DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

FT: Make aes_wrap() call easier to analyze

Browse source 
Using aes_wrap() to initialize a data structure seemed to be too much
for some static analyzers to understand. Make it obvious that the target
is not just the single struct member. (CID 68111)

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2014-12-05 22:59:20 +02:00
parent 7696760388
commit 369d07afc1
1 changed files with 7 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/ap/wpa_auth_ft.c
View file

@ -1724,6 +1724,8 @@ static void wpa_ft_generate_pmk_r1(struct wpa_authenticator *wpa_auth,
{ {
struct ft_r0kh_r1kh_push_frame frame, f; struct ft_r0kh_r1kh_push_frame frame, f;
struct os_time now; struct os_time now;
const u8 *plain;
u8 *crypt;
os_memset(&frame, 0, sizeof(frame)); os_memset(&frame, 0, sizeof(frame));
frame.frame_type = RSN_REMOTE_FRAME_TYPE_FT_RRB; frame.frame_type = RSN_REMOTE_FRAME_TYPE_FT_RRB;
@ -1746,9 +1748,13 @@ static void wpa_ft_generate_pmk_r1(struct wpa_authenticator *wpa_auth,
WPA_PUT_LE32(f.timestamp, now.sec); WPA_PUT_LE32(f.timestamp, now.sec);
f.pairwise = host_to_le16(pairwise); f.pairwise = host_to_le16(pairwise);
os_memset(f.pad, 0, sizeof(f.pad)); os_memset(f.pad, 0, sizeof(f.pad));
plain = ((const u8 *) &f) + offsetof(struct ft_r0kh_r1kh_push_frame,
timestamp);
crypt = ((u8 *) &frame) + offsetof(struct ft_r0kh_r1kh_push_frame,
timestamp);
if (aes_wrap(r1kh->key, sizeof(r1kh->key), if (aes_wrap(r1kh->key, sizeof(r1kh->key),
(FT_R0KH_R1KH_PUSH_DATA_LEN + 7) / 8, (FT_R0KH_R1KH_PUSH_DATA_LEN + 7) / 8,
f.timestamp, frame.timestamp) < 0) plain, crypt) < 0)
return; return;
wpa_ft_rrb_send(wpa_auth, r1kh->addr, (u8 *) &frame, sizeof(frame)); wpa_ft_rrb_send(wpa_auth, r1kh->addr, (u8 *) &frame, sizeof(frame));