Cleaned up EAP-MSCHAPv2 key derivation
Changed peer to derive the full key (both MS-MPPE-Recv-Key and MS-MPPE-Send-Key for total of 32 octets) to match with server implementation. Swapped the order of MPPE keys in MSK derivation since server MS-MPPE-Recv-Key | MS-MPPE-Send-Key matches with the order specified for EAP-TLS MSK derivation. This means that PEAPv0 cryptobinding is now using EAP-MSCHAPv2 MSK as-is for ISK while EAP-FAST will need to swap the order of the MPPE keys to get ISK in a way that interoperates with Cisco EAP-FAST implementation.
This commit is contained in:
Jouni Malinen
parent
6e783c6da9
commit
000a1de72b
9 changed files with 43 additions and 61 deletions
|
|
@ -93,7 +93,6 @@ struct eap_mschapv2_data {
|
|||
*/
|
||||
u8 *peer_challenge;
|
||||
u8 *auth_challenge;
|
||||
int full_key;
|
||||
|
||||
int phase2;
|
||||
u8 master_key[MSCHAPV2_MASTER_KEY_LEN];
|
||||
|
|
@ -114,10 +113,7 @@ static void * eap_mschapv2_init(struct eap_sm *sm)
|
|||
if (data == NULL)
|
||||
return NULL;
|
||||
|
||||
data->full_key = sm->mschapv2_full_key;
|
||||
|
||||
if (sm->peer_challenge) {
|
||||
data->full_key = 1;
|
||||
data->peer_challenge = os_malloc(MSCHAPV2_CHAL_LEN);
|
||||
if (data->peer_challenge == NULL) {
|
||||
eap_mschapv2_deinit(sm, data);
|
||||
|
|
@ -830,27 +826,17 @@ static u8 * eap_mschapv2_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||
if (!data->master_key_valid || !data->success)
|
||||
return NULL;
|
||||
|
||||
if (data->full_key) {
|
||||
/* EAP-FAST needs both send and receive keys */
|
||||
key_len = 2 * MSCHAPV2_KEY_LEN;
|
||||
} else {
|
||||
key_len = MSCHAPV2_KEY_LEN;
|
||||
}
|
||||
key_len = 2 * MSCHAPV2_KEY_LEN;
|
||||
|
||||
key = os_malloc(key_len);
|
||||
if (key == NULL)
|
||||
return NULL;
|
||||
|
||||
if (data->full_key) {
|
||||
get_asymetric_start_key(data->master_key, key,
|
||||
MSCHAPV2_KEY_LEN, 0, 0);
|
||||
get_asymetric_start_key(data->master_key,
|
||||
key + MSCHAPV2_KEY_LEN,
|
||||
MSCHAPV2_KEY_LEN, 1, 0);
|
||||
} else {
|
||||
get_asymetric_start_key(data->master_key, key,
|
||||
MSCHAPV2_KEY_LEN, 1, 0);
|
||||
}
|
||||
/* MSK = server MS-MPPE-Recv-Key | MS-MPPE-Send-Key, i.e.,
|
||||
* peer MS-MPPE-Send-Key | MS-MPPE-Recv-Key */
|
||||
get_asymetric_start_key(data->master_key, key, MSCHAPV2_KEY_LEN, 1, 0);
|
||||
get_asymetric_start_key(data->master_key, key + MSCHAPV2_KEY_LEN,
|
||||
MSCHAPV2_KEY_LEN, 0, 0);
|
||||
|
||||
wpa_hexdump_key(MSG_DEBUG, "EAP-MSCHAPV2: Derived key",
|
||||
key, key_len);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue