DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
hostapd/src/crypto
History
Alexander Clouter 872609c151 EAP-TTLS/PEAP peer: Fix failure when using session tickets under TLS 1.3 
EAP peer does not expect data present when beginning the Phase 2 in
EAP-{TTLS,PEAP} but in TLS 1.3 session tickets are sent after the
handshake completes.

There are several strategies that can be used to handle this, but this
patch picks up from the discussion[1] and implements the proposed use of
SSL_MODE_AUTO_RETRY. SSL_MODE_AUTO_RETRY has already been enabled by
default in OpenSSL 1.1.1, but it needs to be enabled for older versions.

The main OpenSSL wrapper change in tls_connection_decrypt() takes care
of the new possible case with SSL_MODE_AUTO_RETRY for
SSL_ERROR_WANT_READ to indicate that a non-application_data was
processed. That is not really an error case with TLS 1.3, so allow it to
complete and return an empty decrypted application data buffer.
EAP-PEAP/TTLS processing can then use this to move ahead with starting
Phase 2.

[1] https://www.spinics.net/lists/hostap/msg05376.html

Signed-off-by: Alexander Clouter <alex@digriz.org.uk>
2021-02-20 17:02:35 +02:00
..
aes-cbc.c Add TEST_FAIL() condition to aes_128_cbc_encrypt/decrypt() 2015-11-28 20:46:36 +02:00
aes-ccm.c AES-CCM: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
aes-ctr.c Extend AES-SIV implementation to support different key lengths 2016-10-10 19:40:59 +03:00
aes-eax.c crypto: Clear temporary heap allocations before freeing 2015-01-06 02:49:13 +02:00
aes-encblock.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
aes-gcm.c AES-GCM: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
aes-internal-dec.c crypto: Add return value to DES and AES encrypt/decrypt 2017-02-28 11:23:54 +02:00
aes-internal-enc.c Add TEST_FAIL() to aes_encrypt_init() with internal crypto 2019-03-16 18:52:09 +02:00
aes-internal.c Add support for using 192-bit and 256-bit keys with AES-GCM 2012-09-09 13:30:51 +03:00
aes-omac1.c tests: Add TEST_FAIL() condition to omac1_aes_vector() 2015-10-17 20:40:36 +03:00
aes-siv.c Use os_memdup() 2017-03-07 13:19:10 +02:00
aes-unwrap.c AES: Extend key wrap implementation to support longer data 2014-10-07 14:57:10 +03:00
aes-wrap.c AES: Extend key wrap implementation to support longer data 2014-10-07 14:57:10 +03:00
aes.h crypto: Add return value to DES and AES encrypt/decrypt 2017-02-28 11:23:54 +02:00
aes_i.h UBSan: Avoid dependency on undefined behavior in internal AES operation 2019-05-25 01:51:12 +03:00
aes_siv.h Extend AES-SIV implementation to support different key lengths 2016-10-10 19:40:59 +03:00
aes_wrap.h Extend AES-SIV implementation to support different key lengths 2016-10-10 19:40:59 +03:00
crypto.h OpenSSL: Additional EC functionality for SAE-PK 2020-06-02 17:56:45 +03:00
crypto_gnutls.c Add explicit checks for peer's DH public key 2019-03-05 17:05:03 +02:00
crypto_internal-cipher.c Fix AES block size handling for internal cipher 2012-09-09 14:12:59 +03:00
crypto_internal-modexp.c Add explicit checks for peer's DH public key 2019-03-05 17:05:03 +02:00
crypto_internal-rsa.c Add function for building RSA public key from n and e parameters 2014-05-19 23:27:30 +03:00
crypto_internal.c tests: crypto_hash_finish() failure in eap_pwd_kdf() 2019-04-13 12:53:42 +03:00
crypto_libtomcrypt.c tests: crypto_hash_finish() failure in eap_pwd_kdf() 2019-04-13 12:53:42 +03:00
crypto_linux.c tests: crypto_hash_finish() failure in eap_pwd_kdf() 2019-04-13 12:53:42 +03:00
crypto_module_tests.c tests: AES-CTR encrypt test vectors 2020-07-30 13:52:14 +03:00
crypto_nettle.c Add explicit checks for peer's DH public key 2019-03-05 17:05:03 +02:00
crypto_none.c crypto: Add return value to DES and AES encrypt/decrypt 2017-02-28 11:23:54 +02:00
crypto_openssl.c OpenSSL: Use EVP-based interface for ECDSA sign/verify 2020-06-16 18:26:09 +03:00
crypto_wolfssl.c wolfssl: Fix crypto_bignum_rand() implementation 2020-05-16 21:02:17 +03:00
des-internal.c crypto: Add return value to DES and AES encrypt/decrypt 2017-02-28 11:23:54 +02:00
des_i.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
dh_group5.c Fix memory leak on NFC DH generation error path 2015-11-29 20:53:20 +02:00
dh_group5.h Add dh5_init_fixed() to allow fixed DH parameters to be used 2012-06-27 21:22:12 +03:00
dh_groups.c Add explicit checks for peer's DH public key 2019-03-05 17:05:03 +02:00
dh_groups.h Add Diffie-Hellman group definitions for MODP groups in RFC 5114 2013-01-12 17:51:54 +02:00
fips_prf_internal.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
fips_prf_openssl.c OpenSSL: Silence sparse warnings in fips186_2_prf() 2016-06-24 19:02:58 +03:00
fips_prf_wolfssl.c wolfSSL: Use new digest namespace 2018-05-02 12:04:46 +03:00
Makefile build: Make more library things common 2020-10-12 20:20:35 +03:00
md4-internal.c crypto internal: Make MD4 PADDING array const 2019-01-02 17:26:57 +02:00
md5-internal.c Add TEST_FAIL() support for internal hash functions 2015-11-29 21:01:33 +02:00
md5.c crypto: Clear temporary stack buffers after use 2015-01-06 02:49:13 +02:00
md5.h FIPS: Remove md5-non-fips.c 2012-08-19 16:53:15 +03:00
md5_i.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
milenage.c Milenage: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
milenage.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
ms_funcs.c crypto: Process des_encrypt() error returns in callers 2017-02-28 11:24:05 +02:00
ms_funcs.h crypto: Process des_encrypt() error returns in callers 2017-02-28 11:24:05 +02:00
random.c crypto: Add option to use getrandom() 2019-01-02 01:24:18 +02:00
random.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
rc4.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
sha1-internal.c More forceful clearing of stack memory with keys 2019-05-26 16:11:56 +03:00
sha1-pbkdf2.c Convert remaining SSID routines from char* to u8* 2012-08-07 16:07:25 +03:00
sha1-prf.c More forceful clearing of stack memory with keys 2019-05-26 16:11:56 +03:00
sha1-tlsprf.c More forceful clearing of stack memory with keys 2019-05-26 16:11:56 +03:00
sha1-tprf.c More forceful clearing of stack memory with keys 2019-05-26 16:11:56 +03:00
sha1.c More forceful clearing of stack memory with keys 2019-05-26 16:11:56 +03:00
sha1.h Convert remaining SSID routines from char* to u8* 2012-08-07 16:07:25 +03:00
sha1_i.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
sha256-internal.c Remove trailing whitespace 2016-12-28 14:31:42 +02:00
sha256-kdf.c More forceful clearing of stack memory with keys 2019-05-26 16:11:56 +03:00
sha256-prf.c More forceful clearing of stack memory with keys 2019-05-26 16:11:56 +03:00
sha256-tlsprf.c Return success/failure result from tls_prf_sha256() 2019-07-09 16:38:32 +03:00
sha256.c crypto: Allow up to 10 fragments for hmac_sha*_vector() 2020-01-26 17:04:54 +02:00
sha256.h Return success/failure result from tls_prf_sha256() 2019-07-09 16:38:32 +03:00
sha256_i.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
sha384-internal.c Add SHA384 and SHA512 implementations from LibTomCrypt library 2015-11-29 18:19:32 +02:00
sha384-kdf.c More forceful clearing of stack memory with keys 2019-05-26 16:11:56 +03:00
sha384-prf.c More forceful clearing of stack memory with keys 2019-05-26 16:11:56 +03:00
sha384-tlsprf.c Add TLS-PRF using HMAC with P_SHA384 for TEAP 2019-08-16 21:16:37 +03:00
sha384.c crypto: Allow up to 10 fragments for hmac_sha*_vector() 2020-01-26 17:04:54 +02:00
sha384.h Add TLS-PRF using HMAC with P_SHA384 for TEAP 2019-08-16 21:16:37 +03:00
sha384_i.h Add SHA384 and SHA512 implementations from LibTomCrypt library 2015-11-29 18:19:32 +02:00
sha512-internal.c crypto: Reduce the size of sha512_compress() stack frame 2019-01-02 16:31:19 +02:00
sha512-kdf.c More forceful clearing of stack memory with keys 2019-05-26 16:11:56 +03:00
sha512-prf.c More forceful clearing of stack memory with keys 2019-05-26 16:11:56 +03:00
sha512.c crypto: Allow up to 10 fragments for hmac_sha*_vector() 2020-01-26 17:04:54 +02:00
sha512.h Extend SHA-384 and SHA-512 support to match SHA-256 2017-06-17 18:04:12 +03:00
sha512_i.h Add SHA384 and SHA512 implementations from LibTomCrypt library 2015-11-29 18:19:32 +02:00
tls.h OpenSSL: Provide access to peer subject and own certificate use 2020-06-20 18:04:51 +03:00
tls_gnutls.c Extend domain_match and domain_suffix_match to allow list of values 2019-04-09 16:24:38 +03:00
tls_internal.c TLS: Add support for RFC 5705 TLS exporter context with internal TLS 2019-03-16 18:52:09 +02:00
tls_none.c Add support for an optional context parameter to TLS exporter 2019-03-16 18:52:09 +02:00
tls_openssl.c EAP-TTLS/PEAP peer: Fix failure when using session tickets under TLS 1.3 2021-02-20 17:02:35 +02:00
tls_openssl.h BoringSSL: Move OCSP implementation into a separate file 2015-12-04 20:08:31 +02:00
tls_openssl_ocsp.c BoringSSL: Keep static analyzers happier with X509_get0_pubkey_bitstr() 2016-03-16 21:34:01 +02:00
tls_wolfssl.c wolfSSL: wolfSSL_use_PrivateKey_* correct return codes 2021-02-09 20:54:34 +02:00