From: Jouni Malinen Date: Mon, 18 Apr 2022 08:01:23 +0000 (+0300) Subject: wolfSSL: Fix crypto_dh_init() and dh5_init() X-Git-Tag: hostap_2_11~2028 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c31fc7a64c5b8a091b781e74b2de733ee63c2662;p=thirdparty%2Fhostap.git wolfSSL: Fix crypto_dh_init() and dh5_init() priv_sz and pub_sz needs to be initialized to the buffer size before the wc_DhGenerateKeyPair() call. The previous version happened to work in some cases where a separate handled prime length was used, but not for the generic case. Signed-off-by: Jouni Malinen --- diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index 22e8c044c..dba4dee82 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -682,6 +682,7 @@ void * dh5_init(struct wpabuf **priv, struct wpabuf **publ) != 0) goto done; + priv_sz = pub_sz = RFC3526_LEN; if (wc_DhGenerateKeyPair(dh, &rng, wpabuf_mhead(privkey), &priv_sz, wpabuf_mhead(pubkey), &pub_sz) != 0) goto done; @@ -815,6 +816,7 @@ int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey, if (wc_DhSetKey(dh, prime, prime_len, &generator, 1) != 0) goto done; + priv_sz = pub_sz = prime_len; if (wc_DhGenerateKeyPair(dh, &rng, privkey, &priv_sz, pubkey, &pub_sz) != 0) goto done;