diff options
| author | Herbert Xu <herbert@gondor.apana.org.au> | 2008-01-28 22:37:29 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2008-01-31 22:27:03 -0500 |
| commit | 1a6509d991225ad210de54c63314fd9542922095 (patch) | |
| tree | afe5c560388558bebd3e21b7c6f789a28a323a51 /include/linux | |
| parent | 6fbf2cb77461a0cd0675228d20dd0f70d7b2251f (diff) | |
[IPSEC]: Add support for combined mode algorithms
This patch adds support for combined mode algorithms with GCM being
the first algorithm supported.
Combined mode algorithms can be added through the xfrm_user interface
using the new algorithm payload type XFRMA_ALG_AEAD. Each algorithms
is identified by its name and the ICV length.
For the purposes of matching algorithms in xfrm_tmpl structures,
combined mode algorithms occupy the same name space as encryption
algorithms. This is in line with how they are negotiated using IKE.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/linux')
| -rw-r--r-- | include/linux/pfkeyv2.h | 6 | ||||
| -rw-r--r-- | include/linux/xfrm.h | 8 |
2 files changed, 14 insertions, 0 deletions
diff --git a/include/linux/pfkeyv2.h b/include/linux/pfkeyv2.h index d9db5f62ee48..6db69ff5d83e 100644 --- a/include/linux/pfkeyv2.h +++ b/include/linux/pfkeyv2.h | |||
| @@ -298,6 +298,12 @@ struct sadb_x_sec_ctx { | |||
| 298 | #define SADB_X_EALG_BLOWFISHCBC 7 | 298 | #define SADB_X_EALG_BLOWFISHCBC 7 |
| 299 | #define SADB_EALG_NULL 11 | 299 | #define SADB_EALG_NULL 11 |
| 300 | #define SADB_X_EALG_AESCBC 12 | 300 | #define SADB_X_EALG_AESCBC 12 |
| 301 | #define SADB_X_EALG_AES_CCM_ICV8 14 | ||
| 302 | #define SADB_X_EALG_AES_CCM_ICV12 15 | ||
| 303 | #define SADB_X_EALG_AES_CCM_ICV16 16 | ||
| 304 | #define SADB_X_EALG_AES_GCM_ICV8 18 | ||
| 305 | #define SADB_X_EALG_AES_GCM_ICV12 19 | ||
| 306 | #define SADB_X_EALG_AES_GCM_ICV16 20 | ||
| 301 | #define SADB_X_EALG_CAMELLIACBC 22 | 307 | #define SADB_X_EALG_CAMELLIACBC 22 |
| 302 | #define SADB_EALG_MAX 253 /* last EALG */ | 308 | #define SADB_EALG_MAX 253 /* last EALG */ |
| 303 | /* private allocations should use 249-255 (RFC2407) */ | 309 | /* private allocations should use 249-255 (RFC2407) */ |
diff --git a/include/linux/xfrm.h b/include/linux/xfrm.h index 9b5b00c4ef9d..e31b8c84f2c9 100644 --- a/include/linux/xfrm.h +++ b/include/linux/xfrm.h | |||
| @@ -96,6 +96,13 @@ struct xfrm_algo { | |||
| 96 | char alg_key[0]; | 96 | char alg_key[0]; |
| 97 | }; | 97 | }; |
| 98 | 98 | ||
| 99 | struct xfrm_algo_aead { | ||
| 100 | char alg_name[64]; | ||
| 101 | int alg_key_len; /* in bits */ | ||
| 102 | int alg_icv_len; /* in bits */ | ||
| 103 | char alg_key[0]; | ||
| 104 | }; | ||
| 105 | |||
| 99 | struct xfrm_stats { | 106 | struct xfrm_stats { |
| 100 | __u32 replay_window; | 107 | __u32 replay_window; |
| 101 | __u32 replay; | 108 | __u32 replay; |
| @@ -270,6 +277,7 @@ enum xfrm_attr_type_t { | |||
| 270 | XFRMA_LASTUSED, | 277 | XFRMA_LASTUSED, |
| 271 | XFRMA_POLICY_TYPE, /* struct xfrm_userpolicy_type */ | 278 | XFRMA_POLICY_TYPE, /* struct xfrm_userpolicy_type */ |
| 272 | XFRMA_MIGRATE, | 279 | XFRMA_MIGRATE, |
| 280 | XFRMA_ALG_AEAD, /* struct xfrm_algo_aead */ | ||
| 273 | __XFRMA_MAX | 281 | __XFRMA_MAX |
| 274 | 282 | ||
| 275 | #define XFRMA_MAX (__XFRMA_MAX - 1) | 283 | #define XFRMA_MAX (__XFRMA_MAX - 1) |