b4da53f1e6
-RFC2104 says that the block size of the hash algorithm must be used for key/ipad/opad calculations. While formerly all ciphers used a block length of 64, SHA384 and SHA512 use 128 bytes. So we can't use the HMAC_BLOCK_LEN constant anymore. Add a new field to "struct auth_hash" for the per-cipher blocksize. -Due to this, there can't be a single "CRYPTO_SHA2_HMAC" external name anymore. Replace this by 3 for the 3 different keysizes. This was done by Open/FreeBSD before. -Also fix the number of authenticator bits used tor ESP and AH to conform to RFC4868, and remove uses of AH_HMAC_HASHLEN which did assume a fixed authenticator size of 12 bytes. FAST_IPSEC will not interoperate with KAME IPSEC anymore if sha2 is used, because the latter doesn't implement these standards. It should interoperate with at least modern Free/OpenBSD now. (I've only tested with NetBSD-current/FAST_IPSEC on both ends.) |
||
|---|---|---|
| .. | ||
| ah_var.h | ||
| ah.h | ||
| esp_var.h | ||
| esp.h | ||
| files.netipsec | ||
| ipcomp_var.h | ||
| ipcomp.h | ||
| ipip_var.h | ||
| ipsec6.h | ||
| ipsec_input.c | ||
| ipsec_mbuf.c | ||
| ipsec_netbsd.c | ||
| ipsec_osdep.h | ||
| ipsec_output.c | ||
| ipsec_private.h | ||
| ipsec_var.h | ||
| ipsec.c | ||
| ipsec.h | ||
| key_debug.c | ||
| key_debug.h | ||
| key_var.h | ||
| key.c | ||
| key.h | ||
| keydb.h | ||
| keysock.c | ||
| keysock.h | ||
| Makefile | ||
| xform_ah.c | ||
| xform_esp.c | ||
| xform_ipcomp.c | ||
| xform_ipip.c | ||
| xform_tcp.c | ||
| xform.h | ||