aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant/eap_fast.c
diff options
context:
space:
mode:
Diffstat (limited to 'wpa_supplicant/eap_fast.c')
-rw-r--r--wpa_supplicant/eap_fast.c40
1 files changed, 24 insertions, 16 deletions
diff --git a/wpa_supplicant/eap_fast.c b/wpa_supplicant/eap_fast.c
index f432f40..9bce9dc 100644
--- a/wpa_supplicant/eap_fast.c
+++ b/wpa_supplicant/eap_fast.c
@@ -820,7 +820,8 @@ static int eap_fast_set_tls_master_secret(struct eap_sm *sm,
size_t seed_len, server_random_len;
if (data->tls_master_secret_set || !data->current_pac ||
- tls_connection_get_keys(sm->ssl_ctx, data->ssl.conn, &keys)) {
+ tls_connection_get_keys(sm->ssl_ctx, data->ssl.conn, &keys) ||
+ keys.client_random == NULL) {
return 0;
}
@@ -854,7 +855,6 @@ static int eap_fast_set_tls_master_secret(struct eap_sm *sm,
wpa_hexdump(MSG_DEBUG, "EAP-FAST: server_random",
server_random, server_random_len);
-
seed_len = keys.client_random_len + server_random_len;
seed = malloc(seed_len);
if (seed == NULL)
@@ -887,22 +887,28 @@ static u8 * eap_fast_derive_key(struct eap_sm *sm, struct eap_ssl_data *data,
char *label, size_t len)
{
struct tls_keys keys;
- u8 *rnd;
- u8 *out;
+ u8 *rnd = NULL, *out;
int block_size;
- if (tls_connection_get_keys(sm->ssl_ctx, data->conn, &keys))
- return NULL;
block_size = tls_connection_get_keyblock_size(sm->ssl_ctx, data->conn);
if (block_size < 0)
return NULL;
+
out = malloc(block_size + len);
- rnd = malloc(keys.client_random_len + keys.server_random_len);
- if (out == NULL || rnd == NULL) {
- free(out);
- free(rnd);
+ if (out == NULL)
return NULL;
- }
+
+ if (tls_connection_prf(sm->ssl_ctx, data->conn, label, 1, out, len) ==
+ 0)
+ return out;
+
+ if (tls_connection_get_keys(sm->ssl_ctx, data->conn, &keys))
+ goto fail;
+
+ rnd = malloc(keys.client_random_len + keys.server_random_len);
+ if (rnd == NULL)
+ goto fail;
+
memcpy(rnd, keys.server_random, keys.server_random_len);
memcpy(rnd + keys.server_random_len, keys.client_random,
keys.client_random_len);
@@ -911,14 +917,16 @@ static u8 * eap_fast_derive_key(struct eap_sm *sm, struct eap_ssl_data *data,
"expansion", keys.master_key, keys.master_key_len);
if (tls_prf(keys.master_key, keys.master_key_len,
label, rnd, keys.client_random_len +
- keys.server_random_len, out, block_size + len)) {
- free(rnd);
- free(out);
- return NULL;
- }
+ keys.server_random_len, out, block_size + len))
+ goto fail;
free(rnd);
memmove(out, out + block_size, len);
return out;
+
+fail:
+ free(rnd);
+ free(out);
+ return NULL;
}