Project

General

Profile

Issue #2391

set truncation length via xfrm for HMAC-SHA256

Added by Sudheer Anumolu about 8 years ago. Updated about 8 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Tobias Brunner
Category:
configuration
Affected version:
5.5.3
Resolution:
No change required

Description

Hi

As mentioned in Bug 2301, comment 9 :

Via XFRM the truncation length can be set explicitly to an arbitrary value (source:src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c#L1485)

Can you tell how to set truncation length in strongswan.conf ?

As mentioned earlier in the bug 2301, Now am not using kernel-pfkey plugin.

But, using custom netxfrm module and i retrieve icv length as below:

x = xfrm_state_lookup(net, mark, xaddr, c->spi, p->id.proto, p->family);
    aalg_desc    = xfrm_aalg_get_byname(x->aalg->alg_name, 0);
    if(aalg_desc){
            c->icv_len = aalg_desc->uinfo.auth.icv_truncbits/8; /* icv trunc len in bytes */
            debug_print("XFRM icv_len=%d, alg_name=%s\n", (int) c->icv_len, x->aalg->alg_name);
    }

Below is the strongswan.conf i use.

  1. /etc/strongswan.conf - strongSwan configuration file

charon {

load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac xcbc stroke kernel-netlink socket-default updown
#plugins {
  1. kernel-netlink {
  2. trunc_len=128;
  3. }
  4. }
    }

As mentioned in Bug 2301, comment #7, doing kernel changes, i get the truncation length as 128bits and this is fine.

I tried to set netlink parameter as below:

  1. kernel-netlink {
  2. trunc_len=128;
  3. }
  4. }

The parameter i tried might be wrong. Is there any such similar option ?

Thanks
Sudheer

History

#1 Updated by Tobias Brunner about 8 years ago

  • Category set to configuration
  • Status changed from New to Feedback
  • Priority changed from High to Normal

Can you tell how to set truncation length in strongswan.conf ?

You can't. Why would you think there is such an option?

The parameter i tried might be wrong. Is there any such similar option ?

Since 5.5.3 there is an ipsec.conf/swanctl.conf option called sha256_96 that allows using the shorter, incorrect truncation for SHA-256, please read the documentation for these settings.

#2 Updated by Sudheer Anumolu about 8 years ago

using kernel-netlink plugin in strongswan, for hmac(sha256), i get truncation length as 128 and 96bits respectively from below cases:

(1)
x = xfrm_state_lookup(net, mark, xaddr, c->spi, p->id.proto, p->family)
x->aalg->alg_trunc_len gives 128 bits

(2)
aalg_desc = xfrm_aalg_get_byname(x->aalg->alg_name, 0);
aalg_desc->uinfo.auth.icv_truncbits gives 96 bits

I know that case-2 is retrieved from the structure data specified in xfrm_algo.c but could not find the path for case-1,
- Can you let me know how xfrm_state obtains truncation length as 128bits.
- Is case-2 specific to pfkey

Thanks
Sudheer

#3 Updated by Tobias Brunner about 8 years ago

- Can you let me know how xfrm_state obtains truncation length as 128bits.

The kernel-netlink plugin explicitly sets that truncation length when installing the SA using the XFRMA_ALG_AUTH_TRUNC attribute (source:src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c#L1504).

- Is case-2 specific to pfkey

No, it's just the default if no truncation length is specified by the userland.

#4 Updated by Sudheer Anumolu about 8 years ago

Ok, thanks Tobias for clarification.

#5 Updated by Tobias Brunner about 8 years ago

  • Status changed from Feedback to Closed
  • Assignee set to Tobias Brunner
  • Resolution set to No change required