diff options
author | Joy Latten <latten@austin.ibm.com> | 2008-02-08 10:11:56 +0300 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-02-08 10:11:56 +0300 |
commit | 405137d16fbe4c80b9e06e61af05856027745d23 (patch) | |
tree | 67c9540d5b7d968782b0d05d6a8cdee5f70afae9 | |
parent | 054b0e2b2d5ed460784e8dfbf30ff4768dbf4376 (diff) | |
download | linux-405137d16fbe4c80b9e06e61af05856027745d23.tar.xz |
[IPSEC]: Add support for aes-ctr.
The below patch allows IPsec to use CTR mode with AES encryption
algorithm. Tested this using setkey in ipsec-tools.
Signed-off-by: Joy Latten <latten@austin.ibm.com>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | include/linux/pfkeyv2.h | 1 | ||||
-rw-r--r-- | net/xfrm/xfrm_algo.c | 17 |
2 files changed, 18 insertions, 0 deletions
diff --git a/include/linux/pfkeyv2.h b/include/linux/pfkeyv2.h index 6db69ff5d83e..700725ddcaae 100644 --- a/include/linux/pfkeyv2.h +++ b/include/linux/pfkeyv2.h @@ -298,6 +298,7 @@ struct sadb_x_sec_ctx { #define SADB_X_EALG_BLOWFISHCBC 7 #define SADB_EALG_NULL 11 #define SADB_X_EALG_AESCBC 12 +#define SADB_X_EALG_AESCTR 13 #define SADB_X_EALG_AES_CCM_ICV8 14 #define SADB_X_EALG_AES_CCM_ICV12 15 #define SADB_X_EALG_AES_CCM_ICV16 16 diff --git a/net/xfrm/xfrm_algo.c b/net/xfrm/xfrm_algo.c index 6cc15250de69..8aa6440d689f 100644 --- a/net/xfrm/xfrm_algo.c +++ b/net/xfrm/xfrm_algo.c @@ -399,6 +399,23 @@ static struct xfrm_algo_desc ealg_list[] = { .sadb_alg_maxbits = 256 } }, +{ + .name = "rfc3686(ctr(aes))", + + .uinfo = { + .encr = { + .blockbits = 128, + .defkeybits = 160, /* 128-bit key + 32-bit nonce */ + } + }, + + .desc = { + .sadb_alg_id = SADB_X_EALG_AESCTR, + .sadb_alg_ivlen = 8, + .sadb_alg_minbits = 128, + .sadb_alg_maxbits = 256 + } +}, }; static struct xfrm_algo_desc calg_list[] = { |