summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/cipherFactory.cpp6
-rw-r--r--src/keyDerivationFactory.cpp6
-rw-r--r--src/man/anytun.8.txt34
3 files changed, 45 insertions, 1 deletions
diff --git a/src/cipherFactory.cpp b/src/cipherFactory.cpp
index bab0d5a..02fff5d 100644
--- a/src/cipherFactory.cpp
+++ b/src/cipherFactory.cpp
@@ -43,6 +43,12 @@ Cipher* CipherFactory::create(std::string const& type, kd_dir_t dir)
#ifndef NOCRYPT
else if( type == "aes-ctr" )
return new AesIcmCipher(dir);
+ else if( type == "aes-ctr-128" )
+ return new AesIcmCipher(dir, 128);
+ else if( type == "aes-ctr-192" )
+ return new AesIcmCipher(dir, 192);
+ else if( type == "aes-ctr-256" )
+ return new AesIcmCipher(dir, 256);
#endif
else
throw std::invalid_argument("cipher not available");
diff --git a/src/keyDerivationFactory.cpp b/src/keyDerivationFactory.cpp
index 58518b8..c0e06ab 100644
--- a/src/keyDerivationFactory.cpp
+++ b/src/keyDerivationFactory.cpp
@@ -43,6 +43,12 @@ KeyDerivation* KeyDerivationFactory::create(std::string const& type)
#ifndef NOCRYPT
else if( type == "aes-ctr" )
return new AesIcmKeyDerivation();
+ else if( type == "aes-ctr-128" )
+ return new AesIcmKeyDerivation(128);
+ else if( type == "aes-ctr-192" )
+ return new AesIcmKeyDerivation(192);
+ else if( type == "aes-ctr-256" )
+ return new AesIcmKeyDerivation(256);
#endif
else
throw std::invalid_argument("key derivation prf not available");
diff --git a/src/man/anytun.8.txt b/src/man/anytun.8.txt
index c3affa2..65f5c97 100644
--- a/src/man/anytun.8.txt
+++ b/src/man/anytun.8.txt
@@ -31,6 +31,8 @@ SYNOPSIS
[ *-m|--mux* <mux-id> ]
[ *-s|--sender-id* <sender id> ]
[ *-w|--window-size* <window size> ]
+[ *-k|--kd-prf* <kd-prf type> ]
+[ *-l|--ld-kdr* <ld-kdr> ]
[ *-c|--cipher* <cipher type> ]
[ *-a|--auth-algo* <algo type> ]
[ *-K|--key* <master key> ]
@@ -261,7 +263,10 @@ Encryption algorithm used for encrypting the payload
Possible values:
* *null* - no encryption
-* *aes-ctr* - AES in counter mode, default value
+* *aes-ctr* - AES in counter mode with 128 Bits, default value
+* *aes-ctr-128* - AES in counter mode with 128 Bits
+* *aes-ctr-192* - AES in counter mode with 192 Bits
+* *aes-ctr-256* - AES in counter mode with 256 Bits
-a|--auth-algo <algo type>
~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -279,6 +284,33 @@ Possible values:
If HMAC-SHA1 is used, the packet length is increased by
10 bytes. These 10 bytes contain the authentication data.
+-k|--kd--prf <kd-prf type>
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+key derivation pseudo random function.
+
+The pseudo random function which is used for calculating the
+session keys and session salt.
+
+Possible values:
+
+* *null* - no random function, keys and salt are set to 0..00
+* *aes-ctr* - AES in counter mode with 128 Bits, default value
+* *aes-ctr-128* - AES in counter mode with 128 Bits
+* *aes-ctr-192* - AES in counter mode with 192 Bits
+* *aes-ctr-256* - AES in counter mode with 256 Bits
+
+-l|--ld-kdr <ld-kdr>
+~~~~~~~~~~~~~~~~~~~~
+
+The log2 of the key derivation rate. This is used by the key
+derivation to determine how ofen a new session key has to be
+generated. A value of -1 means to generate only one key and use
+it forever. The default is 0 which means to calculate a new key
+for every packet. A value of 1 would tell the key derivation
+to generate a new key after 2 packets, for 2 its 4 packets and
+so on.
+
-K|--key <master key>
~~~~~~~~~~~~~~~~~~~~~