From d52be1db7602d15185ff5bd1dbfd1b6271156dff Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Tue, 14 Sep 2010 22:04:09 -1000 Subject: [PATCH] EAP-pwd: Move bnctx into per-protocol instance structure This avoids double frees of bnctx and related crashes. --- src/eap_peer/eap_pwd.c | 49 ++++++++++++++++++--------------- src/eap_server/eap_server_pwd.c | 47 +++++++++++++++++-------------- 2 files changed, 54 insertions(+), 42 deletions(-) diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c index 8d21b92b0..42a849fb3 100644 --- a/src/eap_peer/eap_pwd.c +++ b/src/eap_peer/eap_pwd.c @@ -41,9 +41,9 @@ struct eap_pwd_data { u8 msk[EAP_MSK_LEN]; u8 emsk[EAP_EMSK_LEN]; -}; -static BN_CTX *bnctx; + BN_CTX *bnctx; +}; #ifndef CONFIG_NO_STDOUT_DEBUG @@ -93,18 +93,20 @@ static void * eap_pwd_init(struct eap_sm *sm) return NULL; } - if ((bnctx = BN_CTX_new()) == NULL) { - wpa_printf(MSG_INFO, "EAP-PWD: bn context allocation fail"); - return NULL; - } - if ((data = os_zalloc(sizeof(*data))) == NULL) { wpa_printf(MSG_INFO, "EAP-PWD: memory allocation data fail"); return NULL; } + if ((data->bnctx = BN_CTX_new()) == NULL) { + wpa_printf(MSG_INFO, "EAP-PWD: bn context allocation fail"); + os_free(data); + return NULL; + } + if ((data->id_peer = os_malloc(identity_len)) == NULL) { wpa_printf(MSG_INFO, "EAP-PWD: memory allocation id fail"); + BN_CTX_free(data->bnctx); os_free(data); return NULL; } @@ -114,6 +116,7 @@ static void * eap_pwd_init(struct eap_sm *sm) if ((data->password = os_malloc(password_len)) == NULL) { wpa_printf(MSG_INFO, "EAP-PWD: memory allocation psk fail"); + BN_CTX_free(data->bnctx); os_free(data->id_peer); os_free(data); return NULL; @@ -135,7 +138,7 @@ static void eap_pwd_deinit(struct eap_sm *sm, void *priv) BN_free(data->server_scalar); BN_free(data->my_scalar); BN_free(data->k); - BN_CTX_free(bnctx); + BN_CTX_free(data->bnctx); EC_POINT_free(data->my_element); EC_POINT_free(data->server_element); os_free(data->id_peer); @@ -274,17 +277,19 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, BN_rand_range(data->private_value, data->grp->order); BN_rand_range(mask, data->grp->order); BN_add(data->my_scalar, data->private_value, mask); - BN_mod(data->my_scalar, data->my_scalar, data->grp->order, bnctx); + BN_mod(data->my_scalar, data->my_scalar, data->grp->order, + data->bnctx); if (!EC_POINT_mul(data->grp->group, data->my_element, NULL, - data->grp->pwe, mask, bnctx)) { + data->grp->pwe, mask, data->bnctx)) { wpa_printf(MSG_INFO, "EAP-PWD (peer): element allocation " "fail"); eap_pwd_state(data, FAILURE); goto fin; } - if (!EC_POINT_invert(data->grp->group, data->my_element, bnctx)) { + if (!EC_POINT_invert(data->grp->group, data->my_element, data->bnctx)) + { wpa_printf(MSG_INFO, "EAP-PWD (peer): element inversion fail"); goto fin; } @@ -317,7 +322,7 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, BN_bin2bn(ptr, BN_num_bytes(data->grp->order), data->server_scalar); if (!EC_POINT_set_affine_coordinates_GFp(data->grp->group, data->server_element, x, y, - bnctx)) { + data->bnctx)) { wpa_printf(MSG_INFO, "EAP-PWD (peer): setting peer element " "fail"); goto fin; @@ -340,11 +345,11 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, /* compute the shared key, k */ if ((!EC_POINT_mul(data->grp->group, K, NULL, data->grp->pwe, - data->server_scalar, bnctx)) || + data->server_scalar, data->bnctx)) || (!EC_POINT_add(data->grp->group, K, K, data->server_element, - bnctx)) || + data->bnctx)) || (!EC_POINT_mul(data->grp->group, K, NULL, K, data->private_value, - bnctx))) { + data->bnctx))) { wpa_printf(MSG_INFO, "EAP-PWD (peer): computing shared key " "fail"); goto fin; @@ -373,7 +378,7 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, } if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, K, data->k, - NULL, bnctx)) { + NULL, data->bnctx)) { wpa_printf(MSG_INFO, "EAP-PWD (peer): unable to extract " "shared secret from point"); goto fin; @@ -382,7 +387,7 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, /* now do the response */ if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, data->my_element, x, y, - bnctx)) { + data->bnctx)) { wpa_printf(MSG_INFO, "EAP-PWD (peer): point assignment fail"); goto fin; } @@ -489,7 +494,7 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data, /* server element: x, y */ if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, data->server_element, x, y, - bnctx)) { + data->bnctx)) { wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " "assignment fail"); goto fin; @@ -509,7 +514,7 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data, /* my element: x, y */ if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, data->my_element, x, y, - bnctx)) { + data->bnctx)) { wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " "assignment fail"); goto fin; @@ -556,7 +561,7 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data, /* my element */ if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, data->my_element, x, y, - bnctx)) { + data->bnctx)) { wpa_printf(MSG_INFO, "EAP-PWD (peer): confirm point " "assignment fail"); goto fin; @@ -576,7 +581,7 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data, /* server element: x, y */ if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, data->server_element, x, y, - bnctx)) { + data->bnctx)) { wpa_printf(MSG_INFO, "EAP-PWD (peer): confirm point " "assignment fail"); goto fin; @@ -608,7 +613,7 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data, wpabuf_put_u8(resp, EAP_PWD_OPCODE_CONFIRM_EXCH); wpabuf_put_data(resp, conf, SHA256_DIGEST_LENGTH); - if (compute_keys(data->grp, bnctx, data->k, data->server_element, + if (compute_keys(data->grp, data->bnctx, data->k, data->server_element, data->my_element, data->server_scalar, data->my_scalar, &cs, data->msk, data->emsk) < 0) { wpa_printf(MSG_INFO, "EAP-PWD (peer): unable to compute MSK | " diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c index d1b89ea49..65b94c727 100644 --- a/src/eap_server/eap_server_pwd.c +++ b/src/eap_server/eap_server_pwd.c @@ -42,9 +42,9 @@ struct eap_pwd_data { u8 msk[EAP_MSK_LEN]; u8 emsk[EAP_EMSK_LEN]; -}; -static BN_CTX *bnctx; + BN_CTX *bnctx; +}; static const char * eap_pwd_state_txt(int state) @@ -96,20 +96,25 @@ static void * eap_pwd_init(struct eap_sm *sm) data->id_server = (u8 *) os_strdup("server"); if (data->id_server) - data->id_server_len = os_strlen((char *)data->id_server); + data->id_server_len = os_strlen((char *) data->id_server); data->password = os_malloc(sm->user->password_len); if (data->password == NULL) { wpa_printf(MSG_INFO, "EAP-PWD: Mmemory allocation password " "fail"); + os_free(data->id_server); + os_free(data); return NULL; } data->password_len = sm->user->password_len; os_memcpy(data->password, sm->user->password, data->password_len); - bnctx = BN_CTX_new(); - if (bnctx == NULL) { + data->bnctx = BN_CTX_new(); + if (data->bnctx == NULL) { wpa_printf(MSG_INFO, "EAP-PWD: bn context allocation fail"); + os_free(data->password); + os_free(data->id_server); + os_free(data); return NULL; } @@ -125,7 +130,7 @@ static void eap_pwd_reset(struct eap_sm *sm, void *priv) BN_free(data->peer_scalar); BN_free(data->my_scalar); BN_free(data->k); - BN_CTX_free(bnctx); + BN_CTX_free(data->bnctx); EC_POINT_free(data->my_element); EC_POINT_free(data->peer_element); os_free(data->id_peer); @@ -186,17 +191,19 @@ eap_pwd_build_commit_req(struct eap_sm *sm, struct eap_pwd_data *data, u8 id) BN_rand_range(data->private_value, data->grp->order); BN_rand_range(mask, data->grp->order); BN_add(data->my_scalar, data->private_value, mask); - BN_mod(data->my_scalar, data->my_scalar, data->grp->order, bnctx); + BN_mod(data->my_scalar, data->my_scalar, data->grp->order, + data->bnctx); if (!EC_POINT_mul(data->grp->group, data->my_element, NULL, - data->grp->pwe, mask, bnctx)) { + data->grp->pwe, mask, data->bnctx)) { wpa_printf(MSG_INFO, "EAP-PWD (server): element allocation " "fail"); eap_pwd_state(data, FAILURE); goto fin; } - if (!EC_POINT_invert(data->grp->group, data->my_element, bnctx)) { + if (!EC_POINT_invert(data->grp->group, data->my_element, data->bnctx)) + { wpa_printf(MSG_INFO, "EAP-PWD (server): element inversion " "fail"); goto fin; @@ -211,7 +218,7 @@ eap_pwd_build_commit_req(struct eap_sm *sm, struct eap_pwd_data *data, u8 id) } if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, data->my_element, x, y, - bnctx)) { + data->bnctx)) { wpa_printf(MSG_INFO, "EAP-PWD (server): point assignment " "fail"); goto fin; @@ -302,7 +309,7 @@ eap_pwd_build_confirm_req(struct eap_sm *sm, struct eap_pwd_data *data, u8 id) /* server element: x, y */ if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, data->my_element, x, y, - bnctx)) { + data->bnctx)) { wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " "assignment fail"); goto fin; @@ -323,7 +330,7 @@ eap_pwd_build_confirm_req(struct eap_sm *sm, struct eap_pwd_data *data, u8 id) /* peer element: x, y */ if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, data->peer_element, x, y, - bnctx)) { + data->bnctx)) { wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " "assignment fail"); goto fin; @@ -520,7 +527,7 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, BN_bin2bn(ptr, BN_num_bytes(data->grp->order), data->peer_scalar); if (!EC_POINT_set_affine_coordinates_GFp(data->grp->group, data->peer_element, x, y, - bnctx)) { + data->bnctx)) { wpa_printf(MSG_INFO, "EAP-PWD (server): setting peer element " "fail"); goto fin; @@ -543,11 +550,11 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, /* compute the shared key, k */ if ((!EC_POINT_mul(data->grp->group, K, NULL, data->grp->pwe, - data->peer_scalar, bnctx)) || + data->peer_scalar, data->bnctx)) || (!EC_POINT_add(data->grp->group, K, K, data->peer_element, - bnctx)) || + data->bnctx)) || (!EC_POINT_mul(data->grp->group, K, NULL, K, data->private_value, - bnctx))) { + data->bnctx))) { wpa_printf(MSG_INFO, "EAP-PWD (server): computing shared key " "fail"); goto fin; @@ -575,7 +582,7 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, goto fin; } if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, K, data->k, - NULL, bnctx)) { + NULL, data->bnctx)) { wpa_printf(MSG_INFO, "EAP-PWD (server): unable to extract " "shared secret from secret point"); goto fin; @@ -634,7 +641,7 @@ eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data, /* peer element: x, y */ if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, data->peer_element, x, y, - bnctx)) { + data->bnctx)) { wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " "assignment fail"); goto fin; @@ -654,7 +661,7 @@ eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data, /* server element: x, y */ if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, data->my_element, x, y, - bnctx)) { + data->bnctx)) { wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point " "assignment fail"); goto fin; @@ -687,7 +694,7 @@ eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data, } wpa_printf(MSG_DEBUG, "EAP-pwd (server): confirm verified"); - if (compute_keys(data->grp, bnctx, data->k, data->my_element, + if (compute_keys(data->grp, data->bnctx, data->k, data->my_element, data->peer_element, data->my_scalar, data->peer_scalar, &cs, data->msk, data->emsk) < 0) eap_pwd_state(data, FAILURE);