/*
* EAP-FAST definitions (RFC 4851)
- * Copyright (c) 2004-2007, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2004-2008, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
#define EAP_FAST_KEY_LEN 64
#define EAP_FAST_SIMCK_LEN 40
#define EAP_FAST_SKS_LEN 40
+#define EAP_FAST_CMK_LEN 20
#define TLS_EXT_PAC_OPAQUE 35
rbind->subtype = EAP_TLV_CRYPTO_BINDING_SUBTYPE_RESPONSE;
os_memcpy(rbind->nonce, _bind->nonce, sizeof(_bind->nonce));
inc_byte_array(rbind->nonce, sizeof(rbind->nonce));
- hmac_sha1(cmk, 20, (u8 *) rbind, sizeof(*rbind), rbind->compound_mac);
+ hmac_sha1(cmk, EAP_FAST_CMK_LEN, (u8 *) rbind, sizeof(*rbind),
+ rbind->compound_mac);
wpa_printf(MSG_DEBUG, "EAP-FAST: Reply Crypto-Binding TLV: Version %d "
"Received Version %d SubType %d",
os_memcpy(data->simck, imck, EAP_FAST_SIMCK_LEN);
wpa_hexdump_key(MSG_MSGDUMP, "EAP-FAST: S-IMCK[j]",
data->simck, EAP_FAST_SIMCK_LEN);
- os_memcpy(cmk, imck + EAP_FAST_SIMCK_LEN, 20);
- wpa_hexdump_key(MSG_MSGDUMP, "EAP-FAST: CMK[j]", cmk, 20);
+ os_memcpy(cmk, imck + EAP_FAST_SIMCK_LEN, EAP_FAST_CMK_LEN);
+ wpa_hexdump_key(MSG_MSGDUMP, "EAP-FAST: CMK[j]",
+ cmk, EAP_FAST_CMK_LEN);
return 0;
}
struct wpabuf *resp;
u8 *pos;
struct eap_tlv_intermediate_result_tlv *rresult;
- u8 cmk[20], cmac[20];
+ u8 cmk[EAP_FAST_CMK_LEN], cmac[SHA1_MAC_LEN];
int res, req_tunnel_pac = 0;
size_t len;
os_memset(_bind->compound_mac, 0, sizeof(cmac));
wpa_hexdump(MSG_MSGDUMP, "EAP-FAST: Crypto-Binding TLV for Compound "
"MAC calculation", (u8 *) _bind, bind_len);
- hmac_sha1(cmk, 20, (u8 *) _bind, bind_len, _bind->compound_mac);
+ hmac_sha1(cmk, EAP_FAST_CMK_LEN, (u8 *) _bind, bind_len,
+ _bind->compound_mac);
res = os_memcmp(cmac, _bind->compound_mac, sizeof(cmac));
wpa_hexdump(MSG_MSGDUMP, "EAP-FAST: Received Compound MAC",
cmac, sizeof(cmac));
struct eap_fast_key_block_provisioning *key_block_p;
u8 simck[EAP_FAST_SIMCK_LEN];
- u8 cmk[20];
+ u8 cmk[EAP_FAST_CMK_LEN];
int simck_idx;
u8 pac_opaque_encr[16];
os_memcpy(data->simck, imck, EAP_FAST_SIMCK_LEN);
wpa_hexdump_key(MSG_MSGDUMP, "EAP-FAST: S-IMCK[j]",
data->simck, EAP_FAST_SIMCK_LEN);
- os_memcpy(data->cmk, imck + EAP_FAST_SIMCK_LEN, 20);
- wpa_hexdump_key(MSG_MSGDUMP, "EAP-FAST: CMK[j]", data->cmk, 20);
+ os_memcpy(data->cmk, imck + EAP_FAST_SIMCK_LEN, EAP_FAST_CMK_LEN);
+ wpa_hexdump_key(MSG_MSGDUMP, "EAP-FAST: CMK[j]",
+ data->cmk, EAP_FAST_CMK_LEN);
return 0;
}
* Compound-MAC = HMAC-SHA1( CMK, Crypto-Binding TLV )
*/
- hmac_sha1(data->cmk, 20, (u8 *) binding, sizeof(*binding),
+ hmac_sha1(data->cmk, EAP_FAST_CMK_LEN,
+ (u8 *) binding, sizeof(*binding),
binding->compound_mac);
wpa_printf(MSG_DEBUG, "EAP-FAST: Add Crypto-Binding TLV: Version %d "
struct eap_fast_data *data, struct eap_tlv_crypto_binding_tlv *b,
size_t bind_len)
{
- u8 cmac[20];
+ u8 cmac[SHA1_MAC_LEN];
wpa_printf(MSG_DEBUG, "EAP-FAST: Reply Crypto-Binding TLV: "
"Version %d Received Version %d SubType %d",
wpa_hexdump(MSG_MSGDUMP, "EAP-FAST: Crypto-Binding TLV for "
"Compound MAC calculation",
(u8 *) b, bind_len);
- hmac_sha1(data->cmk, 20, (u8 *) b, bind_len, b->compound_mac);
+ hmac_sha1(data->cmk, EAP_FAST_CMK_LEN, (u8 *) b, bind_len,
+ b->compound_mac);
if (os_memcmp(cmac, b->compound_mac, sizeof(cmac)) != 0) {
wpa_hexdump(MSG_MSGDUMP,
"EAP-FAST: Calculated Compound MAC",
projects / thirdparty / hostap.git / commitdiff
