*/
aead_t *aead_out;
+ /**
+ * ISA context id.
+ */
+ isa_id_type isa_ctx_id;
+
};
/**
DBG1(DBG_IKE, "deriving IKE keys (nc: %llu, dh: %llu, spi_loc: %llx, "
"spi_rem: %llx)", nc_id, dh_id, spi_loc, spi_rem);
/* Fake some data for now */
- if (ike_isa_create(1, 1, 1, dh_id, nc_id, nonce_rem, 1, spi_loc, spi_rem,
+ if (ike_isa_create(this->isa_ctx_id, 1, 1, dh_id, nc_id, nonce_rem, 1,
+ spi_loc, spi_rem,
&sk_ai, &sk_ar, &sk_ei, &sk_er) != TKM_OK)
{
DBG1(DBG_IKE, "key derivation failed");
idx_type idx;
chunk_to_sequence(&idx_chunk, &idx);
- if (ike_isa_sign_psk(1, msg, idx, verify == TRUE, &signature) != TKM_OK)
+ if (ike_isa_sign_psk(this->isa_ctx_id, msg, idx, verify == TRUE, &signature)
+ != TKM_OK)
{
DBG1(DBG_IKE, "get %s PSK signature failed", verify ?
"remote" : "local");
METHOD(keymat_t, destroy, void,
private_tkm_keymat_t *this)
{
+ if (ike_isa_reset(this->isa_ctx_id) != TKM_OK)
+ {
+ DBG1(DBG_IKE, "failed to reset ISA context %d", this->isa_ctx_id);
+ }
+ tkm->idmgr->release_id(tkm->idmgr, TKM_CTX_ISA, this->isa_ctx_id);
+
DESTROY_IF(this->aead_in);
DESTROY_IF(this->aead_out);
this->proxy->keymat.destroy(&this->proxy->keymat);
.get_psk_sig = _get_psk_sig,
},
.initiator = initiator,
+ .isa_ctx_id = tkm->idmgr->acquire_id(tkm->idmgr, TKM_CTX_ISA),
.proxy = keymat_v2_create(initiator),
);
+ if (!this->isa_ctx_id)
+ {
+ free(this);
+ return NULL;
+ }
+
return &this->public;
}
projects / thirdparty / strongswan.git / commitdiff
