keymat: Store signature info in auth octets

Store the ISA context id and the initial message in the auth octets
chunk using the sign_info_t struct. Charon will pass on this information
to the TKM private key sign operation where it is extracted.

diff --git a/src/charon-tkm/src/tkm/tkm_keymat.c b/src/charon-tkm/src/tkm/tkm_keymat.c
index 2fc5d60ebb5d84294e5e53b1e617f667e9b87fb9..95261d8c39ea77d3eda1da6fa871c2168bf9bbcd 100644 (file)
--- a/src/charon-tkm/src/tkm/tkm_keymat.c
+++ b/src/charon-tkm/src/tkm/tkm_keymat.c
@@ -366,9 +366,21 @@ METHOD(keymat_v2_t, get_auth_octets, bool,
        {
                /* store peer init message for authentication step */
                this->other_init_msg = chunk_clone(ike_sa_init);
+               *octets = chunk_empty;
+               return TRUE;
        }
-       DBG1(DBG_IKE, "returning auth octets");
-       *octets = chunk_empty;
+
+       sign_info_t *sign;
+       INIT(sign,
+                .isa_id = this->isa_ctx_id,
+                .init_message = chunk_clone(ike_sa_init),
+       );
+
+       /*
+        * store signature info in AUTH octets, which is passed to the private key
+        * sign() operation
+        */
+       *octets = chunk_create((u_char *)sign, sizeof(sign_info_t));
        return TRUE;
 }