From 7ce0202f6768471e985ca960a1a237650532f8a0 Mon Sep 17 00:00:00 2001
From: Sten Verbois <stenverbois@gmail.com>
Date: Mon, 2 Jul 2018 04:10:41 -0700
Subject: [PATCH] Fix LeiA epoch overflow vulnerability

---
 can-auth/leia.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/can-auth/leia.c b/can-auth/leia.c
index 8844da2..bef7838 100644
--- a/can-auth/leia.c
+++ b/can-auth/leia.c
@@ -76,6 +76,9 @@ void VULCAN_FUNC leia_session_key_gen(void)
     ASSERT(leia_cur);
 
     // 1. increment epoch
+    // NOTE: should request new random session key from trusted global
+    // Attestation Server on epoch counter overflow (see VulCAN paper)
+    ASSERT(leia_cur->epoch != LEIA_EPOCH_MAX);
     leia_cur->epoch++;
 
     // 2. apply the MAC algorithm on the epoch
@@ -95,9 +98,6 @@ void VULCAN_FUNC leia_update_counters(void)
 
     if (leia_cur->c == LEIA_COUNT_MAX)
     {
-        // NOTE: should request new random session key from trusted global
-        // Attestation Server on epoch counter overflow (see VulCAN paper)
-        ASSERT(leia_cur->epoch != LEIA_EPOCH_MAX);
         leia_session_key_gen();
     }
     else