Lines Matching refs:sess
326 int eap_eke_derive_key(struct eap_eke_session *sess,
337 os_memset(zeros, 0, sess->prf_len);
338 if (eap_eke_prf(sess->prf, zeros, sess->prf_len,
342 temp, sess->prf_len);
352 if (eap_eke_prfplus(sess->prf, temp, sess->prf_len,
365 int eap_eke_dhcomp(struct eap_eke_session *sess, const u8 *key, const u8 *dhpub,
372 dh_len = eap_eke_dh_len(sess->dhgroup);
382 if (sess->encr != EAP_EKE_ENCR_AES128_CBC)
400 int eap_eke_shared_secret(struct eap_eke_session *sess, const u8 *key,
409 dh = eap_eke_dh_group(sess->dhgroup);
410 if (sess->encr != EAP_EKE_ENCR_AES128_CBC || !dh)
433 os_memset(zeros, 0, sess->auth_len);
434 if (eap_eke_prf(sess->prf, zeros, sess->auth_len, modexp, dh->prime_len,
435 NULL, 0, sess->shared_secret) < 0)
438 sess->shared_secret, sess->auth_len);
444 int eap_eke_derive_ke_ki(struct eap_eke_session *sess,
462 if (sess->encr == EAP_EKE_ENCR_AES128_CBC)
467 if (sess->mac == EAP_EKE_PRF_HMAC_SHA1)
469 else if (sess->mac == EAP_EKE_PRF_HMAC_SHA2_256)
482 if (eap_eke_prfplus(sess->prf, sess->shared_secret, sess->prf_len,
488 os_memcpy(sess->ke, buf, ke_len);
489 wpa_hexdump_key(MSG_DEBUG, "EAP-EKE: Ke", sess->ke, ke_len);
490 os_memcpy(sess->ki, buf + ke_len, ki_len);
491 wpa_hexdump_key(MSG_DEBUG, "EAP-EKE: Ki", sess->ki, ki_len);
498 int eap_eke_derive_ka(struct eap_eke_session *sess,
516 data_len = label_len + id_s_len + id_p_len + 2 * sess->nonce_len;
527 os_memcpy(pos, nonce_p, sess->nonce_len);
528 pos += sess->nonce_len;
529 os_memcpy(pos, nonce_s, sess->nonce_len);
530 if (eap_eke_prfplus(sess->prf, sess->shared_secret, sess->prf_len,
531 data, data_len, sess->ka, sess->prf_len) < 0) {
537 wpa_hexdump_key(MSG_DEBUG, "EAP-EKE: Ka", sess->ka, sess->prf_len);
543 int eap_eke_derive_msk(struct eap_eke_session *sess,
561 data_len = label_len + id_s_len + id_p_len + 2 * sess->nonce_len;
572 os_memcpy(pos, nonce_p, sess->nonce_len);
573 pos += sess->nonce_len;
574 os_memcpy(pos, nonce_s, sess->nonce_len);
575 if (eap_eke_prfplus(sess->prf, sess->shared_secret, sess->prf_len,
605 int eap_eke_prot(struct eap_eke_session *sess,
612 if (sess->encr == EAP_EKE_ENCR_AES128_CBC)
617 if (sess->mac == EAP_EKE_PRF_HMAC_SHA1)
619 else if (sess->mac == EAP_EKE_PRF_HMAC_SHA2_256)
649 if (aes_128_cbc_encrypt(sess->ke, iv, e, data_len + pad) < 0 ||
650 eap_eke_mac(sess->mac, sess->ki, e, data_len + pad, pos) < 0)
659 int eap_eke_decrypt_prot(struct eap_eke_session *sess,
666 if (sess->encr == EAP_EKE_ENCR_AES128_CBC)
671 if (sess->mac == EAP_EKE_PRF_HMAC_SHA1)
673 else if (sess->mac == EAP_EKE_PRF_HMAC_SHA2_256)
682 if (eap_eke_mac(sess->mac, sess->ki, prot + block_size,
697 if (aes_128_cbc_decrypt(sess->ke, prot, data, *data_len) < 0) {
708 sess, const char *label,
713 sess->ka, sess->auth_len);
715 return eap_eke_prf(sess->prf, sess->ka, sess->auth_len,
721 int eap_eke_session_init(struct eap_eke_session *sess, u8 dhgroup, u8 encr,
724 sess->dhgroup = dhgroup;
725 sess->encr = encr;
726 sess->prf = prf;
727 sess->mac = mac;
729 sess->prf_len = eap_eke_prf_len(prf);
730 sess->nonce_len = eap_eke_nonce_len(prf);
731 sess->auth_len = eap_eke_auth_len(prf);
732 sess->dhcomp_len = eap_eke_dhcomp_len(sess->dhgroup, sess->encr);
733 sess->pnonce_len = eap_eke_pnonce_len(sess->mac);
734 sess->pnonce_ps_len = eap_eke_pnonce_ps_len(sess->mac);
735 if (sess->prf_len < 0 || sess->nonce_len < 0 || sess->auth_len < 0 ||
736 sess->dhcomp_len < 0 || sess->pnonce_len < 0 ||
737 sess->pnonce_ps_len < 0)
744 void eap_eke_session_clean(struct eap_eke_session *sess)
746 os_memset(sess->shared_secret, 0, EAP_EKE_MAX_HASH_LEN);
747 os_memset(sess->ke, 0, EAP_EKE_MAX_KE_LEN);
748 os_memset(sess->ki, 0, EAP_EKE_MAX_KI_LEN);
749 os_memset(sess->ka, 0, EAP_EKE_MAX_KA_LEN);
