Accept encryption payloads with no wrapped payloads
authorMartin Willi <martin@revosec.ch>
Mon, 23 Aug 2010 09:30:36 +0000 (11:30 +0200)
committerMartin Willi <martin@revosec.ch>
Mon, 23 Aug 2010 09:30:36 +0000 (11:30 +0200)
src/libcharon/encoding/payloads/encryption_payload.c

index 05e1d0e..476f88e 100644 (file)
@@ -423,7 +423,7 @@ METHOD(encryption_payload_t, decrypt, bool,
 
        plain = chunk_create(crypt.ptr, crypt.len - icv.len);
        padding.len = plain.ptr[plain.len - 1] + 1;
 
        plain = chunk_create(crypt.ptr, crypt.len - icv.len);
        padding.len = plain.ptr[plain.len - 1] + 1;
-       if (padding.len >= plain.len)
+       if (padding.len > plain.len)
        {
                DBG1(DBG_ENC, "decrypting encryption payload failed, "
                         "padding invalid %B", &crypt);
        {
                DBG1(DBG_ENC, "decrypting encryption payload failed, "
                         "padding invalid %B", &crypt);