ikev2: Fall back to SHA-1 signatures for RSA

This is really just a fallback to "classic" IKEv2 authentication if the other
peer supports no stronger hash algorithms.

diff --git a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c
index 576aa4c630864a27b6b90177abfc650c9dd5e7d3..d8c4570dcc1307faaa1792ecf351103efa3402db 100644 (file)
--- a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c
+++ b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c
@@ -153,6 +153,13 @@ static signature_scheme_t select_signature_scheme(keymat_v2_t *keymat,
                        }
                }
                enumerator->destroy(enumerator);
+
+               /* default to the scheme we'd use with classic authentication */
+               if (selected == SIGN_UNKNOWN && key_type == KEY_RSA &&
+                       keymat->hash_algorithm_supported(keymat, HASH_SHA1))
+               {
+                       selected = SIGN_RSA_EMSA_PKCS1_SHA1;
+               }
        }
        return selected;
 }