ikev2: Use IV generator to encrypt encrypted payload
This commit is contained in:
parent
50bd28d549
commit
b5010707a0
|
@ -313,6 +313,7 @@ METHOD(encryption_payload_t, encrypt, status_t,
|
|||
{
|
||||
chunk_t iv, plain, padding, icv, crypt;
|
||||
generator_t *generator;
|
||||
iv_gen_t *iv_gen;
|
||||
rng_t *rng;
|
||||
size_t bs;
|
||||
|
||||
|
@ -329,6 +330,13 @@ METHOD(encryption_payload_t, encrypt, status_t,
|
|||
return NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
iv_gen = this->aead->get_iv_gen(this->aead);
|
||||
if (!iv_gen)
|
||||
{
|
||||
DBG1(DBG_ENC, "encrypting encryption payload failed, no IV generator");
|
||||
return NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
assoc = append_header(this, assoc);
|
||||
|
||||
generator = generator_create();
|
||||
|
@ -356,7 +364,7 @@ METHOD(encryption_payload_t, encrypt, status_t,
|
|||
crypt = chunk_create(plain.ptr, plain.len + padding.len);
|
||||
generator->destroy(generator);
|
||||
|
||||
if (!rng->get_bytes(rng, iv.len, iv.ptr) ||
|
||||
if (!iv_gen->get_iv(iv_gen, iv.len, iv.ptr) ||
|
||||
!rng->get_bytes(rng, padding.len - 1, padding.ptr))
|
||||
{
|
||||
DBG1(DBG_ENC, "encrypting encryption payload failed, no IV or padding");
|
||||
|
|
Loading…
Reference in New Issue