NSS: Implement TLS PRF using new TLS extractor interface
This allows NSS to be used to derive EAP-TLS/PEAP/TTLS keying material. NSS requires a patch from https://bugzilla.mozilla.org/show_bug.cgi?id=507359 to provide the new API. In addition, that patch needs to be modified to add the 16-bit context length value in SSL_ExportKeyingMaterial() only if contextlen != 0 in order to match with the EAP-TLS/PEAP/TTLS use cases. This issue seems to be coming from the unfortunate incompatibility in draft-ietf-tls-extractor-07.txt (draft-ietf-tls-extractor-00.txt would have used compatible PRF construction). At this point, it is unclear how this will be resolved eventually, but anyway, this shows a mechanism that can be used to implement EAP key derivation with NSS with a small patch to NSS.
This commit is contained in:
		
							parent
							
								
									1c766b094a
								
							
						
					
					
						commit
						ebf214e670
					
				
					 1 changed files with 17 additions and 12 deletions
				
			
		|  | @ -429,17 +429,8 @@ int tls_connection_set_ia(void *tls_ctx, struct tls_connection *conn, | |||
| int tls_connection_get_keys(void *tls_ctx, struct tls_connection *conn, | ||||
| 			    struct tls_keys *keys) | ||||
| { | ||||
| 	static u8 hack[48]; /* FIX */ | ||||
| 	wpa_printf(MSG_DEBUG, "NSS: TODO - %s", __func__); | ||||
| 	os_memset(keys, 0, sizeof(*keys)); | ||||
| 	keys->master_key = hack; | ||||
| 	keys->master_key_len = 48; | ||||
| 	keys->client_random = hack; | ||||
| 	keys->server_random = hack; | ||||
| 	keys->client_random_len = 32; | ||||
| 	keys->server_random_len = 32; | ||||
| 
 | ||||
| 	return 0; | ||||
| 	/* NSS does not export master secret or client/server random. */ | ||||
| 	return -1; | ||||
| } | ||||
| 
 | ||||
| 
 | ||||
|  | @ -447,9 +438,23 @@ int tls_connection_prf(void *tls_ctx, struct tls_connection *conn, | |||
| 		       const char *label, int server_random_first, | ||||
| 		       u8 *out, size_t out_len) | ||||
| { | ||||
| 	if (conn == NULL || server_random_first) { | ||||
| 		wpa_printf(MSG_INFO, "NSS: Unsupported PRF request " | ||||
| 			   "(server_random_first=%d)", | ||||
| 			   server_random_first); | ||||
| 		return -1; | ||||
| 	} | ||||
| 
 | ||||
| 	if (SSL_ExportKeyingMaterial(conn->fd, label, NULL, 0, out, out_len) != | ||||
| 	    SECSuccess) { | ||||
| 		wpa_printf(MSG_INFO, "NSS: Failed to use TLS extractor " | ||||
| 			   "(label='%s' out_len=%d", label, (int) out_len); | ||||
| 		return -1; | ||||
| 	} | ||||
| 
 | ||||
| 	return 0; | ||||
| } | ||||
| 
 | ||||
| 
 | ||||
| u8 * tls_connection_handshake(void *tls_ctx, struct tls_connection *conn, | ||||
| 			      const u8 *in_data, size_t in_len, | ||||
|  |  | |||
		Loading…
	
		Reference in a new issue
	
	 Jouni Malinen
						Jouni Malinen