return NULL;
}
this->secret.len = strlen(this->secret.ptr);
- this->signer->set_key(this->signer, this->secret);
-
- if (!open_socket(this))
+ if (!this->signer->set_key(this->signer, this->secret) ||
+ !open_socket(this))
{
destroy(this);
return NULL;
prf_plus->allocate_bytes(prf_plus, key_size, &key);
DBG4(DBG_IKE, "Sk_ai secret %B", &key);
- signer_i->set_key(signer_i, key);
+ if (!signer_i->set_key(signer_i, key))
+ {
+ signer_i->destroy(signer_i);
+ signer_r->destroy(signer_r);
+ chunk_clear(&key);
+ return FALSE;
+ }
chunk_clear(&key);
prf_plus->allocate_bytes(prf_plus, key_size, &key);
DBG4(DBG_IKE, "Sk_ar secret %B", &key);
- signer_r->set_key(signer_r, key);
+ if (!signer_r->set_key(signer_r, key))
+ {
+ signer_i->destroy(signer_i);
+ signer_r->destroy(signer_r);
+ chunk_clear(&key);
+ return FALSE;
+ }
chunk_clear(&key);
/* SK_ei/SK_er used for encryption */
.rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK),
);
- if (!this->hasher || !this->signer || !this->rng)
+ if (!this->hasher || !this->signer || !this->rng ||
+ !this->signer->set_key(this->signer, secret))
{
DBG1(DBG_CFG, "RADIUS initialization failed, HMAC/MD5/RNG required");
destroy(this);
return NULL;
}
this->secret = secret;
- this->signer->set_key(this->signer, secret);
/* we use a random identifier, helps if we restart often */
this->identifier = random();
k_auth = chunk_create(str.ptr + KENCR_LEN, KAUTH_LEN);
DBG3(DBG_LIB, "K_encr %B\nK_auth %B\nMSK %B", &k_encr, &k_auth, &msk);
- this->signer->set_key(this->signer, k_auth);
+ if (!this->signer->set_key(this->signer, k_auth))
+ {
+ chunk_clear(mk);
+ return FALSE;
+ }
this->crypter->set_key(this->crypter, k_encr);
*msk = chunk_create(str.ptr + KENCR_LEN + KAUTH_LEN, MSK_LEN);
k_auth = chunk_create(str.ptr + KENCR_LEN, KAUTH_LEN);
DBG3(DBG_LIB, "K_encr %B\nK_auth %B", &k_encr, &k_auth);
- this->signer->set_key(this->signer, k_auth);
+ if (!this->signer->set_key(this->signer, k_auth))
+ {
+ return FALSE;
+ }
this->crypter->set_key(this->crypter, k_encr);
call_hook(this, k_encr, k_auth);
chunk_split(key, "mm", this->signer->get_key_size(this->signer), &sig,
this->crypter->get_key_size(this->crypter), &enc);
- this->signer->set_key(this->signer, sig);
+ if (!this->signer->set_key(this->signer, sig))
+ {
+ return FALSE;
+ }
this->crypter->set_key(this->crypter, enc);
return TRUE;
u_int runs;
memset(key, 0x12, sizeof(key));
- signer->set_key(signer, chunk_from_thing(key));
+ if (!signer->set_key(signer, chunk_from_thing(key)))
+ {
+ return 0;
+ }
buf = chunk_alloc(this->bench_size);
memset(buf.ptr, 0x34, buf.len);
failed = FALSE;
key = chunk_create(vector->key, signer->get_key_size(signer));
- signer->set_key(signer, key);
-
+ if (!signer->set_key(signer, key))
+ {
+ failed = TRUE;
+ }
/* allocated signature */
data = chunk_create(vector->data, vector->len);
if (!signer->allocate_signature(signer, data, &mac))
return this->truncation;
}
-METHOD(signer_t, set_key, void,
+METHOD(signer_t, set_key, bool,
private_signer_t *this, chunk_t key)
{
this->mac->set_key(this->mac, key);
+ return TRUE;
}
METHOD(signer_t, destroy, void,
* Set the key for this object.
*
* @param key key to set
+ * @return TRUE if key set
*/
- void (*set_key) (signer_t *this, chunk_t key);
+ __attribute__((warn_unused_result))
+ bool (*set_key) (signer_t *this, chunk_t key);
/**
* Destroys a signer_t object.
return this->block_size;
}
-METHOD(signer_t, set_key, void,
+METHOD(signer_t, set_key, bool,
private_af_alg_signer_t *this, chunk_t key)
{
this->ops->set_key(this->ops, key);
+ return TRUE;
}
METHOD(signer_t, destroy, void,
block = chunk_skip(block, mks);
if (this->tls->is_server(this->tls))
{
- this->signer_in->set_key(this->signer_in, client_write);
- this->signer_out->set_key(this->signer_out, server_write);
+ if (!this->signer_in->set_key(this->signer_in, client_write) ||
+ !this->signer_out->set_key(this->signer_out, server_write))
+ {
+ return FALSE;
+ }
}
else
{
- this->signer_out->set_key(this->signer_out, client_write);
- this->signer_in->set_key(this->signer_in, server_write);
+ if (!this->signer_out->set_key(this->signer_out, client_write) ||
+ !this->signer_in->set_key(this->signer_in, server_write))
+ {
+ return FALSE;
+ }
}
/* crypter keys, and IVs if < TLSv1.2 */