/** * A client-side 802.1x implementation supporting EAP/SIM * * This code is released under both the GPL version 2 and BSD licenses. * Either license may be used.  The respective licenses are found below. * * Copyright (C) 2003 Chris Hessing * All Rights Reserved * * --- GPL Version 2 License --- * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA. * * --- BSD License --- * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * *  - Redistributions of source code must retain the above copyright notice, *    this list of conditions and the following disclaimer. *  - Redistributions in binary form must reproduce the above copyright *    notice, this list of conditions and the following disclaimer in the *    documentation and/or other materials provided with the distribution. *  - All advertising materials mentioning features or use of this software *    must display the following acknowledgement: *       This product includes software developed by the University of *       Maryland at College Park and its contributors. *  - Neither the name of the University nor the names of its contributors *    may be used to endorse or promote products derived from this software *    without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. *//******************************************************************** EAPOL Function implementations for supplicant *  * File: sm_handler.c * * Authors: Chris.Hessing@utah.edu * * $Id: sm_handler.c,v 1.8 2004/05/23 03:48:01 chessing Exp $ * $Date: 2004/05/23 03:48:01 $ * $Log: sm_handler.c,v $ * Revision 1.8  2004/05/23 03:48:01  chessing * * Small fix to EAP-SIM code to make it work correctly. * * Revision 1.7  2004/04/13 22:13:30  chessing * * Additional error checking in all eap methods. * * Revision 1.6  2004/02/07 07:19:37  chessing * * Fixed EAP-SIM so that it works with FreeRADIUS correctly.  Fixed a bunch of memory leaks in the EAP-SIM, and related code. * * Revision 1.5  2004/01/20 00:07:07  chessing * * EAP-SIM fixes. * * Revision 1.4  2004/01/13 01:55:56  chessing * * Major changes to EAP related code.  We no longer pass in an interface_data struct to EAP handlers.  Instead, we hand in a generic_eap_data struct which containsnon-interface specific information.  This will allow EAP types to be reused as phase 2 type easier.  However, this new code may create issues with EAP types that make use of the identity in the eap type.  Somehow, the identity value needs to propigate down to the EAP method.  It currently does not.  This should be any easy fix, but more testing will be needed. * * Revision 1.3  2003/12/14 06:11:03  chessing * * Fixed some stuff with SIM in relation to the new config structures.  Cleaned out CR/LF from LEAP source files.  Added user certificate support to TTLS and PEAP. Some additions to the IPC code. (Not tested yet.) * * Revision 1.2  2003/11/29 04:46:02  chessing * * EAP-SIM changes : EAP-SIM will now try to use the IMSI as the username, when the preferred EAP type is SIM, and the username value is NULL.  Also, if simautogen is TRUE, then we will also build and attach a realm as specified in the RFC. * * Revision 1.1  2003/11/24 02:14:08  chessing * * Added EAP-SIM (draft 11 still needs work), various small changes to eap calls, new hex dump code including ASCII dump (used mostly for dumping frames) * * *******************************************************************//******************************************************************* * * The development of the EAP/SIM support was funded by Internet * Foundation Austria (http://www.nic.at/ipa) * *******************************************************************//* Interface to Smart Cards using PCSC with 802.1x.  *//* Taken from code by Michael Haberler    mah@eunet.at *//* which was based on work by marek@bmlv.gv.at */#ifdef EAP_SIM_ENABLE#include <stdio.h>#include <winscard.h>#include <ctype.h>#include <unistd.h>#include <stdlib.h>#include <string.h>#include "../mschapv2/mschapv2.h"  // Needed for ctonibble function.#include "profile.h"#include "config.h"#include "eap.h"#include "xsup_debug.h"#include "xsup_err.h"#include "sm_handler.h"int need_init = 1;   // By default, we need an init to start with.#ifndef SCDEBUG#define SCDEBUG  1#endif#define MAXBUFF  (512)#define SELECT_MF       "A0A40000023F00"#define SELECT_DF_GSM   "A0A40000027F20"#define SELECT_EF_IMSI  "A0A40000026F07"#define RUN_GSM         "A088000010"#define GET_IMSI        "A0B0000009"char *o_readername;SCARDCONTEXT g_sc_context;SCARDHANDLE g_card_hdl = 0;SCARD_IO_REQUEST scir;unsigned long o_stdprotocol;DWORD readerstrlen;int debug;void print_sc_error(long err){  switch (err)    {    case SCARD_S_SUCCESS:      printf("Successful card call!\n");      break;    case SCARD_E_CANCELLED:      printf("Error : Card Request Cancelled!\n");      break;    case SCARD_E_CANT_DISPOSE:      printf("Error : Can't dispose (!?)\n");      break;    case SCARD_E_INSUFFICIENT_BUFFER:      printf("Error : Insufficient Buffer\n");      break;    case SCARD_E_INVALID_ATR:      printf("Error : Invalid ATR\n");      break;    case SCARD_E_INVALID_HANDLE:      printf("Error : Invalid handle\n");      break;    case SCARD_E_INVALID_PARAMETER:      printf("Error : Invalid parameter\n");      break;    case SCARD_E_INVALID_TARGET:      printf("Error : Invalid target\n");      break;    case SCARD_E_INVALID_VALUE:      printf("Error : Invalid Value\n");      break;    case SCARD_E_NO_MEMORY:      printf("Error : No memory\n");      break;    case SCARD_F_COMM_ERROR:      printf("Error : Communication error \n");      break;    case SCARD_F_INTERNAL_ERROR:      printf("Error : Internal error\n");      break;    case SCARD_F_WAITED_TOO_LONG:      printf("Error : Waited too long\n");      break;    case SCARD_E_UNKNOWN_READER:      printf("Error : Unknown reader\n");      break;    case SCARD_E_TIMEOUT:      printf("Error : Timeout\n");      break;    case SCARD_E_SHARING_VIOLATION:      printf("Error : Sharing Violation\n");      break;    case SCARD_E_NO_SMARTCARD:      printf("Error : No smartcard!\n");      break;    case SCARD_E_UNKNOWN_CARD:      printf("Error : Unknown card!\n");      break;    case SCARD_E_PROTO_MISMATCH:      printf("Error : Protocol mismatch!\n");      break;    case SCARD_E_NOT_READY:      printf("Error : Not ready!\n");      break;    case SCARD_E_SYSTEM_CANCELLED:      printf("Error : System Cancelled\n");      break;    case SCARD_E_NOT_TRANSACTED:      printf("Error : Not Transacted\n");      break;    case SCARD_E_READER_UNAVAILABLE:      printf("Error : Reader unavailable\n");      break;    case SCARD_F_UNKNOWN_ERROR:    default:      printf("Unknown error!\n");      break;    }}void strtohex(char *instr, char *outstr, int *blen){  int i;  char val1,val2;  if ((!instr) || (!outstr) || (!blen))    {      debug_printf(DEBUG_NORMAL, "Invalid data passed to strtohex()!\n");      return;    }  for (i=0;i<(strlen(instr)/2);i++)    {      val1=ctonibble(instr[i*2]);      val2=ctonibble(instr[(i*2)+1]);      outstr[i]=((val1<<4)+val2);    }  *blen = (strlen(instr)/2);}  int card_io(char *cmd, LPBYTE outbuff, LPDWORD olen){  static char g_getresponse[5]= {0xa0,0xc0,0x00,0x00 };  int cmdlen, ret;  char *bcmd;  if (!cmd)    {      debug_printf(DEBUG_NORMAL, "Invalid command passed to card_io()!\n");      return XESIMBADCMD;    }  cmdlen = strlen(cmd)/2;  bcmd = (char *)malloc(cmdlen);  // Get a little more than we need.  if (bcmd == NULL) return -1;  strtohex(cmd, bcmd, &cmdlen);  ret=SCardTransmit(g_card_hdl,		    o_stdprotocol==SCARD_PROTOCOL_T1 ? 		    SCARD_PCI_T1 : SCARD_PCI_T0,		    bcmd, cmdlen, &scir,		    (BYTE *) outbuff,olen);  free(bcmd);  bcmd = NULL;  if (ret != 0)    {      print_sc_error(ret);      return ret;    }    if (*olen==2) {    switch ((unsigned char)outbuff[0]) {    case 0x61:    case 0x9f:      if (outbuff[1]==0)         {          break;        }      g_getresponse[4]=outbuff[1];      *olen=MAXBUFF;      ret=SCardTransmit(g_card_hdl,			o_stdprotocol==SCARD_PROTOCOL_T1 ? SCARD_PCI_T1 : SCARD_PCI_T0,			g_getresponse,sizeof(g_getresponse),&scir,			(BYTE *)outbuff,olen);  if (ret != 0)    {      print_sc_error(ret);      return ret;    }    }  }  return 0;}unsigned charhinibble(unsigned char c){  unsigned char k;  k = (c >> 4) & 0x0f;  if (k == 0x0f)    return 0;  else    return (k + '0');}unsigned charlonibble(unsigned char c){  unsigned char k;  k = c & 0x0f;  if (k == 0x0f)    return 0;  else    return (k + '0');}int do_gsm(unsigned char *challenge, unsigned char *response, 	   unsigned char *ckey){  unsigned char buf[MAXBUFF], buff2[MAXBUFF], buff3[MAXBUFF];  int i;  DWORD len;