/* * hostapd / EAP-SIM database/authenticator gateway * Copyright (c) 2005-2008, 2012, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. */ #ifndef EAP_SIM_DB_H #define EAP_SIM_DB_H #include "eap_common/eap_sim_common.h" /* Identity prefixes */ #define EAP_SIM_PERMANENT_PREFIX '1' #define EAP_SIM_PSEUDONYM_PREFIX '3' #define EAP_SIM_REAUTH_ID_PREFIX '5' #define EAP_AKA_PERMANENT_PREFIX '0' #define EAP_AKA_PSEUDONYM_PREFIX '2' #define EAP_AKA_REAUTH_ID_PREFIX '4' #define EAP_AKA_PRIME_PERMANENT_PREFIX '6' #define EAP_AKA_PRIME_PSEUDONYM_PREFIX '7' #define EAP_AKA_PRIME_REAUTH_ID_PREFIX '8' enum eap_sim_db_method { EAP_SIM_DB_SIM, EAP_SIM_DB_AKA, EAP_SIM_DB_AKA_PRIME }; struct eap_sim_db_data; struct eap_sim_db_data * eap_sim_db_init(const char *config, void (*get_complete_cb)(void *ctx, void *session_ctx), void *ctx); void eap_sim_db_deinit(void *priv); int eap_sim_db_get_gsm_triplets(struct eap_sim_db_data *data, const char *username, int max_chal, u8 *_rand, u8 *kc, u8 *sres, void *cb_session_ctx); #define EAP_SIM_DB_FAILURE -1 #define EAP_SIM_DB_PENDING -2 char * eap_sim_db_get_next_pseudonym(struct eap_sim_db_data *data, enum eap_sim_db_method method); char * eap_sim_db_get_next_reauth_id(struct eap_sim_db_data *data, enum eap_sim_db_method method); int eap_sim_db_add_pseudonym(struct eap_sim_db_data *data, const char *permanent, char *pseudonym); int eap_sim_db_add_reauth(struct eap_sim_db_data *data, const char *permanent, char *reauth_id, u16 counter, const u8 *mk); int eap_sim_db_add_reauth_prime(struct eap_sim_db_data *data, const char *permanent, char *reauth_id, u16 counter, const u8 *k_encr, const u8 *k_aut, const u8 *k_re); const char * eap_sim_db_get_permanent(struct eap_sim_db_data *data, const char *pseudonym); struct eap_sim_reauth { struct eap_sim_reauth *next; char *permanent; /* Permanent username */ char *reauth_id; /* Fast re-authentication username */ u16 counter; u8 mk[EAP_SIM_MK_LEN]; u8 k_encr[EAP_SIM_K_ENCR_LEN]; u8 k_aut[EAP_AKA_PRIME_K_AUT_LEN]; u8 k_re[EAP_AKA_PRIME_K_RE_LEN]; }; struct eap_sim_reauth * eap_sim_db_get_reauth_entry(struct eap_sim_db_data *data, const char *reauth_id); void eap_sim_db_remove_reauth(struct eap_sim_db_data *data, struct eap_sim_reauth *reauth); int eap_sim_db_get_aka_auth(struct eap_sim_db_data *data, const char *username, u8 *_rand, u8 *autn, u8 *ik, u8 *ck, u8 *res, size_t *res_len, void *cb_session_ctx); int eap_sim_db_resynchronize(struct eap_sim_db_data *data, const char *username, const u8 *auts, const u8 *_rand); char * sim_get_username(const u8 *identity, size_t identity_len); #endif /* EAP_SIM_DB_H */