WPS: Check SHA256 result success

author Jouni Malinen <jouni@codeaurora.org>

Tue, 15 Oct 2019 12:34:41 +0000 (15:34 +0300)

committer Jouni Malinen <j@w1.fi>

Tue, 15 Oct 2019 12:41:13 +0000 (15:41 +0300)
author Jouni Malinen <jouni@codeaurora.org>
Tue, 15 Oct 2019 12:34:41 +0000 (15:34 +0300)
committer Jouni Malinen <j@w1.fi>
Tue, 15 Oct 2019 12:41:13 +0000 (15:41 +0300)
diff --git a/src/wps/wps_attr_build.c b/src/wps/wps_attr_build.c

index 4e872f37295c1f6312a1c1f8886f2501ea8b4f15..5ec7133afc3302d4facc289e43160f12529aface 100644 (file)
--- a/src/wps/wps_attr_build.c
+++ b/src/wps/wps_attr_build.c
@@ -175,7 +175,9 @@ int wps_build_authenticator(struct wps_data *wps, struct wpabuf *msg)
         len[0] = wpabuf_len(wps->last_msg);
         addr[1] = wpabuf_head(msg);
         len[1] = wpabuf_len(msg);
-       hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 2, addr, len, hash);
+       if (hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 2, addr, len,
+                              hash) < 0)
+               return -1;
  
         wpa_printf(MSG_DEBUG, "WPS:  * Authenticator");
         wpabuf_put_be16(msg, ATTR_AUTHENTICATOR);
@@ -371,8 +373,9 @@ int wps_build_key_wrap_auth(struct wps_data *wps, struct wpabuf *msg)
         u8 hash[SHA256_MAC_LEN];
  
         wpa_printf(MSG_DEBUG, "WPS:  * Key Wrap Authenticator");
-       hmac_sha256(wps->authkey, WPS_AUTHKEY_LEN, wpabuf_head(msg),
-                   wpabuf_len(msg), hash);
+       if (hmac_sha256(wps->authkey, WPS_AUTHKEY_LEN, wpabuf_head(msg),
+                       wpabuf_len(msg), hash) < 0)
+               return -1;
  
         wpabuf_put_be16(msg, ATTR_KEY_WRAP_AUTH);
         wpabuf_put_be16(msg, WPS_KWA_LEN);
diff --git a/src/wps/wps_attr_process.c b/src/wps/wps_attr_process.c

index e8c4579309ab39138419cce0cc9f2b2c8a0127cf..44436a4862497594e55b2176840b207732fe1ef5 100644 (file)
--- a/src/wps/wps_attr_process.c
+++ b/src/wps/wps_attr_process.c
@@ -39,9 +39,10 @@ int wps_process_authenticator(struct wps_data *wps, const u8 *authenticator,
         len[0] = wpabuf_len(wps->last_msg);
         addr[1] = wpabuf_head(msg);
         len[1] = wpabuf_len(msg) - 4 - WPS_AUTHENTICATOR_LEN;
-       hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 2, addr, len, hash);
  
-       if (os_memcmp_const(hash, authenticator, WPS_AUTHENTICATOR_LEN) != 0) {
+       if (hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 2, addr, len,
+                              hash) < 0 ||
+           os_memcmp_const(hash, authenticator, WPS_AUTHENTICATOR_LEN) != 0) {
                 wpa_printf(MSG_DEBUG, "WPS: Incorrect Authenticator");
                 return -1;
         }
@@ -70,8 +71,8 @@ int wps_process_key_wrap_auth(struct wps_data *wps, struct wpabuf *msg,
                 return -1;
         }
  
-       hmac_sha256(wps->authkey, WPS_AUTHKEY_LEN, head, len, hash);
-       if (os_memcmp_const(hash, key_wrap_auth, WPS_KWA_LEN) != 0) {
+       if (hmac_sha256(wps->authkey, WPS_AUTHKEY_LEN, head, len, hash) < 0 ||
+           os_memcmp_const(hash, key_wrap_auth, WPS_KWA_LEN) != 0) {
                 wpa_printf(MSG_DEBUG, "WPS: Invalid KWA");
                 return -1;
         }
author	Jouni Malinen <jouni@codeaurora.org>
	Tue, 15 Oct 2019 12:34:41 +0000 (15:34 +0300)
committer	Jouni Malinen <j@w1.fi>
	Tue, 15 Oct 2019 12:41:13 +0000 (15:41 +0300)
src/wps/wps_attr_build.c		patch \| blob \| blame \| history
src/wps/wps_attr_process.c		patch \| blob \| blame \| history