3.1.5.5.1 Input Data Used in the Cryptobinding HMAC-SHA1-160 Operation

The data used as the input to the HMAC-SHA1-160 operation used in the creation of the Compound MAC MUST be constructed, through concatenation, as follows:

1. 60 bytes containing the cryptobinding TLV with the Compound_MAC field zeroed out.

2. 1 byte containing the EAP type sent by the peer in the first processed PEAP message. For PEAP, the value MUST be the IANA-assigned EAP type code (25) for PEAP (see [IANA-EAP]).

3. The Outer_TLV_Data field of a PEAP start packet (as specified in section 2.2.6.2 when the HMAC-SHA1-160 operation is performed on a Peer, or the Outer_TLV_Data field of a Client Hello Packet (as specified in section 2.2.6.1) when the HMAC-SHA1-160 operation is performed on a Server.