hi..^_^
Thanks for your reply.
CISCO AP350 will send two EAPOL-Key to Windows XP.
and the sequence of OID_802_11_ADD_WEP in Windows XP is
(1)OID_802_11_ADD_WEP(1) for Broadcase Key
(2)OID_802_11_ADD_WEP(3) for Session Key
We modify WLAN Driver in Windows XP to send event for our tool.
But I still don't know how CISCO AP350 file the "Key Signature" field ....~_~
Do it follow any Specification ?...
Do you have any suggestion to make the same "Key Signature" field as EAPOL-Key Packet
of CISCO AP350?
Very thanks for your help.....
HungLin.
-----Original message-----
From:Jacques Caron <[EMAIL PROTECTED]>
To:hunglin chou <[EMAIL PROTECTED]>
Cc:[EMAIL PROTECTED]
Date:Thu, 24 Oct 2002 10:18:28 +0200
Subject:Re: [BAWUG] About Dynamic-WEP Key in CISCO AP350 and Windows XP
Hi,
The empty Key field means "use the session key we got as a result of the
EAP method". It is the same key as the one transmitted from the RADIUS
server to the AP in the MS AVPs. The broadcast key uses either the key
(manually) set in the AP config, or dynicamically generated (random) keys
if you use WEP broadcast key rotation on the AP. Both EAPOL-Key packets are
crypted and signed with the session key derived from the EAP method.
I would be interested to know what values of the key index parameter to
OID_802_11_ADD_WEP you see from XP (there is conflicting information as to
what is supposed to be passed there regarding bits 30 and 31). If you have
the exact sequence of all WEP-related OIDs called by XP that would be cool
too :-). Also, 802.11 says you're supposed to use key index 0 when using
key mapping keys, while the cisco AP always uses key index 3...
Hope that thelps,
Jacques.
At 04:56 AM 10/24/2002, hunglin chou wrote:
>
>hi all....
>
> Do anybody know whether Windows XP and CSICO AP350 not follow
> "draft-congdon-radius-8021x-20.txt" ?
>
> When I sniffer the packet of CISCO AP350 in dynamic-Wep Key,I see my
> Windows XP received two EAPOL-Key packet.
>
> One is for BroadcastKey (WEP Index is 1)==> With Key field
> One is for SessionKey (WEP Index is 131)==>Bit 8 =1 is for Session
> Key and no Key Field
>
> And I modify Windows XP WLAN WDM Driver to monitor "OID_802_11_ADD_WEP"
> event.
>
> I see the Windows XP will change its Broadcast and Session WEP Key when
> receive those two EAPOL-Key Packet from CISCO AP350.
>
> So we know the CISCO AP350 can support Broadcast/Session Dynamic WEP
> Key .
>
> But I couldn't make the same "Key Signature" and "Key" field as CISCO
> AP350 in EAPOL-Key packet.
>
> CISCO AP350 make those two field not follow
> "draft-congdon-radius-8021x-20.txt".(I guess.....)
>
> Do you have any idea about "Key Signature" and "Key" field?
>
> How could I make the same field vaule like CISCO AP350?.
>
> Could you give me any suggestion or document to achieve it?.
>
> Very very very thanks for your help.......@_@..
>
> This bug trouble me for a long time........~_~
>
>
> HungLin.
>
>
-- Jacques Caron, IP Sector Technologies
Join the discussion on public WLAN open global roaming:
http://lists.ipsector.com/listinfo/openroaming
--
general wireless list, a bawug thing <http://www.bawug.org/>
[un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless
