[Swan-dev] Does IKEv2's CAST-128 require a Key Length attribute
Andrew Cagney
andrew.cagney at gmail.com
Fri Jul 27 19:35:59 UTC 2018
(yes, I know its about to get killed)
I've been checking our algorithms for when key-length is included and
cast came up, it currently includes a key length. I suspect it is
optional.
First there's clause #1, even though the underlying algorithm requires
a fixed 128-bit key, this clause doesn't apply as rfc2451 specifies
that different key-lengths can be negotiated:
o The Key Length attribute MUST NOT be used with transforms that use
a fixed-length key. For example, this includes ENCR_DES,
ENCR_IDEA, and all the Type 2 (Pseudorandom Function) and Type 3
(Integrity Algorithm) transforms specified in this document. It
is recommended that future Type 2 or 3 transforms do not use this
attribute.
Then there's clause #2, I argue that it doesn't apply 'just because I
think clause #3 is a better fit'':
o Some transforms specify that the Key Length attribute MUST be
always included (omitting the attribute is not allowed, and
proposals not containing it MUST be rejected). For example, this
includes ENCR_AES_CBC and ENCR_AES_CTR.
This leaves clause #3, since in rfc2451 it is described as
variable-length and is shown with a default key, I'm thinking this is
the one that applies:
o Some transforms allow variable-length keys, but also specify a
default key length if the attribute is not included. For example,
these transforms include ENCR_RC5 and ENCR_BLOWFISH.
SNAFU
More information about the Swan-dev
mailing list