[PATCH] Correct the security weak construction of client_random and server_random in Client and Server Hellos.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Correct the security weak construction of client_random and
server_random in Client and Server Hellos. random_get_bytes(...) already
mixes in the current date and time via its entropy pool.

Signed-off-by: Nick Lowe <nick.lowe@xxxxxxxxxxxx>
---
 src/tls/tlsv1_client_write.c | 5 +----
 src/tls/tlsv1_server_write.c | 5 +----
 2 files changed, 2 insertions(+), 8 deletions(-)

diff --git a/src/tls/tlsv1_client_write.c b/src/tls/tlsv1_client_write.c
index 04d895e..ae76a19 100644
--- a/src/tls/tlsv1_client_write.c
+++ b/src/tls/tlsv1_client_write.c
@@ -45,7 +45,6 @@ static size_t tls_client_cert_chain_der_len(struct
tlsv1_client *conn)
 u8 * tls_send_client_hello(struct tlsv1_client *conn, size_t *out_len)
 {
     u8 *hello, *end, *pos, *hs_length, *hs_start, *rhdr;
-    struct os_time now;
     size_t len, i;
     u8 *ext_start;
     u16 tls_version = TLS_VERSION;
@@ -71,9 +70,7 @@ u8 * tls_send_client_hello(struct tlsv1_client
*conn, size_t *out_len)
            tls_version_str(tls_version));
     *out_len = 0;

-    os_get_time(&now);
-    WPA_PUT_BE32(conn->client_random, now.sec);
-    if (random_get_bytes(conn->client_random + 4, TLS_RANDOM_LEN - 4)) {
+    if (random_get_bytes(conn->client_random, TLS_RANDOM_LEN)) {
         wpa_printf(MSG_ERROR, "TLSv1: Could not generate "
                "client_random");
         return NULL;
diff --git a/src/tls/tlsv1_server_write.c b/src/tls/tlsv1_server_write.c
index bdc6c11..584462d 100644
--- a/src/tls/tlsv1_server_write.c
+++ b/src/tls/tlsv1_server_write.c
@@ -43,7 +43,6 @@ static int tls_write_server_hello(struct tlsv1_server *conn,
                   u8 **msgpos, u8 *end)
 {
     u8 *pos, *rhdr, *hs_start, *hs_length, *ext_start;
-    struct os_time now;
     size_t rlen;

     pos = *msgpos;
@@ -52,9 +51,7 @@ static int tls_write_server_hello(struct tlsv1_server *conn,
     rhdr = pos;
     pos += TLS_RECORD_HEADER_LEN;

-    os_get_time(&now);
-    WPA_PUT_BE32(conn->server_random, now.sec);
-    if (random_get_bytes(conn->server_random + 4, TLS_RANDOM_LEN - 4)) {
+    if (random_get_bytes(conn->server_random, TLS_RANDOM_LEN)) {
         wpa_printf(MSG_ERROR, "TLSv1: Could not generate "
                "server_random");
         return -1;
-- 
2.5.0
From 4562289b7bca77f7e2a9646fe305b1ce83593047 Mon Sep 17 00:00:00 2001
From: Nick Lowe <nick.lowe@xxxxxxxxxxxx>
Date: Wed, 10 Feb 2016 14:33:13 +0000
Subject: [PATCH] Correct the security weak construction of client_random and
 server_random in Client and Server Hellos. random_get_bytes(...) already
 mixes in the current date and time via its entropy pool.

Signed-off-by: Nick Lowe <nick.lowe@xxxxxxxxxxxx>
---
 src/tls/tlsv1_client_write.c | 5 +----
 src/tls/tlsv1_server_write.c | 5 +----
 2 files changed, 2 insertions(+), 8 deletions(-)

diff --git a/src/tls/tlsv1_client_write.c b/src/tls/tlsv1_client_write.c
index 04d895e..ae76a19 100644
--- a/src/tls/tlsv1_client_write.c
+++ b/src/tls/tlsv1_client_write.c
@@ -45,7 +45,6 @@ static size_t tls_client_cert_chain_der_len(struct tlsv1_client *conn)
 u8 * tls_send_client_hello(struct tlsv1_client *conn, size_t *out_len)
 {
 	u8 *hello, *end, *pos, *hs_length, *hs_start, *rhdr;
-	struct os_time now;
 	size_t len, i;
 	u8 *ext_start;
 	u16 tls_version = TLS_VERSION;
@@ -71,9 +70,7 @@ u8 * tls_send_client_hello(struct tlsv1_client *conn, size_t *out_len)
 		   tls_version_str(tls_version));
 	*out_len = 0;
 
-	os_get_time(&now);
-	WPA_PUT_BE32(conn->client_random, now.sec);
-	if (random_get_bytes(conn->client_random + 4, TLS_RANDOM_LEN - 4)) {
+	if (random_get_bytes(conn->client_random, TLS_RANDOM_LEN)) {
 		wpa_printf(MSG_ERROR, "TLSv1: Could not generate "
 			   "client_random");
 		return NULL;
diff --git a/src/tls/tlsv1_server_write.c b/src/tls/tlsv1_server_write.c
index bdc6c11..584462d 100644
--- a/src/tls/tlsv1_server_write.c
+++ b/src/tls/tlsv1_server_write.c
@@ -43,7 +43,6 @@ static int tls_write_server_hello(struct tlsv1_server *conn,
 				  u8 **msgpos, u8 *end)
 {
 	u8 *pos, *rhdr, *hs_start, *hs_length, *ext_start;
-	struct os_time now;
 	size_t rlen;
 
 	pos = *msgpos;
@@ -52,9 +51,7 @@ static int tls_write_server_hello(struct tlsv1_server *conn,
 	rhdr = pos;
 	pos += TLS_RECORD_HEADER_LEN;
 
-	os_get_time(&now);
-	WPA_PUT_BE32(conn->server_random, now.sec);
-	if (random_get_bytes(conn->server_random + 4, TLS_RANDOM_LEN - 4)) {
+	if (random_get_bytes(conn->server_random, TLS_RANDOM_LEN)) {
 		wpa_printf(MSG_ERROR, "TLSv1: Could not generate "
 			   "server_random");
 		return -1;
-- 
2.5.0

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap

[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux