X-Git-Url: http://git.openwrt.org/?a=blobdiff_plain;f=package%2Fnetwork%2Fservices%2Fhostapd%2Fpatches%2F011-Additional-consistentcy-checks-for-PTK-component-len.patch;fp=package%2Fnetwork%2Fservices%2Fhostapd%2Fpatches%2F011-Additional-consistentcy-checks-for-PTK-component-len.patch;h=5cc2f7b17df647c76ad63d049c902b62ecb0a824;hb=2127425434046ae2b9f02fdbbdd37cac447af19c;hp=0000000000000000000000000000000000000000;hpb=3db529d5ccdd5d8cec96d1e0f64583a1c9449a82;p=openwrt%2Fstaging%2Fstintel.git

diff --git a/package/network/services/hostapd/patches/011-Additional-consistentcy-checks-for-PTK-component-len.patch b/package/network/services/hostapd/patches/011-Additional-consistentcy-checks-for-PTK-component-len.patch
new file mode 100644
index 0000000000..5cc2f7b17d
--- /dev/null
+++ b/package/network/services/hostapd/patches/011-Additional-consistentcy-checks-for-PTK-component-len.patch
@@ -0,0 +1,100 @@
+From a6ea665300919d6a3af22b1f4237203647fda93a Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Tue, 17 Oct 2017 00:01:11 +0300
+Subject: [PATCH] Additional consistentcy checks for PTK component lengths
+
+Verify that TK, KCK, and KEK lengths are set to consistent values within
+struct wpa_ptk before using them in supplicant. This is an additional
+layer of protection against unexpected states.
+
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+ src/common/wpa_common.c |  6 ++++++
+ src/rsn_supp/wpa.c      | 26 ++++++++++++++++++++------
+ 2 files changed, 26 insertions(+), 6 deletions(-)
+
+--- a/src/common/wpa_common.c
++++ b/src/common/wpa_common.c
+@@ -100,6 +100,12 @@ int wpa_eapol_key_mic(const u8 *key, siz
+ {
+ 	u8 hash[SHA512_MAC_LEN];
+ 
++	if (key_len == 0) {
++		wpa_printf(MSG_DEBUG,
++			   "WPA: KCK not set - cannot calculate MIC");
++		return -1;
++	}
++
+ 	switch (ver) {
+ #ifndef CONFIG_FIPS
+ 	case WPA_KEY_INFO_TYPE_HMAC_MD5_RC4:
+--- a/src/rsn_supp/wpa.c
++++ b/src/rsn_supp/wpa.c
+@@ -725,6 +725,11 @@ static int wpa_supplicant_install_ptk(st
+ 
+ 	alg = wpa_cipher_to_alg(sm->pairwise_cipher);
+ 	keylen = wpa_cipher_key_len(sm->pairwise_cipher);
++	if (keylen <= 0 || (unsigned int) keylen != sm->ptk.tk_len) {
++		wpa_printf(MSG_DEBUG, "WPA: TK length mismatch: %d != %lu",
++			   keylen, (long unsigned int) sm->ptk.tk_len);
++		return -1;
++	}
+ 	rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher);
+ 
+ 	if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) {
+@@ -745,6 +750,7 @@ static int wpa_supplicant_install_ptk(st
+ 
+ 	/* TK is not needed anymore in supplicant */
+ 	os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN);
++	sm->ptk.tk_len = 0;
+ 	sm->ptk.installed = 1;
+ 
+ 	if (sm->wpa_ptk_rekey) {
+@@ -1717,9 +1723,10 @@ static int wpa_supplicant_verify_eapol_k
+ 	os_memcpy(mic, key + 1, mic_len);
+ 	if (sm->tptk_set) {
+ 		os_memset(key + 1, 0, mic_len);
+-		wpa_eapol_key_mic(sm->tptk.kck, sm->tptk.kck_len, sm->key_mgmt,
+-				  ver, buf, len, (u8 *) (key + 1));
+-		if (os_memcmp_const(mic, key + 1, mic_len) != 0) {
++		if (wpa_eapol_key_mic(sm->tptk.kck, sm->tptk.kck_len,
++				      sm->key_mgmt,
++				      ver, buf, len, (u8 *) (key + 1)) < 0 ||
++		    os_memcmp_const(mic, key + 1, mic_len) != 0) {
+ 			wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
+ 				"WPA: Invalid EAPOL-Key MIC "
+ 				"when using TPTK - ignoring TPTK");
+@@ -1742,9 +1749,10 @@ static int wpa_supplicant_verify_eapol_k
+ 
+ 	if (!ok && sm->ptk_set) {
+ 		os_memset(key + 1, 0, mic_len);
+-		wpa_eapol_key_mic(sm->ptk.kck, sm->ptk.kck_len, sm->key_mgmt,
+-				  ver, buf, len, (u8 *) (key + 1));
+-		if (os_memcmp_const(mic, key + 1, mic_len) != 0) {
++		if (wpa_eapol_key_mic(sm->ptk.kck, sm->ptk.kck_len,
++				      sm->key_mgmt,
++				      ver, buf, len, (u8 *) (key + 1)) < 0 ||
++		    os_memcmp_const(mic, key + 1, mic_len) != 0) {
+ 			wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
+ 				"WPA: Invalid EAPOL-Key MIC - "
+ 				"dropping packet");
+@@ -4167,6 +4175,11 @@ int fils_process_assoc_resp(struct wpa_s
+ 
+ 	alg = wpa_cipher_to_alg(sm->pairwise_cipher);
+ 	keylen = wpa_cipher_key_len(sm->pairwise_cipher);
++	if (keylen <= 0 || (unsigned int) keylen != sm->ptk.tk_len) {
++		wpa_printf(MSG_DEBUG, "FILS: TK length mismatch: %u != %lu",
++			   keylen, (long unsigned int) sm->ptk.tk_len);
++		goto fail;
++	}
+ 	rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher);
+ 	wpa_hexdump_key(MSG_DEBUG, "FILS: Set TK to driver",
+ 			sm->ptk.tk, keylen);
+@@ -4183,6 +4196,7 @@ int fils_process_assoc_resp(struct wpa_s
+ 	 * takes care of association frame encryption/decryption. */
+ 	/* TK is not needed anymore in supplicant */
+ 	os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN);
++	sm->ptk.tk_len = 0;
+ 	sm->ptk.installed = 1;
+ 
+ 	/* FILS HLP Container */