From a7713676b86e01730963eeeda074700502205790 Mon Sep 17 00:00:00 2001 From: Kapil Gupta Date: Thu, 3 Jun 2021 18:37:51 +0530 Subject: [PATCH] wpa_supplicant: Fix crypto related bugs 1. Fix aes_unwrap functionality when hardware acceleration is disabled 2. Fix compilation errors when mbedTLS is disabled. 3. Disable WPA3 when mbedTLS is disabled. --- components/esp_wifi/Kconfig | 1 + .../wpa_supplicant/include/utils/wpa_debug.h | 1 + .../port/include/supplicant_opt.h | 1 + .../src/crypto/crypto_mbedtls.c | 20 ++++++--- components/wpa_supplicant/src/tls/bignum.c | 2 +- components/wpa_supplicant/src/tls/rsa.c | 43 ++++++++++++++----- components/wpa_supplicant/src/tls/rsa.h | 3 ++ components/wpa_supplicant/src/utils/common.c | 5 +++ 8 files changed, 58 insertions(+), 18 deletions(-) diff --git a/components/esp_wifi/Kconfig b/components/esp_wifi/Kconfig index ba7550273e..d8af7fa0aa 100644 --- a/components/esp_wifi/Kconfig +++ b/components/esp_wifi/Kconfig @@ -316,6 +316,7 @@ menu "Wi-Fi" config ESP32_WIFI_ENABLE_WPA3_SAE bool "Enable WPA3-Personal" default y + depends on WPA_MBEDTLS_CRYPTO help Select this option to allow the device to establish a WPA3-Personal connection with eligible AP's. PMF (Protected Management Frames) is a prerequisite feature for a WPA3 connection, it needs to be diff --git a/components/wpa_supplicant/include/utils/wpa_debug.h b/components/wpa_supplicant/include/utils/wpa_debug.h index 124786923a..9714617a60 100644 --- a/components/wpa_supplicant/include/utils/wpa_debug.h +++ b/components/wpa_supplicant/include/utils/wpa_debug.h @@ -28,6 +28,7 @@ #define MSG_INFO ESP_LOG_INFO #define MSG_DEBUG ESP_LOG_DEBUG #define MSG_MSGDUMP ESP_LOG_VERBOSE +#define MSG_EXCESSIVE ESP_LOG_VERBOSE #else enum { MSG_MSGDUMP, MSG_DEBUG, MSG_INFO, MSG_WARNING, MSG_ERROR }; diff --git a/components/wpa_supplicant/port/include/supplicant_opt.h b/components/wpa_supplicant/port/include/supplicant_opt.h index b70ffd4c6d..59b428d546 100644 --- a/components/wpa_supplicant/port/include/supplicant_opt.h +++ b/components/wpa_supplicant/port/include/supplicant_opt.h @@ -21,6 +21,7 @@ #define USE_MBEDTLS_CRYPTO 1 #else #define CONFIG_TLS_INTERNAL_CLIENT +#define CONFIG_CRYPTO_INTERNAL #define CONFIG_TLSV12 #endif diff --git a/components/wpa_supplicant/src/crypto/crypto_mbedtls.c b/components/wpa_supplicant/src/crypto/crypto_mbedtls.c index a58ab9dd25..9d9fb0e5fd 100644 --- a/components/wpa_supplicant/src/crypto/crypto_mbedtls.c +++ b/components/wpa_supplicant/src/crypto/crypto_mbedtls.c @@ -281,31 +281,37 @@ int hmac_sha1(const u8 *key, size_t key_len, const u8 *data, size_t data_len, return hmac_sha1_vector(key, key_len, 1, &data, &data_len, mac); } -void *aes_crypt_init(const u8 *key, size_t len) +static void *aes_crypt_init(int mode, const u8 *key, size_t len) { + int ret = -1; mbedtls_aes_context *aes = os_malloc(sizeof(*aes)); if (!aes) { return NULL; } mbedtls_aes_init(aes); - if (mbedtls_aes_setkey_enc(aes, key, len * 8) < 0) { + if (mode == MBEDTLS_AES_ENCRYPT) { + ret = mbedtls_aes_setkey_enc(aes, key, len * 8); + } else if (mode == MBEDTLS_AES_DECRYPT){ + ret = mbedtls_aes_setkey_dec(aes, key, len * 8); + } + if (ret < 0) { mbedtls_aes_free(aes); os_free(aes); - wpa_printf(MSG_ERROR, "%s: mbedtls_aes_setkey_enc failed", __func__); + wpa_printf(MSG_ERROR, "%s: mbedtls_aes_setkey_enc/mbedtls_aes_setkey_dec failed", __func__); return NULL; } return (void *) aes; } -int aes_crypt(void *ctx, int mode, const u8 *in, u8 *out) +static int aes_crypt(void *ctx, int mode, const u8 *in, u8 *out) { return mbedtls_aes_crypt_ecb((mbedtls_aes_context *)ctx, mode, in, out); } -void aes_crypt_deinit(void *ctx) +static void aes_crypt_deinit(void *ctx) { mbedtls_aes_free((mbedtls_aes_context *)ctx); os_free(ctx); @@ -313,7 +319,7 @@ void aes_crypt_deinit(void *ctx) void *aes_encrypt_init(const u8 *key, size_t len) { - return aes_crypt_init(key, len); + return aes_crypt_init(MBEDTLS_AES_ENCRYPT, key, len); } int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt) @@ -328,7 +334,7 @@ void aes_encrypt_deinit(void *ctx) void * aes_decrypt_init(const u8 *key, size_t len) { - return aes_crypt_init(key, len); + return aes_crypt_init(MBEDTLS_AES_DECRYPT, key, len); } int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain) diff --git a/components/wpa_supplicant/src/tls/bignum.c b/components/wpa_supplicant/src/tls/bignum.c index 1a87c82d5a..3e4d0156da 100644 --- a/components/wpa_supplicant/src/tls/bignum.c +++ b/components/wpa_supplicant/src/tls/bignum.c @@ -12,7 +12,7 @@ #include "bignum.h" #ifdef CONFIG_INTERNAL_LIBTOMMATH -#include "libtommath.c" +#include "libtommath.h" #else /* CONFIG_INTERNAL_LIBTOMMATH */ #include #endif /* CONFIG_INTERNAL_LIBTOMMATH */ diff --git a/components/wpa_supplicant/src/tls/rsa.c b/components/wpa_supplicant/src/tls/rsa.c index e1eff7f097..1b01f5843d 100644 --- a/components/wpa_supplicant/src/tls/rsa.c +++ b/components/wpa_supplicant/src/tls/rsa.c @@ -1,17 +1,18 @@ /* * RSA - * Copyright (c) 2006, Jouni Malinen + * Copyright (c) 2006-2014, Jouni Malinen * * This software may be distributed under the terms of the BSD license. * See README for more details. */ -#include "utils/includes.h" +#include "includes.h" + +#include "common.h" +#include "asn1.h" +#include "bignum.h" +#include "rsa.h" -#include "utils/common.h" -#include "tls/asn1.h" -#include "tls/bignum.h" -#include "tls/rsa.h" struct crypto_rsa_key { int private_key; /* whether private key is set */ @@ -64,7 +65,7 @@ crypto_rsa_import_public_key(const u8 *buf, size_t len) struct asn1_hdr hdr; const u8 *pos, *end; - key = (struct crypto_rsa_key *)os_zalloc(sizeof(*key)); + key = os_zalloc(sizeof(*key)); if (key == NULL) return NULL; @@ -115,6 +116,29 @@ error: } +struct crypto_rsa_key * +crypto_rsa_import_public_key_parts(const u8 *n, size_t n_len, + const u8 *e, size_t e_len) +{ + struct crypto_rsa_key *key; + + key = os_zalloc(sizeof(*key)); + if (key == NULL) + return NULL; + + key->n = bignum_init(); + key->e = bignum_init(); + if (key->n == NULL || key->e == NULL || + bignum_set_unsigned_bin(key->n, n, n_len) < 0 || + bignum_set_unsigned_bin(key->e, e, e_len) < 0) { + crypto_rsa_free(key); + return NULL; + } + + return key; +} + + /** * crypto_rsa_import_private_key - Import an RSA private key * @buf: Key buffer (DER encoded RSA private key) @@ -129,7 +153,7 @@ crypto_rsa_import_private_key(const u8 *buf, size_t len) struct asn1_hdr hdr; const u8 *pos, *end; - key = (struct crypto_rsa_key *)os_zalloc(sizeof(*key)); + key = os_zalloc(sizeof(*key)); if (key == NULL) return NULL; @@ -261,7 +285,7 @@ int crypto_rsa_exptmod(const u8 *in, size_t inlen, u8 *out, size_t *outlen, if (use_private) { /* - * Decrypt (or sign) using Chinese remainer theorem to speed + * Decrypt (or sign) using Chinese remainder theorem to speed * up calculation. This is equivalent to tmp = tmp^d mod n * (which would require more CPU to calculate directly). * @@ -321,7 +345,6 @@ int crypto_rsa_exptmod(const u8 *in, size_t inlen, u8 *out, size_t *outlen, ret = 0; error: - bignum_deinit(tmp); bignum_deinit(a); bignum_deinit(b); diff --git a/components/wpa_supplicant/src/tls/rsa.h b/components/wpa_supplicant/src/tls/rsa.h index c236a9df44..b65818ee15 100644 --- a/components/wpa_supplicant/src/tls/rsa.h +++ b/components/wpa_supplicant/src/tls/rsa.h @@ -14,6 +14,9 @@ struct crypto_rsa_key; struct crypto_rsa_key * crypto_rsa_import_public_key(const u8 *buf, size_t len); struct crypto_rsa_key * +crypto_rsa_import_public_key_parts(const u8 *n, size_t n_len, + const u8 *e, size_t e_len); +struct crypto_rsa_key * crypto_rsa_import_private_key(const u8 *buf, size_t len); size_t crypto_rsa_get_modulus_len(struct crypto_rsa_key *key); int crypto_rsa_exptmod(const u8 *in, size_t inlen, u8 *out, size_t *outlen, diff --git a/components/wpa_supplicant/src/utils/common.c b/components/wpa_supplicant/src/utils/common.c index 47305b0cdb..1c619f5cc6 100644 --- a/components/wpa_supplicant/src/utils/common.c +++ b/components/wpa_supplicant/src/utils/common.c @@ -547,3 +547,8 @@ const char * wpa_ssid_txt(const u8 *ssid, size_t ssid_len) printf_encode(ssid_txt, sizeof(ssid_txt), ssid, ssid_len); return ssid_txt; } + +void * __hide_aliasing_typecast(void *foo) +{ + return foo; +}