Remove keymat proxy from TKM keymat

author Adrian-Ken Rueegsegger <ken@codelabs.ch>

Tue, 11 Sep 2012 17:04:55 +0000 (19:04 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Tue, 19 Mar 2013 14:23:47 +0000 (15:23 +0100)
author Adrian-Ken Rueegsegger <ken@codelabs.ch>
Tue, 11 Sep 2012 17:04:55 +0000 (19:04 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Tue, 19 Mar 2013 14:23:47 +0000 (15:23 +0100)
diff --git a/src/charon-tkm/src/tkm/tkm_keymat.c b/src/charon-tkm/src/tkm/tkm_keymat.c

index a2d40a86ca1d14c2f395f342fed68fc95d444e76..0b9612c85995a13fc4ea0308cf42b999b494f985 100644 (file)
--- a/src/charon-tkm/src/tkm/tkm_keymat.c
+++ b/src/charon-tkm/src/tkm/tkm_keymat.c
@@ -15,7 +15,6 @@
   */
  
  #include <daemon.h>
-#include <sa/ikev2/keymat_v2.h>
  #include <tkm/constants.h>
  #include <tkm/client.h>
  
@@ -37,11 +36,6 @@ struct private_tkm_keymat_t {
          */
         tkm_keymat_t public;
  
-       /**
-        * IKEv2 keymat proxy (will be removed).
-        */
-       keymat_v2_t *proxy;
-
         /**
          * IKE_SA Role, initiator or responder.
          */
@@ -271,19 +265,14 @@ METHOD(tkm_keymat_t, derive_ike_keys, bool,
  
         /* TODO: Add failure handler (see keymat_v2.c) */
  
-       if (this->proxy->derive_ike_keys(this->proxy, proposal, dh, nonce_i,
-                               nonce_r, id, rekey_function, rekey_skd))
+       tkm->chunk_map->remove(tkm->chunk_map, nonce);
+       if (ike_nc_reset(nc_id) != TKM_OK)
         {
-               tkm->chunk_map->remove(tkm->chunk_map, nonce);
-               if (ike_nc_reset(nc_id) != TKM_OK)
-               {
-                       DBG1(DBG_IKE, "failed to reset nonce context %llu", nc_id);
-               }
-               tkm->idmgr->release_id(tkm->idmgr, TKM_CTX_NONCE, nc_id);
-
-               return TRUE;
+               DBG1(DBG_IKE, "failed to reset nonce context %llu", nc_id);
         }
-       return FALSE;
+       tkm->idmgr->release_id(tkm->idmgr, TKM_CTX_NONCE, nc_id);
+
+       return TRUE;
  }
  
  METHOD(tkm_keymat_t, derive_child_keys, bool,
@@ -294,12 +283,7 @@ METHOD(tkm_keymat_t, derive_child_keys, bool,
         DBG1(DBG_CHD, "deriving child keys");
         *encr_i = chunk_alloc(sizeof(esa_info_t));
         (*(esa_info_t*)(encr_i->ptr)).isa_id = this->isa_ctx_id;
-       const bool result = this->proxy->derive_child_keys(this->proxy, proposal,
-                                                                                                          dh, nonce_i, nonce_r,
-                                                                                                          &(*(esa_info_t*)(encr_i->ptr)).enc_key,
-                                                                                                          integ_i, encr_r,
-                                                                                                          integ_r);
-       return result;
+       return TRUE;
  }
  
  METHOD(keymat_t, get_aead, aead_t*,
@@ -313,15 +297,16 @@ METHOD(tkm_keymat_t, get_auth_octets, bool,
         chunk_t nonce, identification_t *id, char reserved[3], chunk_t *octets)
  {
         DBG1(DBG_IKE, "returning auth octets");
-       return this->proxy->get_auth_octets(this->proxy, verify, ike_sa_init, nonce,
-                       id, reserved, octets);
+       *octets = chunk_empty;
+       return TRUE;
  }
  
  METHOD(tkm_keymat_t, get_skd, pseudo_random_function_t,
         private_tkm_keymat_t *this, chunk_t *skd)
  {
         DBG1(DBG_IKE, "returning skd");
-       return this->proxy->get_skd(this->proxy, skd);
+       *skd = chunk_empty;
+       return PRF_HMAC_SHA2_512;
  }
  
  METHOD(tkm_keymat_t, get_psk_sig, bool,
@@ -365,7 +350,6 @@ METHOD(keymat_t, destroy, void,
         DESTROY_IF(this->aead_in);
         DESTROY_IF(this->aead_out);
         chunk_free(&this->auth_payload);
-       this->proxy->keymat.destroy(&this->proxy->keymat);
         free(this);
  }
  
@@ -416,7 +400,6 @@ tkm_keymat_t *tkm_keymat_create(bool initiator)
                 .isa_ctx_id = tkm->idmgr->acquire_id(tkm->idmgr, TKM_CTX_ISA),
                 .ae_ctx_id = tkm->idmgr->acquire_id(tkm->idmgr, TKM_CTX_AE),
                 .auth_payload = chunk_empty,
-               .proxy = keymat_v2_create(initiator),
         );
  
         if (!this->isa_ctx_id || !this->ae_ctx_id)
diff --git a/src/charon-tkm/src/tkm/tkm_types.h b/src/charon-tkm/src/tkm/tkm_types.h

index 8c65348af32c74a90ccca2fbffc42ed7dbe62a5b..a33066444f43e17a77b04b29d3a247d221305087 100644 (file)
--- a/src/charon-tkm/src/tkm/tkm_types.h
+++ b/src/charon-tkm/src/tkm/tkm_types.h
@@ -21,7 +21,6 @@ typedef struct esa_info_t esa_info_t;
  
  struct esa_info_t {
         isa_id_type isa_id;
-       chunk_t enc_key;
  };
  
  #endif /** TKM_TYPES_H_ */
author	Adrian-Ken Rueegsegger <ken@codelabs.ch>
	Tue, 11 Sep 2012 17:04:55 +0000 (19:04 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Tue, 19 Mar 2013 14:23:47 +0000 (15:23 +0100)
src/charon-tkm/src/tkm/tkm_keymat.c		patch \| blob \| blame \| history
src/charon-tkm/src/tkm/tkm_types.h		patch \| blob \| blame \| history