EAP-pwd server: Use os_get_random() for unpredictable token
Do not use os_random() that uses a low quality PRNG to generate the
anti-clogging token. The construction can be improved upon by replacing
it with a call to os_get_random(), which uses a high quality PRNG. While
the RFC 5931 explictly recommends not to do this ("SHOULD NOT be from a
source of random entropy"), it does still mandate unpredicability ("MUST
be unpredictable"). The anti-clogging token is most unpredictable when
it is taken from a high quality PRNG.
Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
			
			
This commit is contained in:
		
							parent
							
								
									239952b4da
								
							
						
					
					
						commit
						4b16c15bbc
					
				
					 1 changed files with 7 additions and 2 deletions
				
			
		|  | @ -178,8 +178,13 @@ static void eap_pwd_build_id_req(struct eap_sm *sm, struct eap_pwd_data *data, | |||
| 		return; | ||||
| 	} | ||||
| 
 | ||||
| 	/* an lfsr is good enough to generate unpredictable tokens */ | ||||
| 	data->token = os_random(); | ||||
| 	if (os_get_random((u8 *) &data->token, sizeof(data->token)) < 0) { | ||||
| 		wpabuf_free(data->outbuf); | ||||
| 		data->outbuf = NULL; | ||||
| 		eap_pwd_state(data, FAILURE); | ||||
| 		return; | ||||
| 	} | ||||
| 
 | ||||
| 	wpabuf_put_be16(data->outbuf, data->group_num); | ||||
| 	wpabuf_put_u8(data->outbuf, EAP_PWD_DEFAULT_RAND_FUNC); | ||||
| 	wpabuf_put_u8(data->outbuf, EAP_PWD_DEFAULT_PRF); | ||||
|  |  | |||
		Loading…
	
		Reference in a new issue
	
	 Nick Lowe
						Nick Lowe