diff options
-rw-r--r-- | src/libstrongswan/crypto/mac.h | 4 | ||||
-rw-r--r-- | src/libstrongswan/crypto/prfs/mac_prf.c | 13 | ||||
-rw-r--r-- | src/libstrongswan/crypto/signers/mac_signer.c | 33 | ||||
-rw-r--r-- | src/libstrongswan/plugins/cmac/cmac.c | 3 | ||||
-rw-r--r-- | src/libstrongswan/plugins/hmac/hmac.c | 3 | ||||
-rw-r--r-- | src/libstrongswan/plugins/openssl/openssl_hmac.c | 18 | ||||
-rw-r--r-- | src/libstrongswan/plugins/xcbc/xcbc.c | 5 |
7 files changed, 38 insertions, 41 deletions
diff --git a/src/libstrongswan/crypto/mac.h b/src/libstrongswan/crypto/mac.h index 10f09a831..10e789c22 100644 --- a/src/libstrongswan/crypto/mac.h +++ b/src/libstrongswan/crypto/mac.h @@ -44,8 +44,10 @@ struct mac_t { * * @param data chunk of data to authenticate * @param out pointer where the generated bytes will be written + * @return TRUE if mac generated successfully */ - void (*get_mac)(mac_t *this, chunk_t data, u_int8_t *out); + __attribute__((warn_unused_result)) + bool (*get_mac)(mac_t *this, chunk_t data, u_int8_t *out); /** * Get the size of the resulting MAC. diff --git a/src/libstrongswan/crypto/prfs/mac_prf.c b/src/libstrongswan/crypto/prfs/mac_prf.c index 7d3a97677..600dbd155 100644 --- a/src/libstrongswan/crypto/prfs/mac_prf.c +++ b/src/libstrongswan/crypto/prfs/mac_prf.c @@ -38,23 +38,18 @@ struct private_prf_t { METHOD(prf_t, get_bytes, bool, private_prf_t *this, chunk_t seed, u_int8_t *buffer) { - this->mac->get_mac(this->mac, seed, buffer); - return TRUE; + return this->mac->get_mac(this->mac, seed, buffer); } METHOD(prf_t, allocate_bytes, bool, private_prf_t *this, chunk_t seed, chunk_t *chunk) { - if (!chunk) - { - this->mac->get_mac(this->mac, seed, NULL); - } - else + if (chunk) { *chunk = chunk_alloc(this->mac->get_mac_size(this->mac)); - this->mac->get_mac(this->mac, seed, chunk->ptr); + return this->mac->get_mac(this->mac, seed, chunk->ptr); } - return TRUE; + return this->mac->get_mac(this->mac, seed, NULL); } METHOD(prf_t, get_block_size, size_t, diff --git a/src/libstrongswan/crypto/signers/mac_signer.c b/src/libstrongswan/crypto/signers/mac_signer.c index 36415e9d5..8798bde55 100644 --- a/src/libstrongswan/crypto/signers/mac_signer.c +++ b/src/libstrongswan/crypto/signers/mac_signer.c @@ -43,37 +43,36 @@ struct private_signer_t { METHOD(signer_t, get_signature, bool, private_signer_t *this, chunk_t data, u_int8_t *buffer) { - if (buffer == NULL) - { - this->mac->get_mac(this->mac, data, NULL); - } - else + if (buffer) { u_int8_t mac[this->mac->get_mac_size(this->mac)]; - this->mac->get_mac(this->mac, data, mac); + if (!this->mac->get_mac(this->mac, data, mac)) + { + return FALSE; + } memcpy(buffer, mac, this->truncation); + return TRUE; } - return TRUE; + return this->mac->get_mac(this->mac, data, NULL); } METHOD(signer_t, allocate_signature, bool, private_signer_t *this, chunk_t data, chunk_t *chunk) { - if (chunk == NULL) - { - this->mac->get_mac(this->mac, data, NULL); - } - else + if (chunk) { u_int8_t mac[this->mac->get_mac_size(this->mac)]; - this->mac->get_mac(this->mac, data, mac); - + if (!this->mac->get_mac(this->mac, data, mac)) + { + return FALSE; + } *chunk = chunk_alloc(this->truncation); memcpy(chunk->ptr, mac, this->truncation); + return TRUE; } - return TRUE; + return this->mac->get_mac(this->mac, data, NULL); } METHOD(signer_t, verify_signature, bool, @@ -85,8 +84,8 @@ METHOD(signer_t, verify_signature, bool, { return FALSE; } - this->mac->get_mac(this->mac, data, mac); - return memeq(signature.ptr, mac, this->truncation); + return this->mac->get_mac(this->mac, data, mac) && + memeq(signature.ptr, mac, this->truncation); } METHOD(signer_t, get_key_size, size_t, diff --git a/src/libstrongswan/plugins/cmac/cmac.c b/src/libstrongswan/plugins/cmac/cmac.c index 8d689f49f..b36d41387 100644 --- a/src/libstrongswan/plugins/cmac/cmac.c +++ b/src/libstrongswan/plugins/cmac/cmac.c @@ -165,7 +165,7 @@ static void final(private_mac_t *this, u_int8_t *out) this->remaining_bytes = 0; } -METHOD(mac_t, get_mac, void, +METHOD(mac_t, get_mac, bool, private_mac_t *this, chunk_t data, u_int8_t *out) { /* update T, do not process last block */ @@ -175,6 +175,7 @@ METHOD(mac_t, get_mac, void, { /* if not in append mode, process last block and output result */ final(this, out); } + return TRUE; } METHOD(mac_t, get_mac_size, size_t, diff --git a/src/libstrongswan/plugins/hmac/hmac.c b/src/libstrongswan/plugins/hmac/hmac.c index ecfb01913..85ad31776 100644 --- a/src/libstrongswan/plugins/hmac/hmac.c +++ b/src/libstrongswan/plugins/hmac/hmac.c @@ -56,7 +56,7 @@ struct private_mac_t { chunk_t ipaded_key; }; -METHOD(mac_t, get_mac, void, +METHOD(mac_t, get_mac, bool, private_mac_t *this, chunk_t data, u_int8_t *out) { /* H(K XOR opad, H(K XOR ipad, text)) @@ -90,6 +90,7 @@ METHOD(mac_t, get_mac, void, /* reinit for next call */ this->h->get_hash(this->h, this->ipaded_key, NULL); } + return TRUE; } METHOD(mac_t, get_mac_size, size_t, diff --git a/src/libstrongswan/plugins/openssl/openssl_hmac.c b/src/libstrongswan/plugins/openssl/openssl_hmac.c index caf0d3aa2..21b1cd88b 100644 --- a/src/libstrongswan/plugins/openssl/openssl_hmac.c +++ b/src/libstrongswan/plugins/openssl/openssl_hmac.c @@ -75,24 +75,22 @@ struct private_mac_t { /** * Resets HMAC context */ -static void reset(private_mac_t *this) +static bool reset(private_mac_t *this) { - HMAC_Init_ex(&this->hmac, this->key.ptr, this->key.len, this->hasher, NULL); + return HMAC_Init_ex(&this->hmac, this->key.ptr, this->key.len, + this->hasher, NULL); } -METHOD(mac_t, get_mac, void, +METHOD(mac_t, get_mac, bool, private_mac_t *this, chunk_t data, u_int8_t *out) { if (out == NULL) { - HMAC_Update(&this->hmac, data.ptr, data.len); - } - else - { - HMAC_Update(&this->hmac, data.ptr, data.len); - HMAC_Final(&this->hmac, out, NULL); - reset(this); + return HMAC_Update(&this->hmac, data.ptr, data.len); } + return HMAC_Update(&this->hmac, data.ptr, data.len) && + HMAC_Final(&this->hmac, out, NULL) && + reset(this); } METHOD(mac_t, get_mac_size, size_t, diff --git a/src/libstrongswan/plugins/xcbc/xcbc.c b/src/libstrongswan/plugins/xcbc/xcbc.c index 59655cb1f..776f15109 100644 --- a/src/libstrongswan/plugins/xcbc/xcbc.c +++ b/src/libstrongswan/plugins/xcbc/xcbc.c @@ -179,7 +179,7 @@ static void final(private_mac_t *this, u_int8_t *out) this->zero = TRUE; } -METHOD(mac_t, get_mac, void, +METHOD(mac_t, get_mac, bool, private_mac_t *this, chunk_t data, u_int8_t *out) { /* update E, do not process last block */ @@ -189,6 +189,7 @@ METHOD(mac_t, get_mac, void, { /* if not in append mode, process last block and output result */ final(this, out); } + return TRUE; } METHOD(mac_t, get_mac_size, size_t, @@ -350,4 +351,4 @@ signer_t *xcbc_signer_create(integrity_algorithm_t algo) return mac_signer_create(xcbc, trunc); } return NULL; -}
\ No newline at end of file +} |