Add a return value to signer_t.allocate_signature()

diff --git a/src/libstrongswan/crypto/aead.c b/src/libstrongswan/crypto/aead.c
index 10bcfeaf74192892bff86528c0f5bfb87bc1d2c0..ede2a8132bb3d2dbceacdb33c2fcaf0d82a06f88 100644 (file)
--- a/src/libstrongswan/crypto/aead.c
+++ b/src/libstrongswan/crypto/aead.c
@@ -52,7 +52,10 @@ METHOD(aead_t, encrypt, bool,
        if (encrypted)
        {
                this->crypter->encrypt(this->crypter, plain, iv, &encr);
-               this->signer->allocate_signature(this->signer, encr, &sig);
+               if (!this->signer->allocate_signature(this->signer, encr, &sig))
+               {
+                       return FALSE;
+               }
                *encrypted = chunk_cat("cmm", iv, encr, sig);
        }
        else

diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c
index 2b195b38043f2a58ba2376c2c6ea5440ad681f4d..73be384840f95e372264e20110d0a4469f9a4c94 100644 (file)
--- a/src/libstrongswan/crypto/crypto_tester.c
+++ b/src/libstrongswan/crypto/crypto_tester.c
@@ -547,7 +547,10 @@ METHOD(crypto_tester_t, test_signer, bool,
 
                /* allocated signature */
                data = chunk_create(vector->data, vector->len);
-               signer->allocate_signature(signer, data, &mac);
+               if (!signer->allocate_signature(signer, data, &mac))
+               {
+                       failed = TRUE;
+               }
                if (mac.len != signer->get_block_size(signer))
                {
                        failed = TRUE;
@@ -577,7 +580,11 @@ METHOD(crypto_tester_t, test_signer, bool,
                /* signature to existing buffer, using append mode */
                if (data.len > 2)
                {
-                       signer->allocate_signature(signer, chunk_create(data.ptr, 1), NULL);
+                       if (!signer->allocate_signature(signer,
+                                                                                       chunk_create(data.ptr, 1), NULL))
+                       {
+                               failed = TRUE;
+                       }
                        signer->get_signature(signer, chunk_create(data.ptr + 1, 1), NULL);
                        if (!signer->verify_signature(signer, chunk_skip(data, 2),
                                                                                  chunk_create(vector->mac, mac.len)))

diff --git a/src/libstrongswan/crypto/signers/mac_signer.c b/src/libstrongswan/crypto/signers/mac_signer.c
index 44a8e894e5bde76c72db904aeb8f26130b057c56..05009debb1915f1af9eeb0d12776eb71d37f39c1 100644 (file)
--- a/src/libstrongswan/crypto/signers/mac_signer.c
+++ b/src/libstrongswan/crypto/signers/mac_signer.c
@@ -56,7 +56,7 @@ METHOD(signer_t, get_signature, void,
        }
 }
 
-METHOD(signer_t, allocate_signature, void,
+METHOD(signer_t, allocate_signature, bool,
        private_signer_t *this, chunk_t data, chunk_t *chunk)
 {
        if (chunk == NULL)
@@ -72,6 +72,7 @@ METHOD(signer_t, allocate_signature, void,
                *chunk = chunk_alloc(this->truncation);
                memcpy(chunk->ptr, mac, this->truncation);
        }
+       return TRUE;
 }
 
 METHOD(signer_t, verify_signature, bool,

diff --git a/src/libstrongswan/crypto/signers/signer.h b/src/libstrongswan/crypto/signers/signer.h
index c6870e4756f79fe0b44efc419ca7ac3180324334..14b65ca0df18f5d9f2b976794ca002a63e2ae54a 100644 (file)
--- a/src/libstrongswan/crypto/signers/signer.h
+++ b/src/libstrongswan/crypto/signers/signer.h
@@ -102,8 +102,10 @@ struct signer_t {
         *
         * @param data          a chunk containing the data to sign
         * @param chunk         chunk which will hold the allocated signature
+        * @return                      TRUE if signature allocated successfully
         */
-       void (*allocate_signature) (signer_t *this, chunk_t data, chunk_t *chunk);
+       __attribute__((warn_unused_result))
+       bool (*allocate_signature) (signer_t *this, chunk_t data, chunk_t *chunk);
 
        /**
         * Verify a signature.

diff --git a/src/libstrongswan/plugins/af_alg/af_alg_signer.c b/src/libstrongswan/plugins/af_alg/af_alg_signer.c
index 6cd79f8f2fc283a9f80f04f34c5d6a6eb8421dbf..103baa677d53b018dad1f03389eece7c80b445e0 100644 (file)
--- a/src/libstrongswan/plugins/af_alg/af_alg_signer.c
+++ b/src/libstrongswan/plugins/af_alg/af_alg_signer.c
@@ -113,7 +113,7 @@ METHOD(signer_t, get_signature, void,
        this->ops->hash(this->ops, data, buffer, this->block_size);
 }
 
-METHOD(signer_t, allocate_signature, void,
+METHOD(signer_t, allocate_signature, bool,
        private_af_alg_signer_t *this, chunk_t data, chunk_t *chunk)
 {
        if (chunk)
@@ -125,6 +125,7 @@ METHOD(signer_t, allocate_signature, void,
        {
                get_signature(this, data, NULL);
        }
+       return TRUE;
 }
 
 METHOD(signer_t, verify_signature, bool,

diff --git a/src/libtls/tls_protection.c b/src/libtls/tls_protection.c
index dc734545c9e15e066fcd0ec824433a25db5848e0..c81c0ba8493828dc1826bf33d2a8fbf2e51918f1 100644 (file)
--- a/src/libtls/tls_protection.c
+++ b/src/libtls/tls_protection.c
@@ -220,7 +220,11 @@ METHOD(tls_protection_t, build, status_t,
 
                        sigheader(this->signer_out, this->seq_out, *type,
                                          this->version, data->len);
-                       this->signer_out->allocate_signature(this->signer_out, *data, &mac);
+                       if (!this->signer_out->allocate_signature(this->signer_out,
+                                                                                                         *data, &mac))
+                       {
+                               return FAILED;
+                       }
                        if (this->crypter_out)
                        {
                                chunk_t padding, iv;