DPP: Verify that PKEX Qi is not the point-at-infinity

This was added as an explicit requirement in DPP tech spec v0.2.3. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 00:42:34 +03:00 · 2017-10-10 00:42:34 +03:00 · 6573171792
parent b9c0e1fa5c
commit 6573171792
1 changed files with 4 additions and 0 deletions
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@ -4851,6 +4851,10 @@ static EC_POINT * dpp_pkex_derive_Qi(const struct dpp_curve_params *curve,
 	if (!hash_bn ||
 	    EC_POINT_mul(group2, Qi, NULL, Pi_point, hash_bn, bnctx) != 1)
 		goto fail;
+	if (EC_POINT_is_at_infinity(group, Qi)) {
+		wpa_printf(MSG_INFO, "PDP: Qi is the point-at-infinity");
+		goto fail;
+	}
 out:
 	EC_KEY_free(Pi_ec);
 	EVP_PKEY_free(Pi);