Revision 7b826864
Added by Bruno Thomsen over 10 years ago
| etc/inc/ipsec.inc | ||
|---|---|---|
| 69 | 69 |
global $p1_ealgos; |
| 70 | 70 |
$p1_ealgos = array( |
| 71 | 71 |
'aes' => array( 'name' => 'AES', 'keysel' => array( 'lo' => 128, 'hi' => 256, 'step' => 64 ) ), |
| 72 |
'aes128gcm' => array( 'name' => 'AES128-GCM', 'keysel' => array( 'lo' => 64, 'hi' => 128, 'step' => 32 ) ), |
|
| 73 |
'aes192gcm' => array( 'name' => 'AES192-GCM', 'keysel' => array( 'lo' => 64, 'hi' => 128, 'step' => 32 ) ), |
|
| 74 |
'aes256gcm' => array( 'name' => 'AES256-GCM', 'keysel' => array( 'lo' => 64, 'hi' => 128, 'step' => 32 ) ), |
|
| 72 | 75 |
'blowfish' => array( 'name' => 'Blowfish', 'keysel' => array( 'lo' => 128, 'hi' => 256, 'step' => 64 ) ), |
| 73 | 76 |
'3des' => array( 'name' => '3DES' ), |
| 74 | 77 |
'cast128' => array( 'name' => 'CAST128' ), |
Also available in: Unified diff
ipsec: IKE phase one AES-GCM support
Use of Galois/Counter Mode (GCM) during IKE phase-1 is defined in RFC4106.
Signed-off-by: Bruno Thomsen <bruno.thomsen@gmail.com>