Add a return value to hasher_t.allocate_hash()

1 files changed, 35 insertions, 20 deletions

diff --git a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
index dd6f56fd9..8ae20783d 100644
--- a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
+++ b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
@@ -281,7 +281,11 @@ static status_t NtPasswordHash(chunk_t password, chunk_t *password_hash)
 		DBG1(DBG_IKE, "EAP-MS-CHAPv2 failed, no MD4 hasher available");
 		return FAILED;
 	}
-	hasher->allocate_hash(hasher, password, password_hash);
+	if (!hasher->allocate_hash(hasher, password, password_hash))
+	{
+		hasher->destroy(hasher);
+		return FAILED;
+	}
 	hasher->destroy(hasher);
 	return SUCCESS;
 }
@@ -302,7 +306,11 @@ static status_t ChallengeHash(chunk_t peer_challenge, chunk_t server_challenge,
 		return FAILED;
 	}
 	concat = chunk_cata("ccc", peer_challenge, server_challenge, username);
-	hasher->allocate_hash(hasher, concat, challenge_hash);
+	if (!hasher->allocate_hash(hasher, concat, challenge_hash))
+	{
+		hasher->destroy(hasher);
+		return FAILED;
+	}
 	hasher->destroy(hasher);
 	/* we need only the first 8 octets */
 	challenge_hash->len = 8;
@@ -382,10 +390,17 @@ static status_t AuthenticatorResponse(chunk_t password_hash_hash,
 	}
 
 	concat = chunk_cata("ccc", password_hash_hash, nt_response, magic1);
-	hasher->allocate_hash(hasher, concat, &digest);
+	if (!hasher->allocate_hash(hasher, concat, &digest))
+	{
+		hasher->destroy(hasher);
+		return FAILED;
+	}
 	concat = chunk_cata("ccc", digest, challenge_hash, magic2);
-	hasher->allocate_hash(hasher, concat, response);
-
+	if (!hasher->allocate_hash(hasher, concat, response))
+	{
+		hasher->destroy(hasher);
+		return FAILED;
+	}
 	hasher->destroy(hasher);
 	chunk_free(&digest);
 	return SUCCESS;
@@ -434,7 +449,9 @@ static status_t GenerateMSK(chunk_t password_hash_hash,
 	chunk_t keypad = chunk_from_chars(
 		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
 		0x00, 0x00, 0x00, 0x00, 0x00, 0x00);
-	chunk_t concat, master_key, master_receive_key, master_send_key;
+	char master_key[HASH_SIZE_SHA1];
+	char master_receive_key[HASH_SIZE_SHA1], master_send_key[HASH_SIZE_SHA1];
+	chunk_t concat, master;
 	hasher_t *hasher;
 
 	hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
@@ -444,24 +461,22 @@ static status_t GenerateMSK(chunk_t password_hash_hash,
 		return FAILED;
 	}
 
+	master = chunk_create(master_key, 16);
 	concat = chunk_cata("ccc", password_hash_hash, nt_response, magic1);
-	hasher->allocate_hash(hasher, concat, &master_key);
-	master_key.len = 16;
-
-	concat = chunk_cata("cccc", master_key, shapad1, magic2, shapad2);
-	hasher->allocate_hash(hasher, concat, &master_receive_key);
-	master_receive_key.len = 16;
-
-	concat = chunk_cata("cccc", master_key, shapad1, magic3, shapad2);
-	hasher->allocate_hash(hasher, concat, &master_send_key);
-	master_send_key.len = 16;
+	concat = chunk_cata("cccc", master, shapad1, magic2, shapad2);
+	concat = chunk_cata("cccc", master, shapad1, magic3, shapad2);
+	if (!hasher->get_hash(hasher, concat, master_key) ||
+		!hasher->get_hash(hasher, concat, master_receive_key) ||
+		!hasher->get_hash(hasher, concat, master_send_key))
+	{
+		hasher->destroy(hasher);
+		return FAILED;
+	}
 
-	*msk = chunk_cat("cccc", master_receive_key, master_send_key, keypad, keypad);
+	*msk = chunk_cat("cccc", chunk_create(master_receive_key, 16),
+					 chunk_create(master_send_key, 16), keypad, keypad);
 
 	hasher->destroy(hasher);
-	chunk_free(&master_key);
-	chunk_free(&master_receive_key);
-	chunk_free(&master_send_key);
 	return SUCCESS;
 }