From 39d6acb07d494b702969fa6b968ea53066e726e9 Mon Sep 17 00:00:00 2001 From: Denis Kenzior Date: Tue, 30 Aug 2016 14:34:03 -0500 Subject: [PATCH] eap-wsc: Don't store AuthKey | KeyWrapKey | EMSK AuthKey is already uploaded into auth_key_hmac. KeyWrapKey is now uploaded into the AES-CBC(128) cipher. We currently have no use for EMSK. So we no longer need to keep the wsc_session_key structure around. --- src/eap-wsc.c | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/src/eap-wsc.c b/src/eap-wsc.c index 0baeff96..c7166433 100644 --- a/src/eap-wsc.c +++ b/src/eap-wsc.c @@ -70,8 +70,8 @@ struct eap_wsc_state { uint8_t e_snonce1[16]; uint8_t e_snonce2[16]; enum state state; - struct wsc_session_key keys; struct l_checksum *hmac_auth_key; + struct l_cipher *aes_cbc_128; }; static inline void eap_wsc_state_set_sent_pdu(struct eap_wsc_state *wsc, @@ -146,6 +146,8 @@ static void eap_wsc_remove(struct eap_state *eap) wsc->sent_len = 0; l_checksum_free(wsc->hmac_auth_key); + l_cipher_free(wsc->aes_cbc_128); + l_free(wsc->m1); l_free(wsc); } @@ -276,6 +278,7 @@ static void eap_wsc_handle_m2(struct eap_state *eap, struct l_checksum *hmac_sha256; struct iovec iov[3]; uint8_t kdk[32]; + struct wsc_session_key keys; bool r; /* Spec unclear what to do here, see comments in eap_wsc_send_nack */ @@ -320,20 +323,30 @@ static void eap_wsc_handle_m2(struct eap_state *eap, l_checksum_get_digest(hmac_sha256, kdk, sizeof(kdk)); l_checksum_free(hmac_sha256); - if (!wsc_kdf(kdk, &wsc->keys, sizeof(wsc->keys))) + if (!wsc_kdf(kdk, &keys, sizeof(keys))) return; wsc->hmac_auth_key = l_checksum_new_hmac(L_CHECKSUM_SHA256, - wsc->keys.auth_key, - sizeof(wsc->keys.auth_key)); + keys.auth_key, + sizeof(keys.auth_key)); if (!authenticator_check(wsc, pdu, len)) { l_checksum_free(wsc->hmac_auth_key); wsc->hmac_auth_key = NULL; - return; + goto clear_keys; } /* Everything checks out, lets build M3 */ eap_wsc_send_m3(eap, pdu, len, &m2); + + /* + * AuthKey is uploaded into the kernel, once we upload KeyWrapKey, + * the keys variable is no longer useful. Make sure to wipe it + */ + wsc->aes_cbc_128 = l_cipher_new(L_CIPHER_AES_CBC, keys.keywrap_key, + sizeof(keys.keywrap_key)); + +clear_keys: + memset(&keys, 0, sizeof(keys)); } static void eap_wsc_handle_request(struct eap_state *eap,