jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
hostap/src
History
Jouni Malinen aaf65feac6 EAP-pwd: Use constant time and memory access for finding the PWE 
This algorithm could leak information to external observers in form of
timing differences or memory access patterns (cache use). While the
previous implementation had protection against the most visible timing
differences (looping 40 rounds and masking the legendre operation), it
did not protect against memory access patterns between the two possible
code paths in the masking operations. That might be sufficient to allow
an unprivileged process running on the same device to be able to
determine which path is being executed through a cache attack and based
on that, determine information about the used password.

Convert the PWE finding loop to use constant time functions and
identical memory access path without different branches for the QR/QNR
cases to minimize possible side-channel information similarly to the
changes done for SAE authentication. (CVE-2019-9495)

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-09 17:11:15 +03:00
..
ap AP: Avoid NULL use with snprintf string 2019-04-06 18:49:26 +03:00
common tests: Fix build without CONFIG_SAE 2019-04-09 16:24:38 +03:00
crypto OpenSSL: Use constant time selection for crypto_bignum_legendre() 2019-04-09 17:11:15 +03:00
drivers nl80211: Add SAE, FT-SAE, FT-EAP-SHA384 AKMs in connect request 2019-04-05 21:02:37 +03:00
eap_common EAP-pwd: Use constant time and memory access for finding the PWE 2019-04-09 17:11:15 +03:00
eap_peer Extend domain_match and domain_suffix_match to allow list of values 2019-04-09 16:24:38 +03:00
eap_server Add support for an optional context parameter to TLS exporter 2019-03-16 18:52:09 +02:00
eapol_auth Add hostapd tls_flags parameter 2017-09-18 12:12:48 +03:00
eapol_supp More robust timer_tick_enabled tracking 2019-03-13 23:33:41 +02:00
fst UBSan: Define FST LLT macros without integer overflow 2019-02-25 19:48:49 +02:00
l2_packet wpa_supplicant: Don't reply to EAPOL if pkt_type is PACKET_OTHERHOST 2018-04-02 12:21:27 +03:00
p2p WPS: Add multi_ap_subelem to wps_build_wfa_ext() 2019-02-18 20:30:26 +02:00
pae UBSan: Pack MACsec peer id structure 2019-02-25 19:48:49 +02:00
radius RADIUS server: Accept ERP keyName-NAI as user identity 2019-04-09 00:10:20 +03:00
rsn_supp Add AKM info in the debug message noting PMKSA caching entry addition 2019-03-27 04:02:19 +02:00
tls TLS: Add support for RFC 5705 TLS exporter context with internal TLS 2019-03-16 18:52:09 +02:00
utils Add helper functions for constant time operations 2019-04-09 17:11:15 +03:00
wps Multi-AP: Avoid memcpy(ptr, NULL, 0) in WPS Registrar initialization 2019-02-23 11:37:20 +02:00
lib.rules tests: TLS fuzzing tool 2019-02-11 02:35:29 +02:00
Makefile FST: Add the Fast Session Transfer (FST) module 2015-07-16 18:26:15 +03:00