[PATCH 2/2] sae: check if server point/scalar is valid

James Prestwood james.prestwood at linux.intel.com
Wed Apr 10 11:54:14 PDT 2019


---
 src/sae.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/sae.c b/src/sae.c
index 32a1ca8d..446c7c62 100644
--- a/src/sae.c
+++ b/src/sae.c
@@ -274,6 +274,8 @@ static bool sae_compute_pwe(struct sae_sm *sm, char *password,
 		sae_pwd_seed(addr1, addr2, base, base_len, counter, pwd_seed);
 
 		pwd_value = sae_pwd_value(sm->curve, pwd_seed);
+		if (!pwd_value)
+			continue;
 
 		if (sae_is_quadradic_residue(sm->curve, pwd_value, qr, qnr)) {
 			if (found == false) {
@@ -451,11 +453,18 @@ static void sae_process_commit(struct sae_sm *sm, const uint8_t *from,
 	}
 
 	sm->p_scalar = l_ecc_scalar_new(sm->curve, ptr, nbytes);
+	if (!sm->p_scalar) {
+		l_error("Server sent invalid P_Scalar during commit");
+		reason = MMPDU_REASON_CODE_UNSPECIFIED;
+		goto reject;
+	}
+
 	ptr += nbytes;
 
 	sm->p_element = l_ecc_point_from_data(sm->curve, L_ECC_POINT_TYPE_FULL,
 						ptr, nbytes * 2);
 	if (!sm->p_element) {
+		l_error("Server sent invalid P_Element during commit");
 		reason = MMPDU_REASON_CODE_UNSPECIFIED;
 		goto reject;
 	}
-- 
2.17.1



More information about the iwd mailing list