Add Type-Code context to EAP-TLS 1.3 exported Key_Material and Method-Id

Change to require the Type-Code in context for Key_Material and
Method-Id has now been published as draft-ietf-emu-eap-tls13-04.
https://tools.ietf.org/html/draft-ietf-emu-eap-tls13-04#section-2.3

Signed-off-by: Ervin Oro <ervin.oro@aalto.fi>
This commit is contained in:
Ervin Oro 2019-04-15 20:05:49 +03:00 committed by Jouni Malinen
parent 90270e15cb
commit 7ad9e36d4a
4 changed files with 30 additions and 11 deletions

View file

@ -174,6 +174,9 @@ static void eap_tls_success(struct eap_sm *sm, struct eap_tls_data *data,
struct eap_method_ret *ret)
{
const char *label;
const u8 eap_tls13_context[] = { EAP_TYPE_TLS };
const u8 *context = NULL;
size_t context_len = 0;
wpa_printf(MSG_DEBUG, "EAP-TLS: Done");
@ -184,6 +187,8 @@ static void eap_tls_success(struct eap_sm *sm, struct eap_tls_data *data,
if (data->ssl.tls_v13) {
label = "EXPORTER_EAP_TLS_Key_Material";
context = eap_tls13_context;
context_len = 1;
/* A possible NewSessionTicket may be received before
* EAP-Success, so need to allow it to be received. */
@ -198,7 +203,7 @@ static void eap_tls_success(struct eap_sm *sm, struct eap_tls_data *data,
eap_tls_free_key(data);
data->key_data = eap_peer_tls_derive_key(sm, &data->ssl, label,
NULL, 0,
context, context_len,
EAP_TLS_KEY_LEN +
EAP_EMSK_LEN);
if (data->key_data) {