On Fri, 2019-05-17 at 14:40 +0300, Mohit Sethi wrote:
> The Session-Id derivation for EAP-SIM in RFC 5247 only explained how the Session-Id is derived for regular authentication.
>
> Jouni reported it as an errata with text explaining how to derive it during fast reauthentication.
>
> This patch now exports the Session-Id for EAP-SIM during fast reauthentication.
>
> Signed-off-by: Mohit Sethi <mohit.sethi@xxxxxxxx>
> ---
> src/eap_peer/eap_sim.c | 38 ++++++++++++++++++++++++++++++--------
> src/eap_server/eap_server_sim.c | 40 +++++++++++++++++++++++++++++++---------
> 2 files changed, 61 insertions(+), 17 deletions(-)
>
> diff --git a/src/eap_peer/eap_sim.c b/src/eap_peer/eap_sim.c
> index ba5eea9..3b09ee2 100644
> --- a/src/eap_peer/eap_sim.c
> +++ b/src/eap_peer/eap_sim.c
> @@ -32,6 +32,7 @@ struct eap_sim_data {
> u8 msk[EAP_SIM_KEYING_DATA_LEN];
> u8 emsk[EAP_EMSK_LEN];
> u8 rand[3][GSM_RAND_LEN];
> + u8 reauth_mac[EAP_SIM_MAC_LEN];
>
> int num_id_req, num_notification;
> u8 *pseudonym;
> @@ -958,6 +959,15 @@ static struct wpabuf * eap_sim_process_reauthentication(
> EAP_SIM_UNABLE_TO_PROCESS_PACKET);
> }
>
> + /* At this stage the MAC received is verified. Use this mac for
> + * reauth Session-Id calculation if all other checks pass.
> + * Peer does not use local MAC but received MAC
> + * in deriving Session-Id */
> + os_memset(data->reauth_mac, 0, EAP_SIM_MAC_LEN);
> + os_memcpy(data->reauth_mac, attr->mac, EAP_SIM_MAC_LEN);
> + wpa_hexdump(MSG_DEBUG, "EAP-SIM: Server MAC", data->reauth_mac,
> + EAP_SIM_MAC_LEN);
^^ leading whitespace doesn't match existing code.
> if (attr->encr_data == NULL || attr->iv == NULL) {
> wpa_printf(MSG_WARNING, "EAP-SIM: Reauthentication "
> "message did not include encrypted data");
> @@ -1215,16 +1225,28 @@ static u8 * eap_sim_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
>
> if (data->state != SUCCESS)
> return NULL;
> +
> + if(!data->reauth) {
> + *len = 1 + data->num_chal * GSM_RAND_LEN + EAP_SIM_NONCE_MT_LEN;
> + id = os_malloc(*len);
> + if (id == NULL)
> + return NULL;
>
> - *len = 1 + data->num_chal * GSM_RAND_LEN + EAP_SIM_NONCE_MT_LEN;
> - id = os_malloc(*len);
> - if (id == NULL)
> - return NULL;
> + id[0] = EAP_TYPE_SIM;
> + os_memcpy(id + 1, data->rand, data->num_chal * GSM_RAND_LEN);
> + os_memcpy(id + 1 + data->num_chal * GSM_RAND_LEN, data->nonce_mt,
> + EAP_SIM_NONCE_MT_LEN);
> + } else {
> + *len = 1 + EAP_SIM_NONCE_S_LEN + EAP_SIM_MAC_LEN;
> + id = os_malloc(*len);
> + if (id == NULL)
> + return NULL;
>
> - id[0] = EAP_TYPE_SIM;
> - os_memcpy(id + 1, data->rand, data->num_chal * GSM_RAND_LEN);
> - os_memcpy(id + 1 + data->num_chal * GSM_RAND_LEN, data->nonce_mt,
> - EAP_SIM_NONCE_MT_LEN);
> + id[0] = EAP_TYPE_SIM;
> + os_memcpy(id + 1, data->nonce_s, EAP_SIM_NONCE_S_LEN);
> + os_memcpy(id + 1 + EAP_SIM_NONCE_S_LEN, data->reauth_mac,
> + EAP_SIM_MAC_LEN);
> + }
> wpa_hexdump(MSG_DEBUG, "EAP-SIM: Derived Session-Id", id, *len);
>
> return id;
> diff --git a/src/eap_server/eap_server_sim.c b/src/eap_server/eap_server_sim.c
> index 1287827..7ea208d 100644
> --- a/src/eap_server/eap_server_sim.c
> +++ b/src/eap_server/eap_server_sim.c
> @@ -26,6 +26,7 @@ struct eap_sim_data {
> u8 kc[EAP_SIM_MAX_CHAL][EAP_SIM_KC_LEN];
> u8 sres[EAP_SIM_MAX_CHAL][EAP_SIM_SRES_LEN];
> u8 rand[EAP_SIM_MAX_CHAL][GSM_RAND_LEN];
> + u8 reauth_mac[EAP_SIM_MAC_LEN];
> int num_chal;
> enum {
> START, CHALLENGE, REAUTH, NOTIFICATION, SUCCESS, FAILURE
> @@ -278,7 +279,15 @@ static struct wpabuf * eap_sim_build_reauth(struct eap_sm *sm,
>
> wpa_printf(MSG_DEBUG, " AT_MAC");
> eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
> - return eap_sim_msg_finish(msg, EAP_TYPE_SIM, data->k_aut, NULL, 0);
> + struct wpabuf * buf = eap_sim_msg_finish(msg, EAP_TYPE_SIM, data->k_aut,
> + NULL, 0);
> +
> + /* Remember this MAC before sending it to peer. This MAC is used for
> + * Session-Id calculation after receiving response peer and after all
> + * other checks pass. */
> + os_memset(data->reauth_mac, 0, EAP_SIM_MAC_LEN);
> + os_memcpy(data->reauth_mac, buf->buf + (int) (wpabuf_len(buf) -
Same here.
Dan
> + EAP_SIM_MAC_LEN), EAP_SIM_MAC_LEN);
> }
>
>
> @@ -829,15 +838,28 @@ static u8 * eap_sim_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
> if (data->state != SUCCESS)
> return NULL;
>
> - *len = 1 + data->num_chal * GSM_RAND_LEN + EAP_SIM_NONCE_MT_LEN;
> - id = os_malloc(*len);
> - if (id == NULL)
> - return NULL;
> + if(!data->reauth) {
> + *len = 1 + data->num_chal * GSM_RAND_LEN + EAP_SIM_NONCE_MT_LEN;
> + id = os_malloc(*len);
> + if (id == NULL)
> + return NULL;
>
> - id[0] = EAP_TYPE_SIM;
> - os_memcpy(id + 1, data->rand, data->num_chal * GSM_RAND_LEN);
> - os_memcpy(id + 1 + data->num_chal * GSM_RAND_LEN, data->nonce_mt,
> - EAP_SIM_NONCE_MT_LEN);
> + id[0] = EAP_TYPE_SIM;
> + os_memcpy(id + 1, data->rand, data->num_chal * GSM_RAND_LEN);
> + os_memcpy(id + 1 + data->num_chal * GSM_RAND_LEN, data->nonce_mt,
> + EAP_SIM_NONCE_MT_LEN);
> + } else {
> + *len = 1 + EAP_SIM_NONCE_S_LEN + EAP_SIM_MAC_LEN;
> + id = os_malloc(*len);
> + if (id == NULL)
> + return NULL;
> +
> + id[0] = EAP_TYPE_SIM;
> + os_memcpy(id + 1, data->nonce_s, EAP_SIM_NONCE_S_LEN);
> + os_memcpy(id + 1 + EAP_SIM_NONCE_S_LEN, data->reauth_mac,
> + EAP_SIM_MAC_LEN);
> +
> + }
> wpa_hexdump(MSG_DEBUG, "EAP-SIM: Derived Session-Id", id, *len);
>
> return id;
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
