sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-11-04 00:00:51 -05:00
Code Issues Projects Releases Wiki Activity

keymat: Call ike_isa_sign_psk in get_psk_sig

Browse Source 
Get PSK signed AUTH octets from TKM in initiator case.
This commit is contained in:
Adrian-Ken Rueegsegger 2012-08-29 18:32:28 +02:00 committed by Tobias Brunner
parent e285544be2
commit 51fdbd0429
1 changed files with 26 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/charon-tkm/src/tkm/tkm_keymat.c
View File

@ -298,8 +298,33 @@ METHOD(tkm_keymat_t, get_psk_sig, bool,
chunk_t secret, identification_t *id, char reserved[3], chunk_t *sig)
{
DBG1(DBG_IKE, "returning PSK signature");
return this->proxy->get_psk_sig(this->proxy, verify, ike_sa_init, nonce,
if (!verify)
{
signature_type signature;
init_message_type msg;
chunk_to_sequence(&ike_sa_init, &msg);
chunk_t idx_chunk, chunk = chunk_alloca(4);
chunk.ptr[0] = id->get_type(id);
memcpy(chunk.ptr + 1, reserved, 3);
idx_chunk = chunk_cata("cc", chunk, id->get_encoding(id));
idx_type idx;
chunk_to_sequence(&idx_chunk, &idx);
if (ike_isa_sign_psk(1, msg, idx, &signature) != TKM_OK)
{
DBG1(DBG_IKE, "get local PSK signature failed");
return FALSE;
}
sequence_to_chunk(&signature.data[0], signature.size, sig);
return TRUE;
}
else
{
return this->proxy->get_psk_sig(this->proxy, verify, ike_sa_init, nonce,
secret, id, reserved, sig);
}
}
METHOD(keymat_t, destroy, void,