Include the used reserved bytes from ID payloads in AUTH calculation
authorMartin Willi <martin@revosec.ch>
Thu, 25 Nov 2010 10:35:43 +0000 (11:35 +0100)
committerMartin Willi <martin@revosec.ch>
Wed, 5 Jan 2011 15:45:53 +0000 (16:45 +0100)
12 files changed:
src/conftest/hooks/pretend_auth.c
src/libcharon/sa/authenticators/authenticator.c
src/libcharon/sa/authenticators/authenticator.h
src/libcharon/sa/authenticators/eap_authenticator.c
src/libcharon/sa/authenticators/eap_authenticator.h
src/libcharon/sa/authenticators/psk_authenticator.c
src/libcharon/sa/authenticators/psk_authenticator.h
src/libcharon/sa/authenticators/pubkey_authenticator.c
src/libcharon/sa/authenticators/pubkey_authenticator.h
src/libcharon/sa/keymat.c
src/libcharon/sa/keymat.h
src/libcharon/sa/tasks/ike_auth.c

index 451c414..4b7168c 100644 (file)
@@ -40,6 +40,11 @@ struct private_pretend_auth_t {
        identification_t *id;
 
        /**
+        * reserved bytes of ID payload
+        */
+       char reserved[3];
+
+       /**
         * IKE_SA_INIT data for signature
         */
        chunk_t ike_init;
@@ -232,7 +237,7 @@ static bool build_auth(private_pretend_auth_t *this,
        }
        keymat = ike_sa->get_keymat(ike_sa);
        octets = keymat->get_auth_octets(keymat, TRUE, this->ike_init,
-                                                                        this->nonce, this->id);
+                                                                        this->nonce, this->id, this->reserved);
        if (!private->sign(private, scheme, octets, &auth_data))
        {
                chunk_free(&octets);
index cd340e5..83f5fba 100644 (file)
@@ -39,7 +39,8 @@ ENUM_END(auth_method_names, AUTH_ECDSA_521);
  */
 authenticator_t *authenticator_create_builder(ike_sa_t *ike_sa, auth_cfg_t *cfg,
                                                                        chunk_t received_nonce, chunk_t sent_nonce,
-                                                                       chunk_t received_init, chunk_t sent_init)
+                                                                       chunk_t received_init, chunk_t sent_init,
+                                                                       char reserved[3])
 {
        switch ((uintptr_t)cfg->get(cfg, AUTH_RULE_AUTH_CLASS))
        {
@@ -47,13 +48,14 @@ authenticator_t *authenticator_create_builder(ike_sa_t *ike_sa, auth_cfg_t *cfg,
                        /* defaults to PUBKEY */
                case AUTH_CLASS_PUBKEY:
                        return (authenticator_t*)pubkey_authenticator_create_builder(ike_sa,
-                                                                                       received_nonce, sent_init);
+                                                                               received_nonce, sent_init, reserved);
                case AUTH_CLASS_PSK:
                        return (authenticator_t*)psk_authenticator_create_builder(ike_sa,
-                                                                                       received_nonce, sent_init);
+                                                                               received_nonce, sent_init, reserved);
                case AUTH_CLASS_EAP:
                        return (authenticator_t*)eap_authenticator_create_builder(ike_sa,
-                                               received_nonce, sent_nonce, received_init, sent_init);
+                                                                               received_nonce, sent_nonce,
+                                                                               received_init, sent_init, reserved);
                default:
                        return NULL;
        }
@@ -65,7 +67,8 @@ authenticator_t *authenticator_create_builder(ike_sa_t *ike_sa, auth_cfg_t *cfg,
 authenticator_t *authenticator_create_verifier(
                                                                        ike_sa_t *ike_sa, message_t *message,
                                                                        chunk_t received_nonce, chunk_t sent_nonce,
-                                                                       chunk_t received_init, chunk_t sent_init)
+                                                                       chunk_t received_init, chunk_t sent_init,
+                                                                       char reserved[3])
 {
        auth_payload_t *auth_payload;
 
@@ -73,7 +76,8 @@ authenticator_t *authenticator_create_verifier(
        if (auth_payload == NULL)
        {
                return (authenticator_t*)eap_authenticator_create_verifier(ike_sa,
-                                               received_nonce, sent_nonce, received_init, sent_init);
+                                                                               received_nonce, sent_nonce,
+                                                                               received_init, sent_init, reserved);
        }
        switch (auth_payload->get_auth_method(auth_payload))
        {
@@ -82,10 +86,10 @@ authenticator_t *authenticator_create_verifier(
                case AUTH_ECDSA_384:
                case AUTH_ECDSA_521:
                        return (authenticator_t*)pubkey_authenticator_create_verifier(ike_sa,
-                                                                                                       sent_nonce, received_init);
+                                                                               sent_nonce, received_init, reserved);
                case AUTH_PSK:
                        return (authenticator_t*)psk_authenticator_create_verifier(ike_sa,
-                                                                                                       sent_nonce, received_init);
+                                                                               sent_nonce, received_init, reserved);
                default:
                        return NULL;
        }
index 89178b5..d27e006 100644 (file)
@@ -130,12 +130,14 @@ struct authenticator_t {
  * @param sent_nonce           nonce sent in IKE_SA_INIT
  * @param received_init                received IKE_SA_INIT message data
  * @param sent_init                    sent IKE_SA_INIT message data
+ * @param reserved                     reserved bytes of the ID payload
  * @return                                     authenticator, NULL if not supported
  */
 authenticator_t *authenticator_create_builder(
                                                                        ike_sa_t *ike_sa, auth_cfg_t *cfg,
                                                                        chunk_t received_nonce, chunk_t sent_nonce,
-                                                                       chunk_t received_init, chunk_t sent_init);
+                                                                       chunk_t received_init, chunk_t sent_init,
+                                                                       char reserved[3]);
 
 /**
  * Create an authenticator to verify signatures.
@@ -146,11 +148,13 @@ authenticator_t *authenticator_create_builder(
  * @param sent_nonce           nonce sent in IKE_SA_INIT
  * @param received_init                received IKE_SA_INIT message data
  * @param sent_init                    sent IKE_SA_INIT message data
+ * @param reserved                     reserved bytes of the ID payload
  * @return                                     authenticator, NULL if not supported
  */
 authenticator_t *authenticator_create_verifier(
                                                                        ike_sa_t *ike_sa, message_t *message,
                                                                        chunk_t received_nonce, chunk_t sent_nonce,
-                                                                       chunk_t received_init, chunk_t sent_init);
+                                                                       chunk_t received_init, chunk_t sent_init,
+                                                                       char reserved[3]);
 
 #endif /** AUTHENTICATOR_H_ @}*/
index 8b22fd1..dea0275 100644 (file)
@@ -58,6 +58,11 @@ struct private_eap_authenticator_t {
        chunk_t sent_init;
 
        /**
+        * Reserved bytes of ID payload
+        */
+       char reserved[3];
+
+       /**
         * Current EAP method processing
         */
        eap_method_t *method;
@@ -422,7 +427,7 @@ static bool verify_auth(private_eap_authenticator_t *this, message_t *message,
        other_id = this->ike_sa->get_other_id(this->ike_sa);
        keymat = this->ike_sa->get_keymat(this->ike_sa);
        auth_data = keymat->get_psk_sig(keymat, TRUE, init, nonce,
-                                                                       this->msk, other_id);
+                                                                       this->msk, other_id, this->reserved);
        recv_auth_data = auth_payload->get_data(auth_payload);
        if (!auth_data.len || !chunk_equals(auth_data, recv_auth_data))
        {
@@ -458,7 +463,8 @@ static void build_auth(private_eap_authenticator_t *this, message_t *message,
        DBG1(DBG_IKE, "authentication of '%Y' (myself) with %N",
                 my_id, auth_class_names, AUTH_CLASS_EAP);
 
-       auth_data = keymat->get_psk_sig(keymat, FALSE, init, nonce, this->msk, my_id);
+       auth_data = keymat->get_psk_sig(keymat, FALSE, init, nonce,
+                                                                       this->msk, my_id, this->reserved);
        auth_payload = auth_payload_create();
        auth_payload->set_auth_method(auth_payload, AUTH_PSK);
        auth_payload->set_data(auth_payload, auth_data);
@@ -642,7 +648,8 @@ METHOD(authenticator_t, destroy, void,
  */
 eap_authenticator_t *eap_authenticator_create_builder(ike_sa_t *ike_sa,
                                                                        chunk_t received_nonce, chunk_t sent_nonce,
-                                                                       chunk_t received_init, chunk_t sent_init)
+                                                                       chunk_t received_init, chunk_t sent_init,
+                                                                       char reserved[3])
 {
        private_eap_authenticator_t *this;
 
@@ -661,6 +668,7 @@ eap_authenticator_t *eap_authenticator_create_builder(ike_sa_t *ike_sa,
                .sent_init = sent_init,
                .sent_nonce = sent_nonce,
        );
+       memcpy(this->reserved, reserved, sizeof(this->reserved));
 
        return &this->public;
 }
@@ -670,7 +678,8 @@ eap_authenticator_t *eap_authenticator_create_builder(ike_sa_t *ike_sa,
  */
 eap_authenticator_t *eap_authenticator_create_verifier(ike_sa_t *ike_sa,
                                                                        chunk_t received_nonce, chunk_t sent_nonce,
-                                                                       chunk_t received_init, chunk_t sent_init)
+                                                                       chunk_t received_init, chunk_t sent_init,
+                                                                       char reserved[3])
 {
        private_eap_authenticator_t *this;
 
@@ -689,6 +698,7 @@ eap_authenticator_t *eap_authenticator_create_verifier(ike_sa_t *ike_sa,
                .sent_init = sent_init,
                .sent_nonce = sent_nonce,
        );
+       memcpy(this->reserved, reserved, sizeof(this->reserved));
 
        return &this->public;
 }
index 41eb6a8..726411a 100644 (file)
@@ -75,11 +75,13 @@ struct eap_authenticator_t {
  * @param sent_nonce           nonce sent in IKE_SA_INIT
  * @param received_init                received IKE_SA_INIT message data
  * @param sent_init                    sent IKE_SA_INIT message data
+ * @param reserved                     reserved bytes of ID payload
  * @return                                     EAP authenticator
  */
 eap_authenticator_t *eap_authenticator_create_builder(ike_sa_t *ike_sa,
                                                                        chunk_t received_nonce, chunk_t sent_nonce,
-                                                                       chunk_t received_init, chunk_t sent_init);
+                                                                       chunk_t received_init, chunk_t sent_init,
+                                                                       char reserved[3]);
 
 /**
  * Create an authenticator to authenticate EAP clients.
@@ -89,10 +91,12 @@ eap_authenticator_t *eap_authenticator_create_builder(ike_sa_t *ike_sa,
  * @param sent_nonce           nonce sent in IKE_SA_INIT
  * @param received_init                received IKE_SA_INIT message data
  * @param sent_init                    sent IKE_SA_INIT message data
+ * @param reserved                     reserved bytes of ID payload
  * @return                                     EAP authenticator
  */
 eap_authenticator_t *eap_authenticator_create_verifier(ike_sa_t *ike_sa,
                                                                        chunk_t received_nonce, chunk_t sent_nonce,
-                                                                       chunk_t received_init, chunk_t sent_init);
+                                                                       chunk_t received_init, chunk_t sent_init,
+                                                                       char reserved[3]);
 
 #endif /** EAP_AUTHENTICATOR_H_ @}*/
index 54ab533..21fc0f9 100644 (file)
@@ -45,6 +45,11 @@ struct private_psk_authenticator_t {
         * IKE_SA_INIT message data to include in AUTH calculation
         */
        chunk_t ike_sa_init;
+
+       /**
+        * Reserved bytes of ID payload
+        */
+       char reserved[3];
 };
 
 METHOD(authenticator_t, build, status_t,
@@ -68,7 +73,7 @@ METHOD(authenticator_t, build, status_t,
                return NOT_FOUND;
        }
        auth_data = keymat->get_psk_sig(keymat, FALSE, this->ike_sa_init,
-                                                                       this->nonce, key->get_key(key), my_id);
+                                               this->nonce, key->get_key(key), my_id, this->reserved);
        key->destroy(key);
        DBG2(DBG_IKE, "successfully created shared key MAC");
        auth_payload = auth_payload_create();
@@ -109,7 +114,7 @@ METHOD(authenticator_t, process, status_t,
                keys_found++;
 
                auth_data = keymat->get_psk_sig(keymat, TRUE, this->ike_sa_init,
-                                                                       this->nonce, key->get_key(key), other_id);
+                               this->nonce, key->get_key(key), other_id, this->reserved);
                if (auth_data.len && chunk_equals(auth_data, recv_auth_data))
                {
                        DBG1(DBG_IKE, "authentication of '%Y' with %N successful",
@@ -147,7 +152,8 @@ METHOD(authenticator_t, destroy, void,
  * Described in header.
  */
 psk_authenticator_t *psk_authenticator_create_builder(ike_sa_t *ike_sa,
-                                                                       chunk_t received_nonce, chunk_t sent_init)
+                                                                       chunk_t received_nonce, chunk_t sent_init,
+                                                                       char reserved[3])
 {
        private_psk_authenticator_t *this;
 
@@ -159,11 +165,13 @@ psk_authenticator_t *psk_authenticator_create_builder(ike_sa_t *ike_sa,
                                .is_mutual = (void*)return_false,
                                .destroy = _destroy,
                        },
-               }.
+               },
                .ike_sa = ike_sa,
                .ike_sa_init = sent_init,
                .nonce = received_nonce,
        );
+       memcpy(this->reserved, reserved, sizeof(this->reserved));
+
        return &this->public;
 }
 
@@ -171,7 +179,8 @@ psk_authenticator_t *psk_authenticator_create_builder(ike_sa_t *ike_sa,
  * Described in header.
  */
 psk_authenticator_t *psk_authenticator_create_verifier(ike_sa_t *ike_sa,
-                                                                       chunk_t sent_nonce, chunk_t received_init)
+                                                                       chunk_t sent_nonce, chunk_t received_init,
+                                                                       char reserved[3])
 {
        private_psk_authenticator_t *this;
 
@@ -188,6 +197,8 @@ psk_authenticator_t *psk_authenticator_create_verifier(ike_sa_t *ike_sa,
                .ike_sa_init = received_init,
                .nonce = sent_nonce,
        );
+       memcpy(this->reserved, reserved, sizeof(this->reserved));
+
        return &this->public;
 }
 
index 0fab110..8cf1a0f 100644 (file)
@@ -42,10 +42,12 @@ struct psk_authenticator_t {
  * @param ike_sa                       associated ike_sa
  * @param received_nonce       nonce received in IKE_SA_INIT
  * @param sent_init                    sent IKE_SA_INIT message data
+ * @param reserved                     reserved bytes of ID payload
  * @return                                     PSK authenticator
  */
 psk_authenticator_t *psk_authenticator_create_builder(ike_sa_t *ike_sa,
-                                                                       chunk_t received_nonce, chunk_t sent_init);
+                                                                       chunk_t received_nonce, chunk_t sent_init,
+                                                                       char reserved[3]);
 
 /**
  * Create an authenticator to verify PSK signatures.
@@ -53,9 +55,11 @@ psk_authenticator_t *psk_authenticator_create_builder(ike_sa_t *ike_sa,
  * @param ike_sa                       associated ike_sa
  * @param sent_nonce           nonce sent in IKE_SA_INIT
  * @param received_init                received IKE_SA_INIT message data
+ * @param reserved                     reserved bytes of ID payload
  * @return                                     PSK authenticator
  */
 psk_authenticator_t *psk_authenticator_create_verifier(ike_sa_t *ike_sa,
-                                                                       chunk_t sent_nonce, chunk_t received_init);
+                                                                       chunk_t sent_nonce, chunk_t received_init,
+                                                                       char reserved[3]);
 
 #endif /** PSK_AUTHENTICATOR_H_ @}*/
index 1d01abf..2478916 100644 (file)
@@ -46,6 +46,11 @@ struct private_pubkey_authenticator_t {
         * IKE_SA_INIT message data to include in AUTH calculation
         */
        chunk_t ike_sa_init;
+
+       /**
+        * Reserved bytes of ID payload
+        */
+       char reserved[3];
 };
 
 METHOD(authenticator_t, build, status_t,
@@ -107,7 +112,7 @@ METHOD(authenticator_t, build, status_t,
        }
        keymat = this->ike_sa->get_keymat(this->ike_sa);
        octets = keymat->get_auth_octets(keymat, FALSE, this->ike_sa_init,
-                                                                        this->nonce, id);
+                                                                        this->nonce, id, this->reserved);
        if (private->sign(private, scheme, octets, &auth_data))
        {
                auth_payload = auth_payload_create();
@@ -171,7 +176,7 @@ METHOD(authenticator_t, process, status_t,
        id = this->ike_sa->get_other_id(this->ike_sa);
        keymat = this->ike_sa->get_keymat(this->ike_sa);
        octets = keymat->get_auth_octets(keymat, TRUE, this->ike_sa_init,
-                                                                        this->nonce, id);
+                                                                        this->nonce, id, this->reserved);
        auth = this->ike_sa->get_auth_cfg(this->ike_sa, FALSE);
        enumerator = lib->credmgr->create_public_enumerator(lib->credmgr,
                                                                                                                key_type, id, auth);
@@ -212,7 +217,8 @@ METHOD(authenticator_t, destroy, void,
  * Described in header.
  */
 pubkey_authenticator_t *pubkey_authenticator_create_builder(ike_sa_t *ike_sa,
-                                                                       chunk_t received_nonce, chunk_t sent_init)
+                                                                       chunk_t received_nonce, chunk_t sent_init,
+                                                                       char reserved[3])
 {
        private_pubkey_authenticator_t *this;
 
@@ -229,6 +235,8 @@ pubkey_authenticator_t *pubkey_authenticator_create_builder(ike_sa_t *ike_sa,
                .ike_sa_init = sent_init,
                .nonce = received_nonce,
        );
+       memcpy(this->reserved, reserved, sizeof(this->reserved));
+
        return &this->public;
 }
 
@@ -236,7 +244,8 @@ pubkey_authenticator_t *pubkey_authenticator_create_builder(ike_sa_t *ike_sa,
  * Described in header.
  */
 pubkey_authenticator_t *pubkey_authenticator_create_verifier(ike_sa_t *ike_sa,
-                                                                       chunk_t sent_nonce, chunk_t received_init)
+                                                                       chunk_t sent_nonce, chunk_t received_init,
+                                                                       char reserved[3])
 {
        private_pubkey_authenticator_t *this;
 
@@ -253,5 +262,7 @@ pubkey_authenticator_t *pubkey_authenticator_create_verifier(ike_sa_t *ike_sa,
                .ike_sa_init = received_init,
                .nonce = sent_nonce,
        );
+       memcpy(this->reserved, reserved, sizeof(this->reserved));
+
        return &this->public;
 }
index be369cb..4c3937e 100644 (file)
@@ -43,10 +43,12 @@ struct pubkey_authenticator_t {
  * @param ike_sa                       associated ike_sa
  * @param received_nonce       nonce received in IKE_SA_INIT
  * @param sent_init                    sent IKE_SA_INIT message data
+ * @param reserved                     reserved bytes of ID payload
  * @return                                     public key authenticator
  */
 pubkey_authenticator_t *pubkey_authenticator_create_builder(ike_sa_t *ike_sa,
-                                                                       chunk_t received_nonce, chunk_t sent_init);
+                                                                       chunk_t received_nonce, chunk_t sent_init,
+                                                                       char reserved[3]);
 
 /**
  * Create an authenticator to verify public key signatures.
@@ -54,9 +56,11 @@ pubkey_authenticator_t *pubkey_authenticator_create_builder(ike_sa_t *ike_sa,
  * @param ike_sa                       associated ike_sa
  * @param sent_nonce           nonce sent in IKE_SA_INIT
  * @param received_init                received IKE_SA_INIT message data
+ * @param reserved                     reserved bytes of ID payload
  * @return                                     public key authenticator
  */
 pubkey_authenticator_t *pubkey_authenticator_create_verifier(ike_sa_t *ike_sa,
-                                                                       chunk_t sent_nonce, chunk_t received_init);
+                                                                       chunk_t sent_nonce, chunk_t received_init,
+                                                                       char reserved[3]);
 
 #endif /** PUBKEY_AUTHENTICATOR_H_ @}*/
index 878ad12..f9f2478 100644 (file)
@@ -540,7 +540,7 @@ METHOD(keymat_t, get_aead, aead_t*,
 
 METHOD(keymat_t, get_auth_octets, chunk_t,
        private_keymat_t *this, bool verify, chunk_t ike_sa_init,
-       chunk_t nonce, identification_t *id)
+       chunk_t nonce, identification_t *id, char reserved[3])
 {
        chunk_t chunk, idx, octets;
        chunk_t skp;
@@ -548,8 +548,8 @@ METHOD(keymat_t, get_auth_octets, chunk_t,
        skp = verify ? this->skp_verify : this->skp_build;
 
        chunk = chunk_alloca(4);
-       memset(chunk.ptr, 0, chunk.len);
        chunk.ptr[0] = id->get_type(id);
+       memcpy(chunk.ptr + 1, reserved, 3);
        idx = chunk_cata("cc", chunk, id->get_encoding(id));
 
        DBG3(DBG_IKE, "IDx' %B", &idx);
@@ -570,7 +570,7 @@ METHOD(keymat_t, get_auth_octets, chunk_t,
 
 METHOD(keymat_t, get_psk_sig, chunk_t,
        private_keymat_t *this, bool verify, chunk_t ike_sa_init,
-       chunk_t nonce, chunk_t secret, identification_t *id)
+       chunk_t nonce, chunk_t secret, identification_t *id, char reserved[3])
 {
        chunk_t key_pad, key, sig, octets;
 
@@ -578,7 +578,7 @@ METHOD(keymat_t, get_psk_sig, chunk_t,
        {       /* EAP uses SK_p if no MSK has been established */
                secret = verify ? this->skp_verify : this->skp_build;
        }
-       octets = get_auth_octets(this, verify, ike_sa_init, nonce, id);
+       octets = get_auth_octets(this, verify, ike_sa_init, nonce, id, reserved);
        /* AUTH = prf(prf(Shared Secret,"Key Pad for IKEv2"), <msg octets>) */
        key_pad = chunk_create(IKEV2_KEY_PAD, IKEV2_KEY_PAD_LENGTH);
        this->prf->set_key(this->prf, secret);
index 4f01aa4..11e0fa7 100644 (file)
@@ -117,10 +117,12 @@ struct keymat_t {
         * @param ike_sa_init   encoded ike_sa_init message
         * @param nonce                 nonce value
         * @param id                    identity
+        * @param reserved              reserved bytes of id_payload
         * @return                              authentication octets
         */
        chunk_t (*get_auth_octets)(keymat_t *this, bool verify, chunk_t ike_sa_init,
-                                                          chunk_t nonce, identification_t *id);
+                                                          chunk_t nonce, identification_t *id,
+                                                          char reserved[3]);
        /**
         * Build the shared secret signature used for PSK and EAP authentication.
         *
@@ -133,10 +135,12 @@ struct keymat_t {
         * @param nonce                 nonce value
         * @param secret                optional secret to include into signature
         * @param id                    identity
+        * @param reserved              reserved bytes of id_payload
         * @return                              signature octets
         */
        chunk_t (*get_psk_sig)(keymat_t *this, bool verify, chunk_t ike_sa_init,
-                                                  chunk_t nonce, chunk_t secret, identification_t *id);
+                                                  chunk_t nonce, chunk_t secret,
+                                                  identification_t *id, char reserved[3]);
        /**
         * Destroy a keymat_t.
         */
index b440ec8..48174e2 100644 (file)
@@ -68,6 +68,11 @@ struct private_ike_auth_t {
        packet_t *other_packet;
 
        /**
+        * Reserved bytes of ID payload
+        */
+       char reserved[3];
+
+       /**
         * currently active authenticator, to authenticate us
         */
        authenticator_t *my_auth;
@@ -160,6 +165,24 @@ static status_t collect_other_init_data(private_ike_auth_t *this,
 }
 
 /**
+ * Get and store reserved bytes of id_payload, required for AUTH payload
+ */
+static void get_reserved_id_bytes(private_ike_auth_t *this, id_payload_t *id)
+{
+       u_int8_t *byte;
+       int i;
+
+       for (i = 0; i < countof(this->reserved); i++)
+       {
+               byte = payload_get_field(&id->payload_interface, RESERVED_BYTE, i);
+               if (byte)
+               {
+                       this->reserved[i] = *byte;
+               }
+       }
+}
+
+/**
  * Get the next authentication configuration
  */
 static auth_cfg_t *get_auth_cfg(private_ike_auth_t *this, bool local)
@@ -398,13 +421,15 @@ static status_t build_i(private_ike_auth_t *this, message_t *message)
                }
                this->ike_sa->set_my_id(this->ike_sa, id->clone(id));
                id_payload = id_payload_create_from_identification(ID_INITIATOR, id);
+               get_reserved_id_bytes(this, id_payload);
                message->add_payload(message, (payload_t*)id_payload);
 
                /* build authentication data */
                this->my_auth = authenticator_create_builder(this->ike_sa, cfg,
                                                        this->other_nonce, this->my_nonce,
                                                        this->other_packet->get_data(this->other_packet),
-                                                       this->my_packet->get_data(this->my_packet));
+                                                       this->my_packet->get_data(this->my_packet),
+                                                       this->reserved);
                if (!this->my_auth)
                {
                        return FAILED;
@@ -498,6 +523,7 @@ static status_t process_r(private_ike_auth_t *this, message_t *message)
                        return FAILED;
                }
                id = id_payload->get_identification(id_payload);
+               get_reserved_id_bytes(this, id_payload);
                this->ike_sa->set_other_id(this->ike_sa, id);
                cfg = this->ike_sa->get_auth_cfg(this->ike_sa, FALSE);
                cfg->add(cfg, AUTH_RULE_IDENTITY, id->clone(id));
@@ -548,7 +574,8 @@ static status_t process_r(private_ike_auth_t *this, message_t *message)
                this->other_auth = authenticator_create_verifier(this->ike_sa,
                                                        message, this->other_nonce, this->my_nonce,
                                                        this->other_packet->get_data(this->other_packet),
-                                                       this->my_packet->get_data(this->my_packet));
+                                                       this->my_packet->get_data(this->my_packet),
+                                                       this->reserved);
                if (!this->other_auth)
                {
                        this->authentication_failed = TRUE;
@@ -662,6 +689,7 @@ static status_t build_r(private_ike_auth_t *this, message_t *message)
                }
 
                id_payload = id_payload_create_from_identification(ID_RESPONDER, id);
+               get_reserved_id_bytes(this, id_payload);
                message->add_payload(message, (payload_t*)id_payload);
 
                if ((uintptr_t)cfg->get(cfg, AUTH_RULE_AUTH_CLASS) == AUTH_CLASS_EAP)
@@ -682,7 +710,8 @@ static status_t build_r(private_ike_auth_t *this, message_t *message)
                        this->my_auth = authenticator_create_builder(this->ike_sa, cfg,
                                                                this->other_nonce, this->my_nonce,
                                                                this->other_packet->get_data(this->other_packet),
-                                                               this->my_packet->get_data(this->my_packet));
+                                                               this->my_packet->get_data(this->my_packet),
+                                                               this->reserved);
                        if (!this->my_auth)
                        {
                                message->add_notify(message, TRUE, AUTHENTICATION_FAILED,
@@ -857,6 +886,7 @@ static status_t process_i(private_ike_auth_t *this, message_t *message)
                                return FAILED;
                        }
                        id = id_payload->get_identification(id_payload);
+                       get_reserved_id_bytes(this, id_payload);
                        this->ike_sa->set_other_id(this->ike_sa, id);
                        cfg = this->ike_sa->get_auth_cfg(this->ike_sa, FALSE);
                        cfg->add(cfg, AUTH_RULE_IDENTITY, id->clone(id));
@@ -867,7 +897,8 @@ static status_t process_i(private_ike_auth_t *this, message_t *message)
                                this->other_auth = authenticator_create_verifier(this->ike_sa,
                                                                message, this->other_nonce, this->my_nonce,
                                                                this->other_packet->get_data(this->other_packet),
-                                                               this->my_packet->get_data(this->my_packet));
+                                                               this->my_packet->get_data(this->my_packet),
+                                                               this->reserved);
                                if (!this->other_auth)
                                {
                                        return FAILED;