Is there a particular reason we only support AES-128-CTR ("AESCTR")
with isakmpd(8), but not the 192- and 256-bit variants like we do
for AES-CBC and AES-GCM?
If not, and I assume it's just a historic oversight, how about this?
Adds AES-{128,192,256}-CTR to ipsecctl(8) and isakmpd(8).
There is nothing to do for the kernel side and in fact you could
already set up manual SAs with "enc aesctr" and 192+32 and 256+32
bit keys (but don't ever do that in earnest with counter mode
ciphers!).
Index: sbin/ipsecctl/ike.c
===================================================================
RCS file: /cvs/src/sbin/ipsecctl/ike.c,v
retrieving revision 1.70
diff -u -p -r1.70 ike.c
--- sbin/ipsecctl/ike.c 8 Nov 2011 13:26:06 -0000 1.70
+++ sbin/ipsecctl/ike.c 28 Jun 2012 20:53:19 -0000
@@ -223,6 +223,15 @@ ike_section_p2(struct ipsec_rule *r, FIL
case ENCXF_AESCTR:
fprintf(fd, "AESCTR");
break;
+ case ENCXF_AES_128_CTR:
+ fprintf(fd, "AESCTR-128");
+ break;
+ case ENCXF_AES_192_CTR:
+ fprintf(fd, "AESCTR-192");
+ break;
+ case ENCXF_AES_256_CTR:
+ fprintf(fd, "AESCTR-256");
+ break;
case ENCXF_AES_128_GCM:
fprintf(fd, "AESGCM-128");
needauth = 0;
Index: sbin/ipsecctl/ipsec.conf.5
===================================================================
RCS file: /cvs/src/sbin/ipsecctl/ipsec.conf.5,v
retrieving revision 1.137
diff -u -p -r1.137 ipsec.conf.5
--- sbin/ipsecctl/ipsec.conf.5 24 Apr 2012 14:56:09 -0000 1.137
+++ sbin/ipsecctl/ipsec.conf.5 28 Jun 2012 20:59:29 -0000
@@ -587,7 +587,7 @@ One practical way of generating keys is
.Xr openssl 1 .
The following generates a 160-bit (20-byte) key:
.Bd -literal -offset indent
-$ openssl rand 20 | hexdump -e '20/1 "%02x"'
+$ openssl rand -hex 20
.Ed
.Pp
The following authentication types are permitted with the
@@ -615,6 +615,9 @@ keyword:
.It Li aes-192 Ta "192 bits" Ta ""
.It Li aes-256 Ta "256 bits" Ta ""
.It Li aesctr Ta "160 bits" Ta "[phase 2 only]"
+.It Li aes-128-ctr Ta "160 bits" Ta "[phase 2 only]"
+.It Li aes-192-ctr Ta "224 bits" Ta "[phase 2 only]"
+.It Li aes-256-ctr Ta "288 bits" Ta "[phase 2 only]"
.It Li aes-128-gcm Ta "160 bits" Ta "[phase 2 only]"
.It Li aes-192-gcm Ta "224 bits" Ta "[phase 2 only]"
.It Li aes-256-gcm Ta "288 bits" Ta "[phase 2 only]"
Index: sbin/ipsecctl/ipsecctl.h
===================================================================
RCS file: /cvs/src/sbin/ipsecctl/ipsecctl.h,v
retrieving revision 1.62
diff -u -p -r1.62 ipsecctl.h
--- sbin/ipsecctl/ipsecctl.h 8 Nov 2011 13:26:06 -0000 1.62
+++ sbin/ipsecctl/ipsecctl.h 28 Jun 2012 20:52:05 -0000
@@ -64,6 +64,7 @@ enum {
enum {
ENCXF_UNKNOWN, ENCXF_NONE, ENCXF_3DES_CBC, ENCXF_DES_CBC, ENCXF_AES,
ENCXF_AES_128, ENCXF_AES_192, ENCXF_AES_256, ENCXF_AESCTR,
+ ENCXF_AES_128_CTR, ENCXF_AES_192_CTR, ENCXF_AES_256_CTR,
ENCXF_AES_128_GCM, ENCXF_AES_192_GCM, ENCXF_AES_256_GCM,
ENCXF_AES_128_GMAC, ENCXF_AES_192_GMAC, ENCXF_AES_256_GMAC,
ENCXF_BLOWFISH, ENCXF_CAST128, ENCXF_NULL
Index: sbin/ipsecctl/parse.y
===================================================================
RCS file: /cvs/src/sbin/ipsecctl/parse.y,v
retrieving revision 1.152
diff -u -p -r1.152 parse.y
--- sbin/ipsecctl/parse.y 20 Dec 2011 13:27:51 -0000 1.152
+++ sbin/ipsecctl/parse.y 28 Jun 2012 20:58:03 -0000
@@ -107,6 +107,9 @@ const struct ipsec_xf encxfs[] = {
{ "aes-192", ENCXF_AES_192, 24, 24, 0 },
{ "aes-256", ENCXF_AES_256, 32, 32, 0 },
{ "aesctr", ENCXF_AESCTR, 16+4, 32+4, 0 },
+ { "aes-128-ctr", ENCXF_AES_128_CTR, 16+4, 16+4, 0 },
+ { "aes-192-ctr", ENCXF_AES_192_CTR, 24+4, 24+4, 0 },
+ { "aes-256-ctr", ENCXF_AES_256_CTR, 32+4, 32+4, 0 },
{ "aes-128-gcm", ENCXF_AES_128_GCM, 16+4, 16+4, 1 },
{ "aes-192-gcm", ENCXF_AES_192_GCM, 24+4, 24+4, 1 },
{ "aes-256-gcm", ENCXF_AES_256_GCM, 32+4, 32+4, 1 },
Index: sbin/ipsecctl/pfkdump.c
===================================================================
RCS file: /cvs/src/sbin/ipsecctl/pfkdump.c,v
retrieving revision 1.30
diff -u -p -r1.30 pfkdump.c
--- sbin/ipsecctl/pfkdump.c 13 Apr 2011 11:31:27 -0000 1.30
+++ sbin/ipsecctl/pfkdump.c 28 Jun 2012 20:56:46 -0000
@@ -710,7 +710,17 @@ pfkey_print_sa(struct sadb_msg *msg, int
}
break;
case SADB_X_EALG_AESCTR:
- xfs.encxf = &encxfs[ENCXF_AESCTR];
+ switch (r.enckey->len) {
+ case 28:
+ xfs.encxf = &encxfs[ENCXF_AES_192_CTR];
+ break;
+ case 36:
+ xfs.encxf = &encxfs[ENCXF_AES_256_CTR];
+ break;
+ default:
+ xfs.encxf = &encxfs[ENCXF_AESCTR];
+ break;
+ }
break;
case SADB_X_EALG_AESGCM16:
switch (r.enckey->len) {
Index: sbin/ipsecctl/pfkey.c
===================================================================
RCS file: /cvs/src/sbin/ipsecctl/pfkey.c,v
retrieving revision 1.52
diff -u -p -r1.52 pfkey.c
--- sbin/ipsecctl/pfkey.c 24 Mar 2012 15:39:54 -0000 1.52
+++ sbin/ipsecctl/pfkey.c 28 Jun 2012 20:54:32 -0000
@@ -494,6 +494,9 @@ pfkey_sa(int sd, u_int8_t satype, u_int8
sa.sadb_sa_encrypt = SADB_X_EALG_AES;
break;
case ENCXF_AESCTR:
+ case ENCXF_AES_128_CTR:
+ case ENCXF_AES_192_CTR:
+ case ENCXF_AES_256_CTR:
sa.sadb_sa_encrypt = SADB_X_EALG_AESCTR;
break;
case ENCXF_AES_128_GCM:
Index: sbin/isakmpd/conf.c
===================================================================
RCS file: /cvs/src/sbin/isakmpd/conf.c,v
retrieving revision 1.99
diff -u -p -r1.99 conf.c
--- sbin/isakmpd/conf.c 22 Sep 2010 13:45:15 -0000 1.99
+++ sbin/isakmpd/conf.c 28 Jun 2012 20:43:38 -0000
@@ -434,14 +434,17 @@ conf_load_defaults_qm(int tr, char *qme,
conf_set(tr, sect, "KEY_LENGTH", CONF_DFLT_VAL_BLF_KEYLEN, 0,
1);
else if (strcmp(qme_p, "-AES-128") == 0 ||
+ strcmp(qme_p, "-AESCTR-128") == 0 ||
strcmp(qme_p, "-AESGCM-128") == 0 ||
strcmp(qme_p, "-AESGMAC-128") == 0)
conf_set(tr, sect, "KEY_LENGTH", "128,128:128", 0, 1);
else if (strcmp(qme_p, "-AES-192") == 0 ||
+ strcmp(qme_p, "-AESCTR-192") == 0 ||
strcmp(qme_p, "-AESGCM-192") == 0 ||
strcmp(qme_p, "-AESGMAC-192") == 0)
conf_set(tr, sect, "KEY_LENGTH", "192,192:192", 0, 1);
else if (strcmp(qme_p, "-AES-256") == 0 ||
+ strcmp(qme_p, "-AESCTR-256") == 0 ||
strcmp(qme_p, "-AESGCM-256") == 0 ||
strcmp(qme_p, "-AESGMAC-256") == 0)
conf_set(tr, sect, "KEY_LENGTH", "256,256:256", 0, 1);
@@ -483,11 +486,13 @@ conf_load_defaults(int tr)
char *dhgroup_p[] = {"", "-GRP1", "-GRP2", "-GRP5", "-GRP14",
"-GRP15", 0};
char *qm_enc[] = {"DES", "3DES", "CAST", "BLOWFISH", "AES",
- "AES", "AES", "AES", "AES_128_CTR", "AES_GCM_16",
+ "AES", "AES", "AES", "AES_CTR", "AES_CTR", "AES_CTR",
+ "AES_CTR", "AES_GCM_16",
"AES_GCM_16", "AES_GCM_16", "AES_GMAC", "AES_GMAC",
"AES_GMAC", "NULL", "NONE", 0};
char *qm_enc_p[] = {"-DES", "-3DES", "-CAST", "-BLF", "-AES",
"-AES-128", "-AES-192", "-AES-256", "-AESCTR",
+ "-AESCTR-128", "-AESCTR-192", "-AESCTR-256",
"-AESGCM-128", "-AESGCM-192", "-AESGCM-256",
"-AESGMAC-128", "-AESGMAC-192", "-AESGMAC-256", "-NULL",
"", 0};
Index: sbin/isakmpd/ipsec.c
===================================================================
RCS file: /cvs/src/sbin/isakmpd/ipsec.c,v
retrieving revision 1.137
diff -u -p -r1.137 ipsec.c
--- sbin/isakmpd/ipsec.c 20 Oct 2011 00:28:06 -0000 1.137
+++ sbin/isakmpd/ipsec.c 28 Jun 2012 20:26:47 -0000
@@ -1818,8 +1818,7 @@ ipsec_esp_enckeylength(struct proto *pro
if (!iproto->keylen)
return 16;
return iproto->keylen / 8;
- case IPSEC_ESP_AES_128_CTR:
- return 20;
+ case IPSEC_ESP_AES_CTR:
case IPSEC_ESP_AES_GCM_16:
case IPSEC_ESP_AES_GMAC:
if (!iproto->keylen)
Index: sbin/isakmpd/ipsec_num.cst
===================================================================
RCS file: /cvs/src/sbin/isakmpd/ipsec_num.cst,v
retrieving revision 1.18
diff -u -p -r1.18 ipsec_num.cst
--- sbin/isakmpd/ipsec_num.cst 13 May 2011 07:41:20 -0000 1.18
+++ sbin/isakmpd/ipsec_num.cst 28 Jun 2012 20:27:16 -0000
@@ -234,7 +234,7 @@ IPSEC_ESP
RC4 10
NULL 11
AES 12
- AES_128_CTR 13
+ AES_CTR 13
AES_GCM_16 20
AES_GMAC 23
AES_MARS 249
Index: sbin/isakmpd/isakmpd.conf.5
===================================================================
RCS file: /cvs/src/sbin/isakmpd/isakmpd.conf.5,v
retrieving revision 1.128
diff -u -p -r1.128 isakmpd.conf.5
--- sbin/isakmpd/isakmpd.conf.5 23 Jun 2011 20:35:22 -0000 1.128
+++ sbin/isakmpd/isakmpd.conf.5 28 Jun 2012 20:48:23 -0000
@@ -141,6 +141,7 @@ where:
is either ESP or AH
.It Ns { Ns Ar cipher Ns }
is either DES, 3DES, CAST, BLF, AES, AES-128, AES-192, AES-256, AESCTR,
+AESCTR-128, AESCTR-192, AESCTR-256,
AESGCM-128, AESGCM-192, AESGCM-256, AESGMAC-128, AESGMAC-192, AESGMAC-256
or NULL
.It Ns { Ns Ar hash Ns }
Index: sbin/isakmpd/pf_key_v2.c
===================================================================
RCS file: /cvs/src/sbin/isakmpd/pf_key_v2.c,v
retrieving revision 1.187
diff -u -p -r1.187 pf_key_v2.c
--- sbin/isakmpd/pf_key_v2.c 2 Aug 2011 22:51:38 -0000 1.187
+++ sbin/isakmpd/pf_key_v2.c 28 Jun 2012 20:28:54 -0000
@@ -935,7 +935,7 @@ pf_key_v2_set_spi(struct sa *sa, struct
ssa.sadb_sa_encrypt = SADB_X_EALG_AES;
break;
- case IPSEC_ESP_AES_128_CTR:
+ case IPSEC_ESP_AES_CTR:
ssa.sadb_sa_encrypt = SADB_X_EALG_AESCTR;
break;
Index: sbin/isakmpd/policy.c
===================================================================
RCS file: /cvs/src/sbin/isakmpd/policy.c,v
retrieving revision 1.93
diff -u -p -r1.93 policy.c
--- sbin/isakmpd/policy.c 6 Apr 2011 11:36:25 -0000 1.93
+++ sbin/isakmpd/policy.c 28 Jun 2012 20:29:09 -0000
@@ -296,7 +296,7 @@ policy_callback(char *name)
break;
case IPSEC_ESP_AES:
- case IPSEC_ESP_AES_128_CTR:
+ case IPSEC_ESP_AES_CTR:
case IPSEC_ESP_AES_GCM_16:
case IPSEC_ESP_AES_GMAC:
esp_enc_alg = "aes";
Index: sbin/isakmpd/sa.c
===================================================================
RCS file: /cvs/src/sbin/isakmpd/sa.c,v
retrieving revision 1.116
diff -u -p -r1.116 sa.c
--- sbin/isakmpd/sa.c 16 Jan 2012 08:45:55 -0000 1.116
+++ sbin/isakmpd/sa.c 28 Jun 2012 20:32:01 -0000
@@ -562,11 +562,11 @@ report_proto(FILE *fd, struct proto *pro
break;
case IPSEC_ESP_AES:
- fprintf(fd, "AES-128 (CBC)\n");
+ fprintf(fd, "AES (CBC)\n");
break;
- case IPSEC_ESP_AES_128_CTR:
- fprintf(fd, "AES-128 (CTR)\n");
+ case IPSEC_ESP_AES_CTR:
+ fprintf(fd, "AES (CTR)\n");
break;
case IPSEC_ESP_AES_GCM_16:
--
Christian "naddy" Weisgerber [email protected]
