From 0bb229a6e839ee7f72d817220834e6172135097b Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sun, 10 Mar 2013 11:26:22 +0200 Subject: [PATCH] SAE: Move commit element validation steps into single location It is clearer to keep all the validation steps described in IEEE 802.11 11.3.5.4 in a single location instead of splitting this between the parsing and processing functions. Signed-hostap: Jouni Malinen --- src/common/sae.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/common/sae.c b/src/common/sae.c index 44ffcd09f..900702a59 100644 --- a/src/common/sae.c +++ b/src/common/sae.c @@ -524,12 +524,6 @@ static int sae_derive_k_ecc(struct sae_data *sae, u8 *k) if (K == NULL) goto fail; - if (!crypto_ec_point_is_on_curve(sae->tmp->ec, - sae->tmp->peer_commit_element_ecc)) { - wpa_printf(MSG_DEBUG, "SAE: Peer element is not on curve"); - goto fail; - } - /* * K = scalar-op(rand, (elem-op(scalar-op(peer-commit-scalar, PWE), * PEER-COMMIT-ELEMENT))) @@ -821,6 +815,12 @@ static u16 sae_parse_commit_element_ecc(struct sae_data *sae, const u8 *pos, if (sae->tmp->peer_commit_element_ecc == NULL) return WLAN_STATUS_UNSPECIFIED_FAILURE; + if (!crypto_ec_point_is_on_curve(sae->tmp->ec, + sae->tmp->peer_commit_element_ecc)) { + wpa_printf(MSG_DEBUG, "SAE: Peer element is not on curve"); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + return WLAN_STATUS_SUCCESS; }