jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
15081 commits 3 branches 0 tags 27 MiB
Commit graph

13 commits

Author SHA1 Message Date
Hai Shalom
4df4133917 EAP-SIM/AKA: Add support for anonymous@realm 
SIM-based EAP authentication with IMSI encryption requires a special EAP
Identity response: anonymous@realm. Then the server sends AKA-Identity
request which is answered with the encrypted IMSI. Add logic that
indicates if the special anonymous identity is used. Otherwise, this
field is used for storing the pseudonym.

Test: Connect to Carrier Wi-Fi, verify correct behavior from captures
Test: Connect to non IMSI encrypted EAP-AKA AP, verify pseudonym usage
Signed-off-by: Hai Shalom <haishalom@google.com>
 2019-05-31 16:52:15 +03:00
Jouni Malinen
b2b8a4cb10 EAP-SIM/AKA: Pass EAP type as argument to eap_sim_msg_finish() 
This makes it easier for static analyzers to figure out which code paths
are possible within eap_sim_msg_finish() for EAP-SIM. This will
hopefully avoid some false warnings (CID 68110, CID 68113, CID 68114).

Signed-off-by: Jouni Malinen <j@w1.fi>
 2014-07-02 12:38:47 +03:00
Jouni Malinen
0f3d578efc Remove the GPL notification from files contributed by Jouni Malinen 
Remove the GPL notification text from the files that were
initially contributed by myself.

Signed-hostap: Jouni Malinen <j@w1.fi>
 2012-02-11 19:39:36 +02:00
Jouni Malinen
1e5839e06f Rename EAP server defines from EAP_* to EAP_SERVER_* 
This allows separate set of EAP server and peer methods to be built into
a single binary.
 2009-03-25 12:06:19 +02:00
Jouni Malinen
a9d1364c5f Merged EAP-AKA' into eap_aka.c and added it to defconfig/ChangeLog 2008-12-07 19:24:56 +02:00
Jouni Malinen
01b0569437 Added protection against EAP-AKA' -> EAP-AKA bidding down attacks 
AT_BIDDING attribute is included in EAP-AKA/Challenge to allow peer to
know whether the server would have preferred EAP-AKA'.
 2008-12-05 22:25:47 +02:00
Jouni Malinen
a478ef0d12 EAP-AKA': Added CK',IK' derivation 
This is based on a change request 3GPP TS 33.402 CR 0033 for version
8.1.1. The hardcoded ANID is now 'WLAN' since that is used in
3GPP TS 24.302.
 2008-12-04 21:50:56 +02:00
Jouni Malinen
6ec4021c03 EAP-AKA': Added processing of AT_KDF and AT_KDF_INPUT attributes 
Network Name is not yet generated and validated based on 3GPP.33.402
(i.e., a hardcoded string is used in server and anything is accepted in
peer).
 2008-12-04 20:29:46 +02:00
Jouni Malinen
9881795e2c EAP-AKA': Derive keys using the new KDF (PRF') 2008-12-03 19:22:20 +02:00
Jouni Malinen
806f869918 EAP-AKA': Use HMAC-SHA-256-128 for AT_MAC 2008-12-02 21:29:26 +02:00
Jouni Malinen
f54e2c34bf EAP-AKA': Use SHA256 for AT_CHECKCODE 2008-12-02 21:05:38 +02:00
Jouni Malinen
04a5bad682 EAP-AKA: Validate RES Length field in AT_RES 
This change breaks interoperability with older wpa_supplicant versions
(everything up to and including wpa_supplicant 0.5.10 and 0.6.5) which
incorrectly used this field as number of bytes, not bits, in RES.
 2008-11-07 08:34:07 +02:00
Jouni Malinen
6fc6879bd5 Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00