goto Exit;\r
} else {\r
OptionLen = (UINT16) (Head->PayloadLength - IP6_ND_LENGTH);\r
- Option = NetbufGetByte (Packet, IP6_ND_LENGTH, NULL);\r
+ if (OptionLen != 0) {\r
+ Option = NetbufGetByte (Packet, IP6_ND_LENGTH, NULL);\r
+ ASSERT (Option != NULL);\r
\r
- //\r
- // All included options should have a length that is greater than zero.\r
- //\r
- if (!Ip6IsNDOptionValid (Option, OptionLen)) {\r
- goto Exit;\r
+ //\r
+ // All included options should have a length that is greater than zero.\r
+ //\r
+ if (!Ip6IsNDOptionValid (Option, OptionLen)) {\r
+ goto Exit;\r
+ }\r
}\r
}\r
\r
goto Exit;\r
} else {\r
OptionLen = (UINT16) (Head->PayloadLength - IP6_ND_LENGTH);\r
- Option = NetbufGetByte (Packet, IP6_ND_LENGTH, NULL);\r
+ if (OptionLen != 0) {\r
+ Option = NetbufGetByte (Packet, IP6_ND_LENGTH, NULL);\r
+ ASSERT (Option != NULL);\r
\r
- //\r
- // All included options should have a length that is greater than zero.\r
- //\r
- if (!Ip6IsNDOptionValid (Option, OptionLen)) {\r
- goto Exit;\r
+ //\r
+ // All included options should have a length that is greater than zero.\r
+ //\r
+ if (!Ip6IsNDOptionValid (Option, OptionLen)) {\r
+ goto Exit;\r
+ }\r
}\r
}\r
\r
// All included options have a length that is greater than zero.\r
//\r
OptionLen = (UINT16) (Head->PayloadLength - IP6_RA_LENGTH);\r
- Option = NetbufGetByte (Packet, IP6_RA_LENGTH, NULL);\r
+ if (OptionLen != 0) {\r
+ Option = NetbufGetByte (Packet, IP6_RA_LENGTH, NULL);\r
+ ASSERT (Option != NULL);\r
\r
- if (!Ip6IsNDOptionValid (Option, OptionLen)) {\r
- goto Exit;\r
+ if (!Ip6IsNDOptionValid (Option, OptionLen)) {\r
+ goto Exit;\r
+ }\r
}\r
\r
//\r
// All included options have a length that is greater than zero.\r
//\r
OptionLen = (UINT16) (Head->PayloadLength - IP6_REDITECT_LENGTH);\r
- Option = NetbufGetByte (Packet, IP6_REDITECT_LENGTH, NULL);\r
+ if (OptionLen != 0) {\r
+ Option = NetbufGetByte (Packet, IP6_REDITECT_LENGTH, NULL);\r
+ ASSERT (Option != NULL);\r
\r
- if (!Ip6IsNDOptionValid (Option, OptionLen)) {\r
- goto Exit;\r
+ if (!Ip6IsNDOptionValid (Option, OptionLen)) {\r
+ goto Exit;\r
+ }\r
}\r
\r
Target = (EFI_IPv6_ADDRESS *) (Icmp + 1);\r
/** @file\r
The implementation of Payloads Creation.\r
\r
- Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>\r
\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
&CertSubject,\r
&SubjectSize\r
);\r
+ if (SubjectSize != 0) {\r
+ ASSERT (CertSubject != NULL);\r
+ }\r
\r
IdSize = sizeof (IKEV2_ID) + SubjectSize;\r
\r
&SigSize\r
);\r
\r
- if (SigSize == 0) {\r
+ if (SigSize == 0 || Signature == NULL) {\r
goto EXIT;\r
}\r
}\r
// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
//\r
SpiBufSize = (UINT16) (SpiSize * SpiNum);\r
+ if (SpiBufSize != 0 && SpiBuf == NULL) {\r
+ return NULL;\r
+ }\r
+ \r
DelPayloadLen = (UINT16) (sizeof (IKEV2_DELETE) + SpiBufSize);\r
\r
Del = AllocateZeroPool (DelPayloadLen);\r
Fragment[0].DataSize = PublicKeyLen;\r
HashDataSize = IpSecGetHmacDigestLength (IKE_AALG_SHA1HMAC);\r
HashData = AllocateZeroPool (HashDataSize);\r
+ if (HashData == NULL) {\r
+ goto ON_EXIT;\r
+ }\r
\r
Status = IpSecCryptoIoHash (\r
IKE_AALG_SHA1HMAC,\r
IkeSaSession = IKEV2_SA_SESSION_FROM_COMMON (SessionCommon);\r
if (SessionCommon->IsInitiator) {\r
IkeSaSession->RespPacket = AllocateZeroPool (IkePacket->Header->Length);\r
+ if (IkeSaSession->RespPacket == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit; \r
+ }\r
IkeSaSession->RespPacketSize = IkePacket->Header->Length;\r
CopyMem (IkeSaSession->RespPacket, IkeHeader, sizeof (IKE_HEADER));\r
CopyMem (\r
); \r
} else {\r
IkeSaSession->InitPacket = AllocateZeroPool (IkePacket->Header->Length);\r
+ if (IkeSaSession->InitPacket == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit; \r
+ }\r
IkeSaSession->InitPacketSize = IkePacket->Header->Length;\r
CopyMem (IkeSaSession->InitPacket, IkeHeader, sizeof (IKE_HEADER));\r
CopyMem (\r
UINTN CryptKeyLength;\r
HASH_DATA_FRAGMENT Fragments[1];\r
\r
+ Status = EFI_SUCCESS;\r
+\r
//\r
// Initial all buffers to NULL.\r
//\r
//\r
IvSize = CryptBlockSize;\r
IvBuffer = (UINT8 *) AllocateZeroPool (IvSize);\r
+ if (IvBuffer == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
\r
//\r
// Generate IV\r
IkePacket->Header->NextPayload = IKEV2_PAYLOAD_TYPE_ENCRYPT;\r
\r
IntegrityBuf = AllocateZeroPool (IkePacket->Header->Length);\r
+ if (IntegrityBuf == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
IntegrityBufSize = IkePacket->Header->Length;\r
IkeHdrHostToNet (IkePacket->Header);\r
\r
Fragments[0].DataSize = EncryptPayloadSize + sizeof (IKE_HEADER) - CheckSumSize;\r
\r
CheckSumData = AllocateZeroPool (CheckSumSize);\r
+ if (CheckSumData == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
if (SessionCommon->IsInitiator) {\r
\r
IpSecCryptoIoHmac (\r
Digest = NULL;\r
OutputKey = NULL;\r
KeyBuffer = NULL;\r
+ Status = EFI_SUCCESS;\r
\r
//\r
// Generate Gxy\r
2 * AuthAlgKeyLen +\r
2 * IntegrityAlgKeyLen;\r
OutputKey = AllocateZeroPool (OutputKeyLength);\r
+ if (OutputKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
\r
//\r
// Generate Seven Keymates.\r
// First, SK_d\r
//\r
IkeSaSession->IkeKeys->SkdKey = AllocateZeroPool (PrfAlgKeyLen);\r
+ if (IkeSaSession->IkeKeys->SkdKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
IkeSaSession->IkeKeys->SkdKeySize = PrfAlgKeyLen;\r
CopyMem (IkeSaSession->IkeKeys->SkdKey, OutputKey, PrfAlgKeyLen);\r
\r
// Second, Sk_ai\r
//\r
IkeSaSession->IkeKeys->SkAiKey = AllocateZeroPool (IntegrityAlgKeyLen);\r
+ if (IkeSaSession->IkeKeys->SkAiKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
IkeSaSession->IkeKeys->SkAiKeySize = IntegrityAlgKeyLen;\r
CopyMem (IkeSaSession->IkeKeys->SkAiKey, OutputKey + PrfAlgKeyLen, IntegrityAlgKeyLen);\r
\r
// Third, Sk_ar\r
//\r
IkeSaSession->IkeKeys->SkArKey = AllocateZeroPool (IntegrityAlgKeyLen);\r
+ if (IkeSaSession->IkeKeys->SkArKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
IkeSaSession->IkeKeys->SkArKeySize = IntegrityAlgKeyLen;\r
CopyMem (\r
IkeSaSession->IkeKeys->SkArKey,\r
// Fourth, Sk_ei\r
//\r
IkeSaSession->IkeKeys->SkEiKey = AllocateZeroPool (EncryptAlgKeyLen);\r
+ if (IkeSaSession->IkeKeys->SkEiKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
IkeSaSession->IkeKeys->SkEiKeySize = EncryptAlgKeyLen;\r
\r
CopyMem (\r
// Fifth, Sk_er\r
//\r
IkeSaSession->IkeKeys->SkErKey = AllocateZeroPool (EncryptAlgKeyLen);\r
+ if (IkeSaSession->IkeKeys->SkErKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
IkeSaSession->IkeKeys->SkErKeySize = EncryptAlgKeyLen;\r
\r
CopyMem (\r
// Sixth, Sk_pi\r
//\r
IkeSaSession->IkeKeys->SkPiKey = AllocateZeroPool (AuthAlgKeyLen);\r
+ if (IkeSaSession->IkeKeys->SkPiKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
IkeSaSession->IkeKeys->SkPiKeySize = AuthAlgKeyLen;\r
\r
CopyMem (\r
// Seventh, Sk_pr\r
//\r
IkeSaSession->IkeKeys->SkPrKey = AllocateZeroPool (AuthAlgKeyLen);\r
+ if (IkeSaSession->IkeKeys->SkPrKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
IkeSaSession->IkeKeys->SkPrKeySize = AuthAlgKeyLen;\r
\r
CopyMem (\r
if (OutputKey != NULL) {\r
FreePool (OutputKey);\r
}\r
+\r
+ if (EFI_ERROR(Status)) {\r
+ if (IkeSaSession->IkeKeys->SkdKey != NULL) {\r
+ FreePool (IkeSaSession->IkeKeys->SkdKey);\r
+ }\r
+ if (IkeSaSession->IkeKeys->SkAiKey != NULL) {\r
+ FreePool (IkeSaSession->IkeKeys->SkAiKey);\r
+ }\r
+ if (IkeSaSession->IkeKeys->SkArKey != NULL) {\r
+ FreePool (IkeSaSession->IkeKeys->SkArKey);\r
+ }\r
+ if (IkeSaSession->IkeKeys->SkEiKey != NULL) {\r
+ FreePool (IkeSaSession->IkeKeys->SkEiKey);\r
+ }\r
+ if (IkeSaSession->IkeKeys->SkErKey != NULL) {\r
+ FreePool (IkeSaSession->IkeKeys->SkErKey);\r
+ }\r
+ if (IkeSaSession->IkeKeys->SkPiKey != NULL) {\r
+ FreePool (IkeSaSession->IkeKeys->SkPiKey);\r
+ }\r
+ if (IkeSaSession->IkeKeys->SkPrKey != NULL) {\r
+ FreePool (IkeSaSession->IkeKeys->SkPrKey);\r
+ }\r
+ }\r
+\r
\r
return Status;\r
}\r
UINT8* OutputKey;\r
UINTN OutputKeyLength;\r
\r
+ Status = EFI_SUCCESS;\r
+ OutputKey = NULL;\r
+ \r
if (KePayload != NULL) {\r
//\r
// Generate Gxy \r
OutputKeyLength = 2 * EncryptAlgKeyLen + 2 * IntegrityAlgKeyLen;\r
\r
if ((EncryptAlgKeyLen == 0) || (IntegrityAlgKeyLen == 0)) {\r
- return EFI_UNSUPPORTED;\r
+ Status = EFI_UNSUPPORTED;\r
+ goto Exit;\r
}\r
\r
//\r
// otherwise, KEYMAT = prf+(SK_d, Ni | Nr )\r
//\r
OutputKey = AllocateZeroPool (OutputKeyLength);\r
+ if (OutputKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
\r
//\r
// Derive Key from the SkdKey Buffer.\r
);\r
\r
if (EFI_ERROR (Status)) {\r
- FreePool (OutputKey);\r
- return Status;\r
+ goto Exit; \r
}\r
\r
//\r
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncAlgoId = (UINT8)SaParams->EncAlgId;\r
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen;\r
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey = AllocateZeroPool (EncryptAlgKeyLen);\r
+ if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
\r
CopyMem (\r
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey,\r
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthAlgoId = (UINT8)SaParams->IntegAlgId;\r
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen;\r
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey = AllocateZeroPool (IntegrityAlgKeyLen);\r
-\r
+ if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ } \r
+ \r
CopyMem (\r
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey,\r
OutputKey + EncryptAlgKeyLen,\r
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncAlgoId = (UINT8)SaParams->EncAlgId;\r
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen;\r
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey = AllocateZeroPool (EncryptAlgKeyLen);\r
-\r
+ if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ } \r
+ \r
CopyMem (\r
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey,\r
OutputKey + EncryptAlgKeyLen + IntegrityAlgKeyLen,\r
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthAlgoId = (UINT8)SaParams->IntegAlgId;\r
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen;\r
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey = AllocateZeroPool (IntegrityAlgKeyLen);\r
+ if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ } \r
\r
CopyMem (\r
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey,\r
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncAlgoId = (UINT8)SaParams->EncAlgId;\r
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen;\r
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey = AllocateZeroPool (EncryptAlgKeyLen);\r
-\r
+ if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ } \r
+ \r
CopyMem (\r
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey,\r
OutputKey,\r
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthAlgoId = (UINT8)SaParams->IntegAlgId;\r
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen;\r
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey = AllocateZeroPool (IntegrityAlgKeyLen);\r
-\r
+ if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ } \r
+ \r
CopyMem (\r
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey,\r
OutputKey + EncryptAlgKeyLen,\r
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncAlgoId = (UINT8)SaParams->EncAlgId;\r
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen;\r
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey = AllocateZeroPool (EncryptAlgKeyLen);\r
-\r
+ if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ } \r
+ \r
CopyMem (\r
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey,\r
OutputKey + EncryptAlgKeyLen + IntegrityAlgKeyLen,\r
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthAlgoId = (UINT8)SaParams->IntegAlgId;\r
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen;\r
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey = AllocateZeroPool (IntegrityAlgKeyLen);\r
-\r
+ if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ } \r
+ \r
CopyMem (\r
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey,\r
OutputKey + 2 * EncryptAlgKeyLen + IntegrityAlgKeyLen,\r
IntegrityAlgKeyLen\r
);\r
\r
- FreePool (OutputKey);\r
+\r
+\r
+Exit:\r
+ if (EFI_ERROR (Status)) {\r
+ if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey != NULL) {\r
+ FreePool (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey);\r
+ }\r
+ if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey != NULL) {\r
+ FreePool (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey);\r
+ }\r
+ if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey != NULL) {\r
+ FreePool (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey);\r
+ }\r
+ if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey != NULL) {\r
+ FreePool (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey);\r
+ }\r
+ }\r
+\r
+ if (OutputKey != NULL) {\r
+ FreePool (OutputKey);\r
+ }\r
\r
return EFI_SUCCESS;\r
}\r