diff options
Diffstat (limited to 'src/libcharon/sa/authenticators/pubkey_authenticator.c')
| -rw-r--r-- | src/libcharon/sa/authenticators/pubkey_authenticator.c | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/src/libcharon/sa/authenticators/pubkey_authenticator.c b/src/libcharon/sa/authenticators/pubkey_authenticator.c index 1d01abf50..247891670 100644 --- a/src/libcharon/sa/authenticators/pubkey_authenticator.c +++ b/src/libcharon/sa/authenticators/pubkey_authenticator.c @@ -46,6 +46,11 @@ struct private_pubkey_authenticator_t { * IKE_SA_INIT message data to include in AUTH calculation */ chunk_t ike_sa_init; + + /** + * Reserved bytes of ID payload + */ + char reserved[3]; }; METHOD(authenticator_t, build, status_t, @@ -107,7 +112,7 @@ METHOD(authenticator_t, build, status_t, } keymat = this->ike_sa->get_keymat(this->ike_sa); octets = keymat->get_auth_octets(keymat, FALSE, this->ike_sa_init, - this->nonce, id); + this->nonce, id, this->reserved); if (private->sign(private, scheme, octets, &auth_data)) { auth_payload = auth_payload_create(); @@ -171,7 +176,7 @@ METHOD(authenticator_t, process, status_t, id = this->ike_sa->get_other_id(this->ike_sa); keymat = this->ike_sa->get_keymat(this->ike_sa); octets = keymat->get_auth_octets(keymat, TRUE, this->ike_sa_init, - this->nonce, id); + this->nonce, id, this->reserved); auth = this->ike_sa->get_auth_cfg(this->ike_sa, FALSE); enumerator = lib->credmgr->create_public_enumerator(lib->credmgr, key_type, id, auth); @@ -212,7 +217,8 @@ METHOD(authenticator_t, destroy, void, * Described in header. */ pubkey_authenticator_t *pubkey_authenticator_create_builder(ike_sa_t *ike_sa, - chunk_t received_nonce, chunk_t sent_init) + chunk_t received_nonce, chunk_t sent_init, + char reserved[3]) { private_pubkey_authenticator_t *this; @@ -229,6 +235,8 @@ pubkey_authenticator_t *pubkey_authenticator_create_builder(ike_sa_t *ike_sa, .ike_sa_init = sent_init, .nonce = received_nonce, ); + memcpy(this->reserved, reserved, sizeof(this->reserved)); + return &this->public; } @@ -236,7 +244,8 @@ pubkey_authenticator_t *pubkey_authenticator_create_builder(ike_sa_t *ike_sa, * Described in header. */ pubkey_authenticator_t *pubkey_authenticator_create_verifier(ike_sa_t *ike_sa, - chunk_t sent_nonce, chunk_t received_init) + chunk_t sent_nonce, chunk_t received_init, + char reserved[3]) { private_pubkey_authenticator_t *this; @@ -253,5 +262,7 @@ pubkey_authenticator_t *pubkey_authenticator_create_verifier(ike_sa_t *ike_sa, .ike_sa_init = received_init, .nonce = sent_nonce, ); + memcpy(this->reserved, reserved, sizeof(this->reserved)); + return &this->public; } |