j at w1.fi
Fri Oct 24 15:48:09 EDT 2008
On Sat, Oct 25, 2008 at 12:38:29AM +0530, Paresh Sawant wrote:
> How this PAC-Opaque data is related to 16 octets of "pac_opaque_encr_key"
> that we specify in hostapd.conf ?
> I see hostapd when it recives the PAC opaque(in client hello from peer), it
> looks for <2bytes of PAC_TYPE_PAC_OPAQUE><2bytes of length><opaqaue data>,
> it tries aes_unwrap on opaque data using pac_opaque_encr_key.
I'm not sure what exactly you are asking, but the way I read your
question, I would say that the following paragraph is answering it..
PAC-Opaque is an encrypted data blob (using AES key wrap with
pac_opaque_encr_key as the key) that contains information the server can
use to authenticate the user.
Jouni Malinen PGP id EFC895FA
More information about the HostAP