diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2013-08-12 12:20:09 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2013-08-12 12:21:57 +0200 |
| commit | 3f29ff82c39932d0a06c006c68e092a946a1c57b (patch) | |
| tree | 8c90dfe4092d6c78659dd3fe6afbf514e7f7188c /src/libipsec | |
| parent | 11f468533f9917128d747abe889e75cf554cd6ba (diff) | |
| download | strongswan-3f29ff82c39932d0a06c006c68e092a946a1c57b.tar.bz2 strongswan-3f29ff82c39932d0a06c006c68e092a946a1c57b.tar.xz | |
libipsec: Don't limit traditional algorithms to AES and SHA1/2
Closes #377.
Diffstat (limited to 'src/libipsec')
| -rw-r--r-- | src/libipsec/esp_context.c | 32 |
1 files changed, 7 insertions, 25 deletions
diff --git a/src/libipsec/esp_context.c b/src/libipsec/esp_context.c index bbcb62add..481b793e6 100644 --- a/src/libipsec/esp_context.c +++ b/src/libipsec/esp_context.c @@ -224,7 +224,7 @@ static bool create_aead(private_esp_context_t *this, int alg, if (!this->aead) { DBG1(DBG_ESP, "failed to create ESP context: unsupported AEAD " - "algorithm"); + "algorithm %N", encryption_algorithm_names, alg); return FALSE; } if (!this->aead->set_key(this->aead, key)) @@ -241,22 +241,14 @@ static bool create_aead(private_esp_context_t *this, int alg, static bool create_traditional(private_esp_context_t *this, int enc_alg, chunk_t enc_key, int int_alg, chunk_t int_key) { - crypter_t *crypter = NULL; - signer_t *signer = NULL; + crypter_t *crypter; + signer_t *signer; - switch (enc_alg) - { - case ENCR_AES_CBC: - crypter = lib->crypto->create_crypter(lib->crypto, enc_alg, - enc_key.len); - break; - default: - break; - } + crypter = lib->crypto->create_crypter(lib->crypto, enc_alg, enc_key.len); if (!crypter) { DBG1(DBG_ESP, "failed to create ESP context: unsupported encryption " - "algorithm"); + "algorithm %N", encryption_algorithm_names, enc_alg); goto failed; } if (!crypter->set_key(crypter, enc_key)) @@ -266,21 +258,11 @@ static bool create_traditional(private_esp_context_t *this, int enc_alg, goto failed; } - switch (int_alg) - { - case AUTH_HMAC_SHA1_96: - case AUTH_HMAC_SHA2_256_128: - case AUTH_HMAC_SHA2_384_192: - case AUTH_HMAC_SHA2_512_256: - signer = lib->crypto->create_signer(lib->crypto, int_alg); - break; - default: - break; - } + signer = lib->crypto->create_signer(lib->crypto, int_alg); if (!signer) { DBG1(DBG_ESP, "failed to create ESP context: unsupported integrity " - "algorithm"); + "algorithm %N", integrity_algorithm_names, int_alg); goto failed; } if (!signer->set_key(signer, int_key)) |