i.ipsecalgsbase revision 0358d3a672326bc66debe0a1c3a2372cd9f0f662
#!/bin/sh
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#
# Copyright 2008 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
# ident "%Z%%M% %I% %E% SMI"
while read src dest
do
if [ ! -f $dest ] ; then
#
# new install or upgrade from much older OS revision
# just copy in the new base ipsecalgs file
#
cp $src $dest
else
#
# upgrade from a previous version of the ipsecalgs file
# There might be third party algorithms in this file and
# changes that need to be preserved, so we just substitute
# in the protocols and algorithms that we know we need to
# either update or revert from past mistakes.
#
#
# We construct the sed command like this to avoid
# lines greater than 80 characters
#
sedcmd="-e 's/CKM_BF_CBC/CKM_BLOWFISH_CBC/'"
sedcmd="${sedcmd} -e 's/CKM_BLOWFISH_CBC|128\/32-128,8/"
sedcmd="${sedcmd}CKM_BLOWFISH_CBC|128\/32-448,8/'"
sedcmd="${sedcmd} -e 's/AES_CBC|128|/AES_CBC|128\/128-256,64|/'"
eval sed $sedcmd $dest > $dest.$$
#
# Add in SHA-2 support if not already there
#
awk -F\| '\
BEGIN {sha256=0; sha384=0; sha512=0} \
/^#/ || /^$/ || /^PROTO/ {print; next}; \
{if ($2 == 2) {if ($3 == 5) {sha256=1}; \
if ($3 == 6) {sha384=1}; if ($3 == 7) {sha512=1}; \
print; next}}; \
{if ($2 == 3 && $3 == 0) \
{if (!sha256) {print "ALG|2|5|hmac-sha256,sha256,sha-256,hmac-sha-256|CKM_SHA256_HMAC_GENERAL|256|16"; sha256=1}}; \
{if (!sha384) {print "ALG|2|6|hmac-sha384,sha384,sha-384,hmac-sha-384|CKM_SHA384_HMAC_GENERAL|384|24";sha384=1}}; \
{if (!sha512) {print "ALG|2|7|hmac-sha512,sha512,sha-512,hmac-sha-512|CKM_SHA512_HMAC_GENERAL|512|32";sha512=1}} print}' \
$dest.$$ > $dest.2.$$
mv $dest.2.$$ $dest
rm $dest.$$
fi
done
exit 0