alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-09-20 00:36:01 -04:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'bugfix/dpp_crypto_mbedtls_3x' into 'master'

Browse Source 
wpa_supplicant: Add changes to fix broken dpp crypto

Closes WIFI-4368

See merge request espressif/esp-idf!17487
This commit is contained in:
Kapil Gupta 2022-03-15 16:53:14 +08:00
commit e3c084a2dc
1 changed files with 19 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
components/wpa_supplicant/src/crypto/crypto_mbedtls-ec.c
View File

@ -689,18 +689,26 @@ int crypto_ec_get_curve_id(const struct crypto_ec_group *group)
int crypto_ecdh(struct crypto_key *key_own, struct crypto_key *key_peer, int crypto_ecdh(struct crypto_key *key_own, struct crypto_key *key_peer,
u8 *secret, size_t *secret_len) u8 *secret, size_t *secret_len)
{ {
mbedtls_ecdh_context *ctx; mbedtls_ecdh_context *ctx = NULL;
mbedtls_pk_context *own = (mbedtls_pk_context *)key_own; mbedtls_pk_context *own = (mbedtls_pk_context *)key_own;
mbedtls_pk_context *peer = (mbedtls_pk_context *)key_peer; mbedtls_pk_context *peer = (mbedtls_pk_context *)key_peer;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
int ret = -1; int ret = -1;
mbedtls_entropy_init(&entropy);
mbedtls_ctr_drbg_init(&ctr_drbg);
if (mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0) < 0) {
goto fail;
}
*secret_len = 0; *secret_len = 0;
ctx = os_malloc(sizeof(*ctx)); ctx = os_malloc(sizeof(*ctx));
if (!ctx) { if (!ctx) {
wpa_printf(MSG_ERROR, "DPP: EVP_PKEY_CTX_new failed: %s", wpa_printf(MSG_ERROR, "DPP: EVP_PKEY_CTX_new failed: %s",
__func__); __func__);
return -1; goto fail;
} }
mbedtls_ecdh_init(ctx); mbedtls_ecdh_init(ctx);
@ -721,7 +729,8 @@ int crypto_ecdh(struct crypto_key *key_own, struct crypto_key *key_peer,
goto fail; goto fail;
} }
if (mbedtls_ecdh_calc_secret(ctx, secret_len, secret, DPP_MAX_SHARED_SECRET_LEN, NULL, NULL) < 0) { if (mbedtls_ecdh_calc_secret(ctx, secret_len, secret, DPP_MAX_SHARED_SECRET_LEN,
mbedtls_ctr_drbg_random, &ctr_drbg) < 0) {
wpa_printf(MSG_ERROR, "failed to calculate secret\n"); wpa_printf(MSG_ERROR, "failed to calculate secret\n");
goto fail; goto fail;
} }
@ -734,8 +743,12 @@ int crypto_ecdh(struct crypto_key *key_own, struct crypto_key *key_peer,
ret = 0; ret = 0;
fail: fail:
mbedtls_ctr_drbg_free(&ctr_drbg);
mbedtls_entropy_free(&entropy);
if (ctx) {
mbedtls_ecdh_free(ctx); mbedtls_ecdh_free(ctx);
os_free(ctx); os_free(ctx);
}
return ret; return ret;
} }