Fixed defects and coding style

Mika Leppänen · Mika Leppänen · commit 1c452862bcb5 · 2019-02-25T09:33:00.000+02:00
diff --git a/source/6LoWPAN/ws/ws_pae_controller.c b/source/6LoWPAN/ws/ws_pae_controller.c
@@ -75,8 +75,8 @@ typedef struct {
     ws_pae_nw_key_index_update *pae_nw_key_index_update;             /**< PAE NW key index update */
     bool gtks_set : 1;                                               /**< GTKs are set */
     bool gtkhash_set : 1;                                            /**< GTK hashes are set */
-    bool key_index_set :1;                                           /**< NW key index is set */
-    bool nw_keys_init_done :1;                                       /**< NW key initialization has been done */
+    bool key_index_set : 1;                                          /**< NW key index is set */
+    bool nw_keys_init_done : 1;                                      /**< NW key initialization has been done */
 } pae_controller_t;
 
 static pae_controller_t *ws_pae_controller_get(protocol_interface_info_entry_t *interface_ptr);
@@ -88,9 +88,11 @@ static int8_t ws_pae_controller_free_slot_find(nw_key_t *nw_key);
 static NS_LIST_DEFINE(pae_controller_list, pae_controller_t, link);
 
 static sec_prot_gtk_keys_t gtks_storage;
+#ifdef HAVE_PAE_AUTH
 static int8_t gtk_index = -1;
+#endif
 
-#if !defined(HAVE_PAE_SUPP) && !defined(HAVE_PAE_SUPP)
+#if !defined(HAVE_PAE_SUPP) && !defined(HAVE_PAE_AUTH)
 
 static void ws_pae_controller_test_keys_set(sec_prot_gtk_keys_t *gtks)
 {
@@ -356,12 +358,12 @@ static int8_t ws_pae_controller_free_slot_find(nw_key_t *nw_key)
     for (uint8_t slot = NW_KEY_SLOT_FIRST; slot <= NW_KEY_SLOT_LAST; slot++) {
         bool slot_used = false;
         for (uint8_t i = 0; i < GTK_NUM; i++) {
-             if (nw_key[i].slot == slot) {
-                 slot_used = true;
-             }
+            if (nw_key[i].slot == slot) {
+                slot_used = true;
+            }
         }
         if (!slot_used) {
-           return slot;
+            return slot;
         }
     }
 
@@ -387,7 +389,7 @@ int8_t ws_pae_controller_init(protocol_interface_info_entry_t *interface_ptr)
     memset(controller->br_eui_64, 0, 8);
     memset(controller->gtkhash, 0, 32);
     memset(controller->nw_key, 0, sizeof(controller->nw_key));
-    controller->target_pan_id = 0;
+    controller->target_pan_id = 0xffff;
     controller->interface_ptr = interface_ptr;
     controller->auth_completed = NULL;
     controller->nw_key_insert = NULL;
@@ -596,6 +598,7 @@ int8_t ws_pae_controller_gtk_update(int8_t interface_id, uint8_t *gtk[4])
 
 int8_t ws_pae_controller_active_key_update(int8_t interface_id, uint8_t index)
 {
+#ifdef HAVE_PAE_AUTH
     protocol_interface_info_entry_t *cur = protocol_stack_interface_info_get_by_id(interface_id);
 
     pae_controller_t *controller = ws_pae_controller_get(cur);
@@ -606,6 +609,11 @@ int8_t ws_pae_controller_active_key_update(int8_t interface_id, uint8_t index)
     }
 
     return 0;
+#else
+    (void) interface_id;
+    (void) index;
+    return -1;
+#endif
 }
 
 static void ws_pae_controller_gtk_hash_set(protocol_interface_info_entry_t *interface_ptr, uint8_t *gtkhash)
diff --git a/source/6LoWPAN/ws/ws_pae_supp.c b/source/6LoWPAN/ws/ws_pae_supp.c
@@ -101,7 +101,7 @@ typedef struct {
 static trickle_params_t auth_trickle_params = {
     .Imin = TRICKLE_IMIN_120_SECS,          /* 120 second; ticks are 100ms */
     .Imax = TRICKLE_IMIN_120_SECS << 1,     /* 240 second */
-    .k = 0,                   /* infinity - no consistency checking */
+    .k = 0,                                 /* infinity - no consistency checking */
     .TimerExpirations = 3
 };
 
diff --git a/source/Security/kmp/kmp_api.c b/source/Security/kmp/kmp_api.c
@@ -37,24 +37,24 @@
 #define TRACE_GROUP "kmap"
 
 struct kmp_api_s {
-    void                         *app_data_ptr;          /**< Opaque pointer for application data */
-    kmp_api_create_confirm       *create_conf;           /**< KMP-CREATE.confirm callback */
-    kmp_api_create_indication    *create_ind;            /**< KMP-CREATE.indication callback */
-    kmp_api_finished_indication  *finished_ind;          /**< KMP-FINISHED.indication callback */
-    kmp_api_finished             *finished;              /**< Finished i.e. ready to be deleted callback */
-    kmp_type_e                   type;                   /**< KMP type */
-    kmp_addr_t                   *addr;                  /**< Supplicant EUI-64, Relay IP address, Relay port */
-    kmp_service_t                *service;               /**< KMP service */
-    bool                         timer_start_pending :1; /**< Timer is pending to start */
-    bool                         receive_disable :1;     /**< Receiving disabled, do not route messages anymore */
-    sec_prot_t                   sec_prot;               /**< Security protocol interface */
+    void                         *app_data_ptr;           /**< Opaque pointer for application data */
+    kmp_api_create_confirm       *create_conf;            /**< KMP-CREATE.confirm callback */
+    kmp_api_create_indication    *create_ind;             /**< KMP-CREATE.indication callback */
+    kmp_api_finished_indication  *finished_ind;           /**< KMP-FINISHED.indication callback */
+    kmp_api_finished             *finished;               /**< Finished i.e. ready to be deleted callback */
+    kmp_type_e                   type;                    /**< KMP type */
+    kmp_addr_t                   *addr;                   /**< Supplicant EUI-64, Relay IP address, Relay port */
+    kmp_service_t                *service;                /**< KMP service */
+    bool                         timer_start_pending : 1; /**< Timer is pending to start */
+    bool                         receive_disable : 1;     /**< Receiving disabled, do not route messages anymore */
+    sec_prot_t                   sec_prot;                /**< Security protocol interface */
 };
 
 typedef struct {
-    kmp_type_e                   type;                  /**< Security protocol type callback */
-    kmp_sec_prot_size            *size;                 /**< Security protocol data size callback */
-    kmp_sec_prot_init            *init;                 /**< Security protocol init */
-    ns_list_link_t               link;                  /**< Link */
+    kmp_type_e                   type;                    /**< Security protocol type callback */
+    kmp_sec_prot_size            *size;                   /**< Security protocol data size callback */
+    kmp_sec_prot_init            *init;                   /**< Security protocol init */
+    ns_list_link_t               link;                    /**< Link */
 } kmp_sec_prot_entry_t;
 
 typedef NS_LIST_HEAD(kmp_sec_prot_entry_t, link) kmp_sec_prot_list_t;
diff --git a/source/Security/protocols/eap_tls_sec_prot/auth_eap_tls_sec_prot.c b/source/Security/protocols/eap_tls_sec_prot/auth_eap_tls_sec_prot.c
@@ -195,8 +195,8 @@ static int8_t auth_eap_tls_sec_prot_message_handle(sec_prot_t *prot)
     }
 
     tr_info("EAP-TLS: recv %s type %s id %i flags %x len %i, eui-64 %s", eap_msg_trace[data->eap_code - 1],
-             data->eap_type == EAP_IDENTITY ? "IDENTITY" : "TLS", data->recv_eapol_pdu.msg.eap.id_seq,
-             length >= 6 ? data_ptr[0] : 0, length, trace_array(sec_prot_remote_eui_64_addr_get(prot), 8));
+            data->eap_type == EAP_IDENTITY ? "IDENTITY" : "TLS", data->recv_eapol_pdu.msg.eap.id_seq,
+            length >= 6 ? data_ptr[0] : 0, length, trace_array(sec_prot_remote_eui_64_addr_get(prot), 8));
 
     if (data->eap_type == EAP_IDENTITY) {
         return EAP_TLS_MSG_IDENTITY;
@@ -238,8 +238,8 @@ static int8_t auth_eap_tls_sec_prot_message_send(sec_prot_t *prot, uint8_t eap_c
     }
 
     tr_info("EAP-TLS: send %s type %s id %i flags %x len %i, eui-64: %s", eap_msg_trace[eap_code - 1],
-             eap_type == EAP_IDENTITY ? "IDENTITY" : "TLS", data->eap_id_seq, flags, eapol_pdu_size,
-             trace_array(sec_prot_remote_eui_64_addr_get(prot), 8));
+            eap_type == EAP_IDENTITY ? "IDENTITY" : "TLS", data->eap_id_seq, flags, eapol_pdu_size,
+            trace_array(sec_prot_remote_eui_64_addr_get(prot), 8));
 
     if (prot->send(prot, eapol_decoded_data, eapol_pdu_size + prot->header_size) < 0) {
         return -1;
diff --git a/source/Security/protocols/eap_tls_sec_prot/supp_eap_tls_sec_prot.c b/source/Security/protocols/eap_tls_sec_prot/supp_eap_tls_sec_prot.c
@@ -192,8 +192,8 @@ static int8_t supp_eap_tls_sec_prot_message_handle(sec_prot_t *prot)
     }
 
     tr_info("EAP-TLS recv %s type %s id %i flags %x len %i", eap_msg_trace[data->eap_code - 1],
-             data->eap_type == EAP_IDENTITY ? "IDENTITY" : "TLS", data->recv_eapol_pdu.msg.eap.id_seq,
-             length >= 6 ? data_ptr[0] : 0, length);
+            data->eap_type == EAP_IDENTITY ? "IDENTITY" : "TLS", data->recv_eapol_pdu.msg.eap.id_seq,
+            length >= 6 ? data_ptr[0] : 0, length);
 
     if (data->eap_type == EAP_IDENTITY) {
         return EAP_TLS_MSG_IDENTITY;
@@ -239,7 +239,7 @@ static int8_t supp_eap_tls_sec_prot_message_send(sec_prot_t *prot, uint8_t eap_c
     }
 
     tr_info("EAP-TLS: send %s type %s id %i flags %x len %i", eap_msg_trace[eap_code - 1],
-             eap_type == EAP_IDENTITY ? "IDENTITY" : "TLS", data->eap_id_seq, flags, eapol_pdu_size);
+            eap_type == EAP_IDENTITY ? "IDENTITY" : "TLS", data->eap_id_seq, flags, eapol_pdu_size);
 
     if (prot->send(prot, eapol_decoded_data, eapol_pdu_size + prot->header_size) < 0) {
         return -1;
diff --git a/source/Security/protocols/fwh_sec_prot/supp_fwh_sec_prot.c b/source/Security/protocols/fwh_sec_prot/supp_fwh_sec_prot.c
@@ -77,7 +77,7 @@ typedef struct {
     void                          *recv_pdu;                   /**< received pdu */
     uint16_t                      recv_size;                   /**< received pdu size */
     uint64_t                      recv_replay_cnt;             /**< received replay counter */
-    bool                          msg3_retry_wait :1;          /**< Waiting for Message 3 retry */
+    bool                          msg3_retry_wait : 1;         /**< Waiting for Message 3 retry */
 } fwh_sec_prot_int_t;
 
 static uint16_t supp_fwh_sec_prot_size(void);
diff --git a/source/Security/protocols/key_sec_prot/key_sec_prot.c b/source/Security/protocols/key_sec_prot/key_sec_prot.c
@@ -206,25 +206,26 @@ static int8_t key_sec_prot_receive(sec_prot_t *prot, void *pdu, uint16_t size)
             return -1;
         }
 
-        // Checks if supplicant indicates that it has valid PMK
+        // Default assumption is that PMK and PTK are not valid
         prot->sec_keys->pmk_mismatch = true;
-        uint8_t remote_pmkid[PMKID_LEN];
-        if (kde_pmkid_read(kde, kde_len, remote_pmkid) >= 0) {
+        prot->sec_keys->ptk_mismatch = true;
+
+        // Checks if supplicant indicates that it has valid PMK
+        uint8_t remote_keyid[KEYID_LEN];
+        if (kde_pmkid_read(kde, kde_len, remote_keyid) >= 0) {
             uint8_t pmkid[PMKID_LEN];
             if (sec_prot_lib_pmkid_generate(prot, pmkid, true) >= 0) {
-                if (memcmp(remote_pmkid, pmkid, PMKID_LEN) == 0) {
+                if (memcmp(remote_keyid, pmkid, PMKID_LEN) == 0) {
                     prot->sec_keys->pmk_mismatch = false;
                 }
             }
         }
 
         // Checks if supplicant indicates that it has valid PTK
-        prot->sec_keys->ptk_mismatch = true;
-        uint8_t remote_ptkid[PTKID_LEN];
-        if (kde_ptkid_read(kde, kde_len, remote_ptkid) >= 0) {
+        if (kde_ptkid_read(kde, kde_len, remote_keyid) >= 0) {
             uint8_t ptkid[PTKID_LEN];
             if (sec_prot_lib_ptkid_generate(prot, ptkid, true) >= 0) {
-                if (memcmp(remote_ptkid, ptkid, PTKID_LEN) == 0) {
+                if (memcmp(remote_keyid, ptkid, PTKID_LEN) == 0) {
                     prot->sec_keys->ptk_mismatch = false;
                 }
             }
diff --git a/source/Security/protocols/sec_prot_keys.c b/source/Security/protocols/sec_prot_keys.c
@@ -204,9 +204,9 @@ uint8_t sec_prot_keys_fresh_gtkl_get(sec_prot_gtk_keys_t *gtks)
     uint8_t gtkl = 0;
 
     for (uint8_t i = 0; i < GTK_NUM; i++) {
-       if (sec_prot_keys_gtk_status_is_live(gtks, i)) {
-           gtkl |= 1 << i;
-       }
+        if (sec_prot_keys_gtk_status_is_live(gtks, i)) {
+            gtkl |= 1 << i;
+        }
     }
 
     return gtkl;
@@ -282,13 +282,13 @@ int8_t sec_prot_keys_gtk_insert_index_from_gtkl_get(sec_prot_keys_t *sec_keys)
 
     // Checks all keys
     for (uint8_t i = 0; i < GTK_NUM; i++) {
-       if (sec_prot_keys_gtk_status_is_live(sec_keys->gtks, i)) {
-           // If key is live, but not indicated on GTKL inserts it
-           if (!sec_prot_keys_gtkl_gtk_is_live(sec_keys, i)) {
-               sec_prot_keys_gtk_insert_index_set(sec_keys, i);
-               return i;
-           }
-       }
+        if (sec_prot_keys_gtk_status_is_live(sec_keys->gtks, i)) {
+            // If key is live, but not indicated on GTKL inserts it
+            if (!sec_prot_keys_gtkl_gtk_is_live(sec_keys, i)) {
+                sec_prot_keys_gtk_insert_index_set(sec_keys, i);
+                return i;
+            }
+        }
     }
 
     return -1;
diff --git a/source/Security/protocols/sec_prot_keys.h b/source/Security/protocols/sec_prot_keys.h
@@ -39,6 +39,7 @@
 
 #define PMKID_LEN     16
 #define PTKID_LEN     16
+#define KEYID_LEN     16
 
 #define GTK_DEFAULT_LIFETIME    60 * 60 * 24 * 30 // 30 days
 
diff --git a/source/Security/protocols/sec_prot_lib.c b/source/Security/protocols/sec_prot_lib.c
@@ -477,15 +477,11 @@ int8_t sec_prot_lib_pmkid_generate(sec_prot_t *prot, uint8_t *pmkid, bool is_aut
         prot->addr_get(prot, local_eui64, remote_eui64);
     }
 
-    int8_t ret;
-
     if (is_auth) {
-        ret = sec_prot_lib_pmkid_calc(pmk, local_eui64, remote_eui64, pmkid);
+        return sec_prot_lib_pmkid_calc(pmk, local_eui64, remote_eui64, pmkid);
     } else {
-        ret = sec_prot_lib_pmkid_calc(pmk, remote_eui64, local_eui64, pmkid);
+        return sec_prot_lib_pmkid_calc(pmk, remote_eui64, local_eui64, pmkid);
     }
-
-    return ret;
 }
 
 int8_t sec_prot_lib_ptkid_generate(sec_prot_t *prot, uint8_t *ptkid, bool is_auth)
@@ -502,15 +498,11 @@ int8_t sec_prot_lib_ptkid_generate(sec_prot_t *prot, uint8_t *ptkid, bool is_aut
         return -1;
     }
 
-    int8_t ret;
-
     if (is_auth) {
         return sec_prot_lib_ptkid_calc(ptk, local_eui64, remote_eui64, ptkid);
     } else {
         return sec_prot_lib_ptkid_calc(ptk, remote_eui64, local_eui64, ptkid);
     }
-
-    return ret;
 }
 
 int8_t sec_prot_lib_gtkhash_generate(uint8_t *gtk, uint8_t *gtk_hash)

Original file line number	Diff line number	Diff line change
`@@ -206,25 +206,26 @@ static int8_t key_sec_prot_receive(sec_prot_t prot, void pdu, uint16_t size)`
`206`	`206`	`return -1;`
`207`	`207`	`}`
`208`	`208`
`209`		`- // Checks if supplicant indicates that it has valid PMK`
	`209`	`+ // Default assumption is that PMK and PTK are not valid`
`210`	`210`	`prot->sec_keys->pmk_mismatch = true;`
`211`		`- uint8_t remote_pmkid[PMKID_LEN];`
`212`		`- if (kde_pmkid_read(kde, kde_len, remote_pmkid) >= 0) {`
	`211`	`+ prot->sec_keys->ptk_mismatch = true;`
	`212`	`+`
	`213`	`+ // Checks if supplicant indicates that it has valid PMK`
	`214`	`+ uint8_t remote_keyid[KEYID_LEN];`
	`215`	`+ if (kde_pmkid_read(kde, kde_len, remote_keyid) >= 0) {`
`213`	`216`	`uint8_t pmkid[PMKID_LEN];`
`214`	`217`	`if (sec_prot_lib_pmkid_generate(prot, pmkid, true) >= 0) {`
`215`		`- if (memcmp(remote_pmkid, pmkid, PMKID_LEN) == 0) {`
	`218`	`+ if (memcmp(remote_keyid, pmkid, PMKID_LEN) == 0) {`
`216`	`219`	`prot->sec_keys->pmk_mismatch = false;`
`217`	`220`	`}`
`218`	`221`	`}`
`219`	`222`	`}`
`220`	`223`
`221`	`224`	`// Checks if supplicant indicates that it has valid PTK`
`222`		`- prot->sec_keys->ptk_mismatch = true;`
`223`		`- uint8_t remote_ptkid[PTKID_LEN];`
`224`		`- if (kde_ptkid_read(kde, kde_len, remote_ptkid) >= 0) {`
	`225`	`+ if (kde_ptkid_read(kde, kde_len, remote_keyid) >= 0) {`
`225`	`226`	`uint8_t ptkid[PTKID_LEN];`
`226`	`227`	`if (sec_prot_lib_ptkid_generate(prot, ptkid, true) >= 0) {`
`227`		`- if (memcmp(remote_ptkid, ptkid, PTKID_LEN) == 0) {`
	`228`	`+ if (memcmp(remote_keyid, ptkid, PTKID_LEN) == 0) {`
`228`	`229`	`prot->sec_keys->ptk_mismatch = false;`
`229`	`230`	`}`
`230`	`231`	`}`
Original file line number	Diff line number	Diff line change
`@@ -477,15 +477,11 @@ int8_t sec_prot_lib_pmkid_generate(sec_prot_t prot, uint8_t pmkid, bool is_aut`
`477`	`477`	`prot->addr_get(prot, local_eui64, remote_eui64);`
`478`	`478`	`}`
`479`	`479`
`480`		`- int8_t ret;`
`481`		`-`
`482`	`480`	`if (is_auth) {`
`483`		`- ret = sec_prot_lib_pmkid_calc(pmk, local_eui64, remote_eui64, pmkid);`
	`481`	`+ return sec_prot_lib_pmkid_calc(pmk, local_eui64, remote_eui64, pmkid);`
`484`	`482`	`} else {`
`485`		`- ret = sec_prot_lib_pmkid_calc(pmk, remote_eui64, local_eui64, pmkid);`
	`483`	`+ return sec_prot_lib_pmkid_calc(pmk, remote_eui64, local_eui64, pmkid);`
`486`	`484`	`}`
`487`		`-`
`488`		`- return ret;`
`489`	`485`	`}`
`490`	`486`
`491`	`487`	`int8_t sec_prot_lib_ptkid_generate(sec_prot_t prot, uint8_t ptkid, bool is_auth)`
`@@ -502,15 +498,11 @@ int8_t sec_prot_lib_ptkid_generate(sec_prot_t prot, uint8_t ptkid, bool is_aut`
`502`	`498`	`return -1;`
`503`	`499`	`}`
`504`	`500`
`505`		`- int8_t ret;`
`506`		`-`
`507`	`501`	`if (is_auth) {`
`508`	`502`	`return sec_prot_lib_ptkid_calc(ptk, local_eui64, remote_eui64, ptkid);`
`509`	`503`	`} else {`
`510`	`504`	`return sec_prot_lib_ptkid_calc(ptk, remote_eui64, local_eui64, ptkid);`
`511`	`505`	`}`
`512`		`-`
`513`		`- return ret;`
`514`	`506`	`}`
`515`	`507`
`516`	`508`	`int8_t sec_prot_lib_gtkhash_generate(uint8_t gtk, uint8_t gtk_hash)`