← Back to branch summary

~ubuntu-branches/ubuntu/feisty/wpasupplicant/feisty

« back to all changes in this revision

Viewing changes to eap_gpsk.c

  • Committer: Bazaar Package Importer
  • Author(s): Reinhard Tartler
  • Date: 2007-04-01 10:53:37 UTC
  • Revision ID: james.westby@ubuntu.com-20070401105337-3dd89n3g8ecdhjsl
Tags: 0.5.7-0ubuntu2
https://launchpad.net/bugs/98895
https://launchpad.net/bugs/98925
Apply patch from upstream after private email discussion:
http://w1.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff;h=33673d3f43da6f5ec0f0aa5a8245a1617b6eb2fd#patch1
Fixes LP: #98895, #98925

Show diffs side-by-side

added added

removed removed

Lines of Context:
eap_gpsk.c
1
1
/*
2
 
 * EAP peer method: EAP-GPSK (draft-ietf-emu-eap-gpsk-01.txt)
 
2
 * EAP peer method: EAP-GPSK (draft-clancy-emu-eap-shared-secret-00.txt)
3
3
 * Copyright (c) 2006, Jouni Malinen <jkmaline@cc.hut.fi>
4
4
 *
5
5
 * This program is free software; you can redistribute it and/or modify
16
16
 
17
17
#include "common.h"
18
18
#include "eap_i.h"
 
19
#include "wpa_supplicant.h"
19
20
#include "config_ssid.h"
20
21
#include "eap_gpsk_common.h"
21
22
 
24
25
        u8 rand_server[EAP_GPSK_RAND_LEN];
25
26
        u8 rand_client[EAP_GPSK_RAND_LEN];
26
27
        u8 msk[EAP_MSK_LEN];
27
 
        u8 emsk[EAP_EMSK_LEN];
28
28
        u8 sk[EAP_GPSK_MAX_SK_LEN];
29
29
        size_t sk_len;
30
30
        u8 pk[EAP_GPSK_MAX_PK_LEN];
42
42
};
43
43
 
44
44
 
45
 
#ifndef CONFIG_NO_STDOUT_DEBUG
46
45
static const char * eap_gpsk_state_txt(int state)
47
46
{
48
47
        switch (state) {
58
57
                return "?";
59
58
        }
60
59
}
61
 
#endif /* CONFIG_NO_STDOUT_DEBUG */
62
60
 
63
61
 
64
62
static void eap_gpsk_state(struct eap_gpsk_data *data, int state)
88
86
                return NULL;
89
87
        }
90
88
 
91
 
        data = os_zalloc(sizeof(*data));
 
89
        data = wpa_zalloc(sizeof(*data));
92
90
        if (data == NULL)
93
91
                return NULL;
94
92
        data->state = GPSK_1;
95
93
 
96
94
        if (config->nai) {
97
 
                data->id_client = os_malloc(config->nai_len);
 
95
                data->id_client = malloc(config->nai_len);
98
96
                if (data->id_client == NULL) {
99
97
                        eap_gpsk_deinit(sm, data);
100
98
                        return NULL;
101
99
                }
102
 
                os_memcpy(data->id_client, config->nai, config->nai_len);
 
100
                memcpy(data->id_client, config->nai, config->nai_len);
103
101
                data->id_client_len = config->nai_len;
104
102
        }
105
103
 
106
 
        data->psk = os_malloc(config->eappsk_len);
 
104
        data->psk = malloc(config->eappsk_len);
107
105
        if (data->psk == NULL) {
108
106
                eap_gpsk_deinit(sm, data);
109
107
                return NULL;
110
108
        }
111
 
        os_memcpy(data->psk, config->eappsk, config->eappsk_len);
 
109
        memcpy(data->psk, config->eappsk, config->eappsk_len);
112
110
        data->psk_len = config->eappsk_len;
113
111
 
114
112
        return data;
118
116
static void eap_gpsk_deinit(struct eap_sm *sm, void *priv)
119
117
{
120
118
        struct eap_gpsk_data *data = priv;
121
 
        os_free(data->id_server);
122
 
        os_free(data->id_client);
123
 
        os_free(data->psk);
124
 
        os_free(data);
 
119
        free(data->id_server);
 
120
        free(data->id_client);
 
121
        free(data->psk);
 
122
        free(data);
125
123
}
126
124
 
127
125
 
162
160
                wpa_printf(MSG_DEBUG, "EAP-GPSK: ID_Server overflow");
163
161
                return NULL;
164
162
        }
165
 
        os_free(data->id_server);
166
 
        data->id_server = os_malloc(alen);
 
163
        free(data->id_server);
 
164
        data->id_server = malloc(alen);
167
165
        if (data->id_server == NULL) {
168
166
                wpa_printf(MSG_DEBUG, "EAP-GPSK: No memory for ID_Server");
169
167
                return NULL;
170
168
        }
171
 
        os_memcpy(data->id_server, pos, alen);
 
169
        memcpy(data->id_server, pos, alen);
172
170
        data->id_server_len = alen;
173
171
        wpa_hexdump_ascii(MSG_DEBUG, "EAP-GPSK: ID_Server",
174
172
                          data->id_server, data->id_server_len);
178
176
                wpa_printf(MSG_DEBUG, "EAP-GPSK: RAND_Server overflow");
179
177
                return NULL;
180
178
        }
181
 
        os_memcpy(data->rand_server, pos, EAP_GPSK_RAND_LEN);
 
179
        memcpy(data->rand_server, pos, EAP_GPSK_RAND_LEN);
182
180
        wpa_hexdump(MSG_DEBUG, "EAP-GPSK: RAND_Server",
183
181
                    data->rand_server, EAP_GPSK_RAND_LEN);
184
182
        pos += EAP_GPSK_RAND_LEN;
189
187
        }
190
188
        csuite_list_len = WPA_GET_BE16(pos);
191
189
        pos += 2;
192
 
        if (end - pos < (int) csuite_list_len) {
 
190
        if (end - pos < alen) {
193
191
                wpa_printf(MSG_DEBUG, "EAP-GPSK: CSuite_List overflow");
194
192
                return NULL;
195
193
        }
249
247
        WPA_PUT_BE16(rpos, data->id_client_len);
250
248
        rpos += 2;
251
249
        if (data->id_client)
252
 
                os_memcpy(rpos, data->id_client, data->id_client_len);
 
250
                memcpy(rpos, data->id_client, data->id_client_len);
253
251
        rpos += data->id_client_len;
254
252
 
255
253
        WPA_PUT_BE16(rpos, data->id_server_len);
256
254
        rpos += 2;
257
255
        if (data->id_server)
258
 
                os_memcpy(rpos, data->id_server, data->id_server_len);
 
256
                memcpy(rpos, data->id_server, data->id_server_len);
259
257
        rpos += data->id_server_len;
260
258
 
261
259
        if (os_get_random(data->rand_client, EAP_GPSK_RAND_LEN)) {
262
260
                wpa_printf(MSG_DEBUG, "EAP-GPSK: Failed to get random data "
263
261
                           "for RAND_Client");
264
262
                eap_gpsk_state(data, FAILURE);
265
 
                os_free(resp);
 
263
                free(resp);
266
264
                return NULL;
267
265
        }
268
266
        wpa_hexdump(MSG_DEBUG, "EAP-GPSK: RAND_Client",
269
267
                    data->rand_client, EAP_GPSK_RAND_LEN);
270
 
        os_memcpy(rpos, data->rand_client, EAP_GPSK_RAND_LEN);
 
268
        memcpy(rpos, data->rand_client, EAP_GPSK_RAND_LEN);
271
269
        rpos += EAP_GPSK_RAND_LEN;
272
270
 
273
 
        os_memcpy(rpos, data->rand_server, EAP_GPSK_RAND_LEN);
 
271
        memcpy(rpos, data->rand_server, EAP_GPSK_RAND_LEN);
274
272
        rpos += EAP_GPSK_RAND_LEN;
275
273
 
276
274
        WPA_PUT_BE16(rpos, csuite_list_len);
277
275
        rpos += 2;
278
 
        os_memcpy(rpos, csuite_list, csuite_list_len);
 
276
        memcpy(rpos, csuite_list, csuite_list_len);
279
277
        rpos += csuite_list_len;
280
278
 
281
279
        csuite = (struct eap_gpsk_csuite *) rpos;
288
286
                                 data->rand_client, data->rand_server,
289
287
                                 data->id_client, data->id_client_len,
290
288
                                 data->id_server, data->id_server_len,
291
 
                                 data->msk, data->emsk,
292
 
                                 data->sk, &data->sk_len,
 
289
                                 data->msk, data->sk, &data->sk_len,
293
290
                                 data->pk, &data->pk_len) < 0) {
294
291
                wpa_printf(MSG_DEBUG, "EAP-GPSK: Failed to derive keys");
295
292
                eap_gpsk_state(data, FAILURE);
296
 
                os_free(resp);
 
293
                free(resp);
297
294
                return NULL;
298
295
        }
299
296
 
305
302
                                 data->specifier, start, rpos - start, rpos) <
306
303
            0) {
307
304
                eap_gpsk_state(data, FAILURE);
308
 
                os_free(resp);
 
305
                free(resp);
309
306
                return NULL;
310
307
        }
311
308
 
348
345
                           "RAND_Client");
349
346
                return NULL;
350
347
        }
351
 
        if (os_memcmp(pos, data->rand_client, EAP_GPSK_RAND_LEN) != 0) {
 
348
        if (memcmp(pos, data->rand_client, EAP_GPSK_RAND_LEN) != 0) {
352
349
                wpa_printf(MSG_DEBUG, "EAP-GPSK: RAND_Client in GPSK-2 and "
353
350
                           "GPSK-3 did not match");
354
351
                wpa_hexdump(MSG_DEBUG, "EAP-GPSK: RAND_Client in GPSK-2",
365
362
                           "RAND_Server");
366
363
                return NULL;
367
364
        }
368
 
        if (os_memcmp(pos, data->rand_server, EAP_GPSK_RAND_LEN) != 0) {
 
365
        if (memcmp(pos, data->rand_server, EAP_GPSK_RAND_LEN) != 0) {
369
366
                wpa_printf(MSG_DEBUG, "EAP-GPSK: RAND_Server in GPSK-1 and "
370
367
                           "GPSK-3 did not match");
371
368
                wpa_hexdump(MSG_DEBUG, "EAP-GPSK: RAND_Server in GPSK-1",
377
374
        }
378
375
        pos += EAP_GPSK_RAND_LEN;
379
376
 
380
 
        if (end - pos < (int) sizeof(*csuite)) {
 
377
        if (end - pos < sizeof(*csuite)) {
381
378
                wpa_printf(MSG_DEBUG, "EAP-GPSK: Message too short for "
382
379
                           "CSuite_Sel");
383
380
                return NULL;
411
408
        wpa_hexdump(MSG_DEBUG, "EAP-GPSK: PD_Payload_2", pos, alen);
412
409
        pos += alen;
413
410
        miclen = eap_gpsk_mic_len(data->vendor, data->specifier);
414
 
        if (end - pos < (int) miclen) {
 
411
        if (end - pos < miclen) {
415
412
                wpa_printf(MSG_DEBUG, "EAP-GPSK: Message too short for MIC "
416
413
                           "(left=%d miclen=%d)", end - pos, miclen);
417
414
                eap_gpsk_state(data, FAILURE);
424
421
                eap_gpsk_state(data, FAILURE);
425
422
                return NULL;
426
423
        }
427
 
        if (os_memcmp(mic, pos, miclen) != 0) {
 
424
        if (memcmp(mic, pos, miclen) != 0) {
428
425
                wpa_printf(MSG_INFO, "EAP-GPSK: Incorrect MIC in GPSK-3");
429
426
                wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Received MIC", pos, miclen);
430
427
                wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Computed MIC", mic, miclen);
458
455
                                 data->specifier, start, rpos - start, rpos) <
459
456
            0) {
460
457
                eap_gpsk_state(data, FAILURE);
461
 
                os_free(resp);
 
458
                free(resp);
462
459
                return NULL;
463
460
        }
464
461
 
531
528
        if (data->state != SUCCESS)
532
529
                return NULL;
533
530
 
534
 
        key = os_malloc(EAP_MSK_LEN);
 
531
        key = malloc(EAP_MSK_LEN);
535
532
        if (key == NULL)
536
533
                return NULL;
537
 
        os_memcpy(key, data->msk, EAP_MSK_LEN);
 
534
        memcpy(key, data->msk, EAP_MSK_LEN);
538
535
        *len = EAP_MSK_LEN;
539
536
 
540
537
        return key;
541
538
}
542
539
 
543
540
 
544
 
static u8 * eap_gpsk_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
545
 
{
546
 
        struct eap_gpsk_data *data = priv;
547
 
        u8 *key;
548
 
 
549
 
        if (data->state != SUCCESS)
550
 
                return NULL;
551
 
 
552
 
        key = os_malloc(EAP_EMSK_LEN);
553
 
        if (key == NULL)
554
 
                return NULL;
555
 
        os_memcpy(key, data->emsk, EAP_EMSK_LEN);
556
 
        *len = EAP_EMSK_LEN;
557
 
 
558
 
        return key;
559
 
}
560
 
 
561
 
 
562
541
int eap_peer_gpsk_register(void)
563
542
{
564
543
        struct eap_method *eap;
574
553
        eap->process = eap_gpsk_process;
575
554
        eap->isKeyAvailable = eap_gpsk_isKeyAvailable;
576
555
        eap->getKey = eap_gpsk_getKey;
577
 
        eap->get_emsk = eap_gpsk_get_emsk;
578
556
 
579
557
        ret = eap_peer_method_register(eap);
580
558
        if (ret)