The Session-Id derivation for EAP-AKA in RFC 5247 only explained how the Session-Id is derived for regular authentication. Jouni reported it as an errata with text explaining how to derive it during fast reauthentication. This patch now exports the Session-Id for EAP-AKA during fast reauthentication. Also documented by Alan Dekok in draft-dekok-emu-eap-session-id Signed-off-by: Mohit Sethi <mohit.sethi@xxxxxxxx> --- src/eap_peer/eap_aka.c | 36 +++++++++++++++++++++++++++++------- src/eap_server/eap_server_aka.c | 38 ++++++++++++++++++++++++++++++-------- 2 files changed, 59 insertions(+), 15 deletions(-) diff --git a/src/eap_peer/eap_aka.c b/src/eap_peer/eap_aka.c index a444141..6d10b5f 100644 --- a/src/eap_peer/eap_aka.c +++ b/src/eap_peer/eap_aka.c @@ -31,6 +31,7 @@ struct eap_aka_data { u8 emsk[EAP_EMSK_LEN]; u8 rand[EAP_AKA_RAND_LEN], autn[EAP_AKA_AUTN_LEN]; u8 auts[EAP_AKA_AUTS_LEN]; + u8 reauth_mac[EAP_SIM_MAC_LEN]; int num_id_req, num_notification; u8 *pseudonym; @@ -1226,6 +1227,15 @@ static struct wpabuf * eap_aka_process_reauthentication( EAP_AKA_UNABLE_TO_PROCESS_PACKET); } + /* At this stage the MAC received is verified. Use this mac for + * reauth Session-Id calculation if all other checks pass. + * Peer does not use local MAC but received MAC + * in deriving Session-Id */ + os_memset(data->reauth_mac, 0, EAP_SIM_MAC_LEN); + os_memcpy(data->reauth_mac, attr->mac, EAP_SIM_MAC_LEN); + wpa_hexdump(MSG_DEBUG, "EAP-SIM: Server MAC", + data->reauth_mac, EAP_SIM_MAC_LEN); + if (attr->encr_data == NULL || attr->iv == NULL) { wpa_printf(MSG_WARNING, "EAP-AKA: Reauthentication " "message did not include encrypted data"); @@ -1497,14 +1507,26 @@ static u8 * eap_aka_get_session_id(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - *len = 1 + EAP_AKA_RAND_LEN + EAP_AKA_AUTN_LEN; - id = os_malloc(*len); - if (id == NULL) - return NULL; + if(!data->reauth) { + *len = 1 + EAP_AKA_RAND_LEN + EAP_AKA_AUTN_LEN; + id = os_malloc(*len); + if (id == NULL) + return NULL; + + id[0] = data->eap_method; + os_memcpy(id + 1, data->rand, EAP_AKA_RAND_LEN); + os_memcpy(id + 1 + EAP_AKA_RAND_LEN, data->autn, EAP_AKA_AUTN_LEN); + } else { + *len = 1 + EAP_SIM_NONCE_S_LEN + EAP_SIM_MAC_LEN; + id = os_malloc(*len); + if (id == NULL) + return NULL; + + id[0] = data->eap_method; + os_memcpy(id + 1, data->nonce_s, EAP_SIM_NONCE_S_LEN); + os_memcpy(id + 1 + EAP_SIM_NONCE_S_LEN, data->reauth_mac, EAP_SIM_MAC_LEN); + } - id[0] = data->eap_method; - os_memcpy(id + 1, data->rand, EAP_AKA_RAND_LEN); - os_memcpy(id + 1 + EAP_AKA_RAND_LEN, data->autn, EAP_AKA_AUTN_LEN); wpa_hexdump(MSG_DEBUG, "EAP-AKA: Derived Session-Id", id, *len); return id; diff --git a/src/eap_server/eap_server_aka.c b/src/eap_server/eap_server_aka.c index 1bea706..14ef999 100644 --- a/src/eap_server/eap_server_aka.c +++ b/src/eap_server/eap_server_aka.c @@ -30,6 +30,7 @@ struct eap_aka_data { u8 ck[EAP_AKA_CK_LEN]; u8 ik[EAP_AKA_IK_LEN]; u8 res[EAP_AKA_RES_MAX_LEN]; + u8 reauth_mac[EAP_SIM_MAC_LEN]; size_t res_len; enum { IDENTITY, CHALLENGE, REAUTH, NOTIFICATION, SUCCESS, FAILURE @@ -581,7 +582,17 @@ static struct wpabuf * eap_aka_build_reauth(struct eap_sm *sm, wpa_printf(MSG_DEBUG, " AT_MAC"); eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC); - return eap_sim_msg_finish(msg, data->eap_method, data->k_aut, NULL, 0); + struct wpabuf * buf = eap_sim_msg_finish(msg, data->eap_method, + data->k_aut, NULL, 0); + + /* Remember this MAC before sending it to peer. This MAC is used for + * Session-Id calculation after receiving response peer and after all + * other checks pass. */ + os_memset(data->reauth_mac, 0, EAP_SIM_MAC_LEN); + os_memcpy(data->reauth_mac, buf->buf + (int) (wpabuf_len(buf) - + EAP_SIM_MAC_LEN), EAP_SIM_MAC_LEN); + + return buf; } @@ -1304,14 +1315,25 @@ static u8 * eap_aka_get_session_id(struct eap_sm *sm, void *priv, size_t *len) if (data->state != SUCCESS) return NULL; - *len = 1 + EAP_AKA_RAND_LEN + EAP_AKA_AUTN_LEN; - id = os_malloc(*len); - if (id == NULL) - return NULL; + if(!data->reauth) { + *len = 1 + EAP_AKA_RAND_LEN + EAP_AKA_AUTN_LEN; + id = os_malloc(*len); + if (id == NULL) + return NULL; - id[0] = data->eap_method; - os_memcpy(id + 1, data->rand, EAP_AKA_RAND_LEN); - os_memcpy(id + 1 + EAP_AKA_RAND_LEN, data->autn, EAP_AKA_AUTN_LEN); + id[0] = data->eap_method; + os_memcpy(id + 1, data->rand, EAP_AKA_RAND_LEN); + os_memcpy(id + 1 + EAP_AKA_RAND_LEN, data->autn, EAP_AKA_AUTN_LEN); + } else { + *len = 1 + EAP_SIM_NONCE_S_LEN + EAP_SIM_MAC_LEN; + id = os_malloc(*len); + if (id == NULL) + return NULL; + + id[0] = data->eap_method; + os_memcpy(id + 1, data->nonce_s, EAP_SIM_NONCE_S_LEN); + os_memcpy(id + 1 + EAP_SIM_NONCE_S_LEN, data->reauth_mac, EAP_SIM_MAC_LEN); + } wpa_hexdump(MSG_DEBUG, "EAP-AKA: Derived Session-Id", id, *len); return id; -- 2.7.4 _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap