Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2025-01-19 03:14:05 -05:00
Code Issues Projects Releases Wiki Activity

SAE: Set pwd-value length based on prime length

Browse Source 
The buffer is set based on maximum group prime length, but pwd-value
needs to be correct length for the negotiated group.

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2013-01-01 12:45:18 +02:00
parent a55f2eef71
commit d5f5fa86e4
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/common/sae.c
View File

@ -129,16 +129,16 @@ static int sae_test_pwd_seed(struct sae_data *sae, const u8 *pwd_seed,
/* pwd-value = KDF-z(pwd-seed, "SAE Hunting and Pecking", p) */ /* pwd-value = KDF-z(pwd-seed, "SAE Hunting and Pecking", p) */
sha256_prf(pwd_seed, SHA256_MAC_LEN, "SAE Hunting and Pecking", sha256_prf(pwd_seed, SHA256_MAC_LEN, "SAE Hunting and Pecking",
prime, sae->prime_len, pwd_value, sizeof(pwd_value)); prime, sae->prime_len, pwd_value, sae->prime_len);
wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-value", wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-value",
pwd_value, sizeof(pwd_value)); pwd_value, sae->prime_len);
if (os_memcmp(pwd_value, prime, sae->prime_len) >= 0) if (os_memcmp(pwd_value, prime, sae->prime_len) >= 0)
return 0; return 0;
y_bit = pwd_seed[SHA256_MAC_LEN - 1] & 0x01; y_bit = pwd_seed[SHA256_MAC_LEN - 1] & 0x01;
x = crypto_bignum_init_set(pwd_value, sizeof(pwd_value)); x = crypto_bignum_init_set(pwd_value, sae->prime_len);
if (x == NULL) if (x == NULL)
return -1; return -1;
if (crypto_ec_point_solve_y_coord(sae->ec, pwe, x, y_bit) < 0) { if (crypto_ec_point_solve_y_coord(sae->ec, pwe, x, y_bit) < 0) {