aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_common
diff options
context:
space:
mode:
authorDavid Benjamin <davidben@google.com>2016-05-16 15:47:37 (GMT)
committerJouni Malinen <j@w1.fi>2016-05-23 17:40:12 (GMT)
commit7358170787bd8e88200adb1ae2e8875a8fa35914 (patch)
treea10f5d79601f6909c9d4dc5c6a2181b3e16520cb /src/eap_common
parentf150db6c8392f8371bfefedc1f81e4fb5c258ab1 (diff)
downloadhostap-7358170787bd8e88200adb1ae2e8875a8fa35914.zip
hostap-7358170787bd8e88200adb1ae2e8875a8fa35914.tar.gz
hostap-7358170787bd8e88200adb1ae2e8875a8fa35914.tar.bz2
TLS: Split tls_connection_prf() into two functions
Most protocols extracting keys from TLS use RFC 5705 exporters which is commonly implemented in TLS libraries. This is the mechanism used by EAP-TLS. (EAP-TLS actually predates RFC 5705, but RFC 5705 was defined to be compatible with it.) EAP-FAST, however, uses a legacy mechanism. It reuses the TLS internal key block derivation and derives key material after the key block. This is uncommon and a misuse of TLS internals, so not all TLS libraries support this. Instead, we reimplement the PRF for the OpenSSL backend and don't support it at all in the GnuTLS one. Since these two are very different operations, split tls_connection_prf() in two. tls_connection_export_key() implements the standard RFC 5705 mechanism that we expect most TLS libraries to support. tls_connection_get_eap_fast_key() implements the EAP-FAST-specific legacy mechanism which may not be implemented on all backends but is only used by EAP-FAST. Signed-Off-By: David Benjamin <davidben@google.com>
Diffstat (limited to 'src/eap_common')
-rw-r--r--src/eap_common/eap_fast_common.c5
-rw-r--r--src/eap_common/eap_fast_common.h2
2 files changed, 3 insertions, 4 deletions
diff --git a/src/eap_common/eap_fast_common.c b/src/eap_common/eap_fast_common.c
index e8587fd..9ef671c 100644
--- a/src/eap_common/eap_fast_common.c
+++ b/src/eap_common/eap_fast_common.c
@@ -93,8 +93,7 @@ void eap_fast_derive_master_secret(const u8 *pac_key, const u8 *server_random,
}
-u8 * eap_fast_derive_key(void *ssl_ctx, struct tls_connection *conn,
- const char *label, size_t len)
+u8 * eap_fast_derive_key(void *ssl_ctx, struct tls_connection *conn, size_t len)
{
u8 *out;
@@ -102,7 +101,7 @@ u8 * eap_fast_derive_key(void *ssl_ctx, struct tls_connection *conn,
if (out == NULL)
return NULL;
- if (tls_connection_prf(ssl_ctx, conn, label, 1, 1, out, len)) {
+ if (tls_connection_get_eap_fast_key(ssl_ctx, conn, out, len)) {
os_free(out);
return NULL;
}
diff --git a/src/eap_common/eap_fast_common.h b/src/eap_common/eap_fast_common.h
index 6756dd2..724204c 100644
--- a/src/eap_common/eap_fast_common.h
+++ b/src/eap_common/eap_fast_common.h
@@ -98,7 +98,7 @@ struct wpabuf * eap_fast_tlv_eap_payload(struct wpabuf *buf);
void eap_fast_derive_master_secret(const u8 *pac_key, const u8 *server_random,
const u8 *client_random, u8 *master_secret);
u8 * eap_fast_derive_key(void *ssl_ctx, struct tls_connection *conn,
- const char *label, size_t len);
+ size_t len);
int eap_fast_derive_eap_msk(const u8 *simck, u8 *msk);
int eap_fast_derive_eap_emsk(const u8 *simck, u8 *emsk);
int eap_fast_parse_tlv(struct eap_fast_tlv_parse *tlv,