From aa6da3700a6c1b919034705ba8b5a6d59768151d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Skalski?= <mskalski13@gmail.com>
Date: Mon, 22 Feb 2021 15:25:45 +0100
Subject: [PATCH 1/4] keymat: Add support for full-length HMAC-SHA2 algorithms

---
 src/libcharon/sa/keymat.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/libcharon/sa/keymat.c b/src/libcharon/sa/keymat.c
index 70521b5dc2..7c92b289f1 100644
--- a/src/libcharon/sa/keymat.c
+++ b/src/libcharon/sa/keymat.c
@@ -91,8 +91,11 @@ int keymat_get_keylen_integ(integrity_algorithm_t alg)
 		{AUTH_HMAC_SHA1_160,		160},
 		{AUTH_HMAC_SHA2_256_96,		256},
 		{AUTH_HMAC_SHA2_256_128,	256},
+		{AUTH_HMAC_SHA2_256_256,	256},
 		{AUTH_HMAC_SHA2_384_192,	384},
+		{AUTH_HMAC_SHA2_384_384,	384},
 		{AUTH_HMAC_SHA2_512_256,	512},
+		{AUTH_HMAC_SHA2_512_512,	512},
 		{AUTH_AES_XCBC_96,			128},
 		{AUTH_AES_CMAC_96,			128},
 	};

From c632aa7b31daebc3cd00f962b93167e3e66fecbc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Skalski?= <mskalski13@gmail.com>
Date: Fri, 5 Feb 2021 06:59:13 +0100
Subject: [PATCH 2/4] kernel-netlink: Add support for full-length HMAC-SHA2
 algorithms

---
 .../plugins/kernel_netlink/kernel_netlink_ipsec.c  | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
index ef0d424bd3..d838945b22 100644
--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
@@ -242,8 +242,11 @@ static kernel_algorithm_t integrity_algs[] = {
 	{AUTH_HMAC_SHA1_160,		"hmac(sha1)"		},
 	{AUTH_HMAC_SHA2_256_96,		"sha256"			},
 	{AUTH_HMAC_SHA2_256_128,	"hmac(sha256)"		},
+	{AUTH_HMAC_SHA2_256_256,	"hmac(sha256)"		},
 	{AUTH_HMAC_SHA2_384_192,	"hmac(sha384)"		},
+	{AUTH_HMAC_SHA2_384_384,	"hmac(sha384)"		},
 	{AUTH_HMAC_SHA2_512_256,	"hmac(sha512)"		},
+	{AUTH_HMAC_SHA2_512_512,	"hmac(sha512)"		},
 /*	{AUTH_DES_MAC,				"***"				}, */
 /*	{AUTH_KPDK_MD5,				"***"				}, */
 	{AUTH_AES_XCBC_96,			"xcbc(aes)"			},
@@ -1763,6 +1766,15 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
 			case AUTH_HMAC_SHA1_160:
 				trunc_len = 160;
 				break;
+			case AUTH_HMAC_SHA2_256_256:
+				trunc_len = 256;
+				break;
+			case AUTH_HMAC_SHA2_384_384:
+				trunc_len = 384;
+				break;
+			case AUTH_HMAC_SHA2_512_512:
+				trunc_len = 512;
+				break;
 			default:
 				break;
 		}
@@ -1773,7 +1785,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
 
 			/* the kernel uses SHA256 with 96 bit truncation by default,
 			 * use specified truncation size supported by newer kernels.
-			 * also use this for untruncated MD5 and SHA1. */
+			 * also use this for untruncated MD5, SHA1 and SHA2. */
 			algo = netlink_reserve(hdr, sizeof(request), XFRMA_ALG_AUTH_TRUNC,
 								   sizeof(*algo) + data->int_key.len);
 			if (!algo)

From b6b8880340ea349f416666edf94f491fe1cdd4aa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Skalski?= <mskalski13@gmail.com>
Date: Mon, 22 Feb 2021 16:41:23 +0100
Subject: [PATCH 3/4] save-keys: Add support for full-length HMAC-SHA256 for
 ESP

Wireshark doesn't really support it, but this way it at least decodes
the ESP packets correctly and the encryption keys are saved and the
packets can be decrypted.  The full-length versions of SHA-384 and
SHA-512 are not supported by Wireshark as 256-bit is the longest ICV
it is able to decode currently.
---
 src/libcharon/plugins/save_keys/save_keys_listener.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/libcharon/plugins/save_keys/save_keys_listener.c b/src/libcharon/plugins/save_keys/save_keys_listener.c
index fc16f20e66..60b75fdeac 100644
--- a/src/libcharon/plugins/save_keys/save_keys_listener.c
+++ b/src/libcharon/plugins/save_keys/save_keys_listener.c
@@ -234,6 +234,7 @@ static algo_map_t esp_integ[] = {
 	{ AUTH_HMAC_SHA2_384_192,  -1, "HMAC-SHA-384-192 [RFC4868]"               },
 	{ AUTH_HMAC_SHA2_512_256,  -1, "HMAC-SHA-512-256 [RFC4868]"               },
 	{ AUTH_HMAC_SHA2_256_96,   -1, "HMAC-SHA-256-96 [draft-ietf-ipsec-ciph-sha-256-00]" },
+	{ AUTH_HMAC_SHA2_256_256,  -1, "ANY 256 bit authentication [no checking]" },
 	{ AUTH_UNDEFINED,          64, "ANY 64 bit authentication [no checking]"  },
 	{ AUTH_UNDEFINED,          96, "ANY 96 bit authentication [no checking]"  },
 	{ AUTH_UNDEFINED,         128, "ANY 128 bit authentication [no checking]" },

From 875813c055c8f066741bb05d7d01c1e8af4ca8d6 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 23 Feb 2021 15:28:36 +0100
Subject: [PATCH 4/4] save-keys: Fix length of AES-GCM with 12-byte ICV

---
 src/libcharon/plugins/save_keys/save_keys_listener.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/libcharon/plugins/save_keys/save_keys_listener.c b/src/libcharon/plugins/save_keys/save_keys_listener.c
index 60b75fdeac..1c949b6b1d 100644
--- a/src/libcharon/plugins/save_keys/save_keys_listener.c
+++ b/src/libcharon/plugins/save_keys/save_keys_listener.c
@@ -264,7 +264,7 @@ static inline void esp_names(proposal_t *proposal, const char **enc,
 				len = 64;
 				break;
 			case ENCR_AES_GCM_ICV12:
-				len = 64;
+				len = 96;
 				break;
 			case ENCR_AES_GCM_ICV16:
 				len = 128;