enable aes-xcbc-mac and aes-ctr, again.
This commit is contained in:
Hajimu UMEMOTO
parent
309e4b9b6d
commit
db54001806
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=122412
@ -583,8 +583,8 @@ hmac-sha2-512 512 ah: 96bit ICV (no document)
|
|||||||
512 ah-old: 128bit ICV (no document)
|
512 ah-old: 128bit ICV (no document)
|
||||||
hmac-ripemd160 160 ah: 96bit ICV (RFC2857)
|
hmac-ripemd160 160 ah: 96bit ICV (RFC2857)
|
||||||
ah-old: 128bit ICV (no document)
|
ah-old: 128bit ICV (no document)
|
||||||
.\"aes-xcbc-mac 128 ah: 96bit ICV (RFC3566)
|
aes-xcbc-mac 128 ah: 96bit ICV (RFC3566)
|
||||||
.\" 128 ah-old: 128bit ICV (no document)
|
128 ah-old: 128bit ICV (no document)
|
||||||
.Ed
|
.Ed
|
||||||
.Pp
|
.Pp
|
||||||
Followings are the list of encryption algorithms that can be used as
|
Followings are the list of encryption algorithms that can be used as
|
||||||
@ -605,7 +605,7 @@ cast128-cbc 40 to 128 rfc2451
|
|||||||
des-deriv 64 ipsec-ciph-des-derived-01
|
des-deriv 64 ipsec-ciph-des-derived-01
|
||||||
3des-deriv 192 no document
|
3des-deriv 192 no document
|
||||||
rijndael-cbc 128/192/256 rfc3602
|
rijndael-cbc 128/192/256 rfc3602
|
||||||
.\"aes-ctr 160/224/288 draft-ietf-ipsec-ciph-aes-ctr-03
|
aes-ctr 160/224/288 draft-ietf-ipsec-ciph-aes-ctr-03
|
||||||
.Ed
|
.Ed
|
||||||
.Pp
|
.Pp
|
||||||
Note that the first 128 bits of a key for
|
Note that the first 128 bits of a key for
|
||||||
|
|||||||
@ -208,7 +208,7 @@ crypto/des/des_ecb.c optional ipsec ipsec_esp
|
|||||||
crypto/des/des_setkey.c optional ipsec ipsec_esp
|
crypto/des/des_setkey.c optional ipsec ipsec_esp
|
||||||
crypto/rijndael/rijndael-alg-fst.c optional ipsec
|
crypto/rijndael/rijndael-alg-fst.c optional ipsec
|
||||||
crypto/rijndael/rijndael-api-fst.c optional ipsec
|
crypto/rijndael/rijndael-api-fst.c optional ipsec
|
||||||
opencrypto/rmd160.c optional ipsec
|
opencrypto/rmd160.c optional ipsec
|
||||||
crypto/sha1.c optional ipsec
|
crypto/sha1.c optional ipsec
|
||||||
crypto/sha2/sha2.c optional ipsec
|
crypto/sha2/sha2.c optional ipsec
|
||||||
ddb/db_access.c optional ddb
|
ddb/db_access.c optional ddb
|
||||||
@ -1462,12 +1462,12 @@ netinet/tcp_syncache.c optional inet
|
|||||||
netinet/tcp_timer.c optional inet
|
netinet/tcp_timer.c optional inet
|
||||||
netinet/tcp_usrreq.c optional inet
|
netinet/tcp_usrreq.c optional inet
|
||||||
netinet/udp_usrreq.c optional inet
|
netinet/udp_usrreq.c optional inet
|
||||||
#netinet6/ah_aesxcbcmac.c optional ipsec
|
netinet6/ah_aesxcbcmac.c optional ipsec
|
||||||
netinet6/ah_core.c optional ipsec
|
netinet6/ah_core.c optional ipsec
|
||||||
netinet6/ah_input.c optional ipsec
|
netinet6/ah_input.c optional ipsec
|
||||||
netinet6/ah_output.c optional ipsec
|
netinet6/ah_output.c optional ipsec
|
||||||
netinet6/dest6.c optional inet6
|
netinet6/dest6.c optional inet6
|
||||||
#netinet6/esp_aesctr.c optional ipsec ipsec_esp
|
netinet6/esp_aesctr.c optional ipsec ipsec_esp
|
||||||
netinet6/esp_core.c optional ipsec ipsec_esp
|
netinet6/esp_core.c optional ipsec ipsec_esp
|
||||||
netinet6/esp_input.c optional ipsec ipsec_esp
|
netinet6/esp_input.c optional ipsec ipsec_esp
|
||||||
netinet6/esp_output.c optional ipsec ipsec_esp
|
netinet6/esp_output.c optional ipsec ipsec_esp
|
||||||
|
|||||||
@ -189,12 +189,10 @@ ah_algorithm_lookup(idx)
|
|||||||
"hmac-ripemd160",
|
"hmac-ripemd160",
|
||||||
ah_hmac_ripemd160_init, ah_hmac_ripemd160_loop,
|
ah_hmac_ripemd160_init, ah_hmac_ripemd160_loop,
|
||||||
ah_hmac_ripemd160_result, },
|
ah_hmac_ripemd160_result, },
|
||||||
#ifdef ENABLE_AES_XCBC_MAC
|
|
||||||
{ ah_sumsiz_1216, ah_common_mature, 128, 128,
|
{ ah_sumsiz_1216, ah_common_mature, 128, 128,
|
||||||
"aes-xcbc-mac",
|
"aes-xcbc-mac",
|
||||||
ah_aes_xcbc_mac_init, ah_aes_xcbc_mac_loop,
|
ah_aes_xcbc_mac_init, ah_aes_xcbc_mac_loop,
|
||||||
ah_aes_xcbc_mac_result, },
|
ah_aes_xcbc_mac_result, },
|
||||||
#endif
|
|
||||||
};
|
};
|
||||||
|
|
||||||
switch (idx) {
|
switch (idx) {
|
||||||
@ -216,10 +214,8 @@ ah_algorithm_lookup(idx)
|
|||||||
return &ah_algorithms[7];
|
return &ah_algorithms[7];
|
||||||
case SADB_X_AALG_RIPEMD160HMAC:
|
case SADB_X_AALG_RIPEMD160HMAC:
|
||||||
return &ah_algorithms[8];
|
return &ah_algorithms[8];
|
||||||
#ifdef ENABLE_AES_XCBC_MAC
|
|
||||||
case SADB_X_AALG_AES_XCBC_MAC:
|
case SADB_X_AALG_AES_XCBC_MAC:
|
||||||
return &ah_algorithms[9];
|
return &ah_algorithms[9];
|
||||||
#endif
|
|
||||||
default:
|
default:
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -153,11 +153,9 @@ static const struct esp_algorithm esp_algorithms[] = {
|
|||||||
esp_common_ivlen, esp_cbc_decrypt,
|
esp_common_ivlen, esp_cbc_decrypt,
|
||||||
esp_cbc_encrypt, esp_rijndael_schedule,
|
esp_cbc_encrypt, esp_rijndael_schedule,
|
||||||
esp_rijndael_blockdecrypt, esp_rijndael_blockencrypt },
|
esp_rijndael_blockdecrypt, esp_rijndael_blockencrypt },
|
||||||
#ifdef ENABLE_EALG_AESCTR
|
|
||||||
{ 16, 8, esp_aesctr_mature, 160, 288, esp_aesctr_schedlen, "aes-ctr",
|
{ 16, 8, esp_aesctr_mature, 160, 288, esp_aesctr_schedlen, "aes-ctr",
|
||||||
esp_common_ivlen, esp_aesctr_decrypt,
|
esp_common_ivlen, esp_aesctr_decrypt,
|
||||||
esp_aesctr_encrypt, esp_aesctr_schedule },
|
esp_aesctr_encrypt, esp_aesctr_schedule },
|
||||||
#endif
|
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct esp_algorithm *
|
const struct esp_algorithm *
|
||||||
@ -178,10 +176,8 @@ esp_algorithm_lookup(idx)
|
|||||||
return &esp_algorithms[4];
|
return &esp_algorithms[4];
|
||||||
case SADB_X_EALG_RIJNDAELCBC:
|
case SADB_X_EALG_RIJNDAELCBC:
|
||||||
return &esp_algorithms[5];
|
return &esp_algorithms[5];
|
||||||
#ifdef ENABLE_EALG_AESCTR
|
|
||||||
case SADB_X_EALG_AESCTR:
|
case SADB_X_EALG_AESCTR:
|
||||||
return &esp_algorithms[6];
|
return &esp_algorithms[6];
|
||||||
#endif
|
|
||||||
default:
|
default:
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
/* $FreeBSD$ */
|
/* $FreeBSD$ */
|
||||||
/* $KAME: esp_rijndael.h,v 1.1 2000/09/20 18:15:22 itojun Exp $ */
|
/* $KAME: esp_rijndael.h,v 1.2 2003/01/20 00:55:27 itojun Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
|
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
|
||||||
|
|||||||
@ -583,8 +583,8 @@ hmac-sha2-512 512 ah: 96bit ICV (no document)
|
|||||||
512 ah-old: 128bit ICV (no document)
|
512 ah-old: 128bit ICV (no document)
|
||||||
hmac-ripemd160 160 ah: 96bit ICV (RFC2857)
|
hmac-ripemd160 160 ah: 96bit ICV (RFC2857)
|
||||||
ah-old: 128bit ICV (no document)
|
ah-old: 128bit ICV (no document)
|
||||||
.\"aes-xcbc-mac 128 ah: 96bit ICV (RFC3566)
|
aes-xcbc-mac 128 ah: 96bit ICV (RFC3566)
|
||||||
.\" 128 ah-old: 128bit ICV (no document)
|
128 ah-old: 128bit ICV (no document)
|
||||||
.Ed
|
.Ed
|
||||||
.Pp
|
.Pp
|
||||||
Followings are the list of encryption algorithms that can be used as
|
Followings are the list of encryption algorithms that can be used as
|
||||||
@ -605,7 +605,7 @@ cast128-cbc 40 to 128 rfc2451
|
|||||||
des-deriv 64 ipsec-ciph-des-derived-01
|
des-deriv 64 ipsec-ciph-des-derived-01
|
||||||
3des-deriv 192 no document
|
3des-deriv 192 no document
|
||||||
rijndael-cbc 128/192/256 rfc3602
|
rijndael-cbc 128/192/256 rfc3602
|
||||||
.\"aes-ctr 160/224/288 draft-ietf-ipsec-ciph-aes-ctr-03
|
aes-ctr 160/224/288 draft-ietf-ipsec-ciph-aes-ctr-03
|
||||||
.Ed
|
.Ed
|
||||||
.Pp
|
.Pp
|
||||||
Note that the first 128 bits of a key for
|
Note that the first 128 bits of a key for
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user