Fixed encryption of IKEv2 messages.

author: Tobias Brunner <tobias@strongswan.org> 2011-11-23 15:23:20 +0100
committer: Tobias Brunner <tobias@strongswan.org> 2012-03-20 17:30:50 +0100
commit: f4e21faa989998974e198ecb2d33521c612e29bf (patch)
tree: 706752b742a2ff00fcb1388b053f34270f519fab /src
parent: d020d4d695c2d69ad5e29be2d97d6c33d89b9327 (diff)
download: strongswan-f4e21faa989998974e198ecb2d33521c612e29bf.tar.bz2
strongswan-f4e21faa989998974e198ecb2d33521c612e29bf.tar.xz
1 files changed, 2 insertions, 2 deletions
diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c
index 440b014c0..aa774e0c3 100644
--- a/src/libcharon/encoding/message.c
+++ b/src/libcharon/encoding/message.c
@@ -1505,7 +1505,8 @@ METHOD(message_t, generate, status_t,
 	ike_header->destroy(ike_header);
 
 	if (encryption)
-	{
+	{	/* set_transform() has to be called before get_length() */
+		encryption->set_transform(encryption, aead);
 		if (this->is_encrypted)
 		{	/* for IKEv1 instead of associated data we provide the IV */
 			chunk = keymat_v1->get_iv(keymat_v1, this->message_id);
@@ -1516,7 +1517,6 @@ METHOD(message_t, generate, status_t,
 			/* fill in length, including encryption payload */
 			htoun32(lenpos, chunk.len + encryption->get_length(encryption));
 		}
-		encryption->set_transform(encryption, aead);
 		this->payloads->insert_last(this->payloads, encryption);
 		if (!encryption->encrypt(encryption, chunk))
 		{
author	Tobias Brunner <tobias@strongswan.org>	2011-11-23 15:23:20 +0100
committer	Tobias Brunner <tobias@strongswan.org>	2012-03-20 17:30:50 +0100
commit	f4e21faa989998974e198ecb2d33521c612e29bf (patch)
tree	706752b742a2ff00fcb1388b053f34270f519fab /src
parent	d020d4d695c2d69ad5e29be2d97d6c33d89b9327 (diff)
download	strongswan-f4e21faa989998974e198ecb2d33521c612e29bf.tar.bz2 strongswan-f4e21faa989998974e198ecb2d33521c612e29bf.tar.xz