Fixed IKEv1 prf+ keymat expansion beyond 320 bits
authorMartin Willi <martin@revosec.ch>
Wed, 14 Dec 2011 16:34:57 +0000 (17:34 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:31:22 +0000 (17:31 +0100)
src/libstrongswan/crypto/prf_plus.c

index 29f6119..0f06ede 100644 (file)
@@ -72,12 +72,12 @@ METHOD(prf_plus_t, get_bytes, void,
                                this->prf->get_bytes(this->prf, this->seed, NULL);
                                this->prf->get_bytes(this->prf, chunk_from_thing(this->counter),
                                                                         this->buffer.ptr);
+                               this->counter++;
                        }
                        else
                        {
                                this->prf->get_bytes(this->prf, this->seed, this->buffer.ptr);
                        }
-                       this->counter++;
                        this->used = 0;
                }
                round = min(length, this->buffer.len - this->used);