DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

hostapd: Verify availability of random data when using WPA/WPA2

Browse source 
On Linux, verify that the kernel entropy pool is capable of providing
strong random data before allowing WPA/WPA2 connection to be
established. If 20 bytes of data cannot be read from /dev/random,
force first two 4-way handshakes to fail while collecting entropy
into the internal pool in hostapd. After that, give up on /dev/random
and allow the AP to function based on the combination of /dev/urandom
and whatever data has been collected into the internal entropy pool.
This commit is contained in:
Jouni Malinen 2010-11-24 13:08:03 +02:00
parent dbb6ed7e75
commit 08704cd885
4 changed files with 118 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/crypto/random.h
View file

@ -18,9 +18,13 @@
#ifdef CONFIG_NO_RANDOM_POOL
#define random_add_randomness(b, l) do { } while (0)
#define random_get_bytes(b, l) os_get_random((b), (l))
#define random_pool_ready() 1
#define random_mark_pool_ready() do { } while (0)
#else /* CONFIG_NO_RANDOM_POOL */
void random_add_randomness(const void *buf, size_t len);
int random_get_bytes(void *buf, size_t len);
int random_pool_ready(void);
void random_mark_pool_ready(void);
#endif /* CONFIG_NO_RANDOM_POOL */
#endif /* RANDOM_H */