From d8cc9636b5e68ab7abe46e826affd5b309d4b912 Mon Sep 17 00:00:00 2001 From: Simon Rozman Date: Wed, 22 Jan 2020 11:14:21 +0100 Subject: [PATCH] MSCHAPv2: Set keying material the proper way Signed-off-by: Simon Rozman --- lib/MSCHAPv2/include/Method.h | 10 +++++++++- lib/MSCHAPv2/src/Method.cpp | 10 ++++++++++ lib/TTLS/src/Method.cpp | 11 +++++------ 3 files changed, 24 insertions(+), 7 deletions(-) diff --git a/lib/MSCHAPv2/include/Method.h b/lib/MSCHAPv2/include/Method.h index 96fb8f6..7f477ed 100644 --- a/lib/MSCHAPv2/include/Method.h +++ b/lib/MSCHAPv2/include/Method.h @@ -185,7 +185,15 @@ namespace eap /// @} - friend class method_ttls; // Setting of initial challenge derived from TLS PRF + /// + /// Called by EAP-TTLS to provide keying material. + /// + /// \param[in] challenge_server MSCHAP server challenge + /// \param[in] ident Ident + /// + void set_challenge_data( + _In_bytecount_c_(sizeof(challenge_mschapv2)) const unsigned char *challenge_server, + _In_ unsigned char ident); protected: /// diff --git a/lib/MSCHAPv2/src/Method.cpp b/lib/MSCHAPv2/src/Method.cpp index 0ef9e32..75f0ebd 100644 --- a/lib/MSCHAPv2/src/Method.cpp +++ b/lib/MSCHAPv2/src/Method.cpp @@ -356,6 +356,16 @@ EapPeerMethodResponseAction eap::method_mschapv2_diameter::process_request_packe } +void eap::method_mschapv2_diameter::set_challenge_data( + _In_bytecount_c_(sizeof(challenge_mschapv2)) const unsigned char *challenge_server, + _In_ unsigned char ident) +{ + assert(challenge_server); + m_challenge_server.assign(challenge_server, challenge_server + sizeof(challenge_mschapv2)); + m_ident = ident; +} + + void eap::method_mschapv2_diameter::process_packet(_In_bytecount_(size_pck) const void *_pck, _In_ size_t size_pck) { for (const unsigned char *pck = reinterpret_cast(_pck), *pck_end = pck + size_pck; pck < pck_end; ) { diff --git a/lib/TTLS/src/Method.cpp b/lib/TTLS/src/Method.cpp index 9eb126c..8332f6a 100644 --- a/lib/TTLS/src/Method.cpp +++ b/lib/TTLS/src/Method.cpp @@ -551,18 +551,17 @@ EapPeerMethodResponseAction eap::method_ttls::process_request_packet( method_mschapv2_diameter *inner_mschapv2 = dynamic_cast(m_inner.get()); if (inner_mschapv2) { - // Push keying material to inner MSCHAPv2 method. - static const DWORD s_key_id = 0x02; // EAP-TTLSv0 Challenge Data - static const SecPkgContext_EapPrfInfo s_prf_info = { 0, sizeof(s_key_id), (PBYTE)&s_key_id }; - if (FAILED(status = SetContextAttributes(m_sc_ctx, SECPKG_ATTR_EAP_PRF_INFO, (void*)&s_prf_info, sizeof(s_prf_info)))) + // Push EAP-TTLS keying material to inner MSCHAPv2 method. + static const DWORD key_id = 0x02; // EAP-TTLSv0 Challenge Data + static const SecPkgContext_EapPrfInfo prf_info = { 0, sizeof(key_id), (PBYTE)&key_id }; + if (FAILED(status = SetContextAttributes(m_sc_ctx, SECPKG_ATTR_EAP_PRF_INFO, (void*)&prf_info, sizeof(prf_info)))) throw sec_runtime_error(status, __FUNCTION__ " Error setting TTLS PRF in Schannel."); SecPkgContext_EapKeyBlock key_block; if (FAILED(status = QueryContextAttributes(m_sc_ctx, SECPKG_ATTR_EAP_KEY_BLOCK, &key_block))) throw sec_runtime_error(status, __FUNCTION__ " Error generating PRF in Schannel."); - inner_mschapv2->m_challenge_server.assign(key_block.rgbKeys, key_block.rgbKeys + sizeof(challenge_mschapv2)); - inner_mschapv2->m_ident = key_block.rgbKeys[sizeof(challenge_mschapv2) + 0]; + inner_mschapv2->set_challenge_data(key_block.rgbKeys, key_block.rgbKeys[sizeof(challenge_mschapv2)]); SecureZeroMemory(&key_block, sizeof(key_block)); }