Return to eap_aka_3gpp_functions.h CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / plugins / eap_aka_3gpp |
1.1 misho 1: /* 2: * Copyright (C) 2008-2009 Martin Willi 3: * HSR Hochschule fuer Technik Rapperswil 4: * 5: * This program is free software; you can redistribute it and/or modify it 6: * under the terms of the GNU General Public License as published by the 7: * Free Software Foundation; either version 2 of the License, or (at your 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. 9: * 10: * This program is distributed in the hope that it will be useful, but 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 13: * for more details. 14: */ 15: /* 16: * Copyright (C) 2015 Thomas Strangert 17: * Polystar System AB, Sweden 18: * 19: * Permission is hereby granted, free of charge, to any person obtaining a copy 20: * of this software and associated documentation files (the "Software"), to deal 21: * in the Software without restriction, including without limitation the rights 22: * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 23: * copies of the Software, and to permit persons to whom the Software is 24: * furnished to do so, subject to the following conditions: 25: * 26: * The above copyright notice and this permission notice shall be included in 27: * all copies or substantial portions of the Software. 28: * 29: * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 30: * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 31: * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 32: * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 33: * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 34: * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 35: * THE SOFTWARE. 36: */ 37: 38: /** 39: * @defgroup eap_aka_3gpp_functions eap_aka_3gpp_functions 40: * @{ @ingroup eap_aka_3gpp 41: */ 42: 43: #ifndef EAP_AKA_3GPP_FUNCTIONS_H_ 44: #define EAP_AKA_3GPP_FUNCTIONS_H_ 45: 46: #include <credentials/keys/shared_key.h> 47: #include <simaka_manager.h> 48: #include "eap_aka_3gpp_plugin.h" 49: 50: #define AKA_SQN_LEN 6 51: #define AKA_K_LEN 16 52: #define AKA_OPC_LEN 16 53: #define AKA_MAC_LEN 8 54: #define AKA_AK_LEN 6 55: #define AKA_AMF_LEN 2 56: #define AKA_RES_LEN 8 57: 58: typedef struct eap_aka_3gpp_functions_t eap_aka_3gpp_functions_t; 59: 60: /** 61: * Get a shared key K and OPc of a particular user from the credential database. 62: * 63: * @param id user identity 64: * @param[out] k (16 byte) scratchpad to receive secret key K 65: * @param[out] opc (16 byte) scratchpad to receive operator variant key 66: * derivative OPc 67: */ 68: bool eap_aka_3gpp_get_k_opc(identification_t *id, uint8_t k[AKA_K_LEN], 69: uint8_t opc[AKA_OPC_LEN]); 70: 71: /** 72: * Get SQN using current time. Only used when creating/initializing 73: * an eap_aka_3gpp_card_t or eap_aka_3gpp_provider_t object. 74: * 75: * @param offset time offset to add to current time to avoid initial 76: * SQN resync 77: * @param[out] sqn (6 byte) scratchpad to receive generated SQN 78: */ 79: void eap_aka_3gpp_get_sqn(uint8_t sqn[AKA_SQN_LEN], int offset); 80: 81: /** 82: * f1, f1*(), f2345() and f5*() functions from 3GPP as specified 83: * in the TS 35.205, .206, .207, .208 standards. 84: */ 85: struct eap_aka_3gpp_functions_t { 86: 87: /** 88: * f1 : Calculate MAC-A from RAND, SQN, AMF using K and OPc 89: * 90: * @param k (128 bit) secret key K 91: * @param opc (128 bit) operator variant key derivative OPc 92: * @param rand (128 bit) random value RAND 93: * @param sqn (48 bit) sequence number SQN 94: * @param amf (16 bit) authentication management field AMF 95: * @param[out] maca (64 bit) scratchpad to receive network auth code MAC-A 96: * @return TRUE if calculations successful 97: */ 98: bool (*f1)(eap_aka_3gpp_functions_t *this, 99: const uint8_t k[AKA_K_LEN], const uint8_t opc[AKA_OPC_LEN], 100: const uint8_t rand[AKA_RAND_LEN], const uint8_t sqn[AKA_SQN_LEN], 101: const uint8_t amf[AKA_AMF_LEN], 102: uint8_t maca[AKA_MAC_LEN]); 103: 104: 105: /** 106: * f1* : Calculate MAC-S from RAND, SQN, AMF using K and OPc 107: * 108: * @param k (128 bit) secret key K 109: * @param opc (128 bit) operator variant key derivative OPc 110: * @param rand (128 bit) random value RAND 111: * @param sqn (48 bit) sequence number SQN 112: * @param amf (16 bit) authentication management field AMF 113: * @param[out] macs (64 bit) scratchpad to receive resync auth code MAC-S 114: * @return TRUE if calculations successful 115: */ 116: bool (*f1star)(eap_aka_3gpp_functions_t *this, 117: const uint8_t k[AKA_K_LEN], const uint8_t opc[AKA_OPC_LEN], 118: const uint8_t rand[AKA_RAND_LEN], const uint8_t sqn[AKA_SQN_LEN], 119: const uint8_t amf[AKA_AMF_LEN], 120: uint8_t macs[AKA_MAC_LEN]); 121: 122: /** 123: * f2345 : Do f2, f3, f4 and f5 in a single scoop, where: 124: * f2 : Calculates RES from RAND using K and OPc 125: * f3 : Calculates CK from RAND using K and OPc 126: * f4 : Calculates IK from RAND using K and OPc 127: * f5 : Calculates AK from RAND using K and OPc 128: * 129: * @param k (128 bit) secret key K 130: * @param opc (128 bit) operator variant key derivative OPc 131: * @param rand (128 bit) random value RAND 132: * @param[out] res (64 bit) scratchpad to receive signed response RES 133: * @param[out] ck (128 bit) scratchpad to receive encryption key CK 134: * @param[out] ik (128 bit) scratchpad to receive integrity key IK 135: * @param[out] ak (48 bit) scratchpad to receive anonymity key AK 136: * @return TRUE if calculations successful 137: */ 138: bool (*f2345)(eap_aka_3gpp_functions_t *this, 139: const uint8_t k[AKA_K_LEN], const uint8_t opc[AKA_OPC_LEN], 140: const uint8_t rand[AKA_RAND_LEN], 141: uint8_t res[AKA_RES_LEN], uint8_t ck[AKA_CK_LEN], 142: uint8_t ik[AKA_IK_LEN], uint8_t ak[AKA_AK_LEN]); 143: 144: 145: /** 146: * f5* : Calculates resync AKS from RAND using K and OPc 147: * 148: * @param k (128 bit) secret key K 149: * @param opc (128 bit) operator variant key derivative OPc 150: * @param rand (128 bit) random value RAND 151: * @param[out] aks (48 bit) scratchpad to receive resync anonymity key AKS 152: * @return TRUE if calculations successful 153: */ 154: bool (*f5star)(eap_aka_3gpp_functions_t *this, 155: const uint8_t k[AKA_K_LEN], const uint8_t opc[AKA_OPC_LEN], 156: const uint8_t rand[AKA_RAND_LEN], 157: uint8_t aks[AKA_AK_LEN]); 158: 159: /** 160: * Destroy a eap_aka_3gpp_functions_t. 161: */ 162: void (*destroy)(eap_aka_3gpp_functions_t *this); 163: }; 164: 165: /** 166: * Create a eap_aka_3gpp_functions instance. 167: * 168: * @return function set, NULL on error 169: */ 170: eap_aka_3gpp_functions_t *eap_aka_3gpp_functions_create(); 171: 172: #endif /** EAP_AKA_3GPP_FUNCTIONS_H_ @}*/