diff options
author | vanhu <vanhu@FreeBSD.org> | 2011-02-18 09:40:13 +0000 |
---|---|---|
committer | vanhu <vanhu@FreeBSD.org> | 2011-02-18 09:40:13 +0000 |
commit | b5386e15c14dd35dcd82a748b00a7a741b1238f9 (patch) | |
tree | 7caf902dec994fcea8dd9be967378950d398ba35 /sys/netipsec/xform.h | |
parent | f9ba5edcb6ab519d38ac8a40899df85ba5713843 (diff) | |
download | FreeBSD-src-b5386e15c14dd35dcd82a748b00a7a741b1238f9.zip FreeBSD-src-b5386e15c14dd35dcd82a748b00a7a741b1238f9.tar.gz |
Fixed IPsec's HMAC_SHA256-512 support to be RFC4868 compliant.
This will break interoperability with all older versions of
FreeBSD for those algorithms.
Reviewed by: bz, gnn
Obtained from: NETASQ
MFC after: 1w
Diffstat (limited to 'sys/netipsec/xform.h')
-rw-r--r-- | sys/netipsec/xform.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/sys/netipsec/xform.h b/sys/netipsec/xform.h index 92f7866..47e2cfe 100644 --- a/sys/netipsec/xform.h +++ b/sys/netipsec/xform.h @@ -46,6 +46,7 @@ #include <opencrypto/xform.h> #define AH_HMAC_HASHLEN 12 /* 96 bits of authenticator */ +#define AH_HMAC_MAXHASHLEN (SHA2_512_HASH_LEN/2) /* Keep this updated */ #define AH_HMAC_INITIAL_RPL 1 /* replay counter initial value */ /* |