aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/libcharon/sa/ikev1/keymat_v1.c35
-rw-r--r--src/libcharon/sa/ikev2/keymat_v2.c29
-rw-r--r--src/libsimaka/simaka_crypto.c15
-rw-r--r--src/libstrongswan/crypto/crypto_tester.c15
-rw-r--r--src/libstrongswan/crypto/prfs/mac_prf.c3
-rw-r--r--src/libstrongswan/crypto/prfs/prf.h4
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_prf.c3
-rw-r--r--src/libstrongswan/plugins/fips_prf/fips_prf.c7
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_sha1_prf.c7
-rw-r--r--src/libstrongswan/plugins/pkcs8/pkcs8_builder.c5
-rw-r--r--src/libstrongswan/plugins/sha1/sha1_prf.c3
-rw-r--r--src/libtls/tls_prf.c9
12 files changed, 92 insertions, 43 deletions
diff --git a/src/libcharon/sa/ikev1/keymat_v1.c b/src/libcharon/sa/ikev1/keymat_v1.c
index f4b4a356b..362a1e6cb 100644
--- a/src/libcharon/sa/ikev1/keymat_v1.c
+++ b/src/libcharon/sa/ikev1/keymat_v1.c
@@ -240,7 +240,12 @@ static bool expand_skeyid_e(chunk_t skeyid_e, size_t key_size, prf_t *prf,
ka->len = key_size;
/* Ka = K1 | K2 | ..., K1 = prf(SKEYID_e, 0), K2 = prf(SKEYID_e, K1) ... */
- prf->set_key(prf, skeyid_e);
+ if (!prf->set_key(prf, skeyid_e))
+ {
+ chunk_clear(ka);
+ chunk_clear(&skeyid_e);
+ return FALSE;
+ }
seed = octet_0;
for (i = 0; i < key_size; i += block_size)
{
@@ -434,8 +439,8 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
}
psk = shared_key->get_key(shared_key);
adjust_keylen(alg, &psk);
- this->prf->set_key(this->prf, psk);
- if (!this->prf->allocate_bytes(this->prf, nonces, &skeyid))
+ if (!this->prf->set_key(this->prf, psk) ||
+ !this->prf->allocate_bytes(this->prf, nonces, &skeyid))
{
chunk_clear(&g_xy);
return FALSE;
@@ -451,8 +456,8 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
case AUTH_HYBRID_INIT_RSA:
case AUTH_HYBRID_RESP_RSA:
{
- this->prf->set_key(this->prf, nonces);
- if (!this->prf->allocate_bytes(this->prf, g_xy, &skeyid))
+ if (!this->prf->set_key(this->prf, nonces) ||
+ !this->prf->allocate_bytes(this->prf, g_xy, &skeyid))
{
chunk_clear(&g_xy);
return FALSE;
@@ -467,11 +472,11 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
}
adjust_keylen(alg, &skeyid);
DBG4(DBG_IKE, "SKEYID %B", &skeyid);
- this->prf->set_key(this->prf, skeyid);
/* SKEYID_d = prf(SKEYID, g^xy | CKY-I | CKY-R | 0) */
data = chunk_cat("cccc", g_xy, spi_i, spi_r, octet_0);
- if (!this->prf->allocate_bytes(this->prf, data, &this->skeyid_d))
+ if (!this->prf->set_key(this->prf, skeyid) ||
+ !this->prf->allocate_bytes(this->prf, data, &this->skeyid_d))
{
chunk_clear(&g_xy);
chunk_clear(&data);
@@ -525,7 +530,11 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
chunk_clear(&skeyid);
return FALSE;
}
- this->prf_auth->set_key(this->prf_auth, skeyid);
+ if (!this->prf_auth->set_key(this->prf_auth, skeyid))
+ {
+ chunk_clear(&skeyid);
+ return FALSE;
+ }
chunk_clear(&skeyid);
this->aead = create_aead(proposal, this->prf, skeyid_e);
@@ -628,7 +637,10 @@ METHOD(keymat_v1_t, derive_child_keys, bool,
}
/* KEYMAT = prf+(SKEYID_d, [ g(qm)^xy | ] protocol | SPI | Ni_b | Nr_b) */
- this->prf->set_key(this->prf, this->skeyid_d);
+ if (!this->prf->set_key(this->prf, this->skeyid_d))
+ {
+ return FALSE;
+ }
protocol = proposal->get_protocol(proposal);
if (dh)
{
@@ -918,7 +930,10 @@ METHOD(keymat_v1_t, get_hash_phase2, bool,
default:
return FALSE;
}
- this->prf->set_key(this->prf, this->skeyid_a);
+ if (!this->prf->set_key(this->prf, this->skeyid_a))
+ {
+ return FALSE;
+ }
if (add_message)
{
generator_t *generator;
diff --git a/src/libcharon/sa/ikev2/keymat_v2.c b/src/libcharon/sa/ikev2/keymat_v2.c
index 1704f55e2..f25d0bd0e 100644
--- a/src/libcharon/sa/ikev2/keymat_v2.c
+++ b/src/libcharon/sa/ikev2/keymat_v2.c
@@ -322,10 +322,10 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
if (rekey_function == PRF_UNDEFINED) /* not rekeying */
{
/* SKEYSEED = prf(Ni | Nr, g^ir) */
- this->prf->set_key(this->prf, fixed_nonce);
- if (this->prf->allocate_bytes(this->prf, secret, &skeyseed))
+ if (this->prf->set_key(this->prf, fixed_nonce) &&
+ this->prf->allocate_bytes(this->prf, secret, &skeyseed) &&
+ this->prf->set_key(this->prf, skeyseed))
{
- this->prf->set_key(this->prf, skeyseed);
prf_plus = prf_plus_create(this->prf, TRUE, prf_plus_seed);
}
}
@@ -344,10 +344,10 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
return FALSE;
}
secret = chunk_cat("mc", secret, full_nonce);
- rekey_prf->set_key(rekey_prf, rekey_skd);
- if (rekey_prf->allocate_bytes(rekey_prf, secret, &skeyseed))
+ if (rekey_prf->set_key(rekey_prf, rekey_skd) &&
+ rekey_prf->allocate_bytes(rekey_prf, secret, &skeyseed) &&
+ rekey_prf->set_key(rekey_prf, skeyseed))
{
- rekey_prf->set_key(rekey_prf, skeyseed);
prf_plus = prf_plus_create(rekey_prf, TRUE, prf_plus_seed);
}
}
@@ -536,7 +536,10 @@ METHOD(keymat_v2_t, derive_child_keys, bool,
int_size /= 8;
}
- this->prf->set_key(this->prf, this->skd);
+ if (!this->prf->set_key(this->prf, this->skd))
+ {
+ return FALSE;
+ }
prf_plus = prf_plus_create(this->prf, TRUE, seed);
if (!prf_plus)
{
@@ -596,8 +599,8 @@ METHOD(keymat_v2_t, get_auth_octets, bool,
DBG3(DBG_IKE, "IDx' %B", &idx);
DBG3(DBG_IKE, "SK_p %B", &skp);
- this->prf->set_key(this->prf, skp);
- if (!this->prf->allocate_bytes(this->prf, idx, &chunk))
+ if (!this->prf->set_key(this->prf, skp) ||
+ !this->prf->allocate_bytes(this->prf, idx, &chunk))
{
return FALSE;
}
@@ -628,14 +631,14 @@ METHOD(keymat_v2_t, get_psk_sig, bool,
}
/* AUTH = prf(prf(Shared Secret,"Key Pad for IKEv2"), <msg octets>) */
key_pad = chunk_create(IKEV2_KEY_PAD, IKEV2_KEY_PAD_LENGTH);
- this->prf->set_key(this->prf, secret);
- if (!this->prf->allocate_bytes(this->prf, key_pad, &key))
+ if (!this->prf->set_key(this->prf, secret) ||
+ !this->prf->allocate_bytes(this->prf, key_pad, &key))
{
chunk_free(&octets);
return FALSE;
}
- this->prf->set_key(this->prf, key);
- if (!this->prf->allocate_bytes(this->prf, octets, sig))
+ if (!this->prf->set_key(this->prf, key) ||
+ !this->prf->allocate_bytes(this->prf, octets, sig))
{
chunk_free(&key);
chunk_free(&octets);
diff --git a/src/libsimaka/simaka_crypto.c b/src/libsimaka/simaka_crypto.c
index 532655e3b..cdb314068 100644
--- a/src/libsimaka/simaka_crypto.c
+++ b/src/libsimaka/simaka_crypto.c
@@ -129,7 +129,10 @@ METHOD(simaka_crypto_t, derive_keys_full, bool,
DBG3(DBG_LIB, "MK %B", mk);
/* K_encr | K_auth | MSK | EMSK = prf() | prf() | prf() | prf() */
- this->prf->set_key(this->prf, *mk);
+ if (this->prf->set_key(this->prf, *mk))
+ {
+ return FALSE;
+ }
str = chunk_alloca(this->prf->get_block_size(this->prf) * 3);
for (i = 0; i < 3; i++)
{
@@ -167,7 +170,10 @@ METHOD(simaka_crypto_t, derive_keys_reauth, bool,
int i;
/* K_encr | K_auth = prf() | prf() */
- this->prf->set_key(this->prf, mk);
+ if (!this->prf->set_key(this->prf, mk))
+ {
+ return FALSE;
+ }
str = chunk_alloca(this->prf->get_block_size(this->prf) * 2);
for (i = 0; i < 2; i++)
{
@@ -207,7 +213,10 @@ METHOD(simaka_crypto_t, derive_keys_reauth_msk, bool,
this->hasher->get_hash(this->hasher, mk, xkey);
/* MSK | EMSK = prf() | prf() | prf() | prf() */
- this->prf->set_key(this->prf, chunk_create(xkey, sizeof(xkey)));
+ if (!this->prf->set_key(this->prf, chunk_create(xkey, sizeof(xkey))))
+ {
+ return FALSE;
+ }
str = chunk_alloca(this->prf->get_block_size(this->prf) * 2);
for (i = 0; i < 2; i++)
{
diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c
index 8398bc80b..d4387d806 100644
--- a/src/libstrongswan/crypto/crypto_tester.c
+++ b/src/libstrongswan/crypto/crypto_tester.c
@@ -843,7 +843,10 @@ METHOD(crypto_tester_t, test_prf, bool,
failed = FALSE;
key = chunk_create(vector->key, vector->key_size);
- prf->set_key(prf, key);
+ if (!prf->set_key(prf, key))
+ {
+ failed = TRUE;
+ }
/* allocated bytes */
seed = chunk_create(vector->seed, vector->len);
@@ -863,7 +866,10 @@ METHOD(crypto_tester_t, test_prf, bool,
memset(out.ptr, 0, out.len);
if (vector->stateful)
{
- prf->set_key(prf, key);
+ if (!prf->set_key(prf, key))
+ {
+ failed = TRUE;
+ }
}
if (!prf->get_bytes(prf, seed, out.ptr))
{
@@ -879,7 +885,10 @@ METHOD(crypto_tester_t, test_prf, bool,
memset(out.ptr, 0, out.len);
if (vector->stateful)
{
- prf->set_key(prf, key);
+ if (!prf->set_key(prf, key))
+ {
+ failed = TRUE;
+ }
}
if (!prf->allocate_bytes(prf, chunk_create(seed.ptr, 1), NULL) ||
!prf->get_bytes(prf, chunk_create(seed.ptr + 1, 1), NULL) ||
diff --git a/src/libstrongswan/crypto/prfs/mac_prf.c b/src/libstrongswan/crypto/prfs/mac_prf.c
index cd39586af..7d3a97677 100644
--- a/src/libstrongswan/crypto/prfs/mac_prf.c
+++ b/src/libstrongswan/crypto/prfs/mac_prf.c
@@ -70,10 +70,11 @@ METHOD(prf_t, get_key_size, size_t,
return this->mac->get_mac_size(this->mac);
}
-METHOD(prf_t, set_key, void,
+METHOD(prf_t, set_key, bool,
private_prf_t *this, chunk_t key)
{
this->mac->set_key(this->mac, key);
+ return TRUE;
}
METHOD(prf_t, destroy, void,
diff --git a/src/libstrongswan/crypto/prfs/prf.h b/src/libstrongswan/crypto/prfs/prf.h
index 05380b5f2..a360a968a 100644
--- a/src/libstrongswan/crypto/prfs/prf.h
+++ b/src/libstrongswan/crypto/prfs/prf.h
@@ -113,8 +113,10 @@ struct prf_t {
* Set the key for this prf_t object.
*
* @param key key to set
+ * @return TRUE if key set successfully
*/
- void (*set_key) (prf_t *this, chunk_t key);
+ __attribute__((warn_unused_result))
+ bool (*set_key) (prf_t *this, chunk_t key);
/**
* Destroys a prf object.
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_prf.c b/src/libstrongswan/plugins/af_alg/af_alg_prf.c
index 14df57307..f426e5d10 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_prf.c
+++ b/src/libstrongswan/plugins/af_alg/af_alg_prf.c
@@ -135,7 +135,7 @@ METHOD(prf_t, get_key_size, size_t,
return this->block_size;
}
-METHOD(prf_t, set_key, void,
+METHOD(prf_t, set_key, bool,
private_af_alg_prf_t *this, chunk_t key)
{
char buf[this->block_size];
@@ -159,6 +159,7 @@ METHOD(prf_t, set_key, void,
}
}
this->ops->set_key(this->ops, key);
+ return TRUE;
}
METHOD(prf_t, destroy, void,
diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf.c b/src/libstrongswan/plugins/fips_prf/fips_prf.c
index 8c4dc9e14..3fe204d35 100644
--- a/src/libstrongswan/plugins/fips_prf/fips_prf.c
+++ b/src/libstrongswan/plugins/fips_prf/fips_prf.c
@@ -160,11 +160,12 @@ METHOD(prf_t, get_key_size, size_t,
return this->b;
}
-METHOD(prf_t, set_key, void,
+METHOD(prf_t, set_key, bool,
private_fips_prf_t *this, chunk_t key)
{
/* save key as "key mod 2^b" */
chunk_mod(this->b, key, this->key);
+ return TRUE;
}
/**
@@ -189,8 +190,8 @@ static bool g_sha1(private_fips_prf_t *this, chunk_t c, u_int8_t res[])
}
/* use the keyed hasher, but use an empty key to use SHA1 IV */
- this->keyed_prf->set_key(this->keyed_prf, chunk_empty);
- if (!this->keyed_prf->get_bytes(this->keyed_prf, c, res))
+ if (!this->keyed_prf->set_key(this->keyed_prf, chunk_empty) ||
+ !this->keyed_prf->get_bytes(this->keyed_prf, c, res))
{
return FALSE;
}
diff --git a/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c b/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c
index 1c6dbd821..8501e2cd4 100644
--- a/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c
+++ b/src/libstrongswan/plugins/openssl/openssl_sha1_prf.c
@@ -77,11 +77,15 @@ METHOD(prf_t, get_key_size, size_t,
return HASH_SIZE_SHA1;
}
-METHOD(prf_t, set_key, void,
+METHOD(prf_t, set_key, bool,
private_openssl_sha1_prf_t *this, chunk_t key)
{
SHA1_Init(&this->ctx);
+ if (key.len % 4)
+ {
+ return FALSE;
+ }
if (key.len >= 4)
{
this->ctx.h0 ^= untoh32(key.ptr);
@@ -102,6 +106,7 @@ METHOD(prf_t, set_key, void,
{
this->ctx.h4 ^= untoh32(key.ptr + 16);
}
+ return TRUE;
}
METHOD(prf_t, destroy, void,
diff --git a/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c b/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c
index e9ea92369..3e0601ce2 100644
--- a/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c
+++ b/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c
@@ -225,7 +225,10 @@ static bool pbkdf2(prf_t *prf, chunk_t password, chunk_t salt,
size_t blocks;
u_int32_t i = 0, *ni;
- prf->set_key(prf, password);
+ if (!prf->set_key(prf, password))
+ {
+ return FALSE;
+ }
block.len = prf->get_block_size(prf);
blocks = (key.len - 1) / block.len + 1;
diff --git a/src/libstrongswan/plugins/sha1/sha1_prf.c b/src/libstrongswan/plugins/sha1/sha1_prf.c
index 1ce375087..5907a0fd2 100644
--- a/src/libstrongswan/plugins/sha1/sha1_prf.c
+++ b/src/libstrongswan/plugins/sha1/sha1_prf.c
@@ -94,7 +94,7 @@ METHOD(prf_t, get_key_size, size_t,
return sizeof(this->hasher->state);
}
-METHOD(prf_t, set_key, void,
+METHOD(prf_t, set_key, bool,
private_sha1_prf_t *this, chunk_t key)
{
int i, rounds;
@@ -106,6 +106,7 @@ METHOD(prf_t, set_key, void,
{
this->hasher->state[i] ^= htonl(iv[i]);
}
+ return TRUE;
}
METHOD(prf_t, destroy, void,
diff --git a/src/libtls/tls_prf.c b/src/libtls/tls_prf.c
index bc0a8c178..a70b121d6 100644
--- a/src/libtls/tls_prf.c
+++ b/src/libtls/tls_prf.c
@@ -36,8 +36,7 @@ struct private_tls_prf12_t {
METHOD(tls_prf_t, set_key12, bool,
private_tls_prf12_t *this, chunk_t key)
{
- this->prf->set_key(this->prf, key);
- return TRUE;
+ return this->prf->set_key(this->prf, key);
}
/**
@@ -145,9 +144,9 @@ METHOD(tls_prf_t, set_key10, bool,
{
size_t len = key.len / 2 + key.len % 2;
- this->md5->set_key(this->md5, chunk_create(key.ptr, len));
- this->sha1->set_key(this->sha1, chunk_create(key.ptr + key.len - len, len));
- return TRUE;
+ return this->md5->set_key(this->md5, chunk_create(key.ptr, len)) &&
+ this->sha1->set_key(this->sha1, chunk_create(key.ptr + key.len - len,
+ len));
}
METHOD(tls_prf_t, get_bytes10, bool,
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-15 13:58:12 +0000