*/
chunk_t ike_sa_init;
+ /**
+ * IntAuth data to include in AUTH calculation
+ */
+ chunk_t int_auth;
+
/**
* Reserved bytes of ID payload
*/
return NOT_FOUND;
}
if (!keymat->get_psk_sig(keymat, FALSE, this->ike_sa_init, this->nonce,
- chunk_empty, key->get_key(key), this->ppk,
+ this->int_auth, key->get_key(key), this->ppk,
my_id, this->reserved, &auth_data))
{
key->destroy(key);
if (this->no_ppk_auth)
{
if (!keymat->get_psk_sig(keymat, FALSE, this->ike_sa_init, this->nonce,
- chunk_empty, key->get_key(key), chunk_empty,
+ this->int_auth, key->get_key(key), chunk_empty,
my_id, this->reserved, &auth_data))
{
DBG1(DBG_IKE, "failed adding NO_PPK_AUTH notify");
keys_found++;
if (!keymat->get_psk_sig(keymat, TRUE, this->ike_sa_init, this->nonce,
- chunk_empty, key->get_key(key), this->ppk,
+ this->int_auth, key->get_key(key), this->ppk,
other_id, this->reserved, &auth_data))
{
continue;
this->no_ppk_auth = no_ppk_auth;
}
+METHOD(authenticator_t, set_int_auth, void,
+ private_psk_authenticator_t *this, chunk_t int_auth)
+{
+ this->int_auth = int_auth;
+}
+
METHOD(authenticator_t, destroy, void,
private_psk_authenticator_t *this)
{
.build = _build,
.process = (void*)return_failed,
.use_ppk = _use_ppk,
+ .set_int_auth = _set_int_auth,
.is_mutual = (void*)return_false,
.destroy = _destroy,
},
.build = (void*)return_failed,
.process = _process,
.use_ppk = _use_ppk,
+ .set_int_auth = _set_int_auth,
.is_mutual = (void*)return_false,
.destroy = _destroy,
},