From a90a7722c70ab41ffad6f596d375fdd6796ac83a Mon Sep 17 00:00:00 2001
From: Simon Rozman <simon@rozman.si>
Date: Sat, 13 Aug 2016 18:56:37 +0200
Subject: [PATCH] PAP introduced

---
 lib/TTLS/include/Method.h | 16 +++++++--
 lib/TTLS/src/Method.cpp   | 74 ++++++++++++++++++++++++++++++++++++---
 2 files changed, 84 insertions(+), 6 deletions(-)

diff --git a/lib/TTLS/include/Method.h b/lib/TTLS/include/Method.h
index dcddd4c..970a75b 100644
--- a/lib/TTLS/include/Method.h
+++ b/lib/TTLS/include/Method.h
@@ -124,9 +124,21 @@ namespace eap
         ///
         virtual void derive_msk();
 
+    protected:
+        ///
+        /// Makes a PAP client message
+        ///
+        /// \sa [Extensible Authentication Protocol Tunneled Transport Layer Security Authenticated Protocol Version 0 (EAP-TTLSv0) (Chapter 11.2.5. PAP)](https://tools.ietf.org/html/rfc5281#section-11.2.5)
+        ///
+        /// \returns PAP client message
+        ///
+        sanitizing_blob make_pap_client() const;
+
     public:
+        credentials_ttls &m_cred;           ///< TTLS credentials
+
         enum version_t {
-            version_0 = 0,  ///< EAP-TTLS v0
-        } m_version;        ///< EAP-TTLS version
+            version_0 = 0,                  ///< EAP-TTLS v0
+        } m_version;                        ///< EAP-TTLS version
     };
 }
diff --git a/lib/TTLS/src/Method.cpp b/lib/TTLS/src/Method.cpp
index a5afc31..f1cf3c3 100644
--- a/lib/TTLS/src/Method.cpp
+++ b/lib/TTLS/src/Method.cpp
@@ -29,6 +29,7 @@ using namespace winstd;
 //////////////////////////////////////////////////////////////////////
 
 eap::method_ttls::method_ttls(_In_ module &module, _In_ config_method_ttls &cfg, _In_ credentials_ttls &cred) :
+    m_cred(cred),
     m_version(version_0),
     method_tls(module, cfg, cred)
 {
@@ -36,6 +37,7 @@ eap::method_ttls::method_ttls(_In_ module &module, _In_ config_method_ttls &cfg,
 
 
 eap::method_ttls::method_ttls(_In_ const method_ttls &other) :
+    m_cred(other.m_cred),
     m_version(other.m_version),
     method_tls(other)
 {
@@ -43,6 +45,7 @@ eap::method_ttls::method_ttls(_In_ const method_ttls &other) :
 
 
 eap::method_ttls::method_ttls(_Inout_ method_ttls &&other) :
+    m_cred(other.m_cred),
     m_version(std::move(other.m_version)),
     method_tls(std::move(other))
 {
@@ -96,10 +99,10 @@ void eap::method_ttls::process_request_packet(
             if (!m_cipher_spec)
                 throw runtime_error(__FUNCTION__ " Refusing to send credentials unencrypted.");
 
-            //sanitizing_blob client(make_pap_client());
-            //sanitizing_blob application(make_message(tls_message_type_application_data, client, m_cipher_spec));
-            //m_packet_res.m_data.insert(m_packet_res.m_data.end(), application.begin(), application.end());
-            //pEapOutput->action = EapPeerMethodResponseActionSend;
+            sanitizing_blob client(make_pap_client());
+            sanitizing_blob application(make_message(tls_message_type_application_data, client, m_cipher_spec));
+            m_packet_res.m_data.insert(m_packet_res.m_data.end(), application.begin(), application.end());
+            pEapOutput->action = EapPeerMethodResponseActionSend;
         }
     } else {
         // Do the TLS. Again.
@@ -138,3 +141,66 @@ void eap::method_ttls::derive_msk()
     memcpy(&m_key_mppe_send, _key_block, sizeof(tls_random));
     _key_block += sizeof(tls_random);
 }
+
+
+eap::sanitizing_blob eap::method_ttls::make_pap_client() const
+{
+    const credentials_pap *cred = dynamic_cast<credentials_pap*>(m_cred.m_inner.get());
+    if (!cred)
+        throw invalid_argument(__FUNCTION__ " Inner credentials missing or not PAP.");
+
+    // Convert username and password to UTF-8.
+    sanitizing_string identity_utf8, password_utf8;
+    WideCharToMultiByte(CP_UTF8, 0, cred->m_identity.c_str(), (int)cred->m_identity.length(), identity_utf8, NULL, NULL);
+    WideCharToMultiByte(CP_UTF8, 0, cred->m_password.c_str(), (int)cred->m_password.length(), password_utf8, NULL, NULL);
+
+    unsigned char rnd;
+    CryptGenRandom(m_cp, sizeof(rnd), &rnd);
+
+    size_t
+        size_identity    = identity_utf8.length(),
+        size_password    = password_utf8.length(),
+        padding_identity = (4  -  size_identity                ) %  4,
+        padding_password = (16 - (password_utf8.length() + rnd)) % 16; // According to RFC 5281 passwords must be padded to 16B boundary with random padding blocks to make password length guessing harder.
+
+    sanitizing_blob msg;
+    msg.reserve(
+        4                + // Diameter AVP Code
+        4                + // Diameter AVP Flags & Length
+        size_identity    + // Identity
+        padding_identity + // Identity padding
+        4                + // Diameter AVP Code
+        4                + // Diameter AVP Flags & Length
+        size_password    + // Password
+        padding_password); // Password padding
+
+    // Diameter AVP Code User-Name (0x00000001)
+    msg.push_back(0x00);
+    msg.push_back(0x00);
+    msg.push_back(0x00);
+    msg.push_back(0x01);
+
+    // Diameter AVP Flags & Length
+    unsigned int identity_hdr = htonl((diameter_avp_flag_mandatory << 24) | (unsigned int)size_identity);
+    msg.insert(msg.end(), (unsigned char*)&identity_hdr, (unsigned char*)(&identity_hdr + 1));
+
+    // Identity
+    msg.insert(msg.end(), identity_utf8.begin(), identity_utf8.end());
+    msg.insert(msg.end(), padding_identity, 0);
+
+    // Diameter AVP Code User-Password (0x00000002)
+    msg.push_back(0x00);
+    msg.push_back(0x00);
+    msg.push_back(0x00);
+    msg.push_back(0x02);
+
+    // Diameter AVP Flags & Length
+    unsigned int password_hdr = htonl((diameter_avp_flag_mandatory << 24) | (unsigned int)size_password);
+    msg.insert(msg.end(), (unsigned char*)&password_hdr, (unsigned char*)(&password_hdr + 1));
+
+    // Password
+    msg.insert(msg.end(), password_utf8.begin(), password_utf8.end());
+    msg.insert(msg.end(), padding_password, 0);
+
+    return msg;
+}