SAE: Print rejection of peer element clearly in debug log

Depending on the crypto library, crypto_ec_point_from_bin() can fail if
the element is not on curve, i.e., that error may show up before getting
to the explicit crypto_ec_point_is_on_curve() check. Add a debug print
for that earlier call so that the debug log is clearly identifying
reason for rejecting the SAE commit message.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>

diff --git a/src/common/sae.c b/src/common/sae.c
index 1e9ea8efa47f5752481be1af96f92759967b02ae..e597bfc1ac1a2efcb06025f41cfa959d9380d05d 100644 (file)
--- a/src/common/sae.c
+++ b/src/common/sae.c
@@ -1967,8 +1967,10 @@ static u16 sae_parse_commit_element_ecc(struct sae_data *sae, const u8 **pos,
        crypto_ec_point_deinit(sae->tmp->peer_commit_element_ecc, 0);
        sae->tmp->peer_commit_element_ecc =
                crypto_ec_point_from_bin(sae->tmp->ec, *pos);
-       if (sae->tmp->peer_commit_element_ecc == NULL)
+       if (!sae->tmp->peer_commit_element_ecc) {
+               wpa_printf(MSG_DEBUG, "SAE: Peer element is not a valid point");
                return WLAN_STATUS_UNSPECIFIED_FAILURE;
+       }
 
        if (!crypto_ec_point_is_on_curve(sae->tmp->ec,
                                         sae->tmp->peer_commit_element_ecc)) {