aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_peer
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2015-12-19 18:34:27 (GMT)
committerJouni Malinen <j@w1.fi>2015-12-19 18:34:27 (GMT)
commit4b90fcdb76f13488933eb9a755c5a5b388739abb (patch)
tree1eab2e6c89bf1dc52f1967cb5aabee3ccac61eed /src/eap_peer
parent81e1ab85bcdac8fd9eeb531bc41a1373ddfc4abe (diff)
downloadhostap-4b90fcdb76f13488933eb9a755c5a5b388739abb.zip
hostap-4b90fcdb76f13488933eb9a755c5a5b388739abb.tar.gz
hostap-4b90fcdb76f13488933eb9a755c5a5b388739abb.tar.bz2
EAP-PEAP peer: Check SHA1 result when deriving Compond_MAC
This handles a mostly theoretical case where hmac_sha1_vector() might fail for some reason. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eap_peer')
-rw-r--r--src/eap_peer/eap_peap.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/eap_peer/eap_peap.c b/src/eap_peer/eap_peap.c
index 286c939..164ac26 100644
--- a/src/eap_peer/eap_peap.c
+++ b/src/eap_peer/eap_peap.c
@@ -334,7 +334,8 @@ static int eap_tlv_add_cryptobinding(struct eap_sm *sm,
addr[0], len[0]);
wpa_hexdump(MSG_MSGDUMP, "EAP-PEAP: Compound_MAC data 2",
addr[1], len[1]);
- hmac_sha1_vector(data->cmk, 20, 2, addr, len, mac);
+ if (hmac_sha1_vector(data->cmk, 20, 2, addr, len, mac) < 0)
+ return -1;
wpa_hexdump(MSG_MSGDUMP, "EAP-PEAP: Compound_MAC", mac, SHA1_MAC_LEN);
data->crypto_binding_used = 1;