diff options
| author | Hauke Mehrtens <hauke@hauke-m.de> | 2022-02-12 20:37:12 +0100 |
|---|---|---|
| committer | Hauke Mehrtens <hauke@hauke-m.de> | 2022-02-13 19:14:38 +0100 |
| commit | e7596ce0b08595083a32870cc019de9bb514aaec (patch) | |
| tree | a027cdf5ac580f4cf01892293eba96afc55055a0 /package/network/services/hostapd/patches/082-dragonfly-Add-sqrt-helper-function.patch | |
| parent | 1691c1168d15752eaeb9ab2dda15553754df95be (diff) | |
| download | openwrt-e7596ce0b08595083a32870cc019de9bb514aaec.tar.gz openwrt-e7596ce0b08595083a32870cc019de9bb514aaec.tar.bz2 openwrt-e7596ce0b08595083a32870cc019de9bb514aaec.zip | |
hostapd: Apply SAE/EAP-pwd side-channel attack update 2
This fixes some recent security problems in hostapd.
See here for details: https://w1.fi/security/2022-1
* CVE-2022-23303
* CVE-2022-23304
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Diffstat (limited to 'package/network/services/hostapd/patches/082-dragonfly-Add-sqrt-helper-function.patch')
| -rw-r--r-- | package/network/services/hostapd/patches/082-dragonfly-Add-sqrt-helper-function.patch | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/package/network/services/hostapd/patches/082-dragonfly-Add-sqrt-helper-function.patch b/package/network/services/hostapd/patches/082-dragonfly-Add-sqrt-helper-function.patch new file mode 100644 index 0000000000..b8b1e078b0 --- /dev/null +++ b/package/network/services/hostapd/patches/082-dragonfly-Add-sqrt-helper-function.patch @@ -0,0 +1,65 @@ +From 2232d3d5f188b65dbb6c823ac62175412739eb16 Mon Sep 17 00:00:00 2001 +From: Jouni Malinen <j@w1.fi> +Date: Fri, 7 Jan 2022 13:47:16 +0200 +Subject: [PATCH 2/4] dragonfly: Add sqrt() helper function + +This is a backport of "SAE: Move sqrt() implementation into a helper +function" to introduce the helper function needed for the following +patches. + +Signed-off-by: Jouni Malinen <j@w1.fi> +--- + src/common/dragonfly.c | 34 ++++++++++++++++++++++++++++++++++ + src/common/dragonfly.h | 2 ++ + 2 files changed, 36 insertions(+) + +--- a/src/common/dragonfly.c ++++ b/src/common/dragonfly.c +@@ -213,3 +213,37 @@ int dragonfly_generate_scalar(const stru + "dragonfly: Unable to get randomness for own scalar"); + return -1; + } ++ ++ ++/* res = sqrt(val) */ ++int dragonfly_sqrt(struct crypto_ec *ec, const struct crypto_bignum *val, ++ struct crypto_bignum *res) ++{ ++ const struct crypto_bignum *prime; ++ struct crypto_bignum *tmp, *one; ++ int ret = 0; ++ u8 prime_bin[DRAGONFLY_MAX_ECC_PRIME_LEN]; ++ size_t prime_len; ++ ++ /* For prime p such that p = 3 mod 4, sqrt(w) = w^((p+1)/4) mod p */ ++ ++ prime = crypto_ec_get_prime(ec); ++ prime_len = crypto_ec_prime_len(ec); ++ tmp = crypto_bignum_init(); ++ one = crypto_bignum_init_uint(1); ++ ++ if (crypto_bignum_to_bin(prime, prime_bin, sizeof(prime_bin), ++ prime_len) < 0 || ++ (prime_bin[prime_len - 1] & 0x03) != 3 || ++ !tmp || !one || ++ /* tmp = (p+1)/4 */ ++ crypto_bignum_add(prime, one, tmp) < 0 || ++ crypto_bignum_rshift(tmp, 2, tmp) < 0 || ++ /* res = sqrt(val) */ ++ crypto_bignum_exptmod(val, tmp, prime, res) < 0) ++ ret = -1; ++ ++ crypto_bignum_deinit(tmp, 0); ++ crypto_bignum_deinit(one, 0); ++ return ret; ++} +--- a/src/common/dragonfly.h ++++ b/src/common/dragonfly.h +@@ -27,5 +27,7 @@ int dragonfly_generate_scalar(const stru + struct crypto_bignum *_rand, + struct crypto_bignum *_mask, + struct crypto_bignum *scalar); ++int dragonfly_sqrt(struct crypto_ec *ec, const struct crypto_bignum *val, ++ struct crypto_bignum *res); + + #endif /* DRAGONFLY_H */ |