sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-11-27 00:00:29 -05:00
Code Issues Projects Releases Wiki Activity

fixed IKEv1 support of HMAC_SHA2_256_96

Browse Source
This commit is contained in:
Andreas Steffen 2009-12-09 09:33:32 +01:00
parent 0a975307f1
commit 353b829177
3 changed files with 22 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/pluto/alg_info.c
View File

@ -51,20 +51,13 @@ int alg_info_esp_aa2sadb(int auth)
{ {
int sadb_aalg = 0; int sadb_aalg = 0;
switch(auth) { switch(auth)
{
case AUTH_ALGORITHM_HMAC_MD5: case AUTH_ALGORITHM_HMAC_MD5:
case AUTH_ALGORITHM_HMAC_SHA1: case AUTH_ALGORITHM_HMAC_SHA1:
sadb_aalg = auth + 1; sadb_aalg = auth + 1;
break; break;
case AUTH_ALGORITHM_HMAC_SHA2_256:
case AUTH_ALGORITHM_HMAC_SHA2_384:
case AUTH_ALGORITHM_HMAC_SHA2_512:
case AUTH_ALGORITHM_HMAC_RIPEMD:
case AUTH_ALGORITHM_AES_XCBC_MAC:
sadb_aalg = auth;
break;
default: default:
/* loose ... */
sadb_aalg = auth; sadb_aalg = auth;
} }
return sadb_aalg; return sadb_aalg;
@ -74,20 +67,13 @@ int alg_info_esp_sadb2aa(int sadb_aalg)
{ {
int auth = 0; int auth = 0;
switch(sadb_aalg) { switch(sadb_aalg)
{
case SADB_AALG_MD5HMAC: case SADB_AALG_MD5HMAC:
case SADB_AALG_SHA1HMAC: case SADB_AALG_SHA1HMAC:
auth = sadb_aalg - 1; auth = sadb_aalg - 1;
break; break;
case SADB_X_AALG_SHA2_256HMAC:
case SADB_X_AALG_SHA2_384HMAC:
case SADB_X_AALG_SHA2_512HMAC:
case SADB_X_AALG_RIPEMD160HMAC:
case SADB_X_AALG_AES_XCBC_MAC:
auth = sadb_aalg;
break;
default: default:
/* loose ... */
auth = sadb_aalg; auth = sadb_aalg;
} }
return auth; return auth;

12
src/pluto/constants.c
View File

@ -675,15 +675,17 @@ static const char *const auth_alg_name[] = {
}; };
static const char *const extended_auth_alg_name[] = { static const char *const extended_auth_alg_name[] = {
"NULL" "NULL",
}; "HMAC_SHA2_256_96"
};
enum_names extended_auth_alg_names = enum_names extended_auth_alg_names =
{ AUTH_ALGORITHM_NULL, AUTH_ALGORITHM_NULL, extended_auth_alg_name, NULL }; { AUTH_ALGORITHM_NULL, AUTH_ALGORITHM_HMAC_SHA2_256_96,
extended_auth_alg_name, NULL };
enum_names auth_alg_names = enum_names auth_alg_names =
{ AUTH_ALGORITHM_NONE, AUTH_ALGORITHM_SIG_RSA, auth_alg_name { AUTH_ALGORITHM_NONE, AUTH_ALGORITHM_SIG_RSA,
, &extended_auth_alg_names }; auth_alg_name, &extended_auth_alg_names };
/* From draft-beaulieu-ike-xauth */ /* From draft-beaulieu-ike-xauth */
static const char *const xauth_type_name[] = { static const char *const xauth_type_name[] = {

11
src/pluto/kernel_alg.c
View File

@ -380,6 +380,7 @@ void kernel_alg_register_pfkey(const struct sadb_msg *msg_buf, int buflen)
) )
/* if AES_CBC is registered then also register AES_CCM and AES_GCM */ /* if AES_CBC is registered then also register AES_CCM and AES_GCM */
if (satype == SADB_SATYPE_ESP && if (satype == SADB_SATYPE_ESP &&
supp_exttype == SADB_EXT_SUPPORTED_ENCRYPT &&
sadb.alg->sadb_alg_id == SADB_X_EALG_AESCBC) sadb.alg->sadb_alg_id == SADB_X_EALG_AESCBC)
{ {
struct sadb_alg alg = *sadb.alg; struct sadb_alg alg = *sadb.alg;
@ -395,6 +396,16 @@ void kernel_alg_register_pfkey(const struct sadb_msg *msg_buf, int buflen)
} }
} }
} }
/* if SHA2_256 is registered then also register SHA2_256_96 */
if (satype == SADB_SATYPE_ESP &&
supp_exttype == SADB_EXT_SUPPORTED_AUTH &&
sadb.alg->sadb_alg_id == SADB_X_AALG_SHA2_256HMAC)
{
struct sadb_alg alg = *sadb.alg;
alg.sadb_alg_id = SADB_X_AALG_SHA2_256_96HMAC;
kernel_alg_add(satype, supp_exttype, &alg);
}
} }
} }
} }