jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

SAE-PK: Fix password validation check for Sec

Browse source 
The 0..3 value decoded from the password was not incremented to the
actual 2..5 range for Sec. This resulted in not properly detecting the
minimum password length.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2020-06-25 01:18:30 +03:00 committed by Jouni Malinen
parent 0ce6883f64
commit 5d8c5f344e
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/common/sae_pk.c
View file

@ -38,7 +38,7 @@ bool sae_pk_valid_password(const char *pw)
idx = os_strchr(sae_pk_base32_table, pw[0]);
if (!idx)
return false;
sec = ((u8) ((idx - sae_pk_base32_table) & 0x1f)) >> 3;
sec = (((u8) ((idx - sae_pk_base32_table) & 0x1f)) >> 3) + 2;
if ((sec == 2 && pw_len < 14) ||
(sec == 3 && pw_len < 13) ||
(sec == 4 && pw_len < 11) ||