SAE: Fix PWE loop termination on excessive iterations

The counter>200 check needs to be done before the continue-on-not-found
case to be effective in stopping this loop.

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2013-01-01 12:50:27 +02:00
parent d5f5fa86e4
commit cbf9f4c642

View File

@ -202,6 +202,12 @@ static int sae_derive_pwe(struct sae_data *sae, const u8 *addr1,
u8 pwd_seed[SHA256_MAC_LEN];
int res;
if (counter > 200) {
/* This should not happen in practice */
wpa_printf(MSG_DEBUG, "SAE: Failed to derive PWE");
break;
}
wpa_printf(MSG_DEBUG, "SAE: counter = %u", counter);
if (hmac_sha256_vector(addrs, sizeof(addrs), 2, addr, len,
pwd_seed) < 0)
@ -220,12 +226,6 @@ static int sae_derive_pwe(struct sae_data *sae, const u8 *addr1,
wpa_printf(MSG_DEBUG, "SAE: Use this PWE");
found = 1;
}
if (counter > 200) {
/* This should not happen in practice */
wpa_printf(MSG_DEBUG, "SAE: Failed to derive PWE");
break;
}
}
crypto_ec_point_deinit(pwe_tmp, 1);