0102258016
NSS softoken does not include CKM_NSS_IKE1_APP_B_PRF_DERIVE in it's mechanism list, causing libreswan to crash.
23 lines
1.3 KiB
Diff
23 lines
1.3 KiB
Diff
diff -up ./lib/softoken/pkcs11.c.ike_fix ./lib/softoken/pkcs11.c
|
|
--- ./lib/softoken/pkcs11.c.ike_fix 2019-11-04 10:15:08.022176945 -0800
|
|
+++ ./lib/softoken/pkcs11.c 2019-11-04 10:17:35.396733750 -0800
|
|
@@ -330,7 +330,7 @@ static const struct mechanismList mechan
|
|
{ CKM_AES_CTS, { 16, 32, CKF_EN_DE }, PR_TRUE },
|
|
{ CKM_AES_CTR, { 16, 32, CKF_EN_DE }, PR_TRUE },
|
|
{ CKM_AES_GCM, { 16, 32, CKF_EN_DE }, PR_TRUE },
|
|
- { CKM_AES_XCBC_MAC_96, { 16, 16, CKF_SN_VR }, PR_TRUE },
|
|
+ { CKM_AES_XCBC_MAC_96, { 12, 12, CKF_SN_VR }, PR_TRUE },
|
|
{ CKM_AES_XCBC_MAC, { 16, 16, CKF_SN_VR }, PR_TRUE },
|
|
/* ------------------------- Camellia Operations --------------------- */
|
|
{ CKM_CAMELLIA_KEY_GEN, { 16, 32, CKF_GENERATE }, PR_TRUE },
|
|
@@ -518,7 +518,8 @@ static const struct mechanismList mechan
|
|
/* --------------------IPSEC ----------------------- */
|
|
{ CKM_NSS_IKE_PRF_PLUS_DERIVE, { 8, 255 * 64, CKF_DERIVE }, PR_TRUE },
|
|
{ CKM_NSS_IKE_PRF_DERIVE, { 8, 64, CKF_DERIVE }, PR_TRUE },
|
|
- { CKM_NSS_IKE1_PRF_DERIVE, { 8, 64, CKF_DERIVE }, PR_TRUE }
|
|
+ { CKM_NSS_IKE1_PRF_DERIVE, { 8, 64, CKF_DERIVE }, PR_TRUE },
|
|
+ { CKM_NSS_IKE1_APP_B_PRF_DERIVE, { 8, 255 * 64, CKF_DERIVE }, PR_TRUE }
|
|
};
|
|
static const CK_ULONG mechanismCount = sizeof(mechanisms) / sizeof(mechanisms[0]);
|
|
|