EAP-FAST: Define and use EAP_FAST_CMK_LEN

This commit is contained in:
Jouni Malinen 2008-02-27 17:58:46 -08:00
parent ed5a02fd94
commit 2bab8ae401
3 changed files with 19 additions and 12 deletions

View file

@ -1,6 +1,6 @@
/* /*
* EAP-FAST definitions (RFC 4851) * EAP-FAST definitions (RFC 4851)
* Copyright (c) 2004-2007, Jouni Malinen <j@w1.fi> * Copyright (c) 2004-2008, Jouni Malinen <j@w1.fi>
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as * it under the terms of the GNU General Public License version 2 as
@ -19,6 +19,7 @@
#define EAP_FAST_KEY_LEN 64 #define EAP_FAST_KEY_LEN 64
#define EAP_FAST_SIMCK_LEN 40 #define EAP_FAST_SIMCK_LEN 40
#define EAP_FAST_SKS_LEN 40 #define EAP_FAST_SKS_LEN 40
#define EAP_FAST_CMK_LEN 20
#define TLS_EXT_PAC_OPAQUE 35 #define TLS_EXT_PAC_OPAQUE 35

View file

@ -596,7 +596,8 @@ static void eap_fast_write_crypto_binding(
rbind->subtype = EAP_TLV_CRYPTO_BINDING_SUBTYPE_RESPONSE; rbind->subtype = EAP_TLV_CRYPTO_BINDING_SUBTYPE_RESPONSE;
os_memcpy(rbind->nonce, _bind->nonce, sizeof(_bind->nonce)); os_memcpy(rbind->nonce, _bind->nonce, sizeof(_bind->nonce));
inc_byte_array(rbind->nonce, sizeof(rbind->nonce)); inc_byte_array(rbind->nonce, sizeof(rbind->nonce));
hmac_sha1(cmk, 20, (u8 *) rbind, sizeof(*rbind), rbind->compound_mac); hmac_sha1(cmk, EAP_FAST_CMK_LEN, (u8 *) rbind, sizeof(*rbind),
rbind->compound_mac);
wpa_printf(MSG_DEBUG, "EAP-FAST: Reply Crypto-Binding TLV: Version %d " wpa_printf(MSG_DEBUG, "EAP-FAST: Reply Crypto-Binding TLV: Version %d "
"Received Version %d SubType %d", "Received Version %d SubType %d",
@ -670,8 +671,9 @@ static int eap_fast_get_cmk(struct eap_sm *sm, struct eap_fast_data *data,
os_memcpy(data->simck, imck, EAP_FAST_SIMCK_LEN); os_memcpy(data->simck, imck, EAP_FAST_SIMCK_LEN);
wpa_hexdump_key(MSG_MSGDUMP, "EAP-FAST: S-IMCK[j]", wpa_hexdump_key(MSG_MSGDUMP, "EAP-FAST: S-IMCK[j]",
data->simck, EAP_FAST_SIMCK_LEN); data->simck, EAP_FAST_SIMCK_LEN);
os_memcpy(cmk, imck + EAP_FAST_SIMCK_LEN, 20); os_memcpy(cmk, imck + EAP_FAST_SIMCK_LEN, EAP_FAST_CMK_LEN);
wpa_hexdump_key(MSG_MSGDUMP, "EAP-FAST: CMK[j]", cmk, 20); wpa_hexdump_key(MSG_MSGDUMP, "EAP-FAST: CMK[j]",
cmk, EAP_FAST_CMK_LEN);
return 0; return 0;
} }
@ -709,7 +711,7 @@ static struct wpabuf * eap_fast_process_crypto_binding(
struct wpabuf *resp; struct wpabuf *resp;
u8 *pos; u8 *pos;
struct eap_tlv_intermediate_result_tlv *rresult; struct eap_tlv_intermediate_result_tlv *rresult;
u8 cmk[20], cmac[20]; u8 cmk[EAP_FAST_CMK_LEN], cmac[SHA1_MAC_LEN];
int res, req_tunnel_pac = 0; int res, req_tunnel_pac = 0;
size_t len; size_t len;
@ -724,7 +726,8 @@ static struct wpabuf * eap_fast_process_crypto_binding(
os_memset(_bind->compound_mac, 0, sizeof(cmac)); os_memset(_bind->compound_mac, 0, sizeof(cmac));
wpa_hexdump(MSG_MSGDUMP, "EAP-FAST: Crypto-Binding TLV for Compound " wpa_hexdump(MSG_MSGDUMP, "EAP-FAST: Crypto-Binding TLV for Compound "
"MAC calculation", (u8 *) _bind, bind_len); "MAC calculation", (u8 *) _bind, bind_len);
hmac_sha1(cmk, 20, (u8 *) _bind, bind_len, _bind->compound_mac); hmac_sha1(cmk, EAP_FAST_CMK_LEN, (u8 *) _bind, bind_len,
_bind->compound_mac);
res = os_memcmp(cmac, _bind->compound_mac, sizeof(cmac)); res = os_memcmp(cmac, _bind->compound_mac, sizeof(cmac));
wpa_hexdump(MSG_MSGDUMP, "EAP-FAST: Received Compound MAC", wpa_hexdump(MSG_MSGDUMP, "EAP-FAST: Received Compound MAC",
cmac, sizeof(cmac)); cmac, sizeof(cmac));

View file

@ -63,7 +63,7 @@ struct eap_fast_data {
struct eap_fast_key_block_provisioning *key_block_p; struct eap_fast_key_block_provisioning *key_block_p;
u8 simck[EAP_FAST_SIMCK_LEN]; u8 simck[EAP_FAST_SIMCK_LEN];
u8 cmk[20]; u8 cmk[EAP_FAST_CMK_LEN];
int simck_idx; int simck_idx;
u8 pac_opaque_encr[16]; u8 pac_opaque_encr[16];
@ -382,8 +382,9 @@ static int eap_fast_update_icmk(struct eap_sm *sm, struct eap_fast_data *data)
os_memcpy(data->simck, imck, EAP_FAST_SIMCK_LEN); os_memcpy(data->simck, imck, EAP_FAST_SIMCK_LEN);
wpa_hexdump_key(MSG_MSGDUMP, "EAP-FAST: S-IMCK[j]", wpa_hexdump_key(MSG_MSGDUMP, "EAP-FAST: S-IMCK[j]",
data->simck, EAP_FAST_SIMCK_LEN); data->simck, EAP_FAST_SIMCK_LEN);
os_memcpy(data->cmk, imck + EAP_FAST_SIMCK_LEN, 20); os_memcpy(data->cmk, imck + EAP_FAST_SIMCK_LEN, EAP_FAST_CMK_LEN);
wpa_hexdump_key(MSG_MSGDUMP, "EAP-FAST: CMK[j]", data->cmk, 20); wpa_hexdump_key(MSG_MSGDUMP, "EAP-FAST: CMK[j]",
data->cmk, EAP_FAST_CMK_LEN);
return 0; return 0;
} }
@ -663,7 +664,8 @@ static struct wpabuf * eap_fast_build_crypto_binding(
* Compound-MAC = HMAC-SHA1( CMK, Crypto-Binding TLV ) * Compound-MAC = HMAC-SHA1( CMK, Crypto-Binding TLV )
*/ */
hmac_sha1(data->cmk, 20, (u8 *) binding, sizeof(*binding), hmac_sha1(data->cmk, EAP_FAST_CMK_LEN,
(u8 *) binding, sizeof(*binding),
binding->compound_mac); binding->compound_mac);
wpa_printf(MSG_DEBUG, "EAP-FAST: Add Crypto-Binding TLV: Version %d " wpa_printf(MSG_DEBUG, "EAP-FAST: Add Crypto-Binding TLV: Version %d "
@ -1082,7 +1084,7 @@ static int eap_fast_validate_crypto_binding(
struct eap_fast_data *data, struct eap_tlv_crypto_binding_tlv *b, struct eap_fast_data *data, struct eap_tlv_crypto_binding_tlv *b,
size_t bind_len) size_t bind_len)
{ {
u8 cmac[20]; u8 cmac[SHA1_MAC_LEN];
wpa_printf(MSG_DEBUG, "EAP-FAST: Reply Crypto-Binding TLV: " wpa_printf(MSG_DEBUG, "EAP-FAST: Reply Crypto-Binding TLV: "
"Version %d Received Version %d SubType %d", "Version %d Received Version %d SubType %d",
@ -1119,7 +1121,8 @@ static int eap_fast_validate_crypto_binding(
wpa_hexdump(MSG_MSGDUMP, "EAP-FAST: Crypto-Binding TLV for " wpa_hexdump(MSG_MSGDUMP, "EAP-FAST: Crypto-Binding TLV for "
"Compound MAC calculation", "Compound MAC calculation",
(u8 *) b, bind_len); (u8 *) b, bind_len);
hmac_sha1(data->cmk, 20, (u8 *) b, bind_len, b->compound_mac); hmac_sha1(data->cmk, EAP_FAST_CMK_LEN, (u8 *) b, bind_len,
b->compound_mac);
if (os_memcmp(cmac, b->compound_mac, sizeof(cmac)) != 0) { if (os_memcmp(cmac, b->compound_mac, sizeof(cmac)) != 0) {
wpa_hexdump(MSG_MSGDUMP, wpa_hexdump(MSG_MSGDUMP,
"EAP-FAST: Calculated Compound MAC", "EAP-FAST: Calculated Compound MAC",