aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_common
diff options
context:
space:
mode:
authorJouni Malinen <jouni@codeaurora.org>2019-04-25 17:43:41 (GMT)
committerJouni Malinen <j@w1.fi>2019-04-25 20:49:49 (GMT)
commita9615b1b889680dea7fe39d55a59e8a7e8b03b6d (patch)
tree8e329917139cae31bef9b10d95977c51c8f73585 /src/eap_common
parent6c9543fcb7962e26c2a91c43089abe171d073b44 (diff)
downloadhostap-a9615b1b889680dea7fe39d55a59e8a7e8b03b6d.zip
hostap-a9615b1b889680dea7fe39d55a59e8a7e8b03b6d.tar.gz
hostap-a9615b1b889680dea7fe39d55a59e8a7e8b03b6d.tar.bz2
Share common SAE and EAP-pwd functionality: random 1..p-1 creation
Use a shared helper function to create a random value in 1..p-1 range for is_quadratic_residue(). Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Diffstat (limited to 'src/eap_common')
-rw-r--r--src/eap_common/eap_pwd_common.c16
1 files changed, 5 insertions, 11 deletions
diff --git a/src/eap_common/eap_pwd_common.c b/src/eap_common/eap_pwd_common.c
index 45ccff4..4c23636 100644
--- a/src/eap_common/eap_pwd_common.c
+++ b/src/eap_common/eap_pwd_common.c
@@ -121,14 +121,14 @@ int compute_password_element(EAP_PWD_group *grp, u16 num,
const u8 *id_peer, size_t id_peer_len,
const u8 *token)
{
- struct crypto_bignum *qr = NULL, *qnr = NULL, *one = NULL;
+ struct crypto_bignum *qr = NULL, *qnr = NULL;
struct crypto_bignum *qr_or_qnr = NULL;
u8 qr_bin[MAX_ECC_PRIME_LEN];
u8 qnr_bin[MAX_ECC_PRIME_LEN];
u8 qr_or_qnr_bin[MAX_ECC_PRIME_LEN];
u8 x_bin[MAX_ECC_PRIME_LEN];
u8 prime_bin[MAX_ECC_PRIME_LEN];
- struct crypto_bignum *tmp1 = NULL, *tmp2 = NULL, *pm1 = NULL;
+ struct crypto_bignum *tmp1 = NULL, *tmp2 = NULL;
struct crypto_hash *hash;
unsigned char pwe_digest[SHA256_MAC_LEN], *prfbuf = NULL, ctr;
int ret = 0, check, res;
@@ -151,10 +151,7 @@ int compute_password_element(EAP_PWD_group *grp, u16 num,
primebytelen) < 0)
return -1;
grp->pwe = crypto_ec_point_init(grp->group);
- tmp1 = crypto_bignum_init();
- pm1 = crypto_bignum_init();
- one = crypto_bignum_init_set((const u8 *) "\x01", 1);
- if (!grp->pwe || !tmp1 || !pm1 || !one) {
+ if (!grp->pwe) {
wpa_printf(MSG_INFO, "EAP-pwd: unable to create bignums");
goto fail;
}
@@ -164,8 +161,6 @@ int compute_password_element(EAP_PWD_group *grp, u16 num,
"buffer");
goto fail;
}
- if (crypto_bignum_sub(prime, one, pm1) < 0)
- goto fail;
/* get a random quadratic residue and nonresidue */
if (dragonfly_get_random_qr_qnr(prime, &qr, &qnr) < 0 ||
@@ -242,7 +237,8 @@ int compute_password_element(EAP_PWD_group *grp, u16 num,
*
* tmp1 is a random number between 1 and p-1
*/
- if (crypto_bignum_rand(tmp1, pm1) < 0 ||
+ tmp1 = dragonfly_get_rand_1_to_p_1(prime);
+ if (!tmp1 ||
crypto_bignum_mulmod(tmp2, tmp1, prime, tmp2) < 0 ||
crypto_bignum_mulmod(tmp2, tmp1, prime, tmp2) < 0)
goto fail;
@@ -317,13 +313,11 @@ int compute_password_element(EAP_PWD_group *grp, u16 num,
}
/* cleanliness and order.... */
crypto_bignum_deinit(x_candidate, 1);
- crypto_bignum_deinit(pm1, 0);
crypto_bignum_deinit(tmp1, 1);
crypto_bignum_deinit(tmp2, 1);
crypto_bignum_deinit(qr, 1);
crypto_bignum_deinit(qnr, 1);
crypto_bignum_deinit(qr_or_qnr, 1);
- crypto_bignum_deinit(one, 0);
bin_clear_free(prfbuf, primebytelen);
os_memset(qr_bin, 0, sizeof(qr_bin));
os_memset(qnr_bin, 0, sizeof(qnr_bin));