mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-28 18:28:23 -05:00
EAP-FAST: Added shared helper functions for building TLVs
This commit is contained in:
parent
829f14be17
commit
a4819630f6
@ -246,6 +246,7 @@ endif
|
|||||||
ifdef CONFIG_EAP_FAST
|
ifdef CONFIG_EAP_FAST
|
||||||
CFLAGS += -DEAP_FAST
|
CFLAGS += -DEAP_FAST
|
||||||
OBJS += ../src/eap_server/eap_fast.o
|
OBJS += ../src/eap_server/eap_fast.o
|
||||||
|
OBJS += ../src/eap_common/eap_fast_common.o
|
||||||
TLS_FUNCS=y
|
TLS_FUNCS=y
|
||||||
NEED_T_PRF=y
|
NEED_T_PRF=y
|
||||||
endif
|
endif
|
||||||
|
43
src/eap_common/eap_fast_common.c
Normal file
43
src/eap_common/eap_fast_common.c
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
/*
|
||||||
|
* EAP-FAST common helper functions (RFC 4851)
|
||||||
|
* Copyright (c) 2008, Jouni Malinen <j@w1.fi>
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License version 2 as
|
||||||
|
* published by the Free Software Foundation.
|
||||||
|
*
|
||||||
|
* Alternatively, this software may be distributed under the terms of BSD
|
||||||
|
* license.
|
||||||
|
*
|
||||||
|
* See README and COPYING for more details.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "includes.h"
|
||||||
|
|
||||||
|
#include "common.h"
|
||||||
|
#include "eap_fast_common.h"
|
||||||
|
|
||||||
|
|
||||||
|
void eap_fast_put_tlv_hdr(struct wpabuf *buf, u16 type, u16 len)
|
||||||
|
{
|
||||||
|
struct pac_tlv_hdr hdr;
|
||||||
|
hdr.type = host_to_be16(type);
|
||||||
|
hdr.len = host_to_be16(len);
|
||||||
|
wpabuf_put_data(buf, &hdr, sizeof(hdr));
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
void eap_fast_put_tlv(struct wpabuf *buf, u16 type, const void *data,
|
||||||
|
u16 len)
|
||||||
|
{
|
||||||
|
eap_fast_put_tlv_hdr(buf, type, len);
|
||||||
|
wpabuf_put_data(buf, data, len);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
void eap_fast_put_tlv_buf(struct wpabuf *buf, u16 type,
|
||||||
|
const struct wpabuf *data)
|
||||||
|
{
|
||||||
|
eap_fast_put_tlv_hdr(buf, type, wpabuf_len(data));
|
||||||
|
wpabuf_put_buf(buf, data);
|
||||||
|
}
|
@ -82,4 +82,13 @@ struct eap_fast_key_block_provisioning {
|
|||||||
u8 client_challenge[16]; /* MSCHAPv2 ClientChallenge */
|
u8 client_challenge[16]; /* MSCHAPv2 ClientChallenge */
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
struct wpabuf;
|
||||||
|
|
||||||
|
void eap_fast_put_tlv_hdr(struct wpabuf *buf, u16 type, u16 len);
|
||||||
|
void eap_fast_put_tlv(struct wpabuf *buf, u16 type, const void *data,
|
||||||
|
u16 len);
|
||||||
|
void eap_fast_put_tlv_buf(struct wpabuf *buf, u16 type,
|
||||||
|
const struct wpabuf *data);
|
||||||
|
|
||||||
#endif /* EAP_FAST_H */
|
#endif /* EAP_FAST_H */
|
||||||
|
@ -599,24 +599,21 @@ static struct wpabuf * eap_fast_tlv_pac_ack(void)
|
|||||||
static struct wpabuf * eap_fast_tlv_eap_payload(struct wpabuf *buf)
|
static struct wpabuf * eap_fast_tlv_eap_payload(struct wpabuf *buf)
|
||||||
{
|
{
|
||||||
struct wpabuf *msg;
|
struct wpabuf *msg;
|
||||||
struct eap_tlv_hdr *tlv;
|
|
||||||
|
|
||||||
if (buf == NULL)
|
if (buf == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
/* Encapsulate EAP packet in EAP Payload TLV */
|
/* Encapsulate EAP packet in EAP Payload TLV */
|
||||||
msg = wpabuf_alloc(sizeof(*tlv) + wpabuf_len(buf));
|
msg = wpabuf_alloc(sizeof(struct pac_tlv_hdr) + wpabuf_len(buf));
|
||||||
if (msg == NULL) {
|
if (msg == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-FAST: Failed to allocate memory "
|
wpa_printf(MSG_DEBUG, "EAP-FAST: Failed to allocate memory "
|
||||||
"for TLV encapsulation");
|
"for TLV encapsulation");
|
||||||
wpabuf_free(buf);
|
wpabuf_free(buf);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
tlv = wpabuf_put(msg, sizeof(*tlv));
|
eap_fast_put_tlv_buf(msg,
|
||||||
tlv->tlv_type = host_to_be16(EAP_TLV_TYPE_MANDATORY |
|
EAP_TLV_TYPE_MANDATORY | EAP_TLV_EAP_PAYLOAD_TLV,
|
||||||
EAP_TLV_EAP_PAYLOAD_TLV);
|
buf);
|
||||||
tlv->length = host_to_be16(wpabuf_len(buf));
|
|
||||||
wpabuf_put_buf(msg, buf);
|
|
||||||
wpabuf_free(buf);
|
wpabuf_free(buf);
|
||||||
return msg;
|
return msg;
|
||||||
}
|
}
|
||||||
|
@ -546,11 +546,10 @@ static struct wpabuf * eap_fast_build_start(struct eap_sm *sm,
|
|||||||
struct eap_fast_data *data, u8 id)
|
struct eap_fast_data *data, u8 id)
|
||||||
{
|
{
|
||||||
struct wpabuf *req;
|
struct wpabuf *req;
|
||||||
struct pac_tlv_hdr *a_id;
|
|
||||||
size_t srv_id_len = os_strlen(data->srv_id);
|
size_t srv_id_len = os_strlen(data->srv_id);
|
||||||
|
|
||||||
req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_FAST,
|
req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_FAST,
|
||||||
1 + sizeof(*a_id) + srv_id_len,
|
1 + sizeof(struct pac_tlv_hdr) + srv_id_len,
|
||||||
EAP_CODE_REQUEST, id);
|
EAP_CODE_REQUEST, id);
|
||||||
if (req == NULL) {
|
if (req == NULL) {
|
||||||
wpa_printf(MSG_ERROR, "EAP-FAST: Failed to allocate memory for"
|
wpa_printf(MSG_ERROR, "EAP-FAST: Failed to allocate memory for"
|
||||||
@ -560,10 +559,9 @@ static struct wpabuf * eap_fast_build_start(struct eap_sm *sm,
|
|||||||
}
|
}
|
||||||
|
|
||||||
wpabuf_put_u8(req, EAP_TLS_FLAGS_START | data->fast_version);
|
wpabuf_put_u8(req, EAP_TLS_FLAGS_START | data->fast_version);
|
||||||
a_id = wpabuf_put(req, sizeof(*a_id));
|
|
||||||
a_id->type = host_to_be16(PAC_TYPE_A_ID);
|
/* RFC 4851, 4.1.1. Authority ID Data */
|
||||||
a_id->len = host_to_be16(srv_id_len);
|
eap_fast_put_tlv(req, PAC_TYPE_A_ID, data->srv_id, srv_id_len);
|
||||||
wpabuf_put_data(req, data->srv_id, srv_id_len);
|
|
||||||
|
|
||||||
eap_fast_state(data, PHASE1);
|
eap_fast_state(data, PHASE1);
|
||||||
|
|
||||||
@ -658,25 +656,22 @@ static struct wpabuf * eap_fast_encrypt(struct eap_sm *sm,
|
|||||||
static struct wpabuf * eap_fast_tlv_eap_payload(struct wpabuf *buf)
|
static struct wpabuf * eap_fast_tlv_eap_payload(struct wpabuf *buf)
|
||||||
{
|
{
|
||||||
struct wpabuf *e;
|
struct wpabuf *e;
|
||||||
struct eap_tlv_hdr *tlv;
|
|
||||||
|
|
||||||
if (buf == NULL)
|
if (buf == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
/* Encapsulate EAP packet in EAP-Payload TLV */
|
/* Encapsulate EAP packet in EAP-Payload TLV */
|
||||||
wpa_printf(MSG_DEBUG, "EAP-FAST: Add EAP-Payload TLV");
|
wpa_printf(MSG_DEBUG, "EAP-FAST: Add EAP-Payload TLV");
|
||||||
e = wpabuf_alloc(sizeof(*tlv) + wpabuf_len(buf));
|
e = wpabuf_alloc(sizeof(struct pac_tlv_hdr) + wpabuf_len(buf));
|
||||||
if (e == NULL) {
|
if (e == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-FAST: Failed to allocate memory "
|
wpa_printf(MSG_DEBUG, "EAP-FAST: Failed to allocate memory "
|
||||||
"for TLV encapsulation");
|
"for TLV encapsulation");
|
||||||
wpabuf_free(buf);
|
wpabuf_free(buf);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
tlv = wpabuf_put(e, sizeof(*tlv));
|
eap_fast_put_tlv_buf(e,
|
||||||
tlv->tlv_type = host_to_be16(EAP_TLV_TYPE_MANDATORY |
|
EAP_TLV_TYPE_MANDATORY | EAP_TLV_EAP_PAYLOAD_TLV,
|
||||||
EAP_TLV_EAP_PAYLOAD_TLV);
|
buf);
|
||||||
tlv->length = host_to_be16(wpabuf_len(buf));
|
|
||||||
wpabuf_put_buf(e, buf);
|
|
||||||
wpabuf_free(buf);
|
wpabuf_free(buf);
|
||||||
return e;
|
return e;
|
||||||
}
|
}
|
||||||
@ -783,7 +778,7 @@ static struct wpabuf * eap_fast_build_pac(struct eap_sm *sm,
|
|||||||
u8 *pos;
|
u8 *pos;
|
||||||
size_t buf_len, srv_id_len, pac_len;
|
size_t buf_len, srv_id_len, pac_len;
|
||||||
struct eap_tlv_hdr *pac_tlv;
|
struct eap_tlv_hdr *pac_tlv;
|
||||||
struct pac_tlv_hdr *hdr, *pac_info;
|
struct pac_tlv_hdr *pac_info;
|
||||||
struct eap_tlv_result_tlv *result;
|
struct eap_tlv_result_tlv *result;
|
||||||
struct os_time now;
|
struct os_time now;
|
||||||
|
|
||||||
@ -843,8 +838,8 @@ static struct wpabuf * eap_fast_build_pac(struct eap_sm *sm,
|
|||||||
pac_opaque, pac_len);
|
pac_opaque, pac_len);
|
||||||
|
|
||||||
buf_len = sizeof(*pac_tlv) +
|
buf_len = sizeof(*pac_tlv) +
|
||||||
sizeof(*hdr) + EAP_FAST_PAC_KEY_LEN +
|
sizeof(struct pac_tlv_hdr) + EAP_FAST_PAC_KEY_LEN +
|
||||||
sizeof(*hdr) + pac_len +
|
sizeof(struct pac_tlv_hdr) + pac_len +
|
||||||
2 * srv_id_len + 100 + sizeof(*result);
|
2 * srv_id_len + 100 + sizeof(*result);
|
||||||
buf = wpabuf_alloc(buf_len);
|
buf = wpabuf_alloc(buf_len);
|
||||||
if (buf == NULL) {
|
if (buf == NULL) {
|
||||||
@ -859,16 +854,10 @@ static struct wpabuf * eap_fast_build_pac(struct eap_sm *sm,
|
|||||||
EAP_TLV_PAC_TLV);
|
EAP_TLV_PAC_TLV);
|
||||||
|
|
||||||
/* PAC-Key */
|
/* PAC-Key */
|
||||||
hdr = wpabuf_put(buf, sizeof(*hdr));
|
eap_fast_put_tlv(buf, PAC_TYPE_PAC_KEY, pac_key, EAP_FAST_PAC_KEY_LEN);
|
||||||
hdr->type = host_to_be16(PAC_TYPE_PAC_KEY);
|
|
||||||
hdr->len = host_to_be16(EAP_FAST_PAC_KEY_LEN);
|
|
||||||
wpabuf_put_data(buf, pac_key, EAP_FAST_PAC_KEY_LEN);
|
|
||||||
|
|
||||||
/* PAC-Opaque */
|
/* PAC-Opaque */
|
||||||
hdr = wpabuf_put(buf, sizeof(*hdr));
|
eap_fast_put_tlv(buf, PAC_TYPE_PAC_OPAQUE, pac_opaque, pac_len);
|
||||||
hdr->type = host_to_be16(PAC_TYPE_PAC_OPAQUE);
|
|
||||||
hdr->len = host_to_be16(pac_len);
|
|
||||||
wpabuf_put_data(buf, pac_opaque, pac_len);
|
|
||||||
os_free(pac_opaque);
|
os_free(pac_opaque);
|
||||||
|
|
||||||
/* PAC-Info */
|
/* PAC-Info */
|
||||||
@ -876,29 +865,19 @@ static struct wpabuf * eap_fast_build_pac(struct eap_sm *sm,
|
|||||||
pac_info->type = host_to_be16(PAC_TYPE_PAC_INFO);
|
pac_info->type = host_to_be16(PAC_TYPE_PAC_INFO);
|
||||||
|
|
||||||
/* PAC-Lifetime (inside PAC-Info) */
|
/* PAC-Lifetime (inside PAC-Info) */
|
||||||
hdr = wpabuf_put(buf, sizeof(*hdr));
|
eap_fast_put_tlv_hdr(buf, PAC_TYPE_CRED_LIFETIME, 4);
|
||||||
hdr->type = host_to_be16(PAC_TYPE_CRED_LIFETIME);
|
|
||||||
hdr->len = host_to_be16(4);
|
|
||||||
wpabuf_put_be32(buf, now.sec + PAC_KEY_LIFETIME);
|
wpabuf_put_be32(buf, now.sec + PAC_KEY_LIFETIME);
|
||||||
|
|
||||||
/* A-ID (inside PAC-Info) */
|
/* A-ID (inside PAC-Info) */
|
||||||
hdr = wpabuf_put(buf, sizeof(*hdr));
|
eap_fast_put_tlv(buf, PAC_TYPE_A_ID, data->srv_id, srv_id_len);
|
||||||
hdr->type = host_to_be16(PAC_TYPE_A_ID);
|
|
||||||
hdr->len = host_to_be16(srv_id_len);
|
|
||||||
wpabuf_put_data(buf, data->srv_id, srv_id_len);
|
|
||||||
|
|
||||||
/* Note: headers may be misaligned after A-ID */
|
/* Note: headers may be misaligned after A-ID */
|
||||||
|
|
||||||
/* A-ID-Info (inside PAC-Info) */
|
/* A-ID-Info (inside PAC-Info) */
|
||||||
hdr = wpabuf_put(buf, sizeof(*hdr));
|
eap_fast_put_tlv(buf, PAC_TYPE_A_ID_INFO, data->srv_id, srv_id_len);
|
||||||
WPA_PUT_BE16((u8 *) &hdr->type, PAC_TYPE_A_ID_INFO);
|
|
||||||
WPA_PUT_BE16((u8 *) &hdr->len, srv_id_len);
|
|
||||||
wpabuf_put_data(buf, data->srv_id, srv_id_len);
|
|
||||||
|
|
||||||
/* PAC-Type (inside PAC-Info) */
|
/* PAC-Type (inside PAC-Info) */
|
||||||
hdr = wpabuf_put(buf, sizeof(*hdr));
|
eap_fast_put_tlv_hdr(buf, PAC_TYPE_PAC_TYPE, 2);
|
||||||
WPA_PUT_BE16((u8 *) &hdr->type, PAC_TYPE_PAC_TYPE);
|
|
||||||
WPA_PUT_BE16((u8 *) &hdr->len, 2);
|
|
||||||
wpabuf_put_be16(buf, PAC_TYPE_TUNNEL_PAC);
|
wpabuf_put_be16(buf, PAC_TYPE_TUNNEL_PAC);
|
||||||
|
|
||||||
/* Update PAC-Info and PAC TLV Length fields */
|
/* Update PAC-Info and PAC TLV Length fields */
|
||||||
|
@ -423,9 +423,11 @@ ifdef CONFIG_EAP_FAST
|
|||||||
ifeq ($(CONFIG_EAP_FAST), dyn)
|
ifeq ($(CONFIG_EAP_FAST), dyn)
|
||||||
CFLAGS += -DEAP_FAST_DYNAMIC
|
CFLAGS += -DEAP_FAST_DYNAMIC
|
||||||
EAPDYN += ../src/eap_peer/eap_fast.so
|
EAPDYN += ../src/eap_peer/eap_fast.so
|
||||||
|
EAPDYN += ../src/eap_common/eap_fast_common.o
|
||||||
else
|
else
|
||||||
CFLAGS += -DEAP_FAST
|
CFLAGS += -DEAP_FAST
|
||||||
OBJS += ../src/eap_peer/eap_fast.o ../src/eap_peer/eap_fast_pac.o
|
OBJS += ../src/eap_peer/eap_fast.o ../src/eap_peer/eap_fast_pac.o
|
||||||
|
OBJS += ../src/eap_common/eap_fast_common.o
|
||||||
OBJS_h += ../src/eap_server/eap_fast.o
|
OBJS_h += ../src/eap_server/eap_fast.o
|
||||||
endif
|
endif
|
||||||
TLS_FUNCS=y
|
TLS_FUNCS=y
|
||||||
|
Loading…
Reference in New Issue
Block a user