1 /* 2 * EAP server/peer: EAP-EKE shared routines 3 * Copyright (c) 2011-2013, Jouni Malinen <j (at) w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #ifndef EAP_EKE_COMMON_H 10 #define EAP_EKE_COMMON_H 11 12 /* EKE Exchange */ 13 #define EAP_EKE_ID 1 14 #define EAP_EKE_COMMIT 2 15 #define EAP_EKE_CONFIRM 3 16 #define EAP_EKE_FAILURE 4 17 18 /* Diffie-Hellman Group Registry */ 19 #define EAP_EKE_DHGROUP_EKE_2 1 20 #define EAP_EKE_DHGROUP_EKE_5 2 21 #define EAP_EKE_DHGROUP_EKE_14 3 /* mandatory to implement */ 22 #define EAP_EKE_DHGROUP_EKE_15 4 23 #define EAP_EKE_DHGROUP_EKE_16 5 24 25 /* Encryption Algorithm Registry */ 26 #define EAP_EKE_ENCR_AES128_CBC 1 /* mandatory to implement */ 27 28 /* Pseudo Random Function Registry */ 29 #define EAP_EKE_PRF_HMAC_SHA1 1 /* mandatory to implement */ 30 #define EAP_EKE_PRF_HMAC_SHA2_256 2 31 32 /* Keyed Message Digest (MAC) Registry */ 33 #define EAP_EKE_MAC_HMAC_SHA1 1 /* mandatory to implement */ 34 #define EAP_EKE_MAC_HMAC_SHA2_256 2 35 36 /* Identity Type Registry */ 37 #define EAP_EKE_ID_OPAQUE 1 38 #define EAP_EKE_ID_NAI 2 39 #define EAP_EKE_ID_IPv4 3 40 #define EAP_EKE_ID_IPv6 4 41 #define EAP_EKE_ID_FQDN 5 42 #define EAP_EKE_ID_DN 6 43 44 /* Failure-Code */ 45 #define EAP_EKE_FAIL_NO_ERROR 1 46 #define EAP_EKE_FAIL_PROTO_ERROR 2 47 #define EAP_EKE_FAIL_PASSWD_NOT_FOUND 3 48 #define EAP_EKE_FAIL_AUTHENTICATION_FAIL 4 49 #define EAP_EKE_FAIL_AUTHORIZATION_FAIL 5 50 #define EAP_EKE_FAIL_NO_PROPOSAL_CHOSEN 6 51 #define EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR 0xffffffff 52 53 #define EAP_EKE_MAX_DH_LEN 512 54 #define EAP_EKE_MAX_HASH_LEN 32 55 #define EAP_EKE_MAX_KEY_LEN 16 56 #define EAP_EKE_MAX_KE_LEN 16 57 #define EAP_EKE_MAX_KI_LEN 32 58 #define EAP_EKE_MAX_KA_LEN 32 59 #define EAP_EKE_MAX_NONCE_LEN 16 60 61 struct eap_eke_session { 62 /* Selected proposal */ 63 u8 dhgroup; 64 u8 encr; 65 u8 prf; 66 u8 mac; 67 68 u8 shared_secret[EAP_EKE_MAX_HASH_LEN]; 69 u8 ke[EAP_EKE_MAX_KE_LEN]; 70 u8 ki[EAP_EKE_MAX_KI_LEN]; 71 u8 ka[EAP_EKE_MAX_KA_LEN]; 72 73 int prf_len; 74 int nonce_len; 75 int auth_len; 76 int dhcomp_len; 77 int pnonce_len; 78 int pnonce_ps_len; 79 }; 80 81 int eap_eke_session_init(struct eap_eke_session *sess, u8 dhgroup, u8 encr, 82 u8 prf, u8 mac); 83 void eap_eke_session_clean(struct eap_eke_session *sess); 84 int eap_eke_dh_init(u8 group, u8 *ret_priv, u8 *ret_pub); 85 int eap_eke_derive_key(struct eap_eke_session *sess, 86 const u8 *password, size_t password_len, 87 const u8 *id_s, size_t id_s_len, const u8 *id_p, 88 size_t id_p_len, u8 *key); 89 int eap_eke_dhcomp(struct eap_eke_session *sess, const u8 *key, const u8 *dhpub, 90 u8 *ret_dhcomp); 91 int eap_eke_shared_secret(struct eap_eke_session *sess, const u8 *key, 92 const u8 *dhpriv, const u8 *peer_dhcomp); 93 int eap_eke_derive_ke_ki(struct eap_eke_session *sess, 94 const u8 *id_s, size_t id_s_len, 95 const u8 *id_p, size_t id_p_len); 96 int eap_eke_derive_ka(struct eap_eke_session *sess, 97 const u8 *id_s, size_t id_s_len, 98 const u8 *id_p, size_t id_p_len, 99 const u8 *nonce_p, const u8 *nonce_s); 100 int eap_eke_derive_msk(struct eap_eke_session *sess, 101 const u8 *id_s, size_t id_s_len, 102 const u8 *id_p, size_t id_p_len, 103 const u8 *nonce_p, const u8 *nonce_s, 104 u8 *msk, u8 *emsk); 105 int eap_eke_prot(struct eap_eke_session *sess, 106 const u8 *data, size_t data_len, 107 u8 *prot, size_t *prot_len); 108 int eap_eke_decrypt_prot(struct eap_eke_session *sess, 109 const u8 *prot, size_t prot_len, 110 u8 *data, size_t *data_len); 111 int eap_eke_auth(struct eap_eke_session *sess, const char *label, 112 const struct wpabuf *msgs, u8 *auth); 113 114 #endif /* EAP_EKE_COMMON_H */ 115
