Home Explore Help
Register Sign In
wareck
/
openwrt_lede
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 488fc98adf
Branches Tags
openwrt_lede
/
package
/
network
/
services
/
hostapd
/
patches
/
017-Additional-consistentcy-checks-for-PTK-component-len.patch

017-Additional-consistentcy-checks-for-PTK-component-len.patch 3.3 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192 
  1. From a6ea665300919d6a3af22b1f4237203647fda93a Mon Sep 17 00:00:00 2001
    2. 

  2. From: Jouni Malinen <j@w1.fi>
    3. 

  3. Date: Tue, 17 Oct 2017 00:01:11 +0300
    4. 

  4. Subject: [PATCH] Additional consistentcy checks for PTK component lengths
    5. 

  5. 

  6. Verify that TK, KCK, and KEK lengths are set to consistent values within
    7. 

  7. struct wpa_ptk before using them in supplicant. This is an additional
    8. 

  8. layer of protection against unexpected states.
    9. 

  9. 

  10. Signed-off-by: Jouni Malinen <j@w1.fi>
    11. 

  11. ---
    12. 

  12.  src/common/wpa_common.c |  6 ++++++
    13. 

  13.  src/rsn_supp/wpa.c      | 26 ++++++++++++++++++++------
    14. 

  14.  2 files changed, 26 insertions(+), 6 deletions(-)
    15. 

  15. 

  16. --- a/src/common/wpa_common.c
    17. 

  17. +++ b/src/common/wpa_common.c
    18. 

  18. @@ -93,6 +93,12 @@ int wpa_eapol_key_mic(const u8 *key, siz
    19. 

  19.  {
    20. 

  20.  	u8 hash[SHA384_MAC_LEN];
    21. 

  21.  
    22. 

  22. +	if (key_len == 0) {
    23. 

  23. +		wpa_printf(MSG_DEBUG,
    24. 

  24. +			   "WPA: KCK not set - cannot calculate MIC");
    25. 

  25. +		return -1;
    26. 

  26. +	}
    27. 

  27. +
    28. 

  28.  	switch (ver) {
    29. 

  29.  #ifndef CONFIG_FIPS
    30. 

  30.  	case WPA_KEY_INFO_TYPE_HMAC_MD5_RC4:
    31. 

  31. --- a/src/rsn_supp/wpa.c
    32. 

  32. +++ b/src/rsn_supp/wpa.c
    33. 

  33. @@ -710,6 +710,11 @@ static int wpa_supplicant_install_ptk(st
    34. 

  34.  
    35. 

  35.  	alg = wpa_cipher_to_alg(sm->pairwise_cipher);
    36. 

  36.  	keylen = wpa_cipher_key_len(sm->pairwise_cipher);
    37. 

  37. +	if (keylen <= 0 || (unsigned int) keylen != sm->ptk.tk_len) {
    38. 

  38. +		wpa_printf(MSG_DEBUG, "WPA: TK length mismatch: %d != %lu",
    39. 

  39. +			   keylen, (long unsigned int) sm->ptk.tk_len);
    40. 

  40. +		return -1;
    41. 

  41. +	}
    42. 

  42.  	rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher);
    43. 

  43.  
    44. 

  44.  	if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) {
    45. 

  45. @@ -730,6 +735,7 @@ static int wpa_supplicant_install_ptk(st
    46. 

  46.  
    47. 

  47.  	/* TK is not needed anymore in supplicant */
    48. 

  48.  	os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN);
    49. 

  49. +	sm->ptk.tk_len = 0;
    50. 

  50.  	sm->ptk.installed = 1;
    51. 

  51.  
    52. 

  52.  	if (sm->wpa_ptk_rekey) {
    53. 

  53. @@ -1699,9 +1705,10 @@ static int wpa_supplicant_verify_eapol_k
    54. 

  54.  	os_memcpy(mic, key + 1, mic_len);
    55. 

  55.  	if (sm->tptk_set) {
    56. 

  56.  		os_memset(key + 1, 0, mic_len);
    57. 

  57. -		wpa_eapol_key_mic(sm->tptk.kck, sm->tptk.kck_len, sm->key_mgmt,
    58. 

  58. -				  ver, buf, len, (u8 *) (key + 1));
    59. 

  59. -		if (os_memcmp_const(mic, key + 1, mic_len) != 0) {
    60. 

  60. +		if (wpa_eapol_key_mic(sm->tptk.kck, sm->tptk.kck_len,
    61. 

  61. +				      sm->key_mgmt,
    62. 

  62. +				      ver, buf, len, (u8 *) (key + 1)) < 0 ||
    63. 

  63. +		    os_memcmp_const(mic, key + 1, mic_len) != 0) {
    64. 

  64.  			wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
    65. 

  65.  				"WPA: Invalid EAPOL-Key MIC "
    66. 

  66.  				"when using TPTK - ignoring TPTK");
    67. 

  67. @@ -1724,9 +1731,10 @@ static int wpa_supplicant_verify_eapol_k
    68. 

  68.  
    69. 

  69.  	if (!ok && sm->ptk_set) {
    70. 

  70.  		os_memset(key + 1, 0, mic_len);
    71. 

  71. -		wpa_eapol_key_mic(sm->ptk.kck, sm->ptk.kck_len, sm->key_mgmt,
    72. 

  72. -				  ver, buf, len, (u8 *) (key + 1));
    73. 

  73. -		if (os_memcmp_const(mic, key + 1, mic_len) != 0) {
    74. 

  74. +		if (wpa_eapol_key_mic(sm->ptk.kck, sm->ptk.kck_len,
    75. 

  75. +				      sm->key_mgmt,
    76. 

  76. +				      ver, buf, len, (u8 *) (key + 1)) < 0 ||
    77. 

  77. +		    os_memcmp_const(mic, key + 1, mic_len) != 0) {
    78. 

  78.  			wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
    79. 

  79.  				"WPA: Invalid EAPOL-Key MIC - "
    80. 

  80.  				"dropping packet");
    81. 

  81. @@ -3689,6 +3697,11 @@ int fils_process_assoc_resp(struct wpa_s
    82. 

  82.  
    83. 

  83.  	alg = wpa_cipher_to_alg(sm->pairwise_cipher);
    84. 

  84.  	keylen = wpa_cipher_key_len(sm->pairwise_cipher);
    85. 

  85. +	if (keylen <= 0 || (unsigned int) keylen != sm->ptk.tk_len) {
    86. 

  86. +		wpa_printf(MSG_DEBUG, "FILS: TK length mismatch: %u != %lu",
    87. 

  87. +			   keylen, (long unsigned int) sm->ptk.tk_len);
    88. 

  88. +		goto fail;
    89. 

  89. +	}
    90. 

  90.  	rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher);
    91. 

  91.  	wpa_hexdump_key(MSG_DEBUG, "FILS: Set TK to driver",
    92. 

  92.  			sm->ptk.tk, keylen);
    93.