24 static void eap_teap_deinit(struct eap_sm *sm, void *priv);
153 static void * eap_teap_init(struct eap_sm *sm)
156 	struct eap_peer_config *config = eap_get_config(sm);
183 		eap_teap_deinit(sm, data);
192 	if (eap_peer_tls_ssl_init(sm, &data->ssl, config, EAP_TYPE_TEAP)) {
194 		eap_teap_deinit(sm, data);
198 	if (tls_connection_set_session_ticket_cb(sm->ssl_ctx, data->ssl.conn,
203 		eap_teap_deinit(sm, data);
209 		eap_teap_deinit(sm, data);
214 	    eap_teap_load_pac_bin(sm, &data->pac, config->pac_file) < 0) {
216 		eap_teap_deinit(sm, data);
221 	    eap_teap_load_pac(sm, &data->pac, config->pac_file) < 0) {
223 		eap_teap_deinit(sm, data);
251 static void eap_teap_deinit(struct eap_sm *sm, void *priv)
259 		data->phase2_method->deinit(sm, data->phase2_priv);
262 	eap_peer_tls_ssl_deinit(sm, &data->ssl);
288 static int eap_teap_derive_key_auth(struct eap_sm *sm,
294 	res = tls_connection_export_key(sm->ssl_ctx, data->ssl.conn,
308 static int eap_teap_init_phase2_method(struct eap_sm *sm,
318 	sm->init_phase2 = 1;
319 	data->phase2_priv = data->phase2_method->init(sm);
320 	sm->init_phase2 = 0;
374 static int eap_teap_phase2_request(struct eap_sm *sm,
383 	struct eap_peer_config *config = eap_get_config(sm);
395 		*resp = eap_sm_buildIdentity(sm, hdr->identifier, 1);
403 		data->phase2_method->deinit(sm, data->phase2_priv);
420 	if ((!data->phase2_priv && eap_teap_init_phase2_method(sm, data) < 0) ||
432 	*resp = data->phase2_method->process(sm, data->phase2_priv, &iret,
504 	struct eap_sm *sm, struct eap_teap_data *data,
532 	if (eap_teap_phase2_request(sm, data, ret, hdr, &resp)) {
543 	struct eap_sm *sm, struct eap_teap_data *data,
554 	identity = eap_get_config_identity(sm, &identity_len);
555 	password = eap_get_config_password(sm, &password_len);
671 static int eap_teap_get_cmk(struct eap_sm *sm, struct eap_teap_data *data,
692 	    !data->phase2_method->isKeyAvailable(sm, data->phase2_priv)) {
700 		msk = data->phase2_method->getKey(sm, data->phase2_priv,
711 		emsk = data->phase2_method->get_emsk(sm, data->phase2_priv,
758 	struct eap_sm *sm, struct eap_teap_data *data,
772 	    eap_teap_get_cmk(sm, data, cmk_msk, cmk_emsk) < 0)
1068 static struct wpabuf * eap_teap_process_pac(struct eap_sm *sm,
1073 	struct eap_peer_config *config = eap_get_config(sm);
1084 		eap_teap_save_pac_bin(sm, data->pac, config->pac_file);
1086 		eap_teap_save_pac(sm, data->pac, config->pac_file);
1181 static int eap_teap_process_decrypted(struct eap_sm *sm,
1239 		tmp = eap_teap_process_basic_auth_req(sm, data,
1246 		tmp = eap_teap_process_eap_payload_tlv(sm, data, ret,
1274 		tmp = eap_teap_process_crypto_binding(sm, data, ret,
1301 			tmp = eap_teap_process_pac(sm, data, ret,
1370 	if (eap_peer_tls_encrypt(sm, &data->ssl, EAP_TYPE_TEAP,
1382 static int eap_teap_decrypt(struct eap_sm *sm, struct eap_teap_data *data,
1407 		res = eap_peer_tls_encrypt(sm, &data->ssl, EAP_TYPE_TEAP,
1421 	res = eap_peer_tls_decrypt(sm, &data->ssl, in_data, &in_decrypted);
1437 	res = eap_teap_process_decrypted(sm, data, ret, identifier,
1464 static int eap_teap_use_pac_opaque(struct eap_sm *sm,
1483 	    tls_connection_client_hello_ext(sm->ssl_ctx, data->ssl.conn,
1497 static int eap_teap_clear_pac_opaque_ext(struct eap_sm *sm,
1500 	if (tls_connection_client_hello_ext(sm->ssl_ctx, data->ssl.conn,
1510 static int eap_teap_process_start(struct eap_sm *sm,
1629 		if (eap_teap_clear_pac_opaque_ext(sm, data) < 0)
1636 		if (eap_teap_use_pac_opaque(sm, data, data->current_pac) < 0)
1641 		if (eap_teap_clear_pac_opaque_ext(sm, data) < 0)
1717 static struct wpabuf * eap_teap_process(struct eap_sm *sm, void *priv,
1730 	pos = eap_peer_tls_process_init(sm, &data->ssl, EAP_TYPE_TEAP, ret,
1739 		if (eap_teap_process_start(sm, data, flags, pos, left) < 0)
1759 	if (tls_connection_established(sm->ssl_ctx, data->ssl.conn) &&
1762 		res = eap_teap_decrypt(sm, data, ret, id, &msg, &resp);
1773 		if (sm->waiting_ext_cert_check && data->pending_resp) {
1774 			struct eap_peer_config *config = eap_get_config(sm);
1782 				sm->waiting_ext_cert_check = 0;
1792 				sm->waiting_ext_cert_check = 0;
1802 		res = eap_peer_tls_process_helper(sm, &data->ssl,
1814 		if (sm->waiting_ext_cert_check) {
1822 		if (tls_connection_established(sm->ssl_ctx, data->ssl.conn)) {
1836 			     tls_get_cipher(sm->ssl_ctx, data->ssl.conn,
1847 			if (eap_teap_derive_key_auth(sm, data) < 0) {
1864 			res = eap_teap_decrypt(sm, data, ret, id, &msg, &resp);
1885 static Boolean eap_teap_has_reauth_data(struct eap_sm *sm, void *priv)
1889 	return tls_connection_established(sm->ssl_ctx, data->ssl.conn);
1893 static void eap_teap_deinit_for_reauth(struct eap_sm *sm, void *priv)
1899 		data->phase2_method->deinit_for_reauth(sm, data->phase2_priv);
1904 static void * eap_teap_init_for_reauth(struct eap_sm *sm, void *priv)
1908 	if (eap_peer_tls_reauth_init(sm, &data->ssl)) {
1909 		eap_teap_deinit(sm, data);
1914 		data->phase2_method->init_for_reauth(sm, data->phase2_priv);
1928 static int eap_teap_get_status(struct eap_sm *sm, void *priv, char *buf,
1934 	len = eap_peer_tls_status(sm, &data->ssl, buf, buflen, verbose);
1947 static Boolean eap_teap_isKeyAvailable(struct eap_sm *sm, void *priv)
1955 static u8 * eap_teap_getKey(struct eap_sm *sm, void *priv, size_t *len)
1973 static u8 * eap_teap_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
1991 static u8 * eap_teap_get_emsk(struct eap_sm *sm, void *priv, size_t *len)

Indexes created Sun Jun 16 09:41:23 MDT 2024