#include <stdio.h>
#include <time.h>
+#include <assert.h>
#include <library.h>
#include <utils/debug.h>
#include <crypto/diffie_hellman.h>
for (round = 0; round < rounds; round++)
{
- l[round]->get_my_public_value(l[round], &chunk);
+ assert(l[round]->get_my_public_value(l[round], &chunk));
r->set_other_public_value(r, chunk);
chunk_free(&chunk);
}
- r->get_my_public_value(r, &chunk);
+ assert(r->get_my_public_value(r, &chunk));
start_timing(&timing);
for (round = 0; round < rounds; round++)
{
};
-METHOD(diffie_hellman_t, get_my_public_value, void,
+METHOD(diffie_hellman_t, get_my_public_value, bool,
private_tkm_diffie_hellman_t *this, chunk_t *value)
{
sequence_to_chunk(this->pubvalue.data, this->pubvalue.size, value);
+ return TRUE;
}
METHOD(diffie_hellman_t, get_shared_secret, bool,
fail_if(!dh, "Unable to create DH");
chunk_t value;
- dh->dh.get_my_public_value(&dh->dh, &value);
+ ck_assert(dh->dh.get_my_public_value(&dh->dh, &value));
dh->dh.destroy(&dh->dh);
fail_if(value.ptr == NULL, "Pubvalue is NULL");
/* Use the same pubvalue for both sides */
chunk_t pubvalue;
- dh->dh.get_my_public_value(&dh->dh, &pubvalue);
+ ck_assert(dh->dh.get_my_public_value(&dh->dh, &pubvalue));
dh->dh.set_other_public_value(&dh->dh, pubvalue);
fail_unless(keymat->keymat_v2.derive_ike_keys(&keymat->keymat_v2, proposal,
ke_payload_t *ke_payload_create_from_diffie_hellman(payload_type_t type,
diffie_hellman_t *dh)
{
- private_ke_payload_t *this = (private_ke_payload_t*)ke_payload_create(type);
+ private_ke_payload_t *this;
+ chunk_t value;
- dh->get_my_public_value(dh, &this->key_exchange_data);
+ if (!dh->get_my_public_value(dh, &value))
+ {
+ return NULL;
+ }
+ this = (private_ke_payload_t*)ke_payload_create(type);
+ this->key_exchange_data = value;
this->dh_group_number = dh->get_dh_group(dh);
this->payload_length += this->key_exchange_data.len;
return TRUE;
}
-METHOD(diffie_hellman_t, dh_get_my_public_value, void,
+METHOD(diffie_hellman_t, dh_get_my_public_value, bool,
ha_diffie_hellman_t *this, chunk_t *value)
{
*value = chunk_clone(this->pub);
+ return TRUE;
}
METHOD(diffie_hellman_t, dh_destroy, void,
chunk_clear(&secret);
if (ike_sa->get_version(ike_sa) == IKEV1)
{
- dh->get_my_public_value(dh, &secret);
- m->add_attribute(m, HA_LOCAL_DH, secret);
- chunk_free(&secret);
+ if (dh->get_my_public_value(dh, &secret))
+ {
+ m->add_attribute(m, HA_LOCAL_DH, secret);
+ chunk_free(&secret);
+ }
m->add_attribute(m, HA_REMOTE_DH, dh_other);
if (shared)
{
#include "load_tester_diffie_hellman.h"
-METHOD(diffie_hellman_t, get_my_public_value, void,
+METHOD(diffie_hellman_t, get_my_public_value, bool,
load_tester_diffie_hellman_t *this, chunk_t *value)
{
*value = chunk_empty;
+ return TRUE;
}
METHOD(diffie_hellman_t, set_other_public_value, void,
keymat_v1_t *keymat;
chunk_t hash, dh;
- this->dh->get_my_public_value(this->dh, &dh);
+ if (!this->dh->get_my_public_value(this->dh, &dh))
+ {
+ return FAILED;
+ }
keymat = (keymat_v1_t*)this->ike_sa->get_keymat(this->ike_sa);
if (!keymat->get_hash(keymat, this->initiator, dh, this->dh_value,
this->ike_sa->get_id(this->ike_sa), this->sa_payload,
return FAILED;
}
- this->dh->get_my_public_value(this->dh, &dh);
+ if (!this->dh->get_my_public_value(this->dh, &dh))
+ {
+ return FAILED;
+ }
keymat = (keymat_v1_t*)this->ike_sa->get_keymat(this->ike_sa);
if (!keymat->get_hash(keymat, !this->initiator, this->dh_value, dh,
this->ike_sa->get_id(this->ike_sa), this->sa_payload,
return NOT_FOUND;
}
- this->dh->get_my_public_value(this->dh, &dh);
+ if (!this->dh->get_my_public_value(this->dh, &dh))
+ {
+ private->destroy(private);
+ return FAILED;
+ }
keymat = (keymat_v1_t*)this->ike_sa->get_keymat(this->ike_sa);
if (!keymat->get_hash(keymat, this->initiator, dh, this->dh_value,
this->ike_sa->get_id(this->ike_sa), this->sa_payload,
}
id = this->ike_sa->get_other_id(this->ike_sa);
- this->dh->get_my_public_value(this->dh, &dh);
+ if (!this->dh->get_my_public_value(this->dh, &dh))
+ {
+ return FAILED;
+ }
keymat = (keymat_v1_t*)this->ike_sa->get_keymat(this->ike_sa);
if (!keymat->get_hash(keymat, !this->initiator, this->dh_value, dh,
this->ike_sa->get_id(this->ike_sa), this->sa_payload,
return FALSE;
}
- dh->get_my_public_value(dh, &dh_me);
+ if (!dh->get_my_public_value(dh, &dh_me))
+ {
+ return FALSE;
+ }
g_xi = this->initiator ? dh_me : dh_other;
g_xr = this->initiator ? dh_other : dh_me;
}
if (!build_payloads(this, message))
{
+ message->add_notify(message, TRUE, NO_PROPOSAL_CHOSEN, chunk_empty);
return FAILED;
}
return SUCCESS;
METHOD(pts_t, get_my_public_value, bool,
private_pts_t *this, chunk_t *value, chunk_t *nonce)
{
- this->dh->get_my_public_value(this->dh, value);
+ if (!this->dh->get_my_public_value(this->dh, value))
+ {
+ return FALSE;
+ }
*nonce = this->is_imc ? this->responder_nonce : this->initiator_nonce;
return TRUE;
}
* Space for returned chunk is allocated and must be freed by the caller.
*
* @param value public value of caller is stored at this location
+ * @return TRUE if public value retrieved
*/
- void (*get_my_public_value) (diffie_hellman_t *this, chunk_t *value);
+ bool (*get_my_public_value) (diffie_hellman_t *this, chunk_t *value)
+ __attribute__((warn_unused_result));
/**
* Get the DH group used.
return chunk;
}
-METHOD(diffie_hellman_t, get_my_public_value, void,
+METHOD(diffie_hellman_t, get_my_public_value, bool,
private_gcrypt_dh_t *this, chunk_t *value)
{
*value = export_mpi(this->ya, this->p_len);
+ return TRUE;
}
METHOD(diffie_hellman_t, get_shared_secret, bool,
mpz_clear(p_min_1);
}
-METHOD(diffie_hellman_t, get_my_public_value, void,
+METHOD(diffie_hellman_t, get_my_public_value, bool,
private_gmp_diffie_hellman_t *this,chunk_t *value)
{
value->len = this->p_len;
{
value->len = 0;
}
+ return TRUE;
}
METHOD(diffie_hellman_t, get_shared_secret, bool,
ntru_drbg_t *drbg;
};
-METHOD(diffie_hellman_t, get_my_public_value, void,
+METHOD(diffie_hellman_t, get_my_public_value, bool,
private_ntru_ke_t *this, chunk_t *value)
{
*value = chunk_empty;
if (!this->privkey)
{
DBG1(DBG_LIB, "NTRU keypair generation failed");
- return;
+ return FALSE;
}
this->pubkey = this->privkey->get_public_key(this->privkey);
}
*value = chunk_clone(this->pubkey->get_encoding(this->pubkey));
DBG3(DBG_LIB, "NTRU public key: %B", value);
}
+ return TRUE;
}
METHOD(diffie_hellman_t, get_shared_secret, bool,
bool computed;
};
-METHOD(diffie_hellman_t, get_my_public_value, void,
+METHOD(diffie_hellman_t, get_my_public_value, bool,
private_openssl_diffie_hellman_t *this, chunk_t *value)
{
*value = chunk_alloc(DH_size(this->dh));
memset(value->ptr, 0, value->len);
BN_bn2bin(this->dh->pub_key,
value->ptr + value->len - BN_num_bytes(this->dh->pub_key));
+ return TRUE;
}
METHOD(diffie_hellman_t, get_shared_secret, bool,
this->computed = TRUE;
}
-METHOD(diffie_hellman_t, get_my_public_value, void,
+METHOD(diffie_hellman_t, get_my_public_value, bool,
private_openssl_ec_diffie_hellman_t *this,chunk_t *value)
{
ecp2chunk(this->ec_group, EC_KEY_get0_public_key(this->key), value, FALSE);
+ return TRUE;
}
METHOD(diffie_hellman_t, get_shared_secret, bool,
derive_secret(this, value);
}
-METHOD(diffie_hellman_t, get_my_public_value, void,
+METHOD(diffie_hellman_t, get_my_public_value, bool,
private_pkcs11_dh_t *this, chunk_t *value)
{
*value = chunk_clone(this->pub_key);
+ return TRUE;
}
METHOD(diffie_hellman_t, get_shared_secret, bool,
ck_assert(i_ntru != NULL);
ck_assert(i_ntru->get_dh_group(i_ntru) == params[k].group);
- i_ntru->get_my_public_value(i_ntru, &pub_key);
+ ck_assert(i_ntru->get_my_public_value(i_ntru, &pub_key));
ck_assert(pub_key.len > 0);
r_ntru = lib->crypto->create_dh(lib->crypto, params[k].group);
ck_assert(r_ntru != NULL);
r_ntru->set_other_public_value(r_ntru, pub_key);
- r_ntru->get_my_public_value(r_ntru, &cipher_text);
+ ck_assert(r_ntru->get_my_public_value(r_ntru, &cipher_text));
ck_assert(cipher_text.len > 0);
ck_assert(r_ntru->get_shared_secret(r_ntru, &r_shared_secret));
chunk_t pub_key1, pub_key2;
i_ntru = lib->crypto->create_dh(lib->crypto, NTRU_256_BIT);
- i_ntru->get_my_public_value(i_ntru, &pub_key1);
- i_ntru->get_my_public_value(i_ntru, &pub_key2);
+ ck_assert(i_ntru->get_my_public_value(i_ntru, &pub_key1));
+ ck_assert(i_ntru->get_my_public_value(i_ntru, &pub_key2));
ck_assert(chunk_equals(pub_key1, pub_key2));
chunk_free(&pub_key1);
r_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT);
r_ntru->set_other_public_value(r_ntru, oid_tests[_i]);
- r_ntru->get_my_public_value(r_ntru, &cipher_text);
+ ck_assert(r_ntru->get_my_public_value(r_ntru, &cipher_text));
ck_assert(cipher_text.len == 0);
r_ntru->destroy(r_ntru);
}
"libstrongswan.plugins.ntru.parameter_set",
"x9_98_bandwidth");
i_ntru = lib->crypto->create_dh(lib->crypto, NTRU_112_BIT);
- i_ntru->get_my_public_value(i_ntru, &pub_key);
+ ck_assert(i_ntru->get_my_public_value(i_ntru, &pub_key));
lib->settings->set_str(lib->settings,
"libstrongswan.plugins.ntru.parameter_set",
"optimum");
r_ntru = lib->crypto->create_dh(lib->crypto, NTRU_112_BIT);
r_ntru->set_other_public_value(r_ntru, pub_key);
- r_ntru->get_my_public_value(r_ntru, &cipher_text);
+ ck_assert(r_ntru->get_my_public_value(r_ntru, &cipher_text));
ck_assert(cipher_text.len == 0);
chunk_free(&pub_key);
for (i = 0; i < countof(test); i++)
{
i_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT);
- i_ntru->get_my_public_value(i_ntru, &pub_key);
+ ck_assert(i_ntru->get_my_public_value(i_ntru, &pub_key));
i_ntru->set_other_public_value(i_ntru, test[i]);
ck_assert(!i_ntru->get_shared_secret(i_ntru, &shared_secret));
ck_assert(shared_secret.len == 0);
r_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT);
m_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT);
- i_ntru->get_my_public_value(i_ntru, &pub_key_i);
- m_ntru->get_my_public_value(m_ntru, &pub_key_m);
+ ck_assert(i_ntru->get_my_public_value(i_ntru, &pub_key_i));
+ ck_assert(m_ntru->get_my_public_value(m_ntru, &pub_key_m));
r_ntru->set_other_public_value(r_ntru, pub_key_m);
- r_ntru->get_my_public_value(r_ntru, &cipher_text);
+ ck_assert(r_ntru->get_my_public_value(r_ntru, &cipher_text));
i_ntru->set_other_public_value(i_ntru, cipher_text);
ck_assert(!i_ntru->get_shared_secret(i_ntru, &shared_secret));
ck_assert(shared_secret.len == 0);
}
chunk_clear(&premaster);
- this->dh->get_my_public_value(this->dh, &pub);
+ if (!this->dh->get_my_public_value(this->dh, &pub))
+ {
+ this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
+ return NEED_MORE;
+ }
if (this->dh->get_dh_group(this->dh) == MODP_CUSTOM)
{
writer->write_data16(writer, pub);
this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
return NEED_MORE;
}
- this->dh->get_my_public_value(this->dh, &chunk);
+ if (!this->dh->get_my_public_value(this->dh, &chunk))
+ {
+ this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
+ return NEED_MORE;
+ }
if (params)
{
writer->write_data16(writer, chunk);