From: Martin Willi <martin@revosec.ch>
Date: Thu, 19 Aug 2010 17:28:08 +0000 (+0200)
Subject: Fixed crypter keymat derivation bug
X-Git-Tag: 4.5.0~442
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2e64455ee1530f4d2dbcbd061c0ae8f9c10352f4;p=thirdparty%2Fstrongswan.git

Fixed crypter keymat derivation bug
---

diff --git a/src/libcharon/sa/keymat.c b/src/libcharon/sa/keymat.c
index 17077c2bdc..878ad124f2 100644
--- a/src/libcharon/sa/keymat.c
+++ b/src/libcharon/sa/keymat.c
@@ -178,10 +178,11 @@ static bool derive_ike_aead(private_keymat_t *this, u_int16_t alg,
  * Derive IKE keys for traditional encryption and MAC algorithms
  */
 static bool derive_ike_traditional(private_keymat_t *this, u_int16_t enc_alg,
-					u_int16_t key_size, u_int16_t int_alg, prf_plus_t *prf_plus)
+					u_int16_t enc_size, u_int16_t int_alg, prf_plus_t *prf_plus)
 {
 	crypter_t *crypter_i, *crypter_r;
 	signer_t *signer_i, *signer_r;
+	size_t key_size;
 	chunk_t key;
 
 	/* SK_ai/SK_ar used for integrity protection */
@@ -207,8 +208,8 @@ static bool derive_ike_traditional(private_keymat_t *this, u_int16_t enc_alg,
 	chunk_clear(&key);
 
 	/* SK_ei/SK_er used for encryption */
-	crypter_i = lib->crypto->create_crypter(lib->crypto, enc_alg, key_size / 8);
-	crypter_r = lib->crypto->create_crypter(lib->crypto, enc_alg, key_size / 8);
+	crypter_i = lib->crypto->create_crypter(lib->crypto, enc_alg, enc_size / 8);
+	crypter_r = lib->crypto->create_crypter(lib->crypto, enc_alg, enc_size / 8);
 	if (crypter_i == NULL || crypter_r == NULL)
 	{
 		DBG1(DBG_IKE, "%N %N (key size %d) not supported!",