Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2025-01-18 02:44:03 -05:00
Code Issues Projects Releases Wiki Activity

EAP-SIM DB: Remove unnecessary aka_prime parameter

Browse Source 
The reauth_id prefix can be used to determine which AKA version is used,
so there is no need to store the aka_prime information in a separate
field.

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2012-09-01 18:41:35 +03:00
parent bcdf2096bd
commit e87982ea4c
3 changed files with 8 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/eap_server/eap_server_aka.c
View File

@ -650,7 +650,8 @@ static void eap_aka_determine_identity(struct eap_sm *sm,
sm->eap_sim_db_priv, sm->identity, sm->eap_sim_db_priv, sm->identity,
sm->identity_len); sm->identity_len);
if (data->reauth && if (data->reauth &&
data->reauth->aka_prime != (data->reauth->reauth_id[0] ==
EAP_AKA_PRIME_REAUTH_ID_PREFIX) !=
(data->eap_method == EAP_TYPE_AKA_PRIME)) { (data->eap_method == EAP_TYPE_AKA_PRIME)) {
wpa_printf(MSG_DEBUG, "EAP-AKA: Reauth data " wpa_printf(MSG_DEBUG, "EAP-AKA: Reauth data "
"was for different AKA version"); "was for different AKA version");

17
src/eap_server/eap_sim_db.c
View File

@ -118,7 +118,6 @@ static int db_table_create_reauth(sqlite3 *db)
" imsi INTEGER PRIMARY KEY NOT NULL," " imsi INTEGER PRIMARY KEY NOT NULL,"
" reauth_id CHAR(21) NOT NULL," " reauth_id CHAR(21) NOT NULL,"
" counter INTEGER," " counter INTEGER,"
" aka_prime BOOL,"
" mk CHAR(40)," " mk CHAR(40),"
" k_encr CHAR(32)," " k_encr CHAR(32),"
" k_aut CHAR(64)," " k_aut CHAR(64),"
@ -293,7 +292,7 @@ db_get_pseudonym_id(struct eap_sim_db_data *data, const u8 *identity,
static int db_add_reauth(struct eap_sim_db_data *data, const u8 *identity, static int db_add_reauth(struct eap_sim_db_data *data, const u8 *identity,
size_t identity_len, char *reauth_id, u16 counter, size_t identity_len, char *reauth_id, u16 counter,
const u8 *mk, int aka_prime, const u8 *k_encr, const u8 *mk, const u8 *k_encr,
const u8 *k_aut, const u8 *k_re) const u8 *k_aut, const u8 *k_re)
{ {
char cmd[2000], *pos, *end; char cmd[2000], *pos, *end;
@ -312,13 +311,13 @@ static int db_add_reauth(struct eap_sim_db_data *data, const u8 *identity,
pos = cmd; pos = cmd;
end = pos + sizeof(cmd); end = pos + sizeof(cmd);
pos += os_snprintf(pos, end - pos, "INSERT OR REPLACE INTO reauth " pos += os_snprintf(pos, end - pos, "INSERT OR REPLACE INTO reauth "
"(imsi, reauth_id, counter, aka_prime%s%s%s%s) " "(imsi, reauth_id, counter%s%s%s%s) "
"VALUES (%llu, '%s', %u, %d", "VALUES (%llu, '%s', %u",
mk ? ", mk" : "", mk ? ", mk" : "",
k_encr ? ", k_encr" : "", k_encr ? ", k_encr" : "",
k_aut ? ", k_aut" : "", k_aut ? ", k_aut" : "",
k_re ? ", k_re" : "", k_re ? ", k_re" : "",
imsi, reauth_id, counter, aka_prime); imsi, reauth_id, counter);
os_free(reauth_id); os_free(reauth_id);
if (mk) { if (mk) {
@ -385,8 +384,6 @@ static int get_reauth_cb(void *ctx, int argc, char *argv[], char *col[])
reauth->reauth_id = data->db_tmp_pseudonym_str; reauth->reauth_id = data->db_tmp_pseudonym_str;
} else if (os_strcmp(col[i], "counter") == 0 && argv[i]) { } else if (os_strcmp(col[i], "counter") == 0 && argv[i]) {
reauth->counter = atoi(argv[i]); reauth->counter = atoi(argv[i]);
} else if (os_strcmp(col[i], "aka_prime") == 0 && argv[i]) {
reauth->aka_prime = atoi(argv[i]);
} else if (os_strcmp(col[i], "mk") == 0 && argv[i]) { } else if (os_strcmp(col[i], "mk") == 0 && argv[i]) {
hexstr2bin(argv[i], reauth->mk, sizeof(reauth->mk)); hexstr2bin(argv[i], reauth->mk, sizeof(reauth->mk));
} else if (os_strcmp(col[i], "k_encr") == 0 && argv[i]) { } else if (os_strcmp(col[i], "k_encr") == 0 && argv[i]) {
@ -1502,7 +1499,7 @@ int eap_sim_db_add_reauth(void *priv, const u8 *identity,
#ifdef CONFIG_SQLITE #ifdef CONFIG_SQLITE
if (data->sqlite_db) if (data->sqlite_db)
return db_add_reauth(data, identity, identity_len, return db_add_reauth(data, identity, identity_len,
reauth_id, counter, mk, 0, NULL, NULL, reauth_id, counter, mk, NULL, NULL,
NULL); NULL);
#endif /* CONFIG_SQLITE */ #endif /* CONFIG_SQLITE */
r = eap_sim_db_add_reauth_data(data, identity, identity_len, reauth_id, r = eap_sim_db_add_reauth_data(data, identity, identity_len, reauth_id,
@ -1511,7 +1508,6 @@ int eap_sim_db_add_reauth(void *priv, const u8 *identity,
return -1; return -1;
os_memcpy(r->mk, mk, EAP_SIM_MK_LEN); os_memcpy(r->mk, mk, EAP_SIM_MK_LEN);
r->aka_prime = 0;
return 0; return 0;
} }
@ -1547,7 +1543,7 @@ int eap_sim_db_add_reauth_prime(void *priv, const u8 *identity,
#ifdef CONFIG_SQLITE #ifdef CONFIG_SQLITE
if (data->sqlite_db) if (data->sqlite_db)
return db_add_reauth(data, identity, identity_len, return db_add_reauth(data, identity, identity_len,
reauth_id, counter, NULL, 1, reauth_id, counter, NULL,
k_encr, k_aut, k_re); k_encr, k_aut, k_re);
#endif /* CONFIG_SQLITE */ #endif /* CONFIG_SQLITE */
r = eap_sim_db_add_reauth_data(data, identity, identity_len, reauth_id, r = eap_sim_db_add_reauth_data(data, identity, identity_len, reauth_id,
@ -1555,7 +1551,6 @@ int eap_sim_db_add_reauth_prime(void *priv, const u8 *identity,
if (r == NULL) if (r == NULL)
return -1; return -1;
r->aka_prime = 1;
os_memcpy(r->k_encr, k_encr, EAP_SIM_K_ENCR_LEN); os_memcpy(r->k_encr, k_encr, EAP_SIM_K_ENCR_LEN);
os_memcpy(r->k_aut, k_aut, EAP_AKA_PRIME_K_AUT_LEN); os_memcpy(r->k_aut, k_aut, EAP_AKA_PRIME_K_AUT_LEN);
os_memcpy(r->k_re, k_re, EAP_AKA_PRIME_K_RE_LEN); os_memcpy(r->k_re, k_re, EAP_AKA_PRIME_K_RE_LEN);

1
src/eap_server/eap_sim_db.h
View File

@ -71,7 +71,6 @@ struct eap_sim_reauth {
size_t identity_len; size_t identity_len;
char *reauth_id; char *reauth_id;
u16 counter; u16 counter;
int aka_prime;
u8 mk[EAP_SIM_MK_LEN]; u8 mk[EAP_SIM_MK_LEN];
u8 k_encr[EAP_SIM_K_ENCR_LEN]; u8 k_encr[EAP_SIM_K_ENCR_LEN];
u8 k_aut[EAP_AKA_PRIME_K_AUT_LEN]; u8 k_aut[EAP_AKA_PRIME_K_AUT_LEN];