PEAP Client_key_exchange

From: Juan MORENO (ja_at_hotmail.com)
Date: 09/28/05 

Date: Wed, 28 Sep 2005 14:29:37 +0200

Hi everyone, I have a problem and I would like to ask you what to do.

I am creating a Radius Client interface with most common protocols such as
PAP, MSCHAP, MSCHAPv2, EAP-MD5, LEAP, PEAP, TTLS, TLS FAST... and I have
almost finished. My problem is with PEAP protocol when I send the
Client_Key_Exchange because freeRadius server tells me:

SSL3_GET_CLIENT_KEY_EXCHANGE: tls rsa encrypted value length is wrong:
s3_srvr.c: 1450: rlm_eap_tls: SSL_read failed in a system call (-1), TLS
session fails.

I don't really know what I do wrong. the SSL function I use is:

 char *PreMasterSecret = (char*) _MEMORY_Allocate (58 , true);
 char *EncryptedPreMasterSecret = (char*) _MEMORY_Allocate (128, true);
 char *temp = (char*) _MEMORY_Allocate (58 , true);
 unsigned char *tmpCert = (unsigned char*) _MEMORY_Allocate
(ClientSSLData->certificate_len + 128, true);
 _RANDOM_MakeCharString (temp, 46);
 PreMasterSecret [0] = 0x03;
 PreMasterSecret [1] = 0x01;
 for (register int i = 0; i<46; i++)
 PreMasterSecret[i+2] = temp [i];
 for (i = 0; i < ClientSSLData->certificate_len; i++)
  tmpCert[i] =(unsigned char) ClientSSLData->certificate[i];
 //----- OpenSSL Functions -----
 RSA *server_public_key;
 X509 *cert = X509_new ();
 EVP_PKEY *evp = EVP_PKEY_new ();
 X509 *err = d2i_X509 (&cert, (unsigned char**) &tmpCert,
(ClientSSLData->certificate_len) );

 //----- We get the public key from the Server certificate -----

 evp = X509_get_pubkey(cert);
 server_public_key = (RSA *) evp->pkey.ptr;
 //----- We get the PreMasterSecret encrypted -----
 RSA_public_encrypt(48, (BYTE*) PreMasterSecret, (unsigned
char*)EncryptedPreMasterSecret, server_public_key, RSA_PKCS1_PADDING);

Please help me! THANKS, JUAN