aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/libcharon/sa/ikev1/keymat_v1.c3
-rw-r--r--src/libcharon/sa/ikev2/keymat_v2.c12
-rw-r--r--src/libstrongswan/crypto/aead.c4
-rw-r--r--src/libstrongswan/crypto/aead.h4
-rw-r--r--src/libstrongswan/crypto/crypto_tester.c10
-rw-r--r--src/libstrongswan/plugins/ccm/ccm_aead.c3
-rw-r--r--src/libstrongswan/plugins/gcm/gcm_aead.c3
7 files changed, 30 insertions, 9 deletions
diff --git a/src/libcharon/sa/ikev1/keymat_v1.c b/src/libcharon/sa/ikev1/keymat_v1.c
index 9b566b198..11f7c938b 100644
--- a/src/libcharon/sa/ikev1/keymat_v1.c
+++ b/src/libcharon/sa/ikev1/keymat_v1.c
@@ -204,10 +204,11 @@ METHOD(aead_t, get_key_size, size_t,
return this->crypter->get_key_size(this->crypter);
}
-METHOD(aead_t, set_key, void,
+METHOD(aead_t, set_key, bool,
private_aead_t *this, chunk_t key)
{
this->crypter->set_key(this->crypter, key);
+ return TRUE;
}
METHOD(aead_t, aead_destroy, void,
diff --git a/src/libcharon/sa/ikev2/keymat_v2.c b/src/libcharon/sa/ikev2/keymat_v2.c
index 1f25257ce..2275aad6f 100644
--- a/src/libcharon/sa/ikev2/keymat_v2.c
+++ b/src/libcharon/sa/ikev2/keymat_v2.c
@@ -112,12 +112,20 @@ static bool derive_ike_aead(private_keymat_v2_t *this, u_int16_t alg,
prf_plus->allocate_bytes(prf_plus, key_size, &key);
DBG4(DBG_IKE, "Sk_ei secret %B", &key);
- aead_i->set_key(aead_i, key);
+ if (!aead_i->set_key(aead_i, key))
+ {
+ chunk_clear(&key);
+ return FALSE;
+ }
chunk_clear(&key);
prf_plus->allocate_bytes(prf_plus, key_size, &key);
DBG4(DBG_IKE, "Sk_er secret %B", &key);
- aead_r->set_key(aead_r, key);
+ if (!aead_r->set_key(aead_r, key))
+ {
+ chunk_clear(&key);
+ return FALSE;
+ }
chunk_clear(&key);
if (this->initiator)
diff --git a/src/libstrongswan/crypto/aead.c b/src/libstrongswan/crypto/aead.c
index 417c0b5aa..10bcfeaf7 100644
--- a/src/libstrongswan/crypto/aead.c
+++ b/src/libstrongswan/crypto/aead.c
@@ -117,7 +117,7 @@ METHOD(aead_t, get_key_size, size_t,
this->signer->get_key_size(this->signer);
}
-METHOD(aead_t, set_key, void,
+METHOD(aead_t, set_key, bool,
private_aead_t *this, chunk_t key)
{
chunk_t sig, enc;
@@ -127,6 +127,8 @@ METHOD(aead_t, set_key, void,
this->signer->set_key(this->signer, sig);
this->crypter->set_key(this->crypter, enc);
+
+ return TRUE;
}
METHOD(aead_t, destroy, void,
diff --git a/src/libstrongswan/crypto/aead.h b/src/libstrongswan/crypto/aead.h
index 85361104e..522996e80 100644
--- a/src/libstrongswan/crypto/aead.h
+++ b/src/libstrongswan/crypto/aead.h
@@ -100,8 +100,10 @@ struct aead_t {
* Set the key for encryption and authentication.
*
* @param key encryption and authentication key
+ * @return TRUE if key set successfully
*/
- void (*set_key)(aead_t *this, chunk_t key);
+ __attribute__((warn_unused_result))
+ bool (*set_key)(aead_t *this, chunk_t key);
/**
* Destroy a aead_t.
diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c
index 7ee1a7ab3..2b195b380 100644
--- a/src/libstrongswan/crypto/crypto_tester.c
+++ b/src/libstrongswan/crypto/crypto_tester.c
@@ -306,7 +306,10 @@ static u_int bench_aead(private_crypto_tester_t *this,
memset(iv, 0x56, sizeof(iv));
memset(key, 0x12, sizeof(key));
memset(assoc, 0x78, sizeof(assoc));
- aead->set_key(aead, chunk_from_thing(key));
+ if (!aead->set_key(aead, chunk_from_thing(key)))
+ {
+ return 0;
+ }
icv = aead->get_icv_size(aead);
buf = chunk_alloc(this->bench_size + icv);
@@ -374,7 +377,10 @@ METHOD(crypto_tester_t, test_aead, bool,
tested++;
key = chunk_create(vector->key, aead->get_key_size(aead));
- aead->set_key(aead, key);
+ if (!aead->set_key(aead, key))
+ {
+ failed = TRUE;
+ }
iv = chunk_create(vector->iv, aead->get_iv_size(aead));
assoc = chunk_create(vector->adata, vector->alen);
icv = aead->get_icv_size(aead);
diff --git a/src/libstrongswan/plugins/ccm/ccm_aead.c b/src/libstrongswan/plugins/ccm/ccm_aead.c
index f03440fd4..8f2e1328d 100644
--- a/src/libstrongswan/plugins/ccm/ccm_aead.c
+++ b/src/libstrongswan/plugins/ccm/ccm_aead.c
@@ -306,12 +306,13 @@ METHOD(aead_t, get_key_size, size_t,
return this->crypter->get_key_size(this->crypter) + SALT_SIZE;
}
-METHOD(aead_t, set_key, void,
+METHOD(aead_t, set_key, bool,
private_ccm_aead_t *this, chunk_t key)
{
memcpy(this->salt, key.ptr + key.len - SALT_SIZE, SALT_SIZE);
key.len -= SALT_SIZE;
this->crypter->set_key(this->crypter, key);
+ return TRUE;
}
METHOD(aead_t, destroy, void,
diff --git a/src/libstrongswan/plugins/gcm/gcm_aead.c b/src/libstrongswan/plugins/gcm/gcm_aead.c
index 8552f5cbc..7436e1322 100644
--- a/src/libstrongswan/plugins/gcm/gcm_aead.c
+++ b/src/libstrongswan/plugins/gcm/gcm_aead.c
@@ -345,13 +345,14 @@ METHOD(aead_t, get_key_size, size_t,
return this->crypter->get_key_size(this->crypter) + SALT_SIZE;
}
-METHOD(aead_t, set_key, void,
+METHOD(aead_t, set_key, bool,
private_gcm_aead_t *this, chunk_t key)
{
memcpy(this->salt, key.ptr + key.len - SALT_SIZE, SALT_SIZE);
key.len -= SALT_SIZE;
this->crypter->set_key(this->crypter, key);
create_h(this, this->h);
+ return TRUE;
}
METHOD(aead_t, destroy, void,
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-15 15:21:42 +0000