SAE: Fix error path handling for SSWU
crypto_bignum_init_set() might fail in case of memory allocation
failures. These two cases within sswu() did not handle that properly,
i.e., a memory allocation failure could have resulted in dereferencing a
NULL pointer. Check the return value before proceeding to fix this.
Fixes: aeb022f8e5
("SAE: Implement hash-to-element PT/PWE crypto routines")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
e8a1e6a4a1
commit
ac882374a5
1 changed files with 4 additions and 0 deletions
|
@ -713,6 +713,8 @@ static struct crypto_ec_point * sswu(struct crypto_ec *ec, int group,
|
||||||
goto fail;
|
goto fail;
|
||||||
const_time_select_bin(m_is_zero, bin1, bin2, prime_len, bin);
|
const_time_select_bin(m_is_zero, bin1, bin2, prime_len, bin);
|
||||||
x1 = crypto_bignum_init_set(bin, prime_len);
|
x1 = crypto_bignum_init_set(bin, prime_len);
|
||||||
|
if (!x1)
|
||||||
|
goto fail;
|
||||||
debug_print_bignum("SSWU: x1 = CSEL(l, x1a, x1b)", x1, prime_len);
|
debug_print_bignum("SSWU: x1 = CSEL(l, x1a, x1b)", x1, prime_len);
|
||||||
|
|
||||||
/* gx1 = x1^3 + a * x1 + b */
|
/* gx1 = x1^3 + a * x1 + b */
|
||||||
|
@ -753,6 +755,8 @@ static struct crypto_ec_point * sswu(struct crypto_ec *ec, int group,
|
||||||
goto fail;
|
goto fail;
|
||||||
const_time_select_bin(is_qr, bin1, bin2, prime_len, bin);
|
const_time_select_bin(is_qr, bin1, bin2, prime_len, bin);
|
||||||
v = crypto_bignum_init_set(bin, prime_len);
|
v = crypto_bignum_init_set(bin, prime_len);
|
||||||
|
if (!v)
|
||||||
|
goto fail;
|
||||||
debug_print_bignum("SSWU: v = CSEL(l, gx1, gx2)", v, prime_len);
|
debug_print_bignum("SSWU: v = CSEL(l, gx1, gx2)", v, prime_len);
|
||||||
|
|
||||||
/* x = CSEL(l, x1, x2) */
|
/* x = CSEL(l, x1, x2) */
|
||||||
|
|
Loading…
Reference in a new issue