Do not use the system clock or os_random() that uses a low quality PRNG as part of the pseudo-random challenge in auth_shared_key(...). The current construction can be improved upon by replacing it with a call to os_get_random(...), which uses a high quality PRNG. Signed-off-by: Nick Lowe <nick.lowe@xxxxxxxxxxxx> --- src/ap/ieee802_11.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index ec6f8a7..7f5738f 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -207,16 +207,13 @@ static u16 auth_shared_key(struct hostapd_data *hapd, struct sta_info *sta, if (!sta->challenge) { /* Generate a pseudo-random challenge */ u8 key[8]; - struct os_time now; - int r; sta->challenge = os_zalloc(WLAN_AUTH_CHALLENGE_LEN); if (sta->challenge == NULL) return WLAN_STATUS_UNSPECIFIED_FAILURE; - os_get_time(&now); - r = os_random(); - os_memcpy(key, &now.sec, 4); - os_memcpy(key + 4, &r, 4); + if (os_get_random((u8 *) &key, sizeof(key)) < 0) + return WLAN_STATUS_UNSPECIFIED_FAILURE; + rc4_skip(key, sizeof(key), 0, sta->challenge, WLAN_AUTH_CHALLENGE_LEN); } -- 2.5.0
From f6d4d7dd112d073b47c69874d6340a26d069ce15 Mon Sep 17 00:00:00 2001 From: Nick Lowe <nick.lowe@xxxxxxxxxxxx> Date: Tue, 9 Feb 2016 14:43:21 +0000 Subject: [PATCH 01/10] Do not use the system clock or os_random() that uses a low quality PRNG as part of the pseudo-random challenge in auth_shared_key(...). The current construction can be improved upon by replacing it with a call to os_get_random(...), which uses a high quality PRNG. Signed-off-by: Nick Lowe <nick.lowe@xxxxxxxxxxxx> --- src/ap/ieee802_11.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index ec6f8a7..7f5738f 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -207,16 +207,13 @@ static u16 auth_shared_key(struct hostapd_data *hapd, struct sta_info *sta, if (!sta->challenge) { /* Generate a pseudo-random challenge */ u8 key[8]; - struct os_time now; - int r; sta->challenge = os_zalloc(WLAN_AUTH_CHALLENGE_LEN); if (sta->challenge == NULL) return WLAN_STATUS_UNSPECIFIED_FAILURE; - os_get_time(&now); - r = os_random(); - os_memcpy(key, &now.sec, 4); - os_memcpy(key + 4, &r, 4); + if (os_get_random((u8 *) &key, sizeof(key)) < 0) + return WLAN_STATUS_UNSPECIFIED_FAILURE; + rc4_skip(key, sizeof(key), 0, sta->challenge, WLAN_AUTH_CHALLENGE_LEN); } -- 2.5.0
_______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap