hostap/src/eap_common
Jouni Malinen b11fa98bcb Add explicit checks for peer's DH public key
Pass the group order (if known/specified) to crypto_dh_derive_secret()
(and also to OpenSSL DH_generate_key() in case of Group 5) and verify
that the public key received from the peer meets 1 < pubkey < p and
pubkey^q == 1 mod p conditions.

While all these use cases were using only ephemeral DH keys, it is
better to use more explicit checks while deriving the shared secret to
avoid unexpected behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-05 17:05:03 +02:00
..
chap.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
chap.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_common.c Fix a typo in function documentation 2015-05-03 16:31:59 +03:00
eap_common.h ERP: Add TV/TLV parser 2014-12-04 12:08:59 +02:00
eap_defs.h ERP: Add defines for EAP Re-Authentication Protocol 2014-12-04 00:58:14 +02:00
eap_eke_common.c Add explicit checks for peer's DH public key 2019-03-05 17:05:03 +02:00
eap_eke_common.h EAP-EKE: Add peer implementation 2013-07-07 20:30:10 +03:00
eap_fast_common.c Remove trailing whitespace 2016-12-28 14:31:42 +02:00
eap_fast_common.h TLS: Split tls_connection_prf() into two functions 2016-05-23 20:40:12 +03:00
eap_gpsk_common.c EAP-GPSK: Check HMAC-SHA256 result in GKDF and MIC 2015-10-17 20:40:01 +03:00
eap_gpsk_common.h EAP peer: Add Session-Id derivation 2013-02-09 01:20:38 +02:00
eap_ikev2_common.c EAP-IKEv2: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
eap_ikev2_common.h EAP-IKEv2: Remove obsolete ccns.pl project workarounds 2014-06-08 12:28:36 +03:00
eap_pax_common.c EAP-PAX: Check hmac_sha1_vector() return value 2016-01-06 21:12:08 +02:00
eap_pax_common.h EAP-PAX: Derive EAP Session-Id 2014-12-01 01:46:07 +02:00
eap_peap_common.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_peap_common.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_psk_common.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_psk_common.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_pwd_common.c EAP-pwd: Mask timing of PWE derivation 2018-05-28 22:15:15 +03:00
eap_pwd_common.h EAP-pwd: Pre-processing method definitions from RFC 8146 2018-05-28 17:15:07 +03:00
eap_sake_common.c EAP-SAKE: Fix a typo in attribute parser debug print 2015-11-28 12:25:42 +02:00
eap_sake_common.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_sim_common.c Use os_memdup() 2017-03-07 13:19:10 +02:00
eap_sim_common.h EAP-SIM/AKA: Pass EAP type as argument to eap_sim_msg_finish() 2014-07-02 12:38:47 +03:00
eap_tlv_common.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_ttls.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_wsc_common.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_wsc_common.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
ikev2_common.c EAP-IKEv2: Check HMAC SHA1/MD5 result 2015-12-05 21:49:04 +02:00
ikev2_common.h EAP-IKEv2: Remove obsolete ccns.pl project workarounds 2014-06-08 12:28:36 +03:00
Makefile tests: Add eapol-fuzzer 2015-04-22 11:44:19 +03:00