Fixed IKEv1 prf+ keymat expansion beyond 320 bits

author Martin Willi <martin@revosec.ch>

Wed, 14 Dec 2011 16:34:57 +0000 (17:34 +0100)

committer Martin Willi <martin@revosec.ch>

Tue, 20 Mar 2012 16:31:22 +0000 (17:31 +0100)
author Martin Willi <martin@revosec.ch>
Wed, 14 Dec 2011 16:34:57 +0000 (17:34 +0100)
committer Martin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:31:22 +0000 (17:31 +0100)
diff --git a/src/libstrongswan/crypto/prf_plus.c b/src/libstrongswan/crypto/prf_plus.c

index 29f61197deaebc79f20bbc54ccdf4db79995cc7b..0f06ede834ff7ed9c42392d25097d029d4f6e423 100644 (file)
--- a/src/libstrongswan/crypto/prf_plus.c
+++ b/src/libstrongswan/crypto/prf_plus.c
@@ -72,12 +72,12 @@ METHOD(prf_plus_t, get_bytes, void,
                                 this->prf->get_bytes(this->prf, this->seed, NULL);
                                 this->prf->get_bytes(this->prf, chunk_from_thing(this->counter),
                                                                          this->buffer.ptr);
+                               this->counter++;
                         }
                         else
                         {
                                 this->prf->get_bytes(this->prf, this->seed, this->buffer.ptr);
                         }
-                       this->counter++;
                         this->used = 0;
                 }
                 round = min(length, this->buffer.len - this->used);
author	Martin Willi <martin@revosec.ch>
	Wed, 14 Dec 2011 16:34:57 +0000 (17:34 +0100)
committer	Martin Willi <martin@revosec.ch>
	Tue, 20 Mar 2012 16:31:22 +0000 (17:31 +0100)