diff options
| author | Martin Willi <martin@strongswan.org> | 2009-04-27 12:16:52 +0000 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2009-04-27 12:16:52 +0000 |
| commit | 18eef5d6b6bef0cfe359ce98b04247b144236e0d (patch) | |
| tree | 05a1dcf05c1474f63ad469f6bf4f0e7093cddcf9 | |
| parent | 3bf7c2491f31c9377c997ec19eeb395175233793 (diff) | |
| download | strongswan-18eef5d6b6bef0cfe359ce98b04247b144236e0d.tar.bz2 strongswan-18eef5d6b6bef0cfe359ce98b04247b144236e0d.tar.xz | |
added support for AES counter mode in ESP
proposal keywords: aes128ctr aes192ctr aes256ctr
| -rw-r--r-- | src/charon/config/proposal_keywords.txt | 3 | ||||
| -rw-r--r-- | src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c | 2 | ||||
| -rw-r--r-- | src/charon/sa/keymat.c | 5 |
3 files changed, 7 insertions, 3 deletions
diff --git a/src/charon/config/proposal_keywords.txt b/src/charon/config/proposal_keywords.txt index 22a7c221c..201ce82ae 100644 --- a/src/charon/config/proposal_keywords.txt +++ b/src/charon/config/proposal_keywords.txt @@ -35,6 +35,9 @@ null, ENCRYPTION_ALGORITHM, ENCR_NULL, 0 aes128, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128 aes192, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192 aes256, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256 +aes128ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128 +aes192ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192 +aes256ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256 aes128ccm8, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128 aes128ccm64, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128 aes128ccm12, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128 diff --git a/src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c index afa7e4ba4..e3b683474 100644 --- a/src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c +++ b/src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c @@ -170,7 +170,7 @@ static kernel_algorithm_t encryption_algs[] = { /* {ENCR_DES_IV32, "***" }, */ {ENCR_NULL, "cipher_null" }, {ENCR_AES_CBC, "aes" }, -/* {ENCR_AES_CTR, "***" }, */ + {ENCR_AES_CTR, "rfc3686(ctr(aes))" }, {ENCR_AES_CCM_ICV8, "rfc4309(ccm(aes))" }, {ENCR_AES_CCM_ICV12, "rfc4309(ccm(aes))" }, {ENCR_AES_CCM_ICV16, "rfc4309(ccm(aes))" }, diff --git a/src/charon/sa/keymat.c b/src/charon/sa/keymat.c index 819ff5a37..262162b24 100644 --- a/src/charon/sa/keymat.c +++ b/src/charon/sa/keymat.c @@ -415,17 +415,18 @@ static bool derive_child_keys(private_keymat_t *this, /* to bytes */ enc_size /= 8; - /* CCM/GCM needs additional bytes */ + /* CCM/GCM/CTR needs additional bytes */ switch (enc_alg) { case ENCR_AES_CCM_ICV8: case ENCR_AES_CCM_ICV12: case ENCR_AES_CCM_ICV16: enc_size += 3; - break; + break; case ENCR_AES_GCM_ICV8: case ENCR_AES_GCM_ICV12: case ENCR_AES_GCM_ICV16: + case ENCR_AES_CTR: enc_size += 4; break; default: |