EAP-TEAP Compound MAC calculation
Suriya Shankar
suriya.dshankar at gmail.com
Wed Aug 16 20:01:18 UTC 2023
Hi,
I am trying to calculate the Compound MAC for EAP-TEAP. But the description
in the rfc 7170 is bit confusing
Section 4.2.13 mentions both the MSK and EMSK Compound MAC is either Server
MAC or Client MAC (not sure what exactly are those).
Section 5.3 gives the calculation where we have to zero out both MSK and
EMSK Compound MAC and apply the MAC function to calculate the Compound MAC.
- What's the resultant Compound MAC we get from trying section 5.3 (MSK
or EMSK Compound MAC)
- What algorithm should we use? The document adds to consider TLS 1.2
rfc 5246 where the recommended algorithm is HMAC 256 that results in 32
octet digest instead of the expected 20 octet one.
Could any please help me in understanding the Compound MAC calculation or
guide me in the right direction
Thanks,
Suriya
More information about the Freeradius-Devel
mailing list