From: Martin Willi <martin@revosec.ch>
Date: Fri, 30 Jan 2015 12:55:57 +0000 (+0100)
Subject: stroke: Add public key constraint option for CGA based pseudo-signatures
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2c812b25bc3e01e8700df7365596bd1f2646457b;p=thirdparty%2Fstrongswan.git

stroke: Add public key constraint option for CGA based pseudo-signatures
---

diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c
index 3f60b957e3..72c6842736 100644
--- a/src/libcharon/plugins/stroke/stroke_config.c
+++ b/src/libcharon/plugins/stroke/stroke_config.c
@@ -321,6 +321,7 @@ static void parse_pubkey_constraints(char *auth, auth_cfg_t *cfg)
 			{ "sha256",		SIGN_RSA_EMSA_PKCS1_SHA256,		KEY_RSA,	},
 			{ "sha384",		SIGN_RSA_EMSA_PKCS1_SHA384,		KEY_RSA,	},
 			{ "sha512",		SIGN_RSA_EMSA_PKCS1_SHA512,		KEY_RSA,	},
+			{ "cgasha1",	SIGN_CGA_SHA1,					KEY_RSA,	},
 			{ "sha1",		SIGN_ECDSA_WITH_SHA1_DER,		KEY_ECDSA,	},
 			{ "sha256",		SIGN_ECDSA_WITH_SHA256_DER,		KEY_ECDSA,	},
 			{ "sha384",		SIGN_ECDSA_WITH_SHA384_DER,		KEY_ECDSA,	},
@@ -328,6 +329,7 @@ static void parse_pubkey_constraints(char *auth, auth_cfg_t *cfg)
 			{ "sha256",		SIGN_ECDSA_256,					KEY_ECDSA,	},
 			{ "sha384",		SIGN_ECDSA_384,					KEY_ECDSA,	},
 			{ "sha512",		SIGN_ECDSA_521,					KEY_ECDSA,	},
+			{ "cgasha1",	SIGN_CGA_SHA1,					KEY_ECDSA,	},
 		};
 
 		if (rsa_len || ecdsa_len)