16d49e1aeSJan Lentfer /* 26d49e1aeSJan Lentfer * EAP-FAST definitions (RFC 4851) 36d49e1aeSJan Lentfer * Copyright (c) 2004-2008, Jouni Malinen <j@w1.fi> 46d49e1aeSJan Lentfer * 53ff40c12SJohn Marino * This software may be distributed under the terms of the BSD license. 63ff40c12SJohn Marino * See README for more details. 76d49e1aeSJan Lentfer */ 86d49e1aeSJan Lentfer 96d49e1aeSJan Lentfer #ifndef EAP_FAST_H 106d49e1aeSJan Lentfer #define EAP_FAST_H 116d49e1aeSJan Lentfer 126d49e1aeSJan Lentfer #define EAP_FAST_VERSION 1 136d49e1aeSJan Lentfer #define EAP_FAST_KEY_LEN 64 146d49e1aeSJan Lentfer #define EAP_FAST_SIMCK_LEN 40 156d49e1aeSJan Lentfer #define EAP_FAST_SKS_LEN 40 166d49e1aeSJan Lentfer #define EAP_FAST_CMK_LEN 20 176d49e1aeSJan Lentfer 186d49e1aeSJan Lentfer #define TLS_EXT_PAC_OPAQUE 35 196d49e1aeSJan Lentfer 206d49e1aeSJan Lentfer /* 216d49e1aeSJan Lentfer * RFC 5422: Section 4.2.1 - Formats for PAC TLV Attributes / Type Field 226d49e1aeSJan Lentfer * Note: bit 0x8000 (Mandatory) and bit 0x4000 (Reserved) are also defined 236d49e1aeSJan Lentfer * in the general PAC TLV format (Section 4.2). 246d49e1aeSJan Lentfer */ 256d49e1aeSJan Lentfer #define PAC_TYPE_PAC_KEY 1 266d49e1aeSJan Lentfer #define PAC_TYPE_PAC_OPAQUE 2 276d49e1aeSJan Lentfer #define PAC_TYPE_CRED_LIFETIME 3 286d49e1aeSJan Lentfer #define PAC_TYPE_A_ID 4 296d49e1aeSJan Lentfer #define PAC_TYPE_I_ID 5 306d49e1aeSJan Lentfer /* 316d49e1aeSJan Lentfer * 6 was previous assigned for SERVER_PROTECTED_DATA, but 326d49e1aeSJan Lentfer * draft-cam-winget-eap-fast-provisioning-02.txt changed this to Reserved. 336d49e1aeSJan Lentfer */ 346d49e1aeSJan Lentfer #define PAC_TYPE_A_ID_INFO 7 356d49e1aeSJan Lentfer #define PAC_TYPE_PAC_ACKNOWLEDGEMENT 8 366d49e1aeSJan Lentfer #define PAC_TYPE_PAC_INFO 9 376d49e1aeSJan Lentfer #define PAC_TYPE_PAC_TYPE 10 386d49e1aeSJan Lentfer 396d49e1aeSJan Lentfer #ifdef _MSC_VER 406d49e1aeSJan Lentfer #pragma pack(push, 1) 416d49e1aeSJan Lentfer #endif /* _MSC_VER */ 426d49e1aeSJan Lentfer 436d49e1aeSJan Lentfer struct pac_tlv_hdr { 446d49e1aeSJan Lentfer be16 type; 456d49e1aeSJan Lentfer be16 len; 466d49e1aeSJan Lentfer } STRUCT_PACKED; 476d49e1aeSJan Lentfer 486d49e1aeSJan Lentfer #ifdef _MSC_VER 496d49e1aeSJan Lentfer #pragma pack(pop) 506d49e1aeSJan Lentfer #endif /* _MSC_VER */ 516d49e1aeSJan Lentfer 526d49e1aeSJan Lentfer 536d49e1aeSJan Lentfer #define EAP_FAST_PAC_KEY_LEN 32 546d49e1aeSJan Lentfer 556d49e1aeSJan Lentfer /* RFC 5422: 4.2.6 PAC-Type TLV */ 566d49e1aeSJan Lentfer #define PAC_TYPE_TUNNEL_PAC 1 576d49e1aeSJan Lentfer /* Application Specific Short Lived PACs (only in volatile storage) */ 586d49e1aeSJan Lentfer /* User Authorization PAC */ 596d49e1aeSJan Lentfer #define PAC_TYPE_USER_AUTHORIZATION 3 606d49e1aeSJan Lentfer /* Application Specific Long Lived PACs */ 616d49e1aeSJan Lentfer /* Machine Authentication PAC */ 626d49e1aeSJan Lentfer #define PAC_TYPE_MACHINE_AUTHENTICATION 2 636d49e1aeSJan Lentfer 646d49e1aeSJan Lentfer 656d49e1aeSJan Lentfer /* 666d49e1aeSJan Lentfer * RFC 5422: 676d49e1aeSJan Lentfer * Section 3.3 - Key Derivations Used in the EAP-FAST Provisioning Exchange 686d49e1aeSJan Lentfer */ 696d49e1aeSJan Lentfer struct eap_fast_key_block_provisioning { 706d49e1aeSJan Lentfer /* Extra key material after TLS key_block */ 716d49e1aeSJan Lentfer u8 session_key_seed[EAP_FAST_SKS_LEN]; 726d49e1aeSJan Lentfer u8 server_challenge[16]; /* MSCHAPv2 ServerChallenge */ 736d49e1aeSJan Lentfer u8 client_challenge[16]; /* MSCHAPv2 ClientChallenge */ 746d49e1aeSJan Lentfer }; 756d49e1aeSJan Lentfer 766d49e1aeSJan Lentfer 776d49e1aeSJan Lentfer struct wpabuf; 786d49e1aeSJan Lentfer struct tls_connection; 796d49e1aeSJan Lentfer 806d49e1aeSJan Lentfer struct eap_fast_tlv_parse { 816d49e1aeSJan Lentfer u8 *eap_payload_tlv; 826d49e1aeSJan Lentfer size_t eap_payload_tlv_len; 836d49e1aeSJan Lentfer struct eap_tlv_crypto_binding_tlv *crypto_binding; 846d49e1aeSJan Lentfer size_t crypto_binding_len; 856d49e1aeSJan Lentfer int iresult; 866d49e1aeSJan Lentfer int result; 876d49e1aeSJan Lentfer int request_action; 886d49e1aeSJan Lentfer u8 *pac; 896d49e1aeSJan Lentfer size_t pac_len; 906d49e1aeSJan Lentfer }; 916d49e1aeSJan Lentfer 926d49e1aeSJan Lentfer void eap_fast_put_tlv_hdr(struct wpabuf *buf, u16 type, u16 len); 936d49e1aeSJan Lentfer void eap_fast_put_tlv(struct wpabuf *buf, u16 type, const void *data, 946d49e1aeSJan Lentfer u16 len); 956d49e1aeSJan Lentfer void eap_fast_put_tlv_buf(struct wpabuf *buf, u16 type, 966d49e1aeSJan Lentfer const struct wpabuf *data); 976d49e1aeSJan Lentfer struct wpabuf * eap_fast_tlv_eap_payload(struct wpabuf *buf); 986d49e1aeSJan Lentfer void eap_fast_derive_master_secret(const u8 *pac_key, const u8 *server_random, 996d49e1aeSJan Lentfer const u8 *client_random, u8 *master_secret); 1006d49e1aeSJan Lentfer u8 * eap_fast_derive_key(void *ssl_ctx, struct tls_connection *conn, 101*a1157835SDaniel Fojt size_t len); 102*a1157835SDaniel Fojt int eap_fast_derive_eap_msk(const u8 *simck, u8 *msk); 103*a1157835SDaniel Fojt int eap_fast_derive_eap_emsk(const u8 *simck, u8 *emsk); 1046d49e1aeSJan Lentfer int eap_fast_parse_tlv(struct eap_fast_tlv_parse *tlv, 105*a1157835SDaniel Fojt int tlv_type, u8 *pos, size_t len); 1066d49e1aeSJan Lentfer 1076d49e1aeSJan Lentfer #endif /* EAP_FAST_H */ 108