I think this one is also done. PR is here https://github.com/emu-wg/teap-errata/pull/4. Please comment on this thread or PR if you think it still needs work:
Errata 5128: https://www.rfc-editor.org/errata/eid5128 Proposed State: Verified Revision: Section 5.2. says S-IMCK[0] = session_key_seed For j = 1 to n-1 do IMCK[j] = TLS-PRF(S-IMCK[j-1], "Inner Methods Compound Keys", IMSK[j], 60) S-IMCK[j] = first 40 octets of IMCK[j] CMK[j] = last 20 octets of IMCK[j] where TLS-PRF is the PRF negotiated as part of TLS handshake [RFC5246]. It Should Say: S-IMCK[0] = session_key_seed For j = 1 to n-1 do IMCK[j] = the first 60 octets of TLS-PRF(S-IMCK[j-1], "Inner Methods Compound Keys", IMSK[j]) S-IMCK[j] = first 40 octets of IMCK[j] CMK[j] = last 20 octets of IMCK[j] where "|" denotes concatenation and the TLS-PRF is defined in [RFC5246] as PRF(secret, label, seed) = P_<hash>(secret, label | seed). the secret is S-IMCK[j-1], the label is "Inner Methods Compound Keys" consisting of the ASCII value for the label "Inner Methods Compound Keys" (without quotes), the seed consists IMSK[j]. Section 5.4 Says: MSK = TLS-PRF(S-IMCK[j], "Session Key Generating Function", 64) EMSK = TLS-PRF(S-IMCK[j], "Extended Session Key Generating Function", 64) where j is the number of the last successfully executed inner EAP method. It should say: MSK = the first 64 octets of TLS-PRF(S-IMCK[j], "Session Key Generating Function") EMSK = the first 64 octets of TLS-PRF(S-IMCK[j], "Extended Session Key Generating Function") where "|" denotes concatenation and the TLS-PRF is defined in [RFC5246] as PRF(secret, label, seed) = P_<hash>(secret, label | seed). The secret is S-IMCK[j] where j is the number of the last generated S-IMCK from section 5.2. The label is is the ASCII value for the string without quotes. The seed is empty (0 length) and omitted from the derivation. Notes: According to RFC5246 The Transport Layer Security (TLS) Protocol Version 1.2 5. HMAC and the Pseudorandom Function "TLS's PRF is created by applying P_hash to the secret as: PRF(secret, label, seed) = P_<hash>(secret, label + seed)"
_______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu