Re: wpa_supplicant 2.4 / 2.5 Openssl TLS-PRF Problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Apr 01, 2016 at 11:17:34AM +0200, Thomas Rosenstein wrote:
> I have got a problem with the TLS-PRF function for key derivation in
> wpa_supplicant.
> 
> With version 2.5 the TLS-PRF-SHA256 for TLS1.2 was added to the
> source code, but by default it's using the OpenSSL Implementation.
> 
> I have implemented a Radius Server thats using the same function,
> when commenting out the OpenSSL call wpa_supplicant derives the same
> key as my application, therefore the connection works.
> If the OpenSSL implementation is used the keys differ.

Which OpenSSL version are you using here?

> As you can see the wpa_supplicant implementation returns the same
> MSK as my implementation. Either BOTH of them are defective or
> OpenSSL is doing something shady.
> 
> Does someone have insight into the OpenSSL implementation and why
> it's returning "a wrong" key?

There is a known bug in the OpenSSL implementation of the key extraction
API that got fixed without much notice in the changelogs.. I'd assume
you are hitting this and if you were to update OpenSSL, you'd see this
issue disappear.

-- 
Jouni Malinen                                            PGP id EFC895FA

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux