aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_peer/eap_pwd.c
diff options
context:
space:
mode:
authorDan Harkins <dharkins@lounge.org>2011-01-16 11:12:07 (GMT)
committerJouni Malinen <j@w1.fi>2011-01-16 11:12:07 (GMT)
commite4d7b22a53bbeaf95e2e9560e4388835c172a46f (patch)
treedf3659763f49c5a4503d1b797c4373148f8c7aa1 /src/eap_peer/eap_pwd.c
parentb13d3d63d5756cda200972bf64f735e8e4c9b28b (diff)
downloadhostap-e4d7b22a53bbeaf95e2e9560e4388835c172a46f.zip
hostap-e4d7b22a53bbeaf95e2e9560e4388835c172a46f.tar.gz
hostap-e4d7b22a53bbeaf95e2e9560e4388835c172a46f.tar.bz2
EAP-pwd: Fix some interoperability issues
The changes are: 1. the word "and" in the hunting-and-pecking string passed to the KDF should be capitalized. 2. the primebitlen used in the KDF should be a short not an int. 3. the computation of MK in hostap is based on an older version of the draft and is not the way it's specified in the RFC. 4. the group being passed into computation of the Commit was not in network order.
Diffstat (limited to 'src/eap_peer/eap_pwd.c')
-rw-r--r--src/eap_peer/eap_pwd.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c
index 3baca15..e4705b7 100644
--- a/src/eap_peer/eap_pwd.c
+++ b/src/eap_peer/eap_pwd.c
@@ -463,14 +463,16 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
BIGNUM *x = NULL, *y = NULL;
HMAC_CTX ctx;
u32 cs;
+ u16 grp;
u8 conf[SHA256_DIGEST_LENGTH], *cruft = NULL, *ptr;
/*
* first build up the ciphersuite which is group | random_function |
* prf
*/
+ grp = htons(data->group_num);
ptr = (u8 *) &cs;
- os_memcpy(ptr, &data->group_num, sizeof(u16));
+ os_memcpy(ptr, &grp, sizeof(u16));
ptr += sizeof(u16);
*ptr = EAP_PWD_DEFAULT_RAND_FUNC;
ptr += sizeof(u8);
@@ -620,9 +622,9 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
wpabuf_put_u8(resp, EAP_PWD_OPCODE_CONFIRM_EXCH);
wpabuf_put_data(resp, conf, SHA256_DIGEST_LENGTH);
- if (compute_keys(data->grp, data->bnctx, data->k, data->server_element,
- data->my_element, data->server_scalar,
- data->my_scalar, &cs, data->msk, data->emsk) < 0) {
+ if (compute_keys(data->grp, data->bnctx, data->k,
+ data->my_scalar, data->server_scalar, conf, ptr,
+ &cs, data->msk, data->emsk) < 0) {
wpa_printf(MSG_INFO, "EAP-PWD (peer): unable to compute MSK | "
"EMSK");
goto fin;