[Swan] HMAC_SHA1 length
Tuomo Soini
tis at foobar.fi
Thu Jul 23 09:10:05 UTC 2020
On Thu, 23 Jul 2020 10:24:37 +0200
Pavol Hustý <pavol.husty at gmail.com> wrote:
> I have running configuration libreswan with "ESP algorithm newest:
> AES_CBC_256-HMAC_SHA1_96".
>
> Questions: How to force or set current configuration libreswan to ESP
> algorithms with sha1 160 bit length. It is possible?
No, there is no such version of HMAC_SHA1. Hashing key is always
truncated with sha1 and sha2. With sha1 to 96 bits and with sha2_256 to
128 bits.
--
Tuomo Soini <tis at foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <https://foobar.fi/>
More information about the Swan
mailing list