Classes | Defines | Functions
eap_sim_db.h File Reference
#include "eap_common/eap_sim_common.h"
Include dependency graph for eap_sim_db.h:

Go to the source code of this file.

Classes

struct  eap_sim_reauth

Defines

#define EAP_AKA_PERMANENT_PREFIX   '0'
#define EAP_AKA_PSEUDONYM_PREFIX   '2'
#define EAP_AKA_REAUTH_ID_PREFIX   '4'
#define EAP_SIM_DB_FAILURE   -1
#define EAP_SIM_DB_PENDING   -2
#define EAP_SIM_PERMANENT_PREFIX   '1'
#define EAP_SIM_PSEUDONYM_PREFIX   '3'
#define EAP_SIM_REAUTH_ID_PREFIX   '5'

Functions

int eap_sim_db_add_pseudonym (void *priv, const u8 *identity, size_t identity_len, char *pseudonym)
int eap_sim_db_add_reauth (void *priv, const u8 *identity, size_t identity_len, char *reauth_id, u16 counter, const u8 *mk)
int eap_sim_db_add_reauth_prime (void *priv, const u8 *identity, size_t identity_len, char *reauth_id, u16 counter, const u8 *k_encr, const u8 *k_aut, const u8 *k_re)
void eap_sim_db_deinit (void *priv)
int eap_sim_db_get_aka_auth (void *priv, const u8 *identity, size_t identity_len, u8 *_rand, u8 *autn, u8 *ik, u8 *ck, u8 *res, size_t *res_len, void *cb_session_ctx)
int eap_sim_db_get_gsm_triplets (void *priv, const u8 *identity, size_t identity_len, int max_chal, u8 *_rand, u8 *kc, u8 *sres, void *cb_session_ctx)
char * eap_sim_db_get_next_pseudonym (void *priv, int aka)
char * eap_sim_db_get_next_reauth_id (void *priv, int aka)
const u8 * eap_sim_db_get_permanent (void *priv, const u8 *identity, size_t identity_len, size_t *len)
struct eap_sim_reautheap_sim_db_get_reauth_entry (void *priv, const u8 *identity, size_t identity_len)
int eap_sim_db_identity_known (void *priv, const u8 *identity, size_t identity_len)
void * eap_sim_db_init (const char *config, void(*get_complete_cb)(void *ctx, void *session_ctx), void *ctx)
void eap_sim_db_remove_reauth (void *priv, struct eap_sim_reauth *reauth)
int eap_sim_db_resynchronize (void *priv, const u8 *identity, size_t identity_len, const u8 *auts, const u8 *_rand)

Define Documentation

#define EAP_AKA_PERMANENT_PREFIX   '0'

Definition at line 24 of file eap_sim_db.h.

#define EAP_AKA_PSEUDONYM_PREFIX   '2'

Definition at line 25 of file eap_sim_db.h.

#define EAP_AKA_REAUTH_ID_PREFIX   '4'

Definition at line 26 of file eap_sim_db.h.

#define EAP_SIM_DB_FAILURE   -1

Definition at line 39 of file eap_sim_db.h.

#define EAP_SIM_DB_PENDING   -2

Definition at line 40 of file eap_sim_db.h.

#define EAP_SIM_PERMANENT_PREFIX   '1'

Definition at line 21 of file eap_sim_db.h.

#define EAP_SIM_PSEUDONYM_PREFIX   '3'

Definition at line 22 of file eap_sim_db.h.

#define EAP_SIM_REAUTH_ID_PREFIX   '5'

Definition at line 23 of file eap_sim_db.h.


Function Documentation

int eap_sim_db_add_pseudonym ( void *  priv,
const u8 *  identity,
size_t  identity_len,
char *  pseudonym 
)

eap_sim_db_add_pseudonym - EAP-SIM DB: Add new pseudonym : Private data pointer from eap_sim_db_init() : Identity of the user (may be permanent identity or pseudonym) : Length of identity : Pseudonym for this user. This needs to be an allocated buffer, e.g., return value from eap_sim_db_get_next_pseudonym(). Caller must not free it. Returns: 0 on success, -1 on failure

This function adds a new pseudonym for EAP-SIM user. EAP-SIM DB is responsible of freeing pseudonym buffer once it is not needed anymore.

Definition at line 900 of file eap_sim_db.c.

int eap_sim_db_add_reauth ( void *  priv,
const u8 *  identity,
size_t  identity_len,
char *  reauth_id,
u16  counter,
const u8 *  mk 
)

eap_sim_db_add_reauth - EAP-SIM DB: Add new re-authentication entry : Private data pointer from eap_sim_db_init() : Identity of the user (may be permanent identity or pseudonym) : Length of identity : reauth_id for this user. This needs to be an allocated buffer, e.g., return value from eap_sim_db_get_next_reauth_id(). Caller must not free it. : AT_COUNTER value for fast re-authentication : 16-byte MK from the previous full authentication or NULL Returns: 0 on success, -1 on failure

This function adds a new re-authentication entry for an EAP-SIM user. EAP-SIM DB is responsible of freeing reauth_id buffer once it is not needed anymore.

Definition at line 1007 of file eap_sim_db.c.

int eap_sim_db_add_reauth_prime ( void *  priv,
const u8 *  identity,
size_t  identity_len,
char *  reauth_id,
u16  counter,
const u8 *  k_encr,
const u8 *  k_aut,
const u8 *  k_re 
)
void eap_sim_db_deinit ( void *  priv)

eap_sim_db_deinit - Deinitialize EAP-SIM DB/authentication gw interface : Private data pointer from eap_sim_db_init()

Definition at line 449 of file eap_sim_db.c.

int eap_sim_db_get_aka_auth ( void *  priv,
const u8 *  identity,
size_t  identity_len,
u8 *  _rand,
u8 *  autn,
u8 *  ik,
u8 *  ck,
u8 *  res,
size_t *  res_len,
void *  cb_session_ctx 
)

eap_sim_db_get_aka_auth - Get AKA authentication values : Private data pointer from eap_sim_db_init() : User name identity : Length of identity in bytes : Buffer for RAND value : Buffer for AUTN value : Buffer for IK value : Buffer for CK value : Buffer for RES value : Buffer for RES length : Session callback context for get_complete_cb() Returns: 0 on success, -1 (EAP_SIM_DB_FAILURE) on error (e.g., user not found), or -2 (EAP_SIM_DB_PENDING) if results are not yet available. In this case, the callback function registered with eap_sim_db_init() will be called once the results become available.

In most cases, the user name is '0' | IMSI, i.e., 0 followed by the IMSI in ASCII format.

When using an external server for AKA authentication, this function can always start a request and return EAP_SIM_DB_PENDING immediately if authentication triplets are not available. Once the authentication data are received, callback function registered with eap_sim_db_init() is called to notify EAP state machine to reprocess the message. This eap_sim_db_get_aka_auth() function will then be called again and the newly received triplets will then be given to the caller.

Definition at line 1174 of file eap_sim_db.c.

int eap_sim_db_get_gsm_triplets ( void *  priv,
const u8 *  identity,
size_t  identity_len,
int  max_chal,
u8 *  _rand,
u8 *  kc,
u8 *  sres,
void *  cb_session_ctx 
)

eap_sim_db_get_gsm_triplets - Get GSM triplets : Private data pointer from eap_sim_db_init() : User name identity : Length of identity in bytes : Maximum number of triplets : Buffer for RAND values : Buffer for Kc values : Buffer for SRES values : Session callback context for get_complete_cb() Returns: Number of triplets received (has to be less than or equal to max_chal), -1 (EAP_SIM_DB_FAILURE) on error (e.g., user not found), or -2 (EAP_SIM_DB_PENDING) if results are not yet available. In this case, the callback function registered with eap_sim_db_init() will be called once the results become available.

In most cases, the user name is '1' | IMSI, i.e., 1 followed by the IMSI in ASCII format.

When using an external server for GSM triplets, this function can always start a request and return EAP_SIM_DB_PENDING immediately if authentication triplets are not available. Once the triplets are received, callback function registered with eap_sim_db_init() is called to notify EAP state machine to reprocess the message. This eap_sim_db_get_gsm_triplets() function will then be called again and the newly received triplets will then be given to the caller.

Definition at line 547 of file eap_sim_db.c.

char* eap_sim_db_get_next_pseudonym ( void *  priv,
int  aka 
)

eap_sim_db_get_next_pseudonym - EAP-SIM DB: Get next pseudonym : Private data pointer from eap_sim_db_init() : Using EAP-AKA instead of EAP-SIM Returns: Next pseudonym (allocated string) or NULL on failure

This function is used to generate a pseudonym for EAP-SIM. The returned pseudonym is not added to database at this point; it will need to be added with eap_sim_db_add_pseudonym() once the authentication has been completed successfully. Caller is responsible for freeing the returned buffer.

Definition at line 859 of file eap_sim_db.c.

char* eap_sim_db_get_next_reauth_id ( void *  priv,
int  aka 
)

eap_sim_db_get_next_reauth_id - EAP-SIM DB: Get next reauth_id : Private data pointer from eap_sim_db_init() : Using EAP-AKA instead of EAP-SIM Returns: Next reauth_id (allocated string) or NULL on failure

This function is used to generate a fast re-authentication identity for EAP-SIM. The returned reauth_id is not added to database at this point; it will need to be added with eap_sim_db_add_reauth() once the authentication has been completed successfully. Caller is responsible for freeing the returned buffer.

Definition at line 879 of file eap_sim_db.c.

const u8* eap_sim_db_get_permanent ( void *  priv,
const u8 *  identity,
size_t  identity_len,
size_t *  len 
)

eap_sim_db_get_permanent - EAP-SIM DB: Get permanent identity : Private data pointer from eap_sim_db_init() : Identity of the user (may be permanent identity or pseudonym) : Length of identity : Buffer for length of the returned permanent identity Returns: Pointer to the permanent identity, or NULL if not found

Definition at line 1076 of file eap_sim_db.c.

struct eap_sim_reauth* eap_sim_db_get_reauth_entry ( void *  priv,
const u8 *  identity,
size_t  identity_len 
) [read]

eap_sim_db_get_reauth_entry - EAP-SIM DB: Get re-authentication entry : Private data pointer from eap_sim_db_init() : Identity of the user (may be permanent identity, pseudonym, or reauth_id) : Length of identity Returns: Pointer to the re-auth entry, or NULL if not found

Definition at line 1105 of file eap_sim_db.c.

int eap_sim_db_identity_known ( void *  priv,
const u8 *  identity,
size_t  identity_len 
)

eap_sim_db_identity_known - Verify whether the given identity is known : Private data pointer from eap_sim_db_init() : User name identity : Length of identity in bytes Returns: 0 if the user is found or -1 on failure

In most cases, the user name is ['0','1'] | IMSI, i.e., 1 followed by the IMSI in ASCII format, ['2','3'] | pseudonym, or ['4','5'] | reauth_id.

Definition at line 788 of file eap_sim_db.c.

void* eap_sim_db_init ( const char *  config,
void(*)(void *ctx, void *session_ctx)  get_complete_cb,
void *  ctx 
)

eap_sim_db_init - Initialize EAP-SIM DB / authentication gateway interface : Configuration data (e.g., file name) : Callback function for reporting availability of triplets : Context pointer for get_complete_cb Returns: Pointer to a private data structure or NULL on failure

Definition at line 397 of file eap_sim_db.c.

void eap_sim_db_remove_reauth ( void *  priv,
struct eap_sim_reauth reauth 
)

eap_sim_db_remove_reauth - EAP-SIM DB: Remove re-authentication entry : Private data pointer from eap_sim_db_init() : Pointer to re-authentication entry from eap_sim_db_get_reauth_entry()

Definition at line 1126 of file eap_sim_db.c.

int eap_sim_db_resynchronize ( void *  priv,
const u8 *  identity,
size_t  identity_len,
const u8 *  auts,
const u8 *  _rand 
)

eap_sim_db_resynchronize - Resynchronize AKA AUTN : Private data pointer from eap_sim_db_init() : User name identity : Length of identity in bytes : AUTS value from the peer : RAND value used in the rejected message Returns: 0 on success, -1 on failure

This function is called when the peer reports synchronization failure in the AUTN value by sending AUTS. The AUTS and RAND values should be sent to HLR/AuC to allow it to resynchronize with the peer. After this, eap_sim_db_get_aka_auth() will be called again to to fetch updated RAND/AUTN values for the next challenge.

Definition at line 1281 of file eap_sim_db.c.



wpa_supplicant
Author(s): Package maintained by Blaise Gassend
autogenerated on Thu Apr 24 2014 15:34:38