2.2.8.1.1 Cryptobinding TLV
The cryptobinding TLV is a TLV, as specified in section 2.2.4. It is used to ensure that the EAP peer and the EAP server participated in both the inner and the outer EAP authentications of a PEAP authentication.
The cryptobinding TLV is carried in the Type-data field of the EAP TLV Extensions Method (section 2.2.8.1).
The fields of the cryptobinding TLV MUST be set as follows.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
M |
R |
TLV_Type |
Length |
||||||||||||||||||||||||||||
|
Value (56 bytes) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
M (1 bit): The M bit MUST be set to 0.
R (1 bit): The R bit is reserved and MUST be set to zero when sent and MUST be ignored on receipt.
TLV_Type (14 bits): A 14-bit unsigned integer in network byte order that indicates the type of data in the Value field. The TLV_Type MUST be set to 12 (0x0C) for the cryptobinding TLV.
Length (2 bytes): A 16-bit unsigned integer in network byte order that indicates the length, in bytes, of the Value field. The value of this field MUST be 56 (0x38).
Value (56 bytes): The Value field of the cryptobinding TLV MUST be formatted as follows.
-
0
1
2
3
4
5
6
7
8
91
0
1
2
3
4
5
6
7
8
92
0
1
2
3
4
5
6
7
8
93
0
1Reserved
Version
RecvVersion
SubType
Nonce (32 bytes)
...
...
Compound_MAC (20 bytes)
...
...
-
Reserved (1 byte): An 8-bit unsigned integer that is reserved and MUST be set to zero when sent and MUST be ignored on receipt.
-
Version (1 byte): An 8-bit unsigned integer that indicates the version of the cryptobinding TLV and MUST be set to 0.
-
RecvVersion (1 byte): An 8-bit unsigned integer field that MUST be set to 0.
-
SubType (1 byte): An 8-bit unsigned integer that indicates whether the cryptobinding TLV is a request or a response. Its value MUST be one of the following.
-
Value
Meaning
0
This cryptobinding TLV represents a request.
1
This cryptobinding TLV represents a response.
-
-
Nonce (32 bytes): A 256-bit unsigned integer containing a temporally unique (random) value. For more information, see [RFC1750].
-
Compound_MAC (20 bytes): A 160-bit unsigned integer containing the value used to cryptographically associate the phase 1 and phase 2 authentications of PEAP. For more information, see section 3.1.5.5.