diff options
| author | tobhe <tobhe@cvs.openbsd.org> | 2020-05-26 20:24:32 +0000 |
|---|---|---|
| committer | tobhe <tobhe@cvs.openbsd.org> | 2020-05-26 20:24:32 +0000 |
| commit | cc559da5d680c6935ddd5e7063a50457a916aaa8 (patch) | |
| tree | 6c575f26d0b86c817eed2e59e99d0acc25804aed /sbin/iked/ikev2.h | |
| parent | a6b0173c5eb6d2749e4e0a290de5af813e858d39 (diff) | |
Add AES-GCM mode ciphers (IANA IDs 19 and 20) for IKEv2.
They can be configured with the new ikesa enc options aes-128-gcm,
aes-256-gcm, aes-128-gcm-12 and aes-256-gcm-12.
Tested with Strongswan by Stephan Mendling and myself
Tested with Juniper SRX by remi@
ok sthen@, patrick@
Diffstat (limited to 'sbin/iked/ikev2.h')
| -rw-r--r-- | sbin/iked/ikev2.h | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/sbin/iked/ikev2.h b/sbin/iked/ikev2.h index 09a28a4397b..074928f8699 100644 --- a/sbin/iked/ikev2.h +++ b/sbin/iked/ikev2.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.h,v 1.32 2020/04/28 15:18:52 tobhe Exp $ */ +/* $OpenBSD: ikev2.h,v 1.33 2020/05/26 20:24:31 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -225,6 +225,11 @@ extern struct iked_constmap ikev2_xformprf_map[]; #define IKEV2_XFORMAUTH_HMAC_SHA2_384_192 13 /* RFC4868 */ #define IKEV2_XFORMAUTH_HMAC_SHA2_512_256 14 /* RFC4868 */ +/* Placeholders for AEAD ciphers (only used internally) */ +#define IKEV2_XFORMAUTH_AES_GCM_8 2018 /* internal */ +#define IKEV2_XFORMAUTH_AES_GCM_12 2019 /* internal */ +#define IKEV2_XFORMAUTH_AES_GCM_16 2020 /* internal */ + extern struct iked_constmap ikev2_xformauth_map[]; #define IKEV2_XFORMDH_NONE 0 /* No DH */ |