6 * Implementation of the EAP-PSK packet management
9 * Copyright (C) France Télécom R&D (DR&D/MAPS/NSS)
11 * This program is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU General Public License
13 * as published by the Free Software Foundation; either version 2
14 * of the License, or (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
34 #if defined(__cplusplus)
40 #define EAPPSK_TYPE 255
42 // EXT_Payload maximum length in bytes
43 #define EXT_PAYLOAD_MAX_LEN 977
45 #define PSK_PCHANNEL_REPLAY_COUNTER_SIZE sizeof(unsigned long int) // size in octets
46 #define PSK_KEY_SIZE (PSK_AK_SIZE+PSK_KDK_SIZE) // size in octets
47 #define PSK_AK_SIZE 16 // size in octets
48 #define PSK_KDK_SIZE 16 // size in octets
49 #define PSK_TEK_SIZE 16 // size in octets
50 #define PSK_MSK_SIZE 64 // size in octets
51 #define PSK_EMSK_SIZE 64 // size in octets
52 #define PSK_RANDOM_NUMBER_SIZE 16 // size in octets
53 #define PSK_MAC_SIZE 16 // size in octets
54 #define EAP_HEADER_SIZE 5 // size in octets
59 // EAP-PSK attribute flags
60 #define PSK_STATUS_CONT 0x40
61 #define PSK_STATUS_DONE_FAILURE 0xC0
62 #define PSK_STATUS_DONE_SUCCESS 0x80
64 #define PSK_IS_EXT 0x20
67 // the EAP-PSK configuration parameters
68 typedef struct eap_psk_conf {
69 unsigned char *privateKey; // the server private key
70 unsigned char *id_s; // the server name
71 unsigned int ldapSupport; // if an LDAP directory is used
72 unsigned char *peerNaiAttribute; // the LDAP attribute name which corresponds to the peer NAI
73 unsigned char *peerKeyAttribute; // the LDAP attribute name which corresponds to the peer Key = AK || KDK
74 unsigned char *usersFilePath; // the EAP-PSK users file path
75 unsigned int nbRetry; // the number of bad authorized responses while the EAP-PSK authentication
76 unsigned int maxDelay; // the maximum interval in seconds between two correct responses
80 // data format of the first EAP-PSK message
81 typedef struct psk_message_1 {
82 unsigned char rand_s[PSK_RANDOM_NUMBER_SIZE];
85 // data format of the second EAP-PSK message
86 typedef struct psk_message_2 {
87 unsigned char rand_p[PSK_RANDOM_NUMBER_SIZE];
88 unsigned char mac_p[16];
92 // data format of the third EAP-PSK message
93 typedef struct psk_message_3 {
94 unsigned char mac_s[16];
95 unsigned long int nonce;
96 unsigned char tag[16];
98 unsigned char ext_type;
99 unsigned char *extPayload;
102 // data format of the fourth EAP-PSK message
103 typedef struct psk_message_4 {
104 unsigned long int nonce;
105 unsigned char tag[16];
107 unsigned char ext_type;
108 unsigned char *ext_payload;
113 *@memo this function converts a string into hexa
114 *@param inbytes, pointer to a string
115 *@param outstr, pointer to the hexa conversion
116 *@param numbytes, number of bytes to convert
117 *@return 0 if an error has occured
119 int pskConvertHex(char *inbytes, char *outstr, int numbytes);
123 *@memo this function converts a string which contains hexa characters into hexa
124 *@param inbytes, the string to convert
125 *@param outstr, the conversion in hexa
126 *@param numbytes, the number of bytes to convert
127 *@return 0 if an error has occured
129 int pskHex2Bin(const char *hex, unsigned char *bin, int numbytes);
133 *@memo this function delivers random bytes
134 *@param buf, pointer to the buffer to fill
135 *@param nbytes, number of bytes to generate
136 *@return 0 if an error has occured
138 int pskGetRandomBytes(void *buf, int nbytes);
141 #if defined(__cplusplus)
145 #endif /*_EAP_PSK_H*/