Changeset View
Changeset View
Standalone View
Standalone View
head/sys/netipsec/key.c
Show First 20 Lines • Show All 577 Lines • ▼ Show 20 Lines | struct sadb_msghdr { | ||||
int extoff[SADB_EXT_MAX + 1]; | int extoff[SADB_EXT_MAX + 1]; | ||||
int extlen[SADB_EXT_MAX + 1]; | int extlen[SADB_EXT_MAX + 1]; | ||||
}; | }; | ||||
static struct supported_ealgs { | static struct supported_ealgs { | ||||
int sadb_alg; | int sadb_alg; | ||||
const struct enc_xform *xform; | const struct enc_xform *xform; | ||||
} supported_ealgs[] = { | } supported_ealgs[] = { | ||||
{ SADB_EALG_DESCBC, &enc_xform_des }, | |||||
{ SADB_EALG_3DESCBC, &enc_xform_3des }, | |||||
{ SADB_X_EALG_AES, &enc_xform_rijndael128 }, | { SADB_X_EALG_AES, &enc_xform_rijndael128 }, | ||||
{ SADB_X_EALG_BLOWFISHCBC, &enc_xform_blf }, | |||||
{ SADB_X_EALG_CAST128CBC, &enc_xform_cast5 }, | |||||
{ SADB_EALG_NULL, &enc_xform_null }, | { SADB_EALG_NULL, &enc_xform_null }, | ||||
{ SADB_X_EALG_CAMELLIACBC, &enc_xform_camellia }, | |||||
{ SADB_X_EALG_AESCTR, &enc_xform_aes_icm }, | { SADB_X_EALG_AESCTR, &enc_xform_aes_icm }, | ||||
{ SADB_X_EALG_AESGCM16, &enc_xform_aes_nist_gcm }, | { SADB_X_EALG_AESGCM16, &enc_xform_aes_nist_gcm }, | ||||
{ SADB_X_EALG_AESGMAC, &enc_xform_aes_nist_gmac }, | { SADB_X_EALG_AESGMAC, &enc_xform_aes_nist_gmac }, | ||||
}; | }; | ||||
static struct supported_aalgs { | static struct supported_aalgs { | ||||
int sadb_alg; | int sadb_alg; | ||||
const struct auth_hash *xform; | const struct auth_hash *xform; | ||||
} supported_aalgs[] = { | } supported_aalgs[] = { | ||||
{ SADB_X_AALG_NULL, &auth_hash_null }, | { SADB_X_AALG_NULL, &auth_hash_null }, | ||||
{ SADB_AALG_MD5HMAC, &auth_hash_hmac_md5 }, | |||||
{ SADB_AALG_SHA1HMAC, &auth_hash_hmac_sha1 }, | { SADB_AALG_SHA1HMAC, &auth_hash_hmac_sha1 }, | ||||
{ SADB_X_AALG_RIPEMD160HMAC, &auth_hash_hmac_ripemd_160 }, | |||||
{ SADB_X_AALG_MD5, &auth_hash_key_md5 }, | |||||
{ SADB_X_AALG_SHA, &auth_hash_key_sha1 }, | |||||
{ SADB_X_AALG_SHA2_256, &auth_hash_hmac_sha2_256 }, | { SADB_X_AALG_SHA2_256, &auth_hash_hmac_sha2_256 }, | ||||
{ SADB_X_AALG_SHA2_384, &auth_hash_hmac_sha2_384 }, | { SADB_X_AALG_SHA2_384, &auth_hash_hmac_sha2_384 }, | ||||
{ SADB_X_AALG_SHA2_512, &auth_hash_hmac_sha2_512 }, | { SADB_X_AALG_SHA2_512, &auth_hash_hmac_sha2_512 }, | ||||
{ SADB_X_AALG_AES128GMAC, &auth_hash_nist_gmac_aes_128 }, | { SADB_X_AALG_AES128GMAC, &auth_hash_nist_gmac_aes_128 }, | ||||
{ SADB_X_AALG_AES192GMAC, &auth_hash_nist_gmac_aes_192 }, | { SADB_X_AALG_AES192GMAC, &auth_hash_nist_gmac_aes_192 }, | ||||
{ SADB_X_AALG_AES256GMAC, &auth_hash_nist_gmac_aes_256 }, | { SADB_X_AALG_AES256GMAC, &auth_hash_nist_gmac_aes_256 }, | ||||
}; | }; | ||||
▲ Show 20 Lines • Show All 5,760 Lines • ▼ Show 20 Lines | key_getsizes_ah(const struct auth_hash *ah, int alg, u_int16_t* min, | ||||
*min = *max = ah->hashsize; | *min = *max = ah->hashsize; | ||||
if (ah->keysize == 0) { | if (ah->keysize == 0) { | ||||
/* | /* | ||||
* Transform takes arbitrary key size but algorithm | * Transform takes arbitrary key size but algorithm | ||||
* key size is restricted. Enforce this here. | * key size is restricted. Enforce this here. | ||||
*/ | */ | ||||
switch (alg) { | switch (alg) { | ||||
case SADB_X_AALG_MD5: *min = *max = 16; break; | |||||
case SADB_X_AALG_SHA: *min = *max = 20; break; | |||||
case SADB_X_AALG_NULL: *min = 1; *max = 256; break; | case SADB_X_AALG_NULL: *min = 1; *max = 256; break; | ||||
case SADB_X_AALG_SHA2_256: *min = *max = 32; break; | case SADB_X_AALG_SHA2_256: *min = *max = 32; break; | ||||
case SADB_X_AALG_SHA2_384: *min = *max = 48; break; | case SADB_X_AALG_SHA2_384: *min = *max = 48; break; | ||||
case SADB_X_AALG_SHA2_512: *min = *max = 64; break; | case SADB_X_AALG_SHA2_512: *min = *max = 64; break; | ||||
default: | default: | ||||
DPRINTF(("%s: unknown AH algorithm %u\n", | DPRINTF(("%s: unknown AH algorithm %u\n", | ||||
__func__, alg)); | __func__, alg)); | ||||
break; | break; | ||||
Show All 14 Lines | key_getcomb_ah() | ||||
int i; | int i; | ||||
const int l = PFKEY_ALIGN8(sizeof(struct sadb_comb)); | const int l = PFKEY_ALIGN8(sizeof(struct sadb_comb)); | ||||
m = NULL; | m = NULL; | ||||
for (i = 1; i <= SADB_AALG_MAX; i++) { | for (i = 1; i <= SADB_AALG_MAX; i++) { | ||||
#if 1 | #if 1 | ||||
/* we prefer HMAC algorithms, not old algorithms */ | /* we prefer HMAC algorithms, not old algorithms */ | ||||
if (i != SADB_AALG_SHA1HMAC && | if (i != SADB_AALG_SHA1HMAC && | ||||
i != SADB_AALG_MD5HMAC && | |||||
i != SADB_X_AALG_SHA2_256 && | i != SADB_X_AALG_SHA2_256 && | ||||
i != SADB_X_AALG_SHA2_384 && | i != SADB_X_AALG_SHA2_384 && | ||||
i != SADB_X_AALG_SHA2_512) | i != SADB_X_AALG_SHA2_512) | ||||
continue; | continue; | ||||
#endif | #endif | ||||
algo = auth_algorithm_lookup(i); | algo = auth_algorithm_lookup(i); | ||||
if (!algo) | if (!algo) | ||||
continue; | continue; | ||||
▲ Show 20 Lines • Show All 2,175 Lines • Show Last 20 Lines |