[PATCH] Make ICV Indicator dependant on ICV length

[Jaap Keuter]

IEEE 802.1X-2010 Section 11.11 describes that the ICV is seperate from
the parameter sets before it. Due to its convenient layout the ICV
Indicator 'body part' is used to encode the ICV as well.

IEEE 802.1X-2010 Section 11.11.3 describes the encoding of MKPDUs.
In bullet e) is desribed that the ICV Indicator itself is encoded when
the ICV is not 16 octets in length. IEEE 802.1Xbx-2014 Table 11.7 note
e) states that it will not be encoded unless the Algorithm Agility
parameter specifies the use of an ICV that is not 16 octets in length.

Therefore the length calculation for the ICV indicator body part must
take into account if the ICV Indicator is to be encoded or not. The
actual encoder of the ICV body already takes care of the rest.

Signed-off-by: Jaap Keuter <jaap.keuter at xs4all.nl>
---
 src/pae/ieee802_1x_kay.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c
index 1d4ed89c0..4bfef256c 100644
--- a/src/pae/ieee802_1x_kay.c
+++ b/src/pae/ieee802_1x_kay.c
@@ -1665,9 +1665,11 @@ ieee802_1x_mka_icv_body_present(struct ieee802_1x_mka_participant *participant)
 static int
 ieee802_1x_mka_get_icv_length(struct ieee802_1x_mka_participant *participant)
 {
-	int length;
+	int length = 0;
 
-	length = sizeof(struct ieee802_1x_mka_icv_body);
+	/* determine if we need space for the ICV Indicator */
+	if (mka_alg_tbl[participant->kay->mka_algindex].icv_len != DEFAULT_ICV_LEN)
+		length = sizeof(struct ieee802_1x_mka_icv_body);
 	length += mka_alg_tbl[participant->kay->mka_algindex].icv_len;
 
 	return MKA_ALIGN_LENGTH(length);
@@ -1882,7 +1884,7 @@ static struct mka_param_body_handler mka_body_handler[] = {
 		.body_present = NULL
 	},
 
-	/* icv parameter set */
+	/* icv indicator */
 	{
 		.body_tx      = ieee802_1x_mka_encode_icv_body,
 		.body_rx      = NULL,
-- 
2.11.0