From 387f9bb2f8f11af872f6f78f4b12d7cd20ea8c58 Mon Sep 17 00:00:00 2001 From: vindenesen Date: Thu, 26 Sep 2019 15:33:27 +0200 Subject: [OpenVPN]: T1688: Added aes-gcm encryptions --- interface-definitions/interfaces-openvpn.xml | 22 +++++++++++++++++----- src/conf_mode/interface-openvpn.py | 6 ++++++ 2 files changed, 23 insertions(+), 5 deletions(-) diff --git a/interface-definitions/interfaces-openvpn.xml b/interface-definitions/interfaces-openvpn.xml index fb2564cbd..365d80558 100644 --- a/interface-definitions/interfaces-openvpn.xml +++ b/interface-definitions/interfaces-openvpn.xml @@ -106,7 +106,7 @@ Data Encryption Algorithm - des 3des bf128 bf256 aes128 aes192 aes256 + des 3des bf128 bf256 aes128 aes128gcm aes192 aes192gcm aes256 aes256gcm des @@ -126,18 +126,30 @@ aes128 - AES algorithm with 128-bit key + AES algorithm with 128-bit key CBC + + + aes128gcm + AES algorithm with 128-bit key GCM aes192 - AES algorithm with 192-bit key + AES algorithm with 192-bit key CBC + + + aes192gcm + AES algorithm with 192-bit key GCM aes256 - AES algorithm with 256-bit key + AES algorithm with 256-bit key CBC + + + aes256gcm + AES algorithm with 256-bit key GCM - (des|3des|bf128|bf256|aes128|aes192|aes256) + (des|3des|bf128|bf256|aes128|aes128gcm|aes192|aes192gcm|aes256|aes256gcm) diff --git a/src/conf_mode/interface-openvpn.py b/src/conf_mode/interface-openvpn.py index a988e1ab1..d00671a85 100755 --- a/src/conf_mode/interface-openvpn.py +++ b/src/conf_mode/interface-openvpn.py @@ -207,10 +207,16 @@ keysize 128 {%- elif 'bf256' in encryption %} cipher bf-cbc keysize 25 +{%- elif 'aes128gcm' in encryption %} +cipher aes-128-gcm {%- elif 'aes128' in encryption %} cipher aes-128-cbc +{%- elif 'aes192gcm' in encryption %} +cipher aes-192-gcm {%- elif 'aes192' in encryption %} cipher aes-192-cbc +{%- elif 'aes256gcm' in encryption %} +cipher aes-256-gcm {%- elif 'aes256' in encryption %} cipher aes-256-cbc {% endif %} -- cgit v1.2.3