Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2025-01-30 00:34:03 -05:00
Code Issues Projects Releases Wiki Activity

EAP-EKE: Merge identical error return paths

Browse Source 
There is no need to maintain multiple copies of the same error return
path.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-12-22 00:02:02 +02:00
parent 13cb0a66d5
commit e161451fc8
1 changed files with 11 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
src/eap_common/eap_eke_common.c
View File

@ -44,9 +44,7 @@ static int eap_eke_dhcomp_len(u8 dhgroup, u8 encr)
int dhlen; int dhlen;
dhlen = eap_eke_dh_len(dhgroup); dhlen = eap_eke_dh_len(dhgroup);
if (dhlen < 0) if (dhlen < 0 || encr != EAP_EKE_ENCR_AES128_CBC)
return -1;
if (encr != EAP_EKE_ENCR_AES128_CBC)
return -1; return -1;
return AES_BLOCK_SIZE + dhlen; return AES_BLOCK_SIZE + dhlen;
} }
@ -166,14 +164,11 @@ int eap_eke_dh_init(u8 group, u8 *ret_priv, u8 *ret_pub)
size_t pub_len, i; size_t pub_len, i;
generator = eap_eke_dh_generator(group); generator = eap_eke_dh_generator(group);
if (generator < 0 || generator > 255) dh = eap_eke_dh_group(group);
if (generator < 0 || generator > 255 || !dh)
return -1; return -1;
gen = generator; gen = generator;
dh = eap_eke_dh_group(group);
if (dh == NULL)
return -1;
/* x = random number 2 .. p-1 */ /* x = random number 2 .. p-1 */
if (random_get_bytes(ret_priv, dh->prime_len)) if (random_get_bytes(ret_priv, dh->prime_len))
return -1; return -1;
@ -411,11 +406,8 @@ int eap_eke_shared_secret(struct eap_eke_session *sess, const u8 *key,
size_t len; size_t len;
const struct dh_group *dh; const struct dh_group *dh;
if (sess->encr != EAP_EKE_ENCR_AES128_CBC)
return -1;
dh = eap_eke_dh_group(sess->dhgroup); dh = eap_eke_dh_group(sess->dhgroup);
if (dh == NULL) if (sess->encr != EAP_EKE_ENCR_AES128_CBC || !dh)
return -1; return -1;
/* Decrypt peer DHComponent */ /* Decrypt peer DHComponent */
@ -654,10 +646,8 @@ int eap_eke_prot(struct eap_eke_session *sess,
pos += pad; pos += pad;
} }
if (aes_128_cbc_encrypt(sess->ke, iv, e, data_len + pad) < 0) if (aes_128_cbc_encrypt(sess->ke, iv, e, data_len + pad) < 0 ||
return -1; eap_eke_mac(sess->mac, sess->ki, e, data_len + pad, pos) < 0)
if (eap_eke_mac(sess->mac, sess->ki, e, data_len + pad, pos) < 0)
return -1; return -1;
pos += icv_len; pos += icv_len;
@ -685,9 +675,8 @@ int eap_eke_decrypt_prot(struct eap_eke_session *sess,
else else
return -1; return -1;
if (prot_len < 2 * block_size + icv_len) if (prot_len < 2 * block_size + icv_len ||
return -1; (prot_len - icv_len) % block_size)
if ((prot_len - icv_len) % block_size)
return -1; return -1;
if (eap_eke_mac(sess->mac, sess->ki, prot + block_size, if (eap_eke_mac(sess->mac, sess->ki, prot + block_size,
@ -738,22 +727,14 @@ int eap_eke_session_init(struct eap_eke_session *sess, u8 dhgroup, u8 encr,
sess->mac = mac; sess->mac = mac;
sess->prf_len = eap_eke_prf_len(prf); sess->prf_len = eap_eke_prf_len(prf);
if (sess->prf_len < 0)
return -1;
sess->nonce_len = eap_eke_nonce_len(prf); sess->nonce_len = eap_eke_nonce_len(prf);
if (sess->nonce_len < 0)
return -1;
sess->auth_len = eap_eke_auth_len(prf); sess->auth_len = eap_eke_auth_len(prf);
if (sess->auth_len < 0)
return -1;
sess->dhcomp_len = eap_eke_dhcomp_len(sess->dhgroup, sess->encr); sess->dhcomp_len = eap_eke_dhcomp_len(sess->dhgroup, sess->encr);
if (sess->dhcomp_len < 0)
return -1;
sess->pnonce_len = eap_eke_pnonce_len(sess->mac); sess->pnonce_len = eap_eke_pnonce_len(sess->mac);
if (sess->pnonce_len < 0)
return -1;
sess->pnonce_ps_len = eap_eke_pnonce_ps_len(sess->mac); sess->pnonce_ps_len = eap_eke_pnonce_ps_len(sess->mac);
if (sess->pnonce_ps_len < 0) if (sess->prf_len < 0 || sess->nonce_len < 0 || sess->auth_len < 0 ||
sess->dhcomp_len < 0 || sess->pnonce_len < 0 ||
sess->pnonce_ps_len < 0)
return -1; return -1;
return 0; return 0;