diff options
| author | Reto Buerki <reet@codelabs.ch> | 2012-08-30 14:42:19 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2013-03-19 15:23:47 +0100 |
| commit | bf1034a7764d10dece4744750d3ab42706131ec3 (patch) | |
| tree | 6a1e6ce46f8fc6bc42b94ff32e6c9824d7786a5c /src | |
| parent | 7fb3e5ed104e12822fa5a62fcd3db27b52bc1f67 (diff) | |
| download | strongswan-bf1034a7764d10dece4744750d3ab42706131ec3.tar.bz2 strongswan-bf1034a7764d10dece4744750d3ab42706131ec3.tar.xz | |
keymat: Acquire ISA context ID on initialization
Diffstat (limited to 'src')
| -rw-r--r-- | src/charon-tkm/src/tkm/tkm_keymat.c | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/src/charon-tkm/src/tkm/tkm_keymat.c b/src/charon-tkm/src/tkm/tkm_keymat.c index 3b1fd1cd2..50d93fc64 100644 --- a/src/charon-tkm/src/tkm/tkm_keymat.c +++ b/src/charon-tkm/src/tkm/tkm_keymat.c @@ -56,6 +56,11 @@ struct private_tkm_keymat_t { */ aead_t *aead_out; + /** + * ISA context id. + */ + isa_id_type isa_ctx_id; + }; /** @@ -224,7 +229,8 @@ METHOD(tkm_keymat_t, derive_ike_keys, bool, DBG1(DBG_IKE, "deriving IKE keys (nc: %llu, dh: %llu, spi_loc: %llx, " "spi_rem: %llx)", nc_id, dh_id, spi_loc, spi_rem); /* Fake some data for now */ - if (ike_isa_create(1, 1, 1, dh_id, nc_id, nonce_rem, 1, spi_loc, spi_rem, + if (ike_isa_create(this->isa_ctx_id, 1, 1, dh_id, nc_id, nonce_rem, 1, + spi_loc, spi_rem, &sk_ai, &sk_ar, &sk_ei, &sk_er) != TKM_OK) { DBG1(DBG_IKE, "key derivation failed"); @@ -318,7 +324,8 @@ METHOD(tkm_keymat_t, get_psk_sig, bool, idx_type idx; chunk_to_sequence(&idx_chunk, &idx); - if (ike_isa_sign_psk(1, msg, idx, verify == TRUE, &signature) != TKM_OK) + if (ike_isa_sign_psk(this->isa_ctx_id, msg, idx, verify == TRUE, &signature) + != TKM_OK) { DBG1(DBG_IKE, "get %s PSK signature failed", verify ? "remote" : "local"); @@ -332,6 +339,12 @@ METHOD(tkm_keymat_t, get_psk_sig, bool, METHOD(keymat_t, destroy, void, private_tkm_keymat_t *this) { + if (ike_isa_reset(this->isa_ctx_id) != TKM_OK) + { + DBG1(DBG_IKE, "failed to reset ISA context %d", this->isa_ctx_id); + } + tkm->idmgr->release_id(tkm->idmgr, TKM_CTX_ISA, this->isa_ctx_id); + DESTROY_IF(this->aead_in); DESTROY_IF(this->aead_out); this->proxy->keymat.destroy(&this->proxy->keymat); @@ -361,8 +374,15 @@ tkm_keymat_t *tkm_keymat_create(bool initiator) .get_psk_sig = _get_psk_sig, }, .initiator = initiator, + .isa_ctx_id = tkm->idmgr->acquire_id(tkm->idmgr, TKM_CTX_ISA), .proxy = keymat_v2_create(initiator), ); + if (!this->isa_ctx_id) + { + free(this); + return NULL; + } + return &this->public; } |