Due to the nonce, the ESP key material is four bytes longer than needed for
the actual AES key. The crypto plugins, however, register their AES-CTR
implementations with the AES key length, so the lookup here failed.
For IKEv2 the key material is allocated after creating a crypter instance
with the negotiated AES key size. The length of the actual key material is
retrieved via get_key_size(), which adds the four bytes to the AES key length.
Fixes #1124.
signer_t *signer = NULL;
iv_gen_t *ivg;
- crypter = lib->crypto->create_crypter(lib->crypto, enc_alg, enc_key.len);
+ switch (enc_alg)
+ {
+ case ENCR_AES_CTR:
+ /* the key includes a 4 byte salt */
+ crypter = lib->crypto->create_crypter(lib->crypto, enc_alg,
+ enc_key.len - 4);
+ break;
+ default:
+ crypter = lib->crypto->create_crypter(lib->crypto, enc_alg,
+ enc_key.len);
+ break;
+ }
if (!crypter)
{
DBG1(DBG_ESP, "failed to create ESP context: unsupported encryption "