keymat: Store signature info in auth octets
authorReto Buerki <reet@codelabs.ch>
Tue, 16 Oct 2012 14:42:23 +0000 (16:42 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 19 Mar 2013 14:23:49 +0000 (15:23 +0100)
Store the ISA context id and the initial message in the auth octets
chunk using the sign_info_t struct. Charon will pass on this information
to the TKM private key sign operation where it is extracted.

src/charon-tkm/src/tkm/tkm_keymat.c

index 2fc5d60..95261d8 100644 (file)
@@ -366,9 +366,21 @@ METHOD(keymat_v2_t, get_auth_octets, bool,
        {
                /* store peer init message for authentication step */
                this->other_init_msg = chunk_clone(ike_sa_init);
+               *octets = chunk_empty;
+               return TRUE;
        }
-       DBG1(DBG_IKE, "returning auth octets");
-       *octets = chunk_empty;
+
+       sign_info_t *sign;
+       INIT(sign,
+                .isa_id = this->isa_ctx_id,
+                .init_message = chunk_clone(ike_sa_init),
+       );
+
+       /*
+        * store signature info in AUTH octets, which is passed to the private key
+        * sign() operation
+        */
+       *octets = chunk_create((u_char *)sign, sizeof(sign_info_t));
        return TRUE;
 }