diff options
| author | Hajimu UMEMOTO <ume@FreeBSD.org> | 2003-10-13 04:54:51 +0000 |
|---|---|---|
| committer | Hajimu UMEMOTO <ume@FreeBSD.org> | 2003-10-13 04:54:51 +0000 |
| commit | c65ee7c758bc6f2301eea90a350c234582b45a30 (patch) | |
| tree | 999648f57f1025fa3716e3e1db4fac3f0c0cdebb /sys | |
| parent | 7f75c3823041f95031a80044c6e928aed5b8da8c (diff) | |
| download | src-c65ee7c758bc6f2301eea90a350c234582b45a30.tar.gz src-c65ee7c758bc6f2301eea90a350c234582b45a30.zip | |
- support AES XCBC MAC for AH
- correct SADB_X_AALG_RIPEMD160HMAC to 8
Obtained from: KAME
Notes
Notes:
svn path=/head/; revision=121061
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/conf/files | 5 | ||||
| -rw-r--r-- | sys/net/pfkeyv2.h | 3 | ||||
| -rw-r--r-- | sys/netinet6/ah_core.c | 7 |
3 files changed, 12 insertions, 3 deletions
diff --git a/sys/conf/files b/sys/conf/files index e99e52983ab0..84a88f5d45bf 100644 --- a/sys/conf/files +++ b/sys/conf/files @@ -205,8 +205,8 @@ crypto/blowfish/bf_skey.c optional ipsec ipsec_esp crypto/cast128/cast128.c optional ipsec ipsec_esp crypto/des/des_ecb.c optional ipsec ipsec_esp crypto/des/des_setkey.c optional ipsec ipsec_esp -crypto/rijndael/rijndael-alg-fst.c optional ipsec ipsec_esp -crypto/rijndael/rijndael-api-fst.c optional ipsec ipsec_esp +crypto/rijndael/rijndael-alg-fst.c optional ipsec +crypto/rijndael/rijndael-api-fst.c optional ipsec opencrypto/rmd160.c optional ipsec crypto/sha1.c optional ipsec crypto/sha2/sha2.c optional ipsec @@ -1436,6 +1436,7 @@ netinet/tcp_syncache.c optional inet netinet/tcp_timer.c optional inet netinet/tcp_usrreq.c optional inet netinet/udp_usrreq.c optional inet +netinet6/ah_aesxcbcmac.c optional ipsec netinet6/ah_core.c optional ipsec netinet6/ah_input.c optional ipsec netinet6/ah_output.c optional ipsec diff --git a/sys/net/pfkeyv2.h b/sys/net/pfkeyv2.h index 506cc44d2993..6fa8a2d3e945 100644 --- a/sys/net/pfkeyv2.h +++ b/sys/net/pfkeyv2.h @@ -307,7 +307,8 @@ struct sadb_x_ipsecrequest { #define SADB_X_AALG_SHA2_256 5 #define SADB_X_AALG_SHA2_384 6 #define SADB_X_AALG_SHA2_512 7 -#define SADB_X_AALG_RIPEMD160HMAC 9 /*8*/ +#define SADB_X_AALG_RIPEMD160HMAC 8 +#define SADB_X_AALG_AES_XCBC_MAC 9 /* draft-ietf-ipsec-ciph-aes-xcbc-mac-04 */ /* private allocations should use 249-255 (RFC2407) */ #define SADB_X_AALG_MD5 249 /* Keyed MD5 */ #define SADB_X_AALG_SHA 250 /* Keyed SHA */ diff --git a/sys/netinet6/ah_core.c b/sys/netinet6/ah_core.c index ce3cbcd99bbf..ef5a491e5547 100644 --- a/sys/netinet6/ah_core.c +++ b/sys/netinet6/ah_core.c @@ -74,6 +74,7 @@ #ifdef INET6 #include <netinet6/ah6.h> #endif +#include <netinet6/ah_aesxcbcmac.h> #ifdef IPSEC_ESP #include <netinet6/esp.h> #ifdef INET6 @@ -188,6 +189,10 @@ ah_algorithm_lookup(idx) "hmac-ripemd160", ah_hmac_ripemd160_init, ah_hmac_ripemd160_loop, ah_hmac_ripemd160_result, }, + { ah_sumsiz_1216, ah_common_mature, 128, 128, + "aes-xcbc-mac", + ah_aes_xcbc_mac_init, ah_aes_xcbc_mac_loop, + ah_aes_xcbc_mac_result, }, }; switch (idx) { @@ -209,6 +214,8 @@ ah_algorithm_lookup(idx) return &ah_algorithms[7]; case SADB_X_AALG_RIPEMD160HMAC: return &ah_algorithms[8]; + case SADB_X_AALG_AES_XCBC_MAC: + return &ah_algorithms[9]; default: return NULL; } |