chunk_t expanded, encrypted;
expanded = ExpandDESKey(keys[i]);
- crypter->set_key(crypter, expanded);
- if (!crypter->encrypt(crypter, challenge_hash, chunk_empty, &encrypted))
+ if (!crypter->set_key(crypter, expanded) ||
+ !crypter->encrypt(crypter, challenge_hash, chunk_empty, &encrypted))
{
chunk_clear(&expanded);
crypter->destroy(crypter);
METHOD(aead_t, set_key, bool,
private_aead_t *this, chunk_t key)
{
- this->crypter->set_key(this->crypter, key);
- return TRUE;
+ return this->crypter->set_key(this->crypter, key);
}
METHOD(aead_t, aead_destroy, void,
return NULL;
}
DBG4(DBG_IKE, "encryption key Ka %B", &ka);
- crypter->set_key(crypter, ka);
+ if (!crypter->set_key(crypter, ka))
+ {
+ chunk_clear(&ka);
+ return NULL;
+ }
chunk_clear(&ka);
INIT(this,
return FALSE;
}
DBG4(DBG_IKE, "Sk_ei secret %B", &key);
- crypter_i->set_key(crypter_i, key);
+ if (!crypter_i->set_key(crypter_i, key))
+ {
+ crypter_i->destroy(crypter_i);
+ crypter_r->destroy(crypter_r);
+ signer_i->destroy(signer_i);
+ signer_r->destroy(signer_r);
+ return FALSE;
+ }
chunk_clear(&key);
if (!prf_plus->allocate_bytes(prf_plus, key_size, &key))
return FALSE;
}
DBG4(DBG_IKE, "Sk_er secret %B", &key);
- crypter_r->set_key(crypter_r, key);
+ if (!crypter_r->set_key(crypter_r, key))
+ {
+ crypter_i->destroy(crypter_i);
+ crypter_r->destroy(crypter_r);
+ signer_i->destroy(signer_i);
+ signer_r->destroy(signer_r);
+ return FALSE;
+ }
chunk_clear(&key);
if (this->initiator)
k_auth = chunk_create(str.ptr + KENCR_LEN, KAUTH_LEN);
DBG3(DBG_LIB, "K_encr %B\nK_auth %B\nMSK %B", &k_encr, &k_auth, &msk);
- if (!this->signer->set_key(this->signer, k_auth))
+ if (!this->signer->set_key(this->signer, k_auth) ||
+ !this->crypter->set_key(this->crypter, k_encr))
{
chunk_clear(mk);
return FALSE;
}
- this->crypter->set_key(this->crypter, k_encr);
*msk = chunk_create(str.ptr + KENCR_LEN + KAUTH_LEN, MSK_LEN);
k_auth = chunk_create(str.ptr + KENCR_LEN, KAUTH_LEN);
DBG3(DBG_LIB, "K_encr %B\nK_auth %B", &k_encr, &k_auth);
- if (!this->signer->set_key(this->signer, k_auth))
+ if (!this->signer->set_key(this->signer, k_auth) ||
+ !this->crypter->set_key(this->crypter, k_encr))
{
return FALSE;
}
- this->crypter->set_key(this->crypter, k_encr);
call_hook(this, k_encr, k_auth);
chunk_split(key, "mm", this->signer->get_key_size(this->signer), &sig,
this->crypter->get_key_size(this->crypter), &enc);
- if (!this->signer->set_key(this->signer, sig))
- {
- return FALSE;
- }
- this->crypter->set_key(this->crypter, enc);
-
- return TRUE;
+ return this->signer->set_key(this->signer, sig) &&
+ this->crypter->set_key(this->crypter, enc);
}
METHOD(aead_t, destroy, void,
* The length of the key must match get_key_size().
*
* @param key key to set
+ * @return TRUE if key set successfully
*/
- void (*set_key) (crypter_t *this, chunk_t key);
+ __attribute__((warn_unused_result))
+ bool (*set_key) (crypter_t *this, chunk_t key);
/**
* Destroys a crypter_t object.
memset(iv, 0x56, sizeof(iv));
memset(key, 0x12, sizeof(key));
- crypter->set_key(crypter, chunk_from_thing(key));
+ if (!crypter->set_key(crypter, chunk_from_thing(key)))
+ {
+ return 0;
+ }
buf = chunk_alloc(this->bench_size);
memset(buf.ptr, 0x34, buf.len);
tested++;
key = chunk_create(vector->key, crypter->get_key_size(crypter));
- crypter->set_key(crypter, key);
+ if (!crypter->set_key(crypter, key))
+ {
+ failed = TRUE;
+ }
iv = chunk_create(vector->iv, crypter->get_iv_size(crypter));
/* allocated encryption */
success = FALSE;
/* decrypt the content */
- crypter->set_key(crypter, symmetric_key);
- if (!crypter->decrypt(crypter, encrypted_content, iv, &this->data))
+ if (!crypter->set_key(crypter, symmetric_key) ||
+ !crypter->decrypt(crypter, encrypted_content, iv, &this->data))
{
success = FALSE;
goto failed;
DBG3(DBG_LIB, " padded unencrypted data: %B", &in);
/* symmetric encryption of data object */
- crypter->set_key(crypter, symmetricKey);
- if (!crypter->encrypt(crypter, in, iv, &out))
+ if (!crypter->set_key(crypter, symmetricKey) ||
+ !crypter->encrypt(crypter, in, iv, &out))
{
crypter->destroy(crypter);
chunk_clear(&in);
return this->key_size;
}
-METHOD(crypter_t, set_key, void,
+METHOD(crypter_t, set_key, bool,
private_aes_crypter_t *this, chunk_t key)
{
u_int32_t *kf, *kt, rci, f = 0;
}
cpy(kt, kf);
}
+ return TRUE;
}
METHOD(crypter_t, destroy, void,
return this->keymat_size;
}
-METHOD(crypter_t, set_key, void,
+METHOD(crypter_t, set_key, bool,
private_af_alg_crypter_t *this, chunk_t key)
{
this->ops->set_key(this->ops, key);
+ return TRUE;
}
METHOD(crypter_t, destroy, void,
return this->key_size;
}
-METHOD(crypter_t, set_key, void,
+METHOD(crypter_t, set_key, bool,
private_blowfish_crypter_t *this, chunk_t key)
{
BF_set_key(&this->schedule, key.len , key.ptr);
+ return TRUE;
}
METHOD(crypter_t, destroy, void,
{
memcpy(this->salt, key.ptr + key.len - SALT_SIZE, SALT_SIZE);
key.len -= SALT_SIZE;
- this->crypter->set_key(this->crypter, key);
- return TRUE;
+ return this->crypter->set_key(this->crypter, key);
}
METHOD(aead_t, destroy, void,
memset(iv.ptr, 0, iv.len);
l = chunk_alloca(this->b);
memset(l.ptr, 0, l.len);
- this->k->set_key(this->k, resized);
- if (!this->k->encrypt(this->k, l, iv, NULL))
+ if (!this->k->set_key(this->k, resized) ||
+ !this->k->encrypt(this->k, l, iv, NULL))
{
return FALSE;
}
+ sizeof(this->state.nonce);
}
-METHOD(crypter_t, set_key, void,
+METHOD(crypter_t, set_key, bool,
private_ctr_ipsec_crypter_t *this, chunk_t key)
{
memcpy(this->state.nonce, key.ptr + key.len - sizeof(this->state.nonce),
sizeof(this->state.nonce));
key.len -= sizeof(this->state.nonce);
- this->crypter->set_key(this->crypter, key);
+ return this->crypter->set_key(this->crypter, key);
}
METHOD(crypter_t, destroy, void,
return this->key_size;
}
-METHOD(crypter_t, set_key, void,
+METHOD(crypter_t, set_key, bool,
private_des_crypter_t *this, chunk_t key)
{
des_set_key((des_cblock*)(key.ptr), &this->ks);
+ return TRUE;
}
-METHOD(crypter_t, set_key3, void,
+METHOD(crypter_t, set_key3, bool,
private_des_crypter_t *this, chunk_t key)
{
des_set_key((des_cblock*)(key.ptr) + 0, &this->ks3[0]);
des_set_key((des_cblock*)(key.ptr) + 1, &this->ks3[1]);
des_set_key((des_cblock*)(key.ptr) + 2, &this->ks3[2]);
+ return TRUE;
}
METHOD(crypter_t, destroy, void,
{
memcpy(this->salt, key.ptr + key.len - SALT_SIZE, SALT_SIZE);
key.len -= SALT_SIZE;
- this->crypter->set_key(this->crypter, key);
- return create_h(this, this->h);
+ return this->crypter->set_key(this->crypter, key) &&
+ create_h(this, this->h);
}
METHOD(aead_t, destroy, void,
return len;
}
-METHOD(crypter_t, set_key, void,
+METHOD(crypter_t, set_key, bool,
private_gcrypt_crypter_t *this, chunk_t key)
{
if (this->ctr_mode)
sizeof(this->ctr.nonce));
key.len -= sizeof(this->ctr.nonce);
}
- gcry_cipher_setkey(this->h, key.ptr, key.len);
+ return gcry_cipher_setkey(this->h, key.ptr, key.len) == 0;
}
METHOD(crypter_t, destroy, void,
return this->key.len;
}
-METHOD(crypter_t, set_key, void,
+METHOD(crypter_t, set_key, bool,
private_openssl_crypter_t *this, chunk_t key)
{
memcpy(this->key.ptr, key.ptr, min(key.len, this->key.len));
+ return TRUE;
}
METHOD(crypter_t, destroy, void,
return this->key.len;
}
-METHOD(crypter_t, set_key, void,
+METHOD(crypter_t, set_key, bool,
private_padlock_aes_crypter_t *this, chunk_t key)
{
memcpy(this->key.ptr, key.ptr, min(key.len, this->key.len));
+ return TRUE;
}
METHOD(crypter_t, destroy, void,
encryption_algorithm_names, alg);
return NOT_SUPPORTED;
}
- crypter->set_key(crypter, key);
if (iv.len != crypter->get_iv_size(crypter) ||
blob->len % crypter->get_block_size(crypter))
DBG1(DBG_ASN, " data size is not multiple of block size");
return PARSE_ERROR;
}
- if (!crypter->decrypt(crypter, *blob, iv, &decrypted))
+ if (!crypter->set_key(crypter, key) ||
+ !crypter->decrypt(crypter, *blob, iv, &decrypted))
{
crypter->destroy(crypter);
return FAILED;
{
continue;
}
-
- crypter->set_key(crypter, key);
- if (!crypter->decrypt(crypter, blob, iv, &decrypted))
+ if (!crypter->set_key(crypter, key) ||
+ !crypter->decrypt(crypter, blob, iv, &decrypted))
{
continue;
}
memset(this->k2, 0x02, this->b);
memset(this->k3, 0x03, this->b);
- this->k1->set_key(this->k1, lengthened);
- if (!this->k1->encrypt(this->k1, chunk_create(this->k2, this->b), iv, NULL) ||
+ if (!this->k1->set_key(this->k1, lengthened) ||
+ !this->k1->encrypt(this->k1, chunk_create(this->k2, this->b), iv, NULL) ||
!this->k1->encrypt(this->k1, chunk_create(this->k3, this->b), iv, NULL) ||
- !this->k1->encrypt(this->k1, k1, iv, NULL))
+ !this->k1->encrypt(this->k1, k1, iv, NULL) ||
+ !this->k1->set_key(this->k1, k1))
{
+ memwipe(k1.ptr, k1.len);
return FALSE;
}
- this->k1->set_key(this->k1, k1);
-
memwipe(k1.ptr, k1.len);
-
return TRUE;
}
if (this->tls->is_server(this->tls))
{
- this->crypter_in->set_key(this->crypter_in, client_write);
- this->crypter_out->set_key(this->crypter_out, server_write);
+ if (!this->crypter_in->set_key(this->crypter_in, client_write) ||
+ !this->crypter_out->set_key(this->crypter_out, server_write))
+ {
+ return FALSE;
+ }
}
else
{
- this->crypter_out->set_key(this->crypter_out, client_write);
- this->crypter_in->set_key(this->crypter_in, server_write);
+ if (!this->crypter_out->set_key(this->crypter_out, client_write) ||
+ !this->crypter_in->set_key(this->crypter_in, server_write))
+ {
+ return FALSE;
+ }
}
if (ivs)
{
projects / thirdparty / strongswan.git / commitdiff
