34 RCSIDH(eap_pwd_h,
"$Id: 47e41f63c49a6a24d0081a9174ae08db4e3e98b1 $")
36 #include <freeradius-devel/eap/base.h>
37 #include <freeradius-devel/tls/openssl_user_macros.h>
38 #include <openssl/bn.h>
39 #include <openssl/sha.h>
40 #include <openssl/ec.h>
41 #include <openssl/evp.h>
42 #include <openssl/hmac.h>
44 #if OPENSSL_VERSION_NUMBER < 0x10101000L
45 # define EC_POINT_get_affine_coordinates EC_POINT_get_affine_coordinates_GFp
46 # define EC_POINT_set_affine_coordinates EC_POINT_set_affine_coordinates_GFp
51 #define EAP_PWD_EXCH_ID 1
52 #define EAP_PWD_EXCH_COMMIT 2
53 #define EAP_PWD_EXCH_CONFIRM 3
58 #define EAP_PWD_GET_LENGTH_BIT(x) ((x)->lm_exchange & 0x80)
59 #define EAP_PWD_SET_LENGTH_BIT(x) ((x)->lm_exchange |= 0x80)
60 #define EAP_PWD_GET_MORE_BIT(x) ((x)->lm_exchange & 0x40)
61 #define EAP_PWD_SET_MORE_BIT(x) ((x)->lm_exchange |= 0x40)
62 #define EAP_PWD_GET_EXCHANGE(x) ((x)->lm_exchange & 0x3f)
63 #define EAP_PWD_SET_EXCHANGE(x,y) ((x)->lm_exchange |= (y))
68 #define EAP_PWD_DEF_RAND_FUN 1
70 #define EAP_PWD_DEF_PRF 1
73 #define EAP_PWD_PREP_NONE 0
74 #define EAP_PWD_PREP_MS 1
75 #define EAP_PWD_PREP_SASL 2
81 #define PWD_STATE_ID_REQ 1
82 #define PWD_STATE_COMMIT 2
83 #define PWD_STATE_CONFIRM 3
110 char const *password,
int password_len,
111 char const *id_server,
int id_server_len,
112 char const *id_peer,
int id_peer_len,
121 void print_buf(
char *str,
uint8_t *buf,
int len);
int compute_server_confirm(request_t *request, pwd_session_t *sess, uint8_t *out, BN_CTX *bnctx)
int compute_password_element(request_t *request, pwd_session_t *sess, uint16_t grp_num, char const *password, int password_len, char const *id_server, int id_server_len, char const *id_peer, int id_peer_len, uint32_t *token, BN_CTX *bnctx)
int process_peer_commit(request_t *request, pwd_session_t *sess, uint8_t *in, size_t in_len, BN_CTX *bnctx)
int compute_scalar_element(request_t *request, pwd_session_t *sess, BN_CTX *bnctx)
int compute_peer_confirm(request_t *request, pwd_session_t *sess, uint8_t *out, BN_CTX *bnctx)
int compute_keys(request_t *request, pwd_session_t *sess, uint8_t *peer_confirm, uint8_t *msk, uint8_t *emsk)
#define FR_MAX_STRING_LEN
static size_t char ** out