[strongSwan] failure with ike using sha2
Hi, I have just found out, that recent openssl 1.0.2 commit 929b0d70c19f60227f89fac63f22a21f21950823 breaks hmac when using openssl plugin for hmac functions (well, at least strongswan hmac prf sha256 self tests fail). If I remove the lines (in openssl crypto/hmac/hmac.c) 110 if(!ctx-key_init key == NULL) 111 return 0; and recompile all is well again. Kind regards Luka ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] failure with ike using sha2
Hi Luka, I have just found out, that recent openssl 1.0.2 commit 929b0d70c19f60227f89fac63f22a21f21950823 breaks hmac when using openssl plugin for hmac functions This commit prevents the pre-initialization with an empty key we use to avoid any non-initialized use of HMAC_Update(). Most likely we should track the state of key initialization ourselves, which allows us to remove that initialization. Can you please test the patch at [1] and let us know if that works with the new OpenSSL version? While our API use here is certainly questionable, I'm asking myself if that check in OpenSSL is a not a little too strict. Setting a zero-length key seems legitimate to me; but not sure if any protocol exists that uses such a key. Regards Martin [1]http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=openssl-hmac ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] failure with ike using sha2
Please let me know if there is a fix for openssl since changing the load order of plugin is not recommended. If you are using OpenSSL 1.0.2a, you might try the strongSwan fix provided at [1]. Regards Martin [1]http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=openssl-hmac ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] failure with ike using sha2
Hi Andreas, Noel suggested me to rearrange the order of plugins being loaded and it worked if I loaded hmac plugin before opensssl plugin. Please let me know if there is a fix for openssl since changing the load order of plugin is not recommended. Thanks! Bettina To answer your question, I was able to load sha2 plugin successfully. In the log it shows the following. Mar 27 10:15:30 00[LIB] loading feature PRF:PRF_HMAC_SHA2_256 in plugin 'openssl' Mar 27 10:15:30 00[LIB] loading feature PRF:PRF_HMAC_SHA2_384 in plugin 'openssl' Mar 27 10:15:30 00[LIB] loading feature PRF:PRF_HMAC_SHA2_512 in plugin 'openssl' Here is the information from ipsec statusall that I sent earlier. List of registered IKE algorithms: encryption: DES_CBC[des] 3DES_CBC[des] IDEA_CBC[openssl] CAST_CBC[openssl] BLOWFISH_CBC[openssl] NULL[openssl] AES_CBC[aes] CAMELLIA_CBC[openssl] DES_ECB[des] RC2_CBC[rc2] integrity: HMAC_MD5_96[openssl] HMAC_SHA1_96[openssl] AES_XCBC_96[xcbc] HMAC_MD5_128[openssl] HMAC_SHA1_160[openssl] AES_CMAC_96[cmac] HMAC_SHA2_256_128[openssl] HMAC_SHA2_384_192[openssl] HMAC_SHA2_512_256[openssl] HMAC_SHA1_128[openssl] HMAC_SHA2_256_256[openssl] HMAC_SHA2_384_384[openssl] HMAC_SHA2_512_512[openssl] CAMELLIA_XCBC_96[xcbc] aead: AES_GCM_8[openssl] AES_GCM_12[openssl] AES_GCM_16[openssl] hasher: HASH_MD4[openssl] HASH_MD5[md5] HASH_SHA1[sha1] HASH_SHA224[sha2] HASH_SHA256[sha2] HASH_SHA384[sha2] HASH_SHA512[sha2] prf:PRF_HMAC_MD5[openssl] PRF_HMAC_SHA1[openssl] PRF_AES128_XCBC[xcbc] PRF_HMAC_SHA2_256[openssl] PRF_HMAC_SHA2_384[openssl] PRF_HMAC_SHA2_512[openssl] PRF_AES128_CMAC[cmac] PRF_FIPS_SHA1_160[fips-prf] PRF_KEYED_SHA1[sha1] PRF_CAMELLIA128_XCBC[xcbc] dh-group: MODP_768[openssl] MODP_1024[openssl] MODP_1536[openssl] MODP_2048[openssl] MODP_3072[openssl] MODP_4096[openssl] MODP_6144[openssl] MODP_8192[openssl] ECP_256[openssl] ECP_384[openssl] ECP_521[openssl] MODP_1024_160[openssl] MODP_2048_224[openssl] MODP_2048_256[openssl] ECP_192[openssl] ECP_224[openssl] ECP_224_BP[openssl] ECP_256_BP[openssl] ECP_384_BP[openssl] ECP_512_BP[openssl] MODP_CUSTOM[openssl] random-gen: RNG_WEAK[openssl] RNG_STRONG[random] RNG_TRUE[random] nonce-gen: [nonce] -Original Message- From: Andreas Steffen [mailto:andreas.stef...@strongswan.org] Sent: Friday, March 27, 2015 5:01 PM To: Ko, HsuenJu; users@lists.strongswan.org Subject: Re: [strongSwan] failure with ike using sha2 Hi Bettina, are you sure that you loaded the sha2 plugin because the HMAC-SHA2 algorithms for the prf_plus seem to fail. ipsec statusall should list the sha2 plugin. Regards Andreas On 03/27/2015 04:05 PM, Ko, HsuenJu wrote: Hi , I got error of key derivation failed when I configured ike using sha2. I don't have problem with md5 or sha1. And I am using strongswan 5.1.1. Here is the corresponding log. Can someone tell me what I did wrong or is this a bug? Thanks! Bettina ike=aes128-sha256-modp2048! Mar 27 10:15:41 11[IKE] SKEYSEED = 32 bytes @ 0x41c89760 Mar 27 10:15:41 11[IKE]0: 40 06 D6 2C 40 06 D8 24 40 F5 00 20 41 C7 BB 20 @..,@..$@.. A.. Mar 27 10:15:41 11[IKE] 16: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Mar 27 10:15:41 11[IKE] key derivation failed ike=aes128-sha384-modp2048! Mar 27 10:46:03 09[IKE] SKEYSEED = 48 bytes @ 0x41c8bf70 Mar 27 10:46:03 09[IKE]0: 43 36 20 31 35 20 31 34 20 30 42 20 38 38 20 36 C6 15 14 0B 88 6 Mar 27 10:46:03 09[IKE] 16: 46 20 43 38 20 38 45 20 35 34 20 42 44 20 38 42 F C8 8E 54 BD 8B Mar 27 10:46:03 09[IKE] 32: 20 31 46 20 32 38 20 36 44 20 33 41 20 20 2E 2E 1F 28 6D 3A .. Mar 27 10:46:03 09[IKE] key derivation failed ike=aes128-sha512-modp2048! Mar 27 10:48:17 09[IKE] SKEYSEED = 64 bytes @ 0x41c8bf70 Mar 27 10:48:17 09[IKE]0: 31 45 20 38 33 20 31 33 20 38 39 20 31 36 20 34 1E 83 13 89 16 4 Mar 27 10:48:17 09[IKE] 16: 36 20 35 32 20 32 30 20 39 34 20 31 43 20 44 36 6 52 20 94 1C D6 Mar 27 10:48:17 09[IKE] 32: 20 38 39 20 37 38 20 42 43 20 39 41 20 20 69 2E 89 78 BC 9A i. Mar 27 10:48:17 09[IKE] 48: 2E 2E 2E 2E 46 52 20 2E 2E 2E 2E 78 2E 2E 0A 20 FR x... Mar 27 10:48:17 09[IKE] key derivation failed ___ Users mailing list Users@lists.strongswan.orgmailto:Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users -- == Andreas Steffen andreas.stef...@strongswan.orgmailto:andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.orghttp://www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH
Re: [strongSwan] failure with ike using sha2
Hi Martin, I was wondering about that when I saw other mails about this and I checked our openssl and I believe we are using Openssl 1.0.1j. Thanks for your help! Bettina -Original Message- From: Martin Willi [mailto:mar...@strongswan.org] Sent: Monday, March 30, 2015 8:19 AM To: Ko, HsuenJu Cc: users@lists.strongswan.org Subject: Re: [strongSwan] failure with ike using sha2 Please let me know if there is a fix for openssl since changing the load order of plugin is not recommended. If you are using OpenSSL 1.0.2a, you might try the strongSwan fix provided at [1]. Regards Martin [1]http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=openssl-hmac ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
[strongSwan] failure with ike using sha2
Hi , I got error of key derivation failed when I configured ike using sha2. I don't have problem with md5 or sha1. And I am using strongswan 5.1.1. Here is the corresponding log. Can someone tell me what I did wrong or is this a bug? Thanks! Bettina ike=aes128-sha256-modp2048! Mar 27 10:15:41 11[IKE] SKEYSEED = 32 bytes @ 0x41c89760 Mar 27 10:15:41 11[IKE]0: 40 06 D6 2C 40 06 D8 24 40 F5 00 20 41 C7 BB 20 @..,@..$@.. A.. Mar 27 10:15:41 11[IKE] 16: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Mar 27 10:15:41 11[IKE] key derivation failed ike=aes128-sha384-modp2048! Mar 27 10:46:03 09[IKE] SKEYSEED = 48 bytes @ 0x41c8bf70 Mar 27 10:46:03 09[IKE]0: 43 36 20 31 35 20 31 34 20 30 42 20 38 38 20 36 C6 15 14 0B 88 6 Mar 27 10:46:03 09[IKE] 16: 46 20 43 38 20 38 45 20 35 34 20 42 44 20 38 42 F C8 8E 54 BD 8B Mar 27 10:46:03 09[IKE] 32: 20 31 46 20 32 38 20 36 44 20 33 41 20 20 2E 2E 1F 28 6D 3A .. Mar 27 10:46:03 09[IKE] key derivation failed ike=aes128-sha512-modp2048! Mar 27 10:48:17 09[IKE] SKEYSEED = 64 bytes @ 0x41c8bf70 Mar 27 10:48:17 09[IKE]0: 31 45 20 38 33 20 31 33 20 38 39 20 31 36 20 34 1E 83 13 89 16 4 Mar 27 10:48:17 09[IKE] 16: 36 20 35 32 20 32 30 20 39 34 20 31 43 20 44 36 6 52 20 94 1C D6 Mar 27 10:48:17 09[IKE] 32: 20 38 39 20 37 38 20 42 43 20 39 41 20 20 69 2E 89 78 BC 9A i. Mar 27 10:48:17 09[IKE] 48: 2E 2E 2E 2E 46 52 20 2E 2E 2E 2E 78 2E 2E 0A 20 FR x... Mar 27 10:48:17 09[IKE] key derivation failed ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] failure with ike using sha2
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello, That sounds like the plugin that provides those algorithms is broken. You can try to work around that by making charon load another plugin, which provides the PRF algorithms for those signature algorithms, before the one you are using right now. Mit freundlichen Grüßen/Regards, Noel Kuntze Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 Am 27.03.2015 um 16:05 schrieb Ko, HsuenJu: Hi , I got error of “key derivation failed” when I configured ike using sha2. I don’t have problem with md5 or sha1. And I am using strongswan 5.1.1. Here is the corresponding log. Can someone tell me what I did wrong or is this a bug? Thanks! Bettina ike=aes128-sha256-modp2048! Mar 27 10:15:41 11[IKE] SKEYSEED = 32 bytes @ 0x41c89760 Mar 27 10:15:41 11[IKE]0: 40 06 D6 2C 40 06 D8 24 40 F5 00 20 41 C7 BB 20 @..,@..$@.. A.. Mar 27 10:15:41 11[IKE] 16: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Mar 27 10:15:41 11[IKE] key derivation failed ike=aes128-sha384-modp2048! Mar 27 10:46:03 09[IKE] SKEYSEED = 48 bytes @ 0x41c8bf70 Mar 27 10:46:03 09[IKE]0: 43 36 20 31 35 20 31 34 20 30 42 20 38 38 20 36 C6 15 14 0B 88 6 Mar 27 10:46:03 09[IKE] 16: 46 20 43 38 20 38 45 20 35 34 20 42 44 20 38 42 F C8 8E 54 BD 8B Mar 27 10:46:03 09[IKE] 32: 20 31 46 20 32 38 20 36 44 20 33 41 20 20 2E 2E 1F 28 6D 3A .. Mar 27 10:46:03 09[IKE] key derivation failed ike=aes128-sha512-modp2048! Mar 27 10:48:17 09[IKE] SKEYSEED = 64 bytes @ 0x41c8bf70 Mar 27 10:48:17 09[IKE]0: 31 45 20 38 33 20 31 33 20 38 39 20 31 36 20 34 1E 83 13 89 16 4 Mar 27 10:48:17 09[IKE] 16: 36 20 35 32 20 32 30 20 39 34 20 31 43 20 44 36 6 52 20 94 1C D6 Mar 27 10:48:17 09[IKE] 32: 20 38 39 20 37 38 20 42 43 20 39 41 20 20 69 2E 89 78 BC 9A i. Mar 27 10:48:17 09[IKE] 48: 2E 2E 2E 2E 46 52 20 2E 2E 2E 2E 78 2E 2E 0A 20 FR x... Mar 27 10:48:17 09[IKE] key derivation failed ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJVFXMnAAoJEDg5KY9j7GZYNVsP/3cRYJuUPFrzdqD9a+ZkVrYZ ObZd8GvKILYj71OEO3yRrUB8zTUqVmBVbmBJ+EMKrLJRfDLZlooFu31LQkp7H4pJ xYT3K7bPBz5hFQD8x8gt13z61Xrt/QIALvul2heyvM/BdH817Dm03Fzfa9J+rXVa K7d5ZlNJbLmMzBnN+KCXMsb46ntqrjf34wNokyQ5bFxfnStoFIG5KhrRojkybLN/ LG+mITUFNqOLIy+kMRavxejx4ylwvF4Ev6nlDVgJFD/lj0d+hlrZugpONaojuXYd 2FW8sQk2d2YznjJu61rwP4LearObFONsjzfaEwB6CQDZIgaRf2MhVHrOJxoXzdH1 qGEuNcbhFhXNeAYsZb9UnpHGHw/l7zumuQY+xXIbRlBaIY6RYTb4psq7RVuowSyx YbT00ftK6kC3rACbnPg6eRBTQkuTH5Yr5xeSyBUbr6usJOMhSrJqkq2d6EVt7XFT KVCX+GUazShrYG+R5lhKk2lcetKSISgQ2xKb3Fxi0OIrgzrp37h0U8578WEq/TGC JtX3/zZpzV278UkhTEpZFsTBwW0+COh1BQUcYOchnhyV+dlDEuPCwQjuxvuJbA3V hVlpc8x4qH9GIVCYeTim4csYP/ttZOwetCq0CALjBAHKxz78z4monbHgtFeSizgu LBJgRXQrpq5HhxY/8+Cc =BVxp -END PGP SIGNATURE- ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] failure with ike using sha2
Hi Noel, Thank you for the help. I will give it a try. Bettina -Original Message- From: Noel Kuntze [mailto:n...@familie-kuntze.de] Sent: Friday, March 27, 2015 12:36 PM To: Ko, HsuenJu; users@lists.strongswan.org Subject: Re: [strongSwan] failure with ike using sha2 -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello Bettina, Yes, try loading the hmac plugin first. To change the load order of the plugins, you need to set charon.load in strongswan.conf to the list of plugins you want to load. As a starting point for the list, you can take the loaded plugins list in the output of ipsec statusall. For the syntax of the file, look at the man page for strongswan.conf Mit freundlichen Grüßen/Kind Regards, Noel Kuntze GPG Key ID: 0x63EC6658 Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 Am 27.03.2015 um 16:33 schrieb Ko, HsuenJu: Hi Noel, Here is some output from ipsec statusall. Status of IKE charon daemon (strongSwan 5.1.1, VOS OpenVOS Release 18.0.0af, i786): ... loaded plugins: charon aes des rc2 sha1 sha2 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey pem openssl fips-prf xcbc cmac hmac attr kernel-pfkey kernel-pfroute resolve socket-default stroke updown xauth-generic Here is some output from ipsec listall. List of registered IKE algorithms: encryption: DES_CBC[des] 3DES_CBC[des] IDEA_CBC[openssl] CAST_CBC[openssl] BLOWFISH_CBC[openssl] NULL[openssl] AES_CBC[aes] CAMELLIA_CBC[openssl] DES_ECB[des] RC2_CBC[rc2] integrity: HMAC_MD5_96[openssl] HMAC_SHA1_96[openssl] AES_XCBC_96[xcbc] HMAC_MD5_128[openssl] HMAC_SHA1_160[openssl] AES_CMAC_96[cmac] HMAC_SHA2_256_128[openssl] HMAC_SHA2_384_192[openssl] HMAC_SHA2_512_256[openssl] HMAC_SHA1_128[openssl] HMAC_SHA2_256_256[openssl] HMAC_SHA2_384_384[openssl] HMAC_SHA2_512_512[openssl] CAMELLIA_XCBC_96[xcbc] aead: AES_GCM_8[openssl] AES_GCM_12[openssl] AES_GCM_16[openssl] hasher: HASH_MD4[openssl] HASH_MD5[md5] HASH_SHA1[sha1] HASH_SHA224[sha2] HASH_SHA256[sha2] HASH_SHA384[sha2] HASH_SHA512[sha2] prf:PRF_HMAC_MD5[openssl] PRF_HMAC_SHA1[openssl] PRF_AES128_XCBC[xcbc] PRF_HMAC_SHA2_256[openssl] PRF_HMAC_SHA2_384[openssl] PRF_HMAC_SHA2_512[openssl]PRF_AES128_CMAC[cmac] PRF_FIPS_SHA1_160[fips-prf] PRF_KEYED_SHA1[sha1] PRF_CAMELLIA128_XCBC[xcbc] dh-group: MODP_768[openssl] MODP_1024[openssl] MODP_1536[openssl] MODP_2048[openssl] MODP_3072[openssl] MODP_4096[openssl] MODP_6144[openssl] MODP_8192[openssl] ECP_256[openssl] ECP_384[openssl] ECP_521[openssl] MODP_1024_160[openssl] MODP_2048_224[openssl] MODP_2048_256[openssl] ECP_192[openssl] ECP_224[openssl] ECP_224_BP[openssl] ECP_256_BP[openssl] ECP_384_BP[openssl] ECP_512_BP[openssl] MODP_CUSTOM[openssl] random-gen: RNG_WEAK[openssl] RNG_STRONG[random] RNG_TRUE[random] nonce-gen: [nonce] Here is just very simple connection. conn test_14 left=10.2.14.122 leftauth=pubkey leftcert=test_2.14_cert_ipv4.der right=10.2.14.120 esp=aes128-sha256-modp2048! ike=aes128-sha512-modp2048! keyingtries=8 rightauth=pubkey It looks like both openssl and hmac supports that. Should I try load hmac first? How do I change that order? Thanks! Bettina -Original Message- From: Noel Kuntze [mailto:n...@familie-kuntze.de] Sent: Friday, March 27, 2015 11:19 AM To: Ko, HsuenJu; users@lists.strongswan.org Subject: Re: [strongSwan] failure with ike using sha2 Hello Bettina, First, you have to find out what plugin currently provides those algorithms. Do that by examining the list of loaded plugins in the output of ipsec statusall. On my box, sha1 and sha2 can be either supplied by the af-alg, hmac or openssl plugin. The plugin which is loaded first supplies them. To make your life easier, I advise to post the list of loaded plugins here, so we can look at it and help you. Furthermore, please state what version of strongswan you are using and what the content of your strongswan.conf is. Mit freundlichen Grüßen/Regards, Noel Kuntze Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 Am 27.03.2015 um 16:12 schrieb Ko, HsuenJu: Hi, Thanks for the information. How do I find out which plugin to try? Bettina -Original Message- From: users-boun...@lists.strongswan.org mailto:users-boun...@lists.strongswan.org [mailto:users-boun...@lists.strongswan.org] On Behalf Of Noel Kuntze Sent: Friday, March 27, 2015 11:12 AM To: users@lists.strongswan.org mailto:users@lists.strongswan.org Subject: Re: [strongSwan] failure with ike using sha2 Hello, That sounds like the plugin that provides those algorithms is broken. You can try to work around that by making charon load
Re: [strongSwan] failure with ike using sha2
Hi Noel, Here is some output from ipsec statusall. Status of IKE charon daemon (strongSwan 5.1.1, VOS OpenVOS Release 18.0.0af, i786): ... loaded plugins: charon aes des rc2 sha1 sha2 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey pem openssl fips-prf xcbc cmac hmac attr kernel-pfkey kernel-pfroute resolve socket-default stroke updown xauth-generic Here is some output from ipsec listall. List of registered IKE algorithms: encryption: DES_CBC[des] 3DES_CBC[des] IDEA_CBC[openssl] CAST_CBC[openssl] BLOWFISH_CBC[openssl] NULL[openssl] AES_CBC[aes] CAMELLIA_CBC[openssl] DES_ECB[des] RC2_CBC[rc2] integrity: HMAC_MD5_96[openssl] HMAC_SHA1_96[openssl] AES_XCBC_96[xcbc] HMAC_MD5_128[openssl] HMAC_SHA1_160[openssl] AES_CMAC_96[cmac] HMAC_SHA2_256_128[openssl] HMAC_SHA2_384_192[openssl] HMAC_SHA2_512_256[openssl] HMAC_SHA1_128[openssl] HMAC_SHA2_256_256[openssl] HMAC_SHA2_384_384[openssl] HMAC_SHA2_512_512[openssl] CAMELLIA_XCBC_96[xcbc] aead: AES_GCM_8[openssl] AES_GCM_12[openssl] AES_GCM_16[openssl] hasher: HASH_MD4[openssl] HASH_MD5[md5] HASH_SHA1[sha1] HASH_SHA224[sha2] HASH_SHA256[sha2] HASH_SHA384[sha2] HASH_SHA512[sha2] prf:PRF_HMAC_MD5[openssl] PRF_HMAC_SHA1[openssl] PRF_AES128_XCBC[xcbc] PRF_HMAC_SHA2_256[openssl] PRF_HMAC_SHA2_384[openssl] PRF_HMAC_SHA2_512[openssl] PRF_AES128_CMAC[cmac] PRF_FIPS_SHA1_160[fips-prf] PRF_KEYED_SHA1[sha1] PRF_CAMELLIA128_XCBC[xcbc] dh-group: MODP_768[openssl] MODP_1024[openssl] MODP_1536[openssl] MODP_2048[openssl] MODP_3072[openssl] MODP_4096[openssl] MODP_6144[openssl] MODP_8192[openssl] ECP_256[openssl] ECP_384[openssl] ECP_521[openssl] MODP_1024_160[openssl] MODP_2048_224[openssl] MODP_2048_256[openssl] ECP_192[openssl] ECP_224[openssl] ECP_224_BP[openssl] ECP_256_BP[openssl] ECP_384_BP[openssl] ECP_512_BP[openssl] MODP_CUSTOM[openssl] random-gen: RNG_WEAK[openssl] RNG_STRONG[random] RNG_TRUE[random] nonce-gen: [nonce] Here is just very simple connection. conn test_14 left=10.2.14.122 leftauth=pubkey leftcert=test_2.14_cert_ipv4.der right=10.2.14.120 esp=aes128-sha256-modp2048! ike=aes128-sha512-modp2048! keyingtries=8 rightauth=pubkey It looks like both openssl and hmac supports that. Should I try load hmac first? How do I change that order? Thanks! Bettina -Original Message- From: Noel Kuntze [mailto:n...@familie-kuntze.de] Sent: Friday, March 27, 2015 11:19 AM To: Ko, HsuenJu; users@lists.strongswan.org Subject: Re: [strongSwan] failure with ike using sha2 -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello Bettina, First, you have to find out what plugin currently provides those algorithms. Do that by examining the list of loaded plugins in the output of ipsec statusall. On my box, sha1 and sha2 can be either supplied by the af-alg, hmac or openssl plugin. The plugin which is loaded first supplies them. To make your life easier, I advise to post the list of loaded plugins here, so we can look at it and help you. Furthermore, please state what version of strongswan you are using and what the content of your strongswan.conf is. Mit freundlichen Grüßen/Regards, Noel Kuntze Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 Am 27.03.2015 um 16:12 schrieb Ko, HsuenJu: Hi, Thanks for the information. How do I find out which plugin to try? Bettina -Original Message- From: users-boun...@lists.strongswan.orgmailto:users-boun...@lists.strongswan.org [mailto:users-boun...@lists.strongswan.org] On Behalf Of Noel Kuntze Sent: Friday, March 27, 2015 11:12 AM To: users@lists.strongswan.orgmailto:users@lists.strongswan.org Subject: Re: [strongSwan] failure with ike using sha2 Hello, That sounds like the plugin that provides those algorithms is broken. You can try to work around that by making charon load another plugin, which provides the PRF algorithms for those signature algorithms, before the one you are using right now. Mit freundlichen Grüßen/Regards, Noel Kuntze Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 Am 27.03.2015 um 16:05 schrieb Ko, HsuenJu: Hi , I got error of “key derivation failed” when I configured ike using sha2. I don’t have problem with md5 or sha1. And I am using strongswan 5.1.1. Here is the corresponding log. Can someone tell me what I did wrong or is this a bug? Thanks! Bettina ike=aes128-sha256-modp2048! Mar 27 10:15:41 11[IKE] SKEYSEED = 32 bytes @ 0x41c89760 Mar 27 10:15:41 11[IKE]0: 40 06 D6 2C 40 06 D8 24 40 F5 00 20 41 C7 BB 20 @..,@..$@.. A.. Mar 27 10:15:41 11[IKE] 16: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Mar 27 10:15:41 11[IKE] key derivation failed ike=aes128-sha384-modp2048! Mar
Re: [strongSwan] failure with ike using sha2
Hi, Thanks for the information. How do I find out which plugin to try? Bettina -Original Message- From: users-boun...@lists.strongswan.org [mailto:users-boun...@lists.strongswan.org] On Behalf Of Noel Kuntze Sent: Friday, March 27, 2015 11:12 AM To: users@lists.strongswan.org Subject: Re: [strongSwan] failure with ike using sha2 -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello, That sounds like the plugin that provides those algorithms is broken. You can try to work around that by making charon load another plugin, which provides the PRF algorithms for those signature algorithms, before the one you are using right now. Mit freundlichen Grüßen/Regards, Noel Kuntze Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 Am 27.03.2015 um 16:05 schrieb Ko, HsuenJu: Hi , I got error of “key derivation failed” when I configured ike using sha2. I don’t have problem with md5 or sha1. And I am using strongswan 5.1.1. Here is the corresponding log. Can someone tell me what I did wrong or is this a bug? Thanks! Bettina ike=aes128-sha256-modp2048! Mar 27 10:15:41 11[IKE] SKEYSEED = 32 bytes @ 0x41c89760 Mar 27 10:15:41 11[IKE]0: 40 06 D6 2C 40 06 D8 24 40 F5 00 20 41 C7 BB 20 @..,@..$@.. A.. Mar 27 10:15:41 11[IKE] 16: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Mar 27 10:15:41 11[IKE] key derivation failed ike=aes128-sha384-modp2048! Mar 27 10:46:03 09[IKE] SKEYSEED = 48 bytes @ 0x41c8bf70 Mar 27 10:46:03 09[IKE]0: 43 36 20 31 35 20 31 34 20 30 42 20 38 38 20 36 C6 15 14 0B 88 6 Mar 27 10:46:03 09[IKE] 16: 46 20 43 38 20 38 45 20 35 34 20 42 44 20 38 42 F C8 8E 54 BD 8B Mar 27 10:46:03 09[IKE] 32: 20 31 46 20 32 38 20 36 44 20 33 41 20 20 2E 2E 1F 28 6D 3A .. Mar 27 10:46:03 09[IKE] key derivation failed ike=aes128-sha512-modp2048! Mar 27 10:48:17 09[IKE] SKEYSEED = 64 bytes @ 0x41c8bf70 Mar 27 10:48:17 09[IKE]0: 31 45 20 38 33 20 31 33 20 38 39 20 31 36 20 34 1E 83 13 89 16 4 Mar 27 10:48:17 09[IKE] 16: 36 20 35 32 20 32 30 20 39 34 20 31 43 20 44 36 6 52 20 94 1C D6 Mar 27 10:48:17 09[IKE] 32: 20 38 39 20 37 38 20 42 43 20 39 41 20 20 69 2E 89 78 BC 9A i. Mar 27 10:48:17 09[IKE] 48: 2E 2E 2E 2E 46 52 20 2E 2E 2E 2E 78 2E 2E 0A 20 FR x... Mar 27 10:48:17 09[IKE] key derivation failed ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJVFXMnAAoJEDg5KY9j7GZYNVsP/3cRYJuUPFrzdqD9a+ZkVrYZ ObZd8GvKILYj71OEO3yRrUB8zTUqVmBVbmBJ+EMKrLJRfDLZlooFu31LQkp7H4pJ xYT3K7bPBz5hFQD8x8gt13z61Xrt/QIALvul2heyvM/BdH817Dm03Fzfa9J+rXVa K7d5ZlNJbLmMzBnN+KCXMsb46ntqrjf34wNokyQ5bFxfnStoFIG5KhrRojkybLN/ LG+mITUFNqOLIy+kMRavxejx4ylwvF4Ev6nlDVgJFD/lj0d+hlrZugpONaojuXYd 2FW8sQk2d2YznjJu61rwP4LearObFONsjzfaEwB6CQDZIgaRf2MhVHrOJxoXzdH1 qGEuNcbhFhXNeAYsZb9UnpHGHw/l7zumuQY+xXIbRlBaIY6RYTb4psq7RVuowSyx YbT00ftK6kC3rACbnPg6eRBTQkuTH5Yr5xeSyBUbr6usJOMhSrJqkq2d6EVt7XFT KVCX+GUazShrYG+R5lhKk2lcetKSISgQ2xKb3Fxi0OIrgzrp37h0U8578WEq/TGC JtX3/zZpzV278UkhTEpZFsTBwW0+COh1BQUcYOchnhyV+dlDEuPCwQjuxvuJbA3V hVlpc8x4qH9GIVCYeTim4csYP/ttZOwetCq0CALjBAHKxz78z4monbHgtFeSizgu LBJgRXQrpq5HhxY/8+Cc =BVxp -END PGP SIGNATURE- ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] failure with ike using sha2
Hi Bettina, are you sure that you loaded the sha2 plugin because the HMAC-SHA2 algorithms for the prf_plus seem to fail. ipsec statusall should list the sha2 plugin. Regards Andreas On 03/27/2015 04:05 PM, Ko, HsuenJu wrote: Hi , I got error of “key derivation failed” when I configured ike using sha2. I don’t have problem with md5 or sha1. And I am using strongswan 5.1.1. Here is the corresponding log. Can someone tell me what I did wrong or is this a bug? Thanks! Bettina ike=aes128-sha256-modp2048! Mar 27 10:15:41 11[IKE] SKEYSEED = 32 bytes @ 0x41c89760 Mar 27 10:15:41 11[IKE]0: 40 06 D6 2C 40 06 D8 24 40 F5 00 20 41 C7 BB 20 @..,@..$@.. A.. Mar 27 10:15:41 11[IKE] 16: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Mar 27 10:15:41 11[IKE] key derivation failed ike=aes128-sha384-modp2048! Mar 27 10:46:03 09[IKE] SKEYSEED = 48 bytes @ 0x41c8bf70 Mar 27 10:46:03 09[IKE]0: 43 36 20 31 35 20 31 34 20 30 42 20 38 38 20 36 C6 15 14 0B 88 6 Mar 27 10:46:03 09[IKE] 16: 46 20 43 38 20 38 45 20 35 34 20 42 44 20 38 42 F C8 8E 54 BD 8B Mar 27 10:46:03 09[IKE] 32: 20 31 46 20 32 38 20 36 44 20 33 41 20 20 2E 2E 1F 28 6D 3A .. Mar 27 10:46:03 09[IKE] key derivation failed ike=aes128-sha512-modp2048! Mar 27 10:48:17 09[IKE] SKEYSEED = 64 bytes @ 0x41c8bf70 Mar 27 10:48:17 09[IKE]0: 31 45 20 38 33 20 31 33 20 38 39 20 31 36 20 34 1E 83 13 89 16 4 Mar 27 10:48:17 09[IKE] 16: 36 20 35 32 20 32 30 20 39 34 20 31 43 20 44 36 6 52 20 94 1C D6 Mar 27 10:48:17 09[IKE] 32: 20 38 39 20 37 38 20 42 43 20 39 41 20 20 69 2E 89 78 BC 9A i. Mar 27 10:48:17 09[IKE] 48: 2E 2E 2E 2E 46 52 20 2E 2E 2E 2E 78 2E 2E 0A 20 FR x... Mar 27 10:48:17 09[IKE] key derivation failed ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[ITA-HSR]== smime.p7s Description: S/MIME Cryptographic Signature ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
