jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

SAE: Free temporary buffers when moving to Accepted state

Browse source 
Most of the variables are not needed anymore once the SAE instance
has entered Accepted state. Free these to save memory.

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2013-01-06 19:06:59 +02:00
parent 30846fa65f
commit b4fd3613d3
4 changed files with 29 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/ap/ieee802_11.c
View file

@ -510,8 +510,10 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta,
data = auth_build_sae_confirm(hapd, sta); data = auth_build_sae_confirm(hapd, sta);
if (data == NULL) if (data == NULL)
resp = WLAN_STATUS_UNSPECIFIED_FAILURE; resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
else else {
sta->sae->state = SAE_ACCEPTED; sta->sae->state = SAE_ACCEPTED;
sae_clear_temp_data(sta->sae);
}
} }
} else { } else {
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,

26
src/common/sae.c
View file

@ -65,22 +65,44 @@ int sae_set_group(struct sae_data *sae, int group)
} }
void sae_clear_data(struct sae_data *sae) void sae_clear_temp_data(struct sae_data *sae)
{ {
if (sae == NULL) if (sae == NULL)
return; return;
crypto_ec_deinit(sae->ec); crypto_ec_deinit(sae->ec);
sae->ec = NULL;
sae->dh = NULL;
crypto_bignum_deinit(sae->prime_buf, 0); crypto_bignum_deinit(sae->prime_buf, 0);
sae->prime_buf = NULL;
sae->prime = NULL;
crypto_bignum_deinit(sae->order_buf, 0); crypto_bignum_deinit(sae->order_buf, 0);
sae->order_buf = NULL;
sae->order = NULL;
crypto_bignum_deinit(sae->sae_rand, 1); crypto_bignum_deinit(sae->sae_rand, 1);
sae->sae_rand = NULL;
crypto_bignum_deinit(sae->pwe_ffc, 1); crypto_bignum_deinit(sae->pwe_ffc, 1);
sae->pwe_ffc = NULL;
crypto_bignum_deinit(sae->own_commit_scalar, 0); crypto_bignum_deinit(sae->own_commit_scalar, 0);
crypto_bignum_deinit(sae->peer_commit_scalar, 0); sae->own_commit_scalar = NULL;
crypto_bignum_deinit(sae->own_commit_element_ffc, 0); crypto_bignum_deinit(sae->own_commit_element_ffc, 0);
sae->own_commit_element_ffc = NULL;
crypto_bignum_deinit(sae->peer_commit_element_ffc, 0); crypto_bignum_deinit(sae->peer_commit_element_ffc, 0);
sae->peer_commit_element_ffc = NULL;
crypto_ec_point_deinit(sae->pwe_ecc, 1); crypto_ec_point_deinit(sae->pwe_ecc, 1);
sae->pwe_ecc = NULL;
crypto_ec_point_deinit(sae->own_commit_element_ecc, 0); crypto_ec_point_deinit(sae->own_commit_element_ecc, 0);
sae->own_commit_element_ecc = NULL;
crypto_ec_point_deinit(sae->peer_commit_element_ecc, 0); crypto_ec_point_deinit(sae->peer_commit_element_ecc, 0);
sae->peer_commit_element_ecc = NULL;
}
void sae_clear_data(struct sae_data *sae)
{
if (sae == NULL)
return;
sae_clear_temp_data(sae);
crypto_bignum_deinit(sae->peer_commit_scalar, 0);
os_memset(sae, 0, sizeof(*sae)); os_memset(sae, 0, sizeof(*sae));
} }

1
src/common/sae.h
View file

@ -43,6 +43,7 @@ struct sae_data {
}; };
int sae_set_group(struct sae_data *sae, int group); int sae_set_group(struct sae_data *sae, int group);
void sae_clear_temp_data(struct sae_data *sae);
void sae_clear_data(struct sae_data *sae); void sae_clear_data(struct sae_data *sae);
int sae_prepare_commit(const u8 *addr1, const u8 *addr2, int sae_prepare_commit(const u8 *addr1, const u8 *addr2,

1
wpa_supplicant/sme.c
View file

@ -511,6 +511,7 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction,
if (sae_check_confirm(&wpa_s->sme.sae, data, len) < 0) if (sae_check_confirm(&wpa_s->sme.sae, data, len) < 0)
return -1; return -1;
wpa_s->sme.sae.state = SAE_ACCEPTED; wpa_s->sme.sae.state = SAE_ACCEPTED;
sae_clear_temp_data(&wpa_s->sme.sae);
return 1; return 1;
} }