Mercurial > illumos > illumos-gate
changeset 11892:0de1cd93a5ac
PSARC 2010/055 ECP and RFC5114 groups for IKE
6586320 RFC 4753 ECP groups needed for IKE
6900895 RFC 5114 ECP Diffie-Hellman groups
6897862 RFC 5114 integer modulus Diffie-Hellman groups
| author | Bill Sommerfeld <sommerfeld@sun.com> |
|---|---|
| date | Thu, 11 Mar 2010 11:40:46 -0800 |
| parents | e517bcc940b4 |
| children | ff6e80260186 |
| files | usr/src/cmd/cmd-inet/usr.sbin/ipsecutils/ikeadm.c usr/src/lib/libipsecutil/common/ikedoor.h |
| diffstat | 2 files changed, 36 insertions(+), 8 deletions(-) [+] |
line wrap: on
line diff
--- a/usr/src/cmd/cmd-inet/usr.sbin/ipsecutils/ikeadm.c Thu Mar 11 08:11:14 2010 -0800 +++ b/usr/src/cmd/cmd-inet/usr.sbin/ipsecutils/ikeadm.c Thu Mar 11 11:40:46 2010 -0800 @@ -18,7 +18,7 @@ * * CDDL HEADER END * - * Copyright 2009 Sun Microsystems, Inc. All rights reserved. + * Copyright 2010 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -1442,6 +1442,25 @@ return (gettext("6144-bit MODP (group 17)")); case IKE_GRP_DESC_MODP_8192: return (gettext("8192-bit MODP (group 18)")); + case IKE_GRP_DESC_ECP_256: + return (gettext("256-bit ECP (group 19)")); + case IKE_GRP_DESC_ECP_384: + return (gettext("384-bit ECP (group 20)")); + case IKE_GRP_DESC_ECP_521: + return (gettext("521-bit ECP (group 21)")); + case IKE_GRP_DESC_MODP_1024_160: + return ( + gettext("1024-bit MODP with 160-bit subprime (group 22)")); + case IKE_GRP_DESC_MODP_2048_224: + return ( + gettext("2048-bit MODP with 224-bit subprime (group 23)")); + case IKE_GRP_DESC_MODP_2048_256: + return ( + gettext("2048-bit MODP with 256-bit subprime (group 24)")); + case IKE_GRP_DESC_ECP_192: + return (gettext("192-bit ECP (group 25)")); + case IKE_GRP_DESC_ECP_224: + return (gettext("224-bit ECP (group 26)")); default: (void) snprintf(rtn, MAXLINESIZE, gettext("<unknown %d>"), grp); return (rtn);
--- a/usr/src/lib/libipsecutil/common/ikedoor.h Thu Mar 11 08:11:14 2010 -0800 +++ b/usr/src/lib/libipsecutil/common/ikedoor.h Thu Mar 11 11:40:46 2010 -0800 @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2009 Sun Microsystems, Inc. All rights reserved. + * Copyright 2010 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -277,12 +277,21 @@ #define IKE_GRP_DESC_EC2N_155 3 #define IKE_GRP_DESC_EC2N_185 4 /* values for p1xf_dh_group (aligned with RFC3526) */ -#define IKE_GRP_DESC_MODP_1536 5 -#define IKE_GRP_DESC_MODP_2048 14 -#define IKE_GRP_DESC_MODP_3072 15 -#define IKE_GRP_DESC_MODP_4096 16 -#define IKE_GRP_DESC_MODP_6144 17 -#define IKE_GRP_DESC_MODP_8192 18 +#define IKE_GRP_DESC_MODP_1536 5 +#define IKE_GRP_DESC_MODP_2048 14 +#define IKE_GRP_DESC_MODP_3072 15 +#define IKE_GRP_DESC_MODP_4096 16 +#define IKE_GRP_DESC_MODP_6144 17 +#define IKE_GRP_DESC_MODP_8192 18 +#define IKE_GRP_DESC_ECP_256 19 +#define IKE_GRP_DESC_ECP_384 20 +#define IKE_GRP_DESC_ECP_521 21 +/* values for p1xf_dh_group (aligned with RFC5114) */ +#define IKE_GRP_DESC_MODP_1024_160 22 +#define IKE_GRP_DESC_MODP_2048_224 23 +#define IKE_GRP_DESC_MODP_2048_256 24 +#define IKE_GRP_DESC_ECP_192 25 +#define IKE_GRP_DESC_ECP_224 26 /* values for p1xf_auth_meth (aligned with RFC2409, Appendix A) */ #define IKE_AUTH_METH_PRE_SHARED_KEY 1