Fix TLS EAP-MSK derivation, uses different order of randoms than key expansion

author: Martin Willi <martin@revosec.ch> 2012-02-07 10:50:02 +0100
committer: Martin Willi <martin@revosec.ch> 2012-02-07 10:54:53 +0100
commit: 06c150365d6fdbb7fd7522e48b95bbf2ac9e94e5 (patch)
tree: d44fc1d925c711fa8d3e3db91830e8555544d125 /src/libtls/tls_crypto.c
parent: 1dabf5bfc7ad87ec83c115852ebac221d524deee (diff)
download: strongswan-06c150365d6fdbb7fd7522e48b95bbf2ac9e94e5.tar.bz2
strongswan-06c150365d6fdbb7fd7522e48b95bbf2ac9e94e5.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c
index 2eb0a9b76..d8930acbd 100644
--- a/src/libtls/tls_crypto.c
+++ b/src/libtls/tls_crypto.c
@@ -1572,6 +1572,7 @@ static void expand_keys(private_tls_crypto_t *this,
 	/* EAP-MSK */
 	if (this->msk_label)
 	{
+		seed = chunk_cata("cc", client_random, server_random);
 		this->msk = chunk_alloc(64);
 		this->prf->get_bytes(this->prf, this->msk_label, seed,
 							 this->msk.len, this->msk.ptr);
author	Martin Willi <martin@revosec.ch>	2012-02-07 10:50:02 +0100
committer	Martin Willi <martin@revosec.ch>	2012-02-07 10:54:53 +0100
commit	06c150365d6fdbb7fd7522e48b95bbf2ac9e94e5 (patch)
tree	d44fc1d925c711fa8d3e3db91830e8555544d125 /src/libtls/tls_crypto.c
parent	1dabf5bfc7ad87ec83c115852ebac221d524deee (diff)
download	strongswan-06c150365d6fdbb7fd7522e48b95bbf2ac9e94e5.tar.bz2 strongswan-06c150365d6fdbb7fd7522e48b95bbf2ac9e94e5.tar.xz