aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2017-11-29 19:40:31 (GMT)
committerJouni Malinen <j@w1.fi>2017-11-29 22:08:38 (GMT)
commitf981ce7298e6cf6fe1480605e53255edaf72dd26 (patch)
tree204ff5dd989d69c2ad829fc448e451b75b93b7c2
parent8a37d54ea7a511b6964b50b2e773daa91b839cf2 (diff)
downloadhostap-f981ce7298e6cf6fe1480605e53255edaf72dd26.zip
hostap-f981ce7298e6cf6fe1480605e53255edaf72dd26.tar.gz
hostap-f981ce7298e6cf6fe1480605e53255edaf72dd26.tar.bz2
DPP: Do not continue if public key hash derivation fails
sha256_vector() result was ignored apart from printing out the failure in the debug log. This is not really a normal case and it is better to reject the full operation rather than try to continue with an incorrect public key hash value. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
-rw-r--r--src/common/dpp.c9
1 files changed, 5 insertions, 4 deletions
diff --git a/src/common/dpp.c b/src/common/dpp.c
index 6927be0..d8cb458 100644
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -1352,11 +1352,12 @@ char * dpp_keygen(struct dpp_bootstrap_info *bi, const char *curve,
addr[0] = wpabuf_head(der);
len = wpabuf_len(der);
res = sha256_vector(1, addr, &len, bi->pubkey_hash);
- if (res < 0)
+ if (res < 0) {
wpa_printf(MSG_DEBUG, "DPP: Failed to hash public key");
- else
- wpa_hexdump(MSG_DEBUG, "DPP: Public key hash", bi->pubkey_hash,
- SHA256_MAC_LEN);
+ goto fail;
+ }
+ wpa_hexdump(MSG_DEBUG, "DPP: Public key hash", bi->pubkey_hash,
+ SHA256_MAC_LEN);
base64 = base64_encode(wpabuf_head(der), wpabuf_len(der), &len);
wpabuf_free(der);