Module Name: src
Committed By: drochner
Date: Fri Feb 25 20:13:10 UTC 2011
Modified Files:
src/share/man/man4: crypto.4
src/sys/netipsec: xform.h xform_esp.c
src/sys/opencrypto: cryptodev.h cryptosoft.c xform.c xform.h
Log Message:
make the use of SHA2-HMAC by FAST_IPSEC compliant to current standards:
-RFC2104 says that the block size of the hash algorithm must be used
for key/ipad/opad calculations. While formerly all ciphers used a block
length of 64, SHA384 and SHA512 use 128 bytes. So we can't use the
HMAC_BLOCK_LEN constant anymore. Add a new field to "struct auth_hash"
for the per-cipher blocksize.
-Due to this, there can't be a single "CRYPTO_SHA2_HMAC" external name
anymore. Replace this by 3 for the 3 different keysizes.
This was done by Open/FreeBSD before.
-Also fix the number of authenticator bits used tor ESP and AH to
conform to RFC4868, and remove uses of AH_HMAC_HASHLEN which did
assume a fixed authenticator size of 12 bytes.
FAST_IPSEC will not interoperate with KAME IPSEC anymore if sha2 is used,
because the latter doesn't implement these standards. It should
interoperate with at least modern Free/OpenBSD now.
(I've only tested with NetBSD-current/FAST_IPSEC on both ends.)
To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 src/share/man/man4/crypto.4
cvs rdiff -u -r1.6 -r1.7 src/sys/netipsec/xform.h
cvs rdiff -u -r1.29 -r1.30 src/sys/netipsec/xform_esp.c
cvs rdiff -u -r1.18 -r1.19 src/sys/opencrypto/cryptodev.h
cvs rdiff -u -r1.28 -r1.29 src/sys/opencrypto/cryptosoft.c
cvs rdiff -u -r1.19 -r1.20 src/sys/opencrypto/xform.c
cvs rdiff -u -r1.11 -r1.12 src/sys/opencrypto/xform.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
