EAP-PAX: Check hmac_sha1_vector() return value

author Jouni Malinen <j@w1.fi>

Wed, 6 Jan 2016 19:12:08 +0000 (21:12 +0200)

committer Jouni Malinen <j@w1.fi>

Wed, 6 Jan 2016 19:12:08 +0000 (21:12 +0200)
author Jouni Malinen <j@w1.fi>
Wed, 6 Jan 2016 19:12:08 +0000 (21:12 +0200)
committer Jouni Malinen <j@w1.fi>
Wed, 6 Jan 2016 19:12:08 +0000 (21:12 +0200)
diff --git a/src/eap_common/eap_pax_common.c b/src/eap_common/eap_pax_common.c

index 0e80ef511c113354ba399dc8998f4458e68871ee..a11bce8f9ba32f399498bc24deea062d8a233746 100644 (file)
--- a/src/eap_common/eap_pax_common.c
+++ b/src/eap_common/eap_pax_common.c
@@ -57,7 +57,8 @@ int eap_pax_kdf(u8 mac_id, const u8 *key, size_t key_len,
         left = output_len;
         for (counter = 1; counter <= (u8) num_blocks; counter++) {
                 size_t clen = left > EAP_PAX_MAC_LEN ? EAP_PAX_MAC_LEN : left;
-               hmac_sha1_vector(key, key_len, 3, addr, len, mac);
+               if (hmac_sha1_vector(key, key_len, 3, addr, len, mac) < 0)
+                       return -1;
                 os_memcpy(pos, mac, clen);
                 pos += clen;
                 left -= clen;
@@ -106,7 +107,8 @@ int eap_pax_mac(u8 mac_id, const u8 *key, size_t key_len,
         len[2] = data3_len;
  
         count = (data1 ? 1 : 0) + (data2 ? 1 : 0) + (data3 ? 1 : 0);
-       hmac_sha1_vector(key, key_len, count, addr, len, hash);
+       if (hmac_sha1_vector(key, key_len, count, addr, len, hash) < 0)
+               return -1;
         os_memcpy(mac, hash, EAP_PAX_MAC_LEN);
  
         return 0;
diff --git a/src/eap_peer/eap_pax.c b/src/eap_peer/eap_pax.c

index c920bcd3182f8521a3d94d7f62b5551bbc4c3f2d..2b87a64ff98641fbe2856c9e430878ca3425ceb6 100644 (file)
--- a/src/eap_peer/eap_pax.c
+++ b/src/eap_peer/eap_pax.c
@@ -276,10 +276,10 @@ static struct wpabuf * eap_pax_process_std_3(struct eap_pax_data *data,
         left -= 2;
         wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: MAC_CK(B, CID)",
                     pos, EAP_PAX_MAC_LEN);
-       eap_pax_mac(data->mac_id, data->ck, EAP_PAX_CK_LEN,
-                   data->rand.r.y, EAP_PAX_RAND_LEN,
-                   (u8 *) data->cid, data->cid_len, NULL, 0, mac);
-       if (os_memcmp_const(pos, mac, EAP_PAX_MAC_LEN) != 0) {
+       if (eap_pax_mac(data->mac_id, data->ck, EAP_PAX_CK_LEN,
+                       data->rand.r.y, EAP_PAX_RAND_LEN,
+                       (u8 *) data->cid, data->cid_len, NULL, 0, mac) < 0 ||
+           os_memcmp_const(pos, mac, EAP_PAX_MAC_LEN) != 0) {
                 wpa_printf(MSG_INFO, "EAP-PAX: Invalid MAC_CK(B, CID) "
                            "received");
                 wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: expected MAC_CK(B, CID)",
@@ -306,9 +306,12 @@ static struct wpabuf * eap_pax_process_std_3(struct eap_pax_data *data,
         /* Optional ADE could be added here, if needed */
  
         rpos = wpabuf_put(resp, EAP_PAX_ICV_LEN);
-       eap_pax_mac(data->mac_id, data->ick, EAP_PAX_ICK_LEN,
-                   wpabuf_head(resp), wpabuf_len(resp) - EAP_PAX_ICV_LEN,
-                   NULL, 0, NULL, 0, rpos);
+       if (eap_pax_mac(data->mac_id, data->ick, EAP_PAX_ICK_LEN,
+                       wpabuf_head(resp), wpabuf_len(resp) - EAP_PAX_ICV_LEN,
+                       NULL, 0, NULL, 0, rpos) < 0) {
+               wpabuf_free(resp);
+               return NULL;
+       }
         wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: ICV", rpos, EAP_PAX_ICV_LEN);
  
         data->state = PAX_DONE;
@@ -472,9 +475,13 @@ static u8 * eap_pax_getKey(struct eap_sm *sm, void *priv, size_t *len)
                 return NULL;
  
         *len = EAP_MSK_LEN;
-       eap_pax_kdf(data->mac_id, data->mk, EAP_PAX_MK_LEN,
-                   "Master Session Key", data->rand.e, 2 * EAP_PAX_RAND_LEN,
-                   EAP_MSK_LEN, key);
+       if (eap_pax_kdf(data->mac_id, data->mk, EAP_PAX_MK_LEN,
+                       "Master Session Key",
+                       data->rand.e, 2 * EAP_PAX_RAND_LEN,
+                       EAP_MSK_LEN, key) < 0) {
+               os_free(key);
+               return NULL;
+       }
  
         return key;
  }
@@ -493,10 +500,13 @@ static u8 * eap_pax_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
                 return NULL;
  
         *len = EAP_EMSK_LEN;
-       eap_pax_kdf(data->mac_id, data->mk, EAP_PAX_MK_LEN,
-                   "Extended Master Session Key",
-                   data->rand.e, 2 * EAP_PAX_RAND_LEN,
-                   EAP_EMSK_LEN, key);
+       if (eap_pax_kdf(data->mac_id, data->mk, EAP_PAX_MK_LEN,
+                       "Extended Master Session Key",
+                       data->rand.e, 2 * EAP_PAX_RAND_LEN,
+                       EAP_EMSK_LEN, key) < 0) {
+               os_free(key);
+               return NULL;
+       }
  
         return key;
  }
author	Jouni Malinen <j@w1.fi>
	Wed, 6 Jan 2016 19:12:08 +0000 (21:12 +0200)
committer	Jouni Malinen <j@w1.fi>
	Wed, 6 Jan 2016 19:12:08 +0000 (21:12 +0200)
src/eap_common/eap_pax_common.c		patch \| blob \| blame \| history
src/eap_peer/eap_pax.c		patch \| blob \| blame \| history