crypto: Check if crypto_bignum_to_bin() is successful
Return value of crypto_bignum_to_bin() wasn't always checked, resulting in potential access to uninitialized values. Fix it, as some analyzers complain about it. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com> Signed-off-by: Micha Hashkes <micha.hashkes@intel.com>
This commit is contained in:
parent
2749a2c6bf
commit
a7f6b85180
5 changed files with 81 additions and 24 deletions
|
@ -1606,7 +1606,9 @@ static int sae_derive_keys(struct sae_data *sae, const u8 *k)
|
||||||
* (commit-scalar + peer-commit-scalar) mod r part as a bit string by
|
* (commit-scalar + peer-commit-scalar) mod r part as a bit string by
|
||||||
* zero padding it from left to the length of the order (in full
|
* zero padding it from left to the length of the order (in full
|
||||||
* octets). */
|
* octets). */
|
||||||
crypto_bignum_to_bin(tmp, val, sizeof(val), sae->tmp->order_len);
|
if (crypto_bignum_to_bin(tmp, val, sizeof(val),
|
||||||
|
sae->tmp->order_len) < 0)
|
||||||
|
goto fail;
|
||||||
wpa_hexdump(MSG_DEBUG, "SAE: PMKID", val, SAE_PMKID_LEN);
|
wpa_hexdump(MSG_DEBUG, "SAE: PMKID", val, SAE_PMKID_LEN);
|
||||||
|
|
||||||
#ifdef CONFIG_SAE_PK
|
#ifdef CONFIG_SAE_PK
|
||||||
|
|
|
@ -2449,13 +2449,15 @@ int crypto_ec_point_to_bin(struct crypto_ec *e,
|
||||||
EC_POINT_get_affine_coordinates(e->group, (EC_POINT *) point,
|
EC_POINT_get_affine_coordinates(e->group, (EC_POINT *) point,
|
||||||
x_bn, y_bn, e->bnctx)) {
|
x_bn, y_bn, e->bnctx)) {
|
||||||
if (x) {
|
if (x) {
|
||||||
crypto_bignum_to_bin((struct crypto_bignum *) x_bn,
|
ret = crypto_bignum_to_bin(
|
||||||
x, len, len);
|
(struct crypto_bignum *) x_bn, x, len, len);
|
||||||
}
|
}
|
||||||
if (y) {
|
if (ret >= 0 && y) {
|
||||||
crypto_bignum_to_bin((struct crypto_bignum *) y_bn,
|
ret = crypto_bignum_to_bin(
|
||||||
y, len, len);
|
(struct crypto_bignum *) y_bn, y, len, len);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (ret > 0)
|
||||||
ret = 0;
|
ret = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -356,9 +356,19 @@ int compute_keys(EAP_PWD_group *grp, const struct crypto_bignum *k,
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
eap_pwd_h_update(hash, (const u8 *) ciphersuite, sizeof(u32));
|
eap_pwd_h_update(hash, (const u8 *) ciphersuite, sizeof(u32));
|
||||||
crypto_bignum_to_bin(peer_scalar, cruft, order_len, order_len);
|
if (crypto_bignum_to_bin(peer_scalar, cruft, order_len,
|
||||||
|
order_len) < 0) {
|
||||||
|
os_free(cruft);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
eap_pwd_h_update(hash, cruft, order_len);
|
eap_pwd_h_update(hash, cruft, order_len);
|
||||||
crypto_bignum_to_bin(server_scalar, cruft, order_len, order_len);
|
if (crypto_bignum_to_bin(server_scalar, cruft, order_len,
|
||||||
|
order_len) < 0) {
|
||||||
|
os_free(cruft);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
eap_pwd_h_update(hash, cruft, order_len);
|
eap_pwd_h_update(hash, cruft, order_len);
|
||||||
eap_pwd_h_final(hash, &session_id[1]);
|
eap_pwd_h_final(hash, &session_id[1]);
|
||||||
|
|
||||||
|
@ -368,7 +378,12 @@ int compute_keys(EAP_PWD_group *grp, const struct crypto_bignum *k,
|
||||||
os_free(cruft);
|
os_free(cruft);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
crypto_bignum_to_bin(k, cruft, prime_len, prime_len);
|
|
||||||
|
if (crypto_bignum_to_bin(k, cruft, prime_len, prime_len) < 0) {
|
||||||
|
os_free(cruft);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
eap_pwd_h_update(hash, cruft, prime_len);
|
eap_pwd_h_update(hash, cruft, prime_len);
|
||||||
os_free(cruft);
|
os_free(cruft);
|
||||||
eap_pwd_h_update(hash, confirm_peer, SHA256_MAC_LEN);
|
eap_pwd_h_update(hash, confirm_peer, SHA256_MAC_LEN);
|
||||||
|
|
|
@ -666,7 +666,10 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
|
||||||
* sufficiently smaller than the prime or order might need pre-pending
|
* sufficiently smaller than the prime or order might need pre-pending
|
||||||
* with zeros.
|
* with zeros.
|
||||||
*/
|
*/
|
||||||
crypto_bignum_to_bin(data->my_scalar, scalar, order_len, order_len);
|
if (crypto_bignum_to_bin(data->my_scalar, scalar, order_len,
|
||||||
|
order_len) < 0)
|
||||||
|
goto fin;
|
||||||
|
|
||||||
if (crypto_ec_point_to_bin(data->grp->group, data->my_element, element,
|
if (crypto_ec_point_to_bin(data->grp->group, data->my_element, element,
|
||||||
element + prime_len) != 0) {
|
element + prime_len) != 0) {
|
||||||
wpa_printf(MSG_INFO, "EAP-PWD (peer): point assignment fail");
|
wpa_printf(MSG_INFO, "EAP-PWD (peer): point assignment fail");
|
||||||
|
@ -742,7 +745,9 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
|
||||||
* zero the memory each time because this is mod prime math and some
|
* zero the memory each time because this is mod prime math and some
|
||||||
* value may start with a few zeros and the previous one did not.
|
* value may start with a few zeros and the previous one did not.
|
||||||
*/
|
*/
|
||||||
crypto_bignum_to_bin(data->k, cruft, prime_len, prime_len);
|
if (crypto_bignum_to_bin(data->k, cruft, prime_len, prime_len) < 0)
|
||||||
|
goto fin;
|
||||||
|
|
||||||
eap_pwd_h_update(hash, cruft, prime_len);
|
eap_pwd_h_update(hash, cruft, prime_len);
|
||||||
|
|
||||||
/* server element: x, y */
|
/* server element: x, y */
|
||||||
|
@ -755,7 +760,10 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
|
||||||
eap_pwd_h_update(hash, cruft, prime_len * 2);
|
eap_pwd_h_update(hash, cruft, prime_len * 2);
|
||||||
|
|
||||||
/* server scalar */
|
/* server scalar */
|
||||||
crypto_bignum_to_bin(data->server_scalar, cruft, order_len, order_len);
|
if (crypto_bignum_to_bin(data->server_scalar, cruft, order_len,
|
||||||
|
order_len) < 0)
|
||||||
|
goto fin;
|
||||||
|
|
||||||
eap_pwd_h_update(hash, cruft, order_len);
|
eap_pwd_h_update(hash, cruft, order_len);
|
||||||
|
|
||||||
/* my element: x, y */
|
/* my element: x, y */
|
||||||
|
@ -768,7 +776,10 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
|
||||||
eap_pwd_h_update(hash, cruft, prime_len * 2);
|
eap_pwd_h_update(hash, cruft, prime_len * 2);
|
||||||
|
|
||||||
/* my scalar */
|
/* my scalar */
|
||||||
crypto_bignum_to_bin(data->my_scalar, cruft, order_len, order_len);
|
if (crypto_bignum_to_bin(data->my_scalar, cruft, order_len,
|
||||||
|
order_len) < 0)
|
||||||
|
goto fin;
|
||||||
|
|
||||||
eap_pwd_h_update(hash, cruft, order_len);
|
eap_pwd_h_update(hash, cruft, order_len);
|
||||||
|
|
||||||
/* the ciphersuite */
|
/* the ciphersuite */
|
||||||
|
@ -796,7 +807,9 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
|
||||||
goto fin;
|
goto fin;
|
||||||
|
|
||||||
/* k */
|
/* k */
|
||||||
crypto_bignum_to_bin(data->k, cruft, prime_len, prime_len);
|
if (crypto_bignum_to_bin(data->k, cruft, prime_len, prime_len) < 0)
|
||||||
|
goto fin;
|
||||||
|
|
||||||
eap_pwd_h_update(hash, cruft, prime_len);
|
eap_pwd_h_update(hash, cruft, prime_len);
|
||||||
|
|
||||||
/* my element */
|
/* my element */
|
||||||
|
@ -809,7 +822,10 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
|
||||||
eap_pwd_h_update(hash, cruft, prime_len * 2);
|
eap_pwd_h_update(hash, cruft, prime_len * 2);
|
||||||
|
|
||||||
/* my scalar */
|
/* my scalar */
|
||||||
crypto_bignum_to_bin(data->my_scalar, cruft, order_len, order_len);
|
if (crypto_bignum_to_bin(data->my_scalar, cruft, order_len,
|
||||||
|
order_len) < 0)
|
||||||
|
goto fin;
|
||||||
|
|
||||||
eap_pwd_h_update(hash, cruft, order_len);
|
eap_pwd_h_update(hash, cruft, order_len);
|
||||||
|
|
||||||
/* server element: x, y */
|
/* server element: x, y */
|
||||||
|
@ -822,7 +838,10 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
|
||||||
eap_pwd_h_update(hash, cruft, prime_len * 2);
|
eap_pwd_h_update(hash, cruft, prime_len * 2);
|
||||||
|
|
||||||
/* server scalar */
|
/* server scalar */
|
||||||
crypto_bignum_to_bin(data->server_scalar, cruft, order_len, order_len);
|
if (crypto_bignum_to_bin(data->server_scalar, cruft, order_len,
|
||||||
|
order_len) < 0)
|
||||||
|
goto fin;
|
||||||
|
|
||||||
eap_pwd_h_update(hash, cruft, order_len);
|
eap_pwd_h_update(hash, cruft, order_len);
|
||||||
|
|
||||||
/* the ciphersuite */
|
/* the ciphersuite */
|
||||||
|
|
|
@ -293,7 +293,10 @@ static void eap_pwd_build_commit_req(struct eap_sm *sm,
|
||||||
/* We send the element as (x,y) followed by the scalar */
|
/* We send the element as (x,y) followed by the scalar */
|
||||||
element = wpabuf_put(data->outbuf, 2 * prime_len);
|
element = wpabuf_put(data->outbuf, 2 * prime_len);
|
||||||
scalar = wpabuf_put(data->outbuf, order_len);
|
scalar = wpabuf_put(data->outbuf, order_len);
|
||||||
crypto_bignum_to_bin(data->my_scalar, scalar, order_len, order_len);
|
if (crypto_bignum_to_bin(data->my_scalar, scalar, order_len,
|
||||||
|
order_len) < 0)
|
||||||
|
goto fin;
|
||||||
|
|
||||||
if (crypto_ec_point_to_bin(data->grp->group, data->my_element, element,
|
if (crypto_ec_point_to_bin(data->grp->group, data->my_element, element,
|
||||||
element + prime_len) < 0) {
|
element + prime_len) < 0) {
|
||||||
wpa_printf(MSG_INFO, "EAP-PWD (server): point assignment "
|
wpa_printf(MSG_INFO, "EAP-PWD (server): point assignment "
|
||||||
|
@ -349,7 +352,9 @@ static void eap_pwd_build_confirm_req(struct eap_sm *sm,
|
||||||
*
|
*
|
||||||
* First is k
|
* First is k
|
||||||
*/
|
*/
|
||||||
crypto_bignum_to_bin(data->k, cruft, prime_len, prime_len);
|
if (crypto_bignum_to_bin(data->k, cruft, prime_len, prime_len) < 0)
|
||||||
|
goto fin;
|
||||||
|
|
||||||
eap_pwd_h_update(hash, cruft, prime_len);
|
eap_pwd_h_update(hash, cruft, prime_len);
|
||||||
|
|
||||||
/* server element: x, y */
|
/* server element: x, y */
|
||||||
|
@ -362,7 +367,10 @@ static void eap_pwd_build_confirm_req(struct eap_sm *sm,
|
||||||
eap_pwd_h_update(hash, cruft, prime_len * 2);
|
eap_pwd_h_update(hash, cruft, prime_len * 2);
|
||||||
|
|
||||||
/* server scalar */
|
/* server scalar */
|
||||||
crypto_bignum_to_bin(data->my_scalar, cruft, order_len, order_len);
|
if (crypto_bignum_to_bin(data->my_scalar, cruft, order_len,
|
||||||
|
order_len) < 0)
|
||||||
|
goto fin;
|
||||||
|
|
||||||
eap_pwd_h_update(hash, cruft, order_len);
|
eap_pwd_h_update(hash, cruft, order_len);
|
||||||
|
|
||||||
/* peer element: x, y */
|
/* peer element: x, y */
|
||||||
|
@ -375,7 +383,10 @@ static void eap_pwd_build_confirm_req(struct eap_sm *sm,
|
||||||
eap_pwd_h_update(hash, cruft, prime_len * 2);
|
eap_pwd_h_update(hash, cruft, prime_len * 2);
|
||||||
|
|
||||||
/* peer scalar */
|
/* peer scalar */
|
||||||
crypto_bignum_to_bin(data->peer_scalar, cruft, order_len, order_len);
|
if (crypto_bignum_to_bin(data->peer_scalar, cruft, order_len,
|
||||||
|
order_len) < 0)
|
||||||
|
goto fin;
|
||||||
|
|
||||||
eap_pwd_h_update(hash, cruft, order_len);
|
eap_pwd_h_update(hash, cruft, order_len);
|
||||||
|
|
||||||
/* ciphersuite */
|
/* ciphersuite */
|
||||||
|
@ -785,7 +796,9 @@ eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data,
|
||||||
goto fin;
|
goto fin;
|
||||||
|
|
||||||
/* k */
|
/* k */
|
||||||
crypto_bignum_to_bin(data->k, cruft, prime_len, prime_len);
|
if (crypto_bignum_to_bin(data->k, cruft, prime_len, prime_len) < 0)
|
||||||
|
goto fin;
|
||||||
|
|
||||||
eap_pwd_h_update(hash, cruft, prime_len);
|
eap_pwd_h_update(hash, cruft, prime_len);
|
||||||
|
|
||||||
/* peer element: x, y */
|
/* peer element: x, y */
|
||||||
|
@ -798,7 +811,10 @@ eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data,
|
||||||
eap_pwd_h_update(hash, cruft, prime_len * 2);
|
eap_pwd_h_update(hash, cruft, prime_len * 2);
|
||||||
|
|
||||||
/* peer scalar */
|
/* peer scalar */
|
||||||
crypto_bignum_to_bin(data->peer_scalar, cruft, order_len, order_len);
|
if (crypto_bignum_to_bin(data->peer_scalar, cruft, order_len,
|
||||||
|
order_len) < 0)
|
||||||
|
goto fin;
|
||||||
|
|
||||||
eap_pwd_h_update(hash, cruft, order_len);
|
eap_pwd_h_update(hash, cruft, order_len);
|
||||||
|
|
||||||
/* server element: x, y */
|
/* server element: x, y */
|
||||||
|
@ -811,7 +827,10 @@ eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data,
|
||||||
eap_pwd_h_update(hash, cruft, prime_len * 2);
|
eap_pwd_h_update(hash, cruft, prime_len * 2);
|
||||||
|
|
||||||
/* server scalar */
|
/* server scalar */
|
||||||
crypto_bignum_to_bin(data->my_scalar, cruft, order_len, order_len);
|
if (crypto_bignum_to_bin(data->my_scalar, cruft, order_len,
|
||||||
|
order_len) < 0)
|
||||||
|
goto fin;
|
||||||
|
|
||||||
eap_pwd_h_update(hash, cruft, order_len);
|
eap_pwd_h_update(hash, cruft, order_len);
|
||||||
|
|
||||||
/* ciphersuite */
|
/* ciphersuite */
|
||||||
|
|
Loading…
Reference in a new issue