[Swan-dev] the great algorithm rename
Andrew Cagney
andrew.cagney at gmail.com
Thu Jul 27 21:23:53 UTC 2017
PS: here's the full list:
http://testing.libreswan.org/results/v3.20-766-g2c286b1-master/basic-pluto-00/algparse.fips.v.txt
the first column is the full name, and the names in () are alternate names
On 27 July 2017 at 17:16, Andrew Cagney <andrew.cagney at gmail.com> wrote:
> On 27 July 2017 at 16:47, Paul Wouters <paul at nohats.ca> wrote:
>> On Wed, 26 Jul 2017, Andrew Cagney wrote:
>>
>>> Subject: Re: [Swan-dev] the great algorithm rename
>>>
>>> FYI, I did a partial merge (I don't like sitting on changes),
>>
>>
>> So what part is still missing?
>
> Any code in pluto that prints the crypto-suite that is either proposed
> or selected. For instance, switching to consistent names would affect
> output like:
>
> 134 "xauth-road-eastnet" #2: STATE_PARENT_I2: sent v2I2, expected v2R2
> {auth=IKEv2 cipher=aes_gcm_16_256 integ=n/a prf=sha2_512
> group=MODP2048}
> 004 "xauth-road-eastnet" #2: STATE_V2_IPSEC_I: IPsec SA established
> tunnel mode {ESP=>0xESPESP <0xESPESP xfrm=AES_GCM_C_256-NONE
> NATOA=none NATD=none DPD=passive}
>
> fixing it involves sed.
>
>>> For instance:
>>>
>>> $ ./algparse -v ike=aes
>>> ./algparse Encryption algorithms:
>>> ./algparse AES_CCM_16 IKEv1: ESP IKEv2: ESP
>>> FIPS {256,192,*128} (aes_ccm aes_ccm_c)
>>
>>
>> I'm confused "aes" can mean aes_ccm? Shouldn't it only refer to aes_cbc ?
>
> the above is for AES_CCM_16. Begs the question, should our
> "preferred" fully qualified name be AES_CCM_C or AES_CCM_16, the
> parser accepts either.
>
> For plain AES there is the line:
>
> AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS
> {256,192,*128} (aes)
>
>> Paul
More information about the Swan-dev
mailing list