From: Martin Willi <martin@revosec.ch>
Date: Fri, 27 Mar 2015 14:51:52 +0000 (+0100)
Subject: xcbc: Reset XCBC state in set_key()
X-Git-Tag: 5.3.0~12
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=eedd92b53bd78595bea130508fa64296e6a19f17;p=thirdparty%2Fstrongswan.git

xcbc: Reset XCBC state in set_key()

If some partial data has been appended, a truncated key gets invalid if it
is calculated from the pending state.
---

diff --git a/src/libstrongswan/plugins/xcbc/xcbc.c b/src/libstrongswan/plugins/xcbc/xcbc.c
index 802c8a39fd..d852a29329 100644
--- a/src/libstrongswan/plugins/xcbc/xcbc.c
+++ b/src/libstrongswan/plugins/xcbc/xcbc.c
@@ -219,6 +219,10 @@ METHOD(mac_t, set_key, bool,
 {
 	chunk_t iv, k1, lengthened;
 
+	memset(this->e, 0, this->b);
+	this->remaining_bytes = 0;
+	this->zero = TRUE;
+
 	/* we support variable keys from RFC4434 */
 	if (key.len == this->b)
 	{