diff options
Diffstat (limited to 'src/common/dpp_pkex.c')
-rw-r--r-- | src/common/dpp_pkex.c | 41 |
1 files changed, 25 insertions, 16 deletions
diff --git a/src/common/dpp_pkex.c b/src/common/dpp_pkex.c index 72084d9f..dca0d8d3 100644 --- a/src/common/dpp_pkex.c +++ b/src/common/dpp_pkex.c @@ -30,8 +30,7 @@ static struct wpabuf * dpp_pkex_build_exchange_req(struct dpp_pkex *pkex, bool v2) { struct crypto_ec *ec = NULL; - const struct crypto_ec_point *X; - struct crypto_ec_point *Qi = NULL, *M = NULL; + struct crypto_ec_point *Qi = NULL, *M = NULL, *X = NULL; u8 *Mx, *My; struct wpabuf *msg = NULL; size_t attr_len; @@ -42,7 +41,7 @@ static struct wpabuf * dpp_pkex_build_exchange_req(struct dpp_pkex *pkex, /* Qi = H([MAC-Initiator |] [identifier |] code) * Pi */ Qi = dpp_pkex_derive_Qi(curve, v2 ? NULL : pkex->own_mac, pkex->code, - pkex->identifier, &ec); + pkex->code_len, pkex->identifier, &ec); if (!Qi) goto fail; @@ -146,10 +145,13 @@ skip_finite_cyclic_group: My = wpabuf_put(msg, curve->prime_len); if (crypto_ec_point_to_bin(ec, M, Mx, My)) goto fail; + wpabuf_free(pkex->enc_key); + pkex->enc_key = wpabuf_alloc_copy(Mx, 2 * curve->prime_len); os_memcpy(pkex->Mx, Mx, curve->prime_len); out: + crypto_ec_point_deinit(X, 1); crypto_ec_point_deinit(M, 1); crypto_ec_point_deinit(Qi, 1); crypto_ec_deinit(ec); @@ -171,7 +173,7 @@ static void dpp_pkex_fail(struct dpp_pkex *pkex, const char *txt) struct dpp_pkex * dpp_pkex_init(void *msg_ctx, struct dpp_bootstrap_info *bi, const u8 *own_mac, const char *identifier, const char *code, - bool v2) + size_t code_len, bool v2) { struct dpp_pkex *pkex; @@ -196,9 +198,10 @@ struct dpp_pkex * dpp_pkex_init(void *msg_ctx, struct dpp_bootstrap_info *bi, if (!pkex->identifier) goto fail; } - pkex->code = os_strdup(code); + pkex->code = os_memdup(code, code_len); if (!pkex->code) goto fail; + pkex->code_len = code_len; pkex->exchange_req = dpp_pkex_build_exchange_req(pkex, v2); if (!pkex->exchange_req) goto fail; @@ -340,7 +343,7 @@ struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, const u8 *own_mac, const u8 *peer_mac, const char *identifier, - const char *code, + const char *code, size_t code_len, const u8 *buf, size_t len, bool v2) { const u8 *attr_group, *attr_id, *attr_key; @@ -349,9 +352,8 @@ struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, u16 ike_group; struct dpp_pkex *pkex = NULL; struct crypto_ec_point *Qi = NULL, *Qr = NULL, *M = NULL, *X = NULL, - *N = NULL; + *N = NULL, *Y = NULL; struct crypto_ec *ec = NULL; - const struct crypto_ec_point *Y; u8 *x_coord = NULL, *y_coord = NULL; u8 Kx[DPP_MAX_SHARED_SECRET_LEN]; size_t Kx_len; @@ -438,8 +440,8 @@ struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, } /* Qi = H([MAC-Initiator |] [identifier |] code) * Pi */ - Qi = dpp_pkex_derive_Qi(curve, v2 ? NULL : peer_mac, code, identifier, - &ec); + Qi = dpp_pkex_derive_Qi(curve, v2 ? NULL : peer_mac, code, code_len, + identifier, &ec); if (!Qi) goto fail; @@ -478,9 +480,10 @@ struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, if (!pkex->identifier) goto fail; } - pkex->code = os_strdup(code); + pkex->code = os_memdup(code, code_len); if (!pkex->code) goto fail; + pkex->code_len = code_len; os_memcpy(pkex->Mx, attr_key, attr_key_len / 2); @@ -496,8 +499,8 @@ struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, goto fail; /* Qr = H([MAC-Responder |] [identifier |] code) * Pr */ - Qr = dpp_pkex_derive_Qr(curve, v2 ? NULL : own_mac, code, identifier, - NULL); + Qr = dpp_pkex_derive_Qr(curve, v2 ? NULL : own_mac, code, code_len, + identifier, NULL); if (!Qr) goto fail; @@ -551,7 +554,8 @@ struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, pkex->peer_version, DPP_VERSION, pkex->Mx, curve->prime_len, pkex->Nx, curve->prime_len, pkex->code, - Kx, Kx_len, pkex->z, curve->hash_len); + pkex->code_len, Kx, Kx_len, pkex->z, + curve->hash_len); os_memset(Kx, 0, Kx_len); if (res < 0) goto fail; @@ -566,6 +570,7 @@ out: crypto_ec_point_deinit(M, 1); crypto_ec_point_deinit(N, 1); crypto_ec_point_deinit(X, 1); + crypto_ec_point_deinit(Y, 1); crypto_ec_deinit(ec); return pkex; fail: @@ -791,7 +796,8 @@ struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex, /* Qr = H([MAC-Responder |] [identifier |] code) * Pr */ Qr = dpp_pkex_derive_Qr(curve, pkex->v2 ? NULL : pkex->peer_mac, - pkex->code, pkex->identifier, &ec); + pkex->code, pkex->code_len, pkex->identifier, + &ec); if (!Qr) goto fail; @@ -869,7 +875,7 @@ struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex, DPP_VERSION, pkex->peer_version, pkex->Mx, curve->prime_len, attr_key /* N.x */, attr_key_len / 2, - pkex->code, Kx, Kx_len, + pkex->code, pkex->code_len, Kx, Kx_len, pkex->z, curve->hash_len); os_memset(Kx, 0, Kx_len); if (res < 0) @@ -1357,6 +1363,8 @@ dpp_pkex_finish(struct dpp_global *dpp, struct dpp_pkex *pkex, const u8 *peer, dpp_bootstrap_info_free(bi); return NULL; } + os_memcpy(pkex->own_bi->peer_pubkey_hash, bi->pubkey_hash, + SHA256_MAC_LEN); dpp_pkex_free(pkex); dl_list_add(&dpp->bootstrap, &bi->list); return bi; @@ -1375,5 +1383,6 @@ void dpp_pkex_free(struct dpp_pkex *pkex) crypto_ec_key_deinit(pkex->peer_bootstrap_key); wpabuf_free(pkex->exchange_req); wpabuf_free(pkex->exchange_resp); + wpabuf_free(pkex->enc_key); os_free(pkex); } |