Use a bool return value in keymat_v1_t.get_hash_phase2()
authorMartin Willi <martin@revosec.ch>
Fri, 6 Jul 2012 09:16:49 +0000 (11:16 +0200)
committerMartin Willi <martin@revosec.ch>
Mon, 16 Jul 2012 12:53:34 +0000 (14:53 +0200)
src/libcharon/encoding/message.c
src/libcharon/sa/ikev1/keymat_v1.c
src/libcharon/sa/ikev1/keymat_v1.h

index 63114c9..1aef7c2 100644 (file)
@@ -1455,8 +1455,7 @@ METHOD(message_t, generate, status_t,
        if (keymat && keymat->get_version(keymat) == IKEV1)
        {
                /* get a hash for this message, if any is required */
-               hash = keymat_v1->get_hash_phase2(keymat_v1, &this->public);
-               if (hash.ptr)
+               if (keymat_v1->get_hash_phase2(keymat_v1, &this->public, &hash))
                {       /* insert a HASH payload as first payload */
                        hash_payload_t *hash_payload;
 
@@ -2003,8 +2002,7 @@ METHOD(message_t, parse_body, status_t,
                keymat_v1_t *keymat_v1 = (keymat_v1_t*)keymat;
                chunk_t hash;
 
-               hash = keymat_v1->get_hash_phase2(keymat_v1, &this->public);
-               if (hash.ptr)
+               if (keymat_v1->get_hash_phase2(keymat_v1, &this->public, &hash))
                {
                        hash_payload_t *hash_payload;
                        chunk_t other_hash;
index f543a03..d5e9ee0 100644 (file)
@@ -827,19 +827,22 @@ static qm_data_t *lookup_quick_mode(private_keymat_v1_t *this, u_int32_t mid)
        return found;
 }
 
-METHOD(keymat_v1_t, get_hash_phase2, chunk_t,
-       private_keymat_v1_t *this, message_t *message)
+METHOD(keymat_v1_t, get_hash_phase2, bool,
+       private_keymat_v1_t *this, message_t *message, chunk_t *hash)
 {
-       u_int32_t mid = message->get_message_id(message), mid_n = htonl(mid);
-       chunk_t data = chunk_empty, hash = chunk_empty;
+       u_int32_t mid, mid_n;
+       chunk_t data = chunk_empty;
        bool add_message = TRUE;
        char *name = "Hash";
 
        if (!this->prf)
        {       /* no keys derived yet */
-               return hash;
+               return FALSE;
        }
 
+       mid = message->get_message_id(message);
+       mid_n = htonl(mid);
+
        /* Hashes are simple for most exchanges in Phase 2:
         *   Hash = prf(SKEYID_a, M-ID | Complete message after HASH payload)
         * For Quick Mode there are three hashes:
@@ -858,7 +861,7 @@ METHOD(keymat_v1_t, get_hash_phase2, chunk_t,
                                name = "Hash(1)";
                                if (!get_nonce(message, &qm->n_i))
                                {
-                                       return hash;
+                                       return FALSE;
                                }
                                data = chunk_from_thing(mid_n);
                        }
@@ -867,7 +870,7 @@ METHOD(keymat_v1_t, get_hash_phase2, chunk_t,
                                name = "Hash(2)";
                                if (!get_nonce(message, &qm->n_r))
                                {
-                                       return hash;
+                                       return FALSE;
                                }
                                data = chunk_cata("cc", chunk_from_thing(mid_n), qm->n_i);
                        }
@@ -889,26 +892,23 @@ METHOD(keymat_v1_t, get_hash_phase2, chunk_t,
                        data = chunk_from_thing(mid_n);
                        break;
                default:
-                       break;
+                       return FALSE;
        }
-       if (data.ptr)
+       this->prf->set_key(this->prf, this->skeyid_a);
+       if (add_message)
        {
-               this->prf->set_key(this->prf, this->skeyid_a);
-               if (add_message)
-               {
-                       generator_t *generator = generator_create_no_dbg();
-                       chunk_t msg = get_message_data(message, generator);
-                       this->prf->allocate_bytes(this->prf, data, NULL);
-                       this->prf->allocate_bytes(this->prf, msg, &hash);
-                       generator->destroy(generator);
-               }
-               else
-               {
-                       this->prf->allocate_bytes(this->prf, data, &hash);
-               }
-               DBG3(DBG_IKE, "%s %B", name, &hash);
+               generator_t *generator = generator_create_no_dbg();
+               chunk_t msg = get_message_data(message, generator);
+               this->prf->allocate_bytes(this->prf, data, NULL);
+               this->prf->allocate_bytes(this->prf, msg, hash);
+               generator->destroy(generator);
+       }
+       else
+       {
+               this->prf->allocate_bytes(this->prf, data, hash);
        }
-       return hash;
+       DBG3(DBG_IKE, "%s %B", name, hash);
+       return TRUE;
 }
 
 /**
index 77aff88..8acbf58 100644 (file)
@@ -112,10 +112,10 @@ struct keymat_v1_t {
         * Get HASH data for integrity/authentication in Phase 2 exchanges.
         *
         * @param message               message to generate the HASH data for
-        * @return                              allocated HASH data
+        * @param hash                  chunk receiving allocated hash data
+        * @return                              TRUE if hash allocated successfully
         */
-       chunk_t (*get_hash_phase2)(keymat_v1_t *this, message_t *message);
-
+       bool (*get_hash_phase2)(keymat_v1_t *this, message_t *message, chunk_t *hash);
 
        /**
         * Returns the IV for a message with the given message ID.