From 9dc73cd21c5fe42d95ee9991d4bf962d9876f6c4 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Mon, 25 Jan 2010 11:15:05 +0000 Subject: [PATCH] Added support for AUTH_HMAC_SHA2_256_256, used in TLS --- src/libstrongswan/crypto/signers/signer.c | 7 ++++--- src/libstrongswan/crypto/signers/signer.h | 2 ++ src/libstrongswan/plugins/hmac/hmac_signer.c | 3 +++ 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/src/libstrongswan/crypto/signers/signer.c b/src/libstrongswan/crypto/signers/signer.c index e98916bfea..1c7dcaef0f 100644 --- a/src/libstrongswan/crypto/signers/signer.c +++ b/src/libstrongswan/crypto/signers/signer.c @@ -16,11 +16,12 @@ #include "signer.h" -ENUM_BEGIN(integrity_algorithm_names, AUTH_UNDEFINED, AUTH_HMAC_SHA2_256_96, +ENUM_BEGIN(integrity_algorithm_names, AUTH_UNDEFINED, AUTH_HMAC_SHA2_256_256, "UNDEFINED", "HMAC_SHA1_128", - "HMAC_SHA2_256_96"); -ENUM_NEXT(integrity_algorithm_names, AUTH_HMAC_MD5_96, AUTH_HMAC_SHA2_512_256, AUTH_HMAC_SHA2_256_96, + "HMAC_SHA2_256_96", + "HMAC_SHA2_256_256"); +ENUM_NEXT(integrity_algorithm_names, AUTH_HMAC_MD5_96, AUTH_HMAC_SHA2_512_256, AUTH_HMAC_SHA2_256_256, "HMAC_MD5_96", "HMAC_SHA1_96", "DES_MAC", diff --git a/src/libstrongswan/crypto/signers/signer.h b/src/libstrongswan/crypto/signers/signer.h index 94e8c99b96..02efc1c5ac 100644 --- a/src/libstrongswan/crypto/signers/signer.h +++ b/src/libstrongswan/crypto/signers/signer.h @@ -66,6 +66,8 @@ enum integrity_algorithm_t { AUTH_HMAC_SHA1_128 = 1025, /** SHA256 96 bit truncation variant, supported by Linux kernels */ AUTH_HMAC_SHA2_256_96 = 1026, + /** SHA256 full length tuncation variant, as used in TLS */ + AUTH_HMAC_SHA2_256_256 = 1027, }; /** diff --git a/src/libstrongswan/plugins/hmac/hmac_signer.c b/src/libstrongswan/plugins/hmac/hmac_signer.c index f82a8f3a12..7b8e03c6d1 100644 --- a/src/libstrongswan/plugins/hmac/hmac_signer.c +++ b/src/libstrongswan/plugins/hmac/hmac_signer.c @@ -177,6 +177,9 @@ hmac_signer_t *hmac_signer_create(integrity_algorithm_t algo) hash = HASH_SHA512; trunc = 32; break; + case AUTH_HMAC_SHA2_256_256: + hash = HASH_SHA256; + trunc = 32; default: return NULL; }