Hao Wang wrote:
1. In which variable (and in which file) in the source code is the session key (or TEK) stored after successful authentication?
TEK? What's that? And which session key are you referring to?
I have to use it. In the src/modules/rlm_eap/libeap/eapcrypto.c file, eapsim_calculate_keys() produces 4 other keys after ek->master_key is calculated. Is one of them used as the session key? And where is the session key if PAP authentication is used?
If you're not sure... it would be best to go read the specifications. They define what the session key is.
2. What symmetric-key encryption/decryption algorithm (like AES, Twofish, or others) is used? And where is it in the source code?
It's not. FreeRADIUS uses OpenSSL, which implements all of the encryption code.
3. If I want to generate a key from a random integer, is it proper to use SHA-1?
Go read the specifications to see how the keys are supposed to be generated. Alan DeKok.