[Swan-dev] new test failures
Paul Wouters
paul at nohats.ca
Wed Feb 13 19:46:37 UTC 2019
On Wed, 13 Feb 2019, Andrew Cagney wrote:
> So looking at the parser, officially, for IKE, it expected:
>
> encr-prf-dh
>
> but, unofficially, it could also parse (I don't think this was documented?):
>
> encr-prf-integ-dh
>
> if we reverse things vis:
>
> encr-integ-[prf]-dh
>
> then proposals like:
>
> aes-sha1
>
> all still work fine - prf can be painfully derived from integ, but:
>
> aes_gcm-sha1
>
> would break; force aes_gcm-none-sha1, or require some heuristic to
> figure out <integ> should be skipped.
Sure, so I guess encr-prf[-integ]-dh it is. I mean prf should be integ
in all non-aead cases anyway. At least, we used to only support those
and I wouldn't mind to keep it that way. I dont think we ever tested
prf != integ on non-AEAD. So be careful allowing that now without a
bunch of a new tests.
so what happens now with ike=aes-sha2-sha2-dh14 ?
Paul
More information about the Swan-dev
mailing list