[Swan] SHA2 support for ESP in KLIPS?

Elison Niven elison.niven at cyberoam.com
Mon Jun 24 16:35:48 EEST 2013 

Many thanks for your reply David.

I rebuilt my kernel with ocf-linux and this patch.

# lsmod | grep ipsec
ipsec                 252672  2
ocf                    19540  3 ipsec,cryptosoft,cryptodev

# ipsec auto --status shows SHA2 for ESP
algorithm ESP auth attr: id=5, name=AUTH_ALGORITHM_HMAC_SHA2_256, 
keysizemin=256, keysizemax=256
algorithm ESP auth attr: id=6, name=AUTH_ALGORITHM_HMAC_SHA2_384, 
keysizemin=384, keysizemax=384
algorithm ESP auth attr: id=7, name=AUTH_ALGORITHM_HMAC_SHA2_512, 
keysizemin=512, keysizemax=512

When I establish a connection using esp=aes128-sha2_256, pluto quits saying:

"SHA2" #2: responding to Quick Mode {msgid:98d24ff3}
"SHA2" #2: ASSERTION FAILED at ikev1_quick.c:266: case 5 unexpected

So I applied this patch :
--- programs/pluto/ikev1_quick.c
+++ programs/pluto/ikev1_quick.c
@@ -255,6 +255,15 @@
  	    case AUTH_ALGORITHM_HMAC_SHA1:
  		needed_len += HMAC_SHA1_KEY_LEN;
  		break;
+	    case AUTH_ALGORITHM_HMAC_SHA2_256:
+		needed_len += SHA2_256_DIGEST_SIZE;
+		break;
+	    case AUTH_ALGORITHM_HMAC_SHA2_384:
+		needed_len += SHA2_384_DIGEST_SIZE;
+		break;
+	    case AUTH_ALGORITHM_HMAC_SHA2_512:
+		needed_len += SHA2_512_DIGEST_SIZE;
+		break;
  	    default:
  #ifdef KERNEL_ALG
  	      if (kernel_alg_esp_auth_ok(pi->attrs.auth, NULL)) {

Now the SA establishes, but KLIPS is not able to decrypt SHA2 (SHA1 
works fine) with error :

klips_debug:ipsec_ocf_rcv_cb: error in processing 0xffffffea

The full log is as below:

klips_debug: ipsec_rcv_init(st=0,nxt=1)
klips_debug:ipsec_rcv: <<< Info -- skb->dev=eth0
klips_debug:klips26_rcv_encap: assigning packet ownership to virtual 
device ipsec0 from physical device eth0.
klips_debug:   IP: ihl:20 ver:4 tos:0 tlen:156 id:0 DF frag_off:0 ttl:64 
proto:50 (ESP) chk:5974 saddr:10.103.6.114 daddr:10.103.7.155
klips_debug: ipsec_rcv_decap_init(st=1,nxt=2)
klips_debug: ipsec_rcv_decap_lookup(st=2,nxt=3)
klips_debug: ipsec_rcv_auth_init(st=3,nxt=4)
ipsec_sa_getbyid: linked entry in ipsec_sa table for hash=107 of 
SA:esp.38e80b33 at 10.103.7.155 requested.
ipsec_sa_get: ipsec_sa c99c9400 SA:esp.38e80b33 at 10.103.7.155, ref:10 
reference count (3++) incremented by ipsec_sa_getbyid:566.
klips_debug:ipsec_rcv: SA:esp.38e80b33 at 10.103.7.155, src=10.103.6.114 of 
pkt agrees with expected SA source address policy.
klips_debug:ipsec_rcv: SA:esp.38e80b33 at 10.103.7.155 First SA in group.
klips_debug:ipsec_rcv: natt_type=0 tdbp->ips_natt_type=0 : ok
klips_debug:ipsec_rcv: packet from 10.103.6.114 received with seq=1 
(iv)=0xabf29bd2d23e7104 iplen=136 esplen=124 sa=esp.38e80b33 at 10.103.7.155
klips_debug: ipsec_rcv_auth_calc(st=5,nxt=6)
klips_debug:ipsec_rcv: encalg = 12, authalg = 5.
klips_debug:ipsec_ocf_rcv
klips_debug:ipsec_ocf_rcv_cb
klips_debug:ipsec_ocf_rcv_cb: error in processing 0xffffffea
ipsec_sa_getbyid: linked entry in ipsec_sa table for hash=107 of 
SA:esp.38e80b33 at 10.103.7.155 requested.
ipsec_sa_get: ipsec_sa c99c9400 SA:esp.38e80b33 at 10.103.7.155, ref:10 
reference count (4++) incremented by ipsec_sa_getbyid:566.
ipsec_sa_put: ipsec_sa c99c9400 SA:esp.38e80b33 at 10.103.7.155, ref:10 
reference count (5--) decremented by ipsec_rsm:1806.
ipsec_sa_put: ipsec_sa c99c9400 SA:esp.38e80b33 at 10.103.7.155, ref:10 
reference count (4--) decremented by ipsec_rsm:1848.

On Saturday 22 June 2013 03:36 AM, David McCullough wrote:
>
> Elison Niven wrote the following:
>> This is great ! I compiled this with 2.6.27 and it compiled without
>> any errors.
>> However, SHA2 does not show up for ESP auth attr in ipsec auto --status.
>>
>> Looking through ipsec_alg_init and ipsec_alg_static_init if I find
>> somethig.
>
> Ok, thats patch was not quote there and doesn't actually build.
> To use it you will need to build and install ocf-linux.  Get the latest
> from sourceforge and follow the READ for the quickstart and openswan
> section should get what you want.
>
> Attached is the compile tested version ;-)
>
> Cheers,
> Davidm
>
>>
>> On Friday 21 June 2013 07:22:26 PM IST, David McCullough wrote:
>>>
>>> Paul Wouters wrote the following:
>>>> On Fri, 21 Jun 2013, Elison Niven wrote:
>>>>
>>>>> Is SHA2 supported for ESP when using KLIPS?
>>>>> https://www.openswan.org/issues/331
>>>>
>>>> No, it is not. KLIPS should really use more of the crypto api, so
>>>> that these ciphers and hashes become available to it, but I'm not
>>>> sure how that impacts the OCF acceleration. David can probably
>>>> say more about that,
>>>
>>> Ok,   the current cryptoapi support in klips only does ciphers.
>>> It would be nice if it did hashes and combined modes but it needs
>>> quite some work for this to happen.
>>>
>>> If I wanted SHA2 and klips quickly I would probably do it via OCF because
>>> the OCF crptosoft driver (thats uses the kernels cryptoapi) already
>>> supports SH256/SHA384 and SHA512.  So all that should be needed is to
>>> extend ipsec_ocf to support SHA2 and test/fix the combination.
>>>
>>> The attached patch (untested,  not even compiled) should get you pretty
>>> close.  Paul, if someone can at least compile test this I am happy to have
>>> it included as it breaks nothing and should get us closer to working sha2
>>> via OCF at least,
>>>
>>> Cheers,
>>> Davidm
>>>
>>
>> --
>> Best Regards,
>> Elison Niven
>>
>

-- 
Best Regards,
Elison Niven

More information about the Swan mailing list