1 /* 2 * EAP peer method: EAP-SIM (RFC 4186) 3 * Copyright (c) 2004-2012, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "includes.h" 10 11 #include "common.h" 12 #include "pcsc_funcs.h" 13 #include "crypto/milenage.h" 14 #include "crypto/random.h" 15 #include "eap_peer/eap_i.h" 16 #include "eap_config.h" 17 #include "eap_common/eap_sim_common.h" 18 19 20 struct eap_sim_data { 21 u8 *ver_list; 22 size_t ver_list_len; 23 int selected_version; 24 size_t min_num_chal, num_chal; 25 26 u8 kc[3][EAP_SIM_KC_LEN]; 27 u8 sres[3][EAP_SIM_SRES_LEN]; 28 u8 nonce_mt[EAP_SIM_NONCE_MT_LEN], nonce_s[EAP_SIM_NONCE_S_LEN]; 29 u8 mk[EAP_SIM_MK_LEN]; 30 u8 k_aut[EAP_SIM_K_AUT_LEN]; 31 u8 k_encr[EAP_SIM_K_ENCR_LEN]; 32 u8 msk[EAP_SIM_KEYING_DATA_LEN]; 33 u8 emsk[EAP_EMSK_LEN]; 34 u8 rand[3][GSM_RAND_LEN]; 35 36 int num_id_req, num_notification; 37 u8 *pseudonym; 38 size_t pseudonym_len; 39 u8 *reauth_id; 40 size_t reauth_id_len; 41 int reauth; 42 unsigned int counter, counter_too_small; 43 u8 *last_eap_identity; 44 size_t last_eap_identity_len; 45 enum { 46 CONTINUE, RESULT_SUCCESS, SUCCESS, FAILURE 47 } state; 48 int result_ind, use_result_ind; 49 }; 50 51 52 #ifndef CONFIG_NO_STDOUT_DEBUG 53 static const char * eap_sim_state_txt(int state) 54 { 55 switch (state) { 56 case CONTINUE: 57 return "CONTINUE"; 58 case RESULT_SUCCESS: 59 return "RESULT_SUCCESS"; 60 case SUCCESS: 61 return "SUCCESS"; 62 case FAILURE: 63 return "FAILURE"; 64 default: 65 return "?"; 66 } 67 } 68 #endif /* CONFIG_NO_STDOUT_DEBUG */ 69 70 71 static void eap_sim_state(struct eap_sim_data *data, int state) 72 { 73 wpa_printf(MSG_DEBUG, "EAP-SIM: %s -> %s", 74 eap_sim_state_txt(data->state), 75 eap_sim_state_txt(state)); 76 data->state = state; 77 } 78 79 80 static void * eap_sim_init(struct eap_sm *sm) 81 { 82 struct eap_sim_data *data; 83 struct eap_peer_config *config = eap_get_config(sm); 84 85 data = os_zalloc(sizeof(*data)); 86 if (data == NULL) 87 return NULL; 88 89 if (random_get_bytes(data->nonce_mt, EAP_SIM_NONCE_MT_LEN)) { 90 wpa_printf(MSG_WARNING, "EAP-SIM: Failed to get random data " 91 "for NONCE_MT"); 92 os_free(data); 93 return NULL; 94 } 95 96 data->min_num_chal = 2; 97 if (config && config->phase1) { 98 char *pos = os_strstr(config->phase1, "sim_min_num_chal="); 99 if (pos) { 100 data->min_num_chal = atoi(pos + 17); 101 if (data->min_num_chal < 2 || data->min_num_chal > 3) { 102 wpa_printf(MSG_WARNING, "EAP-SIM: Invalid " 103 "sim_min_num_chal configuration " 104 "(%lu, expected 2 or 3)", 105 (unsigned long) data->min_num_chal); 106 os_free(data); 107 return NULL; 108 } 109 wpa_printf(MSG_DEBUG, "EAP-SIM: Set minimum number of " 110 "challenges to %lu", 111 (unsigned long) data->min_num_chal); 112 } 113 114 data->result_ind = os_strstr(config->phase1, "result_ind=1") != 115 NULL; 116 } 117 118 if (config && config->anonymous_identity) { 119 data->pseudonym = os_malloc(config->anonymous_identity_len); 120 if (data->pseudonym) { 121 os_memcpy(data->pseudonym, config->anonymous_identity, 122 config->anonymous_identity_len); 123 data->pseudonym_len = config->anonymous_identity_len; 124 } 125 } 126 127 eap_sim_state(data, CONTINUE); 128 129 return data; 130 } 131 132 133 static void eap_sim_clear_keys(struct eap_sim_data *data, int reauth) 134 { 135 if (!reauth) { 136 os_memset(data->mk, 0, EAP_SIM_MK_LEN); 137 os_memset(data->k_aut, 0, EAP_SIM_K_AUT_LEN); 138 os_memset(data->k_encr, 0, EAP_SIM_K_ENCR_LEN); 139 } 140 os_memset(data->kc, 0, 3 * EAP_SIM_KC_LEN); 141 os_memset(data->sres, 0, 3 * EAP_SIM_SRES_LEN); 142 os_memset(data->msk, 0, EAP_SIM_KEYING_DATA_LEN); 143 os_memset(data->emsk, 0, EAP_EMSK_LEN); 144 } 145 146 147 static void eap_sim_deinit(struct eap_sm *sm, void *priv) 148 { 149 struct eap_sim_data *data = priv; 150 if (data) { 151 os_free(data->ver_list); 152 os_free(data->pseudonym); 153 os_free(data->reauth_id); 154 os_free(data->last_eap_identity); 155 eap_sim_clear_keys(data, 0); 156 os_free(data); 157 } 158 } 159 160 161 static int eap_sim_ext_sim_req(struct eap_sm *sm, struct eap_sim_data *data) 162 { 163 char req[200], *pos, *end; 164 size_t i; 165 166 wpa_printf(MSG_DEBUG, "EAP-SIM: Use external SIM processing"); 167 pos = req; 168 end = pos + sizeof(req); 169 pos += os_snprintf(pos, end - pos, "GSM-AUTH"); 170 for (i = 0; i < data->num_chal; i++) { 171 pos += os_snprintf(pos, end - pos, ":"); 172 pos += wpa_snprintf_hex(pos, end - pos, data->rand[i], 173 GSM_RAND_LEN); 174 } 175 176 eap_sm_request_sim(sm, req); 177 return 1; 178 } 179 180 181 static int eap_sim_ext_sim_result(struct eap_sm *sm, struct eap_sim_data *data, 182 struct eap_peer_config *conf) 183 { 184 char *resp, *pos; 185 size_t i; 186 187 wpa_printf(MSG_DEBUG, 188 "EAP-SIM: Use result from external SIM processing"); 189 190 resp = conf->external_sim_resp; 191 conf->external_sim_resp = NULL; 192 193 if (os_strncmp(resp, "GSM-AUTH:", 9) != 0) { 194 wpa_printf(MSG_DEBUG, "EAP-SIM: Unrecognized external SIM processing response"); 195 os_free(resp); 196 return -1; 197 } 198 199 pos = resp + 9; 200 for (i = 0; i < data->num_chal; i++) { 201 wpa_hexdump(MSG_DEBUG, "EAP-SIM: RAND", 202 data->rand[i], GSM_RAND_LEN); 203 204 if (hexstr2bin(pos, data->kc[i], EAP_SIM_KC_LEN) < 0) 205 goto invalid; 206 wpa_hexdump_key(MSG_DEBUG, "EAP-SIM: Kc", 207 data->kc[i], EAP_SIM_KC_LEN); 208 pos += EAP_SIM_KC_LEN * 2; 209 if (*pos != ':') 210 goto invalid; 211 pos++; 212 213 if (hexstr2bin(pos, data->sres[i], EAP_SIM_SRES_LEN) < 0) 214 goto invalid; 215 wpa_hexdump_key(MSG_DEBUG, "EAP-SIM: SRES", 216 data->sres[i], EAP_SIM_SRES_LEN); 217 pos += EAP_SIM_SRES_LEN * 2; 218 if (i + 1 < data->num_chal) { 219 if (*pos != ':') 220 goto invalid; 221 pos++; 222 } 223 } 224 225 os_free(resp); 226 return 0; 227 228 invalid: 229 wpa_printf(MSG_DEBUG, "EAP-SIM: Invalid external SIM processing GSM-AUTH response"); 230 os_free(resp); 231 return -1; 232 } 233 234 235 static int eap_sim_gsm_auth(struct eap_sm *sm, struct eap_sim_data *data) 236 { 237 struct eap_peer_config *conf; 238 239 wpa_printf(MSG_DEBUG, "EAP-SIM: GSM authentication algorithm"); 240 241 conf = eap_get_config(sm); 242 if (conf == NULL) 243 return -1; 244 245 if (sm->external_sim) { 246 if (conf->external_sim_resp) 247 return eap_sim_ext_sim_result(sm, data, conf); 248 else 249 return eap_sim_ext_sim_req(sm, data); 250 } 251 252 if (conf->pcsc) { 253 if (scard_gsm_auth(sm->scard_ctx, data->rand[0], 254 data->sres[0], data->kc[0]) || 255 scard_gsm_auth(sm->scard_ctx, data->rand[1], 256 data->sres[1], data->kc[1]) || 257 (data->num_chal > 2 && 258 scard_gsm_auth(sm->scard_ctx, data->rand[2], 259 data->sres[2], data->kc[2]))) { 260 wpa_printf(MSG_DEBUG, "EAP-SIM: GSM SIM " 261 "authentication could not be completed"); 262 return -1; 263 } 264 return 0; 265 } 266 267 #ifdef CONFIG_SIM_SIMULATOR 268 if (conf->password) { 269 u8 opc[16], k[16]; 270 const char *pos; 271 size_t i; 272 wpa_printf(MSG_DEBUG, "EAP-SIM: Use internal GSM-Milenage " 273 "implementation for authentication"); 274 if (conf->password_len < 65) { 275 wpa_printf(MSG_DEBUG, "EAP-SIM: invalid GSM-Milenage " 276 "password"); 277 return -1; 278 } 279 pos = (const char *) conf->password; 280 if (hexstr2bin(pos, k, 16)) 281 return -1; 282 pos += 32; 283 if (*pos != ':') 284 return -1; 285 pos++; 286 287 if (hexstr2bin(pos, opc, 16)) 288 return -1; 289 290 for (i = 0; i < data->num_chal; i++) { 291 if (gsm_milenage(opc, k, data->rand[i], 292 data->sres[i], data->kc[i])) { 293 wpa_printf(MSG_DEBUG, "EAP-SIM: " 294 "GSM-Milenage authentication " 295 "could not be completed"); 296 return -1; 297 } 298 wpa_hexdump(MSG_DEBUG, "EAP-SIM: RAND", 299 data->rand[i], GSM_RAND_LEN); 300 wpa_hexdump_key(MSG_DEBUG, "EAP-SIM: SRES", 301 data->sres[i], EAP_SIM_SRES_LEN); 302 wpa_hexdump_key(MSG_DEBUG, "EAP-SIM: Kc", 303 data->kc[i], EAP_SIM_KC_LEN); 304 } 305 return 0; 306 } 307 #endif /* CONFIG_SIM_SIMULATOR */ 308 309 #ifdef CONFIG_SIM_HARDCODED 310 /* These hardcoded Kc and SRES values are used for testing. RAND to 311 * KC/SREC mapping is very bogus as far as real authentication is 312 * concerned, but it is quite useful for cases where the AS is rotating 313 * the order of pre-configured values. */ 314 { 315 size_t i; 316 317 wpa_printf(MSG_DEBUG, "EAP-SIM: Use hardcoded Kc and SRES " 318 "values for testing"); 319 320 for (i = 0; i < data->num_chal; i++) { 321 if (data->rand[i][0] == 0xaa) { 322 os_memcpy(data->kc[i], 323 "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7", 324 EAP_SIM_KC_LEN); 325 os_memcpy(data->sres[i], "\xd1\xd2\xd3\xd4", 326 EAP_SIM_SRES_LEN); 327 } else if (data->rand[i][0] == 0xbb) { 328 os_memcpy(data->kc[i], 329 "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7", 330 EAP_SIM_KC_LEN); 331 os_memcpy(data->sres[i], "\xe1\xe2\xe3\xe4", 332 EAP_SIM_SRES_LEN); 333 } else { 334 os_memcpy(data->kc[i], 335 "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7", 336 EAP_SIM_KC_LEN); 337 os_memcpy(data->sres[i], "\xf1\xf2\xf3\xf4", 338 EAP_SIM_SRES_LEN); 339 } 340 } 341 } 342 343 return 0; 344 345 #else /* CONFIG_SIM_HARDCODED */ 346 347 wpa_printf(MSG_DEBUG, "EAP-SIM: No GSM authentication algorithm " 348 "enabled"); 349 return -1; 350 351 #endif /* CONFIG_SIM_HARDCODED */ 352 } 353 354 355 static int eap_sim_supported_ver(int version) 356 { 357 return version == EAP_SIM_VERSION; 358 } 359 360 361 #define CLEAR_PSEUDONYM 0x01 362 #define CLEAR_REAUTH_ID 0x02 363 #define CLEAR_EAP_ID 0x04 364 365 static void eap_sim_clear_identities(struct eap_sm *sm, 366 struct eap_sim_data *data, int id) 367 { 368 if ((id & CLEAR_PSEUDONYM) && data->pseudonym) { 369 wpa_printf(MSG_DEBUG, "EAP-SIM: forgetting old pseudonym"); 370 os_free(data->pseudonym); 371 data->pseudonym = NULL; 372 data->pseudonym_len = 0; 373 eap_set_anon_id(sm, NULL, 0); 374 } 375 if ((id & CLEAR_REAUTH_ID) && data->reauth_id) { 376 wpa_printf(MSG_DEBUG, "EAP-SIM: forgetting old reauth_id"); 377 os_free(data->reauth_id); 378 data->reauth_id = NULL; 379 data->reauth_id_len = 0; 380 } 381 if ((id & CLEAR_EAP_ID) && data->last_eap_identity) { 382 wpa_printf(MSG_DEBUG, "EAP-SIM: forgetting old eap_id"); 383 os_free(data->last_eap_identity); 384 data->last_eap_identity = NULL; 385 data->last_eap_identity_len = 0; 386 } 387 } 388 389 390 static int eap_sim_learn_ids(struct eap_sm *sm, struct eap_sim_data *data, 391 struct eap_sim_attrs *attr) 392 { 393 if (attr->next_pseudonym) { 394 const u8 *identity = NULL; 395 size_t identity_len = 0; 396 const u8 *realm = NULL; 397 size_t realm_len = 0; 398 399 wpa_hexdump_ascii(MSG_DEBUG, 400 "EAP-SIM: (encr) AT_NEXT_PSEUDONYM", 401 attr->next_pseudonym, 402 attr->next_pseudonym_len); 403 os_free(data->pseudonym); 404 /* Look for the realm of the permanent identity */ 405 identity = eap_get_config_identity(sm, &identity_len); 406 if (identity) { 407 for (realm = identity, realm_len = identity_len; 408 realm_len > 0; realm_len--, realm++) { 409 if (*realm == '@') 410 break; 411 } 412 } 413 data->pseudonym = os_malloc(attr->next_pseudonym_len + 414 realm_len); 415 if (data->pseudonym == NULL) { 416 wpa_printf(MSG_INFO, "EAP-SIM: (encr) No memory for " 417 "next pseudonym"); 418 data->pseudonym_len = 0; 419 return -1; 420 } 421 os_memcpy(data->pseudonym, attr->next_pseudonym, 422 attr->next_pseudonym_len); 423 if (realm_len) { 424 os_memcpy(data->pseudonym + attr->next_pseudonym_len, 425 realm, realm_len); 426 } 427 data->pseudonym_len = attr->next_pseudonym_len + realm_len; 428 eap_set_anon_id(sm, data->pseudonym, data->pseudonym_len); 429 } 430 431 if (attr->next_reauth_id) { 432 os_free(data->reauth_id); 433 data->reauth_id = os_malloc(attr->next_reauth_id_len); 434 if (data->reauth_id == NULL) { 435 wpa_printf(MSG_INFO, "EAP-SIM: (encr) No memory for " 436 "next reauth_id"); 437 data->reauth_id_len = 0; 438 return -1; 439 } 440 os_memcpy(data->reauth_id, attr->next_reauth_id, 441 attr->next_reauth_id_len); 442 data->reauth_id_len = attr->next_reauth_id_len; 443 wpa_hexdump_ascii(MSG_DEBUG, 444 "EAP-SIM: (encr) AT_NEXT_REAUTH_ID", 445 data->reauth_id, 446 data->reauth_id_len); 447 } 448 449 return 0; 450 } 451 452 453 static struct wpabuf * eap_sim_client_error(struct eap_sim_data *data, u8 id, 454 int err) 455 { 456 struct eap_sim_msg *msg; 457 458 eap_sim_state(data, FAILURE); 459 data->num_id_req = 0; 460 data->num_notification = 0; 461 462 wpa_printf(MSG_DEBUG, "EAP-SIM: Send Client-Error (error code %d)", 463 err); 464 msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, EAP_TYPE_SIM, 465 EAP_SIM_SUBTYPE_CLIENT_ERROR); 466 eap_sim_msg_add(msg, EAP_SIM_AT_CLIENT_ERROR_CODE, err, NULL, 0); 467 return eap_sim_msg_finish(msg, EAP_TYPE_SIM, NULL, NULL, 0); 468 } 469 470 471 static struct wpabuf * eap_sim_response_start(struct eap_sm *sm, 472 struct eap_sim_data *data, u8 id, 473 enum eap_sim_id_req id_req) 474 { 475 const u8 *identity = NULL; 476 size_t identity_len = 0; 477 struct eap_sim_msg *msg; 478 479 data->reauth = 0; 480 if (id_req == ANY_ID && data->reauth_id) { 481 identity = data->reauth_id; 482 identity_len = data->reauth_id_len; 483 data->reauth = 1; 484 } else if ((id_req == ANY_ID || id_req == FULLAUTH_ID) && 485 data->pseudonym) { 486 identity = data->pseudonym; 487 identity_len = data->pseudonym_len; 488 eap_sim_clear_identities(sm, data, CLEAR_REAUTH_ID); 489 } else if (id_req != NO_ID_REQ) { 490 identity = eap_get_config_identity(sm, &identity_len); 491 if (identity) { 492 eap_sim_clear_identities(sm, data, CLEAR_PSEUDONYM | 493 CLEAR_REAUTH_ID); 494 } 495 } 496 if (id_req != NO_ID_REQ) 497 eap_sim_clear_identities(sm, data, CLEAR_EAP_ID); 498 499 wpa_printf(MSG_DEBUG, "Generating EAP-SIM Start (id=%d)", id); 500 msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, 501 EAP_TYPE_SIM, EAP_SIM_SUBTYPE_START); 502 if (!data->reauth) { 503 wpa_hexdump(MSG_DEBUG, " AT_NONCE_MT", 504 data->nonce_mt, EAP_SIM_NONCE_MT_LEN); 505 eap_sim_msg_add(msg, EAP_SIM_AT_NONCE_MT, 0, 506 data->nonce_mt, EAP_SIM_NONCE_MT_LEN); 507 wpa_printf(MSG_DEBUG, " AT_SELECTED_VERSION %d", 508 data->selected_version); 509 eap_sim_msg_add(msg, EAP_SIM_AT_SELECTED_VERSION, 510 data->selected_version, NULL, 0); 511 } 512 513 if (identity) { 514 wpa_hexdump_ascii(MSG_DEBUG, " AT_IDENTITY", 515 identity, identity_len); 516 eap_sim_msg_add(msg, EAP_SIM_AT_IDENTITY, identity_len, 517 identity, identity_len); 518 } 519 520 return eap_sim_msg_finish(msg, EAP_TYPE_SIM, NULL, NULL, 0); 521 } 522 523 524 static struct wpabuf * eap_sim_response_challenge(struct eap_sim_data *data, 525 u8 id) 526 { 527 struct eap_sim_msg *msg; 528 529 wpa_printf(MSG_DEBUG, "Generating EAP-SIM Challenge (id=%d)", id); 530 msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, EAP_TYPE_SIM, 531 EAP_SIM_SUBTYPE_CHALLENGE); 532 if (data->use_result_ind) { 533 wpa_printf(MSG_DEBUG, " AT_RESULT_IND"); 534 eap_sim_msg_add(msg, EAP_SIM_AT_RESULT_IND, 0, NULL, 0); 535 } 536 wpa_printf(MSG_DEBUG, " AT_MAC"); 537 eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC); 538 return eap_sim_msg_finish(msg, EAP_TYPE_SIM, data->k_aut, 539 (u8 *) data->sres, 540 data->num_chal * EAP_SIM_SRES_LEN); 541 } 542 543 544 static struct wpabuf * eap_sim_response_reauth(struct eap_sim_data *data, 545 u8 id, int counter_too_small, 546 const u8 *nonce_s) 547 { 548 struct eap_sim_msg *msg; 549 unsigned int counter; 550 551 wpa_printf(MSG_DEBUG, "Generating EAP-SIM Reauthentication (id=%d)", 552 id); 553 msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, EAP_TYPE_SIM, 554 EAP_SIM_SUBTYPE_REAUTHENTICATION); 555 wpa_printf(MSG_DEBUG, " AT_IV"); 556 wpa_printf(MSG_DEBUG, " AT_ENCR_DATA"); 557 eap_sim_msg_add_encr_start(msg, EAP_SIM_AT_IV, EAP_SIM_AT_ENCR_DATA); 558 559 if (counter_too_small) { 560 wpa_printf(MSG_DEBUG, " *AT_COUNTER_TOO_SMALL"); 561 eap_sim_msg_add(msg, EAP_SIM_AT_COUNTER_TOO_SMALL, 0, NULL, 0); 562 counter = data->counter_too_small; 563 } else 564 counter = data->counter; 565 566 wpa_printf(MSG_DEBUG, " *AT_COUNTER %d", counter); 567 eap_sim_msg_add(msg, EAP_SIM_AT_COUNTER, counter, NULL, 0); 568 569 if (eap_sim_msg_add_encr_end(msg, data->k_encr, EAP_SIM_AT_PADDING)) { 570 wpa_printf(MSG_WARNING, "EAP-SIM: Failed to encrypt " 571 "AT_ENCR_DATA"); 572 eap_sim_msg_free(msg); 573 return NULL; 574 } 575 if (data->use_result_ind) { 576 wpa_printf(MSG_DEBUG, " AT_RESULT_IND"); 577 eap_sim_msg_add(msg, EAP_SIM_AT_RESULT_IND, 0, NULL, 0); 578 } 579 wpa_printf(MSG_DEBUG, " AT_MAC"); 580 eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC); 581 return eap_sim_msg_finish(msg, EAP_TYPE_SIM, data->k_aut, nonce_s, 582 EAP_SIM_NONCE_S_LEN); 583 } 584 585 586 static struct wpabuf * eap_sim_response_notification(struct eap_sim_data *data, 587 u8 id, u16 notification) 588 { 589 struct eap_sim_msg *msg; 590 u8 *k_aut = (notification & 0x4000) == 0 ? data->k_aut : NULL; 591 592 wpa_printf(MSG_DEBUG, "Generating EAP-SIM Notification (id=%d)", id); 593 msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, 594 EAP_TYPE_SIM, EAP_SIM_SUBTYPE_NOTIFICATION); 595 if (k_aut && data->reauth) { 596 wpa_printf(MSG_DEBUG, " AT_IV"); 597 wpa_printf(MSG_DEBUG, " AT_ENCR_DATA"); 598 eap_sim_msg_add_encr_start(msg, EAP_SIM_AT_IV, 599 EAP_SIM_AT_ENCR_DATA); 600 wpa_printf(MSG_DEBUG, " *AT_COUNTER %d", data->counter); 601 eap_sim_msg_add(msg, EAP_SIM_AT_COUNTER, data->counter, 602 NULL, 0); 603 if (eap_sim_msg_add_encr_end(msg, data->k_encr, 604 EAP_SIM_AT_PADDING)) { 605 wpa_printf(MSG_WARNING, "EAP-SIM: Failed to encrypt " 606 "AT_ENCR_DATA"); 607 eap_sim_msg_free(msg); 608 return NULL; 609 } 610 } 611 if (k_aut) { 612 wpa_printf(MSG_DEBUG, " AT_MAC"); 613 eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC); 614 } 615 return eap_sim_msg_finish(msg, EAP_TYPE_SIM, k_aut, (u8 *) "", 0); 616 } 617 618 619 static struct wpabuf * eap_sim_process_start(struct eap_sm *sm, 620 struct eap_sim_data *data, u8 id, 621 struct eap_sim_attrs *attr) 622 { 623 int selected_version = -1, id_error; 624 size_t i; 625 u8 *pos; 626 627 wpa_printf(MSG_DEBUG, "EAP-SIM: subtype Start"); 628 if (attr->version_list == NULL) { 629 wpa_printf(MSG_INFO, "EAP-SIM: No AT_VERSION_LIST in " 630 "SIM/Start"); 631 return eap_sim_client_error(data, id, 632 EAP_SIM_UNSUPPORTED_VERSION); 633 } 634 635 os_free(data->ver_list); 636 data->ver_list = os_malloc(attr->version_list_len); 637 if (data->ver_list == NULL) { 638 wpa_printf(MSG_DEBUG, "EAP-SIM: Failed to allocate " 639 "memory for version list"); 640 return eap_sim_client_error(data, id, 641 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 642 } 643 os_memcpy(data->ver_list, attr->version_list, attr->version_list_len); 644 data->ver_list_len = attr->version_list_len; 645 pos = data->ver_list; 646 for (i = 0; i < data->ver_list_len / 2; i++) { 647 int ver = pos[0] * 256 + pos[1]; 648 pos += 2; 649 if (eap_sim_supported_ver(ver)) { 650 selected_version = ver; 651 break; 652 } 653 } 654 if (selected_version < 0) { 655 wpa_printf(MSG_INFO, "EAP-SIM: Could not find a supported " 656 "version"); 657 return eap_sim_client_error(data, id, 658 EAP_SIM_UNSUPPORTED_VERSION); 659 } 660 wpa_printf(MSG_DEBUG, "EAP-SIM: Selected Version %d", 661 selected_version); 662 data->selected_version = selected_version; 663 664 id_error = 0; 665 switch (attr->id_req) { 666 case NO_ID_REQ: 667 break; 668 case ANY_ID: 669 if (data->num_id_req > 0) 670 id_error++; 671 data->num_id_req++; 672 break; 673 case FULLAUTH_ID: 674 if (data->num_id_req > 1) 675 id_error++; 676 data->num_id_req++; 677 break; 678 case PERMANENT_ID: 679 if (data->num_id_req > 2) 680 id_error++; 681 data->num_id_req++; 682 break; 683 } 684 if (id_error) { 685 wpa_printf(MSG_INFO, "EAP-SIM: Too many ID requests " 686 "used within one authentication"); 687 return eap_sim_client_error(data, id, 688 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 689 } 690 691 return eap_sim_response_start(sm, data, id, attr->id_req); 692 } 693 694 695 static struct wpabuf * eap_sim_process_challenge(struct eap_sm *sm, 696 struct eap_sim_data *data, 697 u8 id, 698 const struct wpabuf *reqData, 699 struct eap_sim_attrs *attr) 700 { 701 const u8 *identity; 702 size_t identity_len; 703 struct eap_sim_attrs eattr; 704 int res; 705 706 wpa_printf(MSG_DEBUG, "EAP-SIM: subtype Challenge"); 707 data->reauth = 0; 708 if (!attr->mac || !attr->rand) { 709 wpa_printf(MSG_WARNING, "EAP-SIM: Challenge message " 710 "did not include%s%s", 711 !attr->mac ? " AT_MAC" : "", 712 !attr->rand ? " AT_RAND" : ""); 713 return eap_sim_client_error(data, id, 714 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 715 } 716 717 wpa_printf(MSG_DEBUG, "EAP-SIM: %lu challenges", 718 (unsigned long) attr->num_chal); 719 if (attr->num_chal < data->min_num_chal) { 720 wpa_printf(MSG_INFO, "EAP-SIM: Insufficient number of " 721 "challenges (%lu)", (unsigned long) attr->num_chal); 722 return eap_sim_client_error(data, id, 723 EAP_SIM_INSUFFICIENT_NUM_OF_CHAL); 724 } 725 if (attr->num_chal > 3) { 726 wpa_printf(MSG_INFO, "EAP-SIM: Too many challenges " 727 "(%lu)", (unsigned long) attr->num_chal); 728 return eap_sim_client_error(data, id, 729 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 730 } 731 732 /* Verify that RANDs are different */ 733 if (os_memcmp(attr->rand, attr->rand + GSM_RAND_LEN, 734 GSM_RAND_LEN) == 0 || 735 (attr->num_chal > 2 && 736 (os_memcmp(attr->rand, attr->rand + 2 * GSM_RAND_LEN, 737 GSM_RAND_LEN) == 0 || 738 os_memcmp(attr->rand + GSM_RAND_LEN, 739 attr->rand + 2 * GSM_RAND_LEN, 740 GSM_RAND_LEN) == 0))) { 741 wpa_printf(MSG_INFO, "EAP-SIM: Same RAND used multiple times"); 742 return eap_sim_client_error(data, id, 743 EAP_SIM_RAND_NOT_FRESH); 744 } 745 746 os_memcpy(data->rand, attr->rand, attr->num_chal * GSM_RAND_LEN); 747 data->num_chal = attr->num_chal; 748 749 res = eap_sim_gsm_auth(sm, data); 750 if (res > 0) { 751 wpa_printf(MSG_DEBUG, "EAP-SIM: Wait for external SIM processing"); 752 return NULL; 753 } 754 if (res) { 755 wpa_printf(MSG_WARNING, "EAP-SIM: GSM authentication failed"); 756 return eap_sim_client_error(data, id, 757 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 758 } 759 if (data->last_eap_identity) { 760 identity = data->last_eap_identity; 761 identity_len = data->last_eap_identity_len; 762 } else if (data->pseudonym) { 763 identity = data->pseudonym; 764 identity_len = data->pseudonym_len; 765 } else 766 identity = eap_get_config_identity(sm, &identity_len); 767 wpa_hexdump_ascii(MSG_DEBUG, "EAP-SIM: Selected identity for MK " 768 "derivation", identity, identity_len); 769 eap_sim_derive_mk(identity, identity_len, data->nonce_mt, 770 data->selected_version, data->ver_list, 771 data->ver_list_len, data->num_chal, 772 (const u8 *) data->kc, data->mk); 773 eap_sim_derive_keys(data->mk, data->k_encr, data->k_aut, data->msk, 774 data->emsk); 775 if (eap_sim_verify_mac(data->k_aut, reqData, attr->mac, data->nonce_mt, 776 EAP_SIM_NONCE_MT_LEN)) { 777 wpa_printf(MSG_WARNING, "EAP-SIM: Challenge message " 778 "used invalid AT_MAC"); 779 return eap_sim_client_error(data, id, 780 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 781 } 782 783 /* Old reauthentication identity must not be used anymore. In 784 * other words, if no new reauth identity is received, full 785 * authentication will be used on next reauthentication (using 786 * pseudonym identity or permanent identity). */ 787 eap_sim_clear_identities(sm, data, CLEAR_REAUTH_ID | CLEAR_EAP_ID); 788 789 if (attr->encr_data) { 790 u8 *decrypted; 791 decrypted = eap_sim_parse_encr(data->k_encr, attr->encr_data, 792 attr->encr_data_len, attr->iv, 793 &eattr, 0); 794 if (decrypted == NULL) { 795 return eap_sim_client_error( 796 data, id, EAP_SIM_UNABLE_TO_PROCESS_PACKET); 797 } 798 eap_sim_learn_ids(sm, data, &eattr); 799 os_free(decrypted); 800 } 801 802 if (data->result_ind && attr->result_ind) 803 data->use_result_ind = 1; 804 805 if (data->state != FAILURE) { 806 eap_sim_state(data, data->use_result_ind ? 807 RESULT_SUCCESS : SUCCESS); 808 } 809 810 data->num_id_req = 0; 811 data->num_notification = 0; 812 /* RFC 4186 specifies that counter is initialized to one after 813 * fullauth, but initializing it to zero makes it easier to implement 814 * reauth verification. */ 815 data->counter = 0; 816 return eap_sim_response_challenge(data, id); 817 } 818 819 820 static int eap_sim_process_notification_reauth(struct eap_sim_data *data, 821 struct eap_sim_attrs *attr) 822 { 823 struct eap_sim_attrs eattr; 824 u8 *decrypted; 825 826 if (attr->encr_data == NULL || attr->iv == NULL) { 827 wpa_printf(MSG_WARNING, "EAP-SIM: Notification message after " 828 "reauth did not include encrypted data"); 829 return -1; 830 } 831 832 decrypted = eap_sim_parse_encr(data->k_encr, attr->encr_data, 833 attr->encr_data_len, attr->iv, &eattr, 834 0); 835 if (decrypted == NULL) { 836 wpa_printf(MSG_WARNING, "EAP-SIM: Failed to parse encrypted " 837 "data from notification message"); 838 return -1; 839 } 840 841 if (eattr.counter < 0 || (size_t) eattr.counter != data->counter) { 842 wpa_printf(MSG_WARNING, "EAP-SIM: Counter in notification " 843 "message does not match with counter in reauth " 844 "message"); 845 os_free(decrypted); 846 return -1; 847 } 848 849 os_free(decrypted); 850 return 0; 851 } 852 853 854 static int eap_sim_process_notification_auth(struct eap_sim_data *data, 855 const struct wpabuf *reqData, 856 struct eap_sim_attrs *attr) 857 { 858 if (attr->mac == NULL) { 859 wpa_printf(MSG_INFO, "EAP-SIM: no AT_MAC in after_auth " 860 "Notification message"); 861 return -1; 862 } 863 864 if (eap_sim_verify_mac(data->k_aut, reqData, attr->mac, (u8 *) "", 0)) 865 { 866 wpa_printf(MSG_WARNING, "EAP-SIM: Notification message " 867 "used invalid AT_MAC"); 868 return -1; 869 } 870 871 if (data->reauth && 872 eap_sim_process_notification_reauth(data, attr)) { 873 wpa_printf(MSG_WARNING, "EAP-SIM: Invalid notification " 874 "message after reauth"); 875 return -1; 876 } 877 878 return 0; 879 } 880 881 882 static struct wpabuf * eap_sim_process_notification( 883 struct eap_sm *sm, struct eap_sim_data *data, u8 id, 884 const struct wpabuf *reqData, struct eap_sim_attrs *attr) 885 { 886 wpa_printf(MSG_DEBUG, "EAP-SIM: subtype Notification"); 887 if (data->num_notification > 0) { 888 wpa_printf(MSG_INFO, "EAP-SIM: too many notification " 889 "rounds (only one allowed)"); 890 return eap_sim_client_error(data, id, 891 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 892 } 893 data->num_notification++; 894 if (attr->notification == -1) { 895 wpa_printf(MSG_INFO, "EAP-SIM: no AT_NOTIFICATION in " 896 "Notification message"); 897 return eap_sim_client_error(data, id, 898 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 899 } 900 901 if ((attr->notification & 0x4000) == 0 && 902 eap_sim_process_notification_auth(data, reqData, attr)) { 903 return eap_sim_client_error(data, id, 904 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 905 } 906 907 eap_sim_report_notification(sm->msg_ctx, attr->notification, 0); 908 if (attr->notification >= 0 && attr->notification < 32768) { 909 eap_sim_state(data, FAILURE); 910 } else if (attr->notification == EAP_SIM_SUCCESS && 911 data->state == RESULT_SUCCESS) 912 eap_sim_state(data, SUCCESS); 913 return eap_sim_response_notification(data, id, attr->notification); 914 } 915 916 917 static struct wpabuf * eap_sim_process_reauthentication( 918 struct eap_sm *sm, struct eap_sim_data *data, u8 id, 919 const struct wpabuf *reqData, struct eap_sim_attrs *attr) 920 { 921 struct eap_sim_attrs eattr; 922 u8 *decrypted; 923 924 wpa_printf(MSG_DEBUG, "EAP-SIM: subtype Reauthentication"); 925 926 if (data->reauth_id == NULL) { 927 wpa_printf(MSG_WARNING, "EAP-SIM: Server is trying " 928 "reauthentication, but no reauth_id available"); 929 return eap_sim_client_error(data, id, 930 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 931 } 932 933 data->reauth = 1; 934 if (eap_sim_verify_mac(data->k_aut, reqData, attr->mac, (u8 *) "", 0)) 935 { 936 wpa_printf(MSG_WARNING, "EAP-SIM: Reauthentication " 937 "did not have valid AT_MAC"); 938 return eap_sim_client_error(data, id, 939 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 940 } 941 942 if (attr->encr_data == NULL || attr->iv == NULL) { 943 wpa_printf(MSG_WARNING, "EAP-SIM: Reauthentication " 944 "message did not include encrypted data"); 945 return eap_sim_client_error(data, id, 946 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 947 } 948 949 decrypted = eap_sim_parse_encr(data->k_encr, attr->encr_data, 950 attr->encr_data_len, attr->iv, &eattr, 951 0); 952 if (decrypted == NULL) { 953 wpa_printf(MSG_WARNING, "EAP-SIM: Failed to parse encrypted " 954 "data from reauthentication message"); 955 return eap_sim_client_error(data, id, 956 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 957 } 958 959 if (eattr.nonce_s == NULL || eattr.counter < 0) { 960 wpa_printf(MSG_INFO, "EAP-SIM: (encr) No%s%s in reauth packet", 961 !eattr.nonce_s ? " AT_NONCE_S" : "", 962 eattr.counter < 0 ? " AT_COUNTER" : ""); 963 os_free(decrypted); 964 return eap_sim_client_error(data, id, 965 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 966 } 967 968 if (eattr.counter < 0 || (size_t) eattr.counter <= data->counter) { 969 struct wpabuf *res; 970 wpa_printf(MSG_INFO, "EAP-SIM: (encr) Invalid counter " 971 "(%d <= %d)", eattr.counter, data->counter); 972 data->counter_too_small = eattr.counter; 973 974 /* Reply using Re-auth w/ AT_COUNTER_TOO_SMALL. The current 975 * reauth_id must not be used to start a new reauthentication. 976 * However, since it was used in the last EAP-Response-Identity 977 * packet, it has to saved for the following fullauth to be 978 * used in MK derivation. */ 979 os_free(data->last_eap_identity); 980 data->last_eap_identity = data->reauth_id; 981 data->last_eap_identity_len = data->reauth_id_len; 982 data->reauth_id = NULL; 983 data->reauth_id_len = 0; 984 985 res = eap_sim_response_reauth(data, id, 1, eattr.nonce_s); 986 os_free(decrypted); 987 988 return res; 989 } 990 data->counter = eattr.counter; 991 992 os_memcpy(data->nonce_s, eattr.nonce_s, EAP_SIM_NONCE_S_LEN); 993 wpa_hexdump(MSG_DEBUG, "EAP-SIM: (encr) AT_NONCE_S", 994 data->nonce_s, EAP_SIM_NONCE_S_LEN); 995 996 eap_sim_derive_keys_reauth(data->counter, 997 data->reauth_id, data->reauth_id_len, 998 data->nonce_s, data->mk, data->msk, 999 data->emsk); 1000 eap_sim_clear_identities(sm, data, CLEAR_REAUTH_ID | CLEAR_EAP_ID); 1001 eap_sim_learn_ids(sm, data, &eattr); 1002 1003 if (data->result_ind && attr->result_ind) 1004 data->use_result_ind = 1; 1005 1006 if (data->state != FAILURE) { 1007 eap_sim_state(data, data->use_result_ind ? 1008 RESULT_SUCCESS : SUCCESS); 1009 } 1010 1011 data->num_id_req = 0; 1012 data->num_notification = 0; 1013 if (data->counter > EAP_SIM_MAX_FAST_REAUTHS) { 1014 wpa_printf(MSG_DEBUG, "EAP-SIM: Maximum number of " 1015 "fast reauths performed - force fullauth"); 1016 eap_sim_clear_identities(sm, data, 1017 CLEAR_REAUTH_ID | CLEAR_EAP_ID); 1018 } 1019 os_free(decrypted); 1020 return eap_sim_response_reauth(data, id, 0, data->nonce_s); 1021 } 1022 1023 1024 static struct wpabuf * eap_sim_process(struct eap_sm *sm, void *priv, 1025 struct eap_method_ret *ret, 1026 const struct wpabuf *reqData) 1027 { 1028 struct eap_sim_data *data = priv; 1029 const struct eap_hdr *req; 1030 u8 subtype, id; 1031 struct wpabuf *res; 1032 const u8 *pos; 1033 struct eap_sim_attrs attr; 1034 size_t len; 1035 1036 wpa_hexdump_buf(MSG_DEBUG, "EAP-SIM: EAP data", reqData); 1037 if (eap_get_config_identity(sm, &len) == NULL) { 1038 wpa_printf(MSG_INFO, "EAP-SIM: Identity not configured"); 1039 eap_sm_request_identity(sm); 1040 ret->ignore = TRUE; 1041 return NULL; 1042 } 1043 1044 pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_SIM, reqData, &len); 1045 if (pos == NULL || len < 3) { 1046 ret->ignore = TRUE; 1047 return NULL; 1048 } 1049 req = wpabuf_head(reqData); 1050 id = req->identifier; 1051 len = be_to_host16(req->length); 1052 1053 ret->ignore = FALSE; 1054 ret->methodState = METHOD_MAY_CONT; 1055 ret->decision = DECISION_FAIL; 1056 ret->allowNotifications = TRUE; 1057 1058 subtype = *pos++; 1059 wpa_printf(MSG_DEBUG, "EAP-SIM: Subtype=%d", subtype); 1060 pos += 2; /* Reserved */ 1061 1062 if (eap_sim_parse_attr(pos, wpabuf_head_u8(reqData) + len, &attr, 0, 1063 0)) { 1064 res = eap_sim_client_error(data, id, 1065 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 1066 goto done; 1067 } 1068 1069 switch (subtype) { 1070 case EAP_SIM_SUBTYPE_START: 1071 res = eap_sim_process_start(sm, data, id, &attr); 1072 break; 1073 case EAP_SIM_SUBTYPE_CHALLENGE: 1074 res = eap_sim_process_challenge(sm, data, id, reqData, &attr); 1075 break; 1076 case EAP_SIM_SUBTYPE_NOTIFICATION: 1077 res = eap_sim_process_notification(sm, data, id, reqData, 1078 &attr); 1079 break; 1080 case EAP_SIM_SUBTYPE_REAUTHENTICATION: 1081 res = eap_sim_process_reauthentication(sm, data, id, reqData, 1082 &attr); 1083 break; 1084 case EAP_SIM_SUBTYPE_CLIENT_ERROR: 1085 wpa_printf(MSG_DEBUG, "EAP-SIM: subtype Client-Error"); 1086 res = eap_sim_client_error(data, id, 1087 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 1088 break; 1089 default: 1090 wpa_printf(MSG_DEBUG, "EAP-SIM: Unknown subtype=%d", subtype); 1091 res = eap_sim_client_error(data, id, 1092 EAP_SIM_UNABLE_TO_PROCESS_PACKET); 1093 break; 1094 } 1095 1096 done: 1097 if (data->state == FAILURE) { 1098 ret->decision = DECISION_FAIL; 1099 ret->methodState = METHOD_DONE; 1100 } else if (data->state == SUCCESS) { 1101 ret->decision = data->use_result_ind ? 1102 DECISION_UNCOND_SUCC : DECISION_COND_SUCC; 1103 ret->methodState = data->use_result_ind ? 1104 METHOD_DONE : METHOD_MAY_CONT; 1105 } else if (data->state == RESULT_SUCCESS) 1106 ret->methodState = METHOD_CONT; 1107 1108 if (ret->methodState == METHOD_DONE) { 1109 ret->allowNotifications = FALSE; 1110 } 1111 1112 return res; 1113 } 1114 1115 1116 static Boolean eap_sim_has_reauth_data(struct eap_sm *sm, void *priv) 1117 { 1118 struct eap_sim_data *data = priv; 1119 return data->pseudonym || data->reauth_id; 1120 } 1121 1122 1123 static void eap_sim_deinit_for_reauth(struct eap_sm *sm, void *priv) 1124 { 1125 struct eap_sim_data *data = priv; 1126 eap_sim_clear_identities(sm, data, CLEAR_EAP_ID); 1127 data->use_result_ind = 0; 1128 eap_sim_clear_keys(data, 1); 1129 } 1130 1131 1132 static void * eap_sim_init_for_reauth(struct eap_sm *sm, void *priv) 1133 { 1134 struct eap_sim_data *data = priv; 1135 if (random_get_bytes(data->nonce_mt, EAP_SIM_NONCE_MT_LEN)) { 1136 wpa_printf(MSG_WARNING, "EAP-SIM: Failed to get random data " 1137 "for NONCE_MT"); 1138 os_free(data); 1139 return NULL; 1140 } 1141 data->num_id_req = 0; 1142 data->num_notification = 0; 1143 eap_sim_state(data, CONTINUE); 1144 return priv; 1145 } 1146 1147 1148 static const u8 * eap_sim_get_identity(struct eap_sm *sm, void *priv, 1149 size_t *len) 1150 { 1151 struct eap_sim_data *data = priv; 1152 1153 if (data->reauth_id) { 1154 *len = data->reauth_id_len; 1155 return data->reauth_id; 1156 } 1157 1158 if (data->pseudonym) { 1159 *len = data->pseudonym_len; 1160 return data->pseudonym; 1161 } 1162 1163 return NULL; 1164 } 1165 1166 1167 static Boolean eap_sim_isKeyAvailable(struct eap_sm *sm, void *priv) 1168 { 1169 struct eap_sim_data *data = priv; 1170 return data->state == SUCCESS; 1171 } 1172 1173 1174 static u8 * eap_sim_getKey(struct eap_sm *sm, void *priv, size_t *len) 1175 { 1176 struct eap_sim_data *data = priv; 1177 u8 *key; 1178 1179 if (data->state != SUCCESS) 1180 return NULL; 1181 1182 key = os_malloc(EAP_SIM_KEYING_DATA_LEN); 1183 if (key == NULL) 1184 return NULL; 1185 1186 *len = EAP_SIM_KEYING_DATA_LEN; 1187 os_memcpy(key, data->msk, EAP_SIM_KEYING_DATA_LEN); 1188 1189 return key; 1190 } 1191 1192 1193 static u8 * eap_sim_get_session_id(struct eap_sm *sm, void *priv, size_t *len) 1194 { 1195 struct eap_sim_data *data = priv; 1196 u8 *id; 1197 1198 if (data->state != SUCCESS) 1199 return NULL; 1200 1201 *len = 1 + data->num_chal * GSM_RAND_LEN + EAP_SIM_NONCE_MT_LEN; 1202 id = os_malloc(*len); 1203 if (id == NULL) 1204 return NULL; 1205 1206 id[0] = EAP_TYPE_SIM; 1207 os_memcpy(id + 1, data->rand, data->num_chal * GSM_RAND_LEN); 1208 os_memcpy(id + 1 + data->num_chal * GSM_RAND_LEN, data->nonce_mt, 1209 EAP_SIM_NONCE_MT_LEN); 1210 wpa_hexdump(MSG_DEBUG, "EAP-SIM: Derived Session-Id", id, *len); 1211 1212 return id; 1213 } 1214 1215 1216 static u8 * eap_sim_get_emsk(struct eap_sm *sm, void *priv, size_t *len) 1217 { 1218 struct eap_sim_data *data = priv; 1219 u8 *key; 1220 1221 if (data->state != SUCCESS) 1222 return NULL; 1223 1224 key = os_malloc(EAP_EMSK_LEN); 1225 if (key == NULL) 1226 return NULL; 1227 1228 *len = EAP_EMSK_LEN; 1229 os_memcpy(key, data->emsk, EAP_EMSK_LEN); 1230 1231 return key; 1232 } 1233 1234 1235 int eap_peer_sim_register(void) 1236 { 1237 struct eap_method *eap; 1238 int ret; 1239 1240 eap = eap_peer_method_alloc(EAP_PEER_METHOD_INTERFACE_VERSION, 1241 EAP_VENDOR_IETF, EAP_TYPE_SIM, "SIM"); 1242 if (eap == NULL) 1243 return -1; 1244 1245 eap->init = eap_sim_init; 1246 eap->deinit = eap_sim_deinit; 1247 eap->process = eap_sim_process; 1248 eap->isKeyAvailable = eap_sim_isKeyAvailable; 1249 eap->getKey = eap_sim_getKey; 1250 eap->getSessionId = eap_sim_get_session_id; 1251 eap->has_reauth_data = eap_sim_has_reauth_data; 1252 eap->deinit_for_reauth = eap_sim_deinit_for_reauth; 1253 eap->init_for_reauth = eap_sim_init_for_reauth; 1254 eap->get_identity = eap_sim_get_identity; 1255 eap->get_emsk = eap_sim_get_emsk; 1256 1257 ret = eap_peer_method_register(eap); 1258 if (ret) 1259 eap_peer_method_free(eap); 1260 return ret; 1261 } 1262