mka: Store cipher suite ID in a u64 instead of u8 pointer

[mech_eap.git] / src / pae / ieee802_1x_cp.c

diff --git a/src/pae/ieee802_1x_cp.c b/src/pae/ieee802_1x_cp.c
index 83fd5ed..43046f5 100644 (file)
--- a/src/pae/ieee802_1x_cp.c
+++ b/src/pae/ieee802_1x_cp.c
@@ -20,7 +20,7 @@
 #define STATE_MACHINE_DATA struct ieee802_1x_cp_sm
 #define STATE_MACHINE_DEBUG_PREFIX "CP"
 
-static u8 default_cs_id[] = CS_ID_GCM_AES_128;
+static u64 default_cs_id = CS_ID_GCM_AES_128;
 
 /* The variable defined in clause 12 in IEEE Std 802.1X-2010 */
 enum connect_type { PENDING, UNAUTHENTICATED, AUTHENTICATED, SECURE };
@@ -45,7 +45,7 @@ struct ieee802_1x_cp_sm {
        Boolean elected_self;
        u8 *authorization_data1;
        enum confidentiality_offset cipher_offset;
-       u8 *cipher_suite;
+       u64 cipher_suite;
        Boolean new_sak; /* clear by CP */
        struct ieee802_1x_mka_ki distributed_ki;
        u8 distributed_an;
@@ -71,7 +71,7 @@ struct ieee802_1x_cp_sm {
        Boolean replay_protect;
        u32 replay_window;
 
-       u8 *current_cipher_suite;
+       u64 current_cipher_suite;
        enum confidentiality_offset confidentiality_offset;
        Boolean controlled_port_enabled;
 
@@ -97,8 +97,7 @@ static void ieee802_1x_cp_transmit_when_timeout(void *eloop_ctx,
 static int changed_cipher(struct ieee802_1x_cp_sm *sm)
 {
        return sm->confidentiality_offset != sm->cipher_offset ||
-               os_memcmp(sm->current_cipher_suite, sm->cipher_suite,
-                         CS_ID_LEN) != 0;
+               sm->current_cipher_suite != sm->cipher_suite;
 }
 
 
@@ -196,8 +195,8 @@ SM_STATE(CP, SECURED)
        sm->replay_protect = conf.replay_protect;
        sm->validate_frames = conf.validate;
 
-       /* NOTE: now no other than default cipher suiter(AES-GCM-128) */
-       os_memcpy(sm->current_cipher_suite, sm->cipher_suite, CS_ID_LEN);
+       /* NOTE: now no other than default cipher suite (AES-GCM-128) */
+       sm->current_cipher_suite = sm->cipher_suite;
        secy_cp_control_current_cipher_suite(sm->kay, sm->current_cipher_suite);
 
        sm->confidentiality_offset = sm->cipher_offset;
@@ -459,17 +458,8 @@ struct ieee802_1x_cp_sm * ieee802_1x_cp_sm_init(
        sm->orx = FALSE;
        sm->otx = FALSE;
 
-       sm->cipher_suite = os_zalloc(CS_ID_LEN);
-       sm->current_cipher_suite = os_zalloc(CS_ID_LEN);
-       if (!sm->cipher_suite || !sm->current_cipher_suite) {
-               wpa_printf(MSG_ERROR, "CP-%s: out of memory", __func__);
-               os_free(sm->cipher_suite);
-               os_free(sm->current_cipher_suite);
-               os_free(sm);
-               return NULL;
-       }
-       os_memcpy(sm->current_cipher_suite, default_cs_id, CS_ID_LEN);
-       os_memcpy(sm->cipher_suite, default_cs_id, CS_ID_LEN);
+       sm->current_cipher_suite = default_cs_id;
+       sm->cipher_suite = default_cs_id;
        sm->cipher_offset = CONFIDENTIALITY_OFFSET_0;
        sm->confidentiality_offset = sm->cipher_offset;
        sm->transmit_delay = MKA_LIFE_TIME;
@@ -529,8 +519,6 @@ void ieee802_1x_cp_sm_deinit(struct ieee802_1x_cp_sm *sm)
        eloop_cancel_timeout(ieee802_1x_cp_step_cb, sm, NULL);
        os_free(sm->lki);
        os_free(sm->oki);
-       os_free(sm->cipher_suite);
-       os_free(sm->current_cipher_suite);
        os_free(sm->authorization_data);
        os_free(sm);
 }
@@ -617,10 +605,10 @@ void ieee802_1x_cp_set_authorizationdata(void *cp_ctx, u8 *pdata, int len)
 /**
  * ieee802_1x_cp_set_ciphersuite -
  */
-void ieee802_1x_cp_set_ciphersuite(void *cp_ctx, void *pid)
+void ieee802_1x_cp_set_ciphersuite(void *cp_ctx, u64 cs)
 {
        struct ieee802_1x_cp_sm *sm = cp_ctx;
-       os_memcpy(sm->cipher_suite, pid, CS_ID_LEN);
+       sm->cipher_suite = cs;
 }