diff options
| author | Martin Willi <martin@revosec.ch> | 2011-12-07 14:09:34 +0000 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2012-03-20 17:31:14 +0100 |
| commit | 76fe7de3fd0b39e7161f6081920d1e2d5edb9317 (patch) | |
| tree | 1364f384123a7fdffaaa4373239cae13cf7f9f27 | |
| parent | 7c27c914d4365e85830b8690fdfa912b848a9588 (diff) | |
| download | strongswan-76fe7de3fd0b39e7161f6081920d1e2d5edb9317.tar.bz2 strongswan-76fe7de3fd0b39e7161f6081920d1e2d5edb9317.tar.xz | |
Added a factory function for IKEv1 authenticators
| -rw-r--r-- | src/libcharon/sa/authenticators/authenticator.c | 25 | ||||
| -rw-r--r-- | src/libcharon/sa/authenticators/authenticator.h | 19 |
2 files changed, 42 insertions, 2 deletions
diff --git a/src/libcharon/sa/authenticators/authenticator.c b/src/libcharon/sa/authenticators/authenticator.c index 83f5fbaad..c69a5d92a 100644 --- a/src/libcharon/sa/authenticators/authenticator.c +++ b/src/libcharon/sa/authenticators/authenticator.c @@ -21,6 +21,8 @@ #include <sa/authenticators/pubkey_authenticator.h> #include <sa/authenticators/psk_authenticator.h> #include <sa/authenticators/eap_authenticator.h> +#include <sa/authenticators/psk_v1_authenticator.h> +#include <sa/authenticators/pubkey_v1_authenticator.h> #include <encoding/payloads/auth_payload.h> @@ -95,3 +97,26 @@ authenticator_t *authenticator_create_verifier( } } +/** + * Described in header. + */ +authenticator_t *authenticator_create_v1(ike_sa_t *ike_sa, bool initiator, + auth_method_t auth_method, diffie_hellman_t *dh, + chunk_t dh_value, chunk_t sa_payload) +{ + switch (auth_method) + { + case AUTH_PSK: + case AUTH_XAUTH_INIT_PSK: + case AUTH_XAUTH_RESP_PSK: + return (authenticator_t*)psk_v1_authenticator_create(ike_sa, + initiator, dh, dh_value, sa_payload); + case AUTH_RSA: + case AUTH_XAUTH_INIT_RSA: + case AUTH_XAUTH_RESP_RSA: + return (authenticator_t*)pubkey_v1_authenticator_create(ike_sa, + initiator, dh, dh_value, sa_payload); + default: + return NULL; + } +} diff --git a/src/libcharon/sa/authenticators/authenticator.h b/src/libcharon/sa/authenticators/authenticator.h index 1161583c9..3c1733388 100644 --- a/src/libcharon/sa/authenticators/authenticator.h +++ b/src/libcharon/sa/authenticators/authenticator.h @@ -148,7 +148,7 @@ struct authenticator_t { }; /** - * Create an authenticator to build signatures. + * Create an IKEv2 authenticator to build signatures. * * @param ike_sa associated ike_sa * @param cfg authentication configuration @@ -166,7 +166,7 @@ authenticator_t *authenticator_create_builder( char reserved[3]); /** - * Create an authenticator to verify signatures. + * Create an IKEv2 authenticator to verify signatures. * * @param ike_sa associated ike_sa * @param message message containing authentication data @@ -183,4 +183,19 @@ authenticator_t *authenticator_create_verifier( chunk_t received_init, chunk_t sent_init, char reserved[3]); +/** + * Create an IKEv1 authenticator to build and verify signatures or hash payloads. + * + * @param ike_sa associated IKE_SA + * @param initiator TRUE if we are the IKE_SA initiator + * @param auth_method negotiated authentication method to use + * @param dh diffie hellman key exchange + * @param dh_value others public diffie hellman value + * @param sa_payload generated SA payload data, without payload header + * @return authenticator, NULL if not supported + */ +authenticator_t *authenticator_create_v1(ike_sa_t *ike_sa, bool initiator, + auth_method_t auth_method, diffie_hellman_t *dh, + chunk_t dh_value, chunk_t sa_payload); + #endif /** AUTHENTICATOR_H_ @}*/ |