[Swan-dev] DH group naming

Andrew Cagney andrew.cagney at gmail.com
Fri Jul 7 21:03:26 UTC 2017


I've merged the remaining changes that affect this into mainline, so
they should all be 3.21.
Please give it a try.

On 27 June 2017 at 09:54, Andrew Cagney <andrew.cagney at gmail.com> wrote:
> On 23 June 2017 at 11:46, Oleg Rosowiecki <orosowiecki at gmail.com> wrote:
>> Thanks! By the way, I think it's worth updating the man pages with the
>> summary of this. Some of the naming conventions and algorithm names are
>> unclear unless you investigate by trial and error and/or looking at the
>> source code.
>
> Ah, yes, mumble something about algparse.8.

continue mumbling

> For names, the best place to look is pluto's log file - during start
> up the new name table into the log file.  While all the names listed
> there should work many don't - both parser bugs and the old lookup
> code lurking in 3.21 get in the way.  Hopefully 3.22 is far more
> consistent.
>
> BTW, I've a parser hack to fix the edge cases below, but it too runs
> up against old code lurking in 3.21 :-/
>
>> On Fri, Jun 23, 2017 at 5:35 PM, Andrew Cagney <andrew.cagney at gmail.com>
>> wrote:
>>>
>>> For reference,
>>>
>>> FYI, I came up with the following additions.  While I don't think
>>> aes_gcm_256 is valid, aes_gcm_16_256 certainly is :-/
>>>
>>> @@ -104,10 +104,36 @@
>>>  [esp=aes_gcm_c-128-null]      OK: AES_GCM_C(20)_128-NONE(0)
>>>  [esp=aes_gcm_c-192-null]      OK: AES_GCM_C(20)_192-NONE(0)
>>>  [esp=aes_gcm_c-256-null]      OK: AES_GCM_C(20)_256-NONE(0)
>>> +[esp=aes_ccm_a-null]          OK: AES_CCM_A(14)_000-NONE(0)
>>> +[esp=aes_ccm_b-null]          OK: AES_CCM_B(15)_000-NONE(0)
>>> +[esp=aes_ccm_c-null]          OK: AES_CCM_C(16)_000-NONE(0)
>>> +[esp=aes_gcm_a-null]          OK: AES_GCM_A(18)_000-NONE(0)
>>> +[esp=aes_gcm_b-null]          OK: AES_GCM_B(19)_000-NONE(0)
>>> +[esp=aes_gcm_c-null]          OK: AES_GCM_C(20)_000-NONE(0)
>>>  [esp=aes_ccm-null]            OK: AES_CCM_C(16)_000-NONE(0)
>>>  [esp=aes_gcm-null]            OK: AES_GCM_C(20)_000-NONE(0)
>>>  [esp=aes_ccm-256-null]        OK: AES_CCM_C(16)_256-NONE(0)
>>>  [esp=aes_gcm-192-null]        OK: AES_GCM_C(20)_192-NONE(0)
>>> +[esp=aes_ccm_256-null]     ERROR: ESP encryption algorithm 'aes_ccm_'
>>> is not recognized, enc_alg="aes_ccm_"(256), auth_alg="null", modp=""
>>> +[esp=aes_gcm_192-null]     ERROR: ESP encryption algorithm 'aes_gcm_'
>>> is not recognized, enc_alg="aes_gcm_"(192), auth_alg="null", modp=""
>>> +[esp=aes_ccm_8-null]       ERROR: ESP encryption algorithm 'aes_ccm_'
>>> is not recognized, enc_alg="aes_ccm_"(8), auth_alg="null", modp=""
>>> +[esp=aes_ccm_12-null]      ERROR: ESP encryption algorithm 'aes_ccm_'
>>> is not recognized, enc_alg="aes_ccm_"(12), auth_alg="null", modp=""
>>> +[esp=aes_ccm_16-null]      ERROR: ESP encryption algorithm 'aes_ccm_'
>>> is not recognized, enc_alg="aes_ccm_"(16), auth_alg="null", modp=""
>>> +[esp=aes_gcm_8-null]       ERROR: ESP encryption algorithm 'aes_gcm_'
>>> is not recognized, enc_alg="aes_gcm_"(8), auth_alg="null", modp=""
>>> +[esp=aes_gcm_12-null]      ERROR: ESP encryption algorithm 'aes_gcm_'
>>> is not recognized, enc_alg="aes_gcm_"(12), auth_alg="null", modp=""
>>> +[esp=aes_gcm_16-null]      ERROR: ESP encryption algorithm 'aes_gcm_'
>>> is not recognized, enc_alg="aes_gcm_"(16), auth_alg="null", modp=""
>>> +[esp=aes_ccm_8-128-null]   ERROR: Non alpha char found after enc
>>> keylen end separator, just after "aes_ccm_8-" (state=ST_EK_END)
>>> +[esp=aes_ccm_12-192-null]  ERROR: Non alpha char found after enc
>>> keylen end separator, just after "aes_ccm_12-" (state=ST_EK_END)
>>> +[esp=aes_ccm_16-256-null]  ERROR: Non alpha char found after enc
>>> keylen end separator, just after "aes_ccm_16-" (state=ST_EK_END)
>>> +[esp=aes_gcm_8-128-null]   ERROR: Non alpha char found after enc
>>> keylen end separator, just after "aes_gcm_8-" (state=ST_EK_END)
>>> +[esp=aes_gcm_12-192-null]  ERROR: Non alpha char found after enc
>>> keylen end separator, just after "aes_gcm_12-" (state=ST_EK_END)
>>> +[esp=aes_gcm_16-256-null]  ERROR: Non alpha char found after enc
>>> keylen end separator, just after "aes_gcm_16-" (state=ST_EK_END)
>>> +[esp=aes_ccm_8_128-null]   ERROR: Non digit or valid separator found
>>> while reading enc keylen, just after "aes_ccm_8" (state=ST_EK)
>>> +[esp=aes_ccm_12_192-null]  ERROR: Non digit or valid separator found
>>> while reading enc keylen, just after "aes_ccm_12" (state=ST_EK)
>>> +[esp=aes_ccm_16_256-null]  ERROR: Non digit or valid separator found
>>> while reading enc keylen, just after "aes_ccm_16" (state=ST_EK)
>>> +[esp=aes_gcm_8_128-null]   ERROR: Non digit or valid separator found
>>> while reading enc keylen, just after "aes_gcm_8" (state=ST_EK)
>>> +[esp=aes_gcm_12_192-null]  ERROR: Non digit or valid separator found
>>> while reading enc keylen, just after "aes_gcm_12" (state=ST_EK)
>>> +[esp=aes_gcm_16_256-null]  ERROR: Non digit or valid separator found
>>> while reading enc keylen, just after "aes_gcm_16" (state=ST_EK)
>>>  [esp=aes_ctr]                 OK: AES_CTR(13)_000-MD5(1),
>>> AES_CTR(13)_000-SHA1(2)
>>>  [esp=aesctr]                  OK: AES_CTR(13)_000-MD5(1),
>>> AES_CTR(13)_000-SHA1(2)
>>>  [esp=aes_ctr128]              OK: AES_CTR(13)_128-MD5(1),
>>> AES_CTR(13)_128-SHA1(2)


More information about the Swan-dev mailing list