From fd41336ef5a14e7f322b0a8af359c45ce03d4cc8 Mon Sep 17 00:00:00 2001 From: ume Date: Mon, 13 Oct 2003 14:57:41 +0000 Subject: - support AES counter mode for ESP. - use size_t as return type of schedlen(), as there's no error check needed. - clear key schedule buffer before freeing. Obtained from: KAME --- sbin/setkey/setkey.8 | 5 +++++ sbin/setkey/token.l | 1 + 2 files changed, 6 insertions(+) (limited to 'sbin/setkey') diff --git a/sbin/setkey/setkey.8 b/sbin/setkey/setkey.8 index 680803b..4ab8927 100644 --- a/sbin/setkey/setkey.8 +++ b/sbin/setkey/setkey.8 @@ -573,8 +573,13 @@ cast128-cbc 40 to 128 rfc2451 des-deriv 64 ipsec-ciph-des-derived-01 (expired) 3des-deriv 192 no document rijndael-cbc 128/192/256 draft-ietf-ipsec-ciph-aes-cbc-00 +aes-ctr 160/224/288 draft-ietf-ipsec-ciph-aes-ctr-03 .Ed .Pp +Note that the first 128 bits of a key for +.Li aes-ctr +will be used as AES key, and remaining 32 bits will be used as nonce. +.Pp Followings are the list of compression algorithms that can be used as .Ar calgo in diff --git a/sbin/setkey/token.l b/sbin/setkey/token.l index 312df4c..5f73594 100644 --- a/sbin/setkey/token.l +++ b/sbin/setkey/token.l @@ -184,6 +184,7 @@ cast128-cbc { PREPROC; yylval.num = SADB_X_EALG_CAST128CBC; return(ALG_ENC); } des-deriv { PREPROC; yylval.num = SADB_EALG_DESCBC; return(ALG_ENC_DESDERIV); } des-32iv { PREPROC; yylval.num = SADB_EALG_DESCBC; return(ALG_ENC_DES32IV); } rijndael-cbc { PREPROC; yylval.num = SADB_X_EALG_RIJNDAELCBC; return(ALG_ENC); } +aes-ctr { PREPROC; yylval.num = SADB_X_EALG_AESCTR; return(ALG_ENC); } /* compression algorithms */ {hyphen}C { PREPROC; return(F_COMP); } -- cgit v1.1