No description
ebf214e670
This allows NSS to be used to derive EAP-TLS/PEAP/TTLS keying material. NSS requires a patch from https://bugzilla.mozilla.org/show_bug.cgi?id=507359 to provide the new API. In addition, that patch needs to be modified to add the 16-bit context length value in SSL_ExportKeyingMaterial() only if contextlen != 0 in order to match with the EAP-TLS/PEAP/TTLS use cases. This issue seems to be coming from the unfortunate incompatibility in draft-ietf-tls-extractor-07.txt (draft-ietf-tls-extractor-00.txt would have used compatible PRF construction). At this point, it is unclear how this will be resolved eventually, but anyway, this shows a mechanism that can be used to implement EAP key derivation with NSS with a small patch to NSS. |
||
|---|---|---|
| eap_example | ||
| hostapd | ||
| mac80211_hwsim | ||
| patches | ||
| radius_example | ||
| src | ||
| testing | ||
| wpa_supplicant | ||
| www | ||
| .gitignore | ||
| build_nsis.sh | ||
| build_release | ||
| COPYING | ||
| FAQ | ||
| README | ||
wpa_supplicant and hostapd v0.6.x --------------------------------- Copyright (c) 2002-2007, Jouni Malinen <j@w1.fi> and contributors All Rights Reserved. These program is dual-licensed under both the GPL version 2 and BSD license. Either license may be used at your option. This package may include either wpa_supplicant, hostapd, or both. See README file respective subdirectories (wpa_supplicant/README or hostapd/README) for more details. Source code files have been moved around in v0.6.x releases and compared to earlier releases, the programs are now build by first going to a subdirectory (wpa_supplicant or hostapd) and creating build configuration (.config) and running 'make' there (for Linux/BSD/cygwin builds).