ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

libipsec: Don't print ciphertext with ICV in log message

This commit is contained in:
Tobias Brunner 2013-10-17 11:36:32 +02:00
parent f5c5fd6f74
commit f6cadb7f54
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/libipsec/esp_packet.c
View File

@ -232,7 +232,6 @@ METHOD(esp_packet_t, decrypt, status_t,
return PARSE_ERROR;
}
ciphertext = reader->peek(reader);
ciphertext.len += icv.len;
reader->destroy(reader);
if (!esp_context->verify_seqno(esp_context, seq))
@ -245,6 +244,8 @@ METHOD(esp_packet_t, decrypt, status_t,
DBG3(DBG_ESP, "ESP decryption:\n SPI %.8x [seq %u]\n IV %B\n "
"encrypted %B\n ICV %B", spi, seq, &iv, &ciphertext, &icv);
/* include ICV in ciphertext for decryption/verification */
ciphertext.len += icv.len;
/* aad = spi + seq */
aad = chunk_create(data.ptr, 8);