diff options
| author | Kristof Provost <kp@FreeBSD.org> | 2022-10-18 16:31:02 +0000 |
|---|---|---|
| committer | Kristof Provost <kp@FreeBSD.org> | 2022-11-02 13:19:04 +0000 |
| commit | 9f8f3a8e9ad4fbdcdfd14eb4d3977e587ab41341 (patch) | |
| tree | b71aea09daf3fb4f0e2b48f1fd9b1d2e140da373 /sbin/setkey | |
| parent | e1274b5b2646a49c1e3efce6c9918c99716d3c07 (diff) | |
Diffstat (limited to 'sbin/setkey')
| -rw-r--r-- | sbin/setkey/setkey.8 | 4 | ||||
| -rw-r--r-- | sbin/setkey/token.l | 2 |
2 files changed, 5 insertions, 1 deletions
diff --git a/sbin/setkey/setkey.8 b/sbin/setkey/setkey.8 index ff36c53a2f7f..6df1839ca6e4 100644 --- a/sbin/setkey/setkey.8 +++ b/sbin/setkey/setkey.8 @@ -29,7 +29,7 @@ .\" .\" $FreeBSD$ .\" -.Dd September 13, 2022 +.Dd October 19, 2022 .Dt SETKEY 8 .Os .\" @@ -598,6 +598,7 @@ hmac-sha2-512 512 ah/esp: 256bit ICV (RFC4868) aes-xcbc-mac 128 ah/esp: 96bit ICV (RFC3566) 128 ah-old/esp-old: 128bit ICV (no document) tcp-md5 8 to 640 tcp: rfc2385 +chacha20-poly1305 256 ah/esp: 128bit ICV (RFC7634) .Ed .Ss Encryption Algorithms The following encryption algorithms can be used as the @@ -613,6 +614,7 @@ null 0 to 2048 rfc2410 aes-cbc 128/192/256 rfc3602 aes-ctr 160/224/288 rfc3686 aes-gcm-16 160/224/288 AEAD; rfc4106 +chacha20-poly1305 256 rfc7634 .Ed .Pp Note that the first 128/192/256 bits of a key for diff --git a/sbin/setkey/token.l b/sbin/setkey/token.l index 9a0cc9ea1915..1cf2a43fe323 100644 --- a/sbin/setkey/token.l +++ b/sbin/setkey/token.l @@ -147,6 +147,7 @@ tcp { yylval.num = 0; return(PR_TCP); } /* authentication alogorithm */ {hyphen}A { BEGIN S_AUTHALG; return(F_AUTH); } +<S_AUTHALG>chacha20-poly1305 { yylval.num = SADB_X_AALG_CHACHA20POLY1305; BEGIN INITIAL; return(ALG_AUTH); } <S_AUTHALG>hmac-sha1 { yylval.num = SADB_AALG_SHA1HMAC; BEGIN INITIAL; return(ALG_AUTH); } <S_AUTHALG>hmac-sha2-256 { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); } <S_AUTHALG>hmac-sha2-384 { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); } @@ -163,6 +164,7 @@ tcp { yylval.num = 0; return(PR_TCP); } <S_ENCALG>aes-cbc { yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); } <S_ENCALG>aes-ctr { yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC_SALT); } <S_ENCALG>aes-gcm-16 { yylval.num = SADB_X_EALG_AESGCM16; BEGIN INITIAL; return(ALG_ENC_SALT); } +<S_ENCALG>chacha20-poly1305 { yylval.num = SADB_X_EALG_CHACHA20POLY1305; BEGIN INITIAL; return(ALG_ENC_SALT); } /* compression algorithms */ {hyphen}C { return(F_COMP); } |