src - OpenBSD base system

diff options


context:
space:
mode:

author	Angelos D. Keromytis <angelos@cvs.openbsd.org>	2000-11-17 04:08:45 +0000
committer	Angelos D. Keromytis <angelos@cvs.openbsd.org>	2000-11-17 04:08:45 +0000
commit	ff09b0f52eac668bca555da3c15256c1d98f6a48 (patch)
tree	cf02ad418477a190b66c58d99005abbc646981bf /sys
parent	8260f3f8e88fcf90ccc7df402ddc30bcc17cda7e (diff)

*HMAC96->*HMAC

Also, sync with IANA -- closes PR 1508.

Diffstat (limited to 'sys')

-rw-r--r--

sys/net/pfkeyv2.c

-rw-r--r--

sys/net/pfkeyv2.h

2 files changed, 23 insertions, 22 deletions

diff --git a/sys/net/pfkeyv2.c b/sys/net/pfkeyv2.c
index fa29c25edd8..5b5649cd6ab 100644
--- a/sys/net/pfkeyv2.c
+++ b/sys/net/pfkeyv2.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: pfkeyv2.c,v 1.49 2000/11/06 18:18:56 angelos Exp $ */

+/* $OpenBSD: pfkeyv2.c,v 1.50 2000/11/17 04:08:44 angelos Exp $ */

%%% copyright-nrl-97

@@ -58,9 +58,9 @@ static struct sadb_alg ealgs[] =

static struct sadb_alg aalgs[] =

{

- { SADB_AALG_SHA1HMAC96, 0, 160, 160 },

- { SADB_AALG_MD5HMAC96, 0, 128, 128 },

- { SADB_X_AALG_RIPEMD160HMAC96, 0, 160, 160 }

+ { SADB_AALG_SHA1HMAC, 0, 160, 160 },

+ { SADB_AALG_MD5HMAC, 0, 128, 128 },

+ { SADB_X_AALG_RIPEMD160HMAC, 0, 160, 160 }

};

void export_address(void **, struct sockaddr *);

@@ -218,16 +218,16 @@ export_sa(void **p, struct tdb *tdb)

{

switch (tdb->tdb_authalgxform->type)

{

- case CRYPTO_MD5_HMAC96:

- sadb_sa->sadb_sa_auth = SADB_AALG_MD5HMAC96;

+ case CRYPTO_MD5_HMAC:

+ sadb_sa->sadb_sa_auth = SADB_AALG_MD5HMAC;

break;

- case CRYPTO_SHA1_HMAC96:

- sadb_sa->sadb_sa_auth = SADB_AALG_SHA1HMAC96;

+ case CRYPTO_SHA1_HMAC:

+ sadb_sa->sadb_sa_auth = SADB_AALG_SHA1HMAC;

break;

- case CRYPTO_RIPEMD160_HMAC96:

- sadb_sa->sadb_sa_auth = SADB_X_AALG_RIPEMD160HMAC96;

+ case CRYPTO_RIPEMD160_HMAC:

+ sadb_sa->sadb_sa_auth = SADB_X_AALG_RIPEMD160HMAC;

break;

case CRYPTO_MD5_KPDK:

@@ -2277,7 +2277,7 @@ pfkeyv2_acquire(struct ipsec_policy *ipo, union sockaddr_union *gw,

/* Set the authentication algorithm */

if (!strncasecmp(ipsec_def_auth, "hmac-sha1", sizeof("hmac-sha1")))

{

- sadb_comb->sadb_comb_auth = SADB_AALG_SHA1HMAC96;

+ sadb_comb->sadb_comb_auth = SADB_AALG_SHA1HMAC;

sadb_comb->sadb_comb_auth_minbits = 160;

sadb_comb->sadb_comb_auth_maxbits = 160;

}

@@ -2285,14 +2285,14 @@ pfkeyv2_acquire(struct ipsec_policy *ipo, union sockaddr_union *gw,

if (!strncasecmp(ipsec_def_auth, "hmac-ripemd160",

sizeof("hmac_ripemd160")))

{

- sadb_comb->sadb_comb_auth = SADB_X_AALG_RIPEMD160HMAC96;

+ sadb_comb->sadb_comb_auth = SADB_X_AALG_RIPEMD160HMAC;

sadb_comb->sadb_comb_auth_minbits = 160;

sadb_comb->sadb_comb_auth_maxbits = 160;

}

else

if (!strncasecmp(ipsec_def_auth, "hmac-md5", sizeof("hmac-md5")))

{

- sadb_comb->sadb_comb_auth = SADB_AALG_MD5HMAC96;

+ sadb_comb->sadb_comb_auth = SADB_AALG_MD5HMAC;

sadb_comb->sadb_comb_auth_minbits = 128;

sadb_comb->sadb_comb_auth_maxbits = 128;

}

diff --git a/sys/net/pfkeyv2.h b/sys/net/pfkeyv2.h
index 7898c95bb0e..dc62a7925c6 100644
--- a/sys/net/pfkeyv2.h
+++ b/sys/net/pfkeyv2.h

@@ -215,21 +215,22 @@ struct sadb_policy {

#define SADB_SASTATE_MAX 3

#define SADB_AALG_NONE 0

-#define SADB_AALG_MD5HMAC 1

-#define SADB_AALG_SHA1HMAC 2

-#define SADB_AALG_MD5HMAC96 3

-#define SADB_AALG_SHA1HMAC96 4

-#define SADB_X_AALG_RIPEMD160HMAC96 5

-#define SADB_X_AALG_MD5 6

-#define SADB_X_AALG_SHA1 7

-#define SADB_AALG_MAX 7

+#define SADB_AALG_MD5HMAC 2

+#define SADB_AALG_SHA1HMAC 3

+#define SADB_AALG_SHA2_256 5

+#define SADB_AALG_SHA2_384 6

+#define SADB_AALG_SHA2_512 7

+#define SADB_AALG_RIPEMD160HMAC 8

+#define SADB_X_AALG_MD5 249

+#define SADB_X_AALG_SHA1 250

+#define SADB_AALG_MAX 250

#define SADB_EALG_NONE 0

#define SADB_EALG_DESCBC 2

#define SADB_EALG_3DESCBC 3

-#define SADB_X_EALG_SKIPJACK 5

#define SADB_X_EALG_CAST 6

#define SADB_X_EALG_BLF 7

+#define SADB_X_EALG_SKIPJACK 5

#define SADB_X_EALG_AES 12

#define SADB_EALG_MAX 12