2 * eapsimlib.c based upon draft-haverinen-pppext-eap-sim-11.txt.
4 * The development of the EAP/SIM support was funded by Internet Foundation
5 * Austria (http://www.nic.at/ipa).
7 * code common to EAP-SIM clients and to servers.
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25 * Copyright 2000-2003 The FreeRADIUS server project
26 * Copyright 2003 Michael Richardson <mcr@sandelman.ottawa.on.ca>
30 * EAP-SIM PACKET FORMAT
31 * ------- ------ ------
33 * EAP Request and Response Packet Format
34 * --- ------- --- -------- ------ ------
36 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
37 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
38 * | Code | Identifier | Length |
39 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
40 * | Type | SIM-Type | SIM-Length | value ... |
41 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
43 * with SIM-Type/SIM-Length/Value... repeating. SIM-Length is in units
44 * of 32 bits, and includes the Sim-Type/Sim-Length fields.
46 * The SIM-Type's are mapped to ATTRIBUTE_EAP_SIM_BASE+Sim-type and
47 * unmapped by these functions.
51 #include "libradius.h"
52 #include "eap_types.h"
56 static const char rcsid[] = "$Id$";
59 * given a radius request with many attribues in the EAP-SIM range, build
60 * them all into a single EAP-SIM body.
63 int map_eapsim_basictypes(RADIUS_PACKET *r, EAP_PACKET *ep)
67 uint8_t *encodedmsg, *attr;
68 unsigned int id, eapcode;
69 unsigned char *macspace, *append;
71 unsigned char subtype;
78 * encodedmsg is now an EAP-SIM message.
79 * it might be too big for putting into an EAP-Type-SIM
82 vp = pairfind(r->vps, ATTRIBUTE_EAP_SIM_SUBTYPE);
85 subtype = eapsim_start;
92 vp = pairfind(r->vps, ATTRIBUTE_EAP_ID);
95 id = ((int)getpid() & 0xff);
102 vp = pairfind(r->vps, ATTRIBUTE_EAP_CODE);
105 eapcode = PW_EAP_REQUEST;
109 eapcode = vp->lvalue;
114 * take a walk through the attribute list to see how much space
115 * that we need to encode all of this.
118 for(vp = r->vps; vp != NULL; vp = vp->next)
123 if(vp->attribute < ATTRIBUTE_EAP_SIM_BASE ||
124 vp->attribute >= ATTRIBUTE_EAP_SIM_BASE+256)
132 * the AT_MAC attribute is a bit different, when we get to this
133 * attribute, we pull the contents out, save it for later
134 * processing, set the size to 16 bytes (plus 2 bytes padding).
136 * At this point, we only care about the size.
138 if(vp->attribute == ATTRIBUTE_EAP_SIM_BASE+PW_EAP_SIM_MAC) {
142 /* round up to next multiple of 4, after taking in
143 * account the type and length bytes
145 roundedlen = (vplen + 2 + 3) & ~3;
146 encoded_size += roundedlen;
149 if (ep->code != PW_EAP_SUCCESS)
151 ep->id = (id & 0xff);
152 ep->type.type = PW_EAP_SIM;
155 * if no attributes were found, do very little.
158 if(encoded_size == 0)
160 encodedmsg = malloc(3);
161 /* FIX: could be NULL */
163 encodedmsg[0]=subtype;
168 ep->type.data = encodedmsg;
175 * figured out the length, so malloc some space for the results.
177 * Note that we do not bother going through an "EAP" stage, which
178 * is a bit strange compared to the unmap, which expects to see
179 * an EAP-SIM virtual attributes.
181 * EAP is 1-code, 1-identifier, 2-length, 1-type = 5 overhead.
183 * SIM code adds a subtype, and 2 bytes of reserved = 3.
187 /* malloc space for it */
190 encodedmsg = malloc(encoded_size);
191 if (encodedmsg == NULL) {
192 radlog(L_ERR, "eapsim: out of memory allocating %d bytes", encoded_size+5);
195 memset(encodedmsg, 0, encoded_size);
198 * now walk the attributes again, sticking them in.
200 * we go three bytes into the encoded message, because there are two
201 * bytes of reserved, and we will fill the "subtype" in later.
206 for(vp = r->vps; vp != NULL; vp = vp->next)
210 if(vp->attribute < ATTRIBUTE_EAP_SIM_BASE ||
211 vp->attribute >= ATTRIBUTE_EAP_SIM_BASE+256)
217 * the AT_MAC attribute is a bit different, when we get to this
218 * attribute, we pull the contents out, save it for later
219 * processing, set the size to 16 bytes (plus 2 bytes padding).
221 * At this point, we put in zeros, and remember where the
224 if(vp->attribute == ATTRIBUTE_EAP_SIM_BASE+PW_EAP_SIM_MAC) {
226 memset(&attr[2], 0, 18);
228 append = vp->strvalue;
229 appendlen = vp->length;
232 roundedlen = (vp->length + 2 + 3) & ~3;
233 memset(attr, 0, roundedlen);
234 memcpy(&attr[2], vp->strvalue, vp->length);
236 attr[0] = vp->attribute - ATTRIBUTE_EAP_SIM_BASE;
237 attr[1] = roundedlen >> 2;
242 encodedmsg[0] = subtype;
244 ep->type.length = encoded_size;
245 ep->type.data = encodedmsg;
248 * if macspace was set and we have a key,
249 * then we should calculate the HMAC-SHA1 of the resulting EAP-SIM
250 * packet, appended with the value of append.
252 vp = pairfind(r->vps, ATTRIBUTE_EAP_SIM_KEY);
253 if(macspace != NULL && vp != NULL)
255 unsigned char *buffer;
257 uint16_t hmaclen, total_length = 0;
258 unsigned char sha1digest[20];
260 total_length = EAP_HEADER_LEN + 1 + encoded_size;
261 hmaclen = total_length + appendlen;
262 buffer = (unsigned char *)malloc(hmaclen);
263 hdr = (eap_packet_t *)buffer;
265 radlog(L_ERR, "rlm_eap: out of memory");
270 hdr->code = eapcode & 0xFF;
271 hdr->id = (id & 0xFF);
272 total_length = htons(total_length);
273 memcpy(hdr->length, &total_length, sizeof(uint16_t));
275 hdr->data[0] = PW_EAP_SIM;
278 memcpy(&hdr->data[1], encodedmsg, encoded_size);
281 memcpy(&hdr->data[encoded_size+1], append, appendlen);
284 lrad_hmac_sha1(buffer, hmaclen,
285 vp->strvalue, vp->length,
288 /* done with the buffer, free it */
291 /* now copy the digest to where it belongs in the AT_MAC */
292 /* note that it is truncated to 128-bits */
293 memcpy(macspace, sha1digest, 16);
296 /* if we had an AT_MAC and no key, then fail */
297 if(macspace != NULL && vp == NULL)
299 if(encodedmsg != NULL)
307 int map_eapsim_types(RADIUS_PACKET *r)
312 memset(&ep, 0, sizeof(ep));
313 ret = map_eapsim_basictypes(r, &ep);
317 eap_basic_compose(r, &ep);
323 * given a radius request with an EAP-SIM body, decode it into TLV pairs
325 * return value is TRUE if it succeeded, false if there was something
326 * wrong and the packet should be discarded.
329 int unmap_eapsim_basictypes(RADIUS_PACKET *r,
330 uint8_t *attr, unsigned int attrlen)
333 int eapsim_attribute;
334 unsigned int eapsim_len;
335 int es_attribute_count;
337 es_attribute_count=0;
339 /* big enough to have even a single attribute */
341 radlog(L_ERR, "eap: EAP-Sim attribute too short: %d < 2", attrlen);
345 newvp = paircreate(ATTRIBUTE_EAP_SIM_SUBTYPE, PW_TYPE_INTEGER);
346 if (!newvp) return 0;
347 newvp->lvalue = attr[0];
349 pairadd(&(r->vps), newvp);
354 /* now, loop processing each attribute that we find */
358 radlog(L_ERR, "eap: EAP-Sim attribute %d too short: %d < 2", es_attribute_count, attrlen);
362 eapsim_attribute = attr[0];
363 eapsim_len = attr[1] * 4;
365 if(eapsim_len > attrlen) {
366 radlog(L_ERR, "eap: EAP-Sim attribute %d (no.%d) has length longer than data (%d > %d)"
368 , es_attribute_count, eapsim_len, attrlen);
372 if(eapsim_len > MAX_STRING_LEN) {
373 eapsim_len = MAX_STRING_LEN;
375 if (eapsim_len < 2) {
376 radlog(L_ERR, "eap: EAP-Sim attribute %d (no.%d) has length too small",
377 eapsim_attribute, es_attribute_count);
381 newvp = paircreate(eapsim_attribute+ATTRIBUTE_EAP_SIM_BASE, PW_TYPE_OCTETS);
382 memcpy(newvp->strvalue, &attr[2], eapsim_len-2);
383 newvp->length = eapsim_len-2;
384 pairadd(&(r->vps), newvp);
387 /* advance pointers, decrement length */
389 attrlen -= eapsim_len;
390 es_attribute_count++;
395 int unmap_eapsim_types(RADIUS_PACKET *r)
399 esvp = pairfind(r->vps, ATTRIBUTE_EAP_BASE+PW_EAP_SIM);
401 radlog(L_ERR, "eap: EAP-Sim attribute not found");
405 return unmap_eapsim_basictypes(r, esvp->strvalue, esvp->length);
409 * calculate the MAC for the EAP message, given the key.
410 * The "extra" will be appended to the EAP message and included in the
415 eapsim_checkmac(VALUE_PAIR *rvps,
416 uint8_t key[EAPSIM_AUTH_SIZE],
417 uint8_t *extra, int extralen,
426 mac = pairfind(rvps, ATTRIBUTE_EAP_SIM_BASE+PW_EAP_SIM_MAC);
429 || mac->length != 18) {
430 /* can't check a packet with no AT_MAC attribute */
434 /* get original copy of EAP message, note that it was sanitized
435 * to have a valid length, which we depend upon.
437 e = eap_attribute(rvps);
444 /* make copy big enough for everything */
445 elen = e->length[0]*256 + e->length[1];
446 len = elen + extralen;
448 buffer = malloc(len);
455 memcpy(buffer, e, elen);
456 memcpy(buffer+elen, extra, extralen);
459 * now look for the AT_MAC attribute in the copy of the buffer
460 * and make sure that the checksum is zero.
466 /* first attribute is 8 bytes into the EAP packet.
467 * 4 bytes for EAP, 1 for type, 1 for subtype, 2 reserved.
470 while(attr < (buffer+elen)) {
471 if(attr[0] == PW_EAP_SIM_MAC) {
472 /* zero the data portion, after making sure
473 * the size is >=5. Maybe future versions.
474 * will use more bytes, so be liberal.
480 memset(&attr[4], 0, (attr[1]-1)*4);
482 /* advance the pointer */
487 /* now, HMAC-SHA1 it with the key. */
488 lrad_hmac_sha1(buffer, len,
492 if(memcmp(&mac->strvalue[2], calcmac, 16) == 0) {
505 * definitions changed to take a buffer for unknowns
506 * as this is more thread safe.
508 const char *simstates[]={ "init", "start", NULL };
510 const char *sim_state2name(enum eapsim_clientstates state,
514 if(state >= eapsim_client_maxstates)
516 snprintf(statenamebuf, statenamebuflen,
517 "eapstate:%d", state);
522 return simstates[state];
526 const char *subtypes[]={ "subtype0", "subtype1", "subtype2", "subtype3",
527 "subtype4", "subtype5", "subtype6", "subtype7",
528 "subtype8", "subtype9",
536 const char *sim_subtype2name(enum eapsim_subtype subtype,
537 char *subtypenamebuf,
538 int subtypenamebuflen)
540 if(subtype >= eapsim_max_subtype)
542 snprintf(subtypenamebuf, subtypenamebuflen,
543 "illegal-subtype:%d", subtype);
544 return subtypenamebuf;
548 return subtypes[subtype];
558 const char *radius_dir = RADDBDIR;
560 int radlog(int lvl, const char *msg, ...)
566 r = vfprintf(stderr, msg, ap);
573 main(int argc, char *argv[])
576 RADIUS_PACKET *req,*req2;
577 VALUE_PAIR *vp, *vpkey, *vpextra;
578 extern unsigned int sha1_data_problems;
585 sha1_data_problems = 1;
588 if (dict_init(radius_dir, RADIUS_DICTIONARY) < 0) {
589 librad_perror("radclient");
593 if ((req = rad_alloc(1)) == NULL) {
594 librad_perror("radclient");
598 if ((req2 = rad_alloc(1)) == NULL) {
599 librad_perror("radclient");
604 if(req->vps) pairfree(&req->vps);
605 if(req2->vps) pairfree(&req2->vps);
607 if ((req->vps = readvp2(stdin, &filedone, "eapsimlib:")) == NULL) {
612 vp_printlist(stdout, req->vps);
614 map_eapsim_types(req);
616 printf("Mapped to:\n");
617 vp_printlist(stdout, req->vps);
619 /* find the EAP-Message, copy it to req2 */
620 vp = paircopy2(req->vps, PW_EAP_MESSAGE);
622 if(vp == NULL) continue;
624 pairadd(&req2->vps, vp);
626 /* only call unmap for sim types here */
627 unmap_eap_types(req2);
628 unmap_eapsim_types(req2);
630 printf("Unmapped to:\n");
631 vp_printlist(stdout, req2->vps);
633 vp = pairfind(req2->vps,
634 ATTRIBUTE_EAP_SIM_BASE+PW_EAP_SIM_MAC);
635 vpkey = pairfind(req->vps, ATTRIBUTE_EAP_SIM_KEY);
636 vpextra = pairfind(req->vps, ATTRIBUTE_EAP_SIM_EXTRA);
638 if(vp != NULL && vpkey != NULL && vpextra!=NULL) {
641 /* find the EAP-Message, copy it to req2 */
643 memset(calcmac, 0, sizeof(calcmac));
644 printf("Confirming MAC...");
645 if(eapsim_checkmac(req2->vps, vpkey->strvalue,
646 vpextra->strvalue, vpextra->length,
652 printf("calculated MAC (");
653 for (i = 0; i < 20; i++) {
660 printf("%02x", calcmac[i]);
662 printf(" did not match\n");