hasher: Add filter function for algorithms permitted by RFC 7427
authorTobias Brunner <tobias@strongswan.org>
Wed, 25 Feb 2015 15:06:45 +0000 (16:06 +0100)
committerTobias Brunner <tobias@strongswan.org>
Wed, 4 Mar 2015 12:54:08 +0000 (13:54 +0100)
src/libstrongswan/crypto/hashers/hasher.c
src/libstrongswan/crypto/hashers/hasher.h

index 50357d1..8822e0f 100644 (file)
@@ -251,6 +251,28 @@ integrity_algorithm_t hasher_algorithm_to_integrity(hash_algorithm_t alg,
 /*
  * Described in header.
  */
+bool hasher_algorithm_for_ikev2(hash_algorithm_t alg)
+{
+       switch (alg)
+       {
+               case HASH_SHA1:
+               case HASH_SHA256:
+               case HASH_SHA384:
+               case HASH_SHA512:
+                       return TRUE;
+               case HASH_UNKNOWN:
+               case HASH_MD2:
+               case HASH_MD4:
+               case HASH_MD5:
+               case HASH_SHA224:
+                       break;
+       }
+       return FALSE;
+}
+
+/*
+ * Described in header.
+ */
 int hasher_algorithm_to_oid(hash_algorithm_t alg)
 {
        int oid;
index bae95fc..48735bc 100644 (file)
@@ -163,6 +163,14 @@ integrity_algorithm_t hasher_algorithm_to_integrity(hash_algorithm_t alg,
                                                                                                        size_t length);
 
 /**
+ * Check if the given algorithm may be used for IKEv2 signature authentication.
+ *
+ * @param alg                  hash algorithm
+ * @return                             TRUE if algorithm may be used, FALSE otherwise
+ */
+bool hasher_algorithm_for_ikev2(hash_algorithm_t alg);
+
+/**
  * Conversion of hash algorithm into ASN.1 OID.
  *
  * @param alg                  hash algorithm