X-Git-Url: http://git.openwrt.org/?p=openwrt%2Fopenwrt.git;a=blobdiff_plain;f=package%2Fnetwork%2Fservices%2Fhostapd%2Fpatches%2F066-0000-EAP-pwd-Disallow-ECC-groups-with-a-prime-under-256-b.patch;fp=package%2Fnetwork%2Fservices%2Fhostapd%2Fpatches%2F066-0000-EAP-pwd-Disallow-ECC-groups-with-a-prime-under-256-b.patch;h=0000000000000000000000000000000000000000;hp=2d40516c7c454e127a78283eb9c702da70af6dbd;hb=8af79550e6c280717660f66032d89d21007b15d2;hpb=a03219ba09a55ad49926e5c2d60ddff095fe5096

diff --git a/package/network/services/hostapd/patches/066-0000-EAP-pwd-Disallow-ECC-groups-with-a-prime-under-256-b.patch b/package/network/services/hostapd/patches/066-0000-EAP-pwd-Disallow-ECC-groups-with-a-prime-under-256-b.patch
deleted file mode 100644
index 2d40516c7c..0000000000
--- a/package/network/services/hostapd/patches/066-0000-EAP-pwd-Disallow-ECC-groups-with-a-prime-under-256-b.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 92e1b96c26a84e503847bdd22ebadf697c4031ad Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Sat, 13 Apr 2019 17:20:57 +0300
-Subject: EAP-pwd: Disallow ECC groups with a prime under 256 bits
-
-Based on the SAE implementation guidance update to not allow ECC groups
-with a prime that is under 256 bits, reject groups 25, 26, and 27 in
-EAP-pwd.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/eap_common/eap_pwd_common.c | 13 +++++++++++++
- 1 file changed, 13 insertions(+)
-
---- a/src/eap_common/eap_pwd_common.c
-+++ b/src/eap_common/eap_pwd_common.c
-@@ -85,10 +85,23 @@ static int eap_pwd_kdf(const u8 *key, si
- }
- 
- 
-+static int eap_pwd_suitable_group(u16 num)
-+{
-+	/* Do not allow ECC groups with prime under 256 bits based on guidance
-+	 * for the similar design in SAE. */
-+	return num == 19 || num == 20 || num == 21 ||
-+		num == 28 || num == 29 || num == 30;
-+}
-+
-+
- EAP_PWD_group * get_eap_pwd_group(u16 num)
- {
- 	EAP_PWD_group *grp;
- 
-+	if (!eap_pwd_suitable_group(num)) {
-+		wpa_printf(MSG_INFO, "EAP-pwd: unsuitable group %u", num);
-+		return NULL;
-+	}
- 	grp = os_zalloc(sizeof(EAP_PWD_group));
- 	if (!grp)
- 		return NULL;