aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa
diff options
context:
space:
mode:
Diffstat (limited to 'src/libcharon/sa')
-rw-r--r--src/libcharon/sa/ikev1/keymat_v1.c9
-rw-r--r--src/libcharon/sa/ikev2/keymat_v2.c18
2 files changed, 22 insertions, 5 deletions
diff --git a/src/libcharon/sa/ikev1/keymat_v1.c b/src/libcharon/sa/ikev1/keymat_v1.c
index 554bd56f7..9540075d6 100644
--- a/src/libcharon/sa/ikev1/keymat_v1.c
+++ b/src/libcharon/sa/ikev1/keymat_v1.c
@@ -205,8 +205,7 @@ METHOD(aead_t, get_key_size, size_t,
METHOD(aead_t, set_key, bool,
private_aead_t *this, chunk_t key)
{
- this->crypter->set_key(this->crypter, key);
- return TRUE;
+ return this->crypter->set_key(this->crypter, key);
}
METHOD(aead_t, aead_destroy, void,
@@ -291,7 +290,11 @@ static aead_t *create_aead(proposal_t *proposal, prf_t *prf, chunk_t skeyid_e)
return NULL;
}
DBG4(DBG_IKE, "encryption key Ka %B", &ka);
- crypter->set_key(crypter, ka);
+ if (!crypter->set_key(crypter, ka))
+ {
+ chunk_clear(&ka);
+ return NULL;
+ }
chunk_clear(&ka);
INIT(this,
diff --git a/src/libcharon/sa/ikev2/keymat_v2.c b/src/libcharon/sa/ikev2/keymat_v2.c
index f25d0bd0e..91f001bdb 100644
--- a/src/libcharon/sa/ikev2/keymat_v2.c
+++ b/src/libcharon/sa/ikev2/keymat_v2.c
@@ -225,7 +225,14 @@ static bool derive_ike_traditional(private_keymat_v2_t *this, u_int16_t enc_alg,
return FALSE;
}
DBG4(DBG_IKE, "Sk_ei secret %B", &key);
- crypter_i->set_key(crypter_i, key);
+ if (!crypter_i->set_key(crypter_i, key))
+ {
+ crypter_i->destroy(crypter_i);
+ crypter_r->destroy(crypter_r);
+ signer_i->destroy(signer_i);
+ signer_r->destroy(signer_r);
+ return FALSE;
+ }
chunk_clear(&key);
if (!prf_plus->allocate_bytes(prf_plus, key_size, &key))
@@ -237,7 +244,14 @@ static bool derive_ike_traditional(private_keymat_v2_t *this, u_int16_t enc_alg,
return FALSE;
}
DBG4(DBG_IKE, "Sk_er secret %B", &key);
- crypter_r->set_key(crypter_r, key);
+ if (!crypter_r->set_key(crypter_r, key))
+ {
+ crypter_i->destroy(crypter_i);
+ crypter_r->destroy(crypter_r);
+ signer_i->destroy(signer_i);
+ signer_r->destroy(signer_r);
+ return FALSE;
+ }
chunk_clear(&key);
if (this->initiator)
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-23 08:02:03 +0000