65 static void eap_sim_state(struct eap_sim_data *data, int state)  in eap_sim_state()  argument
68 		   eap_sim_state_txt(data->state),  in eap_sim_state()
70 	data->state = state;  in eap_sim_state()
76 	struct eap_sim_data *data;  in eap_sim_init()  local
83 	data = os_zalloc(sizeof(*data));  in eap_sim_init()
84 	if (data == NULL)  in eap_sim_init()
86 	data->state = START;  in eap_sim_init()
88 	return data;  in eap_sim_init()
94 	struct eap_sim_data *data = priv;  in eap_sim_reset()  local
95 	os_free(data->next_pseudonym);  in eap_sim_reset()
96 	os_free(data->next_reauth_id);  in eap_sim_reset()
97 	bin_clear_free(data, sizeof(*data));  in eap_sim_reset()
102 					   struct eap_sim_data *data, u8 id)  in eap_sim_build_start()  argument
110 	data->start_round++;  in eap_sim_build_start()
111 	if (data->start_round == 1) {  in eap_sim_build_start()
118 	} else if (data->start_round > 3) {  in eap_sim_build_start()
122 	} else if (data->start_round == 0) {  in eap_sim_build_start()
147 static int eap_sim_build_encr(struct eap_sm *sm, struct eap_sim_data *data,  in eap_sim_build_encr()  argument
151 	os_free(data->next_pseudonym);  in eap_sim_build_encr()
153 		data->next_pseudonym =  in eap_sim_build_encr()
158 		data->next_pseudonym = NULL;  in eap_sim_build_encr()
160 	os_free(data->next_reauth_id);  in eap_sim_build_encr()
161 	if (data->counter <= EAP_SIM_MAX_FAST_REAUTHS) {  in eap_sim_build_encr()
162 		data->next_reauth_id =  in eap_sim_build_encr()
168 		data->next_reauth_id = NULL;  in eap_sim_build_encr()
171 	if (data->next_pseudonym == NULL && data->next_reauth_id == NULL &&  in eap_sim_build_encr()
190 	if (data->next_pseudonym) {  in eap_sim_build_encr()
192 			   data->next_pseudonym);  in eap_sim_build_encr()
194 				os_strlen(data->next_pseudonym),  in eap_sim_build_encr()
195 				(u8 *) data->next_pseudonym,  in eap_sim_build_encr()
196 				os_strlen(data->next_pseudonym));  in eap_sim_build_encr()
199 	if (data->next_reauth_id) {  in eap_sim_build_encr()
201 			   data->next_reauth_id);  in eap_sim_build_encr()
203 				os_strlen(data->next_reauth_id),  in eap_sim_build_encr()
204 				(u8 *) data->next_reauth_id,  in eap_sim_build_encr()
205 				os_strlen(data->next_reauth_id));  in eap_sim_build_encr()
208 	if (eap_sim_msg_add_encr_end(msg, data->k_encr, EAP_SIM_AT_PADDING)) {  in eap_sim_build_encr()
219 					       struct eap_sim_data *data,  in eap_sim_build_challenge()  argument
228 	eap_sim_msg_add(msg, EAP_SIM_AT_RAND, 0, (u8 *) data->rand,  in eap_sim_build_challenge()
229 			data->num_chal * GSM_RAND_LEN);  in eap_sim_build_challenge()
231 	if (eap_sim_build_encr(sm, data, msg, 0, NULL)) {  in eap_sim_build_challenge()
243 	return eap_sim_msg_finish(msg, EAP_TYPE_SIM, data->k_aut,  in eap_sim_build_challenge()
244 				  data->nonce_mt, EAP_SIM_NONCE_MT_LEN);  in eap_sim_build_challenge()
249 					    struct eap_sim_data *data, u8 id)  in eap_sim_build_reauth()  argument
255 	if (random_get_bytes(data->nonce_s, EAP_SIM_NONCE_S_LEN))  in eap_sim_build_reauth()
258 			data->nonce_s, EAP_SIM_NONCE_S_LEN);  in eap_sim_build_reauth()
260 	eap_sim_derive_keys(data->mk, data->k_encr, data->k_aut, data->msk,  in eap_sim_build_reauth()
261 			    data->emsk);  in eap_sim_build_reauth()
262 	eap_sim_derive_keys_reauth(data->counter, sm->identity,  in eap_sim_build_reauth()
263 				   sm->identity_len, data->nonce_s, data->mk,  in eap_sim_build_reauth()
264 				   data->msk, data->emsk);  in eap_sim_build_reauth()
269 	if (eap_sim_build_encr(sm, data, msg, data->counter, data->nonce_s)) {  in eap_sim_build_reauth()
281 	return eap_sim_msg_finish(msg, EAP_TYPE_SIM, data->k_aut, NULL, 0);  in eap_sim_build_reauth()
286 						  struct eap_sim_data *data,  in eap_sim_build_notification()  argument
294 	wpa_printf(MSG_DEBUG, "   AT_NOTIFICATION (%d)", data->notification);  in eap_sim_build_notification()
295 	eap_sim_msg_add(msg, EAP_SIM_AT_NOTIFICATION, data->notification,  in eap_sim_build_notification()
297 	if (data->use_result_ind) {  in eap_sim_build_notification()
298 		if (data->reauth) {  in eap_sim_build_notification()
304 				   data->counter);  in eap_sim_build_notification()
305 			eap_sim_msg_add(msg, EAP_SIM_AT_COUNTER, data->counter,  in eap_sim_build_notification()
308 			if (eap_sim_msg_add_encr_end(msg, data->k_encr,  in eap_sim_build_notification()
320 	return eap_sim_msg_finish(msg, EAP_TYPE_SIM, data->k_aut, NULL, 0);  in eap_sim_build_notification()
326 	struct eap_sim_data *data = priv;  in eap_sim_buildReq()  local
328 	switch (data->state) {  in eap_sim_buildReq()
330 		return eap_sim_build_start(sm, data, id);  in eap_sim_buildReq()
332 		return eap_sim_build_challenge(sm, data, id);  in eap_sim_buildReq()
334 		return eap_sim_build_reauth(sm, data, id);  in eap_sim_buildReq()
336 		return eap_sim_build_notification(sm, data, id);  in eap_sim_buildReq()
339 			   "buildReq", data->state);  in eap_sim_buildReq()
362 static Boolean eap_sim_unexpected_subtype(struct eap_sim_data *data,  in eap_sim_unexpected_subtype()  argument
368 	switch (data->state) {  in eap_sim_unexpected_subtype()
399 			   "processing a response", data->state);  in eap_sim_unexpected_subtype()
407 static int eap_sim_supported_ver(struct eap_sim_data *data, int version)  in eap_sim_supported_ver()  argument
414 				  struct eap_sim_data *data,  in eap_sim_process_start()  argument
425 	if (data->start_round == 0) {  in eap_sim_process_start()
460 		data->reauth = eap_sim_db_get_reauth_entry(  in eap_sim_process_start()
463 		if (data->reauth == NULL) {  in eap_sim_process_start()
470 		os_strlcpy(data->permanent, data->reauth->permanent,  in eap_sim_process_start()
471 			   sizeof(data->permanent));  in eap_sim_process_start()
472 		data->counter = data->reauth->counter;  in eap_sim_process_start()
473 		os_memcpy(data->mk, data->reauth->mk, EAP_SIM_MK_LEN);  in eap_sim_process_start()
474 		eap_sim_state(data, REAUTH);  in eap_sim_process_start()
491 		os_strlcpy(data->permanent, permanent,  in eap_sim_process_start()
492 			   sizeof(data->permanent));  in eap_sim_process_start()
496 		os_strlcpy(data->permanent, username, sizeof(data->permanent));  in eap_sim_process_start()
514 	if (!eap_sim_supported_ver(data, attr->selected_version)) {  in eap_sim_process_start()
520 	data->counter = 0; /* reset re-auth counter since this is full auth */  in eap_sim_process_start()
521 	data->reauth = NULL;  in eap_sim_process_start()
523 	data->num_chal = eap_sim_db_get_gsm_triplets(  in eap_sim_process_start()
524 		sm->eap_sim_db_priv, data->permanent, EAP_SIM_MAX_CHAL,  in eap_sim_process_start()
525 		(u8 *) data->rand, (u8 *) data->kc, (u8 *) data->sres, sm);  in eap_sim_process_start()
526 	if (data->num_chal == EAP_SIM_DB_PENDING) {  in eap_sim_process_start()
532 	if (data->num_chal < 2) {  in eap_sim_process_start()
547 	os_memcpy(data->nonce_mt, attr->nonce_mt, EAP_SIM_NONCE_MT_LEN);  in eap_sim_process_start()
551 			  data->num_chal, (const u8 *) data->kc, data->mk);  in eap_sim_process_start()
552 	eap_sim_derive_keys(data->mk, data->k_encr, data->k_aut, data->msk,  in eap_sim_process_start()
553 			    data->emsk);  in eap_sim_process_start()
555 	eap_sim_state(data, CHALLENGE);  in eap_sim_process_start()
559 	data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH;  in eap_sim_process_start()
560 	eap_sim_state(data, NOTIFICATION);  in eap_sim_process_start()
565 				      struct eap_sim_data *data,  in eap_sim_process_challenge()  argument
570 	    eap_sim_verify_mac(data->k_aut, respData, attr->mac,  in eap_sim_process_challenge()
571 			       (u8 *) data->sres,  in eap_sim_process_challenge()
572 			       data->num_chal * EAP_SIM_SRES_LEN)) {  in eap_sim_process_challenge()
575 		data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH;  in eap_sim_process_challenge()
576 		eap_sim_state(data, NOTIFICATION);  in eap_sim_process_challenge()
583 		data->use_result_ind = 1;  in eap_sim_process_challenge()
584 		data->notification = EAP_SIM_SUCCESS;  in eap_sim_process_challenge()
585 		eap_sim_state(data, NOTIFICATION);  in eap_sim_process_challenge()
587 		eap_sim_state(data, SUCCESS);  in eap_sim_process_challenge()
589 	if (data->next_pseudonym) {  in eap_sim_process_challenge()
590 		eap_sim_db_add_pseudonym(sm->eap_sim_db_priv, data->permanent,  in eap_sim_process_challenge()
591 					 data->next_pseudonym);  in eap_sim_process_challenge()
592 		data->next_pseudonym = NULL;  in eap_sim_process_challenge()
594 	if (data->next_reauth_id) {  in eap_sim_process_challenge()
595 		eap_sim_db_add_reauth(sm->eap_sim_db_priv, data->permanent,  in eap_sim_process_challenge()
596 				      data->next_reauth_id, data->counter + 1,  in eap_sim_process_challenge()
597 				      data->mk);  in eap_sim_process_challenge()
598 		data->next_reauth_id = NULL;  in eap_sim_process_challenge()
604 				   struct eap_sim_data *data,  in eap_sim_process_reauth()  argument
612 	    eap_sim_verify_mac(data->k_aut, respData, attr->mac, data->nonce_s,  in eap_sim_process_reauth()
625 	decrypted = eap_sim_parse_encr(data->k_encr, attr->encr_data,  in eap_sim_process_reauth()
634 	if (eattr.counter != data->counter) {  in eap_sim_process_reauth()
637 			   eattr.counter, data->counter);  in eap_sim_process_reauth()
650 		data->start_round = -1;  in eap_sim_process_reauth()
651 		eap_sim_state(data, START);  in eap_sim_process_reauth()
656 		data->use_result_ind = 1;  in eap_sim_process_reauth()
657 		data->notification = EAP_SIM_SUCCESS;  in eap_sim_process_reauth()
658 		eap_sim_state(data, NOTIFICATION);  in eap_sim_process_reauth()
660 		eap_sim_state(data, SUCCESS);  in eap_sim_process_reauth()
662 	if (data->next_reauth_id) {  in eap_sim_process_reauth()
663 		eap_sim_db_add_reauth(sm->eap_sim_db_priv, data->permanent,  in eap_sim_process_reauth()
664 				      data->next_reauth_id,  in eap_sim_process_reauth()
665 				      data->counter + 1, data->mk);  in eap_sim_process_reauth()
666 		data->next_reauth_id = NULL;  in eap_sim_process_reauth()
668 		eap_sim_db_remove_reauth(sm->eap_sim_db_priv, data->reauth);  in eap_sim_process_reauth()
669 		data->reauth = NULL;  in eap_sim_process_reauth()
675 	data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH;  in eap_sim_process_reauth()
676 	eap_sim_state(data, NOTIFICATION);  in eap_sim_process_reauth()
677 	eap_sim_db_remove_reauth(sm->eap_sim_db_priv, data->reauth);  in eap_sim_process_reauth()
678 	data->reauth = NULL;  in eap_sim_process_reauth()
684 					 struct eap_sim_data *data,  in eap_sim_process_client_error()  argument
690 	if (data->notification == EAP_SIM_SUCCESS && data->use_result_ind)  in eap_sim_process_client_error()
691 		eap_sim_state(data, SUCCESS);  in eap_sim_process_client_error()
693 		eap_sim_state(data, FAILURE);  in eap_sim_process_client_error()
698 					 struct eap_sim_data *data,  in eap_sim_process_notification()  argument
703 	if (data->notification == EAP_SIM_SUCCESS && data->use_result_ind)  in eap_sim_process_notification()
704 		eap_sim_state(data, SUCCESS);  in eap_sim_process_notification()
706 		eap_sim_state(data, FAILURE);  in eap_sim_process_notification()
713 	struct eap_sim_data *data = priv;  in eap_sim_process()  local
727 	if (eap_sim_unexpected_subtype(data, subtype)) {  in eap_sim_process()
730 		data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH;  in eap_sim_process()
731 		eap_sim_state(data, NOTIFICATION);  in eap_sim_process()
738 		    (data->state == START || data->state == CHALLENGE ||  in eap_sim_process()
739 		     data->state == REAUTH)) {  in eap_sim_process()
740 			data->notification =  in eap_sim_process()
742 			eap_sim_state(data, NOTIFICATION);  in eap_sim_process()
745 		eap_sim_state(data, FAILURE);  in eap_sim_process()
750 		eap_sim_process_client_error(sm, data, respData, &attr);  in eap_sim_process()
754 	switch (data->state) {  in eap_sim_process()
756 		eap_sim_process_start(sm, data, respData, &attr);  in eap_sim_process()
759 		eap_sim_process_challenge(sm, data, respData, &attr);  in eap_sim_process()
762 		eap_sim_process_reauth(sm, data, respData, &attr);  in eap_sim_process()
765 		eap_sim_process_notification(sm, data, respData, &attr);  in eap_sim_process()
769 			   "process", data->state);  in eap_sim_process()
777 	struct eap_sim_data *data = priv;  in eap_sim_isDone()  local
778 	return data->state == SUCCESS || data->state == FAILURE;  in eap_sim_isDone()
784 	struct eap_sim_data *data = priv;  in eap_sim_getKey()  local
787 	if (data->state != SUCCESS)  in eap_sim_getKey()
793 	os_memcpy(key, data->msk, EAP_SIM_KEYING_DATA_LEN);  in eap_sim_getKey()
801 	struct eap_sim_data *data = priv;  in eap_sim_get_emsk()  local
804 	if (data->state != SUCCESS)  in eap_sim_get_emsk()
810 	os_memcpy(key, data->emsk, EAP_EMSK_LEN);  in eap_sim_get_emsk()
818 	struct eap_sim_data *data = priv;  in eap_sim_isSuccess()  local
819 	return data->state == SUCCESS;  in eap_sim_isSuccess()
825 	struct eap_sim_data *data = priv;  in eap_sim_get_session_id()  local
828 	if (data->state != SUCCESS)  in eap_sim_get_session_id()
831 	*len = 1 + data->num_chal * GSM_RAND_LEN + EAP_SIM_NONCE_MT_LEN;  in eap_sim_get_session_id()
837 	os_memcpy(id + 1, data->rand, data->num_chal * GSM_RAND_LEN);  in eap_sim_get_session_id()
838 	os_memcpy(id + 1 + data->num_chal * GSM_RAND_LEN, data->nonce_mt,  in eap_sim_get_session_id()