sim_provider_t API gained support for pseudonym/fast reauthentication
This commit is contained in:
parent
8f364b5433
commit
44e8eea17a
|
@ -187,6 +187,9 @@ eap_aka_3gpp2_provider_t *eap_aka_3gpp2_provider_create(
|
|||
this->public.provider.get_triplet = (bool(*)(sim_provider_t*, identification_t *imsi, char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN]))return_false;
|
||||
this->public.provider.get_quintuplet = (bool(*)(sim_provider_t*, identification_t *imsi, char rand[AKA_RAND_LEN], char xres[AKA_RES_LEN], char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], char autn[AKA_AUTN_LEN]))get_quintuplet;
|
||||
this->public.provider.resync = (bool(*)(sim_provider_t*, identification_t *imsi, char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]))resync;
|
||||
this->public.provider.gen_pseudonym = (identification_t*(*)(sim_provider_t*, identification_t *id))return_null;
|
||||
this->public.provider.is_reauth = (bool(*)(sim_provider_t*, identification_t *id, char [HASH_SIZE_SHA1], u_int16_t *counter))return_false;
|
||||
this->public.provider.gen_reauth = (identification_t*(*)(sim_provider_t*, identification_t *id, char mk[HASH_SIZE_SHA1]))return_null;
|
||||
this->public.destroy = (void(*)(eap_aka_3gpp2_provider_t*))destroy;
|
||||
|
||||
this->f = f;
|
||||
|
|
|
@ -79,6 +79,9 @@ eap_sim_file_provider_t *eap_sim_file_provider_create(
|
|||
this->public.provider.get_triplet = (bool(*)(sim_provider_t*, identification_t *imsi, char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN]))get_triplet;
|
||||
this->public.provider.get_quintuplet = (bool(*)(sim_provider_t*, identification_t *imsi, char rand[AKA_RAND_LEN], char xres[AKA_RES_LEN], char ck[AKA_CK_LEN], char ik[AKA_IK_LEN], char autn[AKA_AUTN_LEN]))return_false;
|
||||
this->public.provider.resync = (bool(*)(sim_provider_t*, identification_t *imsi, char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]))return_false;
|
||||
this->public.provider.gen_pseudonym = (identification_t*(*)(sim_provider_t*, identification_t *id))return_null;
|
||||
this->public.provider.is_reauth = (bool(*)(sim_provider_t*, identification_t *id, char [HASH_SIZE_SHA1], u_int16_t *counter))return_false;
|
||||
this->public.provider.gen_reauth = (identification_t*(*)(sim_provider_t*, identification_t *id, char mk[HASH_SIZE_SHA1]))return_null;
|
||||
this->public.destroy = (void(*)(eap_sim_file_provider_t*))destroy;
|
||||
|
||||
this->triplets = triplets;
|
||||
|
|
|
@ -146,11 +146,11 @@ struct sim_provider_t {
|
|||
/**
|
||||
* Create a challenge for SIM authentication.
|
||||
*
|
||||
* @param imsi client identity
|
||||
* @param rand RAND output buffer, fixed size 16 bytes
|
||||
* @param sres SRES output buffer, fixed size 4 byte
|
||||
* @param kc KC output buffer, fixed size 8 bytes
|
||||
* @return TRUE if triplet received, FALSE otherwise
|
||||
* @param imsi client identity
|
||||
* @param rand RAND output buffer, fixed size 16 bytes
|
||||
* @param sres SRES output buffer, fixed size 4 byte
|
||||
* @param kc KC output buffer, fixed size 8 bytes
|
||||
* @return TRUE if triplet received, FALSE otherwise
|
||||
*/
|
||||
bool (*get_triplet)(sim_provider_t *this, identification_t *imsi,
|
||||
char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN],
|
||||
|
@ -159,13 +159,13 @@ struct sim_provider_t {
|
|||
/**
|
||||
* Create a challenge for AKA authentication.
|
||||
*
|
||||
* @param imsi peer identity to create challenge for
|
||||
* @param rand buffer receiving random value rand
|
||||
* @param xres buffer receiving expected authentication result xres
|
||||
* @param ck buffer receiving encryption key ck
|
||||
* @param ik buffer receiving integrity key ik
|
||||
* @param autn authentication token autn
|
||||
* @return TRUE if quintuplet generated successfully
|
||||
* @param imsi peer identity to create challenge for
|
||||
* @param rand buffer receiving random value rand
|
||||
* @param xres buffer receiving expected authentication result xres
|
||||
* @param ck buffer receiving encryption key ck
|
||||
* @param ik buffer receiving integrity key ik
|
||||
* @param autn authentication token autn
|
||||
* @return TRUE if quintuplet generated successfully
|
||||
*/
|
||||
bool (*get_quintuplet)(sim_provider_t *this, identification_t *imsi,
|
||||
char rand[AKA_RAND_LEN], char xres[AKA_RES_LEN],
|
||||
|
@ -175,13 +175,43 @@ struct sim_provider_t {
|
|||
/**
|
||||
* Process AKA resynchroniusation request of a peer.
|
||||
*
|
||||
* @param imsi peer identity requesting resynchronisation
|
||||
* @param rand random value rand
|
||||
* @param auts synchronization parameter auts
|
||||
* @return TRUE if resynchronized successfully
|
||||
* @param imsi peer identity requesting resynchronisation
|
||||
* @param rand random value rand
|
||||
* @param auts synchronization parameter auts
|
||||
* @return TRUE if resynchronized successfully
|
||||
*/
|
||||
bool (*resync)(sim_provider_t *this, identification_t *imsi,
|
||||
char rand[AKA_RAND_LEN], char auts[AKA_AUTS_LEN]);
|
||||
|
||||
/**
|
||||
* Generate a pseudonym identitiy for a given peer identity.
|
||||
*
|
||||
* @param id peer identity to generate a pseudonym for
|
||||
* @return generated pseudonym, NULL to not use a pseudonym identity
|
||||
*/
|
||||
identification_t* (*gen_pseudonym)(sim_provider_t *this,
|
||||
identification_t *id);
|
||||
|
||||
/**
|
||||
* Check if peer uses reauthentication, retrieve parameters if so.
|
||||
*
|
||||
* @param id peer identity, candidate for a reauthentication identity
|
||||
* @param mk buffer receiving master key MK
|
||||
* @param counter pointer receiving current counter value, host order
|
||||
* @return TRUE if id is a fast reauthentication identity
|
||||
*/
|
||||
bool (*is_reauth)(sim_provider_t *this, identification_t *id,
|
||||
char mk[HASH_SIZE_SHA1], u_int16_t *counter);
|
||||
|
||||
/**
|
||||
* Generate a fast reauthentication identity, associated to a master key.
|
||||
*
|
||||
* @param id previously used reauthentication/pseudo/permanent id
|
||||
* @param mk master key to store to generated identity
|
||||
* @return fast reauthentication identity, NULL to not use reauth
|
||||
*/
|
||||
identification_t* (*gen_reauth)(sim_provider_t *this, identification_t *id,
|
||||
char mk[HASH_SIZE_SHA1]);
|
||||
};
|
||||
|
||||
/**
|
||||
|
|
Loading…
Reference in New Issue