Make AES-CMAC actually usable for IKEv2.
authorTobias Brunner <tobias@strongswan.org>
Wed, 4 Apr 2012 08:51:46 +0000 (10:51 +0200)
committerTobias Brunner <tobias@strongswan.org>
Wed, 4 Apr 2012 08:51:46 +0000 (10:51 +0200)
src/libcharon/config/proposal.c
src/libstrongswan/crypto/proposal/proposal_keywords.txt

index 2251b82..d3c60a4 100644 (file)
@@ -598,6 +598,9 @@ static status_t add_string_algo(private_proposal_t *this, chunk_t alg)
                        case AUTH_CAMELLIA_XCBC_96:
                                prf = PRF_CAMELLIA128_XCBC;
                                break;
+                       case AUTH_AES_CMAC_96:
+                               prf = PRF_AES128_CMAC;
+                               break;
                        default:
                                prf = PRF_UNDEFINED;
                }
@@ -794,6 +797,7 @@ static void proposal_add_supported_ike(private_proposal_t *this)
                        case AUTH_HMAC_SHA2_512_256:
                        case AUTH_HMAC_MD5_96:
                        case AUTH_AES_XCBC_96:
+                       case AUTH_AES_CMAC_96:
                                add_algorithm(this, INTEGRITY_ALGORITHM, integrity, 0);
                                break;
                        default:
@@ -813,6 +817,7 @@ static void proposal_add_supported_ike(private_proposal_t *this)
                        case PRF_HMAC_SHA2_512:
                        case PRF_HMAC_MD5:
                        case PRF_AES128_XCBC:
+                       case PRF_AES128_CMAC:
                                add_algorithm(this, PSEUDO_RANDOM_FUNCTION, prf, 0);
                                break;
                        default:
index b16e2ec..1d04f2d 100644 (file)
@@ -131,6 +131,7 @@ md5,              INTEGRITY_ALGORITHM,  AUTH_HMAC_MD5_96,          0
 md5_128,          INTEGRITY_ALGORITHM,  AUTH_HMAC_MD5_128,         0
 aesxcbc,          INTEGRITY_ALGORITHM,  AUTH_AES_XCBC_96,          0
 camelliaxcbc,     INTEGRITY_ALGORITHM,  AUTH_CAMELLIA_XCBC_96,     0
+aescmac,          INTEGRITY_ALGORITHM,  AUTH_AES_CMAC_96,          0
 modpnull,         DIFFIE_HELLMAN_GROUP, MODP_NULL,                 0
 modp768,          DIFFIE_HELLMAN_GROUP, MODP_768_BIT,              0
 modp1024,         DIFFIE_HELLMAN_GROUP, MODP_1024_BIT,             0