aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNick Lowe <nick.lowe@lugatech.com>2016-02-09 16:02:32 (GMT)
committerJouni Malinen <j@w1.fi>2016-02-19 16:44:40 (GMT)
commit4b16c15bbc8b20a85bb3d6f45bba5621a047618e (patch)
tree9438e9c8fd7ef27ea662bd5c0d19acd0484e8558
parent239952b4daba6b99bf713950b30f848ca66cc062 (diff)
downloadhostap-4b16c15bbc8b20a85bb3d6f45bba5621a047618e.zip
hostap-4b16c15bbc8b20a85bb3d6f45bba5621a047618e.tar.gz
hostap-4b16c15bbc8b20a85bb3d6f45bba5621a047618e.tar.bz2
EAP-pwd server: Use os_get_random() for unpredictable token
Do not use os_random() that uses a low quality PRNG to generate the anti-clogging token. The construction can be improved upon by replacing it with a call to os_get_random(), which uses a high quality PRNG. While the RFC 5931 explictly recommends not to do this ("SHOULD NOT be from a source of random entropy"), it does still mandate unpredicability ("MUST be unpredictable"). The anti-clogging token is most unpredictable when it is taken from a high quality PRNG. Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
-rw-r--r--src/eap_server/eap_server_pwd.c9
1 files changed, 7 insertions, 2 deletions
diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c
index 36ac555..64bf708 100644
--- a/src/eap_server/eap_server_pwd.c
+++ b/src/eap_server/eap_server_pwd.c
@@ -178,8 +178,13 @@ static void eap_pwd_build_id_req(struct eap_sm *sm, struct eap_pwd_data *data,
return;
}
- /* an lfsr is good enough to generate unpredictable tokens */
- data->token = os_random();
+ if (os_get_random((u8 *) &data->token, sizeof(data->token)) < 0) {
+ wpabuf_free(data->outbuf);
+ data->outbuf = NULL;
+ eap_pwd_state(data, FAILURE);
+ return;
+ }
+
wpabuf_put_be16(data->outbuf, data->group_num);
wpabuf_put_u8(data->outbuf, EAP_PWD_DEFAULT_RAND_FUNC);
wpabuf_put_u8(data->outbuf, EAP_PWD_DEFAULT_PRF);