diff options
author | Martin Willi <martin@strongswan.org> | 2008-03-19 14:02:52 +0000 |
---|---|---|
committer | Martin Willi <martin@strongswan.org> | 2008-03-19 14:02:52 +0000 |
commit | cfede7f6e26351e9edf4a10ab40c292d2f7142bc (patch) | |
tree | 6cd01db7a5b7c71fa05e4034db086ecce5afe1ab /src/libstrongswan/crypto/prfs/prf.c | |
parent | c912c3d382172999be8a0827180a0cabd0f982b9 (diff) | |
download | strongswan-cfede7f6e26351e9edf4a10ab40c292d2f7142bc.tar.bz2 strongswan-cfede7f6e26351e9edf4a10ab40c292d2f7142bc.tar.xz |
The introduced SHA1_NOFINAL hasher was not sufficient for EAP-AKA,
as it requires to XOR the key into the hashers state.
A new SHA1 based keyed hash function, implemented as PRF, enables EAP-AKA
and the FIPS-PRF function to properly use the existing SHA1 implementation.
Diffstat (limited to 'src/libstrongswan/crypto/prfs/prf.c')
-rw-r--r-- | src/libstrongswan/crypto/prfs/prf.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/libstrongswan/crypto/prfs/prf.c b/src/libstrongswan/crypto/prfs/prf.c index c1fa1e152..638873650 100644 --- a/src/libstrongswan/crypto/prfs/prf.c +++ b/src/libstrongswan/crypto/prfs/prf.c @@ -18,11 +18,12 @@ #include "prf.h" -ENUM_BEGIN(pseudo_random_function_names, PRF_UNDEFINED, PRF_FIPS_DES, +ENUM_BEGIN(pseudo_random_function_names, PRF_UNDEFINED, PRF_KEYED_SHA1, "PRF_UNDEFINED", "PRF_FIPS_SHA1_160", - "PRF_FIPS_DES"); -ENUM_NEXT(pseudo_random_function_names, PRF_HMAC_MD5, PRF_HMAC_SHA2_512, PRF_FIPS_DES, + "PRF_FIPS_DES", + "PRF_KEYED_SHA1"); +ENUM_NEXT(pseudo_random_function_names, PRF_HMAC_MD5, PRF_HMAC_SHA2_512, PRF_KEYED_SHA1, "PRF_HMAC_MD5", "PRF_HMAC_SHA1", "PRF_HMAC_TIGER", |