diff options
| -rw-r--r-- | src/libfreeswan/ipsec_policy.h | 62 | ||||
| -rw-r--r-- | src/pluto/constants.c | 20 | ||||
| -rw-r--r-- | src/pluto/constants.h | 2 |
3 files changed, 52 insertions, 32 deletions
diff --git a/src/libfreeswan/ipsec_policy.h b/src/libfreeswan/ipsec_policy.h index 936b2ee3e..127da4e0f 100644 --- a/src/libfreeswan/ipsec_policy.h +++ b/src/libfreeswan/ipsec_policy.h @@ -75,14 +75,16 @@ enum ipsec_bandwidth_quality { * and in http://www.iana.org/assignments/isakmp-registry */ enum ipsec_authentication_algo { - AH_NONE = 0, - AH_MD5 = 2, - AH_SHA = 3, - AH_DES = 4, - AH_SHA2_256 = 5, - AH_SHA2_384 = 6, - AH_SHA2_512 = 7, - AH_RIPEMD = 8 + AH_NONE = 0, + AH_MD5 = 2, + AH_SHA = 3, + AH_DES = 4, + AH_SHA2_256 = 5, + AH_SHA2_384 = 6, + AH_SHA2_512 = 7, + AH_RIPEMD = 8, + AH_AES_XCBC_MAC = 9, + AH_RSA = 10 }; /* IPsec ESP transform values @@ -91,25 +93,31 @@ enum ipsec_authentication_algo { */ enum ipsec_cipher_algo { - ESP_NONE = 0, - ESP_DES_IV64 = 1, - ESP_DES = 2, - ESP_3DES = 3, - ESP_RC5 = 4, - ESP_IDEA = 5, - ESP_CAST = 6, - ESP_BLOWFISH = 7, - ESP_3IDEA = 8, - ESP_DES_IV32 = 9, - ESP_RC4 = 10, - ESP_NULL = 11, - ESP_AES = 12, - ESP_AES_CTR = 13, - ESP_AES_CCM_8 = 14, - ESP_AES_CCM_12 = 15, - ESP_AES_CCM_16 = 16, - ESP_SERPENT = 252, - ESP_TWOFISH = 253 + ESP_NONE = 0, + ESP_DES_IV64 = 1, + ESP_DES = 2, + ESP_3DES = 3, + ESP_RC5 = 4, + ESP_IDEA = 5, + ESP_CAST = 6, + ESP_BLOWFISH = 7, + ESP_3IDEA = 8, + ESP_DES_IV32 = 9, + ESP_RC4 = 10, + ESP_NULL = 11, + ESP_AES = 12, + ESP_AES_CTR = 13, + ESP_AES_CCM_8 = 14, + ESP_AES_CCM_12 = 15, + ESP_AES_CCM_16 = 16, + ESP_UNASSIGNED_17 = 17, + ESP_AES_GCM_8 = 18, + ESP_AES_GCM_12 = 19, + ESP_AES_GCM_16 = 20, + ESP_SEED_CBC = 21, + ESP_CAMELLIA = 22, + ESP_SERPENT = 252, + ESP_TWOFISH = 253 }; /* IPCOMP transform values diff --git a/src/pluto/constants.c b/src/pluto/constants.c index 8315b5902..da4d9fc7a 100644 --- a/src/pluto/constants.c +++ b/src/pluto/constants.c @@ -377,11 +377,13 @@ static const char *const ah_transform_name[] = { "AH_SHA2_256", "AH_SHA2_384", "AH_SHA2_512", - "AH_RIPEMD" + "AH_RIPEMD", + "AH_AES_XCBC_MAC", + "AH_RSA" }; enum_names ah_transformid_names = - { AH_MD5, AH_RIPEMD, ah_transform_name, NULL }; + { AH_MD5, AH_RSA, ah_transform_name, NULL }; /* IPsec ESP transform values */ @@ -401,7 +403,13 @@ static const char *const esp_transform_name[] = { "ESP_AES-CTR", "ESP_AES-CCM_8", "ESP_AES-CCM_12", - "ESP_AES-CCM_16" + "ESP_AES-CCM_16", + "ESP_UNASSIGNED_17", + "ESP_AES_GCM_8", + "ESP_AES_GCM_12", + "ESP_AES_GCM_16", + "ESP_SEED_CBC", + "ESP_CAMELLIA" }; /* @@ -417,7 +425,7 @@ enum_names esp_transformid_names_high = { ESP_SERPENT, ESP_TWOFISH, esp_transform_name_high, NULL }; enum_names esp_transformid_names = - { ESP_DES_IV64, ESP_AES_CCM_16, esp_transform_name, &esp_transformid_names_high }; + { ESP_DES_IV64, ESP_CAMELLIA, esp_transform_name, &esp_transformid_names_high }; /* IPCOMP transform values */ @@ -684,6 +692,8 @@ static const char *const auth_alg_name[] = { "AUTH_ALGORITHM_HMAC_SHA2_384", "AUTH_ALGORITHM_HMAC_SHA2_512", "AUTH_ALGORITHM_HMAC_RIPEMD", + "AUTH_ALGORITHM_AES_XCBC_MAC", + "AUTH_ALGORITHM_SIG_RSA" }; static const char *const extended_auth_alg_name[] = { @@ -694,7 +704,7 @@ enum_names extended_auth_alg_names = { AUTH_ALGORITHM_NULL, AUTH_ALGORITHM_NULL, extended_auth_alg_name, NULL }; enum_names auth_alg_names = - { AUTH_ALGORITHM_HMAC_MD5, AUTH_ALGORITHM_HMAC_RIPEMD, auth_alg_name + { AUTH_ALGORITHM_HMAC_MD5, AUTH_ALGORITHM_SIG_RSA, auth_alg_name , &extended_auth_alg_names }; /* From draft-beaulieu-ike-xauth */ diff --git a/src/pluto/constants.h b/src/pluto/constants.h index 012b940ff..7511e8427 100644 --- a/src/pluto/constants.h +++ b/src/pluto/constants.h @@ -992,6 +992,8 @@ extern enum_names auth_alg_names, extended_auth_alg_names; #define AUTH_ALGORITHM_HMAC_SHA2_384 6 #define AUTH_ALGORITHM_HMAC_SHA2_512 7 #define AUTH_ALGORITHM_HMAC_RIPEMD 8 +#define AUTH_ALGORITHM_AES_XCBC_MAC 9 +#define AUTH_ALGORITHM_SIG_RSA 10 #define AUTH_ALGORITHM_NULL 251 /* Oakley Lifetime Type attribute |