fragattacks/src/eap_server/eap_sim_db.h
Frederic Leroy 7b0f5500b0 eap_sim_db: Implement eap_sim_db_expire_pending()
Expire pending DB request for EAP-SIM/AKA/AKA'. Timeout defaults to 1
second and is user configurable in hostapd.conf (eap_sim_db_timeout).

Signed-off-by: Frederic Leroy <frederic.leroy@b-com.com>
2015-10-31 16:28:16 +02:00

96 lines
2.8 KiB
C

/*
* hostapd / EAP-SIM database/authenticator gateway
* Copyright (c) 2005-2008, 2012, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#ifndef EAP_SIM_DB_H
#define EAP_SIM_DB_H
#include "eap_common/eap_sim_common.h"
/* Identity prefixes */
#define EAP_SIM_PERMANENT_PREFIX '1'
#define EAP_SIM_PSEUDONYM_PREFIX '3'
#define EAP_SIM_REAUTH_ID_PREFIX '5'
#define EAP_AKA_PERMANENT_PREFIX '0'
#define EAP_AKA_PSEUDONYM_PREFIX '2'
#define EAP_AKA_REAUTH_ID_PREFIX '4'
#define EAP_AKA_PRIME_PERMANENT_PREFIX '6'
#define EAP_AKA_PRIME_PSEUDONYM_PREFIX '7'
#define EAP_AKA_PRIME_REAUTH_ID_PREFIX '8'
enum eap_sim_db_method {
EAP_SIM_DB_SIM,
EAP_SIM_DB_AKA,
EAP_SIM_DB_AKA_PRIME
};
struct eap_sim_db_data;
struct eap_sim_db_data *
eap_sim_db_init(const char *config, unsigned int db_timeout,
void (*get_complete_cb)(void *ctx, void *session_ctx),
void *ctx);
void eap_sim_db_deinit(void *priv);
int eap_sim_db_get_gsm_triplets(struct eap_sim_db_data *data,
const char *username, int max_chal,
u8 *_rand, u8 *kc, u8 *sres,
void *cb_session_ctx);
#define EAP_SIM_DB_FAILURE -1
#define EAP_SIM_DB_PENDING -2
char * eap_sim_db_get_next_pseudonym(struct eap_sim_db_data *data,
enum eap_sim_db_method method);
char * eap_sim_db_get_next_reauth_id(struct eap_sim_db_data *data,
enum eap_sim_db_method method);
int eap_sim_db_add_pseudonym(struct eap_sim_db_data *data,
const char *permanent, char *pseudonym);
int eap_sim_db_add_reauth(struct eap_sim_db_data *data, const char *permanent,
char *reauth_id, u16 counter, const u8 *mk);
int eap_sim_db_add_reauth_prime(struct eap_sim_db_data *data,
const char *permanent,
char *reauth_id, u16 counter, const u8 *k_encr,
const u8 *k_aut, const u8 *k_re);
const char * eap_sim_db_get_permanent(struct eap_sim_db_data *data,
const char *pseudonym);
struct eap_sim_reauth {
struct eap_sim_reauth *next;
char *permanent; /* Permanent username */
char *reauth_id; /* Fast re-authentication username */
u16 counter;
u8 mk[EAP_SIM_MK_LEN];
u8 k_encr[EAP_SIM_K_ENCR_LEN];
u8 k_aut[EAP_AKA_PRIME_K_AUT_LEN];
u8 k_re[EAP_AKA_PRIME_K_RE_LEN];
};
struct eap_sim_reauth *
eap_sim_db_get_reauth_entry(struct eap_sim_db_data *data,
const char *reauth_id);
void eap_sim_db_remove_reauth(struct eap_sim_db_data *data,
struct eap_sim_reauth *reauth);
int eap_sim_db_get_aka_auth(struct eap_sim_db_data *data, const char *username,
u8 *_rand, u8 *autn, u8 *ik, u8 *ck,
u8 *res, size_t *res_len, void *cb_session_ctx);
int eap_sim_db_resynchronize(struct eap_sim_db_data *data,
const char *username, const u8 *auts,
const u8 *_rand);
char * sim_get_username(const u8 *identity, size_t identity_len);
#endif /* EAP_SIM_DB_H */