diff options
Diffstat (limited to 'src/libcharon/sa/ikev1/keymat_v1.c')
-rw-r--r-- | src/libcharon/sa/ikev1/keymat_v1.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/src/libcharon/sa/ikev1/keymat_v1.c b/src/libcharon/sa/ikev1/keymat_v1.c index 11f7c938b..3cc944c1d 100644 --- a/src/libcharon/sa/ikev1/keymat_v1.c +++ b/src/libcharon/sa/ikev1/keymat_v1.c @@ -614,16 +614,26 @@ METHOD(keymat_v1_t, derive_child_keys, bool, DBG4(DBG_CHD, "initiator SA seed %B", &seed); prf_plus = prf_plus_create(this->prf, FALSE, seed); - prf_plus->allocate_bytes(prf_plus, enc_size, encr_i); - prf_plus->allocate_bytes(prf_plus, int_size, integ_i); + if (!prf_plus->allocate_bytes(prf_plus, enc_size, encr_i) || + !prf_plus->allocate_bytes(prf_plus, int_size, integ_i)) + { + prf_plus->destroy(prf_plus); + chunk_clear(&secret); + return FALSE; + } prf_plus->destroy(prf_plus); seed = chunk_cata("ccccc", secret, chunk_from_thing(protocol), chunk_from_thing(spi_i), nonce_i, nonce_r); DBG4(DBG_CHD, "responder SA seed %B", &seed); prf_plus = prf_plus_create(this->prf, FALSE, seed); - prf_plus->allocate_bytes(prf_plus, enc_size, encr_r); - prf_plus->allocate_bytes(prf_plus, int_size, integ_r); + if (!prf_plus->allocate_bytes(prf_plus, enc_size, encr_r) || + !prf_plus->allocate_bytes(prf_plus, int_size, integ_r)) + { + prf_plus->destroy(prf_plus); + chunk_clear(&secret); + return FALSE; + } prf_plus->destroy(prf_plus); chunk_clear(&secret); |