WPS: Fix debug prints in wps_derive_psk() error case
Check for hmac_sha256() failures and exit from wps_derive_psk() without printing out the derived keys if anything fails. This removes a valgrind warning on uninitialized value when running the ap_wps_m3_oom test case. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
7d1007a674
commit
aae125e2cf
4 changed files with 16 additions and 11 deletions
|
@ -129,23 +129,26 @@ int wps_derive_keys(struct wps_data *wps)
|
|||
}
|
||||
|
||||
|
||||
void wps_derive_psk(struct wps_data *wps, const u8 *dev_passwd,
|
||||
int wps_derive_psk(struct wps_data *wps, const u8 *dev_passwd,
|
||||
size_t dev_passwd_len)
|
||||
{
|
||||
u8 hash[SHA256_MAC_LEN];
|
||||
|
||||
hmac_sha256(wps->authkey, WPS_AUTHKEY_LEN, dev_passwd,
|
||||
(dev_passwd_len + 1) / 2, hash);
|
||||
if (hmac_sha256(wps->authkey, WPS_AUTHKEY_LEN, dev_passwd,
|
||||
(dev_passwd_len + 1) / 2, hash) < 0)
|
||||
return -1;
|
||||
os_memcpy(wps->psk1, hash, WPS_PSK_LEN);
|
||||
hmac_sha256(wps->authkey, WPS_AUTHKEY_LEN,
|
||||
if (hmac_sha256(wps->authkey, WPS_AUTHKEY_LEN,
|
||||
dev_passwd + (dev_passwd_len + 1) / 2,
|
||||
dev_passwd_len / 2, hash);
|
||||
dev_passwd_len / 2, hash) < 0)
|
||||
return -1;
|
||||
os_memcpy(wps->psk2, hash, WPS_PSK_LEN);
|
||||
|
||||
wpa_hexdump_ascii_key(MSG_DEBUG, "WPS: Device Password",
|
||||
dev_passwd, dev_passwd_len);
|
||||
wpa_hexdump_key(MSG_DEBUG, "WPS: PSK1", wps->psk1, WPS_PSK_LEN);
|
||||
wpa_hexdump_key(MSG_DEBUG, "WPS: PSK2", wps->psk2, WPS_PSK_LEN);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -173,7 +173,8 @@ static struct wpabuf * wps_build_m3(struct wps_data *wps)
|
|||
wpa_printf(MSG_DEBUG, "WPS: No Device Password available");
|
||||
return NULL;
|
||||
}
|
||||
wps_derive_psk(wps, wps->dev_password, wps->dev_password_len);
|
||||
if (wps_derive_psk(wps, wps->dev_password, wps->dev_password_len) < 0)
|
||||
return NULL;
|
||||
|
||||
if (wps->wps->ap && random_pool_ready() != 1) {
|
||||
wpa_printf(MSG_INFO,
|
||||
|
|
|
@ -132,7 +132,7 @@ struct wps_data {
|
|||
void wps_kdf(const u8 *key, const u8 *label_prefix, size_t label_prefix_len,
|
||||
const char *label, u8 *res, size_t res_len);
|
||||
int wps_derive_keys(struct wps_data *wps);
|
||||
void wps_derive_psk(struct wps_data *wps, const u8 *dev_passwd,
|
||||
int wps_derive_psk(struct wps_data *wps, const u8 *dev_passwd,
|
||||
size_t dev_passwd_len);
|
||||
struct wpabuf * wps_decrypt_encr_settings(struct wps_data *wps, const u8 *encr,
|
||||
size_t encr_len);
|
||||
|
|
|
@ -1928,7 +1928,8 @@ static struct wpabuf * wps_build_m4(struct wps_data *wps)
|
|||
|
||||
wpa_printf(MSG_DEBUG, "WPS: Building Message M4");
|
||||
|
||||
wps_derive_psk(wps, wps->dev_password, wps->dev_password_len);
|
||||
if (wps_derive_psk(wps, wps->dev_password, wps->dev_password_len) < 0)
|
||||
return NULL;
|
||||
|
||||
plain = wpabuf_alloc(200);
|
||||
if (plain == NULL)
|
||||
|
|
Loading…
Reference in a new issue