summaryrefslogtreecommitdiff
path: root/sbin/iked
diff options
context:
space:
mode:
authortobhe <tobhe@cvs.openbsd.org>2020-09-19 20:12:12 +0000
committertobhe <tobhe@cvs.openbsd.org>2020-09-19 20:12:12 +0000
commita13eb41c5d51fd8a34c0782c63875ea3becb03c9 (patch)
treeadf0f033000aa86f2dc467429a8ad39c8df9899c /sbin/iked
parent73a2f031b947701b0676553de4352dca6bc0836d (diff)
Add SHA2_384 and SHA2_512 to default proposals.
ok patrick@
Diffstat (limited to 'sbin/iked')
-rw-r--r--sbin/iked/parse.y12
1 files changed, 9 insertions, 3 deletions
diff --git a/sbin/iked/parse.y b/sbin/iked/parse.y
index 28c5b2cdfa7..d7f1d470b90 100644
--- a/sbin/iked/parse.y
+++ b/sbin/iked/parse.y
@@ -1,4 +1,4 @@
-/* $OpenBSD: parse.y,v 1.112 2020/09/18 17:38:19 tobhe Exp $ */
+/* $OpenBSD: parse.y,v 1.113 2020/09/19 20:12:11 tobhe Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -139,8 +139,12 @@ struct iked_transform ikev2_default_ike_transforms[] = {
{ IKEV2_XFORMTYPE_ENCR, IKEV2_XFORMENCR_AES_CBC, 128 },
{ IKEV2_XFORMTYPE_ENCR, IKEV2_XFORMENCR_3DES },
{ IKEV2_XFORMTYPE_PRF, IKEV2_XFORMPRF_HMAC_SHA2_256 },
+ { IKEV2_XFORMTYPE_PRF, IKEV2_XFORMPRF_HMAC_SHA2_384 },
+ { IKEV2_XFORMTYPE_PRF, IKEV2_XFORMPRF_HMAC_SHA2_512 },
{ IKEV2_XFORMTYPE_PRF, IKEV2_XFORMPRF_HMAC_SHA1 },
{ IKEV2_XFORMTYPE_INTEGR, IKEV2_XFORMAUTH_HMAC_SHA2_256_128 },
+ { IKEV2_XFORMTYPE_INTEGR, IKEV2_XFORMAUTH_HMAC_SHA2_384_192 },
+ { IKEV2_XFORMTYPE_INTEGR, IKEV2_XFORMAUTH_HMAC_SHA2_512_256 },
{ IKEV2_XFORMTYPE_INTEGR, IKEV2_XFORMAUTH_HMAC_SHA1_96 },
{ IKEV2_XFORMTYPE_DH, IKEV2_XFORMDH_CURVE25519 },
{ IKEV2_XFORMTYPE_DH, IKEV2_XFORMDH_ECP_521 },
@@ -159,9 +163,9 @@ size_t ikev2_default_nike_transforms = ((sizeof(ikev2_default_ike_transforms) /
struct iked_transform ikev2_default_ike_transforms_noauth[] = {
{ IKEV2_XFORMTYPE_ENCR, IKEV2_XFORMENCR_AES_GCM_16, 128 },
{ IKEV2_XFORMTYPE_ENCR, IKEV2_XFORMENCR_AES_GCM_16, 256 },
- { IKEV2_XFORMTYPE_PRF, IKEV2_XFORMPRF_HMAC_SHA2_512 },
- { IKEV2_XFORMTYPE_PRF, IKEV2_XFORMPRF_HMAC_SHA2_384 },
{ IKEV2_XFORMTYPE_PRF, IKEV2_XFORMPRF_HMAC_SHA2_256 },
+ { IKEV2_XFORMTYPE_PRF, IKEV2_XFORMPRF_HMAC_SHA2_384 },
+ { IKEV2_XFORMTYPE_PRF, IKEV2_XFORMPRF_HMAC_SHA2_512 },
{ IKEV2_XFORMTYPE_PRF, IKEV2_XFORMPRF_HMAC_SHA1 },
{ IKEV2_XFORMTYPE_DH, IKEV2_XFORMDH_CURVE25519 },
{ IKEV2_XFORMTYPE_DH, IKEV2_XFORMDH_ECP_521 },
@@ -183,6 +187,8 @@ struct iked_transform ikev2_default_esp_transforms[] = {
{ IKEV2_XFORMTYPE_ENCR, IKEV2_XFORMENCR_AES_CBC, 192 },
{ IKEV2_XFORMTYPE_ENCR, IKEV2_XFORMENCR_AES_CBC, 128 },
{ IKEV2_XFORMTYPE_INTEGR, IKEV2_XFORMAUTH_HMAC_SHA2_256_128 },
+ { IKEV2_XFORMTYPE_INTEGR, IKEV2_XFORMAUTH_HMAC_SHA2_384_192 },
+ { IKEV2_XFORMTYPE_INTEGR, IKEV2_XFORMAUTH_HMAC_SHA2_512_256 },
{ IKEV2_XFORMTYPE_INTEGR, IKEV2_XFORMAUTH_HMAC_SHA1_96 },
{ IKEV2_XFORMTYPE_ESN, IKEV2_XFORMESN_ESN },
{ IKEV2_XFORMTYPE_ESN, IKEV2_XFORMESN_NONE },