diff options
| author | Reto Buerki <reet@codelabs.ch> | 2012-08-21 12:38:50 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2013-03-19 15:23:45 +0100 |
| commit | 1ee792f9ea06ecb01af019badbe1cbb1c260fc83 (patch) | |
| tree | f359baa69d5ca216f11d90ff2a91b01caded5911 | |
| parent | 5b3bcdfadaa6c305d09af459c7e568b9b6854bef (diff) | |
| download | strongswan-1ee792f9ea06ecb01af019badbe1cbb1c260fc83.tar.bz2 strongswan-1ee792f9ea06ecb01af019badbe1cbb1c260fc83.tar.xz | |
Use ikev2 keymat proxy
Forward incoming calls to default ikev2 keymat instance. This is needed
to make a stepwise migration to TKM keymat possible. It will be removed
once the corresponding parts are implemented in the TKM.
| -rw-r--r-- | src/charon-tkm/src/tkm/tkm_keymat.c | 25 |
1 files changed, 18 insertions, 7 deletions
diff --git a/src/charon-tkm/src/tkm/tkm_keymat.c b/src/charon-tkm/src/tkm/tkm_keymat.c index cdc6800f0..186f67b3a 100644 --- a/src/charon-tkm/src/tkm/tkm_keymat.c +++ b/src/charon-tkm/src/tkm/tkm_keymat.c @@ -15,6 +15,7 @@ */ #include <daemon.h> +#include <sa/ikev2/keymat_v2.h> #include "tkm_keymat.h" @@ -30,6 +31,11 @@ struct private_tkm_keymat_t { */ tkm_keymat_t public; + /** + * IKEv2 keymat proxy (will be removed). + */ + keymat_v2_t *proxy; + }; METHOD(keymat_t, get_version, ike_version_t, @@ -56,7 +62,8 @@ METHOD(tkm_keymat_t, derive_ike_keys, bool, pseudo_random_function_t rekey_function, chunk_t rekey_skd) { DBG1(DBG_IKE, "deriving IKE keys"); - return FALSE; + return this->proxy->derive_ike_keys(this->proxy, proposal, dh, nonce_i, + nonce_r, id, rekey_function, rekey_skd); } METHOD(tkm_keymat_t, derive_child_keys, bool, @@ -65,14 +72,15 @@ METHOD(tkm_keymat_t, derive_child_keys, bool, chunk_t *encr_r, chunk_t *integ_r) { DBG1(DBG_CHD, "deriving child keys"); - return FALSE; + return this->proxy->derive_child_keys(this->proxy, proposal, dh, nonce_i, + nonce_r, encr_i, integ_i, encr_r, integ_r); } METHOD(keymat_t, get_aead, aead_t*, private_tkm_keymat_t *this, bool in) { - DBG1(DBG_IKE, "get_aead called"); - return NULL; + DBG1(DBG_IKE, "returning aead transform"); + return this->proxy->keymat.get_aead(&this->proxy->keymat, in); } METHOD(tkm_keymat_t, get_auth_octets, bool, @@ -80,14 +88,15 @@ METHOD(tkm_keymat_t, get_auth_octets, bool, chunk_t nonce, identification_t *id, char reserved[3], chunk_t *octets) { DBG1(DBG_IKE, "returning auth octets"); - return FALSE; + return this->proxy->get_auth_octets(this->proxy, verify, ike_sa_init, nonce, + id, reserved, octets); } METHOD(tkm_keymat_t, get_skd, pseudo_random_function_t, private_tkm_keymat_t *this, chunk_t *skd) { DBG1(DBG_IKE, "returning skd"); - return PRF_UNDEFINED; + return this->proxy->get_skd(this->proxy, skd); } METHOD(tkm_keymat_t, get_psk_sig, bool, @@ -95,7 +104,8 @@ METHOD(tkm_keymat_t, get_psk_sig, bool, chunk_t secret, identification_t *id, char reserved[3], chunk_t *sig) { DBG1(DBG_IKE, "returning PSK signature"); - return FALSE; + return this->proxy->get_psk_sig(this->proxy, verify, ike_sa_init, nonce, + secret, id, reserved, sig); } METHOD(keymat_t, destroy, void, @@ -126,6 +136,7 @@ tkm_keymat_t *tkm_keymat_create(bool initiator) .get_auth_octets = _get_auth_octets, .get_psk_sig = _get_psk_sig, }, + .proxy = keymat_v2_create(initiator), ); return &this->public; |