]> git.ipfire.org Git - thirdparty/strongswan.git/commit
projects / thirdparty / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ca3e6d2) | patch
child-create: Add support for multiple key exchanges
authorTobias Brunner <tobias@strongswan.org>
Thu, 25 Jun 2020 08:26:38 +0000 (10:26 +0200)
committerTobias Brunner <tobias@strongswan.org>
Wed, 7 Aug 2024 14:20:18 +0000 (16:20 +0200)
commitd7760416d62d0c37235caa6a9fe3905c12e67672
treee4856090164804c2bfd9297465016deb2cbcf618tree
parentca3e6d2d144ed32dc52ccde86b5e2347657108edcommit | diff
child-create: Add support for multiple key exchanges

It also changes that payloads are built before installing the CHILD_SA
on the responder, that is, the KE payload is generated before keys are
derived, so that key_exchange_t::get_public_key() is called before
get_shared_secret(), or its internal equivalent, which could be relevant
for KE implementations that want to ensure that the key can't be
accessed again after the key derivation.
src/charon-tkm/src/tkm/tkm_kernel_ipsec.c diff | blob | blame | history
src/charon-tkm/src/tkm/tkm_keymat.c diff | blob | blame | history
src/charon-tkm/src/tkm/tkm_types.h diff | blob | blame | history
src/charon-tkm/tests/keymat_tests.c diff | blob | blame | history
src/libcharon/sa/ikev2/tasks/child_create.c diff | blob | blame | history
src/libcharon/sa/ikev2/tasks/child_create.h diff | blob | blame | history
src/libcharon/sa/ikev2/tasks/child_rekey.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.