signature_scheme_t scheme;
my_id = this->ike_sa->get_my_id(this->ike_sa);
- DBG1(DBG_IKE, "authentication of '%D' (myself) with public key", my_id);
-
auth = this->ike_sa->get_my_auth(this->ike_sa);
private = charon->credentials->get_private(charon->credentials, KEY_ANY,
my_id, auth);
auth_method = AUTH_ECDSA_521;
break;
default:
- DBG1(DBG_IKE, "ECDSA not supported by private key");
+ DBG1(DBG_IKE, "%d bit ECDSA private key size not supported",
+ private->get_keysize(private));
return status;
}
break;
key_type_names, private->get_type(private));
return status;
}
-
prf = this->ike_sa->get_prf(this->ike_sa);
prf->set_key(prf, this->ike_sa->get_skp_build(this->ike_sa));
octets = build_tbs_octets(ike_sa_init, other_nonce, my_id, prf);
*auth_payload = payload;
chunk_free(&auth_data);
status = SUCCESS;
- DBG2(DBG_IKE, "successfully built %N with private key", auth_method_names, auth_method);
- }
- else
- {
- DBG1(DBG_IKE, "building signature failed");
}
+ DBG1(DBG_IKE, "authentication of '%D' (myself) with %N %s", my_id,
+ auth_method_names, auth_method,
+ (status == SUCCESS)? "successful":"failed");
chunk_free(&octets);
private->destroy(private);
#include "files.h"
/**
- * Authentication mehtods, must be the same as in charon
+ * Authentication methods, must be the same as in charon/config/peer_cfg.h
*/
enum auth_method_t {
- AUTH_PUBKEY = 0,
- AUTH_PSK,
- AUTH_EAP,
+ AUTH_PUBKEY = 1,
+ AUTH_PSK = 2,
+ AUTH_EAP = 3
};
static char* push_string(stroke_msg_t *msg, char *string)