break;
}
}
+ else if (tr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM
+ && tr->key_len)
+ {
+ switch (tr->key_len)
+ {
+ case 16:
+ encr_type = IPSEC_CRYPTO_ALG_AES_GCM_128;
+ break;
+ case 24:
+ encr_type = IPSEC_CRYPTO_ALG_AES_GCM_192;
+ break;
+ case 32:
+ encr_type = IPSEC_CRYPTO_ALG_AES_GCM_256;
+ break;
+ default:
+ ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
+ return 1;
+ break;
+ }
+ }
else
{
ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
_(9 , DES_IV32, "des-iv32") \
_(11, NULL, "null") \
_(12, AES_CBC, "aes-cbc") \
- _(13, AES_CTR, "aes-ctr")
+ _(13, AES_CTR, "aes-ctr") \
+ _(14, AES_GCM, "aes-gcm")
typedef enum
{
tr->block_size = 128 / 8;
tr->cipher = EVP_aes_128_cbc ();
+ vec_add2 (km->supported_transforms, tr, 1);
+ tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
+ tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM;
+ tr->key_len = 256 / 8;
+ tr->block_size = 128 / 8;
+ tr->cipher = EVP_aes_256_gcm ();
+
+ vec_add2 (km->supported_transforms, tr, 1);
+ tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
+ tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM;
+ tr->key_len = 192 / 8;
+ tr->block_size = 128 / 8;
+ tr->cipher = EVP_aes_192_gcm ();
+
+ vec_add2 (km->supported_transforms, tr, 1);
+ tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
+ tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM;
+ tr->key_len = 128 / 8;
+ tr->block_size = 128 / 8;
+ tr->cipher = EVP_aes_128_gcm ();
+
//PRF
vec_add2 (km->supported_transforms, tr, 1);
tr->type = IKEV2_TRANSFORM_TYPE_PRF;
Code Review / vpp.git / commitdiff