diff options
| author | Martin Willi <martin@strongswan.org> | 2006-02-10 08:20:06 +0000 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2006-02-10 08:20:06 +0000 |
| commit | aeda79ff7824bcdc48c8d6bf5818d40cc476340e (patch) | |
| tree | d83fa98090366607f9f709e214f1a30c79fbb09d /Source/charon/sa/child_sa.c | |
| parent | 5b97779f6642aef62daa9185fad9422452d40aa6 (diff) | |
| download | strongswan-aeda79ff7824bcdc48c8d6bf5818d40cc476340e.tar.bz2 strongswan-aeda79ff7824bcdc48c8d6bf5818d40cc476340e.tar.xz | |
- key derivation for child_sa works
Diffstat (limited to 'Source/charon/sa/child_sa.c')
| -rw-r--r-- | Source/charon/sa/child_sa.c | 54 |
1 files changed, 50 insertions, 4 deletions
diff --git a/Source/charon/sa/child_sa.c b/Source/charon/sa/child_sa.c index 8571ad055..c18b760f2 100644 --- a/Source/charon/sa/child_sa.c +++ b/Source/charon/sa/child_sa.c @@ -24,6 +24,8 @@ #include <utils/allocator.h> +#include <daemon.h> + typedef struct private_child_sa_t private_child_sa_t; @@ -37,9 +39,14 @@ struct private_child_sa_t { child_sa_t public; /** - * Type of this child sa, ESP or AH. + * CHILD_SAs own logger */ - protocol_id_t sa_type; + logger_t *logger; + + /** + * Protocols used in this SA + */ + protocol_id_t protocols[2]; }; @@ -56,22 +63,61 @@ static u_int32_t get_spi(private_child_sa_t *this) */ static void destroy(private_child_sa_t *this) { + charon->logger_manager->destroy_logger(charon->logger_manager, this->logger); allocator_free(this); } /* * Described in header. */ -child_sa_t * child_sa_create(protocol_id_t sa_type, prf_plus_t *prf_plus) +child_sa_t * child_sa_create(child_proposal_t *proposal, prf_plus_t *prf_plus) { private_child_sa_t *this = allocator_alloc_thing(private_child_sa_t); + u_int i; /* public functions */ this->public.get_spi = (u_int32_t(*)(child_sa_t*))get_spi; this->public.destroy = (void(*)(child_sa_t*))destroy; /* private data */ - this->sa_type = sa_type; + this->logger = charon->logger_manager->create_logger(charon->logger_manager, CHILD_SA, NULL); + proposal->get_protocols(proposal, this->protocols); + + /* derive keys */ + for (i = 0; i<2; i++) + { + if (this->protocols[i] != UNDEFINED_PROTOCOL_ID) + { + algorithm_t *algo; + chunk_t key; + + /* get encryption key */ + if (proposal->get_algorithm(proposal, this->protocols[i], ENCRYPTION_ALGORITHM, &algo)) + { + this->logger->log(this->logger, CONTROL|LEVEL1, "%s: using %s %s, ", + mapping_find(protocol_id_m, this->protocols[i]), + mapping_find(transform_type_m, ENCRYPTION_ALGORITHM), + mapping_find(encryption_algorithm_m, algo->algorithm)); + + prf_plus->allocate_bytes(prf_plus, algo->key_size, &key); + this->logger->log_chunk(this->logger, PRIVATE, "key:", &key); + allocator_free_chunk(&key); + } + + /* get integrity key */ + if (proposal->get_algorithm(proposal, this->protocols[i], INTEGRITY_ALGORITHM, &algo)) + { + this->logger->log(this->logger, CONTROL|LEVEL1, "%s: using %s %s,", + mapping_find(protocol_id_m, this->protocols[i]), + mapping_find(transform_type_m, INTEGRITY_ALGORITHM), + mapping_find(integrity_algorithm_m, algo->algorithm)); + + prf_plus->allocate_bytes(prf_plus, algo->key_size, &key); + this->logger->log_chunk(this->logger, PRIVATE, "key:", &key); + allocator_free_chunk(&key); + } + } + } return (&this->public); } |