mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-17 18:34:03 -05:00
PEAP: Verify peap_prfplus() result
This function can fail in theory since the SHA-1 functions are allowed to return an error. While this does not really happen in practice (we would not get this far if SHA-1 does not work), it is cleaner to include the error handling here to keep static analyzers happier. [Bug 421] Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
b6c8df695c
commit
3724ddc0c1
@ -1,6 +1,6 @@
|
|||||||
/*
|
/*
|
||||||
* EAP-PEAP common routines
|
* EAP-PEAP common routines
|
||||||
* Copyright (c) 2008, Jouni Malinen <j@w1.fi>
|
* Copyright (c) 2008-2011, Jouni Malinen <j@w1.fi>
|
||||||
*
|
*
|
||||||
* This program is free software; you can redistribute it and/or modify
|
* This program is free software; you can redistribute it and/or modify
|
||||||
* it under the terms of the GNU General Public License version 2 as
|
* it under the terms of the GNU General Public License version 2 as
|
||||||
@ -18,9 +18,9 @@
|
|||||||
#include "crypto/sha1.h"
|
#include "crypto/sha1.h"
|
||||||
#include "eap_peap_common.h"
|
#include "eap_peap_common.h"
|
||||||
|
|
||||||
void peap_prfplus(int version, const u8 *key, size_t key_len,
|
int peap_prfplus(int version, const u8 *key, size_t key_len,
|
||||||
const char *label, const u8 *seed, size_t seed_len,
|
const char *label, const u8 *seed, size_t seed_len,
|
||||||
u8 *buf, size_t buf_len)
|
u8 *buf, size_t buf_len)
|
||||||
{
|
{
|
||||||
unsigned char counter = 0;
|
unsigned char counter = 0;
|
||||||
size_t pos, plen;
|
size_t pos, plen;
|
||||||
@ -75,7 +75,8 @@ void peap_prfplus(int version, const u8 *key, size_t key_len,
|
|||||||
while (pos < buf_len) {
|
while (pos < buf_len) {
|
||||||
counter++;
|
counter++;
|
||||||
plen = buf_len - pos;
|
plen = buf_len - pos;
|
||||||
hmac_sha1_vector(key, key_len, 5, addr, len, hash);
|
if (hmac_sha1_vector(key, key_len, 5, addr, len, hash) < 0)
|
||||||
|
return -1;
|
||||||
if (plen >= SHA1_MAC_LEN) {
|
if (plen >= SHA1_MAC_LEN) {
|
||||||
os_memcpy(&buf[pos], hash, SHA1_MAC_LEN);
|
os_memcpy(&buf[pos], hash, SHA1_MAC_LEN);
|
||||||
pos += SHA1_MAC_LEN;
|
pos += SHA1_MAC_LEN;
|
||||||
@ -85,4 +86,6 @@ void peap_prfplus(int version, const u8 *key, size_t key_len,
|
|||||||
}
|
}
|
||||||
len[0] = SHA1_MAC_LEN;
|
len[0] = SHA1_MAC_LEN;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
/*
|
/*
|
||||||
* EAP-PEAP common routines
|
* EAP-PEAP common routines
|
||||||
* Copyright (c) 2008, Jouni Malinen <j@w1.fi>
|
* Copyright (c) 2008-2011, Jouni Malinen <j@w1.fi>
|
||||||
*
|
*
|
||||||
* This program is free software; you can redistribute it and/or modify
|
* This program is free software; you can redistribute it and/or modify
|
||||||
* it under the terms of the GNU General Public License version 2 as
|
* it under the terms of the GNU General Public License version 2 as
|
||||||
@ -15,8 +15,8 @@
|
|||||||
#ifndef EAP_PEAP_COMMON_H
|
#ifndef EAP_PEAP_COMMON_H
|
||||||
#define EAP_PEAP_COMMON_H
|
#define EAP_PEAP_COMMON_H
|
||||||
|
|
||||||
void peap_prfplus(int version, const u8 *key, size_t key_len,
|
int peap_prfplus(int version, const u8 *key, size_t key_len,
|
||||||
const char *label, const u8 *seed, size_t seed_len,
|
const char *label, const u8 *seed, size_t seed_len,
|
||||||
u8 *buf, size_t buf_len);
|
u8 *buf, size_t buf_len);
|
||||||
|
|
||||||
#endif /* EAP_PEAP_COMMON_H */
|
#endif /* EAP_PEAP_COMMON_H */
|
||||||
|
@ -285,8 +285,10 @@ static int eap_peap_derive_cmk(struct eap_sm *sm, struct eap_peap_data *data)
|
|||||||
* in the end of the label just before ISK; is that just a typo?)
|
* in the end of the label just before ISK; is that just a typo?)
|
||||||
*/
|
*/
|
||||||
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: TempKey", tk, 40);
|
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: TempKey", tk, 40);
|
||||||
peap_prfplus(data->peap_version, tk, 40, "Inner Methods Compound Keys",
|
if (peap_prfplus(data->peap_version, tk, 40,
|
||||||
isk, sizeof(isk), imck, sizeof(imck));
|
"Inner Methods Compound Keys",
|
||||||
|
isk, sizeof(isk), imck, sizeof(imck)) < 0)
|
||||||
|
return -1;
|
||||||
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: IMCK (IPMKj)",
|
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: IMCK (IPMKj)",
|
||||||
imck, sizeof(imck));
|
imck, sizeof(imck));
|
||||||
|
|
||||||
@ -1247,9 +1249,12 @@ static u8 * eap_peap_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
* termination for this label while the one used for deriving
|
* termination for this label while the one used for deriving
|
||||||
* IPMK|CMK did not use null termination.
|
* IPMK|CMK did not use null termination.
|
||||||
*/
|
*/
|
||||||
peap_prfplus(data->peap_version, data->ipmk, 40,
|
if (peap_prfplus(data->peap_version, data->ipmk, 40,
|
||||||
"Session Key Generating Function",
|
"Session Key Generating Function",
|
||||||
(u8 *) "\00", 1, csk, sizeof(csk));
|
(u8 *) "\00", 1, csk, sizeof(csk)) < 0) {
|
||||||
|
os_free(key);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: CSK", csk, sizeof(csk));
|
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: CSK", csk, sizeof(csk));
|
||||||
os_memcpy(key, csk, EAP_TLS_KEY_LEN);
|
os_memcpy(key, csk, EAP_TLS_KEY_LEN);
|
||||||
wpa_hexdump(MSG_DEBUG, "EAP-PEAP: Derived key",
|
wpa_hexdump(MSG_DEBUG, "EAP-PEAP: Derived key",
|
||||||
|
@ -351,8 +351,12 @@ static int eap_peap_derive_cmk(struct eap_sm *sm, struct eap_peap_data *data)
|
|||||||
* in the end of the label just before ISK; is that just a typo?)
|
* in the end of the label just before ISK; is that just a typo?)
|
||||||
*/
|
*/
|
||||||
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: TempKey", tk, 40);
|
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: TempKey", tk, 40);
|
||||||
peap_prfplus(data->peap_version, tk, 40, "Inner Methods Compound Keys",
|
if (peap_prfplus(data->peap_version, tk, 40,
|
||||||
isk, sizeof(isk), imck, sizeof(imck));
|
"Inner Methods Compound Keys",
|
||||||
|
isk, sizeof(isk), imck, sizeof(imck)) < 0) {
|
||||||
|
os_free(tk);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: IMCK (IPMKj)",
|
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: IMCK (IPMKj)",
|
||||||
imck, sizeof(imck));
|
imck, sizeof(imck));
|
||||||
|
|
||||||
@ -1320,9 +1324,10 @@ static u8 * eap_peap_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
* termination for this label while the one used for deriving
|
* termination for this label while the one used for deriving
|
||||||
* IPMK|CMK did not use null termination.
|
* IPMK|CMK did not use null termination.
|
||||||
*/
|
*/
|
||||||
peap_prfplus(data->peap_version, data->ipmk, 40,
|
if (peap_prfplus(data->peap_version, data->ipmk, 40,
|
||||||
"Session Key Generating Function",
|
"Session Key Generating Function",
|
||||||
(u8 *) "\00", 1, csk, sizeof(csk));
|
(u8 *) "\00", 1, csk, sizeof(csk)) < 0)
|
||||||
|
return NULL;
|
||||||
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: CSK", csk, sizeof(csk));
|
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: CSK", csk, sizeof(csk));
|
||||||
eapKeyData = os_malloc(EAP_TLS_KEY_LEN);
|
eapKeyData = os_malloc(EAP_TLS_KEY_LEN);
|
||||||
if (eapKeyData) {
|
if (eapKeyData) {
|
||||||
|
Loading…
Reference in New Issue
Block a user