The FreeRADIUS server  $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
base.h
Go to the documentation of this file.
1 #pragma once
2 /*
3  * This program is is free software; you can redistribute it and/or modify
4  * it under the terms of the GNU General Public License as published by
5  * the Free Software Foundation; either version 2 of the License, or (at
6  * your option) any later version.
7  *
8  * This program is distributed in the hope that it will be useful,
9  * but WITHOUT ANY WARRANTY; without even the implied warranty of
10  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11  * GNU General Public License for more details.
12  *
13  * You should have received a copy of the GNU General Public License
14  * along with this program; if not, write to the Free Software
15  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
16  */
17 
18 /**
19  * $Id: 580ba78df839b1f446bb8671e18bc34a259696b1 $
20  * @file src/lib/eap_aka_sim/base.h
21  * @brief Functions common to SIM protocols (EAP-SIM/EAP-AKA/EAP-AKA')
22  *
23  * The development of the EAP/SIM support was funded by Internet Foundation
24  * Austria (http://www.nic.at/ipa).
25  *
26  * @copyright 2003 Michael Richardson <mcr@sandelman.ottawa.on.ca>
27  * @copyright 2003-2016 The FreeRADIUS server project
28  */
29 RCSIDH(sim_h, "$Id: 580ba78df839b1f446bb8671e18bc34a259696b1 $")
30 
31 #include <assert.h>
32 
33 #include <freeradius-devel/tls/openssl_user_macros.h>
34 #include <openssl/evp.h>
35 #include <freeradius-devel/eap/compose.h>
36 #include <freeradius-devel/eap/types.h>
37 
38 #include "id.h"
39 
40 #define AKA_SIM_MAX_STRING_LENGTH 1016U //!< Maximum size of a SIM/AKA['] string ((4 * 255) - 4).
41 #define AKA_SIM_IV_SIZE 16U //!< Length of the IV used when processing AT_ENCR.
42 #define AKA_SIM_MAC_DIGEST_SIZE 16U //!< Length of MAC used to prevent packet modification.
43 #define AKA_SIM_MAC_SIZE 20U //!< Length of MAC used to prevent packet modification.
44 #define AKA_SIM_AUTH_SIZE 16U
45 #define AKA_SIM_SQN_AK_SIZE 6U
46 #define AKA_SIM_NONCE_S_SIZE 16U //!< Length of re-authentication nonce
47 
48 #define AKA_SIM_KI_SIZE 16U //!< Length of secret data shared between SIM and AuC.
49 #define AKA_SIM_OP_SIZE 16U //!< Length of Operator Algorithm Configuration.
50 #define AKA_SIM_OPC_SIZE 16U //!< Length of modified Operator Algorithm Configuration.
51 
52 #define AKA_SIM_MK_MAX_SIZE 208U //!< Master key size, 20 for EAP-SIM/EAP-AKA
53  ///< 208 for EAP-AKA'.
54 #define AKA_SIM_MK_SIZE 20U
55 #define AKA_PRIME_MK_SIZE 208U
56 
57 #define AKA_PRIME_MK_REAUTH_SIZE 80U //!< The portion of the MK used for re-auth.
58  ///< The MSK and EMSK are omitted as they're
59  ///< recalculated each round.
60 
61 #define AKA_SIM_K_RE_SIZE 32U //!< Reauthentication key size.
62 
63 #define AKA_SIM_SKIPPABLE_MAX 127U //!< The last non-skippable attribute.
64 
65 #define AKA_SIM_VECTOR_GSM_RAND_SIZE 16U //!< Length of RAND in GSM triplet.
66 #define AKA_SIM_VECTOR_GSM_SRES_SIZE 4U //!< Length of SRES in GSM triplet.
67 #define AKA_SIM_VECTOR_GSM_KC_SIZE 8U //!< Length of Kc in GSM triplet.
68 
69 #define AKA_SIM_VECTOR_UMTS_AUTN_SIZE 16U
70 #define AKA_SIM_VECTOR_UMTS_CK_SIZE 16U
71 #define AKA_SIM_VECTOR_UMTS_IK_SIZE 16U
72 #define AKA_SIM_VECTOR_UMTS_AK_SIZE 6U
73 #define AKA_SIM_VECTOR_UMTS_RAND_SIZE 16U
74 #define AKA_SIM_VECTOR_UMTS_XRES_MAX_SIZE 16U
75 
76 #define EAP_SIM_VERSION 1U
77 #define EAP_SIM_NONCE_MT_SIZE 16U //!< Length of challenge from SIM client.
78 
79 #define EAP_AKA_SIM_AUTH_SIZE 16U
80 
81 
82 #define EAP_AKA_AUTS_SIZE 14U //!< Server sequence number. SIM checks this
83  //!< is within the correct range.
84 #define EAP_AKA_AUTH_SIZE 16U
85 #define EAP_AKA_PRIME_AUTH_SIZE 32U
86 
87 /** The type of auth vector held by a fr_aka_sim_keys_t
88  */
89 typedef enum {
90  AKA_SIM_VECTOR_NONE = 0,
91  AKA_SIM_VECTOR_GSM, //!< Vector is GSM triplets.
92  AKA_SIM_VECTOR_UMTS, //!< Vector is UMTS quintuplets.
93  AKA_SIM_VECTOR_UMTS_REAUTH_KDF_0_REAUTH,
94  AKA_SIM_VECTOR_UMTS_REAUTH_KDF_1_REAUTH
95 } fr_aka_sim_vector_type_t;
96 
97 /** Where to get EAP-SIM vectors from
98  */
99 typedef enum {
100  AKA_SIM_VECTOR_SRC_AUTO, //!< Discover where to get Triplets from automatically.
101  AKA_SIM_VECTOR_SRC_TRIPLETS, //!< Source of triplets is EAP-SIM-* attributes.
102  AKA_SIM_VECTOR_SRC_QUINTUPLETS, //!< Source of triplets is derived from EAP-AKA-*
103  ///< quintuplets.
104  AKA_SIM_VECTOR_SRC_KI, //!< Should generate triplets locally using a Ki.
105  AKA_SIM_VECTOR_SRC_REAUTH, //!< Not a vector. Result of running KDF 0 reauth
106  ///< function.
107 } fr_aka_sim_vector_src_t;
108 
109 typedef struct {
110  uint8_t rand[AKA_SIM_VECTOR_GSM_RAND_SIZE]; //!< RAND challenge to the SIM.
111  union {
112  uint8_t sres[AKA_SIM_VECTOR_GSM_SRES_SIZE]; //!< Signing response.
113  uint32_t sres_uint32;
114  };
115 
116  union {
117  uint8_t kc[AKA_SIM_VECTOR_GSM_KC_SIZE]; //!< Keying response.
118  uint64_t kc_uint64;
119  };
120 } fr_aka_sim_vector_gsm_t;
121 
122 typedef struct {
123  uint8_t autn[AKA_SIM_VECTOR_UMTS_AUTN_SIZE]; //!< Authentication vector from the AuC.
124  uint8_t ck[AKA_SIM_VECTOR_UMTS_CK_SIZE]; //!< Ciphering key.
125  uint8_t ik[AKA_SIM_VECTOR_UMTS_IK_SIZE]; //!< Integrity key.
126  uint8_t ak[AKA_SIM_VECTOR_UMTS_AK_SIZE]; //!< Anonymity key.
127  uint8_t rand[AKA_SIM_VECTOR_UMTS_RAND_SIZE]; //!< RAND challenge to the SIM.
128  uint8_t xres[AKA_SIM_VECTOR_UMTS_XRES_MAX_SIZE];//!< Signing response.
129  size_t xres_len; //!< Length of res (it's variable).
130 } fr_aka_sim_vector_umts_t;
131 
132 /** Stores our checkcode state
133  *
134  * The checkcode is a hash of all identity packets exchanged
135  * up until the challenge is sent.
136  *
137  * It allows both parties to verify that they've seen the same
138  * sequence of packets.
139  */
140 typedef struct {
141  EVP_MD_CTX *md_ctx; //!< Context to hold state of digest as we
142  ///< consume packets.
143 } fr_aka_sim_checkcode_t;
144 
145 /** Master key state struct for all SIMlike EAP protocols
146  *
147  */
148 typedef struct {
149  /*
150  * Inputs
151  */
152  uint8_t *identity; //!< Identity from AT_IDENTITY.
153  size_t identity_len; //!< Length of the identity.
154 
155  uint8_t *network; //!< Network name (EAP-AKA-Prime only).
156  size_t network_len; //!< Length of the network name (EAP-AKA-Prime only).
157 
158  uint64_t sqn; //!< Sequence number
159 
160  struct {
161  /*
162  * Authentication vectors from HLR or local AuC
163  */
164  union {
165  /** Input to kdf_0_gsm
166  */
167  struct {
168  fr_aka_sim_vector_gsm_t vector[3]; //!< GSM vectors.
169  uint32_t num_vectors; //!< Number of input vectors
170  //!< we're using (2 or 3).
171 
172  uint8_t nonce_mt[EAP_SIM_NONCE_MT_SIZE];//!< Nonce provided by the client.
173  uint8_t version_list[FR_MAX_STRING_LEN];//!< Version list from negotiation.
174  uint8_t version_list_len; //!< Length of version list.
175  uint8_t version_select[2]; //!< Version we agreed.
176  } gsm;
177 
178  /** Input to kdf_*_umts
179  */
180  struct {
181  fr_aka_sim_vector_umts_t vector; //!< UMTS vector.
182  uint16_t kdf_selected;
183  } umts;
184 
185  /** Input/output from kdf_*_reauth_*
186  */
187  struct {
188  uint16_t counter; //!< Re-authentication counter.
189  uint8_t nonce_s[AKA_SIM_NONCE_S_SIZE]; //!< Re-authentication challenge.
190  uint8_t xkey_prime[20]; //!< Derived reauthentication key
191  //!< for AKA (kdf 0).
192  } reauth;
193  };
194 
195  /*
196  * Original ki and OPc to allow AUTS validation
197  */
198  struct {
199  uint8_t ki[AKA_SIM_KI_SIZE]; //!< Secret shared between AuC and SIM.
200  uint8_t opc[AKA_SIM_OPC_SIZE]; //!< Operator algorithm input.
201  } auc;
202 
203  fr_aka_sim_vector_type_t vector_type; //!< What type of authentication vector
204  //!< we're using to authenticate the SIM.
205  fr_aka_sim_vector_src_t vector_src; //!< Where the vector came from.
206  };
207 
208  /*
209  * Inputs/outputs
210  */
211  uint8_t mk[AKA_SIM_MK_MAX_SIZE]; //!< Master key from session attributes.
212  size_t mk_len;
213  uint8_t k_re[AKA_SIM_K_RE_SIZE]; //!< Derived reauthentication key for AKA'(kdf 1).
214 
215  /*
216  * Intermediates
217  */
218  uint8_t ck_prime[AKA_SIM_VECTOR_UMTS_CK_SIZE]; //!< Derived from CK, for AKA'.
219  uint8_t ik_prime[AKA_SIM_VECTOR_UMTS_IK_SIZE]; //!< Derived from IK, for AKA'.
220 
221  /*
222  * Outputs
223  */
224  uint8_t k_aut[32]; //!< Derived authentication key.
225  size_t k_aut_len; //!< Length of k_aut. 16 for AKA/SIM, 32 for AKA'.
226  uint8_t k_encr[16]; //!< Derived encryption key.
227  uint8_t msk[64]; //!< Derived master session key.
228  uint8_t emsk[64]; //!< Derived extended master session key.
229 } fr_aka_sim_keys_t;
230 
231 /** Encoder/decoder ctx
232  *
233  */
234 typedef struct {
235  uint8_t iv[AKA_SIM_IV_SIZE]; //!< From the current packet.
236  bool have_iv; //!< Whether we found the IV already.
237 
238  eap_packet_t *eap_packet; //!< Needed for validating AT_MAC.
239 
240  EVP_MD const *hmac_md; //!< HMAC digest algorithm, usually EVP_sha1().
241  EVP_MD const *checkcode_md; //!< HMAC we use for calculating the checkcode.
242 
243  uint8_t const *hmac_extra; //!< Extra data for the HMAC function.
244  size_t hmac_extra_len;
245 
246  uint8_t const *k_encr; //!< The encryption key used for encrypting.
247  ///< always 16 bytes.
248 
249  uint8_t const *k_aut; //!< The authentication key used for signing.
250  size_t k_aut_len;
251 } fr_aka_sim_ctx_t;
252 
253 extern size_t const fr_aka_sim_attr_sizes[FR_TYPE_MAX + 1][2];
254 
255 typedef enum {
256  AKA_SIM_FLAG_ENCRYPT_INVALID = -1, //!< Invalid encryption flag.
257  AKA_SIM_FLAG_ENCRYPT_NONE = 0, //!< No encryption.
258  AKA_SIM_FLAG_ENCRYPT_AES_CBC = 1, //!< Encrypt attribute RFC 2865 style.
259 } fr_aka_sim_attr_flags_encrypt_t;
260 
261 typedef struct {
262  fr_aka_sim_attr_flags_encrypt_t encrypt; //!< Attribute has a tag and is encrypted
263 } fr_aka_sim_attr_flags_t;
264 
265 static inline fr_aka_sim_attr_flags_t const * fr_aka_sim_attr_flags(fr_dict_attr_t const *da)
266 {
267  return fr_dict_attr_ext(da, FR_DICT_ATTR_EXT_PROTOCOL_SPECIFIC);
268 }
269 
270 #define fr_aka_sim_flag_encrypted(_da) fr_aka_sim_attr_flags(_da)->encrypt
271 
272 /*
273  * decode.c
274  */
275 ssize_t fr_aka_sim_decode_pair(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent,
276  uint8_t const *data, size_t data_len, void *decode_ctx);
277 
278 int fr_aka_sim_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_t const *dict,
279  uint8_t const *data, size_t data_len, fr_aka_sim_ctx_t *decode_ctx);
280 
281 /*
282  * encode.c
283  */
284 ssize_t fr_aka_sim_encode_pair(fr_dbuff_t *dbuff, fr_dcursor_t *cursor, void *encode_ctx);
285 
286 ssize_t fr_aka_sim_encode(request_t *request, fr_pair_list_t *to_encode, void *encode_ctx);
287 
288 /*
289  * base.c
290  */
291 size_t fr_aka_sim_attr_len(fr_pair_t const *vp);
292 
293 size_t fr_aka_sim_octets_prefix_len(fr_dict_attr_t const *da);
294 
295 int fr_aka_sim_init(void);
296 
297 void fr_aka_sim_free(void);
298 
299 /*
300  * crypto.c
301  */
302 int fr_aka_sim_crypto_init_checkcode(TALLOC_CTX *ctx, fr_aka_sim_checkcode_t **checkcode,
303  EVP_MD const *md);
304 
305 int fr_aka_sim_crypto_update_checkcode(fr_aka_sim_checkcode_t *checkcode, eap_packet_t *eap_packet);
306 
307 ssize_t fr_aka_sim_crypto_finalise_checkcode(TALLOC_CTX *ctx, uint8_t **out, fr_aka_sim_checkcode_t *checkcode);
308 
309 ssize_t fr_aka_sim_crypto_sign_packet(uint8_t out[static AKA_SIM_MAC_DIGEST_SIZE],
310  eap_packet_t *eap_packet, bool zero_mac,
311  EVP_MD const *md, uint8_t const *key, size_t const key_len,
312  uint8_t const *hmac_extra, size_t const hmac_extra_len);
313 
314 int fr_aka_sim_crypto_gsm_kdf_0(fr_aka_sim_keys_t *keys);
315 
316 int fr_aka_sim_crypto_umts_kdf_0(fr_aka_sim_keys_t *keys);
317 
318 int fr_aka_sim_crypto_umts_kdf_1(fr_aka_sim_keys_t *keys);
319 
320 void fr_aka_sim_crypto_keys_init_kdf_0_reauth(fr_aka_sim_keys_t *keys,
321  uint8_t const mk[static AKA_SIM_MK_SIZE],
322  uint16_t counter);
323 
324 void fr_aka_sim_crypto_keys_init_umts_kdf_1_reauth(fr_aka_sim_keys_t *keys,
325  uint8_t const mk[static AKA_PRIME_MK_REAUTH_SIZE],
326  uint16_t counter);
327 
328 int fr_aka_sim_crypto_kdf_0_reauth(fr_aka_sim_keys_t *keys);
329 
330 int fr_aka_sim_crypto_umts_kdf_1_reauth(fr_aka_sim_keys_t *keys);
331 
332 void fr_aka_sim_crypto_keys_log(request_t *request, fr_aka_sim_keys_t *keys);
333 
334 /*
335  * vector.c
336  */
337 int fr_aka_sim_vector_gsm_from_attrs(request_t *request, fr_pair_list_t *vps,
338  int idx,
339  fr_aka_sim_keys_t *keys,
340  fr_aka_sim_vector_src_t *src);
341 
342 int fr_aka_sim_vector_umts_from_attrs(request_t *request, fr_pair_list_t *vps,
343  fr_aka_sim_keys_t *keys,
344  fr_aka_sim_vector_src_t *src);
345 
346 int fr_aka_sim_vector_gsm_umts_kdf_0_reauth_from_attrs(request_t *request, fr_pair_list_t *vps,
347  fr_aka_sim_keys_t *keys);
348 
349 int fr_aka_sim_vector_umts_kdf_1_reauth_from_attrs(request_t *request, fr_pair_list_t *vps,
350  fr_aka_sim_keys_t *keys);
351 
352 void fr_aka_sim_vector_umts_reauth_clear(fr_aka_sim_keys_t *keys);
353 
354 int fr_aka_sim_umts_resync_from_attrs(uint64_t *new_sqn,
355  request_t *request, fr_pair_t *auts_vp,
356  fr_aka_sim_keys_t *keys);
357 
358 /*
359  * fips186prf.c
360  */
361 void fr_aka_sim_fips186_2prf(uint8_t out[static 160], uint8_t mk[static 20]);
362 
363 /*
364  * xlat.c
365  */
366 int fr_aka_sim_xlat_func_register(void);
367 void fr_aka_sim_xlat_func_unregister(void);
dict
static fr_dict_t * dict
Definition: fuzzer.c:46
RCSIDH
#define RCSIDH(h, id)
Definition: build.h:482
eap_packet_t
Structure to hold EAP data.
Definition: compose.h:35
fr_dcursor_s
Definition: dcursor.h:93
FR_DICT_ATTR_EXT_PROTOCOL_SPECIFIC
@ FR_DICT_ATTR_EXT_PROTOCOL_SPECIFIC
Protocol specific extensions.
Definition: dict.h:170
fr_dict_attr_ext
static void * fr_dict_attr_ext(fr_dict_attr_t const *da, fr_dict_attr_ext_t ext)
Definition: dict_ext.h:140
fr_aka_sim_ctx_t::hmac_extra_len
size_t hmac_extra_len
Definition: base.h:244
fr_aka_sim_keys_t::identity
uint8_t * identity
Identity from AT_IDENTITY.
Definition: base.h:152
fr_aka_sim_crypto_umts_kdf_0
int fr_aka_sim_crypto_umts_kdf_0(fr_aka_sim_keys_t *keys)
Key Derivation Function as described in RFC4187 (EAP-AKA) section 7.
Definition: crypto.c:564
fr_aka_sim_decode_pair
ssize_t fr_aka_sim_decode_pair(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent, uint8_t const *data, size_t data_len, void *decode_ctx)
Decode SIM/AKA/AKA' attributes.
Definition: decode.c:909
fr_aka_sim_crypto_umts_kdf_1_reauth
int fr_aka_sim_crypto_umts_kdf_1_reauth(fr_aka_sim_keys_t *keys)
Key Derivation Function (Fast-Reauthentication) as described in RFC 5448 (EAP-AKA') section 3....
Definition: crypto.c:1139
AKA_SIM_MK_MAX_SIZE
#define AKA_SIM_MK_MAX_SIZE
Master key size, 20 for EAP-SIM/EAP-AKA.
Definition: base.h:52
fr_aka_sim_attr_len
size_t fr_aka_sim_attr_len(fr_pair_t const *vp)
Return the on-the-wire length of an attribute value.
Definition: base.c:257
AKA_SIM_VECTOR_UMTS_RAND_SIZE
#define AKA_SIM_VECTOR_UMTS_RAND_SIZE
Definition: base.h:73
AKA_SIM_VECTOR_GSM_RAND_SIZE
#define AKA_SIM_VECTOR_GSM_RAND_SIZE
Length of RAND in GSM triplet.
Definition: base.h:65
fr_aka_sim_crypto_sign_packet
ssize_t fr_aka_sim_crypto_sign_packet(uint8_t out[static AKA_SIM_MAC_DIGEST_SIZE], eap_packet_t *eap_packet, bool zero_mac, EVP_MD const *md, uint8_t const *key, size_t const key_len, uint8_t const *hmac_extra, size_t const hmac_extra_len)
Calculate the digest value for a packet.
Definition: crypto.c:284
EAP_SIM_NONCE_MT_SIZE
#define EAP_SIM_NONCE_MT_SIZE
Length of challenge from SIM client.
Definition: base.h:77
AKA_SIM_IV_SIZE
#define AKA_SIM_IV_SIZE
Length of the IV used when processing AT_ENCR.
Definition: base.h:41
AKA_SIM_VECTOR_UMTS_AK_SIZE
#define AKA_SIM_VECTOR_UMTS_AK_SIZE
Definition: base.h:72
fr_aka_sim_free
void fr_aka_sim_free(void)
Definition: base.c:315
fr_aka_sim_keys_t::network
uint8_t * network
Network name (EAP-AKA-Prime only).
Definition: base.h:155
fr_aka_sim_fips186_2prf
void fr_aka_sim_fips186_2prf(uint8_t out[static 160], uint8_t mk[static 20])
Implement the FIPS-186-2 PRF to derive keying material from the MK.
Definition: fips186prf.c:91
fr_aka_sim_keys_t::mk_len
size_t mk_len
Definition: base.h:212
fr_aka_sim_xlat_func_register
int fr_aka_sim_xlat_func_register(void)
Definition: xlat.c:497
fr_aka_sim_crypto_keys_log
void fr_aka_sim_crypto_keys_log(request_t *request, fr_aka_sim_keys_t *keys)
Dump the current state of all keys associated with the EAP SIM session.
Definition: crypto.c:1226
AKA_SIM_VECTOR_GSM_SRES_SIZE
#define AKA_SIM_VECTOR_GSM_SRES_SIZE
Length of SRES in GSM triplet.
Definition: base.h:66
fr_aka_sim_keys_t::network_len
size_t network_len
Length of the network name (EAP-AKA-Prime only).
Definition: base.h:156
AKA_SIM_NONCE_S_SIZE
#define AKA_SIM_NONCE_S_SIZE
Length of re-authentication nonce.
Definition: base.h:46
fr_aka_sim_crypto_keys_init_umts_kdf_1_reauth
void fr_aka_sim_crypto_keys_init_umts_kdf_1_reauth(fr_aka_sim_keys_t *keys, uint8_t const mk[static AKA_PRIME_MK_REAUTH_SIZE], uint16_t counter)
Initialise fr_aka_sim_keys_t with EAP-AKA['] reauthentication data.
Definition: crypto.c:947
fr_aka_sim_encode_pair
ssize_t fr_aka_sim_encode_pair(fr_dbuff_t *dbuff, fr_dcursor_t *cursor, void *encode_ctx)
Definition: encode.c:808
fr_aka_sim_keys_t::sqn
uint64_t sqn
Sequence number.
Definition: base.h:158
fr_aka_sim_vector_umts_t::xres_len
size_t xres_len
Length of res (it's variable).
Definition: base.h:129
fr_aka_sim_crypto_kdf_0_reauth
int fr_aka_sim_crypto_kdf_0_reauth(fr_aka_sim_keys_t *keys)
Key Derivation Function (Fast-Reauthentication) as described in RFC4186/7 (EAP-SIM/AKA) section 7.
Definition: crypto.c:990
fr_aka_sim_init
int fr_aka_sim_init(void)
Definition: base.c:284
fr_aka_sim_octets_prefix_len
size_t fr_aka_sim_octets_prefix_len(fr_dict_attr_t const *da)
Return the number of bytes before the octets value.
Definition: base.c:276
fr_aka_sim_vector_gsm_umts_kdf_0_reauth_from_attrs
int fr_aka_sim_vector_gsm_umts_kdf_0_reauth_from_attrs(request_t *request, fr_pair_list_t *vps, fr_aka_sim_keys_t *keys)
Populate a fr_aka_sim_keys_t structure from attributes in the session-state list.
Definition: vector.c:824
fr_aka_sim_ctx_t::have_iv
bool have_iv
Whether we found the IV already.
Definition: base.h:236
fr_aka_sim_ctx_t::k_aut
uint8_t const * k_aut
The authentication key used for signing.
Definition: base.h:249
AKA_PRIME_MK_REAUTH_SIZE
#define AKA_PRIME_MK_REAUTH_SIZE
The portion of the MK used for re-auth.
Definition: base.h:57
fr_aka_sim_attr_flags_encrypt_t
fr_aka_sim_attr_flags_encrypt_t
Definition: base.h:255
AKA_SIM_FLAG_ENCRYPT_AES_CBC
@ AKA_SIM_FLAG_ENCRYPT_AES_CBC
Encrypt attribute RFC 2865 style.
Definition: base.h:258
AKA_SIM_FLAG_ENCRYPT_NONE
@ AKA_SIM_FLAG_ENCRYPT_NONE
No encryption.
Definition: base.h:257
AKA_SIM_FLAG_ENCRYPT_INVALID
@ AKA_SIM_FLAG_ENCRYPT_INVALID
Invalid encryption flag.
Definition: base.h:256
AKA_SIM_K_RE_SIZE
#define AKA_SIM_K_RE_SIZE
Reauthentication key size.
Definition: base.h:61
fr_aka_sim_decode
int fr_aka_sim_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_t const *dict, uint8_t const *data, size_t data_len, fr_aka_sim_ctx_t *decode_ctx)
Decode SIM/AKA/AKA' specific packet data.
Definition: decode.c:942
fr_aka_sim_crypto_finalise_checkcode
ssize_t fr_aka_sim_crypto_finalise_checkcode(TALLOC_CTX *ctx, uint8_t **out, fr_aka_sim_checkcode_t *checkcode)
Write out the final checkcode value.
Definition: crypto.c:196
fr_aka_sim_vector_umts_reauth_clear
void fr_aka_sim_vector_umts_reauth_clear(fr_aka_sim_keys_t *keys)
Clear reauth data if reauthentication failed.
Definition: vector.c:917
fr_aka_sim_vector_src_t
fr_aka_sim_vector_src_t
Where to get EAP-SIM vectors from.
Definition: base.h:99
AKA_SIM_VECTOR_SRC_REAUTH
@ AKA_SIM_VECTOR_SRC_REAUTH
Not a vector.
Definition: base.h:105
AKA_SIM_VECTOR_SRC_AUTO
@ AKA_SIM_VECTOR_SRC_AUTO
Discover where to get Triplets from automatically.
Definition: base.h:100
AKA_SIM_VECTOR_SRC_QUINTUPLETS
@ AKA_SIM_VECTOR_SRC_QUINTUPLETS
Source of triplets is derived from EAP-AKA-* quintuplets.
Definition: base.h:102
AKA_SIM_VECTOR_SRC_KI
@ AKA_SIM_VECTOR_SRC_KI
Should generate triplets locally using a Ki.
Definition: base.h:104
AKA_SIM_VECTOR_SRC_TRIPLETS
@ AKA_SIM_VECTOR_SRC_TRIPLETS
Source of triplets is EAP-SIM-* attributes.
Definition: base.h:101
fr_aka_sim_crypto_gsm_kdf_0
int fr_aka_sim_crypto_gsm_kdf_0(fr_aka_sim_keys_t *keys)
Key Derivation Function as described in RFC4186 (EAP-SIM) section 7.
Definition: crypto.c:462
fr_aka_sim_attr_flags
static fr_aka_sim_attr_flags_t const * fr_aka_sim_attr_flags(fr_dict_attr_t const *da)
Definition: base.h:265
AKA_SIM_KI_SIZE
#define AKA_SIM_KI_SIZE
Length of secret data shared between SIM and AuC.
Definition: base.h:48
fr_aka_sim_ctx_t::hmac_md
EVP_MD const * hmac_md
HMAC digest algorithm, usually EVP_sha1().
Definition: base.h:240
AKA_SIM_VECTOR_UMTS_XRES_MAX_SIZE
#define AKA_SIM_VECTOR_UMTS_XRES_MAX_SIZE
Definition: base.h:74
fr_aka_sim_ctx_t::eap_packet
eap_packet_t * eap_packet
Needed for validating AT_MAC.
Definition: base.h:238
AKA_SIM_VECTOR_UMTS_CK_SIZE
#define AKA_SIM_VECTOR_UMTS_CK_SIZE
Definition: base.h:70
fr_aka_sim_keys_t::identity_len
size_t identity_len
Length of the identity.
Definition: base.h:153
AKA_SIM_MK_SIZE
#define AKA_SIM_MK_SIZE
Definition: base.h:54
fr_aka_sim_crypto_keys_init_kdf_0_reauth
void fr_aka_sim_crypto_keys_init_kdf_0_reauth(fr_aka_sim_keys_t *keys, uint8_t const mk[static AKA_SIM_MK_SIZE], uint16_t counter)
Initialise fr_aka_sim_keys_t with EAP-SIM reauthentication data.
Definition: crypto.c:917
fr_aka_sim_ctx_t::checkcode_md
EVP_MD const * checkcode_md
HMAC we use for calculating the checkcode.
Definition: base.h:241
fr_aka_sim_ctx_t::k_encr
uint8_t const * k_encr
The encryption key used for encrypting.
Definition: base.h:246
AKA_SIM_VECTOR_GSM_KC_SIZE
#define AKA_SIM_VECTOR_GSM_KC_SIZE
Length of Kc in GSM triplet.
Definition: base.h:67
fr_aka_sim_keys_t::k_aut_len
size_t k_aut_len
Length of k_aut. 16 for AKA/SIM, 32 for AKA'.
Definition: base.h:225
fr_aka_sim_attr_flags_t::encrypt
fr_aka_sim_attr_flags_encrypt_t encrypt
Attribute has a tag and is encrypted.
Definition: base.h:262
fr_aka_sim_ctx_t::hmac_extra
uint8_t const * hmac_extra
Extra data for the HMAC function.
Definition: base.h:243
AKA_SIM_MAC_DIGEST_SIZE
#define AKA_SIM_MAC_DIGEST_SIZE
Length of MAC used to prevent packet modification.
Definition: base.h:42
fr_aka_sim_crypto_umts_kdf_1
int fr_aka_sim_crypto_umts_kdf_1(fr_aka_sim_keys_t *keys)
Key Derivation Function as described in RFC 5448 (EAP-AKA') section 3.3.
Definition: crypto.c:846
AKA_SIM_VECTOR_UMTS_IK_SIZE
#define AKA_SIM_VECTOR_UMTS_IK_SIZE
Definition: base.h:71
fr_aka_sim_crypto_update_checkcode
int fr_aka_sim_crypto_update_checkcode(fr_aka_sim_checkcode_t *checkcode, eap_packet_t *eap_packet)
Digest a packet, updating the checkcode.
Definition: crypto.c:152
fr_aka_sim_vector_gsm_from_attrs
int fr_aka_sim_vector_gsm_from_attrs(request_t *request, fr_pair_list_t *vps, int idx, fr_aka_sim_keys_t *keys, fr_aka_sim_vector_src_t *src)
Retrieve GSM triplets from sets of attributes.
Definition: vector.c:330
fr_aka_sim_encode
ssize_t fr_aka_sim_encode(request_t *request, fr_pair_list_t *to_encode, void *encode_ctx)
Definition: encode.c:867
AKA_SIM_VECTOR_UMTS_AUTN_SIZE
#define AKA_SIM_VECTOR_UMTS_AUTN_SIZE
Definition: base.h:69
fr_aka_sim_ctx_t::k_aut_len
size_t k_aut_len
Definition: base.h:250
fr_aka_sim_vector_umts_kdf_1_reauth_from_attrs
int fr_aka_sim_vector_umts_kdf_1_reauth_from_attrs(request_t *request, fr_pair_list_t *vps, fr_aka_sim_keys_t *keys)
Populate a fr_aka_sim_keys_t structure from attributes in the session-state list.
Definition: vector.c:873
AKA_SIM_OPC_SIZE
#define AKA_SIM_OPC_SIZE
Length of modified Operator Algorithm Configuration.
Definition: base.h:50
fr_aka_sim_checkcode_t::md_ctx
EVP_MD_CTX * md_ctx
Context to hold state of digest as we consume packets.
Definition: base.h:141
fr_aka_sim_vector_type_t
fr_aka_sim_vector_type_t
The type of auth vector held by a fr_aka_sim_keys_t.
Definition: base.h:89
AKA_SIM_VECTOR_GSM
@ AKA_SIM_VECTOR_GSM
Vector is GSM triplets.
Definition: base.h:91
AKA_SIM_VECTOR_UMTS_REAUTH_KDF_1_REAUTH
@ AKA_SIM_VECTOR_UMTS_REAUTH_KDF_1_REAUTH
Definition: base.h:94
AKA_SIM_VECTOR_UMTS
@ AKA_SIM_VECTOR_UMTS
Vector is UMTS quintuplets.
Definition: base.h:92
AKA_SIM_VECTOR_UMTS_REAUTH_KDF_0_REAUTH
@ AKA_SIM_VECTOR_UMTS_REAUTH_KDF_0_REAUTH
Definition: base.h:93
AKA_SIM_VECTOR_NONE
@ AKA_SIM_VECTOR_NONE
Definition: base.h:90
fr_aka_sim_crypto_init_checkcode
int fr_aka_sim_crypto_init_checkcode(TALLOC_CTX *ctx, fr_aka_sim_checkcode_t **checkcode, EVP_MD const *md)
Initialise checkcode message digest.
Definition: crypto.c:114
fr_aka_sim_umts_resync_from_attrs
int fr_aka_sim_umts_resync_from_attrs(uint64_t *new_sqn, request_t *request, fr_pair_t *auts_vp, fr_aka_sim_keys_t *keys)
Perform milenage AUTS validation and resynchronisation.
Definition: vector.c:935
fr_aka_sim_vector_umts_from_attrs
int fr_aka_sim_vector_umts_from_attrs(request_t *request, fr_pair_list_t *vps, fr_aka_sim_keys_t *keys, fr_aka_sim_vector_src_t *src)
Retrieve UMTS quintuplets from sets of attributes.
Definition: vector.c:755
fr_aka_sim_xlat_func_unregister
void fr_aka_sim_xlat_func_unregister(void)
Definition: xlat.c:521
fr_aka_sim_attr_sizes
size_t const fr_aka_sim_attr_sizes[FR_TYPE_MAX+1][2]
SIM AT on-the-wire format attribute sizes.
Definition: base.c:210
fr_aka_sim_attr_flags_t
Definition: base.h:261
fr_aka_sim_checkcode_t
Stores our checkcode state.
Definition: base.h:140
fr_aka_sim_ctx_t
Encoder/decoder ctx.
Definition: base.h:234
fr_aka_sim_keys_t
Master key state struct for all SIMlike EAP protocols.
Definition: base.h:148
fr_aka_sim_vector_gsm_t
Definition: base.h:109
fr_aka_sim_vector_umts_t
Definition: base.h:122
uint16_t
unsigned short uint16_t
Definition: merged_model.c:31
FR_TYPE_MAX
@ FR_TYPE_MAX
Number of defined data types.
Definition: merged_model.c:130
uint32_t
unsigned int uint32_t
Definition: merged_model.c:33
ssize_t
long int ssize_t
Definition: merged_model.c:24
uint8_t
unsigned char uint8_t
Definition: merged_model.c:30
fr_dbuff_t
Definition: merged_model.c:41
fr_dict_attr_t
Definition: merged_model.c:133
fr_dict_t
Definition: merged_model.c:198
request_t
Definition: merged_model.c:210
encode_ctx
static fr_internal_encode_ctx_t encode_ctx
Definition: proto_ldap_sync.c:34
id.h
RADIUS bio handlers for tracking 8-bit IDs.
vp
fr_pair_t * vp
Definition: state_machine.c:2262
pair_list_s
Definition: pair.h:52
value_pair_s
Stores an attribute, a value and various bits of other data.
Definition: pair.h:68
parent
static fr_slen_t parent
Definition: pair.h:851
data
static fr_slen_t data
Definition: value.h:1265
FR_MAX_STRING_LEN
#define FR_MAX_STRING_LEN
Definition: value.h:30
out
static size_t char ** out
Definition: value.h:997
Generated by   doxygen 1.9.1