aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2008-12-14 11:12:20 (GMT)
committerJouni Malinen <j@w1.fi>2008-12-14 11:12:20 (GMT)
commit000a1de72b20a461710667477b98618ad545e941 (patch)
tree476bdd6eda7cfaddd186cfd8de9466e436289015 /wpa_supplicant
parent6e783c6da9eab625732762e7d534159cb02b460c (diff)
downloadhostap-06-000a1de72b20a461710667477b98618ad545e941.zip
hostap-06-000a1de72b20a461710667477b98618ad545e941.tar.gz
hostap-06-000a1de72b20a461710667477b98618ad545e941.tar.bz2
Cleaned up EAP-MSCHAPv2 key derivation
Changed peer to derive the full key (both MS-MPPE-Recv-Key and MS-MPPE-Send-Key for total of 32 octets) to match with server implementation. Swapped the order of MPPE keys in MSK derivation since server MS-MPPE-Recv-Key | MS-MPPE-Send-Key matches with the order specified for EAP-TLS MSK derivation. This means that PEAPv0 cryptobinding is now using EAP-MSCHAPv2 MSK as-is for ISK while EAP-FAST will need to swap the order of the MPPE keys to get ISK in a way that interoperates with Cisco EAP-FAST implementation.
Diffstat (limited to 'wpa_supplicant')
-rw-r--r--wpa_supplicant/eapol_test.c10
1 files changed, 10 insertions, 0 deletions
diff --git a/wpa_supplicant/eapol_test.c b/wpa_supplicant/eapol_test.c
index 4d96785..ecb3591 100644
--- a/wpa_supplicant/eapol_test.c
+++ b/wpa_supplicant/eapol_test.c
@@ -560,6 +560,16 @@ static void ieee802_1x_get_keys(struct eapol_test_data *e,
keys->recv_len;
os_memcpy(e->authenticator_pmk, keys->recv,
e->authenticator_pmk_len);
+ if (e->authenticator_pmk_len == 16 && keys->send &&
+ keys->send_len == 16) {
+ /* MS-CHAP-v2 derives 16 octet keys */
+ wpa_printf(MSG_DEBUG, "Use MS-MPPE-Send-Key "
+ "to extend PMK to 32 octets");
+ os_memcpy(e->authenticator_pmk +
+ e->authenticator_pmk_len,
+ keys->send, keys->send_len);
+ e->authenticator_pmk_len += keys->send_len;
+ }
}
os_free(keys->send);