hi, On Tue, Nov 14, 2000 at 01:40:01PM -0700, itojun_(_at_)_iijlab_(_dot_)_net wrote: > the items marked by arrow are not declared in > http://www.isi.edu/in-notes/iana/assignments/isakmp-registry > (which is the source of PF_KEY numbering). they should reside in > private algorithm sapce, starting from 249. yes, you right! Therefore I have rearranged the numbering for SADB_AALG_* as well as for SADB_EALG_*. The patch may look like this: --- /usr/include/net/pfkeyv2.h Wed Nov 15 17:55:46 2000 +++ pfkeyv2.h Thu Nov 16 10:57:28 2000 @@ -217,21 +217,21 @@ #define SADB_AALG_NONE 0 #define SADB_AALG_MD5HMAC 2 #define SADB_AALG_SHA1HMAC 3 -#define SADB_AALG_MD5HMAC96 4 -#define SADB_AALG_SHA1HMAC96 5 -#define SADB_X_AALG_RIPEMD160HMAC96 6 -#define SADB_X_AALG_MD5 7 -#define SADB_X_AALG_SHA1 8 -#define SADB_AALG_MAX 8 +#define SADB_X_AALG_RIPEMD160HMAC96 8 +#define SADB_AALG_MD5HMAC96 249 +#define SADB_AALG_SHA1HMAC96 250 +#define SADB_X_AALG_MD5 251 +#define SADB_X_AALG_SHA1 252 +#define SADB_AALG_MAX 252 #define SADB_EALG_NONE 0 #define SADB_EALG_DESCBC 2 #define SADB_EALG_3DESCBC 3 -#define SADB_X_EALG_SKIPJACK 5 #define SADB_X_EALG_CAST 6 #define SADB_X_EALG_BLF 7 -#define SADB_X_EALG_AES 12 -#define SADB_EALG_MAX 12 +#define SADB_X_EALG_AES 249 +#define SADB_X_EALG_SKIPJACK 250 +#define SADB_EALG_MAX 250 #define SADB_SAFLAGS_PFS 0x001 /* perfect forward secrecy */ #define SADB_X_SAFLAGS_HALFIV 0x002 /* Used for ESP-old */ rfc2407 states HMAC-MD5-96 and HMAC-SHA-1-96 as a MUST but assigns numbers only to MD5HMAC and SHA1HMAC. So I am not quite sure if my numbering for SADB_AALG_* is reasonable. Cheers, Hans -- pub 1024D/513AEFD9 1999-12-18 Hans-Joerg Hoexer <hshoexer_(_at_)_rommelwood_(_dot_)_de> Key fingerprint = 83D2 436A 0D3C 34A9 E0FF 4C33 35F6 617C 513A EFD9
Attachment:
pgpBnn9ChGNxj.pgp
Description: PGP signature