PS: here's the full list: http://testing.libreswan.org/results/v3.20-766-g2c286b1-master/basic-pluto-00/algparse.fips.v.txt
the first column is the full name, and the names in () are alternate names On 27 July 2017 at 17:16, Andrew Cagney <[email protected]> wrote: > On 27 July 2017 at 16:47, Paul Wouters <[email protected]> wrote: >> On Wed, 26 Jul 2017, Andrew Cagney wrote: >> >>> Subject: Re: [Swan-dev] the great algorithm rename >>> >>> FYI, I did a partial merge (I don't like sitting on changes), >> >> >> So what part is still missing? > > Any code in pluto that prints the crypto-suite that is either proposed > or selected. For instance, switching to consistent names would affect > output like: > > 134 "xauth-road-eastnet" #2: STATE_PARENT_I2: sent v2I2, expected v2R2 > {auth=IKEv2 cipher=aes_gcm_16_256 integ=n/a prf=sha2_512 > group=MODP2048} > 004 "xauth-road-eastnet" #2: STATE_V2_IPSEC_I: IPsec SA established > tunnel mode {ESP=>0xESPESP <0xESPESP xfrm=AES_GCM_C_256-NONE > NATOA=none NATD=none DPD=passive} > > fixing it involves sed. > >>> For instance: >>> >>> $ ./algparse -v ike=aes >>> ./algparse Encryption algorithms: >>> ./algparse AES_CCM_16 IKEv1: ESP IKEv2: ESP >>> FIPS {256,192,*128} (aes_ccm aes_ccm_c) >> >> >> I'm confused "aes" can mean aes_ccm? Shouldn't it only refer to aes_cbc ? > > the above is for AES_CCM_16. Begs the question, should our > "preferred" fully qualified name be AES_CCM_C or AES_CCM_16, the > parser accepts either. > > For plain AES there is the line: > > AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS > {256,192,*128} (aes) > >> Paul _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
