1111b9fd8Schristos /* 2111b9fd8Schristos * EAP server/peer: EAP-pwd shared definitions 3111b9fd8Schristos * Copyright (c) 2009, Dan Harkins <dharkins@lounge.org> 4111b9fd8Schristos * 5e604d861Schristos * This software may be distributed under the terms of the BSD license. 6e604d861Schristos * See README for more details. 7111b9fd8Schristos */ 8111b9fd8Schristos 9111b9fd8Schristos #ifndef EAP_PWD_COMMON_H 10111b9fd8Schristos #define EAP_PWD_COMMON_H 11111b9fd8Schristos 12111b9fd8Schristos /* 13111b9fd8Schristos * definition of a finite cyclic group 14111b9fd8Schristos * TODO: support one based on a prime field 15111b9fd8Schristos */ 16111b9fd8Schristos typedef struct group_definition_ { 17111b9fd8Schristos u16 group_num; 180a73ee0aSchristos struct crypto_ec *group; 190a73ee0aSchristos struct crypto_ec_point *pwe; 20111b9fd8Schristos } EAP_PWD_group; 21111b9fd8Schristos 22111b9fd8Schristos /* 23111b9fd8Schristos * EAP-pwd header, included on all payloads 24e604d861Schristos * L(1 bit) | M(1 bit) | exch(6 bits) | total_length(if L is set) 25111b9fd8Schristos */ 26e604d861Schristos #define EAP_PWD_HDR_SIZE 1 27111b9fd8Schristos 28111b9fd8Schristos #define EAP_PWD_OPCODE_ID_EXCH 1 29111b9fd8Schristos #define EAP_PWD_OPCODE_COMMIT_EXCH 2 30111b9fd8Schristos #define EAP_PWD_OPCODE_CONFIRM_EXCH 3 31e604d861Schristos #define EAP_PWD_GET_LENGTH_BIT(x) ((x) & 0x80) 32e604d861Schristos #define EAP_PWD_SET_LENGTH_BIT(x) ((x) |= 0x80) 33e604d861Schristos #define EAP_PWD_GET_MORE_BIT(x) ((x) & 0x40) 34e604d861Schristos #define EAP_PWD_SET_MORE_BIT(x) ((x) |= 0x40) 35e604d861Schristos #define EAP_PWD_GET_EXCHANGE(x) ((x) & 0x3f) 36e604d861Schristos #define EAP_PWD_SET_EXCHANGE(x,y) ((x) |= (y)) 37111b9fd8Schristos 38111b9fd8Schristos /* EAP-pwd-ID payload */ 39111b9fd8Schristos struct eap_pwd_id { 40111b9fd8Schristos be16 group_num; 41111b9fd8Schristos u8 random_function; 42111b9fd8Schristos #define EAP_PWD_DEFAULT_RAND_FUNC 1 43111b9fd8Schristos u8 prf; 44111b9fd8Schristos #define EAP_PWD_DEFAULT_PRF 1 45111b9fd8Schristos u8 token[4]; 46111b9fd8Schristos u8 prep; 47111b9fd8Schristos #define EAP_PWD_PREP_NONE 0 48111b9fd8Schristos #define EAP_PWD_PREP_MS 1 490a73ee0aSchristos #define EAP_PWD_PREP_SSHA1 3 500a73ee0aSchristos #define EAP_PWD_PREP_SSHA256 4 510a73ee0aSchristos #define EAP_PWD_PREP_SSHA512 5 52111b9fd8Schristos u8 identity[0]; /* length inferred from payload */ 53111b9fd8Schristos } STRUCT_PACKED; 54111b9fd8Schristos 55111b9fd8Schristos /* common routines */ 560a73ee0aSchristos EAP_PWD_group * get_eap_pwd_group(u16 num); 5736ebd06eSchristos int compute_password_element(EAP_PWD_group *grp, u16 num, 5836ebd06eSchristos const u8 *password, size_t password_len, 5936ebd06eSchristos const u8 *id_server, size_t id_server_len, 6036ebd06eSchristos const u8 *id_peer, size_t id_peer_len, 6136ebd06eSchristos const u8 *token); 620a73ee0aSchristos int compute_keys(EAP_PWD_group *grp, const struct crypto_bignum *k, 630a73ee0aSchristos const struct crypto_bignum *peer_scalar, 640a73ee0aSchristos const struct crypto_bignum *server_scalar, 6536ebd06eSchristos const u8 *confirm_peer, const u8 *confirm_server, 6636ebd06eSchristos const u32 *ciphersuite, u8 *msk, u8 *emsk, u8 *session_id); 67e604d861Schristos struct crypto_hash * eap_pwd_h_init(void); 68e604d861Schristos void eap_pwd_h_update(struct crypto_hash *hash, const u8 *data, size_t len); 69e604d861Schristos void eap_pwd_h_final(struct crypto_hash *hash, u8 *digest); 70924a7525Schristos struct crypto_ec_point * eap_pwd_get_element(EAP_PWD_group *group, 71924a7525Schristos const u8 *buf); 72924a7525Schristos struct crypto_bignum * eap_pwd_get_scalar(EAP_PWD_group *group, const u8 *buf); 73*460bb4fcSchristos int eap_pwd_get_rand_mask(EAP_PWD_group *group, struct crypto_bignum *_rand, 74*460bb4fcSchristos struct crypto_bignum *_mask, 75*460bb4fcSchristos struct crypto_bignum *scalar); 76111b9fd8Schristos 77111b9fd8Schristos #endif /* EAP_PWD_COMMON_H */ 78