Add explicit checks for peer's DH public key
Pass the group order (if known/specified) to crypto_dh_derive_secret() (and also to OpenSSL DH_generate_key() in case of Group 5) and verify that the public key received from the peer meets 1 < pubkey < p and pubkey^q == 1 mod p conditions. While all these use cases were using only ephemeral DH keys, it is better to use more explicit checks while deriving the shared secret to avoid unexpected behavior. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen
Jouni Malinen
parent
4a9531a755
commit
b11fa98bcb
9 changed files with 190 additions and 12 deletions
|
|
@ -1249,6 +1249,7 @@ struct wpabuf * dh_derive_shared(const struct wpabuf *peer_public,
|
|||
if (shared == NULL)
|
||||
return NULL;
|
||||
if (crypto_dh_derive_secret(*dh->generator, dh->prime, dh->prime_len,
|
||||
dh->order, dh->order_len,
|
||||
wpabuf_head(own_private),
|
||||
wpabuf_len(own_private),
|
||||
wpabuf_head(peer_public),
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue