diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2003-07-25 08:31:17 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2003-07-25 08:31:17 +0000 |
| commit | db6552c22aa727c02722a933d4b6559aa8925dc1 (patch) | |
| tree | 27fe851a0ac7d2db3c0844cd1f17fa503ffb7b56 /sbin/isakmpd/ipsec.c | |
| parent | b2551cf2ad028fd667c0fcdd58ce07cf0809aa28 (diff) | |
add sha2 support; ok ho@
Diffstat (limited to 'sbin/isakmpd/ipsec.c')
| -rw-r--r-- | sbin/isakmpd/ipsec.c | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/sbin/isakmpd/ipsec.c b/sbin/isakmpd/ipsec.c index 3809ba94a33..e929038a235 100644 --- a/sbin/isakmpd/ipsec.c +++ b/sbin/isakmpd/ipsec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsec.c,v 1.77 2003/06/10 12:21:29 ho Exp $ */ +/* $OpenBSD: ipsec.c,v 1.78 2003/07/25 08:31:16 markus Exp $ */ /* $EOM: ipsec.c,v 1.143 2000/12/11 23:57:42 niklas Exp $ */ /* @@ -1226,7 +1226,7 @@ ipsec_is_attribute_incompatible (u_int16_t type, u_int8_t *value, || decode_16 (value) > IPSEC_ENCAP_TRANSPORT; case IPSEC_ATTR_AUTHENTICATION_ALGORITHM: return decode_16 (value) < IPSEC_AUTH_HMAC_MD5 - || decode_16 (value) > IPSEC_AUTH_KPDK; + || decode_16 (value) > IPSEC_AUTH_HMAC_RIPEMD; case IPSEC_ATTR_KEY_LENGTH: /* XXX Blowfish needs '0'. Others appear to disregard this attr? */ return 0; @@ -1737,6 +1737,12 @@ ipsec_esp_authkeylength (struct proto *proto) case IPSEC_AUTH_HMAC_SHA: case IPSEC_AUTH_HMAC_RIPEMD: return 20; + case IPSEC_AUTH_HMAC_SHA2_256: + return 32; + case IPSEC_AUTH_HMAC_SHA2_384: + return 48; + case IPSEC_AUTH_HMAC_SHA2_512: + return 64; default: return 0; } @@ -1753,6 +1759,12 @@ ipsec_ah_keylength (struct proto *proto) case IPSEC_AH_SHA: case IPSEC_AH_RIPEMD: return 20; + case IPSEC_AH_SHA2_256: + return 32; + case IPSEC_AH_SHA2_384: + return 48; + case IPSEC_AH_SHA2_512: + return 64; default: return -1; } |