fixed ikev1 iv derivation

2025-10-06 00:00:47 -04:00 · 2009-05-14 20:25:38 +02:00 · 2009-05-14 20:25:38 +02:00 · 7121eca633
commit 7121eca633
parent 7cdb1ddf08
1 changed files with 30 additions and 8 deletions
--- a/src/pluto/crypto.c
+++ b/src/pluto/crypto.c
@ -544,18 +544,40 @@ static void do_3des(u_int8_t *buf, size_t buf_len, u_int8_t *key,
 		(des_cblock *)iv, enc);
 }
 /* hash and prf routines */
 void crypto_cbc_encrypt(const struct encrypt_desc *e, bool enc, u_int8_t *buf,
 						size_t size, struct state *st)
 {
-	passert(st->st_new_iv_len >= e->enc_blocksize);
+	chunk_t data = { buf, size };
-	st->st_new_iv_len = e->enc_blocksize;       /* truncate */
+	chunk_t iv;
    char *new_iv;
 	size_t crypter_block_size;
 	encryption_algorithm_t enc_alg;
 	crypter_t *crypter;
-	e->do_crypt(buf, size, st->st_enc_key.ptr, st->st_enc_key.len, st->st_new_iv, enc);
+	enc_alg = oakley_to_encryption_algorithm(e->algo_id);
-	/*
+	crypter = lib->crypto->create_crypter(lib->crypto, enc_alg, st->st_enc_key.len);
-	e->set_key(&ctx, st->st_enc_key.ptr, st->st_enc_key.len);
+	crypter->set_key(crypter, st->st_enc_key);
-	e->cbc_crypt(&ctx, buf, size, st->st_new_iv, enc);
+	crypter_block_size = crypter->get_block_size(crypter);
-	*/
+
 	/* form iv by truncation */
 	passert(st->st_new_iv_len >= crypter_block_size);
 	st->st_new_iv_len = crypter_block_size;
 	iv = chunk_create(st->st_new_iv, st->st_new_iv_len);
 	if (enc)
 	{
 		crypter->encrypt(crypter, data, iv, NULL);
 	    new_iv = data.ptr + data.len - crypter_block_size;
 	}
 	else
 	{
 		new_iv = alloca(crypter_block_size);
 	    memcpy(new_iv, data.ptr + data.len - crypter_block_size,
 			   crypter_block_size);
 		crypter->decrypt(crypter, data, iv, NULL);
 	}
 	crypter->destroy(crypter);
    memcpy(st->st_new_iv, new_iv, crypter_block_size);
 }
 encryption_algorithm_t oakley_to_encryption_algorithm(int alg)