3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-29 13:59:24 +01:00

eapol: have eapol_encrypt_key_data return length/error

Since eapol_encrypt_key_data already calculates the key data length and
encodes it into the key frame, we can just return this length and avoid
having to obtain it again from the frame.
This commit is contained in:
James Prestwood 2019-03-18 14:57:47 -07:00 committed by Denis Kenzior
parent 71c7d826e4
commit 0288c537a2

View File

@ -27,6 +27,7 @@
#include <string.h> #include <string.h>
#include <alloca.h> #include <alloca.h>
#include <linux/if_ether.h> #include <linux/if_ether.h>
#include <errno.h>
#include <ell/ell.h> #include <ell/ell.h>
#include "src/crypto.h" #include "src/crypto.h"
@ -312,14 +313,14 @@ error:
* Note that for efficiency @key_data is being modified, including in * Note that for efficiency @key_data is being modified, including in
* case of failure, so it must be sufficiently larger than @key_data_len. * case of failure, so it must be sufficiently larger than @key_data_len.
*/ */
static bool eapol_encrypt_key_data(const uint8_t *kek, uint8_t *key_data, static int eapol_encrypt_key_data(const uint8_t *kek, uint8_t *key_data,
size_t key_data_len, size_t key_data_len,
struct eapol_key *out_frame, size_t mic_len) struct eapol_key *out_frame, size_t mic_len)
{ {
switch (out_frame->key_descriptor_version) { switch (out_frame->key_descriptor_version) {
case EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4: case EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4:
/* Not supported */ /* Not supported */
return false; return -ENOTSUP;
case EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES: case EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES:
case EAPOL_KEY_DESCRIPTOR_VERSION_AES_128_CMAC_AES: case EAPOL_KEY_DESCRIPTOR_VERSION_AES_128_CMAC_AES:
@ -330,7 +331,7 @@ static bool eapol_encrypt_key_data(const uint8_t *kek, uint8_t *key_data,
if (!aes_wrap(kek, key_data, key_data_len, if (!aes_wrap(kek, key_data, key_data_len,
EAPOL_KEY_DATA(out_frame, mic_len))) EAPOL_KEY_DATA(out_frame, mic_len)))
return false; return -ENOPROTOOPT;
key_data_len += 8; key_data_len += 8;
@ -339,7 +340,7 @@ static bool eapol_encrypt_key_data(const uint8_t *kek, uint8_t *key_data,
l_put_be16(key_data_len, EAPOL_KEY_DATA(out_frame, mic_len) - 2); l_put_be16(key_data_len, EAPOL_KEY_DATA(out_frame, mic_len) - 2);
return true; return key_data_len;
} }
static void eapol_key_data_append(struct eapol_key *ek, static void eapol_key_data_append(struct eapol_key *ek,
@ -1188,7 +1189,7 @@ static void eapol_send_ptk_3_of_4(struct eapol_sm *sm)
uint8_t frame_buf[512]; uint8_t frame_buf[512];
uint8_t key_data_buf[128]; uint8_t key_data_buf[128];
struct eapol_key *ek = (struct eapol_key *) frame_buf; struct eapol_key *ek = (struct eapol_key *) frame_buf;
size_t key_data_len; int key_data_len;
enum crypto_cipher cipher = ie_rsn_cipher_suite_to_cipher( enum crypto_cipher cipher = ie_rsn_cipher_suite_to_cipher(
sm->handshake->pairwise_cipher); sm->handshake->pairwise_cipher);
enum crypto_cipher group_cipher = ie_rsn_cipher_suite_to_cipher( enum crypto_cipher group_cipher = ie_rsn_cipher_suite_to_cipher(
@ -1247,12 +1248,11 @@ static void eapol_send_ptk_3_of_4(struct eapol_sm *sm)
kek = handshake_state_get_kek(sm->handshake); kek = handshake_state_get_kek(sm->handshake);
if (!eapol_encrypt_key_data(kek, key_data_buf, key_data_len = eapol_encrypt_key_data(kek, key_data_buf,
key_data_len, ek, sm->mic_len)) key_data_len, ek, sm->mic_len);
if (key_data_len < 0)
return; return;
key_data_len = EAPOL_KEY_DATA_LEN(ek, sm->mic_len);
ek->header.packet_len = L_CPU_TO_BE16(EAPOL_FRAME_LEN(sm->mic_len) + ek->header.packet_len = L_CPU_TO_BE16(EAPOL_FRAME_LEN(sm->mic_len) +
key_data_len - 4); key_data_len - 4);