EAP-TEAP peer: Process Crypto-Binding TLV before EAP Payload TLV

When using the optimized EAP method sequence within the tunnel, crypto
binding for the previous EAP method can be performed in the same message
with the start of the next EAP method. The Crypto-Binding TLV needs to
be processed before moving to the next EAP method for IMSK to be derived
correctly, so swap the order of these processing steps.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>

diff --git a/src/eap_peer/eap_teap.c b/src/eap_peer/eap_teap.c
index 85b089ad4a078d020e8fa9ff0133867f1e84762a..ced7b164292cb4809fb2c958b3f8b28039c9260c 100644 (file)
--- a/src/eap_peer/eap_teap.c
+++ b/src/eap_peer/eap_teap.c
@@ -1305,6 +1305,33 @@ static int eap_teap_process_decrypted(struct eap_sm *sm,
                goto done;
        }
 
+       if (tlv.crypto_binding) {
+               if (tlv.iresult != TEAP_STATUS_SUCCESS &&
+                   tlv.result != TEAP_STATUS_SUCCESS) {
+                       wpa_printf(MSG_DEBUG,
+                                  "EAP-TEAP: Unexpected Crypto-Binding TLV without Result TLV or Intermediate-Result TLV indicating success");
+                       failed = 1;
+                       error = TEAP_ERROR_UNEXPECTED_TLVS_EXCHANGED;
+                       goto done;
+               }
+
+               tmp = eap_teap_process_crypto_binding(sm, data, ret,
+                                                     tlv.crypto_binding,
+                                                     tlv.crypto_binding_len);
+               if (!tmp) {
+                       failed = 1;
+                       error = TEAP_ERROR_TUNNEL_COMPROMISE_ERROR;
+               } else {
+                       resp = wpabuf_concat(resp, tmp);
+                       if (tlv.result == TEAP_STATUS_SUCCESS && !failed)
+                               data->result_success_done = 1;
+                       if (tlv.iresult == TEAP_STATUS_SUCCESS && !failed) {
+                               data->inner_method_done = 0;
+                               data->iresult_verified = 1;
+                       }
+               }
+       }
+
        if (tlv.identity_type == TEAP_IDENTITY_TYPE_MACHINE) {
                struct eap_peer_config *config = eap_get_config(sm);
 
@@ -1360,33 +1387,6 @@ static int eap_teap_process_decrypted(struct eap_sm *sm,
                }
        }
 
-       if (tlv.crypto_binding) {
-               if (tlv.iresult != TEAP_STATUS_SUCCESS &&
-                   tlv.result != TEAP_STATUS_SUCCESS) {
-                       wpa_printf(MSG_DEBUG,
-                                  "EAP-TEAP: Unexpected Crypto-Binding TLV without Result TLV or Intermediate-Result TLV indicating success");
-                       failed = 1;
-                       error = TEAP_ERROR_UNEXPECTED_TLVS_EXCHANGED;
-                       goto done;
-               }
-
-               tmp = eap_teap_process_crypto_binding(sm, data, ret,
-                                                     tlv.crypto_binding,
-                                                     tlv.crypto_binding_len);
-               if (!tmp) {
-                       failed = 1;
-                       error = TEAP_ERROR_TUNNEL_COMPROMISE_ERROR;
-               } else {
-                       resp = wpabuf_concat(resp, tmp);
-                       if (tlv.result == TEAP_STATUS_SUCCESS && !failed)
-                               data->result_success_done = 1;
-                       if (tlv.iresult == TEAP_STATUS_SUCCESS && !failed) {
-                               data->inner_method_done = 0;
-                               data->iresult_verified = 1;
-                       }
-               }
-       }
-
        if (data->result_success_done && data->session_ticket_used &&
            eap_teap_derive_msk(data) == 0) {
                /* Assume the server might accept authentication without going