if (parser->parse_payload(parser, type, &payload) != SUCCESS)
{
parser->destroy(parser);
- return FALSE;
+ return PARSE_ERROR;
}
if (payload->verify(payload) != SUCCESS)
{
payload_type_names, payload->get_type(payload));
payload->destroy(payload);
parser->destroy(parser);
- return FALSE;
+ return VERIFY_ERROR;
}
type = payload->get_next_type(payload);
this->payloads->insert_last(this->payloads, payload);
}
parser->destroy(parser);
DBG2(DBG_ENC, "parsed content of encryption payload");
- return TRUE;
+ return SUCCESS;
}
-METHOD(encryption_payload_t, decrypt, bool,
+METHOD(encryption_payload_t, decrypt, status_t,
private_encryption_payload_t *this, chunk_t assoc)
{
chunk_t iv, plain, padding, icv, crypt;
if (this->aead == NULL)
{
DBG1(DBG_ENC, "decrypting encryption payload failed, transform missing");
- return FALSE;
+ return INVALID_STATE;
}
/* prepare data to authenticate-decrypt:
(crypt.len - icv.len) % bs)
{
DBG1(DBG_ENC, "decrypting encryption payload failed, invalid length");
- return FALSE;
+ return FAILED;
}
assoc = append_header(this, assoc);
{
DBG1(DBG_ENC, "verifying encryption payload integrity failed");
free(assoc.ptr);
- return FALSE;
+ return FAILED;
}
free(assoc.ptr);
{
DBG1(DBG_ENC, "decrypting encryption payload failed, "
"padding invalid %B", &crypt);
- return FAILED;
+ return PARSE_ERROR;
}
plain.len -= padding.len;
padding.ptr = plain.ptr + plain.len;
* Decrypt, verify and parse contained payloads.
*
* @param assoc associated data
- * @return TRUE if decrypted and verified successfully
+ * - SUCCESS if parsing successful
+ * - PARSE_ERROR if sub-payload parsing failed
+ * - VERIFY_ERROR if sub-payload verification failed
+ * - FAILED if integrity check failed
+ * - INVALID_STATE if aead not supplied, but needed
*/
- bool (*decrypt) (encryption_payload_t *this, chunk_t assoc);
+ status_t (*decrypt) (encryption_payload_t *this, chunk_t assoc);
/**
* Destroys an encryption_payload_t object.
projects / thirdparty / strongswan.git / commitdiff
