diff options
Diffstat (limited to 'epan')
-rw-r--r-- | epan/dissectors/packet-ipsec.c | 28 | ||||
-rw-r--r-- | epan/dissectors/packet-isakmp.c | 17 |
2 files changed, 34 insertions, 11 deletions
diff --git a/epan/dissectors/packet-ipsec.c b/epan/dissectors/packet-ipsec.c index f0bdc477d6..7e39557e4b 100644 --- a/epan/dissectors/packet-ipsec.c +++ b/epan/dissectors/packet-ipsec.c @@ -135,13 +135,15 @@ static dissector_table_t ip_dissector_table; #define IPSEC_AUTH_HMAC_SHA1_96 1 #define IPSEC_AUTH_HMAC_SHA256_96 2 #define IPSEC_AUTH_HMAC_SHA256_128 3 -#define IPSEC_AUTH_HMAC_MD5_96 4 -#define IPSEC_AUTH_HMAC_RIPEMD160_96 5 +#define IPSEC_AUTH_HMAC_SHA384_192 4 +#define IPSEC_AUTH_HMAC_SHA512_256 5 +#define IPSEC_AUTH_HMAC_MD5_96 6 +#define IPSEC_AUTH_HMAC_RIPEMD160_96 7 /* define IPSEC_AUTH_AES_XCBC_MAC_96 6 */ -#define IPSEC_AUTH_ANY_96BIT 7 -#define IPSEC_AUTH_ANY_128BIT 8 -#define IPSEC_AUTH_ANY_192BIT 9 -#define IPSEC_AUTH_ANY_256BIT 10 +#define IPSEC_AUTH_ANY_96BIT 8 +#define IPSEC_AUTH_ANY_128BIT 9 +#define IPSEC_AUTH_ANY_192BIT 10 +#define IPSEC_AUTH_ANY_256BIT 11 #define IPSEC_IPV6_ADDR_LEN 128 #define IPSEC_IPV4_ADDR_LEN 32 @@ -1166,10 +1168,12 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) esp_auth_len = 16; break; + case IPSEC_AUTH_HMAC_SHA512_256: case IPSEC_AUTH_ANY_256BIT: esp_auth_len = 32; break; + case IPSEC_AUTH_HMAC_SHA384_192: case IPSEC_AUTH_ANY_192BIT: esp_auth_len = 24; break; @@ -1226,6 +1230,16 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) authentication_check_using_hmac_libgcrypt = TRUE; break; + case IPSEC_AUTH_HMAC_SHA384_192: + auth_algo_libgcrypt = GCRY_MD_SHA384; + authentication_check_using_hmac_libgcrypt = TRUE; + break; + + case IPSEC_AUTH_HMAC_SHA512_256: + auth_algo_libgcrypt = GCRY_MD_SHA512; + authentication_check_using_hmac_libgcrypt = TRUE; + break; + case IPSEC_AUTH_HMAC_MD5_96: /* RFC 2403 : HMAC-MD5-96 is a secret key algorithm. @@ -2074,6 +2088,8 @@ proto_register_ipsec(void) { IPSEC_AUTH_HMAC_SHA1_96, "HMAC-SHA-1-96 [RFC2404]" }, { IPSEC_AUTH_HMAC_SHA256_96, "HMAC-SHA-256-96 [draft-ietf-ipsec-ciph-sha-256-00]" }, { IPSEC_AUTH_HMAC_SHA256_128, "HMAC-SHA-256-128 [RFC4868]" }, + { IPSEC_AUTH_HMAC_SHA384_192, "HMAC-SHA-384-192 [RFC4868]" }, + { IPSEC_AUTH_HMAC_SHA512_256, "HMAC-SHA-512-256 [RFC4868]" }, { IPSEC_AUTH_HMAC_MD5_96, "HMAC-MD5-96 [RFC2403]" }, { IPSEC_AUTH_HMAC_RIPEMD160_96, "MAC-RIPEMD-160-96 [RFC2857]" }, /* { IPSEC_AUTH_AES_XCBC_MAC_96, "AES-XCBC-MAC-96 [RFC3566]" }, */ diff --git a/epan/dissectors/packet-isakmp.c b/epan/dissectors/packet-isakmp.c index b0cc773798..8343e54d3d 100644 --- a/epan/dissectors/packet-isakmp.c +++ b/epan/dissectors/packet-isakmp.c @@ -1614,18 +1614,23 @@ typedef struct _ikev2_auth_alg_spec { #define IKEV2_AUTH_HMAC_SHA1_96 3 #define IKEV2_AUTH_HMAC_SHA2_256_96 4 #define IKEV2_AUTH_HMAC_SHA2_256_128 5 -#define IKEV2_AUTH_ANY_96BITS 6 -#define IKEV2_AUTH_ANY_128BITS 7 -#define IKEV2_AUTH_ANY_160BITS 8 -#define IKEV2_AUTH_ANY_192BITS 9 -#define IKEV2_AUTH_ANY_256BITS 10 +#define IKEV2_AUTH_HMAC_SHA2_384_192 6 +#define IKEV2_AUTH_HMAC_SHA2_512_256 7 +#define IKEV2_AUTH_ANY_96BITS 8 +#define IKEV2_AUTH_ANY_128BITS 9 +#define IKEV2_AUTH_ANY_160BITS 10 +#define IKEV2_AUTH_ANY_192BITS 11 +#define IKEV2_AUTH_ANY_256BITS 12 static ikev2_auth_alg_spec_t ikev2_auth_algs[] = { +/*{number, output_len, key_len, trunc_len, gcry_alg, gcry_flag}*/ {IKEV2_AUTH_NONE, 0, 0, 0, GCRY_MD_NONE, 0}, {IKEV2_AUTH_HMAC_MD5_96, 16, 16, 12, GCRY_MD_MD5, GCRY_MD_FLAG_HMAC}, {IKEV2_AUTH_HMAC_SHA1_96, 20, 20, 12, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC}, {IKEV2_AUTH_HMAC_SHA2_256_96, 32, 32, 12, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC}, {IKEV2_AUTH_HMAC_SHA2_256_128, 32, 32, 16, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC}, + {IKEV2_AUTH_HMAC_SHA2_384_192, 48, 48, 24, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC}, + {IKEV2_AUTH_HMAC_SHA2_512_256, 64, 64, 32, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC}, {IKEV2_AUTH_ANY_96BITS, 0, 0, 12, 0, 0}, {IKEV2_AUTH_ANY_128BITS, 0, 0, 16, 0, 0}, {IKEV2_AUTH_ANY_160BITS, 0, 0, 20, 0, 0}, @@ -1686,6 +1691,8 @@ static const value_string vs_ikev2_auth_algs[] = { {IKEV2_AUTH_HMAC_SHA1_96, IKEV2_AUTH_HMAC_SHA1_96_STR}, {IKEV2_AUTH_HMAC_SHA2_256_96, "HMAC_SHA2_256_96 [draft-ietf-ipsec-ciph-sha-256-00]"}, {IKEV2_AUTH_HMAC_SHA2_256_128, "HMAC_SHA2_256_128 [RFC4868]"}, + {IKEV2_AUTH_HMAC_SHA2_384_192, "HMAC_SHA2_384_192 [RFC4868]"}, + {IKEV2_AUTH_HMAC_SHA2_512_256, "HMAC_SHA2_512_256 [RFC4868]"}, {IKEV2_AUTH_NONE, "NONE [RFC4306]"}, {IKEV2_AUTH_ANY_96BITS, "ANY 96-bits of Authentication [No Checking]"}, {IKEV2_AUTH_ANY_128BITS, "ANY 128-bits of Authentication [No Checking]"}, |