}
/* Handle rekey and SUCCESS packets synchronously. After SUCCESS packets
- they keys are taken into use immediately, hence the synchronous
+ they keys are taken into use immediately, hence the synchronous
processing to get the keys in use as soon as possible. */
if (ske->rekeying || packet->type == SILC_PACKET_SUCCESS)
silc_fsm_continue_sync(&ske->fsm);
silc_hash_free(ske->prop->hash);
if (ske->prop->hmac)
silc_hmac_free(ske->prop->hmac);
+ if (ske->prop->public_key)
+ silc_pkcs_public_key_free(ske->prop->public_key);
silc_free(ske->prop);
}
if (ske->keymat)
SilcHash *ret_hash)
{
unsigned char iv[32];
+ SilcBool iv_included = (prop->flags & SILC_SKE_SP_FLAG_IV_INCLUDED);
/* Allocate ciphers to be used in the communication */
if (ret_send_key) {
if (silc_cipher_get_mode(*ret_send_key) == SILC_CIPHER_MODE_CTR) {
memcpy(iv, ske->hash, 4);
- memcpy(iv + 4, keymat->receive_iv, 4);
+ memcpy(iv + 4, keymat->receive_iv, iv_included ? 4 : 8);
silc_cipher_set_iv(*ret_send_key, iv);
} else {
silc_cipher_set_iv(*ret_send_key, keymat->receive_iv);
if (silc_cipher_get_mode(*ret_receive_key) == SILC_CIPHER_MODE_CTR) {
memcpy(iv, ske->hash, 4);
- memcpy(iv + 4, keymat->send_iv, 4);
+ memcpy(iv + 4, keymat->send_iv, iv_included ? 4 : 8);
silc_cipher_set_iv(*ret_receive_key, iv);
} else {
silc_cipher_set_iv(*ret_receive_key, keymat->send_iv);
if (silc_cipher_get_mode(*ret_send_key) == SILC_CIPHER_MODE_CTR) {
memcpy(iv, ske->hash, 4);
- memcpy(iv + 4, keymat->send_iv, 4);
+ memcpy(iv + 4, keymat->send_iv, iv_included ? 4 : 8);
silc_cipher_set_iv(*ret_send_key, iv);
} else {
silc_cipher_set_iv(*ret_send_key, keymat->send_iv);
if (silc_cipher_get_mode(*ret_receive_key) == SILC_CIPHER_MODE_CTR) {
memcpy(iv, ske->hash, 4);
- memcpy(iv + 4, keymat->receive_iv, 4);
+ memcpy(iv + 4, keymat->receive_iv, iv_included ? 4 : 8);
silc_cipher_set_iv(*ret_receive_key, iv);
} else {
silc_cipher_set_iv(*ret_receive_key, keymat->receive_iv);