EAP-pwd: Verify BN_rand_range return code
This makes the EAP-pwd server and peer implementations more robust should OpenSSL fail to derive random number for some reason. While this is unlikely to happen in practice, the implementation better be prepared for this should something unexpected ever happen. See http://jbp.io/2014/01/16/openssl-rand-api/#review-of-randbytes-callers for more details. Signed-off-by: Florent Daigniere <nextgens@freenetproject.org>
This commit is contained in:
parent
5197f0335c
commit
f119d66942
2 changed files with 18 additions and 10 deletions
|
@ -317,11 +317,15 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
|
|||
goto fin;
|
||||
}
|
||||
|
||||
BN_rand_range(data->private_value, data->grp->order);
|
||||
BN_rand_range(mask, data->grp->order);
|
||||
BN_add(data->my_scalar, data->private_value, mask);
|
||||
BN_mod(data->my_scalar, data->my_scalar, data->grp->order,
|
||||
data->bnctx);
|
||||
if (BN_rand_range(data->private_value, data->grp->order) != 1 ||
|
||||
BN_rand_range(mask, data->grp->order) != 1 ||
|
||||
BN_add(data->my_scalar, data->private_value, mask) != 1 ||
|
||||
BN_mod(data->my_scalar, data->my_scalar, data->grp->order,
|
||||
data->bnctx) != 1) {
|
||||
wpa_printf(MSG_INFO,
|
||||
"EAP-pwd (peer): unable to get randomness");
|
||||
goto fin;
|
||||
}
|
||||
|
||||
if (!EC_POINT_mul(data->grp->group, data->my_element, NULL,
|
||||
data->grp->pwe, mask, data->bnctx)) {
|
||||
|
|
|
@ -210,11 +210,15 @@ static void eap_pwd_build_commit_req(struct eap_sm *sm,
|
|||
goto fin;
|
||||
}
|
||||
|
||||
BN_rand_range(data->private_value, data->grp->order);
|
||||
BN_rand_range(mask, data->grp->order);
|
||||
BN_add(data->my_scalar, data->private_value, mask);
|
||||
BN_mod(data->my_scalar, data->my_scalar, data->grp->order,
|
||||
data->bnctx);
|
||||
if (BN_rand_range(data->private_value, data->grp->order) != 1 ||
|
||||
BN_rand_range(mask, data->grp->order) != 1 ||
|
||||
BN_add(data->my_scalar, data->private_value, mask) != 1 ||
|
||||
BN_mod(data->my_scalar, data->my_scalar, data->grp->order,
|
||||
data->bnctx) != 1) {
|
||||
wpa_printf(MSG_INFO,
|
||||
"EAP-pwd (server): unable to get randomness");
|
||||
goto fin;
|
||||
}
|
||||
|
||||
if (!EC_POINT_mul(data->grp->group, data->my_element, NULL,
|
||||
data->grp->pwe, mask, data->bnctx)) {
|
||||
|
|
Loading…
Reference in a new issue