3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-27 03:19:24 +01:00

eapol: Stricter length check in eapol_decrypt_key_data

The plaintext key_data + padding must be at least 16 bytes so the
AES-encrypted key_data must be at least 24 bytes.
This commit is contained in:
Andrew Zaborowski 2017-08-31 04:04:49 +02:00 committed by Denis Kenzior
parent a0cde90814
commit 092ede1147

View File

@ -292,7 +292,7 @@ uint8_t *eapol_decrypt_key_data(const uint8_t *kek,
} }
case EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES: case EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES:
case EAPOL_KEY_DESCRIPTOR_VERSION_AES_128_CMAC_AES: case EAPOL_KEY_DESCRIPTOR_VERSION_AES_128_CMAC_AES:
if (key_data_len < 8 || key_data_len % 8) if (key_data_len < 24 || key_data_len % 8)
goto error; goto error;
if (!aes_unwrap(kek, key_data, key_data_len, buf)) if (!aes_unwrap(kek, key_data, key_data_len, buf))