From: Jouni Malinen <quic_jouni@quicinc.com>
Date: Thu, 10 Nov 2022 18:43:22 +0000 (+0200)
Subject: SAE: Print rejection of peer element clearly in debug log
X-Git-Tag: hostap_2_11~1528
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3abd0c4719ac6575b190a72f5b768bedb8989ced;p=thirdparty%2Fhostap.git

SAE: Print rejection of peer element clearly in debug log

Depending on the crypto library, crypto_ec_point_from_bin() can fail if
the element is not on curve, i.e., that error may show up before getting
to the explicit crypto_ec_point_is_on_curve() check. Add a debug print
for that earlier call so that the debug log is clearly identifying
reason for rejecting the SAE commit message.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
---

diff --git a/src/common/sae.c b/src/common/sae.c
index 1e9ea8efa..e597bfc1a 100644
--- a/src/common/sae.c
+++ b/src/common/sae.c
@@ -1967,8 +1967,10 @@ static u16 sae_parse_commit_element_ecc(struct sae_data *sae, const u8 **pos,
 	crypto_ec_point_deinit(sae->tmp->peer_commit_element_ecc, 0);
 	sae->tmp->peer_commit_element_ecc =
 		crypto_ec_point_from_bin(sae->tmp->ec, *pos);
-	if (sae->tmp->peer_commit_element_ecc == NULL)
+	if (!sae->tmp->peer_commit_element_ecc) {
+		wpa_printf(MSG_DEBUG, "SAE: Peer element is not a valid point");
 		return WLAN_STATUS_UNSPECIFIED_FAILURE;
+	}
 
 	if (!crypto_ec_point_is_on_curve(sae->tmp->ec,
 					 sae->tmp->peer_commit_element_ecc)) {