Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

SAE: Fix PWE loop termination on excessive iterations

The counter>200 check needs to be done before the continue-on-not-found
case to be effective in stopping this loop.

Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen 12 years ago
parent
d5f5fa86e4
commit
cbf9f4c642
1 changed files with 6 additions and 6 deletions
Split View Show Diff Stats
  1. 6 6
      src/common/sae.c

+ 6 - 6
src/common/sae.c
View File 

@@ -202,6 +202,12 @@ static int sae_derive_pwe(struct sae_data *sae, const u8 *addr1,
 
 		u8 pwd_seed[SHA256_MAC_LEN];
 
 		int res;
 
 
+		if (counter > 200) {
 
+			/* This should not happen in practice */
 
+			wpa_printf(MSG_DEBUG, "SAE: Failed to derive PWE");
 
+			break;
 
+		}
 
+
 
 		wpa_printf(MSG_DEBUG, "SAE: counter = %u", counter);
 
 		if (hmac_sha256_vector(addrs, sizeof(addrs), 2, addr, len,
 
 				       pwd_seed) < 0)
 
@@ -220,12 +226,6 @@ static int sae_derive_pwe(struct sae_data *sae, const u8 *addr1,
 
 			wpa_printf(MSG_DEBUG, "SAE: Use this PWE");
 
 			found = 1;
 
 		}
 
-
 
-		if (counter > 200) {
 
-			/* This should not happen in practice */
 
-			wpa_printf(MSG_DEBUG, "SAE: Failed to derive PWE");
 
-			break;
 
-		}
 
 	}
 
 
 	crypto_ec_point_deinit(pwe_tmp, 1);