WPS: Be more careful with pre-configured DH parameters

Make the implementation more robust against error cases with
pre-configured DH parameters.

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2013-04-01 19:27:32 +03:00
parent cd61936a4a
commit 5c9d63d46f
2 changed files with 26 additions and 2 deletions

View file

@ -24,8 +24,18 @@ int wps_build_public_key(struct wps_data *wps, struct wpabuf *msg)
wpa_printf(MSG_DEBUG, "WPS: * Public Key"); wpa_printf(MSG_DEBUG, "WPS: * Public Key");
wpabuf_free(wps->dh_privkey); wpabuf_free(wps->dh_privkey);
wps->dh_privkey = NULL;
if (wps->dev_pw_id != DEV_PW_DEFAULT && wps->wps->dh_privkey) { if (wps->dev_pw_id != DEV_PW_DEFAULT && wps->wps->dh_privkey) {
wpa_printf(MSG_DEBUG, "WPS: Using pre-configured DH keys"); wpa_printf(MSG_DEBUG, "WPS: Using pre-configured DH keys");
if (wps->wps->dh_ctx == NULL) {
wpa_printf(MSG_DEBUG, "WPS: wps->wps->dh_ctx == NULL");
return -1;
}
if (wps->wps->dh_pubkey == NULL) {
wpa_printf(MSG_DEBUG,
"WPS: wps->wps->dh_pubkey == NULL");
return -1;
}
wps->dh_privkey = wpabuf_dup(wps->wps->dh_privkey); wps->dh_privkey = wpabuf_dup(wps->wps->dh_privkey);
wps->dh_ctx = wps->wps->dh_ctx; wps->dh_ctx = wps->wps->dh_ctx;
wps->wps->dh_ctx = NULL; wps->wps->dh_ctx = NULL;
@ -34,13 +44,22 @@ int wps_build_public_key(struct wps_data *wps, struct wpabuf *msg)
} else if (wps->dev_pw_id >= 0x10 && wps->wps->ap && } else if (wps->dev_pw_id >= 0x10 && wps->wps->ap &&
wps->dev_pw_id == wps->wps->ap_nfc_dev_pw_id) { wps->dev_pw_id == wps->wps->ap_nfc_dev_pw_id) {
wpa_printf(MSG_DEBUG, "WPS: Using NFC password token DH keys"); wpa_printf(MSG_DEBUG, "WPS: Using NFC password token DH keys");
if (wps->wps->ap_nfc_dh_privkey == NULL) {
wpa_printf(MSG_DEBUG,
"WPS: wps->wps->ap_nfc_dh_privkey == NULL");
return -1;
}
if (wps->wps->ap_nfc_dh_pubkey == NULL) {
wpa_printf(MSG_DEBUG,
"WPS: wps->wps->ap_nfc_dh_pubkey == NULL");
return -1;
}
wps->dh_privkey = wpabuf_dup(wps->wps->ap_nfc_dh_privkey); wps->dh_privkey = wpabuf_dup(wps->wps->ap_nfc_dh_privkey);
pubkey = wpabuf_dup(wps->wps->ap_nfc_dh_pubkey); pubkey = wpabuf_dup(wps->wps->ap_nfc_dh_pubkey);
wps->dh_ctx = dh5_init_fixed(wps->dh_privkey, pubkey); wps->dh_ctx = dh5_init_fixed(wps->dh_privkey, pubkey);
#endif /* CONFIG_WPS_NFC */ #endif /* CONFIG_WPS_NFC */
} else { } else {
wpa_printf(MSG_DEBUG, "WPS: Generate new DH keys"); wpa_printf(MSG_DEBUG, "WPS: Generate new DH keys");
wps->dh_privkey = NULL;
dh5_free(wps->dh_ctx); dh5_free(wps->dh_ctx);
wps->dh_ctx = dh5_init(&wps->dh_privkey, &pubkey); wps->dh_ctx = dh5_init(&wps->dh_privkey, &pubkey);
pubkey = wpabuf_zeropad(pubkey, 192); pubkey = wpabuf_zeropad(pubkey, 192);

View file

@ -1905,8 +1905,13 @@ int wpas_wps_start_nfc(struct wpa_supplicant *wpa_s, const u8 *bssid)
return -1; return -1;
} }
wps->dh_ctx = dh5_init_fixed(wps->dh_privkey, wps->dh_pubkey); wps->dh_ctx = dh5_init_fixed(wps->dh_privkey, wps->dh_pubkey);
if (wps->dh_ctx == NULL) if (wps->dh_ctx == NULL) {
wpabuf_free(wps->dh_pubkey);
wps->dh_pubkey = NULL;
wpabuf_free(wps->dh_privkey);
wps->dh_privkey = NULL;
return -1; return -1;
}
wpa_snprintf_hex_uppercase(pw, sizeof(pw), wpa_snprintf_hex_uppercase(pw, sizeof(pw),
wpabuf_head(wpa_s->conf->wps_nfc_dev_pw), wpabuf_head(wpa_s->conf->wps_nfc_dev_pw),