private_wolfssl_diffie_hellman_t *this, chunk_t *secret)
{
word32 len;
+ int ret;
if (!this->shared_secret.len)
{
this->shared_secret = chunk_alloc(this->len);
- if (wc_DhAgree(&this->dh, this->shared_secret.ptr, &len, this->priv.ptr,
- this->priv.len, this->other.ptr, this->other.len) != 0)
+ PRIVATE_KEY_UNLOCK();
+ ret = wc_DhAgree(&this->dh, this->shared_secret.ptr, &len,
+ this->priv.ptr, this->priv.len, this->other.ptr,
+ this->other.len);
+ PRIVATE_KEY_LOCK();
+ if (ret != 0)
{
DBG1(DBG_LIB, "DH shared secret computation failed");
chunk_free(&this->shared_secret);
bool success = FALSE;
chunk_t g;
word32 len;
+ int ret;
chunk_clear(&this->priv);
this->priv = chunk_clone(value);
if (wolfssl_mp2chunk(&this->dh.g, &g))
{
len = this->pub.len;
- if (wc_DhAgree(&this->dh, this->pub.ptr, &len, this->priv.ptr,
- this->priv.len, g.ptr, g.len) == 0)
+ PRIVATE_KEY_UNLOCK();
+ ret = wc_DhAgree(&this->dh, this->pub.ptr, &len, this->priv.ptr,
+ this->priv.len, g.ptr, g.len);
+ PRIVATE_KEY_LOCK();
+ if (ret == 0)
{
this->pub.len = len;
success = TRUE;
private_wolfssl_diffie_hellman_t *this;
word32 privLen, pubLen;
WC_RNG rng;
+ int ret;
INIT(this,
.public = {
privLen = this->priv.len;
pubLen = this->pub.len;
/* generate my public and private values */
- if (wc_DhGenerateKeyPair(&this->dh, &rng, this->priv.ptr, &privLen,
- this->pub.ptr, &pubLen) != 0)
+ PRIVATE_KEY_UNLOCK();
+ ret = wc_DhGenerateKeyPair(&this->dh, &rng, this->priv.ptr, &privLen,
+ this->pub.ptr, &pubLen);
+ PRIVATE_KEY_LOCK();
+ if (ret != 0)
{
wc_FreeRng(&rng);
destroy(this);
static bool compute_shared_key(private_wolfssl_ec_diffie_hellman_t *this)
{
word32 len;
+ int ret;
#ifdef USE_RNG_FOR_TIMING_RESISTANCE
WC_RNG rng;
this->shared_secret = chunk_alloc(this->keysize);
len = this->shared_secret.len;
- if (wc_ecc_shared_secret(&this->key, &this->pubkey, this->shared_secret.ptr,
- &len) != 0)
+ PRIVATE_KEY_UNLOCK();
+ ret = wc_ecc_shared_secret(&this->key, &this->pubkey,
+ this->shared_secret.ptr, &len);
+ PRIVATE_KEY_LOCK();
+ if (ret != 0)
{
DBG1(DBG_LIB, "ECDH shared secret computation failed");
chunk_clear(&this->shared_secret);
METHOD(kdf_t, get_bytes, bool,
private_kdf_t *this, size_t out_len, uint8_t *buffer)
{
+ int ret;
+
if (this->type == KDF_PRF)
{
- if (out_len != get_length(this) ||
- wc_HKDF_Extract(this->hash, this->salt.ptr, this->salt.len,
- this->key.ptr, this->key.len, buffer))
+ if (out_len != get_length(this))
{
return FALSE;
}
- return TRUE;
+ PRIVATE_KEY_UNLOCK();
+ ret = wc_HKDF_Extract(this->hash, this->salt.ptr, this->salt.len,
+ this->key.ptr, this->key.len, buffer);
+ PRIVATE_KEY_LOCK();
}
- if (wc_HKDF_Expand(this->hash, this->key.ptr, this->key.len,
- this->salt.ptr, this->salt.len, buffer, out_len))
+ else
{
- return FALSE;
+ PRIVATE_KEY_UNLOCK();
+ ret = wc_HKDF_Expand(this->hash, this->key.ptr, this->key.len,
+ this->salt.ptr, this->salt.len, buffer, out_len);
+ PRIVATE_KEY_LOCK();
}
- return TRUE;
+ return ret == 0;
}
METHOD(kdf_t, allocate_bytes, bool,
projects / thirdparty / strongswan.git / commitdiff
