The FreeRADIUS server  $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
eap_fast.h
Go to the documentation of this file.
1 #pragma once
2 /*
3  * This program is free software; you can redistribute it and/or modify
4  * it under the terms of the GNU General Public License as published by
5  * the Free Software Foundation; either version 2 of the License, or (at
6  * your option) any later version.
7  *
8  * This program is distributed in the hope that it will be useful,
9  * but WITHOUT ANY WARRANTY; without even the implied warranty of
10  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11  * GNU General Public License for more details.
12  *
13  * You should have received a copy of the GNU General Public License
14  * along with this program; if not, write to the Free Software
15  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
16  */
17 
18 /**
19  * $Id: 8cdb16bc45b495e6b0d7996bb985e88c190bbdc1 $
20  * @file eap_fast.h
21  * @brief Function declarations and packet structures
22  *
23  * @author Alexander Clouter (alex@digriz.org.uk)
24  *
25  * @copyright 2016 Alan DeKok (aland@freeradius.org)
26  * @copyright 2016 The FreeRADIUS server project
27  */
28 RCSIDH(eap_fast_h, "$Id: 8cdb16bc45b495e6b0d7996bb985e88c190bbdc1 $")
29 
30 #include <freeradius-devel/eap/tls.h>
31 #include <freeradius-devel/radius/radius.h>
32 #include <freeradius-devel/util/chap.h>
33 
34 #define EAP_FAST_VERSION 1
35 
36 #define EAP_FAST_KEY_LEN 64
37 #define EAP_EMSK_LEN 64
38 #define EAP_FAST_SKS_LEN 40
39 #define EAP_FAST_SIMCK_LEN 40
40 #define EAP_FAST_CMK_LEN 20
41 
42 #define EAP_FAST_TLV_MANDATORY 0x8000
43 #define EAP_FAST_TLV_TYPE 0x3fff
44 
45 #define EAP_FAST_FATAL_ERROR 2000
46 #define EAP_FAST_ERR_TUNNEL_COMPROMISED 2001
47 #define EAP_FAST_ERR_UNEXPECTED_TLV 2002
48 
49 #define EAP_FAST_TLV_RESULT_SUCCESS 1
50 #define EAP_FAST_TLV_RESULT_FAILURE 2
51 
52 typedef enum {
53  EAP_FAST_TLS_SESSION_HANDSHAKE = 0,
54  EAP_FAST_AUTHENTICATION,
55  EAP_FAST_CRYPTOBIND_CHECK,
56  EAP_FAST_PROVISIONING,
57  EAP_FAST_COMPLETE
58 } eap_fast_stage_t;
59 
60 typedef enum {
61  EAP_FAST_UNKNOWN = 0,
62  EAP_FAST_PROVISIONING_ANON,
63  EAP_FAST_PROVISIONING_AUTH,
64  EAP_FAST_NORMAL_AUTH
65 } eap_fast_auth_type_t;
66 
67 typedef enum {
68  PAC_TYPE_TUNNEL = 1, // 1
69  PAC_TYPE_MACHINE_AUTH, // 2
70  PAC_TYPE_USER_AUTHZ, // 3
71  PAC_TYPE_MAX
72 } eap_fast_pac_type_t;
73 
74 #define PAC_KEY_LENGTH 32
75 #define PAC_A_ID_LENGTH 16
76 #define PAC_I_ID_LENGTH 16
77 #define PAC_A_ID_INFO_LENGTH 32
78 
79 typedef struct {
80  uint16_t type;
81  uint16_t length;
82 } CC_HINT(__packed__) eap_fast_pac_attr_hdr_t;
83 
84 typedef struct {
85  eap_fast_pac_attr_hdr_t hdr;
86  uint32_t data; // secs since epoch
87 } CC_HINT(__packed__) eap_fast_pac_attr_lifetime_t;
88 
89 typedef struct {
90  eap_fast_pac_attr_hdr_t hdr;
91  uint8_t data[PAC_A_ID_LENGTH];
92 } CC_HINT(__packed__) eap_fast_pac_attr_a_id_t;
93 
94 typedef struct {
95  eap_fast_pac_attr_hdr_t hdr;
96  uint8_t data[PAC_I_ID_LENGTH];
97 } CC_HINT(__packed__) eap_fast_pac_attr_i_id_t;
98 
99 typedef struct {
100  eap_fast_pac_attr_hdr_t hdr;
101  uint8_t data[PAC_A_ID_INFO_LENGTH];
102 } CC_HINT(__packed__) eap_fast_pac_attr_a_id_info_t;
103 
104 typedef struct {
105  eap_fast_pac_attr_hdr_t hdr;
106  uint16_t data;
107 } CC_HINT(__packed__) eap_fast_pac_attr_pac_type_t;
108 
109 typedef struct {
110  eap_fast_pac_attr_hdr_t hdr;
111  uint8_t data[PAC_KEY_LENGTH];
112 } CC_HINT(__packed__) eap_fast_pac_attr_pac_key_t;
113 
114 typedef struct {
115  eap_fast_pac_attr_pac_type_t type;
116  eap_fast_pac_attr_lifetime_t lifetime;
117  eap_fast_pac_attr_pac_key_t key;
118 } CC_HINT(__packed__) eap_fast_attr_pac_opaque_plaintext_t;
119 
120 typedef struct {
121  eap_fast_pac_attr_hdr_t hdr;
122  unsigned char aad[PAC_A_ID_LENGTH];
123  unsigned char iv[EVP_MAX_IV_LENGTH];
124  unsigned char tag[EVP_GCM_TLS_TAG_LEN];
125  uint8_t data[sizeof(eap_fast_attr_pac_opaque_plaintext_t) * 2]; // space for EVP
126 } CC_HINT(__packed__) eap_fast_attr_pac_opaque_t;
127 
128 typedef struct {
129  eap_fast_pac_attr_hdr_t hdr;
130  eap_fast_pac_attr_lifetime_t lifetime;
131  eap_fast_pac_attr_a_id_t a_id;
132  eap_fast_pac_attr_a_id_info_t a_id_info;
133  eap_fast_pac_attr_pac_type_t type;
134 } CC_HINT(__packed__) eap_fast_attr_pac_info_t;
135 
136 typedef struct {
137  eap_fast_pac_attr_pac_key_t key;
138  eap_fast_attr_pac_info_t info;
139  eap_fast_attr_pac_opaque_t opaque; // has to be last!
140 } CC_HINT(__packed__) eap_fast_pac_t;
141 
142 /* RFC 4851, Section 4.2.8 - Crypto-Binding TLV */
143 typedef struct {
144  uint16_t tlv_type;
145  uint16_t length;
146  uint8_t reserved;
147  uint8_t version;
148  uint8_t received_version;
149  uint8_t subtype;
150  uint8_t nonce[32];
151  uint8_t compound_mac[20];
152 } CC_HINT(__packed__) eap_tlv_crypto_binding_tlv_t;
153 
154 typedef enum eap_fast_tlv_crypto_binding_tlv_subtype_t {
155  EAP_FAST_TLV_CRYPTO_BINDING_SUBTYPE_REQUEST = 0, // 0
156  EAP_FAST_TLV_CRYPTO_BINDING_SUBTYPE_RESPONSE // 1
157 } eap_fast_tlv_crypto_binding_tlv_subtype_t;
158 
159 /* RFC 5422: Section 3.3 - Key Derivations Used in the EAP-FAST Provisioning Exchange */
160 typedef struct {
161  uint8_t session_key_seed[EAP_FAST_SKS_LEN];
162  uint8_t server_challenge[MD5_DIGEST_LENGTH];
163  uint8_t client_challenge[MD5_DIGEST_LENGTH];
164 } CC_HINT(__packed__) eap_fast_keyblock_t;
165 
166 typedef struct {
167  fr_pair_t *username;
168 
169  bool authenticated;
170 
171  int mode;
172  eap_fast_stage_t stage;
173  eap_fast_keyblock_t *keyblock;
174  uint8_t *s_imck;
175  uint8_t *cmk;
176  int imck_count;
177  struct {
178  uint8_t mppe_send[MD5_DIGEST_LENGTH];
179  uint8_t mppe_recv[MD5_DIGEST_LENGTH];
180  } CC_HINT(__packed__) isk;
181  uint8_t *msk;
182  uint8_t *emsk;
183 
184  int default_method;
185  int default_provisioning_method;
186 
187  fr_time_delta_t pac_lifetime;
188  char const *authority_identity;
189  uint8_t const *a_id;
190  uint8_t const *pac_opaque_key;
191 
192  struct {
193  uint8_t *key;
194  eap_fast_pac_type_t type;
195  fr_time_t expires;
196  bool expired;
197  bool send;
198  } pac;
199 
200  bool result_final;
201 
202 #ifdef WITH_PROXY
203  bool proxy_tunneled_request_as_eap; //!< Proxy tunneled session as EAP, or as de-capsulated
204  //!< protocol.
205 #endif
206  CONF_SECTION *server_cs;
207 } eap_fast_tunnel_t;
208 
209 extern HIDDEN fr_dict_attr_t const *attr_eap_tls_require_client_cert;
210 extern HIDDEN fr_dict_attr_t const *attr_eap_type;
211 extern HIDDEN fr_dict_attr_t const *attr_ms_chap_challenge;
212 extern HIDDEN fr_dict_attr_t const *attr_ms_chap_peer_challenge;
213 extern HIDDEN fr_dict_attr_t const *attr_proxy_to_realm;
214 
215 extern HIDDEN fr_dict_attr_t const *attr_eap_message;
216 extern HIDDEN fr_dict_attr_t const *attr_eap_msk;
217 extern HIDDEN fr_dict_attr_t const *attr_eap_emsk;
218 extern HIDDEN fr_dict_attr_t const *attr_freeradius_proxied_to;
219 extern HIDDEN fr_dict_attr_t const *attr_ms_mppe_send_key;
220 extern HIDDEN fr_dict_attr_t const *attr_ms_mppe_recv_key;
221 extern HIDDEN fr_dict_attr_t const *attr_user_name;
222 extern HIDDEN fr_dict_attr_t const *attr_user_password;
223 
224 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_crypto_binding;
225 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_eap_payload;
226 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_error;
227 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_intermediate_result;
228 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_nak;
229 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_a_id;
230 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_a_id_info;
231 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_acknowledge;
232 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_i_id;
233 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_info_a_id;
234 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_info_a_id_info;
235 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_info_i_id;
236 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_info_pac_lifetime;
237 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_info_pac_type;
238 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_info_tlv;
239 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_key;
240 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_lifetime;
241 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_opaque_i_id;
242 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_opaque_pac_key;
243 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_opaque_pac_lifetime;
244 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_opaque_pac_type;
245 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_opaque_tlv;
246 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_tlv;
247 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_pac_type;
248 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_result;
249 extern HIDDEN fr_dict_attr_t const *attr_eap_fast_vendor_specific;
250 extern HIDDEN fr_dict_t const *dict_eap_fast;
251 
252 /*
253  * Process the FAST portion of an EAP-FAST request.
254  */
255 void eap_fast_tlv_append(fr_tls_session_t *tls_session, fr_dict_attr_t const *da, bool mandatory,
256  int length, const void *data) CC_HINT(nonnull);
257 fr_radius_packet_code_t eap_fast_process(request_t *request, eap_session_t *eap_session, fr_tls_session_t *tls_session) CC_HINT(nonnull);
258 
259 /*
260  * A bunch of EAP-FAST helper functions.
261  */
262 ssize_t eap_fast_decode_pair(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent,
263  uint8_t const *data, size_t data_len,
264  UNUSED void *decode_ctx);
RCSIDH
#define RCSIDH(h, id)
Definition: build.h:482
HIDDEN
#define HIDDEN
Definition: build.h:312
UNUSED
#define UNUSED
Definition: build.h:313
cf_section
A section grouping multiple CONF_PAIR.
Definition: cf_priv.h:101
fr_radius_packet_code_t
fr_radius_packet_code_t
RADIUS packet codes.
Definition: defs.h:31
attr_eap_fast_pac_info_i_id
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_info_i_id
Definition: rlm_eap_fast.c:120
attr_eap_fast_result
HIDDEN fr_dict_attr_t const * attr_eap_fast_result
Definition: rlm_eap_fast.c:133
eap_tlv_crypto_binding_tlv_t::tlv_type
uint16_t tlv_type
Definition: eap_fast.h:144
attr_eap_fast_pac_info_a_id_info
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_info_a_id_info
Definition: rlm_eap_fast.c:119
attr_eap_fast_nak
HIDDEN fr_dict_attr_t const * attr_eap_fast_nak
Definition: rlm_eap_fast.c:113
attr_proxy_to_realm
HIDDEN fr_dict_attr_t const * attr_proxy_to_realm
Definition: rlm_eap_fast.c:100
eap_fast_tunnel_t::result_final
bool result_final
Definition: eap_fast.h:200
eap_fast_tunnel_t::a_id
uint8_t const * a_id
Definition: eap_fast.h:189
EAP_FAST_SKS_LEN
#define EAP_FAST_SKS_LEN
Definition: eap_fast.h:38
eap_fast_attr_pac_opaque_plaintext_t::lifetime
eap_fast_pac_attr_lifetime_t lifetime
Definition: eap_fast.h:116
eap_fast_pac_attr_i_id_t::hdr
eap_fast_pac_attr_hdr_t hdr
Definition: eap_fast.h:95
attr_eap_fast_pac_a_id_info
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_a_id_info
Definition: rlm_eap_fast.c:115
eap_fast_tunnel_t::authenticated
bool authenticated
Definition: eap_fast.h:169
eap_fast_pac_attr_a_id_info_t::hdr
eap_fast_pac_attr_hdr_t hdr
Definition: eap_fast.h:100
attr_eap_fast_pac_key
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_key
Definition: rlm_eap_fast.c:124
eap_fast_decode_pair
ssize_t eap_fast_decode_pair(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_attr_t const *parent, uint8_t const *data, size_t data_len, UNUSED void *decode_ctx)
attr_eap_fast_pac_info_tlv
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_info_tlv
Definition: rlm_eap_fast.c:123
eap_fast_attr_pac_info_t::lifetime
eap_fast_pac_attr_lifetime_t lifetime
Definition: eap_fast.h:130
attr_eap_fast_error
HIDDEN fr_dict_attr_t const * attr_eap_fast_error
Definition: rlm_eap_fast.c:111
eap_fast_tunnel_t::stage
eap_fast_stage_t stage
Definition: eap_fast.h:172
attr_user_name
HIDDEN fr_dict_attr_t const * attr_user_name
Definition: base.c:102
eap_fast_pac_attr_pac_type_t::data
uint16_t data
Definition: eap_fast.h:106
attr_ms_mppe_send_key
HIDDEN fr_dict_attr_t const * attr_ms_mppe_send_key
Definition: base.c:99
PAC_A_ID_LENGTH
#define PAC_A_ID_LENGTH
Definition: eap_fast.h:75
eap_fast_pac_t::key
eap_fast_pac_attr_pac_key_t key
Definition: eap_fast.h:137
eap_fast_tunnel_t::keyblock
eap_fast_keyblock_t * keyblock
Definition: eap_fast.h:173
eap_fast_pac_attr_lifetime_t::hdr
eap_fast_pac_attr_hdr_t hdr
Definition: eap_fast.h:85
eap_fast_tunnel_t::pac_lifetime
fr_time_delta_t pac_lifetime
Definition: eap_fast.h:187
eap_fast_tunnel_t::s_imck
uint8_t * s_imck
Definition: eap_fast.h:174
eap_fast_pac_attr_lifetime_t::data
uint32_t data
Definition: eap_fast.h:86
eap_fast_tlv_crypto_binding_tlv_subtype_t
eap_fast_tlv_crypto_binding_tlv_subtype_t
Definition: eap_fast.h:154
EAP_FAST_TLV_CRYPTO_BINDING_SUBTYPE_REQUEST
@ EAP_FAST_TLV_CRYPTO_BINDING_SUBTYPE_REQUEST
Definition: eap_fast.h:155
EAP_FAST_TLV_CRYPTO_BINDING_SUBTYPE_RESPONSE
@ EAP_FAST_TLV_CRYPTO_BINDING_SUBTYPE_RESPONSE
Definition: eap_fast.h:156
eap_tlv_crypto_binding_tlv_t::reserved
uint8_t reserved
Definition: eap_fast.h:146
attr_eap_fast_pac_info_pac_type
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_info_pac_type
Definition: rlm_eap_fast.c:122
attr_eap_fast_pac_info_pac_lifetime
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_info_pac_lifetime
Definition: rlm_eap_fast.c:121
eap_fast_pac_attr_hdr_t::type
uint16_t type
Definition: eap_fast.h:80
eap_fast_attr_pac_info_t::a_id_info
eap_fast_pac_attr_a_id_info_t a_id_info
Definition: eap_fast.h:132
attr_ms_chap_peer_challenge
HIDDEN fr_dict_attr_t const * attr_ms_chap_peer_challenge
Definition: rlm_eap_fast.c:99
eap_tlv_crypto_binding_tlv_t::subtype
uint8_t subtype
Definition: eap_fast.h:149
eap_tlv_crypto_binding_tlv_t::version
uint8_t version
Definition: eap_fast.h:147
eap_fast_tunnel_t::default_provisioning_method
int default_provisioning_method
Definition: eap_fast.h:185
eap_fast_attr_pac_info_t::hdr
eap_fast_pac_attr_hdr_t hdr
Definition: eap_fast.h:129
attr_ms_mppe_recv_key
HIDDEN fr_dict_attr_t const * attr_ms_mppe_recv_key
Definition: base.c:100
attr_eap_tls_require_client_cert
HIDDEN fr_dict_attr_t const * attr_eap_tls_require_client_cert
Definition: rlm_eap_fast.c:96
PAC_I_ID_LENGTH
#define PAC_I_ID_LENGTH
Definition: eap_fast.h:76
eap_fast_tunnel_t::default_method
int default_method
Definition: eap_fast.h:184
attr_eap_fast_pac_type
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_type
Definition: rlm_eap_fast.c:132
attr_user_password
HIDDEN fr_dict_attr_t const * attr_user_password
Definition: rlm_eap_fast.c:107
eap_tlv_crypto_binding_tlv_t::length
uint16_t length
Definition: eap_fast.h:145
eap_fast_tunnel_t::username
fr_pair_t * username
Definition: eap_fast.h:167
eap_fast_attr_pac_opaque_t::hdr
eap_fast_pac_attr_hdr_t hdr
Definition: eap_fast.h:121
attr_eap_fast_intermediate_result
HIDDEN fr_dict_attr_t const * attr_eap_fast_intermediate_result
Definition: rlm_eap_fast.c:112
attr_ms_chap_challenge
HIDDEN fr_dict_attr_t const * attr_ms_chap_challenge
Definition: rlm_eap_fast.c:98
eap_fast_tunnel_t::emsk
uint8_t * emsk
Definition: eap_fast.h:182
attr_eap_fast_pac_opaque_pac_type
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_opaque_pac_type
Definition: rlm_eap_fast.c:129
attr_eap_fast_pac_tlv
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_tlv
Definition: rlm_eap_fast.c:131
eap_fast_pac_attr_pac_key_t::hdr
eap_fast_pac_attr_hdr_t hdr
Definition: eap_fast.h:110
eap_fast_pac_t::opaque
eap_fast_attr_pac_opaque_t opaque
Definition: eap_fast.h:139
attr_eap_fast_eap_payload
HIDDEN fr_dict_attr_t const * attr_eap_fast_eap_payload
Definition: rlm_eap_fast.c:110
eap_fast_attr_pac_opaque_plaintext_t::type
eap_fast_pac_attr_pac_type_t type
Definition: eap_fast.h:115
attr_eap_fast_crypto_binding
HIDDEN fr_dict_attr_t const * attr_eap_fast_crypto_binding
Definition: rlm_eap_fast.c:109
eap_fast_process
fr_radius_packet_code_t eap_fast_process(request_t *request, eap_session_t *eap_session, fr_tls_session_t *tls_session)
Definition: eap_fast.c:898
attr_eap_fast_vendor_specific
HIDDEN fr_dict_attr_t const * attr_eap_fast_vendor_specific
Definition: rlm_eap_fast.c:134
eap_fast_pac_attr_a_id_t::hdr
eap_fast_pac_attr_hdr_t hdr
Definition: eap_fast.h:90
dict_eap_fast
HIDDEN fr_dict_t const * dict_eap_fast
Definition: rlm_eap_fast.c:84
attr_eap_fast_pac_info_a_id
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_info_a_id
Definition: rlm_eap_fast.c:118
attr_freeradius_proxied_to
HIDDEN fr_dict_attr_t const * attr_freeradius_proxied_to
Definition: base.c:98
eap_fast_tunnel_t::authority_identity
char const * authority_identity
Definition: eap_fast.h:188
attr_eap_msk
HIDDEN fr_dict_attr_t const * attr_eap_msk
Definition: base.c:95
eap_fast_pac_t::info
eap_fast_attr_pac_info_t info
Definition: eap_fast.h:138
PAC_A_ID_INFO_LENGTH
#define PAC_A_ID_INFO_LENGTH
Definition: eap_fast.h:77
eap_fast_attr_pac_info_t::a_id
eap_fast_pac_attr_a_id_t a_id
Definition: eap_fast.h:131
attr_eap_fast_pac_opaque_i_id
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_opaque_i_id
Definition: rlm_eap_fast.c:126
eap_fast_pac_attr_pac_type_t::hdr
eap_fast_pac_attr_hdr_t hdr
Definition: eap_fast.h:105
attr_eap_fast_pac_i_id
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_i_id
Definition: rlm_eap_fast.c:117
attr_eap_fast_pac_opaque_pac_lifetime
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_opaque_pac_lifetime
Definition: rlm_eap_fast.c:128
eap_fast_tunnel_t::cmk
uint8_t * cmk
Definition: eap_fast.h:175
eap_fast_attr_pac_info_t::type
eap_fast_pac_attr_pac_type_t type
Definition: eap_fast.h:133
eap_fast_pac_attr_hdr_t::length
uint16_t length
Definition: eap_fast.h:81
eap_fast_tunnel_t::mode
int mode
Definition: eap_fast.h:171
eap_fast_stage_t
eap_fast_stage_t
Definition: eap_fast.h:52
EAP_FAST_COMPLETE
@ EAP_FAST_COMPLETE
Definition: eap_fast.h:57
EAP_FAST_AUTHENTICATION
@ EAP_FAST_AUTHENTICATION
Definition: eap_fast.h:54
EAP_FAST_CRYPTOBIND_CHECK
@ EAP_FAST_CRYPTOBIND_CHECK
Definition: eap_fast.h:55
EAP_FAST_PROVISIONING
@ EAP_FAST_PROVISIONING
Definition: eap_fast.h:56
EAP_FAST_TLS_SESSION_HANDSHAKE
@ EAP_FAST_TLS_SESSION_HANDSHAKE
Definition: eap_fast.h:53
eap_fast_tlv_append
void eap_fast_tlv_append(fr_tls_session_t *tls_session, fr_dict_attr_t const *da, bool mandatory, int length, const void *data)
Definition: eap_fast.c:108
PAC_KEY_LENGTH
#define PAC_KEY_LENGTH
Definition: eap_fast.h:74
attr_eap_fast_pac_opaque_pac_key
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_opaque_pac_key
Definition: rlm_eap_fast.c:127
eap_fast_auth_type_t
eap_fast_auth_type_t
Definition: eap_fast.h:60
EAP_FAST_UNKNOWN
@ EAP_FAST_UNKNOWN
Definition: eap_fast.h:61
EAP_FAST_NORMAL_AUTH
@ EAP_FAST_NORMAL_AUTH
Definition: eap_fast.h:64
EAP_FAST_PROVISIONING_ANON
@ EAP_FAST_PROVISIONING_ANON
Definition: eap_fast.h:62
EAP_FAST_PROVISIONING_AUTH
@ EAP_FAST_PROVISIONING_AUTH
Definition: eap_fast.h:63
attr_eap_fast_pac_opaque_tlv
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_opaque_tlv
Definition: rlm_eap_fast.c:130
eap_fast_tunnel_t::imck_count
int imck_count
Definition: eap_fast.h:176
eap_fast_tunnel_t::server_cs
CONF_SECTION * server_cs
Definition: eap_fast.h:206
eap_fast_attr_pac_opaque_plaintext_t::key
eap_fast_pac_attr_pac_key_t key
Definition: eap_fast.h:117
attr_eap_fast_pac_a_id
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_a_id
Definition: rlm_eap_fast.c:114
attr_eap_fast_pac_lifetime
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_lifetime
Definition: rlm_eap_fast.c:125
attr_eap_emsk
HIDDEN fr_dict_attr_t const * attr_eap_emsk
Definition: base.c:96
attr_eap_message
HIDDEN fr_dict_attr_t const * attr_eap_message
Definition: base.c:94
attr_eap_type
HIDDEN fr_dict_attr_t const * attr_eap_type
Definition: base.c:90
eap_fast_pac_type_t
eap_fast_pac_type_t
Definition: eap_fast.h:67
PAC_TYPE_MAX
@ PAC_TYPE_MAX
Definition: eap_fast.h:71
PAC_TYPE_USER_AUTHZ
@ PAC_TYPE_USER_AUTHZ
Definition: eap_fast.h:70
PAC_TYPE_TUNNEL
@ PAC_TYPE_TUNNEL
Definition: eap_fast.h:68
PAC_TYPE_MACHINE_AUTH
@ PAC_TYPE_MACHINE_AUTH
Definition: eap_fast.h:69
eap_tlv_crypto_binding_tlv_t::received_version
uint8_t received_version
Definition: eap_fast.h:148
eap_fast_tunnel_t::pac_opaque_key
uint8_t const * pac_opaque_key
Definition: eap_fast.h:190
attr_eap_fast_pac_acknowledge
HIDDEN fr_dict_attr_t const * attr_eap_fast_pac_acknowledge
Definition: rlm_eap_fast.c:116
eap_fast_tunnel_t::msk
uint8_t * msk
Definition: eap_fast.h:181
eap_fast_attr_pac_info_t
Definition: eap_fast.h:128
eap_fast_attr_pac_opaque_plaintext_t
Definition: eap_fast.h:114
eap_fast_attr_pac_opaque_t
Definition: eap_fast.h:120
eap_fast_keyblock_t
Definition: eap_fast.h:160
eap_fast_pac_attr_a_id_info_t
Definition: eap_fast.h:99
eap_fast_pac_attr_a_id_t
Definition: eap_fast.h:89
eap_fast_pac_attr_hdr_t
Definition: eap_fast.h:79
eap_fast_pac_attr_i_id_t
Definition: eap_fast.h:94
eap_fast_pac_attr_lifetime_t
Definition: eap_fast.h:84
eap_fast_pac_attr_pac_key_t
Definition: eap_fast.h:109
eap_fast_pac_attr_pac_type_t
Definition: eap_fast.h:104
eap_fast_pac_t
Definition: eap_fast.h:136
eap_fast_tunnel_t
Definition: eap_fast.h:166
eap_tlv_crypto_binding_tlv_t
Definition: eap_fast.h:143
eap_session_s
Tracks the progress of a single session of any EAP method.
Definition: session.h:40
MD5_DIGEST_LENGTH
#define MD5_DIGEST_LENGTH
Definition: merged_model.c:248
uint16_t
unsigned short uint16_t
Definition: merged_model.c:31
uint32_t
unsigned int uint32_t
Definition: merged_model.c:33
ssize_t
long int ssize_t
Definition: merged_model.c:24
uint8_t
unsigned char uint8_t
Definition: merged_model.c:30
fr_dict_attr_t
Definition: merged_model.c:133
fr_dict_t
Definition: merged_model.c:198
request_t
Definition: merged_model.c:210
type
fr_aka_sim_id_type_t type
Definition: state_machine.c:3623
pair_list_s
Definition: pair.h:52
value_pair_s
Stores an attribute, a value and various bits of other data.
Definition: pair.h:68
fr_time_delta_s
A time delta, a difference in time measured in nanoseconds.
Definition: time.h:80
fr_time_s
"server local" time.
Definition: time.h:69
parent
static fr_slen_t parent
Definition: pair.h:851
data
static fr_slen_t data
Definition: value.h:1265
nonnull
int nonnull(2, 5))
out
static size_t char ** out
Definition: value.h:997
Generated by   doxygen 1.9.1