hostapd: backport wolfssl bignum fixes
authorDaniel Golle <daniel@makrotopia.org>
Sat, 16 May 2020 21:23:41 +0000 (23:23 +0200)
committerDaniel Golle <daniel@makrotopia.org>
Mon, 25 May 2020 15:01:29 +0000 (16:01 +0100)
crypto_bignum_rand() use needless time-consuming filtering
which resulted in SAE no longer connecting within time limits.
Import fixes from hostap upstream to fix that.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 631c437a91c20df678b25dcc34fe23636116a35a)

package/network/services/hostapd/Makefile
package/network/services/hostapd/patches/091-0001-wolfssl-Fix-compiler-warnings-on-size_t-printf-forma.patch [new file with mode: 0644]
package/network/services/hostapd/patches/091-0002-wolfssl-Fix-crypto_bignum_rand-implementation.patch [new file with mode: 0644]
package/network/services/hostapd/patches/091-0003-wolfssl-Do-not-hardcode-include-directory-in-wpa_sup.patch [new file with mode: 0644]

index 354f0944a1ab9fff13af952ef7e28695109269ae..35ce85b3beebca4f1b2d8481b6fd6c6c8f56fd32 100644 (file)
@@ -7,7 +7,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=hostapd
-PKG_RELEASE:=3
+PKG_RELEASE:=4
 
 PKG_SOURCE_URL:=http://w1.fi/hostap.git
 PKG_SOURCE_PROTO:=git
diff --git a/package/network/services/hostapd/patches/091-0001-wolfssl-Fix-compiler-warnings-on-size_t-printf-forma.patch b/package/network/services/hostapd/patches/091-0001-wolfssl-Fix-compiler-warnings-on-size_t-printf-forma.patch
new file mode 100644 (file)
index 0000000..464bcff
--- /dev/null
@@ -0,0 +1,31 @@
+From 6a28c4dbc102de3fed9db44637f47a10e7adfb78 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Sat, 16 May 2020 21:01:51 +0300
+Subject: [PATCH 1/3] wolfssl: Fix compiler warnings on size_t printf format
+ use
+
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+ src/crypto/tls_wolfssl.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/src/crypto/tls_wolfssl.c
++++ b/src/crypto/tls_wolfssl.c
+@@ -1741,7 +1741,7 @@ struct wpabuf * tls_connection_encrypt(v
+       if (!conn)
+               return NULL;
+-      wpa_printf(MSG_DEBUG, "SSL: encrypt: %ld bytes", wpabuf_len(in_data));
++      wpa_printf(MSG_DEBUG, "SSL: encrypt: %zu bytes", wpabuf_len(in_data));
+       wolfssl_reset_out_data(&conn->output);
+@@ -1792,7 +1792,7 @@ struct wpabuf * tls_connection_decrypt(v
+       }
+       wpabuf_put(buf, res);
+-      wpa_printf(MSG_DEBUG, "SSL: decrypt: %ld bytes", wpabuf_len(buf));
++      wpa_printf(MSG_DEBUG, "SSL: decrypt: %zu bytes", wpabuf_len(buf));
+       return buf;
+ }
diff --git a/package/network/services/hostapd/patches/091-0002-wolfssl-Fix-crypto_bignum_rand-implementation.patch b/package/network/services/hostapd/patches/091-0002-wolfssl-Fix-crypto_bignum_rand-implementation.patch
new file mode 100644 (file)
index 0000000..2464b63
--- /dev/null
@@ -0,0 +1,49 @@
+From eb595b3e3ab531645a5bde71cf6385335b7a4b95 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Sat, 16 May 2020 21:02:17 +0300
+Subject: [PATCH 2/3] wolfssl: Fix crypto_bignum_rand() implementation
+
+The previous implementation used mp_rand_prime() to generate a random
+value in range 0..m. That is insanely slow way of generating a random
+value since mp_rand_prime() is for generating a random _prime_ which is
+not what is needed here. Replace that implementation with generationg of
+a random value in the requested range without doing any kind of prime
+number checks or loops to reject values that are not primes.
+
+This speeds up SAE and EAP-pwd routines by couple of orders of
+magnitude..
+
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+ src/crypto/crypto_wolfssl.c | 12 +++++++-----
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+--- a/src/crypto/crypto_wolfssl.c
++++ b/src/crypto/crypto_wolfssl.c
+@@ -1084,19 +1084,21 @@ int crypto_bignum_rand(struct crypto_big
+ {
+       int ret = 0;
+       WC_RNG rng;
++      size_t len;
++      u8 *buf;
+       if (TEST_FAIL())
+               return -1;
+       if (wc_InitRng(&rng) != 0)
+               return -1;
+-      if (mp_rand_prime((mp_int *) r,
+-                        (mp_count_bits((mp_int *) m) + 7) / 8 * 2,
+-                        &rng, NULL) != 0)
+-              ret = -1;
+-      if (ret == 0 &&
++      len = (mp_count_bits((mp_int *) m) + 7) / 8;
++      buf = os_malloc(len);
++      if (!buf || wc_RNG_GenerateBlock(&rng, buf, len) != 0 ||
++          mp_read_unsigned_bin((mp_int *) r, buf, len) != MP_OKAY ||
+           mp_mod((mp_int *) r, (mp_int *) m, (mp_int *) r) != 0)
+               ret = -1;
+       wc_FreeRng(&rng);
++      bin_clear_free(buf, len);
+       return ret;
+ }
diff --git a/package/network/services/hostapd/patches/091-0003-wolfssl-Do-not-hardcode-include-directory-in-wpa_sup.patch b/package/network/services/hostapd/patches/091-0003-wolfssl-Do-not-hardcode-include-directory-in-wpa_sup.patch
new file mode 100644 (file)
index 0000000..b15dccd
--- /dev/null
@@ -0,0 +1,26 @@
+From 79488da576aeeb9400e1742fab7f463eed0fa7a1 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Sat, 16 May 2020 21:07:45 +0300
+Subject: [PATCH 3/3] wolfssl: Do not hardcode include directory in
+ wpa_supplicant build
+
+This is not really appropriate for any kind of cross compilations and is
+not really needed in general since system specific values can be set in
+.config.
+
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+ wpa_supplicant/Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/wpa_supplicant/Makefile
++++ b/wpa_supplicant/Makefile
+@@ -1086,7 +1086,7 @@ endif
+ ifeq ($(CONFIG_TLS), wolfssl)
+ ifdef TLS_FUNCS
+-CFLAGS += -DWOLFSSL_DER_LOAD -I/usr/local/include/wolfssl
++CFLAGS += -DWOLFSSL_DER_LOAD
+ OBJS += ../src/crypto/tls_wolfssl.o
+ endif
+ OBJS += ../src/crypto/crypto_wolfssl.o