Use the EAP-SIM/AKA crypto helper in EAP-SIM
authorMartin Willi <martin@strongswan.org>
Wed, 21 Oct 2009 12:21:00 +0000 (14:21 +0200)
committerMartin Willi <martin@strongswan.org>
Thu, 12 Nov 2009 09:33:59 +0000 (10:33 +0100)
src/charon/plugins/eap_sim/eap_sim_peer.c
src/charon/plugins/eap_sim/eap_sim_server.c
src/libsimaka/simaka_message.c
src/libsimaka/simaka_message.h

index 78b7c9c..43abfda 100644 (file)
 #define KC_LEN 8
 /** length of SRES */
 #define SRES_LEN 4
-/** length of the k_encr key */
-#define KENCR_LEN 16
-/** length of the k_auth key */
-#define KAUTH_LEN 16
-/** length of the MSK */
-#define MSK_LEN 64
-/** length of the EMSK */
-#define EMSK_LEN 64
 
 typedef struct private_eap_sim_peer_t private_eap_sim_peer_t;
 
@@ -62,29 +54,9 @@ struct private_eap_sim_peer_t {
        identification_t *peer;
 
        /**
-        * RNG to create nonces, IVs
+        * EAP-SIM crypto helper
         */
-       rng_t *rng;
-
-       /**
-        * hashing function
-        */
-       hasher_t *hasher;
-
-       /**
-        * prf
-        */
-       prf_t *prf;
-
-       /**
-        * MAC function
-        */
-       signer_t *signer;
-
-       /**
-        * encryption function
-        */
-       crypter_t *crypter;
+       simaka_crypto_t *crypto;
 
        /**
         * how many times we try to authenticate
@@ -142,43 +114,6 @@ static bool get_card_triplet(private_eap_sim_peer_t *this,
 }
 
 /**
- * Derive EAP keys from kc when using full authentication
- */
-static void derive_keys_full(private_eap_sim_peer_t *this, chunk_t kcs)
-{
-       char mk[HASH_SIZE_SHA1], k_encr[KENCR_LEN], k_auth[KAUTH_LEN];
-       chunk_t tmp;
-       int i;
-
-       /* MK = SHA1(Identity|n*Kc|NONCE_MT|Version List|Selected Version) */
-       tmp = chunk_cata("ccccc", this->peer->get_encoding(this->peer),
-                                        kcs, this->nonce, this->version_list, version);
-       this->hasher->get_hash(this->hasher, tmp, mk);
-       DBG3(DBG_IKE, "MK = SHA1(%B\n) = %b", &tmp, mk, HASH_SIZE_SHA1);
-
-       /* K_encr | K_auth | MSK | EMSK = prf() | prf() | prf() | prf()
-        * We currently don't need EMSK, so three prf() are sufficient */
-       this->prf->set_key(this->prf, chunk_create(mk, HASH_SIZE_SHA1));
-       tmp = chunk_alloca(this->prf->get_block_size(this->prf) * 3);
-       for (i = 0; i < 3; i++)
-       {
-               this->prf->get_bytes(this->prf, chunk_empty, tmp.ptr + tmp.len / 3 * i);
-       }
-       memcpy(k_encr, tmp.ptr, KENCR_LEN);
-       tmp = chunk_skip(tmp, KENCR_LEN);
-       memcpy(k_auth, tmp.ptr, KAUTH_LEN);
-       tmp = chunk_skip(tmp, KAUTH_LEN);
-       free(this->msk.ptr);
-       this->msk = chunk_alloc(MSK_LEN);
-       memcpy(this->msk.ptr, tmp.ptr, MSK_LEN);
-       DBG3(DBG_IKE, "K_encr %b\nK_auth %b\nMSK %B",
-                k_encr, KENCR_LEN, k_auth, KAUTH_LEN, &this->msk);
-
-       this->signer->set_key(this->signer, chunk_create(k_auth, KAUTH_LEN));
-       this->crypter->set_key(this->crypter, chunk_create(k_encr, KENCR_LEN));
-}
-
-/**
  * Send a SIM_CLIENT_ERROR
  */
 static eap_payload_t* create_client_error(private_eap_sim_peer_t *this,
@@ -190,7 +125,7 @@ static eap_payload_t* create_client_error(private_eap_sim_peer_t *this,
        message = simaka_message_create(FALSE, identifier,
                                                                        EAP_SIM, SIM_CLIENT_ERROR);
        message->add_attribute(message, AT_CLIENT_ERROR_CODE, code);
-       out = message->generate(message, NULL, NULL, NULL, chunk_empty);
+       out = message->generate(message, this->crypto, chunk_empty);
        message->destroy(message);
        return out;
 }
@@ -205,6 +140,7 @@ static status_t process_start(private_eap_sim_peer_t *this,
        enumerator_t *enumerator;
        simaka_attribute_t type;
        chunk_t data;
+       rng_t *rng;
        bool supported = FALSE;
 
        enumerator = in->create_attribute_enumerator(in);
@@ -243,14 +179,15 @@ static status_t process_start(private_eap_sim_peer_t *this,
        }
 
        /* generate AT_NONCE_MT value */
+       rng = this->crypto->get_rng(this->crypto);
        free(this->nonce.ptr);
-       this->rng->allocate_bytes(this->rng, NONCE_LEN, &this->nonce);
+       rng->allocate_bytes(rng, NONCE_LEN, &this->nonce);
 
        message = simaka_message_create(FALSE, in->get_identifier(in),
                                                                        EAP_SIM, SIM_START);
        message->add_attribute(message, AT_SELECTED_VERSION, version);
        message->add_attribute(message, AT_NONCE_MT, this->nonce);
-       *out = message->generate(message, NULL, NULL, NULL, chunk_empty);
+       *out = message->generate(message, this->crypto, chunk_empty);
        message->destroy(message);
 
        return NEED_MORE;
@@ -321,10 +258,12 @@ static status_t process_challenge(private_eap_sim_peer_t *this,
                rands = chunk_skip(rands, RAND_LEN);
        }
 
-       derive_keys_full(this, kcs);
+       data = chunk_cata("cccc", kcs, this->nonce, this->version_list, version);
+       free(this->msk.ptr);
+       this->msk = this->crypto->derive_keys_full(this->crypto, this->peer, data);
 
        /* verify AT_MAC attribute, signature is over "EAP packet | NONCE_MT"  */
-       if (!in->verify(in, this->signer, this->nonce))
+       if (!in->verify(in, this->crypto, this->nonce))
        {
                DBG1(DBG_IKE, "AT_MAC verification failed");
                *out = create_client_error(this, in->get_identifier(in),
@@ -335,7 +274,7 @@ static status_t process_challenge(private_eap_sim_peer_t *this,
        /* build response with AT_MAC, built over "EAP packet | n*SRES" */
        message = simaka_message_create(FALSE, in->get_identifier(in),
                                                                        EAP_SIM, SIM_CHALLENGE);
-       *out = message->generate(message, NULL, NULL, this->signer, sreses);
+       *out = message->generate(message, this->crypto, sreses);
        message->destroy(message);
        return NEED_MORE;
 }
@@ -375,7 +314,7 @@ static status_t process_notification(private_eap_sim_peer_t *this,
        {       /* empty notification reply */
                message = simaka_message_create(FALSE, in->get_identifier(in),
                                                                                EAP_SIM, SIM_NOTIFICATION);
-               *out = message->generate(message, NULL, NULL, NULL, chunk_empty);
+               *out = message->generate(message, this->crypto, chunk_empty);
                message->destroy(message);
        }
        else
@@ -402,7 +341,7 @@ static status_t process(private_eap_sim_peer_t *this,
                                                                   client_error_general);
                return NEED_MORE;
        }
-       if (!message->parse(message, this->crypter))
+       if (!message->parse(message, this->crypto))
        {
                message->destroy(message);
                *out = create_client_error(this, in->get_identifier(in),
@@ -475,11 +414,7 @@ static bool is_mutual(private_eap_sim_peer_t *this)
 static void destroy(private_eap_sim_peer_t *this)
 {
        this->peer->destroy(this->peer);
-       DESTROY_IF(this->rng);
-       DESTROY_IF(this->hasher);
-       DESTROY_IF(this->prf);
-       DESTROY_IF(this->signer);
-       DESTROY_IF(this->crypter);
+       this->crypto->destroy(this->crypto);
        free(this->version_list.ptr);
        free(this->nonce.ptr);
        free(this->msk.ptr);
@@ -494,12 +429,6 @@ eap_sim_peer_t *eap_sim_peer_create(identification_t *server,
 {
        private_eap_sim_peer_t *this = malloc_thing(private_eap_sim_peer_t);
 
-       this->peer = peer->clone(peer);
-       this->tries = MAX_TRIES;
-       this->version_list = chunk_empty;
-       this->nonce = chunk_empty;
-       this->msk = chunk_empty;
-
        this->public.interface.initiate = (status_t(*)(eap_method_t*,eap_payload_t**))initiate;
        this->public.interface.process = (status_t(*)(eap_method_t*,eap_payload_t*,eap_payload_t**))process;
        this->public.interface.get_type = (eap_type_t(*)(eap_method_t*,u_int32_t*))get_type;
@@ -507,18 +436,18 @@ eap_sim_peer_t *eap_sim_peer_create(identification_t *server,
        this->public.interface.get_msk = (status_t(*)(eap_method_t*,chunk_t*))get_msk;
        this->public.interface.destroy = (void(*)(eap_method_t*))destroy;
 
-       this->rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
-       this->hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
-       this->prf = lib->crypto->create_prf(lib->crypto, PRF_FIPS_SHA1_160);
-       this->signer = lib->crypto->create_signer(lib->crypto, AUTH_HMAC_SHA1_128);
-       this->crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CBC, 16);
-       if (!this->rng || !this->hasher || !this->prf ||
-               !this->signer || !this->crypter)
+       this->crypto = simaka_crypto_create();
+       if (!this->crypto)
        {
-               DBG1(DBG_IKE, "unable to use EAP-SIM, missing algorithms");
-               destroy(this);
+               free(this);
                return NULL;
        }
+       this->peer = peer->clone(peer);
+       this->tries = MAX_TRIES;
+       this->version_list = chunk_empty;
+       this->nonce = chunk_empty;
+       this->msk = chunk_empty;
+
        return &this->public;
 }
 
index 9b9bc9d..4772610 100644 (file)
 #include <daemon.h>
 
 #include <simaka_message.h>
+#include <simaka_crypto.h>
 
 /* number of triplets for one authentication */
 #define TRIPLET_COUNT 3
 
-/** length of the AT_NONCE_MT/AT_NONCE_S nonce value */
-#define NONCE_LEN 16
 /** length of the AT_MAC value */
 #define MAC_LEN 16
 /** length of the AT_RAND value */
 #define KC_LEN 8
 /** length of SRES */
 #define SRES_LEN 4
-/** length of the k_encr key */
-#define KENCR_LEN 16
-/** length of the k_auth key */
-#define KAUTH_LEN 16
-/** length of the MSK */
-#define MSK_LEN 64
-/** length of the EMSK */
-#define EMSK_LEN 64
 
 typedef struct private_eap_sim_server_t private_eap_sim_server_t;
 
@@ -59,29 +50,9 @@ struct private_eap_sim_server_t {
        identification_t *peer;
 
        /**
-        * Random number generator for nonce, IVs
+        * EAP-SIM/AKA crypto helper
         */
-       rng_t *rng;
-
-       /**
-        * hashing function
-        */
-       hasher_t *hasher;
-
-       /**
-        * prf
-        */
-       prf_t *prf;
-
-       /**
-        * MAC function
-        */
-       signer_t *signer;
-
-       /**
-        * encryption function
-        */
-       crypter_t *crypter;
+       simaka_crypto_t *crypto;
 
        /**
         * unique EAP identifier
@@ -99,6 +70,9 @@ struct private_eap_sim_server_t {
        chunk_t msk;
 };
 
+/* version of SIM protocol we speak */
+static chunk_t version = chunk_from_chars(0x00,0x01);
+
 /**
  * Fetch a triplet from a provider
  */
@@ -126,44 +100,6 @@ static bool get_provider_triplet(private_eap_sim_server_t *this,
 }
 
 /**
- * Derive EAP keys from kc when using full authentication
- */
-static void derive_keys_full(private_eap_sim_server_t *this,
-                                                        chunk_t kcs, chunk_t nonce)
-{
-       char mk[HASH_SIZE_SHA1], k_encr[KENCR_LEN], k_auth[KAUTH_LEN];
-       chunk_t tmp;
-       int i;
-
-       /* MK = SHA1(Identity|n*Kc|NONCE_MT|Version List|Selected Version) */
-       tmp = chunk_cata("ccccc", this->peer->get_encoding(this->peer),
-                                        kcs, nonce, version, version);
-       this->hasher->get_hash(this->hasher, tmp, mk);
-       DBG3(DBG_IKE, "MK = SHA1(%B\n) = %b", &tmp, mk, HASH_SIZE_SHA1);
-
-       /* K_encr | K_auth | MSK | EMSK = prf() | prf() | prf() | prf()
-        * We currently don't need EMSK, so three prf() are sufficient */
-       this->prf->set_key(this->prf, chunk_create(mk, HASH_SIZE_SHA1));
-       tmp = chunk_alloca(this->prf->get_block_size(this->prf) * 3);
-       for (i = 0; i < 3; i++)
-       {
-               this->prf->get_bytes(this->prf, chunk_empty, tmp.ptr + tmp.len / 3 * i);
-       }
-       memcpy(k_encr, tmp.ptr, KENCR_LEN);
-       tmp = chunk_skip(tmp, KENCR_LEN);
-       memcpy(k_auth, tmp.ptr, KAUTH_LEN);
-       tmp = chunk_skip(tmp, KAUTH_LEN);
-       free(this->msk.ptr);
-       this->msk = chunk_alloc(MSK_LEN);
-       memcpy(this->msk.ptr, tmp.ptr, MSK_LEN);
-       DBG3(DBG_IKE, "K_encr %b\nK_auth %b\nMSK %B",
-                k_encr, KENCR_LEN, k_auth, KAUTH_LEN, &this->msk);
-
-       this->signer->set_key(this->signer, chunk_create(k_auth, KAUTH_LEN));
-       this->crypter->set_key(this->crypter, chunk_create(k_encr, KENCR_LEN));
-}
-
-/**
  * process an EAP-SIM/Response/Start message
  */
 static status_t process_start(private_eap_sim_server_t *this,
@@ -226,13 +162,15 @@ static status_t process_start(private_eap_sim_server_t *this,
        free(this->sreses.ptr);
        this->sreses = chunk_clone(sreses);
 
-       derive_keys_full(this, kcs, nonce);
+       data = chunk_cata("cccc", kcs, nonce, version, version);
+       free(this->msk.ptr);
+       this->msk = this->crypto->derive_keys_full(this->crypto, this->peer, data);
 
        /* build response with AT_MAC, built over "EAP packet | NONCE_MT" */
        message = simaka_message_create(TRUE, this->identifier++,
                                                                        EAP_SIM, SIM_CHALLENGE);
        message->add_attribute(message, AT_RAND, rands);
-       *out = message->generate(message, NULL, NULL, this->signer, nonce);
+       *out = message->generate(message, this->crypto, nonce);
        message->destroy(message);
        return NEED_MORE;
 }
@@ -256,7 +194,7 @@ static status_t process_challenge(private_eap_sim_server_t *this,
        enumerator->destroy(enumerator);
 
        /* verify AT_MAC attribute, signature is over "EAP packet | n*SRES"  */
-       if (!in->verify(in, this->signer, this->sreses))
+       if (!in->verify(in, this->crypto, this->sreses))
        {
                DBG1(DBG_IKE, "AT_MAC verification failed");
                return FAILED;
@@ -305,7 +243,7 @@ static status_t process(private_eap_sim_server_t *this,
        {
                return FAILED;
        }
-       if (!message->parse(message, this->crypter))
+       if (!message->parse(message, this->crypto))
        {
                message->destroy(message);
                return FAILED;
@@ -341,7 +279,7 @@ static status_t initiate(private_eap_sim_server_t *this, eap_payload_t **out)
        message = simaka_message_create(TRUE, this->identifier++,
                                                                        EAP_SIM, SIM_START);
        message->add_attribute(message, AT_VERSION_LIST, version);
-       *out = message->generate(message, NULL, NULL, NULL, chunk_empty);
+       *out = message->generate(message, this->crypto, chunk_empty);
        message->destroy(message);
        return NEED_MORE;
 }
@@ -381,12 +319,8 @@ static bool is_mutual(private_eap_sim_server_t *this)
  */
 static void destroy(private_eap_sim_server_t *this)
 {
+       this->crypto->destroy(this->crypto);
        this->peer->destroy(this->peer);
-       DESTROY_IF(this->rng);
-       DESTROY_IF(this->hasher);
-       DESTROY_IF(this->prf);
-       DESTROY_IF(this->signer);
-       DESTROY_IF(this->crypter);
        free(this->sreses.ptr);
        free(this->msk.ptr);
        free(this);
@@ -400,14 +334,6 @@ eap_sim_server_t *eap_sim_server_create(identification_t *server,
 {
        private_eap_sim_server_t *this = malloc_thing(private_eap_sim_server_t);
 
-       this->peer = peer->clone(peer);
-       this->sreses = chunk_empty;
-       this->msk = chunk_empty;
-       /* generate a non-zero identifier */
-       do {
-               this->identifier = random();
-       } while (!this->identifier);
-
        this->public.interface.initiate = (status_t(*)(eap_method_t*,eap_payload_t**))initiate;
        this->public.interface.process = (status_t(*)(eap_method_t*,eap_payload_t*,eap_payload_t**))process;
        this->public.interface.get_type = (eap_type_t(*)(eap_method_t*,u_int32_t*))get_type;
@@ -415,18 +341,20 @@ eap_sim_server_t *eap_sim_server_create(identification_t *server,
        this->public.interface.get_msk = (status_t(*)(eap_method_t*,chunk_t*))get_msk;
        this->public.interface.destroy = (void(*)(eap_method_t*))destroy;
 
-       this->rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
-       this->hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
-       this->prf = lib->crypto->create_prf(lib->crypto, PRF_FIPS_SHA1_160);
-       this->signer = lib->crypto->create_signer(lib->crypto, AUTH_HMAC_SHA1_128);
-       this->crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CBC, 16);
-       if (!this->rng || !this->hasher || !this->prf ||
-               !this->signer || !this->crypter)
+       this->crypto = simaka_crypto_create();
+       if (!this->crypto)
        {
-               DBG1(DBG_IKE, "unable to use EAP-SIM, missing algorithms");
-               destroy(this);
+               free(this);
                return NULL;
        }
+       this->peer = peer->clone(peer);
+       this->sreses = chunk_empty;
+       this->msk = chunk_empty;
+       /* generate a non-zero identifier */
+       do {
+               this->identifier = random();
+       } while (!this->identifier);
+
        return &this->public;
 }
 
index 84e9cea..182ffd1 100644 (file)
@@ -217,8 +217,8 @@ static void add_attribute(private_simaka_message_t *this,
 /**
  * Implementation of simaka_message_t.parse
  */
-static bool parse(private_simaka_message_t *this, crypter_t *crypter,
-                                 signer_t *signer, chunk_t sigdata)
+static bool parse(private_simaka_message_t *this, simaka_crypto_t *crypto,
+                                 chunk_t sigdata)
 {
        chunk_t in, iv = chunk_empty, encr = chunk_empty;
 
@@ -397,6 +397,7 @@ static bool parse(private_simaka_message_t *this, crypter_t *crypter,
        if (iv.len && encr.len)
        {
                bool success;
+               crypter_t *crypter;
 
                if (this->encrypted)
                {
@@ -404,6 +405,7 @@ static bool parse(private_simaka_message_t *this, crypter_t *crypter,
                                 eap_type_names, this->hdr->type);
                        return FALSE;
                }
+               crypter = crypto->get_crypter(crypto);
                if (!crypter)
                {
                        DBG1(DBG_IKE, "%N message contains unexpected encrypted data",
@@ -421,7 +423,7 @@ static bool parse(private_simaka_message_t *this, crypter_t *crypter,
                crypter->decrypt(crypter, encr, iv, NULL);
 
                this->encrypted = TRUE;
-               success = parse(this, NULL, NULL, chunk_empty);
+               success = parse(this, crypto, chunk_empty);
                this->encrypted = FALSE;
                return success;
        }
@@ -432,9 +434,12 @@ static bool parse(private_simaka_message_t *this, crypter_t *crypter,
  * Implementation of simaka_message_t.verify
  */
 static bool verify(private_simaka_message_t *this,
-                                  signer_t *signer, chunk_t sigdata)
+                                  simaka_crypto_t *crypto, chunk_t sigdata)
 {
        chunk_t data, backup;
+       signer_t *signer;
+
+       signer = crypto->get_signer(crypto);
 
        switch (this->hdr->subtype)
        {
@@ -502,8 +507,7 @@ static bool verify(private_simaka_message_t *this,
  * Implementation of simaka_message_t.generate
  */
 static eap_payload_t* generate(private_simaka_message_t *this,
-                                                          crypter_t *crypter, rng_t *rng,
-                                                          signer_t *signer, chunk_t sigdata)
+                                                          simaka_crypto_t *crypto, chunk_t sigdata)
 {
        /* buffers large enough for messages we generate */
        char out_buf[1024], encr_buf[512];
@@ -512,6 +516,7 @@ static eap_payload_t* generate(private_simaka_message_t *this,
        simaka_attribute_t type;
        attr_hdr_t *hdr;
        u_int16_t len;
+       signer_t *signer;
 
        out = chunk_create(out_buf, sizeof(out_buf));
        encr = chunk_create(encr_buf, sizeof(encr_buf));
@@ -640,7 +645,10 @@ static eap_payload_t* generate(private_simaka_message_t *this,
        {
                chunk_t iv;
                size_t bs;
+               crypter_t *crypter;
+               rng_t *rng;
 
+               crypter = crypto->get_crypter(crypto);
                encr = chunk_create(encr_buf, sizeof(encr_buf) - encr.len);
                bs = crypter->get_block_size(crypter);
 
@@ -651,6 +659,7 @@ static eap_payload_t* generate(private_simaka_message_t *this,
                memset(out.ptr + 2, 0, 2);
                out = chunk_skip(out, 4);
 
+               rng = crypto->get_rng(crypto);
                rng->get_bytes(rng, bs, out.ptr);
 
                iv = chunk_clonea(chunk_create(out.ptr, bs));
@@ -669,6 +678,7 @@ static eap_payload_t* generate(private_simaka_message_t *this,
        }
 
        /* include MAC ? */
+       signer = crypto->get_signer(crypto);
        switch (this->hdr->subtype)
        {
                case SIM_CHALLENGE:
@@ -750,9 +760,9 @@ static simaka_message_t *simaka_message_create_data(chunk_t data)
        this->public.get_subtype = (simaka_subtype_t(*)(simaka_message_t*))get_subtype;
        this->public.create_attribute_enumerator = (enumerator_t*(*)(simaka_message_t*))create_attribute_enumerator;
        this->public.add_attribute = (void(*)(simaka_message_t*, simaka_attribute_t type, chunk_t data))add_attribute;
-       this->public.parse = (bool(*)(simaka_message_t*, crypter_t *crypter))parse;
-       this->public.verify = (bool(*)(simaka_message_t*, signer_t *signer, chunk_t sigdata))verify;
-       this->public.generate = (eap_payload_t*(*)(simaka_message_t*, crypter_t *crypter, rng_t *rng, signer_t *signer, chunk_t sigdata))generate;
+       this->public.parse = (bool(*)(simaka_message_t*, simaka_crypto_t* crypto))parse;
+       this->public.verify = (bool(*)(simaka_message_t*, simaka_crypto_t* crypto, chunk_t sigdata))verify;
+       this->public.generate = (eap_payload_t*(*)(simaka_message_t*, simaka_crypto_t* crypto, chunk_t sigdata))generate;
        this->public.destroy = (void(*)(simaka_message_t*))destroy;
 
        this->attributes = linked_list_create();
index b7014e9..a09d72f 100644 (file)
 #ifndef SIMAKA_MESSAGE_H_
 #define SIMAKA_MESSAGE_H_
 
-#include <daemon.h>
 #include <enum.h>
+#include <daemon.h>
+
+#include "simaka_crypto.h"
 
 typedef struct simaka_message_t simaka_message_t;
 typedef enum simaka_attribute_t simaka_attribute_t;
@@ -147,31 +149,30 @@ struct simaka_message_t {
         * This method does not verify message integrity, as the key is available
         * only after the payload has been parsed.
         *
-        * @param crypter       crypter to decrypt AT_ENCR_DATA attribute
+        * @param crypto        EAP-SIM/AKA crypto helper
         * @return                      TRUE if message parsed successfully
         */
-       bool (*parse)(simaka_message_t *this, crypter_t *crypter);
+       bool (*parse)(simaka_message_t *this, simaka_crypto_t *crypto);
 
        /**
         * Verify the message integrity of a parsed message.
         *
-        * @param signer        signer to verify AT_MAC attribute
+        * @param crypto        EAP-SIM/AKA crypto helper
         * @param sigdata       additional data to include in signature, if any
         * @return                      TRUE if message integrity check successful
         */
-       bool (*verify)(simaka_message_t *this, signer_t *signer, chunk_t sigdata);
+       bool (*verify)(simaka_message_t *this, simaka_crypto_t *crypto,
+                                  chunk_t sigdata);
 
        /**
         * Generate a message, optionally encrypt attributes and create a MAC.
         *
-        * @param crypter       crypter to encrypt attributes requiring encryption
-        * @param rng           random number generator for IV
-        * @param signer        signer to create AT_MAC attribute
+        * @param crypto        EAP-SIM/AKA crypto helper
         * @param sigdata       additional data to include in signature, if any
         * @return                      generated eap payload, NULL if failed
         */
-       eap_payload_t* (*generate)(simaka_message_t *this, crypter_t *crypter,
-                                                          rng_t *rng, signer_t *signer, chunk_t sigdata);
+       eap_payload_t* (*generate)(simaka_message_t *this, simaka_crypto_t *crypto,
+                                                          chunk_t sigdata);
 
        /**
         * Destroy a simaka_message_t.