Added support for a non-truncated SHA384 HMAC variant, as used by TLS

src/libstrongswan/crypto/signers/signer.c

@@ -21,6 +21,7 @@ ENUM_BEGIN(integrity_algorithm_names, AUTH_UNDEFINED, AUTH_CAMELLIA_XCBC_96,
 	"HMAC_SHA1_128",
 	"HMAC_SHA2_256_96",
 	"HMAC_SHA2_256_256",
+	"HMAC_SHA2_384_384",
 	"CAMELLIA_XCBC_96");
 ENUM_NEXT(integrity_algorithm_names, AUTH_HMAC_MD5_96, AUTH_HMAC_SHA2_512_256, AUTH_CAMELLIA_XCBC_96,
 	"HMAC_MD5_96",

src/libstrongswan/crypto/signers/signer.h

@@ -68,8 +68,10 @@ enum integrity_algorithm_t {
 	AUTH_HMAC_SHA2_256_96 = 1026,
 	/** SHA256 full length tuncation variant, as used in TLS */
 	AUTH_HMAC_SHA2_256_256 = 1027,
+	/** SHA384 full length tuncation variant, as used in TLS */
+	AUTH_HMAC_SHA2_384_384 = 1028,
 	/** draft-kanno-ipsecme-camellia-xcbc, not yet assigned by IANA */
-	AUTH_CAMELLIA_XCBC_96 = 1028,
+	AUTH_CAMELLIA_XCBC_96 = 1029,
 };
 
 /**

src/libstrongswan/plugins/hmac/hmac_signer.c

@@ -162,6 +162,11 @@ hmac_signer_t *hmac_signer_create(integrity_algorithm_t algo)
 		case AUTH_HMAC_SHA2_256_256:
 			hmac = hmac_create(HASH_SHA256);
 			trunc = 32;
+			break;
+		case AUTH_HMAC_SHA2_384_384:
+			hmac = hmac_create(HASH_SHA384);
+			trunc = 48;
+			break;
 		default:
 			return NULL;
 	}