diff options
Diffstat (limited to 'package/network/services/hostapd/patches/091-0002-wolfssl-Fix-crypto_bignum_rand-implementation.patch')
| -rw-r--r-- | package/network/services/hostapd/patches/091-0002-wolfssl-Fix-crypto_bignum_rand-implementation.patch | 49 |
1 files changed, 0 insertions, 49 deletions
diff --git a/package/network/services/hostapd/patches/091-0002-wolfssl-Fix-crypto_bignum_rand-implementation.patch b/package/network/services/hostapd/patches/091-0002-wolfssl-Fix-crypto_bignum_rand-implementation.patch deleted file mode 100644 index 2464b63489..0000000000 --- a/package/network/services/hostapd/patches/091-0002-wolfssl-Fix-crypto_bignum_rand-implementation.patch +++ /dev/null @@ -1,49 +0,0 @@ -From eb595b3e3ab531645a5bde71cf6385335b7a4b95 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <j@w1.fi> -Date: Sat, 16 May 2020 21:02:17 +0300 -Subject: [PATCH 2/3] wolfssl: Fix crypto_bignum_rand() implementation - -The previous implementation used mp_rand_prime() to generate a random -value in range 0..m. That is insanely slow way of generating a random -value since mp_rand_prime() is for generating a random _prime_ which is -not what is needed here. Replace that implementation with generationg of -a random value in the requested range without doing any kind of prime -number checks or loops to reject values that are not primes. - -This speeds up SAE and EAP-pwd routines by couple of orders of -magnitude.. - -Signed-off-by: Jouni Malinen <j@w1.fi> ---- - src/crypto/crypto_wolfssl.c | 12 +++++++----- - 1 file changed, 7 insertions(+), 5 deletions(-) - ---- a/src/crypto/crypto_wolfssl.c -+++ b/src/crypto/crypto_wolfssl.c -@@ -1084,19 +1084,21 @@ int crypto_bignum_rand(struct crypto_big - { - int ret = 0; - WC_RNG rng; -+ size_t len; -+ u8 *buf; - - if (TEST_FAIL()) - return -1; - if (wc_InitRng(&rng) != 0) - return -1; -- if (mp_rand_prime((mp_int *) r, -- (mp_count_bits((mp_int *) m) + 7) / 8 * 2, -- &rng, NULL) != 0) -- ret = -1; -- if (ret == 0 && -+ len = (mp_count_bits((mp_int *) m) + 7) / 8; -+ buf = os_malloc(len); -+ if (!buf || wc_RNG_GenerateBlock(&rng, buf, len) != 0 || -+ mp_read_unsigned_bin((mp_int *) r, buf, len) != MP_OKAY || - mp_mod((mp_int *) r, (mp_int *) m, (mp_int *) r) != 0) - ret = -1; - wc_FreeRng(&rng); -+ bin_clear_free(buf, len); - return ret; - } - |