EAP-TEAP peer: Process Crypto-Binding TLV before EAP Payload TLV

When using the optimized EAP method sequence within the tunnel, crypto
binding for the previous EAP method can be performed in the same message
with the start of the next EAP method. The Crypto-Binding TLV needs to
be processed before moving to the next EAP method for IMSK to be derived
correctly, so swap the order of these processing steps.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
Jouni Malinen 2022-12-01 17:00:56 +02:00 committed by Jouni Malinen
parent 5a9bd8a06a
commit f791b5bbc7

View file

@ -1305,6 +1305,33 @@ static int eap_teap_process_decrypted(struct eap_sm *sm,
goto done; goto done;
} }
if (tlv.crypto_binding) {
if (tlv.iresult != TEAP_STATUS_SUCCESS &&
tlv.result != TEAP_STATUS_SUCCESS) {
wpa_printf(MSG_DEBUG,
"EAP-TEAP: Unexpected Crypto-Binding TLV without Result TLV or Intermediate-Result TLV indicating success");
failed = 1;
error = TEAP_ERROR_UNEXPECTED_TLVS_EXCHANGED;
goto done;
}
tmp = eap_teap_process_crypto_binding(sm, data, ret,
tlv.crypto_binding,
tlv.crypto_binding_len);
if (!tmp) {
failed = 1;
error = TEAP_ERROR_TUNNEL_COMPROMISE_ERROR;
} else {
resp = wpabuf_concat(resp, tmp);
if (tlv.result == TEAP_STATUS_SUCCESS && !failed)
data->result_success_done = 1;
if (tlv.iresult == TEAP_STATUS_SUCCESS && !failed) {
data->inner_method_done = 0;
data->iresult_verified = 1;
}
}
}
if (tlv.identity_type == TEAP_IDENTITY_TYPE_MACHINE) { if (tlv.identity_type == TEAP_IDENTITY_TYPE_MACHINE) {
struct eap_peer_config *config = eap_get_config(sm); struct eap_peer_config *config = eap_get_config(sm);
@ -1360,33 +1387,6 @@ static int eap_teap_process_decrypted(struct eap_sm *sm,
} }
} }
if (tlv.crypto_binding) {
if (tlv.iresult != TEAP_STATUS_SUCCESS &&
tlv.result != TEAP_STATUS_SUCCESS) {
wpa_printf(MSG_DEBUG,
"EAP-TEAP: Unexpected Crypto-Binding TLV without Result TLV or Intermediate-Result TLV indicating success");
failed = 1;
error = TEAP_ERROR_UNEXPECTED_TLVS_EXCHANGED;
goto done;
}
tmp = eap_teap_process_crypto_binding(sm, data, ret,
tlv.crypto_binding,
tlv.crypto_binding_len);
if (!tmp) {
failed = 1;
error = TEAP_ERROR_TUNNEL_COMPROMISE_ERROR;
} else {
resp = wpabuf_concat(resp, tmp);
if (tlv.result == TEAP_STATUS_SUCCESS && !failed)
data->result_success_done = 1;
if (tlv.iresult == TEAP_STATUS_SUCCESS && !failed) {
data->inner_method_done = 0;
data->iresult_verified = 1;
}
}
}
if (data->result_success_done && data->session_ticket_used && if (data->result_success_done && data->session_ticket_used &&
eap_teap_derive_msk(data) == 0) { eap_teap_derive_msk(data) == 0) {
/* Assume the server might accept authentication without going /* Assume the server might accept authentication without going