The Implementations for Information Exchange.\r
\r
(C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>\r
- Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>\r
\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
InfoContext = NULL;\r
IkeSaSession = (IKEV2_SA_SESSION *) SaSession;\r
IkePacket = IkePacketAlloc ();\r
- ASSERT (IkePacket != NULL);\r
+ if (IkePacket == NULL) {\r
+ return NULL;\r
+ }\r
\r
//\r
// Fill IkePacket Header.\r
The implementation of Payloads Creation.\r
\r
(C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>\r
- Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>\r
\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
UINTN SaDataSize;\r
\r
SaPayload = IkePayloadAlloc ();\r
- ASSERT (SaPayload != NULL);\r
+ if (SaPayload == NULL) {\r
+ return NULL;\r
+ }\r
+ \r
//\r
// TODO: Get the Proposal Number and Transform Number from IPsec Config,\r
// after the Ipsecconfig Application is support it.\r
}\r
\r
SaData = AllocateZeroPool (SaDataSize);\r
- ASSERT (SaData != NULL);\r
+ if (SaData == NULL) {\r
+ IkePayloadFree (SaPayload);\r
+ return NULL;\r
+ }\r
\r
CopyMem (SaData, SessionSaData, SaDataSize);\r
SaData->SaHeader.Header.NextPayload = NextPayload;\r
NonceBlock = NonceBuf;\r
\r
Nonce = AllocateZeroPool (Size);\r
- ASSERT (Nonce != NULL);\r
+ if (Nonce == NULL) {\r
+ return NULL;\r
+ }\r
+ \r
CopyMem (Nonce + 1, NonceBlock, Size - sizeof (IKEV2_NONCE));\r
\r
Nonce->Header.NextPayload = NextPayload;\r
Nonce->Header.PayloadLength = (UINT16) Size;\r
NoncePayload = IkePayloadAlloc ();\r
-\r
- ASSERT (NoncePayload != NULL);\r
+ if (NoncePayload == NULL) {\r
+ FreePool (Nonce);\r
+ return NULL;\r
+ }\r
+ \r
NoncePayload->PayloadType = IKEV2_PAYLOAD_TYPE_NONCE;\r
NoncePayload->PayloadBuf = (UINT8 *) Nonce;\r
NoncePayload->PayloadSize = Size;\r
// Allocate buffer for Key Exchange\r
//\r
Ke = AllocateZeroPool (KeSize);\r
- ASSERT (Ke != NULL);\r
+ if (Ke == NULL) {\r
+ return NULL;\r
+ }\r
\r
Ke->Header.NextPayload = NextPayload;\r
Ke->Header.PayloadLength = (UINT16) KeSize;\r
// Create IKE_PAYLOAD to point to Key Exchange payload\r
//\r
KePayload = IkePayloadAlloc ();\r
- ASSERT (KePayload != NULL);\r
+ if (KePayload == NULL) {\r
+ FreePool (Ke);\r
+ return NULL;\r
+ }\r
\r
KePayload->PayloadType = IKEV2_PAYLOAD_TYPE_KE;\r
KePayload->PayloadBuf = (UINT8 *) Ke;\r
IdSize = sizeof (IKEV2_ID) + AddrSize;\r
\r
Id = (IKEV2_ID *) AllocateZeroPool (IdSize);\r
- ASSERT (Id != NULL);\r
+ if (Id == NULL) {\r
+ return NULL;\r
+ }\r
\r
IdPayload = IkePayloadAlloc ();\r
- ASSERT (IdPayload != NULL);\r
+ if (IdPayload == NULL) {\r
+ FreePool (Id);\r
+ return NULL;\r
+ }\r
\r
IdPayload->PayloadType = (UINT8) ((CommonSession->IsInitiator) ? IKEV2_PAYLOAD_TYPE_ID_INIT : IKEV2_PAYLOAD_TYPE_ID_RSP);\r
IdPayload->PayloadBuf = (UINT8 *) Id;\r
IdSize = sizeof (IKEV2_ID) + SubjectSize;\r
\r
Id = (IKEV2_ID *) AllocateZeroPool (IdSize);\r
- ASSERT (Id != NULL);\r
+ if (Id == NULL) {\r
+ return NULL;\r
+ }\r
\r
IdPayload = IkePayloadAlloc ();\r
- ASSERT (IdPayload != NULL);\r
+ if (IdPayload == NULL) {\r
+ FreePool (Id);\r
+ return NULL;\r
+ }\r
\r
IdPayload->PayloadType = (UINT8) ((CommonSession->IsInitiator) ? IKEV2_PAYLOAD_TYPE_ID_INIT : IKEV2_PAYLOAD_TYPE_ID_RSP);\r
IdPayload->PayloadBuf = (UINT8 *) Id;\r
\r
DigestSize = IpSecGetHmacDigestLength ((UINT8)IkeSaSession->SessionCommon.SaParams->Prf);\r
Digest = AllocateZeroPool (DigestSize);\r
-\r
if (Digest == NULL) {\r
return NULL;\r
}\r
+ \r
if (IdPayload == NULL) {\r
return NULL;\r
}\r
+ \r
//\r
// Calcualte Prf(Seceret, "Key Pad for IKEv2");\r
//\r
// Store the AuthKey into KeyBuf\r
//\r
KeyBuf = AllocateZeroPool (DigestSize);\r
- ASSERT (KeyBuf != NULL);\r
+ if (KeyBuf == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
+ \r
CopyMem (KeyBuf, Digest, DigestSize);\r
KeySize = DigestSize;\r
\r
// Copy the result of Prf(SK_Pr, IDi/r) to Fragments[2].\r
//\r
Fragments[2].Data = AllocateZeroPool (DigestSize);\r
+ if (Fragments[2].Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
+ \r
Fragments[2].DataSize = DigestSize;\r
CopyMem (Fragments[2].Data, Digest, DigestSize);\r
\r
// Allocate buffer for Auth Payload\r
//\r
AuthPayload = IkePayloadAlloc ();\r
- ASSERT (AuthPayload != NULL);\r
+ if (AuthPayload == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
\r
AuthPayload->PayloadSize = sizeof (IKEV2_AUTH) + DigestSize;\r
PayloadBuf = (IKEV2_AUTH *) AllocateZeroPool (AuthPayload->PayloadSize);\r
- ASSERT (PayloadBuf != NULL);\r
+ if (PayloadBuf == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
+ \r
//\r
// Fill in Auth payload.\r
//\r
}\r
DigestSize = IpSecGetHmacDigestLength ((UINT8)IkeSaSession->SessionCommon.SaParams->Prf);\r
Digest = AllocateZeroPool (DigestSize);\r
-\r
if (Digest == NULL) {\r
return NULL;\r
}\r
// Store the AuthKey into KeyBuf\r
//\r
KeyBuf = AllocateZeroPool (DigestSize);\r
- ASSERT (KeyBuf != NULL);\r
-\r
+ if (KeyBuf == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
+ \r
CopyMem (KeyBuf, Digest, DigestSize);\r
\r
//\r
// Copy the result of Prf(SK_Pr, IDi/r) to Fragments[2].\r
//\r
Fragments[2].Data = AllocateZeroPool (DigestSize);\r
+ if (Fragments[2].Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
+ \r
Fragments[2].DataSize = DigestSize;\r
CopyMem (Fragments[2].Data, Digest, DigestSize);\r
\r
// Allocate buffer for Auth Payload\r
//\r
AuthPayload = IkePayloadAlloc ();\r
- ASSERT (AuthPayload != NULL);\r
+ if (AuthPayload == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
\r
if (!IsVerify) {\r
AuthPayload->PayloadSize = sizeof (IKEV2_AUTH) + SigSize;\r
}\r
\r
PayloadBuf = (IKEV2_AUTH *) AllocateZeroPool (AuthPayload->PayloadSize);\r
- ASSERT (PayloadBuf != NULL);\r
+ if (PayloadBuf == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
+ \r
//\r
// Fill in Auth payload.\r
//\r
//\r
\r
TsPayload = IkePayloadAlloc();\r
- ASSERT (TsPayload != NULL);\r
+ if (TsPayload == NULL) {\r
+ return NULL;\r
+ }\r
\r
IpVersion = ChildSa->SessionCommon.UdpService->IpVersion;\r
//\r
SelectorSize = sizeof (TRAFFIC_SELECTOR) + 2 * AddrSize;\r
TsPayloadSize = sizeof (IKEV2_TS) + SelectorSize;\r
TsPayloadBuf = AllocateZeroPool (TsPayloadSize);\r
- ASSERT (TsPayloadBuf != NULL);\r
+ if (TsPayloadBuf == NULL) {\r
+ goto ON_ERROR;\r
+ }\r
\r
TsPayload->PayloadBuf = (UINT8 *) TsPayloadBuf;\r
TsSelector = (TRAFFIC_SELECTOR*)(TsPayloadBuf + 1);\r
//\r
NotifyPayloadLen = (UINT16) (sizeof (IKEV2_NOTIFY) + NotifyDataSize + SpiSize);\r
Notify = (IKEV2_NOTIFY *) AllocateZeroPool (NotifyPayloadLen);\r
- ASSERT (Notify != NULL);\r
+ if (Notify == NULL) {\r
+ return NULL;\r
+ }\r
\r
//\r
// Set Delete Payload's Generic Header\r
// Create Payload for and set type as IKEV2_PAYLOAD_TYPE_NOTIFY\r
//\r
NotifyPayload = IkePayloadAlloc ();\r
- ASSERT (NotifyPayload != NULL);\r
+ if (NotifyPayload == NULL) {\r
+ FreePool (Notify);\r
+ return NULL;\r
+ }\r
+ \r
NotifyPayload->PayloadType = IKEV2_PAYLOAD_TYPE_NOTIFY;\r
NotifyPayload->PayloadBuf = (UINT8 *) Notify;\r
NotifyPayload->PayloadSize = NotifyPayloadLen;\r
DelPayloadLen = (UINT16) (sizeof (IKEV2_DELETE) + SpiBufSize);\r
\r
Del = AllocateZeroPool (DelPayloadLen);\r
- ASSERT (Del != NULL);\r
+ if (Del == NULL) {\r
+ return NULL;\r
+ }\r
\r
//\r
// Set Delete Payload's Generic Header\r
//\r
CopyMem (Del + 1, SpiBuf, SpiBufSize);\r
DelPayload = IkePayloadAlloc ();\r
- ASSERT (DelPayload != NULL);\r
+ if (DelPayload == NULL) {\r
+ FreePool (Del);\r
+ return NULL;\r
+ }\r
+ \r
DelPayload->PayloadType = IKEV2_PAYLOAD_TYPE_DELETE;\r
DelPayload->PayloadBuf = (UINT8 *) Del;\r
DelPayload->PayloadSize = DelPayloadLen;\r
// Allocate buffer for IKE_SA.\r
//\r
Sa = AllocateZeroPool (SaSize);\r
- ASSERT (Sa != NULL);\r
+ if (Sa == NULL) {\r
+ return NULL;\r
+ }\r
+ \r
CopyMem (Sa, SaData, sizeof (IKEV2_SA));\r
Sa->Header.PayloadLength = (UINT16) sizeof (IKEV2_SA);\r
ProposalsSize = 0;\r
TotalProposals * sizeof (IKEV2_PROPOSAL_DATA) +\r
TotalTransforms * sizeof (IKEV2_TRANSFORM_DATA)\r
);\r
- ASSERT (SaData != NULL);\r
+ if (SaData == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
+ \r
CopyMem (SaData, Sa, sizeof (IKEV2_SA));\r
SaData->NumProposals = TotalProposals;\r
ProposalData = (IKEV2_PROPOSAL_DATA *) (SaData + 1);\r
// SpiSize == 4\r
//\r
Spi = AllocateZeroPool (Proposal->SpiSize);\r
- ASSERT (Spi != NULL);\r
+ if (Spi == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
+ \r
CopyMem (Spi, (UINT32 *) (Proposal + 1), Proposal->SpiSize);\r
*((UINT32*) Spi) = NTOHL (*((UINT32*) Spi));\r
ProposalData->Spi = Spi;\r
//\r
if (IkePacket->Header->ExchangeType == IKEV2_EXCHANGE_TYPE_INIT) {\r
IkeHeader = AllocateZeroPool (sizeof (IKE_HEADER));\r
- ASSERT (IkeHeader != NULL);\r
+ if (IkeHeader == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
+ \r
CopyMem (IkeHeader, IkePacket->Header, sizeof (IKE_HEADER));\r
\r
//\r
// Initial IkePayload\r
//\r
IkePayload = IkePayloadAlloc ();\r
- ASSERT (IkePayload != NULL);\r
+ if (IkePayload == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
\r
IkePayload->PayloadType = PayloadType;\r
IkePayload->PayloadBuf = (UINT8 *) PayloadHdr;\r
if (SessionCommon->IsInitiator) {\r
IkeSaSession->InitPacketSize = IkePacket->PayloadTotalSize + sizeof (IKE_HEADER);\r
IkeSaSession->InitPacket = AllocateZeroPool (IkeSaSession->InitPacketSize);\r
- ASSERT (IkeSaSession->InitPacket != NULL);\r
+ if (IkeSaSession->InitPacket == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+ \r
CopyMem (IkeSaSession->InitPacket, IkePacket->Header, sizeof (IKE_HEADER));\r
PayloadTotalSize = 0;\r
for (Entry = IkePacket->PayloadList.ForwardLink; Entry != &(IkePacket->PayloadList);) {\r
} else {\r
IkeSaSession->RespPacketSize = IkePacket->PayloadTotalSize + sizeof(IKE_HEADER);\r
IkeSaSession->RespPacket = AllocateZeroPool (IkeSaSession->RespPacketSize);\r
- ASSERT (IkeSaSession->RespPacket != NULL);\r
+ if (IkeSaSession->RespPacket == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+ \r
CopyMem (IkeSaSession->RespPacket, IkePacket->Header, sizeof (IKE_HEADER));\r
PayloadTotalSize = 0;\r
for (Entry = IkePacket->PayloadList.ForwardLink; Entry != &(IkePacket->PayloadList);) {\r
}\r
\r
CheckSumData = AllocateZeroPool (CheckSumSize);\r
- ASSERT (CheckSumData != NULL);\r
+ if (CheckSumData == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
\r
//\r
// Fill in the Integrity buffer\r
//\r
IntegritySize = IkePacket->PayloadTotalSize + sizeof (IKE_HEADER);\r
IntegrityBuffer = AllocateZeroPool (IntegritySize);\r
- ASSERT (IntegrityBuffer != NULL);\r
+ if (IntegrityBuffer == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+ \r
CopyMem (IntegrityBuffer, IkePacket->Header, sizeof(IKE_HEADER));\r
CopyMem (IntegrityBuffer + sizeof (IKE_HEADER), IkePacket->PayloadsBuf, IkePacket->PayloadTotalSize);\r
\r
//\r
DecryptedSize = IkePacket->PayloadTotalSize - sizeof (IKEV2_COMMON_PAYLOAD_HEADER) - IvSize - CheckSumSize;\r
DecryptedBuf = AllocateZeroPool (DecryptedSize);\r
- ASSERT (DecryptedBuf != NULL);\r
+ if (DecryptedBuf == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
\r
CopyMem (\r
DecryptedBuf,\r
CryptBlockSizeMask = (UINT8) (CryptBlockSize - 1);\r
EncryptedSize = (IkePacket->PayloadTotalSize + sizeof (IKEV2_PAD_LEN) + CryptBlockSizeMask) & ~CryptBlockSizeMask;\r
EncryptedBuf = (UINT8 *) AllocateZeroPool (EncryptedSize);\r
- ASSERT (EncryptedBuf != NULL);\r
-\r
+ if (EncryptedBuf == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+ \r
//\r
// Copy all payload into EncryptedIkePayload\r
//\r
//\r
EncryptPayloadSize = sizeof(IKEV2_ENCRYPTED) + IvSize + EncryptedSize + CheckSumSize;\r
EncryptPayloadBuf = AllocateZeroPool (EncryptPayloadSize);\r
- ASSERT (EncryptPayloadBuf != NULL);\r
+ if (EncryptPayloadBuf == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
\r
//\r
// Fill in Header of Encrypted Payload\r
// Create Encrypted Payload and add into IkePacket->PayloadList\r
//\r
EncryptPayload = IkePayloadAlloc ();\r
- ASSERT (EncryptPayload != NULL);\r
+ if (EncryptPayload == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
\r
//\r
// Fill the encrypted payload into the IKE_PAYLOAD structure.\r
// Transform IkePacke to NetBuf\r
//\r
IkePacketNetbuf = IkeNetbufFromPacket ((UINT8 *) SessionCommon, IkePacket, IkeType);\r
- ASSERT (IkePacketNetbuf != NULL);\r
+ if (IkePacketNetbuf == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
\r
ZeroMem (&EndPoint, sizeof (UDP_END_POINT));\r
EndPoint.RemotePort = IKE_DEFAULT_PORT;\r
The operations for IKEv2 SA.\r
\r
(C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>\r
- Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>\r
\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
// 1. Allocate IKE packet\r
//\r
IkePacket = IkePacketAlloc ();\r
- ASSERT (IkePacket != NULL);\r
+ if (IkePacket == NULL) {\r
+ goto CheckError;\r
+ }\r
\r
//\r
// 1.a Fill the IkePacket->Hdr\r
if ((IkeSaSession->SessionCommon.IsInitiator) && (IkeSaSession->NCookie == NULL)) {\r
IkeSaSession->NiBlkSize = IKE_NONCE_SIZE;\r
IkeSaSession->NiBlock = IkeGenerateNonce (IKE_NONCE_SIZE);\r
- ASSERT (IkeSaSession->NiBlock != NULL);\r
+ if (IkeSaSession->NiBlock == NULL) {\r
+ goto CheckError;\r
+ }\r
}\r
\r
if (IkeSaSession->SessionCommon.IsInitiator) {\r
//\r
NonceSize = NoncePayload->PayloadSize - sizeof (IKEV2_COMMON_PAYLOAD_HEADER);\r
NonceBuffer = (UINT8 *) AllocatePool (NonceSize);\r
- ASSERT (NonceBuffer != NULL);\r
+ if (NonceBuffer == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto CheckError;\r
+ }\r
+ \r
CopyMem (\r
NonceBuffer,\r
NoncePayload->PayloadBuf + sizeof (IKEV2_COMMON_PAYLOAD_HEADER),\r
// 1. Allocate IKE Packet\r
//\r
IkePacket= IkePacketAlloc ();\r
- ASSERT (IkePacket != NULL);\r
+ if (IkePacket == NULL) {\r
+ return NULL;\r
+ }\r
\r
//\r
// 1.a Fill the IkePacket Header.\r
//\r
if (ChildSaSession->IkeSaSession->Spd == NULL) {\r
ChildSaSession->IkeSaSession->Spd = ChildSaSession->Spd;\r
- Ikev2ChildSaSessionSpdSelectorCreate (ChildSaSession);\r
+ Status = Ikev2ChildSaSessionSpdSelectorCreate (ChildSaSession);\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
+ }\r
}\r
} else {\r
//\r
// 1. Allocate IKE Packet\r
//\r
IkePacket= IkePacketAlloc ();\r
- ASSERT (IkePacket != NULL);\r
+ if (IkePacket == NULL) {\r
+ return NULL;\r
+ }\r
\r
//\r
// 1.a Fill the IkePacket Header.\r
//\r
if (ChildSaSession->IkeSaSession->Spd == NULL) {\r
ChildSaSession->IkeSaSession->Spd = ChildSaSession->Spd;\r
- Ikev2ChildSaSessionSpdSelectorCreate (ChildSaSession);\r
+ Status = Ikev2ChildSaSessionSpdSelectorCreate (ChildSaSession);\r
+ if (EFI_ERROR (Status)) {\r
+ goto Exit;\r
+ }\r
}\r
} else {\r
//\r
IKEV2_SESSION_KEYS *IkeKeys;\r
\r
IkeSaSession->IkeKeys = AllocateZeroPool (sizeof (IKEV2_SESSION_KEYS));\r
- ASSERT (IkeSaSession->IkeKeys != NULL);\r
+ if (IkeSaSession->IkeKeys == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+ \r
IkeKeys = IkeSaSession->IkeKeys;\r
IkeKeys->DhBuffer = AllocateZeroPool (sizeof (IKEV2_DH_BUFFER));\r
- ASSERT (IkeKeys->DhBuffer != NULL);\r
+ if (IkeKeys->DhBuffer == NULL) {\r
+ FreePool (IkeSaSession->IkeKeys);\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
\r
//\r
// Init DH with the certain DH Group Description.\r
//\r
IkeKeys->DhBuffer->GxSize = OakleyModpGroup[(UINT8)IkeSaSession->SessionCommon.PreferDhGroup].Size >> 3;\r
IkeKeys->DhBuffer->GxBuffer = AllocateZeroPool (IkeKeys->DhBuffer->GxSize);\r
- ASSERT (IkeKeys->DhBuffer->GxBuffer != NULL);\r
+ if (IkeKeys->DhBuffer->GxBuffer == NULL) {\r
+ FreePool (IkeKeys->DhBuffer);\r
+ FreePool (IkeSaSession->IkeKeys);\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
\r
//\r
// Get X PublicKey\r
);\r
if (EFI_ERROR (Status)) {\r
DEBUG ((DEBUG_ERROR, "Error CPLKeyManGetKeyParam X public key error Status = %r\n", Status));\r
+ \r
+ FreePool (IkeKeys->DhBuffer->GxBuffer);\r
+ \r
+ FreePool (IkeKeys->DhBuffer);\r
+ \r
+ FreePool (IkeSaSession->IkeKeys);\r
+ \r
return Status;\r
}\r
\r
PubKeySize = KePayload->PayloadSize - sizeof (IKEV2_KEY_EXCHANGE);\r
DhBuffer->GxySize = DhBuffer->GxSize;\r
DhBuffer->GxyBuffer = AllocateZeroPool (DhBuffer->GxySize);\r
- ASSERT (DhBuffer->GxyBuffer != NULL);\r
+ if (DhBuffer->GxyBuffer == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
\r
//\r
// Get GxyBuf\r
);\r
if (EFI_ERROR (Status)) {\r
DEBUG ((DEBUG_ERROR, "Error CPLKeyManGetKeyParam Y session key error Status = %r\n", Status));\r
+\r
+ FreePool (DhBuffer->GxyBuffer);\r
+ \r
return Status;\r
}\r
\r
//\r
DhBuffer->GySize = PubKeySize;\r
DhBuffer->GyBuffer = AllocateZeroPool (DhBuffer->GySize);\r
- ASSERT (DhBuffer->GyBuffer != NULL);\r
+ if (DhBuffer->GyBuffer == NULL) {\r
+ FreePool (DhBuffer->GxyBuffer);\r
+ \r
+ return Status;\r
+ }\r
+ \r
CopyMem (DhBuffer->GyBuffer, PubKey, DhBuffer->GySize);\r
\r
IPSEC_DUMP_BUF ("DH Public Key (g^y) Dump", DhBuffer->GyBuffer, DhBuffer->GySize);\r
//\r
KeyBufferSize = IkeSaSession->NiBlkSize + IkeSaSession->NrBlkSize;\r
KeyBuffer = AllocateZeroPool (KeyBufferSize);\r
- ASSERT (KeyBuffer != NULL);\r
+ if (KeyBuffer == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
\r
CopyMem (KeyBuffer, IkeSaSession->NiBlock, IkeSaSession->NiBlkSize);\r
CopyMem (KeyBuffer + IkeSaSession->NiBlkSize, IkeSaSession->NrBlock, IkeSaSession->NrBlkSize);\r
The Common operations used by IKE Exchange Process.\r
\r
(C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>\r
- Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>\r
\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
IKEV2_SA_SESSION *IkeSaSession;\r
\r
IkeSaSession = AllocateZeroPool (sizeof (IKEV2_SA_SESSION));\r
- ASSERT (IkeSaSession != NULL);\r
+ if (IkeSaSession == NULL) {\r
+ return NULL;\r
+ }\r
\r
//\r
// Initialize the fields of IkeSaSession and its SessionCommon.\r
\r
SelectorSize = sizeof (EFI_IPSEC_CONFIG_SELECTOR);\r
Selector = AllocateZeroPool (SelectorSize);\r
- ASSERT (Selector != NULL);\r
-\r
- \r
+ if (Selector == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
\r
while (1) {\r
Status = EfiIpSecConfigGetNextSelector (\r
FreePool (Selector);\r
\r
Selector = AllocateZeroPool (SelectorSize);\r
- ASSERT (Selector != NULL);\r
+ if (Selector == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ break;\r
+ }\r
+ \r
Status = EfiIpSecConfigGetNextSelector (\r
&Private->IpSecConfig,\r
IPsecConfigDataTypeSad,\r
//\r
IsRemoteFound = TRUE;\r
RemoteSelector = AllocateZeroPool (SelectorSize);\r
- ASSERT (RemoteSelector != NULL);\r
+ if (RemoteSelector == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ break;\r
+ }\r
+ \r
CopyMem (RemoteSelector, Selector, SelectorSize);\r
}\r
\r
//\r
IsLocalFound = TRUE;\r
LocalSelector = AllocateZeroPool (SelectorSize);\r
- ASSERT (LocalSelector != NULL);\r
+ if (LocalSelector == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ break;\r
+ }\r
+ \r
CopyMem (LocalSelector, Selector, SelectorSize);\r
}\r
}\r
ChildSaSession = IKEV2_CHILD_SA_SESSION_FROM_COMMON (SessionCommon);\r
ProposalData->ProtocolId = IPSEC_PROTO_IPSEC_ESP;\r
ProposalData->Spi = AllocateZeroPool (sizeof (ChildSaSession->LocalPeerSpi));\r
- ASSERT (ProposalData->Spi != NULL);\r
+ if (ProposalData->Spi == NULL) {\r
+ FreePool (SaData);\r
+ return NULL;\r
+ }\r
+ \r
CopyMem (\r
ProposalData->Spi,\r
&ChildSaSession->LocalPeerSpi,\r
ProposalData->ProtocolId = IPSEC_PROTO_IPSEC_ESP;\r
ProposalData->NumTransforms = 3;\r
ProposalData->Spi = AllocateZeroPool (sizeof (ChildSaSession->LocalPeerSpi));\r
- ASSERT (ProposalData->Spi != NULL);\r
+ if (ProposalData->Spi == NULL) {\r
+ FreePool (((IKEV2_PROPOSAL_DATA *) (SaData + 1))->Spi);\r
+ FreePool (SaData);\r
+ return NULL;\r
+ }\r
+ \r
CopyMem (\r
ProposalData->Spi,\r
&ChildSaSession->LocalPeerSpi,\r
than the one in ChildSaSession->Spd, especially for the tunnel mode.\r
\r
@param[in, out] ChildSaSession Pointer to IKEV2_CHILD_SA_SESSION related to.\r
+\r
+ @retval EFI_SUCCESS The operation complete successfully.\r
+ @retval EFI_OUT_OF_RESOURCES If the required resource can't be allocated.\r
\r
**/\r
-VOID\r
+EFI_STATUS\r
Ikev2ChildSaSessionSpdSelectorCreate (\r
IN OUT IKEV2_CHILD_SA_SESSION *ChildSaSession\r
) \r
{\r
+ EFI_STATUS Status;\r
+\r
+ Status = EFI_SUCCESS;\r
+\r
if (ChildSaSession->Spd != NULL && ChildSaSession->Spd->Selector != NULL) {\r
if (ChildSaSession->SpdSelector == NULL) {\r
ChildSaSession->SpdSelector = AllocateZeroPool (sizeof (EFI_IPSEC_SPD_SELECTOR));\r
- ASSERT (ChildSaSession->SpdSelector != NULL);\r
+ if (ChildSaSession->SpdSelector == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ return Status;\r
+ }\r
}\r
CopyMem (\r
ChildSaSession->SpdSelector, \r
sizeof (EFI_IP_ADDRESS_INFO), \r
ChildSaSession->Spd->Selector->RemoteAddress\r
);\r
+ if (ChildSaSession->SpdSelector->RemoteAddress == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+\r
+ FreePool (ChildSaSession->SpdSelector);\r
+ \r
+ return Status;\r
+ }\r
+ \r
ChildSaSession->SpdSelector->LocalAddress = AllocateCopyPool (\r
ChildSaSession->Spd->Selector->LocalAddressCount * \r
sizeof (EFI_IP_ADDRESS_INFO), \r
ChildSaSession->Spd->Selector->LocalAddress\r
);\r
+ if (ChildSaSession->SpdSelector->LocalAddress == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+\r
+ FreePool (ChildSaSession->SpdSelector->RemoteAddress);\r
\r
- ASSERT (ChildSaSession->SpdSelector->LocalAddress != NULL);\r
- ASSERT (ChildSaSession->SpdSelector->RemoteAddress != NULL);\r
+ FreePool (ChildSaSession->SpdSelector);\r
+ \r
+ return Status;\r
+ }\r
\r
ChildSaSession->SpdSelector->RemoteAddressCount = ChildSaSession->Spd->Selector->RemoteAddressCount;\r
ChildSaSession->SpdSelector->LocalAddressCount = ChildSaSession->Spd->Selector->LocalAddressCount; \r
}\r
+\r
+ return Status;\r
}\r
\r
/**\r
// Create a new ChildSaSession.Insert it into processing list and initiate the common parameters.\r
//\r
ChildSaSession = Ikev2ChildSaSessionAlloc (UdpService, IkeSaSession);\r
- ASSERT (ChildSaSession != NULL);\r
+ if (ChildSaSession == NULL) {\r
+ return NULL;\r
+ }\r
\r
//\r
// Set the specific parameters.\r
// The ChildSaSession->SpdSelector might be changed after the traffic selector\r
// negoniation and it will be copied into the SAData after ChildSA established.\r
//\r
- Ikev2ChildSaSessionSpdSelectorCreate (ChildSaSession);\r
+ if (EFI_ERROR (Ikev2ChildSaSessionSpdSelectorCreate (ChildSaSession))) {\r
+ Ikev2ChildSaSessionFree (ChildSaSession);\r
+ return NULL;\r
+ }\r
\r
//\r
// Copy first NiBlock and NrBlock to ChildSa Session\r
//\r
ChildSaSession->NiBlock = AllocateZeroPool (IkeSaSession->NiBlkSize);\r
- ASSERT (ChildSaSession->NiBlock != NULL);\r
+ if (ChildSaSession->NiBlock == NULL) {\r
+ Ikev2ChildSaSessionFree (ChildSaSession);\r
+ return NULL;\r
+ }\r
+ \r
ChildSaSession->NiBlkSize = IkeSaSession->NiBlkSize;\r
CopyMem (ChildSaSession->NiBlock, IkeSaSession->NiBlock, IkeSaSession->NiBlkSize);\r
\r
ChildSaSession->NrBlock = AllocateZeroPool (IkeSaSession->NrBlkSize);\r
- ASSERT (ChildSaSession->NrBlock != NULL);\r
+ if (ChildSaSession->NrBlock == NULL) {\r
+ Ikev2ChildSaSessionFree (ChildSaSession);\r
+ return NULL;\r
+ }\r
+ \r
ChildSaSession->NrBlkSize = IkeSaSession->NrBlkSize;\r
CopyMem (ChildSaSession->NrBlock, IkeSaSession->NrBlock, IkeSaSession->NrBlkSize);\r
\r
// Find the matched one. \r
//\r
IkeSaSession->SessionCommon.SaParams = AllocateZeroPool (sizeof (IKEV2_SA_PARAMS));\r
- ASSERT (IkeSaSession->SessionCommon.SaParams != NULL);\r
+ if (IkeSaSession->SessionCommon.SaParams == NULL) {\r
+ return FALSE;\r
+ }\r
+ \r
IkeSaSession->SessionCommon.SaParams->EncAlgId = PreferEncryptAlgorithm;\r
IkeSaSession->SessionCommon.SaParams->EnckeyLen = PreferEncryptKeylength;\r
IkeSaSession->SessionCommon.SaParams->DhGroup = PreferDhGroup;\r
sizeof (IKEV2_PROPOSAL_DATA) +\r
sizeof (IKEV2_TRANSFORM_DATA) * 4;\r
IkeSaSession->SaData = AllocateZeroPool (SaDataSize);\r
- ASSERT (IkeSaSession->SaData != NULL);\r
+ if (IkeSaSession->SaData == NULL) {\r
+ FreePool (IkeSaSession->SessionCommon.SaParams);\r
+ return FALSE;\r
+ }\r
\r
IkeSaSession->SaData->NumProposals = 1;\r
\r
);\r
\r
((IKEV2_PROPOSAL_DATA *) (IkeSaSession->SaData + 1))->ProposalIndex = 1;\r
+ \r
return TRUE;\r
} else {\r
PreferEncryptAlgorithm = 0;\r
\r
if (IsMatch) {\r
IkeSaSession->SessionCommon.SaParams = AllocateZeroPool (sizeof (IKEV2_SA_PARAMS));\r
- ASSERT (IkeSaSession->SessionCommon.SaParams != NULL);\r
+ if (IkeSaSession->SessionCommon.SaParams == NULL) {\r
+ return FALSE;\r
+ }\r
+ \r
IkeSaSession->SessionCommon.SaParams->EncAlgId = PreferEncryptAlgorithm;\r
IkeSaSession->SessionCommon.SaParams->EnckeyLen = PreferEncryptKeylength;\r
IkeSaSession->SessionCommon.SaParams->DhGroup = PreferDhGroup;\r
return TRUE;\r
}\r
}\r
+ \r
return FALSE;\r
}\r
\r
// Find the matched one. \r
//\r
ChildSaSession->SessionCommon.SaParams = AllocateZeroPool (sizeof (IKEV2_SA_PARAMS));\r
- ASSERT (ChildSaSession->SessionCommon.SaParams != NULL);\r
+ if (ChildSaSession->SessionCommon.SaParams == NULL) {\r
+ return FALSE;\r
+ }\r
+ \r
ChildSaSession->SessionCommon.SaParams->EncAlgId = PreferEncryptAlgorithm;\r
ChildSaSession->SessionCommon.SaParams->EnckeyLen = PreferEncryptKeylength;\r
ChildSaSession->SessionCommon.SaParams->IntegAlgId = PreferIntegrityAlgorithm;\r
sizeof (IKEV2_TRANSFORM_DATA) * 4;\r
\r
ChildSaSession->SaData = AllocateZeroPool (SaDataSize);\r
- ASSERT (ChildSaSession->SaData != NULL);\r
+ if (ChildSaSession->SaData == NULL) {\r
+ FreePool (ChildSaSession->SessionCommon.SaParams);\r
+ return FALSE;\r
+ }\r
\r
ChildSaSession->SaData->NumProposals = 1;\r
\r
sizeof (ChildSaSession->LocalPeerSpi), \r
&ChildSaSession->LocalPeerSpi\r
);\r
- ASSERT (((IKEV2_PROPOSAL_DATA *) (ChildSaSession->SaData + 1))->Spi != NULL);\r
+ if (((IKEV2_PROPOSAL_DATA *) (ChildSaSession->SaData + 1))->Spi == NULL) {\r
+ FreePool (ChildSaSession->SessionCommon.SaParams);\r
+\r
+ FreePool (ChildSaSession->SaData );\r
+ \r
+ return FALSE;\r
+ }\r
+ \r
return TRUE;\r
\r
} else {\r
ProposalData = (IKEV2_PROPOSAL_DATA *)((IKEV2_SA_DATA *)SaPayload->PayloadBuf + 1);\r
if (IsMatch) {\r
ChildSaSession->SessionCommon.SaParams = AllocateZeroPool (sizeof (IKEV2_SA_PARAMS));\r
- ASSERT (ChildSaSession->SessionCommon.SaParams != NULL);\r
+ if (ChildSaSession->SessionCommon.SaParams == NULL) {\r
+ return FALSE;\r
+ }\r
+ \r
ChildSaSession->SessionCommon.SaParams->EncAlgId = PreferEncryptAlgorithm;\r
ChildSaSession->SessionCommon.SaParams->EnckeyLen = PreferEncryptKeylength;\r
ChildSaSession->SessionCommon.SaParams->IntegAlgId = PreferIntegrityAlgorithm;\r
}\r
\r
LocalFragments[1].Data = AllocateZeroPool (FragmentsSize);\r
- ASSERT (LocalFragments[1].Data != NULL);\r
+ if (LocalFragments[1].Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
+ \r
LocalFragments[1].DataSize = FragmentsSize;\r
\r
//\r
// Allocate buffer for the first fragment\r
//\r
LocalFragments[0].Data = AllocateZeroPool (AuthKeyLength);\r
- ASSERT (LocalFragments[0].Data != NULL);\r
+ if (LocalFragments[0].Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
+ \r
LocalFragments[0].DataSize = AuthKeyLength;\r
\r
Round = (OutputKeyLength - 1) / AuthKeyLength + 1;\r
The interfaces of IKE/Child session operations and payload related operations \r
used by IKE Exchange Process.\r
\r
- Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>\r
\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
than the one in ChildSaSession->Spd, especially for the tunnel mode.\r
\r
@param[in, out] ChildSaSession Pointer to IKEV2_CHILD_SA_SESSION related to.\r
+\r
+ @retval EFI_SUCCESS The operation complete successfully.\r
+ @retval EFI_OUT_OF_RESOURCES If the required resource can't be allocated.\r
\r
**/\r
-VOID\r
+EFI_STATUS\r
Ikev2ChildSaSessionSpdSelectorCreate (\r
IN OUT IKEV2_CHILD_SA_SESSION *ChildSaSession\r
);\r
VariableNameLength = StrLen (VariableName);\r
VariableNameISize = (VariableNameLength + 5) * sizeof (CHAR16);\r
VariableNameI = AllocateZeroPool (VariableNameISize);\r
- ASSERT (VariableNameI != NULL);\r
+ if (VariableNameI == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
\r
//\r
// Construct the varible name of ipsecconfig meta data.\r
/** @file\r
Common interfaces to call Security library.\r
\r
- Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>\r
\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
RsaGetKey (RsaContext, RsaKeyN, NULL, PublicKeyLen);\r
\r
*PublicKey = AllocateZeroPool (*PublicKeyLen);\r
- ASSERT (*PublicKey != NULL);\r
+ if (*PublicKey == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
\r
if (!RsaGetKey (RsaContext, RsaKeyN, *PublicKey, PublicKeyLen)) {\r
Status = EFI_INVALID_PARAMETER;\r
The implementation of IPsec.\r
\r
(C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>\r
- Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>\r
\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
on return.\r
@param[in] FragmentCount The number of fragments.\r
\r
- @retval EFI_SUCCESS The operation was successful.\r
- @retval EFI_OUT_OF_RESOURCES The required system resources can't be allocated.\r
-\r
**/\r
UINT8 *\r
IpSecTunnelOutboundPacket (\r
\r
if (IpVersion == IP_VERSION_4) {\r
InnerHead = AllocateZeroPool (sizeof (IP4_HEAD) + *OptionsLength);\r
- ASSERT (InnerHead != NULL);\r
+ if (InnerHead == NULL) {\r
+ return NULL;\r
+ }\r
+ \r
CopyMem (\r
InnerHead,\r
IpHead,\r
);\r
} else {\r
InnerHead = AllocateZeroPool (sizeof (EFI_IP6_HEADER) + *OptionsLength);\r
- ASSERT (InnerHead != NULL);\r
+ if (InnerHead == NULL) {\r
+ return NULL;\r
+ }\r
+ \r
CopyMem (\r
InnerHead,\r
IpHead,\r
IpSecOnRecyclePacket,\r
NULL\r
);\r
- ASSERT (Packet != NULL);\r
+ if (Packet == NULL) {\r
+ FreePool (InnerHead);\r
+ return NULL;\r
+ }\r
+ \r
//\r
// 3. Check the Last Header, if it is TCP, UDP or ICMP recalcualate its pesudo\r
// CheckSum.\r