jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
hostap/src/crypto
History
Jouni Malinen b11fa98bcb Add explicit checks for peer's DH public key 
Pass the group order (if known/specified) to crypto_dh_derive_secret()
(and also to OpenSSL DH_generate_key() in case of Group 5) and verify
that the public key received from the peer meets 1 < pubkey < p and
pubkey^q == 1 mod p conditions.

While all these use cases were using only ephemeral DH keys, it is
better to use more explicit checks while deriving the shared secret to
avoid unexpected behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-05 17:05:03 +02:00
..
.gitignore
aes-cbc.c Add TEST_FAIL() condition to aes_128_cbc_encrypt/decrypt() 2015-11-28 20:46:36 +02:00
aes-ccm.c
aes-ctr.c Extend AES-SIV implementation to support different key lengths 2016-10-10 19:40:59 +03:00
aes-eax.c
aes-encblock.c
aes-gcm.c
aes-internal-dec.c crypto: Add return value to DES and AES encrypt/decrypt 2017-02-28 11:23:54 +02:00
aes-internal-enc.c crypto: Add return value to DES and AES encrypt/decrypt 2017-02-28 11:23:54 +02:00
aes-internal.c
aes-omac1.c
aes-siv.c Use os_memdup() 2017-03-07 13:19:10 +02:00
aes-unwrap.c
aes-wrap.c
aes.h crypto: Add return value to DES and AES encrypt/decrypt 2017-02-28 11:23:54 +02:00
aes_i.h
aes_siv.h Extend AES-SIV implementation to support different key lengths 2016-10-10 19:40:59 +03:00
aes_wrap.h Extend AES-SIV implementation to support different key lengths 2016-10-10 19:40:59 +03:00
crypto.h Add explicit checks for peer's DH public key 2019-03-05 17:05:03 +02:00
crypto_gnutls.c Add explicit checks for peer's DH public key 2019-03-05 17:05:03 +02:00
crypto_internal-cipher.c
crypto_internal-modexp.c Add explicit checks for peer's DH public key 2019-03-05 17:05:03 +02:00
crypto_internal-rsa.c
crypto_internal.c crypto: Add CRYPTO_HASH_ALG_SHA384 and CRYPTO_HASH_ALG_SHA512 2015-11-29 18:21:08 +02:00
crypto_libtomcrypt.c Add explicit checks for peer's DH public key 2019-03-05 17:05:03 +02:00
crypto_linux.c af_alg: Crypto wrappers for Linux kernel crypto (AF_ALG) 2017-02-28 11:24:15 +02:00
crypto_module_tests.c tests: Extract-and-Expand HKDF (RFC 5869) 2017-03-11 22:40:31 +02:00
crypto_nettle.c Add explicit checks for peer's DH public key 2019-03-05 17:05:03 +02:00
crypto_none.c crypto: Add return value to DES and AES encrypt/decrypt 2017-02-28 11:23:54 +02:00
crypto_openssl.c Add explicit checks for peer's DH public key 2019-03-05 17:05:03 +02:00
crypto_wolfssl.c Add explicit checks for peer's DH public key 2019-03-05 17:05:03 +02:00
des-internal.c crypto: Add return value to DES and AES encrypt/decrypt 2017-02-28 11:23:54 +02:00
des_i.h
dh_group5.c Fix memory leak on NFC DH generation error path 2015-11-29 20:53:20 +02:00
dh_group5.h
dh_groups.c Add explicit checks for peer's DH public key 2019-03-05 17:05:03 +02:00
dh_groups.h
fips_prf_internal.c
fips_prf_openssl.c OpenSSL: Silence sparse warnings in fips186_2_prf() 2016-06-24 19:02:58 +03:00
fips_prf_wolfssl.c wolfSSL: Use new digest namespace 2018-05-02 12:04:46 +03:00
Makefile tests: TLS fuzzing tool 2019-02-11 02:35:29 +02:00
md4-internal.c crypto internal: Make MD4 PADDING array const 2019-01-02 17:26:57 +02:00
md5-internal.c Add TEST_FAIL() support for internal hash functions 2015-11-29 21:01:33 +02:00
md5.c
md5.h
md5_i.h
milenage.c
milenage.h
ms_funcs.c crypto: Process des_encrypt() error returns in callers 2017-02-28 11:24:05 +02:00
ms_funcs.h crypto: Process des_encrypt() error returns in callers 2017-02-28 11:24:05 +02:00
random.c crypto: Add option to use getrandom() 2019-01-02 01:24:18 +02:00
random.h
rc4.c
sha1-internal.c Remove trailing whitespace 2016-12-28 14:31:42 +02:00
sha1-pbkdf2.c
sha1-prf.c
sha1-tlsprf.c
sha1-tprf.c
sha1.c
sha1.h
sha1_i.h
sha256-internal.c Remove trailing whitespace 2016-12-28 14:31:42 +02:00
sha256-kdf.c Extend hmac_sha256_kdf() to support HKDF-Expand() as defined in RFC 5869 2017-03-11 22:40:10 +02:00
sha256-prf.c SAE: Check SHA256-PRF operation result 2016-03-27 21:44:49 +03:00
sha256-tlsprf.c
sha256.c
sha256.h SAE: Check SHA256-PRF operation result 2016-03-27 21:44:49 +03:00
sha256_i.h
sha384-internal.c Add SHA384 and SHA512 implementations from LibTomCrypt library 2015-11-29 18:19:32 +02:00
sha384-kdf.c Extend SHA-384 and SHA-512 support to match SHA-256 2017-06-17 18:04:12 +03:00
sha384-prf.c Return success/failure result from sha384_prf() 2017-03-12 20:43:06 +02:00
sha384.c Add HMAC-SHA384 with internal crypto 2017-02-16 22:15:29 +02:00
sha384.h Extend SHA-384 and SHA-512 support to match SHA-256 2017-06-17 18:04:12 +03:00
sha384_i.h Add SHA384 and SHA512 implementations from LibTomCrypt library 2015-11-29 18:19:32 +02:00
sha512-internal.c crypto: Reduce the size of sha512_compress() stack frame 2019-01-02 16:31:19 +02:00
sha512-kdf.c Extend SHA-384 and SHA-512 support to match SHA-256 2017-06-17 18:04:12 +03:00
sha512-prf.c Extend SHA-384 and SHA-512 support to match SHA-256 2017-06-17 18:04:12 +03:00
sha512.c Add internal HMAC-SHA512 implementation to fix NEED_SHA512 builds 2018-12-31 11:57:37 +02:00
sha512.h Extend SHA-384 and SHA-512 support to match SHA-256 2017-06-17 18:04:12 +03:00
sha512_i.h Add SHA384 and SHA512 implementations from LibTomCrypt library 2015-11-29 18:19:32 +02:00
tls.h crl_reload_interval: Add CRL reloading support 2019-01-27 18:45:07 +02:00
tls_gnutls.c hostapd: Add configuration option check_crl_strict 2018-12-31 12:51:51 +02:00
tls_internal.c TLS server: Add internal callbacks get_failed, get_*_alerts 2019-02-10 01:43:50 +02:00
tls_none.c hostapd: Add configuration option check_crl_strict 2018-12-31 12:51:51 +02:00
tls_openssl.c OpenSSL: Fix uninitialized variable in CRL reloading corner case 2019-02-11 14:02:17 +02:00
tls_openssl.h BoringSSL: Move OCSP implementation into a separate file 2015-12-04 20:08:31 +02:00
tls_openssl_ocsp.c BoringSSL: Keep static analyzers happier with X509_get0_pubkey_bitstr() 2016-03-16 21:34:01 +02:00
tls_wolfssl.c hostapd: Add configuration option check_crl_strict 2018-12-31 12:51:51 +02:00