diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2016-11-16 15:11:41 +0100 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2017-01-25 17:26:45 +0100 |
| commit | 896d729a6057c2f4fe4a74bbc4c942a939f27a7e (patch) | |
| tree | efb1ed56762bd6452e82fe8e587533476fbd7a41 /src/libipsec/esp_context.c | |
| parent | 1da567734ffdeccbde737df9044b8027adb0bdb9 (diff) | |
| download | strongswan-896d729a6057c2f4fe4a74bbc4c942a939f27a7e.tar.bz2 strongswan-896d729a6057c2f4fe4a74bbc4c942a939f27a7e.tar.xz | |
libipsec: Add support for AES and Camellia in CCM mode
Fixes #2172.
Diffstat (limited to 'src/libipsec/esp_context.c')
| -rw-r--r-- | src/libipsec/esp_context.c | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/src/libipsec/esp_context.c b/src/libipsec/esp_context.c index 6c7e9a1c9..c014e683a 100644 --- a/src/libipsec/esp_context.c +++ b/src/libipsec/esp_context.c @@ -210,19 +210,32 @@ METHOD(esp_context_t, destroy, void, static bool create_aead(private_esp_context_t *this, int alg, chunk_t key) { + size_t salt = 0; + switch (alg) { case ENCR_AES_GCM_ICV8: case ENCR_AES_GCM_ICV12: case ENCR_AES_GCM_ICV16: case ENCR_CHACHA20_POLY1305: - /* the key includes a 4 byte salt */ - this->aead = lib->crypto->create_aead(lib->crypto, alg, - key.len - 4, 4); + salt = 4; + break; + case ENCR_AES_CCM_ICV8: + case ENCR_AES_CCM_ICV12: + case ENCR_AES_CCM_ICV16: + case ENCR_CAMELLIA_CCM_ICV8: + case ENCR_CAMELLIA_CCM_ICV12: + case ENCR_CAMELLIA_CCM_ICV16: + salt = 3; break; default: break; } + if (salt) + { + this->aead = lib->crypto->create_aead(lib->crypto, alg, + key.len - salt, salt); + } if (!this->aead) { DBG1(DBG_ESP, "failed to create ESP context: unsupported AEAD " |