X-Git-Url: https://gerrit.fd.io/r/gitweb?p=vpp.git;a=blobdiff_plain;f=src%2Fplugins%2Fwireguard%2Fwireguard_cookie.c;h=595b8770e56fb96d01b10e38c7b95df384ace5ff;hp=47e8784566fa8ebc231227df0b90349d659633d4;hb=ce91af8ad;hpb=03aae9637922023dd77955cb15caafb7ce309200

diff --git a/src/plugins/wireguard/wireguard_cookie.c b/src/plugins/wireguard/wireguard_cookie.c
index 47e8784566f..595b8770e56 100644
--- a/src/plugins/wireguard/wireguard_cookie.c
+++ b/src/plugins/wireguard/wireguard_cookie.c
@@ -58,6 +58,25 @@ cookie_checker_update (cookie_checker_t * cc, uint8_t key[COOKIE_INPUT_SIZE])
     }
 }
 
+void
+cookie_checker_create_payload (vlib_main_t *vm, cookie_checker_t *cc,
+			       message_macs_t *cm,
+			       uint8_t nonce[COOKIE_NONCE_SIZE],
+			       uint8_t ecookie[COOKIE_ENCRYPTED_SIZE],
+			       ip46_address_t *ip, u16 udp_port)
+{
+  uint8_t cookie[COOKIE_COOKIE_SIZE];
+
+  cookie_checker_make_cookie (vm, cc, cookie, ip, udp_port);
+  RAND_bytes (nonce, COOKIE_NONCE_SIZE);
+
+  wg_xchacha20poly1305_encrypt (vm, cookie, COOKIE_COOKIE_SIZE, ecookie,
+				cm->mac1, COOKIE_MAC_SIZE, nonce,
+				cc->cc_cookie_key);
+
+  wg_secure_zero_memory (cookie, sizeof (cookie));
+}
+
 bool
 cookie_maker_consume_payload (vlib_main_t *vm, cookie_maker_t *cp,
 			      uint8_t nonce[COOKIE_NONCE_SIZE],