|
|
@@ -415,7 +415,7 @@ static void eap_server_erp_init(struct eap_sm *sm)
|
|
|
u8 *emsk = NULL;
|
|
|
size_t emsk_len = 0;
|
|
|
u8 EMSKname[EAP_EMSK_NAME_LEN];
|
|
|
- u8 len[2];
|
|
|
+ u8 len[2], ctx[3];
|
|
|
const char *domain;
|
|
|
size_t domain_len, nai_buf_len;
|
|
|
struct eap_server_erp_key *erp = NULL;
|
|
|
@@ -476,9 +476,11 @@ static void eap_server_erp_init(struct eap_sm *sm)
|
|
|
erp->rRK_len = emsk_len;
|
|
|
wpa_hexdump_key(MSG_DEBUG, "EAP: ERP rRK", erp->rRK, erp->rRK_len);
|
|
|
|
|
|
+ ctx[0] = EAP_ERP_CS_HMAC_SHA256_128;
|
|
|
+ WPA_PUT_BE16(&ctx[1], erp->rRK_len);
|
|
|
if (hmac_sha256_kdf(erp->rRK, erp->rRK_len,
|
|
|
- "EAP Re-authentication Integrity Key@ietf.org",
|
|
|
- len, sizeof(len), erp->rIK, erp->rRK_len) < 0) {
|
|
|
+ "Re-authentication Integrity Key@ietf.org",
|
|
|
+ ctx, sizeof(ctx), erp->rIK, erp->rRK_len) < 0) {
|
|
|
wpa_printf(MSG_DEBUG, "EAP: Could not derive rIK for ERP");
|
|
|
goto fail;
|
|
|
}
|
Jouni Malinen