[Swan-dev] Does IKEv2's CAST-128 require a Key Length attribute

Andrew Cagney andrew.cagney at gmail.com
Fri Jul 27 20:59:11 UTC 2018 

The current code always includes the key-length in a cast proposal.

I'm not sure what happens if we get a cast proposal with no key
length, but I suspect it is currently rejected.
On Fri, 27 Jul 2018 at 15:58, Paul Wouters <paul at nohats.ca> wrote:
>
> Yes send it to ensure the other end knows the only key size we are willing to do.
>
> If we didn’t already sent it, maybe add an option to assume our default key size ?
>
> Sent from my phone
>
> > On Jul 27, 2018, at 12:35, Andrew Cagney <andrew.cagney at gmail.com> wrote:
> >
> > (yes, I know its about to get killed)
> >
> > I've been checking our algorithms for when key-length is included and
> > cast came up, it currently includes a key length.  I suspect it is
> > optional.
> >
> > First there's clause #1, even though the underlying algorithm requires
> > a fixed 128-bit key, this clause doesn't apply as rfc2451 specifies
> > that different key-lengths can be negotiated:
> >
> >   o  The Key Length attribute MUST NOT be used with transforms that use
> >      a fixed-length key.  For example, this includes ENCR_DES,
> >      ENCR_IDEA, and all the Type 2 (Pseudorandom Function) and Type 3
> >      (Integrity Algorithm) transforms specified in this document.  It
> >      is recommended that future Type 2 or 3 transforms do not use this
> >      attribute.
> >
> > Then there's clause #2, I argue that it doesn't apply 'just because I
> > think clause #3 is a better fit'':
> >
> >   o  Some transforms specify that the Key Length attribute MUST be
> >      always included (omitting the attribute is not allowed, and
> >      proposals not containing it MUST be rejected).  For example, this
> >      includes ENCR_AES_CBC and ENCR_AES_CTR.
> >
> > This leaves clause #3, since in rfc2451 it is described as
> > variable-length and is shown with a default key, I'm thinking this is
> > the one that applies:
> >
> >   o  Some transforms allow variable-length keys, but also specify a
> >      default key length if the attribute is not included.  For example,
> >      these transforms include ENCR_RC5 and ENCR_BLOWFISH.
> >
> > SNAFU
> > _______________________________________________
> > Swan-dev mailing list
> > Swan-dev at lists.libreswan.org
> > https://lists.libreswan.org/mailman/listinfo/swan-dev
>

More information about the Swan-dev mailing list