Commit e6911aff authored by Xu Jia's avatar Xu Jia Committed by Steffen Klassert
Browse files

xfrm: Add support for SM3 secure hash 



This patch allows IPsec to use SM3 HMAC authentication algorithm.

Signed-off-by: default avatarXu Jia <xujia39@huawei.com>
Signed-off-by: default avatarSteffen Klassert <steffen.klassert@secunet.com>
parent af734a26

include/uapi/linux/pfkeyv2.h

+1 −0
Original line number Diff line number Diff line
@@ -309,6 +309,7 @@ struct sadb_x_filter { 
#define SADB_X_AALG_SHA2_512HMAC	7

#define SADB_X_AALG_RIPEMD160HMAC	8

#define SADB_X_AALG_AES_XCBC_MAC	9

#define SADB_X_AALG_SM3_256HMAC		10

#define SADB_X_AALG_NULL		251	/* kame */

#define SADB_AALG_MAX			251

net/xfrm/xfrm_algo.c

+20 −0
Original line number Diff line number Diff line
@@ -341,6 +341,26 @@ static struct xfrm_algo_desc aalg_list[] = { 


	.pfkey_supported = 0,

},

{

	.name = "hmac(sm3)",

	.compat = "sm3",



	.uinfo = {

		.auth = {

			.icv_truncbits = 256,

			.icv_fullbits = 256,

		}

	},



	.pfkey_supported = 1,



	.desc = {

		.sadb_alg_id = SADB_X_AALG_SM3_256HMAC,

		.sadb_alg_ivlen = 0,

		.sadb_alg_minbits = 256,

		.sadb_alg_maxbits = 256

	}

},

};



static struct xfrm_algo_desc ealg_list[] = {