{AUTH_HMAC_MD5_96, "md5" },
{AUTH_HMAC_SHA1_96, "sha1" },
{AUTH_HMAC_SHA2_256_96, "sha256" },
+ {AUTH_HMAC_SHA2_256_128, "hmac(sha256)" },
{AUTH_HMAC_SHA2_384_192, "hmac(sha384)" },
{AUTH_HMAC_SHA2_512_256, "hmac(sha512)" },
/* {AUTH_DES_MAC, "***" }, */
}
}
- if (int_alg == AUTH_HMAC_SHA2_256_128)
+ if (int_alg != AUTH_UNDEFINED)
{
- /* the kernel uses SHA256 with 96 bit truncation by default,
- * use specified truncation size supported by newer kernels */
- rthdr->rta_type = XFRMA_ALG_AUTH_TRUNC;
- alg_name = "hmac(sha256)";
- DBG2(DBG_KNL, " using integrity algorithm %N with key size %d",
- integrity_algorithm_names, int_alg, int_key.len * 8);
-
- rthdr->rta_len = RTA_LENGTH(sizeof(struct xfrm_algo_auth) + int_key.len);
- hdr->nlmsg_len += rthdr->rta_len;
- if (hdr->nlmsg_len > sizeof(request))
- {
- return FAILED;
- }
-
- struct xfrm_algo_auth* algo = (struct xfrm_algo_auth*)RTA_DATA(rthdr);
- algo->alg_key_len = int_key.len * 8;
- algo->alg_trunc_len = 128;
- strcpy(algo->alg_name, alg_name);
- memcpy(algo->alg_key, int_key.ptr, int_key.len);
-
- rthdr = XFRM_RTA_NEXT(rthdr);
- }
- else if (int_alg != AUTH_UNDEFINED)
- {
- rthdr->rta_type = XFRMA_ALG_AUTH;
alg_name = lookup_algorithm(integrity_algs, int_alg);
if (alg_name == NULL)
{
DBG2(DBG_KNL, " using integrity algorithm %N with key size %d",
integrity_algorithm_names, int_alg, int_key.len * 8);
- rthdr->rta_len = RTA_LENGTH(sizeof(struct xfrm_algo) + int_key.len);
- hdr->nlmsg_len += rthdr->rta_len;
- if (hdr->nlmsg_len > sizeof(request))
+ if (int_alg == AUTH_HMAC_SHA2_256_128)
{
- return FAILED;
+ struct xfrm_algo_auth* algo;
+
+ /* the kernel uses SHA256 with 96 bit truncation by default,
+ * use specified truncation size supported by newer kernels */
+ rthdr->rta_type = XFRMA_ALG_AUTH_TRUNC;
+ rthdr->rta_len = RTA_LENGTH(sizeof(struct xfrm_algo_auth) + int_key.len);
+
+ hdr->nlmsg_len += rthdr->rta_len;
+ if (hdr->nlmsg_len > sizeof(request))
+ {
+ return FAILED;
+ }
+
+ algo = (struct xfrm_algo_auth*)RTA_DATA(rthdr);
+ algo->alg_key_len = int_key.len * 8;
+ algo->alg_trunc_len = 128;
+ strcpy(algo->alg_name, alg_name);
+ memcpy(algo->alg_key, int_key.ptr, int_key.len);
}
+ else
+ {
+ struct xfrm_algo* algo;
- struct xfrm_algo* algo = (struct xfrm_algo*)RTA_DATA(rthdr);
- algo->alg_key_len = int_key.len * 8;
- strcpy(algo->alg_name, alg_name);
- memcpy(algo->alg_key, int_key.ptr, int_key.len);
+ rthdr->rta_type = XFRMA_ALG_AUTH;
+ rthdr->rta_len = RTA_LENGTH(sizeof(struct xfrm_algo) + int_key.len);
+ hdr->nlmsg_len += rthdr->rta_len;
+ if (hdr->nlmsg_len > sizeof(request))
+ {
+ return FAILED;
+ }
+
+ algo = (struct xfrm_algo*)RTA_DATA(rthdr);
+ algo->alg_key_len = int_key.len * 8;
+ strcpy(algo->alg_name, alg_name);
+ memcpy(algo->alg_key, int_key.ptr, int_key.len);
+ }
rthdr = XFRM_RTA_NEXT(rthdr);
}
projects / thirdparty / strongswan.git / commitdiff
