25#include <freeradius-devel/util/token.h>
31#define AKA_SIM_3GPP_PSEUDONYM_LEN 23U
32#define AKA_SIM_IMSI_MAX_LEN 15U
33#define AKA_SIM_IMSI_MIN_LEN 14U
90#define ID_TAG_SIM_PSEUDONYM_B64 55
91#define ID_TAG_SIM_FASTAUTH_B64 57
92#define ID_TAG_AKA_PSEUDONYM_B64 54
93#define ID_TAG_AKA_FASTAUTH_B64 56
94#define ID_TAG_AKA_PRIME_PSEUDONYM_B64 59
95#define ID_TAG_AKA_PRIME_FASTAUTH_B64 60
102 char const *domain,
size_t domain_len);
105 char const *
id,
size_t id_len);
112 char const *imsi,
size_t imsi_len,
int fr_aka_sim_id_3gpp_pseudonym_decrypt(char out[AKA_SIM_IMSI_MAX_LEN+1], char const encr_id[AKA_SIM_3GPP_PSEUDONYM_LEN], uint8_t const key[16])
Decrypt the 3GPP pseudonym.
ssize_t fr_aka_sim_3gpp_root_nai_domain_mcc_mnc(uint16_t *mnc, uint16_t *mcc, char const *domain, size_t domain_len)
Extract the MCC and MCN from the 3GPP domain.
#define AKA_SIM_IMSI_MAX_LEN
Length of an IMSI number in ASCII.
fr_aka_sim_id_req_type_t
Identity request types.
@ AKA_SIM_INIT_ID_REQ
We've requested no ID. This is used for last_id_req.
@ AKA_SIM_NO_ID_REQ
We're not requesting any ID.
@ AKA_SIM_ANY_ID_REQ
Request IMSI, Pseudonym or Fast-reauth.
@ AKA_SIM_FULLAUTH_ID_REQ
Request IMSI or Pseudonym.
@ AKA_SIM_PERMANENT_ID_REQ
Request IMSI.
fr_table_num_sorted_t const fr_aka_sim_id_method_table[]
@ ID_TAG_AKA_PERMANENT
IMSI, and hint that client wants to do EAP-AKA.
@ ID_TAG_SIM_PERMANENT
IMSI, and hint that client wants to do EAP-SIM.
@ ID_TAG_AKA_PRIME_FASTAUTH
Fastuath, continue EAP-AKA-Prime.
@ ID_TAG_AKA_FASTAUTH
Fastauth, continue EAP-AKA.
@ ID_TAG_SIM_PSEUDONYM
Pseudonym, continue EAP-SIM.
@ ID_TAG_AKA_PRIME_PSEUDONYM
Pseudonym, continue EAP-AKA-Prime.
@ ID_TAG_AKA_PSEUDONYM
Pseudonym, continue EAP-AKA.
@ ID_TAG_SIM_FASTAUTH
Fastauth, continue EAP-SIM.
@ ID_TAG_AKA_PRIME_PERMANENT
IMSI, and hint that client wants to do EAP-AKA-Prime.
uint8_t fr_aka_sim_id_3gpp_pseudonym_key_index(char const encr_id[AKA_SIM_3GPP_PSEUDONYM_LEN])
Return the key index from a 3gpp pseudonym.
size_t fr_aka_sim_id_method_table_len
size_t fr_aka_sim_id_user_len(char const *nai, size_t nai_len)
Find where the identity ends.
fr_aka_sim_method_hint_t
SIM/AKA method hints.
@ AKA_SIM_METHOD_HINT_AKA
The identity hints the supplicant wants to use EAP-AKA.
@ AKA_SIM_METHOD_HINT_SIM
The identity hints the supplicant wants to use EAP-SIM.
@ AKA_SIM_METHOD_HINT_AKA_PRIME
@ AKA_SIM_METHOD_HINT_MAX
@ AKA_SIM_METHOD_HINT_UNKNOWN
We don't know what method the identity hints at.
eap_type_t fr_aka_sim_id_to_eap_type(char const *id, size_t len)
Determine if a given identity is a 3gpp identity, and return the EAP method hinted.
char fr_aka_sim_hint_byte(fr_aka_sim_id_type_t type, fr_aka_sim_method_hint_t method)
Return the expected identity hint for a given type/method combination.
char const * fr_aka_sim_domain(char const *nai, size_t nai_len)
Find where in the NAI string the domain starts.
fr_table_num_sorted_t const fr_aka_sim_id_request_table[]
uint8_t fr_aka_sim_id_3gpp_pseudonym_tag(char const encr_id[AKA_SIM_3GPP_PSEUDONYM_LEN])
Return the tag from a 3gpp pseudonym.
#define AKA_SIM_3GPP_PSEUDONYM_LEN
Length of a base64 encoded 3gpp pseudonym.
size_t fr_aka_sim_id_request_table_len
fr_aka_sim_id_type_t
SIM/AKA identity type hints.
@ AKA_SIM_ID_TYPE_UNKNOWN
We don't know what type of identity this is.
@ AKA_SIM_ID_TYPE_PSEUDONYM
This is a custom pseudonym.
@ AKA_SIM_ID_TYPE_PERMANENT
This is a permanent identity (the IMSI of the SIM).
@ AKA_SIM_ID_TYPE_FASTAUTH
This is a fastauth (session-resumption) id.
int fr_aka_sim_id_3gpp_pseudonym_encrypt(char out[AKA_SIM_3GPP_PSEUDONYM_LEN+1], char const *imsi, size_t imsi_len, uint8_t tag, uint8_t key_ind, uint8_t const key[16])
Create a 3gpp pseudonym from a permanent ID.
int fr_aka_sim_id_type(fr_aka_sim_id_type_t *type, fr_aka_sim_method_hint_t *hint, char const *id, size_t id_len)
Determine what type of ID was provided in the initial identity response.
fr_aka_sim_id_type_t type
An element in a lexicographically sorted array of name to num mappings.
static size_t char ** out