summaryrefslogtreecommitdiff
path: root/sbin/iked
diff options
context:
space:
mode:
Diffstat (limited to 'sbin/iked')
-rw-r--r--sbin/iked/ikev2.c6
-rw-r--r--sbin/iked/ikev2_msg.c11
2 files changed, 10 insertions, 7 deletions
diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c
index 6b73ab8b68c..8413d9339fd 100644
--- a/sbin/iked/ikev2.c
+++ b/sbin/iked/ikev2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ikev2.c,v 1.264 2020/10/05 19:21:16 tobhe Exp $ */
+/* $OpenBSD: ikev2.c,v 1.265 2020/10/06 19:06:06 tobhe Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -5312,7 +5312,7 @@ ikev2_sa_keys(struct iked *env, struct iked_sa *sa, struct ibuf *key)
goto done;
}
- if ((skeyseed = ibuf_new(NULL, hash_length(prf))) == NULL) {
+ if ((skeyseed = ibuf_new(NULL, hash_keylength(prf))) == NULL) {
log_info("%s: failed to get SKEYSEED buffer",
SPI_SA(sa, __func__));
goto done;
@@ -5474,7 +5474,7 @@ ikev2_prfplus(struct iked_hash *prf, struct ibuf *key, struct ibuf *seed,
ibuf_release(t1);
} else
t2 = ibuf_new(NULL, 0);
- t1 = ibuf_new(NULL, hash_length(prf));
+ t1 = ibuf_new(NULL, hash_keylength(prf));
ibuf_add(t2, seed->buf, ibuf_length(seed));
pad = i + 1;
diff --git a/sbin/iked/ikev2_msg.c b/sbin/iked/ikev2_msg.c
index 00a8220bc28..f138208116f 100644
--- a/sbin/iked/ikev2_msg.c
+++ b/sbin/iked/ikev2_msg.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ikev2_msg.c,v 1.73 2020/10/03 20:23:08 tobhe Exp $ */
+/* $OpenBSD: ikev2_msg.c,v 1.74 2020/10/06 19:06:06 tobhe Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -584,7 +584,7 @@ ikev2_msg_decrypt(struct iked *env, struct iked_sa *sa,
* Validate packet checksum
*/
if (!sa->sa_integr->hash_isaead) {
- if ((tmp = ibuf_new(NULL, ibuf_length(integr))) == NULL)
+ if ((tmp = ibuf_new(NULL, hash_keylength(sa->sa_integr))) == NULL)
goto done;
hash_setkey(sa->sa_integr, integr->buf, ibuf_length(integr));
@@ -932,8 +932,11 @@ ikev2_msg_auth(struct iked *env, struct iked_sa *sa, int response)
ibuf_size(prfkey))) == NULL)
goto fail;
- if ((ptr = ibuf_advance(authmsg,
- hash_length(sa->sa_prf))) == NULL)
+ /* require non-truncating hash */
+ if (hash_keylength(sa->sa_prf) != hash_length(sa->sa_prf))
+ goto fail;
+
+ if ((ptr = ibuf_advance(authmsg, hash_keylength(sa->sa_prf))) == NULL)
goto fail;
hash_init(sa->sa_prf);