ikev2: add support for GCM cipher

Type: feature
Change-Id: Ic703015b55f0ae947e5e44b10b74b3c79efe7da6
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
(cherry picked from commit de2dd6c35653225525b071d4dc748451e0d6bd7d)

1 files changed, 21 insertions, 0 deletions

diff --git a/src/plugins/ikev2/ikev2_crypto.c b/src/plugins/ikev2/ikev2_crypto.c
index 80638f17b13..c8fed439305 100644
--- a/src/plugins/ikev2/ikev2_crypto.c
+++ b/src/plugins/ikev2/ikev2_crypto.c
@@ -832,6 +832,27 @@ ikev2_crypto_init (ikev2_main_t * km)
   tr->block_size = 128 / 8;
   tr->cipher = EVP_aes_128_cbc ();
 
+  vec_add2 (km->supported_transforms, tr, 1);
+  tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
+  tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM;
+  tr->key_len = 256 / 8;
+  tr->block_size = 128 / 8;
+  tr->cipher = EVP_aes_256_gcm ();
+
+  vec_add2 (km->supported_transforms, tr, 1);
+  tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
+  tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM;
+  tr->key_len = 192 / 8;
+  tr->block_size = 128 / 8;
+  tr->cipher = EVP_aes_192_gcm ();
+
+  vec_add2 (km->supported_transforms, tr, 1);
+  tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
+  tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM;
+  tr->key_len = 128 / 8;
+  tr->block_size = 128 / 8;
+  tr->cipher = EVP_aes_128_gcm ();
+
   //PRF
   vec_add2 (km->supported_transforms, tr, 1);
   tr->type = IKEV2_TRANSFORM_TYPE_PRF;