mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 00:38:24 -05:00
SAE: Fix PWE loop termination on excessive iterations
The counter>200 check needs to be done before the continue-on-not-found case to be effective in stopping this loop. Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
d5f5fa86e4
commit
cbf9f4c642
@ -202,6 +202,12 @@ static int sae_derive_pwe(struct sae_data *sae, const u8 *addr1,
|
||||
u8 pwd_seed[SHA256_MAC_LEN];
|
||||
int res;
|
||||
|
||||
if (counter > 200) {
|
||||
/* This should not happen in practice */
|
||||
wpa_printf(MSG_DEBUG, "SAE: Failed to derive PWE");
|
||||
break;
|
||||
}
|
||||
|
||||
wpa_printf(MSG_DEBUG, "SAE: counter = %u", counter);
|
||||
if (hmac_sha256_vector(addrs, sizeof(addrs), 2, addr, len,
|
||||
pwd_seed) < 0)
|
||||
@ -220,12 +226,6 @@ static int sae_derive_pwe(struct sae_data *sae, const u8 *addr1,
|
||||
wpa_printf(MSG_DEBUG, "SAE: Use this PWE");
|
||||
found = 1;
|
||||
}
|
||||
|
||||
if (counter > 200) {
|
||||
/* This should not happen in practice */
|
||||
wpa_printf(MSG_DEBUG, "SAE: Failed to derive PWE");
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
crypto_ec_point_deinit(pwe_tmp, 1);
|
||||
|
Loading…
Reference in New Issue
Block a user