1/*
2 * EAP server/peer: EAP-SAKE shared routines
3 * Copyright (c) 2006-2019, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9#ifndef EAP_SAKE_COMMON_H
10#define EAP_SAKE_COMMON_H
11
12#define EAP_SAKE_VERSION 2
13
14#define EAP_SAKE_SUBTYPE_CHALLENGE 1
15#define EAP_SAKE_SUBTYPE_CONFIRM 2
16#define EAP_SAKE_SUBTYPE_AUTH_REJECT 3
17#define EAP_SAKE_SUBTYPE_IDENTITY 4
18
19#define EAP_SAKE_AT_RAND_S 1
20#define EAP_SAKE_AT_RAND_P 2
21#define EAP_SAKE_AT_MIC_S 3
22#define EAP_SAKE_AT_MIC_P 4
23#define EAP_SAKE_AT_SERVERID 5
24#define EAP_SAKE_AT_PEERID 6
25#define EAP_SAKE_AT_SPI_S 7
26#define EAP_SAKE_AT_SPI_P 8
27#define EAP_SAKE_AT_ANY_ID_REQ 9
28#define EAP_SAKE_AT_PERM_ID_REQ 10
29#define EAP_SAKE_AT_ENCR_DATA 128
30#define EAP_SAKE_AT_IV 129
31#define EAP_SAKE_AT_PADDING 130
32#define EAP_SAKE_AT_NEXT_TMPID 131
33#define EAP_SAKE_AT_MSK_LIFE 132
34
35#define EAP_SAKE_RAND_LEN 16
36#define EAP_SAKE_MIC_LEN 16
37#define EAP_SAKE_ROOT_SECRET_LEN 16
38#define EAP_SAKE_SMS_LEN 16
39#define EAP_SAKE_TEK_AUTH_LEN 16
40#define EAP_SAKE_TEK_CIPHER_LEN 16
41#define EAP_SAKE_TEK_LEN (EAP_SAKE_TEK_AUTH_LEN + EAP_SAKE_TEK_CIPHER_LEN)
42
43#ifdef _MSC_VER
44#pragma pack(push, 1)
45#endif /* _MSC_VER */
46
47struct eap_sake_hdr {
48	u8 version; /* EAP_SAKE_VERSION */
49	u8 session_id;
50	u8 subtype;
51} STRUCT_PACKED;
52
53#ifdef _MSC_VER
54#pragma pack(pop)
55#endif /* _MSC_VER */
56
57
58struct eap_sake_parse_attr {
59	const u8 *rand_s;
60	const u8 *rand_p;
61	const u8 *mic_s;
62	const u8 *mic_p;
63	const u8 *serverid;
64	size_t serverid_len;
65	const u8 *peerid;
66	size_t peerid_len;
67	const u8 *spi_s;
68	size_t spi_s_len;
69	const u8 *spi_p;
70	size_t spi_p_len;
71	const u8 *any_id_req;
72	const u8 *perm_id_req;
73	const u8 *encr_data;
74	size_t encr_data_len;
75	const u8 *iv;
76	size_t iv_len;
77	const u8 *next_tmpid;
78	size_t next_tmpid_len;
79	const u8 *msk_life;
80};
81
82int eap_sake_parse_attributes(const u8 *buf, size_t len,
83			      struct eap_sake_parse_attr *attr);
84int eap_sake_derive_keys(const u8 *root_secret_a, const u8 *root_secret_b,
85			 const u8 *rand_s, const u8 *rand_p,
86			 u8 *tek, u8 *msk, u8 *emsk);
87int eap_sake_compute_mic(const u8 *tek_auth,
88			 const u8 *rand_s, const u8 *rand_p,
89			 const u8 *serverid, size_t serverid_len,
90			 const u8 *peerid, size_t peerid_len,
91			 int peer, const u8 *eap, size_t eap_len,
92			 const u8 *mic_pos, u8 *mic);
93void eap_sake_add_attr(struct wpabuf *buf, u8 type, const u8 *data,
94		       size_t len);
95
96#endif /* EAP_SAKE_COMMON_H */
97