From ee267f812f6d72da400cc24265c399c3e9048a8a Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Wed, 10 Apr 2013 10:33:02 +0200 Subject: [PATCH 07/10] do_aes: Abort on failure The routine cannot signal encryption failures to the caller and would leave the buffer unencrypted on error. --- programs/pluto/ike_alg_aes.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/programs/pluto/ike_alg_aes.c b/programs/pluto/ike_alg_aes.c index 1d4aada..95999bb 100644 --- a/programs/pluto/ike_alg_aes.c +++ b/programs/pluto/ike_alg_aes.c @@ -48,7 +48,7 @@ do_aes(u_int8_t *buf, size_t buf_len, u_int8_t *key, size_t key_size, u_int8_t * if (symkey == NULL) { loglog(RC_LOG_SERIOUS, "do_aes: NSS derived enc key in NULL\n"); - goto out; + abort(); } ivitem.type = siBuffer; @@ -58,7 +58,7 @@ do_aes(u_int8_t *buf, size_t buf_len, u_int8_t *key, size_t key_size, u_int8_t * secparam = PK11_ParamFromIV(ciphermech, &ivitem); if (secparam == NULL) { loglog(RC_LOG_SERIOUS, "do_aes: Failure to set up PKCS11 param (err %d)\n",PR_GetError()); - goto out; + abort(); } outlen = 0; @@ -69,8 +69,15 @@ do_aes(u_int8_t *buf, size_t buf_len, u_int8_t *key, size_t key_size, u_int8_t * } enccontext = PK11_CreateContextBySymKey(ciphermech, enc? CKA_ENCRYPT : CKA_DECRYPT, symkey, secparam); + if (enccontext == NULL) { + loglog(RC_LOG_SERIOUS, "do_aes: PKCS11 context creation failure (err %d)\n", PR_GetError()); + abort(); + } rv = PK11_CipherOp(enccontext, tmp_buf, &outlen, buf_len, buf, buf_len); - passert(rv==SECSuccess); + if (rv != SECSuccess) { + loglog(RC_LOG_SERIOUS, "do_aes: PKCS11 operation failure (err %d)\n", PR_GetError()); + abort(); + } PK11_DestroyContext(enccontext, PR_TRUE); memcpy(buf,tmp_buf,buf_len); @@ -81,8 +88,6 @@ do_aes(u_int8_t *buf, size_t buf_len, u_int8_t *key, size_t key_size, u_int8_t * memcpy(iv, new_iv, AES_CBC_BLOCK_SIZE); PR_Free(tmp_buf); -out: - if (secparam) SECITEM_FreeItem(secparam, PR_TRUE); DBG(DBG_CRYPT, DBG_log("NSS do_aes: exit")); -- 1.8.1.4