From: Reto Buerki <reet@codelabs.ch>
Date: Tue, 16 Oct 2012 14:42:23 +0000 (+0200)
Subject: keymat: Store signature info in auth octets
X-Git-Tag: 5.0.3rc1~39^2~34
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fe504b745d1a4eaf49fa60d62dc351aae1de1f93;p=thirdparty%2Fstrongswan.git

keymat: Store signature info in auth octets

Store the ISA context id and the initial message in the auth octets
chunk using the sign_info_t struct. Charon will pass on this information
to the TKM private key sign operation where it is extracted.
---

diff --git a/src/charon-tkm/src/tkm/tkm_keymat.c b/src/charon-tkm/src/tkm/tkm_keymat.c
index 2fc5d60ebb..95261d8c39 100644
--- a/src/charon-tkm/src/tkm/tkm_keymat.c
+++ b/src/charon-tkm/src/tkm/tkm_keymat.c
@@ -366,9 +366,21 @@ METHOD(keymat_v2_t, get_auth_octets, bool,
 	{
 		/* store peer init message for authentication step */
 		this->other_init_msg = chunk_clone(ike_sa_init);
+		*octets = chunk_empty;
+		return TRUE;
 	}
-	DBG1(DBG_IKE, "returning auth octets");
-	*octets = chunk_empty;
+
+	sign_info_t *sign;
+	INIT(sign,
+		 .isa_id = this->isa_ctx_id,
+		 .init_message = chunk_clone(ike_sa_init),
+	);
+
+	/*
+	 * store signature info in AUTH octets, which is passed to the private key
+	 * sign() operation
+	 */
+	*octets = chunk_create((u_char *)sign, sizeof(sign_info_t));
 	return TRUE;
 }