Add a return value to crypter_t.set_key()
This commit is contained in:
parent
3b96189a2a
commit
ce73fc19db
|
@ -339,8 +339,8 @@ static status_t ChallengeResponse(chunk_t challenge_hash, chunk_t password_hash,
|
|||
chunk_t expanded, encrypted;
|
||||
|
||||
expanded = ExpandDESKey(keys[i]);
|
||||
crypter->set_key(crypter, expanded);
|
||||
if (!crypter->encrypt(crypter, challenge_hash, chunk_empty, &encrypted))
|
||||
if (!crypter->set_key(crypter, expanded) ||
|
||||
!crypter->encrypt(crypter, challenge_hash, chunk_empty, &encrypted))
|
||||
{
|
||||
chunk_clear(&expanded);
|
||||
crypter->destroy(crypter);
|
||||
|
|
|
@ -205,8 +205,7 @@ METHOD(aead_t, get_key_size, size_t,
|
|||
METHOD(aead_t, set_key, bool,
|
||||
private_aead_t *this, chunk_t key)
|
||||
{
|
||||
this->crypter->set_key(this->crypter, key);
|
||||
return TRUE;
|
||||
return this->crypter->set_key(this->crypter, key);
|
||||
}
|
||||
|
||||
METHOD(aead_t, aead_destroy, void,
|
||||
|
@ -291,7 +290,11 @@ static aead_t *create_aead(proposal_t *proposal, prf_t *prf, chunk_t skeyid_e)
|
|||
return NULL;
|
||||
}
|
||||
DBG4(DBG_IKE, "encryption key Ka %B", &ka);
|
||||
crypter->set_key(crypter, ka);
|
||||
if (!crypter->set_key(crypter, ka))
|
||||
{
|
||||
chunk_clear(&ka);
|
||||
return NULL;
|
||||
}
|
||||
chunk_clear(&ka);
|
||||
|
||||
INIT(this,
|
||||
|
|
|
@ -225,7 +225,14 @@ static bool derive_ike_traditional(private_keymat_v2_t *this, u_int16_t enc_alg,
|
|||
return FALSE;
|
||||
}
|
||||
DBG4(DBG_IKE, "Sk_ei secret %B", &key);
|
||||
crypter_i->set_key(crypter_i, key);
|
||||
if (!crypter_i->set_key(crypter_i, key))
|
||||
{
|
||||
crypter_i->destroy(crypter_i);
|
||||
crypter_r->destroy(crypter_r);
|
||||
signer_i->destroy(signer_i);
|
||||
signer_r->destroy(signer_r);
|
||||
return FALSE;
|
||||
}
|
||||
chunk_clear(&key);
|
||||
|
||||
if (!prf_plus->allocate_bytes(prf_plus, key_size, &key))
|
||||
|
@ -237,7 +244,14 @@ static bool derive_ike_traditional(private_keymat_v2_t *this, u_int16_t enc_alg,
|
|||
return FALSE;
|
||||
}
|
||||
DBG4(DBG_IKE, "Sk_er secret %B", &key);
|
||||
crypter_r->set_key(crypter_r, key);
|
||||
if (!crypter_r->set_key(crypter_r, key))
|
||||
{
|
||||
crypter_i->destroy(crypter_i);
|
||||
crypter_r->destroy(crypter_r);
|
||||
signer_i->destroy(signer_i);
|
||||
signer_r->destroy(signer_r);
|
||||
return FALSE;
|
||||
}
|
||||
chunk_clear(&key);
|
||||
|
||||
if (this->initiator)
|
||||
|
|
|
@ -148,12 +148,12 @@ METHOD(simaka_crypto_t, derive_keys_full, bool,
|
|||
k_auth = chunk_create(str.ptr + KENCR_LEN, KAUTH_LEN);
|
||||
DBG3(DBG_LIB, "K_encr %B\nK_auth %B\nMSK %B", &k_encr, &k_auth, &msk);
|
||||
|
||||
if (!this->signer->set_key(this->signer, k_auth))
|
||||
if (!this->signer->set_key(this->signer, k_auth) ||
|
||||
!this->crypter->set_key(this->crypter, k_encr))
|
||||
{
|
||||
chunk_clear(mk);
|
||||
return FALSE;
|
||||
}
|
||||
this->crypter->set_key(this->crypter, k_encr);
|
||||
|
||||
*msk = chunk_create(str.ptr + KENCR_LEN + KAUTH_LEN, MSK_LEN);
|
||||
|
||||
|
@ -187,11 +187,11 @@ METHOD(simaka_crypto_t, derive_keys_reauth, bool,
|
|||
k_auth = chunk_create(str.ptr + KENCR_LEN, KAUTH_LEN);
|
||||
DBG3(DBG_LIB, "K_encr %B\nK_auth %B", &k_encr, &k_auth);
|
||||
|
||||
if (!this->signer->set_key(this->signer, k_auth))
|
||||
if (!this->signer->set_key(this->signer, k_auth) ||
|
||||
!this->crypter->set_key(this->crypter, k_encr))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
this->crypter->set_key(this->crypter, k_encr);
|
||||
|
||||
call_hook(this, k_encr, k_auth);
|
||||
|
||||
|
|
|
@ -141,13 +141,8 @@ METHOD(aead_t, set_key, bool,
|
|||
chunk_split(key, "mm", this->signer->get_key_size(this->signer), &sig,
|
||||
this->crypter->get_key_size(this->crypter), &enc);
|
||||
|
||||
if (!this->signer->set_key(this->signer, sig))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
this->crypter->set_key(this->crypter, enc);
|
||||
|
||||
return TRUE;
|
||||
return this->signer->set_key(this->signer, sig) &&
|
||||
this->crypter->set_key(this->crypter, enc);
|
||||
}
|
||||
|
||||
METHOD(aead_t, destroy, void,
|
||||
|
|
|
@ -147,8 +147,10 @@ struct crypter_t {
|
|||
* The length of the key must match get_key_size().
|
||||
*
|
||||
* @param key key to set
|
||||
* @return TRUE if key set successfully
|
||||
*/
|
||||
void (*set_key) (crypter_t *this, chunk_t key);
|
||||
__attribute__((warn_unused_result))
|
||||
bool (*set_key) (crypter_t *this, chunk_t key);
|
||||
|
||||
/**
|
||||
* Destroys a crypter_t object.
|
||||
|
|
|
@ -151,7 +151,10 @@ static u_int bench_crypter(private_crypto_tester_t *this,
|
|||
|
||||
memset(iv, 0x56, sizeof(iv));
|
||||
memset(key, 0x12, sizeof(key));
|
||||
crypter->set_key(crypter, chunk_from_thing(key));
|
||||
if (!crypter->set_key(crypter, chunk_from_thing(key)))
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
buf = chunk_alloc(this->bench_size);
|
||||
memset(buf.ptr, 0x34, buf.len);
|
||||
|
@ -214,7 +217,10 @@ METHOD(crypto_tester_t, test_crypter, bool,
|
|||
tested++;
|
||||
|
||||
key = chunk_create(vector->key, crypter->get_key_size(crypter));
|
||||
crypter->set_key(crypter, key);
|
||||
if (!crypter->set_key(crypter, key))
|
||||
{
|
||||
failed = TRUE;
|
||||
}
|
||||
iv = chunk_create(vector->iv, crypter->get_iv_size(crypter));
|
||||
|
||||
/* allocated encryption */
|
||||
|
|
|
@ -638,8 +638,8 @@ end:
|
|||
success = FALSE;
|
||||
|
||||
/* decrypt the content */
|
||||
crypter->set_key(crypter, symmetric_key);
|
||||
if (!crypter->decrypt(crypter, encrypted_content, iv, &this->data))
|
||||
if (!crypter->set_key(crypter, symmetric_key) ||
|
||||
!crypter->decrypt(crypter, encrypted_content, iv, &this->data))
|
||||
{
|
||||
success = FALSE;
|
||||
goto failed;
|
||||
|
@ -834,8 +834,8 @@ METHOD(pkcs7_t, build_envelopedData, bool,
|
|||
DBG3(DBG_LIB, " padded unencrypted data: %B", &in);
|
||||
|
||||
/* symmetric encryption of data object */
|
||||
crypter->set_key(crypter, symmetricKey);
|
||||
if (!crypter->encrypt(crypter, in, iv, &out))
|
||||
if (!crypter->set_key(crypter, symmetricKey) ||
|
||||
!crypter->encrypt(crypter, in, iv, &out))
|
||||
{
|
||||
crypter->destroy(crypter);
|
||||
chunk_clear(&in);
|
||||
|
|
|
@ -1430,7 +1430,7 @@ METHOD(crypter_t, get_key_size, size_t,
|
|||
return this->key_size;
|
||||
}
|
||||
|
||||
METHOD(crypter_t, set_key, void,
|
||||
METHOD(crypter_t, set_key, bool,
|
||||
private_aes_crypter_t *this, chunk_t key)
|
||||
{
|
||||
u_int32_t *kf, *kt, rci, f = 0;
|
||||
|
@ -1515,6 +1515,7 @@ METHOD(crypter_t, set_key, void,
|
|||
}
|
||||
cpy(kt, kf);
|
||||
}
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(crypter_t, destroy, void,
|
||||
|
|
|
@ -179,10 +179,11 @@ METHOD(crypter_t, get_key_size, size_t,
|
|||
return this->keymat_size;
|
||||
}
|
||||
|
||||
METHOD(crypter_t, set_key, void,
|
||||
METHOD(crypter_t, set_key, bool,
|
||||
private_af_alg_crypter_t *this, chunk_t key)
|
||||
{
|
||||
this->ops->set_key(this->ops, key);
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(crypter_t, destroy, void,
|
||||
|
|
|
@ -155,10 +155,11 @@ METHOD(crypter_t, get_key_size, size_t,
|
|||
return this->key_size;
|
||||
}
|
||||
|
||||
METHOD(crypter_t, set_key, void,
|
||||
METHOD(crypter_t, set_key, bool,
|
||||
private_blowfish_crypter_t *this, chunk_t key)
|
||||
{
|
||||
BF_set_key(&this->schedule, key.len , key.ptr);
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(crypter_t, destroy, void,
|
||||
|
|
|
@ -316,8 +316,7 @@ METHOD(aead_t, set_key, bool,
|
|||
{
|
||||
memcpy(this->salt, key.ptr + key.len - SALT_SIZE, SALT_SIZE);
|
||||
key.len -= SALT_SIZE;
|
||||
this->crypter->set_key(this->crypter, key);
|
||||
return TRUE;
|
||||
return this->crypter->set_key(this->crypter, key);
|
||||
}
|
||||
|
||||
METHOD(aead_t, destroy, void,
|
||||
|
|
|
@ -279,8 +279,8 @@ METHOD(mac_t, set_key, bool,
|
|||
memset(iv.ptr, 0, iv.len);
|
||||
l = chunk_alloca(this->b);
|
||||
memset(l.ptr, 0, l.len);
|
||||
this->k->set_key(this->k, resized);
|
||||
if (!this->k->encrypt(this->k, l, iv, NULL))
|
||||
if (!this->k->set_key(this->k, resized) ||
|
||||
!this->k->encrypt(this->k, l, iv, NULL))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
|
|
@ -113,13 +113,13 @@ METHOD(crypter_t, get_key_size, size_t,
|
|||
+ sizeof(this->state.nonce);
|
||||
}
|
||||
|
||||
METHOD(crypter_t, set_key, void,
|
||||
METHOD(crypter_t, set_key, bool,
|
||||
private_ctr_ipsec_crypter_t *this, chunk_t key)
|
||||
{
|
||||
memcpy(this->state.nonce, key.ptr + key.len - sizeof(this->state.nonce),
|
||||
sizeof(this->state.nonce));
|
||||
key.len -= sizeof(this->state.nonce);
|
||||
this->crypter->set_key(this->crypter, key);
|
||||
return this->crypter->set_key(this->crypter, key);
|
||||
}
|
||||
|
||||
METHOD(crypter_t, destroy, void,
|
||||
|
|
|
@ -1541,18 +1541,20 @@ METHOD(crypter_t, get_key_size, size_t,
|
|||
return this->key_size;
|
||||
}
|
||||
|
||||
METHOD(crypter_t, set_key, void,
|
||||
METHOD(crypter_t, set_key, bool,
|
||||
private_des_crypter_t *this, chunk_t key)
|
||||
{
|
||||
des_set_key((des_cblock*)(key.ptr), &this->ks);
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(crypter_t, set_key3, void,
|
||||
METHOD(crypter_t, set_key3, bool,
|
||||
private_des_crypter_t *this, chunk_t key)
|
||||
{
|
||||
des_set_key((des_cblock*)(key.ptr) + 0, &this->ks3[0]);
|
||||
des_set_key((des_cblock*)(key.ptr) + 1, &this->ks3[1]);
|
||||
des_set_key((des_cblock*)(key.ptr) + 2, &this->ks3[2]);
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(crypter_t, destroy, void,
|
||||
|
|
|
@ -348,8 +348,8 @@ METHOD(aead_t, set_key, bool,
|
|||
{
|
||||
memcpy(this->salt, key.ptr + key.len - SALT_SIZE, SALT_SIZE);
|
||||
key.len -= SALT_SIZE;
|
||||
this->crypter->set_key(this->crypter, key);
|
||||
return create_h(this, this->h);
|
||||
return this->crypter->set_key(this->crypter, key) &&
|
||||
create_h(this, this->h);
|
||||
}
|
||||
|
||||
METHOD(aead_t, destroy, void,
|
||||
|
|
|
@ -141,7 +141,7 @@ METHOD(crypter_t, get_key_size, size_t,
|
|||
return len;
|
||||
}
|
||||
|
||||
METHOD(crypter_t, set_key, void,
|
||||
METHOD(crypter_t, set_key, bool,
|
||||
private_gcrypt_crypter_t *this, chunk_t key)
|
||||
{
|
||||
if (this->ctr_mode)
|
||||
|
@ -151,7 +151,7 @@ METHOD(crypter_t, set_key, void,
|
|||
sizeof(this->ctr.nonce));
|
||||
key.len -= sizeof(this->ctr.nonce);
|
||||
}
|
||||
gcry_cipher_setkey(this->h, key.ptr, key.len);
|
||||
return gcry_cipher_setkey(this->h, key.ptr, key.len) == 0;
|
||||
}
|
||||
|
||||
METHOD(crypter_t, destroy, void,
|
||||
|
|
|
@ -144,10 +144,11 @@ METHOD(crypter_t, get_key_size, size_t,
|
|||
return this->key.len;
|
||||
}
|
||||
|
||||
METHOD(crypter_t, set_key, void,
|
||||
METHOD(crypter_t, set_key, bool,
|
||||
private_openssl_crypter_t *this, chunk_t key)
|
||||
{
|
||||
memcpy(this->key.ptr, key.ptr, min(key.len, this->key.len));
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(crypter_t, destroy, void,
|
||||
|
|
|
@ -141,10 +141,11 @@ METHOD(crypter_t, get_key_size, size_t,
|
|||
return this->key.len;
|
||||
}
|
||||
|
||||
METHOD(crypter_t, set_key, void,
|
||||
METHOD(crypter_t, set_key, bool,
|
||||
private_padlock_aes_crypter_t *this, chunk_t key)
|
||||
{
|
||||
memcpy(this->key.ptr, key.ptr, min(key.len, this->key.len));
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(crypter_t, destroy, void,
|
||||
|
|
|
@ -125,7 +125,6 @@ static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg,
|
|||
encryption_algorithm_names, alg);
|
||||
return NOT_SUPPORTED;
|
||||
}
|
||||
crypter->set_key(crypter, key);
|
||||
|
||||
if (iv.len != crypter->get_iv_size(crypter) ||
|
||||
blob->len % crypter->get_block_size(crypter))
|
||||
|
@ -134,7 +133,8 @@ static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg,
|
|||
DBG1(DBG_ASN, " data size is not multiple of block size");
|
||||
return PARSE_ERROR;
|
||||
}
|
||||
if (!crypter->decrypt(crypter, *blob, iv, &decrypted))
|
||||
if (!crypter->set_key(crypter, key) ||
|
||||
!crypter->decrypt(crypter, *blob, iv, &decrypted))
|
||||
{
|
||||
crypter->destroy(crypter);
|
||||
return FAILED;
|
||||
|
|
|
@ -168,9 +168,8 @@ static private_key_t *decrypt_private_key(chunk_t blob,
|
|||
{
|
||||
continue;
|
||||
}
|
||||
|
||||
crypter->set_key(crypter, key);
|
||||
if (!crypter->decrypt(crypter, blob, iv, &decrypted))
|
||||
if (!crypter->set_key(crypter, key) ||
|
||||
!crypter->decrypt(crypter, blob, iv, &decrypted))
|
||||
{
|
||||
continue;
|
||||
}
|
||||
|
|
|
@ -257,17 +257,16 @@ METHOD(mac_t, set_key, bool,
|
|||
memset(this->k2, 0x02, this->b);
|
||||
memset(this->k3, 0x03, this->b);
|
||||
|
||||
this->k1->set_key(this->k1, lengthened);
|
||||
if (!this->k1->encrypt(this->k1, chunk_create(this->k2, this->b), iv, NULL) ||
|
||||
if (!this->k1->set_key(this->k1, lengthened) ||
|
||||
!this->k1->encrypt(this->k1, chunk_create(this->k2, this->b), iv, NULL) ||
|
||||
!this->k1->encrypt(this->k1, chunk_create(this->k3, this->b), iv, NULL) ||
|
||||
!this->k1->encrypt(this->k1, k1, iv, NULL))
|
||||
!this->k1->encrypt(this->k1, k1, iv, NULL) ||
|
||||
!this->k1->set_key(this->k1, k1))
|
||||
{
|
||||
memwipe(k1.ptr, k1.len);
|
||||
return FALSE;
|
||||
}
|
||||
this->k1->set_key(this->k1, k1);
|
||||
|
||||
memwipe(k1.ptr, k1.len);
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
|
|
@ -1560,13 +1560,19 @@ static bool expand_keys(private_tls_crypto_t *this,
|
|||
|
||||
if (this->tls->is_server(this->tls))
|
||||
{
|
||||
this->crypter_in->set_key(this->crypter_in, client_write);
|
||||
this->crypter_out->set_key(this->crypter_out, server_write);
|
||||
if (!this->crypter_in->set_key(this->crypter_in, client_write) ||
|
||||
!this->crypter_out->set_key(this->crypter_out, server_write))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
this->crypter_out->set_key(this->crypter_out, client_write);
|
||||
this->crypter_in->set_key(this->crypter_in, server_write);
|
||||
if (!this->crypter_out->set_key(this->crypter_out, client_write) ||
|
||||
!this->crypter_in->set_key(this->crypter_in, server_write))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
}
|
||||
if (ivs)
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue