diff options
Diffstat (limited to 'src/libcharon')
| -rw-r--r-- | src/libcharon/sa/ikev1/keymat_v1.c | 56 | ||||
| -rw-r--r-- | src/libcharon/sa/ikev2/keymat_v2.c | 37 |
2 files changed, 71 insertions, 22 deletions
diff --git a/src/libcharon/sa/ikev1/keymat_v1.c b/src/libcharon/sa/ikev1/keymat_v1.c index d5e9ee0f1..f4b4a356b 100644 --- a/src/libcharon/sa/ikev1/keymat_v1.c +++ b/src/libcharon/sa/ikev1/keymat_v1.c @@ -435,7 +435,11 @@ METHOD(keymat_v1_t, derive_ike_keys, bool, psk = shared_key->get_key(shared_key); adjust_keylen(alg, &psk); this->prf->set_key(this->prf, psk); - this->prf->allocate_bytes(this->prf, nonces, &skeyid); + if (!this->prf->allocate_bytes(this->prf, nonces, &skeyid)) + { + chunk_clear(&g_xy); + return FALSE; + } break; } case AUTH_RSA: @@ -448,7 +452,11 @@ METHOD(keymat_v1_t, derive_ike_keys, bool, case AUTH_HYBRID_RESP_RSA: { this->prf->set_key(this->prf, nonces); - this->prf->allocate_bytes(this->prf, g_xy, &skeyid); + if (!this->prf->allocate_bytes(this->prf, g_xy, &skeyid)) + { + chunk_clear(&g_xy); + return FALSE; + } break; } default: @@ -463,19 +471,31 @@ METHOD(keymat_v1_t, derive_ike_keys, bool, /* SKEYID_d = prf(SKEYID, g^xy | CKY-I | CKY-R | 0) */ data = chunk_cat("cccc", g_xy, spi_i, spi_r, octet_0); - this->prf->allocate_bytes(this->prf, data, &this->skeyid_d); + if (!this->prf->allocate_bytes(this->prf, data, &this->skeyid_d)) + { + chunk_clear(&g_xy); + chunk_clear(&data); + } chunk_clear(&data); DBG4(DBG_IKE, "SKEYID_d %B", &this->skeyid_d); /* SKEYID_a = prf(SKEYID, SKEYID_d | g^xy | CKY-I | CKY-R | 1) */ data = chunk_cat("ccccc", this->skeyid_d, g_xy, spi_i, spi_r, octet_1); - this->prf->allocate_bytes(this->prf, data, &this->skeyid_a); + if (!this->prf->allocate_bytes(this->prf, data, &this->skeyid_a)) + { + chunk_clear(&g_xy); + chunk_clear(&data); + } chunk_clear(&data); DBG4(DBG_IKE, "SKEYID_a %B", &this->skeyid_a); /* SKEYID_e = prf(SKEYID, SKEYID_a | g^xy | CKY-I | CKY-R | 2) */ data = chunk_cat("ccccc", this->skeyid_a, g_xy, spi_i, spi_r, octet_2); - this->prf->allocate_bytes(this->prf, data, &skeyid_e); + if (!this->prf->allocate_bytes(this->prf, data, &skeyid_e)) + { + chunk_clear(&g_xy); + chunk_clear(&data); + } chunk_clear(&data); DBG4(DBG_IKE, "SKEYID_e %B", &skeyid_e); @@ -724,7 +744,11 @@ METHOD(keymat_v1_t, get_hash, bool, DBG3(DBG_IKE, "HASH_%c data %B", initiator ? 'I' : 'R', &data); - this->prf_auth->allocate_bytes(this->prf_auth, data, hash); + if (!this->prf_auth->allocate_bytes(this->prf_auth, data, hash)) + { + free(data.ptr); + return FALSE; + } DBG3(DBG_IKE, "HASH_%c %B", initiator ? 'I' : 'R', hash); @@ -897,15 +921,25 @@ METHOD(keymat_v1_t, get_hash_phase2, bool, this->prf->set_key(this->prf, this->skeyid_a); if (add_message) { - generator_t *generator = generator_create_no_dbg(); - chunk_t msg = get_message_data(message, generator); - this->prf->allocate_bytes(this->prf, data, NULL); - this->prf->allocate_bytes(this->prf, msg, hash); + generator_t *generator; + chunk_t msg; + + generator = generator_create_no_dbg(); + msg = get_message_data(message, generator); + if (!this->prf->allocate_bytes(this->prf, data, NULL) || + !this->prf->allocate_bytes(this->prf, msg, hash)) + { + generator->destroy(generator); + return FALSE; + } generator->destroy(generator); } else { - this->prf->allocate_bytes(this->prf, data, hash); + if (!this->prf->allocate_bytes(this->prf, data, hash)) + { + return FALSE; + } } DBG3(DBG_IKE, "%s %B", name, hash); return TRUE; diff --git a/src/libcharon/sa/ikev2/keymat_v2.c b/src/libcharon/sa/ikev2/keymat_v2.c index 4db02be7f..1704f55e2 100644 --- a/src/libcharon/sa/ikev2/keymat_v2.c +++ b/src/libcharon/sa/ikev2/keymat_v2.c @@ -260,7 +260,7 @@ METHOD(keymat_v2_t, derive_ike_keys, bool, { chunk_t skeyseed, key, secret, full_nonce, fixed_nonce, prf_plus_seed; chunk_t spi_i, spi_r; - prf_plus_t *prf_plus; + prf_plus_t *prf_plus = NULL; u_int16_t alg, key_size, int_alg; prf_t *rekey_prf = NULL; @@ -323,9 +323,11 @@ METHOD(keymat_v2_t, derive_ike_keys, bool, { /* SKEYSEED = prf(Ni | Nr, g^ir) */ this->prf->set_key(this->prf, fixed_nonce); - this->prf->allocate_bytes(this->prf, secret, &skeyseed); - this->prf->set_key(this->prf, skeyseed); - prf_plus = prf_plus_create(this->prf, TRUE, prf_plus_seed); + if (this->prf->allocate_bytes(this->prf, secret, &skeyseed)) + { + this->prf->set_key(this->prf, skeyseed); + prf_plus = prf_plus_create(this->prf, TRUE, prf_plus_seed); + } } else { @@ -343,9 +345,11 @@ METHOD(keymat_v2_t, derive_ike_keys, bool, } secret = chunk_cat("mc", secret, full_nonce); rekey_prf->set_key(rekey_prf, rekey_skd); - rekey_prf->allocate_bytes(rekey_prf, secret, &skeyseed); - rekey_prf->set_key(rekey_prf, skeyseed); - prf_plus = prf_plus_create(rekey_prf, TRUE, prf_plus_seed); + if (rekey_prf->allocate_bytes(rekey_prf, secret, &skeyseed)) + { + rekey_prf->set_key(rekey_prf, skeyseed); + prf_plus = prf_plus_create(rekey_prf, TRUE, prf_plus_seed); + } } DBG4(DBG_IKE, "SKEYSEED %B", &skeyseed); @@ -593,8 +597,10 @@ METHOD(keymat_v2_t, get_auth_octets, bool, DBG3(DBG_IKE, "IDx' %B", &idx); DBG3(DBG_IKE, "SK_p %B", &skp); this->prf->set_key(this->prf, skp); - this->prf->allocate_bytes(this->prf, idx, &chunk); - + if (!this->prf->allocate_bytes(this->prf, idx, &chunk)) + { + return FALSE; + } *octets = chunk_cat("ccm", ike_sa_init, nonce, chunk); DBG3(DBG_IKE, "octets = message + nonce + prf(Sk_px, IDx') %B", octets); return TRUE; @@ -623,9 +629,18 @@ METHOD(keymat_v2_t, get_psk_sig, bool, /* AUTH = prf(prf(Shared Secret,"Key Pad for IKEv2"), <msg octets>) */ key_pad = chunk_create(IKEV2_KEY_PAD, IKEV2_KEY_PAD_LENGTH); this->prf->set_key(this->prf, secret); - this->prf->allocate_bytes(this->prf, key_pad, &key); + if (!this->prf->allocate_bytes(this->prf, key_pad, &key)) + { + chunk_free(&octets); + return FALSE; + } this->prf->set_key(this->prf, key); - this->prf->allocate_bytes(this->prf, octets, sig); + if (!this->prf->allocate_bytes(this->prf, octets, sig)) + { + chunk_free(&key); + chunk_free(&octets); + return FALSE; + } DBG4(DBG_IKE, "secret %B", &secret); DBG4(DBG_IKE, "prf(secret, keypad) %B", &key); DBG3(DBG_IKE, "AUTH = prf(prf(secret, keypad), octets) %B", sig); |