aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_peer
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2019-02-01 22:01:29 (GMT)
committerJouni Malinen <j@w1.fi>2019-02-01 22:01:29 (GMT)
commitd05dda61d8b9ce11d622f6234e32b3ad73f25c64 (patch)
treeed5b4a7d07ee6b9f476c1d6deeb957a0e750f208 /src/eap_peer
parent4e1cd3468e5003210b7ca13fafbc64486e5145f0 (diff)
downloadhostap-d05dda61d8b9ce11d622f6234e32b3ad73f25c64.zip
hostap-d05dda61d8b9ce11d622f6234e32b3ad73f25c64.tar.gz
hostap-d05dda61d8b9ce11d622f6234e32b3ad73f25c64.tar.bz2
PEAP: Explicitly clear temporary keys from memory when using CMK
The case of PEAPv0 with crypto binding did not clear some of the temporary keys from stack/heap when those keys were not needed anymore. Clear those explicitly to avoid unnecessary caching of keying material. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eap_peer')
-rw-r--r--src/eap_peer/eap_peap.c14
1 files changed, 9 insertions, 5 deletions
diff --git a/src/eap_peer/eap_peap.c b/src/eap_peer/eap_peap.c
index 9b87b6b..0a756b1 100644
--- a/src/eap_peer/eap_peap.c
+++ b/src/eap_peer/eap_peap.c
@@ -188,7 +188,7 @@ static void eap_peap_deinit(struct eap_sm *sm, void *priv)
os_free(data->session_id);
wpabuf_free(data->pending_phase2_req);
wpabuf_free(data->pending_resp);
- os_free(data);
+ bin_clear_free(data, sizeof(*data));
}
@@ -253,7 +253,7 @@ static int eap_peap_derive_cmk(struct eap_sm *sm, struct eap_peap_data *data)
{
u8 *tk;
u8 isk[32], imck[60];
- int resumed;
+ int resumed, res;
/*
* Tunnel key (TK) is the first 60 octets of the key generated by
@@ -292,9 +292,11 @@ static int eap_peap_derive_cmk(struct eap_sm *sm, struct eap_peap_data *data)
* in the end of the label just before ISK; is that just a typo?)
*/
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: TempKey", tk, 40);
- if (peap_prfplus(data->peap_version, tk, 40,
- "Inner Methods Compound Keys",
- isk, sizeof(isk), imck, sizeof(imck)) < 0)
+ res = peap_prfplus(data->peap_version, tk, 40,
+ "Inner Methods Compound Keys",
+ isk, sizeof(isk), imck, sizeof(imck));
+ os_memset(isk, 0, sizeof(isk));
+ if (res < 0)
return -1;
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: IMCK (IPMKj)",
imck, sizeof(imck));
@@ -303,6 +305,7 @@ static int eap_peap_derive_cmk(struct eap_sm *sm, struct eap_peap_data *data)
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: IPMK (S-IPMKj)", data->ipmk, 40);
os_memcpy(data->cmk, imck + 40, 20);
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: CMK (CMKj)", data->cmk, 20);
+ os_memset(imck, 0, sizeof(imck));
return 0;
}
@@ -1263,6 +1266,7 @@ static u8 * eap_peap_getKey(struct eap_sm *sm, void *priv, size_t *len)
os_memcpy(key, csk, EAP_TLS_KEY_LEN);
wpa_hexdump(MSG_DEBUG, "EAP-PEAP: Derived key",
key, EAP_TLS_KEY_LEN);
+ os_memset(csk, 0, sizeof(csk));
} else
os_memcpy(key, data->key_data, EAP_TLS_KEY_LEN);