aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_server
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-10-07 10:48:45 (GMT)
committerJouni Malinen <j@w1.fi>2014-10-07 11:57:06 (GMT)
commiteefec1e40b8721b37aff8187741c824c7913d0f0 (patch)
treebcd9527c290b80feb96101186eb3e3317bf07805 /src/eap_server
parent98a1571d8890a43c9b5fe1cf21f3a1a0e3d02656 (diff)
downloadhostap-eefec1e40b8721b37aff8187741c824c7913d0f0.zip
hostap-eefec1e40b8721b37aff8187741c824c7913d0f0.tar.gz
hostap-eefec1e40b8721b37aff8187741c824c7913d0f0.tar.bz2
AES: Extend key wrap design to support longer AES keys
This adds kek_len argument to aes_wrap() and aes_unwrap() functions and allows AES to be initialized with 192 and 256 bit KEK in addition to the previously supported 128 bit KEK. The test vectors in test-aes.c are extended to cover all the test vectors from RFC 3394. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eap_server')
-rw-r--r--src/eap_server/eap_server_fast.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/src/eap_server/eap_server_fast.c b/src/eap_server/eap_server_fast.c
index 4691e72..2692bce 100644
--- a/src/eap_server/eap_server_fast.c
+++ b/src/eap_server/eap_server_fast.c
@@ -161,8 +161,8 @@ static int eap_fast_session_ticket_cb(void *ctx, const u8 *ticket, size_t len,
return 0;
}
- if (aes_unwrap(data->pac_opaque_encr, (pac_opaque_len - 8) / 8,
- pac_opaque, buf) < 0) {
+ if (aes_unwrap(data->pac_opaque_encr, sizeof(data->pac_opaque_encr),
+ (pac_opaque_len - 8) / 8, pac_opaque, buf) < 0) {
wpa_printf(MSG_DEBUG, "EAP-FAST: Failed to decrypt "
"PAC-Opaque");
os_free(buf);
@@ -731,8 +731,8 @@ static struct wpabuf * eap_fast_build_pac(struct eap_sm *sm,
os_free(pac_buf);
return NULL;
}
- if (aes_wrap(data->pac_opaque_encr, pac_len / 8, pac_buf,
- pac_opaque) < 0) {
+ if (aes_wrap(data->pac_opaque_encr, sizeof(data->pac_opaque_encr),
+ pac_len / 8, pac_buf, pac_opaque) < 0) {
os_free(pac_buf);
os_free(pac_opaque);
return NULL;