libipsec: Properly calculate padding length especially for AES-GCM

author: Tobias Brunner <tobias@strongswan.org> 2013-10-12 01:09:53 +0200
committer: Tobias Brunner <tobias@strongswan.org> 2013-10-17 11:42:45 +0200
commit: f5c5fd6f74b8b9bd65948e4b73ab916a141d7e83 (patch)
tree: cd84db8dccfd3961c1b9751d65eedccebe85ea00
parent: 812ae898bfa4917e2d69b17b0c3949bb2c2c2b18 (diff)
download: strongswan-f5c5fd6f74b8b9bd65948e4b73ab916a141d7e83.tar.bz2
strongswan-f5c5fd6f74b8b9bd65948e4b73ab916a141d7e83.tar.xz
1 files changed, 3 insertions, 1 deletions
diff --git a/src/libipsec/esp_packet.c b/src/libipsec/esp_packet.c
index db5ef3685..7de765ecd 100644
--- a/src/libipsec/esp_packet.c
+++ b/src/libipsec/esp_packet.c
@@ -309,7 +309,9 @@ METHOD(esp_packet_t, encrypt, status_t,
 	payload = this->payload ? this->payload->get_encoding(this->payload)
 							: chunk_empty;
 	plainlen = payload.len + 2;
-	padding.len = blocksize - (plainlen % blocksize);
+	padding.len = pad_len(plainlen, blocksize);
+	/* ICV must be on a 4-byte boundary */
+	padding.len += pad_len(iv.len + plainlen + padding.len, 4);
 	plainlen += padding.len;
 
 	/* len = spi, seq, IV, plaintext, ICV */
author	Tobias Brunner <tobias@strongswan.org>	2013-10-12 01:09:53 +0200
committer	Tobias Brunner <tobias@strongswan.org>	2013-10-17 11:42:45 +0200
commit	f5c5fd6f74b8b9bd65948e4b73ab916a141d7e83 (patch)
tree	cd84db8dccfd3961c1b9751d65eedccebe85ea00
parent	812ae898bfa4917e2d69b17b0c3949bb2c2c2b18 (diff)
download	strongswan-f5c5fd6f74b8b9bd65948e4b73ab916a141d7e83.tar.bz2 strongswan-f5c5fd6f74b8b9bd65948e4b73ab916a141d7e83.tar.xz