jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

WPS: Use random_get_bytes() for NFC password id

Browse source 
os_random() may not be seeded properly, so use stronger mechanism for
generating the password id for NFC password tokens.

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2012-06-28 20:40:16 +03:00
parent ffdaa05a6b
commit 72df0cd28c
2 changed files with 8 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/ap/wps_hostapd.c
View file

@ -1629,13 +1629,15 @@ struct wpabuf * hostapd_wps_nfc_token_gen(struct hostapd_data *hapd, int ndef)
struct wpabuf *priv = NULL, *pub = NULL, *pw;
void *dh_ctx;
struct wpabuf *ret;
u16 val;
pw = wpabuf_alloc(WPS_OOB_DEVICE_PASSWORD_LEN);
if (pw == NULL)
return NULL;
if (random_get_bytes(wpabuf_put(pw, WPS_OOB_DEVICE_PASSWORD_LEN),
WPS_OOB_DEVICE_PASSWORD_LEN)) {
WPS_OOB_DEVICE_PASSWORD_LEN) ||
random_get_bytes((u8 *) &val, sizeof(val))) {
wpabuf_free(pw);
return NULL;
}
@ -1647,7 +1649,7 @@ struct wpabuf * hostapd_wps_nfc_token_gen(struct hostapd_data *hapd, int ndef)
}
dh5_free(dh_ctx);
hapd->conf->wps_nfc_dev_pw_id = 0x10 + os_random() % 0xfff0;
hapd->conf->wps_nfc_dev_pw_id = 0x10 + val % 0xfff0;
wpabuf_free(hapd->conf->wps_nfc_dh_pubkey);
hapd->conf->wps_nfc_dh_pubkey = pub;
wpabuf_free(hapd->conf->wps_nfc_dh_privkey);

6
wpa_supplicant/wps_supplicant.c
View file

@ -1799,13 +1799,15 @@ struct wpabuf * wpas_wps_nfc_token(struct wpa_supplicant *wpa_s, int ndef)
struct wpabuf *priv = NULL, *pub = NULL, *pw;
void *dh_ctx;
struct wpabuf *ret;
u16 val;
pw = wpabuf_alloc(WPS_OOB_DEVICE_PASSWORD_LEN);
if (pw == NULL)
return NULL;
if (random_get_bytes(wpabuf_put(pw, WPS_OOB_DEVICE_PASSWORD_LEN),
WPS_OOB_DEVICE_PASSWORD_LEN)) {
WPS_OOB_DEVICE_PASSWORD_LEN) ||
random_get_bytes((u8 *) &val, sizeof(val))) {
wpabuf_free(pw);
return NULL;
}
@ -1817,7 +1819,7 @@ struct wpabuf * wpas_wps_nfc_token(struct wpa_supplicant *wpa_s, int ndef)
}
dh5_free(dh_ctx);
wpa_s->conf->wps_nfc_dev_pw_id = 0x10 + os_random() % 0xfff0;
wpa_s->conf->wps_nfc_dev_pw_id = 0x10 + val % 0xfff0;
wpabuf_free(wpa_s->conf->wps_nfc_dh_pubkey);
wpa_s->conf->wps_nfc_dh_pubkey = pub;
wpabuf_free(wpa_s->conf->wps_nfc_dh_privkey);