/** @file\r
The implementation of Payloads Creation.\r
\r
- Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>\r
+ (C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>\r
+ Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>\r
\r
- This program and the accompanying materials\r
- are licensed and made available under the terms and conditions of the BSD License\r
- which accompanies this distribution. The full text of the license may be found at\r
- http://opensource.org/licenses/bsd-license.php.\r
-\r
- THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+ SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
UINTN SaDataSize;\r
\r
SaPayload = IkePayloadAlloc ();\r
- ASSERT (SaPayload != NULL);\r
+ if (SaPayload == NULL) {\r
+ return NULL;\r
+ }\r
+\r
//\r
// TODO: Get the Proposal Number and Transform Number from IPsec Config,\r
// after the Ipsecconfig Application is support it.\r
}\r
\r
SaData = AllocateZeroPool (SaDataSize);\r
- ASSERT (SaData != NULL);\r
+ if (SaData == NULL) {\r
+ IkePayloadFree (SaPayload);\r
+ return NULL;\r
+ }\r
\r
CopyMem (SaData, SessionSaData, SaDataSize);\r
SaData->SaHeader.Header.NextPayload = NextPayload;\r
NonceBlock = NonceBuf;\r
\r
Nonce = AllocateZeroPool (Size);\r
- ASSERT (Nonce != NULL);\r
+ if (Nonce == NULL) {\r
+ return NULL;\r
+ }\r
+\r
CopyMem (Nonce + 1, NonceBlock, Size - sizeof (IKEV2_NONCE));\r
\r
Nonce->Header.NextPayload = NextPayload;\r
Nonce->Header.PayloadLength = (UINT16) Size;\r
NoncePayload = IkePayloadAlloc ();\r
+ if (NoncePayload == NULL) {\r
+ FreePool (Nonce);\r
+ return NULL;\r
+ }\r
\r
- ASSERT (NoncePayload != NULL);\r
NoncePayload->PayloadType = IKEV2_PAYLOAD_TYPE_NONCE;\r
NoncePayload->PayloadBuf = (UINT8 *) Nonce;\r
NoncePayload->PayloadSize = Size;\r
// Allocate buffer for Key Exchange\r
//\r
Ke = AllocateZeroPool (KeSize);\r
- ASSERT (Ke != NULL);\r
+ if (Ke == NULL) {\r
+ return NULL;\r
+ }\r
\r
Ke->Header.NextPayload = NextPayload;\r
Ke->Header.PayloadLength = (UINT16) KeSize;\r
// Create IKE_PAYLOAD to point to Key Exchange payload\r
//\r
KePayload = IkePayloadAlloc ();\r
- ASSERT (KePayload != NULL);\r
+ if (KePayload == NULL) {\r
+ FreePool (Ke);\r
+ return NULL;\r
+ }\r
\r
KePayload->PayloadType = IKEV2_PAYLOAD_TYPE_KE;\r
KePayload->PayloadBuf = (UINT8 *) Ke;\r
IdSize = sizeof (IKEV2_ID) + AddrSize;\r
\r
Id = (IKEV2_ID *) AllocateZeroPool (IdSize);\r
- ASSERT (Id != NULL);\r
+ if (Id == NULL) {\r
+ return NULL;\r
+ }\r
\r
IdPayload = IkePayloadAlloc ();\r
- ASSERT (IdPayload != NULL);\r
+ if (IdPayload == NULL) {\r
+ FreePool (Id);\r
+ return NULL;\r
+ }\r
\r
IdPayload->PayloadType = (UINT8) ((CommonSession->IsInitiator) ? IKEV2_PAYLOAD_TYPE_ID_INIT : IKEV2_PAYLOAD_TYPE_ID_RSP);\r
IdPayload->PayloadBuf = (UINT8 *) Id;\r
IKE_PAYLOAD *IdPayload;\r
IKEV2_ID *Id;\r
UINTN IdSize;\r
- UINT8 IpVersion;\r
UINTN SubjectSize;\r
UINT8 *CertSubject;\r
\r
\r
SubjectSize = 0;\r
CertSubject = NULL;\r
- IpVersion = CommonSession->UdpService->IpVersion;\r
IpSecCryptoIoGetSubjectFromCert (\r
InCert,\r
CertSize,\r
IdSize = sizeof (IKEV2_ID) + SubjectSize;\r
\r
Id = (IKEV2_ID *) AllocateZeroPool (IdSize);\r
- ASSERT (Id != NULL);\r
+ if (Id == NULL) {\r
+ return NULL;\r
+ }\r
\r
IdPayload = IkePayloadAlloc ();\r
- ASSERT (IdPayload != NULL);\r
+ if (IdPayload == NULL) {\r
+ FreePool (Id);\r
+ return NULL;\r
+ }\r
\r
IdPayload->PayloadType = (UINT8) ((CommonSession->IsInitiator) ? IKEV2_PAYLOAD_TYPE_ID_INIT : IKEV2_PAYLOAD_TYPE_ID_RSP);\r
IdPayload->PayloadBuf = (UINT8 *) Id;\r
\r
DigestSize = IpSecGetHmacDigestLength ((UINT8)IkeSaSession->SessionCommon.SaParams->Prf);\r
Digest = AllocateZeroPool (DigestSize);\r
-\r
if (Digest == NULL) {\r
return NULL;\r
}\r
+\r
if (IdPayload == NULL) {\r
return NULL;\r
}\r
+\r
//\r
// Calcualte Prf(Seceret, "Key Pad for IKEv2");\r
//\r
// Store the AuthKey into KeyBuf\r
//\r
KeyBuf = AllocateZeroPool (DigestSize);\r
- ASSERT (KeyBuf != NULL);\r
+ if (KeyBuf == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
+\r
CopyMem (KeyBuf, Digest, DigestSize);\r
KeySize = DigestSize;\r
\r
// Copy the result of Prf(SK_Pr, IDi/r) to Fragments[2].\r
//\r
Fragments[2].Data = AllocateZeroPool (DigestSize);\r
+ if (Fragments[2].Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
+\r
Fragments[2].DataSize = DigestSize;\r
CopyMem (Fragments[2].Data, Digest, DigestSize);\r
\r
// Allocate buffer for Auth Payload\r
//\r
AuthPayload = IkePayloadAlloc ();\r
- ASSERT (AuthPayload != NULL);\r
+ if (AuthPayload == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
\r
AuthPayload->PayloadSize = sizeof (IKEV2_AUTH) + DigestSize;\r
PayloadBuf = (IKEV2_AUTH *) AllocateZeroPool (AuthPayload->PayloadSize);\r
- ASSERT (PayloadBuf != NULL);\r
+ if (PayloadBuf == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
+\r
//\r
// Fill in Auth payload.\r
//\r
UINT8 *Digest;\r
UINTN DigestSize;\r
PRF_DATA_FRAGMENT Fragments[3];\r
- UINT8 *KeyBuf;\r
- UINTN KeySize;\r
IKE_PAYLOAD *AuthPayload;\r
IKEV2_AUTH *PayloadBuf;\r
EFI_STATUS Status;\r
//\r
// Initial point\r
//\r
- KeyBuf = NULL;\r
AuthPayload = NULL;\r
Digest = NULL;\r
Signature = NULL;\r
}\r
DigestSize = IpSecGetHmacDigestLength ((UINT8)IkeSaSession->SessionCommon.SaParams->Prf);\r
Digest = AllocateZeroPool (DigestSize);\r
-\r
if (Digest == NULL) {\r
return NULL;\r
}\r
\r
- //\r
- // Store the AuthKey into KeyBuf\r
- //\r
- KeyBuf = AllocateZeroPool (DigestSize);\r
- ASSERT (KeyBuf != NULL);\r
-\r
- CopyMem (KeyBuf, Digest, DigestSize);\r
- KeySize = DigestSize;\r
-\r
//\r
// Calculate Prf(SK_Pi/r, IDi/r)\r
//\r
// Copy the result of Prf(SK_Pr, IDi/r) to Fragments[2].\r
//\r
Fragments[2].Data = AllocateZeroPool (DigestSize);\r
+ if (Fragments[2].Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
+\r
Fragments[2].DataSize = DigestSize;\r
CopyMem (Fragments[2].Data, Digest, DigestSize);\r
\r
// Allocate buffer for Auth Payload\r
//\r
AuthPayload = IkePayloadAlloc ();\r
- ASSERT (AuthPayload != NULL);\r
+ if (AuthPayload == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
\r
if (!IsVerify) {\r
AuthPayload->PayloadSize = sizeof (IKEV2_AUTH) + SigSize;\r
}\r
\r
PayloadBuf = (IKEV2_AUTH *) AllocateZeroPool (AuthPayload->PayloadSize);\r
- ASSERT (PayloadBuf != NULL);\r
+ if (PayloadBuf == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
+\r
//\r
// Fill in Auth payload.\r
//\r
AuthPayload->PayloadType = IKEV2_PAYLOAD_TYPE_AUTH;\r
\r
EXIT:\r
- if (KeyBuf != NULL) {\r
- FreePool (KeyBuf);\r
- }\r
if (Digest != NULL) {\r
FreePool (Digest);\r
}\r
//\r
\r
TsPayload = IkePayloadAlloc();\r
- ASSERT (TsPayload != NULL);\r
+ if (TsPayload == NULL) {\r
+ return NULL;\r
+ }\r
\r
IpVersion = ChildSa->SessionCommon.UdpService->IpVersion;\r
//\r
SelectorSize = sizeof (TRAFFIC_SELECTOR) + 2 * AddrSize;\r
TsPayloadSize = sizeof (IKEV2_TS) + SelectorSize;\r
TsPayloadBuf = AllocateZeroPool (TsPayloadSize);\r
- ASSERT (TsPayloadBuf != NULL);\r
+ if (TsPayloadBuf == NULL) {\r
+ goto ON_ERROR;\r
+ }\r
\r
TsPayload->PayloadBuf = (UINT8 *) TsPayloadBuf;\r
TsSelector = (TRAFFIC_SELECTOR*)(TsPayloadBuf + 1);\r
//\r
NotifyPayloadLen = (UINT16) (sizeof (IKEV2_NOTIFY) + NotifyDataSize + SpiSize);\r
Notify = (IKEV2_NOTIFY *) AllocateZeroPool (NotifyPayloadLen);\r
- ASSERT (Notify != NULL);\r
+ if (Notify == NULL) {\r
+ return NULL;\r
+ }\r
\r
//\r
// Set Delete Payload's Generic Header\r
// Create Payload for and set type as IKEV2_PAYLOAD_TYPE_NOTIFY\r
//\r
NotifyPayload = IkePayloadAlloc ();\r
- ASSERT (NotifyPayload != NULL);\r
+ if (NotifyPayload == NULL) {\r
+ FreePool (Notify);\r
+ return NULL;\r
+ }\r
+\r
NotifyPayload->PayloadType = IKEV2_PAYLOAD_TYPE_NOTIFY;\r
NotifyPayload->PayloadBuf = (UINT8 *) Notify;\r
NotifyPayload->PayloadSize = NotifyPayloadLen;\r
DelPayloadLen = (UINT16) (sizeof (IKEV2_DELETE) + SpiBufSize);\r
\r
Del = AllocateZeroPool (DelPayloadLen);\r
- ASSERT (Del != NULL);\r
+ if (Del == NULL) {\r
+ return NULL;\r
+ }\r
\r
//\r
// Set Delete Payload's Generic Header\r
//\r
CopyMem (Del + 1, SpiBuf, SpiBufSize);\r
DelPayload = IkePayloadAlloc ();\r
- ASSERT (DelPayload != NULL);\r
+ if (DelPayload == NULL) {\r
+ FreePool (Del);\r
+ return NULL;\r
+ }\r
+\r
DelPayload->PayloadType = IKEV2_PAYLOAD_TYPE_DELETE;\r
DelPayload->PayloadBuf = (UINT8 *) Del;\r
DelPayload->PayloadSize = DelPayloadLen;\r
\r
CopyMem (\r
IkeSaSession->NCookie,\r
- NotifyPayload + sizeof (IKEV2_NOTIFY),\r
+ (UINT8 *)NotifyPayload + sizeof (IKEV2_NOTIFY),\r
NotifyDataSize\r
);\r
\r
in RFC 4306.\r
@param[in] IsRequest To indicate create Certificate Payload or Certificate\r
Request Payload. If it is TURE, create Certificate\r
- Payload. Otherwise, create Certificate Request Payload.\r
+ Request Payload. Otherwise, create Certificate Payload.\r
\r
@retval a Pointer to IKE Payload whose payload buffer containing the Certificate\r
payload or Certificated Request payload.\r
//\r
TotalTransforms = 0;\r
//\r
- // Caculate the Proposal numbers and Transform numbers.\r
+ // Calculate the Proposal numbers and Transform numbers.\r
//\r
for (ProposalIndex = 0; ProposalIndex < SaData->NumProposals; ProposalIndex++) {\r
\r
// Allocate buffer for IKE_SA.\r
//\r
Sa = AllocateZeroPool (SaSize);\r
- ASSERT (Sa != NULL);\r
+ if (Sa == NULL) {\r
+ return NULL;\r
+ }\r
+\r
CopyMem (Sa, SaData, sizeof (IKEV2_SA));\r
Sa->Header.PayloadLength = (UINT16) sizeof (IKEV2_SA);\r
ProposalsSize = 0;\r
Transform->Header.NextPayload = IKE_TRANSFORM_NEXT_PAYLOAD_MORE;\r
Transform->Header.PayloadLength = HTONS ((UINT16)TransformSize);\r
\r
- if (TransformIndex == (UINTN)(ProposalData->NumTransforms - 1)) {\r
+ if (TransformIndex == ((UINT32)ProposalData->NumTransforms - 1)) {\r
Transform->Header.NextPayload = IKE_TRANSFORM_NEXT_PAYLOAD_NONE;\r
}\r
\r
Proposal = (IKEV2_PROPOSAL *)((IKEV2_SA *)(Sa)+1);\r
\r
//\r
- // Caculate the number of Proposal payload and the total numbers of\r
+ // Calculate the number of Proposal payload and the total numbers of\r
// Transforms payload (the transforms in all proposal payload).\r
//\r
while (SaRemaining > sizeof (IKEV2_PROPOSAL)) {\r
TotalProposals * sizeof (IKEV2_PROPOSAL_DATA) +\r
TotalTransforms * sizeof (IKEV2_TRANSFORM_DATA)\r
);\r
- ASSERT (SaData != NULL);\r
+ if (SaData == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
+\r
CopyMem (SaData, Sa, sizeof (IKEV2_SA));\r
SaData->NumProposals = TotalProposals;\r
ProposalData = (IKEV2_PROPOSAL_DATA *) (SaData + 1);\r
// SpiSize == 4\r
//\r
Spi = AllocateZeroPool (Proposal->SpiSize);\r
- ASSERT (Spi != NULL);\r
+ if (Spi == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
+\r
CopyMem (Spi, (UINT32 *) (Proposal + 1), Proposal->SpiSize);\r
*((UINT32*) Spi) = NTOHL (*((UINT32*) Spi));\r
ProposalData->Spi = Spi;\r
//\r
if (IkePacket->Header->ExchangeType == IKEV2_EXCHANGE_TYPE_INIT) {\r
IkeHeader = AllocateZeroPool (sizeof (IKE_HEADER));\r
- ASSERT (IkeHeader != NULL);\r
+ if (IkeHeader == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
+\r
CopyMem (IkeHeader, IkePacket->Header, sizeof (IKE_HEADER));\r
\r
//\r
// Initial IkePayload\r
//\r
IkePayload = IkePayloadAlloc ();\r
- ASSERT (IkePayload != NULL);\r
+ if (IkePayload == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Exit;\r
+ }\r
\r
IkePayload->PayloadType = PayloadType;\r
IkePayload->PayloadBuf = (UINT8 *) PayloadHdr;\r
// Encrypt all payload and transfer IKE packet header from Host order to Network order.\r
//\r
Status = Ikev2EncryptPacket (SessionCommon, IkePacket);\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
+ }\r
} else {\r
//\r
// Fill in the lenght into IkePacket header and transfer Host order to Network order.\r
if (SessionCommon->IsInitiator) {\r
IkeSaSession->InitPacketSize = IkePacket->PayloadTotalSize + sizeof (IKE_HEADER);\r
IkeSaSession->InitPacket = AllocateZeroPool (IkeSaSession->InitPacketSize);\r
- ASSERT (IkeSaSession->InitPacket != NULL);\r
+ if (IkeSaSession->InitPacket == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+\r
CopyMem (IkeSaSession->InitPacket, IkePacket->Header, sizeof (IKE_HEADER));\r
PayloadTotalSize = 0;\r
for (Entry = IkePacket->PayloadList.ForwardLink; Entry != &(IkePacket->PayloadList);) {\r
} else {\r
IkeSaSession->RespPacketSize = IkePacket->PayloadTotalSize + sizeof(IKE_HEADER);\r
IkeSaSession->RespPacket = AllocateZeroPool (IkeSaSession->RespPacketSize);\r
- ASSERT (IkeSaSession->RespPacket != NULL);\r
+ if (IkeSaSession->RespPacket == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+\r
CopyMem (IkeSaSession->RespPacket, IkePacket->Header, sizeof (IKE_HEADER));\r
PayloadTotalSize = 0;\r
for (Entry = IkePacket->PayloadList.ForwardLink; Entry != &(IkePacket->PayloadList);) {\r
IKEV2_CHILD_SA_SESSION *ChildSaSession;\r
EFI_STATUS Status;\r
UINT8 PadLen;\r
- UINTN CryptKeyLength;\r
HASH_DATA_FRAGMENT Fragments[1];\r
\r
IvSize = 0;\r
IkeSaSession = NULL;\r
CryptBlockSize = 0;\r
CheckSumSize = 0;\r
- CryptKeyLength = 0;\r
\r
//\r
// Check if the first payload is the Encrypted payload\r
if (SessionCommon->IkeSessionType == IkeSessionTypeIkeSa) {\r
\r
CryptBlockSize = (UINT8) IpSecGetEncryptBlockSize ((UINT8) SessionCommon->SaParams->EncAlgId);\r
- CryptKeyLength = IpSecGetEncryptKeyLength ((UINT8) SessionCommon->SaParams->EncAlgId);\r
+\r
CheckSumSize = (UINT8) IpSecGetIcvLength ((UINT8) SessionCommon->SaParams->IntegAlgId);\r
IkeSaSession = IKEV2_SA_SESSION_FROM_COMMON (SessionCommon);\r
\r
ChildSaSession = IKEV2_CHILD_SA_SESSION_FROM_COMMON (SessionCommon);\r
IkeSaSession = ChildSaSession->IkeSaSession;\r
CryptBlockSize = (UINT8) IpSecGetEncryptBlockSize ((UINT8) IkeSaSession->SessionCommon.SaParams->EncAlgId);\r
- CryptKeyLength = IpSecGetEncryptKeyLength ((UINT8) IkeSaSession->SessionCommon.SaParams->EncAlgId);\r
CheckSumSize = (UINT8) IpSecGetIcvLength ((UINT8) IkeSaSession->SessionCommon.SaParams->IntegAlgId);\r
} else {\r
//\r
}\r
\r
CheckSumData = AllocateZeroPool (CheckSumSize);\r
- ASSERT (CheckSumData != NULL);\r
+ if (CheckSumData == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
\r
//\r
// Fill in the Integrity buffer\r
//\r
IntegritySize = IkePacket->PayloadTotalSize + sizeof (IKE_HEADER);\r
IntegrityBuffer = AllocateZeroPool (IntegritySize);\r
- ASSERT (IntegrityBuffer != NULL);\r
+ if (IntegrityBuffer == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
CopyMem (IntegrityBuffer, IkePacket->Header, sizeof(IKE_HEADER));\r
CopyMem (IntegrityBuffer + sizeof (IKE_HEADER), IkePacket->PayloadsBuf, IkePacket->PayloadTotalSize);\r
\r
//\r
DecryptedSize = IkePacket->PayloadTotalSize - sizeof (IKEV2_COMMON_PAYLOAD_HEADER) - IvSize - CheckSumSize;\r
DecryptedBuf = AllocateZeroPool (DecryptedSize);\r
- ASSERT (DecryptedBuf != NULL);\r
+ if (DecryptedBuf == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
\r
CopyMem (\r
DecryptedBuf,\r
UINT8 *EncryptPayloadBuf; // Contain whole Encrypted Payload\r
UINTN EncryptPayloadSize; // Total size of the Encrypted payload\r
UINT8 *IntegrityBuf; // Buffer to be intergity\r
- UINT32 IntegrityBufSize; // Buffer size of IntegrityBuf\r
UINT8 *IvBuffer; // Initialization Vector\r
UINT8 IvSize; // Iv Size\r
UINT8 CheckSumSize; // Integrity Check Sum Size depends on intergrity Auth\r
EFI_STATUS Status;\r
LIST_ENTRY *Entry;\r
IKE_PAYLOAD *IkePayload;\r
- UINTN CryptKeyLength;\r
HASH_DATA_FRAGMENT Fragments[1];\r
\r
Status = EFI_SUCCESS;\r
IkeSaSession = NULL;\r
CryptBlockSize = 0;\r
CheckSumSize = 0;\r
- CryptKeyLength = 0;\r
IntegrityBuf = NULL;\r
//\r
// Get the Block Size\r
if (SessionCommon->IkeSessionType == IkeSessionTypeIkeSa) {\r
\r
CryptBlockSize = (UINT8) IpSecGetEncryptBlockSize ((UINT8) SessionCommon->SaParams->EncAlgId);\r
- CryptKeyLength = IpSecGetEncryptKeyLength ((UINT8) SessionCommon->SaParams->EncAlgId);\r
CheckSumSize = (UINT8) IpSecGetIcvLength ((UINT8) SessionCommon->SaParams->IntegAlgId);\r
IkeSaSession = IKEV2_SA_SESSION_FROM_COMMON (SessionCommon);\r
\r
ChildSaSession = IKEV2_CHILD_SA_SESSION_FROM_COMMON (SessionCommon);\r
IkeSaSession = ChildSaSession->IkeSaSession;\r
CryptBlockSize = (UINT8) IpSecGetEncryptBlockSize ((UINT8) IkeSaSession->SessionCommon.SaParams->EncAlgId);\r
- CryptKeyLength = IpSecGetEncryptKeyLength ((UINT8) IkeSaSession->SessionCommon.SaParams->EncAlgId);\r
CheckSumSize = (UINT8) IpSecGetIcvLength ((UINT8) IkeSaSession->SessionCommon.SaParams->IntegAlgId);\r
}\r
\r
CryptBlockSizeMask = (UINT8) (CryptBlockSize - 1);\r
EncryptedSize = (IkePacket->PayloadTotalSize + sizeof (IKEV2_PAD_LEN) + CryptBlockSizeMask) & ~CryptBlockSizeMask;\r
EncryptedBuf = (UINT8 *) AllocateZeroPool (EncryptedSize);\r
- ASSERT (EncryptedBuf != NULL);\r
+ if (EncryptedBuf == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
\r
//\r
// Copy all payload into EncryptedIkePayload\r
//\r
EncryptPayloadSize = sizeof(IKEV2_ENCRYPTED) + IvSize + EncryptedSize + CheckSumSize;\r
EncryptPayloadBuf = AllocateZeroPool (EncryptPayloadSize);\r
- ASSERT (EncryptPayloadBuf != NULL);\r
+ if (EncryptPayloadBuf == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
\r
//\r
// Fill in Header of Encrypted Payload\r
Status = EFI_OUT_OF_RESOURCES;\r
goto ON_EXIT;\r
}\r
- IntegrityBufSize = IkePacket->Header->Length;\r
IkeHdrHostToNet (IkePacket->Header);\r
\r
CopyMem (IntegrityBuf, IkePacket->Header, sizeof (IKE_HEADER));\r
// Create Encrypted Payload and add into IkePacket->PayloadList\r
//\r
EncryptPayload = IkePayloadAlloc ();\r
- ASSERT (EncryptPayload != NULL);\r
+ if (EncryptPayload == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
\r
//\r
// Fill the encrypted payload into the IKE_PAYLOAD structure.\r
return Status;\r
}\r
\r
-/**\r
- Save some useful payloads after accepting the Packet.\r
-\r
- @param[in] SessionCommon Pointer to IKEV2_SESSION_COMMON related to the operation.\r
- @param[in] IkePacket Pointer to received IkePacet.\r
- @param[in] IkeType The type used to indicate it is in IkeSa or ChildSa or Info\r
- exchange.\r
-\r
-**/\r
-VOID\r
-Ikev2OnPacketAccepted (\r
- IN IKEV2_SESSION_COMMON *SessionCommon,\r
- IN IKE_PACKET *IkePacket,\r
- IN UINT8 IkeType\r
- )\r
-{\r
- return;\r
-}\r
\r
/**\r
\r
// Transform IkePacke to NetBuf\r
//\r
IkePacketNetbuf = IkeNetbufFromPacket ((UINT8 *) SessionCommon, IkePacket, IkeType);\r
- ASSERT (IkePacketNetbuf != NULL);\r
+ if (IkePacketNetbuf == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
\r
ZeroMem (&EndPoint, sizeof (UDP_END_POINT));\r
EndPoint.RemotePort = IKE_DEFAULT_PORT;\r