summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJoy Latten <latten@austin.ibm.com>2008-02-07 23:11:56 -0800
committerDavid S. Miller <davem@davemloft.net>2008-02-07 23:11:56 -0800
commit405137d16fbe4c80b9e06e61af05856027745d23 (patch)
tree67c9540d5b7d968782b0d05d6a8cdee5f70afae9
parent054b0e2b2d5ed460784e8dfbf30ff4768dbf4376 (diff)
downloadlinux-405137d16fbe4c80b9e06e61af05856027745d23.tar.bz2
[IPSEC]: Add support for aes-ctr.
The below patch allows IPsec to use CTR mode with AES encryption algorithm. Tested this using setkey in ipsec-tools. Signed-off-by: Joy Latten <latten@austin.ibm.com> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--include/linux/pfkeyv2.h1
-rw-r--r--net/xfrm/xfrm_algo.c17
2 files changed, 18 insertions, 0 deletions
diff --git a/include/linux/pfkeyv2.h b/include/linux/pfkeyv2.h
index 6db69ff5d83e..700725ddcaae 100644
--- a/include/linux/pfkeyv2.h
+++ b/include/linux/pfkeyv2.h
@@ -298,6 +298,7 @@ struct sadb_x_sec_ctx {
#define SADB_X_EALG_BLOWFISHCBC 7
#define SADB_EALG_NULL 11
#define SADB_X_EALG_AESCBC 12
+#define SADB_X_EALG_AESCTR 13
#define SADB_X_EALG_AES_CCM_ICV8 14
#define SADB_X_EALG_AES_CCM_ICV12 15
#define SADB_X_EALG_AES_CCM_ICV16 16
diff --git a/net/xfrm/xfrm_algo.c b/net/xfrm/xfrm_algo.c
index 6cc15250de69..8aa6440d689f 100644
--- a/net/xfrm/xfrm_algo.c
+++ b/net/xfrm/xfrm_algo.c
@@ -399,6 +399,23 @@ static struct xfrm_algo_desc ealg_list[] = {
.sadb_alg_maxbits = 256
}
},
+{
+ .name = "rfc3686(ctr(aes))",
+
+ .uinfo = {
+ .encr = {
+ .blockbits = 128,
+ .defkeybits = 160, /* 128-bit key + 32-bit nonce */
+ }
+ },
+
+ .desc = {
+ .sadb_alg_id = SADB_X_EALG_AESCTR,
+ .sadb_alg_ivlen = 8,
+ .sadb_alg_minbits = 128,
+ .sadb_alg_maxbits = 256
+ }
+},
};
static struct xfrm_algo_desc calg_list[] = {