| HELP !!! EAP-TLS MPPE Key generation | <– Date –> <– Thread –> |
From: Vijay Govindarajulu (vgovindarajulu GoRemote.com)
|
|
| Date: Mon, 16 Aug 2004 07:23:27 -0400 (EDT) | |
Hi,
I've gone through the free radius code to see how the MPPE keys are
generated and sent.
I have seen the code in
-rlm_eap_tls/mppe_keys.c
- lib/radius.c
and also debugged the freeradius and know exactly how does this happen.
I'm following the same in my implementation, viz.
1) generate 64 bytes using
PRF(master key,"client EAP encryption",client Rand , server Rand);
2) first 32 bytes is the unencrypted value for "MPPE-Recv-Key"
3) last 32 bytes is the unencrypted value for "MPPE-Send-Key"
4) I do the encryption on these values as described in RFC 2548 section2.4.2
and 2.4.3
However I'm unable to connect to the net after sending the EAP-SUCCESS.
I know that my master key ,client random and server random are right because
these were used during client handshake finished message verification and
also
for making the server handshake finished message.
Therefore the output of (1) should be ok .
Could you give me pointers on possible points of failure?
Looking forward for your response
Thanks and Regards
Vijay Kumar Govindarajulu
- (no other messages in thread)
Results generated by Tiger Technologies using MHonArc.