Added support for Camellia cipher to xcbc

diff --git a/src/libcharon/sa/keymat.c b/src/libcharon/sa/keymat.c
index 837cbe428c4d13e79342514b3993229b9ec6fc54..9b04a3513d34da28ead540b23f993d396aeaa4e3 100644 (file)
--- a/src/libcharon/sa/keymat.c
+++ b/src/libcharon/sa/keymat.c
@@ -195,6 +195,9 @@ static bool derive_ike_keys(private_keymat_t *this, proposal_t *proposal,
                        /* while rfc4434 defines variable keys for AES-XCBC, rfc3664 does
                         * not and therefore fixed key semantics apply to XCBC for key
                         * derivation. */
+               case PRF_CAMELLIA128_XCBC:
+                       /* draft-kanno-ipsecme-camellia-xcbc refers to rfc 4434, we
+                        * assume fixed key length. */
                        key_size = this->prf->get_key_size(this->prf)/2;
                        nonce_i.len = min(nonce_i.len, key_size);
                        nonce_r.len = min(nonce_r.len, key_size);

diff --git a/src/libstrongswan/plugins/xcbc/xcbc_plugin.c b/src/libstrongswan/plugins/xcbc/xcbc_plugin.c
index 57be90a93e3fbe4b586230918baf3e83d6461a97..8c25a5ecfc27470e2c2317d47c49ea17b51d7992 100644 (file)
--- a/src/libstrongswan/plugins/xcbc/xcbc_plugin.c
+++ b/src/libstrongswan/plugins/xcbc/xcbc_plugin.c
@@ -36,9 +36,9 @@ METHOD(plugin_t, destroy, void,
        private_xcbc_plugin_t *this)
 {
        lib->crypto->remove_prf(lib->crypto,
-                                                       (prf_constructor_t)xcbc_prf_create);
+                                       (prf_constructor_t)xcbc_prf_create);
        lib->crypto->remove_signer(lib->crypto,
-                                                          (signer_constructor_t)xcbc_signer_create);
+                                       (signer_constructor_t)xcbc_signer_create);
        free(this);
 }
 
@@ -54,9 +54,13 @@ plugin_t *xcbc_plugin_create()
        );
 
        lib->crypto->add_prf(lib->crypto, PRF_AES128_XCBC,
-                                                (prf_constructor_t)xcbc_prf_create);
+                                       (prf_constructor_t)xcbc_prf_create);
+       lib->crypto->add_prf(lib->crypto, PRF_CAMELLIA128_XCBC,
+                                       (prf_constructor_t)xcbc_prf_create);
        lib->crypto->add_signer(lib->crypto, AUTH_AES_XCBC_96,
-                                                       (signer_constructor_t)xcbc_signer_create);
+                                       (signer_constructor_t)xcbc_signer_create);
+       lib->crypto->add_signer(lib->crypto, AUTH_CAMELLIA_XCBC_96,
+                                       (signer_constructor_t)xcbc_signer_create);
 
        return &this->public.plugin;
 }

diff --git a/src/libstrongswan/plugins/xcbc/xcbc_prf.c b/src/libstrongswan/plugins/xcbc/xcbc_prf.c
index c661ce6c6277419dd1c703677b3dcb69c67bf441..33a6c4baf3e4f5588e975c494c1ff9ef389db95d 100644 (file)
--- a/src/libstrongswan/plugins/xcbc/xcbc_prf.c
+++ b/src/libstrongswan/plugins/xcbc/xcbc_prf.c
@@ -94,6 +94,9 @@ xcbc_prf_t *xcbc_prf_create(pseudo_random_function_t algo)
                case PRF_AES128_XCBC:
                        xcbc = xcbc_create(ENCR_AES_CBC, 16);
                        break;
+               case PRF_CAMELLIA128_XCBC:
+                       xcbc = xcbc_create(ENCR_CAMELLIA_CBC, 16);
+                       break;
                default:
                        return NULL;
        }

diff --git a/src/libstrongswan/plugins/xcbc/xcbc_signer.c b/src/libstrongswan/plugins/xcbc/xcbc_signer.c
index 01f5a19b6aca561c9971929bb82ddb2d36833f23..ad7e2f4e92617589b26669b962f9fb0568ad5d35 100644 (file)
--- a/src/libstrongswan/plugins/xcbc/xcbc_signer.c
+++ b/src/libstrongswan/plugins/xcbc/xcbc_signer.c
@@ -131,6 +131,10 @@ xcbc_signer_t *xcbc_signer_create(integrity_algorithm_t algo)
                        xcbc = xcbc_create(ENCR_AES_CBC, 16);
                        trunc = 12;
                        break;
+               case AUTH_CAMELLIA_XCBC_96:
+                       xcbc = xcbc_create(ENCR_CAMELLIA_CBC, 16);
+                       trunc = 12;
+                       break;
                default:
                        return NULL;
        }