Added a factory function for IKEv1 authenticators
authorMartin Willi <martin@revosec.ch>
Wed, 7 Dec 2011 14:09:34 +0000 (14:09 +0000)
committerMartin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:31:14 +0000 (17:31 +0100)
src/libcharon/sa/authenticators/authenticator.c
src/libcharon/sa/authenticators/authenticator.h

index 83f5fba..c69a5d9 100644 (file)
@@ -21,6 +21,8 @@
 #include <sa/authenticators/pubkey_authenticator.h>
 #include <sa/authenticators/psk_authenticator.h>
 #include <sa/authenticators/eap_authenticator.h>
+#include <sa/authenticators/psk_v1_authenticator.h>
+#include <sa/authenticators/pubkey_v1_authenticator.h>
 #include <encoding/payloads/auth_payload.h>
 
 
@@ -95,3 +97,26 @@ authenticator_t *authenticator_create_verifier(
        }
 }
 
+/**
+ * Described in header.
+ */
+authenticator_t *authenticator_create_v1(ike_sa_t *ike_sa, bool initiator,
+                                                               auth_method_t auth_method, diffie_hellman_t *dh,
+                                                               chunk_t dh_value, chunk_t sa_payload)
+{
+       switch (auth_method)
+       {
+               case AUTH_PSK:
+               case AUTH_XAUTH_INIT_PSK:
+               case AUTH_XAUTH_RESP_PSK:
+                       return (authenticator_t*)psk_v1_authenticator_create(ike_sa,
+                                                                               initiator, dh, dh_value, sa_payload);
+               case AUTH_RSA:
+               case AUTH_XAUTH_INIT_RSA:
+               case AUTH_XAUTH_RESP_RSA:
+                       return (authenticator_t*)pubkey_v1_authenticator_create(ike_sa,
+                                                                               initiator, dh, dh_value, sa_payload);
+               default:
+                       return NULL;
+       }
+}
index 1161583..3c17333 100644 (file)
@@ -148,7 +148,7 @@ struct authenticator_t {
 };
 
 /**
- * Create an authenticator to build signatures.
+ * Create an IKEv2 authenticator to build signatures.
  *
  * @param ike_sa                       associated ike_sa
  * @param cfg                          authentication configuration
@@ -166,7 +166,7 @@ authenticator_t *authenticator_create_builder(
                                                                        char reserved[3]);
 
 /**
- * Create an authenticator to verify signatures.
+ * Create an IKEv2 authenticator to verify signatures.
  *
  * @param ike_sa                       associated ike_sa
  * @param message                      message containing authentication data
@@ -183,4 +183,19 @@ authenticator_t *authenticator_create_verifier(
                                                                        chunk_t received_init, chunk_t sent_init,
                                                                        char reserved[3]);
 
+/**
+ * Create an IKEv1 authenticator to build and verify signatures or hash payloads.
+ *
+ * @param ike_sa                       associated IKE_SA
+ * @param initiator                    TRUE if we are the IKE_SA initiator
+ * @param auth_method          negotiated authentication method to use
+ * @param dh                           diffie hellman key exchange
+ * @param dh_value                     others public diffie hellman value
+ * @param sa_payload           generated SA payload data, without payload header
+ * @return                                     authenticator, NULL if not supported
+ */
+authenticator_t *authenticator_create_v1(ike_sa_t *ike_sa, bool initiator,
+                                                               auth_method_t auth_method, diffie_hellman_t *dh,
+                                                               chunk_t dh_value, chunk_t sa_payload);
+
 #endif /** AUTHENTICATOR_H_ @}*/