1 /*
2 * EAP peer method: LEAP
3 * Copyright (c) 2004-2007, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 */
14
15 #include "includes.h"
16
17 #include "common.h"
18 #include "eap_i.h"
19 #include "crypto/ms_funcs.h"
20 #include "crypto/crypto.h"
21
22 #define LEAP_VERSION 1
23 #define LEAP_CHALLENGE_LEN 8
24 #define LEAP_RESPONSE_LEN 24
25 #define LEAP_KEY_LEN 16
26
27
28 struct eap_leap_data {
29 enum {
30 LEAP_WAIT_CHALLENGE,
31 LEAP_WAIT_SUCCESS,
32 LEAP_WAIT_RESPONSE,
33 LEAP_DONE
34 } state;
35
36 u8 peer_challenge[LEAP_CHALLENGE_LEN];
37 u8 peer_response[LEAP_RESPONSE_LEN];
38
39 u8 ap_challenge[LEAP_CHALLENGE_LEN];
40 u8 ap_response[LEAP_RESPONSE_LEN];
41 };
42
43
eap_leap_init(struct eap_sm * sm)44 static void * eap_leap_init(struct eap_sm *sm)
45 {
46 struct eap_leap_data *data;
47
48 data = os_zalloc(sizeof(*data));
49 if (data == NULL)
50 return NULL;
51 data->state = LEAP_WAIT_CHALLENGE;
52
53 sm->leap_done = FALSE;
54 return data;
55 }
56
57
eap_leap_deinit(struct eap_sm * sm,void * priv)58 static void eap_leap_deinit(struct eap_sm *sm, void *priv)
59 {
60 os_free(priv);
61 }
62
63
eap_leap_process_request(struct eap_sm * sm,void * priv,struct eap_method_ret * ret,const struct wpabuf * reqData)64 static struct wpabuf * eap_leap_process_request(struct eap_sm *sm, void *priv,
65 struct eap_method_ret *ret,
66 const struct wpabuf *reqData)
67 {
68 struct eap_leap_data *data = priv;
69 struct wpabuf *resp;
70 const u8 *pos, *challenge, *identity, *password;
71 u8 challenge_len, *rpos;
72 size_t identity_len, password_len, len;
73 int pwhash;
74
75 wpa_printf(MSG_DEBUG, "EAP-LEAP: Processing EAP-Request");
76
77 identity = eap_get_config_identity(sm, &identity_len);
78 password = eap_get_config_password2(sm, &password_len, &pwhash);
79 if (identity == NULL || password == NULL)
80 return NULL;
81
82 pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_LEAP, reqData, &len);
83 if (pos == NULL || len < 3) {
84 wpa_printf(MSG_INFO, "EAP-LEAP: Invalid EAP-Request frame");
85 ret->ignore = TRUE;
86 return NULL;
87 }
88
89 if (*pos != LEAP_VERSION) {
90 wpa_printf(MSG_WARNING, "EAP-LEAP: Unsupported LEAP version "
91 "%d", *pos);
92 ret->ignore = TRUE;
93 return NULL;
94 }
95 pos++;
96
97 pos++; /* skip unused byte */
98
99 challenge_len = *pos++;
100 if (challenge_len != LEAP_CHALLENGE_LEN || challenge_len > len - 3) {
101 wpa_printf(MSG_INFO, "EAP-LEAP: Invalid challenge "
102 "(challenge_len=%d reqDataLen=%lu)",
103 challenge_len, (unsigned long) wpabuf_len(reqData));
104 ret->ignore = TRUE;
105 return NULL;
106 }
107 challenge = pos;
108 os_memcpy(data->peer_challenge, challenge, LEAP_CHALLENGE_LEN);
109 wpa_hexdump(MSG_MSGDUMP, "EAP-LEAP: Challenge from AP",
110 challenge, LEAP_CHALLENGE_LEN);
111
112 wpa_printf(MSG_DEBUG, "EAP-LEAP: Generating Challenge Response");
113
114 resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_LEAP,
115 3 + LEAP_RESPONSE_LEN + identity_len,
116 EAP_CODE_RESPONSE, eap_get_id(reqData));
117 if (resp == NULL)
118 return NULL;
119 wpabuf_put_u8(resp, LEAP_VERSION);
120 wpabuf_put_u8(resp, 0); /* unused */
121 wpabuf_put_u8(resp, LEAP_RESPONSE_LEN);
122 rpos = wpabuf_put(resp, LEAP_RESPONSE_LEN);
123 if (pwhash)
124 challenge_response(challenge, password, rpos);
125 else
126 nt_challenge_response(challenge, password, password_len, rpos);
127 os_memcpy(data->peer_response, rpos, LEAP_RESPONSE_LEN);
128 wpa_hexdump(MSG_MSGDUMP, "EAP-LEAP: Response",
129 rpos, LEAP_RESPONSE_LEN);
130 wpabuf_put_data(resp, identity, identity_len);
131
132 data->state = LEAP_WAIT_SUCCESS;
133
134 return resp;
135 }
136
137
eap_leap_process_success(struct eap_sm * sm,void * priv,struct eap_method_ret * ret,const struct wpabuf * reqData)138 static struct wpabuf * eap_leap_process_success(struct eap_sm *sm, void *priv,
139 struct eap_method_ret *ret,
140 const struct wpabuf *reqData)
141 {
142 struct eap_leap_data *data = priv;
143 struct wpabuf *resp;
144 u8 *pos;
145 const u8 *identity;
146 size_t identity_len;
147
148 wpa_printf(MSG_DEBUG, "EAP-LEAP: Processing EAP-Success");
149
150 identity = eap_get_config_identity(sm, &identity_len);
151 if (identity == NULL)
152 return NULL;
153
154 if (data->state != LEAP_WAIT_SUCCESS) {
155 wpa_printf(MSG_INFO, "EAP-LEAP: EAP-Success received in "
156 "unexpected state (%d) - ignored", data->state);
157 ret->ignore = TRUE;
158 return NULL;
159 }
160
161 resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_LEAP,
162 3 + LEAP_CHALLENGE_LEN + identity_len,
163 EAP_CODE_REQUEST, eap_get_id(reqData));
164 if (resp == NULL)
165 return NULL;
166 wpabuf_put_u8(resp, LEAP_VERSION);
167 wpabuf_put_u8(resp, 0); /* unused */
168 wpabuf_put_u8(resp, LEAP_CHALLENGE_LEN);
169 pos = wpabuf_put(resp, LEAP_CHALLENGE_LEN);
170 if (os_get_random(pos, LEAP_CHALLENGE_LEN)) {
171 wpa_printf(MSG_WARNING, "EAP-LEAP: Failed to read random data "
172 "for challenge");
173 wpabuf_free(resp);
174 ret->ignore = TRUE;
175 return NULL;
176 }
177 os_memcpy(data->ap_challenge, pos, LEAP_CHALLENGE_LEN);
178 wpa_hexdump(MSG_MSGDUMP, "EAP-LEAP: Challenge to AP/AS", pos,
179 LEAP_CHALLENGE_LEN);
180 wpabuf_put_data(resp, identity, identity_len);
181
182 data->state = LEAP_WAIT_RESPONSE;
183
184 return resp;
185 }
186
187
eap_leap_process_response(struct eap_sm * sm,void * priv,struct eap_method_ret * ret,const struct wpabuf * reqData)188 static struct wpabuf * eap_leap_process_response(struct eap_sm *sm, void *priv,
189 struct eap_method_ret *ret,
190 const struct wpabuf *reqData)
191 {
192 struct eap_leap_data *data = priv;
193 const u8 *pos, *password;
194 u8 response_len, pw_hash[16], pw_hash_hash[16],
195 expected[LEAP_RESPONSE_LEN];
196 size_t password_len, len;
197 int pwhash;
198
199 wpa_printf(MSG_DEBUG, "EAP-LEAP: Processing EAP-Response");
200
201 password = eap_get_config_password2(sm, &password_len, &pwhash);
202 if (password == NULL)
203 return NULL;
204
205 pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_LEAP, reqData, &len);
206 if (pos == NULL || len < 3) {
207 wpa_printf(MSG_INFO, "EAP-LEAP: Invalid EAP-Response frame");
208 ret->ignore = TRUE;
209 return NULL;
210 }
211
212 if (*pos != LEAP_VERSION) {
213 wpa_printf(MSG_WARNING, "EAP-LEAP: Unsupported LEAP version "
214 "%d", *pos);
215 ret->ignore = TRUE;
216 return NULL;
217 }
218 pos++;
219
220 pos++; /* skip unused byte */
221
222 response_len = *pos++;
223 if (response_len != LEAP_RESPONSE_LEN || response_len > len - 3) {
224 wpa_printf(MSG_INFO, "EAP-LEAP: Invalid response "
225 "(response_len=%d reqDataLen=%lu)",
226 response_len, (unsigned long) wpabuf_len(reqData));
227 ret->ignore = TRUE;
228 return NULL;
229 }
230
231 wpa_hexdump(MSG_DEBUG, "EAP-LEAP: Response from AP",
232 pos, LEAP_RESPONSE_LEN);
233 os_memcpy(data->ap_response, pos, LEAP_RESPONSE_LEN);
234
235 if (pwhash) {
236 hash_nt_password_hash(password, pw_hash_hash);
237 } else {
238 nt_password_hash(password, password_len, pw_hash);
239 hash_nt_password_hash(pw_hash, pw_hash_hash);
240 }
241 challenge_response(data->ap_challenge, pw_hash_hash, expected);
242
243 ret->methodState = METHOD_DONE;
244 ret->allowNotifications = FALSE;
245
246 if (os_memcmp(pos, expected, LEAP_RESPONSE_LEN) != 0) {
247 wpa_printf(MSG_WARNING, "EAP-LEAP: AP sent an invalid "
248 "response - authentication failed");
249 wpa_hexdump(MSG_DEBUG, "EAP-LEAP: Expected response from AP",
250 expected, LEAP_RESPONSE_LEN);
251 ret->decision = DECISION_FAIL;
252 return NULL;
253 }
254
255 ret->decision = DECISION_UNCOND_SUCC;
256
257 /* LEAP is somewhat odd method since it sends EAP-Success in the middle
258 * of the authentication. Use special variable to transit EAP state
259 * machine to SUCCESS state. */
260 sm->leap_done = TRUE;
261 data->state = LEAP_DONE;
262
263 /* No more authentication messages expected; AP will send EAPOL-Key
264 * frames if encryption is enabled. */
265 return NULL;
266 }
267
268
eap_leap_process(struct eap_sm * sm,void * priv,struct eap_method_ret * ret,const struct wpabuf * reqData)269 static struct wpabuf * eap_leap_process(struct eap_sm *sm, void *priv,
270 struct eap_method_ret *ret,
271 const struct wpabuf *reqData)
272 {
273 const struct eap_hdr *eap;
274 size_t password_len;
275 const u8 *password;
276
277 password = eap_get_config_password(sm, &password_len);
278 if (password == NULL) {
279 wpa_printf(MSG_INFO, "EAP-LEAP: Password not configured");
280 eap_sm_request_password(sm);
281 ret->ignore = TRUE;
282 return NULL;
283 }
284
285 /*
286 * LEAP needs to be able to handle EAP-Success frame which does not
287 * include Type field. Consequently, eap_hdr_validate() cannot be used
288 * here. This validation will be done separately for EAP-Request and
289 * EAP-Response frames.
290 */
291 eap = wpabuf_head(reqData);
292 if (wpabuf_len(reqData) < sizeof(*eap) ||
293 be_to_host16(eap->length) > wpabuf_len(reqData)) {
294 wpa_printf(MSG_INFO, "EAP-LEAP: Invalid frame");
295 ret->ignore = TRUE;
296 return NULL;
297 }
298
299 ret->ignore = FALSE;
300 ret->allowNotifications = TRUE;
301 ret->methodState = METHOD_MAY_CONT;
302 ret->decision = DECISION_FAIL;
303
304 sm->leap_done = FALSE;
305
306 switch (eap->code) {
307 case EAP_CODE_REQUEST:
308 return eap_leap_process_request(sm, priv, ret, reqData);
309 case EAP_CODE_SUCCESS:
310 return eap_leap_process_success(sm, priv, ret, reqData);
311 case EAP_CODE_RESPONSE:
312 return eap_leap_process_response(sm, priv, ret, reqData);
313 default:
314 wpa_printf(MSG_INFO, "EAP-LEAP: Unexpected EAP code (%d) - "
315 "ignored", eap->code);
316 ret->ignore = TRUE;
317 return NULL;
318 }
319 }
320
321
eap_leap_isKeyAvailable(struct eap_sm * sm,void * priv)322 static Boolean eap_leap_isKeyAvailable(struct eap_sm *sm, void *priv)
323 {
324 struct eap_leap_data *data = priv;
325 return data->state == LEAP_DONE;
326 }
327
328
eap_leap_getKey(struct eap_sm * sm,void * priv,size_t * len)329 static u8 * eap_leap_getKey(struct eap_sm *sm, void *priv, size_t *len)
330 {
331 struct eap_leap_data *data = priv;
332 u8 *key, pw_hash_hash[16], pw_hash[16];
333 const u8 *addr[5], *password;
334 size_t elen[5], password_len;
335 int pwhash;
336
337 if (data->state != LEAP_DONE)
338 return NULL;
339
340 password = eap_get_config_password2(sm, &password_len, &pwhash);
341 if (password == NULL)
342 return NULL;
343
344 key = os_malloc(LEAP_KEY_LEN);
345 if (key == NULL)
346 return NULL;
347
348 if (pwhash)
349 hash_nt_password_hash(password, pw_hash_hash);
350 else {
351 nt_password_hash(password, password_len, pw_hash);
352 hash_nt_password_hash(pw_hash, pw_hash_hash);
353 }
354 wpa_hexdump_key(MSG_DEBUG, "EAP-LEAP: pw_hash_hash",
355 pw_hash_hash, 16);
356 wpa_hexdump(MSG_DEBUG, "EAP-LEAP: peer_challenge",
357 data->peer_challenge, LEAP_CHALLENGE_LEN);
358 wpa_hexdump(MSG_DEBUG, "EAP-LEAP: peer_response",
359 data->peer_response, LEAP_RESPONSE_LEN);
360 wpa_hexdump(MSG_DEBUG, "EAP-LEAP: ap_challenge",
361 data->ap_challenge, LEAP_CHALLENGE_LEN);
362 wpa_hexdump(MSG_DEBUG, "EAP-LEAP: ap_response",
363 data->ap_response, LEAP_RESPONSE_LEN);
364
365 addr[0] = pw_hash_hash;
366 elen[0] = 16;
367 addr[1] = data->ap_challenge;
368 elen[1] = LEAP_CHALLENGE_LEN;
369 addr[2] = data->ap_response;
370 elen[2] = LEAP_RESPONSE_LEN;
371 addr[3] = data->peer_challenge;
372 elen[3] = LEAP_CHALLENGE_LEN;
373 addr[4] = data->peer_response;
374 elen[4] = LEAP_RESPONSE_LEN;
375 md5_vector(5, addr, elen, key);
376 wpa_hexdump_key(MSG_DEBUG, "EAP-LEAP: master key", key, LEAP_KEY_LEN);
377 *len = LEAP_KEY_LEN;
378
379 return key;
380 }
381
382
eap_peer_leap_register(void)383 int eap_peer_leap_register(void)
384 {
385 struct eap_method *eap;
386 int ret;
387
388 eap = eap_peer_method_alloc(EAP_PEER_METHOD_INTERFACE_VERSION,
389 EAP_VENDOR_IETF, EAP_TYPE_LEAP, "LEAP");
390 if (eap == NULL)
391 return -1;
392
393 eap->init = eap_leap_init;
394 eap->deinit = eap_leap_deinit;
395 eap->process = eap_leap_process;
396 eap->isKeyAvailable = eap_leap_isKeyAvailable;
397 eap->getKey = eap_leap_getKey;
398
399 ret = eap_peer_method_register(eap);
400 if (ret)
401 eap_peer_method_free(eap);
402 return ret;
403 }
404