aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/charon/plugins/eap_aka/eap_aka_peer.c253
-rw-r--r--src/charon/plugins/eap_aka/eap_aka_server.c371
-rw-r--r--src/charon/plugins/eap_sim/eap_sim_peer.c2
-rw-r--r--src/charon/plugins/eap_sim/eap_sim_server.c4
-rw-r--r--src/charon/sa/authenticators/eap/sim_manager.c4
5 files changed, 568 insertions, 66 deletions
diff --git a/src/charon/plugins/eap_aka/eap_aka_peer.c b/src/charon/plugins/eap_aka/eap_aka_peer.c
index 1ff445c91..527c38e7c 100644
--- a/src/charon/plugins/eap_aka/eap_aka_peer.c
+++ b/src/charon/plugins/eap_aka/eap_aka_peer.c
@@ -39,14 +39,34 @@ struct private_eap_aka_peer_t {
simaka_crypto_t *crypto;
/**
- * ID of the peer
+ * permanent ID of peer
*/
- identification_t *peer;
+ identification_t *permanent;
+
+ /**
+ * Pseudonym identity the peer uses
+ */
+ identification_t *pseudonym;
+
+ /**
+ * Reauthentication identity the peer uses
+ */
+ identification_t *reauth;
/**
* MSK
*/
chunk_t msk;
+
+ /**
+ * Master key, if reauthentication is used
+ */
+ char mk[HASH_SIZE_SHA1];
+
+ /**
+ * Counter value if reauthentication is used
+ */
+ u_int16_t counter;
};
/**
@@ -73,6 +93,85 @@ static eap_payload_t* create_client_error(private_eap_aka_peer_t *this,
}
/**
+ * process an EAP-AKA/Request/Identity message
+ */
+static status_t process_identity(private_eap_aka_peer_t *this,
+ simaka_message_t *in, eap_payload_t **out)
+{
+ simaka_message_t *message;
+ enumerator_t *enumerator;
+ simaka_attribute_t type;
+ chunk_t data, id = chunk_empty;
+ simaka_attribute_t id_req = 0;
+
+ /* reset previously uses reauthentication/pseudonym data */
+ this->crypto->clear_keys(this->crypto);
+ DESTROY_IF(this->pseudonym);
+ this->pseudonym = NULL;
+ DESTROY_IF(this->reauth);
+ this->reauth = NULL;
+
+ enumerator = in->create_attribute_enumerator(in);
+ while (enumerator->enumerate(enumerator, &type, &data))
+ {
+ switch (type)
+ {
+ case AT_ANY_ID_REQ:
+ case AT_FULLAUTH_ID_REQ:
+ case AT_PERMANENT_ID_REQ:
+ id_req = type;
+ break;
+ default:
+ if (!simaka_attribute_skippable(type))
+ {
+ *out = create_client_error(this, in->get_identifier(in));
+ enumerator->destroy(enumerator);
+ return NEED_MORE;
+ }
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+
+ switch (id_req)
+ {
+ case AT_ANY_ID_REQ:
+ this->reauth = charon->sim->card_get_reauth(charon->sim,
+ this->permanent, this->mk, &this->counter);
+ if (this->reauth)
+ {
+ id = this->reauth->get_encoding(this->reauth);
+ break;
+ }
+ /* FALL */
+ case AT_FULLAUTH_ID_REQ:
+ this->pseudonym = charon->sim->card_get_pseudonym(charon->sim,
+ this->permanent);
+ if (this->pseudonym)
+ {
+ id = this->pseudonym->get_encoding(this->pseudonym);
+ break;
+ }
+ /* FALL */
+ case AT_PERMANENT_ID_REQ:
+ id = this->permanent->get_encoding(this->permanent);
+ break;
+ default:
+ break;
+ }
+ message = simaka_message_create(FALSE, in->get_identifier(in), EAP_AKA,
+ AKA_IDENTITY, this->crypto);
+ if (id.len)
+ {
+ message->add_attribute(message, AT_IDENTITY, id);
+ }
+ *out = message->generate(message, chunk_empty);
+ message->destroy(message);
+
+ return NEED_MORE;
+}
+
+/**
* Process an EAP-AKA/Request/Challenge message
*/
static status_t process_challenge(private_eap_aka_peer_t *this,
@@ -83,7 +182,8 @@ static status_t process_challenge(private_eap_aka_peer_t *this,
simaka_attribute_t type;
chunk_t data, rand = chunk_empty, autn = chunk_empty, mk;
u_char res[AKA_RES_LEN], ck[AKA_CK_LEN], ik[AKA_IK_LEN], auts[AKA_AUTS_LEN];
- status_t status = NOT_FOUND;
+ identification_t *id;
+ status_t status;
enumerator = in->create_attribute_enumerator(in);
while (enumerator->enumerate(enumerator, &type, &data))
@@ -115,10 +215,10 @@ static status_t process_challenge(private_eap_aka_peer_t *this,
return NEED_MORE;
}
- status = charon->sim->card_get_quintuplet(charon->sim, this->peer,
+ status = charon->sim->card_get_quintuplet(charon->sim, this->permanent,
rand.ptr, autn.ptr, ck, ik, res);
if (status == INVALID_STATE &&
- charon->sim->card_resync(charon->sim, this->peer, rand.ptr, auts))
+ charon->sim->card_resync(charon->sim, this->permanent, rand.ptr, auts))
{
DBG1(DBG_IKE, "received SQN invalid, sending %N",
simaka_subtype_names, AKA_SYNCHRONIZATION_FAILURE);
@@ -133,7 +233,7 @@ static status_t process_challenge(private_eap_aka_peer_t *this,
if (status != SUCCESS)
{
DBG1(DBG_IKE, "no USIM found with quintuplets for '%Y', sending %N",
- this->peer, simaka_subtype_names, AKA_AUTHENTICATION_REJECT);
+ this->permanent, simaka_subtype_names, AKA_AUTHENTICATION_REJECT);
message = simaka_message_create(FALSE, in->get_identifier(in), EAP_AKA,
AKA_AUTHENTICATION_REJECT, this->crypto);
*out = message->generate(message, chunk_empty);
@@ -141,21 +241,49 @@ static status_t process_challenge(private_eap_aka_peer_t *this,
return NEED_MORE;
}
+ id = this->permanent;
+ if (this->pseudonym)
+ {
+ id = this->pseudonym;
+ }
data = chunk_cata("cc", chunk_create(ik, AKA_IK_LEN),
chunk_create(ck, AKA_CK_LEN));
free(this->msk.ptr);
- this->msk = this->crypto->derive_keys_full(this->crypto, this->peer,
- data, &mk);
+ this->msk = this->crypto->derive_keys_full(this->crypto, id, data, &mk);
+ memcpy(this->mk, mk.ptr, mk.len);
free(mk.ptr);
- /* verify EAP message MAC AT_MAC */
- if (!in->verify(in, chunk_empty))
+ /* Verify AT_MAC attribute and parse() again after key derivation,
+ * reading encrypted attributes */
+ if (!in->verify(in, chunk_empty) || !in->parse(in))
{
- DBG1(DBG_IKE, "AT_MAC verification failed ");
*out = create_client_error(this, in->get_identifier(in));
return NEED_MORE;
}
+ enumerator = in->create_attribute_enumerator(in);
+ while (enumerator->enumerate(enumerator, &type, &data))
+ {
+ switch (type)
+ {
+ case AT_NEXT_REAUTH_ID:
+ this->counter = 0;
+ id = identification_create_from_data(data);
+ charon->sim->card_set_reauth(charon->sim, this->permanent, id,
+ this->mk, this->counter);
+ id->destroy(id);
+ break;
+ case AT_NEXT_PSEUDONYM:
+ id = identification_create_from_data(data);
+ charon->sim->card_set_pseudonym(charon->sim, this->permanent, id);
+ id->destroy(id);
+ break;
+ default:
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+
message = simaka_message_create(FALSE, in->get_identifier(in), EAP_AKA,
AKA_CHALLENGE, this->crypto);
message->add_attribute(message, AT_RES, chunk_create(res, AKA_RES_LEN));
@@ -165,27 +293,59 @@ static status_t process_challenge(private_eap_aka_peer_t *this,
}
/**
- * Process an EAP-AKA/Request/Identity message
+ * Check if a received counter value is acceptable
*/
-static status_t process_identity(private_eap_aka_peer_t *this,
- simaka_message_t *in, eap_payload_t **out)
+static bool counter_too_small(private_eap_aka_peer_t *this, chunk_t chunk)
+{
+ u_int16_t counter;
+
+ memcpy(&counter, chunk.ptr, sizeof(counter));
+ counter = htons(counter);
+ return counter < this->counter;
+}
+
+/**
+ * process an EAP-AKA/Request/Reauthentication message
+ */
+static status_t process_reauthentication(private_eap_aka_peer_t *this,
+ simaka_message_t *in, eap_payload_t **out)
{
simaka_message_t *message;
enumerator_t *enumerator;
simaka_attribute_t type;
- chunk_t data;
+ chunk_t data, counter = chunk_empty, nonce = chunk_empty, id = chunk_empty;
+
+ if (!this->reauth)
+ {
+ DBG1(DBG_IKE, "received %N, but not expected",
+ simaka_subtype_names, AKA_REAUTHENTICATION);
+ *out = create_client_error(this, in->get_identifier(in));
+ return NEED_MORE;
+ }
+
+ this->crypto->derive_keys_reauth(this->crypto,
+ chunk_create(this->mk, HASH_SIZE_SHA1));
+
+ /* parse again with decryption key */
+ if (!in->parse(in))
+ {
+ *out = create_client_error(this, in->get_identifier(in));
+ return NEED_MORE;
+ }
enumerator = in->create_attribute_enumerator(in);
while (enumerator->enumerate(enumerator, &type, &data))
{
switch (type)
{
- case AT_PERMANENT_ID_REQ:
- case AT_FULLAUTH_ID_REQ:
- case AT_ANY_ID_REQ:
- DBG1(DBG_IKE, "server requested %N, sending '%Y'",
- simaka_attribute_names, type, this->peer);
- /* we reply with our permanent identity in any case */
+ case AT_COUNTER:
+ counter = data;
+ break;
+ case AT_NONCE_S:
+ nonce = data;
+ break;
+ case AT_NEXT_REAUTH_ID:
+ id = data;
break;
default:
if (!simaka_attribute_skippable(type))
@@ -199,11 +359,43 @@ static status_t process_identity(private_eap_aka_peer_t *this,
}
enumerator->destroy(enumerator);
+ if (!nonce.len || !counter.len)
+ {
+ DBG1(DBG_IKE, "EAP-AKA/Request/Reauthentication message incomplete");
+ *out = create_client_error(this, in->get_identifier(in));
+ return NEED_MORE;
+ }
+ if (!in->verify(in, nonce))
+ {
+ *out = create_client_error(this, in->get_identifier(in));
+ return NEED_MORE;
+ }
+
message = simaka_message_create(FALSE, in->get_identifier(in), EAP_AKA,
- AKA_IDENTITY, this->crypto);
- message->add_attribute(message, AT_IDENTITY,
- this->peer->get_encoding(this->peer));
- *out = message->generate(message, chunk_empty);
+ AKA_REAUTHENTICATION, this->crypto);
+ if (counter_too_small(this, counter))
+ {
+ DBG1(DBG_IKE, "reauthentication counter too small");
+ message->add_attribute(message, AT_COUNTER_TOO_SMALL, chunk_empty);
+ }
+ else
+ {
+ free(this->msk.ptr);
+ this->msk = this->crypto->derive_keys_reauth_msk(this->crypto,
+ this->reauth, counter, nonce,
+ chunk_create(this->mk, HASH_SIZE_SHA1));
+ if (id.len)
+ {
+ identification_t *reauth;
+
+ reauth = identification_create_from_data(data);
+ charon->sim->card_set_reauth(charon->sim, this->permanent, reauth,
+ this->mk, this->counter);
+ reauth->destroy(reauth);
+ }
+ }
+ message->add_attribute(message, AT_COUNTER, counter);
+ *out = message->generate(message, nonce);
message->destroy(message);
return NEED_MORE;
}
@@ -295,6 +487,9 @@ static status_t process(private_eap_aka_peer_t *this,
case AKA_CHALLENGE:
status = process_challenge(this, message, out);
break;
+ case AKA_REAUTHENTICATION:
+ status = process_reauthentication(this, message, out);
+ break;
case AKA_NOTIFICATION:
status = process_notification(this, message, out);
break;
@@ -354,7 +549,9 @@ static bool is_mutual(private_eap_aka_peer_t *this)
static void destroy(private_eap_aka_peer_t *this)
{
this->crypto->destroy(this->crypto);
- this->peer->destroy(this->peer);
+ this->permanent->destroy(this->permanent);
+ DESTROY_IF(this->pseudonym);
+ DESTROY_IF(this->reauth);
free(this->msk.ptr);
free(this);
}
@@ -380,7 +577,9 @@ eap_aka_peer_t *eap_aka_peer_create(identification_t *server,
free(this);
return NULL;
}
- this->peer = peer->clone(peer);
+ this->permanent = peer->clone(peer);
+ this->pseudonym = NULL;
+ this->reauth = NULL;
this->msk = chunk_empty;
return &this->public;
diff --git a/src/charon/plugins/eap_aka/eap_aka_server.c b/src/charon/plugins/eap_aka/eap_aka_server.c
index 87c718baa..452758575 100644
--- a/src/charon/plugins/eap_aka/eap_aka_server.c
+++ b/src/charon/plugins/eap_aka/eap_aka_server.c
@@ -21,6 +21,9 @@
#include <simaka_message.h>
#include <simaka_crypto.h>
+/** length of the AT_NONCE_S value */
+#define NONCE_LEN 16
+
typedef struct private_eap_aka_server_t private_eap_aka_server_t;
/**
@@ -39,19 +42,24 @@ struct private_eap_aka_server_t {
simaka_crypto_t *crypto;
/**
- * ID of the peer
+ * permanent ID of the peer
*/
- identification_t *peer;
+ identification_t *permanent;
/**
- * EAP identifier value
+ * pseudonym ID of peer
*/
- u_int8_t identifier;
+ identification_t *pseudonym;
/**
- * MSK
+ * reauthentication ID of peer
*/
- chunk_t msk;
+ identification_t *reauth;
+
+ /**
+ * EAP identifier value
+ */
+ u_int8_t identifier;
/**
* Expected Result XRES
@@ -64,6 +72,36 @@ struct private_eap_aka_server_t {
chunk_t rand;
/**
+ * MSK
+ */
+ chunk_t msk;
+
+ /**
+ * Nonce value used in AT_NONCE_S
+ */
+ chunk_t nonce;
+
+ /**
+ * Counter value negotiated, network order
+ */
+ chunk_t counter;
+
+ /**
+ * Do we request fast reauthentication?
+ */
+ bool use_reauth;
+
+ /**
+ * Do we request pseudonym identities?
+ */
+ bool use_pseudonym;
+
+ /**
+ * Do we request permanent identities?
+ */
+ bool use_permanent;
+
+ /**
* EAP-AKA message we have initiated
*/
simaka_subtype_t pending;
@@ -75,42 +113,68 @@ struct private_eap_aka_server_t {
};
/**
- * Check if an unknown attribute is skippable
+ * Create EAP-AKA/Request/Identity message
*/
-static bool attribute_skippable(simaka_attribute_t attribute)
+static status_t identity(private_eap_aka_server_t *this, eap_payload_t **out)
{
- if (attribute >= 0 && attribute <= 127)
+ simaka_message_t *message;
+
+ message = simaka_message_create(TRUE, this->identifier++, EAP_AKA,
+ AKA_IDENTITY, this->crypto);
+ if (this->use_reauth)
{
- DBG1(DBG_IKE, "ignoring skippable attribute %N",
- simaka_attribute_names, attribute);
- return TRUE;
+ message->add_attribute(message, AT_ANY_ID_REQ, chunk_empty);
}
- return FALSE;
+ else if (this->use_pseudonym)
+ {
+ message->add_attribute(message, AT_FULLAUTH_ID_REQ, chunk_empty);
+ }
+ else if (this->use_permanent)
+ {
+ message->add_attribute(message, AT_PERMANENT_ID_REQ, chunk_empty);
+ }
+ *out = message->generate(message, chunk_empty);
+ message->destroy(message);
+
+ this->pending = AKA_IDENTITY;
+ return NEED_MORE;
}
/**
- * Implementation of eap_method_t.initiate
+ * Create EAP-AKA/Request/Challenge message
*/
-static status_t initiate(private_eap_aka_server_t *this, eap_payload_t **out)
+static status_t challenge(private_eap_aka_server_t *this, eap_payload_t **out)
{
simaka_message_t *message;
char rand[AKA_RAND_LEN], xres[AKA_RES_LEN];
char ck[AKA_CK_LEN], ik[AKA_IK_LEN], autn[AKA_AUTN_LEN];
chunk_t data, mk;
+ identification_t *id;
- if (!charon->sim->provider_get_quintuplet(charon->sim, this->peer,
+ if (!charon->sim->provider_get_quintuplet(charon->sim, this->permanent,
rand, xres, ck, ik, autn))
{
- DBG1(DBG_IKE, "no AKA provider found with quintuplets for '%Y'",
- this->peer);
+ if (this->use_pseudonym)
+ {
+ /* probably received a pseudonym/reauth id we couldn't map */
+ DBG1(DBG_IKE, "failed to map pseudonym/reauth identity '%Y', "
+ "fallback to permanent identity request", this->permanent);
+ this->use_pseudonym = FALSE;
+ DESTROY_IF(this->pseudonym);
+ this->pseudonym = NULL;
+ return identity(this, out);
+ }
return FAILED;
}
+ id = this->permanent;
+ if (this->pseudonym)
+ {
+ id = this->pseudonym;
+ }
data = chunk_cata("cc", chunk_create(ik, AKA_IK_LEN),
chunk_create(ck, AKA_CK_LEN));
free(this->msk.ptr);
- this->msk = this->crypto->derive_keys_full(this->crypto, this->peer,
- data, &mk);
- free(mk.ptr);
+ this->msk = this->crypto->derive_keys_full(this->crypto, id, data, &mk);
this->rand = chunk_clone(chunk_create(rand, AKA_RAND_LEN));
this->xres = chunk_clone(chunk_create(xres, AKA_RES_LEN));
@@ -118,14 +182,179 @@ static status_t initiate(private_eap_aka_server_t *this, eap_payload_t **out)
AKA_CHALLENGE, this->crypto);
message->add_attribute(message, AT_RAND, this->rand);
message->add_attribute(message, AT_AUTN, chunk_create(autn, AKA_AUTN_LEN));
+ id = charon->sim->provider_gen_reauth(charon->sim, this->permanent, mk.ptr);
+ if (id)
+ {
+ message->add_attribute(message, AT_NEXT_REAUTH_ID,
+ id->get_encoding(id));
+ id->destroy(id);
+ }
+ else
+ {
+ id = charon->sim->provider_gen_pseudonym(charon->sim, this->permanent);
+ if (id)
+ {
+ message->add_attribute(message, AT_NEXT_PSEUDONYM,
+ id->get_encoding(id));
+ id->destroy(id);
+ }
+ }
*out = message->generate(message, chunk_empty);
message->destroy(message);
+ free(mk.ptr);
this->pending = AKA_CHALLENGE;
return NEED_MORE;
}
/**
+ * Initiate EAP-AKA/Request/Re-authentication message
+ */
+static status_t reauthenticate(private_eap_aka_server_t *this,
+ char mk[HASH_SIZE_SHA1], u_int16_t counter,
+ eap_payload_t **out)
+{
+ simaka_message_t *message;
+ identification_t *next;
+ chunk_t mkc;
+ rng_t *rng;
+
+ DBG1(DBG_IKE, "initiating EAP-AKA reauthentication");
+
+ rng = this->crypto->get_rng(this->crypto);
+ rng->allocate_bytes(rng, NONCE_LEN, &this->nonce);
+
+ mkc = chunk_create(mk, HASH_SIZE_SHA1);
+ counter = htons(counter);
+ this->counter = chunk_clone(chunk_create((char*)&counter, sizeof(counter)));
+
+ this->crypto->derive_keys_reauth(this->crypto, mkc);
+ this->msk = this->crypto->derive_keys_reauth_msk(this->crypto,
+ this->reauth, this->counter, this->nonce, mkc);
+
+ message = simaka_message_create(TRUE, this->identifier++, EAP_AKA,
+ AKA_REAUTHENTICATION, this->crypto);
+ message->add_attribute(message, AT_COUNTER, this->counter);
+ message->add_attribute(message, AT_NONCE_S, this->nonce);
+ next = charon->sim->provider_gen_reauth(charon->sim, this->permanent, mk);
+ if (next)
+ {
+ message->add_attribute(message, AT_NEXT_REAUTH_ID,
+ next->get_encoding(next));
+ next->destroy(next);
+ }
+ /* create AT_MAC over EAP-Message|NONCE_S */
+ *out = message->generate(message, this->nonce);
+ message->destroy(message);
+
+ this->pending = SIM_REAUTHENTICATION;
+ return NEED_MORE;
+}
+
+/**
+ * Implementation of eap_method_t.initiate
+ */
+static status_t initiate(private_eap_aka_server_t *this, eap_payload_t **out)
+{
+ if (this->use_permanent || this->use_pseudonym || this->use_reauth)
+ {
+ return identity(this, out);
+ }
+ return challenge(this, out);
+}
+
+/**
+ * Process EAP-AKA/Response/Identity message
+ */
+static status_t process_identity(private_eap_aka_server_t *this,
+ simaka_message_t *in, eap_payload_t **out)
+{
+ identification_t *permanent, *id;
+ enumerator_t *enumerator;
+ simaka_attribute_t type;
+ chunk_t data, identity = chunk_empty;
+
+ if (this->pending != AKA_IDENTITY)
+ {
+ DBG1(DBG_IKE, "received %N, but not expected",
+ simaka_subtype_names, AKA_IDENTITY);
+ return FAILED;
+ }
+
+ enumerator = in->create_attribute_enumerator(in);
+ while (enumerator->enumerate(enumerator, &type, &data))
+ {
+ switch (type)
+ {
+ case AT_IDENTITY:
+ identity = data;
+ break;
+ default:
+ if (!simaka_attribute_skippable(type))
+ {
+ enumerator->destroy(enumerator);
+ return FAILED;
+ }
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+
+ if (!identity.len)
+ {
+ DBG1(DBG_IKE, "received incomplete Identity response");
+ return FAILED;
+ }
+
+ id = identification_create_from_data(identity);
+ if (this->use_reauth)
+ {
+ char mk[HASH_SIZE_SHA1];
+ u_int16_t counter;
+
+ permanent = charon->sim->provider_is_reauth(charon->sim, id,
+ mk, &counter);
+ if (permanent)
+ {
+ this->permanent->destroy(this->permanent);
+ this->permanent = permanent;
+ this->reauth = id;
+ return reauthenticate(this, mk, counter, out);
+ }
+ /* unable to map, maybe a pseudonym? */
+ DBG1(DBG_IKE, "%Y is not a reauth identity", id);
+ this->use_reauth = FALSE;
+ }
+ if (this->use_pseudonym)
+ {
+ permanent = charon->sim->provider_is_pseudonym(charon->sim, id);
+ if (permanent)
+ {
+ this->permanent->destroy(this->permanent);
+ this->permanent = permanent;
+ this->pseudonym = id->clone(id);
+ /* we already have a new permanent identity now */
+ this->use_permanent = FALSE;
+ }
+ else
+ {
+ DBG1(DBG_IKE, "%Y is not a pseudonym", id);
+ }
+ }
+ if (!this->pseudonym && this->use_permanent)
+ {
+ /* got a permanent identity or a pseudonym reauth id wou couldn't map,
+ * try to get quintuplets */
+ DBG1(DBG_IKE, "received identity '%Y'", id);
+ this->permanent->destroy(this->permanent);
+ this->permanent = id->clone(id);
+ }
+ id->destroy(id);
+
+ return challenge(this, out);
+}
+
+/**
* Process EAP-AKA/Response/Challenge message
*/
static status_t process_challenge(private_eap_aka_server_t *this,
@@ -150,11 +379,9 @@ static status_t process_challenge(private_eap_aka_server_t *this,
res = data;
break;
default:
- if (!attribute_skippable(type))
+ if (!simaka_attribute_skippable(type))
{
enumerator->destroy(enumerator);
- DBG1(DBG_IKE, "found non skippable attribute %N",
- simaka_attribute_names, type);
return FAILED;
}
break;
@@ -178,6 +405,67 @@ static status_t process_challenge(private_eap_aka_server_t *this,
}
/**
+ * process an EAP-AKA/Response/Reauthentication message
+ */
+static status_t process_reauthentication(private_eap_aka_server_t *this,
+ simaka_message_t *in, eap_payload_t **out)
+{
+ enumerator_t *enumerator;
+ simaka_attribute_t type;
+ chunk_t data, counter = chunk_empty;
+ bool too_small = FALSE;
+
+ if (this->pending != AKA_REAUTHENTICATION)
+ {
+ DBG1(DBG_IKE, "received %N, but not expected",
+ simaka_subtype_names, AKA_REAUTHENTICATION);
+ return FAILED;
+ }
+
+ enumerator = in->create_attribute_enumerator(in);
+ while (enumerator->enumerate(enumerator, &type, &data))
+ {
+ switch (type)
+ {
+ case AT_COUNTER:
+ counter = data;
+ break;
+ case AT_COUNTER_TOO_SMALL:
+ too_small = TRUE;
+ break;
+ default:
+ if (!simaka_attribute_skippable(type))
+ {
+ enumerator->destroy(enumerator);
+ return FAILED;
+ }
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+
+ /* verify AT_MAC attribute, signature is over "EAP packet | NONCE_S" */
+ if (!in->verify(in, this->nonce))
+ {
+ return FAILED;
+ }
+ if (too_small)
+ {
+ DBG1(DBG_IKE, "received %N, initiating full authentication",
+ simaka_attribute_names, AT_COUNTER_TOO_SMALL);
+ this->use_reauth = FALSE;
+ this->crypto->clear_keys(this->crypto);
+ return challenge(this, out);
+ }
+ if (!chunk_equals(counter, this->counter))
+ {
+ DBG1(DBG_IKE, "received counter does not match");
+ return FAILED;
+ }
+ return SUCCESS;
+}
+
+/**
* Process EAP-AKA/Response/SynchronizationFailure message
*/
static status_t process_synchronize(private_eap_aka_server_t *this,
@@ -205,11 +493,9 @@ static status_t process_synchronize(private_eap_aka_server_t *this,
auts = data;
break;
default:
- if (!attribute_skippable(type))
+ if (!simaka_attribute_skippable(type))
{
enumerator->destroy(enumerator);
- DBG1(DBG_IKE, "found non skippable attribute %N",
- simaka_attribute_names, type);
return FAILED;
}
break;
@@ -223,15 +509,15 @@ static status_t process_synchronize(private_eap_aka_server_t *this,
return FAILED;
}
- if (!charon->sim->provider_resync(charon->sim, this->peer,
+ if (!charon->sim->provider_resync(charon->sim, this->permanent,
this->rand.ptr, auts.ptr))
{
DBG1(DBG_IKE, "no AKA provider found supporting "
- "resynchronization for '%Y'", this->peer);
+ "resynchronization for '%Y'", this->permanent);
return FAILED;
}
this->synchronized = TRUE;
- return initiate(this, out);
+ return challenge(this, out);
}
/**
@@ -296,9 +582,15 @@ static status_t process(private_eap_aka_server_t *this,
}
switch (message->get_subtype(message))
{
+ case AKA_IDENTITY:
+ status = process_identity(this, message, out);
+ break;
case AKA_CHALLENGE:
status = process_challenge(this, message);
break;
+ case AKA_REAUTHENTICATION:
+ status = process_reauthentication(this, message, out);
+ break;
case AKA_SYNCHRONIZATION_FAILURE:
status = process_synchronize(this, message, out);
break;
@@ -354,10 +646,14 @@ static bool is_mutual(private_eap_aka_server_t *this)
static void destroy(private_eap_aka_server_t *this)
{
this->crypto->destroy(this->crypto);
- this->peer->destroy(this->peer);
- free(this->msk.ptr);
+ this->permanent->destroy(this->permanent);
+ DESTROY_IF(this->pseudonym);
+ DESTROY_IF(this->reauth);
free(this->xres.ptr);
free(this->rand.ptr);
+ free(this->nonce.ptr);
+ free(this->msk.ptr);
+ free(this->counter.ptr);
free(this);
}
@@ -382,12 +678,19 @@ eap_aka_server_t *eap_aka_server_create(identification_t *server,
free(this);
return NULL;
}
- this->peer = peer->clone(peer);
- this->msk = chunk_empty;
+ this->permanent = peer->clone(peer);
+ this->pseudonym = NULL;
+ this->reauth = NULL;
this->xres = chunk_empty;
this->rand = chunk_empty;
+ this->nonce = chunk_empty;
+ this->msk = chunk_empty;
+ this->counter = chunk_empty;
this->pending = 0;
this->synchronized = FALSE;
+ this->use_reauth = this->use_pseudonym = this->use_permanent =
+ lib->settings->get_bool(lib->settings,
+ "charon.plugins.eap-aka.request_identity", TRUE);
/* generate a non-zero identifier */
do {
this->identifier = random();
diff --git a/src/charon/plugins/eap_sim/eap_sim_peer.c b/src/charon/plugins/eap_sim/eap_sim_peer.c
index db2e8ab0a..b5e010dbd 100644
--- a/src/charon/plugins/eap_sim/eap_sim_peer.c
+++ b/src/charon/plugins/eap_sim/eap_sim_peer.c
@@ -330,7 +330,7 @@ static status_t process_challenge(private_eap_sim_peer_t *this,
this->counter = 0;
id = identification_create_from_data(data);
charon->sim->card_set_reauth(charon->sim, this->permanent, id,
- this->mk, this->counter);
+ this->mk, this->counter);
id->destroy(id);
break;
case AT_NEXT_PSEUDONYM:
diff --git a/src/charon/plugins/eap_sim/eap_sim_server.c b/src/charon/plugins/eap_sim/eap_sim_server.c
index 1e50c97b5..aa3f503dc 100644
--- a/src/charon/plugins/eap_sim/eap_sim_server.c
+++ b/src/charon/plugins/eap_sim/eap_sim_server.c
@@ -305,8 +305,6 @@ static status_t process_start(private_eap_sim_server_t *this,
mk, &counter);
if (permanent)
{
- DBG1(DBG_IKE, "received reauthentication identity '%Y' "
- "mapping to '%Y'", id, permanent);
this->permanent->destroy(this->permanent);
this->permanent = permanent;
this->reauth = id;
@@ -323,8 +321,6 @@ static status_t process_start(private_eap_sim_server_t *this,
permanent = charon->sim->provider_is_pseudonym(charon->sim, id);
if (permanent)
{
- DBG1(DBG_IKE, "received pseudonym identity '%Y' "
- "mapping to '%Y'", id, permanent);
this->permanent->destroy(this->permanent);
this->permanent = permanent;
this->pseudonym = id->clone(id);
diff --git a/src/charon/sa/authenticators/eap/sim_manager.c b/src/charon/sa/authenticators/eap/sim_manager.c
index 534c35036..e11d83502 100644
--- a/src/charon/sa/authenticators/eap/sim_manager.c
+++ b/src/charon/sa/authenticators/eap/sim_manager.c
@@ -336,6 +336,8 @@ static identification_t* provider_is_pseudonym(private_sim_manager_t *this,
permanent = provider->is_pseudonym(provider, id);
if (permanent)
{
+ DBG1(DBG_IKE, "received pseudonym identity '%Y' "
+ "mapping to '%Y'", id, permanent);
break;
}
}
@@ -384,6 +386,8 @@ static identification_t* provider_is_reauth(private_sim_manager_t *this,
permanent = provider->is_reauth(provider, id, mk, counter);
if (permanent)
{
+ DBG1(DBG_IKE, "received reauthentication identity '%Y' "
+ "mapping to '%Y'", id, permanent);
break;
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-18 12:33:09 +0000