eapleap.c

linux下 用来通过802.1x人证

    // byte 27..m: username

    answer[0] = 0x01;
    answer[1] = 0x00; // Reserved - Unused
    answer[2] = 24; // Count

    // Include MSCHAP Challenge response in the built packet
    memcpy(&answer[3],&chall_response,24);
    // Include username in the built packet
    memcpy(&answer[24+3],username,strlen(username)+1);
    // be sure that the username (last field) will be NUL terminated!
    answer[strlen(answer)] = '\0';

    // Set up our response frame.
    memcpy(outframe, answer, total_length);
    *outsize = total_length;

    if (answer != NULL)
      free(answer);
    answer=NULL;
    debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) Response Packet Built\n");

  break;

  case EAP_SUCCESS:
    // ***********************************************************************************************
    debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) Got EAP-SUCCESS\n");
    memset(chall_response, 0x0, 8);
    NtChallengeResponse((char *)leaprequest->randval, userdata->password, (char *)&chall_response);

    GenerateNTResponse((char *)leapchallenges->pr, (char *)leapchallenges->pc, username, userdata->password, chall_response);

    // store Access Point Challenge
    memcpy((uint8_t *)leapchallenges->apc, (char *)chall_response, 8);

    debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) GenerateNTResponse Calculated : ");
    debug_hex_printf(DEBUG_AUTHTYPES, (uint8_t *)&chall_response, 8);

    total_length = 8+2+strlen(username)+1;
    answer = (char *)malloc(total_length);
    if (answer == NULL) {
        debug_printf(DEBUG_NORMAL, "(EAP-LEAP) Couldn't allocate memory for building hash source!\n");
        return XEMALLOC;
    }

    // Construct the LEAP request sub fields packet
    // let's start with the version number (LEAP subfield)

    // byte 0: Version
    // byte 1: Unused - Reserved
    // byte 2: Count
    // byte 3..10: MS-CHAP Nt Challenge Response
    // byte 11..m: username

    answer[0] = 0x01;
    answer[1] = 0x00; // Reserved - Unused
    answer[2] = 8; // Count

    // Include MSCHAP Challenge response in the built packet
    memcpy(&answer[3],&chall_response,8);
    // Include username in the built packet
    memcpy(&answer[8+3],username,strlen(username)+1);
    // be sure that the username (last field) will be NUL terminated!
    answer[strlen(answer)] = '\0';

    // Set up our response frame.
    memcpy(outframe, answer, total_length);
    *outsize = total_length;

    // Store the new random value to the leapdata for further validation of the AP response !
    memcpy((char *)leaprequest->randval, (char *)&chall_response,8);

    if (answer != NULL)
      free(answer);
    answer=NULL;

    debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) Request Packet for Mutual Authentication Built\n");

  break;

  case EAP_RESPONSE:
    // ***********************************************************************************************
    // Verify an AP-Challenge Response from an EAP LEAP response frame.
    debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) Got EAP-RESPONSE\n");
    debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) Verification phase....\n");

    leapresponse = (struct leap_responses *)dataoffs;

    challenge_response_got =  (char *)malloc(leapresponse->count+1);
    if (!challenge_response_got) {
      debug_printf(DEBUG_NORMAL, "(EAP-LEAP) challenge_response_got is NULL after malloc!\n");
    }
    memcpy(challenge_response_got, &leapresponse->randval, leapresponse->count);

    // store Access Point Response
    memcpy((uint8_t *)leapchallenges->apr, (char *)leapresponse->randval, 24);

    // this is the real 24 bytes Challenge we got !
/*
    debug_printf(DEBUG_NORMAL, "(EAP-LEAP) AP ChallengeResponse just got: ");
    print_hex((uint8_t *)challenge_response_got, 24);
*/

    // Let's construct the expected one
    memset(challenge_response_expected, 0x0, 24);

    // Calculate the 24 bytes MS-CHAP Challenge Response
    leap_mschap(userdata->password, challenge_response_expected);

/*
    debug_printf(DEBUG_NORMAL, "(EAP-LEAP) Expected AP ChallengeResponse : ");
    print_hex((uint8_t *)challenge_response_expected,24);
*/
    if (memcmp(challenge_response_got, challenge_response_expected, 24) == 0) {
      debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) AP ChallengeResponse got is valid.\n");
      *outsize = 0;
      
      // Authentication was successful.
      //      #warning "FIX!"
      //      thisint->statemachine->eapSuccess = TRUE;
      mydata->eapsuccess = TRUE;
    }
    else {
      debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) AP ChallengeResponse got is NOT valid.\n");
      *outsize = -1;
      return XELEAP;
    }

    // We were successful, so generate keying material.

    ntPwdHash(MD4Hash, userdata->password);
    md4_calc(MD4HashHash, MD4Hash, 16);
    debug_printf(DEBUG_AUTHTYPES, "leap_session_key : ");
    debug_hex_printf(DEBUG_AUTHTYPES, MD4HashHash, 16);

    debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) leapchallenges->pc : ");
    debug_hex_printf(DEBUG_AUTHTYPES, (uint8_t *)leapchallenges->pc, 8);

    debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) leapchallenges->pr : ");
    debug_hex_printf(DEBUG_AUTHTYPES, (uint8_t *)leapchallenges->pr, 24);

    debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) leapchallenges->apc : ");
    debug_hex_printf(DEBUG_AUTHTYPES, (uint8_t *)leapchallenges->apc, 8);

    debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) leapchallenges->apr : ");
    debug_hex_printf(DEBUG_AUTHTYPES, (uint8_t *)leapchallenges->apr, 24);

    GetMasterLEAPKey((char *)MD4HashHash, leapchallenges->apc, leapchallenges->apr, leapchallenges->pc, leapchallenges->pr, (char *)&MasterKey);
    debug_printf(DEBUG_AUTHTYPES, "MasterLEAPKey : ");
    debug_hex_printf(DEBUG_AUTHTYPES, (unsigned char *)&MasterKey, 16);
    // Now, get the send key.
    //    GetAsymetricStartKey((u_char *)&MasterKey, (u_char *)&mppeSend, 16, TRUE, FALSE);

    // And the recv key.
    //GetAsymetricStartKey((u_char *)&MasterKey, (u_char *)&mppeRecv, 16, FALSE, FALSE);

    // Finally, populate our thisint->keyingMaterial.
    if (mydata->keyingMaterial != NULL) {
      free(mydata->keyingMaterial);
      mydata->keyingMaterial = NULL;
    }
    mydata->keyingMaterial = (char *)malloc(64);  // 32 bytes each.
    if (mydata->keyingMaterial == NULL)
      return XEMALLOC;

    bzero(mydata->keyingMaterial, 64);
    //    memcpy(&mydata->keyingMaterial[32], &mppeRecv, 16);
    //    memcpy(mydata->keyingMaterial, &mppeSend, 16);
    memcpy(&mydata->keyingMaterial[32], &MasterKey, 16);
    memcpy(mydata->keyingMaterial, &MasterKey, 16);

    debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) Long Key : ");
    debug_hex_printf(DEBUG_AUTHTYPES, mydata->keyingMaterial, 64);

    debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) MPPE-Recv : ");
    debug_hex_printf(DEBUG_AUTHTYPES, (uint8_t *)mppeRecv,16);

    debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) MPPE-Send : ");
    debug_hex_printf(DEBUG_AUTHTYPES, (uint8_t *)mppeSend,16);
    
    //    debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) thisint->keyingMaterial : ");
    //    debug_hex_printf(DEBUG_AUTHTYPES, (uint8_t *)thisint->keyingMaterial,64);

  break;
  }    

  return XENONE;
}

/*******************************************************
 *
 * Assign our keying material.  (Return -1 if we can't generate keys.)
 *
 *******************************************************/
int eapleap_get_keys(struct interface_data *thisint)
{
  struct leap_data *mydata;
  // If we return keys, we return 0.  If we don't, return -1;

  if ((!thisint) || (!thisint->userdata))
    {
      debug_printf(DEBUG_NORMAL, "Invalid user data in eapleap_get_keys()!\n");
      return -1;
    }

  if (thisint->userdata->activemethod == NULL)
    {
      printf("ACK! activemethod was toasted!\n");
      return -1;
    }
  mydata = (struct leap_data *)thisint->userdata->activemethod->eap_data;

  // Right now, we don't return anything from LEAP.
  thisint->keyingMaterial = mydata->keyingMaterial;
  thisint->keyingLength = 16;  // We only use 16 bytes for this keying material!

  return 0;
}

/*******************************************************
 *
 * Return if we have successfully authenticated.
 *
 *******************************************************/
int eapleap_done(struct generic_eap_data *thisint)
{
  struct leap_data *mydata;

  if (!thisint)
    {
      debug_printf(DEBUG_NORMAL, "Invalid interface structure passed in to eapleap_done()!\n");
      return XEMALLOC;
    }

  mydata = (struct leap_data *)thisint->eap_data;

  if (!mydata)
    {
      debug_printf(DEBUG_NORMAL, "Invalid eap data in eapleap_done()!\n");
      return XEMALLOC;
    }

  return mydata->eapsuccess;
}

/*******************************************************
 *
 * Clean up after ourselves.  This will get called when we get a packet that
 * needs to be processed requests a different EAP type.  It will also be
 * called on termination of the program.
 *
 *******************************************************/
int eapleap_cleanup(struct generic_eap_data *thisint)
{
  struct leap_data *mydata;

  if ((!thisint) || (!thisint->eap_data))
    {
      debug_printf(DEBUG_NORMAL, "Invalid interface structure passed in to eapleap_cleanup()!\n");
      return XEMALLOC;
    }

  mydata = (struct leap_data *)thisint->eap_data;

  if (mydata->keyingMaterial != NULL)
    {
      free(mydata->keyingMaterial);
    }

  free(mydata);

  debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) Cleaning up.\n");
  return XENONE;
}

/********************************************************
 *
 * We failed authentication for some reason, so clear out our password so
 * that we are prompted again at a later time.
 *
 ********************************************************/
int eapleap_failed(struct generic_eap_data *thisint)
{
  struct config_eap_leap *userdata;

  if ((!thisint) || (!thisint->eap_conf_data))
    {
      debug_printf(DEBUG_AUTHTYPES, "Invalid LEAP configuration data! Nothing to clean up!\n");
      return XEMALLOC;
    }

  userdata = (struct config_eap_leap *)thisint->eap_conf_data;

#ifndef NO_PWD_RESET
  /*
  if (userdata->password != NULL)
    {
      free(userdata->password);
      userdata->password = NULL;
    }
  */
#endif

  return XENONE;
}