*/
chunk_t ike_sa_init;
+ /**
+ * IntAuth data to include in AUTH calculation
+ */
+ chunk_t int_auth;
+
/**
* Reserved bytes of ID payload
*/
}
if (keymat->get_auth_octets(keymat, FALSE, this->ike_sa_init, this->nonce,
- chunk_empty, this->ppk, id, this->reserved,
+ this->int_auth, this->ppk, id, this->reserved,
&octets, schemes))
{
enumerator = array_create_enumerator(schemes);
chunk_free(&octets);
if (keymat->get_auth_octets(keymat, FALSE, this->ike_sa_init,
- this->nonce, chunk_empty,
+ this->nonce, this->int_auth,
chunk_empty, id, this->reserved,
&octets, schemes) &&
private->sign(private, params->scheme, params->params,
keymat = (keymat_v2_t*)this->ike_sa->get_keymat(this->ike_sa);
if (keymat->get_auth_octets(keymat, verify, this->ike_sa_init, this->nonce,
- chunk_empty, ppk, id, this->reserved, octets,
+ this->int_auth, ppk, id, this->reserved, octets,
schemes) &&
array_remove(schemes, 0, scheme))
{
this->no_ppk_auth = no_ppk_auth;
}
+METHOD(authenticator_t, set_int_auth, void,
+ private_pubkey_authenticator_t *this, chunk_t int_auth)
+{
+ this->int_auth = int_auth;
+}
+
METHOD(authenticator_t, destroy, void,
private_pubkey_authenticator_t *this)
{
.build = _build,
.process = (void*)return_failed,
.use_ppk = _use_ppk,
+ .set_int_auth = _set_int_auth,
.is_mutual = (void*)return_false,
.destroy = _destroy,
},
.build = (void*)return_failed,
.process = _process,
.use_ppk = _use_ppk,
+ .set_int_auth = _set_int_auth,
.is_mutual = (void*)return_false,
.destroy = _destroy,
},
projects / thirdparty / strongswan.git / commitdiff
