aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_server
diff options
context:
space:
mode:
authorFlorent Daigniere <nextgens@freenetproject.org>2014-06-27 10:24:30 (GMT)
committerJouni Malinen <j@w1.fi>2014-07-24 16:42:44 (GMT)
commitf119d6694250d5ac4105da72ddbdbe793251d230 (patch)
tree956d4c8fb48608cb7801d554ffa4858bd282f029 /src/eap_server
parent5197f0335cd682079e268edab1967dcee353a942 (diff)
downloadhostap-f119d6694250d5ac4105da72ddbdbe793251d230.zip
hostap-f119d6694250d5ac4105da72ddbdbe793251d230.tar.gz
hostap-f119d6694250d5ac4105da72ddbdbe793251d230.tar.bz2
EAP-pwd: Verify BN_rand_range return code
This makes the EAP-pwd server and peer implementations more robust should OpenSSL fail to derive random number for some reason. While this is unlikely to happen in practice, the implementation better be prepared for this should something unexpected ever happen. See http://jbp.io/2014/01/16/openssl-rand-api/#review-of-randbytes-callers for more details. Signed-off-by: Florent Daigniere <nextgens@freenetproject.org>
Diffstat (limited to 'src/eap_server')
-rw-r--r--src/eap_server/eap_server_pwd.c14
1 files changed, 9 insertions, 5 deletions
diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c
index fc2ae26..ed7dda1 100644
--- a/src/eap_server/eap_server_pwd.c
+++ b/src/eap_server/eap_server_pwd.c
@@ -210,11 +210,15 @@ static void eap_pwd_build_commit_req(struct eap_sm *sm,
goto fin;
}
- BN_rand_range(data->private_value, data->grp->order);
- BN_rand_range(mask, data->grp->order);
- BN_add(data->my_scalar, data->private_value, mask);
- BN_mod(data->my_scalar, data->my_scalar, data->grp->order,
- data->bnctx);
+ if (BN_rand_range(data->private_value, data->grp->order) != 1 ||
+ BN_rand_range(mask, data->grp->order) != 1 ||
+ BN_add(data->my_scalar, data->private_value, mask) != 1 ||
+ BN_mod(data->my_scalar, data->my_scalar, data->grp->order,
+ data->bnctx) != 1) {
+ wpa_printf(MSG_INFO,
+ "EAP-pwd (server): unable to get randomness");
+ goto fin;
+ }
if (!EC_POINT_mul(data->grp->group, data->my_element, NULL,
data->grp->pwe, mask, data->bnctx)) {