static int ikev2_process_sa_init_encr(struct ikev2_initiator_data *data,
const struct ikev2_hdr *hdr,
const u8 *encrypted,
size_t encrypted_len, u8 next_payload)
{
u8 *decrypted;
size_t decrypted_len;
struct ikev2_payloads pl;
int ret = 0;
decrypted = ikev2_decrypt_payload(data->proposal.encr,
data->proposal.integ, &data->keys, 0,
hdr, encrypted, encrypted_len,
&decrypted_len);
if (decrypted == NULL)
return -1;
asd_printf(ASD_DEFAULT,MSG_DEBUG, "IKEV2: Processing decrypted payloads");
if (ikev2_parse_payloads(&pl, next_payload, decrypted,
decrypted + decrypted_len) < 0) {
asd_printf(ASD_DEFAULT,MSG_DEBUG, "IKEV2: Failed to parse decrypted "
"payloads");
return -1;
}
if (pl.idr)
ret = ikev2_process_idr(data, pl.idr, pl.idr_len);
os_free(decrypted);
return ret;
}
static int ikev2_process_sa_auth(struct ikev2_initiator_data *data,
const struct ikev2_hdr *hdr,
struct ikev2_payloads *pl)
{
u8 *decrypted;
size_t decrypted_len;
int ret;
decrypted = ikev2_decrypt_payload(data->proposal.encr,
data->proposal.integ,
&data->keys, 0, hdr, pl->encrypted,
pl->encrypted_len, &decrypted_len);
if (decrypted == NULL)
return -1;
ret = ikev2_process_sa_auth_decrypted(data, pl->encr_next_payload,
decrypted, decrypted_len);
os_free(decrypted);
if (ret == 0 && !data->unknown_user) {
asd_printf(ASD_DEFAULT,MSG_DEBUG, "IKEV2: Authentication completed");
data->state = IKEV2_DONE;
}
return ret;
}
static int ikev2_process_sa_auth(struct ikev2_responder_data *data, const struct ikev2_hdr *hdr, struct ikev2_payloads *pl)
{
u8 *decrypted;
size_t decrypted_len;
int ret;
decrypted = ikev2_decrypt_payload(data->proposal.encr, data->proposal.integ, &data->keys, 1, hdr, pl->encrypted, pl->encrypted_len, &decrypted_len);
if (decrypted == NULL) {
return -1;
}
ret = ikev2_process_sa_auth_decrypted(data, pl->encr_next_payload, decrypted, decrypted_len);
os_free(decrypted);
return ret;
}