SAE: Free temporary buffers when moving to Accepted state
Most of the variables are not needed anymore once the SAE instance has entered Accepted state. Free these to save memory. Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen
parent
30846fa65f
commit
b4fd3613d3
4 changed files with 29 additions and 3 deletions
|
|
@ -510,8 +510,10 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta,
|
|||
data = auth_build_sae_confirm(hapd, sta);
|
||||
if (data == NULL)
|
||||
resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
|
||||
else
|
||||
else {
|
||||
sta->sae->state = SAE_ACCEPTED;
|
||||
sae_clear_temp_data(sta->sae);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
|
||||
|
|
|
|||
|
|
@ -65,22 +65,44 @@ int sae_set_group(struct sae_data *sae, int group)
|
|||
}
|
||||
|
||||
|
||||
void sae_clear_data(struct sae_data *sae)
|
||||
void sae_clear_temp_data(struct sae_data *sae)
|
||||
{
|
||||
if (sae == NULL)
|
||||
return;
|
||||
crypto_ec_deinit(sae->ec);
|
||||
sae->ec = NULL;
|
||||
sae->dh = NULL;
|
||||
crypto_bignum_deinit(sae->prime_buf, 0);
|
||||
sae->prime_buf = NULL;
|
||||
sae->prime = NULL;
|
||||
crypto_bignum_deinit(sae->order_buf, 0);
|
||||
sae->order_buf = NULL;
|
||||
sae->order = NULL;
|
||||
crypto_bignum_deinit(sae->sae_rand, 1);
|
||||
sae->sae_rand = NULL;
|
||||
crypto_bignum_deinit(sae->pwe_ffc, 1);
|
||||
sae->pwe_ffc = NULL;
|
||||
crypto_bignum_deinit(sae->own_commit_scalar, 0);
|
||||
crypto_bignum_deinit(sae->peer_commit_scalar, 0);
|
||||
sae->own_commit_scalar = NULL;
|
||||
crypto_bignum_deinit(sae->own_commit_element_ffc, 0);
|
||||
sae->own_commit_element_ffc = NULL;
|
||||
crypto_bignum_deinit(sae->peer_commit_element_ffc, 0);
|
||||
sae->peer_commit_element_ffc = NULL;
|
||||
crypto_ec_point_deinit(sae->pwe_ecc, 1);
|
||||
sae->pwe_ecc = NULL;
|
||||
crypto_ec_point_deinit(sae->own_commit_element_ecc, 0);
|
||||
sae->own_commit_element_ecc = NULL;
|
||||
crypto_ec_point_deinit(sae->peer_commit_element_ecc, 0);
|
||||
sae->peer_commit_element_ecc = NULL;
|
||||
}
|
||||
|
||||
|
||||
void sae_clear_data(struct sae_data *sae)
|
||||
{
|
||||
if (sae == NULL)
|
||||
return;
|
||||
sae_clear_temp_data(sae);
|
||||
crypto_bignum_deinit(sae->peer_commit_scalar, 0);
|
||||
os_memset(sae, 0, sizeof(*sae));
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -43,6 +43,7 @@ struct sae_data {
|
|||
};
|
||||
|
||||
int sae_set_group(struct sae_data *sae, int group);
|
||||
void sae_clear_temp_data(struct sae_data *sae);
|
||||
void sae_clear_data(struct sae_data *sae);
|
||||
|
||||
int sae_prepare_commit(const u8 *addr1, const u8 *addr2,
|
||||
|
|
|
|||
|
|
@ -511,6 +511,7 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction,
|
|||
if (sae_check_confirm(&wpa_s->sme.sae, data, len) < 0)
|
||||
return -1;
|
||||
wpa_s->sme.sae.state = SAE_ACCEPTED;
|
||||
sae_clear_temp_data(&wpa_s->sme.sae);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue