mirror of
https://github.com/openwrt/openwrt.git
synced 2025-01-01 11:36:49 +00:00
e8c5e6177d
Fixes this security problem:
* SAE/EAP-pwd side-channel attack update
https://w1.fi/security/2019-6/sae-eap-pwd-side-channel-attack-update.txt
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 7bed9bf10f)
41 lines
1.1 KiB
Diff
41 lines
1.1 KiB
Diff
From 92e1b96c26a84e503847bdd22ebadf697c4031ad Mon Sep 17 00:00:00 2001
|
|
From: Jouni Malinen <j@w1.fi>
|
|
Date: Sat, 13 Apr 2019 17:20:57 +0300
|
|
Subject: EAP-pwd: Disallow ECC groups with a prime under 256 bits
|
|
|
|
Based on the SAE implementation guidance update to not allow ECC groups
|
|
with a prime that is under 256 bits, reject groups 25, 26, and 27 in
|
|
EAP-pwd.
|
|
|
|
Signed-off-by: Jouni Malinen <j@w1.fi>
|
|
---
|
|
src/eap_common/eap_pwd_common.c | 13 +++++++++++++
|
|
1 file changed, 13 insertions(+)
|
|
|
|
--- a/src/eap_common/eap_pwd_common.c
|
|
+++ b/src/eap_common/eap_pwd_common.c
|
|
@@ -85,10 +85,23 @@ static int eap_pwd_kdf(const u8 *key, si
|
|
}
|
|
|
|
|
|
+static int eap_pwd_suitable_group(u16 num)
|
|
+{
|
|
+ /* Do not allow ECC groups with prime under 256 bits based on guidance
|
|
+ * for the similar design in SAE. */
|
|
+ return num == 19 || num == 20 || num == 21 ||
|
|
+ num == 28 || num == 29 || num == 30;
|
|
+}
|
|
+
|
|
+
|
|
EAP_PWD_group * get_eap_pwd_group(u16 num)
|
|
{
|
|
EAP_PWD_group *grp;
|
|
|
|
+ if (!eap_pwd_suitable_group(num)) {
|
|
+ wpa_printf(MSG_INFO, "EAP-pwd: unsuitable group %u", num);
|
|
+ return NULL;
|
|
+ }
|
|
grp = os_zalloc(sizeof(EAP_PWD_group));
|
|
if (!grp)
|
|
return NULL;
|