From ca68a8b561c48393c8ba25055ce294caaa3ac008 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sun, 19 Apr 2015 17:45:33 +0300 Subject: [PATCH] WPS: Explicitly reject Public Key attribute with unexpected length There is no need to try to derive DH shared key with a peer that tries to use too short or too long DH Public Key. Previously, such cases ended up implicitly getting rejected by the DH operations failing to produce matching results. That is unnecessarily, so simply reject the message completely if it does not have a Public Key with valid length. Accept couple of octets shorter value to be used to avoid interoperability issues if there are implementations that do not use zero-padding properly. Signed-off-by: Jouni Malinen --- src/wps/wps_attr_parse.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/wps/wps_attr_parse.c b/src/wps/wps_attr_parse.c index a1330ded1..11a967ba0 100644 --- a/src/wps/wps_attr_parse.c +++ b/src/wps/wps_attr_parse.c @@ -484,6 +484,18 @@ static int wps_set_attr(struct wps_parse_attr *attr, u16 type, attr->dev_name_len = len; break; case ATTR_PUBLIC_KEY: + /* + * The Public Key attribute is supposed to be exactly 192 bytes + * in length. Allow couple of bytes shorter one to try to + * interoperate with implementations that do not use proper + * zero-padding. + */ + if (len < 190 || len > 192) { + wpa_printf(MSG_DEBUG, + "WPS: Ignore Public Key with unexpected length %u", + len); + break; + } attr->public_key = pos; attr->public_key_len = len; break;