diff options
| author | Yves-Alexis Perez <corsac@corsac.net> | 2017-04-01 16:26:44 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@corsac.net> | 2017-04-01 16:26:44 +0200 |
| commit | 05ddd767992d68bb38c7f16ece142e8c2e9ae016 (patch) | |
| tree | 302c618be306d4ed3c7f9fc58a1f6aaad4dd252f /src/libipsec/esp_context.c | |
| parent | 25663e04c3ab01ef8dc9f906608282319cfea2db (diff) | |
| download | vyos-strongswan-05ddd767992d68bb38c7f16ece142e8c2e9ae016.tar.gz vyos-strongswan-05ddd767992d68bb38c7f16ece142e8c2e9ae016.zip | |
New upstream version 5.5.2
Diffstat (limited to 'src/libipsec/esp_context.c')
| -rw-r--r-- | src/libipsec/esp_context.c | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/src/libipsec/esp_context.c b/src/libipsec/esp_context.c index 6c7e9a1c9..c014e683a 100644 --- a/src/libipsec/esp_context.c +++ b/src/libipsec/esp_context.c @@ -210,19 +210,32 @@ METHOD(esp_context_t, destroy, void, static bool create_aead(private_esp_context_t *this, int alg, chunk_t key) { + size_t salt = 0; + switch (alg) { case ENCR_AES_GCM_ICV8: case ENCR_AES_GCM_ICV12: case ENCR_AES_GCM_ICV16: case ENCR_CHACHA20_POLY1305: - /* the key includes a 4 byte salt */ - this->aead = lib->crypto->create_aead(lib->crypto, alg, - key.len - 4, 4); + salt = 4; + break; + case ENCR_AES_CCM_ICV8: + case ENCR_AES_CCM_ICV12: + case ENCR_AES_CCM_ICV16: + case ENCR_CAMELLIA_CCM_ICV8: + case ENCR_CAMELLIA_CCM_ICV12: + case ENCR_CAMELLIA_CCM_ICV16: + salt = 3; break; default: break; } + if (salt) + { + this->aead = lib->crypto->create_aead(lib->crypto, alg, + key.len - salt, salt); + } if (!this->aead) { DBG1(DBG_ESP, "failed to create ESP context: unsupported AEAD " |