diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2012-03-14 07:31:19 +0100 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2012-03-14 07:31:19 +0100 |
| commit | dae4ada4cd6c7e438422cd443e5ce9dc81d6f94d (patch) | |
| tree | 25ac1441c096fbc92121cf21ce6e3f8eb80935de /src | |
| parent | 3cff2b598b895caa2e35c85f2917b23ae2aeee71 (diff) | |
| download | strongswan-dae4ada4cd6c7e438422cd443e5ce9dc81d6f94d.tar.bz2 strongswan-dae4ada4cd6c7e438422cd443e5ce9dc81d6f94d.tar.xz | |
make the mppe salt unique
Diffstat (limited to 'src')
| -rw-r--r-- | src/libcharon/plugins/tnc_pdp/tnc_pdp.c | 26 |
1 files changed, 18 insertions, 8 deletions
diff --git a/src/libcharon/plugins/tnc_pdp/tnc_pdp.c b/src/libcharon/plugins/tnc_pdp/tnc_pdp.c index 3aa2c8805..f32d54118 100644 --- a/src/libcharon/plugins/tnc_pdp/tnc_pdp.c +++ b/src/libcharon/plugins/tnc_pdp/tnc_pdp.c @@ -187,7 +187,8 @@ static void send_message(private_tnc_pdp_t *this, radius_message_t *message, * Encrypt a MS-MPPE-Send/Recv-Key */ static chunk_t encrypt_mppe_key(private_tnc_pdp_t *this, u_int8_t type, - chunk_t key, radius_message_t *request) + chunk_t key, u_int16_t *salt, + radius_message_t *request) { chunk_t a, r, seed, data; u_char b[HASH_SIZE_MD5], *c; @@ -213,17 +214,25 @@ static chunk_t encrypt_mppe_key(private_tnc_pdp_t *this, u_int8_t type, memcpy(&mppe_key->key[1], key.ptr, key.len); - /* generate a 16 bit random salt value */ + /** + * generate a 16 bit unique random salt value for the MPPE stream cipher + * the MSB of the salt MUST be set to 1 + */ a = chunk_create((u_char*)&(mppe_key->salt), sizeof(mppe_key->salt)); - this->rng->get_bytes(this->rng, a.len, a.ptr); + do + { + this->rng->get_bytes(this->rng, a.len, a.ptr); + *a.ptr |= 0x80; + } + while (mppe_key->salt == *salt); - /* the MSB of the salt MUST be set to 1 */ - *a.ptr |= 0x80; + /* update the salt value */ + *salt = mppe_key->salt; r = chunk_create(request->get_authenticator(request), HASH_SIZE_MD5); seed = chunk_cata("cc", r, a); - c = mppe_key->key; + c = mppe_key->key; while (c < data.ptr + data.len) { /* b(i) = MD5(S + c(i-1)) */ @@ -251,6 +260,7 @@ static void send_response(private_tnc_pdp_t *this, radius_message_t *request, radius_message_t *response; chunk_t data, recv, send; u_int32_t tunnel_type; + u_int16_t salt = 0; response = radius_message_create(code); if (eap) @@ -278,12 +288,12 @@ static void send_response(private_tnc_pdp_t *this, radius_message_t *request, if (msk.len) { recv = chunk_create(msk.ptr, msk.len / 2); - data = encrypt_mppe_key(this, MS_MPPE_RECV_KEY, recv, request); + data = encrypt_mppe_key(this, MS_MPPE_RECV_KEY, recv, &salt, request); response->add(response, RAT_VENDOR_SPECIFIC, data); chunk_free(&data); send = chunk_create(msk.ptr + recv.len, msk.len - recv.len); - data = encrypt_mppe_key(this, MS_MPPE_SEND_KEY, send, request); + data = encrypt_mppe_key(this, MS_MPPE_SEND_KEY, send, &salt, request); response->add(response, RAT_VENDOR_SPECIFIC, data); chunk_free(&data); } |