Check rng return value when generating key and IV in PKCS#7 wrapper
authorTobias Brunner <tobias@strongswan.org>
Mon, 25 Jun 2012 14:13:49 +0000 (16:13 +0200)
committerMartin Willi <martin@revosec.ch>
Mon, 16 Jul 2012 12:53:35 +0000 (14:53 +0200)
src/libstrongswan/crypto/pkcs7.c

index c5fa8c0..33ed7c9 100644 (file)
@@ -787,12 +787,24 @@ METHOD(pkcs7_t, build_envelopedData, bool,
                rng_t *rng;
 
                rng = lib->crypto->create_rng(lib->crypto, RNG_TRUE);
-               rng->allocate_bytes(rng, crypter->get_key_size(crypter), &symmetricKey);
+               if (!rng || !rng->allocate_bytes(rng, crypter->get_key_size(crypter),
+                                                                                &symmetricKey))
+               {
+                       DBG1(DBG_LIB, "  failed to allocate symmetric encryption key");
+                       DESTROY_IF(rng);
+                       return FALSE;
+               }
                DBG4(DBG_LIB, "  symmetric encryption key: %B", &symmetricKey);
                rng->destroy(rng);
 
                rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
-               rng->allocate_bytes(rng, crypter->get_iv_size(crypter), &iv);
+               if (!rng || !rng->allocate_bytes(rng, crypter->get_iv_size(crypter),
+                                                                                &iv))
+               {
+                       DBG1(DBG_LIB, "  failed to allocate initialization vector");
+                       DESTROY_IF(rng);
+                       return FALSE;
+               }
                DBG4(DBG_LIB, "  initialization vector: %B", &iv);
                rng->destroy(rng);
        }