}
METHOD(phase1_t, create_hasher, bool,
- private_phase1_t *this, proposal_t *proposal)
+ private_phase1_t *this)
{
- return this->keymat->create_hasher(this->keymat, proposal);
+ return this->keymat->create_hasher(this->keymat,
+ this->ike_sa->get_proposal(this->ike_sa));
}
METHOD(phase1_t, create_dh, bool,
}
METHOD(phase1_t, derive_keys, bool,
- private_phase1_t *this, peer_cfg_t *peer_cfg, auth_method_t method,
- proposal_t *proposal)
+ private_phase1_t *this, peer_cfg_t *peer_cfg, auth_method_t method)
{
shared_key_t *shared_key = NULL;
break;
}
- if (!this->keymat->derive_ike_keys(this->keymat, proposal,
+ if (!this->keymat->derive_ike_keys(this->keymat,
+ this->ike_sa->get_proposal(this->ike_sa),
this->dh, this->dh_value, this->nonce_i, this->nonce_r,
this->ike_sa->get_id(this->ike_sa), method, shared_key))
{
/**
* Create keymat hasher.
*
- * @param proposal negotiated proposal
* @return TRUE if hasher created
*/
- bool (*create_hasher)(phase1_t *this, proposal_t *proposal);
+ bool (*create_hasher)(phase1_t *this);
/**
* Create DH object using SA keymat.
*
* @param peer_cfg peer config to look up shared key for, or NULL
* @param method negotiated authenticated method
- * @param proposal selected IKE proposal
* @return TRUE if successful
*/
bool (*derive_keys)(phase1_t *this, peer_cfg_t *peer_cfg,
- auth_method_t method, proposal_t *proposal);
+ auth_method_t method);
/**
* Verify a HASH or SIG payload in message.
*
DBG1(DBG_IKE, "no proposal found");
return send_notify(this, NO_PROPOSAL_CHOSEN);
}
+ this->ike_sa->set_proposal(this->ike_sa, this->proposal);
this->method = sa_payload->get_auth_method(sa_payload);
this->lifetime = sa_payload->get_lifetime(sa_payload);
{
return send_notify(this, INVALID_KEY_INFORMATION);
}
- if (!this->ph1->create_hasher(this->ph1, this->proposal))
+ if (!this->ph1->create_hasher(this->ph1))
{
return send_notify(this, NO_PROPOSAL_CHOSEN);
}
- if (!this->ph1->derive_keys(this->ph1, this->peer_cfg, this->method,
- this->proposal))
+ if (!this->ph1->derive_keys(this->ph1, this->peer_cfg, this->method))
{
return send_notify(this, INVALID_KEY_INFORMATION);
}
DBG1(DBG_IKE, "no proposal found");
return send_notify(this, NO_PROPOSAL_CHOSEN);
}
+ this->ike_sa->set_proposal(this->ike_sa, this->proposal);
lifetime = sa_payload->get_lifetime(sa_payload);
if (lifetime != this->lifetime)
{
return send_notify(this, INVALID_PAYLOAD_TYPE);
}
- if (!this->ph1->create_hasher(this->ph1, this->proposal))
+ if (!this->ph1->create_hasher(this->ph1))
{
return send_notify(this, NO_PROPOSAL_CHOSEN);
}
- if (!this->ph1->derive_keys(this->ph1, this->peer_cfg, this->method,
- this->proposal))
+ if (!this->ph1->derive_keys(this->ph1, this->peer_cfg, this->method))
{
return send_notify(this, INVALID_KEY_INFORMATION);
}
{
u_int16_t group;
- if (!this->ph1->create_hasher(this->ph1, this->proposal))
+ if (!this->ph1->create_hasher(this->ph1))
{
return send_notify(this, NO_PROPOSAL_CHOSEN);
}
DBG1(DBG_IKE, "no proposal found");
return send_notify(this, NO_PROPOSAL_CHOSEN);
}
+ this->ike_sa->set_proposal(this->ike_sa, this->proposal);
this->method = sa_payload->get_auth_method(sa_payload);
this->lifetime = sa_payload->get_lifetime(sa_payload);
{
u_int16_t group;
- if (!this->ph1->create_hasher(this->ph1, this->proposal))
+ if (!this->ph1->create_hasher(this->ph1))
{
return send_notify(this, INVALID_KEY_INFORMATION);
}
{
return send_notify(this, INVALID_KEY_INFORMATION);
}
- if (!this->ph1->derive_keys(this->ph1, this->peer_cfg, this->method,
- this->proposal))
+ if (!this->ph1->derive_keys(this->ph1, this->peer_cfg, this->method))
{
return send_notify(this, INVALID_KEY_INFORMATION);
}
DBG1(DBG_IKE, "no proposal found");
return send_notify(this, NO_PROPOSAL_CHOSEN);
}
+ this->ike_sa->set_proposal(this->ike_sa, this->proposal);
lifetime = sa_payload->get_lifetime(sa_payload);
if (lifetime != this->lifetime)
{
return send_notify(this, INVALID_PAYLOAD_TYPE);
}
- if (!this->ph1->derive_keys(this->ph1, this->peer_cfg,
- this->method, this->proposal))
+ if (!this->ph1->derive_keys(this->ph1, this->peer_cfg, this->method))
{
return send_notify(this, INVALID_KEY_INFORMATION);
}
projects / thirdparty / strongswan.git / commitdiff
