Impemented basic pseudonym support in EAP-SIM
authorMartin Willi <martin@strongswan.org>
Mon, 26 Oct 2009 15:11:15 +0000 (16:11 +0100)
committerMartin Willi <martin@strongswan.org>
Thu, 12 Nov 2009 09:34:00 +0000 (10:34 +0100)
src/charon/plugins/eap_sim/eap_sim_peer.c
src/charon/plugins/eap_sim/eap_sim_server.c

index 843aa53..b9b2aa4 100644 (file)
@@ -43,7 +43,12 @@ struct private_eap_sim_peer_t {
        /**
         * permanent ID of peer
         */
-       identification_t *peer;
+       identification_t *permanent;
+
+       /**
+        * Pseudonym identity the peer uses
+        */
+       identification_t *pseudonym;
 
        /**
         * EAP-SIM crypto helper
@@ -77,8 +82,8 @@ static chunk_t version = chunk_from_chars(0x00,0x01);
 /**
  * Read a triplet from the SIM card
  */
-static bool get_card_triplet(private_eap_sim_peer_t *this,
-                                                        char *rand, char *sres, char *kc)
+static bool get_triplet(private_eap_sim_peer_t *this, identification_t *peer,
+                                               char *rand, char *sres, char *kc)
 {
        enumerator_t *enumerator;
        sim_card_t *card;
@@ -87,7 +92,7 @@ static bool get_card_triplet(private_eap_sim_peer_t *this,
        enumerator = charon->sim->create_card_enumerator(charon->sim);
        while (enumerator->enumerate(enumerator, &card))
        {
-               if (card->get_triplet(card, this->peer, rand, sres, kc))
+               if (card->get_triplet(card, peer, rand, sres, kc))
                {
                        success = TRUE;
                        break;
@@ -96,12 +101,58 @@ static bool get_card_triplet(private_eap_sim_peer_t *this,
        enumerator->destroy(enumerator);
        if (!success)
        {
-               DBG1(DBG_IKE, "no SIM card found with triplets for '%Y'", this->peer);
+               DBG1(DBG_IKE, "no SIM card found with triplets for '%Y'", peer);
        }
        return success;
 }
 
 /**
+ * Find a stored pseudonym on a SIM card
+ */
+static identification_t *get_pseudonym(private_eap_sim_peer_t *this)
+{
+       enumerator_t *enumerator;
+       sim_card_t *card;
+       identification_t *pseudonym = NULL;
+
+       enumerator = charon->sim->create_card_enumerator(charon->sim);
+       while (enumerator->enumerate(enumerator, &card))
+       {
+               pseudonym = card->get_pseudonym(card, this->permanent);
+               if (pseudonym)
+               {
+                       DBG1(DBG_IKE, "using stored pseudonym identity '%Y' "
+                                "instead of '%Y'", pseudonym, this->permanent);
+                       break;
+               }
+       }
+       enumerator->destroy(enumerator);
+       return pseudonym;
+}
+
+/**
+ * Store a pseudonym in a SIM card
+ */
+static void set_pseudonym(private_eap_sim_peer_t *this, chunk_t data)
+{
+       enumerator_t *enumerator;
+       sim_card_t *card;
+       identification_t *pseudonym;
+       char buf[data.len + 1];
+
+       snprintf(buf, sizeof(buf), "%.*s", data.len, data.ptr);
+       pseudonym = identification_create_from_string(buf);
+       DBG1(DBG_IKE, "received pseudonym '%Y' for next authentication", pseudonym);
+       enumerator = charon->sim->create_card_enumerator(charon->sim);
+       while (enumerator->enumerate(enumerator, &card))
+       {
+               card->set_pseudonym(card, this->permanent, pseudonym);
+       }
+       enumerator->destroy(enumerator);
+       pseudonym->destroy(pseudonym);
+}
+
+/**
  * Create a SIM_CLIENT_ERROR
  */
 static eap_payload_t* create_client_error(private_eap_sim_peer_t *this,
@@ -132,9 +183,10 @@ static status_t process_start(private_eap_sim_peer_t *this,
        simaka_message_t *message;
        enumerator_t *enumerator;
        simaka_attribute_t type;
-       chunk_t data;
+       chunk_t data, id;
        rng_t *rng;
        bool supported = FALSE;
+       simaka_attribute_t id_req = 0;
 
        enumerator = in->create_attribute_enumerator(in);
        while (enumerator->enumerate(enumerator, &type, &data))
@@ -155,6 +207,11 @@ static status_t process_start(private_eap_sim_peer_t *this,
                                }
                                break;
                        }
+                       case AT_ANY_ID_REQ:
+                       case AT_FULLAUTH_ID_REQ:
+                       case AT_PERMANENT_ID_REQ:
+                               id_req = type;
+                               break;
                        default:
                                if (!simaka_attribute_skippable(type))
                                {
@@ -176,6 +233,26 @@ static status_t process_start(private_eap_sim_peer_t *this,
                return NEED_MORE;
        }
 
+       switch (id_req)
+       {
+               case AT_ANY_ID_REQ:
+                       /* TODO: reauth handling */
+               case AT_FULLAUTH_ID_REQ:
+                       DESTROY_IF(this->pseudonym);
+                       this->pseudonym = get_pseudonym(this);
+                       if (this->pseudonym)
+                       {
+                               id = this->pseudonym->get_encoding(this->pseudonym);
+                               break;
+                       }
+                       /* FALL */
+               case AT_PERMANENT_ID_REQ:
+                       id = this->permanent->get_encoding(this->permanent);
+                       break;
+               default:
+                       break;
+       }
+
        /* generate AT_NONCE_MT value */
        rng = this->crypto->get_rng(this->crypto);
        free(this->nonce.ptr);
@@ -185,6 +262,10 @@ static status_t process_start(private_eap_sim_peer_t *this,
                                                                        SIM_START, this->crypto);
        message->add_attribute(message, AT_SELECTED_VERSION, version);
        message->add_attribute(message, AT_NONCE_MT, this->nonce);
+       if (id.len)
+       {
+               message->add_attribute(message, AT_IDENTITY, id);
+       }
        *out = message->generate(message, chunk_empty);
        message->destroy(message);
 
@@ -201,6 +282,7 @@ static status_t process_challenge(private_eap_sim_peer_t *this,
        enumerator_t *enumerator;
        simaka_attribute_t type;
        chunk_t data, rands = chunk_empty, kcs, kc, sreses, sres;
+       identification_t *peer;
 
        if (this->tries-- <= 0)
        {
@@ -230,6 +312,12 @@ static status_t process_challenge(private_eap_sim_peer_t *this,
        }
        enumerator->destroy(enumerator);
 
+       peer = this->permanent;
+       if (this->pseudonym)
+       {
+               peer = this->pseudonym;
+       }
+
        /* excepting two or three RAND, each 16 bytes. We require two valid
         * and different RANDs */
        if ((rands.len != 2 * SIM_RAND_LEN && rands.len != 3 * SIM_RAND_LEN) ||
@@ -245,7 +333,7 @@ static status_t process_challenge(private_eap_sim_peer_t *this,
        sreses = sres = chunk_alloca(rands.len / 4);
        while (rands.len >= SIM_RAND_LEN)
        {
-               if (!get_card_triplet(this, rands.ptr, sres.ptr, kc.ptr))
+               if (!get_triplet(this, peer, rands.ptr, sres.ptr, kc.ptr))
                {
                        DBG1(DBG_IKE, "unable to get EAP-SIM triplet");
                        *out = create_client_error(this, in->get_identifier(in),
@@ -261,17 +349,31 @@ static status_t process_challenge(private_eap_sim_peer_t *this,
 
        data = chunk_cata("cccc", kcs, this->nonce, this->version_list, version);
        free(this->msk.ptr);
-       this->msk = this->crypto->derive_keys_full(this->crypto, this->peer, data);
+       this->msk = this->crypto->derive_keys_full(this->crypto, peer, data);
 
-       /* verify AT_MAC attribute, signature is over "EAP packet | NONCE_MT"  */
-       if (!in->verify(in, this->nonce))
+       /* Verify AT_MAC attribute, signature is over "EAP packet | NONCE_MT", and
+        * parse() again after key derivation, reading encrypted attributes */
+       if (!in->verify(in, this->nonce) || !in->parse(in))
        {
-               DBG1(DBG_IKE, "AT_MAC verification failed");
                *out = create_client_error(this, in->get_identifier(in),
                                                                   SIM_UNABLE_TO_PROCESS);
                return NEED_MORE;
        }
 
+       enumerator = in->create_attribute_enumerator(in);
+       while (enumerator->enumerate(enumerator, &type, &data))
+       {
+               switch (type)
+               {
+                       case AT_NEXT_PSEUDONYM:
+                               set_pseudonym(this, data);
+                               break;
+                       default:
+                               break;
+               }
+       }
+       enumerator->destroy(enumerator);
+
        /* build response with AT_MAC, built over "EAP packet | n*SRES" */
        message = simaka_message_create(FALSE, in->get_identifier(in), EAP_SIM,
                                                                        SIM_CHALLENGE, this->crypto);
@@ -428,7 +530,8 @@ static bool is_mutual(private_eap_sim_peer_t *this)
  */
 static void destroy(private_eap_sim_peer_t *this)
 {
-       this->peer->destroy(this->peer);
+       this->permanent->destroy(this->permanent);
+       DESTROY_IF(this->pseudonym);
        this->crypto->destroy(this->crypto);
        free(this->version_list.ptr);
        free(this->nonce.ptr);
@@ -457,7 +560,8 @@ eap_sim_peer_t *eap_sim_peer_create(identification_t *server,
                free(this);
                return NULL;
        }
-       this->peer = peer->clone(peer);
+       this->permanent = peer->clone(peer);
+       this->pseudonym = NULL;
        this->tries = MAX_TRIES;
        this->version_list = chunk_empty;
        this->nonce = chunk_empty;
index d3f438e..3ecbdfe 100644 (file)
@@ -38,7 +38,7 @@ struct private_eap_sim_server_t {
        /**
         * permanent ID of peer
         */
-       identification_t *peer;
+       identification_t *permanent;
 
        /**
         * EAP-SIM/AKA crypto helper
@@ -61,6 +61,21 @@ struct private_eap_sim_server_t {
        chunk_t msk;
 
        /**
+        * Do we request fast reauthentication?
+        */
+       bool use_reauth;
+
+       /**
+        * Do we request pseudonym identities?
+        */
+       bool use_pseudonym;
+
+       /**
+        * Do we request permanent identities?
+        */
+       bool use_permanent;
+
+       /**
         * EAP-SIM message we have initiated
         */
        simaka_subtype_t pending;
@@ -72,8 +87,8 @@ static chunk_t version = chunk_from_chars(0x00,0x01);
 /**
  * Fetch a triplet from a provider
  */
-static bool get_provider_triplet(private_eap_sim_server_t *this,
-                                                                char *rand, char *sres, char *kc)
+static bool get_triplet(private_eap_sim_server_t *this, identification_t *peer,
+                                               char *rand, char *sres, char *kc)
 {
        enumerator_t *enumerator;
        sim_provider_t *provider;
@@ -82,7 +97,7 @@ static bool get_provider_triplet(private_eap_sim_server_t *this,
        enumerator = charon->sim->create_provider_enumerator(charon->sim);
        while (enumerator->enumerate(enumerator, &provider))
        {
-               if (provider->get_triplet(provider, this->peer, rand, sres, kc))
+               if (provider->get_triplet(provider, peer, rand, sres, kc))
                {
                        enumerator->destroy(enumerator);
                        return TRUE;
@@ -91,11 +106,33 @@ static bool get_provider_triplet(private_eap_sim_server_t *this,
        }
        enumerator->destroy(enumerator);
        DBG1(DBG_IKE, "tried %d SIM providers, but none had a triplet for '%Y'",
-                tried, this->peer);
+                tried, peer);
        return FALSE;
 }
 
 /**
+ * Generate a new pseudonym for next authentication
+ */
+static identification_t* gen_pseudonym(private_eap_sim_server_t *this)
+{
+       enumerator_t *enumerator;
+       sim_provider_t *provider;
+       identification_t *pseudonym = NULL;
+
+       enumerator = charon->sim->create_provider_enumerator(charon->sim);
+       while (enumerator->enumerate(enumerator, &provider))
+       {
+               pseudonym = provider->gen_pseudonym(provider, this->permanent);
+               if (pseudonym)
+               {
+                       break;
+               }
+       }
+       enumerator->destroy(enumerator);
+       return pseudonym;
+}
+
+/**
  * process an EAP-SIM/Response/Start message
  */
 static status_t process_start(private_eap_sim_server_t *this,
@@ -104,8 +141,10 @@ static status_t process_start(private_eap_sim_server_t *this,
        simaka_message_t *message;
        enumerator_t *enumerator;
        simaka_attribute_t type;
-       chunk_t data, rands, rand, kcs, kc, sreses, sres, nonce = chunk_empty;
+       chunk_t data, id = chunk_empty, nonce = chunk_empty;
+       chunk_t rands, rand, kcs, kc, sreses, sres;
        bool supported = FALSE;
+       identification_t *peer = NULL, *pseudonym;
        int i;
 
        if (this->pending != SIM_START)
@@ -129,6 +168,9 @@ static status_t process_start(private_eap_sim_server_t *this,
                                        supported = TRUE;
                                }
                                break;
+                       case AT_IDENTITY:
+                               id = data;
+                               break;
                        default:
                                if (!simaka_attribute_skippable(type))
                                {
@@ -146,6 +188,26 @@ static status_t process_start(private_eap_sim_server_t *this,
                return FAILED;
        }
 
+       if (id.len)
+       {
+               if (this->use_reauth)
+               {
+                       /* TODO: handle reauthentication identity */
+               }
+               if (this->use_pseudonym || this->use_permanent)
+               {
+                       char buf[id.len + 1];
+
+                       snprintf(buf, sizeof(buf), "%.*s", id.len, id.ptr);
+                       peer = identification_create_from_string(buf);
+                       DBG1(DBG_CFG, "received (pseudonym) identity '%Y'", peer);
+               }
+       }
+       if (!peer)
+       {
+               peer = this->permanent->clone(this->permanent);
+       }
+
        /* read triplets from provider */
        rand = rands = chunk_alloca(SIM_RAND_LEN * TRIPLET_COUNT);
        kc = kcs = chunk_alloca(SIM_KC_LEN * TRIPLET_COUNT);
@@ -153,9 +215,9 @@ static status_t process_start(private_eap_sim_server_t *this,
        rands.len = kcs.len = sreses.len = 0;
        for (i = 0; i < TRIPLET_COUNT; i++)
        {
-               if (!get_provider_triplet(this, rand.ptr, sres.ptr, kc.ptr))
+               if (!get_triplet(this, peer, rand.ptr, sres.ptr, kc.ptr))
                {
-                       DBG1(DBG_IKE, "getting EAP-SIM triplet %d failed", i);
+                       peer->destroy(peer);
                        return FAILED;
                }
                rands.len += SIM_RAND_LEN;
@@ -170,12 +232,25 @@ static status_t process_start(private_eap_sim_server_t *this,
 
        data = chunk_cata("cccc", kcs, nonce, version, version);
        free(this->msk.ptr);
-       this->msk = this->crypto->derive_keys_full(this->crypto, this->peer, data);
+       this->msk = this->crypto->derive_keys_full(this->crypto, peer, data);
+       peer->destroy(peer);
 
        /* build response with AT_MAC, built over "EAP packet | NONCE_MT" */
        message = simaka_message_create(TRUE, this->identifier++, EAP_SIM,
                                                                        SIM_CHALLENGE, this->crypto);
        message->add_attribute(message, AT_RAND, rands);
+       if (this->use_pseudonym)
+       {
+               /* generate new pseudonym for next authentication */
+               pseudonym = gen_pseudonym(this);
+               if (peer)
+               {
+                       DBG1(DBG_IKE, "proposing new pseudonym '%Y'", pseudonym);
+                       message->add_attribute(message, AT_NEXT_PSEUDONYM,
+                                                                  pseudonym->get_encoding(pseudonym));
+                       pseudonym->destroy(pseudonym);
+               }
+       }
        *out = message->generate(message, nonce);
        message->destroy(message);
 
@@ -300,6 +375,18 @@ static status_t initiate(private_eap_sim_server_t *this, eap_payload_t **out)
        message = simaka_message_create(TRUE, this->identifier++, EAP_SIM,
                                                                        SIM_START, this->crypto);
        message->add_attribute(message, AT_VERSION_LIST, version);
+       if (this->use_reauth)
+       {
+               message->add_attribute(message, AT_ANY_ID_REQ, chunk_empty);
+       }
+       else if (this->use_pseudonym)
+       {
+               message->add_attribute(message, AT_FULLAUTH_ID_REQ, chunk_empty);
+       }
+       else if (this->use_permanent)
+       {
+               message->add_attribute(message, AT_PERMANENT_ID_REQ, chunk_empty);
+       }
        *out = message->generate(message, chunk_empty);
        message->destroy(message);
 
@@ -343,7 +430,7 @@ static bool is_mutual(private_eap_sim_server_t *this)
 static void destroy(private_eap_sim_server_t *this)
 {
        this->crypto->destroy(this->crypto);
-       this->peer->destroy(this->peer);
+       this->permanent->destroy(this->permanent);
        free(this->sreses.ptr);
        free(this->msk.ptr);
        free(this);
@@ -370,10 +457,16 @@ eap_sim_server_t *eap_sim_server_create(identification_t *server,
                free(this);
                return NULL;
        }
-       this->peer = peer->clone(peer);
+       this->permanent = peer->clone(peer);
        this->sreses = chunk_empty;
        this->msk = chunk_empty;
        this->pending = 0;
+       this->use_reauth = lib->settings->get_bool(lib->settings,
+                                                               "charon.plugins.eap-sim.use_reauth", TRUE);
+       this->use_pseudonym = lib->settings->get_bool(lib->settings,
+                                                               "charon.plugins.eap-sim.use_pseudonym", TRUE);
+       this->use_permanent = lib->settings->get_bool(lib->settings,
+                                                               "charon.plugins.eap-sim.use_permanent", TRUE);
        /* generate a non-zero identifier */
        do {
                this->identifier = random();