From b234fdfce8d010ac2d5981f40650f95f1454f7e3 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Sat, 28 Mar 2015 08:36:35 +0100 Subject: [PATCH] fips-prf: Fail when trying to use append mode on FIPS-PRF Append mode hardly makes sense for the special stateful FIPS-PRF, which is different to other PRFs. --- src/libstrongswan/plugins/fips_prf/fips_prf.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf.c b/src/libstrongswan/plugins/fips_prf/fips_prf.c index 23825078e6..25accf996f 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf.c +++ b/src/libstrongswan/plugins/fips_prf/fips_prf.c @@ -116,6 +116,12 @@ METHOD(prf_t, get_bytes, bool, u_int8_t *xkey = this->key; u_int8_t one[this->b]; + if (!w) + { + /* append mode is not supported */ + return FALSE; + } + memset(one, 0, this->b); one[this->b - 1] = 0x01; @@ -250,4 +256,3 @@ fips_prf_t *fips_prf_create(pseudo_random_function_t algo) return &this->public; } - -- 2.47.2