diff options
Diffstat (limited to 'src/libstrongswan/plugins/gcm')
-rw-r--r-- | src/libstrongswan/plugins/gcm/Makefile.in | 14 | ||||
-rw-r--r-- | src/libstrongswan/plugins/gcm/gcm_aead.c | 65 |
2 files changed, 42 insertions, 37 deletions
diff --git a/src/libstrongswan/plugins/gcm/Makefile.in b/src/libstrongswan/plugins/gcm/Makefile.in index 8285b5aeb..0c5eea0a7 100644 --- a/src/libstrongswan/plugins/gcm/Makefile.in +++ b/src/libstrongswan/plugins/gcm/Makefile.in @@ -49,6 +49,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; @@ -82,7 +83,7 @@ libstrongswan_gcm_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(libstrongswan_gcm_la_LDFLAGS) $(LDFLAGS) -o $@ @MONOLITHIC_FALSE@am_libstrongswan_gcm_la_rpath = -rpath $(plugindir) @MONOLITHIC_TRUE@am_libstrongswan_gcm_la_rpath = -DEFAULT_INCLUDES = -I.@am__isrc@ +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles am__mv = mv -f @@ -108,6 +109,7 @@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ +BFDLIB = @BFDLIB@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ @@ -202,11 +204,14 @@ build_os = @build_os@ build_vendor = @build_vendor@ builddir = @builddir@ c_plugins = @c_plugins@ +charon_natt_port = @charon_natt_port@ +charon_plugins = @charon_plugins@ +charon_udp_port = @charon_udp_port@ clearsilver_LIBS = @clearsilver_LIBS@ datadir = @datadir@ datarootdir = @datarootdir@ dbusservicedir = @dbusservicedir@ -default_pkcs11 = @default_pkcs11@ +dev_headers = @dev_headers@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ @@ -223,11 +228,12 @@ imcvdir = @imcvdir@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ +ipsec_script = @ipsec_script@ +ipsec_script_upper = @ipsec_script_upper@ ipsecdir = @ipsecdir@ ipsecgroup = @ipsecgroup@ ipseclibdir = @ipseclibdir@ ipsecuser = @ipsecuser@ -libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ libexecdir = @libexecdir@ linux_headers = @linux_headers@ @@ -243,6 +249,7 @@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ +nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ @@ -252,7 +259,6 @@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ -pluto_plugins = @pluto_plugins@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ diff --git a/src/libstrongswan/plugins/gcm/gcm_aead.c b/src/libstrongswan/plugins/gcm/gcm_aead.c index 0d7d91dbf..79ee65d98 100644 --- a/src/libstrongswan/plugins/gcm/gcm_aead.c +++ b/src/libstrongswan/plugins/gcm/gcm_aead.c @@ -149,7 +149,7 @@ static void ghash(private_gcm_aead_t *this, chunk_t x, char *res) /** * GCTR function, en-/decrypts x inline */ -static void gctr(private_gcm_aead_t *this, char *icb, chunk_t x) +static bool gctr(private_gcm_aead_t *this, char *icb, chunk_t x) { char cb[BLOCK_SIZE], iv[BLOCK_SIZE], tmp[BLOCK_SIZE]; @@ -159,12 +159,16 @@ static void gctr(private_gcm_aead_t *this, char *icb, chunk_t x) while (x.len) { memcpy(tmp, cb, BLOCK_SIZE); - this->crypter->encrypt(this->crypter, chunk_from_thing(tmp), - chunk_from_thing(iv), NULL); + if (!this->crypter->encrypt(this->crypter, chunk_from_thing(tmp), + chunk_from_thing(iv), NULL)) + { + return FALSE; + } memxor(x.ptr, tmp, min(BLOCK_SIZE, x.len)); chunk_increment(chunk_from_thing(cb)); x = chunk_skip(x, BLOCK_SIZE); } + return TRUE; } /** @@ -180,21 +184,21 @@ static void create_j(private_gcm_aead_t *this, char *iv, char *j) /** * Create GHASH subkey H */ -static void create_h(private_gcm_aead_t *this, char *h) +static bool create_h(private_gcm_aead_t *this, char *h) { char zero[BLOCK_SIZE]; memset(zero, 0, BLOCK_SIZE); memset(h, 0, BLOCK_SIZE); - this->crypter->encrypt(this->crypter, chunk_create(h, BLOCK_SIZE), - chunk_from_thing(zero), NULL); + return this->crypter->encrypt(this->crypter, chunk_create(h, BLOCK_SIZE), + chunk_from_thing(zero), NULL); } /** * Encrypt/decrypt */ -static void crypt(private_gcm_aead_t *this, char *j, chunk_t in, chunk_t out) +static bool crypt(private_gcm_aead_t *this, char *j, chunk_t in, chunk_t out) { char icb[BLOCK_SIZE]; @@ -206,13 +210,13 @@ static void crypt(private_gcm_aead_t *this, char *j, chunk_t in, chunk_t out) { memcpy(out.ptr, in.ptr, in.len); } - gctr(this, icb, out); + return gctr(this, icb, out); } /** * Create ICV */ -static void create_icv(private_gcm_aead_t *this, chunk_t assoc, chunk_t crypt, +static bool create_icv(private_gcm_aead_t *this, chunk_t assoc, chunk_t crypt, char *j, char *icv) { size_t assoc_pad, crypt_pad; @@ -249,9 +253,12 @@ static void create_icv(private_gcm_aead_t *this, chunk_t assoc, chunk_t crypt, ghash(this, chunk, s); free(chunk.ptr); - gctr(this, j, chunk_from_thing(s)); - + if (!gctr(this, j, chunk_from_thing(s))) + { + return FALSE; + } memcpy(icv, s, this->icv_size); + return TRUE; } /** @@ -262,12 +269,11 @@ static bool verify_icv(private_gcm_aead_t *this, chunk_t assoc, chunk_t crypt, { char tmp[this->icv_size]; - create_icv(this, assoc, crypt, j, tmp); - - return memeq(tmp, icv, this->icv_size); + return create_icv(this, assoc, crypt, j, tmp) && + memeq(tmp, icv, this->icv_size); } -METHOD(aead_t, encrypt, void, +METHOD(aead_t, encrypt, bool, private_gcm_aead_t *this, chunk_t plain, chunk_t assoc, chunk_t iv, chunk_t *encrypted) { @@ -278,16 +284,13 @@ METHOD(aead_t, encrypt, void, if (encrypted) { *encrypted = chunk_alloc(plain.len + this->icv_size); - crypt(this, j, plain, *encrypted); - create_icv(this, assoc, - chunk_create(encrypted->ptr, encrypted->len - this->icv_size), - j, encrypted->ptr + encrypted->len - this->icv_size); - } - else - { - crypt(this, j, plain, plain); - create_icv(this, assoc, plain, j, plain.ptr + plain.len); + return crypt(this, j, plain, *encrypted) && + create_icv(this, assoc, + chunk_create(encrypted->ptr, encrypted->len - this->icv_size), + j, encrypted->ptr + encrypted->len - this->icv_size); } + return crypt(this, j, plain, plain) && + create_icv(this, assoc, plain, j, plain.ptr + plain.len); } METHOD(aead_t, decrypt, bool, @@ -311,13 +314,9 @@ METHOD(aead_t, decrypt, bool, if (plain) { *plain = chunk_alloc(encrypted.len); - crypt(this, j, encrypted, *plain); + return crypt(this, j, encrypted, *plain); } - else - { - crypt(this, j, encrypted, encrypted); - } - return TRUE; + return crypt(this, j, encrypted, encrypted); } METHOD(aead_t, get_block_size, size_t, @@ -344,13 +343,13 @@ METHOD(aead_t, get_key_size, size_t, return this->crypter->get_key_size(this->crypter) + SALT_SIZE; } -METHOD(aead_t, set_key, void, +METHOD(aead_t, set_key, bool, private_gcm_aead_t *this, chunk_t key) { memcpy(this->salt, key.ptr + key.len - SALT_SIZE, SALT_SIZE); key.len -= SALT_SIZE; - this->crypter->set_key(this->crypter, key); - create_h(this, this->h); + return this->crypter->set_key(this->crypter, key) && + create_h(this, this->h); } METHOD(aead_t, destroy, void, |