sae: fix potential infinite loop

It was assumed that the hunt-and-peck loop was guarenteed to find a PWE. This was incorrect in terms of kernel support. If a system does not have support for AF_ALG or runs out of file descriptors the KDFs may fail. The loop continued to run if found == false, which is also incorrect because we want to stop after 20 iterations regarless of success. This changes the loop to a for loop so it will always exit after the set number of iterations.
2019-04-04 09:03:16 -07:00 · 2019-04-04 09:03:16 -07:00 · c985da04ca
parent 23041a44dd
commit c985da04ca
1 changed files with 3 additions and 7 deletions
--- a/src/sae.c
+++ b/src/sae.c
@ -251,8 +251,7 @@ static bool sae_compute_pwe(struct sae_sm *sm, char *password,
 				const uint8_t *addr1, const uint8_t *addr2)
 {
 	bool found = false;
-	uint8_t counter = 1;
-	uint8_t k = 20;
+	uint8_t counter;
 	uint8_t pwd_seed[32];
 	struct l_ecc_scalar *pwd_value;
 	uint8_t random[32];
@ -267,7 +266,7 @@ static bool sae_compute_pwe(struct sae_sm *sm, char *password,
 	qr = sae_new_residue(sm->curve, true);
 	qnr = sae_new_residue(sm->curve, false);

-	do {
+	for (counter = 1; counter <= 20; counter++) {
 		/* pwd-seed = H(max(addr1, addr2) || min(addr1, addr2),
 		 *                base || counter)
 		 * pwd-value = KDF-256(pwd-seed, "SAE Hunting and Pecking", p)
@ -291,10 +290,7 @@ static bool sae_compute_pwe(struct sae_sm *sm, char *password,
 		}

 		l_ecc_scalar_free(pwd_value);
-
-		counter++;
-
-	} while ((counter <= k) || (found == false));
+	}

 	l_ecc_scalar_free(qr);
 	l_ecc_scalar_free(qnr);