From eedd92b53bd78595bea130508fa64296e6a19f17 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Fri, 27 Mar 2015 15:51:52 +0100 Subject: [PATCH] xcbc: Reset XCBC state in set_key() If some partial data has been appended, a truncated key gets invalid if it is calculated from the pending state. --- src/libstrongswan/plugins/xcbc/xcbc.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/libstrongswan/plugins/xcbc/xcbc.c b/src/libstrongswan/plugins/xcbc/xcbc.c index 802c8a39fd..d852a29329 100644 --- a/src/libstrongswan/plugins/xcbc/xcbc.c +++ b/src/libstrongswan/plugins/xcbc/xcbc.c @@ -219,6 +219,10 @@ METHOD(mac_t, set_key, bool, { chunk_t iv, k1, lengthened; + memset(this->e, 0, this->b); + this->remaining_bytes = 0; + this->zero = TRUE; + /* we support variable keys from RFC4434 */ if (key.len == this->b) { -- 2.47.2