ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
strongswan/src/charon/sa/authenticators/eap/sim_manager.c

474 lines
14 KiB
C
Raw Normal View History

reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
/*
* Copyright (C) 2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include "sim_manager.h"
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
#include <daemon.h>
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
#include <utils/linked_list.h>
typedef struct private_sim_manager_t private_sim_manager_t;
/**
* Private data of an sim_manager_t object.
*/
struct private_sim_manager_t {
removed trailing spaces ([[:space:]]+$)
2009-09-04 11:46:09 +00:00
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
/**
* Public sim_manager_t interface.
*/
sim_manager_t public;
removed trailing spaces ([[:space:]]+$)
2009-09-04 11:46:09 +00:00
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
/**
* list of added cards
*/
linked_list_t *cards;
removed trailing spaces ([[:space:]]+$)
2009-09-04 11:46:09 +00:00
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
/**
* list of added provider
*/
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
linked_list_t *providers;
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
};
/**
* Implementation of sim_manager_t.add_card
*/
static void add_card(private_sim_manager_t *this, sim_card_t *card)
{
this->cards->insert_last(this->cards, card);
}
/**
* Implementation of sim_manager_t.remove_card
*/
static void remove_card(private_sim_manager_t *this, sim_card_t *card)
{
this->cards->remove(this->cards, card, NULL);
}
/**
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
* Implementation of sim_manager_t.card_get_triplet
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
*/
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
static bool card_get_triplet(private_sim_manager_t *this, identification_t *id,
char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN],
char kc[SIM_KC_LEN])
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
{
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
enumerator_t *enumerator;
sim_card_t *card;
int tried = 0;
enumerator = this->cards->create_enumerator(this->cards);
while (enumerator->enumerate(enumerator, &card))
{
if (card->get_triplet(card, id, rand, sres, kc))
{
enumerator->destroy(enumerator);
return TRUE;
}
tried++;
}
enumerator->destroy(enumerator);
DBG1(DBG_IKE, "tried %d SIM cards, but none has triplets for '%Y'",
tried, id);
return FALSE;
}
/**
* Implementation of sim_manager_t.card_get_quintuplet
*/
static status_t card_get_quintuplet(private_sim_manager_t *this,
identification_t *id, char rand[AKA_RAND_LEN],
char autn[AKA_AUTN_LEN], char ck[AKA_CK_LEN],
Support variable RES length in AKA quintuplets
2009-11-12 09:27:50 +00:00
char ik[AKA_IK_LEN], char res[AKA_RES_MAX],
int *res_len)
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
{
enumerator_t *enumerator;
sim_card_t *card;
status_t status = NOT_FOUND;
int tried = 0;
enumerator = this->cards->create_enumerator(this->cards);
while (enumerator->enumerate(enumerator, &card))
{
Support variable RES length in AKA quintuplets
2009-11-12 09:27:50 +00:00
status = card->get_quintuplet(card, id, rand, autn, ck, ik, res, res_len);
Handle NOT_SUPPORTED or other errors properly in get_quintuplet
2009-11-27 13:55:20 +00:00
switch (status)
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
{ /* try next on error, but not on INVALID_STATE */
Handle NOT_SUPPORTED or other errors properly in get_quintuplet
2009-11-27 13:55:20 +00:00
case SUCCESS:
case INVALID_STATE:
enumerator->destroy(enumerator);
return status;
case NOT_SUPPORTED:
case FAILED:
default:
tried++;
continue;
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
}
}
enumerator->destroy(enumerator);
DBG1(DBG_IKE, "tried %d SIM cards, but none has quintuplets for '%Y'",
tried, id);
return status;
}
/**
* Implementation of sim_manager_t.card_resync
*/
static bool card_resync(private_sim_manager_t *this, identification_t *id,
char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN])
{
enumerator_t *enumerator;
sim_card_t *card;
enumerator = this->cards->create_enumerator(this->cards);
while (enumerator->enumerate(enumerator, &card))
{
if (card->resync(card, id, rand, auts))
{
enumerator->destroy(enumerator);
return TRUE;
}
}
enumerator->destroy(enumerator);
return FALSE;
}
/**
* Implementation of sim_manager_t.card_set_pseudonym
*/
static void card_set_pseudonym(private_sim_manager_t *this,
identification_t *id, identification_t *pseudonym)
{
enumerator_t *enumerator;
sim_card_t *card;
Use new identity constructor in EAP-SIM
2009-10-29 14:58:43 +00:00
DBG1(DBG_IKE, "storing pseudonym '%Y' for '%Y'", pseudonym, id);
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
enumerator = this->cards->create_enumerator(this->cards);
while (enumerator->enumerate(enumerator, &card))
{
card->set_pseudonym(card, id, pseudonym);
}
enumerator->destroy(enumerator);
}
/**
* Implementation of sim_manager_t.card_get_pseudonym
*/
static identification_t* card_get_pseudonym(private_sim_manager_t *this,
identification_t *id)
{
enumerator_t *enumerator;
sim_card_t *card;
identification_t *pseudonym = NULL;
enumerator = this->cards->create_enumerator(this->cards);
while (enumerator->enumerate(enumerator, &card))
{
pseudonym = card->get_pseudonym(card, id);
if (pseudonym)
{
DBG1(DBG_IKE, "using stored pseudonym identity '%Y' "
"instead of '%Y'", pseudonym, id);
break;
}
}
enumerator->destroy(enumerator);
return pseudonym;
}
/**
* Implementation of sim_manager_t.card_set_reauth
*/
static void card_set_reauth(private_sim_manager_t *this, identification_t *id,
identification_t *next, char mk[HASH_SIZE_SHA1],
u_int16_t counter)
{
enumerator_t *enumerator;
sim_card_t *card;
Use new identity constructor in EAP-SIM
2009-10-29 14:58:43 +00:00
DBG1(DBG_IKE, "storing next reauthentication identity '%Y' for '%Y'",
next, id);
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
enumerator = this->cards->create_enumerator(this->cards);
while (enumerator->enumerate(enumerator, &card))
{
card->set_reauth(card, id, next, mk, counter);
}
enumerator->destroy(enumerator);
}
/**
* Implementation of sim_manager_t.card_get_reauth
*/
static identification_t* card_get_reauth(private_sim_manager_t *this,
identification_t *id, char mk[HASH_SIZE_SHA1],
u_int16_t *counter)
{
enumerator_t *enumerator;
sim_card_t *card;
identification_t *reauth = NULL;
enumerator = this->cards->create_enumerator(this->cards);
while (enumerator->enumerate(enumerator, &card))
{
reauth = card->get_reauth(card, id, mk, counter);
if (reauth)
{
DBG1(DBG_IKE, "using stored reauthentication identity '%Y' "
"instead of '%Y'", reauth, id);
break;
}
}
enumerator->destroy(enumerator);
return reauth;
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
}
/**
* Implementation of sim_manager_t.add_provider
*/
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
static void add_provider(private_sim_manager_t *this, sim_provider_t *provider)
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
{
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
this->providers->insert_last(this->providers, provider);
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
}
/**
* Implementation of sim_manager_t.remove_provider
*/
static void remove_provider(private_sim_manager_t *this,
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
sim_provider_t *provider)
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
{
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
this->providers->remove(this->providers, provider, NULL);
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
}
/**
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
* Implementation of sim_manager_t.provider_get_triplet
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
*/
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
static bool provider_get_triplet(private_sim_manager_t *this,
identification_t *id, char rand[SIM_RAND_LEN],
char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN])
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
{
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
enumerator_t *enumerator;
sim_provider_t *provider;
int tried = 0;
enumerator = this->providers->create_enumerator(this->providers);
while (enumerator->enumerate(enumerator, &provider))
{
if (provider->get_triplet(provider, id, rand, sres, kc))
{
enumerator->destroy(enumerator);
return TRUE;
}
tried++;
}
enumerator->destroy(enumerator);
DBG1(DBG_IKE, "tried %d SIM providers, but none had a triplet for '%Y'",
tried, id);
return FALSE;
}
/**
* Implementation of sim_manager_t.provider_get_quintuplet
*/
static bool provider_get_quintuplet(private_sim_manager_t *this,
identification_t *id, char rand[AKA_RAND_LEN],
Support variable RES length in AKA quintuplets
2009-11-12 09:27:50 +00:00
char xres[AKA_RES_MAX], int *xres_len,
char ck[AKA_CK_LEN], char ik[AKA_IK_LEN],
char autn[AKA_AUTN_LEN])
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
{
enumerator_t *enumerator;
sim_provider_t *provider;
int tried = 0;
enumerator = this->providers->create_enumerator(this->providers);
while (enumerator->enumerate(enumerator, &provider))
{
Support variable RES length in AKA quintuplets
2009-11-12 09:27:50 +00:00
if (provider->get_quintuplet(provider, id, rand, xres, xres_len,
ck, ik, autn))
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
{
enumerator->destroy(enumerator);
return TRUE;
}
}
enumerator->destroy(enumerator);
DBG1(DBG_IKE, "tried %d SIM providers, but none had a quintuplet for '%Y'",
tried, id);
return FALSE;
}
/**
* Implementation of sim_manager_t.provider_resync
*/
static bool provider_resync(private_sim_manager_t *this, identification_t *id,
char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN])
{
enumerator_t *enumerator;
sim_provider_t *provider;
enumerator = this->providers->create_enumerator(this->providers);
while (enumerator->enumerate(enumerator, &provider))
{
if (provider->resync(provider, id, rand, auts))
{
enumerator->destroy(enumerator);
return TRUE;
}
}
enumerator->destroy(enumerator);
return FALSE;
}
/**
* Implementation of sim_manager_t.provider_is_pseudonym
*/
static identification_t* provider_is_pseudonym(private_sim_manager_t *this,
identification_t *id)
{
enumerator_t *enumerator;
sim_provider_t *provider;
identification_t *permanent = NULL;
enumerator = this->providers->create_enumerator(this->providers);
while (enumerator->enumerate(enumerator, &provider))
{
permanent = provider->is_pseudonym(provider, id);
if (permanent)
{
Ported pseudonym/reauth functionality to EAP-AKA
2009-10-29 16:38:45 +00:00
DBG1(DBG_IKE, "received pseudonym identity '%Y' "
"mapping to '%Y'", id, permanent);
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
break;
}
}
enumerator->destroy(enumerator);
return permanent;
}
/**
* Implementation of sim_manager_t.provider_gen_pseudonym
*/
static identification_t* provider_gen_pseudonym(private_sim_manager_t *this,
identification_t *id)
{
enumerator_t *enumerator;
sim_provider_t *provider;
identification_t *pseudonym = NULL;
enumerator = this->providers->create_enumerator(this->providers);
while (enumerator->enumerate(enumerator, &provider))
{
pseudonym = provider->gen_pseudonym(provider, id);
if (pseudonym)
{
DBG1(DBG_IKE, "proposing new pseudonym '%Y'", pseudonym);
break;
}
}
enumerator->destroy(enumerator);
return pseudonym;
}
/**
* Implementation of sim_manager_t.provider_is_reauth
*/
static identification_t* provider_is_reauth(private_sim_manager_t *this,
identification_t *id, char mk[HASH_SIZE_SHA1],
u_int16_t *counter)
{
enumerator_t *enumerator;
sim_provider_t *provider;
identification_t *permanent = NULL;
enumerator = this->providers->create_enumerator(this->providers);
while (enumerator->enumerate(enumerator, &provider))
{
permanent = provider->is_reauth(provider, id, mk, counter);
if (permanent)
{
Ported pseudonym/reauth functionality to EAP-AKA
2009-10-29 16:38:45 +00:00
DBG1(DBG_IKE, "received reauthentication identity '%Y' "
"mapping to '%Y'", id, permanent);
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
break;
}
}
enumerator->destroy(enumerator);
return permanent;
}
/**
* Implementation of sim_manager_t.provider_gen_reauth
*/
static identification_t* provider_gen_reauth(private_sim_manager_t *this,
identification_t *id, char mk[HASH_SIZE_SHA1])
{
enumerator_t *enumerator;
sim_provider_t *provider;
identification_t *reauth = NULL;
enumerator = this->providers->create_enumerator(this->providers);
while (enumerator->enumerate(enumerator, &provider))
{
reauth = provider->gen_reauth(provider, id, mk);
if (reauth)
{
DBG1(DBG_IKE, "proposing new reauthentication identity '%Y'", reauth);
break;
}
}
enumerator->destroy(enumerator);
return reauth;
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
}
/**
* Implementation of sim_manager_t.destroy.
*/
static void destroy(private_sim_manager_t *this)
{
this->cards->destroy(this->cards);
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
this->providers->destroy(this->providers);
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
free(this);
}
/**
* See header
*/
sim_manager_t *sim_manager_create()
{
private_sim_manager_t *this = malloc_thing(private_sim_manager_t);
removed trailing spaces ([[:space:]]+$)
2009-09-04 11:46:09 +00:00
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
this->public.add_card = (void(*)(sim_manager_t*, sim_card_t *card))add_card;
this->public.remove_card = (void(*)(sim_manager_t*, sim_card_t *card))remove_card;
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
this->public.card_get_triplet = (bool(*)(sim_manager_t*, identification_t *id, char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN]))card_get_triplet;
Support variable RES length in AKA quintuplets
2009-11-12 09:27:50 +00:00
this->public.card_get_quintuplet = (status_t(*)(sim_manager_t*, identification_t *id, char rand[AKA_RAND_LEN], char autn[AKA_AUTN_LEN], char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], char res[AKA_RES_MAX], int *res_len))card_get_quintuplet;
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
this->public.card_resync = (bool(*)(sim_manager_t*, identification_t *id, char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]))card_resync;
this->public.card_set_pseudonym = (void(*)(sim_manager_t*, identification_t *id, identification_t *pseudonym))card_set_pseudonym;
this->public.card_get_pseudonym = (identification_t*(*)(sim_manager_t*, identification_t *id))card_get_pseudonym;
this->public.card_set_reauth = (void(*)(sim_manager_t*, identification_t *id, identification_t *next, char mk[HASH_SIZE_SHA1], u_int16_t counter))card_set_reauth;
this->public.card_get_reauth = (identification_t*(*)(sim_manager_t*, identification_t *id, char mk[HASH_SIZE_SHA1], u_int16_t *counter))card_get_reauth;
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
this->public.add_provider = (void(*)(sim_manager_t*, sim_provider_t *provider))add_provider;
this->public.remove_provider = (void(*)(sim_manager_t*, sim_provider_t *provider))remove_provider;
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
this->public.provider_get_triplet = (bool(*)(sim_manager_t*, identification_t *id, char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN]))provider_get_triplet;
Support variable RES length in AKA quintuplets
2009-11-12 09:27:50 +00:00
this->public.provider_get_quintuplet = (bool(*)(sim_manager_t*, identification_t *id, char rand[AKA_RAND_LEN], char xres[AKA_RES_MAX], int *xres_len, char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], char autn[AKA_AUTN_LEN]))provider_get_quintuplet;
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
this->public.provider_resync = (bool(*)(sim_manager_t*, identification_t *id, char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]))provider_resync;
this->public.provider_is_pseudonym = (identification_t*(*)(sim_manager_t*, identification_t *id))provider_is_pseudonym;
this->public.provider_gen_pseudonym = (identification_t*(*)(sim_manager_t*, identification_t *id))provider_gen_pseudonym;
this->public.provider_is_reauth = (identification_t*(*)(sim_manager_t*, identification_t *id, char mk[HASH_SIZE_SHA1], u_int16_t *counter))provider_is_reauth;
this->public.provider_gen_reauth = (identification_t*(*)(sim_manager_t*, identification_t *id, char mk[HASH_SIZE_SHA1]))provider_gen_reauth;
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
this->public.destroy = (void(*)(sim_manager_t*))destroy;
removed trailing spaces ([[:space:]]+$)
2009-09-04 11:46:09 +00:00
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
this->cards = linked_list_create();
Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
2009-10-29 13:56:45 +00:00
this->providers = linked_list_create();
removed trailing spaces ([[:space:]]+$)
2009-09-04 11:46:09 +00:00
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
return &this->public;
}