It looks like Microsoft implementation does not match with their
specification as far as PRF+ label usage is concerned.. IPMK|CMK is derived
without null termination on the label, but the label for CSK derivation
must be null terminated.
This allows cryptobinding to be used with PEAPv0 in a way that
interoperates with Windows XP SP3 (RC2) and as such, this functionality is
now enabled as an optional addition to PEAPv0.
(this version implements the EAP-TNC method and EAP-TTLS/EAP-FAST
changes needed to run two methods in sequence (IF-T) and the IF-IMV
and IF-TNCCS interfaces from TNCS)
(this version implements the EAP-TNC method and EAP-TTLS/EAP-FAST
changes needed to run two methods in sequence (IF-T) and the IF-IMV
and IF-TNCCS interfaces from TNCS)
+ * added support for optional cryptobinding with PEAPv0
2008-02-22 - v0.6.3
* fixed Reassociation Response callback processing when using internal
2008-02-22 - v0.6.3
* fixed Reassociation Response callback processing when using internal
data->peap_version = EAP_PEAP_VERSION;
data->force_peap_version = -1;
data->peap_outer_success = 2;
data->peap_version = EAP_PEAP_VERSION;
data->force_peap_version = -1;
data->peap_outer_success = 2;
- data->crypto_binding = NO_BINDING;
+ data->crypto_binding = OPTIONAL_BINDING;
if (config && config->phase1 &&
eap_peap_parse_phase1(data, config->phase1) < 0) {
if (config && config->phase1 &&
eap_peap_parse_phase1(data, config->phase1) < 0) {
if (data->crypto_binding_used) {
u8 csk[128];
if (data->crypto_binding_used) {
u8 csk[128];
+ /*
+ * Note: It looks like Microsoft implementation requires null
+ * termination for this label while the one used for deriving
+ * IPMK|CMK did not use null termination.
+ */
peap_prfplus(data->peap_version, data->ipmk, 40,
"Session Key Generating Function",
peap_prfplus(data->peap_version, data->ipmk, 40,
"Session Key Generating Function",
- (u8 *) "", 0, csk, sizeof(csk));
+ (u8 *) "\00", 1, csk, sizeof(csk));
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: CSK", csk, sizeof(csk));
os_memcpy(key, csk, EAP_TLS_KEY_LEN);
wpa_hexdump(MSG_DEBUG, "EAP-PEAP: Derived key",
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: CSK", csk, sizeof(csk));
os_memcpy(key, csk, EAP_TLS_KEY_LEN);
wpa_hexdump(MSG_DEBUG, "EAP-PEAP: Derived key",
data->peap_version = data->force_version;
}
data->state = START;
data->peap_version = data->force_version;
}
data->state = START;
- data->crypto_binding = NO_BINDING;
+ data->crypto_binding = OPTIONAL_BINDING;
if (eap_server_tls_ssl_init(sm, &data->ssl, 0)) {
wpa_printf(MSG_INFO, "EAP-PEAP: Failed to initialize SSL.");
if (eap_server_tls_ssl_init(sm, &data->ssl, 0)) {
wpa_printf(MSG_INFO, "EAP-PEAP: Failed to initialize SSL.");
if (data->crypto_binding_used) {
u8 csk[128];
if (data->crypto_binding_used) {
u8 csk[128];
+ /*
+ * Note: It looks like Microsoft implementation requires null
+ * termination for this label while the one used for deriving
+ * IPMK|CMK did not use null termination.
+ */
peap_prfplus(data->peap_version, data->ipmk, 40,
"Session Key Generating Function",
peap_prfplus(data->peap_version, data->ipmk, 40,
"Session Key Generating Function",
- (u8 *) "", 0, csk, sizeof(csk));
+ (u8 *) "\00", 1, csk, sizeof(csk));
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: CSK", csk, sizeof(csk));
eapKeyData = os_malloc(EAP_TLS_KEY_LEN);
if (eapKeyData) {
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: CSK", csk, sizeof(csk));
eapKeyData = os_malloc(EAP_TLS_KEY_LEN);
if (eapKeyData) {
* added support for EAP Sequences in EAP-FAST Phase 2
* added support for using TNC with EAP-FAST
* added driver_ps3 for the PS3 Linux wireless driver
* added support for EAP Sequences in EAP-FAST Phase 2
* added support for using TNC with EAP-FAST
* added driver_ps3 for the PS3 Linux wireless driver
+ * added support for optional cryptobinding with PEAPv0
2008-02-22 - v0.6.3
* removed 'nai' and 'eappsk' network configuration variables that were
2008-02-22 - v0.6.3
* removed 'nai' and 'eappsk' network configuration variables that were