add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0);
}
}
+ else if (strncmp(alg.ptr, "aesxcbc", alg.len) == 0)
+ {
+ add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0);
+ if (this->protocol == PROTO_IKE)
+ {
+ add_algorithm(this, PSEUDO_RANDOM_FUNCTION, AUTH_AES_XCBC_96, 0);
+ }
+ }
else if (strncmp(alg.ptr, "modp768", alg.len) == 0)
{
add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0);
add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_3DES, 0);
add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256);
add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0);
+ add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0);
add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0);
add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0);
break;
case PROTO_AH:
add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0);
+ add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0);
add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0);
add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0);
break;
{AUTH_HMAC_SHA2_512_256, "sha512", 512},
/* {AUTH_DES_MAC, "***", 0}, */
/* {AUTH_KPDK_MD5, "***", 0}, */
-/* {AUTH_AES_XCBC_96, "***", 0}, */
+ {AUTH_AES_XCBC_96, "xcbc(aes)", 128},
{END_OF_LIST, NULL, 0},
};