search

pyradius / pyrad

Python RADIUS Implementation
BSD 3-Clause "New" or "Revised" License
294 stars 186 forks source link

Decryption of salt encrypted attributes (encrypt=2) is incorrect #194

Open Thrushbeard opened 7 months ago

Thrushbeard commented 7 months ago

A cleartext value is wrong for salt encrypted attributes in a RADIUS packet (e.g. MS-CHAP2 MPPE keys).

There are two points about a hash value:

  1. Decryption and encryption functions are not completely the same. The hash must use part of an encrypted value, not a decrypted one

https://github.com/pyradius/pyrad/blob/dd34c5a29b46d83b0bea841e85fd72b79f315b87/pyrad/packet.py#L595

last = data[:16] for the decryption.

  1. The initial hash value must use a request packet authenticator, not a reply packet authenticator

https://github.com/pyradius/pyrad/blob/dd34c5a29b46d83b0bea841e85fd72b79f315b87/pyrad/packet.py#L585