The introduced SHA1_NOFINAL hasher was not sufficient for EAP-AKA,

as it requires to XOR the key into the hashers state. A new SHA1 based keyed hash function, implemented as PRF, enables EAP-AKA and the FIPS-PRF function to properly use the existing SHA1 implementation.
author: Martin Willi <martin@strongswan.org> 2008-03-19 14:02:52 +0000
committer: Martin Willi <martin@strongswan.org> 2008-03-19 14:02:52 +0000
commit: cfede7f6e26351e9edf4a10ab40c292d2f7142bc (patch)
tree: 6cd01db7a5b7c71fa05e4034db086ecce5afe1ab /src/libstrongswan/crypto/prfs/prf.c
parent: c912c3d382172999be8a0827180a0cabd0f982b9 (diff)
download: strongswan-cfede7f6e26351e9edf4a10ab40c292d2f7142bc.tar.bz2
strongswan-cfede7f6e26351e9edf4a10ab40c292d2f7142bc.tar.xz
1 files changed, 4 insertions, 3 deletions
diff --git a/src/libstrongswan/crypto/prfs/prf.c b/src/libstrongswan/crypto/prfs/prf.c
index c1fa1e152..638873650 100644
--- a/src/libstrongswan/crypto/prfs/prf.c
+++ b/src/libstrongswan/crypto/prfs/prf.c
@@ -18,11 +18,12 @@
 
 #include "prf.h"
 
-ENUM_BEGIN(pseudo_random_function_names, PRF_UNDEFINED, PRF_FIPS_DES,
+ENUM_BEGIN(pseudo_random_function_names, PRF_UNDEFINED, PRF_KEYED_SHA1,
 	"PRF_UNDEFINED",
 	"PRF_FIPS_SHA1_160",
-	"PRF_FIPS_DES");
-ENUM_NEXT(pseudo_random_function_names, PRF_HMAC_MD5, PRF_HMAC_SHA2_512, PRF_FIPS_DES,
+	"PRF_FIPS_DES",
+	"PRF_KEYED_SHA1");
+ENUM_NEXT(pseudo_random_function_names, PRF_HMAC_MD5, PRF_HMAC_SHA2_512, PRF_KEYED_SHA1,
 	"PRF_HMAC_MD5",
 	"PRF_HMAC_SHA1",
 	"PRF_HMAC_TIGER",
author	Martin Willi <martin@strongswan.org>	2008-03-19 14:02:52 +0000
committer	Martin Willi <martin@strongswan.org>	2008-03-19 14:02:52 +0000
commit	cfede7f6e26351e9edf4a10ab40c292d2f7142bc (patch)
tree	6cd01db7a5b7c71fa05e4034db086ecce5afe1ab /src/libstrongswan/crypto/prfs/prf.c
parent	c912c3d382172999be8a0827180a0cabd0f982b9 (diff)
download	strongswan-cfede7f6e26351e9edf4a10ab40c292d2f7142bc.tar.bz2 strongswan-cfede7f6e26351e9edf4a10ab40c292d2f7142bc.tar.xz