 406 eap->deinit = eap_leap_deinit; 407 eap->process = eap_leap_process; 408 eap->isKeyAvailable = eap_leap_isKeyAvailable; 409 eap->getKey = eap_leap_getKey; 410 411 ret = eap_peer_method_register(eap); 412 if (ret) 413 eap_peer_method_free(eap); 414 return ret; 415 } 416