diff options
Diffstat (limited to 'package/network/services/hostapd/patches/066-0006-dragonfly-Disable-use-of-groups-using-Brainpool-curv.patch')
-rw-r--r-- | package/network/services/hostapd/patches/066-0006-dragonfly-Disable-use-of-groups-using-Brainpool-curv.patch | 44 |
1 files changed, 0 insertions, 44 deletions
diff --git a/package/network/services/hostapd/patches/066-0006-dragonfly-Disable-use-of-groups-using-Brainpool-curv.patch b/package/network/services/hostapd/patches/066-0006-dragonfly-Disable-use-of-groups-using-Brainpool-curv.patch deleted file mode 100644 index 28555bb715..0000000000 --- a/package/network/services/hostapd/patches/066-0006-dragonfly-Disable-use-of-groups-using-Brainpool-curv.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 558518ed63202e5358116ab7e0afd5e85490f2ef Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <j@w1.fi> -Date: Sat, 27 Jul 2019 23:19:17 +0300 -Subject: [PATCH 6/6] dragonfly: Disable use of groups using Brainpool curves - -Disable groups that use Brainpool curves for now since they leak more -timing information due to the prime not being close to a power of two. -This removes use of groups 28, 29, and 30 from SAE and EAP-pwd. - -Signed-off-by: Jouni Malinen <j@w1.fi> -(cherry picked from commit 876c5eaa6dae1a87a17603fc489a44c29eedc2e3) ---- - src/common/sae.c | 6 ++++-- - src/eap_common/eap_pwd_common.c | 3 +-- - 2 files changed, 5 insertions(+), 4 deletions(-) - ---- a/src/common/sae.c -+++ b/src/common/sae.c -@@ -28,9 +28,11 @@ static int sae_suitable_group(int group) - * purposes: FFC groups whose prime is >= 3072 bits and ECC groups - * defined over a prime field whose prime is >= 256 bits. Furthermore, - * ECC groups defined over a characteristic 2 finite field and ECC -- * groups with a co-factor greater than 1 are not suitable. */ -+ * groups with a co-factor greater than 1 are not suitable. Disable -+ * groups that use Brainpool curves as well for now since they leak more -+ * timing information due to the prime not being close to a power of -+ * two. */ - return group == 19 || group == 20 || group == 21 || -- group == 28 || group == 29 || group == 30 || - group == 15 || group == 16 || group == 17 || group == 18; - #endif /* CONFIG_TESTING_OPTIONS */ - } ---- a/src/eap_common/eap_pwd_common.c -+++ b/src/eap_common/eap_pwd_common.c -@@ -89,8 +89,7 @@ static int eap_pwd_suitable_group(u16 nu - { - /* Do not allow ECC groups with prime under 256 bits based on guidance - * for the similar design in SAE. */ -- return num == 19 || num == 20 || num == 21 || -- num == 28 || num == 29 || num == 30; -+ return num == 19 || num == 20 || num == 21; - } - - |