HostAPd WPA Enterprise fails on Windows 10

Thomas d'Otreppe tdotreppe at gmail.com
Sat Dec 17 00:01:25 PST 2016 

Yes, it was due to MD5 certificates. I tested with SHA certs and it
worked just fine. I wish Windows would at least tell that it was
because of it.

Thanks a lot for your help,

Thomas



On Thu, Dec 15, 2016 at 5:47 PM, Jouni Malinen <j at w1.fi> wrote:
> On Thu, Dec 15, 2016 at 02:30:47PM -0500, Thomas d'Otreppe wrote:
>> I managed to get good captures and I hope it helps figuring out what
>> is going on. I used the same certs for both Freeradius and HostAPd
>> which are included in the archive.
>>
>> I filtered out unnecessary packets and added the challenge/response
>> file from freeradius as well as pcap from the wired side and the
>> wireless side (the secret between the AP and Freeradius is
>> testing123). For HostAPd, I have a wifi capture only (obviously) and
>> the full debug output:
>> http://www2.aircrack-ng.org/win10_hostapd_failure_dec2016.tar.gz
>
> Unfortunately, win10_hostapd_failure_dec2016/hostapd/hostapd.pcap misses
> the two key EAP messages that are the ones that follow the Windows 10
> supplicant sending an unexpected fragment ACK.
>
> That said, there are some differences in behavior between the FreeRADIUS
> and hostapd as authentication server cases. FreeRADIUS advertises
> highest supported PEAP version to 0 while hostapd advertises support for
> version 1 (i.e., both versions 0 and 1).
>
> I'm also questioning whether you really used the same server certificate
> in the tests.. Was that supposed to be
> win10_hostapd_failure/dec2016/cert/server.pem? That has CN=Example
> Server Certificate while the FreeRADIUS capture log showed the server
> certificate with CN=kali.
>
> The key difference here is that the cert/server.pem uses MD5 in the
> signature algorithm (md5WithRSAEncryption) while the FreeRADIUS CN=kali
> certificate uses SHA256. I was able to reproduce the strange Windows 10
> behavior with an unexpected fragment ACK when using a server certificate
> with md5WithRSAEncryption. I'd assume rejecting the connection is by
> design due to security issues related to MD5 use as a signature
> algorithm.
>
> If you can reproduce this with SHA256-based certificate from the hostapd
> server, I'd be interested in a more complete packet capture that shows
> the two key EAP-Request messages that are missing from hostapd.pcap.
>
> --
> Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list